(no commit message)
[wiki.git] / doc / LennyBugsAll
index 1a2faea458c74bce41cf3e2694b0953b7c3412ef..be4eab31d459ed1347be423093654c3a7f74ec9e 100644 (file)
@@ -30,6 +30,19 @@ in [http://packages.debian.org/lenny/dk-filter dk-filter]
 "dk-filter reliably crashes upon connection from postfix"
 [[BR]](Note: bug report, little followup.  Test, reproduce, debug, fix.)
 
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
+in [http://packages.debian.org/lenny/splashy splashy]
+"splashy: Splashy fails to install due to missing default theme"
+
+These ones are only about 2 weeks old:
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071]
+in [http://packages.debian.org/lenny/racoon racoon]
+"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072]
+in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools]
+"libipsec0 packaged in ipsec-tools without development headers"
 
 = Specific hardware =
 
@@ -112,10 +125,6 @@ in [http://packages.debian.org/lenny/mdadm mdadm]
 in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
 "sarge images have syslinux binaries without source"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
-in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
-"longstanding DFSG violations in linux-2.6 package"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460]
 in [http://packages.debian.org/lenny/oss-compat oss-compat]
 "oss-compat: modules are not loaded"
@@ -152,10 +161,6 @@ in [http://packages.debian.org/lenny/ghostscript ghostscript]
 in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1]
 "epiphany-webkit: Crashes at startup whenever I go to a site."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
-in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
-"CVE-2007-3215: phpmailer issue (embedded code-copy)"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504373 504373]
 in [http://packages.debian.org/lenny/libtemplate-perl libtemplate-perl]
 "libtemplate-perl: Upgrade from etch breaks code using DBI plugins"
@@ -176,42 +181,14 @@ in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legac
 in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk]
 "gnu-fdisk: wipes out MBR when used on GPT partitions"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
-in [http://packages.debian.org/lenny/wordpress wordpress]
-"wordpress can be subject of delayed attacks via cookies"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918]
 in [http://packages.debian.org/lenny/network-manager network-manager]
 "Updating to lenny failed when NetworkManager got updated"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977]
-in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
-"ffmpeg-debian: Several security issues"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237]
 in [http://packages.debian.org/lenny/snmpd snmpd]
 "/etc/init.d/snmpd start reports error if already running"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
-in [http://packages.debian.org/lenny/icedove icedove]
-"Mozilla Thunderbird Multiple Vulnerabilities"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
-in [http://packages.debian.org/lenny/splashy splashy]
-"splashy: Splashy fails to install due to missing default theme"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
-in [http://packages.debian.org/lenny/mailscanner mailscanner]
-"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652]
-in [http://packages.debian.org/lenny/xml2rfc xml2rfc]
-"Yet another boilerplate change"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
-in [http://packages.debian.org/lenny/wireshark wireshark]
-"wireshark: DoS caused by sending a SMTP request with large content"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748]
 in [http://packages.debian.org/lenny/rtorrent rtorrent]
 "crash rtorrent by scgi-interface (function: 'fi.get_filename_last')"
@@ -232,13 +209,19 @@ in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
 in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
 "initramfs-tools: Wrong check for udevadm in functions"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071]
-in [http://packages.debian.org/lenny/racoon racoon]
-"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239]
+in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
+"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072]
-in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools]
-"libipsec0 packaged in ipsec-tools without development headers"
+= Unclassified Security =
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
+in [http://packages.debian.org/lenny/icedove icedove]
+"Mozilla Thunderbird Multiple Vulnerabilities"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
+in [http://packages.debian.org/lenny/mailscanner mailscanner]
+"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165]
 in [http://packages.debian.org/lenny/xine-lib xine-lib]
@@ -248,18 +231,21 @@ in [http://packages.debian.org/lenny/xine-lib xine-lib]
 in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5246 heap overflow"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239]
-in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
-"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
+in [http://packages.debian.org/lenny/wireshark wireshark]
+"wireshark: DoS caused by sending a SMTP request with large content"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242]
-in [http://packages.debian.org/lenny/amule-daemon amule-daemon]
-"amule-daemon: causes OOM's by leaking lots of memory"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977]
+in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
+"ffmpeg-debian: Several security issues"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
-in [http://packages.debian.org/lenny/smarty smarty]
-"smarty: Non-free logo included in package"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
+in [http://packages.debian.org/lenny/wordpress wordpress]
+"wordpress can be subject of delayed attacks via cookies"
 
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
+in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
+"CVE-2007-3215: phpmailer issue (embedded code-copy)"
 
 = Fresh bugs =
 
@@ -399,6 +385,10 @@ in [http://packages.debian.org/lenny/debget debget]
 
 These look like good progress is being made and they'll get fixed soon.
 
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
+in [http://packages.debian.org/lenny/smarty smarty]
+"smarty: Non-free logo included in package"
+
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782]
 in [http://packages.debian.org/lenny/release-notes release-notes]
 "release-notes: Where's the license?"
@@ -420,11 +410,26 @@ in [http://packages.debian.org/lenny/tuxguitar tuxguitar]
 in [http://packages.debian.org/lenny/libjs-jquery libjs-jquery]
 "libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js"
 
+= Not much of use one can do =
+
 (this one looks like it'll be removed from Lenny or have amd64 disabled)
+
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507021 507021]
 in [http://packages.debian.org/lenny/helpdeco helpdeco]
 "Fails to work on amd64"
 
+(this one looks the maintainer has labeled unreproducible)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242]
+in [http://packages.debian.org/lenny/amule-daemon amule-daemon]
+"amule-daemon: causes OOM's by leaking lots of memory"
+
+(waiting on upstream)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652]
+in [http://packages.debian.org/lenny/xml2rfc xml2rfc]
+"Yet another boilerplate change"
+
 = Flamewars =
 
 You might enjoy reading these, but they may not be good targets to fix.
@@ -433,6 +438,11 @@ You might enjoy reading these, but they may not be good targets to fix.
 in [http://packages.debian.org/lenny/otrs2 otrs2]
 "otrs2 - makes files in /usr writable by non-root"
 
+For this one, the actual flameware is off the bug report log.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"longstanding DFSG violations in linux-2.6 package"
 
 = Would have been fun =