Bug#675160: sikuli-ide: unable to process one single instruction, NoSuchMethodError: org.jruby.ext.posix.POSIX.isNative()Z
Package: sikuli-ide Version: 1.0~x~rc3.tesseract3-dfsg1-3 Severity: grave Justification: renders package unusable sikuli can't process an application like this one: openApp(icedove) Full error message is: [error] Stopped [error] An error occurs at line 1 [error] Error message: Traceback (most recent call last): File , line 1, in File /usr/share/sikuli/Lib/sikuli/__init__.py, line 3, in from Sikuli import * File /usr/share/sikuli/Lib/sikuli/Sikuli.py, line 34, in from Region import * File /usr/share/sikuli/Lib/sikuli/Region.py, line 9, in import inspect File /usr/share/jython/Lib/inspect.py, line 31, in import sys, os, types, string, re, dis, imp, tokenize, linecache File /usr/share/jython/Lib/os.py, line 45, in from posix import * java.lang.NoSuchMethodError: org.jruby.ext.posix.POSIX.isNative()Z at org.python.modules.posix.PosixModule.classDictInit(PosixModule.java:106) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) a t java.lang.reflect.Method.invoke(Method.java:601) at org.python.core.PyJavaType.init(PyJavaType.java:534) at org.python.core.PyType.createType(PyType.java:1264) at org.python.core.PyType.addFromClass(PyType.java:1201) at org.python.core.PyType.fromClass(PyType.java:1291) at org.python.core.imp.createFromClass(imp.java:405) at org.python.core.imp.loadBuiltin(imp.java:501) at org.python.core.imp.find_module(imp.java:452) at org.python.core.imp.import_next(imp.java:713) at org.python.core.imp.import_name(imp.java:824) at org.python.core.imp.importName(imp.java:884) at org.python.core.ImportFunction.__call__(__builtin__.java:1220) at org.python.core.PyObject.__call__(PyObject.java:357) at org.python.core.__builtin__.__import__(__builtin__.java:1173) at org.python.core.imp.importAll(imp.java:998) at os$py.f$0(/usr/share/jython/Lib/os.py:691) at os$py.call_function(/usr/share/jython/Lib/os.py) at org.python.core.PyTableCode.call(PyTableCode.java:165) at org.python.core.PyCode.call(PyCode.java:18) at org.python.core.imp.createFromCode(imp.java:386) at org.python.core.imp.createFromSource(imp.java:349) at org.python.core.imp.loadFromSource(imp.java:573) at org.python.core.imp.find_module(imp.java:473) at org.python.core.imp.import_next(imp.java:713) at org.python.core.imp.import_name(imp.java:824) at org.python.core.imp.importName(imp.java:884) at org.python.core.ImportFunction.__call__(__builtin__.java:1220) at org.python.core.PyObject.__call__(PyObject.java:357) at org.python.core.__builtin__.__import__(__builtin__.java:1173) at org.python.core.imp.importOne(imp.java:903) at inspect$py.f$0(/usr/share/jython/Lib/inspect.py:903) at inspect$py.call_function(/usr/share/jython/Lib/inspect.py) at org.python.core.PyTableCode.call(PyTableCode.java:165) at org.python.core.PyCode.call(PyCode.java:18) at org.python.core.imp.createFromCode(imp.java:386) at org.python.core.imp.createFromSource(imp.java:349) at org.python.core.imp.loadFromSource(imp.java:573) at org.python.core.imp.find_module(i mp.java:473) at org.python.core.imp.import_next(imp.java:713) at org.python.core.imp.import_first(imp.java:743) at org.python.core.imp.import_name(imp.java:834) at org.python.core.imp.importName(imp.java:884) at org.python.core.ImportFunction.__call__(__builtin__.java:1220) at org.python.core.PyObject.__call__(PyObject.java:357) at org.python.core.__builtin__.__import__(__builtin__.java:1173) at org.python.core.imp.importOne(imp.java:903) at sikuli.Region$py.f$0(/usr/share/sikuli/Lib/sikuli/Region.py:16) at sikuli.Region$py.call_function(/usr/share/sikuli/Lib/sikuli/Region.py) at org.python.core.PyTableCode.call(PyTableCode.java:165) at org.python.core.PyCode.call(PyCode.java:18) at org.python.core.imp.createFromCode(imp.java:386) at org.python.core.imp.createFromSource(imp.java:349) at org.python.core.imp.loadFromSource(imp.java:576) at org.python.core.imp.find_module(imp.java:473) at org.python.core.PyModule.impAttr(PyModule.java:100) at org.python.core.imp.import_next(imp.java:715) at or g.python.core.imp.import_name(imp.java:824) at org.python.core.imp.importName(imp.java:884) at org.python.core.ImportFunction.__call__(__builtin__.java:1220) at org.python.core.PyObject.__call__(PyObject.java:357) at org.python.core.__builtin__.__import__(__builtin__.java:1173) at org.python.core.imp.importAll(imp.java:998) at sikuli.Sikuli$py.f$0(/usr/share/sikuli/Lib/sikuli/Sikuli.py:211) at sikuli.Sikuli$py.call_function(/usr/share/sikuli/Lib/sikuli/Sikuli.py) at org.python.core.PyTableCode.call(PyTableCode.java:165) at org.python.core.PyCode.call(PyCode.java:18) at org.python.core.imp.createFromCode(imp.java:386) at org.python.core.imp.createFromSource(imp.java:349) at org.python.core.imp.loadFromSource(imp.java:576) at org.python.core.imp.find_module(imp.java:473) at org.python.core.PyModule.impAttr(PyModule.java:100) at
Bug#675180: jffi: fix ftbfs with openjdk-7 as default-jdk
Package: jffi Version: 1.0.2-8.2 Severity: normal Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu quantal ubuntu-patch openjdk-7-transition -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Dear Maintainer, In Ubuntu, the attached patch was applied to achieve the following: * d/control: Switch BD from openjdk-6-jdk to default-jdk to support transition to openjdk-7 and fix FTBFS. Thanks for considering the patch. - -- System Information: Debian Release: wheezy/sid APT prefers precise-updates APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise'), (100, 'precise-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-24-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCAAGBQJPxgPJAAoJEL/srsug59jDMWIP/iM3mhuTHC6v1dYqbcPyNghI +UkczvjvMIRWAfD50QXoNP6wQ+/b4poumQoPyZyqsfADdYTOdN8oASmGuFkgCVHN F5JkeTZAtNUyZs4zfjq1h85WlCa7kQ2V7Gq0mchHSrPyhB7o7jH+k1cqR32RJ2z5 mz1Fz3u6TBWxM+3BtWyFrk34B29w87qgYQBIThkfQ1sc9sU0st8G/itOT0TG6qpm Jt39XEgvdKRPq4Su8QDqnvCGoS38+qSSmZEG8pY28P0wr0tD1BAIDJYZ6hMkhGeT zfx03niUPGuUrC138wgxr1Nyzx2GXaBe6gi1LHdJtSG9G7qfI5QFVTHz25kNfCum Xh/Dnj5wJigI78n8IQ5VmmnYAW5G4GoxDm7VGsCZEyuNRpgQSrApFYx4b/0P/R1S 7e0bg31b0+If0IwAhXzNDURN+7K7qWEvdv52zYW1InggufkZgCGaCrb70SkB3wQa kxcvcvMcU7tIT3MzBLY5OzS6rHsLHIB71L9fBMzTTUPaigDHDQXYi0zwkNo4Z1cV /3NQIglQaaOFUiT9ONFmdbL+MHQOCGYfLKDnEJ6Txxwry2ZUReIf5hD8fDWI1964 bNoyjDJsp7L2swwYWXBcObJ9h+6kXlgR1h1tB4db5YHy0xar4VydrjrXZKneJxCT jPTue8Eof7HKdLFF2S6P =e+gc -END PGP SIGNATURE- diff -Nru jffi-1.0.2/debian/changelog jffi-1.0.2/debian/changelog diff -Nru jffi-1.0.2/debian/control jffi-1.0.2/debian/control --- jffi-1.0.2/debian/control 2011-09-17 11:32:27.0 +0100 +++ jffi-1.0.2/debian/control 2012-05-30 12:20:13.0 +0100 @@ -4,7 +4,7 @@ Maintainer: Debian Java Maintainers pkg-java-maintainers@lists.alioth.debian.org Uploaders: Torsten Werner twer...@debian.org Build-Depends: debhelper (= 7), cdbs, maven-repo-helper, libffi-dev, pkg-config, - ant-optional, openjdk-6-jdk, junit4 + ant-optional, default-jdk, junit4 Standards-Version: 3.9.0 Vcs-Git: git://git.debian.org/pkg-java/jffi.git Vcs-Browser: http://git.debian.org/?p=pkg-java/jffi.git __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Bug#608286: CVE-2010-4312: does not use HTTPOnly for session cookies by default
