Bug#700407: O: gambit -- Game theory analysis software and tools
Package: wnpp
Severity: normal
The current maintainer of gambit, Ruben Molina ,
has orphaned this package.
Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.
If you want to be the new maintainer, please see
http://www.debian.org/devel/wnpp/index.html#howto-o for detailed
instructions how to adopt a package properly.
Some information about this package:
Package: gambit
Binary: gambit
Version: 0.2006.01.20-3
Priority: optional
Section: math
Maintainer: Debian QA Group
Build-Depends: debhelper (>= 5), autotools-dev, libwxgtk2.6-dev
Architecture: any
Standards-Version: 3.7.2
Format: 1.0
Directory: pool/main/g/gambit
Files:
0c6ffd512f896545b1113b9e7bb33635 1665 gambit_0.2006.01.20-3.dsc
66190cd3f91804778a712779a1f48d57 1392046 gambit_0.2006.01.20.orig.tar.gz
d9cbfd262728592b4a92750072971646 7483 gambit_0.2006.01.20-3.diff.gz
Checksums-Sha1:
b6f50f633c79ab6816a09c3a858416ca7a485cb5 1665 gambit_0.2006.01.20-3.dsc
3e4762df1c25407149046b756b4aab4bfa4cd08e 1392046
gambit_0.2006.01.20.orig.tar.gz
d5234187f236a713e1cc3c28e6b91a3af40ed565 7483 gambit_0.2006.01.20-3.diff.gz
Checksums-Sha256:
59b10c505b75f286d2389845e10d2bfccec4f233b3052a918aa64412ae525d61 1665
gambit_0.2006.01.20-3.dsc
3be1b0bcae0b235cd49d90c7252ae8c8357ef942a662c5420e9756254aeea845 1392046
gambit_0.2006.01.20.orig.tar.gz
956e6c2369bb2dbaed6508e11a4835ac63c8efcaa4d7379d01b31141312be3f3 7483
gambit_0.2006.01.20-3.diff.gz
Package: gambit
Priority: optional
Section: math
Installed-Size: 16596
Maintainer: Debian QA Group
Architecture: amd64
Version: 0.2006.01.20-3
Depends: libc6 (>= 2.2.5), libgcc1 (>= 1:4.1.1), libstdc++6 (>= 4.4.0),
libwxbase2.6-0 (>= 2.6.3.2.2), libwxgtk2.6-0 (>= 2.6.3.2.2)
Filename: pool/main/g/gambit/gambit_0.2006.01.20-3_amd64.deb
Size: 5450808
MD5sum: 0b27eb3b1d6dce79a6df98f98300c7d8
SHA1: de4799217139dc767fcc10aa149de5b47144f92d
SHA256: ef1d4f7928b49f423eed092a3fcee618b33f566b6e95e3181cdd12e4f1560495
Description: Game theory analysis software and tools
Gambit is a collection of game theory software for the construction
and analysis of finite extensive and normal form games. It has a
graphical user interface and includes a scripting language with
built-in primitives for constructing and analyzing games.
Tag: field::mathematics, interface::x11, role::program, scope::utility,
suite::gnome, uitoolkit::{gtk,wxwidgets,wxwindows}, use::gameplaying,
x11::application
--
Ricardo Mones, on behalf of Debian QA/MIA team
http://people.debian.org/~mones
«Never send a human to do a machine's job.» ~ Agent Smith
--
To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130212125954.ga25...@quantz.debian.org
Bug#700421: wdm shouldn't use /dev/mem
Package: wdm
Version: 1.28-13
Severity: normal
Tags: upstream patch
Hi,
this is my first bug report against a debian package so I very well
might've missed something in the process - please excuse if so in
advance.
Here's the deal: wdm still uses /dev/mem in genauth.c to generate a
tmp key and it shouldn't. The kernel currently allows userspace to
read around 640K of /dev/mem for compatibility reasons with X, the
abovementioned one being one of them.
However, the modern way of getting random data is /dev/urandom and I've
attached a patch below which converts wdm to do that.
Patch is ontop of the master branch of
git://git.debian.org/collab-maint/wdm.git and fixes the issue.
Thanks.
This is a multi-part MIME message sent by reportbug.
