Bug#695229: [Multiarch-devel] chromium-inspector: should be 'Multi-Arch: foreign' so that chromium:{arch} is installable

2012-12-05 Thread Steve Langasek 
-On Wed, Dec 05, 2012 at 11:26:25PM -0800, Jonathan Nieder wrote:
> Peter Samuelson wrote:
> > [Jonathan Nieder]

> >> (I had always thought that in the multi-arch world "Arch: all" meant
> >> "with the same architecture as its dependencies".)

> > That's what they want you to think!  No, for dependency resolution
> > purposes, arch:all is equivalent to arch:{dpkg's primary arch}.  There
> > are arcane reasons for this, which I only half-understand so I can't
> > easily explain.  The short version:

> > https://wiki.ubuntu.com/MultiarchSpec#Dependencies_involving_Architecture:_all_packages

> Thanks for the pointer.  Yuck.

> Multiarch folks: would it make sense to tweak the spec to require
> behavior matching the rationale

>   "architecture-dependent packages may depend on Architecture:
>all packages and assume that the transitive dependencies will
>be resolved using packages of the same architecture or other
>packages that are Architecture: all"

> so that dpkg, apt, and aptitude can agree on what to do here?

No, because there's no practical way to enforce such a rule.  apt and
aptitude have enough information to enforce it, but there are no provisions
in dpkg for recursive analysis at dependency resolution time.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developerhttp://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: Digital signature

Bug#695229: chromium-inspector: should be 'Multi-Arch: foreign' so that chromium:{arch} is installable

2012-12-05 Thread Jonathan Nieder 
Daniel Hartwig wrote:
> On 6 December 2012 15:26, Jonathan Nieder  wrote:

>> so that dpkg, apt, and aptitude can agree on what to do here?
>
> Do they currently disagree?

No, I was just confused.  Contrary to my expectation, dpkg follows the
spec.

In my mental model, there is no such thing as "the native
architecture" except when building source packages.  Looks like I need
a new mental model. ;-)  Sorry for the nonsense.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695252: xchat-gnome: /me messages not displayed

2012-12-05 Thread Dmitry Shachnev 
Package: xchat-gnome
Version: 1:0.30.0~git20110821.e2a400-0.2+b2
Severity: normal

Dear maintainer,

When someone says "/me is doing something", my xchat-gnome only displays

   * someone

and not

   * someone is doing something

The only exception is when the message includes my nick, then I can see the
message.

Initially I thought that the text is not displayed because it is
white-on-white, but when I copy the message and then paste it,
I still don't see the text.

--
Dmitry Shachnev

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (700, 'unstable'), (500, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/4 CPU cores)
Locale: LANG=ru_RU.utf8, LC_CTYPE=ru_RU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages xchat-gnome depends on:
ii  libatk1.0-0 2.6.0-1
ii  libc6   2.13-37
ii  libcairo2   1.12.2-2
ii  libcanberra-gtk00.28-6
ii  libcanberra00.28-6
ii  libdbus-1-3 1.6.8-1
ii  libdbus-glib-1-20.100-1
ii  libfontconfig1  2.9.0-7
ii  libfreetype62.4.9-1
ii  libgconf2-4 3.2.5-1+build1
ii  libgdk-pixbuf2.0-0  2.26.1-1
ii  libglib2.0-02.34.3-1
ii  libgtk2.0-0 2.24.13-1
ii  libice6 2:1.0.8-2
ii  libnotify4  0.7.5-1
ii  libpango1.0-0   1.30.0-1
ii  libperl5.14 5.14.2-15
ii  libpython2.72.7.3-5
ii  libsexy20.1.11-2+b1
ii  libsm6  2:1.2.1-2
ii  libssl1.0.0 1.0.1c-4
ii  libx11-62:1.5.0-1
ii  tcl8.4  8.4.19-5
ii  xchat-gnome-common  1:0.30.0~git20110821.e2a400-0.2

xchat-gnome recommends no packages.

xchat-gnome suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695251: tomcat7: CVE-2012-4431 CVE-2012-4534 CVE-2012-3546

2012-12-05 Thread Moritz Muehlenhoff 
Package: tomcat7
Severity: grave
Tags: security
Justification: user security hole

New security issues in Tomcat have been disclosed:
http://tomcat.apache.org/security-7.html

The page contains links to upstream fixes.

Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695250: tomcat6: CVE-2012-4534 CVE-2012-4431 CVE-2012-3546

2012-12-05 Thread Moritz Muehlenhoff 
Package: tomcat6
Severity: grave
Tags: security
Justification: user security hole

More Tomcat security issues have been disclosed:
http://tomcat.apache.org/security-6.html

The page contains links to the upstream fixes.

BTW, is there a specific reason why both tomcat6 and tomcat7 are present in 
Wheezy?
This will duplicate all efforts for security updates in Wheezy.

Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695249: unblock: proofgeneral/4.2~pre120605-2

2012-12-05 Thread Hendrik Tews 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package proofgeneral

the new version fixes RC bug #694285 and corrects some wrong
information in README.Debian.

 debdiff ===
diff -Nru proofgeneral-4.2~pre120605/debian/changelog 
proofgeneral-4.2~pre120605/debian/changelog
--- proofgeneral-4.2~pre120605/debian/changelog 2012-06-06 23:17:53.0 
+0200
+++ proofgeneral-4.2~pre120605/debian/changelog 2012-12-04 14:51:47.0 
+0100
@@ -1,3 +1,10 @@
+proofgeneral (4.2~pre120605-2) unstable; urgency=low
+
+  * add Breaks and Replaces dependencies for proofgeneral-doc (Closes: #694285)
+  * delete wrong info in README.Debian
+
+ -- Hendrik Tews   Tue, 04 Dec 2012 14:50:27 +0100
+
 proofgeneral (4.2~pre120605-1) unstable; urgency=low
 
   * New upstream release (Closes: #669318)
diff -Nru proofgeneral-4.2~pre120605/debian/control 
proofgeneral-4.2~pre120605/debian/control
--- proofgeneral-4.2~pre120605/debian/control   2012-06-05 23:53:53.0 
+0200
+++ proofgeneral-4.2~pre120605/debian/control   2012-12-04 12:43:31.0 
+0100
@@ -25,6 +25,8 @@
 Section: doc
 Architecture: all
 Depends: ${misc:Depends}
+Breaks: proofgeneral (<< 4)
+Replaces: proofgeneral (<< 4)
 Recommends: info-browser | pdf-viewer | www-browser
 Suggests: proofgeneral
 Description: generic frontend for proof assistants - documentation
diff -Nru proofgeneral-4.2~pre120605/debian/README.Debian 
proofgeneral-4.2~pre120605/debian/README.Debian
--- proofgeneral-4.2~pre120605/debian/README.Debian 2012-06-06 
13:46:58.0 +0200
+++ proofgeneral-4.2~pre120605/debian/README.Debian 2012-12-04 
14:44:47.0 +0100
@@ -19,27 +19,11 @@
 in the Debian package, please file a bug report against proofgeneral.
 
 
-This Debian package of Proof General does not work with a manual
-installation of Coq. The reason is that Coq installs a file coq.el
-which is loaded when Proof General attempts to load its version of
-coq.el. There are two possible fixes:
-
-1) delete at least coq.el, coq-db.el and coq-syntax.el from the Coq
-   installation, or
-
-2) put 
-
- (add-to-list 'load-path "/usr/share/emacs23/site-lisp/proofgeneral/coq/")
-
-   in your .emacs file.
-
-
 This version of ProofGeneral contains support for Prooftree. However,
 because neither Coq >= 8.4beta nor Prooftree are in this version of
 Debian, Prooftree support is statically disabled. You can try to use
 Prooftree with this version of ProofGeneral. To do so
 - manually install Coq >= 8.4beta
-- apply one of the fixes from the preceding paragraph
 - manually install Prooftree (see http://askra.de/software/prooftree/)
 - restart ProofGeneral
 
@@ -53,4 +37,4 @@
 General website (or by downloading the sources).
 
 
- -- Hendrik Tews , Wed,  6 Jun 2012 13:46:26 +0200
+ -- Hendrik Tews , Tue,  4 Dec 2012 14:44:47 +0100
 end debdiff ===

unblock proofgeneral/4.2~pre120605-2

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695229: [Multiarch-devel] chromium-inspector: should be 'Multi-Arch: foreign' so that chromium:{arch} is installable

2012-12-05 Thread Daniel Hartwig 
On 6 December 2012 15:26, Jonathan Nieder  wrote:
> so that dpkg, apt, and aptitude can agree on what to do here?

Do they currently disagree?


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695248: mesa: CVE-2012-5129

2012-12-05 Thread Moritz Muehlenhoff 
Package: mesa
Severity: grave
Tags: security
Justification: user security hole

This issue affects mesa:
http://googlechromereleases.blogspot.de/2012/11/stable-update-for-chrome-os_30.html

Proposed patch:
http://www.mail-archive.com/mesa-dev@lists.freedesktop.org/msg29015.html

I don't see the vulnerable code in Squeeze, so I marked it not-affected in the
Security Tracker.

Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695229: chromium-inspector: should be 'Multi-Arch: foreign' so that chromium:{arch} is installable

2012-12-05 Thread Jonathan Nieder 
Peter Samuelson wrote:
> [Jonathan Nieder]

>> (I had always thought that in the multi-arch world "Arch: all" meant
>> "with the same architecture as its dependencies".)
>
> That's what they want you to think!  No, for dependency resolution
> purposes, arch:all is equivalent to arch:{dpkg's primary arch}.  There
> are arcane reasons for this, which I only half-understand so I can't
> easily explain.  The short version:
>
> https://wiki.ubuntu.com/MultiarchSpec#Dependencies_involving_Architecture:_all_packages

Thanks for the pointer.  Yuck.

Multiarch folks: would it make sense to tweak the spec to require
behavior matching the rationale

"architecture-dependent packages may depend on Architecture:
 all packages and assume that the transitive dependencies will
 be resolved using packages of the same architecture or other
 packages that are Architecture: all"

so that dpkg, apt, and aptitude can agree on what to do here?

Confused,
Jonathan


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695229: chromium-inspector: should be 'Multi-Arch: foreign' so that chromium:{arch} is installable

2012-12-05 Thread Peter Samuelson 

[Jonathan Nieder]
> Are you sure?  Could you send output from trying to install it?

I used interactive aptitude and it can't install chromium:i386 because
it can't find a candidate for the chromium-inspector dependency.

> (I had always thought that in the multi-arch world "Arch: all" meant
> "with the same architecture as its dependencies".)

That's what they want you to think!  No, for dependency resolution
purposes, arch:all is equivalent to arch:{dpkg's primary arch}.  There
are arcane reasons for this, which I only half-understand so I can't
easily explain.  The short version:

https://wiki.ubuntu.com/MultiarchSpec#Dependencies_involving_Architecture:_all_packages

The workaround is, for an arch:all package that really should be
Multi-Arch: foreign, to explicitly state that it is Multi-Arch:
foreign.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#692442: Patches for CVE-2012-5783 and CVE-2012-5784

2012-12-05 Thread Andreas Tille 
Hi,

thanks for the additional information.  Please note that I uploaded the
NMUed packages yesterday.  In case the "just one small issue" mentioned
by David below is serious above please reopen the bug report to prevent
migration to testing (I also filed unblock request bugs).

Kind regards

   Andreas.

On Thu, Dec 06, 2012 at 01:58:11PM +1000, David Jorm wrote:
> Hi All
> 
> The upstream patch for CVE-2012-5783 referred to in Red Hat bugzilla:
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=873317#c3
> 
> Is the 4.x patch. As you've noted, there is no 3.x patch available
> and upstream won't provide one because it is EOL. I think Alberto's
> patch looks sane (from a brief check) with just one small issue. In
> this section:
> 
> +private static String getCN(X509Certificate cert) {
> +  // Note:  toString() seems to do a better job than getName()
> +  //
> +  // For example, getName() gives me this:
> +  // 
> 1.2.840.113549.1.9.1=#16166a756c6975736461766965734063756362632e636f6d
> +  //
> +  // whereas toString() gives me this:
> +  // EMAILADDRESS=juliusdav...@cucbc.com
> +String subjectPrincipal =
> cert.getSubjectX500Principal().toString();
> +int x = subjectPrincipal.indexOf("CN=");
> +if (x >= 0) {
> +int y = subjectPrincipal.indexOf(',', x);
> +// If there are no more commas, then CN= is the last entry.
> +y = (y >= 0) ? y : subjectPrincipal.length();
> +return subjectPrincipal.substring(x + 3, y);
> +} else {
> +return null;
> +}
> +}
> 
> If the subject DN includes something like "OU=CN=www.example.com",
> this function will treat it as a CN field. An attacker could use
> this to spoof a valid certificate and perform a man-in-the-middle
> attack. An attacker could get a trusted CA to issue them a
> certificate for CN=www.ownedbyattacker.com but then include in the
> CSR OU=CN=www.victim.com or include a subject DN element
> emailAddress="CN=www.victim.com,@ownedbyattacker.com". The attacker
> could then use this certificate to perform a MITM attack against
> victim.com.
> 
> This would of course rely on the CA allowing such a certificate to
> be issued, but I think it is highly likely an attacker could find a
> widely trusted CA that allowed this, while they couldn't get a
> trusted CA to issue them a certificate for CN=www.victim.com. I have
> already brought this flaw in the initial 4.x patch to the attention
> of upstream, and they have addressed it via the following commit:
> 
> http://svn.apache.org/viewvc?view=revision&revision=1411705
> 
> In my view the ideal solution would be to resolve the issue I noted
> above, and then have upstream commit the patch even if there is no
> further 3.x release, so at least all distributions can consume the
> patch from the upstream tree.
> 
> Regarding CVE-2012-5784, I need some more time to review the patch
> attached to AXIS-2883. Please stay tuned for more details.
> 
> Thanks again to Alberto for providing these patches!
> --
> David Jorm / Red Hat Security Response Team
> 

-- 
http://fam-tille.de


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#661545: Patch for 661545

2012-12-05 Thread Salvatore Bonaccorso 
Control: tags -1 - patch

Hi Brian

On Thu, Dec 06, 2012 at 01:46:18AM +, brian m. carlson wrote:
> tags 661545 + patch
> kthxbye
> 
> A patch is included to fix the format string issue, minor as it might
> be.
> 
> -- 
> brian m. carlson / brian with sandals: Houston, Texas, US
> +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
> OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187

> diff -urN libproc-processtable-perl-0.45.orig/ProcessTable.xs 
> libproc-processtable-perl-0.45/ProcessTable.xs
> --- libproc-processtable-perl-0.45.orig/ProcessTable.xs   2012-12-06 
> 01:37:15.548659798 +
> +++ libproc-processtable-perl-0.45/ProcessTable.xs2012-12-06 
> 01:38:30.960137369 +
> @@ -388,5 +388,5 @@
>   char* error;
>  
>   if( (error = OS_initialize()) != NULL ){
> -   croak(error);
> +   croak("%s", error);
>   }

Thanks for you patch and looking at #661545. AFAICS there is still
more work needed to make the package build with hardening flags
enabled:

cut-cut-cut-cut-cut-cut-
make[1]: Entering directory `/tmp/buildd/libproc-processtable-perl-0.46'
cp ProcessTable.pm blib/lib/Proc/ProcessTable.pm
cp Killall.pm blib/lib/Proc/Killall.pm
cp example.pl blib/lib/Proc/example.pl
cp Killfam.pm blib/lib/Proc/Killfam.pm
make[2]: Entering directory `/tmp/buildd/libproc-processtable-perl-0.46/Process'
cp Process.pm ../blib/lib/Proc/ProcessTable/Process.pm
AutoSplitting ../blib/lib/Proc/ProcessTable/Process.pm 
(../blib/lib/auto/Proc/ProcessTable/Process)
Manifying ../blib/man3/Proc::ProcessTable::Process.3pm
make[2]: Leaving directory `/tmp/buildd/libproc-processtable-perl-0.46/Process'
/usr/bin/perl /usr/share/perl/5.14/ExtUtils/xsubpp  -typemap 
/usr/share/perl/5.14/ExtUtils/typemap  ProcessTable.xs > ProcessTable.xsc && mv 
ProcessTable.xsc ProcessTable.c
cc -c   -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fstack-protector 
-fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE 
-D_FILE_OFFSET_BITS=64 -g -O2 -fstack-protector --param=ssp-buffer-size=4 
-Wformat -Werror=format-security -D_FORTIFY_SOURCE=2   -DVERSION=\"0.46\" 
-DXS_VERSION=\"0.46\" -fPIC "-I/usr/lib/perl/5.14/CORE"   ProcessTable.c
cc -c   -D_REENTRANT -D_GNU_SOURCE -DDEBIAN -fstack-protector 
-fno-strict-aliasing -pipe -I/usr/local/include -D_LARGEFILE_SOURCE 
-D_FILE_OFFSET_BITS=64 -g -O2 -fstack-protector --param=ssp-buffer-size=4 
-Wformat -Werror=format-security -D_FORTIFY_SOURCE=2   -DVERSION=\"0.46\" 
-DXS_VERSION=\"0.46\" -fPIC "-I/usr/lib/perl/5.14/CORE"   OS.c
OS.c: In function 'eval_link':
OS.c:400:5: error: format not a string literal and no format arguments 
[-Werror=format-security]
OS.c: In function 'OS_get_table':
OS.c:633:9: error: format not a string literal and no format arguments 
[-Werror=format-security]
OS.c:703:9: warning: passing argument 2 of 'bless_into_proc' from incompatible 
pointer type [enabled by default]
In file included from OS.c:21:0:
os/Linux.h:4:6: note: expected 'char **' but argument is of type 'const char * 
const*'
cc1: some warnings being treated as errors
make[1]: *** [OS.o] Error 1
make[1]: Leaving directory `/tmp/buildd/libproc-processtable-perl-0.46'
dh_auto_build: make -j1 returned exit code 2
make: *** [build] Error 2
cut-cut-cut-cut-cut-cut-

Regards,
Salvatore


signature.asc
Description: Digital signature

Bug#606821: mksh: bash-style process substitution

2012-12-05 Thread Jonathan Nieder 
Thorsten Glaser wrote:

> Hi,
>
> do these have to be pipes? That got me wondering.

Yes, for most use cases I have run into they do need to be pipes and
not tempfiles.  I do think =(...) is neat, too, but it is a distinct
feature.

