[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Hamm Bug Stamp-Out List for June 25, 1998

Welcome to the nem Hamm Bugs Stamp-Out List.

Since Richard Braakman is currently on vacation, I will be maintaining
this for two weeks.

Major changes:
- Debian 2.0 beta has been released, creating a frenzy of last-minute uploads.
  Unfortunately most bugreports haven't been updated to reflect this. 
- Fixed packages were uploaded for: sysvinit, sendmail, xfree86, dhcp, 
  kernel-image-2.0.34, cdwrite and libtool . Also uploads were made to fix
  security and non-i386 problems.
- Brian White did a nice cleanup of ftp.debian.org
- Bugs were filed for emacs add-on packages not depending on emacs

There are now 13 bugs marked fix, leaving 44 bugs to work on


Thu, 25 Jun 1998 14:42:07 GMT: 57 release-critical bugs in hamm.

Package: boot-floppies        
Maintainer: Enrique Zanardi <sr1-boot-floppies@debian.org>              
[FIX] 2.0.8 has been installed, which fixes these bugs.
  23842  install.html missing from boot-floppies

Package: bootdisk             (pseudo)
Maintainer: Maintainer Group <sr1-boot-floppies@debian.org>             
  23171  PCMCIA modules don't match kernel version on boot disks
[STRATEGY] Luis Francisco Gonzalez: "This bug is not in the
           boot-floppies. The idea was to make sure we knew that there
           is need to wait for the new pcmcia-packages but the bug is
           in those packages as we only use the standard

Package: cvs-pcl              
Maintainer: Tom Lees <tom@lpsg.demon.co.uk>                             
  23812  Emacsen add-on packages must depend on emacsen, not emacsen

Package: cwnn                 
Maintainer: Keita Maehara <maehara@debian.org>                          
  20539  Overlap between cwnn, wnn, and kwnn
[FIX] wnn 4.2-4 has been installed, bug should be closed

Package: debian-policy        
Maintainer: Debian QA <debian-qa@lists.debian.org>                      
  23661  Security issue when accessing documentation through an http

Package: dhttpd               
Maintainer: Nicolás Lichtmaier <nick@feedback.com.ar>                   
  23659  /var/www/doc symlink introduces a security weakness
This is probably the as bug 23661.

Package: dpkg                 
Maintainer: Klee Dienes and Ian Jackson <dpkg-maint@chiark.greenend.org.uk>
   1797  upgrade/downgrade dependency calculation problem
  17381  dpkg: please add --force-overwrite-inexistant-files and def
  17624  dpkg: installs regular dir when .deb contains symlink !
  20401  Problems updating bo -> hamm
  21182  dpkg: dpkg can go into an infinite loop with --force-config
  23520  dpkg dumps core while reading /var/lib/dpkg/status

Package: dpkg-dev             
Maintainer: Klee Dienes and Ian Jackson <dpkg-maint@chiark.greenend.org.uk>
  20776  dpkg-dev: dpkg-dev does not use emacsen-commen method of in
  21186  dpkg-dev: dpkg-dev has a file also provided in dpkg

Package: dpkg-python          
Maintainer: Klee Dienes <klee@debian.org>                               
  23059  .py files must not install files into /usr/lib/python
[FIX] Fixing this would break other packages in hamm.  Gregor Hoffleit
      (python maintainer) said he would change the severity level of
      the bug to 'normal'.  Matthias Klose will fix it in slink.

Package: elib                 
Maintainer: Tom Lees <tom@lpsg.demon.co.uk>                             
  23810  Emacsen add-on packages must depend on emacsen, not emacsen

Package: emacs19              
Maintainer: eichin@kitten.gen.ma.us (Mark W. Eichin)                    
  23742  emacs19 should probably be just "emacs"

Package: emacs20              
Maintainer: Rob Browning <rlb@cs.utexas.edu>                            
  22577  compile of pcl-cvs.el fails (cannot load "cookie")

Package: ftp.debian.org       (pseudo)
Maintainer: Guy Maor <ftpmaster@debian.org>                             
  16652  javalex: bad dependencies
  22946  We have two priority: standard emacs.

Package: general              (pseudo)
Maintainer: debian-devel@lists.debian.org                               
  23867  Critical permissions bug on /lib and /tmp

Package: hyperlatex           
Maintainer: Matthias Klose <doko@debian.org>                            
  23809  Emacsen add-on packages must depend on emacsen, not emacsen

Package: infocom              
Maintainer: Brian White <bcwhite@pobox.com>                             
  23563  infocom: /usr/doc/infocom/copyright doesn't include a licen

Package: kdebase              (i386 contrib)
Maintainer: Stephan Kulow <coolo@kde.org>                               
  23655  kdebase includes /etc/X11/Xsession

Package: libc5-dev            (m68k main)
Maintainer: Helmut Geyer <Helmut.Geyer@iwr.uni-heidelberg.de>           
  19347  libc5-dev: no-copyright-file LI#82
[STRATEGY] libc5-dev can be removed from m68k once libc5 5.4.38-1.1 has
      been compiled for it.

Package: libc6                
Maintainer: Dale Scheetz <dwarf@polaris.net>                            
  20714  Current libc6 is a beta.
[FIX] Dale Scheetz uploaded 2.0.7 on June 20
  20799  getgrnam does not return when group name does not exist
[FIX] Fixed in 2.0.7, which Dale Scheetz uploaded on June 20
  22626  netbase: bugtraq says: RPC services are subject to Denial o
[FIX] Fixed in 2.0.7, which Dale Scheetz uploaded on June 20
  22790  libc6: login(3) does not reuse dead entries
[FIX] Fixed in 2.0.7, which Dale Scheetz uploaded on June 20
  23698  Linux-security says: Beware of dangerous enviroment (libc6)
[STRATEGY] Merge a patch from Ulrich Drepper which he posted on linux-security
           a month ago.

