Re: patching a package?

[Lionel Elie Mamane]

On Mon, May 08, 2006 at 11:32:38PM -0500, Jason D. Clinton wrote:

> Sorry, I'm new to the dpkg system. I looking around on the web site
> and couldn't seem to find good docs on this specific
> issue. Appologies if I missed it.

> I want to take a Debian source package and make a few changes to do
> it and then recompres it and test it. If it works I want to generate
> a patch which I can send to the maintainer. What would be the best
> way to do this?

apt-get source ${PACKAGE}
cp -R ${PACKAGE}-${VERSION} ${PACKAGE}-${VERSION}.pristine-deb
cd ${PACKAGE}-${VERSION}
# hack away
cd ..
diff --recursive -u ${PACKAGE}-${VERSION}.pristine-deb ${PACKAGE}-${VERSION} > 
descriptive_name.patch
#(add -N option to diff if appropriate)
#send descriptive_name.patch to the maintainer, probably through a bug
#report.

-- 
Lionel


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Re: screenshot with package description

[Christian Perrier]

Quoting Gonéri Le Bouder ([EMAIL PROTECTED]):
> >> I think that tools like synaptic or Debian Installer should have an option 
> to 
> >> provided a screenshot or/and the project logo with the text description.
> 
> 
> >The graphical version of D-I will include a "screenshot" option.
> Hello,
> 
> Where can i get information about that?

Asking on debian-boot, the development mailing list of D-I.

And, of course, in d-i code...more specifically in the cdebconf
package code.

> Where will be stored the pictures? Did you already begun to collect 
> screenshot?

No, as the intent is currently being more a help in debugging than an
advertising support (of course, it can also be used as an advertising
support...:-))).



signature.asc
Description: Digital signature

patching a package?

[Jason D. Clinton]

Third try posting this. Something is wrong with Debian's mail server?

Sorry, I'm new to the dpkg system. I looking around on the web site and
couldn't seem to find good docs on this specific issue. Appologies if I
missed it.

I want to take a Debian source package and make a few changes to do it
and then recompres it and test it. If it works I want to generate a
patch which I can send to the maintainer. What would be the best way to
do this?



signature.asc
Description: This is a digitally signed message part

Re: bits from the release team

[James R. Van Zandt]

Florian Weimer <[EMAIL PROTECTED]> writes:
>   * Goswin von Brederlow:
>
>   > Doesn't work if the key is ever compromised and a new one has to be
>   > created out of schedule. Or when you spend your x-mas holidays away
>   > from your system and couldn't upgrade before new years eve.
>
>   Exactly, and this begs the question why we rotate keys at all.

Good question.  I'd like to see the answer posted over at
wiki.debian.org.  (I understand in general how public key crypto
systems work.  However, these discussions of key rollover are getting
me lost.  Maybe a good description of "why" will clarify the
discussion of "how".)

 - Jim Van Zandt


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#366483: ITP: oci-mpc -- The Makefile, Project and Workspace Creator

[alex bodnaru]

Package: wnpp
Severity: wishlist
Owner: alex bodnaru <[EMAIL PROTECTED]>


* Package name: oci-mpc
  Version : 3.3.95
  Upstream Author : Designed by Justin Michel ([EMAIL PROTECTED]) and Chad 
Elliott.
Implemented by Chad Elliott ([EMAIL PROTECTED]).
* URL : http://www.example.org/
* License : Close to BSD:
 Since MPC is open source and free of licensing fees, you are free to use,
 modify, and distribute the source code, as long as you include this
 copyright statement.
 In particular, you can use MPC to build proprietary software and are under
 no obligation to redistribute any of your source code that is built using
 MPC. Note, however, that you may not do anything to the MPC code, such as
 copyrighting it yourself or claiming authorship of the MPC code, that will
 prevent MPC from being distributed freely using an open source development
 model.

  Programming Lang: Perl
  Description : The Makefile, Project and Workspace Creator

 A single tool (MPC) can be used to generate tool specific input (i.e.
 Makefile, dsp, vcproj, etc).  The generator takes platform and building
 tool generic files (mpc files) as input which describe basic information
 needed to generate a "project" file for various build tools.  These tools
 include Make, NMake, Visual C++ 6, Visual C++ 7, etc.

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-skas3-v8.2
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#366482: ITP: dnscruft -- feeds Bind a list of domains as useful as doubleclick.com or less

[Adam Borowski]

Package: wnpp
Severity: wishlist
Owner: Adam Borowski <[EMAIL PROTECTED]>

* Package name : dnscruft
  Version  : 0.20060508-1
* URL  : file://home/kilobyte/dnscruft/
  Initial packages : http://angband.pl/debian/dnscruft/
  Apt  : deb[-src] http://angband.pl/debian unstable main
* License  : GPL
  Description  : feeds Bind a list of domains as useful as doubleclick.com 
or less
 Adverts are an atrocity that plagues "teh Intarweb"; in a typical ISP
 scenario you can expect even up to 1/3 of all http requests to carry
 annoyances instead of useful traffic.  Moreover, such requests are
 usually not-cacheable.
 .
 This package can seed up your DNS server with either prepackaged lists of
 domains or your own selection; it may be used to fight ads/crapware or to
 help enforce your policy against any list of sites you have a database of.
 .
 For the purpose of blocking ads you may want to also look at an alternate
 means like FireFox+Adblock for personal use or Squid+Adzapper for your
 users -- these means grant a more fine-grained control.  On the other
 hand, dnscruft uses far less resources and blocks a much greater range
 of win32 malware, browser hijackers, drive-by-downloads, traffic analysis
 spies or fine products of Russian newest phisheries.
 And, no one says you can't use both dnscruft and URL-based controls.


Annoyed by the amount of crap, I've taken my personal block lists
(gathered over a few years) and combined them with a number of publicly
available ones.  However, the lists I found all contain quite a lot of
false positives -- domains which contain not only cruft but also some
(questionably) redeeming values.  Popular items include for example
rackspace.com (Fanatical Ads(tm)), eads.com (aeronautics),
astalavista.box.sk (a search engine for cracks/serials) or even
myspace.com (THE bane of good taste/reason).  Thus, such existing
lists may be used as-is only on personal/company networks.

To make them useful, I've included only entries I've checked by hand.
As checking >12 hosts would be an inhuman task, I covered only
those with most incidence on the source lists and/or in Squid logs of
two ISPs which are ahead of others in my quest for world domination.
Thus, I believe a good percentage of current scum will be blocked
with very few false positives.

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-1-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: screenshot with package description

[Andrew Donnellan]

On 5/9/06, Gonéri Le Bouder <[EMAIL PROTECTED]> wrote:

Hi Florian,
> First, do you plan to make some rules for the screenshots ? Like for X11
>apps... "screenshots should be took under WM 'x', version 'y', and
>theme 'z'" ?
We have to keep the default setting of the the application.


We don't really need to have consistent WMs and consistent version of
WMs, just take a screenshot in a normal usage environment, e.g.
Konqueror in KDE, Nautilus in GNOME, a Qt app would most likely look
better under KDE, etc.

andrew

--
Andrew Donnellan
http://andrewdonnellan.com
http://ajdlinux.blogspot.com
Jabber - [EMAIL PROTECTED]
---
Member of Linux Australia - http://linux.org.au
Debian user - http://debian.org
Get free rewards - http://ezyrewards.com/?id=23484
OpenNIC user - http://www.opennic.unrated.net

Re: Bug#366328: ITP: bsp -- nodes builder for doom-engine levels

[Darren Salt]

I demand that Jamie Jones may or may not have written...

> On Sun, 2006-05-07 at 16:59 +0200, Pierre Habouzit wrote:
>> Le Dim 7 Mai 2006 15:07, Jon Dowland a écrit :
>>>  BSP is a tool for calculating the Binary Space Partition (BSP) for
>>>  doom-engine levels. The result is stored in the NODES lump for the
>>>  level. Levels need a NODES lump in order to be playable.
[snip]
>>>  BSP also exploits some corner-cases of the doom rendering engine to
>>>  provide special effects such as transparent doors.

> How does this compare to Zennode
> ? or glBSP
> ( and .debs are
> ) for node
> building ?

Good question...

The only advantage which I can immediately see is its special effects
handling for linedefs with tags >= 900. OTOH, glbsp has support for
OpenGL-based Doom engines such as EDGE (which depends on the library
component of glbsp).

Note that I have packages for etch and sid, too :-)

-- 
| Darren Salt| linux or ds at  | nr. Ashington, | Toon
| RISC OS, Linux | youmustbejoking,demon,co,uk | Northumberland | Army
| + Output less CO2 => avoid massive flooding.TIME IS RUNNING OUT *FAST*.

A soft drink turneth away company.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bug#366359: ITP: libnet-smtpauth-perl -- Simple Mail Transfer Protocol client with AUTHentication

[Nacho Barrientos Arias]

Date: Mon, 8 May 2006 15:28:58 +0200
Nacho Barrientos Arias <[EMAIL PROTECTED]> wrote:

> Date: Mon, 8 May 2006 09:13:39 +0200
> "Milan P. Stanic" <[EMAIL PROTECTED]> wrote:
> 
> > Net::SMTP already supports AUTH service extension (RFC2554), IIRC.
> > 
> > Is it wise to have two Perl modules for the same task with a different
> > syntax?
> 
> I considered this issue when i sent this ITP, but a new upstream version
> of a package i'm maintaining needs it as dependency (require
> NET::SMTP_auth).

Talking with upstream he said me that some needed features aren't
included in Net::SMTP, so that Net::SMTP_auth is required.

-- 
Nacho Barrientos Arias <[EMAIL PROTECTED]>
http://criptonita.com/~nacho


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: trouble sending email with caff (pgp-tools / signing-party)

[Tim Olsen]

On 5/8/06, Marco d'Itri <[EMAIL PROTECTED]> wrote:

On May 08, Tim Olsen <[EMAIL PROTECTED]> wrote:

> That's because it's behind a firewall like I said.  My mail works
> fine, as long as the Sender: field is not set.
No, the envelope sender is wrong and the Sender header is not related to
this. A correctly configured server will reject your mail.

>  Is my mail setup still considered "broken" ?
Totally.


ok.  I've reconfigured it to use a smart host.  caff email is working now.

thanks for the help!

-Tim



--
ciao,
Marco


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEX6Z6FGfw2OHuP7ERAtM8AJ4mEQtXhHsM92g99nhIuEHsthKpTwCglqkm
OStEt/IExdLMyT/ht4kxXjI=
=4G8T
-END PGP SIGNATURE-

Re: trouble sending email with caff (pgp-tools / signing-party)

[Peter Palfrader]

On Mon, 08 May 2006, Tim Olsen wrote:

> On 5/8/06, Peter Palfrader <[EMAIL PROTECTED]> wrote:
> >On Mon, 08 May 2006, Tim Olsen wrote:
> >
> >> Is this something that should be fixed in perl's mailtools or is my
> >> MTA setup not kosher?  I prefer to have my MTA send mail because my
> >> internal networks smart host is overloaded.
> >>
> >> host ALUM-2.mit.edu [18.7.21.145]: 553 5.1.8 
> ><[EMAIL PROTECTED]>... Domain of sender address 
> >[EMAIL PROTECTED] does not exist
> >>
> >> Return-path: <[EMAIL PROTECTED]>
> >> Received: from tim by lemonchord.limewire.com with local (Exim 4.62)
> >>   (envelope-from <[EMAIL PROTECTED]>)
> >>   id 1Fd9Y6-0007nZ-31; Mon, 08 May 2006 13:29:34 -0400
> >
> >The address you use in the envelope does not exist (Host
> >lemonchord.limewire.com not found: 3(NXDOMAIN)).  Fix your Mail
> >setup.
> 
> That's because it's behind a firewall like I said.  My mail works
> fine, as long as the Sender: field is not set.  Is my mail setup still
> considered "broken" ?

Yes.  It's not the Sender: field.  It's the information in the envelope
from.  That's the place where bounces go, and it has to exist and it
has to accept mail.

Peter
-- 
   |  .''`.  ** Debian GNU/Linux **
  Peter Palfrader  | : :' :  The  universal
 http://www.palfrader.org/ | `. `'  Operating System
   |   `-http://www.debian.org/

Re: Bug#366328: ITP: bsp -- nodes builder for doom-engine levels

[Jon Dowland]

At 1147084722 past the epoch, Jamie Jones wrote:
> G'day Jon,

Hello! (nice hostname btw)

> How does this compare to Zennode (
> http://www.mrousseau.org/programs/ZenNode/ ) ? or glBSP (
> http://glbsp.sourceforge.net/ and .debs are
> http://www.youmustbejoking.demon.co.uk/progs.sarge.html#glbsp )for
> node building ? 

glBSP is a derivation of BSP which implements an extension
(backwards-compatible) to the original doom BSP spec which
makes GL-powered doom derivations work better. There are 6
(I believe) such derivations, one of which is in Debian (but
is not supplied with GL support), two of which could be, the
other 3 of which are non-DFSG free.

Zennode is a separate implementation of a BSP calculator for
Doom. Some people get better results with zennode than BSP
and vice/versa: It seems to be a matter of taste which to
use.

I was not aware of an effort to package glBSP; thank you for
pointing it out. I shall contact the packager to determine
whether he has any ambition for glbsp to enter main.


Yours,

-- 
Jon Dowland
http://alcopop.org/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: trouble sending email with caff (pgp-tools / signing-party)

[Marco d'Itri]

On May 08, Tim Olsen <[EMAIL PROTECTED]> wrote:

> That's because it's behind a firewall like I said.  My mail works
> fine, as long as the Sender: field is not set.
No, the envelope sender is wrong and the Sender header is not related to
this. A correctly configured server will reject your mail.

>  Is my mail setup still considered "broken" ?
Totally.

-- 
ciao,
Marco


signature.asc
Description: Digital signature

Re: trouble sending email with caff (pgp-tools / signing-party)

[Tim Olsen]

On 5/8/06, Peter Palfrader <[EMAIL PROTECTED]> wrote:

On Mon, 08 May 2006, Tim Olsen wrote:

> Is this something that should be fixed in perl's mailtools or is my
> MTA setup not kosher?  I prefer to have my MTA send mail because my
> internal networks smart host is overloaded.
>
> host ALUM-2.mit.edu [18.7.21.145]: 553 5.1.8 <[EMAIL PROTECTED]>... 
Domain of sender address [EMAIL PROTECTED] does not exist
>
> Return-path: <[EMAIL PROTECTED]>
> Received: from tim by lemonchord.limewire.com with local (Exim 4.62)
>   (envelope-from <[EMAIL PROTECTED]>)
>   id 1Fd9Y6-0007nZ-31; Mon, 08 May 2006 13:29:34 -0400

The address you use in the envelope does not exist (Host
lemonchord.limewire.com not found: 3(NXDOMAIN)).  Fix your Mail
setup.


That's because it's behind a firewall like I said.  My mail works
fine, as long as the Sender: field is not set.  Is my mail setup still
considered "broken" ?

thanks,
Tim




--
   |  .''`.  ** Debian GNU/Linux **
  Peter Palfrader  | : :' :  The  universal
 http://www.palfrader.org/ | `. `'  Operating System
   |   `-http://www.debian.org/


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: trouble sending email with caff (pgp-tools / signing-party)

[Peter Palfrader]

On Mon, 08 May 2006, Tim Olsen wrote:

> Is this something that should be fixed in perl's mailtools or is my
> MTA setup not kosher?  I prefer to have my MTA send mail because my
> internal networks smart host is overloaded.
> 
> host ALUM-2.mit.edu [18.7.21.145]: 553 5.1.8 <[EMAIL PROTECTED]>... 
> Domain of sender address [EMAIL PROTECTED] does not exist
> 
> Return-path: <[EMAIL PROTECTED]>
> Received: from tim by lemonchord.limewire.com with local (Exim 4.62)
>   (envelope-from <[EMAIL PROTECTED]>)
>   id 1Fd9Y6-0007nZ-31; Mon, 08 May 2006 13:29:34 -0400

The address you use in the envelope does not exist (Host
lemonchord.limewire.com not found: 3(NXDOMAIN)).  Fix your Mail
setup.

-- 
   |  .''`.  ** Debian GNU/Linux **
  Peter Palfrader  | : :' :  The  universal
 http://www.palfrader.org/ | `. `'  Operating System
   |   `-http://www.debian.org/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bug#366328: ITP: bsp -- nodes builder for doom-engine levels

[Jon Dowland]

At 1147021163 past the epoch, Pierre Habouzit wrote:
> given that the upstream name seems to be doombsp, 

The upstream name is BSP: only the sf.net project name is
doombsp. I can only hazard that either cph or the SF staff
thought of BSP as being too generic. 

> and that bsp is a common tla: Bug Squash Party, Binary
> Space Partition, ... it seems more adequate to name it
> doomdsp to avoid namespace clashes.

It is a fairly common tla, yes, but it doesn't clash with
Binary Space Partition, it /is/ Binary Space Partition :-)

I'm quite happy to rename the package to doombsp, although
I'm be less inclined to rename the binary, the orig.tar.gz,
the documentation, etc., unless (given this explanation) you
still suggest it necessary.


-- 
Jon Dowland
http://alcopop.org/


signature.asc
Description: Digital signature

trouble sending email with caff (pgp-tools / signing-party)

[Tim Olsen]

Hello,

I am trying to use caff send signed keys from a key-signing party. 
caff successfully signs each key but some of the emails are refused

because the receiver's server fails to verify the sender.

My MTA is set to receive and send mail on its own; however, it is
behind a firewall so the actual sender's address is not routeable
(I've set the From address to be a routeable address).  This does not
cause a problem with my usual mail.  I can send mail to outside
addresses just fine.

I believe the problem may stem from perl's mailtools library setting
the Sender: field.  My usual mail does not have this problem.

I am attaching the bounce message and a successfully sent email to my
gmail address.  You'll see that the original email in the bounce
message has a Sender: field and the email sent to my gmail address
does not.

Is this something that should be fixed in perl's mailtools or is my
MTA setup not kosher?  I prefer to have my MTA send mail because my
internal networks smart host is overloaded.

thanks,
Tim
>From MAILER-DAEMON Mon May 08 13:29:37 2006
Return-path: <>
Envelope-to: [EMAIL PROTECTED]
Delivery-date: Mon, 08 May 2006 13:29:37 -0400
Received: from Debian-exim by lemonchord.limewire.com with local (Exim 4.62)
id 1Fd9Y9-0007nf-Bc
for [EMAIL PROTECTED]; Mon, 08 May 2006 13:29:37 -0400
X-Failed-Recipients: [EMAIL PROTECTED],
  [EMAIL PROTECTED]
Auto-Submitted: auto-replied
From: Mail Delivery System <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Mail delivery failed: returning message to sender
Message-Id: <[EMAIL PROTECTED]>
Date: Mon, 08 May 2006 13:29:37 -0400
Status: RO
Content-Length: 5592
Lines: 110

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  [EMAIL PROTECTED]
SMTP error from remote mail server after RCPT TO:<[EMAIL PROTECTED]>:
host master.debian.org [146.82.138.7]: 550-Verification failed for <[EMAIL 
PROTECTED]>
550-Unrouteable address
550 Sender verify failed
  [EMAIL PROTECTED]
SMTP error from remote mail server after MAIL FROM:<[EMAIL PROTECTED]> 
SIZE=5859:
host ALUM-2.mit.edu [18.7.21.145]: 553 5.1.8 <[EMAIL PROTECTED]>... Domain 
of sender address [EMAIL PROTECTED] does not exist

-- This is a copy of the message, including all the headers. --

Return-path: <[EMAIL PROTECTED]>
Received: from tim by lemonchord.limewire.com with local (Exim 4.62)
(envelope-from <[EMAIL PROTECTED]>)
id 1Fd9Y6-0007nZ-31; Mon, 08 May 2006 13:29:34 -0400
MIME-Version: 1.0
Subject: Your signed PGP key 0x89CD4B21607559E6
User-Agent: caff 0.0.0.278 - http://pgp-tools.alioth.debian.org/
X-Mailer: MIME-tools 5.420 (Entity 5.420)
Sender: "Tim Olsen,,," <[EMAIL PROTECTED]>
Content-Type: multipart/encrypted;
 protocol="application/pgp-encrypted";
 boundary="--=_1147109373-29937-1"
To: [EMAIL PROTECTED]
Content-Transfer-Encoding: 7bit
From: "Timothy Olsen" <[EMAIL PROTECTED]>
Message-Id: <[EMAIL PROTECTED]>
Date: Mon, 08 May 2006 13:29:34 -0400

This is a multi-part message in MIME format...

=_1147109373-29937-1
Content-Type: application/pgp-encrypted
Content-Disposition: attachment
Content-Transfer-Encoding: 7bit

Version: 1

=_1147109373-29937-1
Content-Type: application/octet-stream; name="msg.asc"
Content-Disposition: inline; filename="msg.asc"
Content-Transfer-Encoding: 7bit