Thanks,
Jonathan


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#690848: general protection fault in a ttyACM0 access

2012-12-05 Thread Jonathan Nieder 
Albert van der Horst wrote:
> Jonathan Nieder schreef:

>> Do you mind if I forward your message to the bug log? Do you
>> have "dmesg" output from that experiment (since it should include a
>> fuller trace)?
>
> You can do whatever is necessary wih the information I provided.

Thanks much.

> I don't have a dmesg, as the system has rebooted in between.
> (For the moment, I have a similar problem with windows xt, but on
> linux I have a workaround.)

If you have time to sift through log files, it might be possible to
find a log of the corresponding boot somewhere in /var/log/dmesg* or
/var/log/syslog*.

Good night,
Jonathan


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#690848: [Albert van der Horst: Re: general protection fault in a ttyACM0 access]

2012-12-05 Thread Jonathan Nieder 
Forwarding with permission.
--- Begin Message ---
> severity 690848 important
> # guessing
> found 690848 linux-2.6/2.6.32-46
> quit
>
> Hi Albert,
>
> Albert van der Horst wrote:
>
>> A Texas Instruments Launcpad is connected as the sole
>> USB device, resulting in device /dev/ttyACM0 showing up.
>> No TI drivers were installed, or any specific usb-drivers.
>>
>> A simple program in Forth does some direct read and write on ttyACM0,
>> while the device is responding. It functions properly, except for
>> situation where an output stream of the device is interrupted from the
>> terminal.
> [...]
>>  kernel:[15594.923330] general protection fault:  [#1] SMP
> [...]
>>  kernel:[15594.923490] Code: 85 c0 75 15 65 48 8b 04 25 c8 cb 00 00 48
>> 2d d8 1f 00 00 48
>> 89 43 18 31 c0 5b c3 53 48 89 fb 48 83 ec 10 e8 31 f8 ff ff 48 89 df
>>  ff 0f 79 05 e8
>> 48 ff ff ff 65 48 8b 04 25 c8 cb 00 00 48 2d
>
> Thanks for reporting it.  Is this reproducible?  If so, please attach
> full "dmesg" output from booting and reproducing the bug, since that
> should give us a fuller trace.

I have experienced it one more time, running an old version of my program.
[If I run a now debugged  and functional version, things run smoothly.]
I will expend effort to try to make a reproducable report, maybe including a
copy of the program. This may take a while, however.

Please note that this program exercises the USB driver using system calls
from a statically linked binary, and the device may send while it is being
read from. This may provide a clue.

>
> Does a 3.2.y or newer kernel from wheezy, sid, or squeeze-backports
> reproduce the same behavior?  The only packages from outside squeeze
> that would be needed for this test are the kernel image itself,
> linux-base, and initramfs-tools.

This is a bit over my head. Could you identify an Ubuntu version where you
would have like it have tested? I can probably accomodate that.
I use Debian stable for serious work. But I have a recent Ubuntu system for
You Tube nonsense and experimenting.

>
> Sorry for the slow reply and hope that helps,

You're welcome.

> Jonathan
>


--- End Message ---

Bug#695229: chromium-inspector: should be 'Multi-Arch: foreign' so that chromium:{arch} is installable

2012-12-05 Thread Jonathan Nieder 
Hi,

Peter Samuelson wrote:

> In order to install chromium:i386 on my amd64 system, its dependency,
> chromium-inspector, would need to be "Multi-Arch: foreign".  This is
> because it is "Architecture: all", which in a multi-arch context is
> calculated as "Architecture: {primary installed arch}".

Are you sure?  Could you send output from trying to install it?

(I had always thought that in the multi-arch world "Arch: all" meant
"with the same architecture as its dependencies".)

Thanks and hope that helps,
Jonathan


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#677504: lintian fixes

2012-12-05 Thread Sergey B Kirpichev 
> Sergey, care to submit it to Neil as
> appropriate, or should I do that myself?

man fixes in upstream repo: dae45415a9691a6a7db6e9dc073ee48dcacb3ae5

Probably, you can close bugreport?


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695132:

2012-12-05 Thread Mamoru Tasaka 
Hi, Martin:

You mean that "xscreensaver displays only some part of a image to the full 
screen", right?
(or, only some part of the screen is covered by glslideshow saver and some part 
of screen
is uncovered?)

In either case, would you show which size of image (picture) you try to use for 
glslideshow (and
xscreensaver-getimage)? The expected behavior is (perhaps) that if the 
proportion of
height to width differs between the image and the window, glslideshow cuts the 
image to make
proportion fit to the screen and expand it to the whole screen (I don't think 
that changing the proportion
to show full image is what people expect).

Regards,
Mamoru


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695213: Typos in package description

2012-12-05 Thread Christian PERRIER 
Quoting Justin B Rye (j...@edlug.org.uk):

> >   The vlc package provides all multimedia codecs required by freetuxtv.
> 
> Yes, that's got a few non-nativisms.

:-)

Are you saying you can hear the French accent by just reading this
package's description? :-)

VLC has a longstanding history of baguette/camembert-style tradition
so we might want to keep a small touch of "Oh la la" in the
package..:-)

(only small pun to package maintainers and VLC developers from someone
with a very longstanding history of non-nativisms:-))



signature.asc
Description: Digital signature

Bug#695247: New upstream release

2012-12-05 Thread Matt Kraai 
Package: unar
Version: 1.2-2
Severity: wishlist

unar 1.4 appears to have been released on November 16th, 2012.

-- 
Matt


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#694624: freezes under lying (root) - patch

2012-12-05 Thread Pat Emblen 
A patch for the man page is (hopefully) attached. I'll warn you that 
this is the first time I've edited a man page or generated a patch, so 
it could be wrong / incomplete.
By the way, I think you may have misinterpreted my tone in previous 
comments, I was trying to make a strong case for the program working in 
the way I expected it to from reading the man page, not trying to tell 
you how it should work in general. Having said that I still personally 
consider a 'safety catch' on the root filesystem would be a good idea.

Thanks,
Pat

Description: Updates to the man page to more accurately describe the
 behaviour of the program.
Forwarded: not-needed
Bug-Debian: http://bugs.debian.org/694624
Author: Patrick Emblen 
--- a/man/man8/xfs_freeze.8
+++ b/man/man8/xfs_freeze.8
@@ -1,16 +1,17 @@
 .TH xfs_freeze 8
 .SH NAME
-xfs_freeze \- suspend access to an XFS filesystem
+xfs_freeze \- suspend access to a freezable filesystem
 .SH SYNOPSIS
 .B xfs_freeze \-f
 |
 .B \-u
-.I mount-point
-.fi
-.SH DESCRIPTION
-.B xfs_freeze
-suspends and resumes access to an XFS filesystem (see
-.BR xfs (5)).
+.I path.fi
+.SH DESCRIPTION.B xfs_freezesuspends and resumes access to compatible filesystems.
+The command was originaly specific to the XFS filesystem (see
+.BR xfs (5))but since Linux kernel version 2.6.29, the interface which
+XFS uses to freeze and unfreeze has been elevated to the VFS, so that
+this tool can now be used on many other Linux filesystems.
+The root filesystem is not treated in any special way and may also be frozen.
 .PP
 .B xfs_freeze
 halts new access to the filesystem and creates a stable image on disk.
@@ -19,15 +20,14 @@
 that support the creation of snapshots.
 .PP
 The
-.I mount-point
-argument is the pathname of the directory where the filesystem
-is mounted.
-The filesystem must be mounted to be frozen (see
-.BR mount (8)).
+.I path
+argument is the path to any directory within the mounted filesystem up to and including
+the
+.I mount-point.
 .PP
 The
 .B \-f
-flag requests the specified XFS filesystem to be
+flag requests the specified filesystem to be
 frozen from new modifications.
 When this is selected, all ongoing transactions in the filesystem
 are allowed to complete, new write system calls are halted, other
@@ -55,16 +55,23 @@
 must be supplied to
 .BR xfs_freeze .
 .SH NOTES
-A copy of a frozen XFS filesystem will usually have the same universally
+.BR xfs_freeze
+treats the root filesystem the same as any other filesystem.
+Take great care to verify that the path you specify contains the filesystem
+you intend to freeze and is not for example, an empty mount-point.
+If you inadvertently freeze the root filesystem you should immediately
+unfreeze it with the
+.B \-u
+option. If you attempt any action that tries to write to the frozen filesystem
+your shell can be blocked waiting for the write and in most cases you will
+not be able to open another shell to run the unfreeze command.
+.PP
+A copy of a frozen filesystem will usually have the same universally
 unique identifier (UUID) as the original, and thus may be prevented from
 being mounted.
-The XFS
+For XFS filesystems, the
 .B nouuid
 mount option can be used to circumvent this issue.
-.PP
-In Linux kernel version 2.6.29, the interface which XFS uses to freeze
-and unfreeze was elevated to the VFS, so that this tool can now be
-used on many other Linux filesystems.
 .SH SEE ALSO
 .BR xfs (5),
 .BR lvm (8),

Bug#656301: Bug#695191: RFS: xarchiver/1:0.5.2+20090319+dfsg-4.1 [RC] [NMU]

2012-12-05 Thread Kartik Mistry 
On Thu, Dec 6, 2012 at 12:08 AM, Markus Koschany  wrote:
> I think fixing the two minor bugs is covered by point 4 of the freeze
> policy. It's a win-win situation and it comes without altering one
> single line of code.
>
> http://release.debian.org/wheezy/freeze_policy.html

.. and upload queue has been paused due to other reason.

See: 
https://lists.debian.org/debian-infrastructure-announce/2012/12/msg0.html

-- 
Kartik Mistry | IRC: kart_
{0x1f1f, kartikm}.wordpress.com


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#692442: Patches for CVE-2012-5783 and CVE-2012-5784

2012-12-05 Thread David Jorm 

Hi All

The upstream patch for CVE-2012-5783 referred to in Red Hat bugzilla:

https://bugzilla.redhat.com/show_bug.cgi?id=873317#c3

Is the 4.x patch. As you've noted, there is no 3.x patch available and 
upstream won't provide one because it is EOL. I think Alberto's patch 
looks sane (from a brief check) with just one small issue. In this section:


+private static String getCN(X509Certificate cert) {
+  // Note:  toString() seems to do a better job than getName()
+  //
+  // For example, getName() gives me this:
+  // 
1.2.840.113549.1.9.1=#16166a756c6975736461766965734063756362632e636f6d

+  //
+  // whereas toString() gives me this:
+  // EMAILADDRESS=juliusdav...@cucbc.com
+String subjectPrincipal = 
cert.getSubjectX500Principal().toString();

+int x = subjectPrincipal.indexOf("CN=");
+if (x >= 0) {
+int y = subjectPrincipal.indexOf(',', x);
+// If there are no more commas, then CN= is the last entry.
+y = (y >= 0) ? y : subjectPrincipal.length();
+return subjectPrincipal.substring(x + 3, y);
+} else {
+return null;
+}
+}

If the subject DN includes something like "OU=CN=www.example.com", this 
function will treat it as a CN field. An attacker could use this to 
spoof a valid certificate and perform a man-in-the-middle attack. An 
attacker could get a trusted CA to issue them a certificate for 
CN=www.ownedbyattacker.com but then include in the CSR 
OU=CN=www.victim.com or include a subject DN element 
emailAddress="CN=www.victim.com,@ownedbyattacker.com". The attacker 
could then use this certificate to perform a MITM attack against victim.com.


This would of course rely on the CA allowing such a certificate to be 
issued, but I think it is highly likely an attacker could find a widely 
trusted CA that allowed this, while they couldn't get a trusted CA to 
issue them a certificate for CN=www.victim.com. I have already brought 
this flaw in the initial 4.x patch to the attention of upstream, and 
they have addressed it via the following commit:


http://svn.apache.org/viewvc?view=revision&revision=1411705

In my view the ideal solution would be to resolve the issue I noted 
above, and then have upstream commit the patch even if there is no 
further 3.x release, so at least all distributions can consume the patch 
from the upstream tree.


Regarding CVE-2012-5784, I need some more time to review the patch 
attached to AXIS-2883. Please stay tuned for more details.


Thanks again to Alberto for providing these patches!
--
David Jorm / Red Hat Security Response Team


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695246: grub-efi-amd64 has no linux16, fails to boot memtest86+ (multiboot also fails)

2012-12-05 Thread Daniel Kahn Gillmor 
Package: grub-efi-amd64
Version: 2.00-7
Severity: normal

I've installed grub-efi-amd64 2.00-7 and memtest86+ 4.20-1.1 on this
Thinkpad x220.  However, the memtest86+ boot options don't work:

 * the normal memtest86+ stanza complains that there is no linux16
   command.

 * the "experimental multiboot" memtest86+ stanza turns the screen
   black, and then reboots; no memory is tested.

any suggestions about how i can run memtest86+ on this platform from
grub-efi?  Any more information i can provide to help debug?

   --dkg


-- Package-specific info:

*** BEGIN /proc/mounts
/dev/mapper/vg_alice0-root / ext4 
rw,relatime,errors=remount-ro,user_xattr,barrier=1,data=ordered 0 0
/dev/mapper/vg_alice0-home /home ext4 
rw,relatime,user_xattr,barrier=1,data=ordered 0 0
/dev/mapper/vg_alice0-var /var ext4 
rw,relatime,user_xattr,barrier=1,data=ordered 0 0
/dev/sda2 /boot ext4 rw,relatime,user_xattr,barrier=1,data=ordered 0 0
/dev/sda1 /boot/efi vfat 
rw,nosuid,nodev,noexec,relatime,fmask=0022,dmask=0022,codepage=cp437,iocharset=utf8,shortname=mixed,errors=remount-ro
 0 0
*** END /proc/mounts

*** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
  load_env
fi
set default="0"

if [ x"${feature_menuentry_id}" = xy ]; then
  menuentry_id_option="--id"
else
  menuentry_id_option=""
fi

export menuentry_id_option

if [ "${prev_saved_entry}" ]; then
  set saved_entry="${prev_saved_entry}"
  save_env saved_entry
  set prev_saved_entry=
  save_env prev_saved_entry
  set boot_once=true
fi

function savedefault {
  if [ -z "${boot_once}" ]; then
saved_entry="${chosen}"
save_env saved_entry
  fi
}

function load_video {
  if [ x$feature_all_video_module = xy ]; then
insmod all_video
  else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
  fi
}

if loadfont unicode ; then
  set gfxmode=1024x768
  load_video
  insmod gfxterm
  set locale_dir=$prefix/locale
  set lang=en_US
  insmod gettext
fi
terminal_output gfxterm
set timeout=5
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/05_debian_theme ###
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 
--hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2  
c4425021-9542-4ff6-888c-548c08b4a69c
else
  search --no-floppy --fs-uuid --set=root c4425021-9542-4ff6-888c-548c08b4a69c
fi
insmod png
if background_image /grub/.background_cache.png; then
  set color_normal=white/black
  set color_highlight=black/white
else
  set menu_color_normal=cyan/blue
  set menu_color_highlight=white/blue
fi
### END /etc/grub.d/05_debian_theme ###

### BEGIN /etc/grub.d/10_linux ###
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu 
--class os $menuentry_id_option 
'gnulinux-simple-5b7c89b1-cf26-4427-b8a9-8c74e4897111' {
load_video
set gfxpayload=keep
insmod gzio
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 
--hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2  
c4425021-9542-4ff6-888c-548c08b4a69c
else
  search --no-floppy --fs-uuid --set=root 
c4425021-9542-4ff6-888c-548c08b4a69c
fi
echo'Loading Linux 3.2.0-4-amd64 ...'
linux   /vmlinuz-3.2.0-4-amd64 root=/dev/mapper/vg_alice0-root ro  quiet
echo'Loading initial ramdisk ...'
initrd  /initrd.img-3.2.0-4-amd64
}
submenu 'Advanced options for Debian GNU/Linux' $menuentry_id_option 
'gnulinux-advanced-5b7c89b1-cf26-4427-b8a9-8c74e4897111' {
menuentry 'Debian GNU/Linux, with Linux 3.2.0-4-amd64' --class debian 
--class gnu-linux --class gnu --class os $menuentry_id_option 
'gnulinux-3.2.0-4-amd64-advanced-5b7c89b1-cf26-4427-b8a9-8c74e4897111' {
load_video
set gfxpayload=keep
insmod gzio
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 
--hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2  
c4425021-9542-4ff6-888c-548c08b4a69c
else
  search --no-floppy --fs-uuid --set=root 
c4425021-9542-4ff6-888c-548c08b4a69c
fi
echo'Loading Linux 3.2.0-4-amd64 ...'
linux   /vmlinuz-3.2.0-4-amd64 root=/dev/mapper/vg_alice0-root 
ro  quiet
echo'Loading initial ramdisk ...'
initrd  /initrd.img-3.2.0-4-am

Bug#695245: grub-efi-amd64 does not detect control key presses

2012-12-05 Thread Daniel Kahn Gillmor 
Package: grub-efi-amd64
Version: 2.00-7
Severity: normal

Using grub-efi-amd64 on this thinkpad x200, i cannot get it to
recognize the control key.  This makes editing more difficult than it
needs to be, and it means that the instructions like "ctrl-x to boot"
are impossible to carry out.

--dkg

-- Package-specific info:

*** BEGIN /proc/mounts
/dev/mapper/vg_alice0-root / ext4 
rw,relatime,errors=remount-ro,user_xattr,barrier=1,data=ordered 0 0
/dev/mapper/vg_alice0-var /var ext4 
rw,relatime,user_xattr,barrier=1,data=ordered 0 0
/dev/mapper/vg_alice0-home /home ext4 
rw,relatime,user_xattr,barrier=1,data=ordered 0 0
/dev/sda2 /boot ext4 rw,relatime,user_xattr,barrier=1,data=ordered 0 0
/dev/sda1 /boot/efi vfat 
rw,nosuid,nodev,noexec,relatime,fmask=0022,dmask=0022,codepage=cp437,iocharset=utf8,shortname=mixed,errors=remount-ro
 0 0
*** END /proc/mounts

*** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
  load_env
fi
set default="0"

if [ x"${feature_menuentry_id}" = xy ]; then
  menuentry_id_option="--id"
else
  menuentry_id_option=""
fi

export menuentry_id_option

if [ "${prev_saved_entry}" ]; then
  set saved_entry="${prev_saved_entry}"
  save_env saved_entry
  set prev_saved_entry=
  save_env prev_saved_entry
  set boot_once=true
fi

function savedefault {
  if [ -z "${boot_once}" ]; then
saved_entry="${chosen}"
save_env saved_entry
  fi
}

function load_video {
  if [ x$feature_all_video_module = xy ]; then
insmod all_video
  else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
  fi
}

if loadfont unicode ; then
  set gfxmode=1024x768
  load_video
  insmod gfxterm
  set locale_dir=$prefix/locale
  set lang=en_US
  insmod gettext
fi
terminal_output gfxterm
set timeout=5
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/05_debian_theme ###
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 
--hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2  
c4425021-9542-4ff6-888c-548c08b4a69c
else
  search --no-floppy --fs-uuid --set=root c4425021-9542-4ff6-888c-548c08b4a69c
fi
insmod png
if background_image /grub/.background_cache.png; then
  set color_normal=white/black
  set color_highlight=black/white
else
  set menu_color_normal=cyan/blue
  set menu_color_highlight=white/blue
fi
### END /etc/grub.d/05_debian_theme ###

### BEGIN /etc/grub.d/10_linux ###
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu 
--class os $menuentry_id_option 
'gnulinux-simple-5b7c89b1-cf26-4427-b8a9-8c74e4897111' {
load_video
set gfxpayload=keep
insmod gzio
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 
--hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2  
c4425021-9542-4ff6-888c-548c08b4a69c
else
  search --no-floppy --fs-uuid --set=root 
c4425021-9542-4ff6-888c-548c08b4a69c
fi
echo'Loading Linux 3.2.0-4-amd64 ...'
linux   /vmlinuz-3.2.0-4-amd64 root=/dev/mapper/vg_alice0-root ro  quiet
echo'Loading initial ramdisk ...'
initrd  /initrd.img-3.2.0-4-amd64
}
submenu 'Advanced options for Debian GNU/Linux' $menuentry_id_option 
'gnulinux-advanced-5b7c89b1-cf26-4427-b8a9-8c74e4897111' {
menuentry 'Debian GNU/Linux, with Linux 3.2.0-4-amd64' --class debian 
--class gnu-linux --class gnu --class os $menuentry_id_option 
'gnulinux-3.2.0-4-amd64-advanced-5b7c89b1-cf26-4427-b8a9-8c74e4897111' {
load_video
set gfxpayload=keep
insmod gzio
insmod part_gpt
insmod ext2
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt2 
--hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2  
c4425021-9542-4ff6-888c-548c08b4a69c
else
  search --no-floppy --fs-uuid --set=root 
c4425021-9542-4ff6-888c-548c08b4a69c
fi
echo'Loading Linux 3.2.0-4-amd64 ...'
linux   /vmlinuz-3.2.0-4-amd64 root=/dev/mapper/vg_alice0-root 
ro  quiet
echo'Loading initial ramdisk ...'
initrd  /initrd.img-3.2.0-4-amd64
}
menuentry 'Debian GNU/Linux, with Linux 3.2.0-4-amd64 (recovery mode)' 
--class debian --class gnu-linux --class gnu --class os $menuentry_id_option 
'gnulinux-3.2.0-4-amd64-recovery-5b7c89b1-cf26-4427-b8a9-8

Bug#695244: which_deb fails when trying to build source cds from an archive that doesn't have i386 or amd64 binaries

2012-12-05 Thread peter green 

Package: debian-cd

I've been working on trying to build cd images for raspbian using 
debian-cd. While doing this I found that when building source cds 
which_deb only looks for i386 and amd64 packages files. If it finds 
neither it fails horriblly. This prevents building source CDs for 
derivatives that focus on specific non-pc architectures like raspbian.


By fails horriblly I mean that rather than the failure of which_deb to 
find a usable packages file being reported to the user the failure 
results in crazy values in makefile variables (e.g. directory names in 
variables which should contain file names) which in turn cause the build 
process to fail in ways that have no obvious relation to the real issue.


To get things working for raspbian I just added armhf to the list of 
architectures but this isn't really a good soloution in general.



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#683010: FTBFS on ia64: one or more PCH files were found, but they were invalid

2012-12-05 Thread Axel Beckert 
Hi,

Axel Beckert wrote:
> But it's not the new upstream version which fixes the issue but me
> having enabled hardening build flags (which was anything but trivial
> with that package). Actually, according to git bisect, this commit
> solves the issue:
> 
> http://anonscm.debian.org/gitweb/?p=collab-maint/evolvotron.git;a=commitdiff;h=0f68918b
> 
> I'll try to manually bisect the elements of those changes further to
> get a minimal patch suitable for a freeze exception...

Interestingly one little detail from that patch sufficed:

diff --git a/debian/rules b/debian/rules
index 1dfe9e6..2f2fb0f 100755
--- a/debian/rules
+++ b/debian/rules
@@ -10,13 +10,13 @@ else
CFLAGS += -O2
 endif
 
-config.status: configure
+Makefile: configure
dh_testdir
QTDIR=/usr/lib/qt3 ./configure CFLAGS="$(CFLAGS)"
LDFLAGS="-Wl,-z,defs"
 
 build: build-stamp
 
-build-stamp:  config.status
+build-stamp: Makefile
dh_testdir
$(MAKE)
touch $@

Reason is likely that this configure script is not a real configure
script but rather a script calling qmake. And so it doesn't generate
any config.status file (but some Makefiles instead). The fact that
config.status is generated is probably the culprit.

I'll prepare a complete debdiff and a pre-approval request tomorrow.
Should really go to bed now. :-)

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE
  `-|  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#694993: [Pkg-ime-devel] Bug#694993: Bug#694993: opencc: Ship opencc.py in src/wrapper/python/

2012-12-05 Thread moz lala 




- Original Message -
> From: Osamu Aoki 
> 
> Very true.  we are under freeze so we can ONLY FIX RC bugs in unstable.
> 
> But we can upload to experimental if it is important enough to get this
> going at this stage.  Once wheezy is released, we can re-upload to
> unstable ... and eventually backports.
> 
> Does any software use this python binding?  How stable is it?
> 

It's not urgent to having the package shipped yet.

I use it in my private utility. It seems that ibus-googlepinyin ships its own
 copy of opencc.py.

The binding is simple and should be stable. Not changed in 2  years.


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695222: evince only shows garbage when displaying certain PDF documents

2012-12-05 Thread YunQiang Su 
On Thu, Dec 6, 2012 at 12:51 AM, Rogério Brito  wrote:
> Package: evince
> Version: 3.4.0-3.1
> Severity: normal
>
> Hi.
>
> Evince (but not other poppler-based viewers, like the xpdf that is in
> Debian) only show garbage when displaying certain documents.
>
This file shows correctly in Ubuntu precise with evince 3.4,
While cannot work with evince 3.6 in Debian experimental.
Is it a problem of font config?

> In particular, if a LaTeX document generated by dvips happens to have T3
> fonts and that document is converted to a PDF file via ps2pdf, then only
> garbage can be seen on the screen.
>
> Minimal working example attached. To compile the document, just do:
>
> latex test; dvips test; ps2pdf14 test.ps
>
> and try to see the resulting PDF file with evince.
>
>
> Regards,
>
> Rogério Brito.
>
> -- System Information:
> Debian Release: wheezy/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 3.6-trunk-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_US.utf-8, LC_CTYPE=pt_BR.utf-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
>
> Versions of packages evince depends on:
> ii  evince-common3.4.0-3.1
> ii  gnome-icon-theme 3.4.0-2
> ii  libatk1.0-0  2.4.0-2
> ii  libc62.13-37
> ii  libcairo-gobject21.12.2-2
> ii  libcairo21.12.2-2
> ii  libevdocument3-4 3.4.0-3.1
> ii  libevview3-3 3.4.0-3.1
> ii  libgail-3-0  3.4.2-4
> ii  libgdk-pixbuf2.0-0   2.26.1-1
> ii  libglib2.0-0 2.33.12+really2.32.4-3
> ii  libgnome-keyring03.4.1-1
> ii  libgtk-3-0   3.4.2-4
> ii  libice6  2:1.0.8-2
> ii  libnautilus-extension1a  3.4.2-1+build1
> ii  libpango1.0-01.30.0-1
> ii  libsm6   2:1.2.1-2
> ii  libx11-6 2:1.5.0-1
> ii  libxml2  2.8.0+dfsg1-7
> ii  shared-mime-info 1.0-1+b1
> ii  zlib1g   1:1.2.7.dfsg-13
>
> Versions of packages evince recommends:
> ii  dbus-x11  1.6.8-1
> ii  gvfs  1.12.3-2
>
> Versions of packages evince suggests:
> ii  nautilus  3.4.2-1+build1
> ii  poppler-data  0.4.6-2
> ii  unrar 1:4.1.4-1
>
> -- no debconf information
>
> --
> Rogério Brito : rbrito@{ime.usp.br,gmail.com} : GPG key 4096R/BCFC
> http://rb.doesntexist.org/blog : Projects : https://github.com/rbrito/
> DebianQA: http://qa.debian.org/developer.php?login=rbrito%40ime.usp.br
>
> ___
> pkg-gnome-maintainers mailing list
> pkg-gnome-maintain...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-gnome-maintainers



--
YunQiang Su


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#661736: HTML::FormatText and UTF-8

2012-12-05 Thread brian m. carlson 
This issue is this line (line 135):

  $text =~ tr/\xA0\xAD/ /d;

This works great if your data is in a Unicode string.  It also works
great if your data is a byte string using Latin-1.  It works very poorly
if your UTF-8 data is in a byte string.  In the example given in the
original bug report, -Mutf8 was not used, so the data is treated as a
series of (two) Latin-1 characters.

vauxhall ok % perl -MHTML::FormatText -Mutf8 -C6 -E 'print 
HTML::FormatText->new->format_string("à")' |hd
  c3 a0 0a  |...|
0003
vauxhall ok % perl -MHTML::FormatText -Mutf8 -E 'print 
HTML::FormatText->new->format_string("à")' |hd 
  e0 0a |..|
0002

I suspect the correct fix for this bug is documentation.

-- 
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187


signature.asc
Description: Digital signature

Bug#695195: ITP: vcr -- record test suite HTTP interactions and replay during future test runs

2012-12-05 Thread Hideki Yamane 
On Wed, 5 Dec 2012 14:56:40 +
Jeremy Baron  wrote:
> https://github.com/myronmarston/vcr says:
> > This is no longer the canonical repo -- it has moved to 
> > https://github.com/vcr/vcr ― Read more

 Thanks, Jeremy :) I've updated debian/{control,copyright,watch}.

-- 
Regards,

 Hideki Yamane henrich @ debian.or.jp/org
 http://wiki.debian.org/HidekiYamane


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695243: linux: Add stage1 build-profile support for bootstrapping

2012-12-05 Thread Wookey 
Package: linux
Version: linux-3.6.4-1~experimental.1
Severity: wishlist
Tags: experimental patch

In order to bootstrap a new architecture, a cross-toolchain must be
built. A suitable linux-libc-dev_$arch package is needed for this. In
order to make this (and cross-toolchain builds in general)
automatable, the packaging needs to be able to build just this package.

The attached patch provides this functionality.

It also includes notation for the corresponding reduction in needed
build-dependencies which is an important part of the automation.
However this part of the patch cannot be applied until dpkg build-dep
parsing is updated to not choke on this. Action on this is pending
further discussion of #661538

In the meantime the packaging changes in the rules file are worth
having on their own as they allow the staged build functionality (just
using dpkg-buildpackage -d to ignore the missing build-deps)

-- System Information:
Debian Release: 6.0.6
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32.33-kvm-i386-2028-dirty (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
\ No newline at end of file
--- linux-3.6.4/debian/control  2012-11-15 11:56:31.0 +
+++ linux-3.6.4/debian/control  2012-12-04 02:23:27.0 +
@@ -4,7 +4,7 @@
 Maintainer: Debian Kernel Team 
 Uploaders: Bastian Blank , Frederik Schüler 
, maximilian attems , Ben Hutchings 

 Standards-Version: 3.9.2
-Build-Depends: debhelper (>> 7), cpio, kmod | module-init-tools, python (>= 
2.6.6-3~), lzma [armel], kernel-wedge (>= 2.84), quilt, patchutils, gcc-4.6 
[alpha amd64 armel armhf i386 ia64 m68k mips mipsel powerpc ppc64 s390 s390x 
sh4 sparc sparc64], gcc-4.4 [hppa], binutils-hppa64 [hppa], gcc-4.4-hppa64 
[hppa]
+Build-Depends: debhelper (>> 7), cpio , kmod  | 
module-init-tools , python (>= 2.6.6-3~), lzma [armel], kernel-wedge 
(>= 2.84) , quilt, patchutils, gcc-4.7 [arm64] , gcc-4.6 
[alpha amd64 armel armhf i386 ia64 m68k mips mipsel powerpc ppc64 s390 s390x 
sh4 sparc sparc64], gcc-4.4 [hppa], binutils-hppa64 [hppa], gcc-4.4-hppa64 
[hppa]
 Build-Depends-Indep: bzip2, xmlto
 Vcs-Svn: svn://svn.debian.org/svn/kernel/dists/trunk/linux/
 Vcs-Browser: http://anonscm.debian.org/viewvc/kernel/dists/trunk/linux/
--- linux-3.6.4/debian/rules2012-11-15 11:56:30.0 +
+++ linux-3.6.4/debian/rules2012-12-04 02:13:41.0 +
@@ -34,18 +34,30 @@
 
 build: build-arch build-indep
 
+#for stage1 don't try to do base setup - just build the libc-headers 
+ifneq (,$(filter stage1,$(DEB_BUILD_PROFILE)))
+
+build-arch: debian/control
+
+build-indep: debian/control
+
+else
+
 build-arch: debian/control $(STAMPS_DIR)/build-arch-base
-$(STAMPS_DIR)/build-arch-base: $(STAMPS_DIR)/setup-base
+$(STAMPS_DIR)/build-arch-base: $(STAMPS_DIR)/setup-base 
dh_testdir
$(MAKE) -f debian/rules.gen build-arch_$(DEB_HOST_ARCH)
@$(stamp)
 
+
 build-indep: debian/control $(STAMPS_DIR)/build-indep-base
 $(STAMPS_DIR)/build-indep-base: $(STAMPS_DIR)/setup-base
dh_testdir
$(MAKE) -f debian/rules.gen build-indep
@$(stamp)
 
+endif
+
 DIR_ORIG = ../orig/$(SOURCE)-$(VERSION_UPSTREAM)
 TAR_ORIG_NAME = $(SOURCE)_$(VERSION_UPSTREAM).orig.tar.xz
 TAR_ORIG = $(firstword $(wildcard ../$(TAR_ORIG_NAME)) $(wildcard 
../orig/$(TAR_ORIG_NAME)))
@@ -75,10 +87,20 @@
dh_testdir
$(MAKE) -f debian/rules.gen binary-indep
 
+#for stage1 don't try to do base setup - just build the libc-headers 
+ifneq (,$(filter stage1,$(DEB_BUILD_PROFILE)))
+binary-arch:
+   dh_testdir
+   $(MAKE) -f debian/rules.gen binary-libc-dev_$(DEB_HOST_ARCH)
+
+else
+
 binary-arch: $(STAMPS_DIR)/build-arch-base
dh_testdir
$(MAKE) -f debian/rules.gen binary-arch_$(DEB_HOST_ARCH)
 
+endif
+
 binary:binary-indep binary-arch
 
 CONTROL_FILES = debian/changelog $(wildcard debian/templates/*.in)

Bug#695188: multi Bug#123456 in email subject breaks thread

2012-12-05 Thread YunQiang Su 
On Thu, Dec 6, 2012 at 9:54 AM, Don Armstrong  wrote:
> Control: tag -1 moreinfo unreproducible
>
> On Wed, 05 Dec 2012, YunQiang Su wrote:
>> Then this will happen always and the subject will be longer and longer.
>> It will also break the thread.
>
> The only time threading uses the subject is if there aren't any
> References: or In-Reply-To: headers.[1] The BTS tries very hard to
> never break threading by stripping References, Message-Id, or
> In-Reply-To; cases where it does are bugs.
>
>> Please consider don't add something like Bug#1234567: when the subject
>> has one for now.
>
> The BTS doesn't actually add Bug#12345 if the existing bug report
> already has the correct Bug number. [If the report has the wrong bug
> number, it will add the correct one to the front.]
See this please.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687396

Maybe BTS is confused by mailing list tag like [buildd-tools-devel]
>
> You can see examples of this working correctly here:
>
> http://lists.debian.org/debian-ctte/2012/11/ for example
>
> Don Armstrong
>
> 1: A possible exception to this would be if your MUA was broken or
> substandard, but that's an MUA problem.
> --
> This can't be happening to me. I've got tenure.
>  -- James Hynes _Publish and Perish_
>
> http://www.donarmstrong.com  http://rzlab.ucr.edu



--
YunQiang Su


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695242: mon watchfile is non-functional

2012-12-05 Thread Nick Black 
Package: mon
Version: 1.2.0-6
Severity: minor
Tags: patch

Dear Maintainer,

While building mon for SprezzOS, I determined its watchfile to be
non-functional. From what I can tell, the authoritative source of
mon is its sourceforge project. The kernel URI listed doesn't have
the current 1.20 tarball, and does not provide a newer release.

I have generated a working watchfile, which I suggest you use.
Thanks!

[skynet](0) $ cat debian/watch 
version=3
http://sf.net/mon/mon-([\d.]+)\.tar\.gz
[skynet](0) $ uscan --verbose
-- Scanning for watchfiles in .
-- Found watchfile in ./debian
-- In debian/watch, processing watchfile line:
   http://sf.net/mon/mon-([\d.]+)\.tar\.gz
-- Found the following matching hrefs:
 mon-1.2.0.tar.gz
 mon-0.38.19.tar.gz
 mon-0.38.18.tar.gz
 mon-0.38.17.tar.gz
 mon-0.38.16.tar.gz
 mon-0.38.15.tar.gz
Newest version on remote site is 1.2.0, local version is 1.2.0
 => Package is up to date
-- Scan finished
[skynet](1) $

-- System Information:
Debian Release: turing-β/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.6.8+ (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695188: multi Bug#123456 in email subject breaks thread

2012-12-05 Thread Don Armstrong 
Control: tag -1 moreinfo unreproducible

On Wed, 05 Dec 2012, YunQiang Su wrote:
> Then this will happen always and the subject will be longer and longer.
> It will also break the thread.
 
The only time threading uses the subject is if there aren't any
References: or In-Reply-To: headers.[1] The BTS tries very hard to
never break threading by stripping References, Message-Id, or
In-Reply-To; cases where it does are bugs.

