X-Git-Url: https://sipb.mit.edu/gitweb.cgi/wiki.git/blobdiff_plain/f00a6374a30b0f8ae364bcb0ef5eaf6287ccf6eb..94d9c0171a572c84c05135ed822e384077675483:/doc/LennyBugsAll?ds=sidebyside

diff --git a/doc/LennyBugsAll b/doc/LennyBugsAll
index a629c9d..bd822bb 100644
--- a/doc/LennyBugsAll
+++ b/doc/LennyBugsAll
@@ -1,337 +1,522 @@
+= Open RC Bugs in Lenny =
+
+These are bugs to consider at SIPB's [LennyBugs RC-bug-squashing hackathon] for Lenny.
+
 Bug list dumped early 2008-12-12.  The pipeline was
  `$ cd /mit/debathena/debian-bts && ./get_bugs | sort | ./bugs-format-trac`
 
 Please sort into useful/not useful, add notes, etc.
 
+= Juicy? =
 
-== List ==
+Try these!
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=239111 239111] in grub
-"Freeze when installing GRUB on XFS boot partition"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426465 426465]
+in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
+"/init exports MODPROBE_OPTIONS=-qb"
+[[BR]](Note: real bug report is near bottom.)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323473 323473] in wnpp
-"ITA: mol-drivers-linux -- The Mac-on-Linux emulator - drivers for Linux"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476525 476525]
+in [http://packages.debian.org/lenny/python-hid python-hid]
+"python-hid: hid module will not import since python policy transition"
+[[BR]](Note: have patch, looks messy, looks like not-too-hard bug to fix well.)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782] in release-notes
-"release-notes: Where's the license?"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481072 481072]
+in [http://packages.debian.org/lenny/dk-filter dk-filter]
+"dk-filter reliably crashes upon connection from postfix"
+[[BR]](Note: bug report, little followup.  Test, reproduce, debug, fix.)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374644 374644] in xine-ui
-"xine-ui: ctrl/shift key press emulation implementation broken"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057]
+in [http://packages.debian.org/lenny/splashy splashy]
+"splashy: Splashy fails to install due to missing default theme"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394963 394963] in installation-reports
-"installation: Problems with dual booting Dell D600 with winXP pro in the first partition (hd0, 0). After installing the Dell Etch Beta 3, Windows fails to boot and I get the blue screen of death."
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748]
+in [http://packages.debian.org/lenny/rtorrent rtorrent]
+"crash rtorrent by scgi-interface (function: 'fi.get_filename_last')"
+[[BR]]This is fixed in experimental, but in a newer, less-stable version; Someone might be able to backport the fix.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418972 418972] in installation-reports
-"cdrom: Etch does not detect CD-ROM on Acer Aspire 7100"
+These ones are only about 2 weeks old:
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=426465 426465] in initramfs-tools
-"/init exports MODPROBE_OPTIONS=-qb"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071]
+in [http://packages.debian.org/lenny/racoon racoon]
+"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436140 436140] in installation-reports
-"cdrom: Most of the system's files have a future timestamp causing at least update/config problems."
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072]
+in [http://packages.debian.org/lenny/ipsec-tools ipsec-tools]
+"libipsec0 packaged in ipsec-tools without development headers"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451628 451628] in ftp.debian.org
-"Packages might enter the archive from security without source"
+= Specific hardware =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037] in fenix
-"fenix: not 64 bit clean"
+If you have the relevant hardware you could help a lot.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737] in otrs2
-"otrs2 - makes files in /usr writable by non-root"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=394963 394963]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"installation: Problems with dual booting Dell D600 with winXP pro in the first partition (hd0, 0). After installing the Dell Etch Beta 3, Windows fails to boot and I get the blue screen of death."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475958 475958] in release-notes
-"document procedure to recover from "/dev/hda became /dev/sda" boot failure"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=418972 418972]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"cdrom: Etch does not detect CD-ROM on Acer Aspire 7100"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476210 476210] in xbat
-"xbat: game elements do not display properly"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478717 478717]
+in [http://packages.debian.org/lenny/ruby1.9 ruby1.9]
+"ruby1.9: FTBFS on hppa: make[1]: *** [all] Segmentation fault"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476525 476525] in python-hid
-"python-hid: hid module will not import since python policy transition"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499078 499078]
+in [http://packages.debian.org/lenny/jfsutils jfsutils]
+"jfsutils: Bus Error when running fsck.jfs on sparc"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=478717 478717] in ruby1.9
-"ruby1.9: FTBFS on hppa: make[1]: *** [all] Segmentation fault"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501804 501804]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"installation-reports: Lenny b2 install on ThinkPad X61 - fails to detect hard disk"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481072 481072] in dk-filter
-"dk-filter reliably crashes upon connection from postfix"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495603 495603]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"grub-installer fails on a FSC Primergy RX300 with a level 5 RAID"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490171 490171] in rtorrent
-"rtorrent: random crash"
+= Examples =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490999 490999] in libqt3-mt
-"kicker: crashes on startup"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496954 496954]
+in [http://packages.debian.org/lenny/bind9 bind9]
+"bind9: Fails to start due to SIGSEGV"
+[[BR]]This bug sat unfixed for months.  Then someone attacked it in a bug-squashing party,
+got the first reproducible testcase, and sent that upstream, which swiftly produced a fix.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494293 494293] in installation-reports
-"installation-reports: Grub error: not a regular file..."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495178 495178] in libjs-jquery
-"libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js"
+= May be a lot of work =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232 495232] in quagga
-"quagga: zebra ignores routes added via command line"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456037 456037]
+in [http://packages.debian.org/lenny/fenix fenix]
+"fenix: not 64 bit clean"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495603 495603] in installation-reports
-"grub-installer fails on a FSC Primergy RX300 with a level 5 RAID"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490171 490171]
+in [http://packages.debian.org/lenny/rtorrent rtorrent]
+"rtorrent: random crash"
+[[BR]](Reproducing this seems to require runnin 20+ torrents for a ~day)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496334 496334] in mdadm
-"mdadm segfault on --assemble --force with raid10"
+= Puzzling =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496954 496954] in bind9
-"bind9: Fails to start due to SIGSEGV"
+Someone please explain what's going on (Debian Project-wise) in these bugs.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497471 497471] in cdimage.debian.org
-"sarge images have syslinux binaries without source"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323473 323473]
+in [http://packages.debian.org/lenny/wnpp wnpp]
+"ITA: mol-drivers-linux -- The Mac-on-Linux emulator - drivers for Linux"
+[[BR]](Note: The bug is for someone to take over maintainership.  They did.  Then when the bug gets automatically archived, they reply saying to keep it?  I (price) don't understand.)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823] in ftp.debian.org
-"longstanding DFSG violations in linux-2.6 package"
+= Vaguely tedious =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499078 499078] in jfsutils
-"jfsutils: Bus Error when running fsck.jfs on sparc"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502140 502140]
+in [http://packages.debian.org/lenny/pam pam]
+"cannot unlock screen during etch -> lenny transition"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460] in oss-compat
-"oss-compat: modules are not loaded"
+= Unclassified =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501800 501800] in bind9
-"bind9: bind crashes with a list for allow-update"
+Please read these reports and figure out what category they belong in.  Or make a new category.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501804 501804] in installation-reports
-"installation-reports: Lenny b2 install on ThinkPad X61 - fails to detect hard disk"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436140 436140]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"cdrom: Most of the system's files have a future timestamp causing at least update/config problems."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502140 502140] in pam
-"cannot unlock screen during etch -> lenny transition"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494293 494293]
+in [http://packages.debian.org/lenny/installation-reports installation-reports]
+"installation-reports: Grub error: not a regular file..."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502751 502751] in clamav-getfiles
-"clamav-getfiles: piuparts test fails: eicar.com md5sum mismatch, file needs downloading"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495232 495232]
+in [http://packages.debian.org/lenny/quagga quagga]
+"quagga: zebra ignores routes added via command line"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503303 503303] in upgrade-reports
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500460 500460]
+in [http://packages.debian.org/lenny/oss-compat oss-compat]
+"oss-compat: modules are not loaded"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503303 503303]
+in [http://packages.debian.org/lenny/upgrade-reports upgrade-reports]
 "etch -> lenny minimal chrrot upgrade fails due to Conflicts/Pre-Depends loop"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532 503532] in dbus
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503532 503532]
+in [http://packages.debian.org/lenny/dbus dbus]
 "send_requested_reply="true" allows all non-reply messages"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503712 503712] in ghostscript
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503712 503712]
+in [http://packages.debian.org/lenny/ghostscript ghostscript]
 "etch->lenny upgrade left the system in broken state"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503907 503907] in libwebkit-1.0-1
-"epiphany-webkit: Crashes at startup whenever I go to a site."
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504524 504524]
+in [http://packages.debian.org/lenny/sun-java6 sun-java6]
+"AWT_TOOLKIT=MToolkit causes java to segfault on amd64"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283] in egroupware-core
-"CVE-2007-3215: phpmailer issue (embedded code-copy)"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504661 504661]
+in [http://packages.debian.org/lenny/nvidia-glx-legacy-96xx-dev nvidia-glx-legacy-96xx-dev]
+"nvidia-glx-legacy-96xx-dev: /usr/lib/libGL.so symlink broken"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504373 504373] in libtemplate-perl
-"libtemplate-perl: Upgrade from etch breaks code using DBI plugins"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918]
+in [http://packages.debian.org/lenny/network-manager network-manager]
+"Updating to lenny failed when NetworkManager got updated"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504524 504524] in sun-java6
-"AWT_TOOLKIT=MToolkit causes java to segfault on amd64"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506853 506853]
+in [http://packages.debian.org/lenny/libgnutls26 libgnutls26]
+"libgnutls26: 2.4.2-3 breaks OpenLDAP access"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504626 504626] in nvidia-glx
-"[nvidia-glx] Quietly drops support for several chipsets"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507003 507003]
+in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
+"initiatorname.iscsi should maybe not be in /etc"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504661 504661] in nvidia-glx-legacy-96xx-dev
-"nvidia-glx-legacy-96xx-dev: /usr/lib/libGL.so symlink broken"
+= Unclassified Security =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747] in gnu-fdisk
-"gnu-fdisk: wipes out MBR when used on GPT partitions"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563]
+in [http://packages.debian.org/lenny/icedove icedove]
+"Mozilla Thunderbird Multiple Vulnerabilities"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771] in wordpress
-"wordpress can be subject of delayed attacks via cookies"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353]
+in [http://packages.debian.org/lenny/mailscanner mailscanner]
+"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504918 504918] in network-manager
-"Updating to lenny failed when NetworkManager got updated"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165]
+in [http://packages.debian.org/lenny/xine-lib xine-lib]
+"xine-lib: CVE-2008-5242 heap-based buffer overflow"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977] in ffmpeg-debian
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507184 507184]
+in [http://packages.debian.org/lenny/xine-lib xine-lib]
+"xine-lib: CVE-2008-5246 heap overflow"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741]
+in [http://packages.debian.org/lenny/wireshark wireshark]
+"wireshark: DoS caused by sending a SMTP request with large content"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504977 504977]
+in [http://packages.debian.org/lenny/ffmpeg-debian ffmpeg-debian]
 "ffmpeg-debian: Several security issues"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237] in snmpd
-"/etc/init.d/snmpd start reports error if already running"
+= Fresh bugs =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505563 505563] in icedove
-"Mozilla Thunderbird Multiple Vulnerabilities"
+These are very recent and presumably will get dealt with by the package maintainers without help.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506057 506057] in splashy
-"splashy: Splashy fails to install due to missing default theme"
+If you're bored you might look through and see if some are interesting anyway.  Also feel free to draw the line at some other time; I (price) picked December 1, arbitrarily.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506152 506152] in ftp.debian.org
-"libept0 should have priority important"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506353 506353] in mailscanner
-"CVE-2008-5312/3: mailscanner might allow local users to overwrite arbitrary files via a symlink attack"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=239111 239111]
+in [http://packages.debian.org/lenny/grub grub]
+"Freeze when installing GRUB on XFS boot partition"
+[[BR]](Note: just re-opened 2008-12-12)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652] in xml2rfc
-"Yet another boilerplate change"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507558 507558]
+in [http://packages.debian.org/lenny/hibernate hibernate]
