X-Git-Url: https://sipb.mit.edu/gitweb.cgi/wiki.git/blobdiff_plain/e7603928d9f731954fa1b717b36c5b48a9697ee6..68c8cb5b88cd13eb51f8a5243f95ad8b533dbf1a:/doc/LennyBugsAll

diff --git a/doc/LennyBugsAll b/doc/LennyBugsAll
index 5c7db55..ba32386 100644
--- a/doc/LennyBugsAll
+++ b/doc/LennyBugsAll
@@ -7,68 +7,136 @@ Bug list dumped early 2008-12-12.  The pipeline was
 
 Please sort into useful/not useful, add notes, etc.
 
+----
+
 = Juicy? =
 
-Try these!
+All acted on!  See the "Stuff we did" sections below.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374644 374644] in [http://packages.debian.org/lenny/xine-ui xine-ui]
-"xine-ui: ctrl/shift key press emulation implementation broken"
-[[BR]](Note: have patch but it's broken.  Test?  Find a fix?)
+
+
+----
+
+= Stuff we did =
+
+== Fixed by SIPB! ==
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436140 436140]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"cdrom: Most of the system's files have a future timestamp causing at least update/config problems."
+(closed by wdaher)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476525 476525] 
+in [http://packages.debian.org/lenny/python-hid python-hid] 
+"python-hid: hid module will not import since python policy transition" 
+(tabbott)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071] 
+[http://packages.debian.org/lenny/racoon racoon] 
+"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt" 
+(fixed by broder)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072] 
+in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools] 
+"libipsec0 packaged in ipsec-tools without development headers" 
+(downgraded by hartmans)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504626 504626] 
+in [http://packages.debian.org/lenny/nvidia-glx nvidia-glx] 
+"[nvidia-glx] Quietly drops support for several chipsets" 
+(downgraded by nelhage)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502845 502845]
+in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
+"open-iscsi: no login using amd64"
+(quentin reassigned; Bastian Blank then lowered priority)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508265 508265]
+in [http://packages.debian.org/lenny/sysprof-module-source sysprof-module-source]
+"sysprof-module-source: doesn't compile on AMD64 arch (wrong register names)"
+(patch added by andersk)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
+in [http://packages.debian.org/lenny/splashy splashy]
+"splashy: Splashy fails to install due to missing default theme"
+(fix suggestion added by ecprice with help from tabbott and fawkes)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748]
+in [http://packages.debian.org/lenny/rtorrent rtorrent]
+"crash rtorrent by scgi-interface (function: 'fi.get_filename_last')"
+(submitted patch that disables broken RPC; leaving to maintainer to decide if this is what he wants to do)
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426465 426465]
 in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
 "/init exports MODPROBE_OPTIONS=-qb"
-[[BR]](Note: real bug report is near bottom.)
+[[BR]](patch added by price)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476525 476525]
-in [http://packages.debian.org/lenny/python-hid python-hid]
-"python-hid: hid module will not import since python policy transition"
-[[BR]](Note: have patch, looks messy, looks like not-too-hard bug to fix well.)
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489501 489501]
+in [http://packages.debian.org/lenny/zekr zekr]
+"zekr depends on libxul0d"
+[[BR]](mako tweaked and sponsored fix by Asheesh Laroia)
+
+== Waiting on feedback ==
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502140 502140]
+in [http://packages.debian.org/lenny/pam pam]
+"cannot unlock screen during etch -> lenny transition"
+(hartmans added comment)
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481072 481072]
 in [http://packages.debian.org/lenny/dk-filter dk-filter]
 "dk-filter reliably crashes upon connection from postfix"
-[[BR]](Note: bug report, little followup.  Test, reproduce, debug, fix.)
+[[BR]](quentin couldn't reproduce)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
-in [http://packages.debian.org/lenny/splashy splashy]
-"splashy: Splashy fails to install due to missing default theme"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507883 507883]
+in [http://packages.debian.org/lenny/asterisk asterisk]
+"asterisk: Very frequent segfaults on startup"
+(quentin couldn't reproduce)
 
-These ones are only about 2 weeks old:
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037]
+in [http://packages.debian.org/lenny/fenix fenix]
+"fenix: not 64 bit clean"[[BR]]
+(ezyang observed upstream's website looks ~dead)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071]
-in [http://packages.debian.org/lenny/racoon racoon]
-"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072]
-in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools]
-"libipsec0 packaged in ipsec-tools without development headers"
 
-= Specific hardware =
 
-If you have the relevant hardware you could help a lot.
+----
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394963 394963]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"installation: Problems with dual booting Dell D600 with winXP pro in the first partition (hd0, 0). After installing the Dell Etch Beta 3, Windows fails to boot and I get the blue screen of death."
+= Fun stuff to read =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418972 418972]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"cdrom: Etch does not detect CD-ROM on Acer Aspire 7100"
+== Flamewars ==
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478717 478717]
-in [http://packages.debian.org/lenny/ruby1.9 ruby1.9]
-"ruby1.9: FTBFS on hppa: make[1]: *** [all] Segmentation fault"
+You might enjoy reading these, but they may not be good targets to fix.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499078 499078]
-in [http://packages.debian.org/lenny/jfsutils jfsutils]
-"jfsutils: Bus Error when running fsck.jfs on sparc"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737]
+in [http://packages.debian.org/lenny/otrs2 otrs2]
+"otrs2 - makes files in /usr writable by non-root"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501804 501804]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"installation-reports: Lenny b2 install on ThinkPad X61 - fails to detect hard disk"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
+in [http://packages.debian.org/lenny/wordpress wordpress]
+"wordpress can be subject of delayed attacks via cookies"
+
+For this one, the actual flameware is off the bug report log.
 
-= Examples =
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"longstanding DFSG violations in linux-2.6 package"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747]
+in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk]
+"gnu-fdisk: wipes out MBR when used on GPT partitions"
+
+
+== Would have been fun ==
+
+Entertaining to read but sadly already fixed.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506961 506961]
+in auctex
+"auctex: reuses old logfile on emacsen upgrades, enabling symlink attack"
+
+
+== Examples to live up to ==
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496954 496954]
 in [http://packages.debian.org/lenny/bind9 bind9]
@@ -77,13 +145,7 @@ in [http://packages.debian.org/lenny/bind9 bind9]
 got the first reproducible testcase, and sent that upstream, which swiftly produced a fix.
 
 
-= May be a lot of work =
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037]
-in [http://packages.debian.org/lenny/fenix fenix]
-"fenix: not 64 bit clean"
-
-= Puzzling =
+== Puzzling ==
 
 Someone please explain what's going on (Debian Project-wise) in these bugs.
 
@@ -93,116 +155,67 @@ in [http://packages.debian.org/lenny/wnpp wnpp]
 [[BR]](Note: The bug is for someone to take over maintainership.  They did.  Then when the bug gets automatically archived, they reply saying to keep it?  I (price) don't understand.)
 
 
-= Unclassified =
 
-Please read these reports and figure out what category they belong in.  Or make a new category.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436140 436140]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"cdrom: Most of the system's files have a future timestamp causing at least update/config problems."
+----
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490171 490171]
-in [http://packages.debian.org/lenny/rtorrent rtorrent]
-"rtorrent: random crash"
+= Not so ripe for us to fix =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490999 490999]
-in [http://packages.debian.org/lenny/libqt3-mt libqt3-mt]
-"kicker: crashes on startup"
+== Specific hardware ==
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494293 494293]
-in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"installation-reports: Grub error: not a regular file..."
+If you have the relevant hardware you could help a lot.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232 495232]
-in [http://packages.debian.org/lenny/quagga quagga]
-"quagga: zebra ignores routes added via command line"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394963 394963]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"installation: Problems with dual booting Dell D600 with winXP pro in the first partition (hd0, 0). After installing the Dell Etch Beta 3, Windows fails to boot and I get the blue screen of death."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495603 495603]
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418972 418972]
 in [http://packages.debian.org/lenny/installation-reports installation-reports]
-"grub-installer fails on a FSC Primergy RX300 with a level 5 RAID"
+"cdrom: Etch does not detect CD-ROM on Acer Aspire 7100"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496334 496334]
-in [http://packages.debian.org/lenny/mdadm mdadm]
-"mdadm segfault on --assemble --force with raid10"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478717 478717]
+in [http://packages.debian.org/lenny/ruby1.9 ruby1.9]
+"ruby1.9: FTBFS on hppa: make[1]: *** [all] Segmentation fault"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460]
-in [http://packages.debian.org/lenny/oss-compat oss-compat]
-"oss-compat: modules are not loaded"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499078 499078]
+in [http://packages.debian.org/lenny/jfsutils jfsutils]
+"jfsutils: Bus Error when running fsck.jfs on sparc"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501800 501800]
-in [http://packages.debian.org/lenny/bind9 bind9]
-"bind9: bind crashes with a list for allow-update"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501804 501804]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"installation-reports: Lenny b2 install on ThinkPad X61 - fails to detect hard disk"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502140 502140]
-in [http://packages.debian.org/lenny/pam pam]
-"cannot unlock screen during etch -> lenny transition"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495603 495603]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"grub-installer fails on a FSC Primergy RX300 with a level 5 RAID"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502751 502751]
-in [http://packages.debian.org/lenny/clamav-getfiles clamav-getfiles]
-"clamav-getfiles: piuparts test fails: eicar.com md5sum mismatch, file needs downloading"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503303 503303]
-in [http://packages.debian.org/lenny/upgrade-reports upgrade-reports]
-"etch -> lenny minimal chrrot upgrade fails due to Conflicts/Pre-Depends loop"
+== May be a lot of work ==
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532 503532]
-in [http://packages.debian.org/lenny/dbus dbus]
-"send_requested_reply="true" allows all non-reply messages"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490171 490171]
+in [http://packages.debian.org/lenny/rtorrent rtorrent]
+"rtorrent: random crash"
+[[BR]](Reproducing this seems to require runnin 20+ torrents for a ~day)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503712 503712]
-in [http://packages.debian.org/lenny/ghostscript ghostscript]
-"etch->lenny upgrade left the system in broken state"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504524 504524]
-in [http://packages.debian.org/lenny/sun-java6 sun-java6]
-"AWT_TOOLKIT=MToolkit causes java to segfault on amd64"
+== Unclassified ==
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504626 504626]
-in [http://packages.debian.org/lenny/nvidia-glx nvidia-glx]
-"[nvidia-glx] Quietly drops support for several chipsets"
+Please read these reports and figure out what category they belong in.  Or make a new category.
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504661 504661]
 in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legacy-96xx-dev]
 "nvidia-glx-legacy-96xx-dev: /usr/lib/libGL.so symlink broken"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747]
-in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk]
-"gnu-fdisk: wipes out MBR when used on GPT partitions"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918]
 in [http://packages.debian.org/lenny/network-manager network-manager]
 "Updating to lenny failed when NetworkManager got updated"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237]
-in [http://packages.debian.org/lenny/snmpd snmpd]
-"/etc/init.d/snmpd start reports error if already running"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748]
-in [http://packages.debian.org/lenny/rtorrent rtorrent]
-"crash rtorrent by scgi-interface (function: 'fi.get_filename_last')"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506853 506853]
-in [http://packages.debian.org/lenny/libgnutls26 libgnutls26]
-"libgnutls26: 2.4.2-3 breaks OpenLDAP access"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507003 507003]
-in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
-"initiatorname.iscsi should maybe not be in /etc"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507059 507059]
-in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
-"initramfs-tools: Wrong check for udevadm in functions"
-
-= Unclassified Security =
+== Unclassified Security ==
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
 in [http://packages.debian.org/lenny/icedove icedove]
 "Mozilla Thunderbird Multiple Vulnerabilities"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
-in [http://packages.debian.org/lenny/mailscanner mailscanner]
-"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165]
 in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5242 heap-based buffer overflow"
@@ -211,23 +224,11 @@ in [http://packages.debian.org/lenny/xine-lib xine-lib]
 in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5246 heap overflow"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
-in [http://packages.debian.org/lenny/wireshark wireshark]
-"wireshark: DoS caused by sending a SMTP request with large content"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977]
 in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
 "ffmpeg-debian: Several security issues"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
-in [http://packages.debian.org/lenny/wordpress wordpress]
-"wordpress can be subject of delayed attacks via cookies"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
-in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
-"CVE-2007-3215: phpmailer issue (embedded code-copy)"
-
-= Fresh bugs =
+== Fresh bugs ==
 
 These are very recent and presumably will get dealt with by the package maintainers without help.
 
@@ -243,15 +244,10 @@ in [http://packages.debian.org/lenny/grub grub]
 in [http://packages.debian.org/lenny/hibernate hibernate]
 "ignores "LockXLock yes" setting in /etc/hibernate/common.conf (e.g. does not lock the screen)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507576 507576]
-in [http://packages.debian.org/lenny/xbattbar-acpi xbattbar-acpi]
-"missing dependency: libconfig"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507579 507579]
 in [http://packages.debian.org/lenny/yocto-reader yocto-reader]
 "Package installation results in license violation"
 
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507706 507706]
 in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
 "Missing sources for d-i components/kernel of etch-n-half images"
@@ -268,42 +264,14 @@ in [http://packages.debian.org/lenny/mldonkey-server mldonkey-server]
 in [http://packages.debian.org/lenny/openoffice.org-writer openoffice.org-writer]
 "openoffice.org-writer: OOo 2.4.x openinig OOo 3 files doesn't show text (2.x implements standard wrong)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507883 507883]
-in [http://packages.debian.org/lenny/asterisk asterisk]
-"asterisk: Very frequent segfaults on startup"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507889 507889]
 in [http://packages.debian.org/lenny/mdadm mdadm]
 "mdadm: initramfs-tools script is broken, system with root on RAID won't boot"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507915 507915]
-in [http://packages.debian.org/lenny/povray povray]
-"Povray unusable with non-ascii filenames"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507944 507944]
-in [http://packages.debian.org/lenny/xwhois xwhois]
-"xwhois: segfaults on start in get_servers()"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507947 507947]
-in [http://packages.debian.org/lenny/moodle moodle]
-"moodle: html2text.php is not DFSG-free"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507996 507996]
 in [http://packages.debian.org/lenny/uim-tcode uim-tcode]
 "mazegaki conversion cannot be used"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508026 508026]
-in [http://packages.debian.org/lenny/phppgadmin phppgadmin]
-"phpPgAdmin: Local File Inclusion Vulnerability"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508091 508091]
-in [http://packages.debian.org/lenny/tuxguitar tuxguitar]
-"maintainer address bounces"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508124 508124]
-in [http://packages.debian.org/lenny/python-m2crypto python-m2crypto]
-"Yum crashes when setting-up a CentOS chroot OS"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508133 508133]
 in [http://packages.debian.org/lenny/libmad0 libmad0]
 "audacity: munmap_chunk(): invalid pointer: 0x00000000026f4eb0"
@@ -312,18 +280,6 @@ in [http://packages.debian.org/lenny/libmad0 libmad0]
 in [http://packages.debian.org/lenny/sun-java5 sun-java5]
 "sun-java5: New upstream release fixes several security issues"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508257 508257]
-in [http://packages.debian.org/lenny/twiki twiki]
-"CVE-2008-5305: TWiki SEARCH variable allows arbitrary shell command execution"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508265 508265]
-in [http://packages.debian.org/lenny/sysprof-module-source sysprof-module-source]
-"sysprof-module-source: doesn't compile on AMD64 arch (wrong register names)"
-
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508272 508272]
-in [http://packages.debian.org/lenny/gnome-splashscreen-manager gnome-splashscreen-manager]
-"gnome-splashscreen-manager: Refuses to start, undefined symbol: gtk_file_system_error_quark"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508313 508313]
 in [http://packages.debian.org/lenny/xine-lib xine-lib]
 "xine-lib: CVE-2008-5234 heap overflow in atom parsing"
@@ -336,10 +292,6 @@ in [http://packages.debian.org/lenny/wodim wodim]
 in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
 "ftp.debian.org: gcc-4.2-base is not really required"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508351 508351]
-in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
-"open-iscsi: will not install, looking for missing /sys/module/scsi_transport_iscsi/version file"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508434 508434]
 in [http://packages.debian.org/lenny/ipmitool ipmitool]
 "ipmitool: Several init script problems due to wrong pidfile name"
@@ -352,10 +304,6 @@ in [http://packages.debian.org/lenny/imagemagick imagemagick]
 in [http://packages.debian.org/lenny/iodbc iodbc]
 "iodbc: Segfaults when asking for the available DSNs"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508510 508510]
-in [http://packages.debian.org/lenny/debget debget]
-"Can't parse packages.debian.org output anymore"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508392 508392]
 in [http://packages.debian.org/lenny/dpkg dpkg]
 "Handling of conflicting conffiles broken"
@@ -368,14 +316,26 @@ in [http://packages.debian.org/lenny/f2c f2c]
 in [http://packages.debian.org/lenny/merkaartor merkaartor]
 "merkaartor: crash on startup: QPaintEngine::setSystemClip: Should not be change
 
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508589 508589]
+in [http://packages.debian.org/lenny/linux-2.6 linux-2.6]
+"ppp: USB Modem removal after PPP exits kills keyboard"
 
-= Mostly solved? =
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508660 508660]
+in [http://packages.debian.org/lenny/autopkgtest-xenlvm autopkgtest-xenlvm]
+"adtxenlvm: initscript assumes eth0"
 
-These look like good progress is being made and they'll get fixed soon.
+== Mostly solved? ==
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
-in [http://packages.debian.org/lenny/smarty smarty]
-"smarty: Non-free logo included in package"
+These look like good progress is being made and they'll get fixed
+soon. Do we need a DD to do an NMU on any of these?
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
+in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
+"CVE-2007-3215: phpmailer issue (embedded code-copy)"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508510 508510]
+in [http://packages.debian.org/lenny/debget debget]
+"Can't parse packages.debian.org output anymore"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782]
 in [http://packages.debian.org/lenny/release-notes release-notes]
@@ -386,10 +346,6 @@ in [http://packages.debian.org/lenny/release-notes release-notes]
 "document procedure to recover from "/dev/hda became /dev/sda" boot failure"
 [[BR]](Note: looks done, just not closed.)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476210 476210]
-in [http://packages.debian.org/lenny/xbat xbat]
-"xbat: game elements do not display properly"
-
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506883 506883]
 in [http://packages.debian.org/lenny/tuxguitar tuxguitar]
 "tuxguitar: hard-codes dependencies on libraries"
@@ -398,7 +354,77 @@ in [http://packages.debian.org/lenny/tuxguitar tuxguitar]
 in [http://packages.debian.org/lenny/libjs-jquery libjs-jquery]
 "libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js"
 
-= Not much of use one can do =
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507059 507059]
+in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
+"initramfs-tools: Wrong check for udevadm in functions"
+[[BR]](No maintainer activity since it was reported 2 weeks ago; One-line patch attached.)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496334 496334]
+in [http://packages.debian.org/lenny/mdadm mdadm]
+"mdadm segfault on --assemble --force with raid10"
+[[BR]]Seems to be fixed and uploaded, but got reopened for some reason?
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374644 374644] in [http://packages.debian.org/lenny/xine-ui xine-ui]
+"xine-ui: ctrl/shift key press emulation implementation broken"
+[[BR]](Note: There's a patch that may be good enough -- blocking on some guy responding)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237]
+in [http://packages.debian.org/lenny/snmpd snmpd]
+"/etc/init.d/snmpd start reports error if already running"
+(Note: fixed, waiting on an upload?)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508257 508257]
+in [http://packages.debian.org/lenny/twiki twiki]
+"CVE-2008-5305: TWiki SEARCH variable allows arbitrary shell command execution"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508026 508026]
+in [http://packages.debian.org/lenny/phppgadmin phppgadmin]
+"phpPgAdmin: Local File Inclusion Vulnerability"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501800 501800]
+in [http://packages.debian.org/lenny/bind9 bind9]
+"bind9: bind crashes with a list for allow-update"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532 503532]
+in [http://packages.debian.org/lenny/dbus dbus]
+"send_requested_reply="true" allows all non-reply messages"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
+in [http://packages.debian.org/lenny/wireshark wireshark]
+"wireshark: DoS caused by sending a SMTP request with large content"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503303 503303]
+in [http://packages.debian.org/lenny/upgrade-reports upgrade-reports]
+"etch -> lenny minimal chrrot upgrade fails due to Conflicts/Pre-Depends loop"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504524 504524]
+in [http://packages.debian.org/lenny/sun-java6 sun-java6]
+"AWT_TOOLKIT=MToolkit causes java to segfault on amd64"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503712 503712]
+in [http://packages.debian.org/lenny/ghostscript ghostscript]
+"etch->lenny upgrade left the system in broken state"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508124 508124]
+in [http://packages.debian.org/lenny/python-m2crypto python-m2crypto]
+"Yum crashes when setting-up a CentOS chroot OS"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508635 508635]
+in [http://packages.debian.org/lenny/libexif-gtk-dev libexif-gtk-dev]
+"libexif-gtk-dev: References no longer existing libXcursor.la"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460]
+in [http://packages.debian.org/lenny/oss-compat oss-compat]
+"oss-compat: modules are not loaded"
+
+
+== Not much of use one can do ==
+
+(waiting on reporter to reproduce)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494293 494293]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"installation-reports: Grub error: not a regular file..."
 
 (this one looks like it'll be removed from Lenny or have amd64 disabled)
 
@@ -418,30 +444,46 @@ in [http://packages.debian.org/lenny/amule-daemon amule-daemon]
 in [http://packages.debian.org/lenny/xml2rfc xml2rfc]
 "Yet another boilerplate change"
 
-= Flamewars =
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490999 490999]
+in [http://packages.debian.org/lenny/libqt3-mt libqt3-mt]
+"kicker: crashes on startup"
 
-You might enjoy reading these, but they may not be good targets to fix.
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507947 507947]
+in [http://packages.debian.org/lenny/moodle moodle]
+"moodle: html2text.php is not DFSG-free"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737]
-in [http://packages.debian.org/lenny/otrs2 otrs2]
-"otrs2 - makes files in /usr writable by non-root"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232 495232]
+in [http://packages.debian.org/lenny/quagga quagga]
+"quagga: zebra ignores routes added via command line"
 
-For this one, the actual flameware is off the bug report log.
+(misc)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
-in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
-"longstanding DFSG violations in linux-2.6 package"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508091 508091]
+in [http://packages.debian.org/lenny/tuxguitar tuxguitar]
+"maintainer address bounces"
 
-= Would have been fun =
+(trivial fix may cause regression, may punt)
 
-Entertaining to read but sadly already fixed.
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507003 507003]
+in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
+"initiatorname.iscsi should maybe not be in /etc"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506961 506961]
-in auctex
-"auctex: reuses old logfile on emacsen upgrades, enabling symlink attack"
+(legal issue involving non-free file)
 
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502751 502751]
+in [http://packages.debian.org/lenny/clamav-getfiles clamav-getfiles]
+"clamav-getfiles: piuparts test fails: eicar.com md5sum mismatch, file needs downloading"
 
-= Special team bugs =
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
+in [http://packages.debian.org/lenny/mailscanner mailscanner]
+"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
+in [http://packages.debian.org/lenny/smarty smarty]
+"smarty: Non-free logo included in package"
+
+
+== Special team bugs ==
 
 These bugs are probably not good targets because the work involved with them at this point is to be done by someone on a special Debian team.
 
@@ -511,6 +553,7 @@ in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497471 497471]
 in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
+
 "sarge images have syslinux binaries without source"
 
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506977 506977]
@@ -521,12 +564,12 @@ in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
 in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
 "RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504373 504373]
-in [http://packages.debian.org/lenny/libtemplate-perl libtemplate-perl]
-"libtemplate-perl: Upgrade from etch breaks code using DBI plugins"
-
 This one is fixed in experimental:
 
+
+
 [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503907 503907]
 in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1]
 "epiphany-webkit: Crashes at startup whenever I go to a site."
+
+