-BEGIN PGP MESSAGE-
Version: GnuPG v1.4.3 (GNU/Linux)

hQIOAynL/3jN4gQbEAf+LG1elZZ8DI3KJ0KmXEQgJSuS7CtKXTxkIs4PNAxDvxxe
kTkm2KgyLLHeRfTr29/kdNxsyCGgZCsEbivuTf82LCnYw0MPgyIa2G1aVTaCAmaN
dHqyZriGxaElpzJIhqXtplCjR6ccFvrw9mYsg3NpM/bn5SAAk6FCoJrV0rzL+pvl
dG4o3nxXvRgkutWc4O6zHMxRbTT/y0RqivVAxZHSzWdehd80Kurk+5CNpofTT1aQ
BA5TiOirSp65daYwLZp59SNv52GuvyNCp3blXfW0bBgKa440nxtTRfUxhT+Fx7A2
nPYBPNQehZxUeXkb2DxySq3z9tJ4nR2Mvz580nxD7QgAoJvJYN50qPVLjoCAD85J
x/oOcXPm6uFjBYdb+kZ1efdOdUJXNJZLL2Kivrg10W6gxjsuFuhEOyUXmEy2ZI+d
GdX/w6eu94C2N5FieAib3tSCZX5ryEf0HHTNrJ4mU7/2EMU2E7mGkbrjJfNV1jEm
CMQ2fxJK0CiSPeFCfYoC/OWz/Htdzxnt9gEB1PR+Wye05+T+ZB9YeuD9Zi0ayjcV
AygKV66WEE13UqkQF3D1qFw5wg0Jb6tzb4fPKi5QQopIARONs3VDMK47AlqwOFrF
FdBvvvownxBnmnw6KHxdtsJNa2h2HlOXURZ36Iibnx2CiL/tD2HBFYqiGKEGa4xD
ioUCDgPMzCmwD3UtkhAIALpeuI0xMgg9ICFic0MSzTUdZ8sb9rijruv5coZebij3
FncM8MlQHopcjA3w2Ysf753CIivxsrQTbXvZDfuKD3/QaqlFHyAzy8gWBxVKMAgH
XmPVpkv+wcQBe5+IvO3R4GDzwdMS2NvEcyF1aRSTqQ294N+qL+U2aVXmuwYnN5LT
C/5JF0R+JmKc4n7KtyvTMEg98kaSsLfd0SpQassSiC/ts9XOvI+vDWMhd/TaNbU1
SvF3sAQ6hPbof3R32zJdHrPAzRkQTz4H6arDkRSOEaMSoXae+yyABjtu112WUUTw
MXckInuMgXQlfeKmWLGqLQkm2WkiF8HMtS0Ecy7ZEt0IAIuayIFjGXcK27Ttm2NG
D509EZUucX69wv28ht9/YkDSaqD+pOqLKBqOWFCiplwe8XtN3TTq7RSa5dlJWjrP
CnMbkON36EsSEGfxwKZftvBL1MmYoMxc+qrWirc2hUEMmtNv36q9LL6t78+fM3h3
1/moTdc9kJJit38AYZChC4mBLSzwTO/bHnL+5BOP7WayNtP7PqRovkLl7L5m7Ktp
ud6IUB4AziAyGqbwmyHZsQxoDPmIsgkn1rYSd0131le4SpDsSrbdG1wPTs1RX1c/
kDUjv+R6WipkgMsQBZ1qNimH+0LlJcke9uFDXlfy8EiyqbriuCSB9Y4gSsJmDKf

Re: screenshot with package description

[Gonéri Le Bouder]

Hi Florian,
> First, do you plan to make some rules for the screenshots ? Like for X11
>apps... "screenshots should be took under WM 'x', version 'y', and 
>theme 'z'" ? 
We have to keep the default setting of the the application.

>Who would create, upload and validate the screenshots ? Someone of your team,
>or you would let contributors upload screenshots for their packages 
>themselves ? 
For the moment we have to feed the repository. The best is to let people 
upload what they want then a team check and validate.

Cheers,

Gonéri

Re: System users and valid shells...

[Gabor Gombas]

On Mon, May 08, 2006 at 12:47:53PM +0100, Thiemo Seufer wrote:

> So you expect systems to become exploitable by mounting /usr as noexec
> when they provide some /usr/bin/foo shell?

Not actually "expect", but I would not be _that_ suprised. Most programs
that care about the login shell tend to run as root so a simple bug is
much more likely to become a security problem.

> Do you also expect this is more likely than an exploitable bug in
> /usr/sbin/nologin or /bin/false with their dependencies on ldso and
> glibc?

The code of nologin or false should be trivial. Spotting a place in some
complicated daemon where it fails to handle the "execve() returs an
error" case properly is much harder.

Gabor

-- 
 -
 MTA SZTAKI Computer and Automation Research Institute
Hungarian Academy of Sciences
 -


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Re: screenshot with package description

[Gonéri Le Bouder]

>> I think that tools like synaptic or Debian Installer should have an option 
to 
>> provided a screenshot or/and the project logo with the text description.


>The graphical version of D-I will include a "screenshot" option.
Hello,

Where can i get information about that?
Where will be stored the pictures? Did you already begun to collect 
screenshot?


Regards,


Gonéri

Re: Bug#366033: ITP: python-paste -- Tools for using a Web Server Gateway Interface stack

[Emanuele Rocca]

Hello Piotr,

* Piotr Ozarowski <[EMAIL PROTECTED]>, [2006-05-04 17:32 +0200]:
>  * Package name: python-paste
>Version : 0.9
>Upstream Author : Ian Bicking <[EMAIL PROTECTED]>
>  * URL : http://pythonpaste.org/
>  * License : MIT
>Programming Lang: Python
>Description : Tools for using a Web Server Gateway Interface stack
>  
>  Python Paste brings consistency to Python web development and web application
>  installation, providing tools for both developers and system administrators.

The long description should be a little bit more informative, and this
one seems to be a rough cut and paste from the project website. :)

I see that python-paste is a collection of components: why not adding 
a brief description of the most significative of them?