> Please consider don't add something like Bug#1234567: when the subject
> has one for now.

The BTS doesn't actually add Bug#12345 if the existing bug report
already has the correct Bug number. [If the report has the wrong bug
number, it will add the correct one to the front.]

You can see examples of this working correctly here:

http://lists.debian.org/debian-ctte/2012/11/ for example
 
Don Armstrong

1: A possible exception to this would be if your MUA was broken or
substandard, but that's an MUA problem.
-- 
This can't be happening to me. I've got tenure.
 -- James Hynes _Publish and Perish_

http://www.donarmstrong.com  http://rzlab.ucr.edu


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#661545: Patch for 661545

2012-12-05 Thread brian m. carlson 
tags 661545 + patch
kthxbye

A patch is included to fix the format string issue, minor as it might
be.

-- 
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187
diff -urN libproc-processtable-perl-0.45.orig/ProcessTable.xs libproc-processtable-perl-0.45/ProcessTable.xs
--- libproc-processtable-perl-0.45.orig/ProcessTable.xs	2012-12-06 01:37:15.548659798 +
+++ libproc-processtable-perl-0.45/ProcessTable.xs	2012-12-06 01:38:30.960137369 +
@@ -388,5 +388,5 @@
  char* error;
 
  if( (error = OS_initialize()) != NULL ){
-   croak(error);
+   croak("%s", error);
  }


signature.asc
Description: Digital signature

Bug#692442: Patches for CVE-2012-5783 and CVE-2012-5784

2012-12-05 Thread Michael Gilbert 
> Hi Andreas
>
> I've uploaded both packages to mentors.
>
> commons-httpclient -> bug #692442 CVE-2012-5783
> axis -> bug #692650 CVE-2012-5784
>
> Since axis uses commons-httpclient, we need fix and upload both
> packages.
>
> Upstream has ignored axis patch, and rejected commons-httpclient patch.
> Basically, they say commons-httpclient is EOL and they don't want to
> spend time on it. They maybe would apply the patch to the SVN, but
> without revision and without releasing.

According to redhat, there is already an upstream patch for
httpclient, and it differs from yours in some ways:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5783

Please coordinate with them on that fix.

> I've tested the patches and they work ok. So I think it's fine to
> upload.

Please coordinate the axis patch with redhat since they don't have a
solution in their bug tracker yet either.  They will review your work:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5784

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695240: ITP: openrtm-aist -- A component-based robotics middleware

2012-12-05 Thread Thomas Moulard 
Package: wnpp
Severity: wishlist

* Package name : openrtm-aist
Version : 1.1.0
* Upstream Author : Noriaki Ando 
* URL : http://openrtm.org/
* License : LGPL-3 (or Individual License)
Description :
 OpenRTM is a robotics middleware. It provides C++, Python, Java
libraries to enable
 robotics component development and also integrates with Eclipse.
 This middleware is OMG RTC standard compliant and is used by the
robotics community:

OpenRTM robotics application: http://www.yourepeat.com/g/OpenRTM
Video tutorial/presentation: http://www.youtube.com/watch?v=1glmArJOUfA
Paper: 
http://download.springer.com/static/pdf/409/chp%253A10.1007%252F978-3-540-89076-8_12.pdf?auth66=1354929841_a154cdcfa19b8526f61781cf20c2ec31&ext=.pdf


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#683010: FTBFS on ia64: one or more PCH files were found, but they were invalid

2012-12-05 Thread Axel Beckert 
Hi,

Axel Beckert wrote:
> The new upstream version (plus some package maintenance like using
> dpkg-buildflags) builds fine on at least amd64 and ia64. Hence the
> pending tag.

But it's not the new upstream version which fixes the issue but me
having enabled hardening build flags (which was anything but trivial
with that package). Actually, according to git bisect, this commit
solves the issue:

http://anonscm.debian.org/gitweb/?p=collab-maint/evolvotron.git;a=commitdiff;h=0f68918b

I'll try to manually bisect the elements of those changes further to
get a minimal patch suitable for a freeze exception...

  Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE
  `-|  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#559916: ITP: numpydoc -- numpy sphinx extension

2012-12-05 Thread Yaroslav Halchenko 
would you mind if we strip -sphinx from the binary package name?  to
follow python policy closer it should be just python-numpydoc as the
module name.

also I believe it is better to have the team as the Maintainer while
individual uploaders in Uploaders

if you would not oppose those changes I could sponsor the upload

On Wed, 05 Dec 2012, Denis Laxalde wrote:

> Hi,

> Bart Martens wrote:
> >But that package is no longer at mentors.  Denis, do you still intend to
> >package this software ?

> The package is still in the SVN repo of python-modules [1]. I did
> the packaging as a training and as it seems a useful addition to
> Debian (initially RFS). So yes, I still intend to maintain the
> package but haven't found a sponsor yet (asked on debian-python).
> Perhaps, Yaroslav or Michael would be interested in sponsoring the
> package?

> Regards,
> Denis

> [1]: http://anonscm.debian.org/viewvc/python-modules/packages/numpydoc/trunk/


-- 
Yaroslav O. Halchenko
Postdoctoral Fellow,   Department of Psychological and Brain Sciences
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834   Fax: +1 (603) 646-1419
WWW:   http://www.linkedin.com/in/yarik


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#692899: zope2.12: [CVE-2012-5485 to 5508] Multiple vectors corrected within 20121106 fix

2012-12-05 Thread Arnaud Fontaine 
Hi,

Moritz Muehlenhoff  writes:

> On Sun, Nov 25, 2012 at 11:07:38AM +0900, Arnaud Fontaine wrote:
>> The following  CVEs are not affecting  Zope2 package (Plone/Zope3/..)
>> (within brackets  is the Product/module/...  affected  along with the
>> corresponding filename in Plone Hotfix):
>
> For clarification, so  that I can update the  Debian Security Tracker,
> none of these CVE IDs are packaged in Debian, right?
>
> (I can't find a Plone package, but these could be packaged through one
> of the many zope.* packages?)
>  
>> * CVE-2012-5485 (Plone: registerConfiglet.py)
>>   http://plone.org/products/plone/security/advisories/20121106/01
>> 
>> *
>> CVE-2012-5488/CVE-2012-5494/CVE-2012-5495/CVE-2012-5499/CVE-2012-5506
>>   (Plone-specific: python_scripts.py)
>>   http://plone.org/products/plone/security/advisories/20121106/04
>>   http://plone.org/products/plone/security/advisories/20121106/10
>>   http://plone.org/products/plone/security/advisories/20121106/11
>>   http://plone.org/products/plone/security/advisories/20121106/15
>>   http://plone.org/products/plone/security/advisories/20121106/22
>> 
>> * CVE-2012-5490 (kss: kssdevel.py)
>>   http://plone.org/products/plone/security/advisories/20121106/06
>> 
>> * CVE-2012-5491/CVE-2012-5504 (z3c.form (Zope3): widget_traversal.py)
>>   http://plone.org/products/plone/security/advisories/20121106/12
>>   http://plone.org/products/plone/security/advisories/20121106/20
>> 
>> * CVE-2012-5492 (Plone: uid_catalog.py)
>>   http://plone.org/products/plone/security/advisories/20121106/08
>> 
>> * CVE-2012-5493 (CMFCore: gtbn.py)
>>   http://plone.org/products/plone/security/advisories/20121106/09
>> 
>> * CVE-2012-5496 (Plone: kupu_spellcheck.py)
>>   http://plone.org/products/plone/security/advisories/20121106/09
>> 
>> * CVE-2012-5497 (Plone: membership_tool.py)
>>   http://plone.org/products/plone/security/advisories/20121106/13
>> 
>> * CVE-2012-5498 (Plone: queryCatalog.py)
>>   http://plone.org/products/plone/security/advisories/20121106/14
>> 
>> * CVE-2012-5500 (Plone: renameObjectsByPaths.py)
>>   http://plone.org/products/plone/security/advisories/20121106/15
>> 
>> * CVE-2012-5501 (Plone: at_download.py)
>>   http://plone.org/products/plone/security/advisories/20121106/17
>> 
>> * CVE-2012-5502 (PortalTransforms: safe_html.py)
>>   http://plone.org/products/plone/security/advisories/20121106/18
>> 
>> * CVE-2012-5503 (Plone-specific: ObjectManager: ftp.py)
>>   http://plone.org/products/plone/security/advisories/20121106/19

None  of the  above CVE  IDs  are packaged  in  Debian as  Plone is  not
packaged in  Debian and the  other Products/modules are not  packaged in
Debian neither.

Cheers,
-- 
Arnaud Fontaine


pgp8PulGNWqjf.pgp
Description: PGP signature

Bug#695064: conflicting declaration ‘typedef CARD8 BOOL’ in xmd.h

2012-12-05 Thread Jarrett Chisholm 
Hi Julien,

thanks for getting back to me about this issue!

I believe it is conflicting with FreeImage.hhere's the full stack trace:

jarrett@debian:~/projects/chisholmsoft/dark_horizon$ bash
compile_and_run.sh
scons: Reading SConscript files ...
scons: done reading SConscript files.
scons: Building targets ...
g++ -o build/Test.o -c -std=gnu++0x -I"../lwis/src/engine" src/Test.cpp
In file included from ../lwis/src/engine/IInputManager.h:11:0,
 from ../lwis/src/engine/InputFactory.h:11,
 from ../lwis/src/engine/LWISCommon.h:13,
 from src/Test.h:14,
 from src/Test.cpp:8:
../lwis/src/engine/IKeyboardDevice.h:319:36: warning: multi-character
character constant [-Wmultichar]
../lwis/src/engine/IKeyboardDevice.h:339:35: warning: multi-character
character constant [-Wmultichar]
In file included from ../lwis/src/engine/IInputManager.h:11:0,
 from ../lwis/src/engine/InputFactory.h:11,
 from ../lwis/src/engine/LWISCommon.h:13,
 from src/Test.h:14,
 from src/Test.cpp:8:
../lwis/src/engine/IKeyboardDevice.h: In constructor
‘lwis::engine::IKeyboardDevice::IKeyboardDevice()’:
../lwis/src/engine/IKeyboardDevice.h:319:36: warning: overflow in
implicit constant conversion [-Woverflow]
../lwis/src/engine/IKeyboardDevice.h:339:35: warning: overflow in
implicit constant conversion [-Woverflow]
g++ -o build/engine/IceGraphicsEngine.o -c -std=gnu++0x
-I"../lwis/src/engine" src/engine/IceGraphicsEngine.cpp
In file included from /usr/include/X11/extensions/xf86vmode.h:37:0,
 from src/engine/../linux/LinuxGLWindow.h:31,
 from src/engine/../linux/Common.h:11,
 from src/engine/IceGraphicsEngine.h:27,
 from src/engine/IceGraphicsEngine.cpp:8:
/usr/include/X11/Xmd.h:143:16: error: conflicting declaration ‘typedef
CARD8 BOOL’
In file included from
src/engine/../linux/../engine/../common/utilities/ImageLoader.h:15:0,
 from src/engine/../linux/../engine/Texture.h:11,
 from src/engine/../linux/../engine/TextureManager.h:20,
 from src/engine/../linux/LinuxGLWindow.h:15,
 from src/engine/../linux/Common.h:11,
 from src/engine/IceGraphicsEngine.h:27,
 from src/engine/IceGraphicsEngine.cpp:8:
/usr/include/FreeImage.h:139:17: error: ‘BOOL’ has a previous
declaration as ‘typedef int32_t BOOL’
scons: *** [build/engine/IceGraphicsEngine.o] Error 1
scons: building terminated because of errors.
Script halted due to error(s)!


cheers

jarrett

On 03/12/12 04:25 PM, Julien Cristau wrote:
> Control: reassign -1 x11proto-core-dev
> Control: tag -1 moreinfo
>
> On Mon, Dec  3, 2012 at 13:24:55 -0500, Jarrett Chisholm wrote:
>
>> I'm building a c++ application, which includes xf86vmode.h header.
>>
>>
>> I think this is part of the X11 library header files.  Here is the dpkg 
>> output:
> Xmd.h is not, but close enough.  It's part of the X11 protocol headers.
>
>> jarrett@debian:~/$ dpkg --list libx11-dev
>> Desired=Unknown/Install/Remove/Purge/Hold
>> | 
>> Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
>> |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
>> ||/ NameVersionArchitecture  
>>  Description
>> +++-===-==-==-
>> ii  libx11-dev:amd642:1.5.0-1  
>> amd64  X11 client-side library (development headers)
>>
>>
>> When I compile with the g++ flag '-std=gnu++0x', I get the following error:
>>
>> In file included from /usr/include/X11/extensions/xf86vmode.h:37:0,
>>  from src/engine/../linux/LinuxGLWindow.h:31,
>>  from src/engine/../linux/Common.h:11,
>>  from src/engine/IceGraphicsEngine.h:27,
>>  from src/engine/IceGraphicsEngine.cpp:8:
>> /usr/include/X11/Xmd.h:143:16: error: conflicting declaration ‘typedef CARD8 
>> BOOL’
>>
>>
>> My guess is the new c++ features has a conflict or something here...
>>
>> If I remove line 143 from Xmd.h, I no longer see this error.
>>
> What's the other declaration it conflicts with?
>
> Cheers,
> Julien


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#683010: FTBFS on ia64: one or more PCH files were found, but they were invalid

2012-12-05 Thread Axel Beckert 
Hi,

Axel Beckert wrote:
> > evolvotron fails to build from source on ia64, but built in the past:
> 
> Nevertheless no change in evolvotron seems to be the cause for that but a
> change somewhere in the build-dependencies/toolchain as versions which
> built before now FTBFS, too, namely the version in Wheezy (0.6.1-1)
> FTBFS on Wheezy on ia64, too. Which means this bug is relevant for the
> next release, too.
> 
> I'm trying to find a fix.

The new upstream version (plus some package maintenance like using
dpkg-buildflags) builds fine on at least amd64 and ia64. Hence the
pending tag.

Nevertheless this is out of reach for Wheezy, also because the diff to
the new upstream version is not small.

So my current plan is:

a) to fix the bug unstable with the new upstream version to prove that
   the issue is fixed, and

b) to figure out which difference fixed the issue and try to apply
   that to 0.6.1-1 and upload the fix (including an updated maintainer
   field, see http://bugs.debian.org/691820) after checking with the
   release team to testing-proposed-updates as 0.6.1-1+wheezy1 or
   such.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE
  `-|  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695221: xcp-xapi: xe pif-reconfigure-ip doesn't work with non 255.255.255.0 subnet netmask

2012-12-05 Thread Michael Gilbert 
control: severity -1 normal

Downgrading the severity since this not a severe issue and its easy
enough to workaround.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695239: winetricks won't install alongside wine:i386

2012-12-05 Thread Daniel Moerner 
Package: winetricks
Version: 0.0+20121030+svn918-1
Severity: serious

Hi,

I've labeled this "Serious" since I believe multiarch is a release goal,
but that might be incorrect.

My errors might also follow from never using multiarch before, but I did
the following, which I believe is correc,t and now winetricks is
uninstallable (and there is no multiarch winetricks:i386 package).

dpkg --add-architecture i386
aptitude update
aptitude install wine:i386

root@skynet:~# aptitude install winetricks
The following NEW packages will be installed:
  cabextract{a} wine{ab} winetricks 
0 packages upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/276 kB of archives. After unpacking 968 kB will be used.
The following packages have unmet dependencies:
 wine : Conflicts: wine:i386 but 1.4.1-4 is installed.
 wine:i386 : Conflicts: wine but 1.4.1-4 is to be installed.
The following actions will resolve these dependencies:

 Remove the following packages:
1) wine:i386   

Thanks,
Daniel

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages winetricks depends on:
pn  cabextract  
ii  p7zip   9.20.1~dfsg.1-4
ii  unzip   6.0-7
ii  wget1.13.4-3
ii  wine1.4.1-4

Versions of packages winetricks recommends:
ii  gksu   2.0.2-6
ii  sudo   1.8.5p2-1
ii  xdg-utils  1.1.0~rc1+git20111210-6
ii  zenity 3.4.0-2

winetricks suggests no packages.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695238: spf-milter-python: New upstream version available (0.8.17)

2012-12-05 Thread Scott Kitterman 
On Wednesday, December 05, 2012 03:34:22 PM David Caldwell wrote:
...
> The pymilter project has a newer release: 0.8.17 (at the time of this
> writing), available here: http://sourceforge.net/projects/pymilter/files/

It's already packaged in Experimental.  Once wheezy is released, I can add it 
to wheezy-backports.

Scott K


signature.asc
Description: This is a digitally signed message part.

Bug#695218: valgrind can't be used on programs compiled with -m32

2012-12-05 Thread Vincent Lefevre 
On 2012-12-06 00:41:25 +0100, Sebastian Ramacher wrote:
> I was facing the same issue the other day and installing libc6-dbg:i386
> did the trick for me.

"apt-get install libc6-dbg:i386" gives:
E: Unable to locate package libc6-dbg

even though "apt-get update" included:

Get:1 http://ftp.debian.org unstable/main i386 Packages/DiffIndex [7876 B]
Get:2 http://ftp.debian.org unstable/contrib i386 Packages/DiffIndex [7819 B]
Get:3 http://ftp.debian.org unstable/non-free i386 Packages/DiffIndex [7819 B]

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#682599: xchat: fails to load libnotify.so.1, does not try to load libnotify.so.4, wrong Recommends: libnotify1

2012-12-05 Thread Sébastien Villemot 
Le dimanche 07 octobre 2012 à 04:57 +, Bart Martens a écrit :

> Thanks to Raghu Rao for suggesting "to fix xchat so it uses the correct
> libnotify (.so.4 instead of .so.1 etc) as discussed in
> https://bugzilla.redhat.com/show_bug.cgi?id=693362 ".  From the two discussed
> approaches I prefer the smallest one (open libnotify.so.4) for wheezy and the
> largest one (link the library) for later.  The severity of this bug is, in my
> opinion, somewhere between "important" and "serious".

Any chance to have this fix into Wheezy before it is too late? I am
willing to help (possibly by an NMU) if you deem it appropriate.

Thanks!

-- 
 .''`.Sébastien Villemot
: :' :Debian Developer
`. `' http://www.dynare.org/sebastien
  `-  GPG Key: 4096R/381A7594



signature.asc
Description: This is a digitally signed message part

Bug#631271: texlive-binaries: xdvi no longer uncompresses .gz and .bz2 files

2012-12-05 Thread Vincent Lefevre 
On 2012-12-06 08:22:24 +0900, Norbert Preining wrote:
> On Mi, 05 Dez 2012, Frank Küster wrote:
> > I don't think it is important, because it doesn't make much sense to
> > type a commandline as the one above, when it is much easier to just type
> > 
> > texdoc preview
> 
> Which doesn't work for compressed documents.

On my machine, it works:

xvii:~> texdoc preview
xvii:~> Opening "/tmp/texdoc.Kg0sgw/preview.pdf" with gv  (application/pdf)

where

xvii:~> locate /preview.pdf
/usr/share/doc/preview-latex-style/preview.pdf.gz
/usr/share/doc/texmf/latex/preview/preview.pdf.gz

but it uses gv instead of xpdf (specified by my .mailcap file).
And it goes to background too early (the message is output after
the prompt).

I don't know about dvi files, when the pdf one isn't available.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695226: [Pkg-nagios-devel] Bug#695226: Bug#695226: pnp4nagios: Upgrade fails due to changed ownership

2012-12-05 Thread Michael Friedrich 

On 2012-12-05 22:39, Alexander Wirt wrote:

On Wed, 05 Dec 2012, Alma Mahler wrote:


Package: pnp4nagios
Version: 0.6.16-2
Severity: normal
Tags: d-i

Dear Maintainer,

after apt-get upgrade npcd refused to start.

We use icinga and pnp4nagios:

ii icinga 1.7.1-4 amd64 host and network monitoring system - metapackage
ii icinga-cgi 1.7.1-4 amd64 host and network monitoring system - CGI scripts
ii icinga-common 1.7.1-4 all host and network monitoring system - support files
ii icinga-core 1.7.1-4 amd64 host and network monitoring system - core files

pnp4nagios packages see below; npcdmod.

User/Group: icinga:icinga

such a group doesn't exist in the icinga packages. If you changed anything to
have and use this group you are on your own, such a combination is not
supported and will probably never.


this is btw a follow-up from this discussion (german)
http://monitoring-portal.org/wbb/index.php?page=Thread&threadID=27415



Alex

___
Pkg-nagios-devel mailing list
pkg-nagios-de...@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-nagios-devel



--
DI (FH) Michael Friedrich

mail: michael.friedr...@gmail.com
twitter:  https://twitter.com/dnsmichi
jabber:   dnsmi...@jabber.ccc.de
irc:  irc.freenode.net/icinga dnsmichi

icinga open source monitoring
position: lead core developer
url:  https://www.icinga.org


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695220: reportbug stores empty bug reports in the ~/.reportbug directory

2012-12-05 Thread Vincent Lefevre 
severity 695220 important
retitle 695220 reportbug stores empty bug reports in the --draftpath directory, 
text is lost
thanks

(Severity raised to important due to data loss, see below.)

Hi,

On 2012-12-05 21:53:57 +0100, Sandro Tosi wrote:
> Hello Vincent,
> 
> On Wed, Dec 5, 2012 at 4:36 PM, Vincent Lefevre  wrote:
> > reportbug stores empty bug reports in the ~/.reportbug directory.
> > I don't think this is useful. At least the behavior should be
> > documented in the reportbug(1) man page (there's nothing about
> > this directory).
> 
> How old are those empty reports?

On one machine: 2012-11-28
On the other one: 2012-12-05

I've looked at my config files, and saw:

  alias reportbug="reportbug --draftpath=$HOME/.reportbug"

The man page says:

   --draftpath=DRAFTPATH
   Save the draft (for example, when exiting and saving the report
   without reporting it) into DRAFTPATH directory.

but it seems that an empty bug report (by "empty", the file provided
to the mailer, i.e. with the default contents), whether the bug has
been reported or not. I've just done a test, ending with:

[...]
Spawning mutt...
Mutt users should be aware it is mandatory to edit the draft before sending.
Report has not been sent yet; what do you want to do now? [E|q|?]? q
Draft saved into 
/home/vinc17/.reportbug/reportbug-reportbug-20121206-7695-DHs64D

but /home/vinc17/.reportbug/reportbug-reportbug-20121206-7695-DHs64D
does not contain the text I've written in the bug report. This is an
obvious data loss.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#681652: GStreamer does not play MP4

2012-12-05 Thread intrigeri 
Hi,

Tsu Jan wrote (15 Jul 2012 07:23:06 GMT) :
> Totem, using gstreamer0.10-plugins-bad v0.10.23-6, can't play mp4 files.

After looking around a bit, reproducing the bug, getting more
information from submitters and merging accordingly, this bug looks
a bit more important to me than it's current "normal" severity.

Considering:

 * This bug breaks some very common usecases of software that depends
   on gstreamer (namely: Totem and minitube).
 * This has been fixed upstream 6 months ago, apparently.
 * Ubuntu has been shipping a not-that-big fix taken from upstream for
   two months in Raring, without any negative side effects, as far as
   my limited understanding of Launchpad can tell me; it's
   really-fix-h264-parsing.patch in their source package [1]:
 2 files changed, 147 insertions(+), 121 deletions(-)

I think we should fix this in Wheezy.

I suggest the following course of action:

 1. Upload gst-plugins-bad0.10 0.10.23-8 with Ubuntu's patch
to experimental.
 2. Ask bug submitters for all related / blocked bugs to install it
and try reproducing their bug.
 3. If it's confirmed the patched package fixes the bug in the vast
majority of the cases, then ask the release team for a pre-upload
approval, aiming at a freeze exception.

gstreamer0.10-plugins-bad maintainers, what do you think?
I'm happy to help for any of steps #1, #2 and #3, but I'd really
welcome the maintainers more expert point-of-view first :)

[1] 
https://launchpad.net/ubuntu/raring/+source/gst-plugins-bad0.10/0.10.23-7ubuntu2/+files/gst-plugins-bad0.10_0.10.23-7ubuntu2.dsc

Cheers!


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#693659: vmix floating-point mode does not use proper API on Linux

2012-12-05 Thread Michael Gilbert 
control: severity -1 wishlist
control: tag -1 upstream
control: reopen -1

Reopening since the issue was worked around rather than fixed.  This
should really be addressed upstream, so it should be forwarded there
by someone with more interest than myself.

Thanks,
Mike


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695215: bzr: breaks bzr-loom 2.2.0-2

2012-12-05 Thread Michael Gilbert 
control: reassign -1 bzr
control: found -1 2.6.0~bzr6571-1
control: retitle -1 bzr: breaks bzr-loom 2.2.0-2

Only experimental bzr has this problem.

Best wishes,
Mike


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695218: valgrind can't be used on programs compiled with -m32

2012-12-05 Thread Sebastian Ramacher 
Hi Vincent,

On 2012-12-05 16:20:37, Vincent Lefevre wrote:
> When I run valgrind on a program compiled with -m32, I get:
> 
> valgrind:  Fatal error at startup: a function redirection
> valgrind:  which is mandatory for this platform-tool combination
> valgrind:  cannot be set up.  Details of the redirection are:
> valgrind:  
> valgrind:  A must-be-redirected function
> valgrind:  whose name matches the pattern:  strlen
> valgrind:  in an object with soname matching:   ld-linux.so.2
> valgrind:  was not found whilst processing
> valgrind:  symbols from the object with soname: ld-linux.so.2
> valgrind:  
> valgrind:  Possible fixes: (1, short term): install glibc's debuginfo
> valgrind:  package on this machine.  (2, longer term): ask the packagers
> valgrind:  for your Linux distribution to please in future ship a non-
> valgrind:  stripped ld.so (or whatever the dynamic linker .so is called)
> valgrind:  that exports the above-named function using the standard
> valgrind:  calling conventions for this platform.  The package you need
> valgrind:  to install for fix (1) is called
> valgrind:  
> valgrind:On Debian, Ubuntu: libc6-dbg
> valgrind:On SuSE, openSuSE, Fedora, RHEL:   glibc-debuginfo
> valgrind:  
> valgrind:  Cannot continue -- exiting now.  Sorry.

I was facing the same issue the other day and installing libc6-dbg:i386
did the trick for me.

Cheers
-- 
Sebastian Ramacher


signature.asc
Description: Digital signature

Bug#695238: spf-milter-python: New upstream version available (0.8.17)

2012-12-05 Thread David Caldwell 
Package: spf-milter-python
Version: 0.8.13-6
Severity: normal

Dear Maintainer,

The pymilter project has a newer release: 0.8.17 (at the time of this
writing), available here: http://sourceforge.net/projects/pymilter/files/

To me this is a fairly big deal since Debian recently dropped the spfmilter
package, citing spf-milter-python as a replacement. The problem is that
version of spf-milter-python currently in Debian (0.8.13) does not support
bypassing SPF checks for SMTP authenticated users. This is feature is
essential for the way my mail server is set up (and I suspect anyone else
who accepts mail on the submission port and wants to check SPF for incoming
email). The latest version of the pymilter does support this feature, making
it an actual replacement for spfmilter.

Thanks,
  David

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.5-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages spf-milter-python depends on:
ii  adduser3.113+nmu3
ii  lsb-base   4.1+Debian8
ii  python 2.7.3~rc2-1
ii  python-milter  0.9.5-3
ii  python-spf 2.0.7-3

spf-milter-python recommends no packages.

Versions of packages spf-milter-python suggests:
ii  sendmail  8.14.4-2.1

-- Configuration Files:
/etc/init.d/spf-milter-python changed [not included]

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#631271: texlive-binaries: xdvi no longer uncompresses .gz and .bz2 files

2012-12-05 Thread Norbert Preining 
On Mi, 05 Dez 2012, Frank Küster wrote:
> I don't think it is important, because it doesn't make much sense to
> type a commandline as the one above, when it is much easier to just type
> 
> texdoc preview

Which doesn't work for compressed documents.

> However, there _are_ issues with that:  When "see" is used as the

Not anymore, in teting and unstable it is
xdg-open
Unfortunately it suffers the same problem, that the tmp file is removed
immediately.

> IIRC gnome-open returns before the viewer has opened the file.

Yes,, in fact it is gvfs-open.

> The other problem is that (at least on stable), no system-wide
> texdoc.cnf is installed, and if you create one at the place you'd
> expect, /etc/texmf/texdoc/texdoc.cnf, it is simply ignored.

Should not happen on testing/unstable

Best wishes

Norbert

Norbert Preiningpreining@{jaist.ac.jp, logic.at, debian.org}
JAIST, Japan TeX Live & Debian Developer
DSA: 0x09C5B094   fp: 14DF 2E6C 0307 BE6D AD76  A9C0 D2BF 4AA3 09C5 B094

OUGHTERBY (n.)
Someone you don't want to invite to a party but whom you know you have
to as a matter of duty.
--- Douglas Adams, The Meaning of Liff


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#694484: [request-tracker-maintainers] Bug#694484: lib/RT/CurrentUser.pm uses Digest::SHA1

2012-12-05 Thread Dominic Hargreaves 
tags 694484 +patch confirmed
thanks

On Mon, Nov 26, 2012 at 08:45:41PM +0100, Ansgar Burchardt wrote:
> lib/RT/CurrentUser.pm uses Digest::SHA1 which is no longer in Debian. It
> should use Digest::SHA instead which is part of the core modules
> included with the perl interpreter since 5.10.
> 
> In most cases just replacing Digest::SHA1 by Digest::SHA should be
> enough.  Also change Digest/SHA1.pm to Digest/SHA.pm.

That code is unused in 4.0 and is removed by the following commit
from upstream master:

https://github.com/bestpractical/rt/commit/ddd207807fff9e373ea665636b7363b03903982c

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#669513: gnat-4.4: FTBFS: unsatisfiable build-dependency: gcc-4.4-source

2012-12-05 Thread Michael Stapelberg 
Hi Tobias,

Tobias Hansen  writes:
> The bug is in gnat-4.4. You tested the wrong package.
I missed the fact that gnat-4.4 is _also_ in testing. My apologies.

-- 
Best regards,
Michael


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695235: mirror submission for debian.pet.ci.ufpb.br

2012-12-05 Thread Simon Paillard 
Hi,

Thanks for mirroring Debian. Just a few questions below.

On Wed, Dec 05, 2012 at 10:23:30PM +, Jose Ivan Bezerra Vilarouca FIlho 
wrote:
> Package: mirrors
> Severity: wishlist
> 
> Submission-Type: new
> Site: debian.pet.ci.ufpb.br
> Type: leaf
> Archive-architecture: amd64 i386 kfreebsd-amd64 kfreebsd-i386 
> CDImage-http: /debian-cd/
> CDImage-rsync: debian-cd/

Could you please add a local trace file like:
rsync all params && LANG=C date -u > 
debian-cd/project/trace/debian.pet.ci.ufpb.br

> IPv6: yes
> CDImage-upstream: debian.c3sl.ufpr.br
> Updates: once
> Maintainer: Jose Ivan Bezerra Vilarouca FIlho

Is there a role email address, so that we can reach someone when you're on
holidays ?

> Country: BR Brazil
> Location: Joao Pessoa, Paraiba

How much bandwidth is available ?

-- 
Simon Paillard


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#693123: [request-tracker-maintainers] Bug#693123: unblock: rt-authen-externalauth/0.10-3

2012-12-05 Thread Dominic Hargreaves 
On Wed, Dec 05, 2012 at 07:10:11PM +, Adam D. Barratt wrote:
> [rt maintainers added to CC]
> 
> On Wed, 2012-12-05 at 07:17 +0100, Tom Jampen wrote:
> > On 20.11.2012 19:56, Tom Jampen wrote:
> > >> On Thu, 2012-11-15 at 10:05 +0100, Tom Jampen wrote:
> > >>> An rt-authen-externalauth maintainer pointed out that apache2 needs to
> > >>> be restarted after clearing the cache. Do you want me to create a
> > >>> debconf question or just indicate this necessity in the README.Debian 
> > >>> for
> > >>> a successful wheezy unblock?
> > >>
> > >> We'd prefer to avoid introducing new potentially translation-requiring 
> > >> debconf material at this stage.
> > > 
> > > OK, I see.
> > > So I propose to add a note to README.Debian or to postinst (similar to 
> > > rt4)
> > > whatever you prefer.
> 
> RT maintainers: is there any form of policy on how extension packages
> should handle restarting web servers after clearing Mason caches? If
> not, do you have any thoughts / preferences?

For now it will need to just replicate the notification RT itself
gives; it can be run in two many different ways for there to be a
reliable automated way (at least not without a lot of work which hasn't
been done yet).

http://anonscm.debian.org/gitweb/?p=pkg-request-tracker/request-tracker4.git;a=blob;f=debian/postinst;h=dd5c4995c90b43684f43bc445872e05a1ca80c7b;hb=HEAD#l11

Sorry I don't have a better answer.

I suppose ideally there'd be a helper script that extension packages
could call.

Technically of course, an extension should only be deleting mason
cache files directly related to its output, but I doubt that is worth
the fuss.

Cheers,
Dominic.

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#669513: gnat-4.4: FTBFS: unsatisfiable build-dependency: gcc-4.4-source

2012-12-05 Thread Tobias Hansen 
reopen 669513
thanks

The bug is in gnat-4.4. You tested the wrong package.

Cheers,
Tobias


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695237: unblock: gimp/2.8.2-2

2012-12-05 Thread Moritz Muehlenhoff 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi,
please unblock gimp 2.8.2-2. It fixes CVE-2012-5576

Cheers,
Moritz

unblock gimp/2.8.2-2

-- System Information:
Debian Release: wheezy/sid
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695236: unblock: axis/1.4-16.1

2012-12-05 Thread Andreas Tille 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package axis

Thanks to Alberto Fernández Martínez 
CVE-2012-5784 (=bug #692650) was fixed and I just sponsered
his NMU.  Debdiff is attached.

unblock axis/1.4-16.1

-- System Information:
Debian Release: 6.0.6
Architecture: i386 (i686)

Kernel: Linux 2.6.36-xenU-4814-i386 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru axis-1.4/debian/changelog axis-1.4/debian/changelog
--- axis-1.4/debian/changelog	2011-11-08 05:58:09.0 +0100
+++ axis-1.4/debian/changelog	2012-12-05 17:51:30.0 +0100
@@ -1,3 +1,10 @@
+axis (1.4-16.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix CVE-2012-5784 (Closes: #692650)
+
+ -- Alberto Fernández Martínez   Wed, 5 Dec 2012 17:28:00 +0100
+
 axis (1.4-16) unstable; urgency=low
 
   * Add missing dependency on libcommons-httpclient-java
diff -Nru axis-1.4/debian/patches/06-fix-CVE-2012-5784.patch axis-1.4/debian/patches/06-fix-CVE-2012-5784.patch
--- axis-1.4/debian/patches/06-fix-CVE-2012-5784.patch	1970-01-01 01:00:00.0 +0100
+++ axis-1.4/debian/patches/06-fix-CVE-2012-5784.patch	2012-11-17 18:54:16.0 +0100
@@ -0,0 +1,304 @@
+Description: Validates the hostname requested is the same in the certificate in ssl-connections
+ Fixes CVE-2012-5784, validates hostname certificate in SSL connections.
+ Backported from http-client 4, and from Apache Synapse (plus some bugfixes).
+
+Author: Alberto Fernandez 
+Bug-Debian: http://bugs.debian.org/692650
+Forwarded: no
+
+
+
+--- axis-1.4.orig/src/org/apache/axis/components/net/JSSESocketFactory.java
 axis-1.4/src/org/apache/axis/components/net/JSSESocketFactory.java
+@@ -19,6 +19,8 @@ import org.apache.axis.utils.Messages;
+ import org.apache.axis.utils.XMLUtils;
+ import org.apache.axis.utils.StringUtils;
+ 
++import javax.net.ssl.SSLException;
++import javax.net.ssl.SSLSession;
+ import javax.net.ssl.SSLSocket;
+ import javax.net.ssl.SSLSocketFactory;
+ import java.io.BufferedWriter;
+@@ -28,7 +30,15 @@ import java.io.OutputStream;
+ import java.io.OutputStreamWriter;
+ import java.io.PrintWriter;
+ import java.net.Socket;
++import java.security.cert.Certificate;
++import java.security.cert.CertificateParsingException;
++import java.security.cert.X509Certificate;
++import java.util.Arrays;
++import java.util.Collection;
+ import java.util.Hashtable;
++import java.util.Iterator;
++import java.util.LinkedList;
++import java.util.List;
+ 
+ 
+ /**
+@@ -41,6 +51,10 @@ import java.util.Hashtable;
+  */
+ public class JSSESocketFactory extends DefaultSocketFactory implements SecureSocketFactory {
+ 
++// This is a a sorted list, if you insert new elements do it orderdered.
++private final static String[] BAD_COUNTRY_2LDS =
++{"ac", "co", "com", "ed", "edu", "go", "gouv", "gov", "info",
++"lg", "ne", "net", "or", "org"};
+ /** Field sslFactory   */
+ protected SSLSocketFactory sslFactory = null;
+ 
+@@ -187,6 +201,255 @@ public class JSSESocketFactory extends D
+ if (log.isDebugEnabled()) {
+ log.debug(Messages.getMessage("createdSSL00"));
+ }
++verifyHostName(host, (SSLSocket) sslSocket);
+ return sslSocket;
+ }
++/**
++ * Verifies that the given hostname in certicifate is the hostname we are trying to connect to
++ * http://www.cvedetails.com/cve/CVE-2012-5783/
++ * @param host
++ * @param ssl
++ * @throws IOException
++ */
++
++	private static void verifyHostName(String host, SSLSocket ssl)
++			throws IOException {
++		if (host == null) {
++			throw new IllegalArgumentException("host to verify was null");
++		}
++
++		SSLSession session = ssl.getSession();
++		if (session == null) {
++// In our experience this only happens under IBM 1.4.x when
++// spurious (unrelated) certificates show up in the server's chain.
++// Hopefully this will unearth the real problem:
++			InputStream in = ssl.getInputStream();
++			in.available();
++/*
++ If you're looking at the 2 lines of code above because you're
++ running into a problem, you probably have two options:
++
++#1.  Clean up the certificate chain that your server
++ is presenting (e.g. edit "/etc/apache2/server.crt" or
++ wherever it is your server's certificate chain is
++ defined).
++
++ OR
++
++#2.   Upgrade to an IBM 1.5.x or greater JVM, or switch to a
++  non-IBM JVM.
++  */
++
++// If ssl.getInputStream().available() didn't cause an exception,
++// maybe at least now the session is available?
++			session = ssl.getSession();
++			if

Bug#695235: mirror submission for debian.pet.ci.ufpb.br

2012-12-05 Thread Jose Ivan Bezerra Vilarouca FIlho 
Package: mirrors
Severity: wishlist

Submission-Type: new
Site: debian.pet.ci.ufpb.br
Type: leaf
Archive-architecture: amd64 i386 kfreebsd-amd64 kfreebsd-i386 
CDImage-http: /debian-cd/
CDImage-rsync: debian-cd/
IPv6: yes
CDImage-upstream: debian.c3sl.ufpr.br
Updates: once
Maintainer: Jose Ivan Bezerra Vilarouca FIlho 
Country: BR Brazil
Location: Joao Pessoa, Paraiba


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695234: unblock: commons-httpclient/3.1-10.1

2012-12-05 Thread Andreas Tille 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package commons-httpclient

Thanks to Alberto Fernández Martínez 
CVE-2012-5783 (= bug #692442) was closed and I just uploaded
his NMU.  Debdiff is attached to the bug report.

unblock commons-httpclient/3.1-10.1

-- System Information:
Debian Release: 6.0.6
Architecture: i386 (i686)

Kernel: Linux 2.6.36-xenU-4814-i386 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru commons-httpclient-3.1/debian/changelog commons-httpclient-3.1/debian/changelog
--- commons-httpclient-3.1/debian/changelog	2011-08-30 19:13:26.0 +0200
+++ commons-httpclient-3.1/debian/changelog	2012-12-05 17:44:48.0 +0100
@@ -1,3 +1,10 @@
+commons-httpclient (3.1-10.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix CVE-2012-5783 (Closes: #692442)
+
+ -- Alberto Fernández Martínez   Wed, 5 Dec 2012 17:28:00 +0100
+
 commons-httpclient (3.1-10) unstable; urgency=low
 
   [ Damien Raude-Morvan ]
diff -Nru commons-httpclient-3.1/debian/patches/06_fix_CVE-2012-5783.patch commons-httpclient-3.1/debian/patches/06_fix_CVE-2012-5783.patch
--- commons-httpclient-3.1/debian/patches/06_fix_CVE-2012-5783.patch	1970-01-01 01:00:00.0 +0100
+++ commons-httpclient-3.1/debian/patches/06_fix_CVE-2012-5783.patch	2012-11-17 18:01:18.0 +0100
@@ -0,0 +1,371 @@
+Description: Validates the hostname requested is the same in the certificate in ssl-connections
+ Fixes CVE-2012-5783, validates hostname certificate in SSL connections.
+ Backported from http-client 4, and from Apache Synapse (plus some bugfixes).
+
+Author: Alberto Fernandez 
+Bug-Debian: http://bugs.debian.org/692442
+Forwarded: no
+
+
+--- commons-httpclient-3.1.orig/src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java
 commons-httpclient-3.1/src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java
+@@ -31,11 +31,23 @@
+ package org.apache.commons.httpclient.protocol;
+ 
+ import java.io.IOException;
++import java.io.InputStream;
+ import java.net.InetAddress;
+ import java.net.Socket;
+ import java.net.UnknownHostException;
+ 
++import javax.net.ssl.SSLException;
++import javax.net.ssl.SSLSession;
++import javax.net.ssl.SSLSocket;
+ import javax.net.ssl.SSLSocketFactory;
++import java.security.cert.Certificate;
++import java.security.cert.CertificateParsingException;
++import java.security.cert.X509Certificate;
++import java.util.Arrays;
++import java.util.Collection;
++import java.util.Iterator;
++import java.util.LinkedList;
++import java.util.List;
+ 
+ import org.apache.commons.httpclient.ConnectTimeoutException;
+ import org.apache.commons.httpclient.params.HttpConnectionParams;
+@@ -55,6 +67,11 @@ public class SSLProtocolSocketFactory im
+  */
+ private static final SSLProtocolSocketFactory factory = new SSLProtocolSocketFactory();
+ 
++// This is a a sorted list, if you insert new elements do it orderdered.
++private final static String[] BAD_COUNTRY_2LDS =
++{"ac", "co", "com", "ed", "edu", "go", "gouv", "gov", "info",
++"lg", "ne", "net", "or", "org"};
++
+ /**
+  * Gets an singleton instance of the SSLProtocolSocketFactory.
+  * @return a SSLProtocolSocketFactory
+@@ -79,12 +96,14 @@ public class SSLProtocolSocketFactory im
+ InetAddress clientHost,
+ int clientPort)
+ throws IOException, UnknownHostException {
+-return SSLSocketFactory.getDefault().createSocket(
++Socket sslSocket =  SSLSocketFactory.getDefault().createSocket(
+ host,
+ port,
+ clientHost,
+ clientPort
+ );
++verifyHostName(host, (SSLSocket) sslSocket);
++return sslSocket;
+ }
+ 
+ /**
+@@ -124,16 +143,19 @@ public class SSLProtocolSocketFactory im
+ }
+ int timeout = params.getConnectionTimeout();
+ if (timeout == 0) {
+-return createSocket(host, port, localAddress, localPort);
++Socket sslSocket =  createSocket(host, port, localAddress, localPort);
++verifyHostName(host, (SSLSocket) sslSocket);
++return sslSocket;
+ } else {
+ // To be eventually deprecated when migrated to Java 1.4 or above
+-Socket socket = ReflectionSocketFactory.createSocket(
++Socket sslSocket = ReflectionSocketFactory.createSocket(
+ "javax.net.ssl.SSLSocketFactory", host, port, localAddress, localPort, timeout);
+-if (socket == null) {
+-socket = ControllerThreadSocketFactory.createSocket(
++if (sslSocket == null) {
++	sslSocket = ControllerThreadSocketFactory.createSocket(
+ this, host, port, localAddress, localPort, timeout);
+ }
+-return socket;
++

Bug#695233: python-sqlobject: SQLObject doesn't escape strings correctly for postgresql 9.1

2012-12-05 Thread Neil Muller 
Package: python-sqlobject
Version: 0.12.4-2.1
Severity: important
Tags: patch

Dear Maintainer,

Postgresql 9.1 changed the default value of standard_conforming_strings
to on. This disables treating \ as escape characters by default and 
control characters now need to be explicitly escaping using postgresql's
E'' syntax. SQLObject only added support for E'' escapes in version
1.2.0, so older versions (such as Debian's 0.12.4) do the wrong thing
when used against wheezy's postgresql server. This results in rather
unexpected behaviour when using sqlobject and postgres.

The attached patch backports the relevant changes from SQLObject 1.2.0
to 0.12.4. I've tested this with my application against both postgres
8.4 and 9.1, and, with the patch, it works correctly against both
versions while it fails against 9.1 without the patch.

The postgresql 9.1 release notes
(http://www.postgresql.org/docs/9.1/static/release-9-1.html) do mention
that escaping strings incorectly could lead to security issues, altough
I'm not certain if this will apply to any software in Debian.

"This change can break applications that are not expecting it and do
their own string escaping according to the old rules. The consequences
could be as severe as introducing SQL-injection security holes. Be sure
to test applications that are exposed to untrusted input, to ensure that
they correctly handle single quotes and backslashes in text strings."

The patch probably breaks support for sqlobject and postgresql 7 - I
haven't tested that and I don't think that is a significant concern.


-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_ZA.UTF-8, LC_CTYPE=en_ZA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages python-sqlobject depends on:
ii  python2.7.3~rc2-1
ii  python-formencode 1.2.4-2
ii  python-pkg-resources  0.6.24-1
ii  python-support1.0.15

python-sqlobject recommends no packages.

Versions of packages python-sqlobject suggests:
pn  python-kinterbasdb  
pn  python-maxdb
ii  python-mysqldb  1.2.3-1+b1
ii  python-psycopg2 2.4.5-1
pn  python-sqlite   

-- no debconf information
Index: sqlobject/converters.py
===
--- sqlobject/converters.py	(revision 4567)
+++ sqlobject/converters.py	(working copy)
@@ -1,6 +1,11 @@
+from array import array
+import datetime
+from decimal import Decimal
 import sys
-from array import array
+import time
+from types import ClassType, InstanceType, NoneType
 
+
 try:
 import mx.DateTime.ISO
 origISOStr = mx.DateTime.ISO.strGMT
@@ -15,17 +20,12 @@
 DateTimeType = None
 DateTimeDeltaType = None
 
-import time
-import datetime
-
 try:
 import Sybase
 NumericType=Sybase.NumericType
 except ImportError:
 NumericType = None
 
-from decimal import Decimal
-from types import ClassType, InstanceType, NoneType
 
 
 ## Quoting
@@ -90,6 +90,8 @@
 value = value.replace("'", "''")
 else:
 assert 0, "Database %s unknown" % db
+if db in ('postgres', 'rdbhost') and ('\\' in value):
+return "E'%s'" % value
 return "'%s'" % value
 
 registerConverter(str, StringLikeConverter)
@@ -198,3 +200,17 @@
 return converter(obj, db)
 else:
 return reprFunc(db)
+
+
+def quote_str(s, db):
+if db in ('postgres', 'rdbhost') and ('\\' in s):
+return "E'%s'" % s
+return "'%s'" % s
+
+def unquote_str(s):
+if s.upper().startswith("E'") and s.endswith("'"):
+return s[2:-1]
+elif s.startswith("'") and s.endswith("'"):
+return s[1:-1]
+else:
+return s
Index: sqlobject/sqlbuilder.py
===
--- sqlobject/sqlbuilder.py	(revision 4567)
+++ sqlobject/sqlbuilder.py	(working copy)
@@ -70,7 +70,7 @@
 import weakref
 
 import classregistry
-from converters import sqlrepr, registerConverter
+from converters import registerConverter, sqlrepr, quote_str, unquote_str
 
 
 class VersionError(Exception):
@@ -896,18 +896,18 @@
 if isinstance(s, SQLExpression):
 values = []
 if self.prefix:
-values.append("'%s'" % self.prefix)
+values.append(quote_str(self.prefix, db))
 s = _quote_like_special(sqlrepr(s, db), db)
 values.append(s)
 if self.postfix:
-values.append("'%s'" % self.postfix)
+values.append(quote_str(self.postfix, db))
 if db == "mysql":
 return "CONCAT(%s)" % ", ".join(values)
 else:
 return " || ".join(values)
 elif isinstance(s, basestring):
-s = _quote_like_special(sqlrepr(s, db)[1:-1], db)
-

Bug#695226: [Pkg-nagios-devel] Bug#695226: pnp4nagios: Upgrade fails due to changed ownership

2012-12-05 Thread Alexander Wirt 
On Wed, 05 Dec 2012, Alma Mahler wrote:

> Package: pnp4nagios
> Version: 0.6.16-2
> Severity: normal
> Tags: d-i
> 
> Dear Maintainer,
> 
> after apt-get upgrade npcd refused to start.
> 
> We use icinga and pnp4nagios:
> 
> ii icinga 1.7.1-4 amd64 host and network monitoring system - metapackage
> ii icinga-cgi 1.7.1-4 amd64 host and network monitoring system - CGI scripts
> ii icinga-common 1.7.1-4 all host and network monitoring system - support 
> files
> ii icinga-core 1.7.1-4 amd64 host and network monitoring system - core files
> 
> pnp4nagios packages see below; npcdmod.
> 
> User/Group: icinga:icinga
such a group doesn't exist in the icinga packages. If you changed anything to
have and use this group you are on your own, such a combination is not
supported and will probably never.

Alex


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#692442: Patches for CVE-2012-5783 and CVE-2012-5784

2012-12-05 Thread Alberto Fernández 
Hi Andreas

I've uploaded both packages to mentors.

commons-httpclient -> bug #692442 CVE-2012-5783
axis -> bug #692650 CVE-2012-5784

Since axis uses commons-httpclient, we need fix and upload both
packages. 

Upstream has ignored axis patch, and rejected commons-httpclient patch.
Basically, they say commons-httpclient is EOL and they don't want to
spend time on it. They maybe would apply the patch to the SVN, but
without revision and without releasing.

I've tested the patches and they work ok. So I think it's fine to
upload.

Kind regards

Alberto

El mié, 05-12-2012 a las 21:51 +0100, Andreas Tille escribió:
> Hi Alberto,
> 
> On Wed, Dec 05, 2012 at 06:01:51PM +0100, Alberto Fernández wrote:
> > I've uploaded the two packages to mentors.debian.net.
> > 
> > We must solve the two bugs at the same time because axis uses
> > commons-httpclient.
> 
> I guess you mean bug #692442, right?
>  
> > Upstream seems End-of-life and rejected the patches.
> 
> Did upstream actively *rejected* the patch because of technical flaws or
> did they just ignored it because of the end-of-life status.  There is no
> real need to have a patch accepted upstream if we as Debian maintainers
> agree that the patch is technically solving the reported problem.  We
> actually do *not* want new upstream versions.
> 
> So as far as I see we currently have the following situation:  A package
> for axis that solves #692650 is waiting on mentors for sponsering.  I'd
> volunteer to do this.  Did you uploaded commons-httpclient fixing
> #692442 to mentors as well?  If not I could also apply the patch in BTS
> and upload both to unstable.
> 
> Just tell me if there is any reason to not upload these both packages?
> 
> Kind regards and thanks for providing the patches
> 
> Andreas.
> 


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695232: colord: Please do not install daemon in multiarch path

2012-12-05 Thread Laurent Bigonville 
Package: colord
Version: 0.1.21-4
Severity: wishlist

Hi,

Could you please not install colord and colord-sane in the multiarch
path?

This is useless and make it difficult to for tools like apparmor or
selinux to properly label the files.

Changing the configure flag from:

--libexecdir=/usr/lib/$(DEB_HOST_MULTIARCH)/colord

to

--libexecdir=/usr/lib/colord

Should be enough

Cheers

Laurent Bigonville

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.6-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_BE.utf8, LC_CTYPE=fr_BE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages colord depends on:
ii  acl2.2.51-8
ii  adduser3.113+nmu3
ii  libc6  2.13-37
ii  libcolord1 0.1.21-4
ii  libdbus-1-31.6.8-1
ii  libglib2.0-0   2.33.12+really2.32.4-3
ii  libgudev-1.0-0 175-7.1
ii  libgusb2   0.1.3-5
ii  liblcms2-2 2.2+git20110628-2.2
ii  libpolkit-gobject-1-0  0.105-1
ii  libsane1.0.22-7.4
ii  libsqlite3-0   3.7.14.1-1
ii  libusb-1.0-0   2:1.0.12-2
ii  multiarch-support  2.13-37
ii  policykit-10.105-1

colord recommends no packages.

colord suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695174: t-p-u pre-approval owncloud/4.0.4debian2-3.1

2012-12-05 Thread Michael Banck 
Hi,

On Wed, Dec 05, 2012 at 10:55:56AM +0100, Julien Cristau wrote:
> As far as I can tell this escapeHTML function is not defined in the
> current version?  Upstream git has it in core/js/js.js.

Attached is a new candidate debdiff.


