X-Git-Url: https://sipb.mit.edu/gitweb.cgi/wiki.git/blobdiff_plain/876571084a5e3dda3578e693b1d9d9c626f0a23a..c195916edaa80040b7106b041e08bcb43c4501f1:/doc/LennyBugsAll diff --git a/doc/LennyBugsAll b/doc/LennyBugsAll index 1a2faea..be4eab3 100644 --- a/doc/LennyBugsAll +++ b/doc/LennyBugsAll @@ -30,6 +30,19 @@ in [http://packages.debian.org/lenny/dk-filter dk-filter] "dk-filter reliably crashes upon connection from postfix" [[BR]](Note: bug report, little followup. Test, reproduce, debug, fix.) +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057] +in [http://packages.debian.org/lenny/splashy splashy] +"splashy: Splashy fails to install due to missing default theme" + +These ones are only about 2 weeks old: + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071] +in [http://packages.debian.org/lenny/racoon racoon] +"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072] +in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools] +"libipsec0 packaged in ipsec-tools without development headers" = Specific hardware = @@ -112,10 +125,6 @@ in [http://packages.debian.org/lenny/mdadm mdadm] in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org] "sarge images have syslinux binaries without source" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823] -in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org] -"longstanding DFSG violations in linux-2.6 package" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460] in [http://packages.debian.org/lenny/oss-compat oss-compat] "oss-compat: modules are not loaded" @@ -152,10 +161,6 @@ in [http://packages.debian.org/lenny/ghostscript ghostscript] in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1] "epiphany-webkit: Crashes at startup whenever I go to a site." -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283] -in [http://packages.debian.org/lenny/egroupware-core egroupware-core] -"CVE-2007-3215: phpmailer issue (embedded code-copy)" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504373 504373] in [http://packages.debian.org/lenny/libtemplate-perl libtemplate-perl] "libtemplate-perl: Upgrade from etch breaks code using DBI plugins" @@ -176,42 +181,14 @@ in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legac in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk] "gnu-fdisk: wipes out MBR when used on GPT partitions" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] -in [http://packages.debian.org/lenny/wordpress wordpress] -"wordpress can be subject of delayed attacks via cookies" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918] in [http://packages.debian.org/lenny/network-manager network-manager] "Updating to lenny failed when NetworkManager got updated" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977] -in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian] -"ffmpeg-debian: Several security issues" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237] in [http://packages.debian.org/lenny/snmpd snmpd] "/etc/init.d/snmpd start reports error if already running" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563] -in [http://packages.debian.org/lenny/icedove icedove] -"Mozilla Thunderbird Multiple Vulnerabilities" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057] -in [http://packages.debian.org/lenny/splashy splashy] -"splashy: Splashy fails to install due to missing default theme" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353] -in [http://packages.debian.org/lenny/mailscanner mailscanner] -"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652] -in [http://packages.debian.org/lenny/xml2rfc xml2rfc] -"Yet another boilerplate change" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741] -in [http://packages.debian.org/lenny/wireshark wireshark] -"wireshark: DoS caused by sending a SMTP request with large content" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748] in [http://packages.debian.org/lenny/rtorrent rtorrent] "crash rtorrent by scgi-interface (function: 'fi.get_filename_last')" @@ -232,13 +209,19 @@ in [http://packages.debian.org/lenny/open-iscsi open-iscsi] in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools] "initramfs-tools: Wrong check for udevadm in functions" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071] -in [http://packages.debian.org/lenny/racoon racoon] -"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239] +in [http://packages.debian.org/lenny/release.debian.org release.debian.org] +"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072] -in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools] -"libipsec0 packaged in ipsec-tools without development headers" += Unclassified Security = + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563] +in [http://packages.debian.org/lenny/icedove icedove] +"Mozilla Thunderbird Multiple Vulnerabilities" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353] +in [http://packages.debian.org/lenny/mailscanner mailscanner] +"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack" [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165] in [http://packages.debian.org/lenny/xine-lib xine-lib] @@ -248,18 +231,21 @@ in [http://packages.debian.org/lenny/xine-lib xine-lib] in [http://packages.debian.org/lenny/xine-lib xine-lib] "xine-lib: CVE-2008-5246 heap overflow" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239] -in [http://packages.debian.org/lenny/release.debian.org release.debian.org] -"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741] +in [http://packages.debian.org/lenny/wireshark wireshark] +"wireshark: DoS caused by sending a SMTP request with large content" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242] -in [http://packages.debian.org/lenny/amule-daemon amule-daemon] -"amule-daemon: causes OOM's by leaking lots of memory" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977] +in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian] +"ffmpeg-debian: Several security issues" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316] -in [http://packages.debian.org/lenny/smarty smarty] -"smarty: Non-free logo included in package" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] +in [http://packages.debian.org/lenny/wordpress wordpress] +"wordpress can be subject of delayed attacks via cookies" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283] +in [http://packages.debian.org/lenny/egroupware-core egroupware-core] +"CVE-2007-3215: phpmailer issue (embedded code-copy)" = Fresh bugs = @@ -399,6 +385,10 @@ in [http://packages.debian.org/lenny/debget debget] These look like good progress is being made and they'll get fixed soon. +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316] +in [http://packages.debian.org/lenny/smarty smarty] +"smarty: Non-free logo included in package" + [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782] in [http://packages.debian.org/lenny/release-notes release-notes] "release-notes: Where's the license?" @@ -420,11 +410,26 @@ in [http://packages.debian.org/lenny/tuxguitar tuxguitar] in [http://packages.debian.org/lenny/libjs-jquery libjs-jquery] "libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js" += Not much of use one can do = + (this one looks like it'll be removed from Lenny or have amd64 disabled) + [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507021 507021] in [http://packages.debian.org/lenny/helpdeco helpdeco] "Fails to work on amd64" +(this one looks the maintainer has labeled unreproducible) + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242] +in [http://packages.debian.org/lenny/amule-daemon amule-daemon] +"amule-daemon: causes OOM's by leaking lots of memory" + +(waiting on upstream) + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652] +in [http://packages.debian.org/lenny/xml2rfc xml2rfc] +"Yet another boilerplate change" + = Flamewars = You might enjoy reading these, but they may not be good targets to fix. @@ -433,6 +438,11 @@ You might enjoy reading these, but they may not be good targets to fix. in [http://packages.debian.org/lenny/otrs2 otrs2] "otrs2 - makes files in /usr writable by non-root" +For this one, the actual flameware is off the bug report log. + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823] +in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org] +"longstanding DFSG violations in linux-2.6 package" = Would have been fun =