Package: libc6-dev            
Maintainer: Dale Scheetz <dwarf@polaris.net>                            
[HELP] Dale Scheetz: "I have not had a chance to even read these
       reports yet. Some outside help determining what should, or
       shouldn't change would be helpful here."
(My translation: send him patches :-)
  19797  libc6-dev: use of /tmp/*$$ in an insecure fashion
[FIX] Fixed in 2.0.7, which Dale Scheetz uploaded on June 20
  21884  libc6-dev: relative links between top-level dirs

Package: libdb1-dev           (alpha main)
Maintainer: Mark Eichin <eichin@kitten.gen.ma.us>                       
[FIX] Handle bug#23245 to ftp.debian.org, which requests removal of libdb
      from hamm.
  19351  libdb1-dev: no-copyright-file LI#86

Package: libreadline2         
Maintainer: Guy Maor <maor@debian.org>                                  
  22941  libreadline2 depends on libc6

Package: libreadlineg2        
Maintainer: Guy Maor <maor@debian.org>                                  
  23035  bash: Not 8-bit clean.

Package: libtool              
Maintainer: Frederic Lepied <Lepied@debian.org>                         
  23884  libtool: Insecure use of /tmp (?)

Package: login                
Maintainer: Guy Maor <maor@debian.org>                                  
  22191  login: does not chown /dev/vcs* anymore
[NOTE] This was recently discussed on debian-devel.

Package: mailx                
Maintainer: Loic Prylli <lprylli@graville.fdn.fr>                       
  23880  [alvaro@lander.es: [linux-security] security hole in mailx]

Package: modutils             
Maintainer: Wichert Akkerman <wakkerma@debian.org>                      
  22612  modutils package is difficult to upgrade from bo
[HELP] Need people to upgrade from bo machines, try to reproduce.
       Wichert: "I can't reproduce that one.  I found a glitch in the
       postinst though which I fixed.  I guess I have to wait for some
       people to upgrade more bo machines to check if it works."
	   Update: 1 success report received.

Package: mtools               
Maintainer: Mark Eichin <eichin@kitten.gen.ma.us>                       
  23604  mtools: insecure use of /tmp

Package: nas                  
Maintainer: Steve McIntyre <stevem@chiark.greenend.org.uk>              
  23841  nas: init.d script fails to start au because of missing pat

Package: nonus.debian.org     (pseudo)
Maintainer: Sven Rudolph <sr1@inf.tu-dresden.de>                        
This is being maintained by Heiko Schlittermann <heiko@lotte.sax.de>.
  18572  nonus.debian.org: remove des-solnet_1.03-5.deb
  18785  nonus.debian.org: incoming backlog
  20773  nonus.debian.org: please remove gnupg from frozen
  21423  Dpkg-ftp can't handle alternative distributions
[HELP] Yann Dirson: "This used to work until some date I don't know
       exactly. I guess that non-us has changed the paths they use
       in the Packages file."  (more info, and workaround, in the bug
       entry itself)
       (Bug has been reassigned from dpkg-ftp to nonus.debian.org)
  22287  nonus.debian.org with incorrect layout

Package: passwd               
Maintainer: Guy Maor <maor@debian.org>                                  
  21275  passwd: useradd violates base-passwd's rules

Package: plan                 
Maintainer: telmerco@debian.org (Colin R. Telmer)                       
  23483  plan: does not register user+group `netplan'

Package: smail                
Maintainer: Soenke Lange <soenke@escher.north.de>                       
  23717  smail: smtp entry in inetd.conf gone after smail upgrade

Package: ssh                  (i386 non-us)
Maintainer: Philip Hands <phil@hands.com>                               
[FIX] Philip Hands uploaded 1.2.25-1 on June 18, which fixes both the debug
      message and the security fix.
  22470  ssh: ssh spits out debugging messages because of socks4
[FIX] "I just uploaded 1.2.23-1 without socks support.  I'll wait for
       the problem to be resolved in libsocks before putting it back
       in again."

Package: svgalib-bin          
Maintainer: Andy Mortimer <andy.mortimer@poboxes.com>                   
  23601  svgalib-bin: insecure use of /tmp
[FIX] Install 1.2.13-3.3

Package: wu-ftpd-academ       
Maintainer: Heiko Schlittermann <heiko@lotte.sax.de>                    
  17401  netstd overwrites ftpd.8.gz
  20355  wu-ftpd: contains ftpd.8.gz which is also present in netstd

Package: xbase                
Maintainer: Branden Robinson <branden@debian.org>                       
[HELP] See http://master.debian.org/~branden/xsf.html for detailed
       discussion of these problems and ways you can help.
  22877  xbase: xdm port, and X applications
[HELP] "These have been forwarded upstream but I haven't heard anything
        from XFree86 about them to date.  Fixing them is beyond my knowledge."

Package: xinetd               
Maintainer: Norbert Veber <nveber@debian.org>                           
  23866  xinetd: problems while installing

Package: xlib6g               
Maintainer: Branden Robinson <branden@debian.org>                       
  23274  xlib6g: Upgrading to breaks keyboard
[FIX] Probably fixed in, which has been installed in hamm

Package: xviewg-dev           
Maintainer: Martin Buck <mbuck@debian.org>                              
  23598  xviewg-dev (cv2xview): insecure use of /tmp

To UNSUBSCRIBE, email to debian-devel-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: