Bug#655200: Please make the html5 version the mainstream version
There is a new effort from the community http://www.htacg.org/ upstream. https://github.com/htacg/tidy-html5/ now says: This repository should be considered canonical for HTML Tidy as of 2015-January-15. I'd like to see this package updated to support HTML5 too, I'm happy to help. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781022: pkg-config: not work option --exists
Package: pkg-config Version: 0.28-1 Severity: important Hi, Sorry my bad English globus@aspera:~$ apt-cache policy libgtkextra-3.0 libgtkextra-3.0: Installed: 3.1.1-2 Candidate: 3.1.1-2 Version table: *** 3.1.1-2 0 500 http://ftp.fi.debian.org/debian/ jessie/main amd64 Packages 100 /var/lib/dpkg/status globus@aspera:~$ pkg-config --exists libgtkextra-3.0 globus@aspera:~$ echo $? 1 globus@aspera:~$ apt-cache policy libc6 libc6: Installed: 2.19-15 Candidate: 2.19-15 Version table: *** 2.19-15 0 500 http://ftp.fi.debian.org/debian/ jessie/main amd64 Packages 100 /var/lib/dpkg/status globus@aspera:~$ pkg-config --exists libc6 globus@aspera:~$ echo $? 1 etc etc etc -- System Information: Debian Release: 8.0 APT prefers testing-proposed-updates APT policy: (500, 'testing-proposed-updates'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages pkg-config depends on: ii libc6 2.19-15 ii libglib2.0-0 2.42.1-1 pkg-config recommends no packages. pkg-config suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780834: util-linux: [libfdisk] incorrect GPT header leads to segfault
Control: tags -1 fixed-upstream Control: forwarded -1 https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=9c6f3de60f9858e404a825824026bff4c42203fc Hello Otto Visser! On Mon, Mar 23, 2015 at 01:17:30PM +0100, Otto Visser wrote: Upstream accepted the reordering patch in libfdisk (header length check before crc check), so that fixes the segfault: https://github.com/karelzak/util-linux/commit/9c6f3de60f9858e404a825824026bff4c42203fc Thanks for the feedback! Regards, Andreas Henriksson -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#368916: gnome-terminal: $TERM should be set to gnome instead of xterm
Hi, I've been an active contributor/developer of gnome-terminal in the last 1.5 years. I firmly disagree with Christoph's comment Apparently upstream intentionally breaks things or simply doesn't care. We do care, and we worked hard recently to make gnome-terminal work reasonably close to xterm. Just look at the changelog and count how many emulation fixes we had in the last 1.5 years! Gnome-terminal has set TERM=xterm for a long time, and xterm is our reference as for how the terminal should work. On the other hand, TERM=gnome, which is written and maintained (probably not maintained actively too much) by xterm/terminfo's maintainer, is probably way out of date. Without looking at the details, I'm quite sure that TERM=xterm is way closer to describe gnome-terminal's behavior than TERM=gnome. And even if someone updates and corrects the gnome terminal description, we'd have to wait years until it's deployed to most of the hosts where you'd want to ssh to. Sure it's not perfect, but incorrectly reporting blink support is probably a magnitudes smaller problem than the ones you'd face with TERM=gnome. *If* someone updates TERM=gnome and keeps it updated, changing to that as the default might become a viable option in maybe 5 years or so. Over the last year or two we fixed plenty of _actual_ bugs where the emulation was incorrect. Christoph found the tinyest and most negligible feature that we promise to support but actually don't (i.e. blinking), and riding this he wants to push towards a completely different design which would have way more severe bugs which he can't foresee. With further details/discussions in the mainstream bugreport, I recommend that Debian developers stick to gnome-terminal developers' choice. cheers, egmont -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781007: [Pkg-utopia-maintainers] Bug#781007: network-manager has an 128 max connections limit
On Mon, Mar 23, 2015 at 11:30:50AM +0100, Michael Biebl wrote: Looks like a duplicate of #773525. Please test, if the latest upstream version 1.0.0 (available from experimental) fixes the problem. If not, please file a bug upstream. Doh -- sorry for the poor bug reporting. I hadn't noticed that experimental had a newer version. I just checked and it seems to be fixed there, output is now consistently the same list of 182 connections. I checked the git log between those two versions and didn't find anything that immediately stands out. Bisecting will be 7 steps, so if you have any guesses, I'm all ears... I'm guessing that if I do manage to track it down, you'd consider it for jessie, right? Thanks, Faidon -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781023: initramfs-tools: Volume group not found before trying to mount root filesystem on LVM.
Package: initramfs-tools Version: 0.119 Severity: important Dear Maintainer, * What led up to the situation? Good day. Just built a new wheezy server and upgraded to Jessie (LVM on Raid10). These are my steps: 1) Build new Wheezy server (LVM on Raid10). 2) Edit /etc/apt/sources.list and change Wheezy to Jessie 3) Run apt-get update ; apt-get upgrade 4) Run apt-get dist-upgrade 5) Run apt-get -f install and made sure all packages are installed. 5) Reboot 6) The server boots, and then eventually drops too spitting out Begin: Running /scripts/local-block done. Gave up waiting for /usr device. * What exactly did you do (or not do) that was effective (or ineffective)? I did a cat /proc/mdstat and saw raid was running. I then proceed to run: 1) lvm 2) vgscan 3) vgchange -ay 4) Pressed Control + D two or three times. * What was the outcome of this action? Booted in to new built Jessie OS. * What outcome did you expect instead? For the server to boot into the new built Jessie OS. I would like to state that I have built this server a few times. Ive rescue booted the and via chroot ran update-initramfs -u -t -k all ; update-grub Followed by grub-install /dev/sda1 I added 'rootdelay=10' to GRUB_CMDLINE_LINUX in /etc/default/grub Kind Regards Brent Clark -- Package-specific info: -- initramfs sizes -rw-r--r-- 1 root root 16M Mar 23 14:07 /boot/initrd.img-3.16.0-4-amd64 -rw-r--r-- 1 root root 12M Mar 23 14:00 /boot/initrd.img-3.2.0-4-amd64 -- /proc/cmdline BOOT_IMAGE=/vmlinuz-3.16.0-4-amd64 root=/dev/mapper/vg0-root ro nomodeset -- resume RESUME=UUID=104438b3-a081-4e7b-b4a9-58553e50612b -- /proc/filesystems ext3 ext2 ext4 -- lsmod Module Size Used by cpufreq_stats 12782 0 cpufreq_userspace 12525 0 cpufreq_conservative14184 0 cpufreq_powersave 12454 0 x86_pkg_temp_thermal12951 0 intel_powerclamp 17159 0 intel_rapl 17356 0 coretemp 12820 0 kvm_intel 139116 0 kvm 388635 1 kvm_intel crc32_pclmul 12915 0 ghash_clmulni_intel12978 0 aesni_intel 151423 0 ipmi_devintf 17053 0 iTCO_wdt 12831 0 iTCO_vendor_support12649 1 iTCO_wdt ppdev 16782 0 aes_x86_64 16719 1 aesni_intel lrw12757 1 aesni_intel gf128mul 12970 1 lrw ttm77862 0 drm_kms_helper 49210 0 drm 249955 2 ttm,drm_kms_helper glue_helper12695 1 aesni_intel ipmi_si48709 0 ablk_helper12572 1 aesni_intel i2c_algo_bit 12751 0 cryptd 14516 3 ghash_clmulni_intel,aesni_intel,ablk_helper lpc_ich20768 0 ipmi_msghandler39917 2 ipmi_devintf,ipmi_si evdev 17445 5 joydev 17063 0 i2c_i801 16965 0 pcspkr 12595 0 mfd_core 12601 1 lpc_ich winbond_cir17082 0 rc_core22404 1 winbond_cir i2c_core 46012 4 drm,i2c_i801,drm_kms_helper,i2c_algo_bit tpm_tis17182 0 tpm31511 1 tpm_tis parport_pc 26300 0 battery13356 0 button 12944 0 parport35749 2 ppdev,parport_pc shpchp 31121 0 video 18096 0 ac 12715 0 processor 28221 0 loop 26605 0 autofs435529 2 ohci_hcd 42982 0 uhci_hcd 43499 0 ext4 473802 7 crc16 12343 1 ext4 mbcache17171 1 ext4 jbd2 82413 1 ext4 dm_mod 89373 21 hid_generic12393 0 usbhid 44460 0 hid 102264 2 hid_generic,usbhid raid10 47465 1 raid1 34596 1 md_mod107672 4 raid1,raid10 sg 29973 0 sd_mod 44356 12 crc_t10dif 12431 1 sd_mod crct10dif_generic 12581 0 crct10dif_pclmul 13387 1 crct10dif_common 12356 3 crct10dif_pclmul,crct10dif_generic,crc_t10dif crc32c_intel 21809 0 ahci 33291 8 libahci27158 1 ahci ehci_pci 12512 0 ehci_hcd 69837 1 ehci_pci libata177457 2 ahci,libahci usbcore 195340 5 uhci_hcd,ohci_hcd,ehci_hcd,ehci_pci,usbhid e1000e203664 0 scsi_mod 191405 3 sg,libata,sd_mod usb_common 12440 1 usbcore ptp17692 1 e1000e pps_core
Bug#780758: pcmanfm: hangs while copying files
Just an update on this: it happened on another computer running LXDE with Jessie as well. It doesn't happen with LXDE on Wheezy or Ubuntu 14.04 LTS On Wed, Mar 18, 2015 at 3:07 PM, Timothy M Dowd mrdowdsouthmo...@gmail.com wrote: Package: pcmanfm Version: 1.2.3-1.1 Severity: normal Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? I was copying my home folder to an external hard drive that is windows formatted It would copy small amounts of files, but after a certain length of time for copying, (between 1:30 and 2:00) the operation would hang. the LXDE CPU monitor would show very low usage, and when a terminal was brought up no prompt would appear * What exactly did you do (or not do) that was effective (or ineffective)? All I could do was copy small amounts of files a chunk at a time. * What was the outcome of this action? * What outcome did you expect instead? I've used PCManFM since Squeeze- I've always been able to copy my entire home folder The disk that Debian was installed upon only has 270 MB free- could this be related? Unfortunately this is the last day for Jessie on this computer so I won't be able to help much more - I need this computer to be stable over the next few months due to extreme business in my life *** End of the template - remove these template lines *** -- System Information: Debian Release: 8.0 APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 3.16.0-4-686-pae (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages pcmanfm depends on: ii libatk1.0-0 2.14.0-1 ii libc62.19-15 ii libcairo21.14.0-2.1 ii libfm-gtk4 1.2.3-1 ii libfm4 1.2.3-1 ii libfontconfig1 2.11.0-6.3 ii libfreetype6 2.5.2-3 ii libgdk-pixbuf2.0-0 2.31.1-2+b1 ii libglib2.0-0 2.42.1-1 ii libgtk2.0-0 2.24.25-3 ii libpango-1.0-0 1.36.8-3 ii libpangocairo-1.0-0 1.36.8-3 ii libpangoft2-1.0-01.36.8-3 ii libx11-6 2:1.6.2-3 Versions of packages pcmanfm recommends: ii gnome-icon-theme 3.12.0-1 ii gvfs-backends 1.22.2-1 ii gvfs-fuse 1.22.2-1 ii lxde-icon-theme0.5.1-1 ii lxsession [policykit-1-gnome] 0.5.1-2 ii policykit-1-gnome 0.105-2 pcmanfm suggests no packages. -- no debconf information
Bug#781022: pkg-config: not work option --exists
Hi On 2015-03-23 18:43:45, YK wrote: Hi, Sorry my bad English globus@aspera:~$ apt-cache policy libgtkextra-3.0 libgtkextra-3.0: Installed: 3.1.1-2 Candidate: 3.1.1-2 Version table: *** 3.1.1-2 0 500 http://ftp.fi.debian.org/debian/ jessie/main amd64 Packages 100 /var/lib/dpkg/status globus@aspera:~$ pkg-config --exists libgtkextra-3.0 globus@aspera:~$ echo $? 1 I think there is a confusion between the names known by pkg-config and package names. They do not need to match. You also need to install the -dev packages: $ apt-get install libgtkextra-dev ... $ pkg-config --exists gtkextra-3.0 $ echo $? 0 globus@aspera:~$ apt-cache policy libc6 libc6: Installed: 2.19-15 Candidate: 2.19-15 Version table: *** 2.19-15 0 500 http://ftp.fi.debian.org/debian/ jessie/main amd64 Packages 100 /var/lib/dpkg/status globus@aspera:~$ pkg-config --exists libc6 globus@aspera:~$ echo $? libc6 does not come with a pkg-config file, so pkg-config does not know about it. Cheers -- Sebastian Ramacher signature.asc Description: Digital signature
Bug#781023: initramfs-tools: Volume group not found before trying to mount root filesystem on LVM.
