Processed: notfound 435246 in 0.59.4-2

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.10.7
> notfound 435246 0.59.4-2
Bug#435246: python-software-properties: Package uploaded to lenny before 
Required: version of python-apt is available
Bug no longer marked as found in version 0.59.4-2.
(By the way, this Bug is currently marked as done.)

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: notfixed 435246 in 0.59.4-2

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.10.7
> notfixed 435246 0.59.4-2
Bug#435246: python-software-properties: Package uploaded to lenny before 
Required: version of python-apt is available
Bug no longer marked as fixed in version 0.59.4-2.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: found 435246 in 0.59.4-2

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.10.7
> found 435246 0.59.4-2
Bug#435246: python-software-properties: Package uploaded to lenny before 
Required: version of python-apt is available
Bug marked as found in version 0.59.4-2 and reopened.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#435246: marked as done (python-software-properties: Package uploaded to lenny before Required: version of python-apt is available)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 09:51:42 +0200
with message-id <[EMAIL PROTECTED]>
and subject line fixing bts issues
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: python-software-properties
Version: 0.59.4-2
Severity: grave
Justification: renders package unusable

This package has been added to lenny, specifying that it
Requires: python-apt > 0.7.2
This is premature: lenny is still on 0.7.2 !
Consequently, the package cannot install (thus is unusuable) on lenny.
No doubt it's perfectly sensible in sid ...

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.21-2-686 (SMP w/2 CPU cores)
Locale: LANG=en_GB.ISO-8859-15, LC_CTYPE=en_GB.ISO-8859-15 (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

--- End Message ---
--- Begin Message ---
Hi!

Sorry for the mess.  I was trying to fix the bts versioning of this bug:
it turns out that a "not-a-bug" situation should be handled by an
unversioned -done.  The versioned -done that was issued earlier cuased
the bug to be marked as found and fixed in the same version, which
causes the bts to keep the bug open.

Best regards,
Bas.

-- 
++
| Bas Zoetekouw  | GPG key: 0644fab7 |
|| Fingerprint: c1f5 f24c d514 3fec 8bf6 |
| [EMAIL PROTECTED] |  a2b1 2bae e41f 0644 fab7 |
++ 

--- End Message ---

Processed: reassign 441898 to cl-flexichain

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.10.9
> reassign 441898 cl-flexichain
Bug#441898: cl-mcclim: depends on cl-flexichain which is missing
Bug reassigned from package `cl-mcclim' to `cl-flexichain'.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447700: realtimebattle: FTBFS on powerpc

2007-10-23 Thread Gerfried Fuchs 
Package: realtimebattle
Version: 1.0.8-3
Severity: serious

Hi!

 I just confirmed the FTBFS of realtimebattle on powerpc in
realtimebattle. You can see the logs on buildd.debian.org:


 So long,
Rhonda



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#444982: marked as done (CVE-2007-5193 information disclosure in default configuration)

2007-10-23 Thread Sven Dowideit 
I have a few questions:

Whats the difference between 

chmod 777 /var/lib/twiki/working/tmp

 and 

chmod 777 /tmp/twiki

as that is all it seems to me you're suggesting is the difference
between a CVE raised on a maybe problem that requires a very odd set of
circumstances and what you have labled as a grave error.

The tmp dir is used (mostly from apache, but also from the command line
and cron jobs) for session files and rcs for its very short lived
temporary files.

working/tmp is NOT used for any web data, it is used by rcs (presumably
responsible for its own security) and for session files which have their
own uniqued filename.

and so, I think you are in error, and need to read the code a little
before you make assertions like this.



Sven


On Sun, 2007-10-21 at 12:26 +0200, Nico Golde wrote:
> Hi Sven,
> * Sven Dowideit <[EMAIL PROTECTED]> [2007-10-21 11:57]:
> > ok, following the url..
> > 
> > Nico, you seem to me to be incorrect.
> > 
> > 777 is on the working/tmp dir only, which is not used for any web
> > content.
> 
> I didn't say this but twiki is using it, no?
> Lets assume you put a symlink in there with a name of a tmp 
> file that has to be written pointing to some web content (I 
> said web content because apache does not run with root) then 
> twiki will overwrite the file following the symlink because 
> the file names of the plugins are predictable.
> If this is not the case I wonder why www-data is the group 
> name.
> 
> > Also, as the twiki cgi scripts are callable from the command
> > line by any user, requiring the working/tmp dir to be writable by any
> > user, I can't think of any way that this is fixable?
> 
> Then let them use /tmp but create unique file names using 
> for example mkstemp.
> 
> Kind regards
> Nico
-- 
Professional Wiki Innovation and Support
Sven Dowideit - http://DistributedINFORMATION.com
A WikiRing Partner http://wikiring.com




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#444986: snmpd: argument parsing causes segfaults

2007-10-23 Thread Sebastian Dröge 
Hi,
is there any progress on this? The patch looks simple enough and
although this is reported for the Ubuntu version of this package also
affects the Debian version (the only Ubuntu changes affect the init
scripts btw).

Bye




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#444982: marked as done (CVE-2007-5193 information disclosure in default configuration)

2007-10-23 Thread Nico Golde 
Hi Sven,
* Sven Dowideit <[EMAIL PROTECTED]> [2007-10-23 10:37]:
> I have a few questions:
> 
> Whats the difference between 
> 
> chmod 777 /var/lib/twiki/working/tmp
> 
>  and 
> 
> chmod 777 /tmp/twiki

Can you please read the mail I wrote and Cced you in?
I remember I wrote  "The old solution is of course not 
secure too."

> as that is all it seems to me you're suggesting is the difference
> between a CVE raised on a maybe problem that requires a very odd set of
> circumstances and what you have labled as a grave error.
> 
> The tmp dir is used (mostly from apache, but also from the command line
> and cron jobs) for session files and rcs for its very short lived
> temporary files.
> 
> working/tmp is NOT used for any web data, it is used by rcs (presumably
> responsible for its own security) and for session files which have their
> own uniqued filename.

NOONE SAID THERE IS ANY WEBCONTENT STORED IN THERE, CAN YOU 
PLEASE JUST READ UP WHAT A SYMLINK ATTACK IS? THANKS!

> and so, I think you are in error, and need to read the code a little
> before you make assertions like this.

Are you going to tell me that this directory in which every 
user can write is *not* used by any process running with 
different priviledges than with the user ones? If yes, you 
are right, if not you are not, simple as is. And I don't 
make any assertions, I just saw that you set insecure file 
permissions /var and there is no reason to, look at your own 
/var, not more not less.

This is the last mail from my side as long as you ignore 
what I wrote in previous mails.

Kind regards
Nico
-- 
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpyQAcawI3he.pgp
Description: PGP signature

Bug#444982: marked as done (CVE-2007-5193 information disclosure in default configuration)

2007-10-23 Thread Nico Golde 
Hi Sven,
btw about the insecure permissions, here you have the next 
thing:
[EMAIL PROTECTED]:~$] ls -l /var/lib/twiki/data/.htpasswd
-rw-rw-r-- 1 www-data www-data 25 2007-10-23 10:56 /var/lib/twiki/data/.htpasswd

I guess this is also not intended.
Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpiag1peVFpR.pgp
Description: PGP signature

Bug#447466: marked as done (charva: FTBFS: Failed to open object 'java/lang/Object')

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 09:02:04 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#447466: fixed in charva 1.1.3-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: charva
version: 1.1.1-4
Severity: serious
User: [EMAIL PROTECTED]
Usertags: qa-ftbfs-20071021 qa-ftbfs
Justification: FTBFS on i386

Hi,

During a rebuild of all packages in sid, your package failed to build on i386.

Relevant part:
dpkg-source: building charva in charva_1.1.1-4.dsc
 debian/rules build
test -x debian/rules
mkdir -p "."
/usr/bin/make -f debian/rules reverse-config
make[1]: Entering directory `/build/user/charva-1.1.1'
make[1]: Nothing to be done for `reverse-config'.
make[1]: Leaving directory `/build/user/charva-1.1.1'
if [ "debian/stamp-patched" = "reverse-patches" ]; then rm -f 
debian/stamp-patched; fi
patches: debian/patches/01-build-xml-kaffeh.patch
Trying patch debian/patches/01-build-xml-kaffeh.patch at level 1 ... 0 ... 
success.
if [ "debian/stamp-patched" != "reverse-patches" ]; then touch 
debian/stamp-patched; fi
if [ "debian/stamp-patched" != "reverse-patches" ] ; then \
/usr/bin/make -f debian/rules update-config ; \
fi
make[1]: Entering directory `/build/user/charva-1.1.1'
make[1]: Nothing to be done for `update-config'.
make[1]: Leaving directory `/build/user/charva-1.1.1'
cd . && /usr/lib/kaffe/bin/java -classpath 
/usr/share/ant/lib/ant.jar:/usr/share/ant/lib/ant-launcher.jar:/usr/share/ant/lib/ant-launcher.jar:/usr/share/ant/lib/ant-nodeps.jar:/usr/lib/kaffe/lib/tools.jar
  -Dant.home=/usr/share/ant org.apache.tools.ant.Main -Dcompile.debug=true 
-Dcompile.optimize=true-propertyfile 
/build/user/charva-1.1.1/debian/ant.properties all
Buildfile: build.xml

clean:

compile:
[mkdir] Created dir: /build/user/charva-1.1.1/java/classes
[javac] Compiling 128 source files to /build/user/charva-1.1.1/java/classes
[javac] --
[javac] 1. WARNING in 
/build/user/charva-1.1.1/java/src/charva/awt/BorderLayout.java (at line 232)
[javac] private int _hgap = 0;
[javac] ^
[javac] The field BorderLayout._hgap is never read locally
[javac] --
[javac] 2. WARNING in 
/build/user/charva-1.1.1/java/src/charva/awt/BorderLayout.java (at line 233)
[javac] private int _vgap = 0;
[javac] ^
[javac] The field BorderLayout._vgap is never read locally
[javac] --
[javac] --
[javac] 3. WARNING in 
/build/user/charva-1.1.1/java/src/charva/awt/Font.java (at line 57)
[javac] private int _size;
[javac] ^
[javac] The field Font._size is never read locally
[javac] --
[javac] --
[javac] 4. WARNING in 
/build/user/charva-1.1.1/java/src/charva/awt/IllegalComponentStateException.java
 (at line 26)
[javac] public class IllegalComponentStateException
[javac]  ^^
[javac] The serializable class IllegalComponentStateException does not 
declare a static final serialVersionUID field of type long
[javac] --
[javac] --
[javac] 5. WARNING in 
/build/user/charva-1.1.1/java/src/charva/awt/LayoutManager.java (at line 22)
[javac] import java.util.Vector;
[javac]
[javac] The import java.util.Vector is never used
[javac] --
[javac] --
[javac] 6. WARNING in 
/build/user/charva-1.1.1/java/src/charva/awt/LayoutManager2.java (at line 22)
[javac] import java.util.Vector;
[javac]
[javac] The import java.util.Vector is never used
[javac] --
[javac] --
[javac] 7. WARNING in 
/build/user/charva-1.1.1/java/src/charva/awt/SyncQueue.java (at line 29)
[javac] class SyncQueue
[javac]   ^
[javac] The serializable class SyncQueue does not declare a static final 
serialVersionUID field of type long
[javac] --
[javac] --
[javac] 8. WARNING in 
/build/user/charva-1.1.1/java/src/charva/awt/TerminfoCapabilityException.java 
(at line 28)
[javac] public class TerminfoCapabilityException extends Exception {
[javac]  ^^^
[javac] The serializable class TerminfoCapabilityException does not declare 
a static final serialVersionUID field of type long
[javac] --
[javac] --
[javac] 9. WARNING in 
/b

Bug#440721: marked as done (FTBFS on sparc while linking usr/klibc/libc.so)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 09:02:07 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#440721: fixed in klibc 1.5.7-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: klibc
Version: 1.5.6-2
Severity: serious

While building your package on sparc the following error occurs:
  KLIBCLD usr/klibc/libc.so
ld: sparc architecture of input file 
`/usr/lib/gcc/sparc-linux-gnu/4.2.1/libgcc.a(_clzdi2.o)' is incompatible with 
sparc:v9 output
ld: sparc architecture of input file 
`/usr/lib/gcc/sparc-linux-gnu/4.2.1/libgcc.a(_clz.o)' is incompatible with 
sparc:v9 output
/usr/lib/gcc/sparc-linux-gnu/4.2.1/libgcc.a(_clzdi2.o): In function `__clzdi2':
(.text+0xc): undefined reference to `_GLOBAL_OFFSET_TABLE_'
/usr/lib/gcc/sparc-linux-gnu/4.2.1/libgcc.a(_clzdi2.o): In function `__clzdi2':
(.text+0x14): undefined reference to `_GLOBAL_OFFSET_TABLE_'
make[3]: *** [usr/klibc/libc.so] Error 1
make[2]: *** [all] Error 2
make[1]: *** [klibc] Error 2
make[1]: Leaving directory `/build/klibc-1.5.6'

Full build log can be found at 
http://status.buildserver.net/fetch.php?&pkg=klibc&ver=1.5.6-2&arch=sparc&stamp=1188846193&file=log&as=raw

-- 
Best regards,
Kilian

--- End Message ---
--- Begin Message ---
Source: klibc
Source-Version: 1.5.7-2

We believe that the bug you reported is fixed in the latest version of
klibc, which is due to be installed in the Debian FTP archive:

klibc-utils-floppy-udeb_1.5.7-2_amd64.udeb
  to pool/main/k/klibc/klibc-utils-floppy-udeb_1.5.7-2_amd64.udeb
klibc-utils-udeb_1.5.7-2_amd64.udeb
  to pool/main/k/klibc/klibc-utils-udeb_1.5.7-2_amd64.udeb
klibc-utils_1.5.7-2_amd64.deb
  to pool/main/k/klibc/klibc-utils_1.5.7-2_amd64.deb
klibc_1.5.7-2.diff.gz
  to pool/main/k/klibc/klibc_1.5.7-2.diff.gz
klibc_1.5.7-2.dsc
  to pool/main/k/klibc/klibc_1.5.7-2.dsc
libklibc-dev_1.5.7-2_amd64.deb
  to pool/main/k/klibc/libklibc-dev_1.5.7-2_amd64.deb
libklibc-udeb_1.5.7-2_amd64.udeb
  to pool/main/k/klibc/libklibc-udeb_1.5.7-2_amd64.udeb
libklibc_1.5.7-2_amd64.deb
  to pool/main/k/klibc/libklibc_1.5.7-2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
maximilian attems <[EMAIL PROTECTED]> (supplier of updated klibc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Tue, 23 Oct 2007 10:25:39 +0200
Source: klibc
Binary: libklibc-dev klibc-utils-floppy-udeb libklibc-udeb libklibc klibc-utils 
klibc-utils-udeb
Architecture: source amd64
Version: 1.5.7-2
Distribution: unstable
Urgency: high
Maintainer: maximilian attems <[EMAIL PROTECTED]>
Changed-By: maximilian attems <[EMAIL PROTECTED]>
Description: 
 klibc-utils - small statically-linked utilities built with klibc
 klibc-utils-floppy-udeb - small utilities built with klibc for the boot floppy 
(udeb)
 klibc-utils-udeb - small statically-linked utilities built with klibc (udeb)
 libklibc   - minimal libc subset for use with initramfs
 libklibc-dev - kernel headers used during the build of klibc
 libklibc-udeb - minimal libc subset for use with initramfs (udeb)
Closes: 440721
Changes: 
 klibc (1.5.7-2) unstable; urgency=high
 .
   * Add 03-sparc-libgcc42.patch (closes: #440721)
 Thanks for report and testing to Kilian Krause <[EMAIL PROTECTED]>
Files: 
 2422d88396c8abb91b1ded39953af199 730 libs optional klibc_1.5.7-2.dsc
 5a938b10785e0bbc9d8f46696d48aae5 10914 libs optional klibc_1.5.7-2.diff.gz
 86c644cd3c2e372e5babb994008f0d46 832054 libdevel optional 
libklibc-dev_1.5.7-2_amd64.deb
 2c45e4ea996f360f536074a0e1f0c58c 46006 libs optional libklibc_1.5.7-2_amd64.deb
 da29a2891de10841224129e24ed65cd8 183964 libs optional 
klibc-utils_1.5.7-2_amd64.deb
 7f34ef8c1589f082bda09cb7d683f155 173566 debian-installer optional 
klibc-utils-udeb_1.5.7-2_amd64.udeb
 957a23fc77c0ca89d9b03b9fd6f3c5b4 61814 debian-installer optional 
klibc-utils-floppy-udeb_1.5.7-2_amd64.udeb
 ef4d99f3627c4ac202dd558762f749d7 36398 debian-installer optional 
libklibc-udeb_1.5.7-2_amd64.udeb
Package-Type: udeb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHHbDOeW7Lc5tEHqgRAjtmAKCnkBrEkmhLLAuXLK

Bug#447367: marked as done (aclock.app: FTBFS: unmet dep libgnustep-gui0.10-dev)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 09:02:03 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#447367: fixed in aclock.app 0.2.3-3
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: aclock.app
version: 0.2.3-2
Severity: serious
User: [EMAIL PROTECTED]
Usertags: qa-ftbfs-20071019 qa-ftbfs
Justification: FTBFS on i386

Hi,

During a rebuild of all packages in sid, your package failed to build on i386.

Relevant part:
** Using build dependencies supplied by package:
Build-Depends: debhelper (>= 4.0.0), libgnustep-gui0.10-dev, gnustep-make
Checking for already installed source dependencies...
debhelper: missing
Using default version 5.0.57
libgnustep-gui0.10-dev: missing
gnustep-make: missing
Checking for source dependency conflicts...
Reading package lists...
Building dependency tree...
Reading state information...
Package libgnustep-gui0.10-dev is not available, but is referred to by another 
package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package libgnustep-gui0.10-dev has no installation candidate
apt-get failed.
Package installation failed
Trying to reinstall removed packages:
Trying to uninstall newly installed packages:
Source-dependencies not satisfied; skipping aclock.app

The full build log is available from
http://people.debian.org/~lucas/logs/2007/10/19

A list of current common problems and possible solutions is available at 
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on about 50 AMD64 nodes
of the Grid'5000 platform, using a clean chroot containing a sid i386
environment.  Internet was not accessible from the build systems.

-- 
| Lucas Nussbaum
| [EMAIL PROTECTED]   http://www.lucas-nussbaum.net/ |
| jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F |


--- End Message ---
--- Begin Message ---
Source: aclock.app
Source-Version: 0.2.3-3

We believe that the bug you reported is fixed in the latest version of
aclock.app, which is due to be installed in the Debian FTP archive:

aclock.app_0.2.3-3.diff.gz
  to pool/main/a/aclock.app/aclock.app_0.2.3-3.diff.gz
aclock.app_0.2.3-3.dsc
  to pool/main/a/aclock.app/aclock.app_0.2.3-3.dsc
aclock.app_0.2.3-3_i386.deb
  to pool/main/a/aclock.app/aclock.app_0.2.3-3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Gürkan Sengün <[EMAIL PROTECTED]> (supplier of updated aclock.app package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Thu, 04 Oct 2007 13:36:56 +0200
Source: aclock.app
Binary: aclock.app
Architecture: source i386
Version: 0.2.3-3
Distribution: unstable
Urgency: low
Maintainer: Gürkan Sengün <[EMAIL PROTECTED]>
Changed-By: Gürkan Sengün <[EMAIL PROTECTED]>
Description: 
 aclock.app - Analog dockapp clock for GNUstep
Closes: 447367
Changes: 
 aclock.app (0.2.3-3) unstable; urgency=low
 .
   * GNUstep transition. (Closes: #447367)
 + Updated debian/rules.
 + Updated debian/dirs.
   * Added a desktop file.
Files: 
 11abab35bcc4b70e0201901feda22985 624 x11 optional aclock.app_0.2.3-3.dsc
 ea948c8c3359602bd05effef273861c9 2178 x11 optional aclock.app_0.2.3-3.diff.gz
 53573f6eb5039f30ab0f41203d2d8562 28372 x11 optional aclock.app_0.2.3-3_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHHars2hliNwI7P08RAmMFAKCFwFaejfYTBvuVIL8e6Q4qiSYJFACdGT4T
JTiK6LieFMRqlLWbQ2vZaP4=
=FBaz
-END PGP SIGNATURE-


--- End Message ---

Bug#444986: snmpd: argument parsing causes segfaults

2007-10-23 Thread Sebastian Dröge 
Am Dienstag, den 23.10.2007, 10:56 +0200 schrieb Sebastian Dröge:
> Hi,
> is there any progress on this? The patch looks simple enough and
> although this is reported for the Ubuntu version of this package also
> affects the Debian version (the only Ubuntu changes affect the init
> scripts btw).

Also there are more instances of
optarg = argv[++optind];

These could of course cause even more segfaults then if optind+1 >
argc...




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#430249: ldbl128 transition for alpha, powerpc, sparc, s390

2007-10-23 Thread Damyan Ivanov 
[d-release CC-ed for oppinion]
[please CC at least debian-perl]

-=| Christian Hammers, Mon, Jun 25, 2007 at 08:24:50PM +0200 |=-
> > > On 2007-06-23 Matthias Klose wrote:
> > > > Package: libdbi-perl
> > > ...
> > > > This package has been indentified as one with header files in
> > > > /usr/include matching 'long *double'. Please close this bug report
> > > > if it is a false positive, or rename the package accordingly.
> > > 
> > > The libdbi-perl package has no files in /usr/include. The long double
> > > is only in a header file that is hidden deep in /usr/lib/perl5.
> > > 
> > > Does it make sense to link against /usr/lib/perl5/auto/DBI/DBI.so?
> > > 
> > > Do I really have to rename the pacakge? And if so to libdbi-perl-ldbl or
> > > to libdbi-perlldbl?
> 
> What do you think?

I think that /usr/lib/perl5/auto/DBI/DBI.so is used only by perl's
Autoloader. This means we only have to depend on a perl that is compiled
with the new glibc/gcc (and not rename the package).

I guess we can use 5.8.8.11-1 as the one in testing (5.8.8-7) is the
same as in stable anyway (and thus uses 64-bit long doubles)?
-- 
damJabberID: [EMAIL PROTECTED]


signature.asc
Description: Digital signature

Bug#447675: xview-clients: WIll not connect to the X server

2007-10-23 Thread Martin Buck 
On Mon, Oct 22, 2007 at 06:55:37PM -0600, Dean Provins wrote:
> When attempting to start any of the Xview client programs (textedit,
> cmdtool etc,), and the Xview example programs, the process fails
> immediately with the following message:
> 
> --start message---
> 0:[EMAIL PROTECTED]:~ 4$ textedit
> XView warning: Cannot load font '-b&h-lucida-medium-r-*-*-*-120-*-*-*-*-*-*' 
> (Font package)
> XView warning: Cannot load font 
> '-b&h-lucida-medium-r-normal-sans-*-120-*-*-*-*-*-*' (Font package)
> XView error: Cannot open connection to window server: :0.0 (Server package)
> --end message---

I'm getting exactly the same error if I hide the fonts XView is complaining
about here, so the two warnings are the cause of the problem.

Do you have the xfonts-75dpi or xfonts-100dpi packages installed? Looking
at your X server log file, that doesn't seem to be the case. Otherwise,
the following output should also contain /usr/share/fonts/X11/{75,100}dpi:

> (**) FontPath set to:
>   /usr/share/fonts/X11/misc,
>   /usr/share/fonts/X11/Type1,
>   /var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType

Please try installing these packages, restart your X server and if XView
apps still fail, send the output of "xlsfonts | grep lucida-medium", the
new X server log file and your /etc/X11/xorg.conf

Martin



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#444982: marked as done (CVE-2007-5193 information disclosure in default configuration)

2007-10-23 Thread Holger Levsen 
Nico,

On Tuesday 23 October 2007 10:51, you wrote:
> NOONE SAID THERE IS ANY WEBCONTENT STORED IN THERE, CAN YOU
> PLEASE JUST READ UP WHAT A SYMLINK ATTACK IS? THANKS!
>
> This is the last mail from my side as long as you ignore
> what I wrote in previous mails.

I understand your frustration (that so many packages have the same security 
problems over and over again), but there is no need to yell at someone.

As I see it, Sven is perfectly willing and able to fix issues in his code, it 
just seems to me, that he doesnt understand symlink attacks, probably because 
he never heard about them. The solution to make him understand this, is not 
to yell at him and stop explaining, but rather continue explaining in a 
friendly way.

Sven, please ignore Nicos tone and have a look at 
http://en.wikipedia.org/wiki/Symlink_race :-)


Thanks & regards & happy hacking,
Holger


pgpEFXvLfhTvT.pgp
Description: PGP signature

Bug#447455: entagged: FTBFS: source not available

2007-10-23 Thread Michael Koch 
On Sun, Oct 21, 2007 at 12:20:22PM +0200, Lucas Nussbaum wrote:
> Package: entagged
> version: 0.31-3
> Severity: serious
> User: [EMAIL PROTECTED]
> Usertags: qa-ftbfs-20071021 qa-ftbfs
> Justification: FTBFS on i386
> 
> Hi,
> 
> During a rebuild of all packages in sid, your package failed to build on i386.
> 
> Relevant part:
> Need to get 3940kB of source archives.
> Get:1 http://idpot.grenoble.grid5000.fr sid/main entagged 0.31-3 (dsc) [784B]
> Err http://idpot.grenoble.grid5000.fr sid/main entagged 0.31-3 (tar)
>   404 Not Found
> Get:2 http://idpot.grenoble.grid5000.fr sid/main entagged 0.31-3 (diff) 
> [4250B]
> Failed to fetch 
> http://idpot.grenoble.grid5000.fr/mirrors/debian/pool/main/e/entagged/entagged_0.31.orig.tar.gz
>   404 Not Found
> Fetched 5034B in 0s (132kB/s)
> E: Failed to fetch some archives.
> /usr/bin/apt-get for sources failed
> 
> Since your package moved from contrib to main, your source tarball has
> to be moved as well. I'm not sure if doing an upload with the source
> tarball is enough: maybe you have to wait until upstream changes its
> version number, or add an epoch.

This is cause by a bug in dak (e.g. #232730). A possible workaround is
to do a complete update with a new orig tarball. This means a new
version number. If upstream is not releasing soon you can do something
like nameing the old tarball entagged_0.31.ds1.orig.tar.gz and use
0.31.ds1-1 as version number for the upload.


Cheers,
Michael



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447372: stardict: FTBFS: stardict_espeak.cpp:89: error: at this point in file

2007-10-23 Thread Andrew Lee 
Lucas Nussbaum wrote:
> During a rebuild of all packages in sid, your package failed to build on i386.

Strange, I can build the package without problem on my i386 sid even
with pbuilder.

Looks like I accidently enabled espeak in last upload. I think I should
actually disable it in next upload. But it still worth a try with the
attached patch from upstream author.

Could you please apply that attached dpatch and test a again for me?

Cheers,

-Andrew
#! /bin/sh /usr/share/dpatch/dpatch-run
## 05_espeak.dpatch by  <[EMAIL PROTECTED]>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.

@DPATCH@
diff -urNad stardict-3.0.0~/src/mainwin.cpp stardict-3.0.0/src/mainwin.cpp
--- stardict-3.0.0~/src/mainwin.cpp 2007-09-04 02:42:10.0 +0800
+++ stardict-3.0.0/src/mainwin.cpp  2007-10-23 16:49:30.0 +0800
@@ -2663,9 +2663,6 @@
oTextWin.Create(vbox1);
gtk_paned_pack2(GTK_PANED(hpaned), vbox1, TRUE, FALSE);
 
-   int pos=conf->get_int_at("main_window/hpaned_pos");
-   gtk_paned_set_position(GTK_PANED(hpaned), pos);
-
oTransWin.Create(notebook);
 }
 
diff -urNad stardict-3.0.0~/src/stardict.cpp stardict-3.0.0/src/stardict.cpp
--- stardict-3.0.0~/src/stardict.cpp2007-09-04 02:42:10.0 +0800
+++ stardict-3.0.0/src/stardict.cpp 2007-10-23 16:49:30.0 +0800
@@ -362,6 +362,8 @@
gtk_widget_realize(window);
gdk_notify_startup_complete();
}
+   int pos=conf->get_int_at("main_window/hpaned_pos");
+   gtk_paned_set_position(GTK_PANED(oMidWin.hpaned), pos);
 
if (oLibs.has_dict() || conf->get_bool_at("network/enable_netdict")) {
if (queryword) {
diff -urNad 
stardict-3.0.0~/stardict-plugins/stardict-espeak-tts-plugin/stardict_espeak.cpp 
stardict-3.0.0/stardict-plugins/stardict-espeak-tts-plugin/stardict_espeak.cpp
--- 
stardict-3.0.0~/stardict-plugins/stardict-espeak-tts-plugin/stardict_espeak.cpp 
2007-09-04 02:42:10.0 +0800
+++ 
stardict-3.0.0/stardict-plugins/stardict-espeak-tts-plugin/stardict_espeak.cpp  
2007-10-23 16:49:30.0 +0800
@@ -86,7 +86,7 @@
 
 bool stardict_tts_plugin_init(StarDictTtsPlugInObject *obj)
 {
-   espeak_Initialize(AUDIO_OUTPUT_PLAYBACK, 0, NULL);
+   espeak_Initialize(AUDIO_OUTPUT_PLAYBACK, 0, NULL, 0);
std::string res = get_cfg_filename();
if (!g_file_test(res.c_str(), G_FILE_TEST_EXISTS)) {
g_file_set_contents(res.c_str(), "[espeak]\nvoice=\n", -1, 
NULL);

Bug#432541: eclipse-cdt FTBFS

2007-10-23 Thread Thomas Girard 
Hello,

On Mon, Oct 22, 2007 at 02:42:40PM +0200, Matthias Klose wrote:
> Thomas, please could check with gcj-4.3 (from experimental) / gcc-snapshot?

With:
 * gcc-snapshot 20071020-1
 * gij-4.3 4.3-20071020-1

I have the same problem; make stops with:
  make: *** [build-stamp] Error 13

I'm not even sure the build process reaches a point where gcj is called.
I'll investigate further this evening.

Thomas



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#443040: scala: FTBFS: GC Warning: Out of Memory! Returning NIL!

2007-10-23 Thread Lex Spoon 
The memory settings are too low for the auto-builder's configuration.  The 
next version uploaded will include a larger setting.  -Lex



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: hibernation hangs since the upgrade to 0.103-1

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> notfound 447571 0.95-2
Bug#447571: hibernation hangs since the upgrade to 0.103-1
Bug no longer marked as found in version 0.95-2.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447571: hibernation hangs since the upgrade to 0.103-1

2007-10-23 Thread Eddy Petrişor 
notfound 447571 0.95-2
thanks

On 22/10/2007, Eddy Petrișor <[EMAIL PROTECTED]> wrote:
> Package: acpi-support
> Version: 0.103-1
> Severity: serious
>
> --- Please enter the report below this line. ---
> Since the upgrade to this version (0.103-1) from (0.95-2) my laptop no longer
> hibernates. It just hangs after displaying "Snapshotting system state", or
> however is called.
>
> The laptop is a Dell Inspiron 6400.
>
> I will try to downgrade back to the previous version and see if the I get back
> the hibernate functionality.

I downgraded the package to 0.95-2 and hibernation worked.Upgraded
again to 0.103-1 and the hibernation hangs again at "Snapshotting
system". Now I went back again to 0.95-2 and hibernation works without
problems.

> If there are any supplemental information you might need, please ask.
>
>
> --- System information. ---
> Architecture: amd64
> Kernel:   Linux 2.6.22-2-amd64
>
> Debian Release: lenny/sid
>   900 testing www.emdebian.org
>   900 testing snapshot.debian.net
>   900 testing security.debian.org
>   900 testing ftp.ro.debian.org
>   900 testing eddyp.homelinux.net
>10 unstableftp.ro.debian.org
>10 unstableeddyp.homelinux.net
>
> --- Package information. ---
> Depends  (Version) | Installed
> ==-+-=
> libc6 (>= 2.6.1-1) | 2.6.1-1
> x11-xserver-utils  | 7.3+1
> acpid   (>= 1.0.4) | 1.0.4-7.1
> hdparm | 7.7-1
> lsb-base(>= 1.3-9) | 3.1-24
> vbetool| 0.7-1.1
> finger | 0.17-11
> powermgmt-base | 1.29
> laptop-detect  | 0.12.1-0.1
> dmidecode   (>= 2.7-1) | 2.9-1
> radeontool | 1.5-5
> nvclock| 0.8b2-1
>
>
>
>


-- 
Regards,
EddyP
=
"Imagination is more important than knowledge" A.Einstein

Bug#445779: good work

2007-10-23 Thread hungerburg 
Package: rdesktop
Followup-For: Bug #445779


thank you Felix and Laszlo!
peter


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.23 (PREEMPT)
Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages rdesktop depends on:
ii  libc6 2.6.1-6GNU C Library: Shared libraries
ii  libssl0.9.8   0.9.8g-1   SSL shared libraries
ii  libx11-6  2:1.0.3-7  X11 client-side library

rdesktop recommends no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447731: Scroll keys do not work any more

2007-10-23 Thread David 
Package: kde-i18n-engb
Version: 4:3.5.8-1
Severity: grave

--- Please enter the report below this line. ---

I encountered two problems today with the keyboard: one solvable and another
not solvable AFAIK. None of them appear when Ctrl+Alt+F1

Although my KDE is in British English, my keyboard layout was another one.
Today, the layout in KDE (not when Ctrl+Alt+F1) switched to UK layout. I
solved it by defining two layouts in the KDE Control Centre, but this is
still a bug that should be fixed.

On the other hand, for both layouts (including the UK layout), *the scroll
keys do not work*. "Right", "left" and "down" do nothing. "Up" launches
Ksnapshot. THIS IS THE GRAVE BUG. It does not appear when Ctrl+Alt+F1.

--- System information. ---
Architecture: i386
Kernel: Linux 2.6.22-2-686

Debian Release: lenny/sid
990 unstable www.debian-multimedia.org
990 unstable ftp.uk.debian.org
500 stable dl.google.com
500 experimental www.debian-multimedia.org
1 experimental ftp.uk.debian.org

--- Package information. ---
Depends (Version) | Installed
==-+-===
kdelibs4c2a (>= 4:3.5.8-1) | 4:3.5.8.dfsg.1-2

Bug#444982: marked as done (CVE-2007-5193 information disclosure in default configuration)

2007-10-23 Thread Sven Dowideit 
mmm, following the link makes me even less convinced that there is a
problem.

the working/tmp dir is used for rcs tmp files, and twiki session files,
both of which use randomised unique filenames.

as the Wikipedia page suggests that the problem is avoided by using
randomised filenames, we seem to be done?

Nico, If i were ignoring what you wrote, I would not be replying. I have
unfortunately found nothing so far to make me understand that there in
fact is a problem. Evey extra detail you guys are giving me, is
reinforcing this opinion

As Holger points out, I am a part time packager (over debian, osx,
windows, rpm, and soon to be Solaris and maybe a few more), so I'm
looking to understand, not just to blindly agree to whatever you say.

Sven

On Tue, 2007-10-23 at 11:34 +0200, Holger Levsen wrote:
> Nico,
> 
> On Tuesday 23 October 2007 10:51, you wrote:
> > NOONE SAID THERE IS ANY WEBCONTENT STORED IN THERE, CAN YOU
> > PLEASE JUST READ UP WHAT A SYMLINK ATTACK IS? THANKS!
> >
> > This is the last mail from my side as long as you ignore
> > what I wrote in previous mails.
> 
> I understand your frustration (that so many packages have the same security 
> problems over and over again), but there is no need to yell at someone.
> 
> As I see it, Sven is perfectly willing and able to fix issues in his code, it 
> just seems to me, that he doesnt understand symlink attacks, probably because 
> he never heard about them. The solution to make him understand this, is not 
> to yell at him and stop explaining, but rather continue explaining in a 
> friendly way.
> 
> Sven, please ignore Nicos tone and have a look at 
> http://en.wikipedia.org/wiki/Symlink_race :-)
> 
> 
> Thanks & regards & happy hacking,
>   Holger
-- 
Professional Wiki Innovation and Support
Sven Dowideit - http://DistributedINFORMATION.com
A WikiRing Partner http://wikiring.com




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447732: openoffice.org-common: file conflict with openoffice.org-gtk

2007-10-23 Thread Josselin Mouette 
Package: openoffice.org-common
Version: 1:2.3.0-2
Severity: serious

The file /usr/lib/openoffice/share/xdg/qstart.desktop is present in both
openoffice.org-common and openoffice.org-gtk, making the latter
uninstallable.

Cheers,
-- 
 .''`.   Josselin Mouette/\./\
: :' :   [EMAIL PROTECTED]
`. `'[EMAIL PROTECTED]
  `-  Debian GNU/Linux -- The power of freedom


signature.asc
Description: Ceci est une partie de message	numériquement signée

Bug#445932: marked as done (maxima: FTBFS on hppa (test failure))

2007-10-23 Thread Debian Bug Tracking System 
Your message dated 23 Oct 2007 09:09:30 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#445932: maxima: FTBFS on hppa (test failure)
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: maxima
Version: 5.12.0-1
Severity: serious
Justification: fails to build from source

Maxima fails to build on hppa, see the complete build log at
http://buildd.debian.org/fetch.cgi?pkg=maxima&arch=hppa&ver=5.12.0-1&stamp=1188561991&file=log&as=raw

> Running tests in rtest15: 
[snip]
> ** Problem 187 ***
> Input:
> 1
> factor(expand(sqrtdenest(integrate(, x, 0, 1
>1  4
>- + (x - 3)
>2
> 
> 
> Result:
> quotient is not exact
>  -- an error.  To debug this try debugmode(true);
> true
> 
> This differed from the expected result:
>   1/41/4 3/4
>8 + 4 2+ sqrt(2)  2 + 73 2- 12 sqrt(2) + 2
> (- 2 atan(---) + log(---)
>   3/41/4
>   - 8 + sqrt(2) - 49 2   33 2
>  1/4 3/4   1/4
>- 2 + 73 2+ 12 sqrt(2) + 2   8 - 4 2+ sqrt(2)
>  - log(-) + 2 atan(---))
> 1/43/4
> 33 2   - 8 + sqrt(2) + 49 2
>  3/4
> /(2 2   )
> 
[snip]
> 207/208 tests passed.
> 
> The following 1 problem failed: (187)

Cheers,
Julien


signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Greetings!  Fixed with recent upstream release.

Take care,

Julien Cristau <[EMAIL PROTECTED]> writes:

> Package: maxima
> Version: 5.12.0-1
> Severity: serious
> Justification: fails to build from source
> 
> Maxima fails to build on hppa, see the complete build log at
> http://buildd.debian.org/fetch.cgi?pkg=maxima&arch=hppa&ver=5.12.0-1&stamp=1188561991&file=log&as=raw
> 
> > Running tests in rtest15: 
> [snip]
> > ** Problem 187 ***
> > Input:
> > 1
> > factor(expand(sqrtdenest(integrate(, x, 0, 1
> >1  4
> >- + (x - 3)
> >2
> > 
> > 
> > Result:
> > quotient is not exact
> >  -- an error.  To debug this try debugmode(true);
> > true
> > 
> > This differed from the expected result:
> >   1/41/4 3/4
> >8 + 4 2+ sqrt(2)  2 + 73 2- 12 sqrt(2) + 2
> > (- 2 atan(---) + log(---)
> >   3/41/4
> >   - 8 + sqrt(2) - 49 2   33 2
> >  1/4 3/4   1/4
> >- 2 + 73 2+ 12 sqrt(2) + 2   8 - 4 2+ sqrt(2)
> >  - log(-) + 2 atan(---))
> > 1/43/4
> > 33 2   - 8 + sqrt(2) + 49 2
> >  3/4
> > /(2 2   )
> > 
> [snip]
> > 207/208 tests passed.
> > 
> > The following 1 problem failed: (187)
> 
> Cheers,
> Julien

-- 
Camm Maguire[EMAIL PROTECTED]
==
"The earth is but one country, and mankind its citizens."  --  Baha'u'llah

--- End Message ---

Bug#447734: libxul0d: vulnerable to CVE-2007-5339

2007-10-23 Thread Sam Morris 
Package: libxul0d
Version: 1.8.1.6-1
Severity: grave
Tags: security
Justification: user security hole

Although 
states that no packages in unstable are vulnerable to this bug, I just
tested Epiphany against it at  and it
managed to crash my browser.

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (540, 'stable'), (520, 'testing'), (510, 'unstable'), (1, 
'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.22-2-k7
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages libxul0d depends on:
ii  libatk1.0-0 1.20.0-1 The ATK accessibility toolkit
ii  libc6   2.6.1-1+b1   GNU C Library: Shared libraries
ii  libcairo2   1.4.10-1 The Cairo 2D vector graphics libra
ii  libfontconfig1  2.4.2-1.2generic font configuration library
ii  libfreetype62.3.5-1+b1   FreeType 2 font engine, shared lib
ii  libgcc1 1:4.2.2-3GCC support library
ii  libglib2.0-02.14.1-5 The GLib library of C routines
ii  libgtk2.0-0 2.12.1-1 The GTK+ graphical user interface 
ii  libhunspell-1.1-0   1.1.9-1  spell checker and morphological an
ii  libjpeg62   6b-13The Independent JPEG Group's JPEG 
ii  libmozjs0d  1.8.1.6-1The Mozilla SpiderMonkey JavaScrip
ii  libnspr4-0d 4.6.7-1  NetScape Portable Runtime Library
ii  libnss3-0d  3.11.7-1 Network Security Service libraries
ii  libpango1.0-0   1.18.2-1 Layout and rendering of internatio
ii  libpng12-0  1.2.15~beta5-1   PNG library - runtime
ii  libstdc++6  4.2.2-3  The GNU Standard C++ Library v3
ii  libx11-62:1.0.3-7X11 client-side library
ii  libxft2 2.1.12-2 FreeType-based font drawing librar
ii  libxinerama11:1.0.2-1X11 Xinerama extension library
ii  libxrender1 1:0.9.4-1X Rendering Extension client libra
ii  libxt6  1:1.0.2-2X11 toolkit intrinsics library
ii  libxul-common   1.8.1.6-1Gecko engine library - common file
ii  zlib1g  1:1.2.3.3.dfsg-6 compression library - runtime

libxul0d recommends no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#445795: [PATCH] Use libfftw3-dev instead of fftw3-dev, fixes #445795

2007-10-23 Thread Samuel Tardieu 
tags 445795 + patch
thanks

---
 debian/control |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/debian/control b/debian/control
index 388f67a..429f524 100644
--- a/debian/control
+++ b/debian/control
@@ -2,7 +2,7 @@ Source: swh-plugins
 Section: sound
 Priority: optional
 Maintainer: Anand Kumria <[EMAIL PROTECTED]>
-Build-Depends: debhelper (>> 4.0.0), libtool, automake1.9, ladspa-sdk, 
fftw3-dev (>= 3.0.1-1), ed, pkg-config
+Build-Depends: debhelper (>> 4.0.0), libtool, automake1.9, ladspa-sdk, 
libfftw3-dev (>= 3.0.1-1), ed, pkg-config
 Standards-Version: 3.7.2
 
 Package: swh-plugins
-- 
1.5.3.4




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: [PATCH] Remove bogus -march=..., fixes #428371, #428435, and #440329

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> merge 428371 428435 440329
Bug#428371: swh-plugins - FTBFS: error: unrecognized command line option 
"-march=s390"
Bug#428435: swh-plugins_0.4.15-0.1(ia64/unstable): FTBFS: bad compiler options
Bug#440329: swh-plugins_0.4.15-0.1(hppa/unstable): FTBFS: unrecognized command 
line option "-march=hppa"
Merged 428371 428435 440329.

> block 428371 by 445795
Bug#445795: swh-plugins: FTBFS: unmet b-dep fftw3-dev
Bug#428371: swh-plugins - FTBFS: error: unrecognized command line option 
"-march=s390"
Was not blocked by any bugs.
Bug#428435: swh-plugins_0.4.15-0.1(ia64/unstable): FTBFS: bad compiler options
Bug#440329: swh-plugins_0.4.15-0.1(hppa/unstable): FTBFS: unrecognized command 
line option "-march=hppa"
Blocking bugs of 428371 added: 445795

> tags 428371 + patch
Bug#428371: swh-plugins - FTBFS: error: unrecognized command line option 
"-march=s390"
There were no tags set.
Bug#428435: swh-plugins_0.4.15-0.1(ia64/unstable): FTBFS: bad compiler options
Bug#440329: swh-plugins_0.4.15-0.1(hppa/unstable): FTBFS: unrecognized command 
line option "-march=hppa"
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#428371: [PATCH] Remove bogus -march=..., fixes #428371, #428435, and #440329

2007-10-23 Thread Samuel Tardieu 
merge 428371 428435 440329
block 428371 by 445795
tags 428371 + patch
thanks

This patch is applied over the one in #445795 (which thus has to be applied
first).

---
 configure.in   |   12 +++-
 debian/control |2 +-
 debian/rules   |1 +
 3 files changed, 5 insertions(+), 10 deletions(-)

diff --git a/configure.in b/configure.in
index afcbc00..9403b30 100644
--- a/configure.in
+++ b/configure.in
@@ -96,15 +96,9 @@ CFLAGS=$lrintf_save_CFLAGS [EMAIL PROTECTED]@/intl [EMAIL 
PROTECTED]@
 if [ echo ${CFLAGS} | grep "\-march=" ]; then
   AC_MSG_WARN([CFLAGS appears to allready contain architecture specifaction, 
using exiting one])
 else
-  AC_MSG_WARN([Can't find architecture specifaction in CFLAGS, picking one 
from build host CPU type])
-  AC_MSG_WARN([May result in non-portable code])
-  dnl For gcc use:
-  MACHINE="-march=${build_cpu}"
-  if test ${build_cpu} = "powerpc"; then MACHINE=""; fi
-  if test ${build_cpu} = "powerpc64"; then MACHINE=""; fi
-  if test ${build_cpu} = "x86_64"; then MACHINE=""; fi
-
-  CFLAGS="$CFLAGS -Wall -O3 -fomit-frame-pointer -fstrength-reduce 
-funroll-loops -ffast-math -fPIC -DPIC ${MACHINE} ${USE_SSE} ${DARWIN_CFLAGS}"
+  AC_MSG_WARN([Can't find architecture specifaction in CFLAGS])
+
+  CFLAGS="$CFLAGS -Wall -O3 -fomit-frame-pointer -fstrength-reduce 
-funroll-loops -ffast-math -fPIC -DPIC ${USE_SSE} ${DARWIN_CFLAGS}"
 
   dnl For Intel's C compiler use:
   dnl CC="icc"
diff --git a/debian/control b/debian/control
index 429f524..86774bd 100644
--- a/debian/control
+++ b/debian/control
@@ -2,7 +2,7 @@ Source: swh-plugins
 Section: sound
 Priority: optional
 Maintainer: Anand Kumria <[EMAIL PROTECTED]>
-Build-Depends: debhelper (>> 4.0.0), libtool, automake1.9, ladspa-sdk, 
libfftw3-dev (>= 3.0.1-1), ed, pkg-config
+Build-Depends: debhelper (>> 4.0.0), libtool, automake1.9, ladspa-sdk, 
libfftw3-dev (>= 3.0.1-1), ed, pkg-config, autoconf (>= 2.61-4)
 Standards-Version: 3.7.2
 
 Package: swh-plugins
diff --git a/debian/rules b/debian/rules
index 2f35af4..1a27898 100755
--- a/debian/rules
+++ b/debian/rules
@@ -20,6 +20,7 @@ endif
 config.status: configure
dh_testdir
# Add here commands to configure the package.
+   autoreconf -f -i
./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) 
--prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info
 
# okay, edit the metadata Makefile to work around some brokeness in 
upstream
-- 
1.5.3.4




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: [PATCH] Use libfftw3-dev instead of fftw3-dev, fixes #445795

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> tags 445795 + patch
Bug#445795: swh-plugins: FTBFS: unmet b-dep fftw3-dev
There were no tags set.
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#433685: Updated flash package for etch

2007-10-23 Thread Sam Morris 
What happened to the updated version of this package for etch? Our users
are still stuck on 9.0.31 which is vulnerable to CVE-2007-3456 ('Integer
overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote
attackers to execute arbitrary code via a large length value for a (1)
Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF
file, related to an "input validation error," including a signed
comparison of values that are assumed to be non-negative.').

-- 
Sam Morris <[EMAIL PROTECTED]>


signature.asc
Description: This is a digitally signed message part

Bug#447735: openoffice.org-core: symbol lookup error

2007-10-23 Thread Josselin Mouette 
Package: openoffice.org-core
Version: 1:2.3.0-2
Severity: grave

When starting the Impress module, I get a symbol lookup error:

/usr/lib/openoffice/program/soffice.bin: symbol lookup error: 
/usr/lib/openoffice/program/i18npool.uno.so: undefined symbol: 
ublock_getCode_3_7

In case it is useful, here is the detail of missing symbols:
15:18 [EMAIL PROTECTED] ~ > ldd -r /usr/lib/openoffice/program/i18npool.uno.so
linux-gate.so.1 =>  (0xe000)
libi18nutilgcc3.so => /usr/lib/openoffice/program/libi18nutilgcc3.so 
(0xb7d98000)
libi18nisolang1gcc3.so => 
/usr/lib/openoffice/program/libi18nisolang1gcc3.so (0xb7d92000)
libuno_cppuhelpergcc3.so.3 => 
/usr/lib/openoffice/program/libuno_cppuhelpergcc3.so.3 (0xb7ccd000)
libuno_cppu.so.3 => /usr/lib/openoffice/program/libuno_cppu.so.3 
(0xb7c9f000)
libuno_sal.so.3 => /usr/lib/openoffice/program/libuno_sal.so.3 
(0xb7add000)
libicui18n.so.38 => /usr/lib/libicui18n.so.38 (0xb797d000)
libicuuc.so.38 => /usr/lib/libicuuc.so.38 (0xb785c000)
libdl.so.2 => /lib/i686/cmov/libdl.so.2 (0xb7857000)
libpthread.so.0 => /lib/i686/cmov/libpthread.so.0 (0xb784)
libstlport_gcc.so.4.6 => /usr/lib/libstlport_gcc.so.4.6 (0xb7775000)
libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0xb768a000)
libm.so.6 => /lib/i686/cmov/libm.so.6 (0xb7665000)
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0xb765a000)
libc.so.6 => /lib/i686/cmov/libc.so.6 (0xb7511000)
libuno_salhelpergcc3.so.3 => 
/usr/lib/openoffice/program/libuno_salhelpergcc3.so.3 (0xb750c000)
libpam.so.0 => /lib/libpam.so.0 (0xb7502000)
libcrypt.so.1 => /lib/i686/cmov/libcrypt.so.1 (0xb74d4000)
libicudata.so.38 => /usr/lib/libicudata.so.38 (0xb6a2a000)
/lib/ld-linux.so.2 (0x8000)
undefined symbol: u_charDirection_3_7   
(/usr/lib/openoffice/program/i18npool.uno.so)
undefined symbol: u_ispunct_3_7 (/usr/lib/openoffice/program/i18npool.uno.so)
undefined symbol: u_isWhitespace_3_7
(/usr/lib/openoffice/program/i18npool.uno.so)
undefined symbol: u_charType_3_7
(/usr/lib/openoffice/program/i18npool.uno.so)
undefined symbol: ublock_getCode_3_7
(/usr/lib/openoffice/program/i18npool.uno.so)
undefined symbol: udata_open_3_7
(/usr/lib/openoffice/program/i18npool.uno.so)
undefined symbol: u_isalnum_3_7 (/usr/lib/openoffice/program/i18npool.uno.so)
undefined symbol: udata_setAppData_3_7  
(/usr/lib/openoffice/program/i18npool.uno.so)


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages openoffice.org-core depends on:
ii  fontconfig  2.4.2-1.2generic font configuration library
ii  libc6   2.6.1-5  GNU C Library: Shared libraries
ii  libcairo2   1.4.10-1 The Cairo 2D vector graphics libra
ii  libcurl3-gnutls 7.17.0-1 Multi-protocol file transfer libra
ii  libdb4.54.5.20-9 Berkeley v4.5 Database Libraries [
ii  libexpat1   1.95.8-4 XML parsing C library - runtime li
ii  libfontconfig1  2.4.2-1.2generic font configuration library
ii  libfreetype62.3.5-1+b1   FreeType 2 font engine, shared lib
ii  libgcc1 1:4.2.2-3GCC support library
ii  libglib2.0-02.14.2-1 The GLib library of C routines
ii  libgstreamer-plugins-ba 0.10.14-4GStreamer libraries from the "base
ii  libgstreamer0.10-0  0.10.14-2Core GStreamer libraries and eleme
ii  libgtk2.0-0 2.12.0-3 The GTK+ graphical user interface 
ii  libhunspell-1.1-0   1.1.9-1  spell checker and morphological an
ii  libice6 2:1.0.4-1X11 Inter-Client Exchange library
ii  libicu383.8-1International Components for Unico
ii  libjpeg62   6b-14The Independent JPEG Group's JPEG 
ii  libldap22.1.30.dfsg-13.5 OpenLDAP libraries
ii  libneon27-gnutls0.27.2-1 An HTTP and WebDAV client library 
ii  libnspr4-0d 4.6.7-1  NetScape Portable Runtime Library
ii  libnss3-0d  3.11.7-1 Network Security Service libraries
ii  libpam0g0.99.7.1-5   Pluggable Authentication Modules l
ii  libpango1.0-0   1.18.2-2 Layout and rendering of internatio
ii  libportaudio2   19+svn20070125-1 Portable audio I/O - shared librar
ii  libsm6  2:1.0.3-1+b1 X11 Session Management library
ii  libsndfile1 1.0.17-4 Library for reading/writing audio 
ii  libstartup-notification 0.9-1library for program launch feedbac
ii  libstdc++6

Processed: Re: Bug#447731: Scroll keys do not work any more

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> reassign 447731 xserver-xorg-input-evdev
Bug#447731: Scroll keys do not work any more
Bug reassigned from package `kde-i18n-engb' to `xserver-xorg-input-evdev'.

> forcemerge 447731 442316
Bug#447731: Scroll keys do not work any more
Bug#442316: xserver-xorg-input-evdev: evdev from experimental messes up my 
keyboard layout
Forcibly Merged 442316 447731.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447731: Scroll keys do not work any more

2007-10-23 Thread Ana Guerrero 
reassign 447731 xserver-xorg-input-evdev
forcemerge 447731 442316 
thanks


This bug is a problem on xserver-xorg-input-evdev, reassigning.

David, downgrade hal and hal-info and it will solve the problem temporaly.

> On Tue, Oct 23, 2007 at 02:03:00PM +0100, David wrote:
> Package: kde-i18n-engb
> Version: 4:3.5.8-1
> Severity: grave
> 
> --- Please enter the report below this line. ---
> 
> I encountered two problems today with the keyboard: one solvable and another
> not solvable AFAIK. None of them appear when Ctrl+Alt+F1
> 
> Although my KDE is in British English, my keyboard layout was another one.
> Today, the layout in KDE (not when Ctrl+Alt+F1) switched to UK layout. I
> solved it by defining two layouts in the KDE Control Centre, but this is
> still a bug that should be fixed.
> 
> On the other hand, for both layouts (including the UK layout), *the scroll
> keys do not work*. "Right", "left" and "down" do nothing. "Up" launches
> Ksnapshot. THIS IS THE GRAVE BUG. It does not appear when Ctrl+Alt+F1.

Yes, but your YOUR CAPS LOCK key still seems to be working fine. 

Ana




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447341: CVE-2007-5208 arbitrary command execution via unfiltered from address

2007-10-23 Thread Nico Golde 
Hi,
uploading now with permission of Henrique.
Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpfexWT31t78.pgp
Description: PGP signature

Bug#441494: marked as done (not installable: needs to be rebuilt against ocaml 3.10)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 14:17:09 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#441494: fixed in graphviz 2.12-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libgv-ocaml
Version: 2.12-4
Severity: serious

"libgv-ocaml" currently can't be installed on unstable due to the
transition from ocaml 3.09 to ocaml 3.10. Simply rebuilding (binNMU
should be ok as well) against the current ocaml-nox version in unstable
should fix the problem, can you please ask for the rebuild and/or due a
sourceful upload?

If you need any help on this (including NMU) feel free to ask on
[EMAIL PROTECTED]

TIA,
Cheers.

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash


--- End Message ---
--- Begin Message ---
Source: graphviz
Source-Version: 2.12-5

We believe that the bug you reported is fixed in the latest version of
graphviz, which is due to be installed in the Debian FTP archive:

graphviz-dev_2.12-5_all.deb
  to pool/main/g/graphviz/graphviz-dev_2.12-5_all.deb
graphviz-doc_2.12-5_all.deb
  to pool/main/g/graphviz/graphviz-doc_2.12-5_all.deb
graphviz_2.12-5.diff.gz
  to pool/main/g/graphviz/graphviz_2.12-5.diff.gz
graphviz_2.12-5.dsc
  to pool/main/g/graphviz/graphviz_2.12-5.dsc
graphviz_2.12-5_amd64.deb
  to pool/main/g/graphviz/graphviz_2.12-5_amd64.deb
libgraphviz3-dev_2.12-5_amd64.deb
  to pool/main/g/graphviz/libgraphviz3-dev_2.12-5_amd64.deb
libgraphviz3_2.12-5_amd64.deb
  to pool/main/g/graphviz/libgraphviz3_2.12-5_amd64.deb
libgv-guile_2.12-5_amd64.deb
  to pool/main/g/graphviz/libgv-guile_2.12-5_amd64.deb
libgv-lua_2.12-5_amd64.deb
  to pool/main/g/graphviz/libgv-lua_2.12-5_amd64.deb
libgv-ocaml_2.12-5_amd64.deb
  to pool/main/g/graphviz/libgv-ocaml_2.12-5_amd64.deb
libgv-perl_2.12-5_amd64.deb
  to pool/main/g/graphviz/libgv-perl_2.12-5_amd64.deb
libgv-php5_2.12-5_amd64.deb
  to pool/main/g/graphviz/libgv-php5_2.12-5_amd64.deb
libgv-python_2.12-5_amd64.deb
  to pool/main/g/graphviz/libgv-python_2.12-5_amd64.deb
libgv-ruby_2.12-5_amd64.deb
  to pool/main/g/graphviz/libgv-ruby_2.12-5_amd64.deb
libgv-tcl_2.12-5_amd64.deb
  to pool/main/g/graphviz/libgv-tcl_2.12-5_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Cyril Brulebois <[EMAIL PROTECTED]> (supplier of updated graphviz package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Tue, 23 Oct 2007 03:21:13 +0200
Source: graphviz
Binary: graphviz-doc libgv-ruby libgraphviz3-dev graphviz libgv-perl libgv-php5 
libgv-guile libgv-python libgraphviz3 libgv-ocaml libgv-tcl libgv-lua 
graphviz-dev
Architecture: source amd64 all
Version: 2.12-5
Distribution: unstable
Urgency: low
Maintainer: Cyril Brulebois <[EMAIL PROTECTED]>
Changed-By: Cyril Brulebois <[EMAIL PROTECTED]>
Description: 
 graphviz   - rich set of graph drawing tools
 graphviz-dev - transitional package for graphviz-dev rename
 graphviz-doc - additional documentation for graphviz
 libgraphviz3 - rich set of graph drawing tools
 libgraphviz3-dev - graphviz libs and headers against which to build 
applications
 libgv-guile - Guile bindings for graphviz
 libgv-lua  - Lua bindings for graphviz
 libgv-ocaml - OCaml bindings for graphviz
 libgv-perl - Perl bindings for graphviz
 libgv-php5 - Php5 bindings for graphviz
 libgv-python - Python bindings for graphviz
 libgv-ruby - Ruby bindings for graphviz
 libgv-tcl  - Tcl bindings for graphviz
Closes: 439385 439525 440829 441494
Changes: 
 graphviz (2.12-5) unstable; urgency=low
 .
   * Modified bindings handling:
  - tclpkg/gv/Makefile.am is now patched to set “-module 
-avoid-version” in
LDFLAGS. There are dynamically loadable modules rather than shared
libraries.
  - Added patch for this:
 - 3_bindings_module_avoid-version_options.
  - Refreshed patch so as to refresh the appropriat

Bug#444982: marked as done (CVE-2007-5193 information disclosure in default configuration)

2007-10-23 Thread Nico Golde 
Hi Sven,
ok trying again in a friendly way.
* Sven Dowideit <[EMAIL PROTECTED]> [2007-10-23 15:10]:
> mmm, following the link makes me even less convinced that there is a
> problem.
> 
> the working/tmp dir is used for rcs tmp files, and twiki session files,
> both of which use randomised unique filenames.
> 
> as the Wikipedia page suggests that the problem is avoided by using
> randomised filenames, we seem to be done?

Yes that is true however I never read twikis source code so 
I just said that if this is just used for temporary files 
that this would introduce a symlink attack. Of course this 
is not the case if the names are really random, I am sorry 
since I assumed you know what a symlink attack is and state 
whether this is the case or not. So if the names are random 
(and not like adding a process id to them) there is no 
problem with this attack.

However there is also another 
problem, since server installations often use partitions and 
having a user controllable directory under /var would end up 
enabling every user to fill the /var partition and thus 
causing a denial of service for every other daemon running 
on the system because they are not able to write log files 
anymore.

> Nico, If i were ignoring what you wrote, I would not be replying.

Well that's unclear to me and really one of the reasons why 
I was so pissed, since you for example wrote that there is 
no web content stored in this directory while I never wrote 
that there is... Anyway, let's forget this.

> I have
> unfortunately found nothing so far to make me understand that there in
> fact is a problem. Evey extra detail you guys are giving me, is
> reinforcing this opinion

Please consider the second situation I wrote above.

> As Holger points out, I am a part time packager (over debian, osx,
> windows, rpm, and soon to be Solaris and maybe a few more), so I'm
> looking to understand, not just to blindly agree to whatever you say.

;) That was never any attention, the opposite was the case, 
I saw that this is world-read-writable, didn't read twikis 
code, saw no intention to have 777 there, thats why I asked  
" Why is setting the rights to 777 done here?". So I hoped that you
are able to judge if the is the case here but I wanted to 
prevent to blindly upload this.

Kind regards
Nico
P.S. There is really nothing personal with you, it looks 
like a bad example for a communication problem here.
-- 
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgpsfflO7qkC5.pgp
Description: PGP signature

Bug#447341: marked as done (CVE-2007-5208 arbitrary command execution via unfiltered from address)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 15:03:35 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#447341: fixed in hplip 1.6.10-4.3
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: hplip
Version: 1.6.10-3
Severity: grave
Tags: security patch

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for hplip.

CVE-2007-5208[0]:
| hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip)
| 1.x and 2.x before 2.7.10 allows context-dependent attackers to
| execute arbitrary commands via shell metacharacters in a from address,
| which is not properly handled when invoking sendmail.

If you fix this vulnerability please also include the CVE id
in your changelog entry.

You can find a patch on:
http://launchpadlibrarian.net/9737865/90_subprocess_replacement.dpatch

For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5208

Kind regards
Nico

-- 
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.


pgp5rZJb4eWXD.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: hplip
Source-Version: 1.6.10-4.3

We believe that the bug you reported is fixed in the latest version of
hplip, which is due to be installed in the Debian FTP archive:

hpijs-ppds_2.6.10+1.6.10-4.3_all.deb
  to pool/main/h/hplip/hpijs-ppds_2.6.10+1.6.10-4.3_all.deb
hpijs_2.6.10+1.6.10-4.3_i386.deb
  to pool/main/h/hplip/hpijs_2.6.10+1.6.10-4.3_i386.deb
hplip-data_1.6.10-4.3_all.deb
  to pool/main/h/hplip/hplip-data_1.6.10-4.3_all.deb
hplip-dbg_1.6.10-4.3_i386.deb
  to pool/main/h/hplip/hplip-dbg_1.6.10-4.3_i386.deb
hplip-doc_1.6.10-4.3_all.deb
  to pool/main/h/hplip/hplip-doc_1.6.10-4.3_all.deb
hplip_1.6.10-4.3.diff.gz
  to pool/main/h/hplip/hplip_1.6.10-4.3.diff.gz
hplip_1.6.10-4.3.dsc
  to pool/main/h/hplip/hplip_1.6.10-4.3.dsc
hplip_1.6.10-4.3_i386.deb
  to pool/main/h/hplip/hplip_1.6.10-4.3_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde <[EMAIL PROTECTED]> (supplier of updated hplip package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Mon, 22 Oct 2007 10:31:55 +0200
Source: hplip
Binary: hpijs hplip-data hpijs-ppds hplip hplip-doc hplip-dbg
Architecture: source all i386
Version: 1.6.10-4.3
Distribution: unstable
Urgency: high
Maintainer: Henrique de Moraes Holschuh <[EMAIL PROTECTED]>
Changed-By: Nico Golde <[EMAIL PROTECTED]>
Description: 
 hpijs  - HP Linux Printing and Imaging - gs IJS driver (hpijs)
 hpijs-ppds - HP Linux Printing and Imaging - HPIJS PPD files
 hplip  - HP Linux Printing and Imaging System (HPLIP)
 hplip-data - HP Linux Printing and Imaging - data files
 hplip-dbg  - HP Linux Printing and Imaging - debugging information
 hplip-doc  - HP Linux Printing and Imaging - documentation
Closes: 447341
Changes: 
 hplip (1.6.10-4.3) unstable; urgency=high
 .
   * Non-maintainer upload by testing security team.
   * Included CVE-2007-5208.dpatch to fix
 arbitrary command execution in hpssd via crafted from address
 because of missing sanitization (CVE-2007-5208) (Closes: #447341).
Files: 
 094ed210c3e1374d2c9e068c641a00ee 887 utils optional hplip_1.6.10-4.3.dsc
 b2651411d5f37b2bd99337546990dd1e 257667 utils optional hplip_1.6.10-4.3.diff.gz
 f40a568a2e2f3c7a1654d0474261d78a 1770786 utils optional 
hpijs-ppds_2.6.10+1.6.10-4.3_all.deb
 c11cd71b7be641a405a5e7ca4995f5bc 6293596 utils optional 
hplip-data_1.6.10-4.3_all.deb
 2a3dbd90fdf501de5dcd0811bc8329cd 1620382 doc optional 
hplip-doc_1.6.10-4.3_all.deb
 ad73bce3e5307892ea791e6210a953a2 345666 text optional 
hpijs_2.6.10+1.6.10-4.3_i386.deb
 183ce57f0381efe640450d0283e8a5c0 567272 utils optional 
hplip_1.6.10-4.3_i386.deb
 cfe0d661472fb502b0e2539c054e47c3 820162 utils extra 
hplip-dbg_1.6.10-4.3_i386.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHHgdeHYflSXNkfP8RAmDiAKCREhxx6FS741kRH5JJBWnJLz3rcwCfSiwv
NL4m5BK9IPeHTjTNZ90rQd0=
=6B1e
-END PGP SIGNATURE-


--- End Message ---

Bug#447735: libicu38

2007-10-23 Thread Nicolas STRANSKY 
Salut,

The problem comes from the upgrade of libicu38 from 3.8~d01-1 to 3.8-1,
both in experimental.
libicu38_3.8~d01-1_i386.deb can be found on snapshot.debian.net.

Regards,
-- 
Nico



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447429: Closing obsolete tickets

2007-10-23 Thread Esteban Manchado Vel�zquez 
Hi,

This bug is obsolete with the new dhelp version (dhelp_parse is now
a Ruby program, and it doesn't use debconf at all)...

-- 
Esteban Manchado Velázquez <[EMAIL PROTECTED]>
EuropeSwPatentFree - http://EuropeSwPatentFree.hispalinux.es
Help spread it through the Net in signatures, webpages, whatever!

Bug#447429: marked as done (dhelp: dhelp is preventing the installation of most packages)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 17:59:31 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Closing obsolete tickets
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: dhelp
Version: 0.5.24-0.1
Severity: critical

When installing most packages, I get one or more of the following messages:

  /usr/sbin/dhelp_parse: /usr/lib/libdb-4.5.so: no version information
  available (required by /usr/sbin/dhelp_parse)

Then it hangs until I hit C-c. In some cases, it's rendered the package
that called it broken so that I had to uninstall the broken package.

My (hardly optimal) workaround was to uninstall dhelp.

Tagged critical as it breaks other packages.


-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (600, 'testing'), (80, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) (ignored: LC_ALL set to 
en_US)
Shell: /bin/sh linked to /bin/bash

Versions of packages dhelp depends on:
ii  debconf [debconf-2.0] 1.5.14 Debian configuration management sy
ii  libc6 2.6.1-1+b1 GNU C Library: Shared libraries
ii  libdb4.5  4.5.20-1   Berkeley v4.5 Database Libraries [
ii  perl-modules  5.8.8-7Core Perl modules

Versions of packages dhelp recommends:
ii  iceweasel [www-bro 2.0.0.6-0etch1+lenny1 lightweight web browser based on M
ii  links [www-browser 1.00~pre20-0.1Character mode WWW browser
ii  lynx [www-browser] 2.8.6-2   Text-mode WWW Browser
ii  w3m [www-browser]  0.5.1-5.1+b1  WWW browsable pager with excellent
ii  xemacs21-gnome-mul 21.4.20-2 highly customizable text editor --

-- debconf information:
  dhelp/www-browser-console: w3m
  dhelp/www-browser-x: mozilla

-- 
Bill Wohler <[EMAIL PROTECTED]>  http://www.newt.com/wohler/  GnuPG ID:610BD9AD


--- End Message ---
--- Begin Message ---
Hi,

This bug is obsolete with the new dhelp version (dhelp_parse is now
a Ruby program, and it doesn't use debconf at all)...

-- 
Esteban Manchado Velázquez <[EMAIL PROTECTED]>
EuropeSwPatentFree - http://EuropeSwPatentFree.hispalinux.es
Help spread it through the Net in signatures, webpages, whatever!

--- End Message ---

Bug#446710: marked as done (ntpd won't start up due to upgraded libssl)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 17:17:04 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#446711: fixed in ntp 1:4.2.4p4+dfsg-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: ntp
Version: 1:4.2.4p3+dfsg-1
Severity: grave
Justification: renders package unusable


Recently libssl0.9.8 was upgraded to 0.9.8f-1

When this happenned the following occured in the logs:
Oct 15 14:03:28 jandi3 ntpd[3848]: ntpd [EMAIL PROTECTED] Mon Aug 13
16:20:18 UTC 2007 (1)
Oct 15 14:03:28 jandi3 ntpd[3848]: ntpd: OpenSSL version mismatch. Built
against 90805f, you have 908070

and ntpd failed to start.

Solved (temporarily) by downgrading to libssl0.9.8 version 0.9.8e-9.


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.20final_dccp (PREEMPT)
Locale: LANG=en_NZ, LC_CTYPE=en_NZ (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages ntp depends on:
ii  adduser   3.105  add and remove users and groups
ii  libc6 2.6.1-5GNU C Library: Shared libraries
ii  libcap1   1:1.10-14  support for getting/setting POSIX.
ii  libreadline5  5.2-3  GNU readline and history libraries
ii  libssl0.9.8   0.9.8e-9   SSL shared libraries
ii  lsb-base  3.1-24 Linux Standard Base 3.1 init scrip
ii  netbase   4.30   Basic TCP/IP networking system
ii  perl  5.8.8-11   Larry Wall's Practical Extraction 

ntp recommends no packages.

-- no debconf information


--- End Message ---
--- Begin Message ---
Source: ntp
Source-Version: 1:4.2.4p4+dfsg-2

We believe that the bug you reported is fixed in the latest version of
ntp, which is due to be installed in the Debian FTP archive:

ntp-doc_4.2.4p4+dfsg-2_all.deb
  to pool/main/n/ntp/ntp-doc_4.2.4p4+dfsg-2_all.deb
ntp_4.2.4p4+dfsg-2.diff.gz
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2.diff.gz
ntp_4.2.4p4+dfsg-2.dsc
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2.dsc
ntp_4.2.4p4+dfsg-2_amd64.deb
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2_amd64.deb
ntpdate_4.2.4p4+dfsg-2_amd64.deb
  to pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kurt Roeckx <[EMAIL PROTECTED]> (supplier of updated ntp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Tue, 23 Oct 2007 18:39:47 +0200
Source: ntp
Binary: ntp-doc ntpdate ntp
Architecture: source all amd64
Version: 1:4.2.4p4+dfsg-2
Distribution: unstable
Urgency: low
Maintainer: Debian NTP Team <[EMAIL PROTECTED]>
Changed-By: Kurt Roeckx <[EMAIL PROTECTED]>
Description: 
 ntp- Network Time Protocol daemon and utility programs
 ntp-doc- Network Time Protocol documentation
 ntpdate- client for setting system time from NTP servers
Closes: 446710 446711 447431
Changes: 
 ntp (1:4.2.4p4+dfsg-2) unstable; urgency=low
 .
   * Disable checking of openssl library version.
 (Closes: #446710, #446711, #447431)
 Patch from Steve Langasek <[EMAIL PROTECTED]>
Files: 
 5d93e19eb59cc74d185ffb5d8ae2 936 net optional ntp_4.2.4p4+dfsg-2.dsc
 6745f7bb76a09a3544df5ce51b3c6e1a 278510 net optional ntp_4.2.4p4+dfsg-2.diff.gz
 75c00359ef0e6b1160a4b5cedc442a91 928676 doc optional 
ntp-doc_4.2.4p4+dfsg-2_all.deb
 6d96dbc62d5abf91f11dff46a5fa 477646 net optional 
ntp_4.2.4p4+dfsg-2_amd64.deb
 6d8511596209a6ca086ca33c13da8c6e 62180 net optional 
ntpdate_4.2.4p4+dfsg-2_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHHilvQdwckHJElwsRAiwzAKCUdHiyHvNGJ1FRjSNf3cNkGBi3AwCfV0WC
8s3aoo09j7JVC+C2Nn3/LHE=
=WJ4e
-END PGP SIGNATURE-


--- End Message ---

Bug#446711: marked as done (ntp: Please build against OpenSSL 908070)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 17:17:04 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#446711: fixed in ntp 1:4.2.4p4+dfsg-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: ntp
Version: 1:4.2.4p3+dfsg-1
Severity: important

When I try
/etc/init.d/ntp start

Oct 15 03:30:19 athlon2400 ntpd[3569]: ntpd [EMAIL PROTECTED] Mon Aug 13
16:20:18 UTC 2007 (1)
Oct 15 03:30:19 athlon2400 ntpd[3569]: ntpd: OpenSSL version mismatch.
Built against 90805f, you have 908070

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-2-k7 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages ntp depends on:
ii  adduser   3.105  add and remove users and groups
ii  libc6 2.6.1-5GNU C Library: Shared libraries
ii  libcap1   1:1.10-14  support for getting/setting POSIX.
ii  libreadline5  5.2-3  GNU readline and history libraries
ii  libssl0.9.8   0.9.8f-1   SSL shared libraries
ii  lsb-base  3.1-24 Linux Standard Base 3.1 init scrip
ii  netbase   4.30   Basic TCP/IP networking system
ii  perl  5.8.8-11   Larry Wall's Practical Extraction 

ntp recommends no packages.

-- no debconf information


--- End Message ---
--- Begin Message ---
Source: ntp
Source-Version: 1:4.2.4p4+dfsg-2

We believe that the bug you reported is fixed in the latest version of
ntp, which is due to be installed in the Debian FTP archive:

ntp-doc_4.2.4p4+dfsg-2_all.deb
  to pool/main/n/ntp/ntp-doc_4.2.4p4+dfsg-2_all.deb
ntp_4.2.4p4+dfsg-2.diff.gz
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2.diff.gz
ntp_4.2.4p4+dfsg-2.dsc
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2.dsc
ntp_4.2.4p4+dfsg-2_amd64.deb
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2_amd64.deb
ntpdate_4.2.4p4+dfsg-2_amd64.deb
  to pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kurt Roeckx <[EMAIL PROTECTED]> (supplier of updated ntp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Tue, 23 Oct 2007 18:39:47 +0200
Source: ntp
Binary: ntp-doc ntpdate ntp
Architecture: source all amd64
Version: 1:4.2.4p4+dfsg-2
Distribution: unstable
Urgency: low
Maintainer: Debian NTP Team <[EMAIL PROTECTED]>
Changed-By: Kurt Roeckx <[EMAIL PROTECTED]>
Description: 
 ntp- Network Time Protocol daemon and utility programs
 ntp-doc- Network Time Protocol documentation
 ntpdate- client for setting system time from NTP servers
Closes: 446710 446711 447431
Changes: 
 ntp (1:4.2.4p4+dfsg-2) unstable; urgency=low
 .
   * Disable checking of openssl library version.
 (Closes: #446710, #446711, #447431)
 Patch from Steve Langasek <[EMAIL PROTECTED]>
Files: 
 5d93e19eb59cc74d185ffb5d8ae2 936 net optional ntp_4.2.4p4+dfsg-2.dsc
 6745f7bb76a09a3544df5ce51b3c6e1a 278510 net optional ntp_4.2.4p4+dfsg-2.diff.gz
 75c00359ef0e6b1160a4b5cedc442a91 928676 doc optional 
ntp-doc_4.2.4p4+dfsg-2_all.deb
 6d96dbc62d5abf91f11dff46a5fa 477646 net optional 
ntp_4.2.4p4+dfsg-2_amd64.deb
 6d8511596209a6ca086ca33c13da8c6e 62180 net optional 
ntpdate_4.2.4p4+dfsg-2_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHHilvQdwckHJElwsRAiwzAKCUdHiyHvNGJ1FRjSNf3cNkGBi3AwCfV0WC
8s3aoo09j7JVC+C2Nn3/LHE=
=WJ4e
-END PGP SIGNATURE-


--- End Message ---

Bug#447431: marked as done (ntp: broken check for OpenSSL versions)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 17:17:04 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#447431: fixed in ntp 1:4.2.4p4+dfsg-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: ntp
Version: 1:4.2.4p4+dfsg-1
Severity: serious
Tags: patch

The ntp package isn't usable in (at least) unstable, because it incorrectly
presumes to second-guess the correct OpenSSL version to link against:

Oct 21 00:19:55 borges ntpd[32073]: ntpd: OpenSSL version mismatch. Built 
against 908070, you have 90807f 

and exits immediately afterwards.

ntp should not be second-guessing the Debian library dependency handling. 
FWIW, this seems to be a recurrence of bug #286913, which was fixed in 2004;
where did that patch disappear to?

The attached patch should correct this bug again.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
[EMAIL PROTECTED]   http://www.debian.org/
diff -u ntp-4.2.4p4+dfsg/debian/changelog ntp-4.2.4p4+dfsg/debian/changelog
--- ntp-4.2.4p4+dfsg/debian/changelog
+++ ntp-4.2.4p4+dfsg/debian/changelog
@@ -1,3 +1,12 @@
+ntp (1:4.2.4p4+dfsg-1.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * High-urgency upload for RC bugfix.
+  * Don't second-guess the Debian dependencies by erroring out when a
+different version of OpenSSL is found.
+
+ -- Steve Langasek <[EMAIL PROTECTED]>  Sun, 21 Oct 2007 00:58:07 -0700
+
 ntp (1:4.2.4p4+dfsg-1) unstable; urgency=medium
 
   * New upstream release
only in patch2:
unchanged:
--- ntp-4.2.4p4+dfsg.orig/ntpd/ntpd.c
+++ ntp-4.2.4p4+dfsg/ntpd/ntpd.c
@@ -506,15 +506,6 @@
 	}
 #endif
 
-#ifdef OPENSSL
-	if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) {
-		msyslog(LOG_ERR,
-		"ntpd: OpenSSL version mismatch. Built against %lx, you have %lx\n",
-		OPENSSL_VERSION_NUMBER, SSLeay());
-		exit(1);
-	}
-#endif
-
 	/* getstartup(argc, argv); / * startup configuration, may set debug */
 
 #ifdef DEBUG
only in patch2:
unchanged:
--- ntp-4.2.4p4+dfsg.orig/util/ntp-keygen.c
+++ ntp-4.2.4p4+dfsg/util/ntp-keygen.c
@@ -255,20 +255,8 @@
 #endif
 
 #ifdef OPENSSL
-	/*
-	 * OpenSSL version numbers: MNNFFPPS: major minor fix patch status
-	 * We match major, minor, fix and status (not patch)
-	 */
-	if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) {
-		fprintf(stderr,
-		"OpenSSL version mismatch. Built against %lx, you have %lx\n",
-		OPENSSL_VERSION_NUMBER, SSLeay());
-		return (-1);
-
-	} else {
-		fprintf(stderr,
-		"Using OpenSSL version %lx\n", SSLeay());
-	}
+	fprintf(stderr,
+	"Using OpenSSL version %lx\n", SSLeay());
 #endif /* OPENSSL */
 
 	/*
--- End Message ---
--- Begin Message ---
Source: ntp
Source-Version: 1:4.2.4p4+dfsg-2

We believe that the bug you reported is fixed in the latest version of
ntp, which is due to be installed in the Debian FTP archive:

ntp-doc_4.2.4p4+dfsg-2_all.deb
  to pool/main/n/ntp/ntp-doc_4.2.4p4+dfsg-2_all.deb
ntp_4.2.4p4+dfsg-2.diff.gz
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2.diff.gz
ntp_4.2.4p4+dfsg-2.dsc
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2.dsc
ntp_4.2.4p4+dfsg-2_amd64.deb
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2_amd64.deb
ntpdate_4.2.4p4+dfsg-2_amd64.deb
  to pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kurt Roeckx <[EMAIL PROTECTED]> (supplier of updated ntp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Tue, 23 Oct 2007 18:39:47 +0200
Source: ntp
Binary: ntp-doc ntpdate ntp
Architecture: source all amd64
Version: 1:4.2.4p4+dfsg-2
Distribution: unstable
Urgency: low
Maintainer: Debian NTP Team <[EMAIL PROTECTED]>
Changed-By: Kurt Roeckx <[EMAIL PROTECTED]>
Description: 
 ntp- Network Time Protocol daemon and utility programs
 ntp-doc- Network Time Protocol documentation
 ntpdate- client for setting system time from NTP servers
Closes: 446710 446711 447431
Changes: 
 ntp (1:4.2.4p4+dfsg-2) unstable; urgency=low
 .
   * Disable checking

Bug#446711: marked as done (ntp: Please build against OpenSSL 908070)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 17:17:04 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#446710: fixed in ntp 1:4.2.4p4+dfsg-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: ntp
Version: 1:4.2.4p3+dfsg-1
Severity: important

When I try
/etc/init.d/ntp start

Oct 15 03:30:19 athlon2400 ntpd[3569]: ntpd [EMAIL PROTECTED] Mon Aug 13
16:20:18 UTC 2007 (1)
Oct 15 03:30:19 athlon2400 ntpd[3569]: ntpd: OpenSSL version mismatch.
Built against 90805f, you have 908070

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-2-k7 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages ntp depends on:
ii  adduser   3.105  add and remove users and groups
ii  libc6 2.6.1-5GNU C Library: Shared libraries
ii  libcap1   1:1.10-14  support for getting/setting POSIX.
ii  libreadline5  5.2-3  GNU readline and history libraries
ii  libssl0.9.8   0.9.8f-1   SSL shared libraries
ii  lsb-base  3.1-24 Linux Standard Base 3.1 init scrip
ii  netbase   4.30   Basic TCP/IP networking system
ii  perl  5.8.8-11   Larry Wall's Practical Extraction 

ntp recommends no packages.

-- no debconf information


--- End Message ---
--- Begin Message ---
Source: ntp
Source-Version: 1:4.2.4p4+dfsg-2

We believe that the bug you reported is fixed in the latest version of
ntp, which is due to be installed in the Debian FTP archive:

ntp-doc_4.2.4p4+dfsg-2_all.deb
  to pool/main/n/ntp/ntp-doc_4.2.4p4+dfsg-2_all.deb
ntp_4.2.4p4+dfsg-2.diff.gz
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2.diff.gz
ntp_4.2.4p4+dfsg-2.dsc
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2.dsc
ntp_4.2.4p4+dfsg-2_amd64.deb
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2_amd64.deb
ntpdate_4.2.4p4+dfsg-2_amd64.deb
  to pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kurt Roeckx <[EMAIL PROTECTED]> (supplier of updated ntp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Tue, 23 Oct 2007 18:39:47 +0200
Source: ntp
Binary: ntp-doc ntpdate ntp
Architecture: source all amd64
Version: 1:4.2.4p4+dfsg-2
Distribution: unstable
Urgency: low
Maintainer: Debian NTP Team <[EMAIL PROTECTED]>
Changed-By: Kurt Roeckx <[EMAIL PROTECTED]>
Description: 
 ntp- Network Time Protocol daemon and utility programs
 ntp-doc- Network Time Protocol documentation
 ntpdate- client for setting system time from NTP servers
Closes: 446710 446711 447431
Changes: 
 ntp (1:4.2.4p4+dfsg-2) unstable; urgency=low
 .
   * Disable checking of openssl library version.
 (Closes: #446710, #446711, #447431)
 Patch from Steve Langasek <[EMAIL PROTECTED]>
Files: 
 5d93e19eb59cc74d185ffb5d8ae2 936 net optional ntp_4.2.4p4+dfsg-2.dsc
 6745f7bb76a09a3544df5ce51b3c6e1a 278510 net optional ntp_4.2.4p4+dfsg-2.diff.gz
 75c00359ef0e6b1160a4b5cedc442a91 928676 doc optional 
ntp-doc_4.2.4p4+dfsg-2_all.deb
 6d96dbc62d5abf91f11dff46a5fa 477646 net optional 
ntp_4.2.4p4+dfsg-2_amd64.deb
 6d8511596209a6ca086ca33c13da8c6e 62180 net optional 
ntpdate_4.2.4p4+dfsg-2_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHHilvQdwckHJElwsRAiwzAKCUdHiyHvNGJ1FRjSNf3cNkGBi3AwCfV0WC
8s3aoo09j7JVC+C2Nn3/LHE=
=WJ4e
-END PGP SIGNATURE-


--- End Message ---

Bug#446710: marked as done (ntpd won't start up due to upgraded libssl)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 17:17:04 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#446710: fixed in ntp 1:4.2.4p4+dfsg-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: ntp
Version: 1:4.2.4p3+dfsg-1
Severity: grave
Justification: renders package unusable


Recently libssl0.9.8 was upgraded to 0.9.8f-1

When this happenned the following occured in the logs:
Oct 15 14:03:28 jandi3 ntpd[3848]: ntpd [EMAIL PROTECTED] Mon Aug 13
16:20:18 UTC 2007 (1)
Oct 15 14:03:28 jandi3 ntpd[3848]: ntpd: OpenSSL version mismatch. Built
against 90805f, you have 908070

and ntpd failed to start.

Solved (temporarily) by downgrading to libssl0.9.8 version 0.9.8e-9.


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.20final_dccp (PREEMPT)
Locale: LANG=en_NZ, LC_CTYPE=en_NZ (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages ntp depends on:
ii  adduser   3.105  add and remove users and groups
ii  libc6 2.6.1-5GNU C Library: Shared libraries
ii  libcap1   1:1.10-14  support for getting/setting POSIX.
ii  libreadline5  5.2-3  GNU readline and history libraries
ii  libssl0.9.8   0.9.8e-9   SSL shared libraries
ii  lsb-base  3.1-24 Linux Standard Base 3.1 init scrip
ii  netbase   4.30   Basic TCP/IP networking system
ii  perl  5.8.8-11   Larry Wall's Practical Extraction 

ntp recommends no packages.

-- no debconf information


--- End Message ---
--- Begin Message ---
Source: ntp
Source-Version: 1:4.2.4p4+dfsg-2

We believe that the bug you reported is fixed in the latest version of
ntp, which is due to be installed in the Debian FTP archive:

ntp-doc_4.2.4p4+dfsg-2_all.deb
  to pool/main/n/ntp/ntp-doc_4.2.4p4+dfsg-2_all.deb
ntp_4.2.4p4+dfsg-2.diff.gz
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2.diff.gz
ntp_4.2.4p4+dfsg-2.dsc
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2.dsc
ntp_4.2.4p4+dfsg-2_amd64.deb
  to pool/main/n/ntp/ntp_4.2.4p4+dfsg-2_amd64.deb
ntpdate_4.2.4p4+dfsg-2_amd64.deb
  to pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-2_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kurt Roeckx <[EMAIL PROTECTED]> (supplier of updated ntp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Tue, 23 Oct 2007 18:39:47 +0200
Source: ntp
Binary: ntp-doc ntpdate ntp
Architecture: source all amd64
Version: 1:4.2.4p4+dfsg-2
Distribution: unstable
Urgency: low
Maintainer: Debian NTP Team <[EMAIL PROTECTED]>
Changed-By: Kurt Roeckx <[EMAIL PROTECTED]>
Description: 
 ntp- Network Time Protocol daemon and utility programs
 ntp-doc- Network Time Protocol documentation
 ntpdate- client for setting system time from NTP servers
Closes: 446710 446711 447431
Changes: 
 ntp (1:4.2.4p4+dfsg-2) unstable; urgency=low
 .
   * Disable checking of openssl library version.
 (Closes: #446710, #446711, #447431)
 Patch from Steve Langasek <[EMAIL PROTECTED]>
Files: 
 5d93e19eb59cc74d185ffb5d8ae2 936 net optional ntp_4.2.4p4+dfsg-2.dsc
 6745f7bb76a09a3544df5ce51b3c6e1a 278510 net optional ntp_4.2.4p4+dfsg-2.diff.gz
 75c00359ef0e6b1160a4b5cedc442a91 928676 doc optional 
ntp-doc_4.2.4p4+dfsg-2_all.deb
 6d96dbc62d5abf91f11dff46a5fa 477646 net optional 
ntp_4.2.4p4+dfsg-2_amd64.deb
 6d8511596209a6ca086ca33c13da8c6e 62180 net optional 
ntpdate_4.2.4p4+dfsg-2_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHHilvQdwckHJElwsRAiwzAKCUdHiyHvNGJ1FRjSNf3cNkGBi3AwCfV0WC
8s3aoo09j7JVC+C2Nn3/LHE=
=WJ4e
-END PGP SIGNATURE-


--- End Message ---

Processed: unarchiving 435386, found 435386 in 96.43.01-2

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.10.9
> unarchive 435386
Unarchived Bug 435386

> found 435386 96.43.01-2
Bug#435386: nvidia-kernel-source: bad attempt to nest fakeroot sessions
Bug marked as found in version 96.43.01-2 and reopened.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#442316: Xorg hotplugging problems [WAS: Re: Bug#442316: xserver-xorg-input-evdev: evdev from experimental messes up my keyboard layout]

2007-10-23 Thread Michael Biebl 
Julien Cristau schrieb:
> On Sat, Sep 15, 2007 at 02:15:52 +0200, Michael Biebl wrote:
> 
>> Package: xserver-xorg-input-evdev
>> Version: 1:1.2.0~git20070819-2
>> Severity: important
>>
>> As you can see from the xorg.conf, I set up a German keyboard layout.
>> After installing evdev from experimental I lost my German
>> keyboard layout (I guess its english, y is z e.g.). 
>> Also, my special keys like alt+f1 dont work anymore.
>>
> Hrm.  I'm not sure why evdev is even loaded.  Did you enable input
> hotplug via hal?

You were right, Julien. It was because of hal (specifically the file
/usr/share/hal/fdi/policy/10osvendor/10-x11-input.fdi) that the evdev
driver was enabled.

Whenever xorg input hotplugging kicks in, the evdev driver is used. The
kbd keyboard settings from xorg.conf are ignored and the en_US keyboard
layout is used.
Unfortunately, the evdev driver seems to lack functionality, e.g. my
multimedia keys don't work anymore, also, very important, STRG+ALT+F1 is
non-functional (maybe this is just a misconfiguration, I don't know. At
least the default configuration seems to lack this functionality).

It gets even worse, if you try to apply a pc105 keyboard layout over
evdev (which can happen if you use GNOMEs/KDEs keyboard selector). Then
you not only have missing keys but also some keys are mis-mapped. E.g.
the UP key is mapped to PRINT [1]. This really makes it hard to navigate.

Since the latest upgrade of hal to 0.5.10, the above fdi file is shipped
by default in hal. So several users have already encountered this
problem (debian bug #447666, #447676).

The question now is, how we proceed from here.
I CCed Daniel Stone, maybe he can give us some input on how to solve
this, and how we can get xorg hotplugging work correctly.

If I understood Daniel correctly, he proposes to set the keyboard layout
(probably based on the values from xorg.conf) via a generated fdi file.
I'd like to avoid that, because that would complicate things.
Preferably, the X server should use the keyboard layout specified in
xorg.conf (for the old kbd driver) even when used in xorg hotplugging mode.

For the second part (DEs applying a pc105 keyboard layout over evdev) I
can't think of a proper solution right now. All I can say is, that I
would prefer, if we don't break working setups.

In case we can't fix the above issues in a reasonable time frame, I will
consider to remove /usr/share/hal/fdi/policy/10osvendor/10-x11-input.fdi
from hal again, at least temporarily.

If you say, that this is soon fixable, I would at least raise the
severity of the hal bug  #447666 to critical, so users of testing will
not be affected by this.

Feedback and comments welcome,

Michael



[1] http://lists.freedesktop.org/archives/xorg/2007-October/029202.html

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#435386: nvidia-kernel-source: bad attempt to nest fakeroot sessions

2007-10-23 Thread Bastian Kleineidam 
Hi,

I just hit bug #435386, attached is a build log. As stated in my previous 
message, removing $(ROOT_CMD) from debian/rules fixes the nested fakeroot 
error.

Regards,
  Bastian
Warning: The file include/linux/version.h exists
The contained UTS_VERSION string:
			""
does not match expectations:
			"2.6.22-ck1treasure5"
I'll try and recover
exec debian/rules  DEBIAN_REVISION=2.6.22-ck1treasure5-10.00.Custom  APPEND_TO_VERSION=treasure5  ROOT_CMD=fakeroot  UNSIGN_CHANGELOG=YES  UNSIGN_SOURCE=YES  modules-image 
make[1]: Entering directory `/usr/src/linux-source-2.6.22'
for module in /usr/src/modules/nvidia-kernel-legacy-96xx /usr/src/modules/squashfs /usr/src/modules/alsa-driver /usr/src/modules/truecrypt ; do   \
  if test -d  $module; then\
	(cd $module;  \
  if ./debian/rules KVERS="2.6.22-ck1treasure5" KSRC="/usr/src/linux-source-2.6.22" \
 KMAINT="Bastian Kleineidam" KEMAIL="[EMAIL PROTECTED]"  \
 KPKG_DEST_DIR="/usr/src/linux-source-2.6.22/.."   \
 KPKG_MAINTAINER="Bastian Kleineidam"\
 KPKG_EXTRAV_ARG="EXTRAVERSION=-ck1treasure5"\
 ARCH="i386" \
 KDREV="2.6.22-ck1treasure5-10.00.Custom" kdist_image; then\
  echo "Module $module processed fine";\
  else  \
   echo "Module $module failed.";  \
   if [ "Xfakeroot" != "X" ]; then  \
  echo "Perhaps $module does not understand --rootcmd?";  \
  echo "If you see messages that indicate that it is not"; \
  echo "in fact being built as root, please file a bug ";  \
  echo "against $module."; \
   fi;  \
   echo "Hit return to Continue";   \
		 read ans;\
  fi;   \
	 );\
	  else  \
   echo "Module $module does not exist";   \
   echo "Hit return to Continue?";  \
	  fi;   \
done
make[2]: Entering directory `/usr/src/modules/nvidia-kernel-legacy-96xx'
echo "ROOT_CMD = fakeroot"
ROOT_CMD = fakeroot
fakeroot /usr/bin/make -w -f debian/rules binary_modules
make[3]: Entering directory `/usr/src/modules/nvidia-kernel-legacy-96xx'
# select which makefile to use.
rm -f /usr/src/modules/nvidia-kernel-legacy-96xx/nv/Makefile || true
if [ 6 = 6  ]; then \
	 cd /usr/src/modules/nvidia-kernel-legacy-96xx/nv ; \
	 ln -s Makefile.kbuild Makefile ; \
	 cd .. ; \
	 if [ 0  = 1 ] ; then \
	dpatch apply 04_minion ; \
	 fi ; \
	 if [ 0 = 1 ]; then \
	 	dpatch apply 01_sysfs ; \
		dpatch status 01_sysfs >patch-stamp ; \
		dpatch apply 02_pcialias ; \
   	dpatch status 02_pcialias >>patch-stamp ; \
	 fi ; \
	fi
if [  6 = 4  ]; then \
	 cd /usr/src/modules/nvidia-kernel-legacy-96xx/nv ; \
	 ln -s Makefile.nvidia Makefile ; \
	 cd .. ; \
	fi
if ! gcc-4.2 -v 2> /dev/null  ; then \
	   echo "Compiler gcc-4.2 does not exist on the system" ; \
	   exit 1; \
	fi   
touch configure-stamp
if [ -f /usr/src/modules/nvidia-kernel-legacy-96xx/debian/control.template ]; then \
		cp  /usr/src/modules/nvidia-kernel-legacy-96xx/debian/control.template /usr/src/modules/nvidia-kernel-legacy-96xx/debian/control; \
	fi
dh_testdir
dh_testroot
PATCHLEVEL = 6 
Kernel compiler version : 4.2.1
Detected compiler version : 4.2.2
   
You appear to be compiling the NVIDIA kernel module with   
a compiler different from the one that was used to compile 
the running kernel. This may be perfectly alright and you 
may be building this module for another kernel in which case
you may ignore this message.
 
The compiler that will be used to compile this module has been
determined from:
 1) the CC environment variable 
 2) that specified in 
/usr/src/linux-source-2.6.22/include/linux/compile.h
 3) gcc 
Using compiler gcc-4.2 version 4.2.2
touch /usr/src/modules/nvidia-kernel-legacy-96xx/nv/gcc-check
touch /usr/src/modules/nvidia-kernel-legacy-96xx/nv/cc-sanity-check
## Main Make ##
IGNORE_CC_MISMATCH=1 CC="gcc-4.2" fakeroot /usr/bin/make -C /usr/src/modules/nvidia-kernel-legacy-96xx/nv -f Makefile SYSSRC=/usr/src/linux-source-2.6.22  EXTRAVERSION=-ck1treasure5 KBUILD_PARAMS="-C /usr/src/linux-source-2.6.22 SUBDIRS=/usr/src/modules/nvidi

Bug#447465: oolite: FTBFS: cp: cannot stat `shared_debug_obj/oolite': No such file or directory

2007-10-23 Thread Eddy Petrișor 
Eddy Petrișor wrote:
> Lucas Nussbaum wrote:
>> Package: oolite
>> version: 1.65-5
>> Severity: serious
>> User: [EMAIL PROTECTED]
>> Usertags: qa-ftbfs-20071021 qa-ftbfs
>> Justification: FTBFS on i386
>>
>> Hi,
>>
>> During a rebuild of all packages in sid, your package failed to build on 
>> i386.
>>
>> Relevant part:
>>  Compiling file src/Core/Geometry.m ...
>>  Compiling file src/Core/Octree.m ...
>>  Compiling file src/Core/CollisionRegion.m ...
>>  Compiling file src/Core/OOColor.m ...
>>  Compiling file src/Core/ScriptCompiler.m ...
>> src/Core/ScriptCompiler.m: In function '-[NSMutableString(OOScript) 
>> replaceString:withString:]':
>> src/Core/ScriptCompiler.m:41: warning: passing argument 3 of 
>> 'replaceOccurrencesOfString:withString:options:range:' makes integer from 
>> pointer without a cast
>>  Compiling file src/Core/StringTokeniser.m ...
>>  Linking objc_program oolite ...
>> rm -rf oolite.debug/Contents
>> /usr/share/GNUstep/Makefiles/mkinstalldirs oolite.debug
>> /usr/share/GNUstep/Makefiles/mkinstalldirs oolite.debug/Resources
>> /usr/share/GNUstep/Makefiles/mkinstalldirs oolite.debug/Contents
>> cp -r Resources oolite.debug/Contents/Resources
>> cp src/Cocoa/Info-Oolite.plist oolite.debug/Resources/Info-gnustep.plist
>> cp shared_debug_obj/oolite oolite.debug
>> cp: cannot stat `shared_debug_obj/oolite': No such file or directory
>> make[1]: *** [after-all] Error 1
>> make[1]: Leaving directory `/build/user/oolite-1.65'
>> make: *** [build-stamp] Error 2
>> dpkg-buildpackage: failure: debian/rules build gave error exit status 2
>>
>> The full build log is available from
>> http://people.debian.org/~lucas/logs/2007/10/21
>>
>> A list of current common problems and possible solutions is available at 
>> http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!
>>
>> About the archive rebuild: The rebuild was done on about 50 AMD64 nodes
>> of the Grid'5000 platform, using a clean chroot containing a sid i386
>> environment.  Internet was not accessible from the build systems.
> 
> This is due to the changes in the underlying tools, gnustep-make and
> libgnustep-base-dev which are in a transition currently. The package in our
> (Debian Games Team's) repo fixes these issues and is addapted to the new 
> tools,
> but I needed to do a build in sid before requesting for an upload.
> 
> I'll do that tonight and ask for the upload. Lucas, I guess you just 
> voluneered
> to do the upload :-D .

Package is available at:
http://users.alioth.debian.org/~eddyp-guest/upload/oolite_1.65-6/oolite_1.65-6.dsc

Built fine in a pbuilder sid.

-- 
Regards,
EddyP
=
"Imagination is more important than knowledge" A.Einstein



signature.asc
Description: OpenPGP digital signature

Bug#424469: marked as done (libgetenv-java - FTBFS: Found 1 semantic error compiling "uk/co/tigress/System.java":)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 18:47:10 +
with message-id <[EMAIL PROTECTED]>
and subject line Bug#424469: fixed in libgetenv-java 1.0-6.1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: libgetenv-java
Version: 1.0-6
Severity: serious
User: [EMAIL PROTECTED]
Usertags: qa-ftbfs

hi,

while doing an archive wide package rebuild your package failed to build from
source for the following reason:

 > dh_testroot
 > rm -f build-stamp configure-stamp
 > rm -rf uk/co/tigress/*.class
 > rm -rf *.jar
 > rm -rf *.o
 > rm -rf *.so
 > dh_clean
 >  dpkg-source -b libgetenv-java-1.0
 > dpkg-source: building libgetenv-java using existing 
 > libgetenv-java_1.0.orig.tar.gz
 > dpkg-source: building libgetenv-java in libgetenv-java_1.0-6.diff.gz
 > dpkg-source: building libgetenv-java in libgetenv-java_1.0-6.dsc
 >  debian/rules build
 > dh_testdir
 > touch configure-stamp
 > dh_testdir
 > jikes-gij uk/co/tigress/System.java
 > 
 > Found 1 semantic error compiling "uk/co/tigress/System.java":
 > 
 >  4. public class System {
 >  ^^
 > *** Semantic Error: The class file "Class.class" in 
 > "/usr/share/java/libgcj-4.1.jar/java/lang" has an invalid format (duplicate 
 > local variable type table).
 > make: *** [build-stamp] Error 1

The Full Build log is available and can be viewed at:

 http://people.debian.org/~lucas/logs/2007/05/15/00_Failed_1/
 
bye,
- michael

--- End Message ---
--- Begin Message ---
Source: libgetenv-java
Source-Version: 1.0-6.1

We believe that the bug you reported is fixed in the latest version of
libgetenv-java, which is due to be installed in the Debian FTP archive:

libgetenv-java_1.0-6.1.diff.gz
  to pool/main/libg/libgetenv-java/libgetenv-java_1.0-6.1.diff.gz
libgetenv-java_1.0-6.1.dsc
  to pool/main/libg/libgetenv-java/libgetenv-java_1.0-6.1.dsc
libgetenv-java_1.0-6.1_amd64.deb
  to pool/main/libg/libgetenv-java/libgetenv-java_1.0-6.1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kumar Appaiah <[EMAIL PROTECTED]> (supplier of updated libgetenv-java package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.7
Date: Fri, 19 Oct 2007 09:05:26 +0530
Source: libgetenv-java
Binary: libgetenv-java
Architecture: source amd64
Version: 1.0-6.1
Distribution: unstable
Urgency: low
Maintainer: Mark Howard <[EMAIL PROTECTED]>
Changed-By: Kumar Appaiah <[EMAIL PROTECTED]>
Description: 
 libgetenv-java - Java library for obtaining environment variables
Closes: 424469
Changes: 
 libgetenv-java (1.0-6.1) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Fix FTBFS by switching to java-gcj-compat instead of
 jikes. (Closes: #424469)
Files: 
 3f94377faf1211ffca003606d4a53f36 598 libs optional libgetenv-java_1.0-6.1.dsc
 391716b994d315476ed4d52d62f4b22b 1905 libs optional 
libgetenv-java_1.0-6.1.diff.gz
 8ebdb0b65dc28a94917e9c93372d8f21 4222 libs optional 
libgetenv-java_1.0-6.1_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHHj/dWSOgCCdjSDsRAr6mAKCVszNWYqgSGbdTffB3dBBb/WAVCwCbBCTG
PaJPFYqhBXMciOLzX4ZgTE0=
=9BFi
-END PGP SIGNATURE-


--- End Message ---

Bug#442316: Xorg hotplugging problems [WAS: Re: Bug#442316: xserver-xorg-input-evdev: evdev from experimental messes up my keyboard layout]

2007-10-23 Thread Daniel Stone 
On Tue, Oct 23, 2007 at 08:02:31PM +0200, ext Michael Biebl wrote:
> Whenever xorg input hotplugging kicks in, the evdev driver is used. The
> kbd keyboard settings from xorg.conf are ignored and the en_US keyboard
> layout is used.

Yes, this should probably be fixed up, I guess.  But the long-term fix
is to provide an FDI file in /etc that specifies the keyboard layout.

> Unfortunately, the evdev driver seems to lack functionality, e.g. my
> multimedia keys don't work anymore, also, very important, STRG+ALT+F1 is
> non-functional (maybe this is just a misconfiguration, I don't know. At
> least the default configuration seems to lack this functionality).

Sounds like the keymap isn't getting loaded correctly; it's always
worked fine here.

> It gets even worse, if you try to apply a pc105 keyboard layout over
> evdev (which can happen if you use GNOMEs/KDEs keyboard selector). Then
> you not only have missing keys but also some keys are mis-mapped. E.g.
> the UP key is mapped to PRINT [1]. This really makes it hard to navigate.

Use the evdev layout, not pc105.

> If I understood Daniel correctly, he proposes to set the keyboard layout
> (probably based on the values from xorg.conf) via a generated fdi file.
> I'd like to avoid that, because that would complicate things.

How would it complicate anything?  xorg.conf is a file, so is an FDI.
We're already using FDIs through HAL, anyway ...

> Preferably, the X server should use the keyboard layout specified in
> xorg.conf (for the old kbd driver) even when used in xorg hotplugging mode.

Yes, probably.

> For the second part (DEs applying a pc105 keyboard layout over evdev) I
> can't think of a proper solution right now. All I can say is, that I
> would prefer, if we don't break working setups.

Unfortunately, there's not much we can do here, except possibly the
evdev driver hacking pc105 to evdev.

Cheers,
Daniel


signature.asc
Description: Digital signature

Bug#435386: nvidia-kernel-source: bad attempt to nest fakeroot sessions

2007-10-23 Thread Philippe Cloutier 
Le October 23, 2007 02:14:36 pm Bastian Kleineidam, vous avez écrit :
> Hi,
>
> I just hit bug #435386, attached is a build log. As stated in my previous
> message, removing $(ROOT_CMD) from debian/rules fixes the nested fakeroot
> error.
>
> Regards,
>   Bastian
Which command triggers this problem?

Bug#433685: Updated flash package for etch

2007-10-23 Thread Bart Martens 
On Tue, 2007-10-23 at 14:43 +0100, Sam Morris wrote:
> What happened to the updated version of this package for etch? 

See:
http://ftp.debian.org/debian/dists/stable-proposed-updates/flashplugin-nonfree_9.0.48.0.1etch1_i386.changes
http://ftp.debian.org/debian/pool/contrib/f/flashplugin-nonfree/

> Our users
> are still stuck on 9.0.31 which is vulnerable to CVE-2007-3456 ('Integer
> overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote
> attackers to execute arbitrary code via a large length value for a (1)
> Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF
> file, related to an "input validation error," including a signed
> comparison of values that are assumed to be non-negative.').
> 




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447794: wammu: error at start

2007-10-23 Thread Ruben Pollan 
Package: wammu
Version: 0.23-1
Severity: grave
Justification: renders package unusable


It breaks at start:

[EMAIL PROTECTED]:~$ wammu
Traceback (most recent call last):
  File "/usr/bin/wammu", line 31, in ?
import Wammu.Locales
  File "/usr/lib/python2.4/site-packages/Wammu/Locales.py", line 31, in ?
import wx
ImportError: No module named wx

Seems to be a python library that is not in dependencies or is wrong linked.

Thanks.


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: powerpc (ppc)

Kernel: Linux 2.6.22.6-ibook (PREEMPT)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages wammu depends on:
ii  python   2.4.4-6 An interactive high-level object-o
ii  python-central   0.5.15  register and build utility for Pyt
ii  python-gammu 0.22-3  Python module to communicate with 
ii  python-wxgtk2.6  2.6.3.2.2-1 wxWidgets Cross-platform C++ GUI t

Versions of packages wammu recommends:
ii  gmobilemedia  0.4+dfsg-2 GTK application used to browse a m
ii  python-bluez [python-bluetoot 0.9.2-1Python wrappers around BlueZ for r
ii  timidity  2.13.2-15  Software sound renderer (MIDI sequ

Versions of packages python-gammu depends on:
ii  libc6 2.6.1-6GNU C Library: Shared libraries
ii  libgammu2 1.13.94-1  Mobile phone management library
ii  python2.4.4-6An interactive high-level object-o
ii  python-central0.5.15 register and build utility for Pyt

-- no debconf information

-- 
Rubén Pollán  | jabber:[EMAIL PROTECTED]
   http://meskio.cauterized.net/blog/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
  Ricos obesos en congresos de cinco tenedores
  Pobres validos escuálidos entre contenedores
Unos brindan en champán de cien dolares
Otros beben agua sucia que trasmite enfermedades
   Nach Scratch
---
Ahora la red actua
http://compartiresbueno.net


signature.asc
Description: Digital signature

Bug#447795: xen-utils-3.0.3-1: [CVE-2007-3919] xenmon.py / xenbaked insecure file accesss

2007-10-23 Thread Steve Kemp 
Package: xen-utils-3.0.3-1
Version: 3.0.3-0-3
Severity: grave
Tags: security
Justification: user security hole


  Xen versions 3.x, and 3.1 contain a tool for processing Xen trace
 buffer information.

  This tool uses the static file /tmp/xenq-shm insecurely allowing
 a local user to truncate any local file when xenbaked or xenmon.py
 are invoked by root.

  Sample session:

# setup.
[EMAIL PROTECTED]:~$ ln -s /etc/passwd /tmp/xenq-shm

# later.
[EMAIL PROTECTED]:~$ sudo xenbaked

# all gone.  :(
[EMAIL PROTECTED]:~$ ls -l /etc/passwd
-rw-r--r-- 1 0 root 327680 2007-10-17 00:14 /etc/passwd

  This flaw is known as CVE-2007-3919 by the common vulnerabilities
 and exposures project.

  As the filename needs to be shared between xenmon.py + xenbaked.c
 a "random" one cannot easily be generated.  The solution that 
 Debian will use for its security update is to create the file in
 a location which is only writable by root - /var/run.

  Security advisory will be released very soon.

Steve
-- 
-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-xen-amd64
Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1)

Versions of packages xen-utils-3.0.3-1 depends on:
ii  iproute20061002-3Professional tools to control the 
ii  libc6  2.3.6.ds1-13etch2 GNU C Library: Shared libraries
ii  libncurses55.5-5 Shared libraries for terminal hand
ii  python 2.4.4-2   An interactive high-level object-o
ii  python-central 0.5.12register and build utility for Pyt
ii  udev   0.105-4   /dev/ and hotplug management daemo
ii  xen-utils-common   3.0.3-0-2 XEN administrative tools - common 
ii  zlib1g 1:1.2.3-13compression library - runtime

Versions of packages xen-utils-3.0.3-1 recommends:
ii  bridge-utils  1.2-1  Utilities for configuring the Linu
ii  xen-hypervisor-3.0.3-1-amd64  3.0.3-0-3  The Xen Hypervisor on AMD64

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: severity of 440549 is grave, tagging 440549

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.10.9
> severity 440549 grave
Bug#440549: xcb_xlib.c:50: xcb_xlib_unlock: Assertion `c->xlib.lock' failed
Severity set to `grave' from `normal'

> tags 440549 + lenny sid
Bug#440549: xcb_xlib.c:50: xcb_xlib_unlock: Assertion `c->xlib.lock' failed
There were no tags set.
Tags added: lenny, sid

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447735: openoffice.org-core: symbol lookup error

2007-10-23 Thread Rene Engelhard 
clone 447735 -1
reassign serious libicu38
severity -1 serious
thanks

Hi,

Josselin Mouette wrote:
> undefined symbol: u_charDirection_3_7   
> (/usr/lib/openoffice/program/i18npool.uno.so)
> undefined symbol: u_ispunct_3_7 (/usr/lib/openoffice/program/i18npool.uno.so)
> undefined symbol: u_isWhitespace_3_7
> (/usr/lib/openoffice/program/i18npool.uno.so)
> undefined symbol: u_charType_3_7
> (/usr/lib/openoffice/program/i18npool.uno.so)
> undefined symbol: ublock_getCode_3_7
> (/usr/lib/openoffice/program/i18npool.uno.so)
> undefined symbol: udata_open_3_7
> (/usr/lib/openoffice/program/i18npool.uno.so)
> undefined symbol: u_isalnum_3_7 (/usr/lib/openoffice/program/i18npool.uno.so)
> undefined symbol: udata_setAppData_3_7  
> (/usr/lib/openoffice/program/i18npool.uno.so)

As Nicolas STRANSKY <[EMAIL PROTECTED]> wrote (unfortunately only to [EMAIL 
PROTECTED] which
does not reach the submitter..):

> Salut,
> 
> The problem comes from the upgrade of libicu38 from 3.8~d01-1 to 3.8-1,
> both in experimental.
> libicu38_3.8~d01-1_i386.deb can be found on snapshot.debian.net.

Looks like a icu bug as it broke compatibility without changing SONAME from
3.8~d01-1 to 3.8-1.

Regards,

Rene


signature.asc
Description: Digital signature

Bug#447732: openoffice.org-common: file conflict with openoffice.org-gtk

2007-10-23 Thread Rene Engelhard 
tag 447732 + pending
thanks

Hi,

Josselin Mouette wrote:
> The file /usr/lib/openoffice/share/xdg/qstart.desktop is present in both
> openoffice.org-common and openoffice.org-gtk, making the latter
> uninstallable.

Hmm. Indeed. It went from -gtk to -common. 

[EMAIL PROTECTED]:~/Debian/Pakete/OpenOffice.org$ dpkg --contents 
openoffice.org-common_2.3.0-3_all.deb | grep qst
-rw-r--r-- root/root   300 2007-10-21 07:20 
./usr/lib/openoffice/share/xdg/qstart.desktop
[EMAIL PROTECTED]:~/Debian/Pakete/OpenOffice.org$ dpkg --contents 
openoffice.org-gtk_2.3.0-3_amd64.deb  | grep qst
-rw-r--r-- root/root 25320 2007-10-21 07:12 
./usr/lib/openoffice/program/libqstart_gtk680lx.so
[EMAIL PROTECTED]:~/Debian/Pakete/OpenOffice.org$  dpkg --contents 
openoffice.org-common_2.3.0-2_all.deb | grep qst
[EMAIL PROTECTED]:~/Debian/Pakete/OpenOffice.org$ dpkg --contents 
openoffice.org-gtk_2.3.0-2_amd64.deb  | grep qst
-rw-r--r-- root/root 25320 2007-10-16 17:56 
./usr/lib/openoffice/program/libqstart_gtk680lx.so
-rw-r--r-- root/root   284 2007-10-16 17:54 
./usr/lib/openoffice/share/xdg/qstart.desktop
[EMAIL PROTECTED]:~/Debian/Pakete/OpenOffice.org$ 

I know what broke it, will fix it.

Regards,

Reene


signature.asc
Description: Digital signature

Bug#444982: marked as done (CVE-2007-5193 information disclosure in default configuration)

2007-10-23 Thread Joey Hess 
Holger Levsen wrote:
> Sven, please ignore Nicos tone and have a look at 
> http://en.wikipedia.org/wiki/Symlink_race :-)

I would not recommend considering this wikipedia page an authoratitive
reference for what can and cannot be used for symlink attacks.

In particular, chosing a random filename and otherwise still writing to
the file insecurely does not solve a symlink attack security hole, it
just makes it N times more difficult for an attacker to successfully
perform the attack. Where N is an arbitrary measure of how hard it is to
guess the filename. For example, if I choose a random filename /tmp/foo.X, N
is approximately 62 (a-z, A-Z, 0-9). A more typical /tmp/foo.XX
obviously has a much higher value of N, but if the attack can be
performed frequently enough or for a long enough time period, the hole
is still possible to exploit.

It's much simpler and better to simply use security best practices that
avoid such attacks alltogether. For example, make sure that temp files
are opened with O_EXCL and symlink attacks become impossible.

Never using mode 777 directories, and at least using +t on shared
temporary directories such as /tmp is another such best practice that
avoids a whole class of security problems.

-- 
see shy jo


signature.asc
Description: Digital signature

Bug#447735: openoffice.org-core: symbol lookup error

2007-10-23 Thread Jay Berkenbilt 

tag 447735 wontfix
thanks

Thanks for the report.  While I recognize the seriousness of
accidental ABI changes (in fact, my start in Debian was managing a
tiff transition caused by just this issue), I don't think there was
ever any guarantee that this type of breakage wouldn't occur between
d01 and the final 3.8 release.  If this were an update to unstable,
I'd back it out or otherwise take some corrective action, but for this
particular instance, I think the best course of action would be to
simply rebuild any affected packages.  I definitely don't want to
modify the debian ICU packages to use a different soname because of an
incompatibility introduced that was confined to the experimental
release and that occurred between a prerelease and the final release.
Since there is no transition from experimental to unstable, there is
no risk of contaminating unstable or testing because of this problem.

--Jay



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Bug#447732: openoffice.org-common: file conflict with openoffice.org-gtk

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> tag 447732 + pending
Bug#447732: openoffice.org-common: file conflict with openoffice.org-gtk
There were no tags set.
Tags added: pending

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#435386: nvidia-kernel-source: bad attempt to nest fakeroot sessions

2007-10-23 Thread Bastian Kleineidam 
Am Dienstag, 23. Oktober 2007 21:20:27 schrieb Philippe Cloutier:
> Le October 23, 2007 02:14:36 pm Bastian Kleineidam, vous avez écrit :
> > Hi,
> >
> > I just hit bug #435386, attached is a build log. As stated in my previous
> > message, removing $(ROOT_CMD) from debian/rules fixes the nested fakeroot
> > error.
> >
> > Regards,
> >   Bastian
>
> Which command triggers this problem?

Here is the command I used:
$ make-kpkg --append-to-version=treasure5 --config=oldconfig --rootcmd 
fakeroot --us --uc modules-image


signature.asc
Description: This is a digitally signed message part.

Processed (with 1 errors): Re: Bug#447735: openoffice.org-core: symbol lookup error

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> clone 447735 -1
Bug#447735: openoffice.org-core: symbol lookup error
Bug 447735 cloned as bug 447799.

> reassign serious libicu38
Unknown command or malformed arguments to command.

> severity -1 serious
Bug#447799: openoffice.org-core: symbol lookup error
Severity set to `serious' from `grave'

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Bug#447735: openoffice.org-core: symbol lookup error

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> tag 447735 wontfix
Bug#447735: openoffice.org-core: symbol lookup error
There were no tags set.
Tags added: wontfix

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: Re: Bug#447735: openoffice.org-core: symbol lookup error

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # wrong bug
> tag 447735 - wontfix
Bug#447735: openoffice.org-core: symbol lookup error
Tags were: wontfix
Tags removed: wontfix

> # reassigning didn't work (typo in first message)
> reassign 447799 libicu38
Bug#447799: openoffice.org-core: symbol lookup error
Bug reassigned from package `openoffice.org-core' to `libicu38'.

> severity 447799 serious
Bug#447799: openoffice.org-core: symbol lookup error
Severity set to `serious' from `serious'

> # right bug.
> tag 447799 wontfix
Bug#447799: openoffice.org-core: symbol lookup error
There were no tags set.
Tags added: wontfix

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447799: Bug#447735: openoffice.org-core: symbol lookup error

2007-10-23 Thread Rene Engelhard 
# wrong bug
tag 447735 - wontfix
# reassigning didn't work (typo in first message)
reassign 447799 libicu38
severity 447799 serious
# right bug.
tag 447799 wontfix
thanks

You tagged the wrong bug. Fullquoting for 447799's sake.
(I care about this because 447735 is not wontfix but I need a new OOo
upload to fix this)

> Thanks for the report.  While I recognize the seriousness of
> accidental ABI changes (in fact, my start in Debian was managing a
> tiff transition caused by just this issue), I don't think there was
> ever any guarantee that this type of breakage wouldn't occur between
> d01 and the final 3.8 release.  If this were an update to unstable,
>
> I'd back it out or otherwise take some corrective action, but for this
> particular instance, I think the best course of action would be to
> simply rebuild any affected packages.  I definitely don't want to
> modify the debian ICU packages to use a different soname because of an
> incompatibrility introduced that was confined to the experimental
> release and that occurred between a prerelease and the final release.
> Since there is no transition from experimental to unstable, there is
> no risk of contaminating unstable or testing because of this problem.

Except for people installing OOo 2.3.0 from experimental because 2.2.1-x
is not really supported by me anymore.

Regards,

Rene


signature.asc
Description: Digital signature

Processed: tagging 447735

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.10.9
> tags 447735 + pending
Bug#447735: openoffice.org-core: symbol lookup error
There were no tags set.
Tags added: pending

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#402165: Sun JDK locking bug with Xinerama fixed upstream; test?

2007-10-23 Thread Josh Triplett 
Hello,

(For background on this issue, see 
http://lists.debian.org/debian-devel-announce/2006/11/msg00010.html ,
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402165 , and
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6532373 .)

I spoke with Tom Marble and others from Sun at OSCON this year, and at
that time we all agreed that the locking bug occurred in the way the
Sun JDK uses Xinerama (by including a copy of the Xinerama source
file).  They applied the appropriate internal prodding to get the AWT
team looking at the issue (and get XCB developers such as Jamey and I
connected with the AWT team), and Sun has closed this issue as of
OpenJDK 7 beta 22 (changelog at
).  The version
of the patch I saw uses the system Xinerama library via dlopen.
Thanks to all involved for pushing this fix through.

Could the submitters of these bug reports against sun-java5 and
sun-java6, and anyone else who has experienced this problem, please
re-test with OpenJDK 7 beta 22?  As documented at
, you can
obtain packages of "icedtea" ("a temporary fork of OpenJDK which
allows building with a free toolchain and adding/replacing code which
is not yet available under a free license") from
http://people.ubuntu.com/~doko/ubuntu/gutsy/ ; thanks to Matthias
Klose and Michael Koch for these packages, and for updating them to
beta 22 so quickly.  (Disclaimer: I have not tried these packages.
However, Matthias stated that "they are installable on sid".)

Note: Make sure after installing these packages that you use the newly
installed Java to test with; you may need to use update-alternatives
to point the various Java alternatives to those provided by the
icedtea packages.

Thank you,
Josh Triplett




signature.asc
Description: OpenPGP digital signature

Bug#444982: marked as done (CVE-2007-5193 information disclosure in default configuration)

2007-10-23 Thread Joey Hess 
Sven Dowideit wrote:
> the working/tmp dir is used for rcs tmp files, and twiki session files,
> both of which use randomised unique filenames.

rcs opens its temp files with O_EXCL, so I don't think it will be vulnerable
to symlink attacks.

In twiki 4.1.2, I quickly found some temp file problems.

./lib/TWiki/Client.pm:open( IPMAP, '>', 
$TWiki::cfg{TempfileDir}.'/ip2sid') ||

Trivial to exploit if you can write to $TWiki::cfg{TempfileDir}.

./lib/TWiki.pm:my $passthruFilename = $TWiki::cfg{TempfileDir} . 
'/passthru_' . $uid;
./lib/TWiki.pm:open(F, ">$passthruFilename") || die "{TempfileDir} cache 
not writable $!";

This $uid md5sum would be hard to guess. I still don't consider this
code fully secure from temp file attacks since it does not use O_EXCL.


I have not done a complete audit. Writing temp files to a 777 directory
scares me. What if another user deletes the temp file (since the directory
is not +t, anyone can)? What if a user deletes a temp file and replaces
the data in it with other data, which is then read back in? (For example,
the passthru_ file above is later read back in by another instance of twiki.)
Could a buffer overflow, malicious data, or incorrect data be substituted in
this way and used to attack twiki or rcs? Rather than trying to answer these
questions, I'd recommend tightening the temp directory permissions.

-- 
see shy jo


signature.asc
Description: Digital signature

Processed: reassign 447795 to xen-3.0

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.9.26
> reassign 447795 xen-3.0 3.0.3-0-3
Bug#447795: xen-utils-3.0.3-1: [CVE-2007-3919] xenmon.py / xenbaked insecure 
file accesss
Bug reassigned from package `xen-utils-3.0.3-1' to `xen-3.0'.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: found 447795 in 3.0.3-0-1

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.9.26
> found 447795 3.0.3-0-1
Bug#447795: xen-utils-3.0.3-1: [CVE-2007-3919] xenmon.py / xenbaked insecure 
file accesss
Bug marked as found in version 3.0.3-0-1.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#423200: quake2: should this package be orphaned?

2007-10-23 Thread Jamie Wilkinson 
This one time, at band camp, Lucas Nussbaum wrote:
>On 09/10/07 at 14:52 +0530, Kartik Mistry wrote:
>> On 10/9/07, Lucas Nussbaum <[EMAIL PROTECTED]> wrote:
>> > > >
>> > > >This should probably be replaced by 
>> > > >http://jdolan.dyndns.org/trac/wiki/Quetoo
>> > >
>> > > This word, I do not think it means what you think it means.
>> >
>> > Hi Jamie,
>> >
>> > I'm not sure I understand what you mean. Can you please rephrase?
>> 
>> I think he want to say that 'Quetoo' is replacement of this 'Quake2'
>> package, as I guess from given link :)
> 
>So Jamie, can you confirm that quake2 should be removed from debian, and
>that Quetoo should be packaged instead?

No, I can not confirm that at all.

If you want to package quetoo, you should do so, with the name quetoo.  Its
usefulness and benefits over the quake2 source tree are independent and
orthogonal.  They are not the same source tree and thus the quake2 package
should not suddenly diverge like that.




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447811: kdm does not use kde or X keyboard layout

2007-10-23 Thread Eric Valette 
Package: kdm
Version: 4:3.5.8.dfsg.1-1
Severity: grave
Justification: renders package unusable

Happened on my PC at work after today update. Happened again on my laptop at
home tonight.

I did not chnage the kde configuration nor the Xorg.conf file and in both case 
keyboard is french.

After typyng passwd as I should on a us keyboard, keyboard is later correctly 
set in konsole.

BTW le up and down arrow do not work. The up arrow launch ksnapshot!

-- System Information:
Debian Release: lenny/sid
  APT prefers testing-proposed-updates
  APT policy: (500, 'testing-proposed-updates'), (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.23 (PREEMPT)
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages kdm depends on:
ii  debconf [debconf-2.0]   1.5.15   Debian configuration management sy
ii  kdebase-bin 4:3.5.8.dfsg.1-1 core binaries for the KDE base mod
ii  kdebase-data4:3.5.8.dfsg.1-1 shared data files for the KDE base
ii  kdelibs4c2a 4:3.5.8.dfsg.1-2 core libraries and binaries for al
ii  libc6   2.6.1-6  GNU C Library: Shared libraries
ii  libgcc1 1:4.2.2-3GCC support library
ii  libpam-runtime  0.99.7.1-5   Runtime support for the PAM librar
ii  libpam0g0.99.7.1-5   Pluggable Authentication Modules l
ii  libqt3-mt   3:3.3.7-9Qt GUI Library (Threaded runtime v
ii  libstdc++6  4.2.2-3  The GNU Standard C++ Library v3
ii  libx11-62:1.0.3-7X11 client-side library
ii  libxau6 1:1.0.3-2X11 authorisation library
ii  libxdmcp6   1:1.0.2-2X11 Display Manager Control Protoc
ii  libxtst62:1.0.3-1X11 Testing -- Resource extension 
ii  xbase-clients   1:7.3+2  miscellaneous X clients - metapack

Versions of packages kdm recommends:
ii  logrotate 3.7.1-3Log rotation utility
ii  xserver-xorg  1:7.3+2the X.Org X server

-- debconf information:
  kdm/stop_running_server_with_children: false
* shared/default-x-display-manager: kdm
  kdm/daemon_name: /usr/bin/kdm




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447366: zsnes: FTBFS: init.asm:895: error: expression syntax error

2007-10-23 Thread Javier Serrano Polo 
tags 447366 patch
thanks

"CRC32" has become a keyword in nasm.


crc32.diff.gz
Description: GNU Zip compressed data

Bug#447813: qwertz changed to qwerty; dpkg-reconfigure xserver-xorg has no effect

2007-10-23 Thread Carsten Kosthorst 
Package: xserver-xorg
Version: 1:7.3+2
Severity: grave
Justification: renders package unusable


Hi,

after todays update and a restart, Xorg lost the keymap. It was de,
latin1, nodeadkeys.

Trying to reinstall the old settings via dpkg-reconfigure xserver-xorg
does not work. There are no erroer messages, but the keymap is still the
wrong one.

On the console, the keymap is fine.

Please let me know if you need more information.

   Carsten

-- Package-specific info:
Contents of /var/lib/x11/X.roster:
xserver-xorg

/etc/X11/X target does not match checksum in /var/lib/x11/X.md5sum.

X server symlink status:
lrwxrwxrwx 1 root root 13 2006-04-15 18:16 /etc/X11/X -> /usr/bin/Xorg
-rwxr-xr-x 1 root root 1669976 2007-09-29 16:33 /usr/bin/Xorg

Contents of /var/lib/x11/xorg.conf.roster:
xserver-xorg

VGA-compatible devices on PCI bus:
01:00.0 VGA compatible controller: nVidia Corporation NV34 [GeForce FX 5200] 
(rev a1)

/etc/X11/xorg.conf unchanged from checksum in /var/lib/x11/xorg.conf.md5sum.

Xorg X server configuration file status:
-rw-r--r-- 1 root root 1640 2007-10-23 23:34 /etc/X11/xorg.conf

Contents of /etc/X11/xorg.conf:
# xorg.conf (xorg X Window System server configuration file)
#
# This file was generated by dexconf, the Debian X Configuration tool, using
# values from the debconf database.
#
# Edit this file with caution, and see the xorg.conf manual page.
# (Type "man xorg.conf" at the shell prompt.)
#
# This file is automatically updated on xserver-xorg package upgrades *only*
# if it has not been modified since the last upgrade of the xserver-xorg
# package.
#
# If you have edited this file but would like it to be automatically updated
# again, run the following command:
#   sudo dpkg-reconfigure -phigh xserver-xorg

Section "Files"
EndSection

Section "InputDevice"
Identifier  "Generic Keyboard"
Driver  "kbd"
Option  "CoreKeyboard"
Option  "XkbRules"  "xorg"
Option  "XkbModel"  "pc105"
Option  "XkbLayout" "de"
Option  "XkbVariant""nodeadkeys"
EndSection

Section "InputDevice"
Identifier  "Configured Mouse"
Driver  "mouse"
Option  "CorePointer"
Option  "Device""/dev/input/mice"
Option  "Protocol"  "ImPS/2"
EndSection

Section "Device"
Identifier  "nVidia Corporation NV34 [GeForce FX 5200]"
Driver  "nv"
BusID   "PCI:1:0:0"
EndSection

Section "Monitor"
Identifier  "Standardbildschirm"
Option  "DPMS"
HorizSync   30-95
VertRefresh 50-150
EndSection

Section "Screen"
Identifier  "Default Screen"
Device  "nVidia Corporation NV34 [GeForce FX 5200]"
Monitor "Standardbildschirm"
DefaultDepth24
SubSection "Display"
Modes   "1280x1024"
EndSubSection
EndSection

Section "ServerLayout"
Identifier  "Default Layout"
Screen  "Default Screen"
InputDevice "Generic Keyboard"
InputDevice "Configured Mouse"
EndSection


Xorg X server log files on system:
-rw-r--r-- 1 root root 9837 2007-10-23 23:35 /var/log/Xorg.0.log

Contents of most recent Xorg X server log file
/var/log/Xorg.0.log:


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.18 (PREEMPT)
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages xserver-xorg depends on:
ii  debconf [debconf-2 1.5.15Debian configuration management sy
ii  x11-common 1:7.3+2   X Window System (X.Org) infrastruc
ii  xbase-clients  1:7.3+2   miscellaneous X clients - metapack
ii  xkb-data   1.0~cvs.20070916-1X Keyboard Extension (XKB) configu
ii  xserver-xorg-core  2:1.4-3   Xorg X server - core server
ii  xserver-xorg-input 1:1.2.0~git20070819-3 X.Org X server -- evdev input driv
ii  xserver-xorg-input 1:1.2.2-3 X.Org X server -- keyboard input d
ii  xserver-xorg-input 1:1.2.2-6 X.Org X server -- mouse input driv
ii  xserver-xorg-video 1:0.2.0-7 X.Org X server -- dummy display dr
ii  xserver-xorg-video 1:0.3.1-4 X.Org X server -- fbdev display dr
ii  xserver-xorg-video 1:2.1.5-1 X.Org X server -- NV display drive
ii  xserver-xorg-video 1:1.3.0-4 X.Org X server -- VESA display dri
ii  xserver-xorg-video 1:4.1.0-8 X.Org X server -- VGA display driv

Versions of packages xserver-xorg recommends:
ii  discover1 1.7.21 hardware identification system
pn  dmidecode  (no description available)
pn  laptop-detect  (no description avail

Bug#447811: marked as done (kdm does not use kde or X keyboard layout)

2007-10-23 Thread Debian Bug Tracking System 
Your message dated Tue, 23 Oct 2007 23:37:00 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Bug#447811: kdm does not use kde or X keyboard layout
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: kdm
Version: 4:3.5.8.dfsg.1-1
Severity: grave
Justification: renders package unusable

Happened on my PC at work after today update. Happened again on my laptop at
home tonight.

I did not chnage the kde configuration nor the Xorg.conf file and in both case 
keyboard is french.

After typyng passwd as I should on a us keyboard, keyboard is later correctly 
set in konsole.

BTW le up and down arrow do not work. The up arrow launch ksnapshot!

-- System Information:
Debian Release: lenny/sid
  APT prefers testing-proposed-updates
  APT policy: (500, 'testing-proposed-updates'), (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.23 (PREEMPT)
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages kdm depends on:
ii  debconf [debconf-2.0]   1.5.15   Debian configuration management sy
ii  kdebase-bin 4:3.5.8.dfsg.1-1 core binaries for the KDE base mod
ii  kdebase-data4:3.5.8.dfsg.1-1 shared data files for the KDE base
ii  kdelibs4c2a 4:3.5.8.dfsg.1-2 core libraries and binaries for al
ii  libc6   2.6.1-6  GNU C Library: Shared libraries
ii  libgcc1 1:4.2.2-3GCC support library
ii  libpam-runtime  0.99.7.1-5   Runtime support for the PAM librar
ii  libpam0g0.99.7.1-5   Pluggable Authentication Modules l
ii  libqt3-mt   3:3.3.7-9Qt GUI Library (Threaded runtime v
ii  libstdc++6  4.2.2-3  The GNU Standard C++ Library v3
ii  libx11-62:1.0.3-7X11 client-side library
ii  libxau6 1:1.0.3-2X11 authorisation library
ii  libxdmcp6   1:1.0.2-2X11 Display Manager Control Protoc
ii  libxtst62:1.0.3-1X11 Testing -- Resource extension 
ii  xbase-clients   1:7.3+2  miscellaneous X clients - metapack

Versions of packages kdm recommends:
ii  logrotate 3.7.1-3Log rotation utility
ii  xserver-xorg  1:7.3+2the X.Org X server

-- debconf information:
  kdm/stop_running_server_with_children: false
* shared/default-x-display-manager: kdm
  kdm/daemon_name: /usr/bin/kdm



--- End Message ---
--- Begin Message ---
Hi!

Please see:
#447731 and
#442316

As your bug doesn't add any information not already present in those reports, 
I mark it as done instead of reassigning. If you got more details, please add 
it to the mentioned reports.

/Sune

On Tuesday 23 October 2007, Eric Valette wrote:
> Package: kdm
> Version: 4:3.5.8.dfsg.1-1
> Severity: grave
> Justification: renders package unusable
>
> Happened on my PC at work after today update. Happened again on my laptop
> at home tonight.
>
> I did not chnage the kde configuration nor the Xorg.conf file and in both
> case keyboard is french.
>
> After typyng passwd as I should on a us keyboard, keyboard is later
> correctly set in konsole.
>
> BTW le up and down arrow do not work. The up arrow launch ksnapshot!
>
> -- System Information:
> Debian Release: lenny/sid
>   APT prefers testing-proposed-updates
>   APT policy: (500, 'testing-proposed-updates'), (500, 'unstable')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.23 (PREEMPT)
> Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
> Shell: /bin/sh linked to /bin/bash
>
> Versions of packages kdm depends on:
> ii  debconf [debconf-2.0]   1.5.15   Debian configuration
> management sy ii  kdebase-bin 4:3.5.8.dfsg.1-1 core binaries
> for the KDE base mod ii  kdebase-data4:3.5.8.dfsg.1-1 shared
> data files for the KDE base ii  kdelibs4c2a 4:3.5.8.dfsg.1-2
> core libraries and binaries for al ii  libc6   2.6.1-6 
> GNU C Library: Shared libraries ii  libgcc1 1:4.2.2-3  
>  GCC support library
> ii  libpam-runtime  0.99.7.1-5   Runtime support for the PAM
> librar ii  libpam0g0.99.7.1-5   Pluggable
> Authentication Modules l ii  libqt3-mt   3:3.3.7-9Qt
> GUI Library (Threaded runtime v ii  libstdc++6  4.2.2-3
>  The GNU Standard C++ Library v3 ii  libx11-62:1.0.3-7 
>   X1

Processed: Re: zsnes: FTBFS: init.asm:895: error: expression syntax error

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> tags 447366 patch
Bug#447366: zsnes: FTBFS: init.asm:895: error: expression syntax error
There were no tags set.
Tags added: patch

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447813: Acknowledgement (qwertz changed to qwerty; dpkg-reconfigure xserver-xorg has no effect)

2007-10-23 Thread Carsten Kosthorst 

Hi again,

after purging xserver-xorg-input-evdev the problem went away, I got my 
old keyboard layout back.


As far as I'm concerned, the bug report can be closed.

Carsten



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#441407: CVE-2007-4650: security bugs in the WebDAV and Reupload modules

2007-10-23 Thread Thijs Kinkhorst 
On Thursday 18 October 2007 16:45, Michael Schultheiss wrote:
> Michael Schultheiss wrote:
> > Thijs Kinkhorst wrote:
> > > The attached patch seems to contain quite some auxillary changes. Do
> > > you think you can prepare an upload for stable addressing only the
> > > issue at hand?
> >
> > I can ask upstream for a more narrow patch but this is what they told
> > me to change initially.
>
> Stable update with a narrower patch attached.

Hi Michael,

Thanks. The patch still has some reformatting changes, I can live with that 
but would prefer it if future updates do not include such unnecessary 
changes. That said, I'll prepare an upload for gallery2 soon.


Thijs


pgp3K8Mbqxzh5.pgp
Description: PGP signature

Bug#447815: vmware-package: Recommands remove libssl0.9.7

2007-10-23 Thread Alban Browaeys 
Package: vmware-package
Version: 0.14
Severity: grave
Justification: renders package unusable

Maybe the severity is too high. Sorry if so. libssl0.9.7 is just a 
recommands but is not provided by sid repository anymore. Please upgrade 
to libssl0.9.8 .

Best regards
Alban


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages vmware-package depends on:
ii  bzip2 1.0.3-7high-quality block-sorting file co
ii  debhelper 5.0.59 helper programs for debian/rules
ii  dpkg-dev  1.14.7 package building tools for Debian
ii  fakeroot  1.8.2  Gives a fake root environment
ii  file  4.21-3 Determines file type using "magic"
ii  make  3.81-3 The GNU version of the "make" util
ii  module-assistant  0.10.11tool to make module package creati
ii  python2.4.4-6An interactive high-level object-o

Versions of packages vmware-package recommends:
pn  ia32-libs  (no description available)

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447819: shlibs file incorrect: does not force dependency on libportaudiocpp0

2007-10-23 Thread Hamish Moffatt 
Package: libportaudiocpp0
Version: 19+svn20070125-1
Severity: serious

The shlibs file for libportaudiocpp0 only results in a dependency on
libportaudio2, not libportaudiocpp0:

libportaudiocpp 0 libportaudio2 (>= 19+cvs20060311-1)

This results in programs that use it with automatic depends via
${shlib:Depends} having incorrect dependencies, eg bug#447548 in fldigi.

Thanks
Hamish

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.22-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libportaudiocpp0 depends on:
ii  libc6   2.6.1-5  GNU C Library: Shared libraries
ii  libgcc1 1:4.2.2-3GCC support library
ii  libportaudio2   19+svn20070125-1 Portable audio I/O - shared librar
ii  libstdc++6  4.2.2-3  The GNU Standard C++ Library v3

libportaudiocpp0 recommends no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#444982: marked as done (CVE-2007-5193 information disclosure in default configuration)

2007-10-23 Thread Sven Dowideit 
neat summary Joey :)

The reason that I made it world writeable, is that twiki cgi's can be
run from the command line by anyone, and in doing so, create a session
file.

This is used by cronjobs, and so that users can script additions to
topics etc. 

Basically, like much of the rest of TWiki, its security is a crock :(

Do you have any suggestions (other than re-writing TWiki?) or should I
just disable that funcionality and run away?

Sven


On Tue, 2007-10-23 at 16:45 -0400, Joey Hess wrote:
> Sven Dowideit wrote:
> > the working/tmp dir is used for rcs tmp files, and twiki session files,
> > both of which use randomised unique filenames.
> 
> rcs opens its temp files with O_EXCL, so I don't think it will be vulnerable
> to symlink attacks.
> 
> In twiki 4.1.2, I quickly found some temp file problems.
> 
> ./lib/TWiki/Client.pm:open( IPMAP, '>', 
> $TWiki::cfg{TempfileDir}.'/ip2sid') ||
> 
> Trivial to exploit if you can write to $TWiki::cfg{TempfileDir}.
> 
> ./lib/TWiki.pm:my $passthruFilename = $TWiki::cfg{TempfileDir} . 
> '/passthru_' . $uid;
> ./lib/TWiki.pm:open(F, ">$passthruFilename") || die "{TempfileDir} cache 
> not writable $!";
> 
> This $uid md5sum would be hard to guess. I still don't consider this
> code fully secure from temp file attacks since it does not use O_EXCL.
> 
> 
> I have not done a complete audit. Writing temp files to a 777 directory
> scares me. What if another user deletes the temp file (since the directory
> is not +t, anyone can)? What if a user deletes a temp file and replaces
> the data in it with other data, which is then read back in? (For example,
> the passthru_ file above is later read back in by another instance of twiki.)
> Could a buffer overflow, malicious data, or incorrect data be substituted in
> this way and used to attack twiki or rcs? Rather than trying to answer these
> questions, I'd recommend tightening the temp directory permissions.
> 
-- 
Professional Wiki Innovation and Support
Sven Dowideit - http://DistributedINFORMATION.com
A WikiRing Partner http://wikiring.com




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: severity of 447815 is minor

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.9.26
> severity 447815 minor
Bug#447815: vmware-package: Recommands remove libssl0.9.7
Severity set to `minor' from `grave'

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#446729: [Pkg-uml-pkgs] Bug#446729: rootstrap: MAKEDEV: No such file or directory

2007-10-23 Thread Mattia Dongili 
On Mon, Oct 22, 2007 at 04:03:11PM +0200, Marcus Better wrote:
> package rootstrap
> tag 446729 patch
> thanks
> 
> This patch appears to fix it.
> 
> --- modules/uml~2006-09-26 10:57:22.0 +0200
> +++ modules/uml 2007-10-22 10:18:43.0 +0200
> @@ -5,7 +5,7 @@
>  for i in 1 2 3 4 5 6 7 8; do
> NEW_TTY="$NEW_TTY tty$i"
>  done
> -chroot $TARGET /bin/sh -c "cd /dev && ./MAKEDEV ubd std pty $NEW_TTY"
> +chroot $TARGET /bin/sh -c "cd /dev && /sbin/MAKEDEV ubd std pty $NEW_TTY"
>  chroot $TARGET umount /proc

thanks, I hope I'll heve some time to update the package soon

-- 
mattia
:wq!



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447821: xmms-singit: Depends on removed libssl0.9.7

2007-10-23 Thread Alban Browaeys 
Package: xmms-singit
Severity: grave
Justification: renders package unusable

The package depends on non available libssl0.9.7. Could it be upgraded 
to use libssl0.9.8 ?

Best regards
Alban

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: tagging bugs that are closed by packages in NEW as pending

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> # the following bugs are closed by packages in NEW
> #
> tags 439389 pending
Bug#439389: Depends->Recommends dependency change breaking other packages
Tags were: help
Tags added: pending

> tags 439853 pending
Bug#439853: ITP: libpoe-component-sslify-perl -- abstracts SSL connections for 
other POE components
There were no tags set.
Tags added: pending

> tags 442764 pending
Bug#442764: FTBFS: Coverage for Business::ISBN is 92.9%, with 2 naked 
subroutines
Tags were: fixed-upstream
Tags added: pending

> tags 446924 pending
Bug#446924: ITP: ocaml-ogg -- OCaml bindings for the Ogg bitstream library
There were no tags set.
Tags added: pending

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#444982: marked as done (CVE-2007-5193 information disclosure in default configuration)

2007-10-23 Thread Joey Hess 
Sven Dowideit wrote:
> neat summary Joey :)
> 
> The reason that I made it world writeable, is that twiki cgi's can be
> run from the command line by anyone, and in doing so, create a session
> file.
> 
> This is used by cronjobs, and so that users can script additions to
> topics etc. 

Makeing the temporary directory mode 1777 would not prevent that, but
would prevent users from deleting and replacing twiki temp files.

That and making the opens use O_EXCL, would cover the security issues I
mentioned.

-- 
see shy jo


signature.asc
Description: Digital signature

Bug#442316: Xorg hotplugging problems [WAS: Re: Bug#442316: xserver-xorg-input-evdev: evdev from experimental messes up my keyboard layout]

2007-10-23 Thread David Nusinow 
On Tue, Oct 23, 2007 at 10:02:35PM +0300, Daniel Stone wrote:
> On Tue, Oct 23, 2007 at 08:02:31PM +0200, ext Michael Biebl wrote:
> > Whenever xorg input hotplugging kicks in, the evdev driver is used. The
> > kbd keyboard settings from xorg.conf are ignored and the en_US keyboard
> > layout is used.
> 
> Yes, this should probably be fixed up, I guess.  But the long-term fix
> is to provide an FDI file in /etc that specifies the keyboard layout.

My feeling is the other way around, provided that the X server is the only
user of this field. People already know how to edit xorg.conf, and they
expect it. Telling them to edit a relatively obscure file among many other
fdi's is more painful. There's also userspace tools that exist to help with
generating a xorg.conf, but nothing friendly to deal with fdi's.

> > If I understood Daniel correctly, he proposes to set the keyboard layout
> > (probably based on the values from xorg.conf) via a generated fdi file.
> > I'd like to avoid that, because that would complicate things.
> 
> How would it complicate anything?  xorg.conf is a file, so is an FDI.
> We're already using FDIs through HAL, anyway ...

Generating xorg.conf sucks though and we're trying to get away from that as
much as is sensible. Of course, this was the one section I'd planned to
keep generating anyway.

> > Preferably, the X server should use the keyboard layout specified in
> > xorg.conf (for the old kbd driver) even when used in xorg hotplugging mode.
> 
> Yes, probably.

My sense is that if we're going to do this, then there's no need to
generate the fdi. Just generate the xorg.conf. We can patch the server to
use libhal_device_set_property_string to dynamically set the keyboard
layout at runtime in hal's database, and the server can just draw that
information from xorg.conf initially.

 - David Nusinow



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Processed: ktorrent: CVE-2007-1799 now really fixed in etch/updates

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> notfixed 432007 ktorrent/2.0.3+dfsg1-2etch1
Bug#432007: CVE-2007-1799: vulnerability in torrent.cpp
Bug#425948: ktorrent: Security fix for directory traversal incomplete
Bug no longer marked as fixed in version ktorrent/2.0.3+dfsg1-2etch1.

> fixed 432007 ktorrent/2.0.3+dfsg1-2.2etch1
Bug#432007: CVE-2007-1799: vulnerability in torrent.cpp
Bug#425948: ktorrent: Security fix for directory traversal incomplete
Bug marked as fixed in version ktorrent/2.0.3+dfsg1-2.2etch1.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#432007: ktorrent: CVE-2007-1799 now really fixed in etch/updates

2007-10-23 Thread Fabian Pietsch 
notfixed 432007 ktorrent/2.0.3+dfsg1-2etch1
fixed 432007 ktorrent/2.0.3+dfsg1-2.2etch1
thanks

With DSA 1373-2 [1] and ktorrent-2.0.3+dfsg1-2.2etch1 being released,
this seems to be resolved, at last. :)

Regards, Fabian  (Note: IANADD, just torturing the BTS...)

[1] 
http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00168.html
Note that in the subject, it's called DSA 1372-2, but 1372 seems
to be xorg-server according to [2], and 1373 should be correct[3].

[2] http://www.debian.org/security/2007/dsa-1372  (xorg-server)
[3] http://www.debian.org/security/2007/dsa-1373  (ktorrent)
..but this has 1373-1 only. ;)

-- 
Fabian "zzz" Pietsch - http://zzz.arara.de/



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447833: kde-i18n-es: Version 4%3a3.5.8-1 breaks the es keyboard layout

2007-10-23 Thread Lisandro Damián Nicanor Pérez Meyer 
Subject: kde-i18n-es: Version 4%3a3.5.8-1 breaks the es keyboard layout
Package: kde-i18n-es
Version: 4:3.5.8-1
Severity: grave
Justification: renders package unusable

*** Please type your report below this line ***

I just installed kde-i18n-es_4%3a3.5.8-1_all.deb from unstable.
It breaks the es keyboard layout, making the numeric keyboard not to work,
the arrows unusable (except the up arrow, which acts as the print screen 
key...)



-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-2-k7 (SMP w/1 CPU core)
Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages kde-i18n-es depends on:
ii  kdelibs4c2a 4:3.5.8.dfsg.1-2 core libraries and binaries for 
al

kde-i18n-es recommends no packages.

-- no debconf information

-- 
...man had always assumed that he was more intelligent than dolphins
because he had achieved so much -- the wheel, New York, wars and so
on -- whilst all the dolphins had ever done was muck about in the
water having a good time. But conversely, the dolphins had always
believed that they were far more intelligent than man -- for
precisely the same reasons.
  Douglas Adams, "The hitchhikers' guide to the galaxy"

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
#bblug irc.freenode.net

Bug#447794: wammu: error at start

2007-10-23 Thread Michal Čihař 
reassign 447794 python-wxgtk2.6 2.6.3.2.2-1
thanks

Hi

On Tue, 23 Oct 2007 21:28:24 +0200
Ruben Pollan <[EMAIL PROTECTED]> wrote:

> It breaks at start:
> 
> [EMAIL PROTECTED]:~$ wammu
> Traceback (most recent call last):
>   File "/usr/bin/wammu", line 31, in ?
> import Wammu.Locales
>   File "/usr/lib/python2.4/site-packages/Wammu/Locales.py", line 31, in ?
> import wx
> ImportError: No module named wx
> 
> Seems to be a python library that is not in dependencies or is wrong linked.

It looks like python-wxgtk2.6 package is somehow broken. What does show
output of 'update-alternatives --display wx.pth'?

Reassigning to python-wxgtk2.6 as the problem is either in it or in
your configuration.

-- 
Michal Čihař | http://cihar.com | http://blog.cihar.com


signature.asc
Description: PGP signature

Processed: Re: Bug#447794: wammu: error at start

2007-10-23 Thread Debian Bug Tracking System 
Processing commands for [EMAIL PROTECTED]:

> reassign 447794 python-wxgtk2.6 2.6.3.2.2-1
Bug#447794: wammu: error at start
Bug reassigned from package `wammu' to `python-wxgtk2.6'.

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447833: Acknowledgement (kde-i18n-es: Version 4%3a3.5.8-1 breaks the es keyboard layout)

2007-10-23 Thread Lisandro Damián Nicanor Pérez Meyer 
More info: I just installed kde-i18n-es=4:3.5.7-1 (previous version) and it 
doesn't solve the problem.

I have to switch off keyboards layouts and then fallback to english keyboard 
to have a coherent behaviour, but not the correct, of course.

If I can be of any further help, don't hesitate to contact me.

Regards, Lisandro.


-- 
LINUX KERNEL LIBERADO
DOS SECUESTRADORES MICROSOFTIANOS CAPTURADOS
OTRO SIGUE PROFUGO
*musiquita de cronica TV*

Ok, ok, ya me voy a hacer algo util, no me peguen :D

  Matias "Angasule" D'Ambrosio,
  sobre la liberación del kernel 2.6.23
  http://linux.org.ar/pipermail/bblug/2007-October/005405.html

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
#bblug irc.freenode.net


signature.asc
Description: This is a digitally signed message part.

Bug#447241: bouncycastle - FTBFS: gcj-4.2: Internal error: Killed (program jc1)

2007-10-23 Thread Michael Koch 
On Fri, Oct 19, 2007 at 12:19:19PM +0200, Bastian Blank wrote:
> Package: bouncycastle
> Version: 1.37-2
> Severity: serious
> 
> There was an error while trying to autobuild your package:
> 
> > Automatic build of bouncycastle_1.37-2 on debian-31.osdl.marist.edu by 
> > sbuild/s390 98
> [...]
> > install -m 644 build/artifacts/jdk1.4/jars/bcprov-jdk14-*.jar 
> > debian/libbcprov-java/usr/share/java/bcprov.jar
> > ln -sf ../bcprov.jar 
> > debian/libbcprov-java/usr/share/java/gcj-endorsed/bcprov.jar
> > touch 
> > debian/libbcprov-java/etc/java/security/security.d/2000-org.bouncycastle.jce.provider.BouncyCastleProvider
> > rm -rf debian/libbcprov-java-gcj/usr/share/doc/libbcprov-java-gcj
> > ln -s libbcprov-java \
> > debian/libbcprov-java-gcj/usr/share/doc/libbcprov-java-gcj
> > dh_nativejava -plibbcprov-java-gcj
> > make[1]: Entering directory 
> > `/build/buildd/bouncycastle-1.37/debian/libbcprov-java-gcj/usr/lib/gcj'
> > /usr/bin/gcj-4.2 -c -g -O2 -fPIC -findirect-dispatch -fjni bcprov.jar.1.jar 
> > -o bcprov.jar.1.o
> > gcj-4.2: Internal error: Killed (program jc1)
> > Please submit a full bug report.
> > See http://gcc.gnu.org/bugs.html> for instructions.
> > For Debian GNU/Linux specific bug reporting instructions, see
> > .
> > 
> > make[1]: *** [bcprov.jar.1.o] Error 1
> > make[1]: Leaving directory 
> > `/build/buildd/bouncycastle-1.37/debian/libbcprov-java-gcj/usr/lib/gcj'
> > aot-compile: error: /usr/bin/make exited with code 2
> > dh_nativejava: command returned error code 256
> > make: *** [binary-post-install/libbcprov-java-gcj] Error 1
> > **
> > Build finished at 20071018-0636
> > FAILED [dpkg-buildpackage died]

Please retry with current java-gcj-compat installed. This should use
much less memory.


Cheers,
Michael



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#447469: javahelp2: FTBFS: class org.apache.tools.ant.taskdefs.optional.depend.Depend was not found

2007-10-23 Thread Michael Koch 
Hello,


On Sun, Oct 21, 2007 at 12:21:56PM +0200, Lucas Nussbaum wrote:
> /build/user/javahelp2-2.0.05/build-tree/javahelp2-2.0.05/javahelp_nbproject/build.xml:119:
>  The following error occurred while executing this line:
> /build/user/javahelp2-2.0.05/build-tree/javahelp2-2.0.05/JSearchIndexer_nbproject/nbproject/build-impl.xml:241:
>  The following error occurred while executing this line:
> /build/user/javahelp2-2.0.05/build-tree/javahelp2-2.0.05/JSearchClient_nbproject/nbproject/build-impl.xml:241:
>  The following error occurred while executing this line:
> /build/user/javahelp2-2.0.05/build-tree/javahelp2-2.0.05/javahelp_nbproject/nbproject/build-impl.xml:251:
>  The following error occurred while executing this line:
> /build/user/javahelp2-2.0.05/build-tree/javahelp2-2.0.05/javahelp_nbproject/nbproject/build-impl.xml:129:
>  Problem: failed to create task or type depend
> Cause: the class org.apache.tools.ant.taskdefs.optional.depend.Depend was not 
> found.
> This looks like one of Ant's optional components.
> Action: Check that the appropriate optional JAR exists in
> -/usr/share/ant/lib
> -/nonexistent/.ant/lib
> -a directory added on the command line with the -lib argument
> 
> Do not panic, this is a common problem.
> The commonest cause is a missing JAR.
> 
> This is not a bug; it is a configuration problem

Problem is that the package Build-Depends on ant and not on
ant-optional. The solution is to just change this (ant-optional itself
depends on ant, so only ant-optional is needed)


Cheers,
Michael



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

  1   2   >