Herbert Xu wrote:
Joey Hess [EMAIL PROTECTED] wrote:
Similarly, I don't think a bug is grave if it makes a package unusable by
just one person in an odd sitution. On the other hand, I think all security
and data loss bugs are grave, even if only a few people can trigger them.
I
Your mail is bouncing.
- Forwarded message from [EMAIL PROTECTED] -
Date: 27 Sep 1999 23:14:48 -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: failure notice
Hi. This is the qmail-send program at kitenet.net.
I'm afraid I wasn't able to deliver your message to the following
Joey Hess [EMAIL PROTECTED] wrote:
Herbert Xu wrote:
I disagree. If a package causes a remote root exploit to be available, even
if it's only in a very specific configuration, I would say that it is
critical.
No, it's grave. All security bugs are grave, it's part of the definition of
On Mon, Sep 27, 1999 at 03:35:12PM -0400, Peter S Galbraith wrote:
package itself due to problems with dpkg. One reasonable way to accomplish
this is to put the following in the package's postinst:
if [ $1 = configure ]; then
if [ -d /usr/doc -a ! -e
Herbert Xu wrote:
Joey Hess [EMAIL PROTECTED] wrote:
Herbert Xu wrote:
I disagree. If a package causes a remote root exploit to be available,
even
if it's only in a very specific configuration, I would say that it is
critical.
No, it's grave. All security bugs are grave, it's
* Joey == Joey Hess [EMAIL PROTECTED] wrote:
Joey (Note: grave is a _higher_ priotity than critical.
I don't think so.
http://www.debian.org/Bugs/Developer#severities
The severity levels are:
critical
makes unrelated software on the system (or the whole system)
break, or causes
On Mon, Sep 27, 1999 at 11:43:50AM +0100, Matthew Vernon wrote:
David Starner writes:
Instead of each developer chose what packages are and aren't useful
to them, why don't we look at the popularity contest? A simple, bias-free
way of seperating programs on to the CD's, by actual use.
In article [EMAIL PROTECTED] you wrote:
What do other think, and have you seen seeing the same runaway bug severity
inflation I have?
Yes. Submitters seem to think that if they crank up the severity, the bug
will get more/quicker attention. At least in my case, that just isn't true.
I'm not
On Mon, Sep 27, 1999 at 11:19:05PM +0200, [EMAIL PROTECTED] wrote:
On Mon, Sep 27, 1999 at 03:35:12PM -0400, Peter S Galbraith wrote:
package itself due to problems with dpkg. One reasonable way to
accomplish
this is to put the following in the package's postinst:
if [
The bonobo framework for GNOME componentry has just hit its first
public release. I intend to package it up. See attachment for
details.
Mike.
---BeginMessage---
Hello guys,
I have just released the first public version of Bonobo
(bonobo-0.4), the GNOME component system and compound
On Mon, Sep 27, 1999 at 05:30:51PM -0700, Joey Hess wrote:
Actually, it should be critical if it's a root exploit. Grave only includes
those that only comprise the user's account.
Last I checked, root is a user. This is not a formal definition we're
working from, please use common
On Mon, Sep 27, 1999 at 11:22:32AM -0500, Steve Greenland wrote:
I think the key difference is that if some one screws with the BTS or
the Debian web site, it's not going to *me* any harm during the time
it takes to discover and undo the damage. If someone installs a bad or
malicious libc6 in
Craig Sanders [EMAIL PROTECTED] writes:
[...]
if it's free and it's packaged then we accept it into the dist in the
location defined by policy - at the moment, that's debian main. we
probably should, as has been discussed before, have an etexts and a data
section for this kind of stuff.
On 27-Sep-99, 11:33 (CDT), Joey Hess [EMAIL PROTECTED] wrote:
grave
makes the package in question unuseable or mostly so, or causes data
loss, or introduces a security hole allowing access to the accounts of
users who use the package.
I've noticed that in many of the
On Sun, 26 Sep 1999, Ed Boraas wrote:
I can't help but infer from this statement that you feel the anarchism
package is of low worth. If this was not your intent, please feel free to
clarify.
For myself, no I don't. But it is only a concern of Debian if for
instance there was a real space
Steve Greenland wrote:
It's clear to you, but perhaps not to the user who submitted it;
for him/her, it makes the package in question unuseable. You look
at it, realize that it's unique to that user, and send a message to
[EMAIL PROTECTED] to re-priotize it. What's the big deal?
Aside from
Raul Miller wrote:
Which implies that we should validate packages against developer's key
before install, and that we should have some kind of list indicating
which developers are working on which package for which architecture
which is maintained under tighter control than the mirrors.
We
On 28 Sep 1999, Siggy Brentrup wrote:
More serious:
Hahaha.
customer: I found a typo ...
|I don't understand that ancient word (very likely in over here)
| Luther's bible says ... but what you sold me is completely
different.
|Why do you include
On Tue, Sep 28, 1999 at 12:05:37AM -0400, Jaldhar H. Vyas wrote:
Why even involve debhelper? At least in the case of the Project Gutenberg
files some of which I have, they are just long ascii files so the rules
file could just stick them into (for example) /usr/share/doc/etexts call
doc-base
On Mon, Sep 27, 1999 at 06:10:58PM -0700, Darren O. Benham wrote:
As of the latest upload of lintian, it does not like shell variables in the
place of the package name.. it looks for \w+ after the /usr/doc/
Please fix that. I'm not going to add to the possibility of a major
screwup by editing
My apologies if you replied to the mail quoted below; I never received one.
As far as I can tell, Red Hat's webpages have not been updated with the
corrected information. Are there any plans to do so?
On Mon, Sep 20, 1999 at 12:30:04AM -0400, branden wrote:
Hi Preston,
In Red Hat's recent
* Marco == Marco Budde [EMAIL PROTECTED] wrote:
Hi,
Am 25.09.99 schrieb roland # spinnaker.de ...
RR It is always a good idea to use a generic format which can
RR automatically converted to all useful formats instead of using one
RR special format.
Marco No, sorry, but this is wrong. Why
Since I need a new version of libforms myself I will adopt the package.
However, I do not have the time to actively maintain it. I will try to fix
as many bugs as possible but then libforms will be up for adoption yet
again.
Michael
--
Michael Meskes | Go SF 49ers!
Hi,
I've noticed when installing Debian that the installer always shrinks
my swap partition to 128MB, so I have to do a swapoff;mkswap -v1 ..;swapon
manually afterwards. Also, the message that it has done this is easily
missed.
Why doesn't the installer use -v1 so that larger swaps that 128MB can
Is it okay to go into the primary distribution, or would it be forced
into nonus? If it's okay for ftp.debian.org, I can sponsor it for you.
I am not sure about this. pptpd itself should be ok in main, but the
modified ppp and kernel packages (these are needed for the data
encryption) contain
On Mon, Sep 27, 1999 at 10:47:38PM -0400, Peter S Galbraith wrote:
I get no error with lintian version 1.7
you are right. i was completely wrong last night.
i leaved #PACKAGE# entries despite of the real package name!!!
no comment
-[ Domenico Andreoli, aka cavok [EMAIL PROTECTED]
I have read this morinig ,, that lizard from caldera has gone
open to the public.( I might be slow to discover this)
My question is : Has Debian got any interest in this , and is there
anny plans for future releases made to make use of the Lizard.
I am pretty sure that this software will give
On Tue, Sep 28, 1999 at 11:59:47AM +0200, wayne forrest wrote:
My question is : Has Debian got any interest in this , and is there
anny plans for future releases made to make use of the Lizard.
Personally, I would say Yes it is interesting, BUT: Lizard is released under
the QPL, which is
On Mon, Sep 27, 1999 at 06:56:00PM +0100, Marco Budde wrote:
RR I just installed it, but as far as I can see this doesn't integrate
RR FHS and FSSTND
Right, because this is not possible.
Counter-example:
(
dump() {
lynx -dump -source -width=1000 $1 |
How comes mtools depend on xlib6g? I don't use X, and thus I consider it
very stupid to have both xlib6g xfree86-common installed, but I have to
if I want mtools installed...
Rationale?
If there's no good explanation, I'll submit a bug-report. And if there's
something in xlib6g that mtools
On Mon, 27 Sep 1999, Sean 'Shaleh' Perry wrote:
b) if you know what you are doing, compile the packages by hand, fix their
install scripts, and remove the conflicts. You are trying to circumvent the
norm.
But I think, to be fair, that what he's proposing *isn't* necessarily
`not the norm' --
Package: lilo
Version: 22dev0-1
it bootet only 2.0.36, but booting 2.2.12 gave a crc error - system halted
when unpacking. after replaceing lilo with the old 21-5 version, it works
again.
andreas
Marco Budde [EMAIL PROTECTED] wrote:
RR It is always a good idea to use a generic format which can
RR automatically converted to all useful formats instead of using
RR one special format.
No, sorry, but this is wrong. Why should we convert files during the
installation process? There#re
Hello,
I'm almost ready to upload a new release of PCCTS. It is based on a
new
upstream version in addition to containing some bug fixes. Also, the
upstream source now also includes sorcerer and is seems appropriate
to
include sorcerer as part of PCCTS. The questions that I have are:
1. Who
On Tue, 28 Sep 1999, Jaldhar H. Vyas wrote:
Why even involve debhelper? At least in the case of the Project Gutenberg
files some of which I have, they are just long ascii files so the rules
file could just stick them into (for example) /usr/share/doc/etexts call
doc-base and be done with
On Tue, Sep 28, 1999 at 01:31:23PM +0200, David Weinehall wrote:
How comes mtools depend on xlib6g? I don't use X, and thus I consider it
very stupid to have both xlib6g xfree86-common installed, but I have to
if I want mtools installed...
Rationale?
If something supports X it should be
On Tue, Sep 28, 1999 at 11:59:47AM +0200, wayne forrest wrote:
My question is : Has Debian got any interest in this , and is there
anny plans for future releases made to make use of the Lizard.
I am pretty sure that this software will give Debian a great boost.
I am not so sure. First, I
On Tue, Sep 28, 1999 at 07:13:58AM -0700, Joseph Carter wrote:
How comes mtools depend on xlib6g? I don't use X, and thus I consider it
very stupid to have both xlib6g xfree86-common installed, but I have to
if I want mtools installed...
If something supports X it should be compiled with
On Tue, Sep 28, 1999 at 01:12:06AM -0400, Raul Miller wrote:
Alternate question: why do we even have to package up flat text files?
Why can't we just import them into debian in some regular manner? [I can
see that naming convention is important, but are there any other issues
beyond that?
*- On 28 Sep, Josip Rodin wrote about Re: mtools
On Tue, Sep 28, 1999 at 07:13:58AM -0700, Joseph Carter wrote:
How comes mtools depend on xlib6g? I don't use X, and thus I consider it
very stupid to have both xlib6g xfree86-common installed, but I have to
if I want mtools installed...
I finally decided to try out uscan and those debian/watch files,
but I can't get it to work:
$ more /opt/gri/src/deb/2.2.1/gri-2.2.1/debian/watch
# Example watch control file for uscan
# Rename this file to watch and then you can run the uscan command
# to check for upstream updates and more.
#
Just to verify, I also experienced the same problem. Did you assign a
bug
against the package yet?
Brad Hilton
VPOP Technologies
[EMAIL PROTECTED]
Andreas Jellinghaus wrote:
Package: lilo
Version: 22dev0-1
it bootet only 2.0.36, but booting 2.2.12 gave a crc error - system halted
when
On Tue, Sep 28, 1999 at 11:22:34AM -0400, Peter S Galbraith wrote:
ftp.phys.ocean.dal.ca users/kelley/gri/ gri-*.tgz debian uupdate
Am I doing something obviously wrong?
