Jerzy Wolinski | 30 Aug 09:59 2015
Picon

Bug#797378: dosemu: DPMI errors in same DOS programs

Package: dosemu
Version: 1.4.0.7+20130105+b028d3f-2
Severity: grave
Justification: renders package unusable

Dear Maintainer,

Dosemu crashes some programs 

C:\>pkzip

PKZIP (R)   FAST!   Create/Update Utility   Version 2.50   03-01-1999
Copr. 1989-1999 PKWARE Inc.  All Rights Reserved.   Shareware Version
PKZIP Reg. U.S. Pat. and Tm. Off.  Patent No. 5,051,745
DPMI: Unhandled Exception 0e - Terminating Client
It is likely that dosemu is unstable now and should be rebooted
C:\>

At Aug, 2nd 2015 it worked. Dosemu has not been changed
since. It must be something new in linux kernel or libraries.

-- System Information:
Debian Release: stretch/sid
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.1.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
(Continue reading)

Sunil Mohan Adapa | 30 Aug 09:38 2015

Bug#797377: freedombox-setup: Don't mess with core system files

Package: freedombox-setup
Version: 0.5
Severity: normal
Tags: patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Currently, freedombox-setup overwrite many of the core system files eventhough
it does need to.  These files are

/etc/fstab
/etc/hosts
/etc/apt/sources.list

All of these changes are currently unnecessary.  The proposed patchset removes
code that does this and also provides a rationale.

I have performed the following tests on a full build image with patches
applied:

- - Tmpfs should be mounted.

- - cgroupsfs should be mounted.

- - /etc/hosts should be exactly like before the patch.

- - Cdrom sources should not be present in images.

I found that the hosts is missing two entries:
(Continue reading)

Sunil Mohan Adapa | 30 Aug 09:25 2015

Bug#797376: freedombox-setup: Don't remove SSH keys when installing on Debian

Package: freedombox-setup
Version: 0.5
Severity: normal
Tags: patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

When freedombox-setup is installed on a Debian machine, the exising SSH keys
of the machine are destroyed.  This makes freedombox-setup unsuitable on a
machine that is already under use.

The attachted patch proposes that we delete the SSH keys from the FreedomBox
images but not remove the existing SSH keys when installing on Debian.  This
patch must be accompanied by a patch to freedom-maker that ensure that the
keys are not present on a FreedomBox image.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJV4q/mAAoJEDbDYUQMm8lxSYYP/R1FRlTfSbHmuYhXgeyip2Ub
1TIYh31O82bq3mc6dUkZaP4MYKLupFE2sbSr/VO/iEU4VIgnEEPMcG0kllDAxf4h
qsNHZEfbqhjAtQEUiQxVStxKIl6g8srqKgkhDY1JhlztI3TmV4NjseJLY9JlmcfB
d99mB1gn+QoP3sKoPE06sT/KadEmJ/NA1IB3veDSi0n4G7cyVDhEw3Fp3h9z2io7
F6I30Zt9Suw/WV30+5Uc7PUjhz5ajPiCE1WcNEFqIqmr5J+GTymyzoxKT4JMkB/S
KFYEwmCMBXqhVDDR+Gh1XiCsjRjHBS4SJvof+uOOcT4eFU2DxAJozoGalRW/2+rR
XYAGfKGU+UUxDSMfOtxW6YQDPLwMlrbpu0t5jDEjm7KaocFfHdQov7r7QbgLPj9c
N/xM1r96MIBJGc6TRhAhTM3qneXLiSuXK3vFFWfJiQa9TSXYiEhIZI+cN3LzVRZf
ApRtxE3J21hrr+HaMbZ1SeGSt6hvHMCbIJKkYV99jBVTaT4bcyIVjT+RpbyYxUkx
ZsVhZ+Nq3eJFYM/sM8XvauaRnbkjIvsSBJYxHnqtO8lWCwInN+h7N/nNdeZuqDxy
(Continue reading)

Harlan Lieberman-Berg | 30 Aug 09:21 2015

Bug#792833: (no subject)

tag 792833 -moreinfo +patch
thanks

OK, I am apparently having trouble with actually writing email messages
today.  First encrypting instead of signing, then forgetting to actually
attach the file... yikes.

