Re: Debian i386 freeze
> 24634 the 'Admin' profile includes 'raidtools' which cannot be in
> 24569 bsdutils does not Pre-Depends on libc6.
> 24236 emacs20, postrm is broken..
> 22941 libreadline2 depends on libc6
> 24595 FIXED: smail in frozen is an open relay
All these are fixed as of today.
> 24557 netstd: netstd re-enables rlogin/rsh/rexec
This was at least partially fixed today.
> 24200 termcap: vulnerability
Termcap isn't really used by Debian. I'm still waiting to hear more from
the maintainer.
> 24306 ssh: security patch[FIX] Wichert Akkerman uploaded NMU 1.2.25-1.1 on July 17, which fixes this
> 24022 libssl: Upstream security fix available
Nonus isn't a wholly integrated part of the distribution yet and so isn't
managed the same as the the rest.
> and I happen to know (because I was there when it was fixed) that dark is
> now uploading a fix for
>
> 24126 screen aborts with signal 11 in X
I hadn't heard that yet.
> which means of 32 bugs, 10 are fixed but still open. 22 to go! These bugs
> will be fixed Real Soon Now:
>
> Package: dhcp
> Maintainer: Rich Sahlender
> 24443 [SECURITY] dhcp: potential buffer overflow problems
> [STRATEGY] Eloy A. Paris promised to do a NMU to fix this.
>
> Package: dhcp-beta
> Maintainer: Rich Sahlender
> 24442 /etc/init.d/dhcp-beta sources inexistent /etc/init.d/functi
> [STRATEGY] Eloy A. Paris promised is making a NMU to fix this.
> 24445 [SECURITY] dhcp-beta: potential buffer overflow problems
> [STRATEGY] Eloy A. Paris promised to do a NMU to fix this.
These can also be removed without a large impact.
> Package: wu-ftpd-academ
> Maintainer: Heiko Schlittermann
> 24466 netstd: Upgrading netstd overrides wu-ftpd-academ entry in
> [STRATEGY] "Will be fixed within the next two days or nights.", quote from
> Heiko Schlittermann.
For those "necessary" packages, I can wait the weekend if absolutely
necessary.
> Which would take us down to 18 bugs. While they matter, archive bugs can't
> be fixed by mere mortals and I am trying to convince wichert that since
> non-us did not freeze with hamm and has essentially slink level software in
> it now, there's no reason to count the bugs that aren't likely to be fixed
> for non-us as hamm critical. Instead we should work on for slink what AFAIK
> has been the consensus for non-us and make it just another dist--just one
> which is not mirrored everywhere.
>
> Package: ftp.debian.org (pseudo)
> Maintainer: Guy Maor, Richard Braakman, James Troup
> 23877 please include apt and autoup in hamm/hamm/upgrade-i386/
> 24669 Please remove old boot disks from hamm/main/disks-i386
I'll be doing this soon.
> Package: nonus.debian.org (pseudo)
> Maintainer: Heiko Schlittermann
> This is being maintained by Heiko Schlittermann .
> 18572 nonus.debian.org: remove des-solnet_1.03-5.deb
> 18785 nonus.debian.org: incoming backlog
> 20773 nonus.debian.org: please remove gnupg from frozen
> 21423 Dpkg-ftp can't handle alternative distributions
> [HELP] Yann Dirson: "This used to work until some date I don't know
> exactly. I guess that non-us has changed the paths they use
> in the Packages file." (more info, and workaround, in the bug
> entry itself)
> (Bug has been reassigned from dpkg-ftp to nonus.debian.org)
> 23642 Packages
Nonus doesn't go on CD, so isn't quite subject to the same freeze.
> This takes us down to -11- bugs. Oh:
>
> Package: libc6-pre2.1-doc
> Maintainer: Juan Cespedes
> 24354 libc6-pre2.1-doc: unfulfillable dependencies on non-glibc-p
> [STRATEGY] Juan Cespedes (maintainer) suggested removing this package
> from hamm.
Soon to be removed...
> make that 10. If the maintainer says don't put it in hamm, then it should
> not be in hamm. =>
>
> So, here's what's left:
>
> Package: binutils
> Maintainer: Galen Hazelwood
> 23153 strip: stripped binary(executable) dumping core.
It happens rarely and can be worked around if necessary. I'm choosing to
ignore this bug for Debian 2.0.
> Package: cgi-scripts
> Maintainer: Johnie Ingram
> 24388 cgi-scripts: test-cgi script allows file listing of entire
Minor security hole that can be fixed with a later release.
> Package: cvs-pcl
> Maintainer: Tom Lees
> 22577 compile of pcl-cvs.el fails (cannot load "cookie")
Removeable. Personally, I don't feel this is important enough to warrant
that, but that's what people want.
> Package: dpkg
> Maintainer: Klee Dienes and Ian Jackson
> 17624 dpkg: installs regular dir when .deb contains symlink !
> 20401 Problems updating bo -> hamm
> 21182 dpkg: dpkg can go into an infinite loop with --force-config
Dpkg is being handled as a special case because (a) it's essential, and
(b) these are not going to get fixed no matter how long we wait.
> Package: kdebase (i386 contrib)
> Maintainer: Stephan Kulow
> 24643 kdebase: We have no licence to distribute KDE binaries when
Removeable.
> Package: screen
> Maintainer: Juan Cespedes
> 23998 screen: can't handle the new xterm terminfo
(actually ncurses) It only seems to affect screen which, while an
important packages to have, is not (in my opinion) worth holding up
the release. I'm choosing to let this one pass for 2.0.
> Package: smail
> Maintainer: Soenke Lange
> 23717 smail: smtp entry in inetd.conf gone after smail upgrade
Fixed in latest upload.
> Package: xbase
> Maintainer: Branden Robinson
> 24642 XF86Setup doesn't run: the file /usr/X11R6/lib/X11/xinit/xi
I'm still waiting to hear from Branden about this one.
Brian
( bcwhite@verisim.com )
-------------------------------------------------------------------------------
The difference between a rut and a grave is only a matter of depth.
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: