]> sipb.mit.edu Git - wiki.git/blobdiff - doc/LennyBugsAll
sipb-www / wiki.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
RootInstance -> root-instance.mdwn
[wiki.git] / doc / LennyBugsAll
diff --git a/doc/LennyBugsAll b/doc/LennyBugsAll
index 713bbc3103888e5508ee5778011ea821530d70c8..5cdc6803900e514d6cf3b7a5243327a1e39445b1 100644 (file)
--- a/doc/LennyBugsAll
+++ b/doc/LennyBugsAll
@@ -7,64 +7,136 @@ Bug list dumped early 2008-12-12.  The pipeline was
 
 Please sort into useful/not useful, add notes, etc.
 
 
 Please sort into useful/not useful, add notes, etc.
 
+----
+
 = Juicy? =
 
 = Juicy? =
 
-Try these!
+All acted on!  See the "Stuff we did" sections below.
+
+
+
+----
+
+= Stuff we did =
+
+== Fixed by SIPB! ==
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436140 436140]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"cdrom: Most of the system's files have a future timestamp causing at least update/config problems."
+(closed by wdaher)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476525 476525] 
+in [http://packages.debian.org/lenny/python-hid python-hid] 
+"python-hid: hid module will not import since python policy transition" 
+(tabbott)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071] 
+[http://packages.debian.org/lenny/racoon racoon] 
+"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt" 
+(fixed by broder)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072] 
+in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools] 
+"libipsec0 packaged in ipsec-tools without development headers" 
+(downgraded by hartmans)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504626 504626] 
+in [http://packages.debian.org/lenny/nvidia-glx nvidia-glx] 
+"[nvidia-glx] Quietly drops support for several chipsets" 
+(downgraded by nelhage)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502845 502845]
+in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
+"open-iscsi: no login using amd64"
+(quentin reassigned; Bastian Blank then lowered priority)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508265 508265]
+in [http://packages.debian.org/lenny/sysprof-module-source sysprof-module-source]
+"sysprof-module-source: doesn't compile on AMD64 arch (wrong register names)"
+(patch added by andersk)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
+in [http://packages.debian.org/lenny/splashy splashy]
+"splashy: Splashy fails to install due to missing default theme"
+(fix suggestion added by ecprice with help from tabbott and fawkes)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748]
+in [http://packages.debian.org/lenny/rtorrent rtorrent]
+"crash rtorrent by scgi-interface (function: 'fi.get_filename_last')"
+(submitted patch that disables broken RPC; leaving to maintainer to decide if this is what he wants to do)
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426465 426465]
 in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
 "/init exports MODPROBE_OPTIONS=-qb"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426465 426465]
 in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
 "/init exports MODPROBE_OPTIONS=-qb"
-[[BR]](Note: real bug report is near bottom.)
+[[BR]](patch added by price)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489501 489501]
+in [http://packages.debian.org/lenny/zekr zekr]
+"zekr depends on libxul0d"
+[[BR]](mako tweaked and sponsored fix by Asheesh Laroia)
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476525 476525]
-in [http://packages.debian.org/lenny/python-hid python-hid]
-"python-hid: hid module will not import since python policy transition"
-[[BR]](Note: have patch, looks messy, looks like not-too-hard bug to fix well.)
+== Waiting on feedback ==
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502140 502140]
+in [http://packages.debian.org/lenny/pam pam]
+"cannot unlock screen during etch -> lenny transition"
+(hartmans added comment)
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481072 481072]
 in [http://packages.debian.org/lenny/dk-filter dk-filter]
 "dk-filter reliably crashes upon connection from postfix"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481072 481072]
 in [http://packages.debian.org/lenny/dk-filter dk-filter]
 "dk-filter reliably crashes upon connection from postfix"
-[[BR]](Note: bug report, little followup.  Test, reproduce, debug, fix.)
+[[BR]](quentin couldn't reproduce)
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
-in [http://packages.debian.org/lenny/splashy splashy]
-"splashy: Splashy fails to install due to missing default theme"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507883 507883]
+in [http://packages.debian.org/lenny/asterisk asterisk]
+"asterisk: Very frequent segfaults on startup"
+(quentin couldn't reproduce)
 
 
-These ones are only about 2 weeks old:
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037]
+in [http://packages.debian.org/lenny/fenix fenix]
+"fenix: not 64 bit clean"[[BR]]
+(ezyang observed upstream's website looks ~dead)
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071]
-in [http://packages.debian.org/lenny/racoon racoon]
-"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072]
-in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools]
-"libipsec0 packaged in ipsec-tools without development headers"
 
 
-= Specific hardware =
 
 
-If you have the relevant hardware you could help a lot.
+----
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394963 394963]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"installation: Problems with dual booting Dell D600 with winXP pro in the first partition (hd0, 0). After installing the Dell Etch Beta 3, Windows fails to boot and I get the blue screen of death."
+= Fun stuff to read =
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418972 418972]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"cdrom: Etch does not detect CD-ROM on Acer Aspire 7100"
+== Flamewars ==
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478717 478717]
-in [http://packages.debian.org/lenny/ruby1.9 ruby1.9]
-"ruby1.9: FTBFS on hppa: make[1]: *** [all] Segmentation fault"
+You might enjoy reading these, but they may not be good targets to fix.
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499078 499078]
-in [http://packages.debian.org/lenny/jfsutils jfsutils]
-"jfsutils: Bus Error when running fsck.jfs on sparc"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737]
+in [http://packages.debian.org/lenny/otrs2 otrs2]
+"otrs2 - makes files in /usr writable by non-root"
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501804 501804]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"installation-reports: Lenny b2 install on ThinkPad X61 - fails to detect hard disk"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
+in [http://packages.debian.org/lenny/wordpress wordpress]
+"wordpress can be subject of delayed attacks via cookies"
+
+For this one, the actual flameware is off the bug report log.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"longstanding DFSG violations in linux-2.6 package"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747]
+in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk]
+"gnu-fdisk: wipes out MBR when used on GPT partitions"
+
+
+== Would have been fun ==
+
+Entertaining to read but sadly already fixed.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506961 506961]
+in auctex
+"auctex: reuses old logfile on emacsen upgrades, enabling symlink attack"
 
 
-= Examples =
+
+== Examples to live up to ==
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496954 496954]
 in [http://packages.debian.org/lenny/bind9 bind9]
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496954 496954]
 in [http://packages.debian.org/lenny/bind9 bind9]
@@ -73,18 +145,7 @@ in [http://packages.debian.org/lenny/bind9 bind9]
 got the first reproducible testcase, and sent that upstream, which swiftly produced a fix.
 
 
 got the first reproducible testcase, and sent that upstream, which swiftly produced a fix.
 
 
-= May be a lot of work =
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037]
-in [http://packages.debian.org/lenny/fenix fenix]
-"fenix: not 64 bit clean"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490171 490171]
-in [http://packages.debian.org/lenny/rtorrent rtorrent]
-"rtorrent: random crash"
-[[BR]](Reproducing this seems to require runnin 20+ torrents for a ~day)
-
-= Puzzling =
+== Puzzling ==
 
 Someone please explain what's going on (Debian Project-wise) in these bugs.
 
 
 Someone please explain what's going on (Debian Project-wise) in these bugs.
 
@@ -94,65 +155,52 @@ in [http://packages.debian.org/lenny/wnpp wnpp]
 [[BR]](Note: The bug is for someone to take over maintainership.  They did.  Then when the bug gets automatically archived, they reply saying to keep it?  I (price) don't understand.)
 
 
 [[BR]](Note: The bug is for someone to take over maintainership.  They did.  Then when the bug gets automatically archived, they reply saying to keep it?  I (price) don't understand.)
 
 
-= Unclassified =
 
 
-Please read these reports and figure out what category they belong in.  Or make a new category.
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436140 436140]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"cdrom: Most of the system's files have a future timestamp causing at least update/config problems."
+----
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490999 490999]
-in [http://packages.debian.org/lenny/libqt3-mt libqt3-mt]
-"kicker: crashes on startup"
+= Not so ripe for us to fix =
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494293 494293]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"installation-reports: Grub error: not a regular file..."
+== Specific hardware ==
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232 495232]
-in [http://packages.debian.org/lenny/quagga quagga]
-"quagga: zebra ignores routes added via command line"
+If you have the relevant hardware you could help a lot.
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495603 495603]
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394963 394963]
 in [http://packages.debian.org/lenny/installation-reports installation-reports]
 in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"grub-installer fails on a FSC Primergy RX300 with a level 5 RAID"
+"installation: Problems with dual booting Dell D600 with winXP pro in the first partition (hd0, 0). After installing the Dell Etch Beta 3, Windows fails to boot and I get the blue screen of death."
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460]
-in [http://packages.debian.org/lenny/oss-compat oss-compat]
-"oss-compat: modules are not loaded"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418972 418972]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"cdrom: Etch does not detect CD-ROM on Acer Aspire 7100"
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501800 501800]
-in [http://packages.debian.org/lenny/bind9 bind9]
-"bind9: bind crashes with a list for allow-update"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478717 478717]
+in [http://packages.debian.org/lenny/ruby1.9 ruby1.9]
+"ruby1.9: FTBFS on hppa: make[1]: *** [all] Segmentation fault"
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502140 502140]
-in [http://packages.debian.org/lenny/pam pam]
-"cannot unlock screen during etch -> lenny transition"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499078 499078]
+in [http://packages.debian.org/lenny/jfsutils jfsutils]
+"jfsutils: Bus Error when running fsck.jfs on sparc"
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502751 502751]
-in [http://packages.debian.org/lenny/clamav-getfiles clamav-getfiles]
-"clamav-getfiles: piuparts test fails: eicar.com md5sum mismatch, file needs downloading"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501804 501804]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"installation-reports: Lenny b2 install on ThinkPad X61 - fails to detect hard disk"
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503303 503303]
-in [http://packages.debian.org/lenny/upgrade-reports upgrade-reports]
-"etch -> lenny minimal chrrot upgrade fails due to Conflicts/Pre-Depends loop"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495603 495603]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"grub-installer fails on a FSC Primergy RX300 with a level 5 RAID"
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532 503532]
-in [http://packages.debian.org/lenny/dbus dbus]
-"send_requested_reply="true" allows all non-reply messages"
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503712 503712]
-in [http://packages.debian.org/lenny/ghostscript ghostscript]
-"etch->lenny upgrade left the system in broken state"
+== May be a lot of work ==
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490171 490171]
+in [http://packages.debian.org/lenny/rtorrent rtorrent]
+"rtorrent: random crash"
+[[BR]](Reproducing this seems to require runnin 20+ torrents for a ~day)
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504524 504524]
-in [http://packages.debian.org/lenny/sun-java6 sun-java6]
-"AWT_TOOLKIT=MToolkit causes java to segfault on amd64"
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504626 504626]
-in [http://packages.debian.org/lenny/nvidia-glx nvidia-glx]
-"[nvidia-glx] Quietly drops support for several chipsets"
+== Unclassified ==
+
+Please read these reports and figure out what category they belong in.  Or make a new category.
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504661 504661]
 in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legacy-96xx-dev]
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504661 504661]
 in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legacy-96xx-dev]
@@ -162,32 +210,12 @@ in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legac
 in [http://packages.debian.org/lenny/network-manager network-manager]
 "Updating to lenny failed when NetworkManager got updated"
 
 in [http://packages.debian.org/lenny/network-manager network-manager]
 "Updating to lenny failed when NetworkManager got updated"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237]
-in [http://packages.debian.org/lenny/snmpd snmpd]
-"/etc/init.d/snmpd start reports error if already running"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748]
-in [http://packages.debian.org/lenny/rtorrent rtorrent]
-"crash rtorrent by scgi-interface (function: 'fi.get_filename_last')"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506853 506853]
-in [http://packages.debian.org/lenny/libgnutls26 libgnutls26]
-"libgnutls26: 2.4.2-3 breaks OpenLDAP access"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507003 507003]
-in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
-"initiatorname.iscsi should maybe not be in /etc"
-
-= Unclassified Security =
+== Unclassified Security ==
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
 in [http://packages.debian.org/lenny/icedove icedove]
 "Mozilla Thunderbird Multiple Vulnerabilities"
 
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
 in [http://packages.debian.org/lenny/icedove icedove]
 "Mozilla Thunderbird Multiple Vulnerabilities"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
-in [http://packages.debian.org/lenny/mailscanner mailscanner]
-"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165]
 in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5242 heap-based buffer overflow"
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165]
 in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5242 heap-based buffer overflow"
@@ -196,23 +224,11 @@ in [http://packages.debian.org/lenny/xine-lib xine-lib]
 in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5246 heap overflow"
 
 in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5246 heap overflow"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
-in [http://packages.debian.org/lenny/wireshark wireshark]
-"wireshark: DoS caused by sending a SMTP request with large content"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977]
 in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
 "ffmpeg-debian: Several security issues"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977]
 in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
 "ffmpeg-debian: Several security issues"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
-in [http://packages.debian.org/lenny/wordpress wordpress]
-"wordpress can be subject of delayed attacks via cookies"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
-in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
-"CVE-2007-3215: phpmailer issue (embedded code-copy)"
-
-= Fresh bugs =
+== Fresh bugs ==
 
 These are very recent and presumably will get dealt with by the package maintainers without help.
 
 
 These are very recent and presumably will get dealt with by the package maintainers without help.
 
@@ -248,34 +264,14 @@ in [http://packages.debian.org/lenny/mldonkey-server mldonkey-server]
 in [http://packages.debian.org/lenny/openoffice.org-writer openoffice.org-writer]
 "openoffice.org-writer: OOo 2.4.x openinig OOo 3 files doesn't show text (2.x implements standard wrong)"
 
 in [http://packages.debian.org/lenny/openoffice.org-writer openoffice.org-writer]
 "openoffice.org-writer: OOo 2.4.x openinig OOo 3 files doesn't show text (2.x implements standard wrong)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507883 507883]
-in [http://packages.debian.org/lenny/asterisk asterisk]
-"asterisk: Very frequent segfaults on startup"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507889 507889]
 in [http://packages.debian.org/lenny/mdadm mdadm]
 "mdadm: initramfs-tools script is broken, system with root on RAID won't boot"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507889 507889]
 in [http://packages.debian.org/lenny/mdadm mdadm]
 "mdadm: initramfs-tools script is broken, system with root on RAID won't boot"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507947 507947]
-in [http://packages.debian.org/lenny/moodle moodle]
-"moodle: html2text.php is not DFSG-free"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507996 507996]
 in [http://packages.debian.org/lenny/uim-tcode uim-tcode]
 "mazegaki conversion cannot be used"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507996 507996]
 in [http://packages.debian.org/lenny/uim-tcode uim-tcode]
 "mazegaki conversion cannot be used"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508026 508026]
-in [http://packages.debian.org/lenny/phppgadmin phppgadmin]
-"phpPgAdmin: Local File Inclusion Vulnerability"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508091 508091]
-in [http://packages.debian.org/lenny/tuxguitar tuxguitar]
-"maintainer address bounces"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508124 508124]
-in [http://packages.debian.org/lenny/python-m2crypto python-m2crypto]
-"Yum crashes when setting-up a CentOS chroot OS"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508133 508133]
 in [http://packages.debian.org/lenny/libmad0 libmad0]
 "audacity: munmap_chunk(): invalid pointer: 0x00000000026f4eb0"
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508133 508133]
 in [http://packages.debian.org/lenny/libmad0 libmad0]
 "audacity: munmap_chunk(): invalid pointer: 0x00000000026f4eb0"
@@ -284,14 +280,6 @@ in [http://packages.debian.org/lenny/libmad0 libmad0]
 in [http://packages.debian.org/lenny/sun-java5 sun-java5]
 "sun-java5: New upstream release fixes several security issues"
 
 in [http://packages.debian.org/lenny/sun-java5 sun-java5]
 "sun-java5: New upstream release fixes several security issues"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508257 508257]
-in [http://packages.debian.org/lenny/twiki twiki]
-"CVE-2008-5305: TWiki SEARCH variable allows arbitrary shell command execution"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508265 508265]
-in [http://packages.debian.org/lenny/sysprof-module-source sysprof-module-source]
-"sysprof-module-source: doesn't compile on AMD64 arch (wrong register names)"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508313 508313]
 in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5234 heap overflow in atom parsing"
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508313 508313]
 in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5234 heap overflow in atom parsing"
@@ -316,10 +304,6 @@ in [http://packages.debian.org/lenny/imagemagick imagemagick]
 in [http://packages.debian.org/lenny/iodbc iodbc]
 "iodbc: Segfaults when asking for the available DSNs"
 
 in [http://packages.debian.org/lenny/iodbc iodbc]
 "iodbc: Segfaults when asking for the available DSNs"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508510 508510]
-in [http://packages.debian.org/lenny/debget debget]
-"Can't parse packages.debian.org output anymore"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508392 508392]
 in [http://packages.debian.org/lenny/dpkg dpkg]
 "Handling of conflicting conffiles broken"
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508392 508392]
 in [http://packages.debian.org/lenny/dpkg dpkg]
 "Handling of conflicting conffiles broken"
@@ -332,26 +316,26 @@ in [http://packages.debian.org/lenny/f2c f2c]
 in [http://packages.debian.org/lenny/merkaartor merkaartor]
 "merkaartor: crash on startup: QPaintEngine::setSystemClip: Should not be change
 
 in [http://packages.debian.org/lenny/merkaartor merkaartor]
 "merkaartor: crash on startup: QPaintEngine::setSystemClip: Should not be change
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502845 502845]
-in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
-"open-iscsi: no login using amd64"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508589 508589]
 in [http://packages.debian.org/lenny/linux-2.6 linux-2.6]
 "ppp: USB Modem removal after PPP exits kills keyboard"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508589 508589]
 in [http://packages.debian.org/lenny/linux-2.6 linux-2.6]
 "ppp: USB Modem removal after PPP exits kills keyboard"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508635 508635]
-in [http://packages.debian.org/lenny/libexif-gtk-dev libexif-gtk-dev]
-"libexif-gtk-dev: References no longer existing libXcursor.la"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508660 508660]
+in [http://packages.debian.org/lenny/autopkgtest-xenlvm autopkgtest-xenlvm]
+"adtxenlvm: initscript assumes eth0"
 
 
-= Mostly solved? =
+== Mostly solved? ==
 
 These look like good progress is being made and they'll get fixed
 soon. Do we need a DD to do an NMU on any of these?
 
 
 These look like good progress is being made and they'll get fixed
 soon. Do we need a DD to do an NMU on any of these?
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
-in [http://packages.debian.org/lenny/smarty smarty]
-"smarty: Non-free logo included in package"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
+in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
+"CVE-2007-3215: phpmailer issue (embedded code-copy)"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508510 508510]
+in [http://packages.debian.org/lenny/debget debget]
+"Can't parse packages.debian.org output anymore"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782]
 in [http://packages.debian.org/lenny/release-notes release-notes]
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782]
 in [http://packages.debian.org/lenny/release-notes release-notes]
@@ -380,12 +364,63 @@ in [http://packages.debian.org/lenny/mdadm mdadm]
 "mdadm segfault on --assemble --force with raid10"
 [[BR]]Seems to be fixed and uploaded, but got reopened for some reason?
 
 "mdadm segfault on --assemble --force with raid10"
 [[BR]]Seems to be fixed and uploaded, but got reopened for some reason?
 
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374644 374644] in [http://packages.debian.org/lenny/xine-ui xine-ui]
 "xine-ui: ctrl/shift key press emulation implementation broken"
 [[BR]](Note: There's a patch that may be good enough -- blocking on some guy responding)
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374644 374644] in [http://packages.debian.org/lenny/xine-ui xine-ui]
 "xine-ui: ctrl/shift key press emulation implementation broken"
 [[BR]](Note: There's a patch that may be good enough -- blocking on some guy responding)
 
-= Not much of use one can do =
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237]
+in [http://packages.debian.org/lenny/snmpd snmpd]
+"/etc/init.d/snmpd start reports error if already running"
+(Note: fixed, waiting on an upload?)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508257 508257]
+in [http://packages.debian.org/lenny/twiki twiki]
+"CVE-2008-5305: TWiki SEARCH variable allows arbitrary shell command execution"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508026 508026]
+in [http://packages.debian.org/lenny/phppgadmin phppgadmin]
+"phpPgAdmin: Local File Inclusion Vulnerability"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501800 501800]
+in [http://packages.debian.org/lenny/bind9 bind9]
+"bind9: bind crashes with a list for allow-update"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532 503532]
+in [http://packages.debian.org/lenny/dbus dbus]
+"send_requested_reply="true" allows all non-reply messages"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
+in [http://packages.debian.org/lenny/wireshark wireshark]
+"wireshark: DoS caused by sending a SMTP request with large content"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503303 503303]
+in [http://packages.debian.org/lenny/upgrade-reports upgrade-reports]
+"etch -> lenny minimal chrrot upgrade fails due to Conflicts/Pre-Depends loop"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504524 504524]
+in [http://packages.debian.org/lenny/sun-java6 sun-java6]
+"AWT_TOOLKIT=MToolkit causes java to segfault on amd64"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503712 503712]
+in [http://packages.debian.org/lenny/ghostscript ghostscript]
+"etch->lenny upgrade left the system in broken state"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508635 508635]
+in [http://packages.debian.org/lenny/libexif-gtk-dev libexif-gtk-dev]
+"libexif-gtk-dev: References no longer existing libXcursor.la"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460]
+in [http://packages.debian.org/lenny/oss-compat oss-compat]
+"oss-compat: modules are not loaded"
+
+
+== Not much of use one can do ==
+
+(waiting on reporter to reproduce)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494293 494293]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"installation-reports: Grub error: not a regular file..."
 
 (this one looks like it'll be removed from Lenny or have amd64 disabled)
 
 
 (this one looks like it'll be removed from Lenny or have amd64 disabled)
 
@@ -405,34 +440,46 @@ in [http://packages.debian.org/lenny/amule-daemon amule-daemon]
 in [http://packages.debian.org/lenny/xml2rfc xml2rfc]
 "Yet another boilerplate change"
 
 in [http://packages.debian.org/lenny/xml2rfc xml2rfc]
 "Yet another boilerplate change"
 
-= Flamewars =
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490999 490999]
+in [http://packages.debian.org/lenny/libqt3-mt libqt3-mt]
+"kicker: crashes on startup"
 
 
-You might enjoy reading these, but they may not be good targets to fix.
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507947 507947]
+in [http://packages.debian.org/lenny/moodle moodle]
+"moodle: html2text.php is not DFSG-free"
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737]
-in [http://packages.debian.org/lenny/otrs2 otrs2]
-"otrs2 - makes files in /usr writable by non-root"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232 495232]
+in [http://packages.debian.org/lenny/quagga quagga]
+"quagga: zebra ignores routes added via command line"
 
 
-For this one, the actual flameware is off the bug report log.
+(misc)
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
-in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
-"longstanding DFSG violations in linux-2.6 package"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508091 508091]
+in [http://packages.debian.org/lenny/tuxguitar tuxguitar]
+"maintainer address bounces"
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747]
-in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk]
-"gnu-fdisk: wipes out MBR when used on GPT partitions"
+(trivial fix may cause regression, may punt)
 
 
-= Would have been fun =
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507003 507003]
+in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
+"initiatorname.iscsi should maybe not be in /etc"
 
 
-Entertaining to read but sadly already fixed.
+(legal issue involving non-free file)
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506961 506961]
-in auctex
-"auctex: reuses old logfile on emacsen upgrades, enabling symlink attack"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502751 502751]
+in [http://packages.debian.org/lenny/clamav-getfiles clamav-getfiles]
+"clamav-getfiles: piuparts test fails: eicar.com md5sum mismatch, file needs downloading"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
+in [http://packages.debian.org/lenny/mailscanner mailscanner]
+"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
+in [http://packages.debian.org/lenny/smarty smarty]
+"smarty: Non-free logo included in package"
 
 
 
 
-= Special team bugs =
+== Special team bugs ==
 
 These bugs are probably not good targets because the work involved with them at this point is to be done by someone on a special Debian team.
 
 
 These bugs are probably not good targets because the work involved with them at this point is to be done by someone on a special Debian team.
 
@@ -502,6 +549,7 @@ in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497471 497471]
 in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497471 497471]
 in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
+
 "sarge images have syslinux binaries without source"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506977 506977]
 "sarge images have syslinux binaries without source"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506977 506977]
@@ -514,6 +562,10 @@ in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
 
 This one is fixed in experimental:
 
 
 This one is fixed in experimental:
 
+
+
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503907 503907]
 in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1]
 "epiphany-webkit: Crashes at startup whenever I go to a site."
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503907 503907]
 in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1]
 "epiphany-webkit: Crashes at startup whenever I go to a site."
+
+
sipb.mit.edu wiki pages