X-Git-Url: https://sipb.mit.edu/gitweb.cgi/wiki.git/blobdiff_plain/ca5bf87f2bf20912b2f45533079841977bf29138..c195916edaa80040b7106b041e08bcb43c4501f1:/doc/LennyBugsAll diff --git a/doc/LennyBugsAll b/doc/LennyBugsAll index 15020f5..be4eab3 100644 --- a/doc/LennyBugsAll +++ b/doc/LennyBugsAll @@ -30,6 +30,19 @@ in [http://packages.debian.org/lenny/dk-filter dk-filter] "dk-filter reliably crashes upon connection from postfix" [[BR]](Note: bug report, little followup. Test, reproduce, debug, fix.) +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057] +in [http://packages.debian.org/lenny/splashy splashy] +"splashy: Splashy fails to install due to missing default theme" + +These ones are only about 2 weeks old: + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071] +in [http://packages.debian.org/lenny/racoon racoon] +"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072] +in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools] +"libipsec0 packaged in ipsec-tools without development headers" = Specific hardware = @@ -60,6 +73,12 @@ in [http://packages.debian.org/lenny/bind9 bind9] got the first reproducible testcase, and sent that upstream, which swiftly produced a fix. += May be a lot of work = + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037] +in [http://packages.debian.org/lenny/fenix fenix] +"fenix: not 64 bit clean" + = Puzzling = Someone please explain what's going on (Debian Project-wise) in these bugs. @@ -78,10 +97,6 @@ Please read these reports and figure out what category they belong in. Or make in [http://packages.debian.org/lenny/installation-reports installation-reports] "cdrom: Most of the system's files have a future timestamp causing at least update/config problems." -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037] -in [http://packages.debian.org/lenny/fenix fenix] -"fenix: not 64 bit clean" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490171 490171] in [http://packages.debian.org/lenny/rtorrent rtorrent] "rtorrent: random crash" @@ -94,10 +109,6 @@ in [http://packages.debian.org/lenny/libqt3-mt libqt3-mt] in [http://packages.debian.org/lenny/installation-reports installation-reports] "installation-reports: Grub error: not a regular file..." -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495178 495178] -in [http://packages.debian.org/lenny/libjs-jquery libjs-jquery] -"libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232 495232] in [http://packages.debian.org/lenny/quagga quagga] "quagga: zebra ignores routes added via command line" @@ -114,10 +125,6 @@ in [http://packages.debian.org/lenny/mdadm mdadm] in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org] "sarge images have syslinux binaries without source" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823] -in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org] -"longstanding DFSG violations in linux-2.6 package" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460] in [http://packages.debian.org/lenny/oss-compat oss-compat] "oss-compat: modules are not loaded" @@ -154,10 +161,6 @@ in [http://packages.debian.org/lenny/ghostscript ghostscript] in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1] "epiphany-webkit: Crashes at startup whenever I go to a site." -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283] -in [http://packages.debian.org/lenny/egroupware-core egroupware-core] -"CVE-2007-3215: phpmailer issue (embedded code-copy)" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504373 504373] in [http://packages.debian.org/lenny/libtemplate-perl libtemplate-perl] "libtemplate-perl: Upgrade from etch breaks code using DBI plugins" @@ -178,42 +181,14 @@ in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legac in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk] "gnu-fdisk: wipes out MBR when used on GPT partitions" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] -in [http://packages.debian.org/lenny/wordpress wordpress] -"wordpress can be subject of delayed attacks via cookies" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918] in [http://packages.debian.org/lenny/network-manager network-manager] "Updating to lenny failed when NetworkManager got updated" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977] -in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian] -"ffmpeg-debian: Several security issues" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237] in [http://packages.debian.org/lenny/snmpd snmpd] "/etc/init.d/snmpd start reports error if already running" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563] -in [http://packages.debian.org/lenny/icedove icedove] -"Mozilla Thunderbird Multiple Vulnerabilities" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057] -in [http://packages.debian.org/lenny/splashy splashy] -"splashy: Splashy fails to install due to missing default theme" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353] -in [http://packages.debian.org/lenny/mailscanner mailscanner] -"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652] -in [http://packages.debian.org/lenny/xml2rfc xml2rfc] -"Yet another boilerplate change" - -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741] -in [http://packages.debian.org/lenny/wireshark wireshark] -"wireshark: DoS caused by sending a SMTP request with large content" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748] in [http://packages.debian.org/lenny/rtorrent rtorrent] "crash rtorrent by scgi-interface (function: 'fi.get_filename_last')" @@ -230,21 +205,23 @@ in [http://packages.debian.org/lenny/release.debian.org release.debian.org] in [http://packages.debian.org/lenny/open-iscsi open-iscsi] "initiatorname.iscsi should maybe not be in /etc" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507021 507021] -in [http://packages.debian.org/lenny/helpdeco helpdeco] -"Fails to work on amd64" - [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507059 507059] in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools] "initramfs-tools: Wrong check for udevadm in functions" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071] -in [http://packages.debian.org/lenny/racoon racoon] -"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239] +in [http://packages.debian.org/lenny/release.debian.org release.debian.org] +"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072] -in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools] -"libipsec0 packaged in ipsec-tools without development headers" += Unclassified Security = + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563] +in [http://packages.debian.org/lenny/icedove icedove] +"Mozilla Thunderbird Multiple Vulnerabilities" + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353] +in [http://packages.debian.org/lenny/mailscanner mailscanner] +"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack" [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165] in [http://packages.debian.org/lenny/xine-lib xine-lib] @@ -254,18 +231,21 @@ in [http://packages.debian.org/lenny/xine-lib xine-lib] in [http://packages.debian.org/lenny/xine-lib xine-lib] "xine-lib: CVE-2008-5246 heap overflow" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239] -in [http://packages.debian.org/lenny/release.debian.org release.debian.org] -"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741] +in [http://packages.debian.org/lenny/wireshark wireshark] +"wireshark: DoS caused by sending a SMTP request with large content" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242] -in [http://packages.debian.org/lenny/amule-daemon amule-daemon] -"amule-daemon: causes OOM's by leaking lots of memory" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977] +in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian] +"ffmpeg-debian: Several security issues" -[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316] -in [http://packages.debian.org/lenny/smarty smarty] -"smarty: Non-free logo included in package" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] +in [http://packages.debian.org/lenny/wordpress wordpress] +"wordpress can be subject of delayed attacks via cookies" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283] +in [http://packages.debian.org/lenny/egroupware-core egroupware-core] +"CVE-2007-3215: phpmailer issue (embedded code-copy)" = Fresh bugs = @@ -405,6 +385,10 @@ in [http://packages.debian.org/lenny/debget debget] These look like good progress is being made and they'll get fixed soon. +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316] +in [http://packages.debian.org/lenny/smarty smarty] +"smarty: Non-free logo included in package" + [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782] in [http://packages.debian.org/lenny/release-notes release-notes] "release-notes: Where's the license?" @@ -422,6 +406,29 @@ in [http://packages.debian.org/lenny/xbat xbat] in [http://packages.debian.org/lenny/tuxguitar tuxguitar] "tuxguitar: hard-codes dependencies on libraries" +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495178 495178] +in [http://packages.debian.org/lenny/libjs-jquery libjs-jquery] +"libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js" + += Not much of use one can do = + +(this one looks like it'll be removed from Lenny or have amd64 disabled) + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507021 507021] +in [http://packages.debian.org/lenny/helpdeco helpdeco] +"Fails to work on amd64" + +(this one looks the maintainer has labeled unreproducible) + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242] +in [http://packages.debian.org/lenny/amule-daemon amule-daemon] +"amule-daemon: causes OOM's by leaking lots of memory" + +(waiting on upstream) + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652] +in [http://packages.debian.org/lenny/xml2rfc xml2rfc] +"Yet another boilerplate change" = Flamewars = @@ -431,6 +438,11 @@ You might enjoy reading these, but they may not be good targets to fix. in [http://packages.debian.org/lenny/otrs2 otrs2] "otrs2 - makes files in /usr writable by non-root" +For this one, the actual flameware is off the bug report log. + +[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823] +in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org] +"longstanding DFSG violations in linux-2.6 package" = Would have been fun =