Bug#1066313: fixed upstream
These issues are fixed upstream in main, but there is not a release. The fix is in commit 1171bf2fd4e7a0cab02cf5fca59090b65af9cd29. Clément would you pull that fix into the package to resolve this FTBFS?
Bug#982969:
user debian-rele...@lists.debian.org usertags 982969 + bsp-2021-03-ca-montreal thank you
Bug#938737: u1db: Python2 removal in sid/bullseye
Moritz Mühlenhoff writes: > On Fri, Aug 30, 2019 at 07:57:06AM +, Matthias Klose wrote: >> Package: src:u1db >> Version: 13.10-6.4 >> Severity: normal >> Tags: sid bullseye >> User: debian-pyt...@lists.debian.org >> Usertags: py2removal >> >> Python2 becomes end-of-live upstream, and Debian aims to remove >> Python2 from the distribution, as discussed in >> https://lists.debian.org/debian-python/2019/07/msg00080.html >> >> Your package either build-depends, depends on Python2, or uses Python2 >> in the autopkg tests. Please stop using Python2, and fix this issue >> by one of the following actions. > > Hi Micah, > per Wikipedia the Ubuntu One cloud storage has been shut down many years > ago, should this simply be removed? We were not using it for Ubuntu One cloud storage, but instead as its more generic use case as "a cross-platform, cross-device, syncable database API", which we modified to have client-side encrypted database replicas and documents. However, it is not being used any longer, and should simply be removed. -- micah
Bug#895381: Severity
Hello Sergio, I'm reviewing bugs that are currently release critical at our local bug squashing party, and I stumbled on yours. I'm not disputing this bug exists, I'm just trying to determine why it is you set the severity to "Serious". As you are probably aware, this severity indicates that this is a sever violation of Debian policy (violates a "must" or "required" directive), or in the package maintainer's opinion, makes the package unsuitable for release. Can you specify what part of debian policy this issue makes this bug severity "Serious"? Thanks! -- micah
Bug#892340: Status of upload?
Hello Marc, I'm checking up on RC bugs, because we are working on a Bug Squashing Party here. Back in November, you were saying you were going to combine this fix with a bump of upstream's version: > I was planning to combine this with an update from upstream. I'm wondering if you are planning on doing this soon? If you aren't, maybe we could upload the package with the fix? -- micah
Bug#888236: Fixed upstream
This bug has been fixed upstream in the torbrowser-launcher 0.2.9 release: https://github.com/micahflee/torbrowser-launcher/releases/tag/v0.2.9
Bug#859927: Works, uploaded to DELAYED-3
That fix works, I've done a NMU fixed package and uploaded it to DELAYED-3. Micah
Bug#859927: Confirmed
I've confirmed this bug, as reported: I installed lighttpd: The following NEW packages will be installed: lighttpd spawn-fcgi 0 upgraded, 2 newly installed, 0 to remove and 326 not upgraded. Need to get 299 kB of archives. After this operation, 1,019 kB of additional disk space will be used. Do you want to continue? [Y/n] Get:1 http://httpredir.debian.org/debian sid/main amd64 lighttpd amd64 1.4.45-1 [284 kB] Get:2 http://httpredir.debian.org/debian sid/main amd64 spawn-fcgi amd64 1.6.4-1+b1 [14.9 kB] Fetched 299 kB in 1s (194 kB/s) Selecting previously unselected package lighttpd. (Reading database ... 206019 files and directories currently installed.) Preparing to unpack .../lighttpd_1.4.45-1_amd64.deb ... Unpacking lighttpd (1.4.45-1) ... Selecting previously unselected package spawn-fcgi. Preparing to unpack .../spawn-fcgi_1.6.4-1+b1_amd64.deb ... Unpacking spawn-fcgi (1.6.4-1+b1) ... Setting up spawn-fcgi (1.6.4-1+b1) ... Setting up lighttpd (1.4.45-1) ... Created symlink /etc/systemd/system/multi-user.target.wants/lighttpd.service → /lib/systemd/system/lighttpd.service. Processing triggers for systemd (232-20) ... Processing triggers for man-db (2.7.6.1-2) ... and confirmed it is running: root@reeds:/home/micah/debian/lighttpd-1.4.45# ps auxw |grep lighttpd www-data 2129 0.0 0.0 58924 5452 ?Ss 15:03 0:00 /usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf root 4119 0.0 0.0 12788 956 pts/3S+ 15:03 0:00 grep lighttpd I enabled the module as described in the bug: root@reeds:/home/micah/debian/lighttpd-1.4.45# lighttpd-enable-mod fastcgi-php Met dependency: fastcgi Enabling fastcgi-php: ok Enabling fastcgi: ok Run "service lighttpd force-reload" to enable changes root@reeds:/home/micah/debian/lighttpd-1.4.45# service lighttpd force-reload and now lighttpd is not running: root@reeds:/home/micah/debian/lighttpd-1.4.45# ps auxw |grep lighttpd root 4223 0.0 0.0 12788 980 pts/3S+ 15:04 0:00 grep lighttpd I will attempt to apply the patch and see if it works. micah
Bug#817521: libapache-mod-removeip: Removal of debhelper compat 4
Hello, intrigeri <intrig...@debian.org> writes: > Hi Micah, > > Adrian Bunk: >> Can you anyway NMU this package? > >> The alternative is that it will get removed from stretch soon. > > Well, it's not a goal of mine to include as many packages in Stretch > as possible. So I really don't want to be the one who decides that > a given package will be part of a Debian stable release, if its > maintainers are not ready to support it there; in this case, I see > little indication that they are. (And backports are always an option > anyway :) > > Micah, what do you think? If you're ready to support the package in > Stretch, I'm happy to give some one-shot help by NMU'ing it over the > week-end. It would be great if the package could continue to be in Stretch. Unfortunately, I have not been able to address this issue, and would be very happy if you could NMU the work you did to fix this issue! micah signature.asc Description: PGP signature
Bug#848766: reel: FTBFS: ERROR: Test "ruby2.3" failed: Failure/Error: response = http.request(request)
Antonio Terceiro <terce...@debian.org> writes: >> Relevant part (hopefully): >> > Failure/Error: response = http.request(request) >> > >> > OpenSSL::SSL::SSLError: >> >SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert >> > unsupported certificate Hmm, I built the reverse depends on ruby-certificate-authority and found this failure in reel, and patched it in 0.6.1-3 to fix this error. I'm surprised its back, that means something didn't go right with my patch. I'll have a look at it. > Micah, was there a specific reason to package an unreleased snapshot of > ruby-certificate-authority? The changelog doesn't really say anything. The last official upstream tagged release and gem publish was august 2012. The upstream author bumped the version to 2.0 in Sept. 2012, and there have been a number of important fixes (including security) since then. There is also a request in the github issue tracker for a new release in May 2014, no response. I spoke with the original packager (Sebastien Badia) about updating this to the current master which fixes those issues, and he gave the go ahead if we resolved all the reverse-deps. micah
Bug#826664: My error
I had the keyword 'metadata' in my Puppetfile, but I did not have a metadata.json file. The error message made me think librarian-puppet-simple was missing a dependency, but once I resolved that, things work fine. Closing micah
Bug#826664: librarian-puppet-simple: undefined local variable or method `metadata'
Package: librarian-puppet-simple Version: 0.0.5-2 Severity: grave Justification: renders package unusable Hi, Thanks for packaging librarian-puppet-simple! Unfortunately, there seems to be some dependency missing because every command fails like this: micah@muck:puppet$ librarian-puppet git_status /usr/lib/ruby/vendor_ruby/librarian/puppet/simple/cli.rb:76:in `eval': undefined local variable or method `metadata' for # (NameError) from /usr/lib/ruby/vendor_ruby/librarian/puppet/simple/cli.rb:76:in `eval' from /usr/lib/ruby/vendor_ruby/librarian/puppet/simple/cli.rb:76:in `git_status' from /usr/lib/ruby/vendor_ruby/thor/command.rb:27:in `run' from /usr/lib/ruby/vendor_ruby/thor/invocation.rb:126:in `invoke_command' from /usr/lib/ruby/vendor_ruby/thor.rb:359:in `dispatch' from /usr/lib/ruby/vendor_ruby/thor/base.rb:440:in `start' from /usr/lib/ruby/vendor_ruby/librarian/puppet/simple/cli.rb:25:in `bin!' from /usr/bin/librarian-puppet:8:in `' micah@muck:puppet1$ The only commands that work are 'help' and 'clean'. micah -- System Information: Debian Release: stretch/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.5.0-2-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages librarian-puppet-simple depends on: ii ruby1:2.3.0+4 ii ruby-thor 0.19.1-2 ii ruby2.1 [ruby-interpreter] 2.1.5-4 ii ruby2.2 [ruby-interpreter] 2.2.4-1 librarian-puppet-simple recommends no packages. librarian-puppet-simple suggests no packages. -- no debconf information
Bug#818590: [pkg-otr-team] Bug#818590: irssi-plugin-otr: mismatching ABI version with current irssi
Antoine Beaupréwrites: >> Interestingly, the ABI version increased by one, but it needs one more >> to get to '2'. > > That was the wrong URL, the proper one is: > > http://paste.anarc.at/otr/irssi-plugin-otr_1.0.1+f75eb26-1_amd64.deb > > sorry. you should use dget anyways to verify the signatures first: > > http://paste.anarc.at/otr/irssi-plugin-otr_1.0.1+f75eb26-1.dsc Same result.
Bug#818590: [pkg-otr-team] Bug#818590: irssi-plugin-otr: mismatching ABI version with current irssi
Antoine Beaupré <anar...@debian.org> writes: > On 2016-03-27 15:40:23, micah wrote: >> Antoine Beaupré <anar...@debian.org> writes: >> >>> But before anyone starts working on this now - i have what i think is a >>> working package now here: >>> >>> http://paste.anarc.at/otr/ >>> >>> It's been tested by a friend, but i would appreciate more >>> testing. Waiting for an upstream release for a bit now to avoid >>> packaging a snapshot. >> >> I tried this package today and when I did '/load otr', I would get this >> in irssi: >> >> 15:38 -!- Irssi: otr/otr is ABI version 0 but Irssi is version 2, cannot load > > For the record, I have uploaded a new package there and I have had > information from another user that it works. You may want to try again. > > http://paste.anarc.at/otr/irssi-plugin-otr-dbg_1.0.1+f75eb26-1_amd64.deb I just grabbed that package and installed it, on my up-to-date sid system, ran irssi and then did '/load otr', and I got: 18:36 -!- Irssi: otr/otr is ABI version 1 but Irssi is version 2, cannot load Interestingly, the ABI version increased by one, but it needs one more to get to '2'.
Bug#818590: [pkg-otr-team] Bug#818590: irssi-plugin-otr: mismatching ABI version with current irssi
Antoine Beaupré <anar...@debian.org> writes: > But before anyone starts working on this now - i have what i think is a > working package now here: > > http://paste.anarc.at/otr/ > > It's been tested by a friend, but i would appreciate more > testing. Waiting for an upstream release for a bit now to avoid > packaging a snapshot. I tried this package today and when I did '/load otr', I would get this in irssi: 15:38 -!- Irssi: otr/otr is ABI version 0 but Irssi is version 2, cannot load micah
Bug#791752: puddletag: Puddletag crashes on start-up
Package: puddletag Version: 1.0.2-1 Followup-For: Bug #791752 Dear Maintainer, Upstream has a one-line fix for this problem, about which more can be found here. https://github.com/keithgg/puddletag/issues/261 The problem stems from the recent upgrade to python-qt4 4.11.4. -- System Information: Debian Release: stretch/sid APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.0.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages puddletag depends on: ii libjs-sphinxdoc 1.2.3+dfsg-1 ii python2.7.9-1 ii python-acoustid 1.1.0-3 ii python-audioread 1.0.3-1 ii python-configobj 5.0.6-2 ii python-mutagen1.28-2 ii python-pyparsing 2.0.3+dfsg1-1 ii python-qt44.11.4+dfsg-1 ii python-support1.0.15 Versions of packages puddletag recommends: ii libchromaprint-tools 1.2-1+b1 ii python-musicbrainz2 0.7.4-1 Versions of packages puddletag suggests: pn quodlibet none -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#793176: metview: FTBFS with magics++ 2.24.7
Package: metview Version: 4.4.8+dfsg.1-8 Severity: serious Tags: upstream Justification: fails to build from source (but built successfully in the past) There was a recent binNMU for the grib-api transition right before the new magics++ was uploaded. metview now fails to build since one of the headers has apparently been removed: g++ -DHAVE_CONFIG_H -I. -I../../src -I/usr/include/magics -I/usr/include/hdf5/serial -I/usr/include/pango-1.0 -I/usr/include/cairo -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/include/pixman-1 -I/usr/include/freetype2 -I/usr/include/libpng12 -I/usr/include/qt4 -DQT_WEBKIT -DQT_NO_DEBUG -DQT_WEBKIT_LIB -DQT_SQL_LIB -DQT_XMLPATTERNS_LIB -DQT_XML_LIB -DQT_GUI_LIB -DQT_NETWORK_LIB -DQT_CORE_LIB -DQT_SHARED -I/usr/share/qt4/mkspecs/linux-g++-64 -I. -I/usr/include/qt4/QtCore -I/usr/include/qt4/QtNetwork -I/usr/incl ude/qt4/QtGui -I/usr/include/qt4/QtXml -I/usr/include/qt4/QtXmlPatterns -I/usr/include/qt4/QtSql -I/usr/include/qt4/QtWebKit -I/usr/include/qt4 -I/usr/include/qt4/QtHelp -I. -I. -DNOMETVIEW_QT -DMETVIEW -I../libMetview -I../libUtil -I../libMars -I../libFTimeUtil -I/usr/i nclude/terralib/kernel -I/usr/include/freetype2 -I/usr/include -I/usr/X11R6/include -I/usr/local/include -I/usr/include/X11 -DMETVIEW_MOTIF -DLITTLE -DLITTLE_END -DH_INCLUDES_CC -DR64 -DREAL_8 -DREAL_BIGGER_THAN_INTEGER -DI32 -DMAGINT_IS_INT -DREAL_IS_DOUBLE -O2 -fPIC - DUSE_NEW_IO -m64 -fPIC -fno-gnu-keywords -Wno-deprecated -Wno-write-strings -DMETVIEW_QT -DQT_NO_DEBUG_O UTPUT -DSiteIsNotECMWF -DLITTLE -DLITTLE_END -DH_INCLUDES_CC -DR64 -DREAL_8 -DREAL_BIGGER_THAN_INTEGER -DI32 -DMAGINT_IS_INT -DREAL_IS_DOUBLE -c -o bin_Reprojection-ReprojectService.o `test -f 'ReprojectService.cc' || echo './'`ReprojectService.cc ReprojectService.cc:14:27: fatal error: ImagePlotting.h: No such file or directory #include ImagePlotting.h ^ compilation terminated. make[6]: *** [bin_Reprojection-ReprojectService.o] Error 1 Makefile:633: recipe for target 'bin_Reprojection-ReprojectService.o' failed make[6]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1/src/Reprojection' make[5]: *** [all] Error 2 Makefile:493: recipe for target 'all' failed make[5]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1/src/Reprojection' make[4]: *** [all-recursive] Error 1 Makefile:578: recipe for target 'all-recursive' failed make[4]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1/src' make[3]: *** [all] Error 2 Makefile:496: recipe for target 'all' failed make[3]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1/src' make[2]: *** [all-recursive] Error 1 Makefile:555: recipe for target 'all-recursive' failed make[2]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1' make[1]: *** [all] Error 2 Makefile:481: recipe for target 'all' failed make[1]: Leaving directory '/«BUILDDIR»/metview-4.4.8+dfsg.1' dh_auto_build: make -j1 returned exit code 2 make: *** [build-arch] Error 2 debian/rules:21: recipe for target 'build-arch' failed dpkg-buildpackage: error: debian/rules build-arch gave error exit status 2 FWIW, Upstream version 4.5.5 claims [1] to be build against magics 2.24.7 Thanks in advance! [1] https://software.ecmwf.int/wiki/display/METV/Version+4.5+Updates -- System Information: Debian Release: jessie/sid APT prefers trusty-updates APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 'trusty-proposed'), (500, 'trusty'), (100, 'trusty-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.13.0-57-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#791752: puddletag: Puddletag crashes on start-up
Package: puddletag Version: 1.0.2-1 Severity: grave Justification: renders package unusable Dear Maintainer, Puddletag crashes when executed. When executed in a terminal, the following is printed: puddletag Version: 1.0.2 Locale: en_US Traceback (most recent call last): File /usr/bin/puddletag, line 247, in module win = MainWin() File /usr/lib/pymodules/python2.7/puddlestuff/puddletag.py, line 315, in __init__ winactions, self._docks = create_tool_windows(self) File /usr/lib/pymodules/python2.7/puddlestuff/puddletag.py, line 92, in create_tool_windows p = PuddleDock(z[0], z[1], parent, status) File /usr/lib/pymodules/python2.7/puddlestuff/puddleobjects.py, line 2170, in __init__ control = control(status=status) File /usr/lib/pymodules/python2.7/puddlestuff/mainwin/artwork.py, line 61, in __init__ self.picwidget = PicWidget() File /usr/lib/pymodules/python2.7/puddlestuff/puddleobjects.py, line 1511, in __init__ self.label = ArtworkLabel() File /usr/lib/pymodules/python2.7/puddlestuff/puddleobjects.py, line 1402, in __init__ pal.setBrush(self.backgroundRole(), QBrush(QPalette.Window)) TypeError: QBrush(): argument 1 has unexpected type 'ColorRole' -- System Information: Debian Release: stretch/sid APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages puddletag depends on: ii libjs-sphinxdoc 1.2.3+dfsg-1 ii python2.7.9-1 ii python-acoustid 1.1.0-3 ii python-audioread 1.0.3-1 ii python-configobj 5.0.6-1 ii python-mutagen1.28-2 ii python-pyparsing 2.0.3+dfsg1-1 ii python-qt44.11.4+dfsg-1 ii python-support1.0.15 Versions of packages puddletag recommends: ii libchromaprint-tools 1.2-1 ii python-musicbrainz2 0.7.4-1 Versions of packages puddletag suggests: pn quodlibet none -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#788761: postgis: FTBFS with maven-compiler-plugin 3.*