Sorry I just would like to add that I too added the following to /etc/initramfs-tools/modules raid0 raid1 raid5 raid6 raid10 Followed by update-initramfs -u -t -k all etc. Still nothing works. Kind Regards Brent Clark P.s. if you would like screen shots etc, please don't hesitate to ask. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780830: spamassassin: Fails to install, 'strict.pm, permission denied'
As far as I know, the system we're using never had any special Perl stuff happening to it, but it has been upgraded from squeeze (or maybe etch) over the last years. Should I raise a bug with the perl package? Looks like you have ancient modules sitting in /usr/local/ I'd suggest to mode aside /usr/local, upgrade, and then restore /usr/local/ If I'm right, you should have then an upgraded system. But the old libraries in /usr/local will continues to cause problems. Hope this helps -- https://github.com/dod38fr/ -o- http://search.cpan.org/~ddumont/ http://ddumont.wordpress.com/ -o- irc: dod at irc.debian.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780858: Massive I/O data corruption on Marvell Armada XP machines
Control: tag -1 +pending On Fri, Mar 20, 2015 at 04:13:20PM +, Steve McIntyre wrote: Package: src:linux Version: 3.16.7-ckt7-1 Severity: grave Tags: upstream Hi folks, We've upgraded a couple of our Marvell Armada XP based (armel/armhf) buildd machines to Jessie, and they've almost immediately fallen over with symptoms of really bad data corruption. On further investigation and discussion with some of the upstream maintainers for this hardware, this is a known issue with I/O coherency and there are patches available for testing: * 8f1e8ee28660018a935c7576b9af8ffe1feab54c is a patch to disable coherency for now, and * http://lists.infradead.org/pipermail/linux-arm-kernel/2015-March/330104.html is a second patch needed too (do not register custom DMA operations when coherency is disabled) I'm just doing a local build right now with these patches applied so I can test. More news ASAP. Summarising discussion from IRC: Patch #1 above was already applied to the jessie kernel, but patch #2 was not. The bpo kernel we have previously been using had neither, and that worked OK. My testing over the weekend with a locally-built kernel including patch #2 as well was 100% successful, so r22457 looks like it will fix this bug. A prompt upload would be appreciated to get this into Jessie for our buildds! :-) Cheers guys, and thanks very much for the quick replies. -- Steve McIntyre, Cambridge, UK.st...@einval.com You can't barbecue lettuce! -- Ellie Crane -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781021: jessie-pu: package cvxopt/1.1.4-1.2+deb8u1
Package: release.debian.org User: release.debian@packages.debian.org Usertags: pu Tags: jessie Severity: normal Hello cvxopt fails to import glpk, with error undefined symbol (#780251). This is due to libglpk0 to libglpk36 ABI change. There already is a patch in jessie: An emulation of the functions that disappeared. However, the patch was not linked! The proposed diff fixes the link, and fixes a #if typo. I believe it's suitable for future Jessie release point, but not in 8.0 because of the freeze. However, the fix is also in sid, and would you like to have it sooner, it would be possible to: unblock cvxopt/1.1.4-1.3 Thank you. -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (990, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) -- Nirgal diff -Nru cvxopt-1.1.4/debian/changelog cvxopt-1.1.4/debian/changelog --- cvxopt-1.1.4/debian/changelog 2013-12-06 17:38:32.0 +0100 +++ cvxopt-1.1.4/debian/changelog 2015-03-23 12:02:20.0 +0100 @@ -1,3 +1,11 @@ +cvxopt (1.1.4-1.2+deb8u1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix glpk-4.49.diff: Link the lpx emulation file, fix the #if activation +test. This fixes undefined symbol: lpx_create_prob bugs. (Closes: #780251) + + -- Jean-Michel Nirgal Vourgère jmv_...@nirgal.com Wed, 11 Mar 2015 23:00:40 +0100 + cvxopt (1.1.4-1.2) unstable; urgency=medium * Non-maintainer upload. diff -Nru cvxopt-1.1.4/debian/patches/glpk-4.49.diff cvxopt-1.1.4/debian/patches/glpk-4.49.diff --- cvxopt-1.1.4/debian/patches/glpk-4.49.diff 2013-12-06 17:39:16.0 +0100 +++ cvxopt-1.1.4/debian/patches/glpk-4.49.diff 2015-03-14 21:15:54.0 +0100 @@ -3,13 +3,16 @@ patch adds compatibility routines that were provided by the upstream author of GLPK. Author: Sébastien Villemot sebast...@debian.org +Author: Jean-Michel Nirgal Vourgère jmv_...@nirgal.com Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714368 -Forwarded: no -Last-Update: 2013-08-15 +Forwarded: not-needed +Last-Update: 2015-03-11 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ a/src/C/glpk.c -+++ b/src/C/glpk.c +Index: cvxopt-1.1.4/src/C/glpk.c +=== +--- cvxopt-1.1.4.orig/src/C/glpk.c cvxopt-1.1.4/src/C/glpk.c @@ -20,7 +20,7 @@ #include cvxopt.h @@ -19,8 +22,10 @@ PyDoc_STRVAR(glpk__doc__, Interface to the simplex and mixed integer LP algorithms in GLPK.\n\n +Index: cvxopt-1.1.4/src/C/lpx.c +=== --- /dev/null -+++ b/src/C/lpx.c cvxopt-1.1.4/src/C/lpx.c @@ -0,0 +1,1516 @@ +/* lpx.c (old GLPK API) */ + @@ -35,12 +40,12 @@ +* Please note that you may mix calls to old and new GLPK API routines +* (except calls to glp_create_prob and glp_delete_prob). */ + -+#if (GLP_VERSION_MAJOR == 4 GLP_MINOR_VERSION = 49) || GLP_VERSION_MAJOR 4 -+ +#include float.h +#include limits.h +#include lpx.h + ++#if (GLP_MAJOR_VERSION == 4 GLP_MINOR_VERSION = 49) || GLP_MAJOR_VERSION 4 ++ +#define xassert glp_assert +#define xerror glp_error + @@ -1538,8 +1543,10 @@ + +/* eof */ + +Index: cvxopt-1.1.4/src/C/lpx.h +=== --- /dev/null -+++ b/src/C/lpx.h cvxopt-1.1.4/src/C/lpx.h @@ -0,0 +1,568 @@ +/* lpx.h (old GLPK API) */ + @@ -2109,3 +2116,16 @@ + +#endif +/* eof */ +Index: cvxopt-1.1.4/src/setup.py +=== +--- cvxopt-1.1.4.orig/src/setup.py cvxopt-1.1.4/src/setup.py +@@ -63,7 +63,7 @@ if BUILD_GLPK: + glpk = Extension('glpk', libraries = ['glpk'], + include_dirs = [ GLPK_INC_DIR ], + library_dirs = [ GLPK_LIB_DIR ], +-sources = ['C/glpk.c'] ) ++sources = ['C/glpk.c', 'C/lpx.c'] ) + extmods += [glpk]; + + if BUILD_DSDP: signature.asc Description: OpenPGP digital signature
Bug#781018: glusterfs: CVE-2014-3619
Package: glusterfs Severity: grave Tags: security Justification: user security hole Hi, please see https://bugzilla.redhat.com/show_bug.cgi?id=1138145 for further information and patches. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781019: sieve unable to fileinto when recipient is an user alias
Package: cyrus-common-2.4 Version: 2.4.16-4+deb7u2 Severity: normal User: de...@thom.fr.eu.org When a mail is received to an alias address, sieve can't fileinto the message. For instance, User foo as an alias bar. I have a sieve rule that moves any message received by bar to the Dossiers.bar_mail folder : elsif anyof (address :contains To b...@domain.com, address :contains Cc b...@domain.com) { fileinto Dossiers.bar; } If someone sends an email to b...@domain.com, I get the following error in le mail log : Mar 23 11:54:25 tls-srv-01 cyrus/lmtpunix[10524]: sieve runtime error for foo id 888761194.1033557880.1427108061874.javamail.r...@spooler6-g27.priv.proxad.net: Fileinto: Mailbox does not exist but the mailbox exists : # ctl_mboxlist -d | grep user.foo user.foo.Dossiers.bar_mail 0 default foo lrswipcda root lrswipcda Regards, François LEGAL -- System Information: Debian Release: wheezy Architecture: amd64 Kernel: 3.2.65 Locale: LANG= LANGUAGE= LC_CTYPE=fr_FR.utf8 Shell: /bin/sh linked to /bin/dash Versions of packages cyrus-common-2.4 depends on: ii cyrus-common 2.4.16-4+deb7u2 ii gawk 1:4.0.1+dfsg-2.1 ii libc6 2.13-38+deb7u8 ii libcomerr2 1.42.5-1.1+deb7u1 ii libdb5.1 5.1.29-5 ii libldap-2.4-2 2.4.31-1+nmu2 ii libsasl2-2 2.1.25.dfsg1-6+deb7u1 ii libsasl2-modules 2.1.25.dfsg1-6+deb7u1 ii libsnmp15 5.4.3~dfsg-2.8+deb7u1 ii libssl1.0.01.0.1e-2+deb7u14 ii libwrap0 7.6.q-24 ii libzephyr4 3.0.2-2 ii netbase5.0 ii perl 5.14.2-21+deb7u2 ii sendmail-bin 8.14.4-4 ii zlib1g 1:1.2.7.dfsg-13 Versions of packages cyrus-common-2.4 recommends: ii cyrus-imapd-2.42.4.16-4+deb7u2 -- Configuration Files: cyrus.conf # Debian defaults for Cyrus IMAP server/cluster implementation # see cyrus.conf(5) for more information # # All the tcp services are tcpd-wrapped. see hosts_access(5) START { # do not delete this entry! recover cmd=/usr/sbin/cyrus ctl_cyrusdb -r # this is only necessary if idlemethod is set to idled in imapd.conf idled cmd=idled # this is useful on backend nodes of a Murder cluster # it causes the backend to syncronize its mailbox list with # the mupdate master upon startup #mupdatepush cmd=/usr/sbin/cyrus ctl_mboxlist -m # this is recommended if using duplicate delivery suppression delprunecmd=/usr/sbin/cyrus expire -E 3 # this is recommended if caching TLS sessions tlsprunecmd=/usr/sbin/cyrus tls_prune } # UNIX sockets start with a slash and are absolute paths # you can use a maxchild=# to limit the maximum number of forks of a service # you can use babysit=true and maxforkrate=# to keep tight tabs on the service # most services also accept -U (limit number of reuses) and -T (timeout) SERVICES { # --- Normal cyrus spool, or Murder backends --- # add or remove based on preferences imap cmd=imapd -C /etc/imapd-local.conf -U 30 listen=127.0.0.1:imap prefork=0 maxchild=100 imaps cmd=imapd -s -U 30 listen=imaps prefork=0 maxchild=100 #pop3 cmd=pop3d -U 30 listen=pop3 prefork=0 maxchild=50 #pop3s cmd=pop3d -s -U 30 listen=pop3s prefork=0 maxchild=50 #nntp cmd=nntpd -U 30 listen=nntp prefork=0 maxchild=100 #nntps cmd=nntpd -s -U 30 listen=nntps prefork=0 maxchild=100 # At least one form of LMTP is required for delivery # (you must keep the Unix socket name in sync with imap.conf) #lmtp cmd=lmtpd listen=localhost:lmtp prefork=0 maxchild=20 lmtpunix cmd=lmtpd listen=/var/run/cyrus/socket/lmtp prefork=0 maxchild=20 # -- # useful if you need to give users remote access to sieve # by default, we limit this to localhost in Debian sieve cmd=timsieved listen=localhost:sieve prefork=0 maxchild=100 # this one is needed for the notification services notify cmd=notifyd listen=/var/run/cyrus/socket/notify proto=udp prefork=1 # --- Murder frontends - # enable these and disable the matching services above, # except for sieve (which deals automatically with Murder) # mupdate database service - must prefork at least 1 # (mupdate slaves) #mupdate cmd=mupdate listen=3905 prefork=1 # (mupdate master, only one in the entire cluster) #mupdate cmd=mupdate -m listen=3905 prefork=1 # proxies that will connect to the backends #imap cmd=proxyd listen=imap prefork=0 maxchild=100 #imaps cmd=proxyd -s listen=imaps prefork=0 maxchild=100 #pop3
Bug#781020: simplesamlphp: Small typo in long description
Package: simplesamlphp Version: 1.13.1-2 Severity: minor Tags: patch Hi There seems a small typo in the long description of the package, saying Shiboleth instead of Shibboleth. Regards, Salvatore diff -urN simplesamlphp-1.13.1.orig/debian/control simplesamlphp-1.13.1/debian/control --- simplesamlphp-1.13.1.orig/debian/control 2014-10-27 20:24:41.0 +0100 +++ simplesamlphp-1.13.1/debian/control 2015-03-23 12:38:17.110986212 +0100 @@ -25,7 +25,7 @@ following protocols: . * SAML 2.0 as a Service or Identity Provider. - * Shiboleth 1.3 as a Service or Identity Provider. + * Shibboleth 1.3 as a Service or Identity Provider. * A-Select as a Service or Identity Provider * CAS for remote authentication * OpenID as a Provider or Consumer
Bug#780834: util-linux: [libfdisk] incorrect GPT header leads to segfault
Upstream accepted the reordering patch in libfdisk (header length check before crc check), so that fixes the segfault: https://github.com/karelzak/util-linux/commit/9c6f3de60f9858e404a825824026bff4c42203fc Best regards, Otto. smime.p7s Description: S/MIME Cryptographic Signature
Bug#780827: squeeze update of xerces-c?
Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Squeeze version of xerces-c: https://security-tracker.debian.org/tracker/CVE-2015-0252 Would you like to take care of this yourself? We are still understaffed so any help is always highly appreciated. If yes, please follow the workflow we have defined here: http://wiki.debian.org/LTS/Development If that workflow is a burden to you, feel free to just prepare an updated source package and send it to debian-...@lists.debian.org (via a debdiff, or with an URL pointing to the the source package, or even with a pointer to your packaging repository), and the members of the LTS team will take care of the rest. Indicate clearly whether you have tested the updated package or not. If you don't want to take care of this update, it's not a problem, we will do our best with your package. Just let us know whether you would like to review and/or test the updated package before it gets released. Thank you very much. Raphaël Hertzog, on behalf of the Debian LTS team. PS: A member of the LTS team might start working on this update at any point in time. You can verify whether someone is registered on this update in this file: https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#743154: Bup run test failed on mips64el
Control: found -1 0.27~rc3-1 On Mon, 31 Mar 2014 07:42:07 +0800 Yunqiang Su wzss...@gmail.com wrote: Package: bup Version: 0.25-1 ! txstat.py:71 (4294967253L, 5) == (-43, 5) FAILED ! txstat.py:72 (4294967253L, 5) == (-43, 5) FAILED Is it due to that mips64el is treated as 32bit? Turns out it's not that. On mips64el, for historical reasons the stat syscall returns dates in the range 1970-2106 instead of 1901-2038 (or a larger range - this is a 64-bit platform after all). This means that although setting the date modified to -43 works, reading it back with stat gives a timestamp in 2106 due to the wraparound. This bug was fixed upstream in 0.26[1] by removing that test, but then another test was introduced which used negative timestamps in the same version[2]. The error in 0.27~rc3-1 is now: ! t/test-ls.sh:148 exactly 2 arguments ok Comparing: -rwx-- jcowgill/jcowgill 0 2105-08-27 02:46 executable prw--- jcowgill/jcowgill 0 2105-08-27 02:46 fifo -rw--- jcowgill/jcowgill 1024 2105-08-27 02:46 file srwx-- jcowgill/jcowgill 0 2105-08-27 02:46 socket lrwxrwxrwx jcowgill/jcowgill 4 2015-03-23 14:58 symlink - file -- -rwx-- jcowgill/jcowgill 0 1969-07-20 20:18 executable prw--- jcowgill/jcowgill 0 1969-07-20 20:18 fifo -rw--- jcowgill/jcowgill 1024 1969-07-20 20:18 file srwx-- jcowgill/jcowgill 0 1969-07-20 20:18 socket lrwxrwxrwx jcowgill/jcowgill 4 2015-03-23 14:58 symlink - file ! t/test-ls.sh:148 [...] FAILED I've attached the full log if that helps. [1] https://github.com/bup/bup/commit/19970cd8edb9762b3e6a83ed77637cdda700f96d [2] https://github.com/bup/bup/commit/cb7366ef107073d2de753240af2a75facf904588 Thanks, James dpkg-buildpackage -rfakeroot -D -us -uc -B dpkg-buildpackage: source package bup dpkg-buildpackage: source version 0.27~rc3-1 dpkg-buildpackage: source distribution experimental dpkg-buildpackage: source changed by Robert Edmonds edmo...@debian.org dpkg-source --before-build bup-0.27~rc3 dpkg-buildpackage: host architecture mips64el dpkg-source: info: using options from bup-0.27~rc3/debian/source/options: --single-debian-patch fakeroot debian/rules clean dh clean --with python2 dh_testdir debian/rules override_dh_auto_clean make[1]: Entering directory '/home/jcowgill/bup/bup-0.27~rc3' rm config/config.cmd config/config.h config/config.log config/config.mak config/config.md config/config.sub config/config.vars dh_auto_clean make[2]: Entering directory '/home/jcowgill/bup/bup-0.27~rc3' make -C Documentation clean make[3]: Entering directory '/home/jcowgill/bup/bup-0.27~rc3/Documentation' Warning: pandoc not installed; can't generate manpages. rm -f *~ .*~ *.[0-9] *.new *.tmp *.html .docs-available make[3]: Leaving directory '/home/jcowgill/bup/bup-0.27~rc3/Documentation' make -C config clean make[3]: Entering directory '/home/jcowgill/bup/bup-0.27~rc3/config' rm -f rm -f *~ .*~ make[3]: Leaving directory '/home/jcowgill/bup/bup-0.27~rc3/config' rm -f *.o lib/*/*.o *.so lib/*/*.so *.dll lib/*/*.dll *.exe \ .*~ *~ */*~ lib/*/*~ lib/*/*/*~ \ *.pyc */*.pyc lib/*/*.pyc lib/*/*/*.pyc \ bup bup-* cmd/bup-* \ lib/bup/_version.py lib/bup/_version.py.tmp-* \ randomgen memtest \ testfs.img lib/bup/t/testfs.img if test -e t/mnt; then t/cleanup-mounts-under t/mnt; fi if test -e t/mnt; then rm -r t/mnt; fi if test -e t/tmp; then t/cleanup-mounts-under t/tmp; fi if test -e lib/bup/t/testfs; \ then umount lib/bup/t/testfs || true; fi rm -rf *.tmp *.tmp.meta t/*.tmp lib/*/*/*.tmp build lib/bup/build lib/bup/t/testfs if test -e t/tmp; then t/force-delete t/tmp; fi t/configure-sampledata --clean make[2]: Leaving directory '/home/jcowgill/bup/bup-0.27~rc3' make[1]: Leaving directory '/home/jcowgill/bup/bup-0.27~rc3' dh_clean debian/rules build-arch dh build-arch --with python2 dh_testdir -a debian/rules override_dh_auto_configure make[1]: Entering directory '/home/jcowgill/bup/bup-0.27~rc3' ./configure Configuring for [bup] Looking for cpp (/lib/cpp) ok checking for install (/usr/bin/install) checking the C compiler (cc) ok ignoring bogus LDFLAGS=-Wl,-z,relro checking for make (/usr/bin/make) checking for python (/usr/bin/python) checking for git (/usr/bin/git) checking for header sys/stat.h (found) checking for header sys/types.h (found) checking for header unistd.h (found) checking for header linux/fs.h (found) checking for header sys/ioctl.h (found) checking for the utimensat function (found) checking for the utimes function (found) checking for the lutimes function (found) checking that struct stat has a st_atim field (yes) checking that struct stat has a st_mtim field (yes) checking that struct stat has a st_ctim field (yes) checking that struct stat has a st_atimensec field (no) checking that struct stat has a st_mtimensec field (no) checking that struct stat has a st_ctimensec field (no) looking
Bug#741464: grub-pc-bin: hangs after displaying boot menu
On Sun, Feb 01, 2015 at 11:16:59PM +0100, Marco Gamberoni wrote: Having read http://web.archive.org/web/20040604041507/http://panda.cs.ndsu.nodak.edu/~achapwes/PICmicro/keyboard/atkeyboard.html it is obvious what's going on: at_keyboard is using scankey set 1 but the keyboard is using set 2 and the keyboard controller is not translating. The cause of the mismatch is the XLAT bit in the keyboard controller command byte that transitions from 1 to 0 while grub executes terminal_input at_keyboard. [...] Thanks for the debugging. Would you be able to try with this upstream patch, which looks somewhat promising for this? http://git.savannah.gnu.org/gitweb/?p=grub.git;a=commitdiff;h=3c058332499f6c0185c167a7faf37afa808136b7 Thanks, -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781007: [Pkg-utopia-maintainers] Bug#781007: Bug#781007: network-manager has an 128 max connections limit
Control: fixed -1 1.0.0-3 Am 23.03.2015 um 13:49 schrieb Faidon Liambotis: On Mon, Mar 23, 2015 at 11:30:50AM +0100, Michael Biebl wrote: Looks like a duplicate of #773525. Please test, if the latest upstream version 1.0.0 (available from experimental) fixes the problem. If not, please file a bug upstream. Doh -- sorry for the poor bug reporting. I hadn't noticed that experimental had a newer version. I just checked and it seems to be fixed there, output is now consistently the same list of 182 connections. Thanks for testing, marking the bug as fixed for that version -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#780873: About the security issues affecting python-django in Squeeze
Hello dear maintainer(s), the Debian LTS team recently reviewed the security issue(s) affecting your package in Squeeze: https://security-tracker.debian.org/tracker/CVE-2015-2317 We decided that we would not prepare a squeeze security update (usually because the security impact is low and that we concentrate our limited resources on higher severity issues and on the most widely used packages). That said the squeeze users would most certainly benefit from a fixed package. If you want to work on such an update, you're welcome to do so. Please try to follow the workflow we have defined here: http://wiki.debian.org/LTS/Development If that workflow is a burden to you, feel free to just prepare an updated source package and send it to debian-...@lists.debian.org (via a debdiff, or with an URL pointing to the the source package, or even with a pointer to your packaging repository), and the members of the LTS team will take care of the rest. However please make sure to submit a tested package. Thank you very much. Raphaël Hertzog, on behalf of the Debian LTS team. -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781007: [Pkg-utopia-maintainers] Bug#781007: Bug#781007: network-manager has an 128 max connections limit
Am 23.03.2015 um 13:49 schrieb Faidon Liambotis: On Mon, Mar 23, 2015 at 11:30:50AM +0100, Michael Biebl wrote: Looks like a duplicate of #773525. Please test, if the latest upstream version 1.0.0 (available from experimental) fixes the problem. If not, please file a bug upstream. Doh -- sorry for the poor bug reporting. I hadn't noticed that experimental had a newer version. I just checked and it seems to be fixed there, output is now consistently the same list of 182 connections. I checked the git log between those two versions and didn't find anything that immediately stands out. Bisecting will be 7 steps, so if you have any guesses, I'm all ears... I'm guessing that if I do manage to track it down, you'd consider it for jessie, right? Depends on the patch and how invasive it is. I do indeed plan another upload of NetworkManager to at least fix #760998. So we might sneak that one in. Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#781010: unblock: simpleid/0.8.1-14
Package: release.debian.org User: release.debian@packages.debian.org UserTags: unblock I'm proposing to update the simpleid package using the patch contained in this bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718483 Direct link to the patch: https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=15;filename=718483.diff;att=1;bug=718483 I would also propose a couple of other small fixes, - uploader email address s/pocock.com.au/pocock.pro - home page URL http://www.simpleid.org Please let me know if all of the above is likely to be accepted at this stage in the freeze and if so I will build a package and send a debdiff for approval. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#774492: [vim] c{motion} temporary cancels 'linebreak' option for current line
Hi, On Fri, 23 Jan 2015 10:30:59 +0100 Christian Brabandt c...@256bit.org wrote: Note, this bug has been fixed upstream with 7.4.576 (the commit message mentions relativenumber setting, but the patch actually has nothing to do with it.) great! I keep rebuilding vim with every upload to add this patch. Any chance to get this included, soon, and targeted for the next release (or at least the subsequent point release). It is a significant show-stopper when editing large bodies of natural text with vim, at least for me. Greetings, Joachim -- Joachim nomeata Breitner Debian Developer nome...@debian.org | ICQ# 74513189 | GPG-Keyid: F0FBF51F JID: nome...@joachim-breitner.de | http://people.debian.org/~nomeata signature.asc Description: This is a digitally signed message part
Bug#781029: include (dsa|dla)-needed in json output
x-debbugs-cc: 761859, hert...@debian.org package: security-tracker severity: wishlist Hi, On Montag, 16. März 2015, Raphael Hertzog wrote: Another nice thing to add in the generated file is whether the package is listed in dsa-needed.txt and dla-needed.txt. That would be two boolean fields at the source package level (default value of False if missing). agreed. Filing this as a new bug, so we can finish #761859 first and then extend it... cheers, Holger signature.asc Description: This is a digitally signed message part.
Bug#781028: util-linux: mount is only mounting half of the loopback mounts
Package: util-linux Version: 2.20.1-5.3 Dear Maintainer, At boot we mount a few Linux distro ISO images to offer them via PXE, but something strange is going on during the mount process and only half of the specified mounts get mounted. See those steps to reproduce: - Mount 8 ISO images via fstab /root/3c90x.iso /mnt/1 iso9660 loop0 0 /root/3c90x.iso /mnt/2 iso9660 loop0 0 ... /root/3c90x.iso /mnt/8 iso9660 loop0 0 - mount -a will only mount 4 images root@client1:~# mount -a mount: block device /root/3c90x.iso is write-protected, mounting read-only mount: block device /root/3c90x.iso is write-protected, mounting read-only mount: block device /root/3c90x.iso is write-protected, mounting read-only mount: block device /root/3c90x.iso is write-protected, mounting read-only mount: could not find any free loop device mount: could not find any free loop device mount: could not find any free loop device mount: could not find any free loop device root@client1:~# df -h -P |grep loop /dev/loop1 2.2M 2.2M 0 100% /mnt/1 /dev/loop3 2.2M 2.2M 0 100% /mnt/2 /dev/loop5 2.2M 2.2M 0 100% /mnt/3 /dev/loop7 2.2M 2.2M 0 100% /mnt/4 - Now if you run *again* mount -a it will mount 2 more: root@client1:~# mount -a mount: block device /root/3c90x.iso is write-protected, mounting read-only mount: block device /root/3c90x.iso is write-protected, mounting read-only mount: could not find any free loop device mount: could not find any free loop device root@client1:~# df -h -P |grep loop /dev/loop1 2.2M 2.2M 0 100% /mnt/1 /dev/loop3 2.2M 2.2M 0 100% /mnt/2 /dev/loop5 2.2M 2.2M 0 100% /mnt/3 /dev/loop7 2.2M 2.2M 0 100% /mnt/4 /dev/loop2 2.2M 2.2M 0 100% /mnt/5 /dev/loop6 2.2M 2.2M 0 100% /mnt/6 Running again mount -a will mount 1 more (on loop4) after which all loop devices are in use. Not sure why loop0 is not being used by the way. We can work around this by specifying max_loop=16 in the modprobe.d conf but guess it's a bug after all. Regards, Geert -- System Information: Debian Release: 7.4 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-486 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages util-linux depends on: ii debconf [debconf-2.0] 1.5.49 ii dpkg 1.16.12 ii initscripts2.88dsf-41+deb7u1 ii install-info 4.13a.dfsg.1-10 ii libblkid1 2.20.1-5.3 ii libc6 2.13-38+deb7u1 ii libncurses55.9-10 ii libselinux12.1.9-5 ii libslang2 2.2.4-15 ii libtinfo5 5.9-10 ii libuuid1 2.20.1-5.3 ii lsb-base 4.1+Debian8+deb7u1 ii tzdata 2013i-0wheezy1 ii zlib1g 1:1.2.7.dfsg-13 util-linux recommends no packages. Versions of packages util-linux suggests: pn dosfstools none ii kbd 1.15.3-9 ii util-linux-locales 2.20.1-5.3 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#761859: security-tracker json deployed
Hi, On Dienstag, 17. März 2015, Raphael Hertzog wrote: The repository dictionary has what you are looking for. The releases dictionary indeed lists all versions in all existing releases. The repository dictionary doesn't have the data that I'm interested in. ack Maybe you would prefer the releases dict to only have keys squeeze, wheezy, jessie and sid and an additional sub-release key? Yes, the entries in releases must be predictable. I must be able to lookup issue_data['releases']['squeeze']['status'] and have the status in squeeze no matter what sub-release has the latest version. ok. so i will add a subrelease key, speciying the first subrelease where the issue is fixed. subrelease will have one of these values: null, 'security' or lts'. I also noticed that we have nowhere data that says that an issue is undetermined... maybe those issues should be entirely dropped? I agree that those issues should not be displayed in the tracker, but I'm not entirely convinced they should be dropped from the json... (that's also how I understood Moritz in this bug) - but if you insist, it's easy to drop them. cheers, Holger signature.asc Description: This is a digitally signed message part.
Bug#781018: glusterfs: CVE-2014-3619
fixed #781018 3.6.2-1 thanks Am 23.03.2015 um 11:43 schrieb Moritz Muehlenhoff: Package: glusterfs Severity: grave Tags: security Justification: user security hole Hi, please see https://bugzilla.redhat.com/show_bug.cgi?id=1138145 for further information and patches. Cheers, Moritz -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780129: Does CVE-2015-1609 apply to squeeze's version of mongodb?
Hi, On Tue, 10 Mar 2015, László Böszörményi (GCS) wrote: On Tue, Mar 10, 2015 at 4:24 PM, Raphael Hertzog hert...@debian.org wrote: I'm wondering whether CVE-2015-1609 is affecting the squeeze version. The code base is vastly different between 1.4.4 and the current supported releases. I think it's not affected, but I'm not a security expert and don't have the exploit to test it against 1.4.x versions. I think neither the Wheezy version (v2.0) is affected. BSON support is modularized in it, but can't find the affected file nor the function in the source. It would be much better if someone with more security knowledge approve or refute me in this matter. Do you know some upstream developers who could confirm/infirm this? Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781030: unblock: glusterfs/3.5.2-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package glusterfs It fixes CVE-2014-3619 and closes #781018 diff -Naur '--exclude=.svn' 3.5.2-1/debian/changelog 3.5.2-2/debian/changelog --- 3.5.2-1/debian/changelog2014-08-01 13:17:51.262203834 +0200 +++ 3.5.2-2/debian/changelog2015-03-23 15:47:19.949358143 +0100 @@ -1,3 +1,11 @@ +glusterfs (3.5.2-2) unstable; urgency=high + + * Add patch 01-CVE-2014-3619 to fix a fragment header infinite loop DoS in +glusterfs as described in CVE-2014-3619. +Closes: #781018 + + -- Patrick Matthäi pmatth...@debian.org Mon, 23 Mar 2015 15:35:25 +0100 + glusterfs (3.5.2-1) unstable; urgency=medium * New upstream release. diff -Naur '--exclude=.svn' 3.5.2-1/debian/patches/01-CVE-2014-3619.diff 3.5.2-2/debian/patches/01-CVE-2014-3619.diff --- 3.5.2-1/debian/patches/01-CVE-2014-3619.diff1970-01-01 01:00:00.0 +0100 +++ 3.5.2-2/debian/patches/01-CVE-2014-3619.diff2015-03-23 15:47:19.953358498 +0100 @@ -0,0 +1,55 @@ +# Upstream patch to fix CVE-2014-3619 (fragment header infinite loop DoS) +# URL: https://bugzilla.redhat.com/show_bug.cgi?id=1138145 +# Patch: http://review.gluster.org/#/c/8662/4 + +diff -Naur glusterfs-3.5.2.orig/rpc/rpc-transport/socket/src/socket.c glusterfs-3.5.2/rpc/rpc-transport/socket/src/socket.c +--- glusterfs-3.5.2.orig/rpc/rpc-transport/socket/src/socket.c 2014-07-31 13:05:35.0 +0200 glusterfs-3.5.2/rpc/rpc-transport/socket/src/socket.c 2015-03-23 15:28:00.765389702 +0100 +@@ -375,10 +375,11 @@ + /* first call after passing SP_STATE_READING_FRAGHDR */ + in-ra_max = min (RPC_FRAGSIZE (in-fraghdr), GF_SOCKET_RA_MAX); + /* Note that the in-iobuf is the primary iobuf into which +- headers are read into. By using this itself as our ++ headers are read into, and in-frag.fragcurrent points to ++ some position in the buffer. By using this itself as our + read-ahead cache, we can avoid memory copies in iov_load + */ +- in-ra_buf = iobuf_ptr (in-iobuf); ++ in-ra_buf = in-frag.fragcurrent; + } + + /* fill read-ahead */ +@@ -1986,9 +1987,22 @@ + goto out; + } + ++if (in-iobuf == NULL) { ++/* first fragment */ ++frag-fragcurrent = iobuf_ptr (iobuf); ++} else { ++/* second or further fragment */ ++memcpy(iobuf_ptr (iobuf), iobuf_ptr (in-iobuf), ++ in-total_bytes_read - RPC_FRAGSIZE(in-fraghdr)); ++iobuf_unref (in-iobuf); ++frag-fragcurrent = (char *) iobuf_ptr (iobuf) + ++in-total_bytes_read - RPC_FRAGSIZE(in-fraghdr); ++frag-pending_vector-iov_base = frag-fragcurrent; ++in-pending_vector = frag-pending_vector; ++} ++ + in-iobuf = iobuf; + in-iobuf_size = 0; +-frag-fragcurrent = iobuf_ptr (iobuf); + in-record_state = SP_STATE_READING_FRAG; + /* fall through */ + +@@ -2003,6 +2017,9 @@ + frag-bytes_read = 0; + + if (!RPC_LASTFRAG (in-fraghdr)) { ++in-pending_vector = in-vector; ++in-pending_vector-iov_base = in-fraghdr; ++in-pending_vector-iov_len = sizeof(in-fraghdr); + in-record_state = SP_STATE_READING_FRAGHDR; + break; + } diff -Naur '--exclude=.svn' 3.5.2-1/debian/patches/series 3.5.2-2/debian/patches/series --- 3.5.2-1/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ 3.5.2-2/debian/patches/series 2015-03-23 15:47:19.953358498 +0100 @@ -0,0 +1 @@ +01-CVE-2014-3619.diff unblock glusterfs/3.5.2-2 -- System Information: Debian Release: 7.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#761859: security-tracker json deployed
On Mon, 23 Mar 2015, Holger Levsen wrote: I also noticed that we have nowhere data that says that an issue is undetermined... maybe those issues should be entirely dropped? I agree that those issues should not be displayed in the tracker, but I'm not entirely convinced they should be dropped from the json... (that's also how I understood Moritz in this bug) - but if you insist, it's easy to drop them. I'm fine having the data in the JSON as long as I can filter them out in some way. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781018: glusterfs: CVE-2014-3619
Am 23.03.2015 um 11:43 schrieb Moritz Muehlenhoff: Package: glusterfs Severity: grave Tags: security Justification: user security hole Hi, please see https://bugzilla.redhat.com/show_bug.cgi?id=1138145 for further information and patches. Hi, 3.5.2-2 is uploaded and a unblock request is also filled. experimental is not affected. If 3.2.7-3+deb7u1 from stable is also affected then we require a patch for it. The current upstream version could not be applied to 3.2.7 :( -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781031: FTBFS if autoconf2.13 is installed