IIRC you can use this:
ftp.phys.ocean.dal.ca /users/kelley/gri gri-(.*)\.tgz debian uupdate
See the
Subject: mtools: please put X related stuff in another package
Package: mtools
Severity: normal
On Tue, Sep 28, 1999 at 10:16:20AM -0500, Brian Servis wrote:
How comes mtools depend on xlib6g? I don't use X, and thus I consider it
very stupid to have both xlib6g xfree86-common installed,
Chris Rutter wrote:
The current `sub-release' (whatever) of Debian 2.1 is r3, right?
I was just wondering, as all references on the web site are to r2,
but I thought I received a message from the security team about
r3 last week somtime. Just wanted to check before I filed a
boring bug
Steve Greenland wrote:
I liked a lot of these ideas, but:
On 12-Sep-99, 20:22 (CDT), Martin Schulze [EMAIL PROTECTED] wrote:
Our current situation results in our stable release being hopelessly
out-dated and the unstable release not being releaseable. That's
quite bad for a lot of our
On Tue, 28 Sep 1999, Brad Hilton wrote:
Just to verify, I also experienced the same problem. Did you assign a
bug
against the package yet?
short summary:
lilo v22 works only with 2.0 kernels; it won't boot a 2.2.x or a 2.3.y.
a v21 version has been reuploaded to master this morning.
I took a few minutes to check what versions of gnome packages were in potato
and in /incoming to compare against the current gnome ftp site. The first
column shows the version in debian and the filename is the version on the ftp
site.
*** means it does not appear to be packaged yet.
-Chris
On Tue, Sep 28, 1999 at 06:08:48PM +0200, Josip Rodin wrote:
Correction: mtools in slink does *not* depend on anything but libc6, so
there is still time to do it, cleanly.
Maintainer, please do it.
The bug tracking system has a weird X-Debian-CC system set up so you don't
create several bugs
On 27-Sep-99 Clint Adams wrote:
a) I would not test a new daemon on a working machine, I would use a
separate
So?
b) if you know what you are doing, compile the packages by hand, fix their
install scripts, and remove the conflicts. You are trying to circumvent the
norm.
If I wanted
severity 46184 wishlist
thanks
On Tue, Sep 28, 1999 at 12:28:08PM -0500, David Starner wrote:
Correction: mtools in slink does *not* depend on anything but libc6, so
there is still time to do it, cleanly.
Maintainer, please do it.
The bug tracking system has a weird X-Debian-CC system
On Tue, 28 Sep 1999, Marcus Brinkmann wrote:
Exactly. A better designed package manager would support modular package
format handling. then we could simply do (let's call the package manager
hpm for now):
hpm -i blacksteel.etheme instead dpkg -i etheme-blacksteel.deb
hpm -i
Because as everyone knows the last 10% takes 90% of the work and often ends up
hurting the other 90%.
Then it's being done wrong.
The point is Debian needs to work for as many people as possible. We are
doing
Yes, that's exactly the point.
apt-get source qpopper
[...]
dpkg -i
On Tue, 28 Sep 1999, Staffan Hamala wrote:
I've noticed when installing Debian that the installer always shrinks
my swap partition to 128MB, so I have to do a swapoff;mkswap -v1 ..;swapon
manually afterwards. Also, the message that it has done this is easily
As an aside to this, I use two
Ok, let's bring this back to implementation. How would you propose we handle
this? Currently daemons install, set themselves up, and begin running.
a) we can prompt.
b) we leave everything off and let the admin turn it on (not an option for
obvious reasons)
c) first come first serve -- first
Ok, let's bring this back to implementation. How would you propose we handle
this? Currently daemons install, set themselves up, and begin running.
a) we can prompt.
b) we leave everything off and let the admin turn it on (not an option for
obvious reasons)
c) first come first serve --
On Tue, Sep 28, 1999 at 05:01:34PM +, Vincent Renardias wrote:
short summary:
lilo v22 works only with 2.0 kernels; it won't boot a 2.2.x or a 2.3.y.
But this will not stay this way, will it?
Thomas
--
GnuPG: ID=B0FA4F49, PGP2: ID=2EA7BBBD
Chris Cheney [EMAIL PROTECTED] writes:
*** means it does not appear to be packaged yet.
Well, no, it just means you're not aware of Debian's naming schemes
for library packages.
*** 541066 Aug 2 17:32 Gtk---1.0.2.tar.gz
look for *gtkmm
*** 313788 Sep 20 17:58
Chris Cheney [EMAIL PROTECTED] writes:
Well, no, it just means you're not aware of Debian's naming schemes
for library packages.
*** 541066 Aug 2 17:32 Gtk---1.0.2.tar.gz
look for *gtkmm
Ok I see it now. :)
*** 313788 Sep 20 17:58 gnome-objc-1.0.40.tar.gz
libgnobjc or
Chris Cheney [EMAIL PROTECTED] writes:
libgnobjc or something to that effect.
I still don't see this package anywhere, I am either overlooking it
or it is not packaged?
I'm sure it's packaged. Don't remember the exact name (don't use
objective-c much :-).
Mike.
On 27-Sep-99 Josip Rodin wrote:
We are already doing that - the proposal on the policy list regarding
a new, data section of the FTP server has passed.
Hopefully, it will be implemented in practice soon.
Yes, but I think that it doesn't solve the problem. I think there are some
data not
Am 27.09.99 schrieb GalbraithP # dfo-mpo.gc.ca ...
Moin Peter!
PSG I have a recent potato install and dhelp 0.3.14 and _don't_ have
PSG http://localhost/fhs/ support.
I don#t have it, too :). Is this directory a Debian standard, Roland?
PSG I could see http://localhost/doc/HTML/, but all new
On Tue, 28 Sep 1999, Brian Servis wrote:
*- On 28 Sep, Josip Rodin wrote about Re: mtools
On Tue, Sep 28, 1999 at 07:13:58AM -0700, Joseph Carter wrote:
How comes mtools depend on xlib6g? I don't use X, and thus I consider it
very stupid to have both xlib6g xfree86-common installed, but
[EMAIL PROTECTED] (Marco Budde) writes:
PSG I could see http://localhost/doc/HTML/, but all new docs visible
PSG as file:/usr/share/doc/HTML/index.html could not be seen under
PSG the http://localhost interface to dhelp. Is `fhs' supposed to be
PSG a new Alias?
localhost/doc/ should point
Marco Budde wrote:
PSG I have a recent potato install and dhelp 0.3.14 and _don't_ have
PSG http://localhost/fhs/ support.
I don#t have it, too :). Is this directory a Debian standard, Roland?
It isn't.
PSG I could see http://localhost/doc/HTML/, but all new docs visible
PSG as
Scavenging the mail folder uncovered Chris Cheney's letter:
0.4.1 1166853 Sep 24 16:56 glade-0.5.3.tar.gz
I have a package ready (I use glade heavily and I didn't wanted to
wait.) If the author doesn't have the time to update it, I can NMU.
Ciao,
Federico
--
Federico Di Gregorio
Michael Alan Dorman [EMAIL PROTECTED] writes:
Chris Cheney [EMAIL PROTECTED] writes:
libgnobjc or something to that effect.
I still don't see this package anywhere, I am either overlooking it
or it is not packaged?
I'm sure it's packaged. Don't remember the exact name (don't use
On Tue, Sep 28, 1999 at 12:17:22PM -0500, Chris Cheney wrote:
Content-Description: Message Body
I took a few minutes to check what versions of gnome packages were in potato
and in /incoming to compare against the current gnome ftp site. The first
column shows the version in debian and the
Ruud de Rooij wrote:
[EMAIL PROTECTED] (Marco Budde) writes:
PSG I could see http://localhost/doc/HTML/, but all new docs visible
PSG as file:/usr/share/doc/HTML/index.html could not be seen under
PSG the http://localhost interface to dhelp. Is `fhs' supposed to be
PSG a new Alias?