Package: postgis Version: 2.1.7+dfsg-1 Severity: serious Tags: patch Justification: fails to build from source (but built successfully in the past) User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu wily ubuntu-patch This package fails to build the architecture independent components with the newer maven-compiler-plugin. *** /tmp/tmpvkk2E1/bug_body In Ubuntu, the attached patch was applied to achieve the following: * Switch libmaven-compiler-plugin-java to libmaven-compiler-plugin-2.5-java (Fixes FTBFS) - update debian/control{,.in} Thanks for considering the patch. -- System Information: Debian Release: jessie/sid APT prefers trusty-updates APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 'trusty-proposed'), (500, 'trusty'), (100, 'trusty-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.13.0-54-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru postgis-2.1.7+dfsg/debian/changelog postgis-2.1.7+dfsg/debian/changelog diff -Nru postgis-2.1.7+dfsg/debian/control postgis-2.1.7+dfsg/debian/control --- postgis-2.1.7+dfsg/debian/control 2015-05-01 13:44:01.0 -0500 +++ postgis-2.1.7+dfsg/debian/control 2015-06-14 14:43:57.0 -0500 @@ -17,7 +17,7 @@ Build-Depends-Indep: default-jdk, openjdk-7-jdk | java7-sdk, libpostgresql-jdbc-java, fastjar, libjts-java (= 1.7), maven2, libmaven-clean-plugin-java, libmaven-jar-plugin-java, - libsurefire-java, libmaven-compiler-plugin-java, + libsurefire-java, libmaven-compiler-plugin-2.5-java, libmaven-resources-plugin-java, libmaven-javadoc-plugin-java Standards-Version: 3.9.6 diff -Nru postgis-2.1.7+dfsg/debian/control.in postgis-2.1.7+dfsg/debian/control.in --- postgis-2.1.7+dfsg/debian/control.in 2015-03-30 13:52:26.0 -0500 +++ postgis-2.1.7+dfsg/debian/control.in 2015-06-14 14:43:57.0 -0500 @@ -17,7 +17,7 @@ Build-Depends-Indep: default-jdk, openjdk-7-jdk | java7-sdk, libpostgresql-jdbc-java, fastjar, libjts-java (= 1.7), maven2, libmaven-clean-plugin-java, libmaven-jar-plugin-java, - libsurefire-java, libmaven-compiler-plugin-java, + libsurefire-java, libmaven-compiler-plugin-2.5-java, libmaven-resources-plugin-java, libmaven-javadoc-plugin-java Standards-Version: 3.9.6
Bug#761114: network-manager: erroneously removes externally provided routes
Package: network-manager Version: 0.9.10.0-2 Severity: serious Tags: patch Justification: breaks unrelated software Hello, When using unrelated software, such as openvpn, that pushes default routes, network-manager immediately (and incorrectly) removes that route. This is new behavior in 0.9.10, it does not do this in previous versions. I spent quite a bit of time debugging this issue with upstream NM people on their IRC channel, in the end they came up with a patch that was committed upstream in git with the following hash: 06703c1670d0f96834b268920b09792e22fdb4c4) I tested this change, and it worked well for me, previously I uploaded a NMU, with this patch, thinking that this was #755015, and it successfully fixed the problem for me and others I know who are experiencing this issue. However, the NMU was not acknowledged in -2, due to it being targeted for the incorrect bug number. Considering that this effectively breaks all OpenVPN setups (and other software that modifies default routes) that are not using network-manager's built-in VPN mechanisms, this seems to me a serious regression over previous versions. Seeing as upstream has acknowledged this issue and provided a fix for it and that fix has been tested and even migrated to testing, it seems to me appropriate to cherry-pick the change in the package without waiting for the next major release of NM. I'm happy to re-NMU this fix, this time with the right bug number. Attached is the NMU diff (I'd only add the bug number to the changelog). micah -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages network-manager depends on: ii adduser3.113+nmu3 ii dbus 1.8.6-2 ii init-system-helpers1.21 ii isc-dhcp-client4.3.1-1 ii libc6 2.19-10 ii libdbus-1-31.8.6-2 ii libdbus-glib-1-2 0.102-1 ii libgcrypt111.5.4-3 ii libglib2.0-0 2.40.0-5 ii libgnutls-deb0-28 3.3.7-2 ii libgudev-1.0-0 208-8 ii libmm-glib01.2.0-1 ii libndp01.4-1 ii libnewt0.520.52.17-1 ii libnl-3-2003.2.24-2 ii libnl-genl-3-200 3.2.24-2 ii libnl-route-3-200 3.2.24-2 ii libnm-glib40.9.10.0-2 ii libnm-util20.9.10.0-2 ii libpam-systemd 208-8 ii libpolkit-gobject-1-0 0.105-6.1 ii libreadline6 6.3-8 ii libsoup2.4-1 2.46.0-2 ii libsystemd-daemon0 208-8 ii libsystemd-login0 208-8 ii libteamdctl0 1.12-1 ii libuuid1 2.20.1-5.8 ii lsb-base 4.1+Debian13 ii policykit-10.105-6.1 ii udev 208-8 ii wpasupplicant 1.1-1 Versions of packages network-manager recommends: ii crda 3.13-1 ii dnsmasq-base 2.71-1 ii iptables 1.4.21-2 ii modemmanager 1.2.0-1 ii ppp 2.4.6-2 Versions of packages network-manager suggests: ii avahi-autoipd 0.6.31-4 pn libteam-utils none -- Configuration Files: /etc/NetworkManager/NetworkManager.conf changed: [main] plugins=ifupdown,keyfile [ifupdown] managed=false [logging] -- no debconf information diff -Nru network-manager-0.9.10.0/debian/changelog network-manager-0.9.10.0/debian/changelog --- network-manager-0.9.10.0/debian/changelog 2014-07-10 00:49:54.0 -0400 +++ network-manager-0.9.10.0/debian/changelog 2014-08-11 12:37:33.0 -0400 @@ -1,3 +1,11 @@ +network-manager (0.9.10.0-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Pull patch from upstream to fix checks for default +routes + + -- Micah Anderson mi...@debian.org Mon, 11 Aug 2014 12:08:31 -0400 + network-manager (0.9.10.0-2) unstable; urgency=medium * New upstream release. diff -Nru network-manager-0.9.10.0/debian/patches/0006-Fix-checks-for-default-routes network-manager-0.9.10.0/debian/patches/0006-Fix-checks-for-default-routes --- network-manager-0.9.10.0/debian/patches/0006-Fix-checks-for-default-routes 1969-12-31 19:00:00.0 -0500 +++ network-manager-0.9.10.0/debian/patches/0006-Fix-checks-for-default-routes 2014-08-11 12:37:08.0 -0400 @@ -0,0 +1,83 @@ +Index: network-manager-0.9.10.0/src/nm-ip4-config.c +=== +--- network-manager-0.9.10.0.orig/src/nm-ip4-config.c 2014-07-03 20:44:19.0 -0400 network-manager-0.9.10.0/src/nm-ip4-config.c 2014-07-29 19:42:06.965378158 -0400 +@@ -198,7 +198,7 @@ + for (i = 0; i priv-routes-len; i++) { + const NMPlatformIP4Route *route = g_array_index (priv-routes, NMPlatformIP4Route, i); + +- if (route-network == 0) { ++ if (NM_PLATFORM_IP_ROUTE_IS_DEFAULT (route)) { + if (route-metric
Bug#760308: onionshare uses http only and thus should not be released with jessie
All Tor hidden services (any website that's accessed through a .onion domain) are automatically end-to-end encrypted. In the case of OnionShare, the crypto key lives in /tmp/onionshare_XXX/private_key. The .onion URL address itself is a fingerprint of the key, which lets the Tor network look up the public key and start an encrypted session. So as long as you transmit the OnionShare URL successfully, the recipient who loads it in Tor Browser gets an end-to-end encrypted session with the server. Using HTTPS on top of this could be an option too actually, but the certificates would all have to be self-signed so users would have to click through the error. And the encryption would be redundant (though not necessarily a bad idea -- defense in depth, in case Tor gets badly broken in ways we can't foresee or something). -- Micah Lee -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#758318: FTBFS: missing build-depends: sp
Package: bird Version: 1.4.4-1 Severity: serious Tags: patch Justification: Fails to build from source Hello, The bird package currently fails to build from source because during the pdf generation phase it cannot find /usr/bin/nsgmls. Simply adding the 'sp' package to the build-depends makes it work again. The attached patch shows this. I'm happy to upload this as a NMU if it would help you. make[2]: Entering directory '/home/micah/debian/bird-1.4.4/doc' /home/micah/debian/bird-1.4.4/tools/progdoc /home/micah/debian/bird-1.4.4 /Doc /doc/Doc prog-intro.sgml /nest/Doc rt-fib.c rt-table.c Warning(551): Function parameter 'before_old' not described in 'rte_announce' Warning(1446): Function parameter 'tab' not described in 'rt_prune_table' rt-attr.c proto.sgml proto.c Warning(731): Function parameter 'UNUSED' not described in 'graceful_restart_done' proto-hooks.c Warning(161): Function parameter 'buflen' not described in 'get_attr' iface.c neighbor.c Warning(352): Function parameter 'a' not described in 'neigh_ifa_update' cli.c locks.c /conf/Doc conf.c cf-lex.l Warning(561): Function parameter 'c' not described in 'cf_lex_init' /filter/Doc filter.c tree.c trie.c Warning(84): Function parameter 'lp' not described in 'f_new_trie' /proto/Doc /proto/bfd/Doc bfd.c /proto/bgp/Doc bgp.c Warning(729): Function parameter 'UNUSED' not described in 'bgp_incoming_connection' packets.c attrs.c /proto/ospf/Doc ospf.c topology.c Warning(1610): Function parameter 'pool' not described in 'ospf_top_new' neighbor.c iface.c packet.c lsalib.c dbdes.c rt.c /proto/pipe/Doc pipe.c /proto/rip/Doc rip.c auth.c /proto/radv/Doc radv.c packets.c /proto/static/Doc static.c ../nest/rt-dev.c /sysdep/Doc sysdep.sgml /sysdep/unix/Doc log.c Warning(106): Function parameter 'buf' not described in 'log_commit' krt.c /lib/Doc ip.c ipv4.c ipv6.c lists.c checksum.c bitops.c patmatch.c printf.c xmalloc.c resource.sgml resource.c mempool.c slab.c event.c ../sysdep/unix/io.c Warning(454): Function parameter 'fmt_spec' not described in 'tm_format_datetime' ./sgml2html prog.sgml Processing file prog.sgml sh: 1: /usr/bin/nsgmls: not found ./sgml2latex --output=tex prog.sgml Processing file prog.sgml sh: 1: /usr/bin/nsgmls: not found pdflatex prog.tex This is pdfTeX, Version 3.14159265-2.6-1.40.15 (TeX Live 2014/Debian) (preloaded format=pdflatex) restricted \write18 enabled. entering extended mode ! I can't find file `prog.tex'. * prog.tex (Press Enter to retry, or Control-D to exit) Please type another input file name: -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages bird depends on: ii adduser 3.113+nmu3 ii libc6 2.19-7 ii libreadline6 6.3-8 ii libtinfo5 5.9+20140712-2 bird recommends no packages. Versions of packages bird suggests: ii bird-doc 1.4.4-1 diff --git a/debian/changelog b/debian/changelog index f8b69d0..0f662e4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +bird (1.4.4-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add sp package to Build-depends to provide missing /usr/bin/nsgmls +fixing FTBFS + + -- Micah Anderson mi...@debian.org Sat, 16 Aug 2014 15:45:29 -0400 + bird (1.4.4-1) unstable; urgency=medium * New upstream version 1.4.4 diff --git a/debian/control b/debian/control index 5d10ec6..27c3bd8 100644 --- a/debian/control +++ b/debian/control @@ -12,7 +12,7 @@ Build-Depends: quilt, autotools-dev, xsltproc, docbook-xsl, - linuxdoc-tools-latex + linuxdoc-tools-latex, sp Maintainer: Ondřej Surý ond...@debian.org Standards-Version: 3.9.5 Vcs-Browser: http://git.debian.org/?p=users/ondrej/bird.git
Bug#757627: [Pkg-anonymity-tools] Bug#757627: Bug#757627: Download error: Download Error: 404 Not Found class '__main__.DownloadErrorException'
On 08/10/2014 06:30 AM, intrigeri wrote: https://lists.torproject.org/pipermail/tor-qa/2014-August/000439.html (Maybe some of the torbrowser-launcher package maintainers should read that low-volume list?) Good idea, I'll subscribe. The main upstream bug is at [1]. But there are a couple things going on here. The format of the RecommendedTBBVersions file [2] keeps changing (upstream bug [3]). It was only listing stable releases for a long time, and then with this next release it started listing alphas again. And TBL has been checking TBB releases against Mike Perry's key using the file sha256sums.txt-mikeperry.asc, but the new releases don't have that file, only sha256sums.txt.asc and Erinn Clark's key. Which means that debian bug [4] and upstream bug [5] look like they're not possible, until we get clarity from the Tor devs. I'm preparing an upstream release to fix this. But I'm also at an airport and my plane is already boarding, so if there isn't wifi on the plane I might not be able to get to it until late tonight. [1] https://github.com/micahflee/torbrowser-launcher/issues/120 [2] https://check.torproject.org/RecommendedTBBVersions [3] https://github.com/micahflee/torbrowser-launcher/issues/63 [4] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756194 [5] https://github.com/micahflee/torbrowser-launcher/issues/113 -- Micah Lee signature.asc Description: OpenPGP digital signature
Bug#755684: torbrowser-launcher: cannot launch the Tor Browser
On 07/30/2014 09:00 PM, Paul Wise wrote: The bug has already been closed as torbrowser-launcher works now: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755684#61 In jessie it's still broken for me. With everything updated, this is what happens when I run torbrowser-launcher: micah@debian:~$ rm -rf .torbrowser/ micah@debian:~$ torbrowser-launcher /usr/lib/python2.7/dist-packages/twisted/internet/_sslverify.py:184: UserWarning: You do not have the service_identity module installed. Please install it from https://pypi.python.org/pypi/service_identity. Without the service_identity module and a recent enough pyOpenSSL tosupport it, Twisted can perform only rudimentary TLS client hostnameverification. Many valid certificate/hostname mappings may be rejected. verifyHostname, VerificationError = _selectVerifyImplementation() Tor Browser Launcher By Micah Lee, licensed under GPLv3 version 0.1.0 https://github.com/micahflee/torbrowser-launcher Initializing Tor Browser Launcher Warning: can't load mirrors from /usr/local/share/torbrowser-launcher/mirrors.txt Creating GnuPG homedir /home/micah/.torbrowser/gnupg_homedir Importing keys gpg: keyring `/home/micah/.torbrowser/gnupg_homedir/secring.gpg' created gpg: keyring `/home/micah/.torbrowser/gnupg_homedir/pubring.gpg' created gpg: /home/micah/.torbrowser/gnupg_homedir/trustdb.gpg: trustdb created gpg: key 63FEE659: public key Erinn Clark er...@torproject.org imported gpg: key C5AA446D: public key Sebastian Hahn m...@sebastianhahn.net imported gpg: key 4279F297: public key Alexandre Allaire alexandre.alla...@mail.mcgill.ca imported gpg: key 683686CC: public key Mike Perry (Regular use key) mikepe...@torproject.org imported gpg: Total number processed: 4 gpg: imported: 4 (RSA: 4) gpg: no ultimately trusted keys found Starting launcher dialog Checking for update Running task: download_update_check Downloading https://check.torproject.org/RecommendedTBBVersions Download error: [twisted.python.failure.Failure class 'twisted.internet._sslverify.SimpleVerificationError'] class 'twisted.web._newclient.ResponseNeverReceived' Running task: attempt_update Checking to see if update is needed -- Micah Lee signature.asc Description: OpenPGP digital signature
Bug#755684: torbrowser-launcher: cannot launch the Tor Browser
On 07/31/2014 11:37 AM, Holger Levsen wrote: that bug is not yet fixed in jessie yet, the fixed package will migrate tomorrow. or did you use the package from sid on jessie? Oh alright, good to hear. I used the package from jessie, not sid. I'll try again tomorrow. -- Micah Lee signature.asc Description: OpenPGP digital signature
Bug#755684: torbrowser-launcher: cannot launch the Tor Browser
I've created an upstream bug: https://github.com/micahflee/torbrowser-launcher/issues/116 I just installed sid in a VM and installed the torbrowser-launcher package, and it runs fine without this problem. So this appears to be a Debian packaging issue then that will be resolved when certain packages make their way from sid into jessie, right? Is there anything I can do to help fix it on my end? -- Micah Lee -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#753138: u1db: FTBFS - Could NOT find JSON
Hello, Michael Tautschnig m...@debian.org writes: Package: u1db Version: 13.10-2 Severity: serious Usertags: goto-cc Thanks a lot for fixing the pkg-config error. Yet during another rebuild in a clean sid chroot (using cowbuilder and pbuilder) the build failed again, with the following error. [...] -- Found PkgConfig: /usr/bin/pkg-config (found version 0.28) -- checking for module 'oauth' -- found oauth, version 1.0.1 -- Found OAuth: /usr/lib/x86_64-linux-gnu/liboauth.so -- checking for module 'json' -- package 'json' not found CMake Error at /usr/share/cmake-2.8/Modules/FindPackageHandleStandardArgs.cmake:108 (message): Could NOT find JSON (missing: JSON_LIBRARY JSON_INCLUDE_DIR) Call Stack (most recent call first): /usr/share/cmake-2.8/Modules/FindPackageHandleStandardArgs.cmake:315 (_FPHSA_FAILURE_MESSAGE) cmake/Modules/FindJSON.cmake:27 (find_package_handle_standard_args) CMakeLists.txt:28 (find_package) -- Configuring incomplete, errors occurred! See also /srv/jenkins-slave/workspace/sid-goto-cc-u1db/u1db-13.10/obj-x86_64-linux-gnu/CMakeFiles/CMakeOutput.log. dh_auto_configure: cmake .. -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_BUILD_TYPE=None -DBUILD_SHARED_LIBS=1 -DLIB_SUFFIX=/x86_64-linux-gnu returned exit code 1 debian/rules:10: recipe for target 'override_dh_auto_configure' failed make[1]: *** [override_dh_auto_configure] Error 2 It looks like the attempt at moving to libjson-c-dev from libjson0-dev didn't work with cmake. I had libjson0-dev still installed in my environment, when I removed it, I also got this error. I've been trying to wrap my head around what needs to be done to make this work. I've pushed the changes I've made so far to get a ways down the road, but I've still got an issue with the linker wanting to use -ljson instead of -ljson-c and so it fails to find the json library at link time. I'm pretty green on cmake, but I've pushed what I've done so far to the repository, if anyone wants to take a look at it. I am a little puzzled by this entire adventure - isn't json-c a totally different library from json? Is switching to json-c really the right thing to be doing here? micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#752275: torbrowser-launcher: several possible/probably security issues
are expliticly checked for, and will fail with an error message saying: Something is wrong. The version of Tor Browser Bundle you have installed is newer than the current version? See: https://github.com/micahflee/torbrowser-launcher/blob/master/torbrowser-launcher#L629 Since thes are signed with valid keys (but AFIACS with no valid from/through information) the downloader will just happily accept them. I'm not sure, but I guess it doesn't help if you download things via https. Another issue are blocking attacks... when no connection can be made at all to the tor download servers, will it start the currently downloaded version of the bundle or will it simply fail? In case it doesn't fail, it could again be used to trick people into using software with known security deficiencies. It simply fails. An attacker that can block access to https://check.torproject.org/ can prevent torbrowser-launcher from launching the browser. The settings do letter people try using different mirrors, however, so if https://www.torproject.org/ is blocked they can still download a new version, and it will still have its signature verified. Such downloader packages are quite danerous per se,... as it's very tricky to really securely do it. Usually the best way is to hard code a secure hash (i.e. not MD5) of the upstream package which is currently considered secure... every time a new upstream version comes out, a new downloader package should come out as well with a new hash,...so that people regularly (via the package management system) notice about [security] updates. I considered this at first, but new versions of TBB come out so frequently that this would be quite a lot of work to maintain. I also doubt that it would be as secure. There would be a window of time when Tor Project releases an updated TBB where torbrowser-bundle users won't be able to download the latest version because the update is working its way through the Debian pipeline. Cheers, Chris. btw: Apart from that... I've always wondered how secure something like torbrowser bundle can be... per se, they will always lag a bit behind FF with security updates,... and FF in turn already has enough security issues. The Tor devs seem to be very much on top of this. I don't think TBB lags behind more than 24 hours when there are Firefox security bugs that affect it. btw2: Since torbrowser-launcher is probably usually launched as normal user, I marked this as user security hole only. But given that torbrowser-launcher will typically be run on desktops/notebooks... successfully attacking that user is usually equivalent to root exploit (the attacker could simply wait for the user to sudo/su to root and keylog his password). So actually severity is IMHO critical. I think in order to successfully attack torbrowser-launcher to run arbitrary code as the desktop user you would need: 1) One of the Tor dev signing keys that's included 2) The secret SSL key for https://www.torproject.org/ (unless the user is using a mirror) 3) Either be in a position to MITM the user, or have owned Tor's web server To do this same attack against a normally Debian system you only need: 1) The Debian repository signing key 2) Either be in a position to MITM the user, or have owned the repo's web server I agree that having Tor Browser proper, directly from the Tor project, in Debian would be better than using torbrowser-launcher. But unfortunately this is a massive undertaking that would involve doing some wonky things (like adding an iceweasel-src package to the binary repo, so that Tor Browser could apply its extra Firefox patches). In the end, torbrowser-launcher turns out to be by far the most elegant solution. Here's the bug: https://trac.torproject.org/projects/tor/ticket/3994 Without torbrowser-launcher, when Debian users want to use Tor Browser they'll visit https://www.torproject.org/ and download it. Most users probably won't verify the gpg signature, and they'll just trust the CA system that their download wasn't attacked. They'll have to open a terminal and manually run the start-tor-browser script because there's no application launcher. There also won't be any auto-updating, so when they're browser is out of date they'll either just use an insecure version of Tor Browser, or they'll repeat the same steps to download and install it again without verifying the signature or pinning the torproject.org cert. Of course, it's possible for Debian users to manually do all of the things that torbrowser-launcher automatically does, assuming they already know exactly which cert torproject.org uses, and assuming they have the correct TBB signing key (both things that are difficult to get right if you're under an active CA attack, and aren't connected to the Tor dev's keys in the web of trust, or don't know what the web of trust is). -- Micah Lee -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact
Bug#740802: [Secure-testing-team] Bug#740802: stunnel4: CVE-2014-0016
Moritz Muehlenhoff j...@inutil.org writes: Package: stunnel4 Severity: grave Tags: security Justification: user security hole Hi, please see http://article.gmane.org/gmane.comp.security.oss.general/12283 According to that post: Mitigations implemented into openssl-0.9.8j (2009) makes the vulnerability not exploitable in stock openssl. The signing code for ECDSA and DSA explicitly seeds the pool with the digest to sign. Squeeze is at openssl 0.9.8o-4squeeze14, I presume that this would have this fix? micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#737149: CVE-2014-1691: Remote code execution in horde 5.1.1
Package: horde3 Version: 3.3.8+debian0-2 Severity: serious Tags: security Justification: security issue Hello, As detailed on the debian security tracker[0] and reported on oss-sec[1] and assigned CVE 2014-1691, there is a remote code execution bug in horde affecting all versions from at least horde 3.1.x to 5.1.1. That includes squeeze... I've got a patch that applies to the horde3 package in squeeze that resolves this issue, please find it attached[2]... I've built and tested these packages on Squeeze in an active environment. I am not certain where this particular code is used, so I wasn't sure if I was able to test exactly that code path. If you would like, I can provide a package for squeeze for a DSA. Micah 0. https://security-tracker.debian.org/tracker/CVE-2014-1691 1. http://seclists.org/oss-sec/2014/q1/153 2. https://gist.github.com/pietro/8712454/raw/b03bc5ecb7ec1f1f778b867ecd6d9d142d0ddaf7/gistfile1.diff -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.12-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages horde3 depends on: ii apache2 2.4.7-1 ii apache2-bin [httpd] 2.4.7-1 ii libapache2-mod-php5 5.5.8+dfsg-3 ii libjs-scriptaculous 1.9.0-2 ii php-log 1.12.7-1 ii php-mail 1.2.0-5 ii php-mail-mime1.8.8-1 ii php5-gd 5.5.8+dfsg-3 ii php5-mcrypt 5.5.8+dfsg-3 Versions of packages horde3 recommends: pn fckeditor none ii locales2.17-97 ii logrotate 3.8.7-1 pn php-date none ii php-db 1.7.14-2 pn php-file none ii php-mdb2 2.5.0b5-1 pn php-mdb2-driver-mysql | php-mdb2-driver-pgsql | php-mdb2-driv none pn php-services-weather none ii php5-cli 5.5.8+dfsg-3 pn php5-mysql | php5-pgsql | php5-ldapnone pn tinymce2 | tinymce none Versions of packages horde3 suggests: pn chora2none pn enscript none ii gettext 0.18.3.2-1 pn gollemnone pn imp4 none pn kronolith2none ii libgeoip1 1.6.0-1 pn libwpd-tools none pn mnemo2none pn php-net-imap none pn php5-auth-pam none ii php5-common [php5-mhash] 5.5.8+dfsg-3 pn ppthtml none pn rpm none pn source-highlight none pn turba2none pn unrtf none pn webcppnone pn wvnone pn xlhtmlnone -- Configuration Files: /etc/horde/horde3/.htaccess [Errno 13] Permission denied: u'/etc/horde/horde3/.htaccess' /etc/horde/horde3/conf.php [Errno 13] Permission denied: u'/etc/horde/horde3/conf.php' /etc/horde/horde3/conf.xml [Errno 13] Permission denied: u'/etc/horde/horde3/conf.xml' /etc/horde/horde3/hooks.php [Errno 13] Permission denied: u'/etc/horde/horde3/hooks.php' /etc/horde/horde3/mime_drivers.php [Errno 13] Permission denied: u'/etc/horde/horde3/mime_drivers.php' /etc/horde/horde3/motd.php [Errno 13] Permission denied: u'/etc/horde/horde3/motd.php' /etc/horde/horde3/nls.php [Errno 13] Permission denied: u'/etc/horde/horde3/nls.php' /etc/horde/horde3/prefs.php [Errno 13] Permission denied: u'/etc/horde/horde3/prefs.php' /etc/horde/horde3/registry.d/README [Errno 13] Permission denied: u'/etc/horde/horde3/registry.d/README' /etc/horde/horde3/registry.php [Errno 13] Permission denied: u'/etc/horde/horde3/registry.php' -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#737149: CVE-2014-1691: Remote code execution in horde 5.1.1
Moritz Mühlenhoff j...@inutil.org writes: On Thu, Jan 30, 2014 at 12:00:10PM -0500, Micah Anderson wrote: Package: horde3 Version: 3.3.8+debian0-2 Severity: serious Tags: security Justification: security issue Hello, As detailed on the debian security tracker[0] and reported on oss-sec[1] and assigned CVE 2014-1691, there is a remote code execution bug in horde affecting all versions from at least horde 3.1.x to 5.1.1. That includes squeeze... I've got a patch that applies to the horde3 package in squeeze that resolves this issue, please find it attached[2]... I've built and tested these packages on Squeeze in an active environment. I am not certain where this particular code is used, so I wasn't sure if I was able to test exactly that code path. If you would like, I can provide a package for squeeze for a DSA. 2. https://gist.github.com/pietro/8712454/raw/b03bc5ecb7ec1f1f778b867ecd6d9d142d0ddaf7/gistfile1.diff Yes, please upload a fixed oldstable package with the patch Done. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#731174: libscrypt: diff for NMU version 1-2.1
David Prévot taf...@debian.org writes: tags 731174 + patch thanks Dear maintainer, I've prepared an NMU for libscrypt (versioned as 1-2.1) and uploaded it to DELAYED/5. Please feel free to tell me if I should delay it longer. Thanks for the upload! micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#728017: FTBFS: missing build dependencies
Package: genometools Version: 1.5.1-1 Severity: serious Tags: patch Justification: fails to build from source (but built successfully in the past) User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu trusty ubuntu-patch A snippet from trying to rebuild in a clean sid chroot: The following packages have unmet dependencies: sbuild-build-depends-genometools-dummy : Depends: liblua5.1-md5-dev but it is not installable E: Unable to correct problems, you have held broken packages. All these binary renames have occured in unstable. Thanks! *** /tmp/tmp8yZKNl/bug_body In Ubuntu, the attached patch was applied to achieve the following: * Change some lua build dependencies to the reflect the renaming of lua binaries due to lua policy - update debian/control Thanks for considering the patch. -- System Information: Debian Release: wheezy/sid APT prefers precise-updates APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise-proposed'), (500, 'precise'), (100, 'precise-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.8.0-28-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru genometools-1.5.1/debian/changelog genometools-1.5.1/debian/changelog diff -Nru genometools-1.5.1/debian/control genometools-1.5.1/debian/control --- genometools-1.5.1/debian/control 2013-03-07 07:07:56.0 -0600 +++ genometools-1.5.1/debian/control 2013-10-27 11:48:39.0 -0500 @@ -4,8 +4,8 @@ Maintainer: Debian Med Packaging Team debian-med-packag...@lists.alioth.debian.org Uploaders: Sascha Steinbiss steinb...@zbh.uni-hamburg.de Build-Depends: debhelper (= 9), - liblua5.1-0-dev, liblua5.1-md5-dev, liblua5.1-filesystem-dev, - liblua5.1-lpeg-dev, libcairo2-dev, zlib1g-dev, libbz2-dev, libexpat1-dev, + liblua5.1-0-dev, lua-md5-dev, lua-filesystem-dev, + lua-lpeg-dev, libcairo2-dev, zlib1g-dev, libbz2-dev, libexpat1-dev, libncurses5-dev, libsqlite3-dev, libbam-dev, libpango1.0-dev, texlive-latex-base, texlive-latex-extra, texlive-fonts-extra, latex-xcolor, texlive-fonts-recommended, python
Bug#722201: FTBFS: several errors
Package: zekr Version: 1.1.0+repack-1 Severity: serious Justification: fails to build from source (but built successfully in the past) See https://launchpadlibrarian.net/144030976/buildlog_ubuntu-saucy-i386.zekr_1.1.0%2Brepack-1_FAILEDTOBUILD.txt.gz I was able to reproduce a similar log in a sid amd64 chroot. Thanks in advance. -- System Information: Debian Release: wheezy/sid APT prefers precise-updates APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise-proposed'), (500, 'precise'), (100, 'precise-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.8.0-28-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#716909: Should be resolved
close 716909 thanks I believe that I've resolved this, the following addresses are allowed to send, if there is an additional ftp master email that needs to be allowed, please let me know and I will add that: d...@ftp-master.debian.org, debb...@bugs.debian.org, debb...@busoni.debian.org, debian-bugs-d...@lists.debian.org, f...@debian.org, instal...@ftp-master.debian.org, nore...@release.debian.org, ow...@bugs.debian.org, ow...@busoni.debian.org, ow...@packages.qa.debian.org, p...@qa.debian.org,pabs q...@master.debian.org micah pgpGwp9mxXYPM.pgp Description: PGP signature
Bug#721581: sigrok-cli: libsigrok and libsigrokdecode build dependencies should be unversioned
Package: sigrok-cli Version: 0.4.0-1 Severity: serious Justification: fails to build from source (but built successfully in the past) rmadison -uqa -S -s unstable libsigrok libsigrokdecode libsigrok| 0.1.1-1| sid | source libsigrok| 0.2.0-2| sid | source libsigrok-dev| 0.2.0-2| sid | amd64, armhf, i386, ia64, mips, mipsel, powerpc, s390, s390x, sparc libsigrok0 | 0.1.1-1| sid | amd64, armel, armhf, i386, ia64, mips, mipsel, powerpc, s390, s390x, sparc libsigrok0-dev | 0.1.1-1| sid | amd64, armel, armhf, i386, ia64, mips, mipsel, powerpc, s390, s390x, sparc libsigrok0-dev | 0.2.0-2| sid | all libsigrok1 | 0.2.0-2| sid | amd64, armhf, i386, ia64, mips, mipsel, powerpc, s390, s390x, sparc libsigrokdecode | 0.1.0-2| sid | source libsigrokdecode | 0.2.0-2| sid | source libsigrokdecode-dev | 0.2.0-2| sid | amd64, armel, armhf, i386, ia64, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, s390x, sparc libsigrokdecode0 | 0.1.0-2+b1 | sid | amd64, armel, armhf, hurd-i386, i386, ia64, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, s390x, sparc libsigrokdecode0-dev | 0.1.0-2+b1 | sid | amd64, armel, armhf, hurd-i386, i386, ia64, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, s390x, sparc libsigrokdecode0-dev | 0.2.0-2| sid | all libsigrokdecode1 | 0.2.0-2| sid | amd64, armel, armhf, i386, ia64, kfreebsd-amd64, kfreebsd-i386, mips, mipsel, powerpc, s390, s390x, sparc -- System Information: Debian Release: wheezy/sid APT prefers precise-updates APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise-proposed'), (500, 'precise'), (100, 'precise-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.8.0-28-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#648160: util-vserver sponsorship request [was: Re: Bug#648160: util-vserver: wheezy vserver guests don't start]
Hi Carlos! A quick reply because I do not have very much time. I wanted to let you know that I am happy to have a look and sponsor it, but I wont have time until first week of Sept. Sorry I can't do it quicker, but I will! micah Carlos Alberto Lopez Perez clo...@igalia.com writes: Hi Micah! As we discussed some months ago, I would like to take care of the package util-vserver. I have migrated the repository to git [1], and I have prepared a new upload that fixes the this bug (#648160) as also #605473 and #586510 This new upload sets me as the new maintainer of the package as we agreed. I did extensive testing and QA with this new package on some of my servers and looks everything OK. Now creating a new wheezy guest works without problems. I would thank you if you can review the upload and sponsor it, if it looks good enough for you. Otherwise let me know what should be fixed. The new upload is available at mentors.d.o [2], and the source package on the following dsc: http://mentors.debian.net/debian/pool/main/u/util-vserver/util-vserver_0.30.216-pre3038-1.dsc Thanks a lot !! Regards! [1] http://anonscm.debian.org/gitweb/?p=pkg-vserver/pkg-vserver.git [2] http://mentors.debian.net/package/util-vserver pgp2jNJOlXxqx.pgp Description: PGP signature
Bug#666864: libapache-mod-removeip: diff for NMU version 1.0b-5.1
Hi Colin, Colin Watson cjwat...@debian.org writes: I've prepared an NMU for libapache-mod-removeip (versioned as 1.0b-5.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Thanks for the patch and the upload. I'm on vacation at the moment, and welcome the help! micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#715429: alembic: FTBFS: Please drop build-dependency on python2.6-argparse
Package: alembic Version: 0.4.2+ds-3 Severity: serious Tags: patch Justification: fails to build from source (but built successfully in the past) User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu saucy ubuntu-patch python2.6 was removed from unstable on July 1 [1] which makes your package no longer buildable. An NMU (0.4.2+ds-2.1) was made earlier to account for this, but it appears to have been accidentally dropped. Thanks! [1] http://packages.qa.debian.org/p/python2.6/news/20130701T101238Z.html [2] http://packages.qa.debian.org/a/alembic/news/20130516T124740Z.html *** /tmp/tmpNuAD9s/bug_body In Ubuntu, the attached patch was applied to achieve the following: * Drop build depends and suggests on python2.6-argparse as we don't have python 2.6 anymore (This was also done as 0.4.2+ds-2.1 but seems to have been accidentally dropped) - update debian/control Thanks for considering the patch. -- System Information: Debian Release: wheezy/sid APT prefers precise-updates APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise-proposed'), (500, 'precise'), (100, 'precise-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-39-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru alembic-0.4.2+ds/debian/changelog alembic-0.4.2+ds/debian/changelog diff -Nru alembic-0.4.2+ds/debian/control alembic-0.4.2+ds/debian/control --- alembic-0.4.2+ds/debian/control 2013-05-10 21:48:46.0 -0500 +++ alembic-0.4.2+ds/debian/control 2013-07-08 21:46:53.0 -0500 @@ -9,14 +9,13 @@ Homepage: http://www.bitbucket.org/zzzeek/alembic Build-Depends: debhelper (= 8), python-all, python-setuptools, python-nose, python-sqlalchemy, python-mako, - python2.6-argparse, python-sphinx (= 1.0.7+dfsg) + python-sphinx (= 1.0.7+dfsg) Package: alembic Architecture: all Depends: ${misc:Depends}, ${python:Depends}, ${sphinxdoc:Depends}, python-sqlalchemy, python-mako Recommends: python-pkg-resources -Suggests: python2.6-argparse Description: lightweight database migration tool for SQLAlchemy Alembic is a new database migration tool, written by the author of SQLAlchemy. A migration tool offers the following functionality:
Bug#710163: CVE-2013-1629: Man in the middle possibility
Package: python-pip Version: 1.1-3 Severity: serious Tags: security Justification: security Hello, It appears as if python-pip in Debian (all versions supported) suffers from CVE-2013-1629. This CVE appears to still be reserved, but is clearly described in a few places on the internet[0],[1]. A new version uploaded to sid would solve this problem there, but to backport these issues to wheezy and squeeze may be a bit difficult. Thanks, micah 0. http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/ 1. https://github.com/TheTorProject/ooni-backend/pull/1#discussion_r4084881 -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.8-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages python-pip depends on: ii python2.7.3-5 ii python-pkg-resources 0.6.37-1 ii python-setuptools 0.6.37-1 ii python2.6 2.6.8-2 Versions of packages python-pip recommends: ii build-essential 11.6 pn python-dev-all none python-pip suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#710164: CVE-2013-1629: Man in the middle possibility
Package: python-virtualenv Version: 1.7.1.2-2 Severity: serious Tags: security Justification: security Hello, It seems as if python-virtualenv embeds a copy of pip[0], and there is a security issue with python-pip noted as CVE-2013-1629 which affects squeeze and wheezy (it appears fixed in sid and jessie). This issue currently is marked as 'reserved' by Mitre, but it is clearly defined on the internet[1],[2]. Please coordinate with the debian security team to update this package as soon as possible to resolve this issue. Please reference this CVE and bug number in any changelog dealing with this problem. Micah 0. This is in violation of debian policy '4.13 Convenience copies of code' and should be fixed to depend on the version of python-pip in the archive. 1.http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/ 2. https://github.com/TheTorProject/ooni-backend/pull/1#discussion_r4084881 -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.8-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#708992: u1db: FTBFS: Could NOT find JSON (missing: JSON_LIBRARY)
Hi Aaron! Aaron M. Ucko u...@debian.org writes: Source: u1db Version: 0.1.4-1 Severity: serious Justification: fails to build from source Hi, Micah. Builds of u1db have been failing because libjson is multiarch-friendly: -- checking for module 'json' -- found json, version 0.11 CMake Error at /usr/share/cmake-2.8/Modules/FindPackageHandleStandardArgs.cmake:97 (MESSAGE): Could NOT find JSON (missing: JSON_LIBRARY) Call Stack (most recent call first): /usr/share/cmake-2.8/Modules/FindPackageHandleStandardArgs.cmake:288 (_FPHSA_FAILURE_MESSAGE) cmake/Modules/FindJSON.cmake:27 (find_package_handle_standard_args) CMakeLists.txt:28 (find_package) -- Configuring incomplete, errors occurred! Could you please fix cmake/modules/FindJSON.cmake to account for possible multiarch locations? Thanks for reporting this. I see why it isn't happening, although my multi-arch and cmake skills are not so great, so I'm trying to figure out the right way to solve this. micah pgpzA9ko_d9zO.pgp Description: PGP signature
Bug#648160: util-vserver: wheezy vserver guests don't start
Carlos Alberto Lopez Perez clo...@igalia.com writes: On 01/05/13 17:32, micah wrote: Carlos Alberto Lopez Perez clo...@igalia.com writes: On 28/04/13 02:50, micah wrote: I will happily sign for that. However I would like to migrate the package scm from svn to git. I have not experience packaging with svn and learning to do that now will be a backwards step IMHO. As I mentioned on IRC, I think that is a fantastic idea. If you can add my alioth user (clopez-guest) to the pkg-vserver project and create a new empty git repository on alioth for pkg-vserver I can take care of migrating the svn repository to git (I already have experience doing this kind of migrations) and uploading the result there for review. I added you to the group. Hi. I don't have permissions to create the git repository. I need you to either grant me admin permissions on the Alioth project or to enable the usage of git repository on Alioth. I added you as an admin in the alioth project. Let me know if that still doesn't work. micah Great! I just did the migration to git. Here is a summary of the steps I followed: 1) I converted the repository from svn to git following the guide http://wiki.debian.org/Alioth/Git#Convert_a_SVN_Alioth_repository_to_Git - At the end I renamed the tags imported from the svn repository to svn/$tag instead of debian/$tag to allow in the following step importing all dsc(s) without overwriting tags. 2) Then I imported all known debian releases. - I got all dscs [1] from snapshoot d.o and imported them [2] I uploaded the repository to anonscm.debian.org/git/pkg-vserver/pkg-vserver.gitanonscm.debian.org/git/pkg-vserver/pkg-vserver.git Let me know if you find some problem or issue with what I did. Otherwise I will take this git repository as base to continue working from there. Very nice, I just cloned it and it looks good to work with! micah pgpQwbMdGABd6.pgp Description: PGP signature
Bug#648160: util-vserver: wheezy vserver guests don't start
Carlos Alberto Lopez Perez clo...@igalia.com writes: On 28/04/13 02:50, micah wrote: I will happily sign for that. However I would like to migrate the package scm from svn to git. I have not experience packaging with svn and learning to do that now will be a backwards step IMHO. As I mentioned on IRC, I think that is a fantastic idea. If you can add my alioth user (clopez-guest) to the pkg-vserver project and create a new empty git repository on alioth for pkg-vserver I can take care of migrating the svn repository to git (I already have experience doing this kind of migrations) and uploading the result there for review. I added you to the group. Hi. I don't have permissions to create the git repository. I need you to either grant me admin permissions on the Alioth project or to enable the usage of git repository on Alioth. I added you as an admin in the alioth project. Let me know if that still doesn't work. micah pgpGHlHYQi1w9.pgp Description: PGP signature
Bug#648160: util-vserver: wheezy vserver guests don't start
Carlos Alberto Lopez Perez clo...@igalia.com writes: On 26/04/13 16:38, micah wrote: Carlos Alberto Lopez Perez clo...@igalia.com writes: I don't think this is an appropriate approach to deal with this problem. I rather would ask you to remove the package util-vserver from Debian sid completely than to have it in a broken state. Well, that is what I was planning on doing - removing it from sid. Without the kernel support available, I was thinking I will give up the package entirely. I used to provide kernel patch packages, but I am going to attempt to migrate away from Linux-Vservers now, even though I like them more than the current alternatives. I'm in the same situation. I use both Debian and linux-vserver daily. Debian removed support for the vserver kernel flavor on wheezy. So I have to choose between: migrating from linux-vserver to LXC/OpenVZ or building my own kernels. LXC is not yet production ready from a security perspective. A root user on a LXC container can do very nasty things to the host system. OpenVZ faces the same fate than linux-vserver. Support for it got removed from Debian, so I would end in the same situation that I'm right now with linux-vserver. I agree. You also have the option of moving to kvm (if you have the CPU) and to Xen, but of course those are different kinds of virtualization options. I have heard that the security issues with lxc are being worked on and should be resolved soon. Right now, I'm sort of betting that they will before Squeeze security support ends :P So the most reasonable option for me is building my own kernels with the vserver patchset and wait until LXC becomes at least as secure as vserver is. If you do this, it probably would benefit others if you made it available! So, the question then becomes... would you like to maintain this package in Debian? It would be quite useful for people to have an active maintainer of the user-space utilities in Debian, in my opinon. However, I can no longer be that person. I would however be able to sponsor package uploads, if you, or someone else, would be interested and wanting to do that work. I will happily sign for that. However I would like to migrate the package scm from svn to git. I have not experience packaging with svn and learning to do that now will be a backwards step IMHO. As I mentioned on IRC, I think that is a fantastic idea. If you can add my alioth user (clopez-guest) to the pkg-vserver project and create a new empty git repository on alioth for pkg-vserver I can take care of migrating the svn repository to git (I already have experience doing this kind of migrations) and uploading the result there for review. I added you to the group. I'll be clear - I was thinking that I would orphan this package, and had been planning on doing so soon. Because of that, I had been planning other work that was not including working on this any more. I'm happy to stick around and provide help where I can, and would be happy to sponsor your uploads, but I expect my contributions will be minimal. micah pgp1ogrJnI1gm.pgp Description: PGP signature
Bug#648160: util-vserver: wheezy vserver guests don't start
Carlos Alberto Lopez Perez clo...@igalia.com writes: On 25/04/13 20:23, micah wrote: Hi Carlos, Carlos Alberto Lopez Perez clo...@igalia.com writes: So please: update the package to a newer upstream version. util-vserver was removed from wheezy as was the kernel support. It is not surprising that this version doesn't work, it only worked with squeeze. At this stage, it will not be included in wheezy at all. I'm already aware of that. But that don't means that this should not be fixed on sid isn't it? I'm sorry, I didn't realize you were trying this in sid. Yes, you are right. If you are interested in doing work on the user-space utilities in Debian, or doing the work to provide the support in the kernel, it would be welcome. In this case, upgrading the package to the newer upstream version is quite easy. I could provide a .dsc with the changes required if you want, but I don't think I did nothing special about it. I just put the debian/ directory of the old package on the new upstream tarball, updated the changelog and cleaned debian/patches/* Yes, and testing it I guess helps. There is a debian svn repository for util-vserver that would also need to be updated (or moved to git and then updated). With your permission, I'd like to close this bug. I don't think this is an appropriate approach to deal with this problem. I rather would ask you to remove the package util-vserver from Debian sid completely than to have it in a broken state. Well, that is what I was planning on doing - removing it from sid. Without the kernel support available, I was thinking I will give up the package entirely. I used to provide kernel patch packages, but I am going to attempt to migrate away from Linux-Vservers now, even though I like them more than the current alternatives. So, the question then becomes... would you like to maintain this package in Debian? It would be quite useful for people to have an active maintainer of the user-space utilities in Debian, in my opinon. However, I can no longer be that person. I would however be able to sponsor package uploads, if you, or someone else, would be interested and wanting to do that work. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#648160: util-vserver: wheezy vserver guests don't start