+"ignores "LockXLock yes" setting in /etc/hibernate/common.conf (e.g. does not lock the screen)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506741 506741] in wireshark
-"wireshark: DoS caused by sending a SMTP request with large content"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507579 507579]
+in [http://packages.debian.org/lenny/yocto-reader yocto-reader]
+"Package installation results in license violation"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506748 506748] in rtorrent
-"crash rtorrent by scgi-interface (function: 'fi.get_filename_last')"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507706 507706]
+in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
+"Missing sources for d-i components/kernel of etch-n-half images"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506853 506853] in libgnutls26
-"libgnutls26: 2.4.2-3 breaks OpenLDAP access"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507721 507721]
+in [http://packages.debian.org/lenny/cryptsetup cryptsetup]
+"cryptsetup: Sometimes initrd ends up missing conf/conf.d/cryptroot file in it"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506883 506883] in tuxguitar
-"tuxguitar: hard-codes dependencies on libraries"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507818 507818]
+in [http://packages.debian.org/lenny/mldonkey-server mldonkey-server]
+"mldonkey-server: mlnet does not start, logs syntax error in downloads.ini"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506977 506977] in release.debian.org
-"FPC: copyright infringement in pre 2.2.2 sources"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507865 507865]
+in [http://packages.debian.org/lenny/openoffice.org-writer openoffice.org-writer]
+"openoffice.org-writer: OOo 2.4.x openinig OOo 3 files doesn't show text (2.x implements standard wrong)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507003 507003] in open-iscsi
-"initiatorname.iscsi should maybe not be in /etc"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507883 507883]
+in [http://packages.debian.org/lenny/asterisk asterisk]
+"asterisk: Very frequent segfaults on startup"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507021 507021] in helpdeco
-"Fails to work on amd64"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507889 507889]
+in [http://packages.debian.org/lenny/mdadm mdadm]
+"mdadm: initramfs-tools script is broken, system with root on RAID won't boot"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507059 507059] in initramfs-tools
-"initramfs-tools: Wrong check for udevadm in functions"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507996 507996]
+in [http://packages.debian.org/lenny/uim-tcode uim-tcode]
+"mazegaki conversion cannot be used"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507071 507071] in racoon
-"racoon - Fails after upgrade: symbol lookup error: /usr/sbin/racoon: undefined symbol: libipsec_opt"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508124 508124]
+in [http://packages.debian.org/lenny/python-m2crypto python-m2crypto]
+"Yum crashes when setting-up a CentOS chroot OS"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507072 507072] in ipsec-tools
-"libipsec0 packaged in ipsec-tools without development headers"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508133 508133]
+in [http://packages.debian.org/lenny/libmad0 libmad0]
+"audacity: munmap_chunk(): invalid pointer: 0x00000000026f4eb0"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507165 507165] in xine-lib
-"xine-lib: CVE-2008-5242 heap-based buffer overflow"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508194 508194]
+in [http://packages.debian.org/lenny/sun-java5 sun-java5]
+"sun-java5: New upstream release fixes several security issues"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507184 507184] in xine-lib
-"xine-lib: CVE-2008-5246 heap overflow"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508265 508265]
+in [http://packages.debian.org/lenny/sysprof-module-source sysprof-module-source]
+"sysprof-module-source: doesn't compile on AMD64 arch (wrong register names)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239] in release.debian.org
-"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508313 508313]
+in [http://packages.debian.org/lenny/xine-lib xine-lib]
+"xine-lib: CVE-2008-5234 heap overflow in atom parsing"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242] in amule-daemon
-"amule-daemon: causes OOM's by leaking lots of memory"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508322 508322]
+in [http://packages.debian.org/lenny/wodim wodim]
+"wodim: Cannot load media.  Cannot init drive."
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316] in smarty
-"smarty: Non-free logo included in package"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508324 508324]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"ftp.debian.org: gcc-4.2-base is not really required"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507558 507558] in hibernate
-"ignores "LockXLock yes" setting in /etc/hibernate/common.conf (e.g. does not lock the screen)"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508434 508434]
+in [http://packages.debian.org/lenny/ipmitool ipmitool]
+"ipmitool: Several init script problems due to wrong pidfile name"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507576 507576] in xbattbar-acpi
-"missing dependency: libconfig"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508443 508443]
+in [http://packages.debian.org/lenny/imagemagick imagemagick]
+"convert crash on sparc during compilation of djvulibre (work on x86-64)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507579 507579] in yocto-reader
-"Package installation results in license violation"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508480 508480]
+in [http://packages.debian.org/lenny/iodbc iodbc]
+"iodbc: Segfaults when asking for the available DSNs"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507675 507675] in ftp.debian.org
-"python2.5 should have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508510 508510]
+in [http://packages.debian.org/lenny/debget debget]
+"Can't parse packages.debian.org output anymore"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507678 507678] in ftp.debian.org
-"libsqlite3-0 should have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508392 508392]
+in [http://packages.debian.org/lenny/dpkg dpkg]
+"Handling of conflicting conffiles broken"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507706 507706] in cdimage.debian.org
-"Missing sources for d-i components/kernel of etch-n-half images"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508565 508565]
+in [http://packages.debian.org/lenny/f2c f2c]
+"f2c: does not translate properly in EMT64 machines"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507721 507721] in cryptsetup
-"cryptsetup: Sometimes initrd ends up missing conf/conf.d/cryptroot file in it"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508551 508551]
+in [http://packages.debian.org/lenny/merkaartor merkaartor]
+"merkaartor: crash on startup: QPaintEngine::setSystemClip: Should not be change
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507775 507775] in ftp.debian.org
-"libkeyutils1 should have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502845 502845]
+in [http://packages.debian.org/lenny/open-iscsi open-iscsi]
+"open-iscsi: no login using amd64"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507778 507778] in ftp.debian.org
-"libldap-2.4-2 should have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508589 508589]
+in [http://packages.debian.org/lenny/linux-2.6 linux-2.6]
+"ppp: USB Modem removal after PPP exits kills keyboard"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507779 507779] in ftp.debian.org
-"[Priorities] libustr-1.0-1 -> standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508635 508635]
+in [http://packages.debian.org/lenny/libexif-gtk-dev libexif-gtk-dev]
+"libexif-gtk-dev: References no longer existing libXcursor.la"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507780 507780] in ftp.debian.org
-"python-sepolgen should have priority standard"
+= Mostly solved? =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507783 507783] in ftp.debian.org
-"libxml2 should have priority standard"
+These look like good progress is being made and they'll get fixed
+soon. Do we need a DD to do an NMU on any of these?
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507784 507784] in ftp.debian.org
-"python2.5-minimal should have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504283 504283]
+in [http://packages.debian.org/lenny/egroupware-core egroupware-core]
+"CVE-2007-3215: phpmailer issue (embedded code-copy)"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507796 507796] in ftp.debian.org
-"libisccfg40 should have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507316 507316]
+in [http://packages.debian.org/lenny/smarty smarty]
+"smarty: Non-free logo included in package"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507797 507797] in ftp.debian.org
-"libisccc40 should have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332782 332782]
+in [http://packages.debian.org/lenny/release-notes release-notes]
+"release-notes: Where's the license?"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507798 507798] in ftp.debian.org
-"libedit2 should have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475958 475958]
+in [http://packages.debian.org/lenny/release-notes release-notes]
+"document procedure to recover from "/dev/hda became /dev/sda" boot failure"
+[[BR]](Note: looks done, just not closed.)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507799 507799] in ftp.debian.org
-"libgssglue1 must have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506883 506883]
+in [http://packages.debian.org/lenny/tuxguitar tuxguitar]
+"tuxguitar: hard-codes dependencies on libraries"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507800 507800] in ftp.debian.org
-"ucf must have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495178 495178]
+in [http://packages.debian.org/lenny/libjs-jquery libjs-jquery]
+"libjs-jquery: Should compile jquery.min.js and jquery.pack.js from jquery.js"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507801 507801] in ftp.debian.org
-"libpci3 must have priority standard"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507059 507059]
+in [http://packages.debian.org/lenny/initramfs-tools initramfs-tools]
+"initramfs-tools: Wrong check for udevadm in functions"
+[[BR]](No maintainer activity since it was reported 2 weeks ago; One-line patch attached.)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507818 507818] in mldonkey-server
-"mldonkey-server: mlnet does not start, logs syntax error in downloads.ini"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496334 496334]
+in [http://packages.debian.org/lenny/mdadm mdadm]
+"mdadm segfault on --assemble --force with raid10"
+[[BR]]Seems to be fixed and uploaded, but got reopened for some reason?
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507865 507865] in openoffice.org-writer
-"openoffice.org-writer: OOo 2.4.x openinig OOo 3 files doesn't show text (2.x implements standard wrong)"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374644 374644] in [http://packages.debian.org/lenny/xine-ui xine-ui]
+"xine-ui: ctrl/shift key press emulation implementation broken"
+[[BR]](Note: There's a patch that may be good enough -- blocking on some guy responding)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507883 507883] in asterisk
-"asterisk: Very frequent segfaults on startup"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505237 505237]
+in [http://packages.debian.org/lenny/snmpd snmpd]
+"/etc/init.d/snmpd start reports error if already running"
+(Note: fixed, waiting on an upload?)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507889 507889] in mdadm
-"mdadm: initramfs-tools script is broken, system with root on RAID won't boot"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508257 508257]
+in [http://packages.debian.org/lenny/twiki twiki]
+"CVE-2008-5305: TWiki SEARCH variable allows arbitrary shell command execution"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507915 507915] in povray
-"Povray unusable with non-ascii filenames"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508026 508026]
+in [http://packages.debian.org/lenny/phppgadmin phppgadmin]
+"phpPgAdmin: Local File Inclusion Vulnerability"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507927 507927] in acpi-support
-"Fix suspend-resume in Thinkpad R50e (intel 855gm card)"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501800 501800]
+in [http://packages.debian.org/lenny/bind9 bind9]
+"bind9: bind crashes with a list for allow-update"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507944 507944] in xwhois
-"xwhois: segfaults on start in get_servers()"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507947 507947] in moodle
-"moodle: html2text.php is not DFSG-free"
+= Not much of use one can do =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507996 507996] in uim-tcode
-"mazegaki conversion cannot be used"
+(this one looks like it'll be removed from Lenny or have amd64 disabled)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508026 508026] in phppgadmin
-"phpPgAdmin: Local File Inclusion Vulnerability"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507021 507021]
+in [http://packages.debian.org/lenny/helpdeco helpdeco]
+"Fails to work on amd64"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508091 508091] in tuxguitar
+(this one looks the maintainer has labeled unreproducible)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507242 507242]
+in [http://packages.debian.org/lenny/amule-daemon amule-daemon]
+"amule-daemon: causes OOM's by leaking lots of memory"
+
+(waiting on upstream)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506652 506652]
+in [http://packages.debian.org/lenny/xml2rfc xml2rfc]
+"Yet another boilerplate change"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490999 490999]
+in [http://packages.debian.org/lenny/libqt3-mt libqt3-mt]
+"kicker: crashes on startup"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507947 507947]
+in [http://packages.debian.org/lenny/moodle moodle]
+"moodle: html2text.php is not DFSG-free"
+
+(misc)
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508091 508091]
+in [http://packages.debian.org/lenny/tuxguitar tuxguitar]
 "maintainer address bounces"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508124 508124] in python-m2crypto
-"Yum crashes when setting-up a CentOS chroot OS"
+(legal issue involving non-free file)
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508133 508133] in libmad0
-"audacity: munmap_chunk(): invalid pointer: 0x00000000026f4eb0"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502751 502751]
+in [http://packages.debian.org/lenny/clamav-getfiles clamav-getfiles]
+"clamav-getfiles: piuparts test fails: eicar.com md5sum mismatch, file needs downloading"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508194 508194] in sun-java5
-"sun-java5: New upstream release fixes several security issues"
+= Flamewars =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508257 508257] in twiki
-"CVE-2008-5305: TWiki SEARCH variable allows arbitrary shell command execution"
+You might enjoy reading these, but they may not be good targets to fix.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508265 508265] in sysprof-module-source
-"sysprof-module-source: doesn't compile on AMD64 arch (wrong register names)"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475737 475737]
+in [http://packages.debian.org/lenny/otrs2 otrs2]
+"otrs2 - makes files in /usr writable by non-root"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508272 508272] in gnome-splashscreen-manager
-"gnome-splashscreen-manager: Refuses to start, undefined symbol: gtk_file_system_error_quark"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504771 504771]
+in [http://packages.debian.org/lenny/wordpress wordpress]
+"wordpress can be subject of delayed attacks via cookies"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508313 508313] in xine-lib
-"xine-lib: CVE-2008-5234 heap overflow in atom parsing"
+For this one, the actual flameware is off the bug report log.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508322 508322] in wodim
-"wodim: Cannot load media.  Cannot init drive."
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497823 497823]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"longstanding DFSG violations in linux-2.6 package"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508324 508324] in ftp.debian.org
-"ftp.debian.org: gcc-4.2-base is not really required"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504747 504747]
+in [http://packages.debian.org/lenny/gnu-fdisk gnu-fdisk]
+"gnu-fdisk: wipes out MBR when used on GPT partitions"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508351 508351] in open-iscsi
-"open-iscsi: will not install, looking for missing /sys/module/scsi_transport_iscsi/version file"
+= Would have been fun =
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508434 508434] in ipmitool
-"ipmitool: Several init script problems due to wrong pidfile name"
+Entertaining to read but sadly already fixed.
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508443 508443] in imagemagick
-"convert crash on sparc during compilation of djvulibre (work on x86-64)"
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506961 506961]
+in auctex
+"auctex: reuses old logfile on emacsen upgrades, enabling symlink attack"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508480 508480] in iodbc
-"iodbc: Segfaults when asking for the available DSNs"
 
-[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=508510 508510] in debget
-"Can't parse packages.debian.org output anymore"
+= Special team bugs =
+
+These bugs are probably not good targets because the work involved with them at this point is to be done by someone on a special Debian team.
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=451628 451628]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"Packages might enter the archive from security without source"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506152 506152]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libept0 should have priority important"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507675 507675]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"python2.5 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507678 507678]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libsqlite3-0 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507775 507775]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libkeyutils1 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507778 507778]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libldap-2.4-2 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507779 507779]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"[Priorities] libustr-1.0-1 -> standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507780 507780]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"python-sepolgen should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507783 507783]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libxml2 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507784 507784]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"python2.5-minimal should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507796 507796]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libisccfg40 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507797 507797]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libisccc40 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507798 507798]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libedit2 should have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507799 507799]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libgssglue1 must have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507800 507800]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"ucf must have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507801 507801]
+in [http://packages.debian.org/lenny/ftp.debian.org ftp.debian.org]
+"libpci3 must have priority standard"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497471 497471]
+in [http://packages.debian.org/lenny/cdimage.debian.org cdimage.debian.org]
+"sarge images have syslinux binaries without source"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506977 506977]
+in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
+"FPC: copyright infringement in pre 2.2.2 sources"
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507239 507239]
+in [http://packages.debian.org/lenny/release.debian.org release.debian.org]
+"RM: astrolog/stable -- RoQA; orphaned long time, non-free, contains potentially undistributable code"
+
+This one is fixed in experimental:
+
+[http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503907 503907]
+in [http://packages.debian.org/lenny/libwebkit-1.0-1 libwebkit-1.0-1]
+"epiphany-webkit: Crashes at startup whenever I go to a site."