Cheers,

Michael
diff -Nru owncloud-4.0.4debian2/debian/changelog 
owncloud-4.0.4debian2/debian/changelog
--- owncloud-4.0.4debian2/debian/changelog  2012-09-22 18:36:17.0 
+0200
+++ owncloud-4.0.4debian2/debian/changelog  2012-12-05 22:12:11.0 
+0100
@@ -1,3 +1,17 @@
+owncloud (4.0.4debian2-3.1) testing-proposed-updates; urgency=high
+
+  * Non-maintainer upload, fixes several security issues (Closes: #693990).
+  * debian/patches/06_oc-sa-2012-001.patch: Fix multiple XSS vulnerabilities.
+  * debian/patches/07_oc-sa-2012-002.patch: Fix timing attack.
+  * debian/patches/08_oc-sa-2012-004.patch: Fix code execution in migrate.php.
+  * debian/patches/09_oc-sa-2012-005.patch: Fix code execution in
+filesystem.php.
+  * debian/patches/07_oc-sa-2012-002.patch: Backport generate_random_bytes()
+function from 4.0.8 release.
+  * debian/patches/06_oc-sa-2012-001.patch: Include escapeHTML() function. 
+
+ -- Michael Banck   Wed, 05 Dec 2012 21:25:00 +0100
+
 owncloud (4.0.4debian2-3) testing-proposed-updates; urgency=high
 
   * debian/patches:
diff -Nru owncloud-4.0.4debian2/debian/patches/06_oc-sa-2012-001.patch 
owncloud-4.0.4debian2/debian/patches/06_oc-sa-2012-001.patch
--- owncloud-4.0.4debian2/debian/patches/06_oc-sa-2012-001.patch
1970-01-01 01:00:00.0 +0100
+++ owncloud-4.0.4debian2/debian/patches/06_oc-sa-2012-001.patch
2012-12-05 21:24:39.0 +0100
@@ -0,0 +1,69 @@
+Index: owncloud-4.0.4debian2/core/js/js.js
+===
+--- owncloud-4.0.4debian2.orig/core/js/js.js   2012-06-26 21:54:07.0 
+0200
 owncloud-4.0.4debian2/core/js/js.js2012-12-05 21:24:29.624785142 
+0100
+@@ -29,6 +29,15 @@
+ }
+ t.cache={};
+ 
++/*
++* Sanitizes a HTML string
++* @param string
++* @return Sanitized string
++*/
++function escapeHTML(s) {
++  return 
s.toString().split('&').join('&').split('<').join('<').split('"').join('"');
++}
++
+ OC={
+   webroot:oc_webroot,
+   appswebroot:oc_appswebroot,
+Index: owncloud-4.0.4debian2/3rdparty/fullcalendar/js/fullcalendar.js
+===
+--- owncloud-4.0.4debian2.orig/3rdparty/fullcalendar/js/fullcalendar.js
2012-12-04 22:43:43.296931413 +0100
 owncloud-4.0.4debian2/3rdparty/fullcalendar/js/fullcalendar.js 
2012-12-05 21:24:29.624785142 +0100
+@@ -4662,7 +4662,7 @@
+   "";
+   }
+   html +=
+-  "" + event.title + 
"" +
++  "" + 
htmlEscape(event.title) + "" +
+   "";
+   if (seg.isEnd && isEventResizable(event)) {
+   html +=
+@@ -5220,5 +5220,5 @@
+   };
+   
+ }
+-
++
+ })(jQuery);
+Index: owncloud-4.0.4debian2/apps/files/js/filelist.js
+===
+--- owncloud-4.0.4debian2.orig/apps/files/js/filelist.js   2012-12-05 
21:24:29.348783708 +0100
 owncloud-4.0.4debian2/apps/files/js/filelist.js2012-12-05 
21:24:29.628785159 +0100
+@@ -14,9 +14,9 @@
+   var extension=false;
+   }
+   html+='';
+-  html+=''+basename
++  html+=''+escapeHTML(basename);
+   if(extension){
+-  html+=''+extension+'';
++  html+=''+escapeHTML(extension)+'';
+   }
+   html+='';
+   if(size!='Pending'){
+Index: owncloud-4.0.4debian2/apps/files_versions/js/versions.js
+===
+--- owncloud-4.0.4debian2.orig/apps/files_versions/js/versions.js  
2012-12-04 22:43:43.296931413 +0100
 owncloud-4.0.4debian2/apps/files_versions/js/versions.js   2012-12-05 
21:24:29.628785159 +0100
+@@ -36,7 +36,7 @@
+   
+   var historyUrl = OC.linkTo('files_versions', 'history.php') + 
'?path='+encodeURIComponent( $( '#dir' ).val() ).replace( /%2F/g, '/' 
)+'/'+encodeURIComponent( filename );
+   
+-  var html = '';
++  var html = '';
+   html += '';
+   html += '';
+   html += '';
diff -Nru owncloud-4.0.4debian2/debian/patches/07_oc-sa-2012-002.patch 
owncloud-4.0.4debian2/debian/patches/07_oc-sa-2012-002.patch
--- owncloud-4.0.4debian2/debian/patches/07_oc-sa-2012-002.patch
1970-01-01 01:00:00.0 +0100
+++ owncloud-4.0.4debian2/debian/patches/07_oc-sa-2012-002.patch
2012-12-04 22:47:37.0 +0100
@@ -0,0 +1,65 @@
+Index: owncloud-4.0.4debian2/core/lostpassword/resetpassword.php
+=

Bug#559916: ITP: numpydoc -- numpy sphinx extension

2012-12-05 Thread Denis Laxalde 

Hi,

Bart Martens wrote:

But that package is no longer at mentors.  Denis, do you still intend to
package this software ?


The package is still in the SVN repo of python-modules [1]. I did the 
packaging as a training and as it seems a useful addition to Debian 
(initially RFS). So yes, I still intend to maintain the package but 
haven't found a sponsor yet (asked on debian-python). Perhaps, Yaroslav 
or Michael would be interested in sponsoring the package?


Regards,
Denis

[1]: 
http://anonscm.debian.org/viewvc/python-modules/packages/numpydoc/trunk/



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695231: RFA: libcgroup -- Library to control and monitor control groups

2012-12-05 Thread Jon Bernard 
Package: wnpp
Severity: normal

I would really like to have the necessary time to work on this package, but
unfortunately I can't do everything.

If you're interested in adopting this package, please do so.  I'm also happy to
co-work on the package or accept contributions in any form.  Mostly, I don't
want to stand in the way of someone that has the time that this package
requires.

The package description is:

Control Groups provide a mechanism for aggregating/partitioning sets of 
tasks,
and all their future children, into hierarchical groups with specialized
behaviour.

This library allows applications to manipulate, control, administrate and
monitor control groups and the associated controllers.

-- 
Jon


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#528832: totem-gstreamer does not support surround sound

2012-12-05 Thread Andreas Henriksson 
Hello!

Looking at a couple of random ancient debian bug reports for totem I stumbled
across the bug you reported about surround sound and missing channels
in a 2 speaker setup.

I've tested this on totem 3.6 on top of pulseaudio and I can hear
all the channels.

Joss told me on irc that there might still be some issue with surround
sound over SPDIF though maybe that deserves a separate bug report
and we can consider this one to be closed?

-- 
Andreas Henriksson


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#631271: texlive-binaries: xdvi no longer uncompresses .gz and .bz2 files

2012-12-05 Thread Frank Kuester 
Samuel Bronson  writes:

> Control: severity -1 important
> Control: block -1 by 583188
> Control: tag -1 + confirmed
> Control: found -1 texlive-binaries/2012.20120628-4
>
> Vincent Lefevre  writes:
>
>> Package: texlive-binaries
>> Version: 2009-8
>> Severity: normal
>>
>> xdvi no longer uncompresses .gz and .bz2 files. For instance:
>>
>> $ xdvi /usr/share/doc/texmf/latex/styles/preview.dvi.gz
>> xdvi.bin: Fatal error: /usr/share/doc/texmf/latex/styles/preview.dvi.gz: Not 
>> a DVI file.
>
> Considering the number of .dvi.gz files shipped in Debian, I think this
> is actually fairly important.

I don't think it is important, because it doesn't make much sense to
type a commandline as the one above, when it is much easier to just type

texdoc preview

However, there _are_ issues with that:  When "see" is used as the
command for viewing in texdoc, which is the sensible default, this does
not work because of a known bug.  I'm not sure where, maybe it's only on
a gnome desktop because I get

View comand: (gnome-open "/tmp/texdoc.qrsrFG/preview.dvi"; rm -f 
"/tmp/texdoc.qrsrFG/preview.dvi"; rmdir /tmp/texdoc.qrsrFG) &
** (evince:8177): WARNING **: Error stating file 
'/tmp/texdoc.qrsrFG/preview.dvi': No such file or directory

IIRC gnome-open returns before the viewer has opened the file.

The other problem is that (at least on stable), no system-wide
texdoc.cnf is installed, and if you create one at the place you'd
expect, /etc/texmf/texdoc/texdoc.cnf, it is simply ignored.


Anyway, I'd much rather have these issues fixed than patch xdvi's code.
However, patches are of course welcome.

Regards, Frank


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#645133: simile-timeline: source package should use proper source

2012-12-05 Thread Michael Stapelberg 
tags -1 + pending
thanks

On Wed, 12 Oct 2011 23:52:22 +0200
Jonas Smedegaard  wrote:
> The source package contains only compressed Javascript code which is
> then copied as-is to the binary package.
> 
> Instead, the source package should be the proper upstream source and
> use a tool like yui-compressor or uglifyjs (the latter recommended as
> it is believed to do the best and most reliable compression job).
I prepared an NMU of the package which uses the source zip
(non-minified) without the bundled jsmin. Instead, it calls
yui-compressor.

Unfortunately, the upload is broken currently due to me canceling it
and dcut being stalled for some reason. Anyway, I will upload this
package ASAP (hopefully within the next few days).

Until then, you can have a look at
http://people.debian.org/~stapelberg/simile-timeline/simile-timeline_2.3.0+dfsg-0.1.dsc
and tell me if anything is wrong with it :-).


-- 
Best regards,
Michael


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695220: reportbug stores empty bug reports in the ~/.reportbug directory

2012-12-05 Thread Sandro Tosi 
Hello Vincent,

On Wed, Dec 5, 2012 at 4:36 PM, Vincent Lefevre  wrote:
> reportbug stores empty bug reports in the ~/.reportbug directory.
> I don't think this is useful. At least the behavior should be
> documented in the reportbug(1) man page (there's nothing about
> this directory).

How old are those empty reports? from a quick grep, I can't find any
code writing to ~/.reportbug , so they were likely generated by some
old version of reportbug.

Regards,
--
Sandro Tosi (aka morph, morpheus, matrixhasu)
My website: http://matrixhasu.altervista.org/
Me at Debian: http://wiki.debian.org/SandroTosi


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#692442: Patches for CVE-2012-5783 and CVE-2012-5784

2012-12-05 Thread Andreas Tille 
Hi Alberto,

On Wed, Dec 05, 2012 at 06:01:51PM +0100, Alberto Fernández wrote:
> I've uploaded the two packages to mentors.debian.net.
> 
> We must solve the two bugs at the same time because axis uses
> commons-httpclient.

I guess you mean bug #692442, right?
 
> Upstream seems End-of-life and rejected the patches.

Did upstream actively *rejected* the patch because of technical flaws or
did they just ignored it because of the end-of-life status.  There is no
real need to have a patch accepted upstream if we as Debian maintainers
agree that the patch is technically solving the reported problem.  We
actually do *not* want new upstream versions.

So as far as I see we currently have the following situation:  A package
for axis that solves #692650 is waiting on mentors for sponsering.  I'd
volunteer to do this.  Did you uploaded commons-httpclient fixing
#692442 to mentors as well?  If not I could also apply the patch in BTS
and upload both to unstable.

Just tell me if there is any reason to not upload these both packages?

Kind regards and thanks for providing the patches

Andreas.

-- 
http://fam-tille.de


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#691153: squid3-dbg binary does not contain symbols

2012-12-05 Thread Luigi Gangitano 
Hi Amos,

I'm sorry but I cannot confirm this bug. On my system and checking the uploaded 
packages I clearly see that binaries in squid3-dbg are not stripped and contain 
debug symbols. Build options are automatically handled by cdbs at build-time.

Can you please point me to the evidence you have?

Regards,

L

--
Luigi Gangitano --  -- 
GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972  C24A F19B A618 924C 0C26
GPG: 4096R/2BA97CED: 8D48 5A35 FF1E 6EB7 90E5  0F6D 0284 F20C 2BA9 7CED


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695196: [Pkg-samba-maint] Bug#695196: smbclient doesn't authenticate

2012-12-05 Thread Johannes Black 
> Hello, thanks for your report.
>
> Well, without logs or failure messages from either the client or the
> server, or both, I doubt we can do anything as I'm afraid that no
> maintainer of the samba package has access to such an old server.

Hi,

the (error) log (with -d10) is included in the report). If that's not
enough, what additional (client) logs do you need?


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#310828: afio: pipes should be like real devices

2012-12-05 Thread Koen Holtman 


Taking stock as the upstream maintainer:

- This wishlist item has been open for 5+ years, nobody submitted a 
patch yet.


- I have no plans to implement myself.

Recommendation to Debian maintainer is to close this item as 'will not 
fix' or a code like that.


Cheers,

Koen.


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695230: Unable to close gdebi gtk window by clicking window close [X] button

2012-12-05 Thread ycoleu 
Package: gdebi
Version: 0.6.4+squeeze1
Severity: normal

When clicking on the [X] button, nothing happen

1) I installed Oracle web browser
2) The installation was successful and the gdebi window gets gray meaning no
more interaction with user
3) Clicking on window close button



-- System Information:
Debian Release: 6.0.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-0.bpo.4-686-pae (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages gdebi depends on:
ii  gdebi-core  0.6.4+squeeze1   Simple tool to install deb files
ii  gksu2.0.2-5  graphical frontend to su
ii  gnome-icon-theme2.30.3-2 GNOME Desktop icon theme
ii  python  2.6.6-3+squeeze7 interactive high-level object-orie
ii  python-central  0.6.16+nmu1  register and build utility for Pyt
ii  python-gtk2 2.17.0-4 Python bindings for the GTK+ widge
ii  python-vte  1:0.24.3-4   Python bindings for the VTE widget

Versions of packages gdebi recommends:
ii  libgnome2-perl1.042-2Perl interface to the GNOME librar

gdebi suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695229: should be 'Multi-Arch: foreign' so that chromium:{arch} is installable

2012-12-05 Thread Peter Samuelson 
Package: chromium-inspector
Severity: minor

In order to install chromium:i386 on my amd64 system, its dependency,
chromium-inspector, would need to be "Multi-Arch: foreign".  This is
because it is "Architecture: all", which in a multi-arch context is
calculated as "Architecture: {primary installed arch}".

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#642136: network-manager: Connecting to a wifi network requires system privileges

2012-12-05 Thread Florian Schlichting 
tags 642136 + patch
thanks

I agree with Joey Hess: "Available to alle users" should not be the
default for new wifi connections, so that unprivileged users can
connect to new networks without needing a sudo or root password, or
additional policykit privileges.

The attached patch to the network-manager-applet (!) source modifies
nm-applet such that a new wifi connection created through the applet
belongs to the user, and not the system. If a wifi connection is to be
made available to all users, this has to be done in a separate step,
e.g. using nm-connection-editor.

I've tested this successfully with an open and a WPA2 secured network,
but I haven't had a chance to check if 802.1x networks have additional
settings that need to be set to "agent owned".

Florian
--- a/src/applet-device-wifi.c
+++ b/src/applet-device-wifi.c
@@ -393,6 +393,23 @@
 }
 
 static void
+mark_secret_agent_owned (NMSetting *setting,
+  const char *key,
+  const GValue *value,
+  GParamFlags flags,
+  gpointer user_data)
+{
+	NMSettingSecretFlags secret_flags = NM_SETTING_SECRET_FLAG_NONE;
+
+	if (!(flags & NM_SETTING_PARAM_SECRET))
+		return;
+
+	nm_setting_get_secret_flags (setting, key, &secret_flags, NULL);
+	secret_flags |= NM_SETTING_SECRET_FLAG_AGENT_OWNED;
+	nm_setting_set_secret_flags (setting, key, secret_flags, NULL);
+}
+
+static void
 _do_new_auto_connection (NMApplet *applet,
  NMDevice *device,
  NMAccessPoint *ap,
@@ -462,6 +479,21 @@
 		nm_connection_add_setting (connection, NM_SETTING (s_8021x));
 	}
 
+	/* Add user to the connection's permission list and mark all secrets as
+	 * owned by a user secret agent (as opposed to the system).
+	 * This enables unprivileged users to add and connect to new wifi networks (#642136).
+	 * As a consequence, new wifi connections created through nm-applet are no longer
+	 * system-wide by default. They are owned by the individual user, and have to be
+	 * expicitly made "available to all users", e.g. by using nm-connection-editor.
+	 */
+	if (!s_con) {
+		s_con = (NMSettingConnection *) nm_setting_connection_new ();
+		nm_connection_add_setting (connection, NM_SETTING (s_con));
+	}
+	g_object_set (G_OBJECT (s_con), NM_SETTING_CONNECTION_PERMISSIONS, NULL, NULL);
+	nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL);
+	nm_connection_for_each_setting_value (connection, mark_secret_agent_owned, NULL);
+
 	/* If it's an 802.1x connection, we need more information, so pop up the
 	 * Dialog Of Doom.
 	 */

Bug#695196: [Pkg-samba-maint] Bug#695196: smbclient doesn't authenticate

2012-12-05 Thread Christian PERRIER 
Quoting Jo Black (johannes.bl...@gmail.com):
> Package: smbclient
> Version: 2:3.6.6-3
> Severity: normal
> 
> Dear Maintainer,
> 
> I did find a possible bug in the smbclient. I cannot connect with the actual 
> smbclient to a Terastation (Samba Version: Samba 2.2.8a-ja-1.1).
> 
> It works with an older smbclient (3.0.33-3.29.el5_5.1). The actual client 
> doesn't (Version 3.6.6). I did rotate almost all smb.conf option of the new 
> one. 

Hello, thanks for your report.

Well, without logs or failure messages from either the client or the
server, or both, I doubt we can do anything as I'm afraid that no
maintainer of the samba package has access to such an old server.







signature.asc
Description: Digital signature

Bug#694846: dicomscope: Exception in thread "main" java.lang.UnsatisfiedLinkError

2012-12-05 Thread Yaroslav Halchenko 
Package: dicomscope
Version: 3.6.0-9
Followup-For: Bug #694846

Priority -1 severe
thanks

dicomscope is unusable ATM.  Although probably nothing to be done on dicomscope
side and actual resolution would  be in addressing #677721 in dcmtk.
Related bug in Ubuntu
https://bugs.launchpad.net/ubuntu/+source/dicomscope/+bug/960022

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (900, 'testing'), (600, 'unstable'), (300, 'experimental'), (100, 
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages dicomscope depends on:
ii  default-jre   1:1.6-47
ii  jarwrapper0.43
ii  libc6 2.13-33
ii  libdcmtk2 3.6.0-11
ii  libgcc1   1:4.7.2-4
ii  libssl1.0.0   1.0.1c-3
ii  libstdc++64.7.2-4
ii  libxml2   2.8.0+dfsg1-4
ii  tk8.4 [wish]  8.4.19-5
ii  tk8.5 [wish]  8.5.11-2

dicomscope recommends no packages.

dicomscope suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#606821: mksh: bash-style process substitution

2012-12-05 Thread Thorsten Glaser 
Hi,

do these have to be pipes? That got me wondering.

