Re: List of bugs that *must* be fixed before releasing Slink
All right, here's the revised list (removing anything that someone confirmed
as almost done.)
Quoting Michael Stone (mstone@cs.loyola.edu):
> > apache 32204 user directories allow symlinks to other files [0] (Johnie Ingram <johnie@debian.org>)
>
> There's a suggested fix in the bug report. Is it problematic?
>
> > boot-floppies 32269 partion harddisk fails if WIN95_EXTENDED present [0] (Enrique Zanardi <debian-boot@lists.debian.org>)
>
> The report log is a little unclear. It looks like there is a version of cfdisk
> that works...are we just waiting for an upload?
>
> > dpkg 17624 dpkg: installs regular dir when .deb contains symlink ! [364] (Ian Jackson and others <dpkg-maint@chiark.greenend.org.uk>)
> > dpkg 21182 dpkg: dpkg can go into an infinite loop with --force-configure-any [288] (Ian Jackson and others <dpkg-maint@chiark.greenend.org.uk>)
> > dpkg 28519 dpkg: dpkg creates circular symlinks [93] (Ian Jackson and others <dpkg-maint@chiark.greenend.org.uk>)
> > dpkg 30090 weirdass dpkg coredumps and xbase upgrade insanity [62] (Ian Jackson and others <dpkg-maint@chiark.greenend.org.uk>)
> > dpkg 30891 dpkg: Patch for update-alternatives to fix jdk problems [40] (Ian Jackson and others <dpkg-maint@chiark.greenend.org.uk>)
> > dpkg 32283 xbase postinst refers to nonexistent README.Debian [0] (Ian Jackson and others <dpkg-maint@chiark.greenend.org.uk>)
>
> No one ever wants to touch dpkg...
> > dpkg-dev 31508 parsechangelog broken? [22] (Ian Jackson and others <dpkg-maint@chiark.greenend.org.uk>)
This is supposed to have an attached fix.
> > dpkg 28817 dpkg takes no care over libdpkg [87] (Ian Jackson and others <dpkg-maint@chiark.greenend.org.uk>)
Wichert argues whether this one's really release critical.
> > ftp.debian.org 31282 upgrade-1386 directory in Incoming [30] (Guy Maor <ftpmaster@debian.org>)
>
> ?
>
> > general 28850 gettext: security problem when used in setuid programs [0] (debian-devel@lists.debian.org)
>
> What needs to be done here?
This needs maintainers of setuid/root-run programs to check their stuff. Is
there a way for non-maintainers to help with this, or do we just hope it gets
done? Is there a way for maintainers to indicate they've already checked their
packages?
> > jdk1.1 32548 Java doesn't work at all for me on slink [0] (Stephen Zander <gibreel@debian.org>)
Someone might be working on this?
> > lyx 32299 LyX Copyright problems [0] (Stuart Lamble <lamble@yoyo.cc.monash.edu.au>)
There should be a new license waiting to be packaged.
> > nonus.debian.org 23780 nonus.debian.org: libssl-dev is obsolete [220] (Heiko Schlittermann <heiko@datom.de>)
> > nonus.debian.org 26443 nonus.debian.org: apache-common_1.3.0+1.19 is obsolete [144] (Heiko Schlittermann <heiko@datom.de>)
> > nonus.debian.org 29246 nonus.debian.org: remove fortify-unix-ppc_1.2.8-1.deb [79] (Heiko Schlittermann <heiko@datom.de>)
> > nonus.debian.org 31326 Broken symlinks on nonus.debian.org [29] (Heiko Schlittermann <heiko@datom.de>)
> > nonus.debian.org 32171 umet dependency for mutt-i [8] (Heiko Schlittermann <heiko@datom.de>)
mutt-i just need to disappear, right? Or should we do another virtual package
to get mutt to install in its place?
> Will non-us ever be fixed?
All I've heard is agreement that this situation is non-optimal.
(Or words to that effect :)
> > perl-suid 31904 [B.A.McCauley@BHAM.AC.UK: Secuity hole with perl (suidperl) and nosuid mounts on Linux] [13] (Darren Stalder <torin@daft.com>)
This still needs a good solution.
> > smb2www 32131 smb2www: smb2www in slink incompatible with samba in slink [9] (Craig Small <csmall@debian.org>)
>
> Is the potato version going to be installed, or is there another fix?
>
> > wdm 32485 wdm: Doesn't let people log on when using MD5 passwords [0] (mmagallo@debian.org (Marcelo E. Magallon))
>
> Looks like this needs a patch.
>
> > wdm 32529 Typo in Xsession [0] (mmagallo@debian.org (Marcelo E. Magallon))
>
> Log's unclear again; is this really an xbase problem? Is it fixed?
>
> > xbase 30852 X packages do not upgrade automatically due to name change. [41] (Branden Robinson <branden@debian.org>)
> > xdm 29360 xdm: Stopped X without warning/asking [77] (Branden Robinson <branden@debian.org>)
> > xlib6 31610 xlib6: requires gcc but declares no dependency (dpkg --print-gnu-build-architecture?) [20] (Branden Robinson <branden@debian.org>)
> > xserver-common 29166 xserver-common: should depend or at least recommend properly ver'd xlib6g [81] (Branden Robinson <branden@debian.org>)
There's supposed to be a new version of the X stuff; does it fix all of these?
(Someone want to summarize the changelog? :)
So, what's left? Looks like fairly simple fixes for apache, boot-floppies,
dpkg-dev, lyx, and smb2www. There's a mess of dpkg and non-us probs that'll
just fester. jdk supposedly has someone working on it? perl-suid needs a good
solution, as does wdm (which I'm getting a copy of now.) And we need to
address the gettext problem. How much longer?
Mike Stone
Reply to: