(no commit message)
[wiki.git] / doc / LennyBugsAll
index 505c854661dbc324ea10d4f12760a43bb1c244d4..5c7db55e3161568cadd7541e413a3f4c0dfe3eee 100644 (file)
+= Open RC Bugs in Lenny =
+
+These are bugs to consider at SIPB's [LennyBugs RC-bug-squashing hackathon] for Lenny.
+
 Bug list dumped early 2008-12-12.  The pipeline was
  `$ cd /mit/debathena/debian-bts && ./get_bugs | sort | ./bugs-format-trac`
 
 Please sort into useful/not useful, add notes, etc.
 
+= Juicy? =
 
-== Unclassified ==
+Try these!
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323473 323473] in wnpp
-"ITA: mol-drivers-linux -- The Mac-on-Linux emulator - drivers for Linux"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374644 374644] in [http://packages.debian.org/lenny/xine-ui xine-ui]
+"xine-ui: ctrl/shift key press emulation implementation broken"
+[[BR]](Note: have patch but it's broken.  Test?  Find a fix?)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782] in release-notes
-"release-notes: Where's the license?"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426465 426465]
+in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
+"/init exports MODPROBE_OPTIONS=-qb"
+[[BR]](Note: real bug report is near bottom.)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374644 374644] in xine-ui
-"xine-ui: ctrl/shift key press emulation implementation broken"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476525 476525]
+in [http://packages.debian.org/lenny/python-hid python-hid]
+"python-hid: hid module will not import since python policy transition"
+[[BR]](Note: have patch, looks messy, looks like not-too-hard bug to fix well.)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481072 481072]
+in [http://packages.debian.org/lenny/dk-filter dk-filter]
+"dk-filter reliably crashes upon connection from postfix"
+[[BR]](Note: bug report, little followup.  Test, reproduce, debug, fix.)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
+in [http://packages.debian.org/lenny/splashy splashy]
+"splashy: Splashy fails to install due to missing default theme"
+
+These ones are only about 2 weeks old:
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071]
+in [http://packages.debian.org/lenny/racoon racoon]
+"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072]
+in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools]
+"libipsec0 packaged in ipsec-tools without development headers"
+
+= Specific hardware =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394963 394963] in installation-reports
+If you have the relevant hardware you could help a lot.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394963 394963]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
 "installation: Problems with dual booting Dell D600 with winXP pro in the first partition (hd0, 0). After installing the Dell Etch Beta 3, Windows fails to boot and I get the blue screen of death."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418972 418972] in installation-reports
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418972 418972]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
 "cdrom: Etch does not detect CD-ROM on Acer Aspire 7100"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426465 426465] in initramfs-tools
-"/init exports MODPROBE_OPTIONS=-qb"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478717 478717]
+in [http://packages.debian.org/lenny/ruby1.9 ruby1.9]
+"ruby1.9: FTBFS on hppa: make[1]: *** [all] Segmentation fault"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436140 436140] in installation-reports
-"cdrom: Most of the system's files have a future timestamp causing at least update/config problems."
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499078 499078]
+in [http://packages.debian.org/lenny/jfsutils jfsutils]
+"jfsutils: Bus Error when running fsck.jfs on sparc"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451628 451628] in ftp.debian.org
-"Packages might enter the archive from security without source"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501804 501804]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"installation-reports: Lenny b2 install on ThinkPad X61 - fails to detect hard disk"
+
+= Examples =
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496954 496954]
+in [http://packages.debian.org/lenny/bind9 bind9]
+"bind9: Fails to start due to SIGSEGV"
+[[BR]]This bug sat unfixed for months.  Then someone attacked it in a bug-squashing party,
+got the first reproducible testcase, and sent that upstream, which swiftly produced a fix.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037] in fenix
+
+= May be a lot of work =
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037]
+in [http://packages.debian.org/lenny/fenix fenix]
 "fenix: not 64 bit clean"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737] in otrs2
-"otrs2 - makes files in /usr writable by non-root"
+= Puzzling =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475958 475958] in release-notes
-"document procedure to recover from "/dev/hda became /dev/sda" boot failure"
+Someone please explain what's going on (Debian Project-wise) in these bugs.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476210 476210] in xbat
-"xbat: game elements do not display properly"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323473 323473]
+in [http://packages.debian.org/lenny/wnpp wnpp]
+"ITA: mol-drivers-linux -- The Mac-on-Linux emulator - drivers for Linux"
+[[BR]](Note: The bug is for someone to take over maintainership.  They did.  Then when the bug gets automatically archived, they reply saying to keep it?  I (price) don't understand.)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476525 476525] in python-hid
-"python-hid: hid module will not import since python policy transition"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478717 478717] in ruby1.9
-"ruby1.9: FTBFS on hppa: make[1]: *** [all] Segmentation fault"
+= Unclassified =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481072 481072] in dk-filter
-"dk-filter reliably crashes upon connection from postfix"
+Please read these reports and figure out what category they belong in.  Or make a new category.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436140 436140]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"cdrom: Most of the system's files have a future timestamp causing at least update/config problems."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490171 490171] in rtorrent
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490171 490171]
+in [http://packages.debian.org/lenny/rtorrent rtorrent]
 "rtorrent: random crash"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490999 490999] in libqt3-mt
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490999 490999]
+in [http://packages.debian.org/lenny/libqt3-mt libqt3-mt]
 "kicker: crashes on startup"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494293 494293] in installation-reports
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494293 494293]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
 "installation-reports: Grub error: not a regular file..."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495178 495178] in libjs-jquery
-"libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232 495232] in quagga
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232 495232]
+in [http://packages.debian.org/lenny/quagga quagga]
 "quagga: zebra ignores routes added via command line"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495603 495603] in installation-reports
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495603 495603]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
 "grub-installer fails on a FSC Primergy RX300 with a level 5 RAID"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496334 496334] in mdadm
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496334 496334]
+in [http://packages.debian.org/lenny/mdadm mdadm]
 "mdadm segfault on --assemble --force with raid10"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496954 496954] in bind9
-"bind9: Fails to start due to SIGSEGV"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497471 497471] in cdimage.debian.org
-"sarge images have syslinux binaries without source"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823] in ftp.debian.org
-"longstanding DFSG violations in linux-2.6 package"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499078 499078] in jfsutils
-"jfsutils: Bus Error when running fsck.jfs on sparc"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460] in oss-compat
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460]
+in [http://packages.debian.org/lenny/oss-compat oss-compat]
 "oss-compat: modules are not loaded"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501800 501800] in bind9
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501800 501800]
+in [http://packages.debian.org/lenny/bind9 bind9]
 "bind9: bind crashes with a list for allow-update"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501804 501804] in installation-reports
-"installation-reports: Lenny b2 install on ThinkPad X61 - fails to detect hard disk"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502140 502140] in pam
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502140 502140]
+in [http://packages.debian.org/lenny/pam pam]
 "cannot unlock screen during etch -> lenny transition"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502751 502751] in clamav-getfiles
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502751 502751]
+in [http://packages.debian.org/lenny/clamav-getfiles clamav-getfiles]
 "clamav-getfiles: piuparts test fails: eicar.com md5sum mismatch, file needs downloading"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503303 503303] in upgrade-reports
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503303 503303]
+in [http://packages.debian.org/lenny/upgrade-reports upgrade-reports]
 "etch -> lenny minimal chrrot upgrade fails due to Conflicts/Pre-Depends loop"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532 503532] in dbus
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532 503532]
+in [http://packages.debian.org/lenny/dbus dbus]
 "send_requested_reply="true" allows all non-reply messages"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503712 503712] in ghostscript
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503712 503712]
+in [http://packages.debian.org/lenny/ghostscript ghostscript]
 "etch->lenny upgrade left the system in broken state"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503907 503907] in libwebkit-1.0-1
-"epiphany-webkit: Crashes at startup whenever I go to a site."
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283] in egroupware-core
-"CVE-2007-3215: phpmailer issue (embedded code-copy)"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504373 504373] in libtemplate-perl
-"libtemplate-perl: Upgrade from etch breaks code using DBI plugins"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504524 504524] in sun-java6
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504524 504524]
+in [http://packages.debian.org/lenny/sun-java6 sun-java6]
 "AWT_TOOLKIT=MToolkit causes java to segfault on amd64"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504626 504626] in nvidia-glx
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504626 504626]
+in [http://packages.debian.org/lenny/nvidia-glx nvidia-glx]
 "[nvidia-glx] Quietly drops support for several chipsets"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504661 504661] in nvidia-glx-legacy-96xx-dev
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504661 504661]
+in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legacy-96xx-dev]
 "nvidia-glx-legacy-96xx-dev: /usr/lib/libGL.so symlink broken"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747] in gnu-fdisk
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747]
+in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk]
 "gnu-fdisk: wipes out MBR when used on GPT partitions"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] in wordpress
-"wordpress can be subject of delayed attacks via cookies"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918] in network-manager
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918]
+in [http://packages.debian.org/lenny/network-manager network-manager]
 "Updating to lenny failed when NetworkManager got updated"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977] in ffmpeg-debian
-"ffmpeg-debian: Several security issues"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237] in snmpd
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237]
+in [http://packages.debian.org/lenny/snmpd snmpd]
 "/etc/init.d/snmpd start reports error if already running"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563] in icedove
-"Mozilla Thunderbird Multiple Vulnerabilities"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057] in splashy
-"splashy: Splashy fails to install due to missing default theme"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506152 506152] in ftp.debian.org
-"libept0 should have priority important"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353] in mailscanner
-"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652] in xml2rfc
-"Yet another boilerplate change"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741] in wireshark
-"wireshark: DoS caused by sending a SMTP request with large content"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748] in rtorrent
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748]
+in [http://packages.debian.org/lenny/rtorrent rtorrent]
 "crash rtorrent by scgi-interface (function: 'fi.get_filename_last')"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506853 506853] in libgnutls26
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506853 506853]
+in [http://packages.debian.org/lenny/libgnutls26 libgnutls26]
 "libgnutls26: 2.4.2-3 breaks OpenLDAP access"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506883 506883] in tuxguitar
-"tuxguitar: hard-codes dependencies on libraries"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506977 506977] in release.debian.org
-"FPC: copyright infringement in pre 2.2.2 sources"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507003 507003] in open-iscsi
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507003 507003]
+in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
 "initiatorname.iscsi should maybe not be in /etc"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507021 507021] in helpdeco
-"Fails to work on amd64"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507059 507059] in initramfs-tools
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507059 507059]
+in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
 "initramfs-tools: Wrong check for udevadm in functions"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071] in racoon
-"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
+= Unclassified Security =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072] in ipsec-tools
-"libipsec0 packaged in ipsec-tools without development headers"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
+in [http://packages.debian.org/lenny/icedove icedove]
+"Mozilla Thunderbird Multiple Vulnerabilities"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
+in [http://packages.debian.org/lenny/mailscanner mailscanner]
+"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165] in xine-lib
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165]
+in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5242 heap-based buffer overflow"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507184 507184] in xine-lib
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507184 507184]
+in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5246 heap overflow"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239] in release.debian.org
-"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242] in amule-daemon
-"amule-daemon: causes OOM's by leaking lots of memory"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316] in smarty
-"smarty: Non-free logo included in package"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507558 507558] in hibernate
-"ignores "LockXLock yes" setting in /etc/hibernate/common.conf (e.g. does not lock the screen)"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507576 507576] in xbattbar-acpi
-"missing dependency: libconfig"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507579 507579] in yocto-reader