severity 608286 minor thanks httpOnly has been made the default in Tomcat 7, so this ID is essentially about an insecure default setting. For Tomcat 6 I don't esee the need to change the default (which might even break applications). Instead such settings should be taken into account when setting up a Tomcat site. For Squeeze you add a README.Debian or such pointing to the option and the recommendation to use the option? I don't think we can update the Squeeze README for this anymore. A note could be added to the sid version of tomcat6. However, this is not a vulnerability, only extra hardening which is surely useful but not a vulnerability in itself. I'm therefore downgrading this bug to minor: the request to update the README.Debian. Cheers, Thijs __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Processed: Re: Bug#608286: CVE-2010-4312: does not use HTTPOnly for session cookies by default
Processing commands for cont...@bugs.debian.org: severity 608286 minor Bug #608286 [tomcat6] CVE-2010-4312: does not use HTTPOnly for session cookies by default Severity set to 'minor' from 'serious' thanks Stopping processing here. Please contact me if you need assistance. -- 608286: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608286 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
libtools-logging-clojure 0.2.3-3 MIGRATED to testing
FYI: The status of the libtools-logging-clojure source package in Debian's testing distribution has changed. Previous version: 0.2.3-2 Current version: 0.2.3-3 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See http://release.debian.org/testing-watch/ for more information. __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
clucy 0.3.0-1 MIGRATED to testing
FYI: The status of the clucy source package in Debian's testing distribution has changed. Previous version: 0.2.2-2 Current version: 0.3.0-1 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See http://release.debian.org/testing-watch/ for more information. __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
clojure1.4 1.4.0+dfsg-2 MIGRATED to testing
FYI: The status of the clojure1.4 source package in Debian's testing distribution has changed. Previous version: 1.4.0+dfsg-1 Current version: 1.4.0+dfsg-2 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See http://release.debian.org/testing-watch/ for more information. __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Bug#675233: jenkins: Please secure access to jenkins or provide instructions to do so
Package: jenkins Severity: normal Hi. By default, AFAICT, Jenkins will be installed running on port 8080, accessible from anywhere, and fully configurable by anyone. I believed this is dangerous, security wise. Please either provide a default setup which limits its openness for instance allowing only local clients to connect on localhost:8080, or at minimum an important message when it gets installed via APT debconf templates, referring to a README providing instructions on how to configure its security. https://wiki.jenkins-ci.org/display/JENKINS/Standard+Security+Setup seems a good start for such instructions, I guess, but I'm no Jenkins guru. Best regards, -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (900, 'testing'), (300, 'stable') Architecture: i386 (i686) Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Bug#675234: jenkins: Should depend on libjs-yui instead of shipping a copy
Package: jenkins Severity: normal Hi. I've not checked in detail, but I can see lots of YUI JS files in the .war, which I believe should instead be used from the system ones packaged in libjs-yui. Hope this helps. Best regards, -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (900, 'testing'), (300, 'stable') Architecture: i386 (i686) Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
swtchart 0.8.0-1 MIGRATED to testing
FYI: The status of the swtchart source package in Debian's testing distribution has changed. Previous version: (not in testing) Current version: 0.8.0-1 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See http://release.debian.org/testing-watch/ for more information. __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Processing of jffi_1.0.2-9_amd64.changes
jffi_1.0.2-9_amd64.changes uploaded successfully to localhost along with the files: jffi_1.0.2-9.dsc jffi_1.0.2-9.debian.tar.gz libjffi-java_1.0.2-9_all.deb libjffi-jni_1.0.2-9_amd64.deb Greetings, Your Debian queue daemon (running on host franck.debian.org) __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
jffi_1.0.2-9_amd64.changes ACCEPTED into unstable
Accepted: jffi_1.0.2-9.debian.tar.gz to main/j/jffi/jffi_1.0.2-9.debian.tar.gz jffi_1.0.2-9.dsc to main/j/jffi/jffi_1.0.2-9.dsc libjffi-java_1.0.2-9_all.deb to main/j/jffi/libjffi-java_1.0.2-9_all.deb libjffi-jni_1.0.2-9_amd64.deb to main/j/jffi/libjffi-jni_1.0.2-9_amd64.deb Changes: jffi (1.0.2-9) unstable; urgency=low . * Team upload. * Patch d/control build-dep on default-jdk. (Closes: #675180) - Thanks to James Page. * Bump Standards-Version to 3.9.3 (no changes). * d/copyright: update for DEP5 and to address lintian warnings. * d/control: update Vcs-Git URL. . jffi (1.0.2-8.1) unstable; urgency=low . * Non maintainer upload. * Fix build failure with GCC 4.7. Closes: #667215. Override entries for your package: jffi_1.0.2-9.dsc - source java libjffi-java_1.0.2-9_all.deb - optional java libjffi-jni_1.0.2-9_amd64.deb - optional java Announcing to debian-devel-chan...@lists.debian.org Closing bugs: 667215 675180 Thank you for your contribution to Debian. __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Bug#675180: marked as done (jffi: fix ftbfs with openjdk-7 as default-jdk)
Your message dated Thu, 31 May 2012 05:17:23 + with message-id e1szxld-0006n6...@franck.debian.org and subject line Bug#675180: fixed in jffi 1.0.2-9 has caused the Debian Bug report #675180, regarding jffi: fix ftbfs with openjdk-7 as default-jdk to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 675180: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=675180 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: jffi Version: 1.0.2-8.2 Severity: normal Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu quantal ubuntu-patch openjdk-7-transition -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Dear Maintainer, In Ubuntu, the attached patch was applied to achieve the following: * d/control: Switch BD from openjdk-6-jdk to default-jdk to support transition to openjdk-7 and fix FTBFS. Thanks for considering the patch. - -- System Information: Debian Release: wheezy/sid APT prefers precise-updates APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 'precise'), (100, 'precise-backports') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-24-generic (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCAAGBQJPxgPJAAoJEL/srsug59jDMWIP/iM3mhuTHC6v1dYqbcPyNghI +UkczvjvMIRWAfD50QXoNP6wQ+/b4poumQoPyZyqsfADdYTOdN8oASmGuFkgCVHN F5JkeTZAtNUyZs4zfjq1h85WlCa7kQ2V7Gq0mchHSrPyhB7o7jH+k1cqR32RJ2z5 mz1Fz3u6TBWxM+3BtWyFrk34B29w87qgYQBIThkfQ1sc9sU0st8G/itOT0TG6qpm Jt39XEgvdKRPq4Su8QDqnvCGoS38+qSSmZEG8pY28P0wr0tD1BAIDJYZ6hMkhGeT