Bug#775505: tomcat7: NullPointerException with catalina*.jar from package

2015-01-16 Thread Christian Renner 
Package: tomcat7
Version: 7.0.56-1~bpo70+2
Severity: important
Tags: patch

Dear Maintainer,

When using the catalina*.jar's provided by the debian package (in 
/usr/share/tomcat7/lib/) our tomcat dies with "java.lang.NullPointerException".
When I replace the jar's with the jar's provided by the original uptstream 
tomcat package 
(https://archive.apache.org/dist/tomcat/tomcat-7/v7.0.56/bin/apache-tomcat-7.0.56.tar.gz)
 tomcat starts normally as expected.

Same problem has been reportet in numerous places, e.g.: 
https://forums.alfresco.com/comment/145885#comment-145885

Regards
Christian

-- System Information:
Debian Release: 7.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=UTF-8 (charmap=locale: Cannot set LC_CTYPE 
to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages tomcat7 depends on:
ii  adduser3.113+nmu3
ii  debconf [debconf-2.0]  1.5.49
ii  tomcat7-common 7.0.56-1~bpo70+2
ii  ucf3.0025+nmu3

Versions of packages tomcat7 recommends:
ii  authbind  2.1.1

Versions of packages tomcat7 suggests:
pn  libtcnative-1 
pn  tomcat7-admin 
pn  tomcat7-docs  
pn  tomcat7-examples  
pn  tomcat7-user  

-- Configuration Files:
/etc/init.d/tomcat7 changed [not included]
/etc/tomcat7/catalina.properties changed [not included]
/etc/tomcat7/context.xml changed [not included]
/etc/tomcat7/server.xml changed [not included]
/etc/tomcat7/web.xml changed [not included]

-- debconf information:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_CTYPE = "UTF-8",
LANG = "en_US.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
  tomcat7/groupname: tomcat7
  tomcat7/username: tomcat7
  tomcat7/javaopts: -Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Processed: Re: Bug#738003: FTBFS from wheezy

2015-01-16 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 738003 wontfix
Bug #738003 [maven-debian-helper] FTBFS from wheezy
Added tag(s) wontfix.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
738003: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738003
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#775505: tomcat7: NullPointerException with catalina*.jar from package

2015-01-16 Thread Emmanuel Bourg 
Hi Christian,

Thank you for the report. Could you show the full stacktrace please?

Emmanuel Bourg

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Processed: tagging 775505

2015-01-16 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 775505 - patch
Bug #775505 [tomcat7] tomcat7: NullPointerException with catalina*.jar from 
package
Removed tag(s) patch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
775505: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775505
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#738003: marked as done (FTBFS from wheezy)

2015-01-16 Thread Debian Bug Tracking System 
Your message dated Fri, 16 Jan 2015 15:21:52 +0100
with message-id 

and subject line Re: Bug#738003: FTBFS from wheezy
has caused the Debian Bug report #738003,
regarding FTBFS from wheezy
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
738003: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738003
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: maven-debian-helper
Version: 1.6.6
Severity: important

For some reason I cannot backport the current m-d-h on my wheezy
system it fails with:

process-resources:

process-pom:
[mkdir] Created dir:
/tmp/maven-debian-helper-1.6.6/debian-maven-plugin/target/classes/META-INF/maven/org.debian.maven/debian-maven-plugin
 [copy] Copying 2 files to
/tmp/maven-debian-helper-1.6.6/debian-maven-plugin/target/classes/META-INF/maven/org.debian.maven/debian-maven-plugin

mvn-generate:

mvn-shared-repo:

mvn-local-repo:
 [copy] Copying 2016 files to
/tmp/maven-debian-helper-1.6.6/debian/.mh/maven-repo
 [java] + Error stacktraces are turned on.
 [java] -
 [java] this realm = plexus.core
 [java] Number of imports: 0
 [java] -
 [java] FATAL ERROR: Unable to configure the Maven application
 [java] Error stacktrace:
 [java] 
org.codehaus.plexus.component.repository.exception.ComponentLookupException:
Unable to lookup component 'org.apache.maven.Maven', it could not be
started
 [java] at 
org.codehaus.plexus.DefaultPlexusContainer.lookup(DefaultPlexusContainer.java:339)
 [java] at org.codehaus.plexus.embed.Embedder.lookup(Embedder.java:78)
 [java] at 
org.apache.maven.cli.MavenCli.createMavenInstance(MavenCli.java:598)
 [java] at org.apache.maven.cli.MavenCli.main(MavenCli.java:335)
 [java] at org.apache.maven.cli.MavenCli.main(MavenCli.java:100)
 [java] Caused by:
org.codehaus.plexus.component.repository.exception.ComponentLifecycleException:
Error starting component
 [java] at 
org.codehaus.plexus.component.manager.AbstractComponentManager.startComponentLifecycle(AbstractComponentManager.java:109)
 [java] at 
org.codehaus.plexus.component.manager.AbstractComponentManager.createComponentInstance(AbstractComponentManager.java:95)
 [java] at 
org.codehaus.plexus.component.manager.ClassicSingletonComponentManager.getComponent(ClassicSingletonComponentManager.java:92)
 [java] at 
org.codehaus.plexus.DefaultPlexusContainer.lookup(DefaultPlexusContainer.java:331)
 [java] ... 4 more
 [java] Caused by:
org.codehaus.plexus.personality.plexus.lifecycle.phase.PhaseExecutionException:
Error composing component
 [java] at 
org.codehaus.plexus.personality.plexus.lifecycle.phase.CompositionPhase.execute(CompositionPhase.java:33)
 [java] at 
org.codehaus.plexus.lifecycle.AbstractLifecycleHandler.start(AbstractLifecycleHandler.java:101)
 [java] at 
org.codehaus.plexus.component.manager.AbstractComponentManager.startComponentLifecycle(AbstractComponentManager.java:105)
 [java] ... 7 more
 [java] Caused by:
org.codehaus.plexus.component.composition.CompositionException:
Composition failed of field projectBuilder in object of type
org.apache.maven.DefaultMaven because the requirement
ComponentRequirement{role='org.apache.maven.project.MavenProjectBuilder',
roleHint='null', fieldName='null'} was missing
 [java] at 
org.codehaus.plexus.component.composition.FieldComponentComposer.assignRequirementToField(FieldComponentComposer.java:154)
 [java] at 
org.codehaus.plexus.component.composition.FieldComponentComposer.assembleComponent(FieldComponentComposer.java:73)
 [java] at 
org.codehaus.plexus.component.composition.DefaultComponentComposerManager.assembleComponent(DefaultComponentComposerManager.java:68)
 [java] at 
org.codehaus.plexus.DefaultPlexusContainer.composeComponent(DefaultPlexusContainer.java:1486)
 [java] at 
org.codehaus.plexus.personality.plexus.lifecycle.phase.CompositionPhase.execute(CompositionPhase.java:29)
 [java] ... 9 more
 [java] Caused by:
org.codehaus.plexus.component.repository.exception.ComponentLookupException:
Unable to lookup component
'org.apache.maven.project.MavenProjectBuilder', it could not be
started
 [java] at 
org.codehaus.plexus.DefaultPlexusContainer.lookup(DefaultPlexusContainer.java:339)
 [java] at 
org.codehaus.plexus.component.composition.FieldComponentComposer.assignRequirementToField(FieldComponentComposer.java:129)
 [java] ... 13 more
 [java] Caused by:
org.codehaus.plexus.com

Processed: wontfix

2015-01-16 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 686019 wontfix
Bug #686019 [fop] fop does not support inline image within SVG file
Added tag(s) wontfix.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
686019: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686019
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#774050: CVE-2014-9390

2015-01-16 Thread Moritz Mühlenhoff 
On Tue, Dec 30, 2014 at 08:13:08AM -0800, tony mancill wrote:
> On 12/30/2014 05:18 AM, Emmanuel Bourg wrote:
> > Here are the relevant commits to backport:
> > 
> > Always ignore case when forbidding .git in ObjectChecker
> > https://github.com/eclipse/jgit/commit/07612a6
> > 
> > Disallow ".git." and ".git"
> > https://github.com/eclipse/jgit/commit/10310bf
> > 
> > Disallow Windows shortname "GIT~1"
> > https://github.com/eclipse/jgit/commit/a09b1b6
> > 
> > Disallow names potentially mapping to ".git" on HFS+
> > https://github.com/eclipse/jgit/commit/d476d2f
> 
> I spent some time looking at this too, but from the perspective of what
> upstream release branches have these commits.
> 
> They are on stable-3.4, which is version 3.4.2 (and is the closest to
> 3.4.0, which is what we have in jessie/sid), but upstream didn't apply
> them to stable-2.0 (wheezy).  So I think the patches will need to be
> cherry-picked or hand-applied to our source versions.
> 
> We'll also need to create security-${RELEASE} branches in the pkg-java
> repo for this, as 3.5.2 has already been staged on master.
> 
> I do wonder how many of our users are running case-insensitive file
> systems though...

Can we please get that fixed in jessie?

Cheers,
Moritz

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.