-"Package installation results in license violation"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507675 507675] in ftp.debian.org
-"python2.5 should have priority standard"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507678 507678] in ftp.debian.org
-"libsqlite3-0 should have priority standard"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507706 507706] in cdimage.debian.org
-"Missing sources for d-i components/kernel of etch-n-half images"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507721 507721] in cryptsetup
-"cryptsetup: Sometimes initrd ends up missing conf/conf.d/cryptroot file in it"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507775 507775] in ftp.debian.org
-"libkeyutils1 should have priority standard"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507778 507778] in ftp.debian.org
-"libldap-2.4-2 should have priority standard"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507779 507779] in ftp.debian.org
-"[Priorities] libustr-1.0-1 -> standard"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507780 507780] in ftp.debian.org
-"python-sepolgen should have priority standard"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507783 507783] in ftp.debian.org
-"libxml2 should have priority standard"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507784 507784] in ftp.debian.org
-"python2.5-minimal should have priority standard"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507796 507796] in ftp.debian.org
-"libisccfg40 should have priority standard"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507797 507797] in ftp.debian.org
-"libisccc40 should have priority standard"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507798 507798] in ftp.debian.org
-"libedit2 should have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
+in [http://packages.debian.org/lenny/wireshark wireshark]
+"wireshark: DoS caused by sending a SMTP request with large content"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507799 507799] in ftp.debian.org
-"libgssglue1 must have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977]
+in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
+"ffmpeg-debian: Several security issues"
 
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
+in [http://packages.debian.org/lenny/wordpress wordpress]
+"wordpress can be subject of delayed attacks via cookies"
 
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
+in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
+"CVE-2007-3215: phpmailer issue (embedded code-copy)"
 
 = Fresh bugs =
 
 These are very recent and presumably will get dealt with by the package maintainers without help.
 
-If you're bored you might look through and see if some are interesting anyway.  Also feel free to draw the line at some other time.
+If you're bored you might look through and see if some are interesting anyway.  Also feel free to draw the line at some other time; I (price) picked December 1, arbitrarily.
 
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=239111 239111] in grub
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=239111 239111]
+in [http://packages.debian.org/lenny/grub grub]
 "Freeze when installing GRUB on XFS boot partition"
-(Note: just re-opened 2008-12-12)
+[[BR]](Note: just re-opened 2008-12-12)
 
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507558 507558]
+in [http://packages.debian.org/lenny/hibernate hibernate]
+"ignores "LockXLock yes" setting in /etc/hibernate/common.conf (e.g. does not lock the screen)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507800 507800] in ftp.debian.org
-"ucf must have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507576 507576]
+in [http://packages.debian.org/lenny/xbattbar-acpi xbattbar-acpi]
+"missing dependency: libconfig"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507579 507579]
+in [http://packages.debian.org/lenny/yocto-reader yocto-reader]
+"Package installation results in license violation"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507801 507801] in ftp.debian.org
-"libpci3 must have priority standard"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507818 507818] in mldonkey-server
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507706 507706]
+in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
+"Missing sources for d-i components/kernel of etch-n-half images"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507721 507721]
+in [http://packages.debian.org/lenny/cryptsetup cryptsetup]
+"cryptsetup: Sometimes initrd ends up missing conf/conf.d/cryptroot file in it"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507818 507818]
+in [http://packages.debian.org/lenny/mldonkey-server mldonkey-server]
 "mldonkey-server: mlnet does not start, logs syntax error in downloads.ini"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507865 507865] in openoffice.org-writer
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507865 507865]
+in [http://packages.debian.org/lenny/openoffice.org-writer openoffice.org-writer]
 "openoffice.org-writer: OOo 2.4.x openinig OOo 3 files doesn't show text (2.x implements standard wrong)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507883 507883] in asterisk
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507883 507883]
+in [http://packages.debian.org/lenny/asterisk asterisk]
 "asterisk: Very frequent segfaults on startup"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507889 507889] in mdadm
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507889 507889]
+in [http://packages.debian.org/lenny/mdadm mdadm]
 "mdadm: initramfs-tools script is broken, system with root on RAID won't boot"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507915 507915] in povray
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507915 507915]
+in [http://packages.debian.org/lenny/povray povray]
 "Povray unusable with non-ascii filenames"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507927 507927] in acpi-support
-"Fix suspend-resume in Thinkpad R50e (intel 855gm card)"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507944 507944] in xwhois
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507944 507944]
+in [http://packages.debian.org/lenny/xwhois xwhois]
 "xwhois: segfaults on start in get_servers()"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507947 507947] in moodle
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507947 507947]
+in [http://packages.debian.org/lenny/moodle moodle]
 "moodle: html2text.php is not DFSG-free"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507996 507996] in uim-tcode
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507996 507996]
+in [http://packages.debian.org/lenny/uim-tcode uim-tcode]
 "mazegaki conversion cannot be used"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508026 508026] in phppgadmin
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508026 508026]
+in [http://packages.debian.org/lenny/phppgadmin phppgadmin]
 "phpPgAdmin: Local File Inclusion Vulnerability"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508091 508091] in tuxguitar
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508091 508091]
+in [http://packages.debian.org/lenny/tuxguitar tuxguitar]
 "maintainer address bounces"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508124 508124] in python-m2crypto
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508124 508124]
+in [http://packages.debian.org/lenny/python-m2crypto python-m2crypto]
 "Yum crashes when setting-up a CentOS chroot OS"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508133 508133] in libmad0
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508133 508133]
+in [http://packages.debian.org/lenny/libmad0 libmad0]
 "audacity: munmap_chunk(): invalid pointer: 0x00000000026f4eb0"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508194 508194] in sun-java5
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508194 508194]
+in [http://packages.debian.org/lenny/sun-java5 sun-java5]
 "sun-java5: New upstream release fixes several security issues"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508257 508257] in twiki
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508257 508257]
+in [http://packages.debian.org/lenny/twiki twiki]
 "CVE-2008-5305: TWiki SEARCH variable allows arbitrary shell command execution"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508265 508265] in sysprof-module-source
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508265 508265]
+in [http://packages.debian.org/lenny/sysprof-module-source sysprof-module-source]
 "sysprof-module-source: doesn't compile on AMD64 arch (wrong register names)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508272 508272] in gnome-splashscreen-manager
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508272 508272]
+in [http://packages.debian.org/lenny/gnome-splashscreen-manager gnome-splashscreen-manager]
 "gnome-splashscreen-manager: Refuses to start, undefined symbol: gtk_file_system_error_quark"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508313 508313] in xine-lib
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508313 508313]
+in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5234 heap overflow in atom parsing"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508322 508322] in wodim
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508322 508322]
+in [http://packages.debian.org/lenny/wodim wodim]
 "wodim: Cannot load media.  Cannot init drive."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508324 508324] in ftp.debian.org
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508324 508324]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
 "ftp.debian.org: gcc-4.2-base is not really required"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508351 508351] in open-iscsi
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508351 508351]
+in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
 "open-iscsi: will not install, looking for missing /sys/module/scsi_transport_iscsi/version file"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508434 508434] in ipmitool
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508434 508434]
+in [http://packages.debian.org/lenny/ipmitool ipmitool]
 "ipmitool: Several init script problems due to wrong pidfile name"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508443 508443] in imagemagick
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508443 508443]
+in [http://packages.debian.org/lenny/imagemagick imagemagick]
 "convert crash on sparc during compilation of djvulibre (work on x86-64)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508480 508480] in iodbc
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508480 508480]
+in [http://packages.debian.org/lenny/iodbc iodbc]
 "iodbc: Segfaults when asking for the available DSNs"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508510 508510] in debget
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508510 508510]
+in [http://packages.debian.org/lenny/debget debget]
 "Can't parse packages.debian.org output anymore"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508392 508392]
+in [http://packages.debian.org/lenny/dpkg dpkg]
+"Handling of conflicting conffiles broken"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508565 508565]
+in [http://packages.debian.org/lenny/f2c f2c]
+"f2c: does not translate properly in EMT64 machines"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508551 508551]
+in [http://packages.debian.org/lenny/merkaartor merkaartor]
+"merkaartor: crash on startup: QPaintEngine::setSystemClip: Should not be change
+
+
+= Mostly solved? =
+
+These look like good progress is being made and they'll get fixed soon.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
+in [http://packages.debian.org/lenny/smarty smarty]
+"smarty: Non-free logo included in package"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782]
+in [http://packages.debian.org/lenny/release-notes release-notes]
+"release-notes: Where's the license?"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475958 475958]
+in [http://packages.debian.org/lenny/release-notes release-notes]
+"document procedure to recover from "/dev/hda became /dev/sda" boot failure"
+[[BR]](Note: looks done, just not closed.)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476210 476210]
+in [http://packages.debian.org/lenny/xbat xbat]
+"xbat: game elements do not display properly"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506883 506883]
+in [http://packages.debian.org/lenny/tuxguitar tuxguitar]
+"tuxguitar: hard-codes dependencies on libraries"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495178 495178]
+in [http://packages.debian.org/lenny/libjs-jquery libjs-jquery]
+"libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js"
+
+= Not much of use one can do =
+
+(this one looks like it'll be removed from Lenny or have amd64 disabled)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507021 507021]
+in [http://packages.debian.org/lenny/helpdeco helpdeco]
+"Fails to work on amd64"
+
+(this one looks the maintainer has labeled unreproducible)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242]
+in [http://packages.debian.org/lenny/amule-daemon amule-daemon]
+"amule-daemon: causes OOM's by leaking lots of memory"
+
+(waiting on upstream)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652]
+in [http://packages.debian.org/lenny/xml2rfc xml2rfc]
+"Yet another boilerplate change"
+
+= Flamewars =
+
+You might enjoy reading these, but they may not be good targets to fix.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737]
+in [http://packages.debian.org/lenny/otrs2 otrs2]
+"otrs2 - makes files in /usr writable by non-root"
+
+For this one, the actual flameware is off the bug report log.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"longstanding DFSG violations in linux-2.6 package"
+
+= Would have been fun =
+
+Entertaining to read but sadly already fixed.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506961 506961]
+in auctex
+"auctex: reuses old logfile on emacsen upgrades, enabling symlink attack"
+
+
+= Special team bugs =
+
+These bugs are probably not good targets because the work involved with them at this point is to be done by someone on a special Debian team.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451628 451628]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"Packages might enter the archive from security without source"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506152 506152]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libept0 should have priority important"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507675 507675]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"python2.5 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507678 507678]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libsqlite3-0 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507775 507775]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libkeyutils1 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507778 507778]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libldap-2.4-2 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507779 507779]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"[Priorities] libustr-1.0-1 -> standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507780 507780]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"python-sepolgen should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507783 507783]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libxml2 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507784 507784]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"python2.5-minimal should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507796 507796]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libisccfg40 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507797 507797]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libisccc40 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507798 507798]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libedit2 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507799 507799]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libgssglue1 must have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507800 507800]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"ucf must have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507801 507801]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libpci3 must have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497471 497471]
+in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
+"sarge images have syslinux binaries without source"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506977 506977]
+in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
+"FPC: copyright infringement in pre 2.2.2 sources"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239]
+in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
+"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504373 504373]
+in [http://packages.debian.org/lenny/libtemplate-perl libtemplate-perl]
+"libtemplate-perl: Upgrade from etch breaks code using DBI plugins"
+
+This one is fixed in experimental:
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503907 503907]
+in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1]
+"epiphany-webkit: Crashes at startup whenever I go to a site."