zfx03niUPGuUrC138wgxr1Nyzx2GXaBe6gi1LHdJtSG9G7qfI5QFVTHz25kNfCum Xh/Dnj5wJigI78n8IQ5VmmnYAW5G4GoxDm7VGsCZEyuNRpgQSrApFYx4b/0P/R1S 7e0bg31b0+If0IwAhXzNDURN+7K7qWEvdv52zYW1InggufkZgCGaCrb70SkB3wQa kxcvcvMcU7tIT3MzBLY5OzS6rHsLHIB71L9fBMzTTUPaigDHDQXYi0zwkNo4Z1cV /3NQIglQaaOFUiT9ONFmdbL+MHQOCGYfLKDnEJ6Txxwry2ZUReIf5hD8fDWI1964 bNoyjDJsp7L2swwYWXBcObJ9h+6kXlgR1h1tB4db5YHy0xar4VydrjrXZKneJxCT jPTue8Eof7HKdLFF2S6P =e+gc -END PGP SIGNATURE- diff -Nru jffi-1.0.2/debian/changelog jffi-1.0.2/debian/changelog diff -Nru jffi-1.0.2/debian/control jffi-1.0.2/debian/control --- jffi-1.0.2/debian/control 2011-09-17 11:32:27.0 +0100 +++ jffi-1.0.2/debian/control 2012-05-30 12:20:13.0 +0100 @@ -4,7 +4,7 @@ Maintainer: Debian Java Maintainers pkg-java-maintainers@lists.alioth.debian.org Uploaders: Torsten Werner twer...@debian.org Build-Depends: debhelper (= 7), cdbs, maven-repo-helper, libffi-dev, pkg-config, - ant-optional, openjdk-6-jdk, junit4 + ant-optional, default-jdk, junit4 Standards-Version: 3.9.0 Vcs-Git: git://git.debian.org/pkg-java/jffi.git Vcs-Browser: http://git.debian.org/?p=pkg-java/jffi.git ---End Message--- ---BeginMessage--- Source: jffi Source-Version: 1.0.2-9 We believe that the bug you reported is fixed in the latest version of jffi, which is due to be installed in the Debian FTP archive: jffi_1.0.2-9.debian.tar.gz to main/j/jffi/jffi_1.0.2-9.debian.tar.gz jffi_1.0.2-9.dsc to main/j/jffi/jffi_1.0.2-9.dsc libjffi-java_1.0.2-9_all.deb to main/j/jffi/libjffi-java_1.0.2-9_all.deb libjffi-jni_1.0.2-9_amd64.deb to main/j/jffi/libjffi-jni_1.0.2-9_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 675...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. tony mancill tmanc...@debian.org (supplier of updated jffi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 30 May 2012 21:48:31 -0700 Source: jffi Binary: libjffi-java libjffi-jni Architecture: source all amd64 Version: 1.0.2-9 Distribution: unstable Urgency: low Maintainer: Debian Java Maintainers pkg-java-maintainers@lists.alioth.debian.org Changed-By: tony mancill tmanc...@debian.org Description: libjffi-java - Java Foreign Function Interface libjffi-jni - Java Foreign Function Interface (JNI library) Closes: 667215 675180 Changes: jffi (1.0.2-9) unstable; urgency=low . * Team upload. * Patch d/control build-dep on default-jdk. (Closes: #675180) - Thanks to James Page. * Bump Standards-Version to 3.9.3 (no changes). * d/copyright: update for
Bug#667215: marked as done (jffi: ftbfs with GCC-4.7)
Your message dated Thu, 31 May 2012 05:17:23 + with message-id e1szxld-0006n3...@franck.debian.org and subject line Bug#667215: fixed in jffi 1.0.2-9 has caused the Debian Bug report #667215, regarding jffi: ftbfs with GCC-4.7 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 667215: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=667215 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: jffi Version: 1.0.2-8 Severity: important Tags: sid wheezy User: debian-...@lists.debian.org Usertags: ftbfs-gcc-4.7 The package fails to build in a test rebuild on at least amd64 with gcc-4.7/g++-4.7, but succeeds to build with gcc-4.6/g++-4.6. The severity of this report may be raised before the wheezy release. [exec] cc: error: unrecognized command line option '-mimpure-text' The full build log can be found at: http://people.debian.org/~lucas/logs/2012/03/29-clang-gcc47/unstable-gcc47/jffi_1.0.2-8_unstable-gcc47.log The last lines of the build log are at the end of this report. Some hints on fixing these issues can be found at http://gcc.gnu.org/gcc-4.7/porting_to.html To build with GCC 4.7, either set CC=gcc-4.7 CXX=g++-4.7 explicitly, or install the gcc, g++, gfortran, ... packages from experimental. [...] [javac] Compiling 30 source files to /«PKGBUILDDIR»/build/classes [javac] Init.java:171: warning: [deprecation] toURL() in java.io.File has been deprecated [javac] url = jar.toURL(); [javac] ^ [javac] 1 warning -generate-version-source: [echo] Generating Version.java [mkdir] Created dir: /«PKGBUILDDIR»/build/java/com/kenai/jffi -generate-version: [javac] Compiling 1 source file to /«PKGBUILDDIR»/build/classes -compile-java: -generate-native-headers: -build-native-library: [exec] make[1]: Entering directory `/«PKGBUILDDIR»' [exec] cc -o /«PKGBUILDDIR»/build/jni/libjffi-1.0.so -shared -mimpure-text -static-libgcc -Wl,-soname,libjffi-1.0.so -Wl,-O1 /«PKGBUILDDIR»/build/jni/jffi/Array.o /«PKGBUILDDIR»/build/jni/jffi/CallContext.o /«PKGBUILDDIR»/build/jni/jffi/ClosureMagazine.o /«PKGBUILDDIR»/build/jni/jffi/Exception.o /«PKGBUILDDIR»/build/jni/jffi/FastIntInvoke.o /«PKGBUILDDIR»/build/jni/jffi/FastLongInvoke.o /«PKGBUILDDIR»/build/jni/jffi/FastNumericInvoker.o /«PKGBUILDDIR»/build/jni/jffi/Foreign.o /«PKGBUILDDIR»/build/jni/jffi/Function.o /«PKGBUILDDIR»/build/jni/jffi/Internals.o /«PKGBUILDDIR»/build/jni/jffi/Invoke.o /«PKGBUILDDIR»/build/jni/jffi/LastError.o /«PKGBUILDDIR»/build/jni/jffi/Library.o /«PKGBUILDDIR»/build/jni/jffi/Memory.o /«PKGBUILDDIR»/build/jni/jffi/MemoryIO.o /«PKGBUILDDIR»/build/jni/jffi/MemoryUtil.o /«PKGBUILDDIR»/build/jni/jffi/Struct.o /«PKGBUILDDIR»/build/jni/jffi/Type.o /«PKGBUILDDIR»/build/jni/jffi/deprecated.o -lffi [exec] make[1]: Leaving directory `/«PKGBUILDDIR»' [exec] cc: error: unrecognized command line option '-mimpure-text' [exec] make[1]: *** [/«PKGBUILDDIR»/build/jni/libjffi-1.0.so] Error 1 BUILD FAILED /«PKGBUILDDIR»/custom-build.xml:125: exec returned: 2 Total time: 21 seconds make: *** [debian/stamp-ant-build] Error 1 dpkg-buildpackage: error: debian/rules build-arch gave error exit status 2 ---End Message--- ---BeginMessage--- Source: jffi Source-Version: 1.0.2-9 We believe that the bug you reported is fixed in the latest version of jffi, which is due to be installed in the Debian FTP archive: jffi_1.0.2-9.debian.tar.gz to main/j/jffi/jffi_1.0.2-9.debian.tar.gz jffi_1.0.2-9.dsc to main/j/jffi/jffi_1.0.2-9.dsc libjffi-java_1.0.2-9_all.deb to main/j/jffi/libjffi-java_1.0.2-9_all.deb libjffi-jni_1.0.2-9_amd64.deb to main/j/jffi/libjffi-jni_1.0.2-9_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 667...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. tony mancill tmanc...@debian.org (supplier of updated jffi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Wed, 30 May 2012 21:48:31 -0700 Source: jffi Binary: libjffi-java libjffi-jni Architecture: source all amd64 Version: 1.0.2-9 Distribution: unstable Urgency:
Processing of tomcat7_7.0.26-4_amd64.changes
tomcat7_7.0.26-4_amd64.changes uploaded successfully to localhost along with the files: tomcat7_7.0.26-4.dsc tomcat7_7.0.26-4.debian.tar.gz tomcat7-common_7.0.26-4_all.deb tomcat7_7.0.26-4_all.deb tomcat7-user_7.0.26-4_all.deb libtomcat7-java_7.0.26-4_all.deb libservlet3.0-java_7.0.26-4_all.deb libservlet3.0-java-doc_7.0.26-4_all.deb tomcat7-admin_7.0.26-4_all.deb tomcat7-examples_7.0.26-4_all.deb tomcat7-docs_7.0.26-4_all.deb Greetings, Your Debian queue daemon (running on host franck.debian.org) __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
tomcat7_7.0.26-4_amd64.changes ACCEPTED into unstable
