The Hamm Bugs Stamp-Out List
This is an annotated list of the release-critical bugs that are open
against packages in hamm. I have collected comments from various
people, and hope to collect more. Feel free to send me information to
include in the list. (I want to limit entries to 4-5 lines each, though.)
I hope this will be of use to people who want to help get Debian 2.0
released but don't know where help is needed.
I currently plan to post this list whenever it changes, up to once per day.
There are three categories of comments:
[FIX] describes a simple step to deal with the bug, which only needs to
be executed. For example, "install version foo-1.0 which is currently
in incoming", or "this bug isn't release-critical, it can be downgraded".
[STRATEGY] describes an approach for fixing the bug, which is currently
being implemented. Mainly it lets the other developers know what is
going on.
[HELP] indicates that assistance is needed to fix this bug. This can
be a specific request or a general call.
My thanks to all who supplied information for this list :-)
Richard Braakman
------------------------------------------------------------------------------
Sun, 7 Jun 1998 20:52:58 GMT: 111 release-critical bugs in hamm.
Package: afbackup
Maintainer: Christian Meder <meder@isr.uni-stuttgart.de>
23250 afbackup: insecure use of /tmp/*$$*
Package: apache
Maintainer: Johnie Ingram <johnie@debian.org>
23221 apache: wrong perl path in apxs
Package: bind
Maintainer: Johnie Ingram <johnie@debian.org>
[HELP] A non-maintainer release (or a new maintainer) is needed for bind,
since it's not really Johnie's package and he doesn't have time
for it.
17671 BIND 8 package does not preserve local configuration on upg
21743 bind: /etc/ppp/ip-up.d entry pops up without my consent!
[STRATEGY] Johnie: "As a quick fix the ppp stuff can just be removed."
(That also covers #23091)
23091 Security: bind sends packets off machine without notificati
Package: bitchx
Maintainer: Johnie Ingram <johnie@debian.org>
22980 bitchx: Bitchx is "non-free"
[HELP] "I don't have a fixed copyright text".
Package: boot-floppies
Maintainer: Enrique Zanardi <sr1-boot-floppies@debian.org>
23167 uncaught error in unpacking modules
Package: bootdisk (pseudo)
Maintainer: Maintainer Group <sr1-boot-floppies@debian.org>
20779 Debian 2.0 won't boot of a hard disk after install
[STRATEGY] Enrique: "This is a hardware-specific bug too. I have asked
the submitter to try to install after disabling the 128KB cache
as stated in the docs (he has a Cyrix CPU). He is going to try it
and will report back."
23171 PCMCIA modules don't match kernel version on boot disks
[STRATEGY] Luis Francisco Gonzalez: "This bug is not in the
boot-floppies. The idea was to make sure we knew that there
is need to wait for the new pcmcia-packages but the bug is
in those packages as we only use the standard
kernel/pcmcia-modules."
Package: crafty
Maintainer: olet@debian.org (Ole J. Tetlie)
22493 crafty is not DFSG free software
[FIX] install crafty 14.11-3 in Incoming, which goes to non-free, and
remove the version from main.
Package: cwnn
Maintainer: Keita Maehara <maehara@debian.org>
20539 Overlap between cwnn, wnn, and kwnn
[FIX] install wnn 4.2-4, which is currently in Incoming.
Package: dhcp
Maintainer: Rich Sahlender <rsahlen@debian.org>
23087 dhcp stopped working after upgrade
Package: dhcp-client-beta
Maintainer: Christoph Lameter <clameter@fuller.edu>
[FIX] Handle bug#22757 ("remove dhcp-client-beta from hamm") reported to
ftp.debian.org.
18322 dhclient-script problem with "EXPIRE"
19767 dhcp-client-beta has no /usr/doc directory
Package: doc-base
Maintainer: aph@debian.org (Adam P. Harris)
22990 doc-base doesn't escape strings
[FIX] install doc-base 0.7.1, currently in Incoming.
Package: dpkg
Maintainer: Klee Dienes and Ian Jackson <dpkg-maint@chiark.greenend.org.uk>
1797 upgrade/downgrade dependency calculation problem
5639 URGENT - dpkg ignored predependency versions when downgradi
6842 dpkg lets installation break another package
6843 dpkg ignores its own dependency
7956 dpkg allows package downgrade to violate predependency
17624 dpkg: installs regular dir when .deb contains symlink !
20250 Overlapping files in glut-doc and glut-data.
21182 dpkg: dpkg can go into an infinite loop with --force-config
21183 dpkg can go into an infinite loop with --force-configure-an
22940 dpkg stops after just 20 errors
Package: dpkg-dev
Maintainer: Klee Dienes and Ian Jackson <dpkg-maint@chiark.greenend.org.uk>
20776 dpkg-dev: dpkg-dev does not use emacsen-commen method of in
21186 dpkg-dev: dpkg-dev has a file also provided in dpkg
Package: dpkg-python
Maintainer: Klee Dienes <klee@debian.org>
23059 .py files must not install files into /usr/lib/python
[FIX] Fixing this would break other packages in hamm. Gregor Hoffleit
(python maintainer) said he would change the severity level of
the bug to 'normal'. Matthias Klose will fix it in slink.
Package: dwww
Maintainer: Jim Pick <jim@jimpick.com>
[FIX] Handle bug#22635, "please remove dwww from hamm/frozen", reported
to ftp.debian.org.
16212 dwww: dwww tries to update-menus every day
22018 dwww: can't find _anything_
Package: fetchmail
Maintainer: Paul Haggart <phaggart@debian.org>
23092 Security: fetchmail sends packets off site without explicit
Package: file-rc
Maintainer: Martin Schulze <joey@debian.org>
23057 file-rc: rcS fails to complete startup
Package: ftp.debian.org (pseudo)
Maintainer: Guy Maor <ftpmaster@debian.org>
16652 javalex: bad dependencies
21819 sinuskey-login: libc5 version in hamm!
21938 xarchie is not DFSG free software
22390 Please move slink gcc packages to frozen
[FIX] From J.H.M. Dassen: "This will be obsoleted when 2.7.2.3-4.3
will be accepted into frozen."
22417 Please move premail to contrib.
22438 binkd: libc5 package in hamm
22490 two versions of base_passwd in hamm
22548 jdk1.1-docdemo: obsolete?
22554 ftp.deb.org: ssg-dev still here
22635 ftp.debian.org: Please remove dwww from hamm/frozen
22757 ftp.debian.org: remove dhcp-client-beta from hamm
22808 ftp.debian.org: pine396-src and pine396-diffs
22832 ftp.debian.org: m68k Packages files not being updated
22885 ftp.debian.org: files to be removed
22939 Please remove old unixcw in hamm/main
22978 Please move ircii from main to non-free
23034 Remove cxhextris from binary-powerpc
23108 ftp.debian.org: Please move sniffit from main to non-free
Package: gcc
Maintainer: Galen Hazelwood <galenh@micron.net>
23123 gcc creates lots of empty files in /tmp
[FIX] Install gcc 2.7.2.3-4.5, currently in Incoming.
Package: gstep-make (i386 contrib)
Maintainer: Gregor Hoffleit <flight@debian.org>
22328 gstep-make configuration / gstep-* new versions
[FIX] install version 0.5.0.980520-1 which is in Incoming.
"No other packages depend on gstep-* and gstep-* are packages of an
unstable upstream that's intended only for developer's preview
(that's recorded in the packages description), therefore it's no risk
to use this new snapshot."
Package: hwtools
Maintainer: Siggy Brentrup <bsb@debian.org>
21288 hwtools: irqtune should be in /usr/sbin, or rc.boot script
Package: ilu-base
Maintainer: Klee Dienes <klee@debian.org>
Matthias Klose made a non-maintainer release of the ilu packages.
21489 ilu-base: still linked with libc5
[FIX] install ilu non-maintainer version 2.0.0.12-0.1, currently in Incoming.
Package: ircii
Maintainer: Bernd Eckenfels <ecki@debian.org>
21683 ircii: ircii is non-free!
[STRATEGY] "This Bug is currently worked on. We have a verbal commitment
of one of the ircII Authors (Michael Sandroff) that he has
given the Source to the next author (which placed a free
copyright on the code). A formal commitment is still missing,
but I think the Bug can be closed."
Package: jadetex
Maintainer: Christian Leutloff <leutloff@debian.org>
Adam P. Harris made a non-maintainer release of jadetex.
22688 jadetex: errors while configuring, does not work
[FIX] install jadetex non-maintainer version 0.61-1.2, currently in Incoming.
Package: kdeadmin (i386 contrib)
Maintainer: Stephan Kulow <coolo@kde.org>
[FIX] Bug #22233 to ftp.debian.org requests removal of this package
from hamm and slink.
22060 kuser removes all passwords and disables root account
Package: kterm
Maintainer: Yoshiaki Yanagihara <yochi@debian.or.jp>
23209 kterm needs to have xterm's security patch applied.
Package: libc5-dbg
Maintainer: Helmut Geyer <Helmut.Geyer@iwr.uni-heidelberg.de>
21039 ftp.debian.org: libc5-dbg probably shouldn't be in frozen
[FIX] Dale Scheetz: "While this should be cleaned up, it represents
no problem for the release, as dselect and friends will not try to
install it." (Also see #19347)
Package: libc5-dev (m68k main)
Maintainer: Helmut Geyer <Helmut.Geyer@iwr.uni-heidelberg.de>
19347 libc5-dev: no-copyright-file LI#82
Dale Scheetz: "This appears to only apply to the m68k version, so it
is probably only a symlink missing, as the dev package has the same
copyright as the runtime."
(I think what happened here is that libc5-dev got removed from hamm
at freeze time, but only from the i386 tree.)
[STRATEGY] I have a non-maintainer release for libc5 ready, which does
not generate the packages libc5-dev and libc5-dbg. That
will allow libc5-dev and libc5-dbg to be removed from
the archive. It will fix #21039 as well as this one.
Package: libc6
Maintainer: Dale Scheetz <dwarf@polaris.net>
20714 Current libc6 is a beta.
[STRATEGY] "Depending on Ulrich's schedule we may have to release with
a beta version. I am working currently from the CVS archive,
and will soon be able to produce a package from the latest
upstream patches. At some point we will need to bite the
bullet and release the best library we have a that time."
20799 getgrnam does not return when group name does not exist
[HELP] "This has been worked on. If someone could test the -pre3-1
release in unstable and verify it as fixed, we can probably
close this one."
22626 netbase: bugtraq says: RPC services are subject to Denial o
[HELP] "This has also been worked on upstream and needs some testing."
22790 libc6: login(3) does not reuse dead entries
[STRATEGY] "This one is fixed in my current, unreleased version,
coming soon ;-)"
Package: libc6-dev
Maintainer: Dale Scheetz <dwarf@polaris.net>
[HELP] Dale Scheetz: "I have not had a chance to even read these
reports yet. Some outside help determining what should, or
shouldn't change would be helpful here."
(My translation: send him patches :-)
19797 libc6-dev: use of /tmp/*$$ in an insecure fashion
21884 libc6-dev: relative links between top-level dirs
Package: libdb1-dev (alpha main)
Maintainer: Mark Eichin <eichin@kitten.gen.ma.us>
[STRATEGY] Mark: "Perhaps someone on the alpha side should be sure it gets
removed from that release, as it is replaced by libc6-dev or
libc5-altdev (maybe libdb1-altdev?) depending..."
(I asked on the alpha list, and then filed a bug against ftp.debian.org
asking for the removal of libdb1-dev.)
19351 libdb1-dev: no-copyright-file LI#86
Package: libpaper
Maintainer: Marco Pistore <pistore@di.unipi.it>
22942 libpaper depends on libpaperg
[HELP] The maintainer asked for advice on debian-devel. Details are
in the archive for this bug report.
Package: libreadline2
Maintainer: Guy Maor <maor@debian.org>
22941 libreadline2 depends on libc6
Package: libreadlineg2
Maintainer: Guy Maor <maor@debian.org>
23035 bash: Not 8-bit clean.