Hi Carlos, Carlos Alberto Lopez Perez clo...@igalia.com writes: So please: update the package to a newer upstream version. util-vserver was removed from wheezy as was the kernel support. It is not surprising that this version doesn't work, it only worked with squeeze. At this stage, it will not be included in wheezy at all. If you are interested in doing work on the user-space utilities in Debian, or doing the work to provide the support in the kernel, it would be welcome. With your permission, I'd like to close this bug. Micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#698294: [Pkg-puppet-devel] Bug#698294: Bug#698294: diff for NMU 2.7.18-2.1
Russ Allbery r...@debian.org writes: Anton Gladky gl...@debian.org writes: Ok, I canceled the upload. We cannot postpone Wheezy-release, waiting for every upstream's decision. If the solution works, why should not it be applied? Otherwise the package should be removed from testing. The solution may work, but if upstream deems the code insufficient it might be because of some very important reasons. For example, it might make this specific situation work, but breaks other things, or only works for one case, but not another, or many other possible reasons. For this issue, what caused this upstream was a fix for another issue, and I am not sure that the proposed fix will cause the original issue to re-appear, I dont want a regression for that issue to come up as a result. I don't think it is such a great idea to stuff something into the Debian package that upstream has a problem with, it tends to make upstream unhappy when they have to deal with the fact that it exists in the Debian package for years. In particular I'm thinking of how great they have been when security issues have come up and they've produced backports of fixes for the versions that we carry. If their backports aren't going to work because we decided to put in some code that they didn't like in the first place, how do we deal with the security fix then? The problem is mildly obscure (many Puppet manifests, including very complex and non-trivial ones, will never trigger this error condition) and absolutely does not warrant removing the package from testing. In fact, I'm tempted to downgrade it to important again, although if there is a tested upstream fix, I'd be in favor of applying it for wheezy. I have to agree with Russ, this is a kind of weird corner case. micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#698294: [Pkg-puppet-devel] Bug#698294: diff for NMU 2.7.18-2.1
Anton Gladky gl...@debian.org writes: Hi, I have rescheduled an upload for 15-days. Or you want me to cancel it completely? Anton On 03/01/2013 12:45 PM, Stig Sandbeck Mathisen wrote: That patch was marked as Code Insufficient in the upstream bug tracker two weeks ago at http://projects.puppetlabs.com/issues/7680#note-18 Please delay it until this is resolved by upstream. As far as I know, there is no 'DELAYED/until this is resolved by upstream' queue :) Uploading something that upstream has deemed insufficient code, even to DELAYED-15 doesn't seem like the right thing to do, especially since this places an arbitrary deadling on upstream. I think it best to cancel this upload until we have a clear fix from upstream. I understand that this issue impacts you and you would like a resolution, but I think that the right thing to do here is to speed up that resolution with upstream. Figure out what it is that is insufficient in the code and get that resolved. Once upstream is happy with the code, then we can look at what needs to be done to get this into Debian. pgpgaFlnG1M2t.pgp Description: PGP signature
Bug#700350: dovecot-core: fails to upgrade from squeeze to bpo: Can't locate feature.pm in @INC
Marco Nenciarini mnen...@kcore.it writes: Il giorno 12/feb/2013, alle ore 17:16, Jaldhar H. Vyas ha scritto: Thanks for the patch but if the diagnosis is correct it seems it will not be needed as -7 took out the perl code. So backporting that should solve the problem. Unfortunately I am rather pressed for time right now and the other dovecot maintainers even more so. Micah can you take care of this? I can take care of backporting if it's ok for you all. please go ahead, I'm quite busy until next week myself. micah pgpsI8C4nF_VL.pgp Description: PGP signature
Bug#697498: FTBFS: pkg-php-tools (= 0.9) not available in unstable
Package: php-horde-test Version: 2.1.0-2 Severity: serious Justification: fails to build from source (but built successfully in the past) This package cannot be built from source with just unstable enabled, pkg-php-tools 1.0 is in experimental only AFAICT. I also didn't see pkg-php-tools in NEW, I apologize if I overlooked something. -- System Information: Debian Release: wheezy/sid APT prefers precise-updates APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise-proposed'), (500, 'precise'), (100, 'precise-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-35-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#697499: FTBFS: pkg-php-tools (= 1) not available in unstable
Package: php-horde-mail Version: 2.0.3-1 Severity: serious Justification: fails to build from source (but built successfully in the past) This package cannot be built from source with just unstable enabled, pkg-php-tools 1 is in experimental only AFAICT. I also didn't see pkg-php-tools in NEW, I apologize if I overlooked something. -- System Information: Debian Release: wheezy/sid APT prefers precise-updates APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise-proposed'), (500, 'precise'), (100, 'precise-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-35-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#697210: josm-plugins: Cannot build with version of josm in unstable
Package: josm-plugins Version: 0.0.svn29007+ds1-1 Severity: serious Justification: fails to build from source (but built successfully in the past) The josm dependency was bumped to 5608, but 5576 is the latest version in unstable. -- System Information: Debian Release: wheezy/sid APT prefers precise-updates APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise-proposed'), (500, 'precise'), (100, 'precise-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-35-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#681549: Still present in 1.2.0-3
Dane Elwell dane.elw...@ukfast.co.uk writes: This bug seems to still exist in CouchDB 1.2.0-3 update that was pushed out recently in Wheezy. Setting up couchdb (1.2.0-3) ... Installing new version of config file /etc/init.d/couchdb ... Installing new version of config file /etc/logrotate.d/couchdb ... [] Starting database server: couchdbApache CouchDB needs write permission on the PID file: /var/run/couchdb/couchdb.pid failed! invoke-rc.d: initscript couchdb, action start failed. dpkg: error processing couchdb (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: couchdb E: Sub-process /usr/bin/dpkg returned an error code (1) I think this happens when you upgrade from 1.2.0-2, where the bad ownership was, to 1.2.0-3 where it is fixed. If you install 1.2.0-3 directly, without ever having 1.2.0-2 installed, you no longer have the problem. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#681549: Unsuitable for release
severity 681549 serious thanks I'm marking this bug as serious (accidentally made it grave a minute ago), bucause I believe that it makes the package unsuitable for release, and the fix is trivial, so it should be able to be brought into wheezy without issue. The this issue renders the package uninstallable: Starting database server: couchdbApache CouchDB needs write permission on the PID file: /var/run/couchdb/couchdb.pid failed! invoke-rc.d: initscript couchdb, action start failed. dpkg: error processing couchdb (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: couchdb E: Sub-process /usr/bin/dpkg returned an error code (1) -- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#680235: debirf: wheezy minimal image segfaults during boot
Hi Lucas, * Lucas Nussbaum lu...@lucas-nussbaum.net [2012-09-30 03:43-0400]: On 08/09/12 at 23:03 -0400, Daniel Kahn Gillmor wrote: Control: tags 680235 + unreproducible moreinfo Hi Lucas-- On 07/04/2012 10:40 AM, Lucas Nussbaum wrote: I generate a wheezy 'minimal' image using debirf (running it as root, since running it as normal user fails). After generation, I try to boot it using: kvm -m 512 -kernel vmlinuz-3.2.0-2-amd64 -initrd debirf-minimal_wheezy_3.2.0-2-amd64.cgz During boot, I get: [0.419335] rtc_cmos 00:01: RTC can wake from S4 [0.419735] rtc_cmos 00:01: rtc core: registered rtc_cmos as rtc0 [0.420093] rtc0: alarms up to one day, 114 bytes nvram, hpet irqs [0.420392] cpuidle: using governor ladder [0.420629] cpuidle: using governor menu [0.420987] TCP cubic registered [0.421230] NET: Registered protocol family 10 [0.423396] Mobile IPv6 [0.423606] NET: Registered protocol family 17 [0.423868] Registering the dns_resolver key type [0.424263] registered taskstats version 1 [0.424643] rtc_cmos 00:01: setting system clock to 2012-07-04 14:30:03 UTC ( 1341412203) [0.425109] Initializing network drop monitor service [0.426024] Freeing unused kernel memory: 572k freed [0.426406] Write protecting the kernel read-only data: 6144k [0.428208] Freeing unused kernel memory: 672k freed [0.430214] Freeing unused kernel memory: 684k freed [0.432194] init[31]: segfault at 57d71c ip 0044104d sp 7fff83ab1 7f0 error 7 in sh[40+1b3000] Segmentation fault unpacking rootfs... [1.340047] Refined TSC clocksource calibration: 2793.734 MHz. i've been unable to reproduce this with existing versions, including 0.33 (just uploaded to unstable). Are you able to see this on other hardware? do you still have the image you created available? i'd be happy to take a look at it and try to dissect what's happening. Hi, I confirm that I can still reproduce this in wheezy using debirf 0.32. Using debirf 0.33 (only package that was updated when testing; same machine), it works fine both using the minimal.tgz example from debirf 0.32, and the one from debirf 0.33. I've uploaded the broken image to http://blop.info/pub/vmlinuz-3.2.0-3-amd64 http://blop.info/pub/debirf-minimal_wheezy_3.2.0-3-amd64.cgz To reproduce, boot with kvm -m 512 -kernel vmlinuz-3.2.0-3-amd64 -initrd debirf-minimal_wheezy_3.2.0-3-amd64.cgz I just downloaded your two files and did the kvm command that you provided and I did not get the segfault, rather it booted up to this: /proc/cmdline: No such file or directory Debian GNU/Linux wheezy/sid (none) tty1 (none) login: but otherwise, I do not get the segfault that you experience. The only difference here is that I was running in Squeeze. Unfortunately, I could not find a wheezy box with amd64 and kvm extensions. I'll ask around to see what I can find. micah signature.asc Description: Digital signature
Bug#685963: ruby-pgplot: dh_ruby FTBFS in sid
│ └──┘ Unpack source ─ dpkg-source: info: extracting ruby-pgplot in ruby-pgplot-0.1.3 dpkg-source: info: unpacking ruby-pgplot_0.1.3.orig.tar.gz dpkg-source: info: unpacking ruby-pgplot_0.1.3-5.debian.tar.gz dpkg-source: info: applying 0001-Update-extconf-and-Add-support-for-Ruby-1.9.2.patch dpkg-source: info: applying 0002-Fix-mkdoc-for-Ruby-1.9.2.patch dpkg-source: info: applying 0003-Update-Cogen-for-Ruby1.9.2.patch Sessions still open, not unmounting Sessions still open, not unmounting Check disc space Sufficient free space for build Sessions still open, not unmounting User Environment Sessions still open, not unmounting HOME=/sbuild-nonexistent LOGNAME=micah PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games SCHROOT_CHROOT_NAME=sid-amd64-shm SCHROOT_COMMAND=env SCHROOT_GID=1000 SCHROOT_GROUP=micah SCHROOT_SESSION_ID=sid-amd64-shm-21672328-a63b-4496-b3e8-432eee9a07f7 SCHROOT_UID=1000 SCHROOT_USER=micah SHELL=/bin/sh TERM=xterm USER=micah dpkg-buildpackage ─ dpkg-buildpackage: source package ruby-pgplot dpkg-buildpackage: source version 0.1.3-5 dpkg-source --before-build ruby-pgplot-0.1.3 dpkg-buildpackage: host architecture amd64 fakeroot debian/rules clean dh clean --with ruby --buildsystem ruby dh_testdir -O--buildsystem=ruby debian/rules override_dh_auto_clean make[1]: Entering directory `/«PKGBUILDDIR»' dh_auto_clean /usr/lib/ruby/vendor_ruby/gem2deb.rb:17: warning: setting Encoding.default_external Entering dh_ruby --clean Leaving dh_ruby --clean [ ! -f rb_pgplot.c ] || rm -f rb_pgplot.c make[1]: Leaving directory `/«PKGBUILDDIR»' dh_clean -O--buildsystem=ruby debian/rules build-arch dh build-arch --with ruby --buildsystem ruby dh_testdir -a -O--buildsystem=ruby dh_auto_configure -a -O--buildsystem=ruby /usr/lib/ruby/vendor_ruby/gem2deb.rb:17: warning: setting Encoding.default_external debian/rules override_dh_auto_build make[1]: Entering directory `/«PKGBUILDDIR»' dh_auto_build /usr/lib/ruby/vendor_ruby/gem2deb.rb:17: warning: setting Encoding.default_external make[1]: Leaving directory `/«PKGBUILDDIR»' dh_auto_test -a -O--buildsystem=ruby /usr/lib/ruby/vendor_ruby/gem2deb.rb:17: warning: setting Encoding.default_external fakeroot debian/rules binary-arch dh binary-arch --with ruby --buildsystem ruby dh_testroot -a -O--buildsystem=ruby dh_prep -a -O--buildsystem=ruby dh_installdirs -a -O--buildsystem=ruby dh_auto_install -a -O--buildsystem=ruby /usr/lib/ruby/vendor_ruby/gem2deb.rb:17: warning: setting Encoding.default_external Entering dh_ruby --install Building extension for ruby1.8 ... /usr/bin/ruby1.8 -I/usr/lib/ruby/vendor_ruby /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb ruby-pgplot /usr/lib/ruby/vendor_ruby/1.8/rubygems/ext/builder.rb:51:in `run': extconf failed: (Gem::InstallError) /usr/bin/ruby1.8 extconf.rb checking for cpgplot.h... yes checking for narray.h... yes checking for main() in -lgfortran... no checking for main() in -lg77... no *** extconf.rb failed *** Could not create Makefile due to some reason, probably lack of necessary libraries and/or headers. Check the mkmf.log file for more details. You may need configuration options. Provided configuration options: --with-opt-dir --without-opt-dir --with-opt-include --without-opt-include=${opt-dir}/include --with-opt-lib --without-opt-lib=${opt-dir}/lib --with-make-prog --without-make-prog --srcdir=. --curdir --ruby=/usr/bin/ruby1.8 --with-x11-dir --without-x11-dir --with-x11-include --without-x11-include=${x11-dir}/include --with-x11-lib --without-x11-lib=${x11-dir}/lib --with-pgplot-dir --without-pgplot-dir --with-pgplot-include --without-pgplot-include=${pgplot-dir}/include --with-pgplot-lib --without-pgplot-lib=${pgplot-dir}/lib --with-sunws --without-sunws --with-gfortranlib --without-gfortranlib --with-g77lib --without-g77lib failed from /usr/lib/ruby/vendor_ruby/1.8/rubygems/ext/ext_conf_builder.rb:16:in `build' from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:62:in `build_and_install' from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:61:in `chdir' from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:61:in `build_and_install' from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:75:in `build_all_extensions' from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:72:in `each' from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:72:in `build_all_extensions' from /usr/lib/ruby/vendor_ruby/gem2deb/extension_builder.rb:88 /usr/bin/ruby1.8 extconf.rb checking for cpgplot.h
Bug#681112: scratch missing depends on libgtk2.0-bin needed by postinst
Package: scratch Severity: serious Justification: Policy 7.2 The postinst uses gtk-update-icon-cache which is in libgtk2.0-bin, but there is no dependency. -- System Information: Debian Release: wheezy/sid APT prefers precise-updates APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise-proposed'), (500, 'precise'), (100, 'precise-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-26-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#678072: [Pkg-puppet-devel] Bug#678072: puppet-lint: fails to run
Holger Levsen hol...@layer-acht.org writes: severity 678072 serious thanks On Dienstag, 19. Juni 2012, John Eikenberry wrote: Running puppet-lint fails every time, with or without any arguments. This coincided with a recent change of ruby to default to 1.9.1 instead of 1.8. The puppet-common package, which puppet-lint depends on, doesn't include support for 1.9.1. as ruby will default to 1.9 in wheezy this will make the package completly unusable, thus raising the severity. According to: https://github.com/rodjek/puppet-lint/issues/103 - this should work with 1.9.2, this patch doesn't appear in the debian package, and looks pretty trivial. The reported issue seems to be pretty different from what was reported in the upstream github though. micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#675971: what should we be doing?
Is the situation that all users that are at 1.2.3-348 and older can speak to each other and all users that are at 1.2.3-349 and greater can speak to each other, but =349 cannot speak to =348 users? If so, is the intended plan for everyone to bump up to =349? If that is true, at the very least this warrants a NEWS entry. micah -- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#666865: Unarchive: The problem still persists
Arno Töll a...@debian.org writes: Hi, On 24.05.2012 19:12, micah anderson wrote: Do you have a way of testing this? I've set up something that I believe should let the messages through based on the X-Loop header, but need to test that it is working. There was a mistake in what was done, but that has been fixed now. Well, basically I will reply to you through the BTS. If my message reaches you, the problem seems fixed (pretending you didn't whitelist me explicitly given I'm the only one to complain :). It looks like this went through fine on my end. Shall we close the bug? micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#666865: Unarchive: The problem still persists
Arno Töll a...@debian.org writes: Hello, reopening the bug as the problem still persists. Do you have a way of testing this? I've set up something that I believe should let the messages through based on the X-Loop header, but need to test that it is working. micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#666865: Unarchive: The problem still persists
micah anderson mi...@riseup.net writes: Arno Töll a...@debian.org writes: Hello, reopening the bug as the problem still persists. Do you have a way of testing this? I've set up something that I believe should let the messages through based on the X-Loop header, but need to test that it is working. There was a mistake in what was done, but that has been fixed now. micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#666865: bug mail bounces
Stefan Fritsch s...@sfritsch.de writes: Hi, I think the problem is that you can't match on the Sender or From headers, because those remain unmodified for BTS mail. But BTS mail seems to have X-Loop: ow...@bugs.debian.org and X-Debian-PR-Source: name-of-source-package Maybe you can match on either of those. I can't think of any mailing list software that allows for matching on headers to allow messages to the list. Seeing as its not an uncommon scenario for group maintained packages to use a mailing list for their communication, and receiving to the mailing list bugs from the tracker is important, this restriction seems a problem. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#672893: security: private archives available to all
Package: sympa Version: 6.0.1+dfsg-4 Severity: grave Tags: security patch Justification: user security hole It is possible to open the archive management (arc_manage) page for any list, even those set to only be available to members, giving anyone the option to download the archive, or delete the archive. http://www.sympa.org/distribution/latest-stable/NEWS Patch for the version in stable: https://sourcesup.renater.fr/scm/viewvc.php/branches/sympa-6.0-branch/wwsympa/wwsympa.fcgi.in?root=sympar1=6706r2=7358pathrev=7358 Please reference CVE-2012-2352 in any changelogs addressing this issue. micah System Information: Debian Release: wheezy/sid Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#666865: Unarchive: The problem still persists
On Sun, 06 May 2012 12:17:04 +0200, Arno Töll a...@debian.org wrote: Hi Micah, On 06.05.2012 06:13, micah anderson wrote: What address is not working? I looked around for a canonical list of role addresses that should accept emails, but I couldn't find one, so I gathered as many as I could and added them. Policy says in §3.3: The email address given in the Maintainer control field must accept [..] non-spam mail from the bug-tracking system. Yes, I am aware of that policy section that lacks any specifics. However, you don't as you are dropping mail from people who contact you through the BTS (i.e. not over explicit carbon copies). I'm afraid I don't understand what that means. How do people contact me through the BTS? If its not through debb...@bugs.debian.org, debb...@busoni.debian.org, nore...@release.debian.org, ow...@bugs.debian.org, or ow...@busoni.debian.org then I do not understand how an individual can contact a package's listed address through the BTS. I'm sorry I must seem dense here, but perhaps you could provide me with an example? This makes it impossible to contact you over the BTS. If you really think such sender restrictions make sense, you should at least make sure you do accept mail from people sent via the BTS, e.g. by whitelisting mail from the BTS mail server (busoni.debian.org). I wont whitelist the entire BTS mail server, not without a more narrow definition of where things are coming from. micah -- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#666865: Unarchive: The problem still persists
On Sat, 05 May 2012 19:04:06 +0200, Arno Töll a...@debian.org wrote: Hello, reopening the bug as the problem still persists. What address is not working? I looked around for a canonical list of role addresses that should accept emails, but I couldn't find one, so I gathered as many as I could and added them. I've added: d...@ftp-master.debian.org debb...@bugs.debian.org debb...@busoni.debian.org debian-bugs-d...@lists.debian.org f...@debian.org instal...@ftp-master.debian.org nore...@release.debian.org ow...@bugs.debian.org ow...@busoni.debian.org ow...@packages.qa.debian.org p...@qa.debian.org q...@master.debian.org but that isn't covering it, so I'd like to know what other one is needed. micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#660206: [debian-mysql] Bug#660206: This is a regression
On Mon, 09 Apr 2012 10:21:08 -0700, Clint Byrum cl...@fewbar.com wrote: Excerpts from micah anderson's message of Sun Apr 08 10:13:40 -0700 2012: severity 660206 serious thanks This is actually a regression, the only way to get things to work again is to downgrade package like such: apt-get install mysql-server-5.1=5.1.49-3 mysql-client-5.1=5.1.49-3 mysql-common=5.1.49-3 mysql-server-core-5.1=5.1.49-3 libmysqlclient16=5.1.49-3 micah So, I'm not sure I agree that this is such a serious regression. I would agree that this is not a *very* serious regression, but its a regression nonetheless. In my opinon an un intenteded regression is not suitable for release as a security upload and should be replaced as soon as a fix becomes available. *lenny* shipped with rails 2.1.0. 1.2.6 was released in 2007, and is not supported in Debian at all. The referenced upstream bug talks about using client versions older than 4.1, which is basically ancient. I agree. However, the reality is that the security upgrade brought in unrelated changes to the security upgrade and caused unrelated software to break. I'm not disputing that this is a regression introduced by the upstream jump to 5.1.61, but I don't know that its worth downgrading and losing security updates for. Perhaps the client libraries should be updated to something that is still supported by upstream and/or Debian. The two choices here are to either downgrade mysql, or to upgrade client libraries. While it seems sensible to upgrade client libraries to a newer supported version, one should not have to do that because of a security upgrade of another package. That option takes you from the realm of routine security maintainence into the much more serious realm of migrating completely other software to new client libraries that would require a significant architecture overhaul (I dont know how much you know about rails, but the difference between 2.1 and 2.2 is not a trivial minor release, but typically involves almost a complete rewrite). During a maintainence window, when you are expecting to only do an isolated security upgrade of a package, the last thing the sysadmin who is performing the upgrade is going to do is to re-write some other code to deal with a surprise regression in the security package. So while I do agree with you that the 'right' thing to do is to get the software updated to newer client libraries, rather than to have exposed security holes, the reality is that until that can happen (and in one case that I am dealing with, that re-write is in progress, but is 6 months out) I would hope that stable-security or a stable update would include a fix to this regression, when it comes available. micah -- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#666865: libapache-mod-removeip: Maintainer address does not accept mail from role accounts
The maintainer address you added to your package does not accept mail from role accounts, including but not limited to the bug tracking system. This is a policy violation as of §3.3: The email address given in the Maintainer control field must accept mail from those role accounts in Debian used to send automated mails regarding the package. This includes non-spam mail from the bug-tracking system, all mail from the Debian archive maintenance software, and other role accounts or automated processes that are commonly agreed on by the project. Thanks, i've updated the allow list, unfortunately there doesn't seem to be a good canonical list of the aliases that are needed, it would be a good idea to have that so people can properly follow policy. micah pgpxvBcPlUQ8J.pgp Description: PGP signature
Bug#666865: libapache-mod-removeip: Maintainer address does not accept mail from role accounts
The maintainer address you added to your package does not accept mail from role accounts, including but not limited to the bug tracking system. This is a policy violation as of §3.3: The email address given in the Maintainer control field must accept mail from those role accounts in Debian used to send automated mails regarding the package. This includes non-spam mail from the bug-tracking system, all mail from the Debian archive maintenance software, and other role accounts or automated processes that are commonly agreed on by the project. Thanks, i've updated the allow list, unfortunately there doesn't seem to be a good canonical list of the aliases that are needed, it would be a good idea to have that so people can properly follow policy. micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#659392: Some information
On Tue, 14 Feb 2012 19:22:29 -0500, micah anderson mi...@riseup.net wrote: CVE-2012-0791 has a simple changeset: Sorry, I switched these CVE issues, this one is actually CVE-2012-0909 https://github.com/horde/horde/commit/208eae43c95136a67104f760027a8892a22b6e25 it touches two files: framework/Form/lib/Horde/Form/Type.php framework/Form/package.xml neither of these files is in horde3 or imp4 that is in Squeeze. For the other issue CVE-2012-0909, that seems to affect Squeeze's IMP, this one is actually CVE-2012-0791. and a changeset between version 4.3.10 and 4.3.11 was published here: http://ftp.horde.org/pub/imp/patches/patch-imp-h3-4.3.10-h3-4.3.11.gz Squeeze has 4.3.7 - I've looked at the changeset above with a co-worker and it does not look too hard to port to the debian version. We'll do so in the next couple of days if nobody else does first. have a patch, testing it now. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#659392: debdiff
Attached is a debdiff against the squeeze version to fix imp4. Micah -- pgpRkTl5kZNBf.pgp Description: PGP signature imp4_4.3.7+debian0-2.2.debdiff Description: Binary data
Bug#659392: Info received (debdiff)
On Wed, 15 Feb 2012 13:57:55 -0500, micah mi...@algae.riseup.net wrote: Attached is a debdiff against the squeeze version to fix imp4. I forgot to mention that I've built a package off of this diff and tested it and it seems to work fine (I have no way of testing that the XSS issue is fixed). mich -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#659392: Some information
I've been trying to figure out if this issue affects stable. The issues point to this openwall post: http://www.openwall.com/lists/oss-security/2012/01/22/2 which has actual git commits for things. CVE-2012-0791 has a simple changeset: https://github.com/horde/horde/commit/208eae43c95136a67104f760027a8892a22b6e25 it touches two files: framework/Form/lib/Horde/Form/Type.php framework/Form/package.xml neither of these files is in horde3 or imp4 that is in Squeeze. For the other issue CVE-2012-0909, that seems to affect Squeeze's IMP, and a changeset between version 4.3.10 and 4.3.11 was published here: http://ftp.horde.org/pub/imp/patches/patch-imp-h3-4.3.10-h3-4.3.11.gz Squeeze has 4.3.7 - I've looked at the changeset above with a co-worker and it does not look too hard to port to the debian version. We'll do so in the next couple of days if nobody else does first. micah -- pgpgDDdP8MDbA.pgp Description: PGP signature
Bug#657942: frei0r-plugins: Cannot install
Package: frei0r-plugins Version: 1.1.22git20091109-1.1 Severity: serious Its impossible to install this package. The following packages have unmet dependencies: frei0r-plugins : Depends: libcvaux2.1 but it is not installable Depends: libhighgui2.1 but it is not installable -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages frei0r-plugins depends on: ii libc6 2.13-24 ii libcv2.1 2.1.0-7+b2 ii libcvaux2.1none ii libgavl1 none ii libgcc11:4.6.2-12 ii libhighgui2.1 none ii libstdc++6 4.6.2-12 frei0r-plugins recommends no packages. frei0r-plugins suggests no packages. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#656923: zfs-fuse: Please readd powerpc (built for 0.7.0-3)
Package: zfs-fuse Version: 0.7.0-4 Severity: serious Tags: sid As this built before on powerpc, I believe that serious is appropriate. Please change severity if I'm wrong. https://buildd.debian.org/status/logs.php?pkg=zfs-fusearch=powerpc -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#655675: jai-imageio-core: Build-Depends-Indep is only for building arch-indep binaries
Package: jai-imageio-core Version: 1.2-1 Severity: serious Tags: patch Justification: fails to build from source User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu precise ubuntu-patch Please see http://wiki.debian.org/Build-Depends-Indep for more information. *** /tmp/tmpQOz0QB/bug_body In Ubuntu, the attached patch was applied to achieve the following: * Move ant to Build-Depends from Build-Depends-Indep since it's used in override_dh_auto_build which is not a build-indep target; Also move default-jdk since it's used in the main arch build process as well - update debian/control Thanks for considering the patch. -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru jai-imageio-core-1.2/debian/changelog jai-imageio-core-1.2/debian/changelog diff -Nru jai-imageio-core-1.2/debian/control jai-imageio-core-1.2/debian/control --- jai-imageio-core-1.2/debian/control 2011-09-14 08:01:08.0 +0200 +++ jai-imageio-core-1.2/debian/control 2012-01-12 07:37:49.0 +0100 @@ -1,11 +1,12 @@ Source: jai-imageio-core Priority: optional Section: non-free/java Maintainer: Debian Med Packaging Team debian-med-packag...@lists.alioth.debian.org DM-Upload-Allowed: yes Uploaders: Mathieu Malaterre mathieu.malate...@gmail.com -Build-Depends: debhelper (= 8), javahelper (=0.25), libjai-core-java -Build-Depends-Indep: default-jdk, default-jdk-doc, ant +Build-Depends: debhelper (= 8), javahelper (=0.25), libjai-core-java, ant, default-jdk +Build-Depends-Indep: default-jdk-doc Standards-Version: 3.9.2 Homepage: http://java.net/projects/jai-imageio-core/ Vcs-Browser: http://svn.debian.org/wsvn/debian-med/trunk/packages/jai-imageio-core/trunk/
Bug#655676: jai-imageio-core: override_jh_installjavadoc uses a hard coded arch specific path
Package: jai-imageio-core Version: 1.2-1 Severity: serious Justification: fails to build from source Below is the snippet from Debian rules, if you're going to clean this file, you'll want to use a dynamic path that will be available on any arch as well as any buildd. FWIW, I don't seem to have a lintian warning for this license issue, but I'm checking with lintian 3.9.1 ATM. #override_jh_installjavadoc: # lintian warning duplicate license rm build/linux-amd64/javadocs/docs-jcp/LICENSE.txt jh_installjavadoc -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#655544: jai-core: Build-Depends-Indep is only for building arch-indep binaries
Package: jai-core Version: 1.1.4-1 Severity: serious Tags: patch Justification: fails to build from source User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu precise ubuntu-patch Please see http://wiki.debian.org/Build-Depends-Indep for more information. *** /tmp/tmpqjxOKd/bug_body In Ubuntu, the attached patch was applied to achieve the following: * Move ant to Build-Depends from Build-Depends-Indep since it's used in override_dh_auto_build which is not a build-indep target; Also move default-jdk since it's used in the main build process as well - update debian/control Thanks for considering the patch. -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru jai-core-1.1.4/debian/changelog jai-core-1.1.4/debian/changelog diff -Nru jai-core-1.1.4/debian/control jai-core-1.1.4/debian/control --- jai-core-1.1.4/debian/control 2011-09-12 13:21:17.0 +0200 +++ jai-core-1.1.4/debian/control 2012-01-12 07:06:19.0 +0100 @@ -1,11 +1,11 @@ Source: jai-core Priority: optional Section: non-free/java Maintainer: Debian Med Packaging Team debian-med-packag...@lists.alioth.debian.org DM-Upload-Allowed: yes Uploaders: Mathieu Malaterre mathieu.malate...@gmail.com -Build-Depends: debhelper (= 8), javahelper (=0.25) -Build-Depends-Indep: default-jdk, default-jdk-doc, ant +Build-Depends: debhelper (= 8), javahelper (=0.25), ant, default-jdk +Build-Depends-Indep: default-jdk-doc Standards-Version: 3.9.2 Homepage: http://java.net/projects/jai-core/ Vcs-Browser: http://svn.debian.org/wsvn/debian-med/trunk/packages/jai-core/trunk/
Bug#643491: animal-sniffer: fix for FTBFS without internet access
Package: animal-sniffer Version: 1.7-1 Followup-For: Bug #643491 User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu precise ubuntu-patch *** /tmp/tmpScaFcU/bug_body In Ubuntu, the attached patch was applied to achieve the following: * Add a maven build target of install so that jars are deployed into the local maven repository during the build process (Thanks to James Page for the tip) (Closes: #643491); Fixes FTBFS with no network - update debian/rules * Add libmaven-install-plugin-java to Build-Depends-Indep; Needed for above FTBFS fix - update debian/control Thanks for considering the patch. -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru animal-sniffer-1.7/debian/changelog animal-sniffer-1.7/debian/changelog diff -Nru animal-sniffer-1.7/debian/control animal-sniffer-1.7/debian/control --- animal-sniffer-1.7/debian/control 2011-09-18 12:48:33.0 -0500 +++ animal-sniffer-1.7/debian/control 2012-01-05 05:09:00.0 -0600 @@ -1,13 +1,13 @@ Source: animal-sniffer Section: java Priority: optional Maintainer: Debian Java Maintainers pkg-java-maintain...@lists.alioth.debian.org Uploaders: Matthias Schmitz matth...@sigxcpu.org Build-Depends: debhelper (= 7), cdbs, default-jdk, maven-debian-helper (= 1.4), ant Build-Depends-Indep: libasm3-java, junit, default-jdk-doc, libmaven-javadoc-plugin-java, libmaven-enforcer-plugin-java, libmaven-invoker-plugin-java, libmaven-common-artifact-filters-java, - libbuild-helper-maven-plugin-java, libmaven-shade-plugin-java, libmaven-plugin-tools-java + libbuild-helper-maven-plugin-java, libmaven-shade-plugin-java, libmaven-plugin-tools-java, libmaven-install-plugin-java Standards-Version: 3.9.2 Vcs-Git: git://git.debian.org/pkg-java/animal-sniffer.git Vcs-Browser: http://git.debian.org/?p=pkg-java/animal-sniffer.git;a=summary diff -Nru animal-sniffer-1.7/debian/rules animal-sniffer-1.7/debian/rules --- animal-sniffer-1.7/debian/rules 2011-09-18 12:48:33.0 -0500 +++ animal-sniffer-1.7/debian/rules 2012-01-05 03:54:39.0 -0600 @@ -8,6 +8,7 @@ # mh_installjar -plib$(PACKAGE)-java -l pom.xml target/$(PACKAGE)-$(VERSION).jar DEB_MAVEN_DOC_TARGET := javadoc:jar javadoc:aggregate +DEB_MAVEN_BUILD_TARGET := install clean:: mh_clean
Bug#653686: lowpan-tools: dh_python2 requires Depends: ${python:Depends} per the manpage
Package: lowpan-tools Version: 0.2.2-2 Severity: serious Tags: patch Justification: Policy 7.2 User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu precise ubuntu-patch *** /tmp/tmpVby7ji/bug_body In Ubuntu, the attached patch was applied to achieve the following: * Fix dh_python2 conversion; Drop Recommends: python on lowpan-test-tools; Add ${python:Depends} to lowpan-test-tools - update debian/control Thanks for considering the patch. -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-15-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru lowpan-tools-0.2.2/debian/changelog lowpan-tools-0.2.2/debian/changelog diff -Nru lowpan-tools-0.2.2/debian/control lowpan-tools-0.2.2/debian/control --- lowpan-tools-0.2.2/debian/control 2011-12-26 11:16:20.0 -0600 +++ lowpan-tools-0.2.2/debian/control 2011-12-30 03:35:56.0 -0600 @@ -11,10 +12,9 @@ Package: lowpan-test-tools Architecture: linux-any -Depends: ${shlibs:Depends}, ${misc:Depends} +Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends} XB-Python-Version: ${python:Version} Provides: ${python:Provides} -Recommends: python Replaces: lowpan-tools ( 0.2) Description: Testing programs for LoWPAN stack in Linux This package provides several programs for testing various aspects of
Bug#653321: fabric: Missing dependency on python-paramiko
Package: fabric Version: 1.3.2-4 Severity: serious Tags: patch Justification: fails to build from source (but built successfully in the past) User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu precise ubuntu-patch *** /tmp/tmpIpyzn0/bug_body In Ubuntu, the attached patch was applied to achieve the following: * Add python-paramiko to build dependencies (fixes FTBFS) - update debian/control Thanks for considering the patch. -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-13-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru fabric-1.3.2/debian/changelog fabric-1.3.2/debian/changelog diff -Nru fabric-1.3.2/debian/control fabric-1.3.2/debian/control --- fabric-1.3.2/debian/control 2011-12-14 10:44:56.0 -0600 +++ fabric-1.3.2/debian/control 2011-12-26 15:53:57.0 -0600 @@ -1,12 +1,12 @@ Source: fabric Section: net Priority: optional Maintainer: Chris Lamb la...@debian.org Build-Depends: debhelper (= 7.0.50~) -Build-Depends-Indep: python-support, python-setuptools, python-sphinx +Build-Depends-Indep: python-support, python-setuptools, python-sphinx, python-paramiko Standards-Version: 3.9.2 Vcs-Git: git://github.com/lamby/pkg-fabric.git Vcs-Browser: https://github.com/lamby/pkg-fabric Homepage: http://fabfile.org/ Package: fabric
Bug#653107: Should this package be removed?