Accepted: libservlet3.0-java-doc_7.0.26-4_all.deb to main/t/tomcat7/libservlet3.0-java-doc_7.0.26-4_all.deb libservlet3.0-java_7.0.26-4_all.deb to main/t/tomcat7/libservlet3.0-java_7.0.26-4_all.deb libtomcat7-java_7.0.26-4_all.deb to main/t/tomcat7/libtomcat7-java_7.0.26-4_all.deb tomcat7-admin_7.0.26-4_all.deb to main/t/tomcat7/tomcat7-admin_7.0.26-4_all.deb tomcat7-common_7.0.26-4_all.deb to main/t/tomcat7/tomcat7-common_7.0.26-4_all.deb tomcat7-docs_7.0.26-4_all.deb to main/t/tomcat7/tomcat7-docs_7.0.26-4_all.deb tomcat7-examples_7.0.26-4_all.deb to main/t/tomcat7/tomcat7-examples_7.0.26-4_all.deb tomcat7-user_7.0.26-4_all.deb to main/t/tomcat7/tomcat7-user_7.0.26-4_all.deb tomcat7_7.0.26-4.debian.tar.gz to main/t/tomcat7/tomcat7_7.0.26-4.debian.tar.gz tomcat7_7.0.26-4.dsc to main/t/tomcat7/tomcat7_7.0.26-4.dsc tomcat7_7.0.26-4_all.deb to main/t/tomcat7/tomcat7_7.0.26-4_all.deb Changes: tomcat7 (7.0.26-4) unstable; urgency=low . * Address regression leaving ROOT webapp files after purge. (Closes: #670440) * Update copyright year in javadoc to 2012. Override entries for your package: libservlet3.0-java-doc_7.0.26-4_all.deb - optional doc libservlet3.0-java_7.0.26-4_all.deb - optional java libtomcat7-java_7.0.26-4_all.deb - optional java tomcat7-admin_7.0.26-4_all.deb - optional java tomcat7-common_7.0.26-4_all.deb - optional java tomcat7-docs_7.0.26-4_all.deb - optional doc tomcat7-examples_7.0.26-4_all.deb - optional java tomcat7-user_7.0.26-4_all.deb - optional java tomcat7_7.0.26-4.dsc - source java tomcat7_7.0.26-4_all.deb - optional java Announcing to debian-devel-chan...@lists.debian.org Closing bugs: 670440 Thank you for your contribution to Debian. __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
Bug#670440: marked as done (tomcat7: unowned files after purge (policy 6.8, 10.8))
Your message dated Thu, 31 May 2012 05:32:37 + with message-id e1szxzx-ay...@franck.debian.org and subject line Bug#670440: fixed in tomcat7 7.0.26-4 has caused the Debian Bug report #670440, regarding tomcat7: unowned files after purge (policy 6.8, 10.8) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 670440: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670440 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: tomcat7 Version: 7.0.26-1 Severity: important User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package left unowned files on the system after purge, which is a violation of policy 6.8 (or 10.8): http://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#s-removedetails Filing this as important as having a piuparts clean archive is a release goal since lenny. From the attached log (scroll to the bottom...): 1m11.9s ERROR: FAIL: Package purging left files on system: /etc/authbind/ not owned /etc/authbind/byuid/ not owned /var/lib/tomcat7/ owned by: tomcat7 /var/lib/tomcat7/webapps/ owned by: tomcat7 /var/lib/tomcat7/webapps/ROOT/ not owned /var/lib/tomcat7/webapps/ROOT/META-INF/not owned /var/lib/tomcat7/webapps/ROOT/META-INF/context.xml not owned /var/lib/tomcat7/webapps/ROOT/index.html not owned /etc/authbind/byuid/ could be handled by dpkg if the package would ship an empty directory. cheers, Andreas tomcat7_7.0.26-1.log.gz Description: GNU Zip compressed data ---End Message--- ---BeginMessage--- Source: tomcat7 Source-Version: 7.0.26-4 We believe that the bug you reported is fixed in the latest version of tomcat7, which is due to be installed in the Debian FTP archive: libservlet3.0-java-doc_7.0.26-4_all.deb to main/t/tomcat7/libservlet3.0-java-doc_7.0.26-4_all.deb libservlet3.0-java_7.0.26-4_all.deb to main/t/tomcat7/libservlet3.0-java_7.0.26-4_all.deb libtomcat7-java_7.0.26-4_all.deb to main/t/tomcat7/libtomcat7-java_7.0.26-4_all.deb tomcat7-admin_7.0.26-4_all.deb to main/t/tomcat7/tomcat7-admin_7.0.26-4_all.deb tomcat7-common_7.0.26-4_all.deb to main/t/tomcat7/tomcat7-common_7.0.26-4_all.deb tomcat7-docs_7.0.26-4_all.deb to main/t/tomcat7/tomcat7-docs_7.0.26-4_all.deb tomcat7-examples_7.0.26-4_all.deb to main/t/tomcat7/tomcat7-examples_7.0.26-4_all.deb tomcat7-user_7.0.26-4_all.deb to main/t/tomcat7/tomcat7-user_7.0.26-4_all.deb tomcat7_7.0.26-4.debian.tar.gz to main/t/tomcat7/tomcat7_7.0.26-4.debian.tar.gz tomcat7_7.0.26-4.dsc to main/t/tomcat7/tomcat7_7.0.26-4.dsc tomcat7_7.0.26-4_all.deb to main/t/tomcat7/tomcat7_7.0.26-4_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 670...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. tony mancill tmanc...@debian.org (supplier of updated tomcat7 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Mon, 28 May 2012 18:45:07 -0700 Source: tomcat7 Binary: tomcat7-common tomcat7 tomcat7-user libtomcat7-java libservlet3.0-java libservlet3.0-java-doc tomcat7-admin tomcat7-examples tomcat7-docs Architecture: source all Version: 7.0.26-4 Distribution: unstable Urgency: low Maintainer: Debian Java Maintainers pkg-java-maintainers@lists.alioth.debian.org Changed-By: tony mancill tmanc...@debian.org Description: libservlet3.0-java - Servlet 3.0 and JSP 2.2 Java API classes libservlet3.0-java-doc - Servlet 3.0 and JSP 2.2 Java API documentation libtomcat7-java - Servlet and JSP engine -- core libraries tomcat7- Servlet and JSP engine tomcat7-admin - Servlet and JSP engine -- admin web applications tomcat7-common - Servlet and JSP engine -- common files tomcat7-docs - Servlet and JSP engine -- documentation tomcat7-examples - Servlet and JSP engine -- example web applications tomcat7-user - Servlet and JSP engine -- tools to create user instances Closes: 670440 Changes: tomcat7 (7.0.26-4) unstable; urgency=low . * Address regression leaving ROOT webapp files after purge. (Closes: #670440) * Update copyright year in javadoc to 2012. Checksums-Sha1: 04eaa732cdda88394ac511ac3059625c7a2554f3 2532 tomcat7_7.0.26-4.dsc
Bug#608286: CVE-2010-4312: does not use HTTPOnly for session cookies by default
On 05/30/2012 05:30 AM, Thijs Kinkhorst wrote: severity 608286 minor thanks httpOnly has been made the default in Tomcat 7, so this ID is essentially about an insecure default setting. For Tomcat 6 I don't esee the need to change the default (which might even break applications). Instead such settings should be taken into account when setting up a Tomcat site. For Squeeze you add a README.Debian or such pointing to the option and the recommendation to use the option? I don't think we can update the Squeeze README for this anymore. A note could be added to the sid version of tomcat6. However, this is not a vulnerability, only extra hardening which is surely useful but not a vulnerability in itself. I'm therefore downgrading this bug to minor: the request to update the README.Debian. Thank you for looking into this bug. I shouldn't have let this one go for so long, but honestly, I'm not sure about the text to add to the package readme. Can you propose appropriate wording to add to README.Debian. Would it be sufficient to reference the CVE and include a link (say, to [1])? Thank you, tony [1] http://www.securityfocus.com/archive/1/archive/1/514866/100/0/threaded signature.asc Description: OpenPGP digital signature __ This is the maintainer address of Debian's Java team http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers. Please use debian-j...@lists.debian.org for discussions and questions.