Package: vim Version: 2:7.4.488-6 Severity: minor Hi, vim fails to build from source if autoconf2.13 is installed. Regards, Daniel -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#426402: apt: Need better way to specify mirrors for Debian repositiories
On Mon, 28 May 2007 17:07:11 +0300 David Baron d_ba...@012.net.il wrote: Package: apt Version: 0.6.46.4-0.1 Severity: wishlist I am sure this is not original. Applies to Debian package repositories since they have a uniform structure: Sometimes (like now!), not all packages have made it to all mirrors, or one's favorite, closest mirror is down. I would like a better way of specifitying Debian mirrors. Foreign repos would remain is now and the current syntax would remain valid for Debian as well. Something like: Debian Mirrors: Preferred Mirror: ftp://... Mirror 2: http://... Mirror 3 ... End Debian Mirrors sounds a lot like the mirror method available in apt nowadays. Time to close this ticket as fixed? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780633: f3: please include f3detect and f3fix
Hi, Debian is frozen now. When we have a new stable release (April?), I will migrate all packages from experimental to unstable. So, after this, I will able to upload a revision built by 'make experimental' to experimental. Cheers, Eriberto 2015-03-23 6:07 GMT-03:00 Michal Suchanek michal.sucha...@ruk.cuni.cz: Hello, the experimental binaries would be included in package in Debian experimental so I do not really see a problem here. I prefer them over the 'stable' ones either way. Man pages would be nice to have, yes. Can look into writing some. Thanks Michal Excerpts from Eriberto's message of Sun Mar 22 18:03:33 +0100 2015: Hi Michal, These executables are experimental, not stable, and need manpages. I preferred to wait for a new upstream version to include these elements in the package. Cheers, Eriberto 2015-03-17 4:24 GMT-03:00 Michal Suchanek michal.sucha...@ruk.cuni.cz: Package: f3 Version: 5.0-1 Severity: wishlist Hello, please provide f3detect and f3fix that are built using make experimental. Thanks Michal -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (910, 'testing'), (900, 'stable'), (410, 'unstable'), (400, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.18.0-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system) Versions of packages f3 depends on: ii libc6 2.19-13 f3 recommends no packages. f3 suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781024: quassel: Denial of service (no CVE yet)
Package: quassel Severity: grave Tags: security Justification: user security hole The following security issue was reported against quassel: https://github.com/quassel/quassel/commit/b5e38970ffd55e2dd9f706ce75af9a8d7730b1b8 A CVE ID has been requested, but is not yet available, we'll update the bug once available. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781025: [printer-driver-ptouch] Finishing options don't have any effect
Package: printer-driver-ptouch Version: 1.3-8 Severity: minor --- Please enter the report below this line. --- I have a Brother QL-500 printer. The cups printer driver offers me the following settings when changing the default settings: Section Finishing: Advance Distance, Advance Media, Cut Mark No matter what I configure there, the result is unchanged. It seems that these settings are being ignored. --- System information. --- Architecture: amd64 Kernel: Linux 3.14-2-amd64 Debian Release: 8.0 900 testing www.deb-multimedia.org 900 testing ftp.de.debian.org 500 wheezy apt.tvheadend.org 500 unstablebuild.i3wm.org 500 stable repository.spotify.com --- Package information. --- Depends(Version) | Installed -+-=== libc6 (= 2.14) | libcups2 (= 1.4.0) | libcupsimage2 (= 1.4.0) | python3 | xz-utils | ghostscript | Package's Recommends field is empty. Package's Suggests field is empty. signature.asc Description: OpenPGP digital signature
Bug#781026: RFP: bs1770gain -- normalize the loudness of audio and video files to the same level
Package: wnpp Severity: wishlist Package name: bs1770gain Version : 0.4.1 Upstream Author : Peter Belkner pbelk...@berlin.snafu.de URL : http://bs1770gain.sourceforge.net/ License : GPL Programming Lang: C Description : normalize the loudness of audio and video files to the same level BS1770GAIN is a loudness scanner compliant with ITU-R BS.1770 and its flavors EBU R128, ATSC A/85, and ReplayGain 2.0. It helps normalizing the loudness of audio and video files to the same level. This package is useful because it allows users to apply gain tags to ensure that audio files play back at the same perceived volume. It can be used by beets: https://github.com/sampsyo/beets which is already packaged in debian. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781027: ITP: nodepool -- nodepool a system to launch disposable OpenStack VM for testing purposes
Package: wnpp Severity: wishlist Owner: Antoine Musso has...@free.fr * Package name: nodepool Version : HEAD Upstream Author : OpenStack Infra openstack-in...@lists.openstack.org * URL : http://ci.openstack.org/nodepool/ * License : Apache 2.0 Programming Lang: Python Description : nodepool a system to launch disposable OpenStack VM for testing purposes Nodepool is a system for launching single-use test nodes on demand based on images built with cached data. It is designed to work with any OpenStack based cloud, and is part of a suite of tools that form a comprehensive test system including Jenkins and Zuul. Will be packaged myself with guidances from Wikimedia Foundation Debian Developers and OpenStack Foundation infrastructure developers. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#759306: O: mg -- microscopic GNU Emacs-style editor
Hi Harald, without knowing your work on mentors, I did my own, independent work on the package. Are you still interested in (co)maintaining it? I can sponsor your uploads. Tomasz signature.asc Description: Digital signature
Bug#780712: squeeze update of flightgear?
Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Squeeze version of flightgear: https://security-tracker.debian.org/tracker/source-package/flightgear Would you like to take care of this yourself? We are still understaffed so any help is always highly appreciated. If yes, please follow the workflow we have defined here: http://wiki.debian.org/LTS/Development If that workflow is a burden to you, feel free to just prepare an updated source package and send it to debian-...@lists.debian.org (via a debdiff, or with an URL pointing to the the source package, or even with a pointer to your packaging repository), and the members of the LTS team will take care of the rest. Indicate clearly whether you have tested the updated package or not. If you don't want to take care of this update, it's not a problem, we will do our best with your package. Just let us know whether you would like to review and/or test the updated package before it gets released. Thank you very much. Raphaël Hertzog, on behalf of the Debian LTS team. PS: A member of the LTS team might start working on this update at any point in time. You can verify whether someone is registered on this update in this file: https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780709: vpnc: fails with Inappropriate ioctl for device
On Sun, Mar 22, 2015 at 11:03:34AM +0800, Antonio Borneo wrote: Could you please test the patch 0001-* in attachment? I don't have possibility to test it in coming weeks. The first part of the patch addresses your problem. yes, if /dev/net/tun is not existing, the patched script will just create it correctly. The second part makes me confused. agreed... It should never wait, since few lines before /dev/net/tun is explicitly created with mknod, independently by udev. For me this loop should be moved before the test that triggers mknod. I have prepared patch 0002-*. Not sure you can test it, but comments are welcome. yes, that seems to be obvious, but i can't test that special case. the same goes with the symlink case. am i fully sure what the snipped want to resolve? let me try to sum up: if dev cannot be read and written do: 1 modprobe driver (shouldn't there be a condition if already loaded?) 2 if dev is a symlink to wrong location fix symlink 3 wait for 10 sec for the dev to show up, check by r/w 4 if dev (still) doesn't exists create it so i would suggest to move the loop as in your patch 2 but i would suggest to use the same check of existence of the dev for all 3 cases, maybe just -e to keep the script simple (-c would be better but then you have to remove the file to use mknod and it does not work for the symlinkcase, still it would repair systems where the initial bug happened already). regards, -- M. Dietrich -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780932: im-config: upstart user session job
It may be worth mentioning that we have had an upstart job in Ubuntu for a while, but it has been incomplete, so https://launchpad.net/bugs/1433831 was filed. Unsetting TEXTDOMAIN and TEXTDOMAINDIR also here makes sense IMO. -- Gunnar Hjalmarsson https://launchpad.net/~gunnarhj -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781022: pkg-config: not work option --exists
SR == Sebastian Ramacher sramac...@debian.org writes: globus@aspera:~$ apt-cache policy libgtkextra-3.0 libgtkextra-3.0: Installed: 3.1.1-2 Candidate: 3.1.1-2 Version globus@aspera:~$ pkg-config --exists libgtkextra-3.0 globus@aspera:~$ echo $? 1 SR I think there is a confusion between the names known by SR pkg-config and package names. They do not need to match. You SR also need to install the -dev packages: SR $ apt-get install libgtkextra-dev ... $ pkg-config --exists SR gtkextra-3.0 $ echo $? 0 Sorry, but... root@aspera:~# apt-cache policy libgtkextra-dev libgtkextra-dev: Installed: 3.1.1-2 Candidate: 3.1.1-2 Version table: *** 3.1.1-2 0 500 http://ftp.fi.debian.org/debian/ jessie/main amd64 Packages 100 /var/lib/dpkg/status root@aspera:~# pkg-config --exists gtkextra-3.0 root@aspera:~# echo $? 1 -- Thanks for attention. Yoric. New-Sibirsk. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#758086: CVE-2012-6153: Apache HttpComponents client: Hostname verification susceptible to MITM attack
On Mon, Dec 29, 2014 at 10:25:24PM +0100, Moritz Mühlenhoff wrote: On Mon, Sep 22, 2014 at 03:56:00PM +0200, Raphael Hertzog wrote: Hi, On Mon, 18 Aug 2014, Salvatore Bonaccorso wrote: On Thu, Aug 14, 2014 at 11:43:32PM +0200, Emmanuel Bourg wrote: Is there an example available somewhere of a subject improperly parsed by commons-httpclient/3.1-10.2? This would help backporting the fix to this version. I think this is already fixed in 3.1-10.2, see the Red Hat bug as reference and See https://bugs.debian.org/692442#56 and and following mails. I don't understand this from those mails. On the contrary, RedHat did update their packages with a new patch on top of the former patch: https://git.centos.org/blob/rpms!jakarta-commons-httpclient/5acb7f7b3e637c3a6d072e3f037a3c4abb6c48af/SOURCES!jakarta-commons-httpclient-CVE-2014-3577.patch And the Debian package still have the old version of getCN(). What's the status? Can we get that fixed for jessie? *ping*, the release is getting closer. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781022: pkg-config: not work option --exists
On 2015-03-23 21:33:52, YoricKo wrote: SR == Sebastian Ramacher sramac...@debian.org writes: globus@aspera:~$ apt-cache policy libgtkextra-3.0 libgtkextra-3.0: Installed: 3.1.1-2 Candidate: 3.1.1-2 Version globus@aspera:~$ pkg-config --exists libgtkextra-3.0 globus@aspera:~$ echo $? 1 SR I think there is a confusion between the names known by SR pkg-config and package names. They do not need to match. You SR also need to install the -dev packages: SR $ apt-get install libgtkextra-dev ... $ pkg-config --exists SR gtkextra-3.0 $ echo $? 0 Sorry, but... root@aspera:~# apt-cache policy libgtkextra-dev libgtkextra-dev: Installed: 3.1.1-2 Candidate: 3.1.1-2 Version table: *** 3.1.1-2 0 500 http://ftp.fi.debian.org/debian/ jessie/main amd64 Packages 100 /var/lib/dpkg/status root@aspera:~# pkg-config --exists gtkextra-3.0 root@aspera:~# echo $? 1 So you don't have libgtk2.0-dev installed. One could argue that libgtkextra-dev is missing dependencies. Cheers -- Sebastian Ramacher signature.asc Description: Digital signature
Bug#781032: apache2-dev: typo in man dh_apache2: INVOKATION
Package: apache2-dev Version: 2.4.10-10 Severity: minor Hi, man dh_apache2 contains an INVOKATION section instead of INVOCATION. Please fix up this typo when convenient. -- Thanks, Feri. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780956: laptop-mode-tools: no equivalent of /etc/power/scripts.d/laptop-mode for systemd suspend
On Monday 23 March 2015 12:58 PM, Ritesh Raj Sarraf wrote: I think I know the problem. Can you run `systemctl enable laptop-mode.service` and then restart your machine? Post that, things should behave normal. Would you be in position to test a deb package ? I can prepare it for you. -- Ritesh Raj Sarraf RESEARCHUT - http://www.researchut.com Necessity is the mother of invention. signature.asc Description: OpenPGP digital signature
Bug#696741: Bug still present
This bug is still present in latest Debian jessie. (gitg:5540): Gtk-WARNING **: Theme parsing error: gtk.css:72:18: Not using units is deprecated. Assuming 'px'. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781007: network-manager has an 128 max connections limit
Package: network-manager Version: 0.9.10.0-6 Severity: important OK, this may sound weird but... I have noticed some odd behavior, with Network Manager not showing one of my GSM providers on the tray icon at random. Then today, I wanted to edit one of my connections to change the DNS server list and hit Edit connections (which spawns nm-connection-editor) and could not find it. Repeated invocations of nm-connection-editor showed different connections being listed -- I even got the connection I wanted at some point. I initially thought it was an NM GUI bug, so I tried both nmtui and nmcli and the same thing happened: every time I called them I could see a list of connections but somewhat different every time. Then... I thought of counting them: it seems that nmcli c |wc -l consistently reports back 129 (header line + 128 connections). Saving + diffing the output, though, seems to indicate that I get a different list of 128 saved connections every time I call it (I have lots of them as this includes a lot of random hotspots I've picked up while travelling). This is quite an annoying limitation and manifests quite badly in a hard to debug way. I could see this being triaged as serious as well -- the only reason I didn't is that probably not a lot of people have 128 connections saved. I'd prefer if I didn't list my connections here for privacy reasons, but do let me know if there's anything you want to run on the system itself for debugging purposes. Thanks, Faidon -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781005: Additional details (heisenbug: BADSIG A040830F7FAC5991)
jm_ on #debian kindly pointed out this reference: http://blog.mycre.ws/articles/bad-google-repository-signatures/ Which says that: 1. it's google fault; and 2. they might fix the symptoms, but they won't fix the underlying cause. It doesn't suggest any workaround except to re-run apt-get update. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780555: apt-cacher-ng: Use with Fedora Rawhide is problematic
