X-Git-Url: https://sipb.mit.edu/gitweb.cgi/wiki.git/blobdiff_plain/74cf2dcda7e3d3731ceec5def1d7224c4164f60f..a9581b648dcfbf75919cf4197d35772cb1515b90:/doc/LennyBugsAll diff --git a/doc/LennyBugsAll b/doc/LennyBugsAll index d72236f..1ff4011 100644 --- a/doc/LennyBugsAll +++ b/doc/LennyBugsAll @@ -12,6 +12,57 @@ Please sort into useful/not useful, add notes, etc. All dealt with! See the section "Fixed by SIPB" below. += Flamewars = + +You might enjoy reading these, but they may not be good targets to fix. + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737] +in [http://packages.debian.org/lenny/otrs2 otrs2] +"otrs2 - makes files in /usr writable by non-root" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] +in [http://packages.debian.org/lenny/wordpress wordpress] +"wordpress can be subject of delayed attacks via cookies" + +For this one, the actual flameware is off the bug report log. + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823] +in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org] +"longstanding DFSG violations in linux-2.6 package" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747] +in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk] +"gnu-fdisk: wipes out MBR when used on GPT partitions" + + += Would have been fun = + +Entertaining to read but sadly already fixed. + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506961 506961] +in auctex +"auctex: reuses old logfile on emacsen upgrades, enabling symlink attack" + + += Examples to live up to = + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496954 496954] +in [http://packages.debian.org/lenny/bind9 bind9] +"bind9: Fails to start due to SIGSEGV" +[[BR]]This bug sat unfixed for months. Then someone attacked it in a bug-squashing party, +got the first reproducible testcase, and sent that upstream, which swiftly produced a fix. + + += Puzzling = + +Someone please explain what's going on (Debian Project-wise) in these bugs. + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323473 323473] +in [http://packages.debian.org/lenny/wnpp wnpp] +"ITA: mol-drivers-linux -- The Mac-on-Linux emulator - drivers for Linux" +[[BR]](Note: The bug is for someone to take over maintainership. They did. Then when the bug gets automatically archived, they reply saying to keep it? I (price) don't understand.) + + = Specific hardware = If you have the relevant hardware you could help a lot. @@ -40,14 +91,6 @@ in [http://packages.debian.org/lenny/installation-reports installation-reports] in [http://packages.debian.org/lenny/installation-reports installation-reports] "grub-installer fails on a FSC Primergy RX300 with a level 5 RAID" -= Examples = - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496954 496954] -in [http://packages.debian.org/lenny/bind9 bind9] -"bind9: Fails to start due to SIGSEGV" -[[BR]]This bug sat unfixed for months. Then someone attacked it in a bug-squashing party, -got the first reproducible testcase, and sent that upstream, which swiftly produced a fix. - = May be a lot of work = @@ -56,14 +99,6 @@ in [http://packages.debian.org/lenny/rtorrent rtorrent] "rtorrent: random crash" [[BR]](Reproducing this seems to require runnin 20+ torrents for a ~day) -= Puzzling = - -Someone please explain what's going on (Debian Project-wise) in these bugs. - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323473 323473] -in [http://packages.debian.org/lenny/wnpp wnpp] -"ITA: mol-drivers-linux -- The Mac-on-Linux emulator - drivers for Linux" -[[BR]](Note: The bug is for someone to take over maintainership. They did. Then when the bug gets automatically archived, they reply saying to keep it? I (price) don't understand.) = Unclassified = @@ -349,36 +384,6 @@ in [http://packages.debian.org/lenny/mailscanner mailscanner] in [http://packages.debian.org/lenny/smarty smarty] "smarty: Non-free logo included in package" -= Flamewars = - -You might enjoy reading these, but they may not be good targets to fix. - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737] -in [http://packages.debian.org/lenny/otrs2 otrs2] -"otrs2 - makes files in /usr writable by non-root" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] -in [http://packages.debian.org/lenny/wordpress wordpress] -"wordpress can be subject of delayed attacks via cookies" - -For this one, the actual flameware is off the bug report log. - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823] -in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org] -"longstanding DFSG violations in linux-2.6 package" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747] -in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk] -"gnu-fdisk: wipes out MBR when used on GPT partitions" - -= Would have been fun = - -Entertaining to read but sadly already fixed. - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506961 506961] -in auctex -"auctex: reuses old logfile on emacsen upgrades, enabling symlink attack" - = Special team bugs =