--===1255078598==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Package: wdm
Version: 1.28-13
Severity: normal
Tags: upstream patch
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 3.5.0+ (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages wdm depends on:
ii debconf [debconf-2.0] 1.5.40
ii libc6 2.13-16
ii libpam-modules 1.1.3-2
ii libpam-runtime 1.1.3-2
ii libpam0g 1.1.3-7.1
ii libselinux12.1.9-5
ii libwings2 0.95.3-2
ii libwraster30.95.3-2
ii libwutil2 0.95.3-2
ii libx11-6 2:1.5.0-1
ii libxau61:1.0.7-1
ii libxdmcp6 1:1.1.1-1
ii libxinerama1 2:1.1.2-1
ii libxmu62:1.1.1-1
ii psmisc 22.13-1
ii x11-apps 7.6+5
ii x11-common 1:7.6+7
ii x11-utils 7.6+3
ii x11-xserver-utils 7.6+3
wdm recommends no packages.
Versions of packages wdm suggests:
ii xfonts-base 1:1.0.3
-- Configuration Files:
/etc/X11/wdm/wdm-config [Errno 13] Permission denied: u'/etc/X11/wdm/wdm-config'
-- debconf information:
* shared/default-x-display-manager: wdm
wdm/daemon_name: /usr/bin/wdm
--===1255078598==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="08_do_not_use_dev_mem.patch"
Author: Borislav Petkov
Description: Do not use /dev/mem as a randomFile
diff --git a/debian/man/wdm.1x b/debian/man/wdm.1x
index 5f468d5fcc36..968acf293f2f 100644
--- a/debian/man/wdm.1x
+++ b/debian/man/wdm.1x
@@ -202,7 +202,7 @@ to pass on to the \fIXsetup\fP,
.IP \fBDisplayManager.randomFile\fP
A file to checksum to generate the seed of authorization keys.
This should be a file that changes frequently.
-The default is \fI/dev/mem\fP.
+The default is \fI/dev/urandom\fP.
.IP \fBDisplayManager.greeterLib\fP
On systems that support a dynamically-loadable greeter library, the
name of the library. The default is
diff --git a/doc/wdm.man.in b/doc/wdm.man.in
index da44f2860d6b..4c22f1db58e6 100644
--- a/doc/wdm.man.in
+++ b/doc/wdm.man.in
@@ -202,7 +202,7 @@ to pass on to the \fIXsetup\fP,
.IP \fBDisplayManager.randomFile\fP
A file to checksum to generate the seed of authorization keys.
This should be a file that changes frequently.
-The default is \fI/dev/mem\fP.
+The default is \fI/dev/urandom\fP.
.IP \fBDisplayManager.greeterLib\fP
On systems that support a dynamically-loadable greeter library, the
name of the library. The default is
diff --git a/src/wdm/genauth.c b/src/wdm/genauth.c
index e478d936be9d..3156adf8427a 100644
--- a/src/wdm/genauth.c
+++ b/src/wdm/genauth.c
@@ -71,37 +71,26 @@ longtochars (long l, unsigned char *c)
#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
static int
-sumFile (char *name, long sum[2])
+sumFile (char *name, long sum[], unsigned n)
{
-longbuf[1024*2];
intcnt;
intfd;
-intloops;
-intreads;
-inti;
-int ret_status = 0;
+int ret_status = 1;
fd = open (name, O_RDONLY);
if (fd < 0) {
WDMError("Cannot open randomFile \"%s\", errno = %d\n", name, errno);
return 0;
}
-#ifdef FRAGILE_DEV_MEM
-if (strcmp(name, "/dev/mem") == 0) lseek (fd, (off_t) 0x10, SEEK_SET);
-#endif
-reads = FILE_LIMIT;
-sum[0] = 0;
-sum[1] = 0;
-while ((cnt = read (fd, (char *) buf, sizeof (buf))) > 0 && --reads > 0) {
- loops = cnt / (2 * sizeof (long));
- for (i = 0; i < loops; i+= 2) {
- sum[0] += buf[i];
- sum[1] += buf[i+1];
- ret_status = 1;
- }
-}
-if (cnt < 0)
+
+memset(sum, 0, n);
+
+cnt = read(fd, (char *) sum, sizeof(long) * n);
+if (cnt < 0) {
WDMError("Cannot read randomFile \"%s\", errno = %d\n"
Bug#700422: wdm shouldn't use /dev/mem
Package: wdm
Version: 1.28-13
Severity: normal
Tags: upstream patch
Hi,
this is my first reporting a bug against a debian package so I very well
might've missed something in the process.