Marcus Brinkmann [EMAIL PROTECTED] writes:
1.0.40 3196381 Sep 27 15:19 gnome-libs-1.0.42.tar.gz
and recompile. Will be done in no time. Don't worry. But only if it is
installed in the archive by now (last time I checked it was stuck in
incoming).
I just uploaded 1.0.42. I believe 1.0.40
* Marco == Marco Budde [EMAIL PROTECTED] wrote:
Marco,
please show a little common sense. You are beating a dead horse.
Marco localhost/doc/ should point to /usr/share/doc. Please submit a
Marco bug report for your http daemon.
The decision was made by the ctte, it is not yet implemented in
I'm a little suprised. I found pine package in redhat-contrib which
has a few additional patches. The most interesting is
pine4.10-qtcolor-0.1.patch.
pine.README.colours:
---
To turn on the pretty colours patch set the PINECOL environment variable to
true.
08/02/99
Simon Liddington [EMAIL
Quoting Piotr Roszatycki:
BTW, other pine's version is a part of official RedHat distribution,
but I don't know is it legal?
Will the pine return back to distribution?
Well, this is the mostly used mailer by my users (and me).
From http://linuxmafia.com/debian/tips (and based on
On Mon, Sep 27, 1999 at 03:21:34AM -0400, Raul Miller wrote:
On Mon, Sep 27, 1999 at 01:05:58PM +1000, Craig Sanders wrote:
then don't install those services. installing a package *IS* an explicit
OK.
You're saying that packages reliably say when they provide daemons?
no, but it should be
You may have noticed that the other distributions also have KDE included in
them. Because of the license flaw, Debian does not allow KDE in main. Redhat
and others include it because there is little chance of legal action against
them for this inclusion. The same applies here, Redhat seems to
On Tue, 28 Sep 1999, Dale Scheetz wrote:
[snip]
Guys, guys, guys... This is a discussion that was had quite a while ago,
and which lead to the creation of xlib6. The whole point was that it was
unnecessary glut to include a console version _and_ an X aware version of
packages like emacs
On Tue, 28 Sep 1999, Clint Adams wrote:
Ok, let's bring this back to implementation. How would you propose we
handle
this? Currently daemons install, set themselves up, and begin running.
a) we can prompt.
b) we leave everything off and let the admin turn it on (not an option for
On Tue, 28 Sep 1999, Nick Moffitt wrote:
Quoting Piotr Roszatycki:
BTW, other pine's version is a part of official RedHat distribution,
but I don't know is it legal?
Will the pine return back to distribution?
Well, this is the mostly used mailer by my users (and me).
From
David == David Weinehall [EMAIL PROTECTED] writes:
David On Tue, 28 Sep 1999, Nick Moffitt wrote:
David Redistribution of binary versions is further constrained by
David license agreements for incorporated libraries from third
David parties, e.g. LDAP, GSSAPI.
Hm, what happened to this text:
On Tue, 28 Sep 1999, David Weinehall wrote:
On Tue, 28 Sep 1999, Dale Scheetz wrote:
[snip]
Guys, guys, guys... This is a discussion that was had quite a while ago,
and which lead to the creation of xlib6. The whole point was that it was
unnecessary glut to include a console version
On Tue, Sep 28, 1999 at 11:13:53AM -0700, Sean 'Shaleh' Perry wrote:
Ok, let's bring this back to implementation. How would you propose we handle
this? Currently daemons install, set themselves up, and begin running.
a) we can prompt.
b) we leave everything off and let the admin turn it on
On Tue, 28 Sep 1999, David Weinehall wrote:
Thus we are free to distribute even a patched Pine,
No! Anyone is allowed to _locally_ modify Pine, but there's no statement
about distributing such modified versions. And Redistribution of this
release is permitted as follows [...] of course only
82 matches
Mail list logo