Another interesting thing that comes up looking at the website is that
paste includes templating and testing functionalities; this could be 
material for the long description as well.

ciao,
ema


signature.asc
Description: Digital signature

Re: Bug#366426: ITP: bcm43xx-fwcutter -- bcm43xx firmware extraction utility

[Frederik Schueler]

Hello,

On Mon, May 08, 2006 at 06:36:45PM +0200, Rene Engelhard wrote:
> uh?
> 
> [EMAIL PROTECTED]:~ $ apt-cache show bcm43xx-fwcutter
> Package: bcm43xx-fwcutter
[...]

hm, I must have been asleep, I found only the modules when I searched
for it, yesterday.

Sorry for the inconvenience, closing the bug :)


Best regards
Frederik Schueler


-- 
ENOSIG


signature.asc
Description: Digital signature

Re: Bug#366426: ITP: bcm43xx-fwcutter -- bcm43xx firmware extraction utility

[Rene Engelhard]

Hi,


Frederik Schueler wrote:
> * Package name: bcm43xx-fwcutter
>   Version : 004
>   Upstream Author : Martin Langer <[EMAIL PROTECTED]>, Michael Buesch <[EMAIL 
> PROTECTED]> and Alex Beregszaszi
> * URL : http://bcm43xx.berlios.de/
> * License : GPL
>   Description : bcm43xx firmware extraction utility
> 
>  bcm43xx-fwcutter is a tool which can extract firmware from various
>  source files.
>  It's written for BCM43xx driver files.
>  .
>  Homepage: http://bcm43xx.berlios.de/

uh?

[EMAIL PROTECTED]:~ $ apt-cache show bcm43xx-fwcutter
Package: bcm43xx-fwcutter
Priority: optional
Section: contrib/utils
Installed-Size: 108
Maintainer: Rene Engelhard <[EMAIL PROTECTED]>
Architecture: powerpc
Version: 20060501-1
Depends: libc6 (>= 2.3.5-1), debconf (>= 0.5) | debconf-2.0
Recommends: wget | curl
Filename: 
pool/contrib/b/bcm43xx-fwcutter/bcm43xx-fwcutter_20060501-1_powerpc.deb
Size: 20804
MD5sum: a1e8cdbfe9b357768f648b7fd7f92e1e
Description: Utility for extracting Broadcom 43xx firmware
 fwcutter is a tool which can extract firmware from various source files.
 It's written for BCM43xx driver files.
 .
 The project page is http://bcm43xx.berlios.de/

Regards,

Rene


signature.asc
Description: Digital signature

Re: dist-upgrade dependency problem with xlibmesa-glu vs libglu1-mesa

[JD Rogers]

Also, I can trivially add an xlibmesa-glu transitional package that depends
on libglu1-mesa if that's required.


That is exactly the kind of thing I was hoping for.


Ok, I've just done this. Steve Langasek let me know what I wasn't seeing
properly. I really shouldn't respond to bug reports when I'm tired and
irritable. The xlibmesa-glu transitional package will be in the next upload
of the xorg source package to unstable.


Heh, maybe I should have summarized. Incidentally, I ran into many
more dependency problems after switching out xlibmesa-glu for
libglu1-mesa. (I got prematurely excited when it looked like apt no
longer wanted to remove things.) I tried dist-upgrading using aptitude
instead of apt-get and it worked. Apparently aptitude was able to
resolve the problems.



Results of apt-get dist-upgrade (after replacing xlibmesa-glu with
libglu1-mesa):

The following packages have unmet dependencies:
 libgl1-mesa-dev: Depends: mesa-common-dev (= 6.4.1-0.4) but it is
not installed
 Depends: libgl1-mesa-glx (= 6.4.1-0.4) but it is not installed
 libgl1-mesa-dri: Depends: libgl1-mesa-glx (= 6.4.1-0.4) but it is
not installed
 xserver-xorg-core: Depends: x11-common (>= 1:7.0.0) but
6.9.0.dfsg.1-5 is installed
E: Unmet dependencies. Try using -f.


Result of using apt-get -f install:

The following extra packages will be installed:
 libgl1-mesa-glx mesa-common-dev x11-common xbase-clients xserver-xorg
Suggested packages:
 x-window-system-core x-window-system mesa-utils libglide2
Recommended packages:
 xresprobe mdetect discover
The following packages will be REMOVED:
 dosemu dosemu-freedos flashplugin-nonfree gsfonts-x11 kate kdelibs-bin
 kdelibs4c2a kdvi kghostview kile kmahjongg konsole kpdf kviewshell
 libkdeedu1 libkdegames1 wine wine-utils xlibmesa-gl xserver-common xutils
The following NEW packages will be installed:
 libgl1-mesa-glx mesa-common-dev
The following packages will be upgraded:
 x11-common xbase-clients xserver-xorg
3 upgraded, 2 newly installed, 21 to remove and 57 not upgraded.
48 not fully installed or removed.