Here's the deal: wdm still uses /dev/mem in genauth.c to generate a tmp
key and it shouldn't. The kernel currently allows userspace to read <
640K of /dev/mem for compatibility reasons with X. The modern way of
getting two random longs is /dev/urandom and I've a patch below which
converts wdm to do that.
Patch is ontop of the master branch of
git://git.debian.org/collab-maint/wdm.git and fixes the issue.
Thanks.
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 3.5.0+ (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages wdm depends on:
ii debconf [debconf-2.0] 1.5.40
ii libc6 2.13-16
ii libpam-modules 1.1.3-2
ii libpam-runtime 1.1.3-2
ii libpam0g 1.1.3-7.1
ii libselinux12.1.9-5
ii libwings2 0.95.3-2
ii libwraster30.95.3-2
ii libwutil2 0.95.3-2
ii libx11-6 2:1.5.0-1
ii libxau61:1.0.7-1
ii libxdmcp6 1:1.1.1-1
ii libxinerama1 2:1.1.2-1
ii libxmu62:1.1.1-1
ii psmisc 22.13-1
ii x11-apps 7.6+5
ii x11-common 1:7.6+7
ii x11-utils 7.6+3
ii x11-xserver-utils 7.6+3
wdm recommends no packages.
Versions of packages wdm suggests:
ii xfonts-base 1:1.0.3
-- Configuration Files:
/etc/X11/wdm/wdm-config [Errno 13] Permission denied: u'/etc/X11/wdm/wdm-config'
-- debconf information:
* shared/default-x-display-manager: wdm
wdm/daemon_name: /usr/bin/wdm
diff --git a/debian/man/wdm.1x b/debian/man/wdm.1x
index 5f468d5fcc36..968acf293f2f 100644
--- a/debian/man/wdm.1x
+++ b/debian/man/wdm.1x
@@ -202,7 +202,7 @@ to pass on to the \fIXsetup\fP,
.IP \fBDisplayManager.randomFile\fP
A file to checksum to generate the seed of authorization keys.
This should be a file that changes frequently.
-The default is \fI/dev/mem\fP.
+The default is \fI/dev/urandom\fP.
.IP \fBDisplayManager.greeterLib\fP
On systems that support a dynamically-loadable greeter library, the
name of the library. The default is
diff --git a/doc/wdm.man.in b/doc/wdm.man.in
index da44f2860d6b..4c22f1db58e6 100644
--- a/doc/wdm.man.in
+++ b/doc/wdm.man.in
@@ -202,7 +202,7 @@ to pass on to the \fIXsetup\fP,
.IP \fBDisplayManager.randomFile\fP
A file to checksum to generate the seed of authorization keys.
This should be a file that changes frequently.
-The default is \fI/dev/mem\fP.
+The default is \fI/dev/urandom\fP.
