"dk-filter reliably crashes upon connection from postfix"
[[BR]](Note: bug report, little followup. Test, reproduce, debug, fix.)
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
+in [http://packages.debian.org/lenny/splashy splashy]
+"splashy: Splashy fails to install due to missing default theme"
+
+These ones are only about 2 weeks old:
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071]
+in [http://packages.debian.org/lenny/racoon racoon]
+"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072]
+in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools]
+"libipsec0 packaged in ipsec-tools without development headers"
= Specific hardware =
in [http://packages.debian.org/lenny/mdadm mdadm]
"mdadm segfault on --assemble --force with raid10"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497471 497471]
-in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
-"sarge images have syslinux binaries without source"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
-in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
-"longstanding DFSG violations in linux-2.6 package"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460]
in [http://packages.debian.org/lenny/oss-compat oss-compat]
"oss-compat: modules are not loaded"
in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1]
"epiphany-webkit: Crashes at startup whenever I go to a site."
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
-in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
-"CVE-2007-3215: phpmailer issue (embedded code-copy)"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504373 504373]
in [http://packages.debian.org/lenny/libtemplate-perl libtemplate-perl]
"libtemplate-perl: Upgrade from etch breaks code using DBI plugins"
in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk]
"gnu-fdisk: wipes out MBR when used on GPT partitions"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
-in [http://packages.debian.org/lenny/wordpress wordpress]
-"wordpress can be subject of delayed attacks via cookies"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918]
in [http://packages.debian.org/lenny/network-manager network-manager]
"Updating to lenny failed when NetworkManager got updated"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977]
-in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
-"ffmpeg-debian: Several security issues"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237]
in [http://packages.debian.org/lenny/snmpd snmpd]
"/etc/init.d/snmpd start reports error if already running"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
-in [http://packages.debian.org/lenny/icedove icedove]
-"Mozilla Thunderbird Multiple Vulnerabilities"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
-in [http://packages.debian.org/lenny/splashy splashy]
-"splashy: Splashy fails to install due to missing default theme"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
-in [http://packages.debian.org/lenny/mailscanner mailscanner]
-"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652]
-in [http://packages.debian.org/lenny/xml2rfc xml2rfc]
-"Yet another boilerplate change"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
-in [http://packages.debian.org/lenny/wireshark wireshark]
-"wireshark: DoS caused by sending a SMTP request with large content"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748]
in [http://packages.debian.org/lenny/rtorrent rtorrent]
"crash rtorrent by scgi-interface (function: 'fi.get_filename_last')"
in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
"initiatorname.iscsi should maybe not be in /etc"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507021 507021]
-in [http://packages.debian.org/lenny/helpdeco helpdeco]
-"Fails to work on amd64"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507059 507059]
in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
"initramfs-tools: Wrong check for udevadm in functions"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071]
-in [http://packages.debian.org/lenny/racoon racoon]
-"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239]
+in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
+"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072]
-in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools]
-"libipsec0 packaged in ipsec-tools without development headers"
+= Unclassified Security =
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
+in [http://packages.debian.org/lenny/icedove icedove]
+"Mozilla Thunderbird Multiple Vulnerabilities"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
+in [http://packages.debian.org/lenny/mailscanner mailscanner]
+"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165]
in [http://packages.debian.org/lenny/xine-lib xine-lib]
in [http://packages.debian.org/lenny/xine-lib xine-lib]
"xine-lib: CVE-2008-5246 heap overflow"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239]
-in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
-"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
+in [http://packages.debian.org/lenny/wireshark wireshark]
+"wireshark: DoS caused by sending a SMTP request with large content"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242]
-in [http://packages.debian.org/lenny/amule-daemon amule-daemon]
-"amule-daemon: causes OOM's by leaking lots of memory"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977]
+in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
+"ffmpeg-debian: Several security issues"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
-in [http://packages.debian.org/lenny/smarty smarty]
-"smarty: Non-free logo included in package"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
+in [http://packages.debian.org/lenny/wordpress wordpress]
+"wordpress can be subject of delayed attacks via cookies"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
+in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
+"CVE-2007-3215: phpmailer issue (embedded code-copy)"
= Fresh bugs =
These look like good progress is being made and they'll get fixed soon.
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
+in [http://packages.debian.org/lenny/smarty smarty]
+"smarty: Non-free logo included in package"
+
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782]
in [http://packages.debian.org/lenny/release-notes release-notes]
"release-notes: Where's the license?"
in [http://packages.debian.org/lenny/libjs-jquery libjs-jquery]
"libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js"
+= Not much of use one can do =
+
+(this one looks like it'll be removed from Lenny or have amd64 disabled)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507021 507021]
+in [http://packages.debian.org/lenny/helpdeco helpdeco]
+"Fails to work on amd64"
+
+(this one looks the maintainer has labeled unreproducible)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242]
+in [http://packages.debian.org/lenny/amule-daemon amule-daemon]
+"amule-daemon: causes OOM's by leaking lots of memory"
+
+(waiting on upstream)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652]
+in [http://packages.debian.org/lenny/xml2rfc xml2rfc]
+"Yet another boilerplate change"
+
= Flamewars =
You might enjoy reading these, but they may not be good targets to fix.
in [http://packages.debian.org/lenny/otrs2 otrs2]
"otrs2 - makes files in /usr writable by non-root"
+For this one, the actual flameware is off the bug report log.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"longstanding DFSG violations in linux-2.6 package"
= Would have been fun =
"auctex: reuses old logfile on emacsen upgrades, enabling symlink attack"
-= Ftpmaster bugs =
+= Special team bugs =
-These bugs are probably not good targets because the work involved with them is easy for either the maintainer or ftpmasters to fix.
+These bugs are probably not good targets because the work involved with them is to be done by someone on a special Debian team.
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451628 451628]
in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507678 507678]
in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
"libsqlite3-0 should have priority standard"
+
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507775 507775]
in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
"libkeyutils1 should have priority standard"
in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
"libpci3 must have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497471 497471]
+in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
+"sarge images have syslinux binaries without source"
+