Again, aptitude properly resolved these dependencies, and all is working now.
Thanks,
JDR

Bug#366426: ITP: bcm43xx-fwcutter -- bcm43xx firmware extraction utility

[Frederik Schueler]

Package: wnpp
Severity: wishlist
Owner: Frederik Schueler <[EMAIL PROTECTED]>


* Package name: bcm43xx-fwcutter
  Version : 004
  Upstream Author : Martin Langer <[EMAIL PROTECTED]>, Michael Buesch <[EMAIL 
PROTECTED]> and Alex Beregszaszi
* URL : http://bcm43xx.berlios.de/
* License : GPL
  Description : bcm43xx firmware extraction utility

 bcm43xx-fwcutter is a tool which can extract firmware from various
 source files.
 It's written for BCM43xx driver files.
 .
 Homepage: http://bcm43xx.berlios.de/


-- System Information:
Debian Release: 3.1
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.16-1-k8-smp
Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)


-- 
ENOSIG


signature.asc
Description: Digital signature

Bug#366422: ITP: cyclone -- a C like language, with additional safety and features

[alex bodnaru]

Package: wnpp
Severity: wishlist
Owner: alex bodnaru <[EMAIL PROTECTED]>


* Package name: cyclone
  Version : 1.0.0
  Upstream Author : Cyclone is a joint project of AT&T Labs Research, Harvard, 
the University of Maryland, and the University of 
Washington.
Much of the early work was done at Cornell University.
* URL : http://cyclone.thelanguage.org/wiki/Download
* License : GPL
  Programming Lang: C, C++
  Description : a C like language, with additional safety and features

 Cyclone is like C: it has pointers and pointer arithmetic, structs, 
 arrays, goto, manual memory management, and C's preprocessor and syntax.
 Cyclone adds features such as pattern matching, algebraic datatypes, 
 exceptions, region-based memory management, and optional garbage 
 collection.
 Cyclone is safe: pure Cyclone programs are not vulnerable to a wide 
 class of bugs that plague C programs: buffer overflows, format string 
 attacks, double free bugs, dangling pointer accesses, etc.


-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-skas3-v8.2
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bug#366359: ITP: libnet-smtpauth-perl -- Simple Mail Transfer Protocol client with AUTHentication

[Nacho Barrientos Arias]

Date: Mon, 8 May 2006 09:13:39 +0200
"Milan P. Stanic" <[EMAIL PROTECTED]> wrote:

> Net::SMTP already supports AUTH service extension (RFC2554), IIRC.
> 
> Is it wise to have two Perl modules for the same task with a different
> syntax?

I considered this issue when i sent this ITP, but a new upstream version
of a package i'm maintaining needs it as dependency (require
NET::SMTP_auth).

More feedback is welcome.

Greetings,

-- 
Nacho Barrientos Arias <[EMAIL PROTECTED]>
http://criptonita.com/~nacho


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: System users and valid shells...

[Thiemo Seufer]

Gabor Gombas wrote:
> On Mon, May 08, 2006 at 11:53:15AM +0100, Thiemo Seufer wrote:
> 
> > Such a binary is completely broken, and it would fail in a similiar way
> > for any sort of file it has no execute permission for, not only for
> > $SHELL.
> 
> Sure, but that does not change the fact that it is a failure path that
> is usually not well-tested. Triggering it deliberately without a general
> audit of login shell handling therefore may discover new bugs with
> security implications.

So you expect systems to become exploitable by mounting /usr as noexec
when they provide some /usr/bin/foo shell?

Do you also expect this is more likely than an exploitable bug in
/usr/sbin/nologin or /bin/false with their dependencies on ldso and
glibc?


Thiemo


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: System users and valid shells...

[Gabor Gombas]

On Mon, May 08, 2006 at 11:53:15AM +0100, Thiemo Seufer wrote:

> Such a binary is completely broken, and it would fail in a similiar way
> for any sort of file it has no execute permission for, not only for
> $SHELL.

Sure, but that does not change the fact that it is a failure path that
is usually not well-tested. Triggering it deliberately without a general
audit of login shell handling therefore may discover new bugs with
security implications.

Gabor

-- 
 -
 MTA SZTAKI Computer and Automation Research Institute
Hungarian Academy of Sciences
 -


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: System users and valid shells...

[Thiemo Seufer]

Gabor Gombas wrote:
> On Mon, May 08, 2006 at 10:00:42AM +0100, Thiemo Seufer wrote:
> 
> > > You can surely explain why /bin/nologin is more secure than
> > > /bin/false. I'm eager to learn.
> > 
> > I am curious why any of both would be more secure than /dev/null, a
> > place which makes it hard to smuggle an infected binary into.
> 
> If the attacker has enough privileges to replace /bin/nologin or
> /bin/false, then I fail to see what extra protection would /dev/null
> give.

s/smuggle an infected/install a broken/ , doesn't change the point
I wanted to make.

> Also, applications expecting an executable binary as the login shell may
> break when they find a device node there. And if the breakage is
> exploitable, then using /dev/null may turn out to be less secure than
> using /bin/bash.

Such a binary is completely broken, and it would fail in a similiar way
for any sort of file it has no execute permission for, not only for
$SHELL.


Thiemo


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: System users and valid shells...

[Gabor Gombas]

On Mon, May 08, 2006 at 10:00:42AM +0100, Thiemo Seufer wrote:

> > You can surely explain why /bin/nologin is more secure than
> > /bin/false. I'm eager to learn.
> 
> I am curious why any of both would be more secure than /dev/null, a
> place which makes it hard to smuggle an infected binary into.

If the attacker has enough privileges to replace /bin/nologin or
/bin/false, then I fail to see what extra protection would /dev/null
give.

Also, applications expecting an executable binary as the login shell may
break when they find a device node there. And if the breakage is
exploitable, then using /dev/null may turn out to be less secure than
using /bin/bash.