.IP \fBDisplayManager.greeterLib\fP
On systems that support a dynamically-loadable greeter library, the
name of the library. The default is
diff --git a/src/wdm/genauth.c b/src/wdm/genauth.c
index e478d936be9d..3156adf8427a 100644
--- a/src/wdm/genauth.c
+++ b/src/wdm/genauth.c
@@ -71,37 +71,26 @@ longtochars (long l, unsigned char *c)
#if !defined(ARC4_RANDOM) && !defined(DEV_RANDOM)
static int
-sumFile (char *name, long sum[2])
+sumFile (char *name, long sum[], unsigned n)
{
-longbuf[1024*2];
int cnt;
int fd;
-int loops;
-int reads;
-int i;
-int ret_status = 0;
+int ret_status = 1;
fd = open (name, O_RDONLY);
if (fd < 0) {
WDMError("Cannot open randomFile \"%s\", errno = %d\n", name, errno);
return 0;
}
-#ifdef FRAGILE_DEV_MEM
-if (strcmp(name, "/dev/mem") == 0) lseek (fd, (off_t) 0x10, SEEK_SET);
-#endif
-reads = FILE_LIMIT;
-sum[0] = 0;
-sum[1] = 0;
-while ((cnt = read (fd, (char *) buf, sizeof (buf))) > 0 && --reads > 0) {
- loops = cnt / (2 * sizeof (long));
- for (i = 0; i < loops; i+= 2) {
- sum[0] += buf[i];
- sum[1] += buf[i+1];
- ret_status = 1;
- }
-}
-if (cnt < 0)
+
+memset(sum, 0, n);
+
+cnt = read(fd, (char *) sum, sizeof(long) * n);
+if (cnt < 0) {
WDMError("Cannot read randomFile \"%s\", errno = %d\n", name, errno);
+ ret_status = 0;
+}
+
close (fd);
return ret_status;
}
@@ -139,7 +128,7 @@ InitXdmcpWrapper (void)
long sum[2];
unsigned char tmpkey[8];
-if (!sumFile (randomFile, sum)) {
+if (!sumFile (randomFile, sum, 2)) {
sum[0] = time ((Time_t *) 0);
sum[1] = time ((Time_t *) 0);
}
@@ -244,7 +233,7 @@ GenerateAuthData (char *auth, int len)
localkey[0] = 1;
}
#else
- if (!sumFile (randomFile, localkey)) {
+ if (!sumFile (randomFile, localkey, 2)) {
localkey[0] = 1; /* To keep from continually calling sumFile() */
}
#endif
diff --git a/src/wdm/resource.c b/src/wdm/resource.c
index 48922c7e8b24..247819693fa4 100644
--- a/src/wdm/
Processed: Re: Bug#700422: wdm shouldn't use /dev/mem
Processing control commands: > forcemerge -1 700421 Bug #700422 [wdm] wdm shouldn't use /dev/mem Bug #700421 [wdm] wdm shouldn't use /dev/mem Merged 700421 700422 -- 700421: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700421 700422: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700422 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b700422.13606931066701.transcr...@bugs.debian.org
Bug#700422: wdm shouldn't use /dev/mem
control: forcemerge -1 700421 On Tue, Feb 12, 2013 at 03:32:54PM +0100, Borislav Petkov wrote: > Package: wdm > Version: 1.28-13 > Severity: normal > Tags: upstream patch > > Hi, > > this is my first reporting a bug against a debian package so I very well > might've missed something in the process. > > Here's the deal: wdm still uses /dev/mem in genauth.c to generate a tmp > key and it shouldn't. The kernel currently allows userspace to read < > 640K of /dev/mem for compatibility reasons with X. The modern way of > getting two random longs is /dev/urandom and I've a patch below which > converts wdm to do that. > > Patch is ontop of the master branch of > git://git.debian.org/collab-maint/wdm.git and fixes the issue. Hi, Borislav, Thanks for your contribution. Nice to see a way to get rid of the "program wdm tried to access /dev/mem ..." messages. wdm is currently orphaned and no maintainer is explicitly caring of it, neither in Debian nor upstream. Since I made some of the final QA non-maintainer uploads I will care of including your patch at some time. Note that this will not happen soon since Debian wheezy is currently in "frozen" state in preparation for release. Regards, -- Agustin -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130212181752.ga19...@agmartin.aq.upm.es
Bug#700422: wdm shouldn't use /dev/mem
Hi Agustin, On Tue, Feb 12, 2013 at 07:17:53PM +0100, Agustin Martin wrote: > Thanks for your contribution. Nice to see a way to get rid of the > "program wdm tried to access /dev/mem ..." messages. Yeah, it was about time. :-) > wdm is currently orphaned and no maintainer is explicitly caring of > it, neither in Debian nor upstream. Since I made some of the final QA > non-maintainer uploads I will care of including your patch at some > time. Ok, thanks. I've tested it lightly here by building a debian package using debian/rules and applying the patch by hand (couldn't get it to apply the patch automatically with "debian/rules patch" because the patch target was missing there... yadda yadda) ... ... long story short, ping me if there's an official package available so that I can test it too, before it enters the distro repos. > Note that this will not happen soon since Debian wheezy is currently > in "frozen" state in preparation for release. Ok, that's fine. Thanks. -- Regards/Gruss, Boris. Sent from a fat crate under my desk. Formatting is fine. -- -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130212183919.gb15...@pd.tnic