On 24/03/15 07:34, Eduard Bloch wrote: Hallo, * Carlos Maddela [Mon, Mar 23 2015, 06:20:46PM]: On 22/03/15 21:25, Eduard Bloch wrote: Hallo, * Carlos Maddela [Fri, Mar 20 2015, 01:37:03AM]: https://mirrors.fedoraproject.org/publiclist . Some of the sites you added are already in the list that I compiled a couple of weeks ago but not all; and they are also not on the publiclist page. Could you reveal the source of that mirror urls? Those mirrors were automatically generated by the metalink line in the standard fedora-repos-rawhide package, which was https://mirrors.fedoraproject.org/metalink?repo=rawhidearch=$basearch. I ended up disabling the metalink feature, because just when you thought you had all mirrors covered, a new one would be chosen. I am thinking about using this metalink service to create my mirror lists instead of parsing the publiclist page. I hacked something together. Could you please verify the resulting output? Script attached, run it like: DBTMP=/tmp sh fedorasources.sh Thanks. I am not sure how to interpret the urls, and rawhide repositories are maybe something that needs to be requested explicitly?! I tried the script with 3 different Australian ISPs multiple times and all resulted in the same output attached. I suspect the output will I have the weird feeling that this web service has some location based extra handling. When I run the command below, I get a list of 81 mirrors! (From Europe, Germany) never be a comprehensive list, perhaps just the mirrors closest to your location and/or with the least amount of traffic. Some of the mirrors included in my patch were not output this time. I looked at your list and picked one example of the missing ones (missing in MY longer list, of course). Which has led me to: http://ftp.jaist.ac.jp/pub/Linux/Fedora/releases/21/Images/ and it contains armhfp arch here (at least I hope this is the case). IMHO it should have been reported when metalink was called with: arch: repo=fedora-21arch=armhfp Right? Or maybe this is the nondeterministic behaviour that you mentioned above? Should it be called 3-10 times maybe? I've had a quick look at the mirrormanager code from https://git.fedorahosted.org/cgit/mirrormanager/ and found you can pass these other parameters with your request: path={e.g. /pub/fedora/linux/development/rawhide/x86_64/os/repodata/repomd.xml instead of repo and arch} country={e.g. de} netblock={??? Didn't look into much, but maybe xxx.xxx.xxx.xxx/xxx} location={??? Didn't look into much either, but maybe just an alias to country} ip={Any ip address you want to simulate that the request came from, but most useful when 0.0.0.0 for global} Also, instead of metalink, the request may be done through mirrorlist. The output is a simple list, which is easier to parse than the XML output by metalink. For example, the following request: https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-21arch=armhfpip=0.0.0.0 includes ftp.jaist.ac.jp, as you would expect. In the code, I came across some comments that mentioned that some mirrors may be made visible only to other mirrors. So although adding the ip=0.0.0.0 will give you a more complete list, it would never be a truly complete list unless you mirror the archive yourself. A case in point is the Australian mirror that I've always used: mirror.aarnet.edu.au. It doesn't seem to be officially listed as a Fedora mirror, yet you already have it included as a Fedora mirror in apt-cacher-ng. Best regards, Carlos -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781074: dpkg-dev: Use of uninitialized value X in Dpkg/Arch.pm
Package: dpkg Version: 1.17.24 Severity: normal Hi, The following warnings were seen during the debian-installer build[1][2]: dpkg-distaddfile debian-installer-images_20150324_ppc64el.tar.gz raw-installer - dpkg-distaddfile: warning: File::FcntlLock not available; using flock which is not NFS-safe dpkg-genchanges -B -mppc64el Build Daemon (ppc64el-unicamp-01) buildd_ppc64el-ppc64el-unicamp...@buildd.debian.org ../debian-installer_20150324_ppc64el.changes dpkg-genchanges: binary-only arch-specific upload (source code and arch-indep packages not included) Use of uninitialized value $b in string eq at /usr/share/perl5/Dpkg/Arch.pm line 399. Use of uninitialized value $arch in pattern match (m//) at /usr/share/perl5/Dpkg/Arch.pm line 335. Use of uninitialized value $arch in hash element at /usr/share/perl5/Dpkg/Arch.pm line 340. dpkg-source --after-build debian-installer-20150324 dpkg-buildpackage: binary-only upload (no source included) [...] Thanks, ~Niels [1] https://buildd.debian.org/status/fetch.php?pkg=debian-installerarch=ppc64elver=20150324stamp=1427175020 [2] https://buildd.debian.org/status/fetch.php?pkg=debian-installerarch=amd64ver=20150324stamp=1427175182 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#768922: [Debian-ha-maintainers] pacemaker in jessie
On Mon, 9 Mar 2015 12:28:44 +0100 franz schaefer schae...@mond.at wrote: the libqb0 version 0.17.0-2 compiled on jessie out of the box. so that should be quick and easy. who is going to do it? In https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768922#35 Jonathan Wiltshire (member of the release team) stated that migrating libqb isn't an option. And the pacemaker reversion did not happen either. Lacking direction, other people couldn't do anything about this either. Ok. but what i do not understand: as it seems libqb is only used by pacemaker and its daemons only anyway. so even if it is not as clean as one would wish for: why cant we still have it? as i said: it compiled fine and with that library all the pacemaker stuff seems to work well. i would say it is better to have pacemaker then to not have it in the distribution... mond -- ~~ .Franz Schaefer GPG KeyID: CFA2F632 .. +43 699 106 14 590 +43 720502048 Fingerprint: 57C2 C0CC ... schae...@mond.at 6F0A 54C7 0D88 D37E ... http://www.mond.at/ C17C CB16 CFA2 F632 That cluster stack really doesn't actually work fine though, it just starts up - but then nothing else works; and that's if it even starts for you. Firstly, let me help by providing these links (provided by digimer of clusterlabs - and he did say to take it with a grain of salt): https://alteeve.ca/w/AN!Cluster_Tutorial_2 https://alteeve.ca/w/History_of_HA_Clustering The biggest issue is that the clusterlabs stack no longer uses cman (its deprecated...or even worse than deprecated; abandoned much like heartbeat). CLI tools include (but are not limited to) crmsh and pcs. Pacemaker 1.10.x doesn't come with cman support, but libcorosync 1.4.6 and any of the other non-sid/experimental packages from Debian are meant to work with cman, because prior to 2.x: Corosync didn't handle quorum on its own. RHEL only used cman until the new configuration was ready and they were able to migrate (upgrading breaks the cluster). You can upgrade to libcorosync 2.3.3 from unstable or experimental, but it was built with the improper dependencies for the modern stack configuration - as evident by the massive errors you get by installing all of the newest corosync libraries (cpg, cfg, cmap, totem, quorum, etc) from Debian, and trying to run corosync and pacemaker (CMAP via pacemaker complains about database API errors, other cmap errors, connections refused errors, etc - I've been in the clusterlabs channel for days now sorting this out). Attempting to use libcorosync 2.3.3 with older dependency packages won't work because those older packages expect cman or crmsh to be installed and of course yields API errors (naturally). There is no crmsh package or pcs/pcsd package to replace cman, in fact you need to install cman to get crmsh on Debian at this time without building from source. Yet for clarity, beekof (pacemaker author) recommends pcs, and clusterlabs associates state crmsh is good too. --- So what we really need are new packages across the board (and they should be brand new packages): 1. libqb (latest from github) 2 libcorosync (latest from github --enable-systemd). And I think we should keep all the libraries in the exact same package, rather than all broken up (cfg, cpg, sam, etc - this will make it easier to choose an older stack or the modern one. How often does anyone use those libraries outside of pacemaker/corosync anyhow?) 3. pacemaker (latest from github --with-corosync --with-cs-quorum ) 4. crmsh pcs/pcsd. I've gotten both to build on Debian and work with no issue, they are what modern documentation is based on, and are the recommended 'editors' to use with the modern stack. Lastly, it wasn't just yesterday that clusterlabs updated the stack...its been corosync 2.x and pacemaker 1.x for years now. Debian is just extraordinarily out of date sticking with corosync 1.4.6 and recommending backports to users. I've offered to help, I can package any of the components, contribute to code, etc. I've requested to join Debian-HA on alioth (Devrik-Guest). I'll post pacemaker, corosync, libqb, and crmsh/pcs/pcsd to debian mentors if I'm not allowed to join the team. Hopefully something can be done. Best, -- Rik signature.asc Description: This is a digitally signed message part
Bug#743872: spamassassin: sa-update error when run by cron.daily task
Willing to send diffs if that makes it easier (perhaps, considering the timing I should only send patches for jessie). Anyway, if required - let me know which (or both) you'd like. Best - Mark Symonds -- Syminet Internetworking Solutions https://secure.syminet.com/ 1-949-379-8472 ext. 8049 GPG: 2048R/966057BB On Mar 19, 2015, at 10:33 PM, Bob Proulx b...@proulx.com wrote: Bob Proulx wrote: Mark - Syminet wrote: Fixed with the following commands: chown -R debian-spamd:debian-spamd /etc/spamassassin /var/lib/spamassassin Yes. Actually no. I neglected to see the /etc/spamassassin in there. Don't do that. That's bad. Those files should be owned by root. The sa-update process should not be able to write to them. chown -R root:root /etc/spamassassin Sorry for fumbling that part of my response. Bob signature.asc Description: Message signed with OpenPGP using GPGMail
Bug#743872: spamassassin: sa-update error when run by cron.daily task
If patches for both wheezy and jessie would be helpful here - let me know . On Mon, 23 Mar 2015 23:37:04 -0600 Mark - Syminet m...@syminet.com wrote: I think the solution, is this: Modify /etc/cron.daily/spamassassin to reset the permissions - just before the sleep stanza. It is a simple task: chown -R debian-spamd:debian-spamd /var/lib/spamassassin; ...and that's it. People can now run sa-update as root, invoke-rc.d spamassassin if they wish - and it will work as expected. And that evening, the cronjob will quietly reset the ownership:permissions to what they should be (on debian), and run everything without error. ...how does this not fulfill each case? -- Mark -- Syminet Internetworking Solutions https://secure.syminet.com/ 1-949-379-8472 ext. 8049 GPG: 2048R/966057BB On Mar 19, 2015, at 10:33 PM, Bob Proulx b...@proulx.com wrote: Bob Proulx wrote: Mark - Syminet wrote: Fixed with the following commands: chown -R debian-spamd:debian-spamd /etc/spamassassin /var/lib/spamassassin Yes. Actually no. I neglected to see the /etc/spamassassin in there. Don't do that. That's bad. Those files should be owned by root. The sa-update process should not be able to write to them. chown -R root:root /etc/spamassassin Sorry for fumbling that part of my response. Bob Mark -- Syminet Internetworking Solutions https://secure.syminet.com/ 1-949-379-8472 ext. 8049 GPG: 2048R/966057BB signature.asc Description: Message signed with OpenPGP using GPGMail
Bug#781073: unblock: libzip/0.11.2-1.2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi Please unblock package libzip, it fixes CVE-2015-2331, #780756: libzip (0.11.2-1.2) unstable; urgency=high * Non-maintainer upload. * Add CVE-2015-2331.patch patch. CVE-2015-2331: ZIP integer overflow leads to writing past heap boundary. (Closes: #780756) -- Salvatore Bonaccorso car...@debian.org Fri, 20 Mar 2015 20:17:45 +0100 Attached is the full debdiff as well. unblock libzip/0.11.2-1.2 Regards, Salvatore -- System Information: Debian Release: 7.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff -Nru libzip-0.11.2/debian/changelog libzip-0.11.2/debian/changelog --- libzip-0.11.2/debian/changelog 2014-08-06 15:40:49.0 +0200 +++ libzip-0.11.2/debian/changelog 2015-03-20 20:18:20.0 +0100 @@ -1,3 +1,12 @@ +libzip (0.11.2-1.2) unstable; urgency=high + + * Non-maintainer upload. + * Add CVE-2015-2331.patch patch. +CVE-2015-2331: ZIP integer overflow leads to writing past heap boundary. +(Closes: #780756) + + -- Salvatore Bonaccorso car...@debian.org Fri, 20 Mar 2015 20:17:45 +0100 + libzip (0.11.2-1.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru libzip-0.11.2/debian/patches/CVE-2015-2331.patch libzip-0.11.2/debian/patches/CVE-2015-2331.patch --- libzip-0.11.2/debian/patches/CVE-2015-2331.patch 1970-01-01 01:00:00.0 +0100 +++ libzip-0.11.2/debian/patches/CVE-2015-2331.patch 2015-03-20 20:18:20.0 +0100 @@ -0,0 +1,18 @@ +Description: CVE-2015-2331: ZIP integer overflow +Origin: https://github.com/php/php-src/commit/ec779124cb7279493ce1ca1088d1aaa32e82479a +Bug-Debian: https://bugs.debian.org/780756 +Forwarded: not-needed +Author: Salvatore Bonaccorso car...@debian.org +Last-Update: 2015-03-20 + +--- a/lib/zip_dirent.c b/lib/zip_dirent.c +@@ -110,7 +110,7 @@ _zip_cdir_new(zip_uint64_t nentry, struc + + if (nentry == 0) + cd-entry = NULL; +-else if ((cd-entry=(struct zip_entry *)malloc(sizeof(*(cd-entry))*(size_t)nentry)) == NULL) { ++else if (nentry ((size_t)-1)/sizeof(*(cd-entry)) || (cd-entry=(struct zip_entry *)malloc(sizeof(*(cd-entry))*(size_t)nentry)) == NULL) { + _zip_error_set(error, ZIP_ER_MEMORY, 0); + free(cd); + return NULL; diff -Nru libzip-0.11.2/debian/patches/series libzip-0.11.2/debian/patches/series --- libzip-0.11.2/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ libzip-0.11.2/debian/patches/series 2015-03-20 20:18:20.0 +0100 @@ -0,0 +1 @@ +CVE-2015-2331.patch
Bug#781072: auth_in_received breaks twice the Received header
Package: spamass-milter Version: 0.3.2-1 Severity: important - (envelope-from +assassin-from()+)\r\n); + (envelope-from +assassin-from()+\r\n; One ) too many is deleted by this line of the auth_in_received patch, so the generated Received header is malformed: Received: from mail.wrestlingdome.cf (123nettilbud.info [5.175.193.150] (may be forged)) by in-2.smtp.seeweb.it(Postfix 2.9.6/8.13.0) with SMTP id unknown Tue, 24 Mar 2015 03:15:37 +0100 (envelope-from i...@wrestlingdome.cf Also, this patch reverts the fix in the fix_spacing_in_received_header patch. -- ciao, Marco pgpxRzAeJDmh6.pgp Description: PGP signature
Bug#743872: spamassassin: sa-update error when run by cron.daily task
I think the solution, is this: Modify /etc/cron.daily/spamassassin to reset the permissions - just before the sleep stanza. It is a simple task: chown -R debian-spamd:debian-spamd /var/lib/spamassassin; ...and that's it. People can now run sa-update as root, invoke-rc.d spamassassin if they wish - and it will work as expected. And that evening, the cronjob will quietly reset the ownership:permissions to what they should be (on debian), and run everything without error. ...how does this not fulfill each case? -- Mark -- Syminet Internetworking Solutions https://secure.syminet.com/ 1-949-379-8472 ext. 8049 GPG: 2048R/966057BB On Mar 19, 2015, at 10:33 PM, Bob Proulx b...@proulx.com wrote: Bob Proulx wrote: Mark - Syminet wrote: Fixed with the following commands: chown -R debian-spamd:debian-spamd /etc/spamassassin /var/lib/spamassassin Yes. Actually no. I neglected to see the /etc/spamassassin in there. Don't do that. That's bad. Those files should be owned by root. The sa-update process should not be able to write to them. chown -R root:root /etc/spamassassin Sorry for fumbling that part of my response. Bob signature.asc Description: Message signed with OpenPGP using GPGMail
Bug#774492: [vim] c{motion} temporary cancels 'linebreak' option for current line
Hallo Joachim! Joachim Breitner schrieb am Montag, den 23. März 2015: Hi, On Fri, 23 Jan 2015 10:30:59 +0100 Christian Brabandt c...@256bit.org wrote: Note, this bug has been fixed upstream with 7.4.576 (the commit message mentions relativenumber setting, but the patch actually has nothing to do with it.) great! I keep rebuilding vim with every upload to add this patch. Any chance to get this included, soon, and targeted for the next release (or at least the subsequent point release). It is a significant show-stopper when editing large bodies of natural text with vim, at least for me. Couldn't we include that one as a backport (e.g. include it in the debian/patches directory)? Best, Christian -- Auch der Dumme hat manchmal einen gescheiten Gedanken. Er merkt es nur nicht. -- Danny Kaye (eig. Daniel David Sominski) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781058: www.debian.org: Update HP info in partners/index.wml page
