1 = SIPB Bug-Squashing Hackathon for Lenny =
3 SIPB is running a '''bug-squashing hackathon''' for release-critical bugs in Debian Lenny.
5 Place: '''W20-557''', the SIPB office[[BR]]
6 Date: '''Saturday''', 2008-12-13, between end-of-classes and finals week[[BR]]
7 Time: starting '''2 PM''', running to about 10 PM; come for any portion
9 Contact the SIPB Chair, Greg Price (`price@mit.edu`), or Vice-Chair, Nelson Elhage (`nelhage@mit.edu`), with any questions. During the hackathon just call the office at (617) 253-7788.
14 '''Q''': What's Lenny?[[BR]]
15 '''A''': Lenny is the '''upcoming next stable release''' of Debian GNU/Linux. It was scheduled for September 2008 but has slipped to spring 2009. The last release was Etch in spring 2007, so Debian users are eagerly awaiting a new release.
17 '''Q''': What's a release-critical bug?[[BR]]
18 '''A''': A '''release-critical (RC) bug''' is a Debian bug of any of the highest levels of severity. RC bugs break a program completely, break some users' systems, or do similarly bad things. At last count there were 109 bugs (below) affecting Lenny. Every one of those bugs has to be dealt with one way or another before Lenny will release.
20 '''Q''': How is this list of bugs different from [http://bugs.debian.org/release-critical/other/testing.html]?[[BR]]
21 '''A''': The list on `bugs.debian.org` includes bugs which have been fixed, but haven't passed a requisite waiting period before being introduced into Lenny. Our list is only bugs for which there is no fix.
23 '''Q''': I use '''Ubuntu'''. Why do I care about Debian releases?[[BR]]
24 '''A''': Because Lenny is in the final, "freeze", stage of the cycle, many Debian contributors are holding off new versions of the software they maintain in order to focus on stabilizing and bugfixing Lenny. Since Ubuntu depends on Debian for >90% of its packaging work, that means less new software for Ubuntu until Lenny releases.
26 '''Q''': I have '''no experience hacking on Debian'''.[[BR]]
27 '''A''': No problem, we have three Debian Developers pledged to attend, plus Debian-packaging experts from SIPB's Debathena and XVM projects. They'll all be focussed on helping newer people find a good bug, make progress and stay unstuck on solving it, and get the fixes applied in Debian. Just come ready to help with the skills you have; you'll be sure to learn something.
29 '''Q''': I don't have a lot of programming experience.[[BR]]
30 '''A''': No problem, '''not every bug requires programming''' to fix. Some bugs concern documentation or copyright issues, and anyone willing to track stuff down and write in English precisely can help. You'll still get experience with the issues software in the real world has to deal with, and probably read some code along the way.
34 Coming soon: this list formatted better and with links to the bug pages.
37 507927 acpi-support Fix suspend-resume in Thinkpad R50e (intel 855gm card)
38 507242 amule-daemon amule-daemon: causes OOM's by leaking lots of memory
39 507883 asterisk asterisk: Very frequent segfaults on startup
40 506961 auctex auctex: reuses old logfile on emacsen upgrades, enabling symlink attack
41 496954 bind9 bind9: Fails to start due to SIGSEGV
42 501800 bind9 bind9: bind crashes with a list for allow-update
43 497471 cdimage.debian.org sarge images have syslinux binaries without source
44 507706 cdimage.debian.org Missing sources for d-i components/kernel of etch-n-half images
45 502751 clamav-getfiles clamav-getfiles: piuparts test fails: eicar.com md5sum mismatch, file needs downloading
46 507721 cryptsetup cryptsetup: Sometimes initrd ends up missing conf/conf.d/cryptroot file in it
47 503532 dbus send_requested_reply="true" allows all non-reply messages
48 504340 djvulibre-plugin djvulibre-plugin: Iceweasel crashes when loading DjVu documents
49 481072 dk-filter dk-filter reliably crashes upon connection from postfix
50 505929 egroupware egroupware incompatible with php 5.2.6
51 504283 egroupware-core CVE-2007-3215: phpmailer issue (embedded code-copy)
52 456037 fenix fenix: not 64 bit clean
53 504977 ffmpeg-debian ffmpeg-debian: Several security issues
54 451628 ftp.debian.org Packages might enter the archive from security without source
55 497823 ftp.debian.org longstanding DFSG violations in linux-2.6 package
56 506152 ftp.debian.org libept0 should have priority important
57 507675 ftp.debian.org python2.5 should have priority standard
58 507678 ftp.debian.org libsqlite3-0 should have priority standard
59 507775 ftp.debian.org libkeyutils1 should have priority standard
60 507778 ftp.debian.org libldap-2.4-2 should have priority standard
61 507779 ftp.debian.org [Priorities] libustr-1.0-1 -> standard
62 507780 ftp.debian.org python-sepolgen should have priority standard
63 507783 ftp.debian.org libxml2 should have priority standard
64 507784 ftp.debian.org python2.5-minimal should have priority standard
65 507796 ftp.debian.org libisccfg40 should have priority standard
66 507797 ftp.debian.org libisccc40 should have priority standard
67 507798 ftp.debian.org libedit2 should have priority standard
68 507799 ftp.debian.org libgssglue1 must have priority standard
69 507800 ftp.debian.org ucf must have priority standard
70 507801 ftp.debian.org libpci3 must have priority standard
71 503712 ghostscript etch->lenny upgrade left the system in broken state
72 504747 gnu-fdisk gnu-fdisk: wipes out MBR when used on GPT partitions
73 506684 guile-1.8-dev guile-1.8: includes own definition of jmp_buf type in public header
74 507021 helpdeco Fails to work on amd64
75 507558 hibernate ignores "LockXLock yes" setting in /etc/hibernate/common.conf (e.g. does not lock the screen)
76 505563 icedove Mozilla Thunderbird Multiple Vulnerabilities
77 426465 initramfs-tools /init exports MODPROBE_OPTIONS=-qb
78 507059 initramfs-tools initramfs-tools: Wrong check for udevadm in functions
79 394963 installation-reports installation: Problems with dual booting Dell D600 with winXP pro in the first partition (hd0, 0). After installing the Dell Etch Beta 3, Windows fails to boot and I get the blue screen of death.
80 418972 installation-reports cdrom: Etch does not detect CD-ROM on Acer Aspire 7100
81 436140 installation-reports cdrom: Most of the system's files have a future timestamp causing at least update/config problems.
82 494293 installation-reports installation-reports: Grub error: not a regular file...
83 495603 installation-reports grub-installer fails on a FSC Primergy RX300 with a level 5 RAID
84 501804 installation-reports installation-reports: Lenny b2 install on ThinkPad X61 - fails to detect hard disk
85 507072 ipsec-tools libipsec0 packaged in ipsec-tools without development headers
86 499078 jfsutils jfsutils: Bus Error when running fsck.jfs on sparc
87 506853 libgnutls26 libgnutls26: 2.4.2-3 breaks OpenLDAP access
88 495178 libjs-jquery libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js
89 508133 libmad0 audacity: munmap_chunk(): invalid pointer: 0x00000000026f4eb0
90 490999 libqt3-mt kicker: crashes on startup
91 504373 libtemplate-perl libtemplate-perl: Upgrade from etch breaks code using DBI plugins
92 503907 libwebkit-1.0-1 epiphany-webkit: Crashes at startup whenever I go to a site.
93 506353 mailscanner CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack
94 496334 mdadm mdadm segfault on --assemble --force with raid10
95 507889 mdadm mdadm: initramfs-tools script is broken, system with root on RAID won't boot
96 507818 mldonkey-server mldonkey-server: mlnet does not start, logs syntax error in downloads.ini
97 507947 moodle moodle: html2text.php is not DFSG-free
98 504918 network-manager Updating to lenny failed when NetworkManager got updated504626 nvidia-glx [nvidia-glx] Quietly drops support for several chipsets
99 504661 nvidia-glx-legacy-96xx-dev nvidia-glx-legacy-96xx-dev: /usr/lib/libGL.so symlink broken
100 507003 open-iscsi initiatorname.iscsi should maybe not be in /etc
101 508351 open-iscsi open-iscsi: will not install, looking for missing /sys/module/scsi_transport_iscsi/version file
102 507865 openoffice.org-writer openoffice.org-writer: OOo 2.4.x openinig OOo 3 files doesn't show text (2.x implements standard wrong)
103 500460 oss-compat oss-compat: modules are not loaded
104 475737 otrs2 otrs2 - makes files in /usr writable by non-root
105 502140 pam cannot unlock screen during etch -> lenny transition
106 508026 phppgadmin phpPgAdmin: Local File Inclusion Vulnerability
107 507915 povray Povray unusable with non-ascii filenames
108 476525 python-hid python-hid: hid module will not import since python policy transition
109 495232 quagga quagga: zebra ignores routes added via command line
110 507071 racoon racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt
111 332782 release-notes release-notes: Where's the license?
112 475958 release-notes document procedure to recover from "/dev/hda became /dev/sda" boot failure
113 506977 release.debian.org FPC: copyright infringement in pre 2.2.2 sources507239 release.debian.org RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code
114 490171 rtorrent rtorrent: random crash
115 506748 rtorrent crash rtorrent by scgi-interface (function: 'fi.get_filename_last')
116 478717 ruby1.9 ruby1.9: FTBFS on hppa: make[1]: *** [all] Segmentation fault
117 507316 smarty smarty: Non-free logo included in package
118 505237 snmpd /etc/init.d/snmpd start reports error if already running
119 506057 splashy splashy: Splashy fails to install due to missing default theme
120 508194 sun-java5 sun-java5: New upstream release fixes several security issues
121 504524 sun-java6 AWT_TOOLKIT=MToolkit causes java to segfault on amd64
122 508265 sysprof-module-source sysprof-module-source: doesn't compile on AMD64 arch (wrong register names)
123 506883 tuxguitar tuxguitar: hard-codes dependencies on libraries
124 508091 tuxguitar maintainer address bounces
125 508257 twiki CVE-2008-5305: TWiki SEARCH variable allows arbitrary shell command execution
126 507996 uim-tcode mazegaki conversion cannot be used
127 503303 upgrade-reports etch -> lenny minimal chrrot upgrade fails due to Conflicts/Pre-Depends loop
128 506741 wireshark wireshark: DoS caused by sending a SMTP request with large content
129 323473 wnpp ITA: mol-drivers-linux -- The Mac-on-Linux emulator - drivers for Linux
130 508322 wodim wodim: Cannot load media. Cannot init drive.
131 504771 wordpress wordpress can be subject of delayed attacks via cookies
132 476210 xbat xbat: game elements do not display properly
133 507576 xbattbar-acpi missing dependency: libconfig
134 507165 xine-lib xine-lib: CVE-2008-5242 heap-based buffer overflow
135 507184 xine-lib xine-lib: CVE-2008-5246 heap overflow
136 508313 xine-lib xine-lib: CVE-2008-5234 heap overflow in atom parsing
137 374644 xine-ui xine-ui: ctrl/shift key press emulation implementation broken
138 506652 xml2rfc Yet another boilerplate change
139 507944 xwhois xwhois: segfaults on start in get_servers()
140 507579 yocto-reader Package installation results in license violation
141 508124 yum Yum crashes when setting-up a CentOS chroot OS
143 (list as of 2008-12-10 at 2240)