Otherwise, I could do a tree-level transform (except the IOREDIR
cases are again slightly more complex). Something like this:

• if <(command2) is contained in command1:
  ‣ allocate a tempfile
⇒ attach the tempfile to the list of cleanups of command1
  ‣ run the command2
⇒ redirect its stdout to the tempfile
⇒ keep stderr and (?) stdin
⇒ throw away $? (?)
  ‣ replace <(command2) with the name of the tempfile
  ‣ repeat for any further occurrences
• if >(command3) is contained in command1:
  ‣ allocate a tempfile
⇒ attach the tempfile to the list of cleanups of command3
  ‣ replace >(command3) with the name of the tempfile on command1
  ‣ change the TCOM tree command1 to a sequence
{ command1 ; tmpvar=$? ; command3 ; return $tmpvar ; }
  ‣ for any further occurrences command4, … append to the new
command sequence before the return

Of course, this needs much more careful checking. What does
GNU bash do to stdin, stderr, and the exit codes of the
substituted processes? (Though, strictly spoken, we could
do the above and test it quickly, then change the tempfile
mechanism to spit out FIFOs instead; I’ve done the last step
in an experimental branch already somewhere, so it’s easy.)

bye,
//mirabilos
-- 
I want one of these. They cost 720 € though… good they don’t have the HD hole,
which indicates 3½″ floppies with double capacity… still. A tad too much, atm.
‣ http://www.floppytable.com/floppytable-images-1.html


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695174: t-p-u pre-approval owncloud/4.0.4debian2-3.1

2012-12-05 Thread Michael Banck 
Hi,

On Wed, Dec 05, 2012 at 10:55:56AM +0100, Julien Cristau wrote:
> On Tue, Dec  4, 2012 at 23:45:19 +0100, Michael Banck wrote:
> 
> > +Index: owncloud-4.0.4debian2/apps/files/js/filelist.js
> > +===
> > +--- owncloud-4.0.4debian2.orig/apps/files/js/filelist.js   2012-12-04 
> > 22:47:26.810080751 +0100
> >  owncloud-4.0.4debian2/apps/files/js/filelist.js2012-12-04 
> > 22:47:26.874081078 +0100
> > +@@ -14,9 +14,9 @@
> > +   var extension=false;
> > +   }
> > +   html+=' > style="background-image:url('+img+')">';
> > +-  html+=' > href="download.php?file='+$('#dir').val().replace(//, 
> > '>')+'/'+name+'">'+basename
> > ++  html+=' > href="download.php?file='+$('#dir').val().replace(//, 
> > '>')+'/'+escapeHTML(name)+'"> > class="nametext">'+escapeHTML(basename);
> > +   if(extension){
> > +-  html+=''+extension+'';
> > ++  html+=' > class="extension">'+escapeHTML(extension)+'';
> > +   }
> > +   html+='';
> > +   if(size!='Pending'){
> 
> As far as I can tell this escapeHTML function is not defined in the
> current version?  Upstream git has it in core/js/js.js.

Good catch, this was added in 4.0.9, but not mentioned in the security
advisories AFAICT - so I have to fixup unstable as well :-/


Michael


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#694055: fixed in svn

2012-12-05 Thread Andreas Henriksson 
tag 694055 pending
thanks

Hello!

Just a short note that this is fixed in svn and looks like it will
be part of the upcoming package version 3.6.2-1 ... see:
http://anonscm.debian.org/viewvc/pkg-gnome/desktop/experimental/gnome-themes-standard/debian/changelog?revision=36326&view=markup

A workaround for now is to rerun apt and let it remove
gnome-themes-standard-data 

-- 
Andreas Henriksson


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#695109: unblock: xarchiver/1:0.5.2+20090319+dfsg-4.1 (pre-approval)

2012-12-05 Thread Adam D. Barratt 
Control: tags -1 -moreinfo +confirmed

On Tue, 2012-12-04 at 17:11 +0100, Markus Koschany wrote:
> On Tue, 04. Dec 14:25 "Adam D. Barratt"  wrote:
> > On Tue, 2012-12-04 at 11:34 +0100, Markus Koschany wrote:
> > > Optional: I could also fix two minor/documentation bugs, #656301 and
> > > #692261.
> > 
> > What's the proposed replacement media type for #656301? Has the
> > resulting .desktop file been tested?
>  
> The proposed replacement for multipart/x-zip is 
> 
> application/x-zip, application/x-zip-compressed and application/zip. 
> 
> These MIME-types are already present in xarchiver's desktop file.
> File-roller uses the same ones. I've tested the new package with thunar
> and nautilus and both applications automatically assign zip files to
> xarchiver. I don't see any loss of functionality by removing
> "multipart/x-zip". 

Okay, thanks; please go ahead.

Regards,

Adam


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#693123: unblock: rt-authen-externalauth/0.10-3

2012-12-05 Thread Adam D. Barratt 
[rt maintainers added to CC]

On Wed, 2012-12-05 at 07:17 +0100, Tom Jampen wrote:
> On 20.11.2012 19:56, Tom Jampen wrote:
> >> On Thu, 2012-11-15 at 10:05 +0100, Tom Jampen wrote:
> >>> An rt-authen-externalauth maintainer pointed out that apache2 needs to
> >>> be restarted after clearing the cache. Do you want me to create a
> >>> debconf question or just indicate this necessity in the README.Debian for
> >>> a successful wheezy unblock?
> >>
> >> We'd prefer to avoid introducing new potentially translation-requiring 
> >> debconf material at this stage.
> > 
> > OK, I see.
> > So I propose to add a note to README.Debian or to postinst (similar to rt4)
> > whatever you prefer.

RT maintainers: is there any form of policy on how extension packages
should handle restarting web servers after clearing Mason caches? If
not, do you have any thoughts / preferences?

Regards,

Adam


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#679531: gstreamer0.10-plugins-good: mp4 files produced with ffmpeg no longer supported in wheezy

2012-12-05 Thread Al Grimstad 
On Wed, 2012-12-05 at 19:41 +0100, intrigeri wrote:
...
> > It seems that removing this particular plugin isn't too good
> > an idea.
> 
> Indeed, there are reverse dependencies.
> 
> Anyhow, can you please try to temporarily forcibly remove it for
> testing purposes, to help fix this bug in Debian:
> 
>   # dpkg --force-all --purge gstreamer0.10-plugins-bad
> 
> ?
> 
> (That's what I did to confirm #681652 -- I reinstalled immediately
> after testing, no problem. Sorry, I should have made it clear right
> from the beginning what exact steps were needed to test this.)

OK. Before purging gstreamer0.10-plugins-bad, audio but no video in
totem. After purging (and restarting totem), video as well as audio.
After reinstalling gstreamer0.10-plugins-bad audio but no video, as
before. This does rather seem to isolate the problem. -- al


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#674116: dirmngr: init script does not write pid into the pid file

2012-12-05 Thread John Paul Adrian Glaubitz 
Hi,

the issue only occurs if the local bash profile contains any echo
statements:

root@unstable:~# /etc/init.d/dirmngr restart
[ ok ] Stopping DirMngr: dirmngr.
[ ok ] Starting DirMngr: dirmngr.
root@unstable:~# echo "echo \"This is a test\!\"" >
/etc/profile.d/bla.sh
root@unstable:~# /etc/init.d/dirmngr restart
[ ok ] Stopping DirMngr: dirmngr.
[] Starting DirMngr: dirmngr/etc/init.d/dirmngr: 1: eval: This:
not found
. ok 
root@unstable:~#

I'm attaching a proposed patch to fix the issue and I could also do an
NMU to fix the package.

With the patch:

root@unstable:~# ps aux |grep dir
root  4277  0.0  0.0  18576   788 ?Ss   19:57   0:00
/usr/bin/dirmngr --daemon --sh
root  4301  0.0  0.0   9232   848 pts/1S+   19:57   0:00 grep
dir
root@unstable:~# /etc/init.d/dirmngr restart
[ ok ] Stopping DirMngr: dirmngr.
[ ok ] Starting DirMngr: dirmngr.
root@unstable:~# ps aux |grep dir
root  4347  0.0  0.0  18576   784 ?Ss   19:57   0:00
/usr/bin/dirmngr --daemon --sh
root  4370  0.0  0.0   9232   848 pts/1S+   19:57   0:00 grep
dir
root@unstable:~#

Cheers,

Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaub...@debian.org
`. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913
--- debian/init.d	2012-03-29 07:40:19.0 +0200
+++ debian/init.d.new	2012-12-05 19:56:08.062475662 +0100
@@ -32,7 +32,7 @@
 		mkdir -p /var/run/dirmngr || return 1
 		chown dirmngr:dirmngr /var/run/dirmngr || return 1
 
-		output=$(su -c ". /lib/lsb/init-functions && umask 027 && start_daemon -p $PIDFILE $DAEMON --daemon --sh" - dirmngr) || return 1
+		output=$(umask 027 && start_daemon -p $PIDFILE $DAEMON --daemon --sh) || return 1
 		eval "$output" || return 1
 		pid=$(echo "$DIRMNGR_INFO" | cut -d : -f 2) || return 1
 		echo "$pid" >$PIDFILE || return 1

Bug#672972: Wheezy: VLC player can't play videos

2012-12-05 Thread Mark Hobley 
FWIW: I noticed a similar problem on a third party Hewlett Packard machine 
using an Intel based graphics chipset. Again other video players work fine on 
the same machine.

Bug#667995: cupsd configuration: "cupsdAuthorize: Empty Basic password!"

2012-12-05 Thread gregor herrmann 

On Wed, 28 Nov 2012 19:33:58 -0500, Andres Cimmarusti wrote:

> This patch solves this problem:
> http://git.fedorahosted.org/cgit/pycups.git/commit/?id=7fdad2e693e74b8811beca28d4ac6dd1619c988a

Thanks, I've now backported this patch to the current Debian package.
 
Debdiff attached; since I can't test this easily I'll leave this to
others ...


Cheers,
gregor

-- 
 .''`.  Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06
 : :' : Debian GNU/Linux user, admin, and developer  -  http://www.debian.org/
 `. `'  Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe
   `-   NP: Leonard Cohen: Sisters Of Mercy
diff -Nru python-cups-1.9.48/debian/changelog python-cups-1.9.48/debian/changelog
--- python-cups-1.9.48/debian/changelog	2010-02-15 20:06:12.0 +0100
+++ python-cups-1.9.48/debian/changelog	2012-12-05 19:48:04.0 +0100
@@ -1,3 +1,19 @@
+python-cups (1.9.48-1.1) UNRELEASED; urgency=low
+
+  * Non-maintainer upload.
+  * Fix "cupsd configuration: "cupsdAuthorize: Empty Basic password!"":
+Backport fix from Fedora git:
+http://git.fedorahosted.org/cgit/pycups.git/commit/?id=7fdad2e693e74b8811beca28d4ac6dd1619c988a
+Thanks Andres Cimmarusti for the pointer. Closes: #667995
+
+Original changelog entry (stripped in our patch):
+  * cupsmodule.c (do_password_callback), cupsconnection.c
+  (password_callback): Return NULL instead of the empty string
+  when handling an exception or when the callback returned an
+  empty string, and handle the callback returning None.
+
+ -- gregor herrmann   Wed, 05 Dec 2012 19:40:14 +0100
+
 python-cups (1.9.48-1) unstable; urgency=low
 
   [ Jérôme Guelfucci ]
diff -Nru python-cups-1.9.48/debian/patches/02_auth_loop.patch python-cups-1.9.48/debian/patches/02_auth_loop.patch
--- python-cups-1.9.48/debian/patches/02_auth_loop.patch	1970-01-01 01:00:00.0 +0100
+++ python-cups-1.9.48/debian/patches/02_auth_loop.patch	2012-12-05 19:50:22.0 +0100
@@ -0,0 +1,112 @@
+Taken from Fedora git, 7fdad2e693e74b8811beca28d4ac6dd1619c988a
+and backported to Debian version. Original commit info:
+
+From: Tim Waugh 
+Date: Mon, 03 Oct 2011 16:18:53 +
+Subject: Prevent auth loops by returning NULL when the callback returns an empty string.
+
+Also add support for the callback returning None when it wants to
+cancel the current operation.
+
+--- a/cupsconnection.c
 b/cupsconnection.c
+@@ -356,20 +356,26 @@ password_callback (int newstyle,
+   Py_DECREF (args);
+   if (result == NULL)
+   {
+-debugprintf ("<- password_callback (empty string)\n");
++debugprintf ("<- password_callback (exception)\n");
+ Connection_begin_allow_threads (self);
+-return "";
++return NULL;
+   }
+ 
+-  pwval = PyString_AsString (result);
+   free (self->cb_password);
+-  self->cb_password = strdup (pwval);
++  if (result == Py_None)
++self->cb_password = NULL;
++  else
++  {
++pwval = PyString_AsString (result);
++self->cb_password = strdup (pwval);
++  }
++
+   Py_DECREF (result);
+-  if (!self->cb_password)
++  if (!self->cb_password || !*self->cb_password)
+   {
+-debugprintf ("<- password_callback (empty string)\n");
++debugprintf ("<- password_callback (empty/null)\n");
+ Connection_begin_allow_threads (self);
+-return "";
++return NULL;
+   }
+ 
+   Connection_begin_allow_threads (self);
+--- a/cupsmodule.c
 b/cupsmodule.c
+@@ -124,9 +124,9 @@ do_password_callback (const char *prompt
+   Py_DECREF (args);
+   if (result == NULL)
+   {
+-debugprintf ("<- do_password_callback (empty string)\n");
++debugprintf ("<- do_password_callback (exception)\n");
+ Connection_begin_allow_threads (g_current_connection);
+-return "";
++return NULL;
+   }
+ 
+   if (password) {
+@@ -134,14 +134,20 @@ do_password_callback (const char *prompt
+ password = NULL;
+   }
+ 
+-  pwval = PyString_AsString (result);
+-  password = strdup (pwval);
++  if (result == Py_None)
++password = NULL;
++  else
++  {
++pwval = PyString_AsString (result);
++password = strdup (pwval);
++  }
++
+   Py_DECREF (result);
+-  if (!password)
++  if (!password || !*password)
+   {
+-debugprintf ("<- do_password_callback (empty string)\n");
++debugprintf ("<- do_password_callback (empty/null)\n");
+ Connection_begin_allow_threads (g_current_connection);
+-return "";
++return NULL;
+   }
+ 
+   Connection_begin_allow_threads (g_current_connection);
+@@ -481,8 +487,8 @@ static PyMethodDef CupsMethods[] = {
+ "setPasswordCB(fn) -> None\n\n"
+ "Set password callback function.  This Python function will be called \n"
+ "when a password is required.  It must take one string parameter \n"
+-"(the password prompt) and it must return a string (the password).  To \n"
+-"abort the operation it may return the empty string ('').\n\n"
++"(the password prompt) and it must return a string (the password), or \n"
++"None to abort the op

Bug#690270: Fixed in nm-connection-editor upstream

2012-12-05 Thread Jirka Klimes 

Fixed in network-manager-applet upstream:
http://git.gnome.org/browse/network-manager-
applet/commit/?id=d06f1ea8e2eaa5faab41fbc87669dc9c56b3cb73

See also https://bugzilla.redhat.com/show_bug.cgi?id=747368

Thanks, for the XIM pointer and reproducer:
GTK_IM_MODULE=xim nm-connection-editor

Jirka


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#679531: gstreamer0.10-plugins-good: mp4 files produced with ffmpeg no longer supported in wheezy

2012-12-05 Thread intrigeri 
Hi,

Al Grimstad wrote (05 Dec 2012 16:39:48 GMT) :
>> Can you now please try to:
>> 
>> 1. reproduce this bug with the example file attached to
>>https://bugzilla.gnome.org/show_bug.cgi?id=676174
>> 
>> 2. reproduce this bug after removing gstreamer0.10-plugins-bad from
>>your system
>> 
>> (Rationale: I'm wondering if this is a duplicate of #681652.)

> When I play the file attached to the bug report in totem, I get
> sound but no video. [...] This is with
> gstreamer0.10-plugins-bad installed.

Thank you, this is helpful.

> For you, I'll go to the trouble of removing the plugins-bad package.

Thank you.
This is helpful not only for me, but for many Debian users.

> Let's see what happens ... 

> 
> # apt-get remove gstreamer0.10-plugins-bad
[...]
> Do you want to continue [Y/n]? n
> Abort.
> 

> It seems that removing this particular plugin isn't too good
> an idea.

Indeed, there are reverse dependencies.

Anyhow, can you please try to temporarily forcibly remove it for
testing purposes, to help fix this bug in Debian:

  # dpkg --force-all --purge gstreamer0.10-plugins-bad

?

(That's what I did to confirm #681652 -- I reinstalled immediately
after testing, no problem. Sorry, I should have made it clear right
from the beginning what exact steps were needed to test this.)

Cheers,
-- 
  intrigeri
  | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
  | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#694819: tumgreyspf: Cron file doesn't remove expired entries with greylistByIPOnly = 0

2012-12-05 Thread Nelson A. de Oliveira 
Hi Thomas!

On Sat, Dec 1, 2012 at 11:46 AM, Thomas Goirand  wrote:
> Could you try to write a version of the script that would work on your
> system? We can later check the value of greylistByIPOnly, and have 2
> types of clean, depending on that value.

I am very busy this week but I will take a look at this for the
weekend/next week.

Thank you!

Best regards,
Nelson


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#656301: Bug#695191: RFS: xarchiver/1:0.5.2+20090319+dfsg-4.1 [RC] [NMU]

2012-12-05 Thread Markus Koschany 
Hi gregor,

On 05.12.2012 19:03, gregor herrmann wrote:
> BTW: I don't think it's a good idea to combine the fix for one RC
> bugs with changes that fix 2 minor bugs in an upload that should get
> into wheezy ...


I think fixing the two minor bugs is covered by point 4 of the freeze
policy. It's a win-win situation and it comes without altering one
single line of code.

http://release.debian.org/wheezy/freeze_policy.html

Regards,

Markus




signature.asc
Description: OpenPGP digital signature

Bug#684130: digikam: crash when starts

2012-12-05 Thread Michael Stapelberg 
notfound 684130 4:2.6.0-1+1
thanks

On Tue, 7 Aug 2012 12:34:43 +0300
Grey Fenrir  wrote:
> Package: digikam
> Version: 4:2.6.0-1+b1
> Severity: grave
> Justification: renders package unusable
I cannot reproduce the crash with that version (neither with
4:2.6.0-1+b2 which is currently in testing).

Other people have reported that they cannot reproduce the issue either.

I conclude this was due to mixing packages with debian-multimedia.

Therofer, I am closing this bugreport. Feel free to re-open in case you
can actually reproduce this issue.

-- 
Best regards,
Michael


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

  1   2   3   >