Please sort into useful/not useful, add notes, etc.
+----
+
= Juicy? =
-Try these!
+All acted on! See the "Stuff we did" sections below.
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426465 426465]
-in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
-"/init exports MODPROBE_OPTIONS=-qb"
-[[BR]](Note: real bug report is near bottom.)
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476525 476525]
-in [http://packages.debian.org/lenny/python-hid python-hid]
-"python-hid: hid module will not import since python policy transition"
-[[BR]](Note: have patch, looks messy, looks like not-too-hard bug to fix well.)
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481072 481072]
-in [http://packages.debian.org/lenny/dk-filter dk-filter]
-"dk-filter reliably crashes upon connection from postfix"
-[[BR]](Note: bug report, little followup. Test, reproduce, debug, fix.)
+----
+
+= Stuff we did =
+
+== Fixed by SIPB! ==
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436140 436140]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"cdrom: Most of the system's files have a future timestamp causing at least update/config problems."
+(closed by wdaher)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476525 476525]
+in [http://packages.debian.org/lenny/python-hid python-hid]
+"python-hid: hid module will not import since python policy transition"
+(tabbott)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071]
+[http://packages.debian.org/lenny/racoon racoon]
+"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
+(fixed by broder)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072]
+in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools]
+"libipsec0 packaged in ipsec-tools without development headers"
+(downgraded by hartmans)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504626 504626]
+in [http://packages.debian.org/lenny/nvidia-glx nvidia-glx]
+"[nvidia-glx] Quietly drops support for several chipsets"
+(downgraded by nelhage)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502845 502845]
+in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
+"open-iscsi: no login using amd64"
+(quentin reassigned; Bastian Blank then lowered priority)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508265 508265]
+in [http://packages.debian.org/lenny/sysprof-module-source sysprof-module-source]
+"sysprof-module-source: doesn't compile on AMD64 arch (wrong register names)"
+(patch added by andersk)
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
in [http://packages.debian.org/lenny/splashy splashy]
"splashy: Splashy fails to install due to missing default theme"
+(fix suggestion added by ecprice with help from tabbott and fawkes)
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748]
in [http://packages.debian.org/lenny/rtorrent rtorrent]
"crash rtorrent by scgi-interface (function: 'fi.get_filename_last')"
-[[BR]]This is fixed in experimental, but in a newer, less-stable version; Someone might be able to backport the fix.
+(submitted patch that disables broken RPC; leaving to maintainer to decide if this is what he wants to do)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426465 426465]
+in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
+"/init exports MODPROBE_OPTIONS=-qb"
+[[BR]](patch added by price)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489501 489501]
+in [http://packages.debian.org/lenny/zekr zekr]
+"zekr depends on libxul0d"
+[[BR]](mako tweaked and sponsored fix by Asheesh Laroia)
+
+== Waiting on feedback ==
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502140 502140]
+in [http://packages.debian.org/lenny/pam pam]
+"cannot unlock screen during etch -> lenny transition"
+(hartmans added comment)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481072 481072]
+in [http://packages.debian.org/lenny/dk-filter dk-filter]
+"dk-filter reliably crashes upon connection from postfix"
+[[BR]](quentin couldn't reproduce)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507883 507883]
+in [http://packages.debian.org/lenny/asterisk asterisk]
+"asterisk: Very frequent segfaults on startup"
+(quentin couldn't reproduce)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037]
+in [http://packages.debian.org/lenny/fenix fenix]
+"fenix: not 64 bit clean"[[BR]]
+(ezyang observed upstream's website looks ~dead)
+
+
+
+
+----
+
+= Fun stuff to read =
+
+== Flamewars ==
+
+You might enjoy reading these, but they may not be good targets to fix.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737]
+in [http://packages.debian.org/lenny/otrs2 otrs2]
+"otrs2 - makes files in /usr writable by non-root"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
+in [http://packages.debian.org/lenny/wordpress wordpress]
+"wordpress can be subject of delayed attacks via cookies"
-These ones are only about 2 weeks old:
+For this one, the actual flameware is off the bug report log.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"longstanding DFSG violations in linux-2.6 package"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747]
+in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk]
+"gnu-fdisk: wipes out MBR when used on GPT partitions"
+
+
+== Would have been fun ==
+
+Entertaining to read but sadly already fixed.
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071]
-in [http://packages.debian.org/lenny/racoon racoon]
-"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506961 506961]
+in auctex
+"auctex: reuses old logfile on emacsen upgrades, enabling symlink attack"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072]
-in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools]
-"libipsec0 packaged in ipsec-tools without development headers"
-= Specific hardware =
+== Examples to live up to ==
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496954 496954]
+in [http://packages.debian.org/lenny/bind9 bind9]
+"bind9: Fails to start due to SIGSEGV"
+[[BR]]This bug sat unfixed for months. Then someone attacked it in a bug-squashing party,
+got the first reproducible testcase, and sent that upstream, which swiftly produced a fix.
+
+
+== Puzzling ==
+
+Someone please explain what's going on (Debian Project-wise) in these bugs.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323473 323473]
+in [http://packages.debian.org/lenny/wnpp wnpp]
+"ITA: mol-drivers-linux -- The Mac-on-Linux emulator - drivers for Linux"
+[[BR]](Note: The bug is for someone to take over maintainership. They did. Then when the bug gets automatically archived, they reply saying to keep it? I (price) don't understand.)
+
+
+
+
+----
+
+= Not so ripe for us to fix =
+
+== Specific hardware ==
If you have the relevant hardware you could help a lot.
in [http://packages.debian.org/lenny/installation-reports installation-reports]
"grub-installer fails on a FSC Primergy RX300 with a level 5 RAID"
-= Examples =
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496954 496954]
-in [http://packages.debian.org/lenny/bind9 bind9]
-"bind9: Fails to start due to SIGSEGV"
-[[BR]]This bug sat unfixed for months. Then someone attacked it in a bug-squashing party,
-got the first reproducible testcase, and sent that upstream, which swiftly produced a fix.
-
-
-= May be a lot of work =
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037]
-in [http://packages.debian.org/lenny/fenix fenix]
-"fenix: not 64 bit clean"
+== May be a lot of work ==
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490171 490171]
in [http://packages.debian.org/lenny/rtorrent rtorrent]
"rtorrent: random crash"
[[BR]](Reproducing this seems to require runnin 20+ torrents for a ~day)
-= Puzzling =
-
-Someone please explain what's going on (Debian Project-wise) in these bugs.
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323473 323473]
-in [http://packages.debian.org/lenny/wnpp wnpp]
-"ITA: mol-drivers-linux -- The Mac-on-Linux emulator - drivers for Linux"
-[[BR]](Note: The bug is for someone to take over maintainership. They did. Then when the bug gets automatically archived, they reply saying to keep it? I (price) don't understand.)
-= Vaguely tedious =
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502140 502140]
-in [http://packages.debian.org/lenny/pam pam]
-"cannot unlock screen during etch -> lenny transition"
-
-= Unclassified =
+== Unclassified ==
Please read these reports and figure out what category they belong in. Or make a new category.
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436140 436140]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"cdrom: Most of the system's files have a future timestamp causing at least update/config problems."
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494293 494293]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"installation-reports: Grub error: not a regular file..."
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232 495232]
-in [http://packages.debian.org/lenny/quagga quagga]
-"quagga: zebra ignores routes added via command line"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460]
-in [http://packages.debian.org/lenny/oss-compat oss-compat]
-"oss-compat: modules are not loaded"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503712 503712]
-in [http://packages.debian.org/lenny/ghostscript ghostscript]
-"etch->lenny upgrade left the system in broken state"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504524 504524]
-in [http://packages.debian.org/lenny/sun-java6 sun-java6]
-"AWT_TOOLKIT=MToolkit causes java to segfault on amd64"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504661 504661]
in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legacy-96xx-dev]
"nvidia-glx-legacy-96xx-dev: /usr/lib/libGL.so symlink broken"
in [http://packages.debian.org/lenny/network-manager network-manager]
"Updating to lenny failed when NetworkManager got updated"
-= Unclassified Security =
+== Unclassified Security ==
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
in [http://packages.debian.org/lenny/icedove icedove]
"Mozilla Thunderbird Multiple Vulnerabilities"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
-in [http://packages.debian.org/lenny/mailscanner mailscanner]
-"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165]
in [http://packages.debian.org/lenny/xine-lib xine-lib]
"xine-lib: CVE-2008-5242 heap-based buffer overflow"
in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
"ffmpeg-debian: Several security issues"
-= Fresh bugs =
+== Fresh bugs ==
These are very recent and presumably will get dealt with by the package maintainers without help.
in [http://packages.debian.org/lenny/openoffice.org-writer openoffice.org-writer]
"openoffice.org-writer: OOo 2.4.x openinig OOo 3 files doesn't show text (2.x implements standard wrong)"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507883 507883]
-in [http://packages.debian.org/lenny/asterisk asterisk]
-"asterisk: Very frequent segfaults on startup"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507889 507889]
in [http://packages.debian.org/lenny/mdadm mdadm]
"mdadm: initramfs-tools script is broken, system with root on RAID won't boot"
in [http://packages.debian.org/lenny/uim-tcode uim-tcode]
"mazegaki conversion cannot be used"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508124 508124]
-in [http://packages.debian.org/lenny/python-m2crypto python-m2crypto]
-"Yum crashes when setting-up a CentOS chroot OS"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508133 508133]
in [http://packages.debian.org/lenny/libmad0 libmad0]
"audacity: munmap_chunk(): invalid pointer: 0x00000000026f4eb0"
in [http://packages.debian.org/lenny/sun-java5 sun-java5]
"sun-java5: New upstream release fixes several security issues"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508265 508265]
-in [http://packages.debian.org/lenny/sysprof-module-source sysprof-module-source]
-"sysprof-module-source: doesn't compile on AMD64 arch (wrong register names)"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508313 508313]
in [http://packages.debian.org/lenny/xine-lib xine-lib]
"xine-lib: CVE-2008-5234 heap overflow in atom parsing"
in [http://packages.debian.org/lenny/iodbc iodbc]
"iodbc: Segfaults when asking for the available DSNs"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508510 508510]
-in [http://packages.debian.org/lenny/debget debget]
-"Can't parse packages.debian.org output anymore"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508392 508392]
in [http://packages.debian.org/lenny/dpkg dpkg]
"Handling of conflicting conffiles broken"
in [http://packages.debian.org/lenny/merkaartor merkaartor]
"merkaartor: crash on startup: QPaintEngine::setSystemClip: Should not be change
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502845 502845]
-in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
-"open-iscsi: no login using amd64"
-
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508589 508589]
in [http://packages.debian.org/lenny/linux-2.6 linux-2.6]
"ppp: USB Modem removal after PPP exits kills keyboard"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508635 508635]
-in [http://packages.debian.org/lenny/libexif-gtk-dev libexif-gtk-dev]
-"libexif-gtk-dev: References no longer existing libXcursor.la"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508660 508660]
+in [http://packages.debian.org/lenny/autopkgtest-xenlvm autopkgtest-xenlvm]
+"adtxenlvm: initscript assumes eth0"
-= Mostly solved? =
+== Mostly solved? ==
These look like good progress is being made and they'll get fixed
soon. Do we need a DD to do an NMU on any of these?
in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
"CVE-2007-3215: phpmailer issue (embedded code-copy)"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
-in [http://packages.debian.org/lenny/smarty smarty]
-"smarty: Non-free logo included in package"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508510 508510]
+in [http://packages.debian.org/lenny/debget debget]
+"Can't parse packages.debian.org output anymore"
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782]
in [http://packages.debian.org/lenny/release-notes release-notes]
in [http://packages.debian.org/lenny/upgrade-reports upgrade-reports]
"etch -> lenny minimal chrrot upgrade fails due to Conflicts/Pre-Depends loop"
-= Not much of use one can do =
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504524 504524]
+in [http://packages.debian.org/lenny/sun-java6 sun-java6]
+"AWT_TOOLKIT=MToolkit causes java to segfault on amd64"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503712 503712]
+in [http://packages.debian.org/lenny/ghostscript ghostscript]
+"etch->lenny upgrade left the system in broken state"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508124 508124]
+in [http://packages.debian.org/lenny/python-m2crypto python-m2crypto]
+"Yum crashes when setting-up a CentOS chroot OS"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508635 508635]
+in [http://packages.debian.org/lenny/libexif-gtk-dev libexif-gtk-dev]
+"libexif-gtk-dev: References no longer existing libXcursor.la"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460]
+in [http://packages.debian.org/lenny/oss-compat oss-compat]
+"oss-compat: modules are not loaded"
+
+
+== Not much of use one can do ==
+
+(waiting on reporter to reproduce)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494293 494293]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"installation-reports: Grub error: not a regular file..."
(this one looks like it'll be removed from Lenny or have amd64 disabled)
in [http://packages.debian.org/lenny/moodle moodle]
"moodle: html2text.php is not DFSG-free"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232 495232]
+in [http://packages.debian.org/lenny/quagga quagga]
+"quagga: zebra ignores routes added via command line"
+
(misc)
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508091 508091]
in [http://packages.debian.org/lenny/clamav-getfiles clamav-getfiles]
"clamav-getfiles: piuparts test fails: eicar.com md5sum mismatch, file needs downloading"
-= Flamewars =
-
-You might enjoy reading these, but they may not be good targets to fix.
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737]
-in [http://packages.debian.org/lenny/otrs2 otrs2]
-"otrs2 - makes files in /usr writable by non-root"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
-in [http://packages.debian.org/lenny/wordpress wordpress]
-"wordpress can be subject of delayed attacks via cookies"
-
-For this one, the actual flameware is off the bug report log.
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
-in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
-"longstanding DFSG violations in linux-2.6 package"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747]
-in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk]
-"gnu-fdisk: wipes out MBR when used on GPT partitions"
-
-= Would have been fun =
-
-Entertaining to read but sadly already fixed.
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
+in [http://packages.debian.org/lenny/mailscanner mailscanner]
+"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506961 506961]
-in auctex
-"auctex: reuses old logfile on emacsen upgrades, enabling symlink attack"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
+in [http://packages.debian.org/lenny/smarty smarty]
+"smarty: Non-free logo included in package"
-= Special team bugs =
+== Special team bugs ==
These bugs are probably not good targets because the work involved with them at this point is to be done by someone on a special Debian team.
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497471 497471]
in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
+
"sarge images have syslinux binaries without source"
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506977 506977]
This one is fixed in experimental:
+
+
[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503907 503907]
in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1]
"epiphany-webkit: Crashes at startup whenever I go to a site."
+
+
sipb-www / wiki.git / blobdiff