On Fri, 23 Dec 2011 23:40:20 +0100, Moritz Muehlenhoff j...@debian.org wrote: Package: util-vserver Severity: serious util-vserver hasn't seen an upload since 1.5 years and vserver support has been dropped from the Debian kernels post-Squeeze. Should util-vserver be removed as well? I'm not sure. Before the kernel team started providing vserver kernels, I was providing a kernel source patch set, which still require the user-space utilities to exist. I haven't decided if I will do that again, it depends on lxc maturing enough to be a usable alternative, which so far it has not and until it does, I'm not convinced that vservers should go away in debian. pgpIFbRGLaoDp.pgp Description: PGP signature
Bug#653204: FTBFS: regex-posix -any dependency missing
Package: ghc-mod Version: 1.0.4-1 Severity: serious Tags: patch Justification: fails to build from source (but built successfully in the past) User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu precise ubuntu-patch *** /tmp/tmpZB0472/bug_body In Ubuntu, the attached patch was applied to achieve the following: * Add build dependency on libghc-regex-posix-dev, fixes FTBFS - update debian/control Thanks for considering the patch. -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-13-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -u ghc-mod-1.0.4/debian/control ghc-mod-1.0.4/debian/control --- ghc-mod-1.0.4/debian/control +++ ghc-mod-1.0.4/debian/control @@ -13,6 +13,7 @@ libghc-ghc-paths-dev, libghc-hlint-dev (= 1.7.1), libghc-transformers-dev, + libghc-regex-posix-dev, libghc-filemanip-dev Standards-Version: 3.9.2 Homepage: http://www.mew.org/~kazu/proj/ghc-mod/ diff -u ghc-mod-1.0.4/debian/changelog ghc-mod-1.0.4/debian/changelog
Bug#629998: Conflicting st binary name
Hi, It was written: We're also tossing around changing the OpenStack 'st' to 'swiftly'. Whatever it becomes, it'll likely happen in our next release, 1.4.1. It appears that 1.4.3 is the latest version, with 1.4.4 coming. Did this rename happen, and if so, can we resolve this issue (perhaps by uploading a new version?) thanks! micah ps - thanks for your work on this project, and zigo for the packaging! -- pgpmMLwQhaLBY.pgp Description: PGP signature
Bug#629998: Conflicting st binary name
On Mon, 26 Sep 2011 23:33:50 +0800, Thomas Goirand tho...@goirand.fr wrote: On 09/26/2011 10:43 PM, Gregory Holt wrote: Yes, the rename did happen: st - swift I'm not sure who/how the Debian packaging for OpenStack Swift is handled, but I expect they're listed on this bug so probably got emailed. Hi, I have seen that Glance and Swift are now released (code name Diablo, version 2011.3 for Glance, and 1.4.4 for Swift). I have seen that both Glance and Swift seems ok for an upload, but I want to do functional testing of them before the upload, and for the moment, Nova fails with its unit tests. So please bare with me and allow a bit more of time, so that I can make my tests before the uploads. Seems reasonable! FYI, OpenStack got released last Friday, and I'm only discovering what's new in this release. It's not exactly a very simple thing, so it may take some time until I can upload. Oh wow, I had no idea it was just realeased! I didn't mean to pressure you :) Also, there's now an Alioth project for it, and I'd be very happy to have help on releasing this new version in Debian. I can't commit to helping there now, i'm trying to get rid of some commitments now because I am overextended. Depending on how that goes, and if we decide to use OpenStack, I will keep that in mind! thanks again for your work on this, its very much appreciated! micah pgphMnPedDlZl.pgp Description: PGP signature
Bug#640439: gtk-nodoka-engine: FTBFS
Package: gtk-nodoka-engine Version: 0.7.0-1 Followup-For: Bug #640439 User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu oneiric ubuntu-patch *** /tmp/tmpT1DzMj In Ubuntu, the attached patch was applied to achieve the following: * Add -lm to LIBS to fix FTBFS (LP: #858750) - update debian/rules Thanks for considering the patch. -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-11-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash --- gtk-nodoka-engine-0.7.2/debian/rules +++ gtk-nodoka-engine-0.7.2/debian/rules @@ -19,7 +19,7 @@ ifneq $(wildcard /usr/share/misc/config.guess) cp -f /usr/share/misc/config.guess config.guess endif - ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info CFLAGS=$(CFLAGS) LDFLAGS=-Wl,-z,defs --enable-animation + ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info CFLAGS=$(CFLAGS) LIBS=-lm LDFLAGS=-Wl,-z,defs --enable-animation build: build-stamp
Bug#638247: to be adapted for libav/0.7.1
Package: gnash Version: 0.8.10~git20110618-3 Followup-For: Bug #638247 User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu oneiric ubuntu-patch *** /tmp/tmpgCHrjT Here is the patch from Colin Watson that provides compatibility with the libav 0.7 API. Thanks for considering the patch. -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-10-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru gnash-0.8.10~git20110618/debian/patches/libav_0.7.patch gnash-0.8.10~git20110618/debian/patches/libav_0.7.patch --- gnash-0.8.10~git20110618/debian/patches/libav_0.7.patch 1969-12-31 18:00:00.0 -0600 +++ gnash-0.8.10~git20110618/debian/patches/libav_0.7.patch 2011-09-11 00:35:05.0 -0500 @@ -0,0 +1,275 @@ +Description: Port to libav 0.7 API +Author: Colin Watson cjwat...@ubuntu.com +Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638247 +--- + libmedia/ffmpeg/AudioDecoderFfmpeg.cpp | 30 ++--- + libmedia/ffmpeg/AudioResamplerFfmpeg.cpp |5 +- + libmedia/ffmpeg/MediaParserFfmpeg.cpp| 53 ++- + libmedia/ffmpeg/MediaParserFfmpeg.h |7 + libmedia/ffmpeg/VideoDecoderFfmpeg.cpp | 12 +++ + macros/ffmpeg.m4 |6 ++- + 6 files changed, 104 insertions(+), 9 deletions(-) + +Index: gnash-0.8.10~git20110618/libmedia/ffmpeg/AudioDecoderFfmpeg.cpp +=== +--- gnash-0.8.10~git20110618.orig/libmedia/ffmpeg/AudioDecoderFfmpeg.cpp gnash-0.8.10~git20110618/libmedia/ffmpeg/AudioDecoderFfmpeg.cpp +@@ -29,8 +29,6 @@ + + //#define GNASH_DEBUG_AUDIO_DECODING + +-#define AVCODEC_DECODE_AUDIO avcodec_decode_audio2 +- + namespace gnash { + namespace media { + namespace ffmpeg { +@@ -549,11 +547,22 @@ + #endif + + // older ffmpeg versions didn't accept a const input.. +-int tmp = AVCODEC_DECODE_AUDIO(_audioCodecCtx, outPtr, outSize, +- input, inputSize); ++#if !defined (LIBAVCODEC_VERSION_MAJOR) || LIBAVCODEC_VERSION_MAJOR 53 ++int tmp = avcodec_decode_audio2(_audioCodecCtx, outPtr, outSize, ++input, inputSize); ++#else ++AVPacket packet; ++av_init_packet(packet); ++// avcodec_decode_audio3 doesn't actually change packet.data ++packet.data = const_castboost::uint8_t*(input); ++packet.size = inputSize; ++int tmp = avcodec_decode_audio3(_audioCodecCtx, outPtr, outSize, packet); ++packet.data = NULL; ++av_free_packet(packet); ++#endif + + #ifdef GNASH_DEBUG_AUDIO_DECODING +-log_debug( avcodec_decode_audio[2](ctx, bufptr, %d, input, %d) ++log_debug( avcodec_decode_audio[23](ctx, bufptr, %d, input, %d) + returned %d; set frame_size=%d, + bufsize, inputSize, tmp, outSize); + #endif +@@ -658,6 +667,7 @@ + { + if ( _needsParsing ) + { ++#if !defined (LIBAVCODEC_VERSION_MAJOR) || LIBAVCODEC_VERSION_MAJOR 53 + return av_parser_parse(_parser, _audioCodecCtx, + // as of 2008-10-28 SVN, ffmpeg doesn't + // accept a pointer to pointer to const.. +@@ -665,6 +675,16 @@ + outFrameSize, + input, inputSize, + 0, 0); // pts dts ++#else ++return av_parser_parse2(_parser, _audioCodecCtx, ++// as of 2008-10-28 SVN, ffmpeg doesn't ++// accept a pointer to pointer to const.. ++const_castboost::uint8_t**(outFrame), ++outFrameSize, ++input, inputSize, ++0, 0, // pts dts ++AV_NOPTS_VALUE); ++#endif + } + else + { +Index: gnash-0.8.10~git20110618/libmedia/ffmpeg/MediaParserFfmpeg.cpp +=== +--- gnash-0.8.10~git20110618.orig/libmedia/ffmpeg/MediaParserFfmpeg.cpp gnash-0.8.10~git20110618/libmedia/ffmpeg/MediaParserFfmpeg.cpp +@@ -341,11 +341,26 @@ + + /*private*/ + void ++MediaParserFfmpeg::logMetadataEntry(const char *format, const char* key) ++{ ++#if !defined (LIBAVUTIL_VERSION_INT) || LIBAVUTIL_VERSION_INT AV_VERSION_INT( 51, 5, 0 ) ++ const AVMetadataTag* entry = av_metadata_get(_formatCtx-metadata, key, 0, 0); ++#else ++ const AVDictionaryEntry* entry = av_dict_get(_formatCtx-metadata, key, 0, 0); ++#endif ++ if ( entry-value[0] ) ++ log_debug(format, entry-value); ++} ++ ++/*private*/ ++void + MediaParserFfmpeg::initializeParser() + { + av_register_all(); // TODO: needs to be invoked only once ? + ++#if !defined (LIBAVFORMAT_VERSION_MAJOR) || LIBAVFORMAT_VERSION_MAJOR 53 +
Bug#639744: Compromised certificates for *.google.com issued by DigiNotar Root CA
On 09/04/2011 10:35 AM, Yves-Alexis Perez wrote: On dim., 2011-09-04 at 01:37 -0500, Raphael Geissert wrote: On Saturday 03 September 2011 01:45:22 Mike Hommey wrote: Looking at the patches, this really is: [...] Ok, with the patches we got NSS covered, but we still need to do something for other users. A first look at stuff we ship, this seems to be their current status: * NSS: ice* packages should be okay after the latest NSS update. For other NSS users I guess they're ok? I've just checked in evolution certificate store and there's no DigiNotar one, though I don't know if evolution would prevent connection to an imap/pop/smtp server with a relevant certificate. evolution uses gnutls for calendars (since it's http/https) and so is protected through ca-certificates afaict? * OpenSSL Nothing special here * GnuTLS Nothing special here * chromium: Even after the NSS update, it seems to be happy to use the Explicitly Distrusted certs. I've tried the tree websites given on this bug report but I don't know if they still make sense: https://www.diginotar.nl redirects to http://www.diginotar.nl/ (!!) but as the redirect isn't prevented I guess chromium is ok with the certificate. https://sha2.diginotar.nl/ succeeds, chain of certification is: CN = sha2.diginotar.nl CN = DigiNotar PKIoverheid CA Organisatie - G2 CN = Staat der Nederlanden Organisatie CA - G2 CN = Staat der Nederlanden Root CA - G2 (chromium builtin). Regards, Chromium needs an update to .220 to properly block all of the DigiNotar certificates. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#639059: z88: Fix for FTBFS (use pkg-config in cmake)
Package: z88 Version: 13.0.0+dfsg2-2 Severity: normal Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu oneiric ubuntu-patch multiarch *** /tmp/tmpMufq1i In Ubuntu, the attached patch was applied to achieve the following: This breakage is due to the multiarch path transitions. Rather than hardcoding all the multiarch paths (even messier in Debian with more archs), I used pkg-config w/in cmake to find the proper include dirs. Thanks for considering the patch. -- System Information: Debian Release: squeeze/sid APT prefers natty-updates APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty-proposed'), (500, 'natty'), (100, 'natty-backports') Architecture: amd64 (x86_64) Kernel: Linux 2.6.38-11-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru z88-13.0.0+dfsg2/debian/changelog z88-13.0.0+dfsg2/debian/changelog diff -Nru z88-13.0.0+dfsg2/debian/control z88-13.0.0+dfsg2/debian/control --- z88-13.0.0+dfsg2/debian/control 2011-07-04 01:56:45.0 -0500 +++ z88-13.0.0+dfsg2/debian/control 2011-08-28 16:36:14.0 -0500 @@ -1,8 +1,8 @@ Source: z88 Section: science Priority: optional Maintainer: Debian QA Group packa...@qa.debian.org -Build-Depends: debhelper (= 7), cmake, libgtk2.0-dev, libgtkglext1-dev +Build-Depends: debhelper (= 7), cmake, libgtk2.0-dev, libgtkglext1-dev, pkg-config Standards-Version: 3.8.1 Vcs-Browser: http://svn.debian.org/wsvn/debian-science/packages/z88/trunk/?rev=0sc=0 Vcs-Svn: svn://svn.debian.org/svn/debian-science/packages/z88/trunk/ diff -Nru z88-13.0.0+dfsg2/debian/patches/series z88-13.0.0+dfsg2/debian/patches/series --- z88-13.0.0+dfsg2/debian/patches/series 2011-07-04 02:04:19.0 -0500 +++ z88-13.0.0+dfsg2/debian/patches/series 2011-08-28 18:49:33.0 -0500 @@ -1,2 +1,3 @@ 50_all_changes.patch 60_fix_spelling_errors.patch +use-pkg-config.patch diff -Nru z88-13.0.0+dfsg2/debian/patches/use-pkg-config.patch z88-13.0.0+dfsg2/debian/patches/use-pkg-config.patch --- z88-13.0.0+dfsg2/debian/patches/use-pkg-config.patch 1969-12-31 18:00:00.0 -0600 +++ z88-13.0.0+dfsg2/debian/patches/use-pkg-config.patch 2011-08-28 19:21:19.0 -0500 @@ -0,0 +1,25 @@ +Description: Use pkg-config to find glib include paths to fix FTBFS +Author: Micah Gersten mic...@ubuntu.com +Bug-Ubuntu: https://bugs.launchpad.net/bugs/756066 + +--- + src/CMakeLists.txt |6 +- + 1 file changed, 5 insertions(+), 1 deletion(-) + +Index: z88-13.0.0+dfsg2/src/CMakeLists.txt +=== +--- z88-13.0.0+dfsg2.orig/src/CMakeLists.txt z88-13.0.0+dfsg2/src/CMakeLists.txt +@@ -14,7 +14,11 @@ + # MESSAGE( FATAL_ERROR This application requires GTK. One of these components is missing. Please verify configuration) + #ENDIF (GTK_FOUND) + +-INCLUDE_DIRECTORIES ( /usr/include/gtk-2.0/ /usr/lib/gtk-2.0/include /usr/include/atk-1.0 /usr/include/cairo /usr/include/pango-1.0 /usr/include/glib-2.0 /usr/lib/glib-2.0/include /usr/include/pixman-1 /usr/include/freetype2 /usr/include/directfb /usr/include/libpng12 /usr/include/gtkglext-1.0 /usr/lib/gtkglext-1.0/include /usr/include/gdk-pixbuf-2.0/) ++include ( FindPkgConfig ) ++pkg_check_modules ( GLIB_2.0 glib-2.0 ) ++pkg_check_modules ( GTK_2.0 gtk+-2.0 ) ++ ++INCLUDE_DIRECTORIES ( ${GTK_2.0_INCLUDE_DIRS} /usr/include/atk-1.0 /usr/include/cairo /usr/include/pango-1.0 ${GLIB_2.0_INCLUDE_DIRS} /usr/include/pixman-1 /usr/include/freetype2 /usr/include/directfb /usr/include/libpng12 /usr/include/gtkglext-1.0 /usr/lib/gtkglext-1.0/include /usr/include/gdk-pixbuf-2.0/) + LINK_LIBRARIES ( gtk-x11-2.0 gdk-x11-2.0 atk-1.0 pangoft2-1.0 gdk_pixbuf-2.0 m pangocairo-1.0 gio-2.0 cairo pango-1.0 freetype fontconfig gobject-2.0 gmodule-2.0 glib-2.0 GL GLU gtkglext-x11-1.0 gdkglext-x11-1.0) + + # GTK_INCLUDE_DIR - Directories to include to use GTK
Bug#636177: blender: Blender is no longer buildable in sid
Package: blender Version: 2.58-svn37702-1 Severity: serious Tags: patch sid Justification: fails to build from source User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu oneiric ubuntu-patch libglew1.5-dev was removed from sid, there is now a libglew1.6-dev, however, it provides a virtual package of libglew-dev *** /tmp/tmp2G8Ush In Ubuntu, the attached patch was applied to achieve the following: * Build depend on libglew-dev instead of libglew1.5-dev since the latter no longer exists. This effectively transitions to libglew1.6. - update debian/control Thanks for considering the patch. -- System Information: Debian Release: squeeze/sid APT prefers natty-updates APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty-proposed'), (500, 'natty'), (100, 'natty-backports') Architecture: amd64 (x86_64) Kernel: Linux 2.6.38-11-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru blender-2.58-svn37702/debian/changelog blender-2.58-svn37702/debian/changelog diff -Nru blender-2.58-svn37702/debian/control blender-2.58-svn37702/debian/control --- blender-2.58-svn37702/debian/control 2011-06-27 06:52:07.0 -0500 +++ blender-2.58-svn37702/debian/control 2011-07-31 22:11:22.0 -0500 @@ -31,7 +32,7 @@ libjack-dev, libsamplerate0-dev, libfftw3-dev, - libglew1.5-dev, + libglew-dev, liblzma-dev, liblzo2-dev, Build-Conflicts: nvidia-glx
Bug#636177: blender: Blender is no longer buildable in sid
severity 636177 minor retitle 636177 Blender depends on libglew1.5-dev which is only a virtual package done Seems I jumped the gun here and didn't realize it was provided as a virtual package by the new libglew1.6-dev. So, it's still buildable. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#636097: pidgin-skype FTBFS with multiarch
Package: pidgin-skype Version: 20110407+svn612+dfsg-1 Severity: serious Tags: patch Justification: fails to build from source User: multiarch-de...@lists.alioth.debian.org Usertags: origin-ubuntu oneiric ubuntu-patch multiarch pidgin-skype currently has include paths hard coded which break with multiarch. Rather than hardcoding multiarch paths, this patch makes use of pkg-config * Use pkg-config to find glib and dbus include paths (LP: #756174) - add debian/patches/use-pkg-config.patch - update debian/patches/series * Add libdbus-1-dev and pkg-config to build-deps - update debian/control Thanks for considering the patch. -- System Information: Debian Release: squeeze/sid APT prefers natty-updates APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty-proposed'), (500, 'natty'), (100, 'natty-backports') Architecture: amd64 (x86_64) Kernel: Linux 2.6.38-11-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru pidgin-skype-20110407+svn612+dfsg/debian/changelog pidgin-skype-20110407+svn612+dfsg/debian/changelog diff -Nru pidgin-skype-20110407+svn612+dfsg/debian/control pidgin-skype-20110407+svn612+dfsg/debian/control --- pidgin-skype-20110407+svn612+dfsg/debian/control 2011-04-10 19:01:15.0 -0500 +++ pidgin-skype-20110407+svn612+dfsg/debian/control 2011-07-20 20:44:59.0 -0500 @@ -1,9 +1,9 @@ Source: pidgin-skype Section: contrib/net Priority: optional +Maintainer: Gabriele Giacone 1o5g4...@gmail.com Build-Depends: debhelper (= 7.0.50~), libglib2.0-dev, - libpurple-dev (= 2.1.1), libx11-dev, librsvg2-bin + libpurple-dev (= 2.1.1), libx11-dev, librsvg2-bin, libdbus-1-dev, pkg-config Standards-Version: 3.9.2 DM-Upload-Allowed: yes Homepage: http://eion.robbmob.com/ diff -Nru pidgin-skype-20110407+svn612+dfsg/debian/patches/series pidgin-skype-20110407+svn612+dfsg/debian/patches/series --- pidgin-skype-20110407+svn612+dfsg/debian/patches/series 2011-04-10 19:01:15.0 -0500 +++ pidgin-skype-20110407+svn612+dfsg/debian/patches/series 2011-07-20 20:42:00.0 -0500 @@ -1 +1,2 @@ 00Makefile +use-pkg-config.patch diff -Nru pidgin-skype-20110407+svn612+dfsg/debian/patches/use-pkg-config.patch pidgin-skype-20110407+svn612+dfsg/debian/patches/use-pkg-config.patch --- pidgin-skype-20110407+svn612+dfsg/debian/patches/use-pkg-config.patch 1969-12-31 18:00:00.0 -0600 +++ pidgin-skype-20110407+svn612+dfsg/debian/patches/use-pkg-config.patch 2011-07-24 02:59:04.0 -0500 @@ -0,0 +1,19 @@ +Description: Use pkg-config to find include paths + We can use pkg-config to find the dbus and glib include paths + instead of hard coding them so the build doesn't break w/multiarch. +Author: Micah Gersten mic...@ubuntu.com +Bug-Ubuntu: https://bugs.launchpad.net/bugs/756174 + +--- pidgin-skype-20110407+svn612+dfsg.orig/Makefile pidgin-skype-20110407+svn612+dfsg/Makefile +@@ -6,8 +6,8 @@ WIN32_COMPILER = /usr/bin/i586-mingw32-g + LINUX_ARM_COMPILER = arm-none-linux-gnueabi-gcc + + LIBPURPLE_CFLAGS = -I/usr/include/libpurple -DPURPLE_PLUGINS -DENABLE_NLS +-GLIB_CFLAGS = -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/lib64/glib-2.0/include -I/usr/include +-DBUS_CFLAGS = -DSKYPE_DBUS -I/usr/include/dbus-1.0 -I/usr/lib/dbus-1.0/include -I/usr/lib64/dbus-1.0/include ++GLIB_CFLAGS = `pkg-config --cflags glib-2.0` -I/usr/include ++DBUS_CFLAGS = -DSKYPE_DBUS `pkg-config --cflags dbus-1` + WIN32_DEV_DIR = /root/pidgin/win32-dev + WIN32_PIDGIN_DIR = /root/pidgin/pidgin-2.6.1 + WIN32_CFLAGS = -DPURPLE_PLUGINS -DENABLE_NLS -I${WIN32_DEV_DIR}/gtk_2_0/include/glib-2.0 -I${WIN32_PIDGIN_DIR}/libpurple/win32 -I${WIN32_PIDGIN_DIR}/libpurple -I${WIN32_DEV_DIR}/gtk_2_0/include -I${WIN32_DEV_DIR}/gtk_2_0/include/glib-2.0 -I${WIN32_DEV_DIR}/gtk_2_0/lib/glib-2.0/include
Bug#627793: pytrainer still has binary depends on python-gtkmozembed
The patches are in to port to webkit, but the binary depends haven't been updated to reflect this. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#625783: gnome-control-center: Add Breaks/Replaces to fix file conflict with old gnome-settings-daemon
Package: gnome-control-center Version: 1:3.0.1.1-1 Severity: normal Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu oneiric ubuntu-patch *** /tmp/tmpHRcGRK In Ubuntu, the attached patch was applied to achieve the following: * fix LP: #786417 - upgrade failure due to overwrite attempt; Add Breaks/Replaces on g-s-d ( 3.0~) for gnome-control-center-data - update debian/control Thanks for considering the patch. -- System Information: Debian Release: squeeze/sid APT prefers natty-updates APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty'), (300, 'natty-proposed'), (100, 'natty-backports') Architecture: amd64 (x86_64) Kernel: Linux 2.6.38-8-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru gnome-control-center-3.0.1.1/debian/control gnome-control-center-3.0.1.1/debian/control --- gnome-control-center-3.0.1.1/debian/control 2011-05-20 06:42:15.0 -0500 +++ gnome-control-center-3.0.1.1/debian/control 2011-05-22 23:07:55.0 -0500 @@ -99,7 +99,8 @@ Recommends: gnome-control-center (= ${source:Version}) Provides: capplets-data Conflicts: capplets-data -Replaces: capplets-data, gnome-media-common ( 2.91) +Replaces: capplets-data, gnome-media-common ( 2.91), gnome-settings-daemon ( 3.0~) +Breaks: gnome-settings-daemon ( 3.0~) Description: configuration applets for GNOME - data files This package contains data files (icons, pixmaps, locales files) needed by the configuration applets in the gnome-control-center package. diff -Nru gnome-control-center-3.0.1.1/debian/control.in gnome-control-center-3.0.1.1/debian/control.in --- gnome-control-center-3.0.1.1/debian/control.in 2011-05-20 06:42:13.0 -0500 +++ gnome-control-center-3.0.1.1/debian/control.in 2011-05-22 23:07:19.0 -0500 @@ -94,7 +94,8 @@ Recommends: gnome-control-center (= ${source:Version}) Provides: capplets-data Conflicts: capplets-data -Replaces: capplets-data, gnome-media-common ( 2.91) +Replaces: capplets-data, gnome-media-common ( 2.91), gnome-settings-daemon ( 3.0~) +Breaks: gnome-settings-daemon ( 3.0~) Description: configuration applets for GNOME - data files This package contains data files (icons, pixmaps, locales files) needed by the configuration applets in the gnome-control-center package.
Bug#614864: ping?
Hi folks, This security issue really needs to be dealt with, I'm concerned that we are getting close to one month from when the bug was first reported to the BTS, we are already over one month from when the bug was reported upstream. I'm looking for any feedback on the work I did... micah -- pgpT5pKpqyUzU.pgp Description: PGP signature
Bug#614008: patch for pyexiv2 0.3 compatibility
user ubuntu-de...@lists.ubuntu.com usertag 614008 + ubuntu-patch natty tags 614008 +patch thanks This patch is from Oliver Tilloy and his name is registered as the author in the patch. Any attribution should go to him. Please close LP: #710874 in the changelog as well if you apply this or something similar. Author: Olivier Tilloy oliv...@tilloy.net Description: Adapt all uses of pyexiv2 to the new API (⥠0.2). This patch actually makes use of new APIs introduced in pyexiv2 0.3, and would therefore require minor changes to work with pyexiv2 0.2 too. Bug: https://bugs.launchpad.net/phatch/+bug/585169 Index: phatch-natty/AUTHORS === --- phatch-natty.orig/AUTHORS 2011-01-27 21:12:16.609852151 +0100 +++ phatch-natty/AUTHORS 2011-01-27 21:12:23.659852151 +0100 @@ -27,7 +27,7 @@ http://wxglade.sourceforge.net/ - wxGlade - Alberto Griggio pubsub.py - wxWidgets license - Oliver Schoenborn http://wiki.wxpython.org/TextCtrlAutoComplete - TextCtrlAutoComplete.py - wxWidgets license - Edward Flick (CDF Inc, http://www.cdf-imaging.com) -http://tilloy.net/dev/pyexiv2/ - PyExiv2 - GPL license - Olivier Somon +http://tilloy.net/dev/pyexiv2/ - pyexiv2 - GPL license - Olivier Tilloy http://www.gnome.org/projects/nautilus/ - python-nautilus - GPL license http://www.pythonware.com/products/pil/ - Python Image Library 1.1.6 - PIL license - Fredrik Lundh http://www.wxpython.org - wxPython 2.8.7.1 - wxWidgets license - Robin Dunn Index: phatch-natty/phatch/core/pil.py === --- phatch-natty.orig/phatch/core/pil.py 2011-01-27 21:12:16.629852151 +0100 +++ phatch-natty/phatch/core/pil.py 2011-01-27 21:12:23.659852151 +0100 @@ -180,8 +180,8 @@ metadata.InfoZexif: image} #check format - readable/writable metadata with pyexiv2 if exif and exif.is_readable_format(image.format): -self.pyexiv2 = pyexiv2.Image(path) -self.pyexiv2.readMetadata() +self.pyexiv2 = pyexiv2.ImageMetadata(path) +self.pyexiv2.read() self.writable_exif = exif.is_writable_format_exif(image.format) self.writable_iptc = exif.is_writable_format_exif(image.format) self.writable = self.writable_exif or self.writable_iptc @@ -308,14 +308,9 @@ self.assert_transparency() del self.get_pil().info[tag] return -pyexiv2_tag = self._fix(tag) # pexiv2 demands str -# a bit clumsy but pyexiv2 does not support get or in -try: -pyexiv2_tag_value = self.pyexiv2[pyexiv2_tag] -except KeyError: -pyexiv2_tag_value = None -if self.pyexiv2 and pyexiv2_tag_value != None: -self.pyexiv2[pyexiv2_tag] = None +pyexiv2_tag = self._fix(tag) # pyexiv2 demands str +if pyexiv2_tag in self.pyexiv2: +del self.pyexiv2[pyexiv2_tag] if tag in self: super(InfoPhoto, self).__delitem__(tag) @@ -343,7 +338,26 @@ super(InfoPhoto, self).__setitem__(tag, value) if metadata.RE_PYEXIV2_TAG_EDITABLE.match(tag): try: -self.pyexiv2[self._fix(tag)] = value +key = self._fix(tag) +if isinstance(value, metadata.DateTime): +self.pyexiv2[key] = value.datetime +else: +if key.startswith('Iptc'): +stripped = value.strip() +if stripped.startswith('[') and stripped.endswith(']'): +# This looks like a list of values +try: +values = eval(stripped) +except SyntaxError: +value = [value] +else: +if isinstance(values, list): + value = values +else: + value = [value] +else: +value = [value] +self.pyexiv2[key] = value except Exception, message: raise KeyError('%s:\n%s' % (_('Impossible to write tag %s') % tag, message)) Index: phatch-natty/phatch/data/info.py === --- phatch-natty.orig/phatch/data/info.py 2011-01-27 21:12:16.639852151 +0100 +++ phatch-natty/phatch/data/info.py 2011-01-27 21:12:23.659852151 +0100 @@ -310,9 +310,9 @@ 'license': 'wxWidgets license', 'url': 'http://wiki.wxpython.org/TextCtrlAutoComplete', }, -{'name': 'PyExiv2', +{'name': 'pyexiv2', 'url': 'http://tilloy.net/dev/pyexiv2/', -'author': 'Olivier Somon', +'author': 'Olivier Tilloy',
Bug#614864: patch
Hi, I decided to help a little bit moving these issues forward. I did what I could, but now the more experienced debian rails people need to act. In particular, there is a decision that needs to be made for CVE-2011-0446, and a review of the fix I did for CVE-2011-0447. I am happy to help facilitate in any other way, but I need others who have more experience to weigh in on those. Both of these CVEs affect all versions of rails, including those in oldstable. CVE-2011-0446 - Patch for rails 2.3 to fix CVE-2011-0446 is here: http://rubyonrails-security.googlegroups.com/attach/365b8a23b76a6b4a/2-3-mailto.patch?part=3 The upstream commit id is: abe97736b8316f1b714cac56c115c0779aa73217 Looking through the commit log for the above fix, it was done to rails 2.3.11, which has had three other commits that touched actionpack/lib/action_view/helpers/url_helper.rb, the largest one is 9ca6df83f606a0fb8be3815328111d0cdaa7c65b which backports html_safe and the latest rails_xss plugin. This change seems to be a pre-requisite for the security fix, the sad thing is that it is a big change. I did not do anything with CVE-2011-0446 as it was intrusive, hopefully others who have experience with this package can weigh in on the best way forwards with this one. Once this is resolved a security release could happen. CVE-2011-0447 - The patch for rails 2.1 to fix CVE-2011-0447 is here: http://rubyonrails-security.googlegroups.com/attach/c22ea1668c0d181c/2-1-csrf.patch?part=3 I was able to cherry-pick this commit (d622353dd399908770473d417ecef028524b8c8b) from upstream's git repo into the debian debian-lenny branch without any conflicts. I went ahead and did that and have committed it, along with a changelog entry and a NEWS entry that comes straight from the mailing list. It is my opinion that the fix for lenny in 2.1 is done. Please someone who has more skills in rails review this to make sure it is good, and then I think it can be uploaded after contacting the security team. The patch for rails 2.3 to fix CVE-2011-0447 is here: http://rubyonrails-security.googlegroups.com/attach/c22ea1668c0d181c/2-3-csrf.patch?part=5 I was able to cherry-pick this commit (9998f79b9cf9c60b07baf4c23a02178034e06d85) from upstream's git repo into the debian v2.3-stable branch without any conflicts. I also went ahead and committed this change, along with a changelog entry and a NEWS entry that came from the mailing list, identical to the debian-lenny 2.1 one above. Once CVE-2011-0446 has been resolved for 2.3, then this can be uploaded. A few notes: 1. I noticed that the upload that made it into squeeze was never tagged as debian/2.3.5-1.2, so I went ahead and did that. 2. I wasn't sure what the difference between the branch 'debian-lenny' and v2.1-stable were. The 'debian-lenny' one seemed to have the most recent security fixes, and had a debian directory, so I went with that one. 3. v2.3-stable seemed to be the place for squeeze fixes, which differs from the nomenclature used in #2, perhaps that fix should be in a debian-squeeze branch? If so, then please change it, and clarify #2 for v2.3-stable too. Micah -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#603882: util-vserver: startup script breaks boot (on sparc)
On Thu, 18 Nov 2010 04:13:20 +0100 (CET), Daniel Hokka Zakrisson dan...@hozac.com wrote: What dietlibc version was used to build the binaries? Does it have http://people.linux-vserver.org/~dhozac/p/m/delta-dietdirent-fix01.diff applied? IIRC this was one way that problem exhibited itself. Looking at the build logs for sparc, it looks like 0.32-5 of dietlibc was used. Looking at the debian source for that version of dietlibc, and comparing it to the patch you reference, no it was not applied. That patch is odd, all it does is move the int below the char buf[PAGE_SIZE-(sizeof (int)*3)]; what is going on there? micah pgpJlxeUlvxFV.pgp Description: PGP signature
Bug#603882: util-vserver: startup script breaks boot (on sparc)
On Thu, 18 Nov 2010 04:13:20 +0100 (CET), Daniel Hokka Zakrisson dan...@hozac.com wrote: What dietlibc version was used to build the binaries? Does it have http://people.linux-vserver.org/~dhozac/p/m/delta-dietdirent-fix01.diff applied? IIRC this was one way that problem exhibited itself. Actually, I lied. The patch *is* applied. I was looking at the unpatched source, but if I looked at the patched source before its built, it is in fact there. micah pgpQ00Mmbq6M7.pgp Description: PGP signature