Bug#1059829: node-html5-qrcode: Build using libraries downloaded from Internet during build

[Yadd]

On 1/2/24 09:50, Yadd wrote:

Package: node-html5-qrcode
Version: 2.3.8+repack-3
Severity: serious
Justification: not-dfsg
X-Debbugs-Cc: y...@debian.org

node-html5-qrcode is built using "npm install" which downloads libraries
from Internet. This is totally out of DFSG.


For now, the --omit-dev avoid downloading anything until this package 
will have dependencies but npm still access to Internet for "audit".


Easy to fix: use "pkgjs-run build" instead of npm (and drop build 
dependency to npm)


second bug: package is unusable because not installed correctly (that's 
probably why autopkgtest was disabled...), also third_party/ is missing 
in install


A fixed version of this package is available at
https://salsa.debian.org/js-team/node-html5-qrcode

Bug#1059831: autopkgtest - support build profiles to select tests

[Bastian Blank]

Package: autopkgtest
Severity: wishlist

Our Linux package makes heavy use of build profiles.  Those can be used
to disable various parts of the build and this functionality is used in
our CI.

Now comes autopkgtest, tries to install all test dependencies and fails
if those packages have been excluded by build profiles.  There you then
need to use the "skip-not-installable" restriction to ignore failures.

Please support build profiles to select which tests to execute.  For
compatibility, it should support the $DEB_BUILD_PROFILES environment
variable as input.

Bastian

-- 
The face of war has never changed.  Surely it is more logical to heal
than to kill.
-- Surak of Vulcan, "The Savage Curtain", stardate 5906.5

Bug#1059765: linux: isolation-machine autopkgtest fails for multiple reasons

[Paul Gevers]

Hi

On 01-01-2024 22:33, Bastian Blank wrote:

Do we have serial of the machines?


Do you mean of the system where the VM's run, or of the VM itself? IIRC 
the qemu backend of autopkgtest is talking to the VM over serial, but if 
you want to be sure, I'll need to check.


Paul


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1059830: ITP: python-pandas-flavor -- Easy way to write your own flavor of Pandas

[Yogeswaran Umasankar]

Package: wnpp
Severity: wishlist
Owner: Yogeswaran Umasankar 
X-Debbugs-Cc: debian-de...@lists.debian.org, kd8...@gmail.com

* Package name: python-pandas-flavor
  Version : 0.6.0
  Upstream Contact: Zach Sailer 
* URL : https://github.com/pyjanitor-devs/pandas_flavor
* License : Expat
  Programming Lang: Python
  Description : Easy way to write your own flavor of Pandas

Pandas Flavor allows you add functionality that tailors Pandas to
 specific fields or use cases.It is now simpler to add custom
 functionality to Pandas DataFrames and Series. It is a depend for
 various chemistry related packages.

Bug#1017988: bluez: systemd: ConfigurationDirectory 'bluetooth' already exists but the mode is different

[Max Nikulin]

Control: tag -1 upstream
Control: forwarded -1 https://github.com/bluez/bluez/issues/414

On Tue, 23 Aug 2022 10:56:27 -0600 Kevin Locke wrote:


systemd[1234]: ConfigurationDirectory 'bluetooth' already exists but the mode 
is different. (File system: 755 ConfigurationDirectoryMode: 555)

[...]

[Service]
ConfigurationDirectory=bluetooth
ConfigurationDirectoryMode=0555


These lines were added to fix

"systemd failed to set up mount namespacing for /var/lib/bluetooth"
and it seems the intention was to have the `/etc/bluetooth` directory
read-only. Actually the effect is the opposite. `ProtectSystem=strict`
causes `/` being mounted read-only and `ConfigurationDirectory` causes
`/etc/` mounted as writable.

So the extra directives decrease degree of protection against various 
potential vulnerabilities in bluetoothd. Otherwise the reported warning 
may be considered harmless.


As a workaround you may create the following configuration drop-in file
/etc/systemd/system/bluetooth.service.d/disable-configuration-directory.conf

 8< 
[Service]
ConfigurationDirectory=
ConfigurationDirectoryMode=
 >8 

To apply updated configuration run

systemctl daemon-reload
systemctl restart bluetooth.service

Bug#1059829: node-html5-qrcode: Build using libraries downloaded from Internet during build

[Yadd]

Package: node-html5-qrcode
Version: 2.3.8+repack-3
Severity: serious
Justification: not-dfsg
X-Debbugs-Cc: y...@debian.org

node-html5-qrcode is built using "npm install" which downloads libraries
from Internet. This is totally out of DFSG.

Bug#1059828: colourised crontab -l output is unreadable

[Craig Sanders]

Package: cron
Version: 3.0pl1-182

Please don't force colourised tty output by default. It makes the output
unreadable.

Forcing one person's colour preferences on everyone is a vision impairment /
accessibility problem for everyone who doesn't have the same visual capability
as that one individual. Some of us have to very carefully adjust the colors
(and fonts and sizes etc) used by our terminals so we can read the text -
and it is very frustrating to have some program over-ride our settings just
because one person happens to like blue on yellow text, or prefers that
commented lines be highlighted.

It's not even necessary for crontab to have special-case code just to
colourise comments - there are several tools for colourising program output
and other text, including colorize, highlight, supercat and others already
packaged for Debian.  If some people want garish bling in their terminals,
they can use the tools that provide that. That's what they're for.

At the very least, there should be a way to disable it.

Or better yet, an option to *enable* colorised output (say, -c or
--colour/--color) for those who want it. Or an environment variable
e.g. 'CRONTAB_COLOR=Y' or (borrowing from GREP_COLOR and LS_COLORS etc)
CRONTAB_COLOR='43;34' to both enable and configure the colourisation.

Bug#1059826: git-delta: fails to run without git

[Christoph Anton Mitterer]

Package: git-delta
Version: 0.16.5-5
Severity: normal
Control: forwarded -1 https://github.com/dandavison/delta/issues/1593

Hey.

It seems delta alone fails to run when git is not installed.


$ touch 1 2
$ delta 1 2
Failed to execute the command 'git': No such file or directory (os error 2)
$ delta --no-gitconfig 1 2
Failed to execute the command 'git': No such file or directory (os error 2)
$

Interestingly it does work with:
$ delta <(echo a)  <(echo b)

Depending on the outcome of the upstream bug, the package may need to depend
on the `git` package.

Cheers,
Chris.


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.6.8-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_DE.UTF-8, LC_CTYPE=en_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages git-delta depends on:
ii  libc62.37-13
ii  libgcc-s113.2.0-9
ii  libgit2-1.7  1.7.1+ds-2

git-delta recommends no packages.

Versions of packages git-delta suggests:
ii  bash-completion  1:2.11-8

-- no debconf information

Bug#1040988: fixed in picom 10.2-2

[mu mu]

On Sun, 31 Dec 2023 00:06:53 +0100 Vincent Bernat  wrote:
> On Tue, 26 Dec 2023 16:19:12 + Debian FTP Masters
>  wrote:
>
> >* Fix infinite loop with GNOME (Closes: #1040988)
>
> Upstream also added:
>
https://github.com/yshui/picom/commit/7366553be2b825495c5b1e09be09d0fabde4b9b4
>
> Otherwise, picom won't start at the beginning of a session (no windows
yet).
>

I can confirm that this patch
https://sources.debian.org/patches/picom/10.2-2/2-fix-compositor-check.patch/
will cause picom to not start at the beginning.

I autostart picom by add it to my ~/.xsessionrc file, after upgrading to
10.2-2, it complains "Pre-render preparation has failed, exiting..." and
exit.
Downgrading to 10.2-1 or starting manually after the desktop is done will
be okay.

Bug#1059825: /usr/bin/prosodyctl: prosodyctl check dns fails with stacktrace

[Joseph Nahmias]

Package: prosody
Version: 0.12.3-1
Severity: normal
File: /usr/bin/prosodyctl

Hello,

When trying to debug my prosody installation, I tried to run prosodyctl
check dns and got the following:

# prosodyctl check dns
lua5.4: /usr/bin/prosodyctl:635: attempt to index a number value
stack traceback:
[C]: in for iterator 'for iterator'
/usr/lib/prosody/util/set.lua:74: in method 'add_list'
/usr/lib/prosody/util/set.lua:97: in function 'util.set.new'
/usr/lib/prosody/util/prosodyctl/check.lua:718: in function 
'util.prosodyctl.check.check'
/usr/bin/prosodyctl:751: in upvalue 'func'
/usr/lib/prosody/util/async.lua:144: in function 

stack traceback:
[C]: in function 'error'
/usr/bin/prosodyctl:635: in local 'handler'
/usr/lib/prosody/util/async.lua:232: in method 'run'
/usr/bin/prosodyctl:754: in main chunk
[C]: in ?

Is there a dependancy missing?

Thanks,
--Joe

-- System Information:
Debian Release: 12.4
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-security'), (500, 'stable-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-15-amd64 (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages prosody depends on:
ii  adduser 3.134
ii  init-system-helpers 1.65.2
ii  libc6   2.36-9+deb12u3
ii  libicu7272.1-3
ii  libssl3 3.0.11-1~deb12u2
ii  lua-bitop [lua5.4-bitop]1.0.2-7
ii  lua-expat [lua5.4-expat]1.5.1-3
ii  lua-filesystem [lua5.4-filesystem]  1.8.0-3
ii  lua-sec [lua5.4-sec]1.2.0-2
ii  lua-socket [lua5.4-socket]  3.1.0-1+b1
ii  lua5.4  5.4.4-3
ii  ssl-cert1.1.2

Versions of packages prosody recommends:
ii  lua-event [lua5.4-event]0.4.6-2+b1
ii  lua-readline [lua5.4-readline]  3.2-2
ii  lua-unbound [lua5.4-unbound]1.0.0-2

Versions of packages prosody suggests:
pn  lua-dbi-mysql   
pn  lua-dbi-postgresql  
pn  lua-dbi-sqlite3 
pn  lua-zlib

-- no debconf information

Bug#1057852: haskell-pandoc: please upgrade to at least v3.1.2

[Scott Talbert]

On Sat, 09 Dec 2023 17:16:41 +0100 Jonas Smedegaard 
wrote:
> Source: haskell-pandoc
> Version: 3.0.1-3
> Severity: normal
> Tags: upstream
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
> 
> Pandoc 3.0.1 is almost a year old.
> 
> It seems that upgrading to 3.1.2 involves no upgrades to any of its
> dependencies, and upgrading further involves only few dependencies:
> 
>   * upgrade to 3.1.2
>   * upgrade to 3.1.3
> when needed Haskell libraries are in Debian:
> + typst >= 0.1  && < 0.2
>   * upgrade to 3.1.4
> when needed Haskell libraries are in Debian:
> + crypton-connection    >= 0.3.1    && < 0.4
>   * upgrade to 3.1.6.2
> when needed Haskell libraries are in Debian:
> + typst >= 0.3.2.0  && < 0.3.3

Replying here as per your request.

Unfortunately, updating to haskell-pandoc 3.1.2 does not involve
updating no dependencies - it requires an update to pandoc-lua-engine,
which requires adding two new packages, isocline and hslua-repl.  I
went ahead and added these packages, as well as typst, so we should be
able to update to 3.1.3 soon.  Adding crypton-connection is going to be
a bit more challenging as it requires an update to tls, which is used
by several other packages, so I'm not sure if that's going to be easy.

BTW, you didn't really address my question about updating the version
of src:haskell-pandoc in relation to the version of src:pandoc (having
nothing to do with the dependencies of src:haskell-pandoc).  Just the
version number.

Scott

Bug#1059387: exim4: CVE-2023-51766

[Dave Page]

On Sun, 31 Dec 2023 13:21:09 +0100 Andreas Metzler  wrote:

> Disable CHUNKING advertisement for incoming connections.
> Disable PIPELINING advertisement for incoming connections.

It's worth noting in this bug report that these can be achieved by the 
following lines in an Exim config:


chunking_advertise_hosts =
pipelining_advertise_hosts =

Cheers,
Dave

Bug#1059824: librandom123: please add support for loong64

[wuruilong]

Source: librandom123
Version: 1.14.0+dfsg-4
Severity: normal
X-Debbugs-Cc: wuruil...@loongson.cn

Dear Maintainer,

While compiling the neuron package, an error was encountered. The following 
patch was added to the librandom123 software package, which successfully solved 
the problem.

wuruilong

-- System Information:
Debian Release: trixie/sid
  APT prefers unreleased
  APT policy: (500, 'unreleased'), (500, 'unstable')
Architecture: loong64 (loongarch64)

Kernel: Linux 5.10.0-60.96.0.126.oe2203.loongarch64 (SMP w/32 CPU threads)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=C.UTF-8 (charmap=locale: Cannot set 
LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect
--- a/include/Random123/features/gccfeatures.h  2024-01-02 01:40:35.426859137 
+
+++ b/include/Random123/features/gccfeatures.h  2024-01-02 01:41:19.538567978 
+
@@ -34,7 +34,7 @@
 
 #define R123_GNUC_VERSION (__GNUC__*1 + __GNUC_MINOR__*100 + 
__GNUC_PATCHLEVEL__)
 
-#if !defined(__x86_64__) && !defined(__i386__) && !defined(__powerpc__) && 
!defined(__arm__) && !defined(__aarch64__) && !defined(__s390x__) && 
!defined(__riscv)
+#if !defined(__x86_64__) && !defined(__i386__) && !defined(__powerpc__) && 
!defined(__arm__) && !defined(__aarch64__) && !defined(__s390x__) && 
!defined(__riscv) && !defined(__loongarch__)
 #  error "This code has only been tested on x86, powerpc and a few arm 
platforms."
 #include 

 { /* maybe an unbalanced brace will terminate the compilation */

Bug#627164: klibc-utils: ipconfig does not support IPv6 (was Re: ipconfig: fails to add default gateway)

[Thorsten Glaser]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA384

Dixi quod…

>>(I will probably have to see how I can rip ipconfig off initramfs-tools
>>and plug iproute2 in (YY! (NOT!)) since I also got a v6-only machine
>>and the “ip=” kernel parameter is Legacy IP-only. Unless both are solved
>>problems already. I could use v6 for this machine, too, if that would
>>be easier.)
>
>And that would be Debian #627164 from 2011.
>
>Damn, I guess this means I’ll have to hack this up myself, perhaps[…]

>(Adding this mostly for thread completeness, as the only thing of
>this that pertains to klibc would be lack of IPv6 support and lack
>of “onlink” flag support for a Legacy IP default route.)

I did it!

Extract the following shar archive into /etc/initramfs-tools/ first…

# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#   hooks/ipv6
#   scripts/init-top/ipv6
#   scripts/init-bottom/ipv6
#
echo x - hooks/ipv6
sed 's/^X//' >hooks/ipv6 << 'END-of-hooks/ipv6'
X#!/bin/sh
X
XPREREQ="dropbear klibc-utils zz-busybox"
Xprereqs() {
X   echo "$PREREQ"
X}
X
Xcase $1 in
X(prereqs)
X   prereqs
X   exit 0
X   ;;
Xesac
X
X. /usr/share/initramfs-tools/hook-functions
X
Xset -e
X
Xtest -x "$DESTDIR/bin/ipconfig" || {
X   echo >&2 "E: klibc ipconfig not found"
X   exit 1
X}
Xtest -x "$DESTDIR/bin/ip" || test -x "$DESTDIR/sbin/ip" || {
X   echo >&2 "E: ip(8), busybox or normal, not found"
X   exit 1
X}
X
Xmv "$DESTDIR/bin/ipconfig" "$DESTDIR/bin/ipconfig.klibc-dist"
Xcat >"$DESTDIR/bin/ipconfig" <<\EOSCRIPT
X#!/bin/sh
Xcase ${1}
${3}
${4} in
X(-t
-d
ipv6:*)
X   ;;
X(*)
X   echo >&2 "I: configuring something other than IPv6"
X   exec /bin/ipconfig.klibc-dist "$@"
X   exit 126
X   ;;
Xesac
Xset -e
Xecho >&2 "I: configuring IPv6"
X. /conf/param.conf
Xcase $ipv6_ra:$ipv6_if in
X([01]:?*)
X   ;;
X(*)
X   echo >&2 "E: cannot find IPv6 configuration"
X   exit 1
X   ;;
Xesac
Xtest -e "/proc/sys/net/ipv6/conf/$ipv6_if/accept_ra" || {
X   echo >&2 "E: cannot find interface for IPv6 configuration: $ipv6_if"
X   ( ( ip a | sed 's/^/N: /' >&3) 2>&1 | sed 's/^/E: /') >&2 3>&2
X   exit 1
X}
X
Xcat >"/run/net-$ipv6_if.conf" <>/conf/param.conf
Xecho $ipv6_ra >"/proc/sys/net/ipv6/conf/$ipv6_if/accept_ra"
X
Xip link set dev "$ipv6_if" up || {
X   echo >&2 E: could not enable interface
X   exit 1
X}
Xmaxwait=
Xwhile test x"$(cat "/sys/class/net/$ipv6_if/operstate")" != x"up"; do
X   if test x"$maxwait" = x"111"; then
X   echo >&2
X   echo >&2 'W: link still not up? continuing anyway :/'
X   maxwait=
X   break
X   else
X   test -n "$maxwait" || echo -n >&2 \
X   'I: waiting until link comes up or 15 seconds '
X   maxwait=1$maxwait
X   sleep 1
X   echo -n >&2 .
X   fi
Xdone
Xtest -z "$maxwait" || echo >&2 ' done'
Xif test -n "$ipv6_na"; then
X   ip -6 addr add "$ipv6_na" dev "$ipv6_if" || {
X   echo >&2 E: could not set up IP
X   exit 1
X   }
X   if ip -6 addr show dev "$ipv6_if" to "$ipv6_na" dadfailed >/dev/null 
2>&1; then
X   maxwait=
X   while test -n "$(ip -6 addr show dev "$ipv6_if" to "$ipv6_na" 
tentative)"; do
X   if test x"$maxwait" = x"111"; then
X   echo -n >&2 'timeout'
X   break
X   else
X   test -n "$maxwait" || echo -n >&2 \
X   'I: waiting for duplicate address detection 
'
X   maxwait=1$maxwait
X   sleep 1
X   echo -n >&2 .
X   fi
X   done
X   if test -z "$(ip -6 addr show dev "$ipv6_if" to "$ipv6_na" 
dadfailed)"; then
X   test -z "$maxwait" || echo >&2 ' done'
X   elif test -z "$maxwait"; then
X   echo >&2 'E: duplicate address detection FAILED!'
X   else
X   echo >&2 ' FAILED!'
X   fi
X   else
X   echo >&2 'W: busybox ip(8) cannot handle duplicate address 
detection'
X   sleep 1 # justin case
X   fi
Xfi
Xif test -n "$ipv6_gw"; then
X   ip -6 route replace default via "$ipv6_gw" dev "$ipv6_if" onlink || {
X   echo >&2 E: could not set up default route
X   exit 1
X   }
Xfi
Xtest -z "$ipv6_hn" || echo "$ipv6_hn" >/proc/sys/kernel/hostname
Xip addr show dev "$ipv6_if" | sed 's/^/N: /' >&2
Xip -6 route list | sed 's/^/N: /' >&2
Xecho >&2 I: IPv6 set up successfully
XEOSCRIPT
Xchmod 555 

Bug#1059823: frogr: Package version 1.8

[Jeremy Bícha]

Source: frogr
Version: 1.7-1
Severity: wishlist

frogr 1.8 was released today. It includes an option to build with
libsoup3. Please package the new release and enable that option.

https://gitlab.gnome.org/GNOME/frogr/-/blob/RELEASE_1.8/NEWS

Thank you,
Jeremy Bícha

Bug#1059822: ftp.debian.org: Changelog unavailable for linux=6.6.8-1

[Vincent Lefevre]

Package: ftp.debian.org
Severity: normal

Changelog for linux=6.6.8-1 is unavailable. After an "apt update":

qaa:~> apt changelog linux-libc-dev
Err:1 https://metadata.ftp-master.debian.org linux 6.6.8-1 Changelog
  Changelog unavailable for linux=6.6.8-1 (404  Not Found [IP: 
2a04:4e42:6a::644 443])
E: Failed to fetch 
https://metadata.ftp-master.debian.org/changelogs/main/l/linux/linux_6.6.8-1_changelog
  Changelog unavailable for linux=6.6.8-1 (404  Not Found [IP: 
2a04:4e42:6a::644 443])

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1059821: sed: move /bin/sed to /usr for DEP17

[Helmut Grohne]

Package: sed
Version: 4.9-1
Tags: patch
User: helm...@debian.org
Usertags: dep17m2

In order to finalize the /usr-merge, we want to move all files to /usr
(DEP17). sed is involved relativley early due to being installed by
debootstrap. The change is fairly simple and I'm attaching a patch for
your convenience.

Helmut
diff --minimal -Nru sed-4.9/debian/changelog sed-4.9/debian/changelog
--- sed-4.9/debian/changelog2023-01-05 20:55:25.0 +0100
+++ sed-4.9/debian/changelog2024-01-01 23:14:25.0 +0100
@@ -1,3 +1,10 @@
+sed (4.9-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Move sed to /usr for DEP17. (Closes: #-1)
+
+ -- Helmut Grohne   Mon, 01 Jan 2024 23:14:25 +0100
+
 sed (4.9-1) unstable; urgency=medium
 
   * New upstream version.
diff --minimal -Nru sed-4.9/debian/rules sed-4.9/debian/rules
--- sed-4.9/debian/rules2023-01-05 20:55:25.0 +0100
+++ sed-4.9/debian/rules2024-01-01 23:14:16.0 +0100
@@ -4,7 +4,7 @@
dh $@
 
 override_dh_auto_configure:
-   dh_auto_configure -- --exec-prefix=/ --with-packager=Debian 
--without-included-regex
+   dh_auto_configure -- --with-packager=Debian --without-included-regex
 
 override_dh_shlibdeps:
dh_shlibdeps -- -dPre-Depends

Bug#1059765: linux: isolation-machine autopkgtest fails for multiple reasons

[Bastian Blank]

On Mon, Jan 01, 2024 at 10:33:10PM +0100, Bastian Blank wrote:
> Turns out this requires more work.  Currently it is not possible to
> build some tests.

I'll remove the current selftest stuff.

This needs much more work, too much work for now.  The runner does not
support recursive test selection.  Many tests fail instead of skipping
itself on missing requirements.

Bastian

-- 
Immortality consists largely of boredom.
-- Zefrem Cochrane, "Metamorphosis", stardate 3219.8

Bug#1059820: picom crashes when no windows are present (dwm, Debian GNU/Linux trixie/sid x86_64)

[Kalan Walmsley]

Package: picom
Version: 10.2-2
Severity: important
X-Debbugs-Cc: i...@kalankaboom.net

Dear Maintainer,

   * What led up to the situation?
 I upgraded my picom package from 10.2-1 to 10.2-2.
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
 Building the package from source fixed the issue.
   * What was the outcome of this action?
 No more crashes.
   * Steps to reproduce
 1. Start picom
 2. Hide all windows (including bar)


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-5-amd64 (SMP w/20 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages picom depends on:
ii  libc62.37-12
ii  libconfig9   1.5-0.4
ii  libdbus-1-3  1.14.10-3
ii  libegl1  1.7.0-1
ii  libev4   1:4.33-2
ii  libgl1   1.7.0-1
ii  libpcre2-8-0 10.42-4
ii  libpixman-1-00.42.2-1
ii  libx11-6 2:1.8.7-1
ii  libx11-xcb1  2:1.8.7-1
ii  libxcb-composite01.15-1
ii  libxcb-damage0   1.15-1
ii  libxcb-glx0  1.15-1
ii  libxcb-image00.4.0-2
ii  libxcb-present0  1.15-1
ii  libxcb-randr01.15-1
ii  libxcb-render-util0  0.3.9-1+b1
ii  libxcb-render0   1.15-1
ii  libxcb-shape01.15-1
ii  libxcb-sync1 1.15-1
ii  libxcb-xfixes0   1.15-1
ii  libxcb-xinerama0 1.15-1
ii  libxcb1  1.15-1
ii  python3  3.11.4-5+b1

picom recommends no packages.

picom suggests no packages.

-- no debconf information

Bug#1059625: exaile: please depend on gir1.2-girepository-2.0 and other typelibs explicitly

[André]

Thank you for the patches. I applied all of them.

Additionally I added some more packages for suggestions (they are not 
GI-related)


Regards,
André

Am 29.12.23 um 14:46 schrieb Simon McVittie:

Package: exaile
Version: 4.1.3+dfsg-1
Severity: normal
Tags: patch
User: pkg-gnome-maintain...@lists.alioth.debian.org
Usertags: girepository-2.0

exaile contains code that explicitly loads the GIRepository-2.0
typelib. This is currently part of gir1.2-glib-2.0, but it will need
to be moved to a separate binary package during the GNOME 46 cycle,
as a result of most of gir1.2-glib-2.0 moving to src:glib2.0 (which has
broken some of the API/ABI in the process, resulting in it shipping an
incompatible GIRepository-3.0 instead).

python3-gi will continue to pull in the GIRepository-2.0 from
src:gobject-introspection, at least for a while, but it will be easier to
keep track of which packages will be affected by a future transition from
GIRepository-2.0 to GIRepository-3.0 if we make the dependency explicit.
Please consider applying the attached patch 0001 to achieve this.

While checking this, I also noticed that the package imports lots of
typelibs without explicitly depending on them: they are currently pulled
in via indirect dependencies, but that could change. Please consider
applying the attached patches 0002 and 0003 to make these dependencies
explicit.

I've assumed that the non-plugin parts of the codebase are functionally
necessary, but the plugins would only be a Suggests if packaged separately;
please arrange the dependencies between Depends, Recommends and Suggests
in a more appropriate way if my assumptions were incorrect.

The patches are untested (I don't use exaile myself) but are simple enough
that I hope they're correct.

Thanks,
 smcv

Bug#1059819: g2clib/experimental FTBFS: Could NOT find libaec

[Adrian Bunk]

Source: g2clib
Version: 1.8.0-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/logs.php?pkg=g2clib=1.8.0-1

...
CMake Error at 
/usr/share/cmake-3.28/Modules/FindPackageHandleStandardArgs.cmake:230 (message):
  Could NOT find libaec (missing: LIBAEC_LIBRARIES LIBAEC_INCLUDE_DIRS)
  (Required is at least version "1.0.6")
Call Stack (most recent call first):
  /usr/share/cmake-3.28/Modules/FindPackageHandleStandardArgs.cmake:600 
(_FPHSA_FAILURE_MESSAGE)
  cmake/Findlibaec.cmake:25 (find_package_handle_standard_args)
  CMakeLists.txt:100 (find_package)


-- Configuring incomplete, errors occurred!

Bug#1052666: lvm2 FTBFS when systemd.pc changes systemdsystemunitdir

[Helmut Grohne]

On Mon, Sep 25, 2023 at 10:29:14PM +0200, Helmut Grohne wrote:
> We want to change the value of systemdsystemunitdir in systemd.pc to
> point below /usr. lvm2's upstream build system consumes this variable,
> but its packaging hard codes the current value. Consequently, lvm2 FTBFS
> when it is changed. Consider applying the attached patch to avoid that
> failure.

The earlier patch no longer works. In the patch, I mistakenly assumed
that lvm2 would also consider udevdir and "fixed" that as well. It
really does not and now that udevdir has been moved, the patch makes
lvm2 FTBFS. I propose honoring udevdir as well and attach an updated
patch. The only difference to the earlier patch is the hunk changing
configure arguments.

Helmut
diff --minimal -Nru lvm2-2.03.16/debian/dmeventd.install 
lvm2-2.03.16/debian/dmeventd.install
--- lvm2-2.03.16/debian/dmeventd.install2022-10-19 21:37:31.0 
+0200
+++ lvm2-2.03.16/debian/dmeventd.install2024-01-01 22:34:41.0 
+0100
@@ -1,5 +1,5 @@
 lib/*/libdevmapper-event-*
 lib/*/device-mapper/libdevmapper-event-*
-lib/systemd/system/dm-event*
+${env:systemdsystemunitdir}/dm-event*
 sbin/dmeventd
 usr/share/man/man8/dmeventd.8
diff --minimal -Nru lvm2-2.03.16/debian/dmsetup.install 
lvm2-2.03.16/debian/dmsetup.install
--- lvm2-2.03.16/debian/dmsetup.install 2022-10-19 21:37:31.0 +0200
+++ lvm2-2.03.16/debian/dmsetup.install 2024-01-01 22:34:41.0 +0100
@@ -1,5 +1,5 @@
 ../../initramfs-tools/dmsetup/* usr/share/initramfs-tools
-lib/udev/rules.d/*-dm*.rules
+${env:udevdir}/rules.d/*-dm*.rules
 sbin/blkdeactivate
 sbin/dmsetup
 sbin/dmstats
diff --minimal -Nru lvm2-2.03.16/debian/lvm2-dbusd.install 
lvm2-2.03.16/debian/lvm2-dbusd.install
--- lvm2-2.03.16/debian/lvm2-dbusd.install  2022-10-19 21:37:31.0 
+0200
+++ lvm2-2.03.16/debian/lvm2-dbusd.install  2024-01-01 22:34:41.0 
+0100
@@ -1,5 +1,5 @@
 etc/dbus-1/system.d/com.redhat.lvmdbus1.conf
-lib/systemd/system/lvm2-lvmdbusd.service
+${env:systemdsystemunitdir}/lvm2-lvmdbusd.service
 sbin/lvmdbusd
 usr/lib/python*/*-packages/lvmdbusd/
 usr/share/dbus-1/system-services/com.redhat.lvmdbus1.service
diff --minimal -Nru lvm2-2.03.16/debian/lvm2-lockd.install 
lvm2-2.03.16/debian/lvm2-lockd.install
--- lvm2-2.03.16/debian/lvm2-lockd.install  2022-10-19 21:37:31.0 
+0200
+++ lvm2-2.03.16/debian/lvm2-lockd.install  2024-01-01 22:34:41.0 
+0100
@@ -1,5 +1,5 @@
-lib/systemd/system/lvmlockd.service
-lib/systemd/system/lvmlocks.service
+${env:systemdsystemunitdir}/lvmlockd.service
+${env:systemdsystemunitdir}/lvmlocks.service
 sbin/lvmlockctl
 sbin/lvmlockd
 usr/share/man/man8/lvmlockctl.8
diff --minimal -Nru lvm2-2.03.16/debian/lvm2.install 
lvm2-2.03.16/debian/lvm2.install
--- lvm2-2.03.16/debian/lvm2.install2022-10-19 21:37:31.0 +0200
+++ lvm2-2.03.16/debian/lvm2.install2024-01-01 22:34:41.0 +0100
@@ -1,9 +1,9 @@
 ../../initramfs-tools/lvm2/* usr/share/initramfs-tools
 etc/lvm
-lib/systemd/system/blk-availability*
-lib/systemd/system/lvm2-lvmpolld*
-lib/systemd/system/lvm2-monitor*
-lib/udev/rules.d/*-lvm*.rules
+${env:systemdsystemunitdir}/blk-availability*
+${env:systemdsystemunitdir}/lvm2-lvmpolld*
+${env:systemdsystemunitdir}/lvm2-monitor*
+${env:udevdir}/rules.d/*-lvm*.rules
 sbin/fsadm
 sbin/lvchange
 sbin/lvconvert
diff --minimal -Nru lvm2-2.03.16/debian/rules lvm2-2.03.16/debian/rules
--- lvm2-2.03.16/debian/rules   2022-10-19 21:37:31.0 +0200
+++ lvm2-2.03.16/debian/rules   2024-01-01 22:35:58.0 +0100
@@ -16,6 +16,9 @@
 DEVMAPPER_VERSION_DEBIAN = $(DEVMAPPER_VERSION)-$(VERSION_DEBIAN)
 DEVMAPPER_VERSION_FILE = $(DEVMAPPER_VERSION_PLAIN)-$(VERSION_DEBIAN)
 
+export systemdsystemunitdir = $(shell pkg-config 
--variable=systemdsystemunitdir systemd | sed s,^/,,)
+export udevdir = $(shell pkg-config --variable=udevdir udev | sed s,^/,,)
+
 GENCONTROL_ARGS = -Vdevmapper:Version=$(DEVMAPPER_VERSION_DEBIAN)
 
 ifeq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
@@ -39,7 +42,7 @@
--with-thin-check=/usr/sbin/thin_check
--with-thin-dump=/usr/sbin/thin_dump
--with-thin-repair=/usr/sbin/thin_repair
-   --with-udev-prefix=/
+   --with-udevdir=/$(udevdir)/rules.d
--enable-applib
--enable-blkid_wiping
--enable-cmdlib

Bug#1059818: tar: move /bin/tar to /usr for DEP17

[Helmut Grohne]

Package: tar
Version: 1.35+dfsg-2
Tags: patch
User: helm...@debian.org
Usertags: dep17m2

Hi Gioele,

it's finally the time to move file to /usr. tar looks really straight
forward and should be good to go. I'm attaching the obvious patch for
your convenience. Given experience with other packages, I think this is
good to go to unstable directly.

Helmut
diff --minimal -Nru tar-1.35+dfsg/debian/changelog 
tar-1.35+dfsg/debian/changelog
--- tar-1.35+dfsg/debian/changelog  2023-12-29 14:15:35.0 +0100
+++ tar-1.35+dfsg/debian/changelog  2024-01-01 22:15:10.0 +0100
@@ -1,3 +1,10 @@
+tar (1.35+dfsg-2.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Move tar to /usr for DEP17. (Closes: #-1)
+
+ -- Helmut Grohne   Mon, 01 Jan 2024 22:15:10 +0100
+
 tar (1.35+dfsg-2) unstable; urgency=medium
 
   * Team upload (salsa.debian.org/debian namespace)
diff --minimal -Nru tar-1.35+dfsg/debian/tar.install 
tar-1.35+dfsg/debian/tar.install
--- tar-1.35+dfsg/debian/tar.install2023-12-29 09:29:08.0 +0100
+++ tar-1.35+dfsg/debian/tar.install2024-01-01 22:14:55.0 +0100
@@ -1,6 +1,5 @@
 #!/usr/bin/dh-exec
 debian/tarcat usr/sbin/
-# Can be removed once the /bin -> /usr/bin moratorium is lifted.
-usr/bin/tar bin/
+usr/bin/tar
 usr/sbin/rmt => usr/sbin/rmt-tar
 usr/share/locale/

Bug#1059817: procps: move files to /usr for DEP17

[Helmut Grohne]

Source: procps
Version: 2:4.0.4-2
Tags: patch
User: helm...@debian.org
Usertags: dep17m2

We want to finalize the /usr-merge by moving files from / to /usr via
DEP17. procps is involved at this time, because it is part of the
debootstrap set. I'm attaching a patch for performing the merge. This
patch should not be backported to bookworm-backports or earlier. If you
want to support backporting, please use dh_movetousr instead. Please
upload this change to experimental first as a precautions measure. If
you do not receive an RC bug within three days, move forward to
unstable.

Helmut
diff --minimal -Nru procps-4.0.4/debian/changelog procps-4.0.4/debian/changelog
--- procps-4.0.4/debian/changelog   2023-10-09 08:02:52.0 +0200
+++ procps-4.0.4/debian/changelog   2024-01-01 21:36:06.0 +0100
@@ -1,3 +1,10 @@
+procps (2:4.0.4-2.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Move files to /usr for DEP17. (Closes: #-1)
+
+ -- Helmut Grohne   Mon, 01 Jan 2024 21:36:06 +0100
+
 procps (2:4.0.4-2) unstable; urgency=medium
 
   * Loosen regex and check file perms in pmap test Closes: #1052034
diff --minimal -Nru procps-4.0.4/debian/libproc2-0.install 
procps-4.0.4/debian/libproc2-0.install
--- procps-4.0.4/debian/libproc2-0.install  2023-10-09 08:02:52.0 
+0200
+++ procps-4.0.4/debian/libproc2-0.install  2024-01-01 21:32:37.0 
+0100
@@ -1 +1 @@
-usr/lib/${DEB_HOST_MULTIARCH}/libproc2.so.* lib/${DEB_HOST_MULTIARCH}/
+usr/lib/${DEB_HOST_MULTIARCH}/libproc2.so.*
diff --minimal -Nru procps-4.0.4/debian/libproc2-dev.links 
procps-4.0.4/debian/libproc2-dev.links
--- procps-4.0.4/debian/libproc2-dev.links  2023-10-09 08:02:52.0 
+0200
+++ procps-4.0.4/debian/libproc2-dev.links  2024-01-01 21:32:49.0 
+0100
@@ -1 +1 @@
-lib/${DEB_HOST_MULTIARCH}/libproc2.so.0 
usr/lib/${DEB_HOST_MULTIARCH}/libproc2.so
+usr/lib/${DEB_HOST_MULTIARCH}/libproc2.so.0 
usr/lib/${DEB_HOST_MULTIARCH}/libproc2.so
diff --minimal -Nru procps-4.0.4/debian/procps.install 
procps-4.0.4/debian/procps.install
--- procps-4.0.4/debian/procps.install  2023-10-09 08:02:52.0 +0200
+++ procps-4.0.4/debian/procps.install  2024-01-01 21:36:06.0 +0100
@@ -3,7 +3,6 @@
 debian/sysctl.conf etc
 debian/99-protect-links.conf usr/lib/sysctl.d
 debian/README.sysctl etc/sysctl.d
-bbin/* bin
-bin/* usr/bin
-sbin/sysctl sbin
+usr/bin
+usr/sbin/sysctl usr/sbin
 usr/share/locale
diff --minimal -Nru procps-4.0.4/debian/procps.install.hurd 
procps-4.0.4/debian/procps.install.hurd
--- procps-4.0.4/debian/procps.install.hurd 2023-10-09 08:02:52.0 
+0200
+++ procps-4.0.4/debian/procps.install.hurd 2024-01-01 21:34:21.0 
+0100
@@ -1,5 +1,3 @@
 # Files to install for hurd systems
-bbin/kill.procps bin
-bbin/ps.procps bin
-bin/* /usr/bin
+usr/bin
 usr/share/locale
diff --minimal -Nru procps-4.0.4/debian/procps.install.kfreebsd 
procps-4.0.4/debian/procps.install.kfreebsd
--- procps-4.0.4/debian/procps.install.kfreebsd 2023-10-09 08:02:52.0 
+0200
+++ procps-4.0.4/debian/procps.install.kfreebsd 2024-01-01 21:34:39.0 
+0100
@@ -1,5 +1,3 @@
 # Files to install for kfreebsd systems
-bbin/kill.procps bin
-bbin/ps bin
-bin/* /usr/bin
+usr/bin
 usr/share/locale
diff --minimal -Nru procps-4.0.4/debian/rules procps-4.0.4/debian/rules
--- procps-4.0.4/debian/rules   2023-10-09 08:02:52.0 +0200
+++ procps-4.0.4/debian/rules   2024-01-01 21:35:22.0 +0100
@@ -40,7 +40,6 @@
  --disable-pidof \
  --disable-modern-top \
  --prefix=/usr \
- --exec-prefix=/ \
  --libdir=/usr/lib/$(DEB_HOST_MULTIARCH) \
  --build=$(DEB_BUILD_GNU_TYPE) \
  --host=$(DEB_HOST_GNU_TYPE) \
@@ -48,9 +47,6 @@
 
 override_dh_auto_install: $(autogen-files)
dh_auto_install
-   mkdir $(DEBROOT)/bbin
-   mv $(DEBROOT)/bin/kill $(DEBROOT)/bbin/
-   mv $(DEBROOT)/bin/ps $(DEBROOT)/bbin/
 
 ifneq ($(DEB_HOST_ARCH_OS), linux)
rm -f \
@@ -62,7 +58,7 @@
$(NULL)
 
 # Rename kill as there are two of them
-   (cd $(DEBROOT)/bbin && mv kill kill.procps )
+   (cd $(DEBROOT)/usr/bin && mv kill kill.procps )
(cd $(DEBROOT)/usr/share/man/man1 && mv kill.1 kill.procps.1 )
 endif
 ifeq ($(DEB_HOST_ARCH_OS), hurd)
@@ -72,15 +68,15 @@
$(NULL)
 
# Rename vmstat as there are two of them
-   (cd $(DEBROOT)/bin && mv vmstat vmstat.procps )
+   (cd $(DEBROOT)/usr/bin && mv vmstat vmstat.procps )
(cd $(DEBROOT)/usr/share/man/man8 && mv vmstat.8 vmstat.procps.8 )
 
# Rename uptime as there are two of them
-   (cd $(DEBROOT)/bin && mv uptime uptime.procps )
+   (cd $(DEBROOT)/usr/bin && mv uptime uptime.procps )
(cd $(DEBROOT)/usr/share/man/man1 && mv uptime.1 uptime.procps.1 )
 
# Rename ps as there are two of them
-   (cd $(DEBROOT)/bbin && mv ps ps.procps )
+   (cd $(DEBROOT)/usr/bin && mv ps 

Bug#1059816: keyutils: move files to /usr for DEP17

[Helmut Grohne]

Source: keyutils
Version: 1.6.3-2
Tags: patch
User: helm...@debian.org
Usertags: dep17m2

For finalizing the /usr-merge, we want to move all files /to usr
(DEP17). keyutils is involved, because it is installed by debootstrap.
I'm attaching a patch for your convenience. This patch should not be
uploaded to bookworm-backports or earlier. If you want to support
backports, please use dh_movetousr/dh-sequence-movetousr instead.

Helmut
diff --minimal -Nru keyutils-1.6.3/debian/changelog 
keyutils-1.6.3/debian/changelog
--- keyutils-1.6.3/debian/changelog 2022-12-18 22:15:58.0 +0100
+++ keyutils-1.6.3/debian/changelog 2024-01-01 21:47:20.0 +0100
@@ -1,3 +1,10 @@
+keyutils (1.6.3-2.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Move files to /usr for DEP17. (Closes: #-1)
+
+ -- Helmut Grohne   Mon, 01 Jan 2024 21:47:20 +0100
+
 keyutils (1.6.3-2) unstable; urgency=medium
 
   * Bump Standards-Version to 4.6.2 (no changes needed)
diff --minimal -Nru keyutils-1.6.3/debian/keyutils.install 
keyutils-1.6.3/debian/keyutils.install
--- keyutils-1.6.3/debian/keyutils.install  2022-12-18 22:15:58.0 
+0100
+++ keyutils-1.6.3/debian/keyutils.install  2024-01-01 21:45:42.0 
+0100
@@ -1,6 +1,6 @@
-bin
 etc
-sbin
+usr/bin
+usr/sbin
 usr/share/keyutils
 usr/share/man/man1
 usr/share/man/man5
diff --minimal -Nru keyutils-1.6.3/debian/libkeyutils-dev.install 
keyutils-1.6.3/debian/libkeyutils-dev.install
--- keyutils-1.6.3/debian/libkeyutils-dev.install   2022-12-18 
22:15:58.0 +0100
+++ keyutils-1.6.3/debian/libkeyutils-dev.install   2024-01-01 
21:47:20.0 +0100
@@ -1,3 +1,5 @@
 usr/include
-usr/lib
+usr/lib/*/*.a
+usr/lib/*/*.so
+usr/lib/*/pkgconfig
 usr/share/man/man3
diff --minimal -Nru keyutils-1.6.3/debian/libkeyutils1.install 
keyutils-1.6.3/debian/libkeyutils1.install
--- keyutils-1.6.3/debian/libkeyutils1.install  2022-12-18 22:15:58.0 
+0100
+++ keyutils-1.6.3/debian/libkeyutils1.install  2024-01-01 21:45:47.0 
+0100
@@ -1 +1 @@
-lib/*/*.so.*
+usr/lib/*/*.so.*
diff --minimal -Nru keyutils-1.6.3/debian/rules keyutils-1.6.3/debian/rules
--- keyutils-1.6.3/debian/rules 2022-12-18 22:15:58.0 +0100
+++ keyutils-1.6.3/debian/rules 2024-01-01 21:45:25.0 +0100
@@ -17,7 +17,7 @@
 endif
 
 override_dh_auto_install:
-   dh_auto_install -- LIBDIR=/lib/$(DEB_HOST_MULTIARCH) 
USRLIBDIR=/usr/lib/$(DEB_HOST_MULTIARCH)
+   dh_auto_install -- BINDIR=/usr/bin 
LIBDIR=/usr/lib/$(DEB_HOST_MULTIARCH) USRLIBDIR=/usr/lib/$(DEB_HOST_MULTIARCH) 
SBINDIR=/usr/sbin
 
 override_dh_auto_test:
# Use  the library and executable we just built;

Bug#1059815: installation-reports: unmount problem on encrypted system at shutdown

[Thomas Bindewald]

Package: installation-reports
Severity: normal
Tags: d-i
X-Debbugs-Cc: zefr...@gmail.com

Boot method: DVD
Image version: 
https://laotzu.ftp.acc.umu.se/debian.cd/current/amd64/iso-dvd/debian.12.4.0-amd64-DVD-1.iso
Date: 

Machine: VirtualBox
Partitions: 

root@debian:~# df -Tl
Filesystem   Type 1K-blocksUsed Available Use% Mounted 
on
udev devtmpfs   4032336   0   4032336   0% /dev
tmpfstmpfs   813192 952812240   1% /run
/dev/mapper/LVMGRP-LVMVOLSYS ext4  20970032 426  16474372  21% /
tmpfstmpfs  4065944   0   4065944   0% /dev/shm
tmpfstmpfs 5120   8  5112   1% /run/lock
/dev/mapper/LVMGRP-LVMVOLHOM ext4   3081800  48   3033300   1% /home
/dev/mapper/LVMGRP-LVMVOLTMP ext4   3761336 104   3705816   1% /tmp
/dev/sda1ext4942764  146392770220  16% /boot
tmpfstmpfs   813188  48813140   1% 
/run/user/0

root@debian:~# fdisk --list /dev/sda
Disk /dev/sda: 35.85 GiB, 38494699520 bytes, 75184960 sectors
Disk model: VBOX HARDDISK   
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xe1515c34

Device Boot   Start  End  Sectors  Size Id Type
/dev/sda1  *   2048  1955839  1953792  954M 83 Linux
/dev/sda2   1955840 75184959 73229120 34.9G da Non-FS data
root@debian:~#


Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it

Initial boot:   [O]
Detect network card:[O]
Configure network:  [O]
Detect media:   [O]
Load installer modules: [O]
Clock/timezone setup:   [O]
User/password setup:[O]
Detect hard drives: [O]
Partition hard drives:  [O]
Install base system:[O]
Install tasks:  [O]
Install boot loader:[O]
Overall install:[E]

Comments/Problems:

The "Expert textmode installation" went well.
Before using the installers partitioning sub-menu, i opened an 
shell and used fdisk on my own, as i wanted two PRIMARY partitions. 
I gave them the type "da".
The i went on using straight forward the installers partitioning 
program und install routines without intervening, choosing 
an encrypted system with LVM, and XFCE desktop.

After start using the fresh installed system (at least another 
reboot has been done), i investigated the 
journalctl output and found an worrying issue, reported
during a shutdown:

  Jan 01 19:54:17 debian systemd[1]: 
run-credentials-systemd\x2dsysctl.service.mount: Deactivated successfully.
  Jan 01 19:54:17 debian systemd[1]: Unmounted 
run-credentials-systemd\x2dsysctl.service.mount - 
/run/credentials/systemd-sysctl.service.
  Jan 01 19:54:17 debian systemd-cryptsetup[1199]: Device sda2_crypt is still 
in use.
  Jan 01 19:54:17 debian systemd-cryptsetup[1199]: Failed to deactivate: Device 
or resource busy
  Jan 01 19:54:17 debian systemd[1]: systemd-cryptsetup@sda2_crypt.service: 
Control process exited, code=exited, status=1/FAILURE
  Jan 01 19:54:17 debian systemd[1]: systemd-cryptsetup@sda2_crypt.service: 
Failed with result 'exit-code'.
  Jan 01 19:54:17 debian systemd[1]: Stopped 
systemd-cryptsetup@sda2_crypt.service - Cryptography Setup for sda2_crypt.

It wantet to unmount an filesystem still needed at that point of time?

I did some internet search on that, and found a possible solution suggested:

  root@debian:~# cat /etc/crypttab 
  sda2_crypt UUID=dd43f64e-947f-4696-b71c-dc05dc4ceb6f none luks,x-initrd.attach
  root@debian:~#

The manually added "x-initrd.attach" parameter let the error vanish.

Please evaluate, it this is an apropriate solution, which the 
installer might add at writing the /etc/crypttab file. Because 
people, who are not deeply familiar with Linux internals, 
are worried, if this error might affect filesystem integrity.

Thank you.


-- Package-specific info:

==
Installer lsb-release:
==
DISTRIB_ID=Debian
DISTRIB_DESCRIPTION="Debian GNU/Linux installer"
DISTRIB_RELEASE="12 (bookworm) - installer build 20230607+deb12u4"
X_INSTALLATION_MEDIUM=cdrom

==
Installer hardware-summary:
==
uname -a: Linux debian 6.1.0-15-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.66-1 
(2023-12-09) x86_64 GNU/Linux
lspci -knn: 00:00.0 Host bridge [0600]: Intel Corporation 440FX - 82441FX PMC 
[Natoma] [8086:1237] (rev 02)
lspci -knn: 00:01.0 ISA bridge [0601]: Intel Corporation 82371SB PIIX3 ISA 
[Natoma/Triton II] [8086:7000]
lspci -knn: 00:01.1 IDE interface [0101]: Intel Corporation 82371AB/EB/MB PIIX4 
IDE [8086:7111] (rev 01)
lspci -knn: Kernel driver in use: ata_piix
lspci -knn: Kernel modules: ata_piix, 

Bug#1059765: linux: isolation-machine autopkgtest fails for multiple reasons

[Bastian Blank]

On Sun, Dec 31, 2023 at 06:33:29PM +0100, Bastian Blank wrote:
> On Sun, Dec 31, 2023 at 04:47:28PM +0100, Paul Gevers wrote:
> > Recently I added some isolation-machine support to ci.debian.net and one of
> > the first packages I tried to run the test for is src:linux.
> Do you have a handy script available to try this by hand?  I was just
> looking at this test (to unravel the loop logic and replace it with one
> test per kernel), but I'm not sure if this ever worked before.

Turns out this requires more work.  Currently it is not possible to
build some tests.

Plan:
- get vmlinux.h working
- build a linux-selftests package
- from there run tests

Do we have serial of the machines?  Otherwise running those tests is not
adviced anyway, as we will have no way to see if something breaks.

Bastian

-- 
Lots of people drink from the wrong bottle sometimes.
-- Edith Keeler, "The City on the Edge of Forever",
   stardate unknown

Bug#984879: podman does not work on Debian with selinux loaded

[Faidon Liambotis]

Hi Laurent & Sam,

On Thu, May 13, 2021 at 10:14:38AM +0200, Laurent Bigonville wrote:
> I see that you reassigned this bug to the refpolicy package and FTR I don't
> completely agree with that.
> 
> Most of the other applications that manipulates SELinux objects are behaving
> nicely when they are running in permissive and the policy is not including
> the type they needed.
> 
> So having the policy implement the needed types is good for a security
> perspective, but podman shouldn't fail hard (and without a clear message).
> 
> This was partially addressed upstream in
> https://github.com/containers/storage/pull/879 (still need to test it)

(I'm going through older bugs in the BTS that affect podman, and trying
to verify if they're still present.)

I read through this bug, plus the associated upstream ones. I know very
little about SELinux, and the upstream bugs themselves do not provide a
ton of extra clarity.

It would help to list all steps needed to reproduce this bug.

Guessing what the problem may be, I tried the following:
  1. Use the Debian sid daily cloud image and boot with QEMU, fully
 up-to-date as of 2024-01-01 (happy new year ;)
  2. adduser user
  3. apt install --no-install-recommends podman slirp4netns uidmap 
dbus-user-session
  4. Verify that "podman run --rm -it debian:sid" runs:
 a. as user "root"
 b. as user "user" (note: do not use sudo, login in another tty instead)
  5. apt install --no-install-recommends selinux-basics selinux-policy-default 
auditd
  6. selinux-activate
  7. Reboot
  8. Run "sestatus" and verify that SELinux status is "enabled" and in
 permissive mode.
  9. "podman run ..." as users "root" & "user" again (cf. step 3).
 10. setenforce 1; sestatus | grep mode
 11. "podman run ..." as users "root" & "user" again (cf. step 3).

In both steps (8) and (10), i.e. even with SELinux in enforcing mode,
both rootful and rootless podman seemed to work for me.

Note that if I install SELinux before podman (so steps 5-8 before 3-4),
then a:
  restorecon -R /var/lib/containers  # for rootful
or
  restorecon -R $HOME/.local/share/containers  # for rootless
are required, but only *after* podman initializes its directory, i.e.
after the first "podman run" invocation. I'm not sure what the SELinux
best practice is for dealing with this, but I assume nothing
podman-specific.

So, should we consider this bug as fixed? Perhaps due to
containers/storage#879 or some other fix?

Regards,
Faidon

Bug#1059814: meteo-qt 3.3.2 - proxy config does not work

[klak]

Package: meteo-qt
Version: 3.3-2

My workstation is behind a firewall. Internet Access is only with proxy
possible. I configured a proxy but only a timeout happens when I select
the city.

Greets klak


config:
===
[General]
APPID=ea2f2a2002635fd59dcd27be8aebb775
CitiesTranslation={}
CityList=[]
FontTray="Sans Serif,18,-1,5,50,0,0,0,0,0"
Proxy_password=
Proxy_port=3128
Proxy_url=http://192.168.100.157
Proxy_user=
SystemIcons=hicolor
Use_proxy_authentification=False

Debian Testing
Linux kk-6x3600 6.5.0-5-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.5.13-1
(2023-11-29) x86_64 GNU/Linux

Bug#1059813: qterminal: /tmp/ storage not released

[ael]

Package: qterminal
Version: 1.2.0-2
Severity: normal

After running rsync from an instance of qterminal, the /tmp/
filesystem was full:-

# df -h /tmp
Filesystem  Size  Used Avail Use% Mounted on
tmpfs   984M  984M 0 100% /tmp

However, there were no files shown in /tmp/ using ls -l and 
lsof /tmp also only showed deleted entries. But df still showed no
available space and no new files could be created in /tmp/.

/tmp had the usual options:
findmnt /tmp gave

TARGET SOURCE FSTYPE OPTIONS
/tmp   tmpfs  tmpfs  rw,nosuid,nodev,relatime,inode64

Closing the instance of qterminal released the memory:

# df -h /tmp
Filesystem  Size  Used Avail Use% Mounted on
tmpfs   984M  100K  984M   1% /tmp

I do not know what was using the /tmp space, but presumably rsync.
Because this system has only about 2GB of RAM, the /tmp directory filled
up, although I thought it was supposed to start swapping in some (these?)
circumstances.

I am filling this against qterminal just because closing it corrected
the problem: perhaps some lock/mutex/semaphore was released?

I experimented with dd under a qterminal to fill /tmp/ and the deleted
the file and that worked properly. The /tmp/ storage was released.



-- System Information:
Debian Release: 12.0
merged-usr: no
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-16-amd64 (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages qterminal depends on:
ii  libc6  2.36-9+deb12u3
ii  libqt5core5a   5.15.8+dfsg-11
ii  libqt5dbus55.15.8+dfsg-11
ii  libqt5gui5 5.15.8+dfsg-11
ii  libqt5widgets5 5.15.8+dfsg-11
ii  libqt5x11extras5   5.15.8-2
ii  libqtermwidget5-1  1.2.0-2
ii  libstdc++6 12.2.0-14
ii  libx11-6   2:1.8.4-2+deb12u2

Versions of packages qterminal recommends:
ii  qterminal-l10n  1.2.0-2

qterminal suggests no packages.

-- no debconf information

Bug#1055228: Bug#1055750: Bug#1055228: plplot: FTBFS on armhf (test segfault)

[Rafael Laboissière]

Control: severity -1 important

* Sebastiaan Couwenberg  [2024-01-01 20:13]:

plplot got removed from armhf, the severity of this issue could be 
lowered to important to not have the package removed from testing.


Thanks, I am doing it hereby.

Best,

Rafael Laboissière

Bug#1059730: debian-policy: switch to new Debian-conform html theme for Sphinx/reST

[Holger Wansing]

Hi,

Holger Wansing  wrote (Sun, 31 Dec 2023 10:02:29 +0100):
> Hi Sean and Stéphane,
> 
> Am 30. Dezember 2023 23:43:17 MEZ schrieb Sean Whitton 
> :
> >Possibly some of your changes could be applied on top of that?
[...]
> @Stéphane: 
> The URL is 404 now, could you provide the draft again somewhere?
> ()

Thanks, your files are back online.
They look really good indeed. 
Especially how the menu/sidebar is shown/not shown on small screens 
(smartphones) is fine, that was an open point in my proposal :-)

BTW: I think it would be good to have the 'Next'/'Previous' buttons
at the top additionally to those at the bottom.
The theme supports this via a config option. Simply set

html_theme_options = {
# To get previous/next buttons at the top and the bottom:
'prev_next_buttons_location': 'both'
}

in conf.py.in.


Holger



-- 
Holger Wansing 
PGP-Fingerprint: 496A C6E8 1442 4B34 8508  3529 59F1 87CA 156E B076

Bug#1059630: fix build with Python 3.12

[Diane Trout]

On Mon, 2024-01-01 at 11:22 +0100, Matthias Klose wrote:
> Control: tags -1 + patch
> 
> patch at
> http://launchpadlibrarian.net/706939750/python-sparse_0.14.0-1_0.14.0-1ubuntu1.diff.gz
> 


I think a better solution to the versioneer fail to build is to remove
the embedded versioneer and use the copy from python3-versioneer
instead.

I just need to fix some other problems in the autopkgtest too

Diane

Bug#1059811: "chromium --" runs browser

[Philipp Marek]

Package: bash-completion
Version: 1:2.11-8
Severity: minor
File: /usr/share/bash-completion/completions/chromium-browser
X-Debbugs-Cc: phil...@marek.priv.at

This sequence runs chromium and blocks the shell until the browser is closed 
again:

$ chromium --

So the bash-completion is more harm than help here.


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-4-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_AT:de
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- no debconf information

-- debsums errors found:
debsums: can't check bash-completion file 
/usr/share/doc/bash-completion/README.md.gz (Wide character in subroutine entry)
debsums: can't check bash-completion file 
/usr/share/doc/bash-completion/changelog.Debian.gz (Wide character in 
subroutine entry)
debsums: can't check bash-completion file 
/usr/share/doc/bash-completion/changelog.gz (Wide character in subroutine entry)
debsums: can't check bash-completion file 
/usr/share/man/man1/dh_bash-completion.1.gz (Wide character in subroutine entry)

Bug#1059812: elan - dependency updates.

[Peter Michael Green]

Package: elan
Version: 3.0.0-1
Severity: serious

I just updated the rust-term package, from 0.5 to 0.7
as a result elan needs to stop patching it's cargo
dependency on term and update it's Debian
build-dependency.

While doing test builds I noticed a couple of other
dependency issues.

The Debian build-dependency for the toml crate
was not strict enough, debian currently ships two
versions of the toml crate and only the wrong one
was installed in my test environment resulting in
a build failure. So I tightened the dependency to
only allow the correct one.

The package has a cargo dependency on the
"dirs" crate, but there was no corresponding
Debian build-dependency. I presume it was
missed because it was previously pulled in
indirectly but this was no longer the case in
my tests. So I added a Debian build-dependency.

A debdiff is attached. If I get no response I'll
probablly NMU this in a week or so.diff -Nru elan-3.0.0/debian/changelog elan-3.0.0/debian/changelog
--- elan-3.0.0/debian/changelog 2023-09-26 19:22:31.0 +
+++ elan-3.0.0/debian/changelog 2024-01-01 18:34:48.0 +
@@ -1,3 +1,17 @@
+elan (3.0.0-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Dependency updates/fixes:
++ Stop patching Cargo dependency on "term" crate and update Debian
+  dependency accordingly. Debian has now updated to term 0.7
++ Be more specific in Debian dependency for "toml" crate, Debian currently
+  has multiple versions of toml and the previous dependency could be
+  satisfied by the wrong one.
++ Add a Debian dependency on "dirs" crate (which appeard to simply be
+  missing before.
+
+ -- Peter Michael Green   Mon, 01 Jan 2024 18:34:48 +
+
 elan (3.0.0-1) unstable; urgency=medium
 
   * Fix "FTBFS: dh_auto_test: error: /usr/share/cargo/bin/cargo build
diff -Nru elan-3.0.0/debian/control elan-3.0.0/debian/control
--- elan-3.0.0/debian/control   2023-09-26 19:19:14.0 +
+++ elan-3.0.0/debian/control   2024-01-01 18:34:48.0 +
@@ -19,9 +19,9 @@
  librust-sha2-dev,
  librust-tar-dev,
  librust-tempfile-dev,
- librust-term-dev,
+ librust-term-0.7+default-dev,
  librust-time-dev,
- librust-toml-dev,
+ librust-toml-0.7+default-dev (>= 0.7.6),
  librust-url-dev,
  librust-wait-timeout-dev,
  librust-zip-dev,
@@ -30,6 +30,7 @@
  librust-clap-2+vec-map-dev (>= 2.33.3),
  librust-clap-2+ansi-term-dev (>= 2.33.3),
  librust-curl-dev,
+ librust-dirs-5+default-dev,
  librust-walkdir-dev,
  librust-openssl-dev,
  librust-semver-0.9-dev,
diff -Nru elan-3.0.0/debian/patches/0002-dependencies.patch 
elan-3.0.0/debian/patches/0002-dependencies.patch
--- elan-3.0.0/debian/patches/0002-dependencies.patch   2023-09-26 
19:19:14.0 +
+++ elan-3.0.0/debian/patches/0002-dependencies.patch   2024-01-01 
18:33:54.0 +
@@ -27,8 +27,7 @@
 -sha2 = "0.9.2"
 +sha2 = "0.10.5"
  tempfile = "3.2.0"
--term = "0.7.0"
-+term = "0.5.2"
+ term = "0.7.0"
  time = "0.3.4"
 -toml = "0.5.8"
 +toml = "0.7.6"

Bug#1059631: qhelpgenerator-qt5: nearly-reproducible LastRegisterTime value in .qch files is not timezone-normalized

[James Addison]

Followup-For: Bug #1059631
Control: tags -1 fixed-upstream

> Control: forwarded -1 https://codereview.qt-project.org/c/qt/qttools/+/527972

This fix has been merged upstream; I've also offered what I think is a further
cleanup[1], but it does not affect the behaviour of the code (only readability
and performance properties).

Please note: based on code review feedback, I updated the patch to use some
features of Qt that are not available in Qt5, notably a QTimeZone::UTC enum
value[2].  So it seems that the approach taken to develop a fix for Debian
and/or qt5 would necessarily diverge.

[1] - https://codereview.qt-project.org/c/qt/qttools/+/527983

[2] - https://doc.qt.io/qt-6.5/qt.html#TimeSpec-enum

Bug#1059810: ttyplot: Please upgrade to ttyplot 1.6.1 with bug fixes

[Sebastian Pipping]

Package: ttyplot
Version: 1.5.2-1
Severity: normal
X-Debbugs-Cc: sebast...@pipping.org

Hi!

Just a quick note that we teamed up on publishing ttyplot 1.6.1 with multiple
bugfixes upstream in December.  Would be great to get these fixes to Debian
users.  Thanks in advance!

Best, Sebastian


-- System Information:
Debian Release: 12.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-13-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ttyplot depends on:
ii  libc62.36-9+deb12u3
ii  libncurses6  6.4-4
ii  libtinfo66.4-4

ttyplot recommends no packages.

ttyplot suggests no packages.

-- no debconf information

Bug#1059809: apt-build: Bad error message for a missing source package

[Sven Grewe]

Package: apt-build
Version: 0.12.49
Severity: important
X-Debbugs-Cc: svengr...@posteo.de

Dear Maintainer,

when I try to build a package without it's sources in /etc/sources.list
I get the following:

$ sudo apt-build install nice-package
Missing source package name for source_by_source().

Something seems to be broken with this string here? Adding the source repository
into the list makes this go away.

Kind regards,
Sven Grewe

-- System Information:
Debian Release: 12.4
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable'), (1, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-17-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apt-build depends on:
ii  apt2.6.1
ii  apt-utils  2.6.1
ii  debconf [debconf-2.0]  1.5.82
ii  devscripts 2.23.4+deb12u1
ii  dpkg   1.21.22
ii  dpkg-dev   1.21.22
ii  g++4:12.2.0-3
ii  gcc4:12.2.0-3
ii  libappconfig-perl  1.71-2.2
ii  libapt-pkg-perl0.1.40+b2
ii  libc6  2.36-9+deb12u3
ii  perl   5.36.0-7+deb12u1

Versions of packages apt-build recommends:
ii  build-essential  12.9
ii  fakeroot 1.31-1.2

Versions of packages apt-build suggests:
pn  gfortran  

-- debconf information excluded

Bug#1055228: Bug#1055750: Bug#1055228: plplot: FTBFS on armhf (test segfault)

[Sebastiaan Couwenberg]

plplot got removed from armhf, the severity of this issue could be 
lowered to important to not have the package removed from testing.


Kind Regards,

Bas

--
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#1059808: ocfs2-tools: isolation-machine autopkgtest fails: Internal logic failure while mounting /dev/loop0 on /mnt

[Paul Gevers]

Source: ocfs2-tools
Version: 1.8.7-1
Severity: important
User: debian...@lists.debian.org
Usertags: isolation-machine

Dear maintainer(s),

Your package has an autopkgtest, great. I recently added support for 
isolation-machine tests on ci.debian.net for amd64 and added your 
package to the list to use that. However, it fails. Can you please 
investigate the situation and fix it? I copied some of the output at the 
bottom of this report.


The release team has announced [1] that failing autopkgtest on amd64 and 
arm64 are considered RC in testing, but because machine-isolation 
support by ci.debian.net is new I have not marked this bug as serious (yet).


More information about this bug and the reason for filing it can be 
found on 
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation


Paul
PS: I'm going to retry the exercise with /tmp on tmpfs soon again. Be 
warned if ocfs2-tools fails for the same reason as bug 994418.


[1] https://lists.debian.org/debian-devel-announce/2019/07/msg2.html

https://ci.debian.net/packages/o/ocfs2-tools/testing/amd64/41429834/

 47s === mount ===
 47s mount.ocfs2: Internal logic failure while mounting /dev/loop0 on 
/mnt. Check 'dmesg' for more information on this error 22.

 47s umount: /mnt: not mounted.


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#311675: Building the core component of the xserver

[Sven Grewe]

I could build and install the package "xserver-xorg-core" using 
apt-build on Debian 12 and Ubuntu 23.10.
Is this a failed build or a dependency issue? And does this problem 
still exists with similar packages in oldstable or newer (11+)?

Bug#1059807: supysonic: does not write log file

[Axel]

Package: supysonic
Version: 0.7.2+ds-2
Severity: normal
X-Debbugs-Cc: a...@users.sourceforge.net

Dear Maintainer,

some audio files cause the script to die prematurely, probably while attempting 
to
transcode the audio. Unfortunately no log entries are created whatsoever. If 
the log file
cannot be created, an error message is produced, but even the debug setting 
does not
result in any entries.

-- System Information:
Debian Release: 12.4
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-17-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_IE.UTF-8
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages supysonic depends on:
ii  fonts-glyphicons-halflings  1.009~3.4.1+dfsg-3
ii  libjs-bootstrap 3.4.1+dfsg-3
ii  libjs-jquery3.6.1+dfsg+~3.5.14-1
ii  libjs-sphinxdoc 5.3.0-4
ii  python3 3.11.2-1+b1
ii  python3-click   8.1.3-2
ii  python3-flask   2.2.2-3
ii  python3-lxml4.9.2-1+b1
ii  python3-mediafile   0.11.0-1
ii  python3-pil 9.4.0-1.1+b1
ii  python3-pony0.7.16+ds-3
ii  python3-requests2.28.1+dfsg-1
ii  python3-watchdog2.2.1-1
ii  python3-zipstream-ng1.4.0-1

Versions of packages supysonic recommends:
ii  flac 1.4.2+ds-2
ii  lame 3.100-6
ii  libapache2-mod-wsgi-py3  4.9.4-1+b2

Versions of packages supysonic suggests:
ii  python3-psycopg2  2.9.5-1+b1

-- no debconf information

Bug#1059744: spamassassin-maintenance does not invoke amavisd-new update-hook

[Noah Meyerhans]

On Sun, Dec 31, 2023 at 11:39:42AM +0100, Damian wrote:
> The fix for #1028030 introduced a regression for amavisd-new. Its hook [1] is 
> never run as long as spamd is not installed.

Right, it seems like this:
if [ -d /etc/spamassassin/sa-update-hooks.d ]; then
run-parts --lsbsysinit /etc/spamassassin/sa-update-hooks.d
fi

should not be conditional on spamd running.

> I'd also like an opinion on a related issue: When spamd is running but
> amavisd-new is not, spamassassin-maintenance.service fails by virtue of [1]
> failing with a dedicated exit code. Would you like to consider this a
> spamassassin or an amavisd-new bug?
> 
> [1] /etc/spamassassin/sa-update-hooks.d/amavisd-new

I think the amavisd-new hook probably shouldn't exit nonzero if it's not
running.  But we can also ensure that we fall through to an explicit
"exit 0" in the maintenance script, which should also take care of this.

noah

Bug#1059806: O: cava-alsa -- Console-based Audio Visualizer for Alsa

[Mattia Rizzolo]

Package: wnpp

The current maintainer of cava-alsa, Lasse Flygenring-Harrsen 
,
is apparently not active anymore.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: cava-alsa
Binary: cava
Version: 0.7.4-1
Maintainer: Lasse Flygenring-Harrsen 
Uploaders: Gard Spreemann 
Build-Depends: debhelper-compat (= 13), libfftw3-dev, libasound2-dev, 
libncursesw5-dev, libpulse-dev, libncurses5-dev, libtool-bin, libiniparser-dev
Architecture: any
Standards-Version: 4.5.0
Format: 3.0 (quilt)
Files:
 de7083ef96d4d5daca6bbdfd8421b7ec 2042 cava-alsa_0.7.4-1.dsc
 1a5ba6f6fca8591c13be6b5dad427872 101847 cava-alsa_0.7.4.orig.tar.gz
 c8c18c8c745dc6ec1deece950fa2c239 3316 cava-alsa_0.7.4-1.debian.tar.xz
Vcs-Browser: https://git.flygenring-harrsen.com/lasse/cava-alsa
Vcs-Git: https://git.flygenring-harrsen.com/lasse/cava-alsa.git
Checksums-Sha256:
 655e94115bd4c36cdf3ac61cada017f23bfe151a25e546d868dde68a02e7c319 2042 
cava-alsa_0.7.4-1.dsc
 fefd3cc04d41b03ca416630cafadbfda6c75e2ca0869da1f03963dcb13e1ecb7 101847 
cava-alsa_0.7.4.orig.tar.gz
 07877740e9f6ffeaa5cd9b370474f0b5ab32c449a231d0100acbc7723142b127 3316 
cava-alsa_0.7.4-1.debian.tar.xz
Homepage: https://github.com/karlstav/cava
Package-List: 
 cava deb sound optional arch=any
Directory: pool/main/c/cava-alsa
Priority: extra
Section: misc

Package: cava
Source: cava-alsa
Version: 0.7.4-1
Installed-Size: 167
Maintainer: Lasse Flygenring-Harrsen 
Architecture: amd64
Depends: libasound2 (>= 1.0.16), libc6 (>= 2.29), libfftw3-double3 (>= 3.3.5), 
libiniparser1 (>= 4.0), libncursesw6 (>= 6), libpulse0 (>= 0.99.1), libtinfo6 
(>= 6)
Suggests: pulseaudio
Description: Console-based Audio Visualizer for Alsa
Description-md5: d680fda4f52bfa9b760383c0b7a1f44b
Homepage: https://github.com/karlstav/cava
Tag: uitoolkit::ncurses
Section: sound
Priority: optional
Filename: pool/main/c/cava-alsa/cava_0.7.4-1_amd64.deb
Size: 80348
MD5sum: b03ab794708355ac33b539fdb698c90b
SHA256: 0ae5693b33c7795abc4fee22b26ef189859aeaeb2f44ed844f20e4c73965da8d


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#1059805: clucene-core: please apply LibreOffice patch to alllow not writing random timestamps into generated files, making them unreproducible

[Rene Engelhard]

Source: clucene-core
Version: 2.3.3.4+dfsg-1.1
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps randomness
Affects: libreoffice-help-en-us libreoffice-help-ca libreoffice-help-cs 
libreoffice-help-da libreoffice-help-de libreoffice-help-dz libreoffice-help-el 
libreoffice-help-en-gb libreoffice-help-es libreoffice-help-et 
libreoffice-help-eu libreoffice-help-fi libreoffice-help-fr libreoffice-help-gl 
libreoffice-help-hi libreoffice-help-hu libreoffice-help-id libreoffice-help-it 
libreoffice-help-ja libreoffice-help-km libreoffice-help-ko libreoffice-help-nl 
libreoffice-help-om libreoffice-help-pl libreoffice-help-pt 
libreoffice-help-pt-br libreoffice-help-ru libreoffice-help-sk 
libreoffice-help-sl libreoffice-help-sv libreoffice-help-tr libreoffice-help-vi 
libreoffice-help-zh-cn libreoffice-help-zh-tw

Dear Maintainer,

LibreOffice created a patch to clucene to make their help pages
reproducible. Maybe we should include it here? (libreoffice in Debian
uses the system library instead of the embedded copy.)

See
https://cgit.freedesktop.org/libreoffice/core/patch/?id=ff071078ee5f13f0e9d430d6783444a631d232a0
(clucene-reprobuild.patch.1)

which adds a new method setting the "start position" (which then is used
in libreoffice to consistently set it 0)

Regards,

Rene

Bug#1059804: bullseye-pu: package exuberant-ctags/1:5.9~svn20110310-14+deb11u1

[Colin Watson]

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: exuberant-ct...@packages.debian.org
Control: affects -1 + src:exuberant-ctags

[ Reason ]
I'd like to belatedly fix CVE-2022-4515 in bullseye.

[ Impact ]
Security vulnerability as described in
https://security-tracker.debian.org/tracker/CVE-2022-4515, though the
security team has marked it no-dsa and asked that any fix go via a point
release instead.

[ Tests ]
I tested this manually by calling ctags with various -o options, e.g.
"ctags -o 'a b' -R", and checking that it produces the requested output
file names.

[ Risks ]
The fix is just a straight cherry-pick from bookworm (which in turn was
backported as closely as possible from universal-ctags upstream), and
while I hate the continued use of system(3) here it's probably better
than introducing a novel rewrite for a security update.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
As attached.  git-dpm has introduced a small amount of additional noise;
I didn't think it was worth the effort to persuade it to avoid that in
this case.

Thanks,

-- 
Colin Watson (he/him)  [cjwat...@debian.org]
diff --git a/debian/.git-dpm b/debian/.git-dpm
index be86f1e84..e26b5ab8c 100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@ -1,6 +1,6 @@
 # see git-dpm(1) from git-dpm package
-ed1d00e4c005ecc20f298630cce7635d88f5b669
-ed1d00e4c005ecc20f298630cce7635d88f5b669
+5c9ca1167f9eebf78bf28763e3604b1af79c967d
+5c9ca1167f9eebf78bf28763e3604b1af79c967d
 4b0ebb9d344fd369c889291478986c65a5a36ea8
 4b0ebb9d344fd369c889291478986c65a5a36ea8
 exuberant-ctags_5.9~svn20110310.orig.tar.gz
diff --git a/debian/changelog b/debian/changelog
index 62ccf7654..75c7d8e08 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+exuberant-ctags (1:5.9~svn20110310-14+deb11u1) UNRELEASED; urgency=medium
+
+  * Backport from universal-ctags:
+- CVE-2022-4515: main: quote output file name before passing it to
+  system(3) function (closes: #1026995).
+
+ -- Colin Watson   Sun, 24 Dec 2023 12:41:53 +
+
 exuberant-ctags (1:5.9~svn20110310-14) unstable; urgency=low
 
   [ Debian Janitor ]
diff --git a/debian/patches/gcc-no-common.patch 
b/debian/patches/gcc-no-common.patch
index 024422c9e..308f7d9c9 100644
--- a/debian/patches/gcc-no-common.patch
+++ b/debian/patches/gcc-no-common.patch
@@ -14,7 +14,7 @@ Patch-Name: gcc-no-common.patch
  2 files changed, 11 insertions(+), 11 deletions(-)
 
 diff --git a/objc.c b/objc.c
-index 2a5de58..a5811ec 100644
+index 2a5de58ab..a5811ec59 100644
 --- a/objc.c
 +++ b/objc.c
 @@ -432,16 +432,16 @@ typedef void (*parseNext) (vString * const ident, 
objcToken what);
@@ -38,7 +38,7 @@ index 2a5de58..a5811ec 100644
  
  /** Grammar */
 diff --git a/ocaml.c b/ocaml.c
-index 104a777..235862f 100644
+index 104a77706..235862fd3 100644
 --- a/ocaml.c
 +++ b/ocaml.c
 @@ -514,26 +514,26 @@ typedef void (*parseNext) (vString * const ident, 
ocaToken what);
diff --git a/debian/patches/go.patch b/debian/patches/go.patch
index 760f47bd0..bce44fd73 100644
--- a/debian/patches/go.patch
+++ b/debian/patches/go.patch
@@ -17,7 +17,7 @@ Patch-Name: go.patch
 
 diff --git a/go.c b/go.c
 new file mode 100644
-index 000..6bd3a36
+index 0..6bd3a369a
 --- /dev/null
 +++ b/go.c
 @@ -0,0 +1,670 @@
@@ -692,7 +692,7 @@ index 000..6bd3a36
 +  return def;
 +}
 diff --git a/parsers.h b/parsers.h
-index 600f636..3a24d6e 100644
+index 600f63614..3a24d6e09 100644
 --- a/parsers.h
 +++ b/parsers.h
 @@ -31,6 +31,7 @@
@@ -704,7 +704,7 @@ index 600f636..3a24d6e 100644
JavaParser, \
JavaScriptParser, \
 diff --git a/source.mak b/source.mak
-index c97617f..985d56c 100644
+index c97617f34..985d56cfc 100644
 --- a/source.mak
 +++ b/source.mak
 @@ -24,6 +24,7 @@ SOURCES = \
diff --git a/debian/patches/jscript-set-tag-scope.patch 
b/debian/patches/jscript-set-tag-scope.patch
index baf036ffc..a0958b573 100644
--- a/debian/patches/jscript-set-tag-scope.patch
+++ b/debian/patches/jscript-set-tag-scope.patch
@@ -17,7 +17,7 @@ Patch-Name: jscript-set-tag-scope.patch
  1 file changed, 51 insertions(+), 3 deletions(-)
 
 diff --git a/jscript.c b/jscript.c
-index 5de3367..a790355 100644
+index 5de3367f9..a790355b8 100644
 --- a/jscript.c
 +++ b/jscript.c
 @@ -215,6 +215,7 @@ static void deleteToken (tokenInfo *const token)
diff --git a/debian/patches/memmove.patch b/debian/patches/memmove.patch
index d23551a4b..b3e0ad9e1 100644
--- a/debian/patches/memmove.patch
+++ b/debian/patches/memmove.patch
@@ -16,7 +16,7 @@ Patch-Name: memmove.patch
  1 file changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/routines.c b/routines.c
-index 83bcdcc..8ebe2e0 100644
+index 83bcdccda..8ebe2e0ad 100644
 --- 

Bug#1059387: exim4: CVE-2023-51766

[Andreas Metzler]

On 2024-01-01 Salvatore Bonaccorso  wrote:
> On Mon, Jan 01, 2024 at 04:45:24PM +0100, Andreas Metzler wrote:
[...]
> > I have prepared updates for either DSA or stable update. (I will be on my
> > dayjob again tomorrow, so I will not be that responsive on workdays.)

> Happy new year to you. Thanks for the input in the previous message.
> Let be on the safe side, and release it through a DSA. Please upload
> to security-master.

Hello Salvatore,

thanks, happy new year!

I have uploaded with attached diffs (identical to previously sent, just
upload target changed to "bookworm/bullseye-security; urgency=high" from
UNRELEASED.

cu Andreas
diff -Nru exim4-4.96/debian/changelog exim4-4.96/debian/changelog
--- exim4-4.96/debian/changelog	2023-11-18 11:07:57.0 +0100
+++ exim4-4.96/debian/changelog	2024-01-01 17:58:00.0 +0100
@@ -1,3 +1,12 @@
+exim4 (4.96-15+deb12u4) bookworm-security; urgency=high
+
+  * 77_CVE-2023-51766_4.97.1-release.diff from 4,97.1 release: Refuse to
+accept a line "dot, LF" as end-of-DATA unless operating in LF-only mode
+(as detected from the first header line) to fix smtp-smuggling
+(CVE-2023-51766). Closes: #1059387
+
+ -- Andreas Metzler   Mon, 01 Jan 2024 17:58:00 +0100
+
 exim4 (4.96-15+deb12u3) bookworm; urgency=medium
 
   * Multiple bugfixes from upstream GIT master:
diff -Nru exim4-4.96/debian/patches/77_CVE-2023-51766_4.97.1-release.diff exim4-4.96/debian/patches/77_CVE-2023-51766_4.97.1-release.diff
--- exim4-4.96/debian/patches/77_CVE-2023-51766_4.97.1-release.diff	1970-01-01 01:00:00.0 +0100
+++ exim4-4.96/debian/patches/77_CVE-2023-51766_4.97.1-release.diff	2024-01-01 16:32:59.0 +0100
@@ -0,0 +1,440 @@
+Description: Fix smtp-smuggling (CVE-2023-51766)
+ Pull upstream changes from 4.97.1 security release. 
+Author: Jeremy Harris 
+Bug-Debian: https://bugs.debian.org/1059387
+Origin: upstream
+Last-Update: 2023-12-31
+
+--- a/doc/ChangeLog
 b/doc/ChangeLog
+@@ -91,10 +91,16 @@ JH/39 Bug 3023: Fix crash induced by som
+   and ${tr...}.  Found and diagnosed by Heiko Schlichting.
+  
+ JH/06 Bug 3054: Fix dnsdb lookup for a TXT record with multiple chunks.  This
+   was broken by hardening introduced for Bug 3033.
+ 
++JH/s1 Refuse to accept a line "dot, LF" as end-of-DATA unless operating in
++  LF-only mode (as detected from the first header line).  Previously we did
++  accept that in (normal) CRLF mode; this has been raised as a possible
++  attack scenario (under the name "smtp smuggling", CVE-2023-51766).
++
++
+ Exim version 4.96
+ -
+ 
+ JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
+   after reception to before a subsequent reception.  This should
+--- /dev/null
 b/doc/doc-txt/cve-2023-51766
+@@ -0,0 +1,69 @@
++CVE ID: CVE-2023-51766
++Date:   2016-12-15
++Credits:https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
++Version(s): all up to 4.97 inclusive
++Issue:  Given a buggy relay, Exim can be induced to accept a second message embedded
++as part of the body of a first message
++
++Conditions
++==
++
++If *all* the following conditions are met
++
++Runtime options
++---
++
++* Exim offers PIPELINING on incoming connections
++
++* Exim offers CHUNKING on incoming connections
++
++Operation
++-
++
++* DATA (as opposed to BDAT) is used for a message reception
++
++* The relay host sends to the Exim MTA message data including
++  one of "LF . LF" or "CR LF . LF" or "LF . CR LF".
++
++* Exim interprets the sequence as signalling the end of data for
++  the SMTP DATA command, and hence a first message.
++
++* Exim interprets further input which the relay had as message body
++  data, as SMTP commands and data. This could include a MAIL, RCPT,
++  BDAT (etc) sequence, resulting in a further message acceptance.
++
++Impact
++==
++
++One or more messages can be accepted by Exim that have not been
++properly validated by the buggy relay.
++
++Fix
++===
++
++Install a fixed Exim version:
++
++4.98 (once available)
++4.97.1
++
++If you can't install one of the above versions, ask your package
++maintainer for a version containing the backported fix. On request and
++depending on our resources we will support you in backporting the fix.
++(Please note, that Exim project officially doesn't support versions
++prior the current stable version.)
++
++
++Workaround
++==
++
++  Disable CHUNKING advertisement for incoming connections.
++
++  An attempt to "smuggle" a DATA command will trip a syncronisation
++  check.
++
++*or*
++
++  Disable PIPELINING advertisement for incoming connections.
++
++  The "smuggled" MAIL FROM command will then trip a syncronisation
++  check.
+--- a/src/receive.c
 b/src/receive.c
+@@ -826,104 +826,118 @@ we make the CRs optional in all cases.
+ 
+ July 2003: Bare CRs cause trouble. 

Bug#1059781: xwayland: Xwayland.desktop is broken: it contains Type=Application, but no Exec key/value pair.

[Chris Hofstaedtler]

Control: reassign -1 i3-wm

On Sun, Dec 31, 2023 at 07:18:51PM -0800, Francois Marier wrote:
> Whenever I start dmenu, I get the following message in my logs:
> 
> File /usr/share/applications/org.freedesktop.Xwayland.desktop is broken: 
> it contains Type=Application, but no Exec key/value pair. at 
> /usr/bin/i3-dmenu-desktop line 256.

It would appear dmenu needs to implement better support for
.desktop files. Reassigning to the package shipping
i3-dmenu-desktop.

Chris

Bug#1059803: ITP: rust-xkeysym -- X11 keyboard symbol utilities for Rust

[James McCoy]

Package: wnpp
Severity: wishlist
Owner: James McCoy 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: rust-xkeysym
  Version : 0.2.0
  Upstream Contact: John Nunley 
* URL : https://github.com/notgull/xkeysym
* License : MIT or Apache-2.0 or Zlib
  Programming Lang: Rust
  Description : X11 keyboard symbol utilities for Rust

This package is a dependency of the new smithay-client-toolkit release
and will be maintained in the pkg-rust repo.

Bug#1059802: troffcvt: Broken with groff 1.23.0: .de1 etc. unimplemented

[Colin Watson]

Package: troffcvt
Version: 1.04+repack1-1
Severity: grave
Justification: renders package unusable

groff 1.23.0 makes more use of the .de1 request (and probably others)
than previous versions did.  This causes troffcvt to be unable to even
format its own documentation, with this error:

  /usr/share/groff/current/tmac/devtag.tmac (line 74): you cannot alias to 
non-existing name 

That's probably just the first error; some work is needed to get this
rendering properly again.

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-10-generic (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, 
TAINT_OOT_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect

Versions of packages troffcvt depends on:
ii  groff  1.23.0-3
ii  libc6  2.37-13
ii  perl   5.36.0-10

troffcvt recommends no packages.

troffcvt suggests no packages.

-- no debconf information

-- 
Colin Watson   [cjwat...@debian.org]

Bug#1057573: linpac: FTBFS: error: invalid use of incomplete type ‘WINDOW’ {aka ‘struct _win_st’}

[Dave Hibberd]

Hi there! 

Yeah I’ve pushed his patch already to our git, so if anyone else on the team 
wants to upload it they can - I am still waiting on our account managers to 
finalise my Debian developer application before I have free reign to upload 
things,  and I’ll switch this package to fall under my ownership like a 
collection of other packet things to make life a little easier going forward.

Cheers
DH

> On 1 Jan 2024, at 16:46, David Ranch  wrote:
> 
>  Hello DaveH,
> 
> I have pushed the required fixes to the develop branch of Linpac.  I do plan 
> on adding some other enhancements to Linpac before publishing an new official 
> release but I don't know if getting out this fix is important to the Debian 
> release process.  Maybe the similar third party fix offered by Sven is good 
> enough for now to keep Linpac in the Debian Unstable/Testing repos?
> 
> --David
> KI6ZHD
> 
> 
> 
> On 12/18/2023 02:40 AM, Dave Hibberd wrote:
>> Hi both,
>> 
>> I'll prepare a team upload for this in advance of the new upstream release 
>> (thanks David), and upload it independently or with support depending on the 
>> outcome of the DAM stage of my NM process 
>> (https://nm.debian.org/process/1224/)
>> 
>> Cheers
>> DH
>> 
>> -- 
>>   Hibby
>>   MM0RFN
>> 
>> On Sat, 16 Dec 2023, at 6:32 PM, David Ranch wrote:
>>> Hello Sven, Debian team,
>>> 
>>> I was about to apply a very similar fix to the "develop" branch of Linpac 
>>> at https://sourceforge.net/p/linpac/linpac/ci/develop/tree though my 
>>> changes didn't include the "-1" at the end of the changes.  Not sure if 
>>> that's needed / important.  Regardless, I am planning to eventually merge 
>>> the develop branch into the Master branch and releae 0.29 in the near 
>>> future which will include this and other fixes.
>>> 
>>> --David
>>> KI6ZHD
>>> 
>>> On 12/16/2023 10:01 AM, Sven Joachim wrote:
 Control: tags -1 + patch
 
 On 2023-12-05 23:07 +0100, Santiago Vila wrote:
 
 
> Package: src:linpac
> Version: 0.28-2
> Severity: serious
> Tags: ftbfs
> 
> Dear maintainer:
> 
> During a rebuild of all packages in unstable, your package failed to 
> build:
> 
> 
> [...]
> g++ -DHAVE_CONFIG_H -I. -I../../..   -Wdate-time -D_FORTIFY_SOURCE=2  -g 
> -O2 -ffile-prefix-map=/<>=. -fstack-protector-strong 
> -fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
> -c -o mail_screen.o mail_screen.cc
> mail_screen.cc: In function ‘void init_main_screen()’:
> mail_screen.cc:39:16: error: invalid use of incomplete type ‘WINDOW’ {aka 
> ‘struct _win_st’}
>39 |   maxx = stdscr->_maxx;
>   |^~
> In file included from mail_screen.cc:13:
> /usr/include/curses.h:442:16: note: forward declaration of ‘WINDOW’ {aka 
> ‘struct _win_st’}
>   442 | typedef struct _win_st WINDOW;
>   |^~~
> mail_screen.cc:40:16: error: invalid use of incomplete type ‘WINDOW’ {aka 
> ‘struct _win_st’}
>40 |   maxy = stdscr->_maxy;
>   |^~
> /usr/include/curses.h:442:16: note: forward declaration of ‘WINDOW’ {aka 
> ‘struct _win_st’}
>   442 | typedef struct _win_st WINDOW;
>   |^~~
> mail_screen.cc: In function ‘void redraw()’:
> mail_screen.cc:70:15: error: invalid use of incomplete type ‘WINDOW’ {aka 
> ‘struct _win_st’}
>70 |main_window->_clear = TRUE;
>   |   ^~
> /usr/include/curses.h:442:16: note: forward declaration of ‘WINDOW’ {aka 
> ‘struct _win_st’}
>   442 | typedef struct _win_st WINDOW;
> 
 The attached patch, which can be added to the series file fixes, these
 errors and two additional ones in src/linpac.cc, but I have only tested
 that the package builds, not if it works.  Note that getmaxx(win)
 returns win->_maxx + 1, and similar for getmaxy.
 
 Cheers,
Sven
 
 
>> 
> 

Bug#1057573: linpac: FTBFS: error: invalid use of incomplete type ‘WINDOW’ {aka ‘struct _win_st’}

[David Ranch]

Hello DaveH,

I have pushed the required fixes to the develop branch of Linpac. I do 
plan on adding some other enhancements to Linpac before publishing an 
new official release but I don't know if getting out this fix is 
important to the Debian release process.  Maybe the similar third party 
fix offered by Svenis good enough for now to keep Linpac in the Debian 
Unstable/Testing repos?


--David
KI6ZHD



On 12/18/2023 02:40 AM, Dave Hibberd wrote:

Hi both,

I'll prepare a team upload for this in advance of the new upstream 
release (thanks David), and upload it independently or with support 
depending on the outcome of the DAM stage of my NM process 
(https://nm.debian.org/process/1224/)


Cheers
DH

--
  Hibby
  MM0RFN

On Sat, 16 Dec 2023, at 6:32 PM, David Ranch wrote:

Hello Sven, Debian team,

I was about to apply a very similar fix to the "develop" branch of 
Linpac at https://sourceforge.net/p/linpac/linpac/ci/develop/tree 
though my changes didn't include the "-1" at the end of the changes.  
Not sure if that's needed / important. Regardless, I am planning to 
eventually merge the develop branch into the Master branch and releae 
0.29 in the near future which will include this and other fixes.


--David
KI6ZHD

On 12/16/2023 10:01 AM, Sven Joachim wrote:

Control: tags -1 + patch

On 2023-12-05 23:07 +0100, Santiago Vila wrote:



Package: src:linpac
Version: 0.28-2
Severity: serious
Tags: ftbfs

Dear maintainer:

During a rebuild of all packages in unstable, your package failed to build:


[...]
g++ -DHAVE_CONFIG_H -I. -I../../..   -Wdate-time -D_FORTIFY_SOURCE=2  -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection -c -o 
mail_screen.o mail_screen.cc
mail_screen.cc: In function ‘void init_main_screen()’:
mail_screen.cc:39:16: error: invalid use of incomplete type ‘WINDOW’ {aka 
‘struct _win_st’}
39 |   maxx = stdscr->_maxx;
   |^~
In file included from mail_screen.cc:13:
/usr/include/curses.h:442:16: note: forward declaration of ‘WINDOW’ {aka 
‘struct _win_st’}
   442 | typedef struct _win_st WINDOW;
   |^~~
mail_screen.cc:40:16: error: invalid use of incomplete type ‘WINDOW’ {aka 
‘struct _win_st’}
40 |   maxy = stdscr->_maxy;
   |^~
/usr/include/curses.h:442:16: note: forward declaration of ‘WINDOW’ {aka 
‘struct _win_st’}
   442 | typedef struct _win_st WINDOW;
   |^~~
mail_screen.cc: In function ‘void redraw()’:
mail_screen.cc:70:15: error: invalid use of incomplete type ‘WINDOW’ {aka 
‘struct _win_st’}
70 |main_window->_clear = TRUE;
   |   ^~
/usr/include/curses.h:442:16: note: forward declaration of ‘WINDOW’ {aka 
‘struct _win_st’}
   442 | typedef struct _win_st WINDOW;


The attached patch, which can be added to the series file fixes, these
errors and two additional ones in src/linpac.cc, but I have only tested
that the package builds, not if it works.  Note that getmaxx(win)
returns win->_maxx + 1, and similar for getmaxy.

Cheers,
Sven

Bug#1058779: libk5crypto3 fails to install via apt (dpkg error) triggers ci file contains unknown directive 'set'

[Sam Hartman]

control: severity -1 normal
control: tags -1 help

> "Fernando" == Fernando Toledo  writes:

Fernando> as workarount i do apt-mark hold libk5crypto3 until
Fernando> problem fixes

I don't think this problem is likely to be in libkrb5crypto3.
I don't have enough experience with the dpkg trigger mechanism to really
understand what is going on, but my suspicion is that some other package
is setting up a trigger that your version of dpkg does not understand
(or that something is corrupted on your system).

Bug#1039607: libjansi-java: causes maven to always output escape character

[Emmanuel Bourg]

Le 01/01/2024 à 00:27, tony mancill a écrit :


(Not directly related, but it would be nice to migrate to upstream 2.4.1,
which uses moditect [3], which would need to be packaged.)


moditect can be ignored, it's mostly used to build JPMS module info 
files with Java 8. We can add the missing module-info.java files 
directly if that's really needed.


Emmanuel Bourg

Bug#1059801: click: autopkgtests are failing

[Jeremy Bícha]

Source: click
Version: 0.5.0-9
Severity: important

The autopkgtests for click have recently begun failing.

https://ci.debian.net/packages/c/click/unstable/amd64/

https://autopkgtest.ubuntu.com/packages/click/noble/amd64

Thank you,
Jeremy Bícha

Bug#1059800: ITP: rust-wayland-protocols-wlr -- Generated API for the WLR wayland protocol extensions

[James McCoy]

Package: wnpp
Severity: wishlist
Owner: James McCoy 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: rust-wayland-protocols-wlr
  Version : 0.2.0
  Upstream Contact: Elinor Berger 
* URL : https://github.com/smithay/wayland-rs
* License : MIT
  Programming Lang: Rust
  Description : Generated API for the WLR wayland protocol extensions

This a new dependency for the next version of smithay-client-toolkit and
will be maintained in the pkg-rust repo.

Bug#1059387: exim4: CVE-2023-51766

[Salvatore Bonaccorso]

HI Andreas,

On Mon, Jan 01, 2024 at 04:45:24PM +0100, Andreas Metzler wrote:
> On 2023-12-30 Salvatore Bonaccorso  wrote:
> [...]
> > If so, will you work as well on the bullseye-security update?
> 
> Hello,
> 
> I have prepared updates for either DSA or stable update. (I will be on my
> dayjob again tomorrow, so I will not be that responsive on workdays.)

Happy new year to you. Thanks for the input in the previous message.
Let be on the safe side, and release it through a DSA. Please upload
to security-master.

Regards,
Salvatore

Bug#1059387: exim4: CVE-2023-51766

[Andreas Metzler]

On 2023-12-30 Salvatore Bonaccorso  wrote:
[...]
> If so, will you work as well on the bullseye-security update?

Hello,

I have prepared updates for either DSA or stable update. (I will be on my
dayjob again tomorrow, so I will not be that responsive on workdays.)

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
>From ae3c47947917673912c89bf59226f9d205466534 Mon Sep 17 00:00:00 2001
From: Andreas Metzler 
Date: Sun, 31 Dec 2023 16:44:13 +0100
Subject: [PATCH] CVE-2023-51766 fix

Combines these patches from upstream exim-4.97+security branch:
3f80a86ceb7fe39c8f8039d3a6ce51beb7719e39
 Reject "dot, LF" as ending data phase.  Bug 3063
b409bf3547d465bf7f4cf8c2111eb9ec98cf5f40
 Use enum for body data input state-machine
fbb270d484711cc2a4c1493979c8622810dfb9a1
 Reject "dot, LF" as ending data phase (pt. 2).  Bug 3063
ce223f7f741f91ed01a321c4c8ddb5f2bd7a1bcf
 Testsuite: testcase for "smtp smuggling".  Bug 3063
 Also remove the unneeded sync point added in cf1376206284
 [cf1376206284 is on master branch, the equivalent here is
 3f80a86ceb7fe39c8f8039d3a6ce51beb7719e39.  Testsuite parts of the patch
 not included for Debian upload]
5a8fc079931410b30889e69f890857b05ca8d4b2
 Docs: Security release.  Bug 3063
---
 debian/changelog  |   9 +
 .../77_CVE-2023-51766_4.97.1-release.diff | 440 ++
 debian/patches/series |   1 +
 3 files changed, 450 insertions(+)
 create mode 100644 debian/patches/77_CVE-2023-51766_4.97.1-release.diff

diff --git a/debian/changelog b/debian/changelog
index ec2103a2..c6f00b50 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,7 +1,16 @@
+exim4 (4.96-15+deb12u4) UNRELEASED; urgency=medium
+
+  * 77_CVE-2023-51766_4.97.1-release.diff from 4,97.1 release: Refuse to
+accept a line "dot, LF" as end-of-DATA unless operating in LF-only mode
+(as detected from the first header line) to fix smtp-smuggling
+(CVE-2023-51766). Closes: #1059387
+
+ -- Andreas Metzler   Sun, 31 Dec 2023 14:21:50 +0100
+
 exim4 (4.96-15+deb12u3) bookworm; urgency=medium
 
   * Multiple bugfixes from upstream GIT master:
 + 75_74-Cancel-early-pipe-on-an-observed-advertising-change.patch
 + 75_76-Expansions-disallow-UTF-16-surrogates-from-utf8clean.patch
   (Upstream bug 2998)
 + 75_77-GnuTLS-fix-crash-with-tls_dhparam-none.patch
diff --git a/debian/patches/77_CVE-2023-51766_4.97.1-release.diff b/debian/patches/77_CVE-2023-51766_4.97.1-release.diff
new file mode 100644
index ..77d52ce3
--- /dev/null
+++ b/debian/patches/77_CVE-2023-51766_4.97.1-release.diff
@@ -0,0 +1,440 @@
+Description: Fix smtp-smuggling (CVE-2023-51766)
+ Pull upstream changes from 4.97.1 security release. 
+Author: Jeremy Harris 
+Bug-Debian: https://bugs.debian.org/1059387
+Origin: upstream
+Last-Update: 2023-12-31
+
+--- a/doc/ChangeLog
 b/doc/ChangeLog
+@@ -91,10 +91,16 @@ JH/39 Bug 3023: Fix crash induced by som
+   and ${tr...}.  Found and diagnosed by Heiko Schlichting.
+  
+ JH/06 Bug 3054: Fix dnsdb lookup for a TXT record with multiple chunks.  This
+   was broken by hardening introduced for Bug 3033.
+ 
++JH/s1 Refuse to accept a line "dot, LF" as end-of-DATA unless operating in
++  LF-only mode (as detected from the first header line).  Previously we did
++  accept that in (normal) CRLF mode; this has been raised as a possible
++  attack scenario (under the name "smtp smuggling", CVE-2023-51766).
++
++
+ Exim version 4.96
+ -
+ 
+ JH/01 Move the wait-for-next-tick (needed for unique message IDs) from
+   after reception to before a subsequent reception.  This should
+--- /dev/null
 b/doc/doc-txt/cve-2023-51766
+@@ -0,0 +1,69 @@
++CVE ID: CVE-2023-51766
++Date:   2016-12-15
++Credits:https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
++Version(s): all up to 4.97 inclusive
++Issue:  Given a buggy relay, Exim can be induced to accept a second message embedded
++as part of the body of a first message
++
++Conditions
++==
++
++If *all* the following conditions are met
++
++Runtime options
++---
++
++* Exim offers PIPELINING on incoming connections
++
++* Exim offers CHUNKING on incoming connections
++
++Operation
++-
++
++* DATA (as opposed to BDAT) is used for a message reception
++
++* The relay host sends to the Exim MTA message data including
++  one of "LF . LF" or "CR LF . LF" or "LF . CR LF".
++
++* Exim interprets the sequence as signalling the end of data for
++  the SMTP DATA command, and hence a first message.
++
++* Exim interprets further input which the relay had as message body
++  data, as SMTP commands and data. This could include a MAIL, RCPT,
++  BDAT (etc) sequence, resulting in a further message acceptance.
++
++Impact

Bug#1059799: obs-studio FTBFS: tests fail to link

[Adrian Bunk]

Source: obs-studio
Version: 30.0.2+dfsg-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/logs.php?pkg=obs-studio=30.0.2%2Bdfsg-1

...
FAILED: test/cmocka/test_serializer 
: && /usr/bin/cc -g -O2 -ffile-prefix-map=/<>=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -Wdate-time -D_FORTIFY_SOURCE=2 
-DFFMPEG_MUX_FIXED=\"/usr/lib/x86_64-linux-gnu/obs-plugins/obs-ffmpeg/obs-ffmpeg-mux\"
 -DSIMDE_ENABLE_OPENMP -fopenmp-simd -O3 -fvisibility=hidden 
-Wno-error=deprecated-declarations -Wl,-z,relro 
test/cmocka/CMakeFiles/test_serializer.dir/test_serializer.c.o -o 
test/cmocka/test_serializer  libobs/libobs.so.30 && :
/usr/bin/ld: test/cmocka/CMakeFiles/test_serializer.dir/test_serializer.c.o: in 
function `serialize_test':
./obj-x86_64-linux-gnu/./test/cmocka/test_serializer.c:20:(.text+0xa5): 
undefined reference to `_assert_int_equal'
/usr/bin/ld: 
./obj-x86_64-linux-gnu/./test/cmocka/test_serializer.c:22:(.text+0xd1): 
undefined reference to `_assert_memory_equal'
/usr/bin/ld: 
./obj-x86_64-linux-gnu/./test/cmocka/test_serializer.c:24:(.text+0x100): 
undefined reference to `_assert_true'
/usr/bin/ld: test/cmocka/CMakeFiles/test_serializer.dir/test_serializer.c.o: in 
function `main':
./obj-x86_64-linux-gnu/./test/cmocka/test_serializer.c:35:(.text.startup+0x5d): 
undefined reference to `_cmocka_run_group_tests'
collect2: error: ld returned 1 exit status
[287/484] : && /usr/bin/cc -g -O2 -ffile-prefix-map=/<>=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -Wdate-time -D_FORTIFY_SOURCE=2 
-DFFMPEG_MUX_FIXED=\"/usr/lib/x86_64-linux-gnu/obs-plugins/obs-ffmpeg/obs-ffmpeg-mux\"
 -DSIMDE_ENABLE_OPENMP -fopenmp-simd -O3 -fvisibility=hidden 
-Wno-error=deprecated-declarations -Wl,-z,relro 
test/cmocka/CMakeFiles/test_bitstream.dir/test_bitstream.c.o -o 
test/cmocka/test_bitstream  libobs/libobs.so.30 && :
FAILED: test/cmocka/test_bitstream 
: && /usr/bin/cc -g -O2 -ffile-prefix-map=/<>=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -Wdate-time -D_FORTIFY_SOURCE=2 
-DFFMPEG_MUX_FIXED=\"/usr/lib/x86_64-linux-gnu/obs-plugins/obs-ffmpeg/obs-ffmpeg-mux\"
 -DSIMDE_ENABLE_OPENMP -fopenmp-simd -O3 -fvisibility=hidden 
-Wno-error=deprecated-declarations -Wl,-z,relro 
test/cmocka/CMakeFiles/test_bitstream.dir/test_bitstream.c.o -o 
test/cmocka/test_bitstream  libobs/libobs.so.30 && :
/usr/bin/ld: test/cmocka/CMakeFiles/test_bitstream.dir/test_bitstream.c.o: in 
function `bitstream_test':
./obj-x86_64-linux-gnu/./test/cmocka/test_bitstream.c:18:(.text+0x66): 
undefined reference to `_assert_int_equal'
/usr/bin/ld: 
./obj-x86_64-linux-gnu/./test/cmocka/test_bitstream.c:19:(.text+0x88): 
undefined reference to `_assert_int_equal'
/usr/bin/ld: 
./obj-x86_64-linux-gnu/./test/cmocka/test_bitstream.c:20:(.text+0xaa): 
undefined reference to `_assert_int_equal'
/usr/bin/ld: 
./obj-x86_64-linux-gnu/./test/cmocka/test_bitstream.c:21:(.text+0xcc): 
undefined reference to `_assert_int_equal'
/usr/bin/ld: 
./obj-x86_64-linux-gnu/./test/cmocka/test_bitstream.c:22:(.text+0xe9): 
undefined reference to `_assert_int_equal'
/usr/bin/ld: 
test/cmocka/CMakeFiles/test_bitstream.dir/test_bitstream.c.o:./obj-x86_64-linux-gnu/./test/cmocka/test_bitstream.c:23:
 more undefined references to `_assert_int_equal' follow
/usr/bin/ld: test/cmocka/CMakeFiles/test_bitstream.dir/test_bitstream.c.o: in 
function `main':
./obj-x86_64-linux-gnu/./test/cmocka/test_bitstream.c:35:(.text.startup+0x5d): 
undefined reference to `_cmocka_run_group_tests'
collect2: error: ld returned 1 exit status
[288/484] : && /usr/bin/cc -g -O2 -ffile-prefix-map=/<>=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -Wdate-time -D_FORTIFY_SOURCE=2 
-DFFMPEG_MUX_FIXED=\"/usr/lib/x86_64-linux-gnu/obs-plugins/obs-ffmpeg/obs-ffmpeg-mux\"
 -DSIMDE_ENABLE_OPENMP -fopenmp-simd -O3 -fvisibility=hidden 
-Wno-error=deprecated-declarations -Wl,-z,relro 
test/cmocka/CMakeFiles/test_darray.dir/test_darray.c.o -o 
test/cmocka/test_darray  libobs/libobs.so.30 && :
FAILED: test/cmocka/test_darray 
: && /usr/bin/cc -g -O2 -ffile-prefix-map=/<>=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -Wdate-time -D_FORTIFY_SOURCE=2 
-DFFMPEG_MUX_FIXED=\"/usr/lib/x86_64-linux-gnu/obs-plugins/obs-ffmpeg/obs-ffmpeg-mux\"
 -DSIMDE_ENABLE_OPENMP -fopenmp-simd -O3 -fvisibility=hidden 
-Wno-error=deprecated-declarations -Wl,-z,relro 
test/cmocka/CMakeFiles/test_darray.dir/test_darray.c.o -o 
test/cmocka/test_darray  libobs/libobs.so.30 && :
/usr/bin/ld: test/cmocka/CMakeFiles/test_darray.dir/test_darray.c.o: in 
function `array_basic_test':
./obj-x86_64-linux-gnu/./test/cmocka/test_darray.c:18:(.text+0x50): undefined 
reference to `_assert_int_equal'
/usr/bin/ld: 
./obj-x86_64-linux-gnu/./test/cmocka/test_darray.c:19:(.text+0x6b): 

Bug#1059798: ITP: rust-wayland-csd-frame -- rust interface for wayland client side decorations (CSD)

[James McCoy]

Package: wnpp
Severity: wishlist
Owner: James McCoy 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: rust-wayland-csd-frame
  Version : 0.3.0
  Upstream Contact: Kirill Chibisov 
* URL : https://github.com/rust-windowing/wayland-csd-frame
* License : MIT
  Programming Lang: Rust
  Description : rust interface for wayland client side decorations (CSD)

This package is a dependency of the new smithay-client-toolkit release
and will be maintained in the pkg-rust repo.

Bug#947431: xerces-c: CVE-2018-1311: use-after-free vulnerability processing external DTD

[devel]

On Sun, Dec 31, 2023 at 11:45:06AM +0100, Guilhem Moulin wrote:
> 
> Thanks for the fast reply!  3.2.4+debian-1.1 is now in trixie, you'll
> find the commits and tag at
> https://salsa.debian.org/lts-team/packages/xerces-c.git
> 
> I also filed a MR to update your repository with that NMU:
> https://salsa.debian.org/bblough/xerces-c/-/merge_requests/3

Wonderful!  Thanks very much for your help.

Bill

Bug#1059797: bugs.debian.org: ThinkPad E14 Gen3 (20YD) freezes when waking up from sleep

[Julien Cassette]

Package: bugs.debian.org
Severity: normal
X-Debbugs-Cc: julien.casse...@gmail.com

Dear Maintainer,

   * What led up to the situation?
I clicked Sleep in the KDE application menu, waited, then the pressed the power
button.

Or I closed the laptop lid, waited, then opened the laptop lid.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
None

   * What was the outcome of this action?
The display freezes for a few seconds.

   * What outcome did you expect instead?
The system should be responsive instantly.

Bug#1059796: tilda: fails to respond to show/hide command depending on active application

[activityworkshop]

Package: tilda
Version: 1.5.4-1
Severity: normal
X-Debbugs-Cc: deb...@activityworkshop.net

Dear Maintainer,

After upgrade from old-stable to stable, Tilda no longer reliably responds to 
the show/hide shortcut (in my case F12).
If Firefox is running and currently has the focus, then pressing F12 pulls down 
Tilda as expected.  Note that Firefox
would also like to intercept the F12 key but Tilda receives it and acts 
correctly.
If Firefox is running but minimized (no active application), then pressing F12 
does nothing.  Presumably Tilda does not receive the keypress.
If Firefox is running and visible but gedit has the focus, then pressing F12 
does nothing.
If Tilda is pulled-down but gedit has the focus, then pressing F12 does not 
close Tilda as expected.
Changing the configuration to use F2 has no effect on this behaviour, it's not 
specific to F12.
Other applications behave the same as gedit so that Tilda won't open (for 
example Calculator, Files, Meld);
some applications behave the same as Firefox so that Tilda correctly opens (for 
example Gimp, VLC).
Deleting the configuration file(s) under ~/.config/tilda/ and re-setting the 
key has no effect.
All of this worked fine before the upgrade.

Desktop is standard Gnome, using a single monitor which is identified by Tilda 
as "0 (XWAYLAND0)".


-- System Information:
Debian Release: 12.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-15-amd64 (SMP w/6 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages tilda depends on:
ii  libc62.36-9+deb12u3
ii  libconfuse2  3.3-3
ii  libgdk-pixbuf-2.0-0  2.42.10+dfsg-1+b1
ii  libglib2.0-0 2.74.6-2
ii  libgtk-3-0   3.24.38-2~deb12u1
ii  libpango-1.0-0   1.50.12+ds-1
ii  libvte-2.91-00.70.6-2~deb12u1
ii  libx11-6 2:1.8.4-2+deb12u2

tilda recommends no packages.

tilda suggests no packages.

-- no debconf information

Bug#1059749: sdl.pc: sets SDL_CONFIG to a build architecture pkg-config making it fail for cross compilation

[Simon McVittie]

Control: forwarded -1 https://github.com/libsdl-org/sdl12-compat/pull/326
Control: tags -1 + upstream

On Sun, 31 Dec 2023 at 10:18:15 +0100, Helmut Grohne wrote:
> ltris fails to cross build from source, because it uses the build
> architecture pkg-config. Surprising thing: It doesn't actually mention
> pkg-config anywhere. Turns out, it uses SDL_CONFIG, which happens to
> expand to "pkg-config sdl" and this is wrong. I'm attaching a patch to
> fix that for your convenience.

Forwarded to https://github.com/libsdl-org/sdl12-compat/pull/326, with the
addition of a serial number increment and an explanatory commit message.

Because of the way Autoconf macros get vendored into dependent projects
and versioned by their serial number, I think we should get this fixed
upstream first, and then backport that fix into Debian. Otherwise,
it will be ineffective for projects that already include a sdl.m4 with
serial 2 in their source releases.

> I believe that libsdl2-dev has the same bug. Would you mind fixing it
> there as well? I am not aware of any package using sdl2-config instead
> of sdl2.pc though.

I've proposed https://github.com/libsdl-org/SDL/pull/8766 as the
equivalent change. Again, we should do that upstream first, but then it
can be backported.

The good news is that SDL3 doesn't need this, because SDL3 relies on
standard pkg-config (and/or CMake) mechanisms instead of providing its
own custom Autoconf macros.

Thanks,
smcv

Bug#1041248: keepass update

[Julian Andres Klode]

On Mon, Jan 01, 2024 at 02:23:12PM +0100, Matthias Geiger wrote:
> On Sat, 11 Nov 2023 09:06:22 +0200 Julian Andres Klode 
> wrote:
> 
> > As I have explained in the previous comment, this is highly security
> > sensitive and requires careful review, hence updates aside from CVEs
> > can only happen during Christmas break when there's time to review
> > the code.
> >
> 
> 
> Hi,
> 
> any update on this ?

Please stop harassing me and especially not on fucking new year after
people blew up shit half the night. Have some decency.

I took the rest of this messed up week off and I'll try to come up
with an update but each time you send an email it wastes a lot of
resources to respond to it and it slips more and more.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en

Bug#1053825: marked as done (Screensaver with only blank does not work after suspend)

[Bastian Blank]

> This system is not supported.  Closing the bug report.  Please don't
> open new ones until your system is in a supported state.

You where already told the same in #1027697.  Please don't come back.