Package: www.debian.org Severity: normal Tags: patch Hi everybody I'm attaching a patch with the new paragraph about HP. The wording has passed review in -publicity and -debconf because of the publication of a blog post about HP sponsoring DebConf15 at a platinum level. Martin Michlmayr gave us some feedback too. My plan is, if there are no objections, to update the website soon after the blog post is published. -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 3.16.0-4-686-pae (SMP w/2 CPU cores) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) --- /home/larjona/Documentos/l10n/Debian/webwml/english/partners/index.wml +++ /home/larjona/Documentos/l10n/Debian/webwml/english/partners/index.new.wml @@ -28,16 +28,16 @@ div partnerlogo Hewlett-Packard hp.gif http://www.hp.com/; partnerdesc - pa href=http://www.hp.com/;Hewlett-Packard/a has provided several - high-end HPPA, IA-64 and IA-32 servers and workstations to Debian, - and HP employs several developers to work on Debian HPPA and IA-64 - ports. For information about HP's involvement in the Linux Open Source + pa href=http://www.hp.com/;Hewlett-Packard/a hardware for port development, + Debian mirrors, and other Debian services (HP hardware donations are listed in + the [Debian machines](https://db.debian.org/machines.cgi) page). + For information about HP's involvement in the Linux Open Source community, see a href=http://www.hp.com/products1/linux/;HP Linux/a./p - - pHP is one of the largest computer companies in the world, and it - provides a wide range of products and services, such as all kinds of - PCs, calculators, printers, scanners, plotters, various storage - products, network servers and equipment, software etc./p + + pHewlett-Packard is one of the largest computer companies in the +world, providing a wide range of products and services, such as +servers, PCs, printers, storage products, network equipment, software, +cloud computing solutions, etc./p /partnerdesc /div
Bug#781050: libcap2-bin: removes confile it doesnt own
Control: tag -1 + moreinfo Hi Holger, I'm having problems reproducing this. I just tried upgrading in pristine wheezy VMs (a) with libcap2-bin (b) with libcap2-bin + libpam-cap installed, and I didn't encounter this issue. On 2015-03-23 21:06, Holger Levsen wrote: to fix #768229 (conffile not removed), you added code to do that in the postinst script of libcap2-bin. Unfortunatly, this confile is owned by libpam- cap nowaways, and thus upgrades from wheezy to jessie now get a missing /etc/security/capability.conf file if _only_ libcap2-bin is installed, then /etc/security/capability.conf is superfluous, so this shouldn't be an issue. and thisquestion during upgrades: Setting up libpam-cap:amd64 (1:2.24-7) ... OK, but in this case, we don't have libcap2-bin, but libcap2-bin + libpam-cap instead. Configuration file `/etc/security/capability.conf' == Deleted (by you or by a script) since installation. == Package distributor has shipped an updated version. This is the part that puzzles me. capability.conf only gets rm_conffile'd in the most recent version, but in none of my tests does this trigger the above. I'll need to investigate some more... Regards, Christian What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** capability.conf (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing libpam- cap:amd64 (--configure): -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#758086: CVE-2012-6153: Apache HttpComponents client: Hostname verification susceptible to MITM attack
Le 23/03/2015 16:43, Moritz Muehlenhoff a écrit : *ping*, the release is getting closer. I'm still missing a test case to ensure the patch does indeed address the issue. Emmanuel Bourg -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781033: python-django: manage dbshell fails to transmit settings password to postgresql
Package: python-django Version: 1.7.6-1 Severity: minor Hi When one runs the generated ./manage.py with runserver argument, django find the host, dbname, username, and password and runs ok. But when one runs it with dbshell argument, django only uses host, dbname and username. Then a prompt asks the user for the password. I expected django to use the password from settings, as it does for other commands. I'm using postgresql. $ grep HOST settings.py 'HOST': '127.0.0.1', # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP. -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (990, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages python-django depends on: ii python-django-common 1.7.6-1 pn python:anynone Versions of packages python-django recommends: ii libjs-jquery 1.7.2+dfsg-3.2 ii python-sqlparse 0.1.13-2 ii python-tz2012c+dfsg-0.1 Versions of packages python-django suggests: pn bpythonnone pn geoip-database-extra | geoip-database-contrib none ii gettext0.19.3-2 ii ipython2.3.0-2 pn libgdal1 none pn python-bcrypt none pn python-django-doc none pn python-flupnone pn python-memcachenone pn python-mysqldb none ii python-pil 2.6.1-1+b1 ii python-psycopg22.5.4+dfsg-1 pn python-sqlite none ii python-yaml3.11-2 -- no debconf information signature.asc Description: OpenPGP digital signature
Bug#781002: initramfs-tools: no kernel modules are insert into initrd
Control: tag -1 moreinfo On Sun, 2015-03-22 at 19:39 -0500, richard jasmin wrote: Package: initramfs-tools Version: 0.109.1 Severity: important Dear Maintainer, Why O why is not initrd containing my modules for rebuilt 4.0 kernel? Kernel 3.2.0-4-amd64 has the necessary kernel modules and then some.This is causing failure to find root device on reboot as no driver modules are loaded. [...] Try upgrading to initramfs-tools 0.119. Ben. -- Ben Hutchings If you seem to know what you are doing, you'll be given more to do. signature.asc Description: This is a digitally signed message part
Bug#765633: Bug#780797: openssh-server: modifies the user configuration
On Mon, 2015-03-23 at 10:17 +, Colin Watson wrote: I disagree with this characterisation. Well I guess we won't come to an agreement here. I've had a short glance over the discussion that the IETF WG and upstream had about the bug you've mentioned, and it seems that both seemed to think the current use of that is rather hacky Please stop making personal attacks on them. It hasn't been my intention to do so, I guess that must be a misunderstanding. You claim it's dangerous, which is not the same thing as it being known to be dangerous. I disagree that there is a realistic danger in accepting LC_*. Well, I guess upstream is on my side here :) Sure. That doesn't cause any technical issues other than some spurious error messages, Or corrupted character display in things like vi, which one may or may not notice and work with that content. and in my experience it's often been a reminder for users to get their sysadmins to enable the relevant locales, which ends up in a better place than doing nothing would have done. Wouldn't that be the same argumentation when people notice that some custom variables they need to be sent/accpeted aren't? They notice it - they have to properly configure it. Okay maybe I just misunderstand something here and the two similarly looking situations are completely different. Best wishes and bye, Chris. smime.p7s Description: S/MIME cryptographic signature
Bug#781033: python-django: manage dbshell fails to transmit settings password to postgresql
Hi, On Mon, 23 Mar 2015, Jean-Michel Nirgal Vourgère wrote: When one runs the generated ./manage.py with runserver argument, django find the host, dbname, username, and password and runs ok. But when one runs it with dbshell argument, django only uses host, dbname and username. Then a prompt asks the user for the password. dbshell just runs psql with the appropriate parameters. psql does not accept a password on the command-line or in an environment variable (because it's unsafe, as other users can see the command line), but only interactively. Thus there is just no way to safely feed the password, short of hijacking the whole standard input of psql or automatically modifying ~/.pgpass (both possibilities look bad to me) I would suggest to setup ~/.pgpass if you are really bothered by this. If you agree with this analysis, then I'll close the bug. If you don't, then we should reassign this to postgresql-client as a wishlist bug to ensure psql has a reliable way to be fed a password (like an option to use a custom password file). Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781050: libcap2-bin: removes confile it doesnt own
package: libcap2-bin version: 1:2.24-7 severity: serious x-debbugs-cc: p...@debian.org Hi, to fix #768229 (conffile not removed), you added code to do that in the postinst script of libcap2-bin. Unfortunatly, this confile is owned by libpam- cap nowaways, and thus upgrades from wheezy to jessie now get a missing /etc/security/capability.conf file and thisquestion during upgrades: Setting up libpam-cap:amd64 (1:2.24-7) ... Configuration file `/etc/security/capability.conf' == Deleted (by you or by a script) since installation. == Package distributor has shipped an updated version. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** capability.conf (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing libpam- cap:amd64 (--configure): I've seen this in several jenkins jobs, eg https://jenkins.debian.net/job/chroot-installation_wheezy_install_education- development_upgrade_to_jessie/63//console but also https://jenkins.debian.net/job/chroot- installation_wheezy_install_lxde_upgrade_to_jessie/562//console and https://jenkins.debian.net/job/chroot- installation_wheezy_install_full_desktop_upgrade_to_jessie/567//console Also see https://packages.debian.org/sid/amd64/libpam-cap/filelist cheers, Holger signature.asc Description: This is a digitally signed message part.
Bug#781034: mirror submission for ftp.daumkakao.com
Package: mirrors Severity: wishlist Submission-Type: new Site: ftp.daumkakao.com Type: leaf Archive-architecture: amd64 armel armhf i386 Archive-http: /debian/ Backports-http: /debian-backports/ CDImage-http: /debian-cd/ IPv6: no Archive-upstream: ftp.kr.debian.org Backports-upstream: ftp.kr.debian.org CDImage-upstream: ftp.kr.debian.org Updates: twice Maintainer: Charlie.Choe ftp-mas...@daumkakao.com Country: KR Korea, Republic of Sponsor: Daum Kakao. Corp. http://www.daumkakao.com/ Comment: http://ftp.daumkakao.com is replacement for http://ftp.daum.net -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#758086: CVE-2012-6153: Apache HttpComponents client: Hostname verification susceptible to MITM attack
On 23.03.2015 17:04, Emmanuel Bourg wrote: Le 23/03/2015 16:43, Moritz Muehlenhoff a écrit : *ping*, the release is getting closer. I'm still missing a test case to ensure the patch does indeed address the issue. Hi, a way to reproduce this issue was mentioned by upstream here: https://mail-archives.apache.org/mod_mbox/www-announce/201408.mbox/CVE-2014-3577 To clarify: CVE-2012-6153 was assigned because of an incomplete fix for CVE-2012-5783. The latter is already addressed in Debian's package. However CVE-2012-6153 was still incomplete, so that CVE-2014-3577 had to be created. See this comment in RedHat's bug tracker. https://bugzilla.redhat.com/show_bug.cgi?id=1129916#c15 The fix for CVE-2014-3577 is supposed to fix CVE-2012-5783 and CVE-2012-6153 which means we have to replace the current 06_fix_CVE-2012-5783.patch with the one Raphael Hertzog mentioned earlier in this thread. https://git.centos.org/blob/rpms!jakarta-commons-httpclient/5acb7f7b3e637c3a6d072e3f037a3c4abb6c48af/SOURCES!jakarta-commons-httpclient-CVE-2014-3577.patch By the way https://packages.qa.debian.org/h/httpcomponents-client.html in wheezy and squeeze is also affected by CVE-2014-3577. I will try to verify that the centos patch works. Regards, Markus signature.asc Description: OpenPGP digital signature
Bug#780591: ltsp-client-builder fails when installing Debian Edu combined server in virtualbox environment
Control: tag -1 -patch Control: tag -1 moreinfo On 2015-03-20, Wolfgang Schweer wrote: Control: reassign -1 ltsp-client-builder-udeb On Wed, Mar 18, 2015 at 07:48:05PM +0100, Wolfgang Schweer wrote: On Tue, Mar 17, 2015 at 10:00:08PM +0100, Wolfgang Schweer wrote: With this (trivial) modification installation succeeded. --- a/postinst 2015-03-06 10:00:00.0 +0100 +++ ltsp-client-builder.postinst 2015-03-17 21:39:38.824682599 +0100 @@ -64,7 +64,7 @@ db_progress STEP 1 if [ $USE_CDROM != false ] [ ! -f /target/media/cdrom/.disk/info ]; then -chroot /target mount /media/cdrom +mount /dev/cdrom /target/media/cdrom log mounting /media/cdrom fi This patch breaks USB stick installs. IMO there is no way for debian-edu-config to fix this LTSP chroot installation failure as it seems to be related to d-i components. I can't reproduce this with debian-installer... debian-edu images have the ordering of various components rearranged; in a standard debian-installer install grub-install is run after ltsp-client-builder, and in debian-edu the order is reversed. I'm guessing something in the reordering is causing you grief... I'll keep digging into it, but it really needs a simple test case to reproduce the problem. live well, vagrant signature.asc Description: PGP signature
Bug#781046: ITP: libmoox-role-logger-perl -- provide logging via Log::Any
Package: wnpp Severity: wishlist Owner: Jonas Smedegaard d...@jones.dk -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 * Package name: libmoox-role-logger-perl Version : 0.005 Upstream Author : David Golden dagol...@cpan.org * URL : https://github.com/dagolden/MooX-Role-Logger * License : Apache-2.0 Programming Lang: Perl Description : provide logging via Log::Any MooX::Role::Logger provides universal logging via Log::Any. The class using this role doesn't need to know or care about the details of log configuration, implementation or destination. . Use it when you want your module to offer logging capabilities, but don't know who is going to use your module or what kind of logging they will implement. This role lets you do your part and leaves actual log setup and routing to someone else. . The application that ultimately uses your module can then choose to direct log messages somewhere based on its own needs and configuration with Log::Any::Adapter. . This role is based on Moo so it should work with either Moo or Moose based classes. Packaging will be maintained in the Perl team. -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJVEGi4AAoJECx8MUbBoAEh5j4P/0+9ksEp5WXP8jFYbrBYLERS mhczt2Z8HIgH2FeBuWDyP0NReuFvJPuCb+JFVeCyvgbsRdQvGebcDYHFYWXxE+5q 3B27KjJa5kD6rEm61HOr4W6Ny7J7fbcA0IRcWVtb4xrgBb6LmYvmpcnm9CuZ/L0h nC1dPPoKHseatU8ZFqOAtzHj1uRzur6u5xdrkfq05J0X43YqT9XaTT0ATTgScpLq 2mlnqwXNnklsxPnP2e4TA8zEYIvsQff3wbXXIRnTYXlWBIiYalNs/PR0ooWLKUbl iNS1tF5BVg8cjfSo2WRP3AwdI8y/Pvd7eH/DGPykJvmSV7Pe9ogzyRTADdZ7dMEd 7Bu8B8S8WCeHNgKTJI2SHosI/p3+4JOX6gZidKVvBEREAQEa6U7mLwNwlHrHBJqt EXrUoCNZF2c5Jeo4REIaHjVpFNOsg0Ga0QT+V7e+csjo9IgdpFVbH9cKq3l28R78 1crFLJma3BaKXM9r9KtVdV4LXrQm/vxvj0taCgGNzjue88s3MvPGdB7xYYCEEbC+ pot6kob1YKCgdPIO8aofayK8jgdD3g2x2OVjAk+czNktFruc8LBCH/jHfQgqcPPd w1q1gDzH14f23HgsawfXdJxNhz1zJBmKV9JBMNnSv+R61A0mF1TSbzSRrZq0RKed Sv8nhPIqm8vf5X4QrBrO =6VBd -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#663253: gnome-terminal: tab should NOT get focus
Forwarded upstream: https://bugzilla.gnome.org/show_bug.cgi?id=746665 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#651462: New 3D libraries in cooperation with Autodesk. Antonio Citterio, Piero Lissoni.
This message was sent in HTML Format. If your mail client doesn't support HTML format, please view the online version at the following address: http://syncom.webhatnewsletter.it/_modules/newsletter/index.php?sAction=view_onlinesId=MzB8Njh8WU9sWXdjbG8zVg==
Bug#780928: rspamd doesn't play well with IPv6
tags 781008 pending thanks This issue is fixed in 0.8 branch upstream and will be fixed in Debian in next upload. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781047: libpcp3-dev: /usr/include/pcp/import.h missing
Package: libpcp3-dev Version: 3.10.1 Severity: important Dear Maintainer, the package is not installing all the header files please ship /usr/include/pcp/import.h Thanks, Shawn While you are at it Multi-arch would be nice -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libpcp3-dev depends on: ii libc6-dev [libc-dev] 2.19-17 ii libpcp3 3.10.1 libpcp3-dev recommends no packages. libpcp3-dev suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#761859: json ready
Hi, so I've spend some more time on this bug: - packages is now a dictionary - and so are the issues within the packages - the per issue dictionary repositories has been dropped - the keys for the release dictionaries are just one of these four now: sid, jessie, wheezy or squeeze (=-lts and -security keys have been dropped) - instead the repositories dictionary per issue a repositories dictionary per release was added - there's a new key, fixed_version, in each release dictionary now, if the issue has been marked as fixed. (sometimes the version is 0, eg if the vulnerable code was not present) This has been deployed on soler.d.o now. From my POV this bug can be closed now, I'm not aware of anything which should be fixed here. (Are you?) That said, related bugs are: #781029 include (dsa|dla)-needed in json output #761963 security-tracker: consolidate vulnerable/fixed per release in overviews #780892 security-tracker: please show unsupported packages as unsupported instead of unimportant cheers, Holger signature.asc Description: This is a digitally signed message part.
Bug#781048: Build with SPF: _HAVE_SPF2_H is not defined after configure
Source: opendmarc Version: 1.3.1 Severity: minor In its current distribution, the rules have following: --with-spf2-include=\$${prefix}/include/spf2 \ --with-spf2-lib=\$${prefix}/lib \ Which in the configure script ends up with ${prefix} not being replaced by its actual value, which means that the test will not define _HAVE_SPF2_H even if the files are present. Also, I would believe that for a build with SPF enabled, the --with-spf configure flag also needs to be defined. -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781051: php-wikidiff2: Not configured correctly when short_open_tag is false
Package: php-wikidiff2 Version: 0.0.1+svn109581-1 Severity: normal Dear Maintainer, The file /etc/mediawiki-extensions/extensions-available/wikidiff2.php start with ? instead of ?php. When PHP is configured with short_open_tag false which is the recommanded setting for production; the content of the file is displayed at the start of every page instead of being parsed and executed. Can you switch to ?php which will work with both settings? Thanks, -- System Information: Debian Release: 7.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (x86_64) Kernel: Linux 3.17.7.skc2 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages php-wikidiff2 depends on: ii libapache2-mod-php5 [phpapi-20100525+lfs] 5.4.39-0+deb7u1 ii libc6 2.13-38+deb7u8 ii libgcc11:4.7.2-5 ii libstdc++6 4.7.2-5 ii libthai0 0.1.18-2 ii php5 5.4.39-0+deb7u1 ii php5-cli [phpapi-20100525+lfs] 5.4.39-0+deb7u1 Versions of packages php-wikidiff2 recommends: ii mediawiki 1:1.19.20+dfsg-0+deb7u3 php-wikidiff2 suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#765633: Bug#780797: openssh-server: modifies the user configuration
On 2015-03-23 01:09:33 +0100, Christoph Anton Mitterer wrote: Maybe I've missed that since the discussion got quite long, but I don't remember that Vincent actually explained what broke (i.e. I know nothing that would use LC_CHARMAP or CODPAGE?)... and the others rather just complained about the silent/automatic change. The goal is to be able to pass the charmap; the standard environement variables don't carry this information in a portable way, and different Linux systems clash with each other. So, I do that with an unused environament variable, LC_CHARMAP, and use my shell startup file (.zshenv) to set the locales as I expect. -- Vincent Lefèvre vinc...@vinc17.net - Web: https://www.vinc17.net/ 100% accessible validated (X)HTML - Blog: https://www.vinc17.net/blog/ Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#771671: /sbin/kexec: Unable to load kdump kernel on i386
I was able to reproduce this same issue on bare metal HP BL460G7 server. After applying the attached patch the issue appears resolved. I verified I was able to load and then boot into the new kernel with kexec -e as well as successfully collect a core dump after executing sysrq-c. Thanks, Mike Bacco mike@debian-mbtest:~$ uname -rsv Linux 3.16.0-4-686-pae #1 SMP Debian 3.16.7-ckt7-1 (2015-03-01) mike@debian-mbtest:~$ sudo kdump-config load Could not find an installed debug vmlinux image and DEBUG_KERNEL is not specified in /etc/default/kdump-tools [warn] makedumpfile may be limited to -d 1 ... (warning). [ ok ] loaded kdump kernel. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781043: monopd/libcapsinetwork: CVE-2015-0841: off-by-one error in network code
Hello, On 23.03.2015 19:42, Niko Tyni wrote: [...] There's an off-by-one error in libcapsinetwork network handling code, which was merged into monopd in version 0.9.4. Thanks for the report. [...] I have informed the monopd upstream maintainer, Sylvain Rochet, about this. His suggested patch was - char *readBuf = new char[MAXLINE]; + char *readBuf = new char[MAXLINE+1]; // MAXLINE + '\0' The issue is present in at least monopd_0.9.7-2 (jessie/sid, embeds the code) Since upstream and the security team agree that this is not exploitable and thus not release critical, I suggest to fix this bug only in sid and stretch. libcapsinetwork_0.3.0-7 (wheezy, used by the wheezy monopd) libcapsinetwork_0.3.0-8 (jessie/sid, no reverse dependencies) The wheezy monopd doesn't contain the bug itself, only through libcapsinetwork linkage. I'm cloning a separate bug for libcapsinetwork. Please note that it's dead upstream (according to debian/copyright), and monopd upstream says it could be safely removed as no one should really want to use it anymore. My original intention was to ask for the removal of libcapsinetwork during the release cycle of stretch because the library seemed stable and reliable enough to warrant another inclusion in Debian stable. Given the fact that libcapsinetwork only supports IPv4 and the network code (including IPv6 support) is already included in monopd, we could also ask for the removal right now. If there are no objections, I will go ahead and ask the ftp team to remove libcapsinetwork from Debian (including Jessie). Regards, Markus signature.asc Description: OpenPGP digital signature
Bug#781049: gnome-session: gnome under wayland - black screen after login - then return to gdm
Package: gnome-session Version: 3.14.0-2 Severity: important Gdm is my login screen. Choosing Gnome under Wayland - login - black screen for ~ 3 second - return to gdm After on such an attempt, I want to login to standard gnome-shell, then again: black screen for ~ 3 second - return to gdm The second try works. The laptop is an Acer Aspire 5755G, it has an Intel onboard graphics and Nvidia GT 430 M GPU. I can start weston-launch from a virtual terminal, so wayland as such works Other packages that contain wayland in their name and are installed on my machine are: libwayland-client0:amd64install Version: 1.6.0-2 libwayland-cursor0:amd64install Version: 1.6.0-2 libwayland-dev install Version: 1.6.0-2 libwayland-egl1-mesa:amd64 install Version: 10.3.2-1 libwayland-server0:amd64install Version: 1.6.0-2 xwaylandinstall Version: 2:1.16.4-1 Thanks for any hints. -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages gnome-session depends on: ii gnome-session-bin 3.14.0-2 ii gnome-session-common 3.14.0-2 ii gnome-settings-daemon 3.14.2-3 ii gnome-shell3.14.2-3+b1 gnome-session recommends no packages. Versions of packages gnome-session suggests: ii desktop-base 8.0.2 ii gnome-keyring 3.14.0-1+b1 ii gnome-user-guide 3.14.1-1 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781052: ITP: liblog-any-adapter-screencoloredlevel-perl -- send logs to screen with colorized messages according to level
Package: wnpp Severity: wishlist Owner: Jonas Smedegaard d...@jones.dk -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 * Package name: liblog-any-adapter-screencoloredlevel-perl Version : 0.07 Upstream Author : perlancar perlan...@cpan.org * URL : https://metacpan.org/release/Log-Any-Adapter-ScreenColoredLevel * License : Artistic or GPL-1+ Programming Lang: Perl Description : send logs to screen with colorized messages according to level Log::Any::Adapter::ScreenColoredLevel prints log messages to screen (STDERR/STDOUT) colored according to level. It is just like Log::Log4perl::Appender::ScreenColoredLevel, even down to the default colors (with a tiny difference), except that you don't have to use Log::Log4perl. Of course, unlike Log4perl, it only logs to screen and has minimal features. Packaging will be maintained in the Perl team. -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJVEHVnAAoJECx8MUbBoAEhYq0P/3jAp0+s8Az34KuNPHD/7PXw DZbqVFeSMK934cs0KrEDV5bvXUVCW7ZE50XNcEKql3tGycrriH4ZzeffhNYzD2CT x4a3yZHIo0SQcsfSvMse+/zh0KsilG2jrVbzqZdDgh/7pVW4r5FaO6vqKVUeY86y EAs6EGLsbGR77RguzP/lBl8Y795+D8nrqetxI10BmfGrEKqPHM2+fDSHeTDZEN9I 9XEVtxaxDOwpk8LOdvhL/IqjqgptaafNDMTBtsqQBZBey55iJB5y9oxRgrAUaiGD ULAvm215z6V8lzWXhPkOqAuuTJPm4vuYHtXqik8cTauOWyqmeFYtXCDUmPpzABaq 2teH8FOUzGM9F+H+Dhgx+q4W+bpYM+WrQW6Ymeg5NK//jLRNStgl5jcljQ4O2vFL 5oVyD0uQHc70rVSUTz4/C0Z3v+tfkUkZgdpPHiydGffx+AuSZThWVc8eueKbFfAt JMONZr46vY585d/gummvZR6elYBbjr45Q1HDeG3xcydVQ2pFFinDzI86MjJixauA dK9YL9sWxJdI0JvJfzzF/gXGVdgbznX5rCKtpv2mpbncetvRfR8PpazwakP/c1Bp C3X4JT4N5gcxvDPDvqFHrn/Jwjr1bc12T7effw4AOZDg/ai57v1spvfL1g32A8i5 QdrzbqGsRCGVP7ZfuWrP =XziT -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#472447: ipv6(7): should document SOL_IPV6
tags 472447 + fixed-upstream stop See commits https://git.kernel.org/cgit/docs/man-pages/man-pages.git/commit/man7/ipv6.7?id=8013e4ef703e3d1199dfb628e6fe1e0fd290ca49 and https://git.kernel.org/cgit/docs/man-pages/man-pages.git/commit/man7/ipv6.7?id=636355f9c283771953d42f1dde656b022db6285b It will be in manpages 3.82. -- Stéphane Aulery -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780956: laptop-mode-tools: no equivalent of /etc/power/scripts.d/laptop-mode for systemd suspend
On Monday 23 March 2015 02:37 AM, Ondřej Grover wrote: In conclusion, I think this is another unrelated problem. Not only there seems to be no facility to reapply laptop-mode-tools settings after resuming (as pm-utils did), but the service itself is not enabled by default. Thank you for your time and effort. I think I know the problem. Can you run `systemctl enable laptop-mode.service` and then restart your machine? Post that, things should behave normal. -- Ritesh Raj Sarraf RESEARCHUT - http://www.researchut.com Necessity is the mother of invention. signature.asc Description: OpenPGP digital signature
Bug#781016: related
also known here for Ubuntu: https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1082767 and probably the root-cause: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513460 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#771841: surf crash backtrace
Sure! Please do Sent from my iPhone On Mar 23, 2015, at 5:59 AM, Alberto Garcia be...@igalia.com wrote: Hey, I think I have a patch that might fix the powerpc problem, but I don't have a machine to test it. If I build a webkit package for you with that patch, can you test it and tell me if it works? Thanks, Berto -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780941: mdadm.conf: missing explicit hotplug POLICY
Thank you for your valuable note. Am Mon, 23 Mar 2015 08:11:53 +1100 schrieb NeilBrown ne...@suse.de: POLICY domain=default action=re-add I do not recommend this as a default setting (otherwise, it would be the default). You should only set the policy to re-add if you believe that path failure is significantly more likely than media or mechanism failure. i.e. the best choice depends on the particular hardware in use. By path failure do you mean physical disconnects? What would be the adverse effect with media or mechanism failure? Is it something with the failing re-add attempt on reboots? If re-adds on reboot are bad, maybe this description is better then: ## Allow automatic re-adding of failed devices when they reappear. ## This will however also trigger re-add attempts when rebooting after ## a true media or mechanism failure. ## (Requires a write-intent bitmap.) # #POLICY domain=default action=re-add -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781015: xkb-data: french bepo no underscore no non-breaking space
Package: xkb-data Version: 2.12-1 Severity: minor Dear Maintainer, Since my last update in testing yesterday, I've lost the underscore (Space + AltGr) and NBSP (Shift + Space). I upgrade to Sid and have the same problem. -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780555: apt-cacher-ng: Use with Fedora Rawhide is problematic
On 22/03/15 21:25, Eduard Bloch wrote: Hallo, * Carlos Maddela [Fri, Mar 20 2015, 01:37:03AM]: https://mirrors.fedoraproject.org/publiclist . Some of the sites you added are already in the list that I compiled a couple of weeks ago but not all; and they are also not on the publiclist page. Could you reveal the source of that mirror urls? Those mirrors were automatically generated by the metalink line in the standard fedora-repos-rawhide package, which was https://mirrors.fedoraproject.org/metalink?repo=rawhidearch=$basearch. I ended up disabling the metalink feature, because just when you thought you had all mirrors covered, a new one would be chosen. I am thinking about using this metalink service to create my mirror lists instead of parsing the publiclist page. I hacked something together. Could you please verify the resulting output? Script attached, run it like: DBTMP=/tmp sh fedorasources.sh Thanks. I am not sure how to interpret the urls, and rawhide repositories are maybe something that needs to be requested explicitly?! I tried the script with 3 different Australian ISPs multiple times and all resulted in the same output attached. I suspect the output will never be a comprehensive list, perhaps just the mirrors closest to your location and/or with the least amount of traffic. Some of the mirrors included in my patch were not output this time. Regards, Carlos arch: repo=fedora-20arch=armhfp arch: repo=fedora-20arch=i386 arch: repo=fedora-20arch=ppc arch: repo=fedora-20arch=ppc64 arch: repo=fedora-20arch=s390 arch: repo=fedora-20arch=s390x arch: repo=fedora-20arch=x86_64 arch: repo=fedora-21arch=aarch64 arch: repo=fedora-21arch=armhfp arch: repo=fedora-21arch=i386 arch: repo=fedora-21arch=ppc64 arch: repo=fedora-21arch=ppc64le arch: repo=fedora-21arch=s390 arch: repo=fedora-21arch=s390x arch: repo=fedora-21arch=x86_64 arch: repo=fedora-22arch=aarch64 arch: repo=fedora-22arch=armhfp arch: repo=fedora-22arch=i386 arch: repo=fedora-22arch=ppc64 arch: repo=fedora-22arch=ppc64le arch: repo=fedora-22arch=s390 arch: repo=fedora-22arch=s390x arch: repo=fedora-22arch=x86_64 http://dl.fedoraproject.org/pub/fedora-secondary/ http://fedora-mirror02.rbc.ru/pub/fedora-secondary/ http://fedora.mirror.digitalpacific.com.au/linux/ http://fedora.mirror.uber.com.au/fedora/linux/ http://fr2.rpmfind.net/linux/fedora-secondary/ http://ftp.heanet.ie/mirrors/fedora-secondary/ http://ftp.icm.edu.pl/pub/Linux/dist/fedora-secondary/ http://ftp.iinet.net.au/pub/fedora/linux/ http://ftp-stud.hs-esslingen.de/pub/fedora-secondary/ http://mirror.as24220.net/pub/fedora/linux/ http://mirror.chpc.utah.edu/pub/fedora-secondary/ http://mirror.crucial.com.au/fedora/linux/ http://mirror.iprimus.com.au/fedora/linux/ http://mirrors.kernel.org/fedora-secondary/ http://mirrors.nic.cz/fedora-secondary/ http://mirrors.rit.edu/fedora/fedora-secondary/ http://mirrors.tummy.com/pub/fedora.redhat.com/secondary/ http://ucmirror.canterbury.ac.nz/linux/fedora/linux/
Bug#781011: libdb5.3 license problem
Package: libdb5.3 Serverity: serious Hello. libdb5.3 is included licensed under Artistic license code. no version elected. Note: If this license is Artistic License Version 2, This is not problem. (Artistic License 2.0 is FSF-Free, GPL compatible.) FileList: src/crypto/mersenne/mt19937db.c This code is DFSG-Free, but not FSF-Free, and GPL incompatible. This library used GPL'ed software. (E,g jigdo, etc...) It is non-free, GPL incompatible. (See Summary) And, Not display this code's copyright statement. (missing copyright file) Summary: SleepyCat License code + Artistic License (Version 1.0) or FSF non-free code + GPL code = Not OK (GPL incompatible) SleepyCat License code + Artistic Licence (Version 2.0) code + GPL code = OK (GPL compatible) SleepyCat License code + GPL or GPL compatible license code + GPL code = OK (GPL compatible) (Note: GPL code is no exception, default GPL licensed code.) Suggests: 1. Remove GPL problematic code, and rebuild. and add copyright file. 2. Replace GPL compatible code, and rebuild. and add copyright file. 3. Contact Upstream author. 4. Remove Debian archive. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=886838 https://lists.debian.org/debian-devel/2013/07/msg00140.html https://www.gnu.org/philosophy/license-list.html#ArtisticLicense https://www.gnu.org/philosophy/license-list.html#ArtisticLicense2 https://wiki.debian.org/DFSGLicenses#The_Artistic_License -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#575412: network-manager-gnome: [Wishlist] Add an option to select the wireless device to autoconnect, when you have several installed.
On Thu, 25 Mar 2010 13:11:50 -0300 Gonzalo del Castillo gdel...@gmail.com wrote: Package: network-manager-gnome Version: 0.8-1 Severity: wishlist Tags: squeeze When you have several wireless devices available, the autoconnect work for both at the same time. I must disable this option for connect correctly. It will be useful an option to select the device to autoconnect. Thanks. NetworkManager 1.0 has a feature called autoconnect-priority. Currently, you can't set that yet from the GUI via nm-connection-editor, but you can use the commandline tool nmcli connection edit connection print will show you the current connection.autoconnect-priority property is set to. You can use set conTAB.aTAB to change the value Higher values take precedence. While this fixes your issue, I'm keeping this bug open, as there is no GUI yet for this option. Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#781009: xul-ext-zotero: fails to find installed pdfinfo and pdftotext
Package: xul-ext-zotero Version: 4.0.22-1 Severity: normal right-click on a just-downloaded pdf, select retrieve metadata (last item), and it gives a popup about installing pdf tools, which then opens the zotero preferences window in the search tab, which says PDF Indexing pdftotext-Linux-x86_64 is NOT installed pdfinfo-Linux-x86_64 is NOT installed When in fact, ii poppler-utils 0.26.5-2 amd64PDF utilities (based on Poppler) provides pdfinfo and pdftotext... (It's presumably also a bug that xul-ext-zotero doesn't just depend on poppler-utils, but I'd be happy with it actually using them, since automatically finding title and author info is a big part of the point of using zotero in the first place.) Looks like zotero-standalone exhibits the same bug. -- System Information: Debian Release: 8.0 APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages xul-ext-zotero depends on: ii iceweasel 31.3.0esr-1 xul-ext-zotero recommends no packages. xul-ext-zotero suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781012: bluedevil: doesn't work when full KDE environment isn't installed
Package: bluedevil Version: 2.0~rc1-44-gb7697a7-3 Severity: important Hi, I'm not a fan of big desktop environments, but I do pick and choose a few useful applications from some desktop environments to run in my session. One of these is bluedevil, when I need to send something to my phone or tablet or some such. Unfortunately, this seems to have stopped working. When I invoke bluedevil-sendfile, without argument, pick a file to send, pick a device to send to, and click on send, a dialog box with a progress bar is shown for a short moment, but then bluedevil-sendfile quits unexpectedly. When this happens, the following shows on stdout: wouter@gangtai:~/data/audio/music/Mumford__Sons-Live_from_Studio_Brussel_Club_69$ bluedevil-sendfile Address: 18:1E:B0:A1:2F:BF Name: wouter alt Alias: wouter alt Icon: phone Address: 54:BE:F7:09:D6:8B Name: Wouter Verhelst (T) Alias: Wouter Verhelst (T) Icon: computer Object::connect: No such signal org::freedesktop::UPower::DeviceAdded(QString) Object::connect: No such signal org::freedesktop::UPower::DeviceRemoved(QString) wouter@gangtai:~/data/audio/music/Mumford__Sons-Live_from_Studio_Brussel_Club_69$ Strangely enough, when I run it with a -f argument to select a specific file, it doesn't quit like that, but it doesn't seem to work either (it just sits there doing nothing). I suspect there's a missing dependency somewhere. -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=nl_BE.UTF-8, LC_CTYPE=nl_BE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages bluedevil depends on: ii bluez 5.23-2+b1 ii bluez-obexd 5.23-2+b1 ii kde-runtime 4:4.14.2-2 ii libbluedevil2 2.0~rc1-6-g7bb223c-2 ii libc6 2.19-17 ii libkdecore5 4:4.14.2-5 ii libkdeui5 4:4.14.2-5 ii libkfile4 4:4.14.2-5 ii libkio5 4:4.14.2-5 ii libqt4-dbus 4:4.8.6+git64-g5dc8b2b+dfsg-3 ii libqtcore44:4.8.6+git64-g5dc8b2b+dfsg-3 ii libqtgui4 4:4.8.6+git64-g5dc8b2b+dfsg-3 ii libstdc++64.9.2-10 ii obex-data-server 0.4.5-1+b4 bluedevil recommends no packages. Versions of packages bluedevil suggests: pn pulseaudio-module-bluetooth | bluez-alsa none -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781011: [pkg-db-devel] Bug#781011: libdb5.3 license problem
Control: severity -1 minor As you might know from: https://bugzilla.redhat.com/show_bug.cgi?format=multipleid=886838 since it uses same style, it's purely documentation issue as the mersene twister was also released under BSD license, for more reference also see here: https://lists.fedoraproject.org/pipermail/scm-commits/Week-of-Mon-20130506/1016593.html Thus lowering the severity to minor. You could also find this statement from upstream authors: http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/MT2002/elicense.html Anything would be better than filling serious bug with proposal such as Remove Debian archive.. Cheers, Ondrej On Mon, Mar 23, 2015, at 08:59, Kouta Ikematsu wrote: Package: libdb5.3 Serverity: serious Hello. libdb5.3 is included licensed under Artistic license code. no version elected. Note: If this license is Artistic License Version 2, This is not problem. (Artistic License 2.0 is FSF-Free, GPL compatible.) FileList: src/crypto/mersenne/mt19937db.c This code is DFSG-Free, but not FSF-Free, and GPL incompatible. This library used GPL'ed software. (E,g jigdo, etc...) It is non-free, GPL incompatible. (See Summary) And, Not display this code's copyright statement. (missing copyright file) Summary: SleepyCat License code + Artistic License (Version 1.0) or FSF non-free code + GPL code = Not OK (GPL incompatible) SleepyCat License code + Artistic Licence (Version 2.0) code + GPL code = OK (GPL compatible) SleepyCat License code + GPL or GPL compatible license code + GPL code = OK (GPL compatible) (Note: GPL code is no exception, default GPL licensed code.) Suggests: 1. Remove GPL problematic code, and rebuild. and add copyright file. 2. Replace GPL compatible code, and rebuild. and add copyright file. 3. Contact Upstream author. 4. Remove Debian archive. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=886838 https://lists.debian.org/debian-devel/2013/07/msg00140.html https://www.gnu.org/philosophy/license-list.html#ArtisticLicense https://www.gnu.org/philosophy/license-list.html#ArtisticLicense2 https://wiki.debian.org/DFSGLicenses#The_Artistic_License ___ pkg-db-devel mailing list pkg-db-de...@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-db-devel -- Ondřej Surý ond...@sury.org Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#621057: printf.3: ATTRIBUTES: Note functions those are thread-safe
The markings match glibc markings. Signed-off-by: Zeng Linggang zenglg...@cn.fujitsu.com Signed-off-by: Ma Shimiao mashimiao.f...@cn.fujitsu.com --- man3/printf.3 | 23 +++ 1 file changed, 23 insertions(+) diff --git a/man3/printf.3 b/man3/printf.3 index bf84f07..8b24f20 100644 --- a/man3/printf.3 +++ b/man3/printf.3 @@ -822,6 +822,29 @@ A \(aq%\(aq is written. No argument is converted. The complete conversion specification is \(aq%%\(aq. +.SH ATTRIBUTES +For an explanation of the terms used in this section, see +.BR attributes (7). +.TS +allbox; +lb lb lb +l l l. +Interface Attribute Value +T{ +.BR printf (), +.BR fprintf (), +.br +.BR sprintf (), +.BR snprintf (), +.br +.BR vprintf (), +.BR vfprintf (), +.br +.BR vsprintf (), +.BR vsnprintf () +T} Thread safety MT-Safe locale +.TE + .SH CONFORMING TO The .BR fprintf (), -- 1.9.3 -- To unsubscribe from this list: send the line unsubscribe linux-man in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781014: RFP: xfce4-pulseaudio-plugin -- Xfce PulseAudio Panel Plugin
Package: wnpp Version: N/A; reported 2015-03-23 Severity: wishlist * Package name : xfce4-pulseaudio-plugin Version : 0.2.1 Upstream Author : Andrzej Radecki ndrwr...@gmail.com Guido Berhoerster guido+x...@berhoerster.name Simon Steinbeiss och...@xfce.org * URL : http://archive.xfce.org/src/panel-plugins/xfce4-pulseaudio-plugin/ * License : GPL V2 Description : Xfce PulseAudio Panel Plugin The Xfce PulseAudio Plugin is a plugin for the Xfce panel which provides a convenient way to adjust the audio volume of the PulseAudio sound system and to an auto mixer tool like pavucontrol. It can optionally handle multimedia keys for controlling the audio volume. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780830: spamassassin: Fails to install, 'strict.pm, permission denied'
Dear Niko, Thank you for the quick response, Setting up spamassassin (3.4.0-6) ... Can't locate strict.pm: Permission denied at /usr/bin/sa-update line 23. I assume you have a restricted directory on the default Perl search path (@INC) that the debian-spamd user can't read, probably under /usr/local ? (See perl -V for the list of directories on @INC). This is correct, in /usr/local/lib/site_perl. Should these be world-readable? I am not that familiar with Perl (beyond editing some specific scripts). After some chmod o+r and +x on directories listed in perl -V, I'm getting new errors: Setting up spamassassin (3.4.0-6) /usr/bin/perl: error while loading shared libraries: libperl.so.5.20: cannot open shared object file: No such file or directory I am not exactly sure what permissions should be on what files. Any ideas on how to recover this systems Perl back to a usable state? Or should we postpone further testing of the jessie upgrade path until a new version of Perl becomes available in testing? Will that happen before release? As far as I know, the system we're using never had any special Perl stuff happening to it, but it has been upgraded from squeeze (or maybe etch) over the last years. Should I raise a bug with the perl package? Thanks again, Kasper Loopstra. The perl behaviour changed in such cases with Perl 5.18; from 'perldoc perl5180delta': require dies for unreadable files When require encounters an unreadable file, it now dies. It used to ignore the file and continue searching the directories in @INC [perl #113422]. There is an ongoing discussion at Perl upstream about what's the right thing to do here, see https://rt.perl.org/Public/Bug/Display.html?id=123795 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#781016: monitoring-plugins: check_procs encounters problems with truncate ps-output
Package: monitoring-plugins Version: 2.1.1-1proxybpo70+1 Severity: normal Dear Maintainer, I'm having a problem with check_procs on several Wheezy systems. There is apache running on these systems and I'm checking for its procsses with check_procs. First of all, the processes are actually there: unki@wiki:/tmp$ ps ax | grep -i apache2 2109 ?Ss 0:13 /usr/sbin/apache2 -k start 9029 ?S 0:00 /usr/sbin/apache2 -k start 9107 ?Sl 0:12 /usr/sbin/apache2 -k start 9108 ?Sl 0:12 /usr/sbin/apache2 -k start 15884 pts/0S+ 0:00 grep -i apache2 unki@wiki:/tmp$ /usr/lib/nagios/plugins/check_procs --version check_procs v2.1.1 (monitoring-plugins 2.1.1) unki@wiki:/tmp$ /usr/lib/nagios/plugins/check_procs -vv -C apache2 CMD: /bin/ps axwwo 'stat uid pid ppid vsz rss pcpu etime comm args' PROCS OK: 0 processes with command name 'apache2' | procs=0;;;0; unki@wiki:/tmp$ /usr/lib/nagios/plugins/check_procs -vv -C apache CMD: /bin/ps axwwo 'stat uid pid ppid vsz rss pcpu etime comm args' PROCS OK: 0 processes with command name 'apache' | procs=0;;;0; but with apach it's working (note the prog= in the output): unki@wiki:/tmp$ /usr/lib/nagios/plugins/check_procs -vv -C apach CMD: /bin/ps axwwo 'stat uid pid ppid vsz rss pcpu etime comm args' Matched: uid=0 vsz=13516 rss=6276 pid=2109 ppid=1 pcpu=0.00 stat=Ss etime=3-19:18:10 prog=apach args=/usr/sbin/apache2 -k start Matched: uid=33 vsz=12900 rss=3396 pid=9029 ppid=2109 pcpu=0.00 stat=S etime=1-03:57:50 prog=apach args=/usr/sbin/apache2 -k start Matched: uid=33 vsz=237392 rss=8396 pid=9107 ppid=2109 pcpu=0.00 stat=Sl etime=1-03:57:49 prog=apach args=/usr/sbin/apache2 -k start Matched: uid=33 vsz=236820 rss=7764 pid=9108 ppid=2109 pcpu=0.00 stat=Sl etime=1-03:57:49 prog=apach args=/usr/sbin/apache2 -k start PROCS OK: 4 processes with command name 'apach' | procs=4;;;0; also using an older version of check_procs on this machine shows the same behaviour: unki@wiki:/tmp$ ./check_procs --version check_procs v1.4.16 (nagios-plugins 1.4.16) unki@wiki:/tmp$ ./check_procs -vv -C apache2 CMD: /bin/ps axwwo 'stat uid pid ppid vsz rss pcpu etime comm args' PROCS OK: 0 processes with command name 'apache2' | procs=0;;;0; unki@wiki:/tmp$ ./check_procs -vv -C apache CMD: /bin/ps axwwo 'stat uid pid ppid vsz rss pcpu etime comm args' PROCS OK: 0 processes with command name 'apache' | procs=0;;;0; unki@wiki:/tmp$ ./check_procs -vv -C apach CMD: /bin/ps axwwo 'stat uid pid ppid vsz rss pcpu etime comm args' Matched: uid=0 vsz=13516 rss=6276 pid=2109 ppid=1 pcpu=0.00 stat=Ss etime=3-19:19:03 prog=apach args=/usr/sbin/apache2 -k start Matched: uid=33 vsz=12900 rss=3396 pid=9029 ppid=2109 pcpu=0.00 stat=S etime=1-03:58:43 prog=apach args=/usr/sbin/apache2 -k start Matched: uid=33 vsz=237392 rss=8396 pid=9107 ppid=2109 pcpu=0.00 stat=Sl etime=1-03:58:42 prog=apach args=/usr/sbin/apache2 -k start Matched: uid=33 vsz=236820 rss=7764 pid=9108 ppid=2109 pcpu=0.00 stat=Sl etime=1-03:58:42 prog=apach args=/usr/sbin/apache2 -k start PROCS OK: 4 processes with command name 'apach' | procs=4;;;0; the output of the ps command: unki@wiki:/tmp$ /bin/ps --version procps-ng version 3.3.3 unki@wiki:/tmp$ /bin/ps axwwo 'stat uid pid ppid vsz rss pcpu etime comm args' STAT UID PID PPIDVSZ RSS %CPU ELAPSED COMMAND COMMAND S0 2 0 0 0 0.0 3-19:19:46 kthreadd[kthreadd] S0 3 2 0 0 0.0 3-19:19:46 ksoftirqd/0 [ksoftirqd/0] S0 5 2 0 0 0.0 3-19:19:46 kworker/u:0 [kworker/u:0] ... S 33 9029 2109 12900 3396 0.0 1-03:59:21 /usr/sbin/apach /usr/sbin/apache2 -k start Sl 33 9107 2109 237392 8396 0.0 1-03:59:20 /usr/sbin/apach /usr/sbin/apache2 -k start Sl 33 9108 2109 236820 7764 0.0 1-03:59:20 /usr/sbin/apach /usr/sbin/apache2 -k start ... On a Squeeze machine it looks like this: unki@proxy:~$ /usr/lib/nagios/plugins/check_procs -vv -C apache2 CMD: /bin/ps axwwo 'stat uid pid ppid vsz rss pcpu etime comm args' Matched: uid=33 vsz=9192 rss=3612 pid=10239 ppid=31184 pcpu=0.00 stat=S etime=1-04:00:48 prog=apache2 args=/usr/sbin/apache2 -k start Matched: uid=33 vsz=234972 rss=10116 pid=17847 ppid=31184 pcpu=0.30 stat=Sl etime=54:50 prog=apache2 args=/usr/sbin/apache2 -k start Matched: uid=33 vsz=234648 rss=9608 pid=22279 ppid=31184 pcpu=0.30 stat=Sl etime=15:49 prog=apache2 args=/usr/sbin/apache2 -k start Matched: uid=33 vsz=234524 rss=9704 pid=22375 ppid=31184 pcpu=0.30 stat=Sl etime=15:13 prog=apache2 args=/usr/sbin/apache2 -k start Matched: uid=0 vsz=9668 rss=6028 pid=31184 ppid=1 pcpu=0.00 stat=Ss etime=5-22:07:39 prog=apache2 args=/usr/sbin/apache2 -k start PROCS OK: 5 processes with command name 'apache2' | procs=5;;;0; unki@proxy:~$ /bin/ps axwwo 'stat uid pid ppid vsz rss pcpu etime comm args' STAT UID PID PPIDVSZ RSS %CPU ELAPSED COMMAND COMMAND Ss 0