Here we go - third time's the charm.

--

-- 
Harlan Lieberman-Berg
~hlieberman
Attachment (ansible.debdiff): application/octet-stream, 46 KiB
Sunil Mohan | 30 Aug 09:18 2015

Bug#795765: Patch available in another bug

Patch for this bug is available in another bug #795880.

--

-- 
Sunil

Harlan Lieberman-Berg | 30 Aug 09:16 2015

Bug#792833: (no subject)

Control: tags -1 -moreinfo +patch

I've attached a debdiff of the source packages, with a changelog
describing the changes.

Sincerely,
--

-- 
Harlan Lieberman-Berg
~hlieberman
Richard Jasmin | 30 Aug 09:12 2015
Picon

Bug#797375: general: default build options turn off stack protections

Package: general
Severity: grave
Tags: upstream security patch
Justification: user security hole

I noticed this when doing my homework to see what build options are defaults
and why.

We should do a review here on packages. It seems we MAY have overlooked
something SERIOUS.

Loads of people optimize code with -O2 or -O3 (free pascal goes one step
further.. -O4) and that is generally accepted practice. But there is one
significant problem in doing so, at least with C/C++ code. (I dont think
(Free)Pascal apps are affected this way, if you can prove me wrong, please do
so. (Free)Pascal apps are strictly type and resource checked long before
linking.)

**WE OMIT the FRAME POINTER necessary for STACK protections to properly work.

AS far as I know and have seen data on, this is causing a silent stack
protection failure on build.Stack protections are simply turned off as thier
depends(the frame pointer) just isnt there.

Yes, there is a way to fix this.

use this:
--enable-frame-pointer

As far as I can tell, ALL C/C++ apps are build with at least -O2 optimizations,
(Continue reading)

Sunil Mohan | 30 Aug 09:16 2015

Bug#795751: Patch available in another bug

The patch for this bug is available in another bug #795880.

--

-- 
Sunil

Harald Dunkel | 30 Aug 08:51 2015
Picon

Bug#797374: please check /etc/ethers for MAC address


Package: wakeonlan
Version: 0.41-11

I would suggest to look into /etc/ethers to find a hosts
MAC address (as dnsmasq does, for example). See ethers(5).

Regards
Harri
Pirate Praveen | 30 Aug 08:50 2015
Picon

Bug#796979: got full stacktrace


ActionView::MissingTemplate (Missing template registrations/create,
devise/registrations/create, devise/create, application/create with
{:locale=>[:en], :formats=>[:html], :variants=>[], :handlers=>[:erb,
:builder, :raw, :ruby, :markerb, :haml, :rabl]}. Searched in:
  * "/usr/share/diaspora/app/views"
  * "/usr/share/ruby-entypo-rails/app/views"
  * "/var/lib/gems/2.1.0/gems/devise-3.5.1/app/views"
):
  lib/rack/chrome_frame.rb:39:in `call'
  lib/unicorn_killer.rb:35:in `call'
Sunil Mohan Adapa | 30 Aug 08:46 2015

Bug#797373: freedombox-setup: Merge Wi-Fi configuration with network configuration

Package: freedombox-setup
Version: 0.5
Severity: normal
Tags: patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The attached patchset proposes the following:

- - Perform Wi-Fi access point setup on all Wi-Fi devices available and
  not only on Dreamplug's Wi-Fi.

- - Merge Wi-Fi configuration into the rest of the network configuration.

- - Don't install firmware-libertas during first boot.  Network may not
  be available during first boot.  Instead install it in setup step.

- - Give network connections, prettier, user-readable names.

- - Remove the NULL MACs fix which does not work.

- - Remove the interface-detect script that is no longer needed.

I have performed the following tests on a full-build:

- - Network first-run setup should happen properly without errors.

- - Network name is 'FreedomBox WAN' for WAN connections (log message
  should be proper)
(Continue reading)


Gmane