Regards,
Bastian

-- 
Spock: We suffered 23 casualties in that attack, Captain.

Bug#1054539: RFP: gtk4-layer-shell -- library to create panels and widgets for wayland

[Matthias Geiger]

On Wed, 25 Oct 2023 13:29:53 +0200 Matthias Geiger 
 wrote:
Package: wnpp  > Severity: wishlist > X-Debbugs-Cc: bir...@debian.org, 
sunwea...@debian.org, werdah...@riseup.net, 
team+swa...@tracker.debian.org >

* Package name : gtk4-layer-shell
Version : 1.0.1
Upstream Contact: Sophie Winter 
* URL : https://github.com/wmww/gtk4-layer-shell
* License : MIT
Programming Lang: C
Description : library to create panels and widgets for wayland

gtk4-layer-shell is the new layer-shell library using GTK4. While most
wayland-related programs like waybar still use gtk-layer-shell they
might switch in the near future. I could be convinced to comaintain this
library but I'd rather see someone else take it on as I maintain quite a
bit. Maybe this should be maintained under the Deabian sway team.

best,

werdahias


Packaging is finished at 
https://salsa.debian.org/werdahias/gtk4-layer-shell . I'd rather have 
someone else take over the maintenance.


best,

--
Matthias Geiger 
Debian Maintainer
"Freiheit ist immer Freiheit des anders Denkenden" -- Rosa Luxemburg



OpenPGP_0x18BD106B3B6C5475.asc
Description: OpenPGP public key


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1056594: mat2: test failure

[gregor herrmann]

On Mon, 01 Jan 2024 09:50:42 +0100, Paul Gevers wrote:

> On Thu, 23 Nov 2023 18:03:45 +0100 gregor herrmann 
> wrote:
> > I've locally added upstream commit
> > https://0xacab.org/jvoisin/mat2/-/commit/bbd5b2817c9d64013e2f5ed670aca8d4738bb484
> > as a quilt patch, and the tests pass both during build and
> > autopkgtest.
> I'm going to NMU with this patch shortly. @gregor, any reason why you didn't
> the upload to DELAYED after you built it already?

First I wanted to give the maintainers some time, and then I simply
forgot about it. Thanks for picking up!


Cheers,
gregor

-- 
 .''`.  https://info.comodo.priv.at -- Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
   `-   


signature.asc
Description: Digital Signature

Bug#1053825: Screensaver with only blank does not work after suspend

[Klaus Ethgen]

Am Mo den  1. Jan 2024 um 13:06 schrieb Bastian Blank:
> I just realized that this system is in an unsupported state.  Bookworm
> and later is not longer supported without merged-/usr, see
> https://www.debian.org/releases/stable/amd64/release-notes/ch-information.en.html#a-merged-usr-is-now-required
> 
> Please reinstall from scratch and report back if it is still broken.

It is not possible to reinstall all the systems that are not supported
only cause the stupidity of systemd evangelists to understand a proper
setup system!

That even does not have any efect to kernel behavior except that kernel
is not able to find stuff under /usr!

> Maybe please also describe how you got into this state, where /lib is
> not a symlink to /usr/lib.

I installed the system.

Regards
   Klaus
-- 
Klaus Ethgen   http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16Klaus Ethgen 
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C


signature.asc
Description: PGP signature

Bug#1041248: keepass update

[Matthias Geiger]

On Sat, 11 Nov 2023 09:06:22 +0200 Julian Andres Klode  
wrote:


> As I have explained in the previous comment, this is highly security
> sensitive and requires careful review, hence updates aside from CVEs
> can only happen during Christmas break when there's time to review
> the code.
>


Hi,

any update on this ?

best,

--
Matthias Geiger 
Debian Maintainer
"Freiheit ist immer Freiheit des anders Denkenden" -- Rosa Luxemburg



OpenPGP_0x18BD106B3B6C5475.asc
Description: OpenPGP public key


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1059795: packeth FTCBFS: does not pass cross tools to make

[Helmut Grohne]

Source: packeth
Version: 2.1-0.2
Tags: patch
User: debian-cr...@lists.debian.org
Usertags: ftcbfs

packeth fails to cross build from source, because it does not pass cross
tools to make. The easiest way of doing so - using dh_auto_build - makes
packeth cross buildable. I'm attaching a patch for your convenience.

Helmut
diff --minimal -Nru packeth-2.1/debian/changelog packeth-2.1/debian/changelog
--- packeth-2.1/debian/changelog2023-10-01 14:56:11.0 +0200
+++ packeth-2.1/debian/changelog2024-01-01 09:10:15.0 +0100
@@ -1,3 +1,10 @@
+packeth (2.1-0.3) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTCBFS: Let dh_auto_build pass cross tools to make. (Closes: #-1)
+
+ -- Helmut Grohne   Mon, 01 Jan 2024 09:10:15 +0100
+
 packeth (2.1-0.2) unstable; urgency=medium
 
   * Non-maintainer upload
diff --minimal -Nru packeth-2.1/debian/rules packeth-2.1/debian/rules
--- packeth-2.1/debian/rules2023-09-20 19:54:49.0 +0200
+++ packeth-2.1/debian/rules2024-01-01 09:10:03.0 +0100
@@ -12,7 +12,7 @@
dh_auto_clean
 
 override_dh_auto_build:
-   cd cli && $(MAKE)
+   dh_auto_build --sourcedirectory=cli
 
 override_dh_auto_install:
cp -r pixmaps cli/

Bug#1059794: mirror submission for mirrors.jxust.edu.cn

[Gary Hank]

Package: mirrors
Severity: wishlist
User: mirr...@packages.debian.org
Usertags: mirror-submission

Submission-Type: new
Site: mirrors.jxust.edu.cn
Archive-architecture: ALL amd64 arm64 armel armhf hurd-i386 hurd-amd64 i386 
mips mips64el mipsel powerpc ppc64el riscv64 s390x
Archive-http: /debian/
Maintainer: Gary Hank 
Country: CN China
Location: Ganzhou, Jiangxi
Sponsor: Jiangxi University of Science and Technology https://www.jxust.edu.cn




Trace Url: http://mirrors.jxust.edu.cn/debian/project/trace/
Trace Url: 
http://mirrors.jxust.edu.cn/debian/project/trace/ftp-master.debian.org
Trace Url: http://mirrors.jxust.edu.cn/debian/project/trace/mirrors.jxust.edu.cn

Bug#1059075: lltsv: Please add loong64 binary output for Loongarch

[Kentaro HAYASHI]

Control: close 1059075

Duplicate report of #1059025.

Bug#1059025: lltsv: add build support for loongarch64

[Kentaro HAYASHI]

Control: block 1059025 by 1055087

FYI: 

No loong64 support for golang yet. 

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055087
https://buildd.debian.org/status/package.php?p=golang%2d1%2e21

Bug#229775: apt 2.7.7: build-dep doesn't work if priority is 499

[David Kalnischkies]

On Mon, Jan 01, 2024 at 09:13:54AM +, Askar Safin wrote:
> This bug (#229775) is still reproducible with current apt version (apt 
> 2.7.7). The bug

That is good, because it is documented to behave this way…


> can be summarized so: "apt-get build-dep" fails to install a package from a 
> repo
> if its priority is slightly less than priority of installed release. In more 
> details:
> "apt-get build-dep" fails to install a package from backports if backports 
> priority
> is set to 499 and installed release have its default priority (i. e. 500, as 
> well
> as I understand).

See apt_preferences(5) for the gory details, but in short: The version
equal or higher than the current installed (if any) with the highest pin
is the candidate – which is the one pinned to 500 as 499 is clearly
lower than 500, end of the story.


> I think this is a bug: dependecies can be satisfied if one really tries.
> If I set backports priority to 500, then "apt-get build-dep" is able
> to install needed packages. So, apt-get doesn't try hard enough.

Sure, but in its default configuration apt is not supposed to try hard.


> Go to Debian IRC (a. k. a. OFTC IRC), join #debian channel and write to
> bot nicknamed "dpkg" the following text: "simple sid backport". The bot
> will respond to you with the following *very* helpful text:

Sometimes, "simple" is not enough. Sometimes backports are hard, but the
bot can't help with that and that is for the better as hard equals
dangerous in this case. You wouldn't complain about a bot telling you
hat hiking up a mountain is easy, while that certainly doesn't apply to
the 8k's.


> I use stretch as my main system. So I often need to backport packages. And I

Support for stretch ended nearly a decade ago, LTS extended that slight
to 2016, but that is still a long time ago. Hoping that current
documentation would apply to a system that old is a bit of a … stretch.


> Hence there is simply no configuration, which meets my goals.

Not that it helps in what you asked first, but the current default for
backports is 100 – but I implemented the involved feature set after
squeeze if I remember right… you can manually set it to 100 through for
a "upgrade from backports if a backports version was installed
previously" behaviour (as in that case the highest pin will be 100).


> ===
> if ! apt-get build-dep -y "$PKG"; then
>   apt-get build-dep -t "$CODENAME"-backports -y "$PKG"
> fi
> ===
> 
> Well, I can write this. But this is a hack. Workaround for a bug!

Well, I guess I would just go with -t always, but your choice really.

Note that the "real" backports builder use an alternative apt
configuration that frees it from its candidate shackles at the expense
of other problems as choice, it turns out, is not always desired.
The keywords are external solvers, aspcud and what not, but that isn't
supported in squeeze either, I made that happen later…

I think back in the day backports were using aptitude as builder as its
solver is allowed by default to change candidates mid-flight. sbuild
documentation is a good choice here as its part of the build infra.



So, in summary, yes, apt doesn't switch candidates while running
currently. Not even if they have the same pin value – where it might
even make sense – and certainly not if they have different values.

You may call that a bug, I call that a documented feature, and for the
rest of the world lets call this report a wishlist item for a feature
that might or might not be implemented in a future default solver
(probably by writing said solver first).

What I know is that we can't offer any assistance with your quest of
backporting to the last decade. This is COMPLETELY unsupported.


Best regards

David Kalnischkies


signature.asc
Description: PGP signature

Bug#1056704: xfce4-panel-profiles: python3-psutil does not get pulled in when installing xfce4-panel-profiles

[Phil Wyett]

Control: severity -1 grave
Control: tags patch

-- 
Playing the game for the games sake.

Web:

* Debian Wiki: https://wiki.debian.org/PhilWyett
* Website: https://kathenas.org
* Social Debian: https://pleroma.debian.social/kathenas/
* Social Instagram: https://www.instagram.com/kathenasorg/




signature.asc
Description: This is a digitally signed message part

Bug#266491: Patch against unstable

[Andreas Metzler]

On 2006-08-17 Nigel Williams  wrote:
> Here's another fix for the bug, this time against the unstable
> version.
[...]

Hello Nigel,

could you please doublecheck whether the problem is still present in
recent (11.x) versions?

cu Andreas

-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

Bug#1055488: please build for all supported Python3 versions

[Matthias Klose]

Control: reopen -1
Control: severity -1 important

with the recent upload to only build for the default Python3 version, at 
least the build of the package onboard fails, because it tries to build 
for all supported Python3 versions.


Please also build pycairo for all supported Python versions, or else we 
will only see issues with a new Python version in the gtk/gnome stack 
when we change the Python3 default.

Bug#984928: slurm fails on disconnected standalone computer/node

[Jerome BENOIT]

Hi,

I have a setup similar to the one of the original reporter.
My NodeName is localhost .

The error messages at booting time scared me, so I dug the issue.
I also related this issue to my observation that slurm fails to launch jobs
when my standalone computer is disconnected (the router provided by my ISP
is very unstable). I could reproduced the issue with a simple C program
that mimics get_addr_info function. After some trials, it appears that the issue
disappears when the hints.ai_flags do not include the AI_ADDRCONFIG flag
(see get_addr_info(3) for more information). So the current workaround
patch `retry-getaddrinfo` only fixes the issue partially.

The following patch neutralize the setup of the AI_ADDRCONFIG flag:

8><
--- a/src/common/conmgr.c
+++ b/src/common/conmgr.c
@@ -1807,7 +1807,7 @@
struct addrinfo hints = { .ai_family = AF_UNSPEC,
  .ai_socktype = SOCK_STREAM,
  .ai_protocol = 0,
- .ai_flags = AI_PASSIVE | AI_ADDRCONFIG };
+ .ai_flags = AI_PASSIVE /*| AI_ADDRCONFIG */ };
struct addrinfo *addrlist = NULL;
parsed_host_port_t *parsed_hp;
 
--- a/src/common/util-net.c

+++ b/src/common/util-net.c
@@ -261,7 +261,7 @@
else
hints.ai_family = AF_UNSPEC;
 
-	hints.ai_flags = AI_ADDRCONFIG | AI_NUMERICSERV | AI_PASSIVE;

+   hints.ai_flags = /* AI_ADDRCONFIG | */ AI_NUMERICSERV | AI_PASSIVE;
if (hostname)
hints.ai_flags |= AI_CANONNAME;
hints.ai_socktype = SOCK_STREAM;
><8

I guess that this patch is too brutal and that it must be refined.
In particular, the flag  may not be AI_ADDRCONFIG set up only on standalone 
computer.
However I am not familiar enough with slurm and network stuff to step further.

Here is the simple C program that helps me to isolate better the issue:

8><
// `example-getaddrinfo-00.c'  C source file

// gcc -Wall -o example-getaddrinfo-00 example-getaddrinfo-00.c
// $ ./example-getaddrinfo-00
// $ ./example-getaddrinfo-00 localhost
// $ ./example-getaddrinfo-00 debian.org

#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 

int main(int nargs, char *args[]) {
char nodename[1024]="localhost";
const char serv[6]="6817";
struct addrinfo hints;
struct addrinfo * result=NULL;
struct addrinfo * rdx=NULL;
struct sockaddr_in * ai_addr_v4=NULL;
char sa_str[INET6_ADDRSTRLEN];
char * xnodename=NULL;
int status=0;

if (1ai_next) {
ai_addr_v4=(struct sockaddr_in *)(rdx->ai_addr);

inet_ntop(AF_INET,&(ai_addr_v4->sin_addr),sa_str,sizeof(sa_str));
fprintf(stdout,">%s< >%s<\n",result->ai_canonname,sa_str);
}
freeaddrinfo(result); result=NULL;

return (status); }
><8

hth,
Jerome
--
Jerome BENOIT | calculus+at-rezozer^dot*net
https://qa.debian.org/developer.php?login=calcu...@rezozer.net
AE28 AE15 710D FF1D 87E5  A762 3F92 19A6 7F36 C68B

Bug#1059793: python-rtmidi build-depends on python3-all-dev, but only builds for the default python3 version

[Matthias Klose]

Package: src:python-rtmidi
Version: 1.5.8-1
Severity: important
User: debian-pyt...@lists.debian.org
Usertags: python3.12

python-rtmidi build-depends on python3-all-dev, but only builds for the 
default python3 version. If you don't build for all supported python3 
versions, just build-depend on python3-dev.


Please consider building for all supported Python3 versions.

Bug#1053825: Screensaver with only blank does not work after suspend

[Bastian Blank]

Control: severity -1 normal

Hi Klaus

On Thu, Oct 12, 2023 at 06:57:20AM +0100, Klaus Ethgen wrote:
> -- System Information:
> Debian Release: trixie/sid
> merged-usr: no

I just realized that this system is in an unsupported state.  Bookworm
and later is not longer supported without merged-/usr, see
https://www.debian.org/releases/stable/amd64/release-notes/ch-information.en.html#a-merged-usr-is-now-required

Please reinstall from scratch and report back if it is still broken.

Maybe please also describe how you got into this state, where /lib is
not a symlink to /usr/lib.

Bastian

Bug#1059792: pytango build-depends on python3-all-dev, but only builds for the default python3 version, also installs C extension three times

[Matthias Klose]

Package: src:pytango
Version: 9.5.0-1~exp1
Severity: important
User: debian-pyt...@lists.debian.org
Usertags: python3.12

pytango build-depends on python3-all-dev, but only builds for the 
default python3 version. If you don't build for all supported python3 
versions, just build-depend on python3-dev.


Also the build system installs the library three times:

-rw-r--r-- root/root 10490 2023-12-21 21:24 
./usr/lib/python3/dist-packages/tango/__init__.py
-rw-r--r-- root/root   5497288 2023-12-21 21:24 
./usr/lib/python3/dist-packages/tango/_tango.cpython-311-x86_64-linux-gnu.so
-rw-r--r-- root/root   5497288 2023-12-21 21:24 
./usr/lib/python3/dist-packages/tango/_tango.so.9
-rw-r--r-- root/root   5497288 2023-12-21 21:24 
./usr/lib/python3/dist-packages/tango/_tango.so.9.5.0


Please just ship the C extension, nothing else.

Bug#1059376: [Pkg-pascal-devel] Bug#1059376: Bug#1059376: Bug#1059376: Bug#1059376: lcl is wrongly marked Multi-Arch: foreign

[Abou Al Montacir]

On Sun, 2023-12-31 at 10:31 +0100, Helmut Grohne wrote:
> On Sun, Dec 31, 2023 at 09:08:31AM +0100, Abou Al Montacir wrote:
> > So the new changes triggered more than 2.5k lintian warning.
> > https://udd.debian.org/lintian/?packages=lazarus
> 
> Are you referring to those
> arch-dependent-file-not-in-arch-specific-directory only?
> 
> > The issue is that Lazarus does not use the same directory structure for
> > foreign
> > files as expected by MA.
> 
> I'm not sure what you mean with "foreign files".
I meant files from other architectures like installing arm64 object files on
amd64 machine for cross compilation.
> 
> The lintian tag above complains about architecture-dependent files in
> M-A:same packages not being on fully architecture-dependent paths. For
> example, usr/lib/lazarus/3.0/units/arm-linux/gtk2/designer.o is
> architecture-dependent. Say you would like to co-install
> lcl-gtk2-3.0:armel and lcl-gtk2-3.0:armhf, then both would contain this
> file, because pascal's structure does not differentiate these.
> Attempting to co-install them would result in an unpack error and
> release-critical bug.
Yes that was exactly what I meant.
> 
> > This may be very hard to change, at least at short term level.
> 
> I agree, but if you want to add M-A:same, you must. Conversely, if you
> cannot change this, you must not use M-A:same.
Makes sense.
> 
> > Not sure if it is better to override this error for now.
> 
> Definitely not. I said that I was unsure about M-A:same and you should
> watch out for the hinter. Hinter results are there:
> 
>     lcl-gtk2-3.0 conflicts on 611 files starting with /usr/lib/lazarus/3.0/ on
> armel <-> armhf
>     lcl-nogui-3.0 conflicts on 403 files starting with /usr/lib/lazarus/3.0/
> on armel <-> armhf
>     lcl-qt5-3.0 conflicts on 236 files starting with /usr/lib/lazarus/3.0/ on
> armel <-> armhf
>     lcl-units-3.0 conflicts on 1234 files starting with /usr/lib/lazarus/3.0/
> on armel <-> armhf
> 
> Adding these up gives roughly 2.5k issues, right?  The hinter fully
> agrees with lintian. You must not mark these packages M-A:same as is.
I agree with you here.
> 
> While removing M-A:same sounds bad, it actually is not as bad as it
> seems. The need to coinstall these packages arises rarely. The ability
> to perform a foreign installation is the big step. That step is moving
> from Arch:all to Arch:any. M-A:same merely is the icing on the cake.
> Let's have cake without icing for now.
Yes I'll do that.
-- 
Cheers,
Abou Al Montacir


signature.asc
Description: This is a digitally signed message part

Bug#1056704: xfce4-panel-profiles: python3-psutil does not get pulled in when installing xfce4-panel-profiles

[Phil Wyett]

Hi,

Merge request on salsa.

https://salsa.debian.org/xfce-team/goodies/xfce4-panel-profiles/-/merge_requests/2

Changes:

  * Add 'python3-psutil' runtime dependency.
  * Move core dependencies to head of list.

Regards

Phil

-- 
Playing the game for the games sake.

Web:

* Debian Wiki: https://wiki.debian.org/PhilWyett
* Website: https://kathenas.org
* Social Debian: https://pleroma.debian.social/kathenas/
* Social Instagram: https://www.instagram.com/kathenasorg/




signature.asc
Description: This is a digitally signed message part

Bug#1059791: python3-mpi4py: testPackUnpackExternal alignment error on sparc64

[Drew Parsons]

Package: python3-mpi4py
Version: 3.1.5-2
Severity: normal
Control: forwarded -1 https://github.com/mpi4py/mpi4py/issues/147

sparc64 has started giving a Bus Error (Invalid address alignment) in
testPackUnpackExternal (test_pack.TestPackExternal),

testProbeRecv (test_p2p_obj_matched.TestP2PMatchedWorldDup) ... ok
testPackSize (test_pack.TestPackExternal) ... ok
testPackUnpackExternal (test_pack.TestPackExternal) ... [sompek:142729] *** 
Process received signal ***
[sompek:142729] Signal: Bus error (10)
[sompek:142729] Signal code: Invalid address alignment (1)
[sompek:142729] Failing at address: 0x800100ea2821
[sompek:142729] *** End of error message ***
Bus error
make[1]: *** [debian/rules:91: override_dh_auto_test] Error 1

Full log at
https://buildd.debian.org/status/fetch.php?pkg=mpi4py=sparc64=3.1.5-2=1704105171=0

It previously passed with 3.1.1.

Upstream recommends just skipping the test.

Bug#1052557: [Pkg-pascal-devel] Bug#1052557: Bug#1052557: Bug#1052557: fpc: Compiler bootstrap for more release architectures

[Abou Al Montacir]

On Sun, 2023-12-31 at 17:07 +0100, Paul Gevers wrote:
> Not claiming we should do that now, but in the past we supported arm64 
> in Debian well before we had an fpc version from upstream that supported it.
If someone is going to send patches for that, I'll help a bit, but for now my
first goal is to get GTK3 working for Lazarus and that is already taking all my
time.
-- 
Cheers,
Abou Al Montacir


signature.asc
Description: This is a digitally signed message part

Bug#1057911: mark libjs-jquery-tablesorter Multi-Arch: foreign

[Paul Gevers]

Control: tags -1 pending

Hi Helmut,

On 10-12-2023 16:15, Helmut Grohne wrote:

Packages (such as erlang-cowboy) that have libjs-jquery-tablesorter in
their dependency tree cannot satisfy their cross Build-Depends, because
Architecture: all packages can never satisfy cross Build-Depends unless
marked Multi-Arch: foreign or annotated :native. In this case, the
foreign marking is reasonable, because we are looking at a pure
javascript library and all of its dependencies are already marked
Multi-Arch: foreign (which implies that none of them is a native
extension). Consider applying the attached patch.


The janitor already made the same change (albeit on a different line), 
so this bug is pending an upload. Feel free to NMU if you want this 
before an other upload happens naturally.


Paul


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1059790: rust-rustyline: please upgrade to branch 12

[Jonas Smedegaard]

Source: rust-rustyline
Version: 9.1.2-1
Severity: normal
Tags: upstream

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Please upgrade to (or separately provide) branch v12.
-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmWSm1sACgkQLHwxRsGg
ASHeiw/7BbFw+yeQIbbno/Q/V7+3uYPwlWkwRSta0csL1kMR9L+Hhm8/JaPMQZ9W
KY67w1zeQtAI3CGPrTuHG8UNrq04EbtjtKZQ9uo8oymXi8q+MAJ83jXXHSSu49Hi
HGMuQ+B5IAHROZroO12LpeuzoJaLgYQ7mE/dxD6GIGz1OVY2zIUWTBaeuwYdf1fl
6aLKfwfMrIJgbNly3etsP8r69LqlbE9TqPibHFB3q+weJlpyGbICkK+GfUjeuV7R
jYTrBM/bFA05Yv2F+gW5SPms81YuAw3Ru3M0MSO5lRWOhGoanf8B7o3sW3RBI4fE
tRrj1NG4EwvisipbHLMcu2Hh5eyvZf18P66D4XsgDtA2eL9QIv8RlRnkpv8CX/if
Owlo+Qmapim70zTKTOSj/xlwx5wD0yDXliL5fkVOOlmvt9Qtug7/XwdB8i0sh0e4
fz4lzUSdNBHFJAMeWEtHvPfX1SqS55he3+li1sRmV8IEeMn9tAi9DG26jukj+3I9
w8vcEAp6knWWFN7DZq64O2o96dcZyCtErRIfXh2wLxFY1cf6ZWQG09+thAloKkKp
lJVMqVuLfOm12RKjl4HrnNqXWrvwvyQ8/7pvN1IRQuKlG0mur50oUHGFidCByyTc
xcKe7gz54APNaba81Pb701b5Cakbv5qW/yjOa1nXaxATcuDK+lc=
=BYf8
-END PGP SIGNATURE-

Bug#1057693: valgrind: i386 vex x86->IR: unhandled instruction bytes: 0x2E 0x8D 0xB4 0x26

[Simon Josefsson]

Sam James  writes:

> Thanks, I've reported this on the Valgrind bugzilla at 
> https://bugs.kde.org/show_bug.cgi?id=478624.

Thank you for reporting this!

Upstream has fixed it:

https://sourceware.org/git/?p=valgrind.git;a=commitdiff;h=d35005cef8ad8207542738812705ceabf137d7e0

It would be nice to apply this as a local patch in Debian, possible?

I'm now mixed between disabling use of valgrind on i386 on more packages
due to this, or continue watching debci/autopkgtest fail for packages...
I already disabled it for libgssglue to have it pass debci.

/Simon


signature.asc
Description: PGP signature

Bug#703941: -p (path) option clashes with generic debhelper -p (package) option

[Niels Thykier]

On Mon, 30 Oct 2017 09:43:55 + Simon McVittie  wrote:

On Tue, 26 Mar 2013 at 00:27:07 +0100, Michael Biebl wrote:
> Using -p as option to specify the path is a poor choice since it clashes
> with the generic -p option which is used to specify the package.
> 
> Looking at e.g. gnome-shell's debian/rules, I'm actually not sure what

> the result of this call will be:
> dh_girepository -p$(cdbs_curpkg) -l src -p /usr/lib/mutter

The answer seems to be that -p is always interpreted as dh_girepository's
local -p option, and the second -p overwrites the first, so it's
equivalent to dh_girepository -l src -p /usr/lib/mutter. To get the
effect that was intended, write:
dh_girepository --package=$(cdbs_curpkg) -l src -p /usr/lib/mutter

Regards,
smcv




Hi

I would recommend that `dh_girepository` would detect `-p` without a `/` 
(or without `:`) and produce an error or a warning for that case until a 
better solution comes around.


A path without `/` implies a top-level directory, which is in itself 
exceedingly unlikely to be intentional for `-p` and therefore a very 
strong indicator that someone wanted `-p `.


Secondly, even if the user *wanted* that top-level directory, it is 
trivial to bypass the check by prefixing with ./ or adding a trailing 
slash - both would clearly mark it as "not a package" and happens to 
work with path looks up out of the box.


Code-wise, this would be something like:

```diff
 if ($dh{P_PARAMS}) {
+if ($dh{P_PARAMS} !~ m{[/:]}) {
+error("Use --package ... or prefix path with './' ...");
+}
 push @privdirs, split /:/, $dh{P_PARAMS};
 }
```
(hand-written delta; not expecting it to apply)

With this, there would at least be less surprises that the user would 
not be using the standard debhelper `-p` for cases that uses a package name.


If you want to do a more permanent fix where `-p` goes back to being the 
regular `debhelper -p`, I can recommend using a compat check to 
conditionally assign the `-p` and we can document the change in the 
standard debhelper compat upgrade check list.


Best regards,
Niels

Bug#1053825: Screensaver with only blank does not work after suspend

[Klaus Ethgen]

Hi Salvatore,

Thanks for helping keeping the bug alive.

Am Mi den 27. Dez 2023 um 21:24 schrieb Salvatore Bonaccorso:
> > That would take many time to recompile kernel, test it for several hours
> > and try again.
> 
> I do realize, but given we have nobody else reporting similar
> behaviour we need to rely on you bisecting the breaking change so it
> might be reported upstream. But that said, in meanwhile we have
> 6.6.8-1 uploaded to unstable. It would be great if you can report back
> if that version resolves the issue.

Unfortunately it is not fixed. But the bug did show up after longer
sleep only.

> If it's still reproducibe, check first that it's as well reproducible
> with an untained kernel because othwerise an upstream report might not
> be accepted.
> 
> Can you check that?

It is reproducible with an untainted kernel but not easily. I have no
way to reliable trigger the bug but it happens always after longer
sleeps.

With the new (6.6.8) kernel I see also two further "bugs":
- Drawing on the screen sometimes create artefacts for lines that stay
  on the screen for some time. Maybe that is related as I think it
  happens on AMDGPU...

- The second bug is not related. I connect a logitech MX Anywhere 3 via
  bluetooth. With that the rate of the mouse wheel did switch to a very
  unusable low rate. I can switch the wheel to high speed but when I go
  back to the working kernel, that is unusable fast. Also with the
  broken kernel, even with high speed, it delay the mouse wheel
  somewhat. As there are many stacks in between, I have no idea, which
  part of the stack produces that error. Maybe you might help?

Regards
   Klaus
-- 
Klaus Ethgen   http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16Klaus Ethgen 
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C


signature.asc
Description: PGP signature

Bug#776902: tmux: leaves a socket behind in /tmp/tmux-1000/default on exit: on the contrary

[Jerome BENOIT]

Hi,

I have noticed that when there is no tmux session then the command
$ tmux ls
gives
$ no server running on /run/user/1000/tmux-1000/default

So it appears that a tmux-1000/default is expected.

Therefore the issue is not that ``tmux leaves a socket behind behing it'',
but exactly the contrary: tmux needs to leave a socket behind behing it.

Best wishes,
Jerome

--
Jerome BENOIT | calculus+at-rezozer^dot*net
https://qa.debian.org/developer.php?login=calcu...@rezozer.net
AE28 AE15 710D FF1D 87E5  A762 3F92 19A6 7F36 C68B

Bug#1057205: systemtap: version 5.0-1 FTBFS on i386, ppc64el, riscv64

[Paul Gevers]

Control: found -1 4.9-1
Control: severity -1 important

On Fri, 1 Dec 2023 16:53:50 +0100 Emanuele Rocca  wrote:

Package: systemtap
Version: 5.0-1
Severity: serious


I have lowered the severity to enable migration, given that 5.0-2 works 
around the problem.


The builds on r-b [1] show that i386 fails in the same way in trixie 
already, hence I added a found version.


Paul

[1] https://tests.reproducible-builds.org/debian/rb-pkg


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1059789: golang-github-google-gnostic-models-dev: Should depend on golang-github-golang-protobuf-1-5-dev

[Jérémy Lal]

Package: golang-github-google-gnostic-models-dev
Followup-For: Bug #1059789

Actually other packages depend on
golang-github-golang-protobuf-1-3-dev | golang-github-golang-protobuf-1-5-dev

which is the correct fix.

I will upload that fix.


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (101, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages golang-github-google-gnostic-models-dev depends on:
ii  golang-github-golang-protobuf-1-5-dev  1.5.3-1
ii  golang-google-protobuf-dev 1.32.0-1
ii  golang-gopkg-check.v1-dev  0.0+git20200902.038fdea-1
ii  golang-gopkg-yaml.v3-dev   3.0.1-3

golang-github-google-gnostic-models-dev recommends no packages.

golang-github-google-gnostic-models-dev suggests no packages.

-- no debconf information

Bug#1059789: golang-github-google-gnostic-models-dev: Should depend on golang-github-golang-protobuf-1-5-dev

[Jérémy Lal]

Package: golang-github-google-gnostic-models-dev
Version: 0.6.8-2
Severity: important

Hi,

this new package has a dependency on golang-goprotobuf-dev, which
installs the old API through golang-github-golang-protobuf-1-3-dev;
however, other new packages depending on gnostic-models like k8s-client-go
do depend on golang-github-golang-protobuf-1-5-dev, which is the
new v2 API.
Since both packages (1-3 and 1-5) cannot be installed simultaneously,
it is a better choice to make gnostic-models depend on the new protobuf API
and not the old one.


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (101, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages golang-github-google-gnostic-models-dev depends on:
ii  golang-google-protobuf-dev  1.32.0-1
ii  golang-gopkg-check.v1-dev   0.0+git20200902.038fdea-1
ii  golang-gopkg-yaml.v3-dev3.0.1-3
pn  golang-goprotobuf-dev   

golang-github-google-gnostic-models-dev recommends no packages.

golang-github-google-gnostic-models-dev suggests no packages.

-- no debconf information

Bug#1059788: src:tracker-miners: fails to migrate to testing for too long: FTBFS

[Paul Gevers]

Source: tracker-miners
Version: 3.4.6-1
Severity: serious
Control: close -1 3.4.6-2
Tags: sid trixie
User: release.debian@packages.debian.org
Usertags: out-of-sync
Control: block -1 by 1057617

Dear maintainer(s),

The Release Team considers packages that are out-of-sync between testing 
and unstable for more than 30 days as having a Release Critical bug in 
testing [1]. Your package src:tracker-miners has been trying to migrate 
for 31 days [2]. Hence, I am filing this bug. The version in unstable 
fails to build as reported in bug 1057617.


If a package is out of sync between unstable and testing for a longer 
period, this usually means that bugs in the package in testing cannot be 
fixed via unstable. Additionally, blocked packages can have impact on 
other packages, which makes preparing for the release more difficult. 
Finally, it often exposes issues with the package and/or
its (reverse-)dependencies. We expect maintainers to fix issues that 
hamper the migration of their package in a timely manner.


This bug will trigger auto-removal when appropriate. As with all new 
bugs, there will be at least 30 days before the package is auto-removed.


I have immediately closed this bug with the version in unstable, so if 
that version or a later version migrates, this bug will no longer affect 
testing. I have also tagged this bug to only affect sid and trixie, so 
it doesn't affect (old-)stable.


If you believe your package is unable to migrate to testing due to 
issues beyond your control, don't hesitate to contact the Release Team.


Paul

[1] https://lists.debian.org/debian-devel-announce/2023/06/msg1.html
[2] https://qa.debian.org/excuses.php?package=tracker-miners



OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1059787: src:xfce4-power-manager: fails to migrate to testing for too long: uploader built arch:all binaries

[Paul Gevers]

Source: xfce4-power-manager
Version: 4.18.2-1
Severity: serious
Control: close -1 4.18.3-1
Tags: sid trixie
User: release.debian@packages.debian.org
Usertags: out-of-sync

Dear maintainer(s),

The Release Team considers packages that are out-of-sync between testing 
and unstable for more than 30 days as having a Release Critical bug in 
testing [1]. Your package src:xfce4-power-manager has been trying to 
migrate for 31 days [2]. Hence, I am filing this bug. The version in 
unstable has arch:all binaries built by the uploader. Unfortunately the 
binNMU infrastructure doesn't support binNMU'ing arch:all (and DAK still 
doesn't throw away uploaded binaries). Hence, a source-only upload is 
required. Normally I do that (a no-change source-only NMU) for packages 
in this state, but given the large amount of open bugs, I don't feel 
comfortable taking that responsibility.


If a package is out of sync between unstable and testing for a longer 
period, this usually means that bugs in the package in testing cannot be 
fixed via unstable. Additionally, blocked packages can have impact on 
other packages, which makes preparing for the release more difficult. 
Finally, it often exposes issues with the package and/or
its (reverse-)dependencies. We expect maintainers to fix issues that 
hamper the migration of their package in a timely manner.


This bug will trigger auto-removal when appropriate. As with all new 
bugs, there will be at least 30 days before the package is auto-removed.


I have immediately closed this bug with the version in unstable, so if 
that version or a later version migrates, this bug will no longer affect 
testing. I have also tagged this bug to only affect sid and trixie, so 
it doesn't affect (old-)stable.


If you believe your package is unable to migrate to testing due to 
issues beyond your control, don't hesitate to contact the Release Team.


Paul

[1] https://lists.debian.org/debian-devel-announce/2023/06/msg1.html
[2] https://qa.debian.org/excuses.php?package=xfce4-power-manager



OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1059630: fix build with Python 3.12

[Matthias Klose]

Control: tags -1 + patch

patch at
http://launchpadlibrarian.net/706939750/python-sparse_0.14.0-1_0.14.0-1ubuntu1.diff.gz

Bug#1059786: cross-toolchain-base: Migrating linux-libc-dev

[Bastian Blank]

Package: cross-toolchain-base

Since Linux 6.6, the linux-libc-dev package in Debian is arch-all and
includes headers in the appropriate multiarch include paths for all
actually existing Debian architectures.  Ubuntu also plans or already
did that change as well.

To finish this transition (which actually does not include any file
conflicts), I intend to make changes to linux-libc-dev and
- add Provides to any linux-libc-dev-*-cross in 6.7,
- add Breaks to any linux-libc-dev-*-cross in 6.8.

So after Linux 6.7 is in Trixie, you can remove building the
linux-libc-dev-*-cross packages.

Regards,
Bastian

-- 
I'm a soldier, not a diplomat.  I can only tell the truth.
-- Kirk, "Errand of Mercy", stardate 3198.9

Bug#1055370: debci setup should include security repositories

[Paul Gevers]

Control: reassign -1 lxc-templates
Control: retitle -1 consider adding security repos by default
Control: affects -1 debci autopkgtest

Hi all,

On 05-11-2023 03:41, Santiago Ruano Rincón wrote:

Is there any reason why `debci setup ...` doen't configure the security
repostories inside the lxc containers? This is the sources.list of a
just created autopkgtest-bookworm-amd64 container:

 deb http://deb.debian.org/debian bookworm main contrib non-free 
non-free-firmware
 deb-src http://deb.debian.org/debian bookworm main contrib non-free 
non-free-firmware
 deb http://deb.debian.org/debian-debug bookworm-debug main contrib 
non-free non-free-firmware
 deb-src http://deb.debian.org/debian-debug bookworm-debug main contrib 
non-free non-free-firmware


As debci with the lxc backend just uses lxc-templates to set-up the 
containers, I think this is something for lxc-templates to consider.


Having said that, I'm unsure if *I* (with my ci.debian.net maintainer 
and my Release Team member hat on) would want that. For lxc users it's 
easier to *add* repositories than it is to remove them for the use case 
where you don't want the security archive installed (e.g. for Release 
Team's testing of proposed-updates against stable). So, for 
ci.debian.net I'd want an easy way to opt-out of the security archive in 
case it gets added by default.


debci supports the user (both via the API as well as via the 
self-service) to easily add repositories once debci is configured to 
support those additional repositories (as ci.debian.net does).


Paul


OpenPGP_signature.asc
Description: OpenPGP digital signature