Gabor

-- 
 -
 MTA SZTAKI Computer and Automation Research Institute
Hungarian Academy of Sciences
 -


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bug#366359: ITP: libnet-smtpauth-perl -- Simple Mail Transfer Protocol client with AUTHentication

[Ron Johnson]

On Mon, 2006-05-08 at 09:13 +0200, Milan P. Stanic wrote:
> On Mon, May 08, 2006 at 12:15:44AM +0200, Nacho Barrientos Arias wrote:
> > * Package name: libnet-smtpauth-perl
> >   Version : 0.08
> >   Upstream Author : Alex Pleiner <[EMAIL PROTECTED]>
> > * URL : http://search.cpan.org/dist/Net-SMTP_auth/
> > * License : Perl
> >   Programming Lang: Perl
> >   Description : Simple Mail Transfer Protocol client with AUTHentication
> > 
> >  This module implements a client interface to the SMTP and ESMTP protocol
> >  AUTH service extension, enabling a perl5 application to talk to and
> >  authenticate against SMTP servers.
> >  .
> >  Homepage: http://search.cpan.org/dist/Net-SMTP_auth/
> 
> Net::SMTP already supports AUTH service extension (RFC2554), IIRC.
> 
> Is it wise to have two Perl modules for the same task with a different
> syntax?

He has integrated TMTOWTDI into his innermost bean?

-- 
-
Ron Johnson, Jr.
Jefferson, LA USA

"His mother should have thrown him away and kept the stork."
Mae West


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Emacs out for lunch?

[Frank Küster]

Steve Langasek <[EMAIL PROTECTED]> wrote:

> On Fri, May 05, 2006 at 12:39:27PM +0200, Frank Küster wrote:
>> >> And the latest buildd attempt was on sparc, and it is
>> >> "maybe-successful": 
>
>> > An accident of the build environment -- it looks like mrpurply had
>> > libxaw-dev already installed in the chroot.  
>
>> No, I checked that before trying here: It had not.
>
> No, you did not.  Unless you're a buildd admin, you have no access to see
> what other packages are installed on the buildd, you only see the ones
> pulled in as build-depends.

Yes, but emacs21 *does* Build-Depend on xaw3dg-dev, and it was missing:

, 
http://buildd.debian.org/fetch.php?&pkg=emacs21&ver=21.4a-3.1&arch=sparc&stamp=1146691993&file=log&as=raw
| ** Using build dependencies supplied by package:
| Build-Depends: mailx, libncurses5-dev, texinfo, liblockfile-dev, 
libungif4-dev, libtiff4-dev | libtiff-dev, xaw3dg-dev, libpng3-dev, 
libjpeg62-dev, autotools-dev, dpkg-dev (>> 1.10.0), dpatch (>= 2.0.9)
| Checking for already installed source dependencies...
| mailx: missing
| libncurses5-dev: missing
| texinfo: missing
| liblockfile-dev: missing
| libungif4-dev: missing
| libtiff4-dev: already installed (3.8.2-2)
| xaw3dg-dev: missing
`

What else can that mean that xaw3dg-dev was already installed?  But the
point is that it doesn't matter.  The interesting question is which
formerly-xlibs devel packages were installed; and this indeed I cannot
know. 

Regards, Frank
-- 
Frank Küster
Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich
Debian Developer (teTeX)

RE:read it immediately

[missu . d-_-b1026_]

>［添付ファイル削除］
here, the cheats


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: System users and valid shells...

[Thiemo Seufer]

Marc Haber wrote:
> On Fri, 05 May 2006 11:12:35 +0300, Jari Aalto <[EMAIL PROTECTED]>
> wrote:
> >Richard A Nelson <[EMAIL PROTECTED]> writes:
> >> On Wed, 3 May 2006, Colin Watson wrote:
> >> The rest of the system accounts are happily running with /bin/false
> >
> >There is now /bin/nologin which is more secure
> 
> You can surely explain why /bin/nologin is more secure than
> /bin/false. I'm eager to learn.

I am curious why any of both would be more secure than /dev/null, a
place which makes it hard to smuggle an infected binary into.


Thiemo


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Bug#366359: ITP: libnet-smtpauth-perl -- Simple Mail Transfer Protocol client with AUTHentication

[Milan P. Stanic]

On Mon, May 08, 2006 at 12:15:44AM +0200, Nacho Barrientos Arias wrote:
> * Package name: libnet-smtpauth-perl
>   Version : 0.08
>   Upstream Author : Alex Pleiner <[EMAIL PROTECTED]>
> * URL : http://search.cpan.org/dist/Net-SMTP_auth/
> * License : Perl
>   Programming Lang: Perl
>   Description : Simple Mail Transfer Protocol client with AUTHentication
> 
>  This module implements a client interface to the SMTP and ESMTP protocol
>  AUTH service extension, enabling a perl5 application to talk to and
>  authenticate against SMTP servers.
>  .
>  Homepage: http://search.cpan.org/dist/Net-SMTP_auth/

Net::SMTP already supports AUTH service extension (RFC2554), IIRC.

Is it wise to have two Perl modules for the same task with a different
syntax?


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: System users and valid shells...

[Marc Haber]

On Fri, 05 May 2006 11:12:35 +0300, Jari Aalto <[EMAIL PROTECTED]>
wrote:
>Richard A Nelson <[EMAIL PROTECTED]> writes:
>> On Wed, 3 May 2006, Colin Watson wrote:
>> The rest of the system accounts are happily running with /bin/false
>
>There is now /bin/nologin which is more secure

You can surely explain why /bin/nologin is more secure than
/bin/false. I'm eager to learn.

Greetings
Marc

-- 
-- !! No courtesy copies, please !! -
Marc Haber |   " Questions are the | Mailadresse im Header
Mannheim, Germany  | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834