Package: libssl08 (i386 non-us)
Maintainer: Christoph Martin <christoph.martin@uni-mainz.de>
23169 libssl08 hangs while waiting randomness from /dev/random
[STRATEGY] "For the solution: I have to exchange /dev/random with
/dev/urandom and recompile."
Package: lilo
Maintainer: Bernd Eckenfels <ecki@debian.org>
19821 lilo: liloconfig doesn't make the system bootable
[STRATEGY] "AFAIK this Bug was in the old boot-floppies, I can't
reproduce it. If nobody objects I will close it."
Package: login
Maintainer: Guy Maor <maor@debian.org>
22191 login: does not chown /dev/vcs* anymore
Package: lpr
Maintainer: Adam Klein <aklein@debian.org>
22837 lpd dies without trace (severe!)
Package: modutils
Maintainer: Wichert Akkerman <wakkerma@debian.org>
22612 modutils package is difficult to upgrade from bo
[HELP] Need people to upgrade from bo machines, try to reproduce.
Wichert: "I can't reproduce that one. I found a glitch in the
postinst though which I fixed. I guess I have to wait for some
people to upgrade more bo machines to check if it works."
Package: msqld (i386 non-free)
Maintainer: Martin Schulze <joey@debian.org>
23081 msqld: SECURITY: msqld does not preserve permissions on /et
Package: nonus.debian.org (pseudo)
Maintainer: Sven Rudolph <sr1@inf.tu-dresden.de>
This is being maintained by Heiko Schlittermann <heiko@lotte.sax.de>.
15764 ftp.debian.org: Non-US Packages files are broken
18572 nonus.debian.org: remove des-solnet_1.03-5.deb
18785 nonus.debian.org: incoming backlog
20773 nonus.debian.org: please remove gnupg from frozen
21423 Dpkg-ftp can't handle alternative distributions
[HELP] Yann Dirson: "This used to work until some date I don't know
exactly. I guess that non-us has changed the paths they use
in the Packages file." (more info, and workaround, in the bug
entry itself)
(Bug has been reassigned from dpkg-ftp to nonus.debian.org)
22287 nonus.debian.org with incorrect layout
Package: p2c
Maintainer: Andrew Howell <andrew@it.com.au>
[HELP] This package is orphaned.
Andrew: "Already tried to get rid of this package 3 times,
the last 2 or 3 releases have been not by me. I don't have time
at present to work on packages. This bug wouldn't exist with
my version of the package as I never created shared library
for it when I had it :)"
21036 p2c: depends on libp2c1 which seems to have been fed to the
Package: p3nfs
Maintainer: cmchow@se.cuhk.edu.hk (Billy C.-M. Chow)
[HELP] Mail to the maintainer address bounced.
21488 p3nfs: still linked with libc5
Package: passwd
Maintainer: Guy Maor <maor@debian.org>
21275 passwd: useradd violates base-passwd's rules
Package: perl
Maintainer: Darren Stalder <torin@daft.com>
19805 perl: use of /tmp/*$$ in an insecure fashion
[FIX] Install perl 5.004.04-6, which is currently in Incoming.
Package: premail (i386 non-free)
Maintainer: Karl Sackett <krs@debian.org>
15680 Insecure /tmp file usage
[FIX] Install premail 0.45-4, currently in Incoming.
Package: python-dev
Maintainer: Gregor Hoffleit <flight@debian.org>
23168 Error in Python's Makefile.pre.in
[STRATEGY] "I'm currently evaluating one of the following solutions:
a) Again, only provide the upstream Makefile.pre.in. This won't make
life easier for users who don't want to build Debian packages,
but want to install the extension locally in /usr/local.
b) Provide both the upstream Makefile.pre.in for building Debian
packages and a modified Makefile-local.pre.in for installing
extensions locally.
c) Fix the problem in the modified Makefile.pre.in and provide both
a boot as well as a boot-deb target for preparing extensions for
local installation as well as for Debian packaging."
[HELP] "Feedback wanted!"
Package: python-doc
Maintainer: Gregor Hoffleit <flight@debian.org>
22944 python-doc in hamm refers to an ancient version of python
[FIX] install version 1.5.1-2 which is in Incoming.
Package: rat
Maintainer: Chu-yeon Park <kokids@doit.ajou.ac.kr>
21935 rat is not free software
[FIX] Install rat 3.0.23-1, currently in Incoming, which moves it from
main to non-free.
Package: sendmail
Maintainer: Richard Nelson <cowboy@debian.org>
23216 sendmail: Causes majordomo to crash and burn!!!
Package: sinuskey-login
Maintainer: Skuli Davidsson <skuli@hi.is>
21446 sinuskey-login: depends on libc5 but doesn't report that
Package: smail
Maintainer: Soenke Lange <soenke@escher.north.de>
23218 Smail refuses to configure on dynamic-IP machine
Package: sniffit
Maintainer: Damjan Marion <dmarion@debian.org>
21832 sniffit is not DFSG free software
[FIX] install the sniffit 0.3.5-3 in Incoming, which goes to non-free, and
remove the version in main.
Package: ssh (i386 non-us)
Maintainer: Philip Hands <phil@hands.com>
22470 ssh: ssh spits out debugging messages because of socks4
Package: ssleay (i386 non-us)
Maintainer: Christoph Martin <christoph.martin@uni-mainz.de>
19410 ssleay: md5sums-lists-nonexisting-file LI#146
[STRATEGY] "As ssleay is not in the main distribution, I delayed the
fix of this (which consists mainly of a repacking) in
favor of tetex-*."
Package: sysvinit
Maintainer: Miquel van Smoorenburg <miquels@cistron.nl>
22945 Problems with last ( bug in sysvinit package)?
[FIX] Install sysvinit 2.75-2, currently in Incoming.
Package: tetex-bin
Maintainer: Christoph Martin <christoph.martin@uni-mainz.de>
23111 tetex-bin: cron.daily script falls over when /usr/local/is
[FIX] "This just came in last week, and I had not yet a chance to deal with
it. I don't consider it release-critical. It just sends an annoying
email from the cron.daily script about not being able to write to
/usr/local if /usr/local is readonly. But the script does not really
"fall over" as the bug report says. It finishes correctly just
without updating the ls-R file in /usr/local. I'll try to make this
file a link to somewhere in /var to fix this and hope that mktexlsr
works on a symlink."
Package: wxxt1-dev
Maintainer: Brian Bassett <brian@butterfly.ml.org>
[HELP] Mail to the maintainer was returned as undeliverable.
21707 wxxt1-dev depends on deprecated libg++-dev
Package: xadmin
Maintainer: Turbo Fredriksson <turbo@debian.org>
23053 xadmin does not set perms correctly for /etc/shadow
[STRATEGY] Turbo Fredriksson has the fix in his own sources,
and will upload it.
Package: xbase
Maintainer: Branden Robinson <branden@debian.org>
[HELP] See http://master.debian.org/~branden/xsf.html for detailed
discussion of these problems and ways you can help.
22329 Patch for #20685 prevents talk working
22422 xbase: xterm and rxvt sessions no longer logged
22668 TERM=xterm meaning has changed incompatibly
[STRATEGY] "There needs to be a new terminal type, xterm-debian, which
tracks the latest XFree86 xterm entry but incorporates our keyboard
policy (and anything else we want to customize). I need to
coordinate with the ncurses-base maintainer and some other folks
about this."
22877 xbase: xdm port, and X applications
22878 xbase: xdm port, and X applications
22928 New upstream security fix release
23002 Problem With Fresh Install
Package: xexec (i386 contrib)
Maintainer: Zed Pobre <zed@debian.org>
22927 xexec: unsatisfiable dependency
A fixed xexec was released, but only to slink.
Package: xinetd (i386 non-free)
Maintainer: "Adam Heath" <adam.heath@usa.net>
19125 xinetd: mucking with /etc/init.d/netbase is a deep policy v
20705 xinetd: samba 1.9.18p3-1 don't work from xinetd (from inetd
Package: xlib6g
Maintainer: Branden Robinson <branden@debian.org>
23122 typo in debian/rules
--
To UNSUBSCRIBE, email to debian-devel-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: