Bug#1058857: [Pkg-alsa-devel] Bug#1058857: alsa-tools: diff for NMU version 1.2.11-1.1

[Jordi Mallach]

El dj. 30 de 05 de 2024 a les 02:02 +0200, en/na Chris Hofstaedtler va
escriure:
> Control: tags 1058857 + pending
> 
> 
> Dear maintainer,
> 
> I've prepared an NMU for alsa-tools (versioned as 1.2.11-1.1) and
> uploaded it to DELAYED/14. Please feel free to tell me if I
> should delay it longer.

Thank you, I have integrated your changes in Git, and will ack the NMU
in the next upload.

You can upload directly to the incoming queue if you like, thanks
again.



-- 
Jordi Mallach 
Debian Project

Bug#1070702: bookworm-pu: package nano/7.2-1+deb12u1

[Jordi Mallach]

Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: n...@packages.debian.org
Control: affects -1 + src:nano
User: release.debian@packages.debian.org
Usertags: pu

As we did in previous Debian releases, this is an update
for Debian stable's nano package with selected patches from
the upstream maintainer.

3 of the patches minor security issues, and the other one
fixes a potential data-loss issue.

Additionally there's a minor update to the default nanorc which
is a backport from 7.2-2, which was meant to be included in
Debian 12.0 but freeze came along. It just gets rid of some
control characters in some commented-out example bindings,
replacing them with the new style syntax.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

This source update was prompted by Salvatore while discussing one of the
3 security issues.

Thanks in advance,
Jordi
diff -Nru nano-7.2/debian/changelog nano-7.2/debian/changelog
--- nano-7.2/debian/changelog   2023-01-18 16:31:52.0 +0100
+++ nano-7.2/debian/changelog   2024-05-06 08:10:01.0 +0200
@@ -1,3 +1,15 @@
+nano (7.2-1+deb12u1) bookworm; urgency=medium
+
+  * The "Premio Nacional de Tauromaquia" release.
+  * Fix a partial sync of debian/nanorc in the previous upload.
+This updates some example bindings to the new syntax, avoiding
+having control characters in the configuration file (closes: #1032422).
+  * Add 4 post-7.2 upstream patches to fix two minor security issues and
+a potential data-loss situation. Thanks, Benno Schulenberg!
+  * Set debian-branch to bookworm.
+
+ -- Jordi Mallach   Mon, 06 May 2024 08:10:01 +0200
+
 nano (7.2-1) unstable; urgency=medium
 
   * The "Blue checkmark" release.
diff -Nru nano-7.2/debian/gbp.conf nano-7.2/debian/gbp.conf
--- nano-7.2/debian/gbp.conf2022-12-07 23:10:44.0 +0100
+++ nano-7.2/debian/gbp.conf2024-05-06 08:09:34.0 +0200
@@ -1,5 +1,5 @@
 [DEFAULT] 
 pristine-tar = true 
-debian-branch = master 
+debian-branch = bookworm
 upstream-branch = upstream
 upstream-vcs-tag = v%(version)s
diff -Nru nano-7.2/debian/nanorc nano-7.2/debian/nanorc
--- nano-7.2/debian/nanorc  2023-01-18 15:37:55.0 +0100
+++ nano-7.2/debian/nanorc  2024-05-06 08:04:37.0 +0200
@@ -286,15 +286,14 @@
 
 ## For quickly uppercasing or lowercasing the word under or after the cursor.
 ## (These effectively select a word and pipe it through a sed command.)
-# bind Sh-M-U "Oc|sed 's/.*/\U&/'
" main
-# bind Sh-M-L "Oc|sed 's/.*/\L&/'
" main
+#bind Sh-M-U "{nextword}{mark}{prevword}{execute}|sed 's/.*/\U&/'{enter}" main
+#bind Sh-M-L "{nextword}{mark}{prevword}{execute}|sed 's/.*/\L&/'{enter}" main
 
 ## For copying a marked region to the system clipboard:
 # bind Sh-M-T "{execute}|xsel -ib{enter}{undo}" main
 
 ## For snipping trailing blanks when you save a file:
 # bind ^S "{execute}| sed 's/\s\+$//' {enter}{savefile}" main
-# bind Sh-M-T "|xsel -ib
u" main
 
 ## If you would like nano to have keybindings that are more "usual",
 ## such as ^O for Open, ^F for Find, ^H for Help, and ^Q for Quit,
diff -Nru 
nano-7.2/debian/patches/0001-linter-use-a-format-string-to-deflect-format-string-.patch
 
nano-7.2/debian/patches/0001-linter-use-a-format-string-to-deflect-format-string-.patch
--- 
nano-7.2/debian/patches/0001-linter-use-a-format-string-to-deflect-format-string-.patch
 1970-01-01 01:00:00.0 +0100
+++ 
nano-7.2/debian/patches/0001-linter-use-a-format-string-to-deflect-format-string-.patch
 2024-05-06 08:08:19.0 +0200
@@ -0,0 +1,47 @@
+From f2e042114d2c1696031bc2f2251e28a9c8eceaff Mon Sep 17 00:00:00 2001
+From: Benno Schulenberg 
+Date: Mon, 27 Mar 2023 11:47:37 +0200
+Subject: [PATCH 1/4] linter: use a format string, to deflect format-string
+ attacks
+
+This fixes the first part of https://savannah.gnu.org/bugs/?63964.
+
+Reported-by: Vince Vince
+---
+ src/text.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/text.c b/src/text.c
+index f4a3d7c5..34551fea 100644
+--- a/src/text.c
 b/src/text.c
+@@ -2846,7 +2846,7 @@ void do_linter(void)
+   confirm_margin();
+ #endif
+   edit_refresh();
+-  statusline(NOTICE, curlint->msg);
++  statusline(NOTICE, "%s", curlint->msg);
+   bottombars(MLINTER);
+   }
+ 
+@@ -2877,7 +2877,7 @@ void do_linter(void)
+   beep();
+   napms(600);
+   last_wait = time(NULL);
+-  statusline(NOTICE, curlint->msg);
++

Bug#1070156: RM: gnome-video-arcade -- ROM; Abandoned upstream, uses oldlibs

[Jordi Mallach]

Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: gnome-video-arc...@packages.debian.org, jbi...@ubuntu.com
Control: affects -1 + src:gnome-video-arcade
User: ftp.debian@packages.debian.org
Usertags: remove

As suggested by Jeremy Bicha, g-v-a should be removed as it is now
abandoned upstream and uses libs like libsoup2 that the GNOME team is
trying to get rid of.

This removal will also close 1061696 and 1061694.

Thanks,
Jordi

Bug#1069076: Please update to enet 1.3.18

[Jordi Mallach]

Source: enet
Version: 1.3.17+ds-2
Severity: normal

Hi!

ENet upstream just cut a release after I requested it on
github. As you know, the last released happened 4 years ago
and quite a few features and fixes have been piling up in
Github.

I depend on the new version to be able to build the latest
release of dolphin-emu. Please update the package, thanks!

Jordi

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.7.9-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1062471: Does not handle OAuth2 + unauthenticated setups correctly

[Jordi Mallach]

Source: roundcube
Version: 1.6.6+dfsg-1
Severity: normal
Tags: patch upstream

Roundcube's OAuth2 code assumes that if oauth authentication is in
place, the same scheme will apply to the SMTP credentials, but this
is wrong: it's common that Roundcube will be installed in a host
that simply has a smtp forwarder to a smarthost, and thus no
authentication is needed.

Upstream fixed this in 
https://github.com/roundcube/roundcubemail/commit/504cdb89a5ed2c0c3491f99abb206dfb42b1200b
and the patch applies well to the bookworm branch.

Would it be possible to add this fix in a future point release? For your
convenience, here's a MR with the patch included:

https://salsa.debian.org/roundcube-team/roundcube/-/merge_requests/1

Jordi

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.6.13-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1050515: gtk-sharp3: Move to GtkSharp upstream

[Jordi Mallach]

Source: gtk-sharp3
Version: 2.99.3-4.1
Followup-For: Bug #1050515
X-Debbugs-Cc: j...@softcatala.org

gbrainy is marked for autoremoval due to RC bugs in gtk-sharp3, and
its upstream author, Jordi Mas, contacted me to ask me about Debian's
plans for this package. Fedora is already using the new source in
https://github.com/GLibSharp/GtkSharp and we should do the same as
soon as possible.

Is anyone working on this? I can devote some time to it.

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.4.0-4-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1051406: Please upload to unstable

[Jordi Mallach]

Source: vulkan-memory-allocator
Version: 3.0.1+dfsg-1
Severity: normal

Hi!

One of my packages uses a vendored copy of vma, so it would benefit from
this package being generally available in unstable and testing.

Can you please upload it to unstable?

Thanks in advance,
Jordi


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.4.0-4-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1050317: Please apply OAuth fixes in bookworm

[Jordi Mallach]

Package: roundcube-core
Version: 1.6.1+dfsg-1
Severity: important

Hi!

I was trying to setup OAuth2 in Roundcube, and after lots of
head-scratching, I figured out that it wasn't working due to some known
and fixed errors upstream.

It would be very good if we could have a proposed-update upload for
bookworm with the fixes in

https://github.com/roundcube/roundcubemail/commit/f7635575f6074a2d064832d610c67c873517384c
and
https://github.com/roundcube/roundcubemail/commit/ca1b23ea9d8ddbfeaf973158f508a5f70ae51db8

and additionally a backport of

https://salsa.debian.org/roundcube-team/roundcube/-/commit/3f5fd4677abdf25224a2c05047a5a9d7490cf159

Thanks,
Jordi


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.4.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages roundcube-core depends on:
pn  dbconfig-common
ii  debconf [debconf-2.0]  1.5.82
ii  dpkg   1.21.22
ii  libjs-bootstrap4   4.6.1+dfsg1-4
pn  libjs-codemirror   
ii  libjs-jquery   3.6.1+dfsg+~3.5.14-1
pn  libjs-jquery-minicolors
ii  libjs-jquery-ui1.13.2+dfsg-1
pn  libjs-jstimezonedetect 
ii  libmagic1  1:5.44-3
pn  php
pn  php-auth-sasl  
pn  php-cli
pn  php-common 
pn  php-guzzlehttp-guzzle  
pn  php-intl   
pn  php-json   
pn  php-mail-mime  
pn  php-masterminds-html5  
pn  php-mbstring   
pn  php-net-sieve  
pn  php-net-smtp   
pn  php-pear   
pn  roundcube-mysql | roundcube-sqlite3 | roundcube-pgsql  
ii  ucf3.0043+nmu1

Versions of packages roundcube-core recommends:
pn  apache2 | lighttpd | spawn-fcgi | php-fpm | httpd-cgi  
pn  php-enchant
pn  php-gd 
pn  roundcube-skin-classic 
pn  roundcube-skin-larry   

Versions of packages roundcube-core suggests:
pn  php-bacon-qr-code   
pn  php-bjeavons-zxcvbn-php 
pn  php-crypt-gpg   
pn  php-net-ldap3   
pn  php-roundcube-rtf-html-php  
pn  roundcube-plugins   

Bug#1038647: Sogo : Error at logon

[Jordi Mallach]

El dl. 19 de 06 de 2023 a les 18:06 +0200, en/na Joffrey va escriure:
> Now i have an error when i try to logon on sogo.
> 
> Versions :
> sogo have been upgrade from 5.0.1-4 to 5.8.0-1
> connection=0x0x5568f17a3dd0>>): ERREUR:  valeur trop longue pour le
> type character varying(255)

You're missing a schema update. Have a look at
/usr/share/doc/sogo/NEWS.Debian,
and make sure you execute the corresponding upgrade script as described
there.

If you use nginx, make sure you also update your config.

Please ack if this fixes your issues.

Jordi

-- 
Jordi Mallach 

Bug#1033953: unblock: gimp-help/2.10.34-1

[Jordi Mallach]

Hi!

El dl. 08 de 05 de 2023 a les 22:12 +0200, en/na Paul Gevers va
escriure:
> Control: tags -1 confirmed moreinfo
> s this is a documentation only source package, you can go ahead.
> Please 
> remove the moreinfo tag once it happens and don't wait too long
> please.

Paul, I checked the excuses today and I see it's still not setup.

Just in case this is it: have in mind that the unblock request must be
against 2.10.34-2, instead of -1, as -1 went through NEW via
experimental.

Thanks,
Jordi
-- 
Jordi Mallach 
Debian Project

Bug#1033953: unblock: gimp-help/2.10.34-1

[Jordi Mallach]

Hi Paul,

El dl. 08 de 05 de 2023 a les 22:12 +0200, en/na Paul Gevers va
escriure:
> Control: tags -1 confirmed moreinfo
> 
> Hi Jordi
> 
> On 04-05-2023 14:02, Jordi Mallach wrote:
> > I honestly thought you were more interested in the packaging
> > changes
> > than the upstream diff, sorry.
> 
> Understood, but we always ask for the full debdiff (which you can
> filter 
> if you tell us which filter you applied and why).

Yeah, sorry, I should have done this from the beginning, but it was
such a long diff that it didn't sound entirely reasonable. ️

> 
> > The diff is huge because there are a lot of new translations, and
> > many
> > documentation additions. As I said in my original message, this
> > documentation update was due years ago and it finally captures the
> > real
> > state of the GIMP version we shipped in bullseye and will ship in
> > bookworm.
> 
> That's what I suspected yes.
> 
> As this is a documentation only source package, you can go ahead.
> Please 
> remove the moreinfo tag once it happens and don't wait too long
> please.

Thank you,

The package is now uploaded (2.10.34-2).


Jordi
-- 
Jordi Mallach 
Debian Project

Bug#1035532: unblock: alsa-tools/1.2.5-3

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: alsa-to...@packages.debian.org
Control: affects -1 + src:alsa-tools

Please unblock package alsa-tools

As reported in #1035104, alsa-tools-gui is missing a dependency on
pkexec, which is required by one of the included tools.

[ Reason ]

This fixes a RC bug in alsa-tools-gui.

[ Impact ]

One of the tools is unable to work properly, without useful
indication to the user of that fact.

[ Tests ]

The main change is the addition of the missing dependency on pkexec.

[ Risks ]

Adding pkexec to -tools-gui dependencies adds a setuid binary to the
system, in the case it wasn't installed already.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]

This update includes a couple minor packaging changes that had been waiting
in the git repo for over a year:

- the addition of the upstream signing key
- the removal of two obsolete documents (d/NOTES and d/changelog.ALSA,
  which was a dump of the upstream git log and wasn't being updated since
  2016)

unblock alsa-tools/1.2.5-3
diff -Nru alsa-tools-1.2.5/debian/changelog alsa-tools-1.2.5/debian/changelog
--- alsa-tools-1.2.5/debian/changelog   2021-09-09 02:28:58.0 +0200
+++ alsa-tools-1.2.5/debian/changelog   2023-05-05 00:35:19.0 +0200
@@ -1,3 +1,13 @@
+alsa-tools (1.2.5-3) unstable; urgency=medium
+
+  * Drop changelog.ALSA.
+  * Drop obsolete debian/NOTES.
+  * Import upstream signing key and configure watch file to check for
+sigs.
+  * Add pkexec to alsa-tools-gui's Depends (closes: #1035104).
+
+ -- Jordi Mallach   Fri, 05 May 2023 00:35:19 +0200
+
 alsa-tools (1.2.5-2) unstable; urgency=medium
 
   * Install AppStream metadata in /usr/share/metainfo.
diff -Nru alsa-tools-1.2.5/debian/changelog.ALSA 
alsa-tools-1.2.5/debian/changelog.ALSA
--- alsa-tools-1.2.5/debian/changelog.ALSA  2019-11-07 00:42:01.0 
+0100
+++ alsa-tools-1.2.5/debian/changelog.ALSA  1970-01-01 01:00:00.0 
+0100
@@ -1,3136 +0,0 @@
-commit b01cf30
-Author: Jaroslav Kysela 
-Date:   Tue Dec 20 10:12:29 2016 +0100
-
-  * Release v1.1.3
-
-commit 70118f5
-Author: Michel Normand 
-Date:   Mon Jun 20 15:26:06 2016 +0200
-
-  * gcc6 narrowing error
-
-commit 44f3750
-Author: Jaroslav Kysela 
-Date:   Tue Oct 27 14:34:05 2015 +0100
-
-  * Release v1.1.0
-
-commit ed9c1b7
-Author: Takashi Iwai 
-Date:   Fri Oct 2 12:41:02 2015 +0200
-
-  * Add */compile to .gitignore
-
-commit 8a241fa
-Author: Takashi Iwai 
-Date:   Fri Oct 2 12:38:33 2015 +0200
-
-  * Add some hdajacksensetest/* files to .gitignore
-
-commit 471ba9b
-Author: Stéphane Aulery 
-Date:   Wed Mar 25 18:38:53 2015 +0100
-
-  * cspctl.1: remove ".LO" macro. This macro don't exist for manpages
-syntax.
-
-commit 42b826d
-Author: Jaroslav Kysela 
-Date:   Thu Feb 26 13:35:49 2015 +0100
-
-  * Release v1.0.29
-
-commit 9dca16c
-Author: David Henningsson 
-Date:   Tue Jan 13 09:12:29 2015 +0100
-
-  * hdajackretask: Add dock hp/mic/line to simple options
-
-commit 7a7d94a
-Author: David Henningsson 
-Date:   Mon Oct 6 15:30:03 2014 +0200
-
-  * Add a small "hdajacksensetest" helper
-
-commit eb6408a
-Author: David Henningsson 
-Date:   Fri Aug 1 16:20:30 2014 +0200
-
-  * hdajackretask: Add "hints" functionality
-
-commit 406f80c
-Author: Takashi Iwai 
-Date:   Fri Jun 27 16:48:33 2014 +0200
-
-  * ld10k1: Fix missing parentheses for functions
-
-commit c3eb625
-Author: Jaroslav Kysela 
-Date:   Fri Jun 13 11:28:13 2014 +0200
-
-  * Release v1.0.28
-
-commit 1e7b618
-Author: Jaroslav Kysela 
-Date:   Fri Jun 13 11:26:43 2014 +0200
-
-  * qlo10k1: packing fix (configure.ac)
-
-commit 07896d3
-Author: Jaroslav Kysela 
-Date:   Thu Jun 12 11:28:22 2014 +0200
-
-  * Modernize configure.ac
-
-commit ab01047
-Author: David Henningsson 
-Date:   Tue May 27 09:12:36 2014 +0200
-
-  * hdajackretask: Make sure codecs do not show up twice under 3.15
-kernel
-
-commit f3c2688
-Author: Adrian Knoth 
-Date:   Sat Jan 4 21:38:23 2014 +0100
-
-  * hdspmixer: Add support for RME AIO AEB boards
-
-commit 772fbde
-Author: David Henningsson 
-Date:   Thu Jun 13 16:26:43 2013 +0200
-
-  * hdajackretask: Fix killing PulseAudio on newer PulseAudio versions
-
-commit 472c414
-Author: Jordi Mallach 
-Date:   Wed May 15 19:19:11 2013 +0200
-
-  * Add AM_MAINTAINER_MODE([enable]) macro to all configure scripts.
-
-commit e79e201
-Author: Jordi Mallach 
-Date:   Wed May 15 19:19:09 2013 +0200
-
-  * Fix build errors caused by -Werror=format-security.
-
-commit a172825
-Author: Elimar Riesebieter 
-Date:   Wed May 15 19:19:07 2013 +0200
-
-  * Fix bashisms.
-
-commit c1fdd75
-Author: Jordi Mallach 
-Date:   Wed May 15 19:19:08 2013 +0200
-
-  * Fix spelling of “successfully”.
-
-commit 2fcce93
-Author: Elimar Riesebieter 
-Date:   

Bug#1033953: unblock: gimp-help/2.10.34-1

[Jordi Mallach]

Hey Paul,

El dc. 03 de 05 de 2023 a les 19:48 +0200, en/na Paul Gevers va
escriure:
> Control: tags -1 moreinfo
> 
> Hi,
> 
> On 03-05-2023 12:03, Jordi Mallach wrote:
> > This is the final .debdiff for this unblock request.
> 
> There might have been a misunderstanding, but your debdiff misses the
> vast majority of upstream changes:
>   4255 files changed, 2256958 insertions(+), 1205010 deletions(-)
> 
> Can you please explain?

I honestly thought you were more interested in the packaging changes
than the upstream diff, sorry.

The diff is huge because there are a lot of new translations, and many
documentation additions. As I said in my original message, this
documentation update was due years ago and it finally captures the real
state of the GIMP version we shipped in bullseye and will ship in
bookworm.

This source has no binary code and comparing the contents of gimp-help-
en 2.10.0 and 2.10.34, everything seems sane.

I have made available a diff that can more or less be skimmed at
https://oskuro.net/gimp-help-full.diff.xz. I have excluded
automake/autoconf/aclocal generated bits from it with

debdiff --exclude INSTALL --exclude missing --exclude install-sh --
exclude aclocal.m4 --exclude config.guess --exclude config.sub --
exclude configure --exclude Makefile.in --exclude ChangeLog /tmp/gimp-
help_2.10.0-1.dsc ~/git/debian/gnome-team/gimp-help_2.10.34-1.dsc

I'm also attaching the output of diffstat.

Thanks,
Jordi
-- 
Jordi Mallach 
Debian Project


diffstat.xz
Description: application/xz

Bug#1033953: unblock: gimp-help/2.10.34-1

[Jordi Mallach]

Hi,

El dt. 02 de 05 de 2023 a les 19:04 +0200, en/na Jordi Mallach va
escriure:
> Hi again,
> 
> El dl. 01 de 05 de 2023 a les 20:40 +0200, en/na Jordi Mallach va
> escriure:
> > Attached is the debdiff of what I uploaded to experimental (new
> > translations need to go through NEW, if this ends up being
> > acceptable,
> > I'll try to get ftp-master to review it asap).
> 
> ftp-master already processed this package and is now accepted to
> experimental.

This is the final .debdiff for this unblock request.

-- 
Jordi Mallach 
Debian Project
diff -Nuar /tmp/gimp-help-2.10.0/debian/changelog gimp-help/debian/changelog
--- /tmp/gimp-help-2.10.0/debian/changelog	2020-09-03 19:55:13.0 +0200
+++ gimp-help/debian/changelog	2023-05-03 11:01:16.851909850 +0200
@@ -1,3 +1,20 @@
+gimp-help (2.10.34-2) unstable; urgency=medium
+
+  * Upload to unstable, targetting transition to bookworm.
+
+ -- Jordi Mallach   Wed, 03 May 2023 11:00:29 +0200
+
+gimp-help (2.10.34-1) experimental; urgency=medium
+
+  * New upstream release
+  * Add new binary packages for cs, da, en_GB, fa, fi, hr, hu, lt, pt,
+ro, uk and zh_CN.
+  * Drop obsolete override for dh_clean.
+  * Drop all patches.
+  * Set gbp's upstream-vcs-tag to GIMP_HELP_%(version%.%_)s.
+
+ -- Jordi Mallach   Mon, 01 May 2023 01:53:14 +0200
+
 gimp-help (2.10.0-1) unstable; urgency=medium
 
   * Team upload.
diff -Nuar /tmp/gimp-help-2.10.0/debian/control gimp-help/debian/control
--- /tmp/gimp-help-2.10.0/debian/control	2020-09-03 19:55:13.0 +0200
+++ gimp-help/debian/control	2023-05-03 10:59:00.290559330 +0200
@@ -6,7 +6,7 @@
 Section: doc
 Priority: optional
 Maintainer: Debian GNOME Maintainers 
-Uploaders: Ari Pollak , Jeremy Bicha 
+Uploaders: Ari Pollak , Jordi Mallach 
 Build-Depends: debhelper-compat (= 12),
gnome-pkg-tools,
pkg-config
@@ -35,6 +35,28 @@
  .
  This package contains the documentation for the GIMP in Catalan.
 
+Package: gimp-help-cs
+Architecture: all
+Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
+Provides: gimp-help
+Enhances: gimp
+Description: Documentation for the GIMP (Czech)
+ This package contains the documentation files for the GIMP designed for use
+ with the internal GIMP help browser or external web browsers.
+ .
+ This package contains the documentation for the GIMP in Czech.
+
+Package: gimp-help-da
+Architecture: all
+Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
+Provides: gimp-help
+Enhances: gimp
+Description: Documentation for the GIMP (Danish)
+ This package contains the documentation files for the GIMP designed for use
+ with the internal GIMP help browser or external web browsers.
+ .
+ This package contains the documentation for the GIMP in Danish.
+
 Package: gimp-help-de
 Architecture: all
 Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
@@ -68,6 +90,17 @@
  .
  This package contains the documentation for the GIMP in English.
 
+Package: gimp-help-en-gb
+Architecture: all
+Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
+Provides: gimp-help
+Enhances: gimp
+Description: Documentation for the GIMP (British English)
+ This package contains the documentation files for the GIMP designed for use
+ with the internal GIMP help browser or external web browsers.
+ .
+ This package contains the documentation for the GIMP in British English.
+
 Package: gimp-help-es
 Architecture: all
 Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
@@ -79,6 +112,28 @@
  .
  This package contains the documentation for the GIMP in Spanish.
 
+Package: gimp-help-fa
+Architecture: all
+Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
+Provides: gimp-help
+Enhances: gimp
+Description: Documentation for the GIMP (Farsi)
+ This package contains the documentation files for the GIMP designed for use
+ with the internal GIMP help browser or external web browsers.
+ .
+ This package contains the documentation for the GIMP in Farsi.
+
+Package: gimp-help-fi
+Architecture: all
+Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
+Provides: gimp-help
+Enhances: gimp
+Description: Documentation for the GIMP (Finnish)
+ This package contains the documentation files for the GIMP designed for use
+ with the internal GIMP help browser or external web browsers.
+ .
+ This package contains the documentation for the GIMP in Finnish.
+
 Package: gimp-help-fr
 Architecture: all
 Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
@@ -90,6 +145,28 @@
  .
  This package contains the documentation for the GIMP in French.
 
+Package: gimp-help-hr
+Architecture: all
+Depends: ${misc:Depends},

Bug#1033953: unblock: gimp-help/2.10.34-1

[Jordi Mallach]

Hi again,

El dl. 01 de 05 de 2023 a les 20:40 +0200, en/na Jordi Mallach va
escriure:
> Attached is the debdiff of what I uploaded to experimental (new
> translations need to go through NEW, if this ends up being
> acceptable,
> I'll try to get ftp-master to review it asap).

ftp-master already processed this package and is now accepted to
experimental.

-- 
Jordi Mallach 
Debian Project

Bug#1033953: unblock: gimp-help/2.10.34-1

[Jordi Mallach]

Hi Paul,

Sorry for the wait, just uploading this was a bit painful on my
internet link.

Attached is the debdiff of what I uploaded to experimental (new
translations need to go through NEW, if this ends up being acceptable,
I'll try to get ftp-master to review it asap).

NB: while generating the debdiff, I noticed tehre are two packaging
changes that are not reflected in the changelog:
- upstream-vcs-tag was enabled in d/gbp.conf
- all patches were disabled as they were obsolete

Both changes Iwill be documented in the -2 upload, which should have no
further modifications.

Jordi
-- 
Jordi Mallach 
Debian Project
diff -Nuar /tmp/gimp-help-2.10.0/debian/changelog gimp-help/debian/changelog
--- /tmp/gimp-help-2.10.0/debian/changelog	2020-09-03 19:55:13.0 +0200
+++ gimp-help/debian/changelog	2023-05-01 01:53:22.196877871 +0200
@@ -1,3 +1,12 @@
+gimp-help (2.10.34-1) experimental; urgency=medium
+
+  * New upstream release
+  * Add new binary packages for cs, da, en_GB, fa, fi, hr, hu, lt, pt,
+ro, uk and zh_CN.
+  * Drop obsolete override for dh_clean.
+
+ -- Jordi Mallach   Mon, 01 May 2023 01:53:14 +0200
+
 gimp-help (2.10.0-1) unstable; urgency=medium
 
   * Team upload.
diff -Nuar /tmp/gimp-help-2.10.0/debian/control gimp-help/debian/control
--- /tmp/gimp-help-2.10.0/debian/control	2020-09-03 19:55:13.0 +0200
+++ gimp-help/debian/control	2023-05-01 01:53:42.165187340 +0200
@@ -6,7 +6,7 @@
 Section: doc
 Priority: optional
 Maintainer: Debian GNOME Maintainers 
-Uploaders: Ari Pollak , Jeremy Bicha 
+Uploaders: Ari Pollak , Jordi Mallach 
 Build-Depends: debhelper-compat (= 12),
gnome-pkg-tools,
pkg-config
@@ -35,6 +35,28 @@
  .
  This package contains the documentation for the GIMP in Catalan.
 
+Package: gimp-help-cs
+Architecture: all
+Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
+Provides: gimp-help
+Enhances: gimp
+Description: Documentation for the GIMP (Czech)
+ This package contains the documentation files for the GIMP designed for use
+ with the internal GIMP help browser or external web browsers.
+ .
+ This package contains the documentation for the GIMP in Czech.
+
+Package: gimp-help-da
+Architecture: all
+Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
+Provides: gimp-help
+Enhances: gimp
+Description: Documentation for the GIMP (Danish)
+ This package contains the documentation files for the GIMP designed for use
+ with the internal GIMP help browser or external web browsers.
+ .
+ This package contains the documentation for the GIMP in Danish.
+
 Package: gimp-help-de
 Architecture: all
 Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
@@ -68,6 +90,17 @@
  .
  This package contains the documentation for the GIMP in English.
 
+Package: gimp-help-en-gb
+Architecture: all
+Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
+Provides: gimp-help
+Enhances: gimp
+Description: Documentation for the GIMP (British English)
+ This package contains the documentation files for the GIMP designed for use
+ with the internal GIMP help browser or external web browsers.
+ .
+ This package contains the documentation for the GIMP in British English.
+
 Package: gimp-help-es
 Architecture: all
 Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
@@ -79,6 +112,28 @@
  .
  This package contains the documentation for the GIMP in Spanish.
 
+Package: gimp-help-fa
+Architecture: all
+Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
+Provides: gimp-help
+Enhances: gimp
+Description: Documentation for the GIMP (Farsi)
+ This package contains the documentation files for the GIMP designed for use
+ with the internal GIMP help browser or external web browsers.
+ .
+ This package contains the documentation for the GIMP in Farsi.
+
+Package: gimp-help-fi
+Architecture: all
+Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
+Provides: gimp-help
+Enhances: gimp
+Description: Documentation for the GIMP (Finnish)
+ This package contains the documentation files for the GIMP designed for use
+ with the internal GIMP help browser or external web browsers.
+ .
+ This package contains the documentation for the GIMP in Finnish.
+
 Package: gimp-help-fr
 Architecture: all
 Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
@@ -90,6 +145,28 @@
  .
  This package contains the documentation for the GIMP in French.
 
+Package: gimp-help-hr
+Architecture: all
+Depends: ${misc:Depends}, gimp-help-common (= ${source:Version}), gimp-helpbrowser | www-browser
+Provides: gimp-help
+Enhances: gimp
+Description: Documentation for the GIMP (Croatian)
+ This package contains the documentation files for the GIMP designed

Bug#1031401: postgrey.service %r specifier deprecated

[Jordi Mallach]

Hey,

El ds. 29 de 04 de 2023 a les 16:32 +, en/na Mathias Gibbens va
escriure:
>   As I upgrade systems, I'm encountering this warning as well. I
> haven't looked into what the fix would require, but I hope it could
> be
> a targeted fix appropriate for an upload during the hard freeze, so
> bookworm can ship with a version of postgrey that isn't emitting this
> message.

I noticed this myself a few weeks ago and have some fixes ready, just
pending some thorough testing.


I have now uploaded to unstable and filed an unblock request.

Thanks for your report!

Jordi

-- 
Jordi Mallach 
Debian Project

Bug#1035330: unblock: postgrey/1.37-2

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: postg...@packages.debian.org
Control: affects -1 + src:postgrey

Please unblock package postgrey

postgrey, in its current state in bookworm, is RC buggy because
among other things it does not install the default config files
due to a too zealous trim of its postinst script.

1.37-2 restores all the lost packaging bits that makes it
again acceptable for the release.

Attached is a debdiff that:

- restores ucf bits so configuration files will be installed
  again
- restores the creation of the postgrey user

[ Impact ]

Without this update, postgrey will be ok-ish for people upgrading
from bullseye, but will be completely broken for new installs.


[ Tests ]

I have manually tested upgrades from:
- 1.36-5.2 (in bullseye) → 1.37-1 (current broken) → 1.37-2 (proposed)
- 1.37-5.2 → 1.37-2

- The same as above, but with config changes, which were correctly handled
  by ucf.

[ Risks ]

The only changes are in packaging, no upstream code changes are
involved.


[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

unblock postgrey/1.37-2
diff -Nru postgrey-1.37/debian/changelog postgrey-1.37/debian/changelog
--- postgrey-1.37/debian/changelog  2022-04-21 21:35:13.0 +0200
+++ postgrey-1.37/debian/changelog  2023-05-01 00:57:30.0 +0200
@@ -1,3 +1,14 @@
+postgrey (1.37-2) unstable; urgency=medium
+
+  * Use %H in the service file to set the hostname in the rejection message
+(closes: #1031401).
+  * Add missing ucf machinery so the default config file and whitelists get
+installed correctly (closes: #1033231).
+  * Reinstate creation of postgrey user.
+  * Ensure /var/lib/postgrey exists and is owned by postgrey.
+
+ -- Jordi Mallach   Mon, 01 May 2023 00:57:30 +0200
+
 postgrey (1.37-1) unstable; urgency=medium
 
   * New upstream release (closes: #851571).
diff -Nru postgrey-1.37/debian/postgrey.dirs postgrey-1.37/debian/postgrey.dirs
--- postgrey-1.37/debian/postgrey.dirs  2022-02-01 13:50:22.0 +0100
+++ postgrey-1.37/debian/postgrey.dirs  2023-05-01 00:27:12.0 +0200
@@ -1 +1,2 @@
 /etc/postgrey
+/var/lib/postgrey
diff -Nru postgrey-1.37/debian/postgrey.install 
postgrey-1.37/debian/postgrey.install
--- postgrey-1.37/debian/postgrey.install   2022-02-01 13:50:22.0 
+0100
+++ postgrey-1.37/debian/postgrey.install   2023-03-09 14:34:47.0 
+0100
@@ -1,6 +1,9 @@
-postgrey usr/sbin/
-policy-test  usr/sbin
-contrib/postgreyreport   usr/bin
-postgrey_whitelist_clients   usr/share/postgrey
-postgrey_whitelist_recipientsusr/share/postgrey
-debian/postgrey-default  usr/share/postgrey
+postgreyusr/sbin/
+policy-test usr/sbin
+contrib/postgreyreport  usr/bin
+postgrey_whitelist_clients  usr/share/postgrey
+postgrey_whitelist_recipients   usr/share/postgrey
+debian/postgrey-default usr/share/postgrey
+debian/postgrey-default.md5sum  usr/share/postgrey
+debian/postgrey_whitelist_clients.md5sumusr/share/postgrey
+debian/postgrey_whitelist_recipients.md5sum usr/share/postgrey
diff -Nru postgrey-1.37/debian/postgrey.service 
postgrey-1.37/debian/postgrey.service
--- postgrey-1.37/debian/postgrey.service   2022-02-26 14:07:46.0 
+0100
+++ postgrey-1.37/debian/postgrey.service   2023-03-08 17:22:52.0 
+0100
@@ -6,7 +6,7 @@
 
 [Service]
 Type=simple
-Environment=POSTGREY_TEXT="Greylisted, see 
https://postgrey.schweikert.ch/help/%r.html;
+Environment=POSTGREY_TEXT="Greylisted, see 
https://postgrey.schweikert.ch/help/%H.html;
 EnvironmentFile=-/etc/default/postgrey
 ExecStart=/usr/sbin/postgrey \
  $POSTGREY_OPTS \
diff -Nru postgrey-1.37/debian/postgrey.ucf postgrey-1.37/debian/postgrey.ucf
--- postgrey-1.37/debian/postgrey.ucf   1970-01-01 01:00:00.0 +0100
+++ postgrey-1.37/debian/postgrey.ucf   2023-03-09 16:26:18.0 +0100
@@ -0,0 +1,3 @@
+usr/share/postgrey/postgrey-default /etc/default/postgrey
+usr/share/postgrey/whitelist_clients/etc/postgrey/whitelist_clients
+usr/share/postgrey/whitelist_recipients /etc/postgrey/whitelist_recipients
diff -Nru postgrey-1.37/debian/postgrey_whitelist_clients.md5sum 
postgrey-1.37/debian/postgrey_whitelist_clients.md5sum
--- postgrey-1.37/debian/postgrey_whitelist_clients.md5sum  2022-02-01 
13:50:22.0 +0100
+++ postgrey-1.37/debian/postgrey_whitelist_clients.md5sum  2023-03-09 
14:39:18.0 +0100
@@ -15,3 +15,4 @@
 50848c8868cdc595592881c83f6b2250  1.31-1/postgrey_whitelist_clients
 cb7f6e25df39e1e05317a6dd344fc2c2  1.31-3/postgrey_whiteli

Bug#1033953: unblock: gimp-help/2.10.34-1

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: gimp-h...@packages.debian.org
Control: affects -1 + src:gimp-help

This is a pre-upload request to unblock package gimp-help.

[ Reason ]

The GIMP manual has been stale for many years. The current version
in the archive was released as a "test release" in 2020, but it was
incomplete and didn't even cover all the new functionality in the
GIMP 2.10 branch which was shipped in Debian buster.

A few weeks ago, the GIMP maintainers finally released an updated
version, which matches the current GIMP functionality and is translated
to a number of extra languages.

I'm asking for a pre-approval of this documentation-only source package.
If approved, I would update this bug with the relevant parts of the
diff, seek a final ack, and upload within the next week.

I also plan to do an experimental upload first, in order to see the
results.

[ Impact ]

Shipped documentation will be outdated.

[ Tests ]

There is no code involved, just a build system and documentation data.

[ Risks ]

The risk is low, as this is a documentation-only package, and its
current state is pretty poor.

[ Checklist ]
  [ ] all changes are documented in the d/changelog
  [ ] I reviewed all changes and I approve them
  [ ] attach debdiff against the package in testing

[ Other info ]

unblock gimp-help/2.10.34-1

Bug#1033893: unblock: mailutils/1:3.15-4

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: mailut...@packages.debian.org
Control: affects -1 + src:mailutils

Please unblock package mailutils

I tried getting this before the start of the freeze, but apparently was
a few hours late.

This revision just fixes a long standing crash in mail(1), which is
related to certain locale setting.

The patch to the actual fix is a two-liner, but this upload also
included some other minor packaging tweaks like updating
Standards-Version or lintian overrides.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

unblock mailutils/1:3.15-4
diff -Nru mailutils-3.15/debian/changelog mailutils-3.15/debian/changelog
--- mailutils-3.15/debian/changelog 2022-09-13 23:16:02.0 +0200
+++ mailutils-3.15/debian/changelog 2023-03-03 17:00:20.0 +0100
@@ -1,3 +1,16 @@
+mailutils (1:3.15-4) unstable; urgency=medium
+
+  [ Debian Janitor ]
+  * Update lintian override info to new format on line 1.
+  * Update standards version to 4.6.1, no changes needed.
+
+  [ Jordi Mallach ]
+  * Add patch from Dave Love to fix a locale-related crash
+(closes: #944372, #1031702).
+  * Update Standards-Version to 4.6.2, with no changes needed.
+
+ -- Jordi Mallach   Fri, 03 Mar 2023 17:00:20 +0100
+
 mailutils (1:3.15-3) unstable; urgency=medium
 
   [ Jordi Mallach ]
diff -Nru mailutils-3.15/debian/control mailutils-3.15/debian/control
--- mailutils-3.15/debian/control   2022-09-13 21:34:33.0 +0200
+++ mailutils-3.15/debian/control   2023-03-03 16:52:35.0 +0100
@@ -30,7 +30,7 @@
python3-dev,
texinfo,
zlib1g-dev
-Standards-Version: 4.6.0
+Standards-Version: 4.6.2
 Vcs-Git: https://salsa.debian.org/debian/mailutils.git
 Vcs-Browser: https://salsa.debian.org/debian/mailutils
 Homepage: https://www.gnu.org/software/mailutils/
diff -Nru mailutils-3.15/debian/mailutils.lintian-overrides 
mailutils-3.15/debian/mailutils.lintian-overrides
--- mailutils-3.15/debian/mailutils.lintian-overrides   2022-04-18 
16:45:34.0 +0200
+++ mailutils-3.15/debian/mailutils.lintian-overrides   2023-03-03 
15:26:36.0 +0100
@@ -1 +1 @@
-mailutils: elevated-privileges usr/bin/dotlock.mailutils 2755 root/root
+mailutils: elevated-privileges 2755 root/root [usr/bin/dotlock.mailutils]
diff -Nru mailutils-3.15/debian/patches/locale_crash.patch 
mailutils-3.15/debian/patches/locale_crash.patch
--- mailutils-3.15/debian/patches/locale_crash.patch1970-01-01 
01:00:00.0 +0100
+++ mailutils-3.15/debian/patches/locale_crash.patch2023-03-03 
15:31:36.0 +0100
@@ -0,0 +1,35 @@
+From f7fa005e21c56aae550c71d1ebc43030e1063601 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff 
+Date: Tue, 21 Feb 2023 14:18:34 +0200
+Subject: Fix coredump in mail.
+
+Patch proposed by Dave Love 
+
+* mail/util.c (util_get_charset): Check if charset is not NULL
+before strdup'ing it.
+---
+ mail/util.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/mail/util.c b/mail/util.c
+index b7a8e07..710b2af 100644
+--- a/mail/util.c
 b/mail/util.c
+@@ -1218,12 +1218,12 @@ util_get_charset (void)
+ {
+   struct mu_lc_all lc_all = { .flags = 0 };
+   char *tmp = getenv ("LC_ALL");
+-  if (!tmp)
++  if (!tmp || !*tmp)
+   tmp = getenv ("LANG");
+ 
+   if (tmp && mu_parse_lc_all (tmp, _all, MU_LC_CSET) == 0)
+   {
+-charset = mu_strdup (lc_all.charset);
++charset = lc_all.charset ? mu_strdup (lc_all.charset) : NULL;
+ mu_lc_all_free (_all);
+   }
+   else
+-- 
+cgit v1.1
+
diff -Nru mailutils-3.15/debian/patches/series 
mailutils-3.15/debian/patches/series
--- mailutils-3.15/debian/patches/series2022-04-18 16:45:34.0 
+0200
+++ mailutils-3.15/debian/patches/series2023-03-03 15:32:42.0 
+0100
@@ -1,3 +1,4 @@
 set_mu_sieve_moddir.patch
 guile-3.0.patch
 fix_libpq_include.patch
+locale_crash.patch

Bug#1030670: Does not depend on libspng0

[Jordi Mallach]

Package: libspng-dev
Version: 0.7.3-1
Severity: serious
Tags: patch

Hi Andrea!

While trying to build against the new libspng-dev, I found that even my
build was issuing -lspng, it would fail because it could not find it.

It turns out you're missing a dependency against libspng0 itself.

Patch attached for that.

Additionally, I've seen the following too:

- spng.pc declares:

Requires.private: zlib

If I understand correctly, this is not a public dependency, which means
libspng-dev does not need to depend on zlib-dev. In fact, that's one of
the features SPNG advertises.

- I would downgrade the Recommends on libspng-doc to a Suggests, to
  avoid pulling in fonts and other unneeded packages on the 95% of
  cases.

Thank you,
Jordi

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libspng-dev depends on:
ii  zlib1g-dev  1:1.2.13.dfsg-1

Versions of packages libspng-dev recommends:
pn  libspng-doc  

libspng-dev suggests no packages.

-- no debconf information
--- debian/control.orig 2023-02-02 20:38:28.0 +0100
+++ debian/control  2023-02-06 12:08:42.216466366 +0100
@@ -40,6 +40,7 @@
 Architecture: any
 Multi-Arch: same
 Depends: zlib1g-dev,
+ libspng0 (= ${binary:Version}),
  ${misc:Depends}
 Recommends: libspng-doc
 Description: simple, modern libpng alternative - development

Bug#1025323: bullseye-pu: package nano/5.4-2+deb11u2

[Jordi Mallach]

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu

Hi release team!

I'm requesting the acceptance of a new nano update for stable,
with 3 additional upstream patches that fix two crash conditions
and a data-loss condition.

All the patches are trivial, self-explanatory but also well
documented in their headers.

[ Reason ]

These fixes are backports of fixes for the most important
bugfixes in the latest nano releases.

[ Impact ]

Not applying these means nano can crash on certain conditions.
The errors were found via Fedora's crash data service.

[ Tests ]

Manual tests have been done to test these fixes. Besides, the
fixes have been in test in newer versions of nano across multiple
distributors.

[ Risks ]

I think the risks are minimal, but in any case, the fixes can be easily
reverted if they need to.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable (except for one of
  the patches, which will be fixed in soon to be released 7.1)

[ Changes ]

The debiff consists of the addition of 3 individual patches,
plus the update of teh series file and debian changelog.

[ Other info ]

This update is very similar to the one that was previously accepted by
the release team, but this time with far less patches and lines of code
involved.
diff -Nru nano-5.4/debian/changelog nano-5.4/debian/changelog
--- nano-5.4/debian/changelog   2021-11-22 01:07:23.0 +0100
+++ nano-5.4/debian/changelog   2022-12-02 14:06:48.0 +0100
@@ -1,3 +1,11 @@
+nano (5.4-2+deb11u2) bullseye; urgency=medium
+
+  * The "No a l'ampliació del port" release.
+  * Add three additional patches from Benno Schulenberg, with two
+crash fixes and one data-loss fix.
+
+ -- Jordi Mallach   Fri, 02 Dec 2022 14:06:48 +0100
+
 nano (5.4-2+deb11u1) bullseye; urgency=medium
 
   * The "Bueno, de verdad, hasta luego, paso" release.
diff -Nru 
nano-5.4/debian/patches/0036-input-ensure-that-no-more-bytes-are-consumed-than-ar.patch
 
nano-5.4/debian/patches/0036-input-ensure-that-no-more-bytes-are-consumed-than-ar.patch
--- 
nano-5.4/debian/patches/0036-input-ensure-that-no-more-bytes-are-consumed-than-ar.patch
 1970-01-01 01:00:00.0 +0100
+++ 
nano-5.4/debian/patches/0036-input-ensure-that-no-more-bytes-are-consumed-than-ar.patch
 2022-12-02 13:42:39.0 +0100
@@ -0,0 +1,33 @@
+From af63d94017a26cbf3446219de5ced30e677e0f13 Mon Sep 17 00:00:00 2001
+From: Benno Schulenberg 
+Date: Sun, 12 Dec 2021 15:43:15 +0100
+Subject: [PATCH 36/38] input: ensure that no more bytes are consumed than are
+ available
+
+The value of 'consumed' may not exceed the given 'length'.
+
+Bug existed since version 2.9.3, commit e739448c.
+
+(Bug was found by studying Fedora crash reports.  Thank you, Fedora!)
+---
+ src/winio.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/winio.c b/src/winio.c
+index 1116c172..e12d6e6b 100644
+--- a/src/winio.c
 b/src/winio.c
+@@ -466,8 +466,9 @@ int convert_SS3_sequence(const int *seq, size_t length, 
int *consumed)
+ /* Translate a sequence that began with "Esc [" to its corresponding key 
code. */
+ int convert_CSI_sequence(const int *seq, size_t length, int *consumed)
+ {
+-  if (seq[0] < '9')
++  if (seq[0] < '9' && length > 1)
+   *consumed = 2;
++
+   switch (seq[0]) {
+   case '1':
+   if (length > 1 && seq[1] == '~')
+-- 
+2.37.4
+
diff -Nru 
nano-5.4/debian/patches/0037-execute-don-t-crash-when-an-empty-buffer-is-piped-th.patch
 
nano-5.4/debian/patches/0037-execute-don-t-crash-when-an-empty-buffer-is-piped-th.patch
--- 
nano-5.4/debian/patches/0037-execute-don-t-crash-when-an-empty-buffer-is-piped-th.patch
 1970-01-01 01:00:00.0 +0100
+++ 
nano-5.4/debian/patches/0037-execute-don-t-crash-when-an-empty-buffer-is-piped-th.patch
 2022-12-02 13:42:39.0 +0100
@@ -0,0 +1,33 @@
+From 35b67b15652102203161beb31db786f09981de81 Mon Sep 17 00:00:00 2001
+From: Benno Schulenberg 
+Date: Thu, 24 Feb 2022 11:57:56 +0100
+Subject: [PATCH 37/38] execute: don't crash when an empty buffer is piped
+ through a command
+
+That is, take into account that the cutbuffer could be NULL
+(when updating the undo item).
+
+This fixes https://savannah.gnu.org/bugs/?62107.
+
+Bug existed since version 4.9, commit b15c5a7e.
+---
+ src/text.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/text.c b/src/text.c
+index 5ff5745d..c88ca516 100644
+--- a/src/text.c
 b/src/text.c
+@@ -1200,7 +1200,8 @@ void update_undo(undo_type action)
+   else if (cutbuffer != NULL) {
+   free_lines(u->cutbuffer);
+   u->cutbuffer = 

Bug#1015714: src:sogo: fails to migrate to testing for too long: FTBFS on s390x

[Jordi Mallach]

Package: sogo
Followup-For: Bug #1015714

This has been worked around in 5.7.1-2, and SOGo has built on s390x and
other failing unofficial architectures where it was failing since 5.6.0.

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.18.0-4-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages sogo depends on:
ii  adduser 3.128
pn  gnustep-base-runtime
ii  init-system-helpers 1.64
ii  libc6   2.34-4
ii  libcrypt1   1:4.4.28-2
ii  libcurl47.84.0-2
ii  libgcc-s1   12.2.0-1
ii  libglib2.0-02.73.3-2
pn  libgnustep-base1.28 
pn  liblasso3   
pn  libmemcached11  
pn  liboath0
ii  libobjc412.2.0-1
pn  libsbjson2.3
ii  libsodium23 1.0.18-1
pn  libsope1
ii  libssl3 3.0.5-2
ii  libytnef0   2.0-1
ii  libzip4 1.7.3-1+b1
ii  lsb-base11.2
pn  memcached   
pn  sogo-common 
ii  systemd [systemd-tmpfiles]  251.4-1
ii  zip 3.0-12

sogo recommends no packages.

Versions of packages sogo suggests:
pn  postgresql | default-mysql-server | virtual-mysql-server  

Bug#967647: mtr: depends on deprecated GTK 2

[Jordi Mallach]

Hi Roger,

El dv. 20 de 05 de 2022 a les 12:33 +0200, en/na Rogier Wolff va
escriure:
> 
> For Debian I then need to create a release I think. 
> 
> I'll try to do that soon. Thanks for testing. 

I'm not sure I understand. Debian unstable and Debian testing have MTR
0.95 which has GTK-3 support, so there's no need for a new release as
far as I can tell.

The version in Debian stable can't be upgraded, so it will remain using
GTK-2 until it's superseeded by a new stable version next year.

Jordi

-- 
Jordi Mallach 
Debian Project

Bug#967647: mtr: depends on deprecated GTK 2

[Jordi Mallach]

Package: mtr
Version: 0.95-1
Followup-For: Bug #967647

Hi,

I just tested a build for this and I can confirm this works just
swapping libgtk2.0-dev with libgtk-3-dev in the Build-Depends.

Please upload a package linked against libgtk-3-0.

Thanks,
Jordi

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.17.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages mtr depends on:
ii  libc62.33-7
ii  libgdk-pixbuf-2.0-0  2.42.8+dfsg-1
ii  libglib2.0-0 2.72.1-1
ii  libgtk-3-0   3.24.33-2
ii  libjansson4  2.14-2
ii  libncurses6  6.3+20220423-2
ii  libtinfo66.3+20220423-2

mtr recommends no packages.

mtr suggests no packages.

-- no debconf information

Bug#1010856: Please make libjxl-dev depend on all required libraries

[Jordi Mallach]

Package: libjxl-dev
Version: 0.7.0~git20220325.7594374+ds-3
Severity: serious

While working on GIMP 3.0 packaging, I stumbled on:

configure:31882: $PKG_CONFIG --exists --print-errors "libjxl >= 0.6.1"
Package libhwy was not found in the pkg-config search path.
Perhaps you should add the directory containing `libhwy.pc'
to the PKG_CONFIG_PATH environment variable
Package 'libhwy', required by 'libjxl', not found

Please add all the required -dev packages to libjxl-dev dependencies,
so building against libjxl is possible without adding any extra
Build-Deps.

The current version in experimental has the following in its .pc file:

Requires.private: libhwy libbrotlicommon libbrotlienc libbrotlidec lcms2

Thank you!
Jordi

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.17.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libjxl-dev depends on:
ii  libjxl0.7  0.7.0~git20220325.7594374+ds-3

libjxl-dev recommends no packages.

libjxl-dev suggests no packages.

-- no debconf information

Bug#1008779: 1.37-1 has been uploaded to DELAYED/7

[Jordi Mallach]

Hi Antonio!

El dg. 24 de 04 de 2022 a les 15:47 +0200, en/na Antonio Radici va
escriure:
> On Fri, Apr 22, 2022 at 09:18:23AM +0200, Jordi Mallach wrote:
> > Hi,
> > 
> > This is to state that after 21 days, I've uploaded postgrey to
> > DELAYED/7, as documented in the salvaging procedure.
> 
> Hi Jordi,
> thanks for that. I was wondering if you are interested in taking it
> over?
> Otherwise I will likely orphan the package because I'm not using
> postgrey
> anymore.
> 
> Thanks for your upload!

Given the lack of news, I went ahead and did that. I made myself the
Maintainer but kept you in the Uploaders field.

https://salsa.debian.org/debian/postgrey/-/commit/5f9a92992b08b622643524a2aede29e74e6ee74d

Feel free to drop that in git if you don't want to be in there.

Thanks for all your past work in postgrey!

Jordi
-- 
Jordi Mallach 
Debian Project

Bug#1008779: 1.37-1 has been uploaded to DELAYED/7

[Jordi Mallach]

Hi,

This is to state that after 21 days, I've uploaded postgrey to
DELAYED/7, as documented in the salvaging procedure.

Jordi

-- 
Jordi Mallach 
Debian Project

Bug#1008779: ITS: postgrey

[Jordi Mallach]

Source: postgrey
Version: 1.36-5.2
Severity: important
X-Debbugs-Cc: anto...@debian.org

Hi Antonio,

postgrey's last maintainer upload was 4.5 years ago and there have been
a couple NMUs since then, in 2019 and 2021.

I am potentially going to replace greylistd with postgrey at work, so I
had a look at the state of the package, and decided it needed some work
to be suitable for me and for Debian.

Some time ago I spent some hours bringing the packaging up to date:

 - I recovered the last state of the alioth git repo and imported it in
   salsa.debian.org
 - Imported the latest upstream version and adapted existing patchset
 - Removed obsolete bits from the packaging
 - Brought up packaging to current standards, according to Lintian
 - Refreshed the whitelist from upstream git master

The result of this effort can be seen here:
https://salsa.debian.org/jordi/postgrey/-/commits/main

My idea is to move this project under the debian namespace.

I contacted you some time ago via email and IRC, but never got anything
back, so I'm starting the process to salvage the package.

I'd personally prefer to be a comaintaner of the package and have you
around so we share the load, but if you aren't interested in this
package anymore I guess I just take over entirely.

I'll upload the above package to DELAYED/7 in three weeks.

Thank you!
Jordi

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.16.0-5-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1003878: SOGo package README.Debian states built with GnuTLS while it is being built with openssl

[Jordi Mallach]

Hi!

El dl. 17 de 01 de 2022 a les 14:10 +0100, en/na Bernhard Dick va
escriure:
> 
> The README.Debian file of the SOGo package states there is no S/MIME 
> support in the webinterface due to the package being built using
> GnuTLS 
> instead of openssl while a switch to openssl has been done in commit 
> f2d148cd

Oh, thanks for that! It's now fixed in git.

-- 
Jordi Mallach 

Bug#1003755: mailutils: mail(1) completely broken, fails with "undefined symbol: mu_stream_timed_getdelim" on start

[Jordi Mallach]

severity -1 serious
thanks

Hi!


El ds. 15 de 01 de 2022 a les 15:32 +0100, en/na наб va escriure:
> You got it! Additionally: libmailutils8 not only adds, but also
> removes
> symbols (diff from nm -D libmailutils.so.8 | cut -c10- | sort),
> without bumping abiver (both are 8.0.0):

Thanks for checking, I didn't have the time to do it yet.

This bug is RC and 3.14 should not migrate to testing.

-- 
Jordi Mallach 
Debian Project

Bug#1003755: mailutils: mail(1) completely broken, fails with "undefined symbol: mu_stream_timed_getdelim" on start

[Jordi Mallach]

severity 1003755 normal
thanks

Hi,

El ds. 15 de 01 de 2022 a les 05:10 +0100, en/na наб va escriure:
> Package: mailutils
> Version: 1:3.14-1
> Severity: grave
> Justification: renders package unusable
> 
> Dear Maintainer,
> 
> I upgraded today;
> the changelog in my root mail (heh) shows just 1:3.14-1,
> so this is broken vs. previous (1:3.13-1).
> 
> When running mail(1), at all, it doesn't:
> -- >8 --
> $ mail
> mail: symbol lookup error: mail: undefined symbol:
> mu_stream_timed_getdelim
> $ date | mail -s test
> mail: symbol lookup error: mail: undefined symbol:
> mu_stream_timed_getdelim
> -- >8 --

I can't reproduce this.

One of these two might be important:

> Architecture: x32 (x86_64)

Ie, a x32 specific issue

Or more probably:

> Versions of packages mailutils depends on:
> ii  libmailutils8 1:3.13-1
> ii  mailutils-common  1:3.14-1

This version mismatch between mailutils and its libs.

It shouldn't happen, but if this is the problem, I'll look into it and
will tighten the dependency.


Jordi
-- 
Jordi Mallach 
Debian Project

Bug#996806: [Pkg-mailman-hackers] Bug#996806: mailmain3: Expected test results for arc_validate tests need updating

[Jordi Mallach]

Hi Pierre-Elliott!

El dj. 25 de 11 de 2021 a les 22:19 +0100, en/na Pierre-Elliott Bécue
va escriure:
> > I might try to work on a fix in the following days, most probably
> > including an update to the latest version, which includes other
> > fixes I
> > need.
> 
> I'm waiting for some stuck dependencies issues to solve to batch a
> full
> update of mailman3.

Sounds great! Do you have a list of missing deps?

-- 
Jordi Mallach 
Debian Project

Bug#996806: mailmain3: Expected test results for arc_validate tests need updating

[Jordi Mallach]

Source: mailman3
Version: 3.3.3-1
Followup-For: Bug #996806

Apparently this is fixed in upstream commit
f311b135fe13e3ec07ef2eedadba9c09b25e57ff

See

https://gitlab.com/mailman/mailman/-/commit/f311b135fe13e3ec07ef2eedadba9c09b25e57ff

for more details.

I might try to work on a fix in the following days, most probably
including an update to the latest version, which includes other fixes I
need.

Jordi

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.15.0-1-amd64 (SMP w/8 CPU threads)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1000355: bullseye-pu: package nano/5.4-2+deb11u1

[Jordi Mallach]

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu

[ Reason ]

As we did early during the freeze, nano's upstream Benno Schulenberg has
been maintaining a series of patches against nano 5.4, which backport
crashes fixes and other big impact fixes for Debian's version of nano.

[ Impact ]

We will miss several crash (and general bugs) fixes in different
situations and scenarios.

[ Tests ]

Patches have been tested individually against 5.4, and have had a wider
testing in the newer nano versions in which the fixes were introduced.

[ Risks ]

There is a big amount of patches, but most of them are one or
two-liners. Of course, the risk of any of them introducing new bugs is
real, but given Benno's knowledge of the codebase, it is unlikely.

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  - I've only mentioned the addition of a bundle of patches, not
each one of them in detail. I can add a list of patches like in
the changes section below, if that's preferred.
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
The summary for each of the included patches is as follows:

Subject: [PATCH 12/34] linter: block the resizing signal while reading output
 from the linter

Subject: [PATCH 13/34] editing: prevent the pointer for the top row from
 becoming dangling

Subject: [PATCH 14/34] memory: move the correct number of bytes, and not one
 too many

Subject: [PATCH 15/34] feedback: when not in curses mode, just skip displaying
 any message

Subject: [PATCH 16/34] input: give up on the input stream only after millions
 of errors

Subject: [PATCH 17/34] general: prevent die() from getting recursed into

Subject: [PATCH 18/34] files: check the result of fdopen(), to avoid a
 possible crash

Subject: [PATCH 19/34] files: write a lock file also for a freshly saved
 buffer

Subject: [PATCH 20/34] feedback: retain the correct help lines during Verbatim
 Input with Slang

Subject: [PATCH 21/34] help: show ^- when using Slang instead of ^_ as the
 latter does nothing

Subject: [PATCH 22/34] display: work around a disappearing cursor when a line
 scrolled sideways

Subject: [PATCH 23/34] display: with Slang, make a hidden cursor return upon
 the next keystroke

Subject: [PATCH 24/34] docs: correct the descriptions of how to invoke the
 spell checker

Subject: [PATCH 25/34] docs: correct the default value of the errorcolor
 option

Subject: [PATCH 26/34] startup: if TERM is unset, try falling back to VT220
 instead of failing

Subject: [PATCH 27/34] files: do not call fsync() on a fifo, to avoid a
 spurious error message

Subject: [PATCH 28/34] files: making a backup of a fifo makes no sense, so do
 not try that

Subject: [PATCH 29/34] shutdown: when dying, do not install/restore a handler
 for Ctrl+C

Subject: [PATCH 30/34] browser: make the keystrokes ^W^Y and ^W^V work again

Subject: [PATCH 31/34] help: make the keystrokes ^W^Y and ^W^V work again

Subject: [PATCH 32/34] prompt: keep a clear answer clear also after an
 excursion into history

Subject: [PATCH 33/34] help: do not show ^S when --preserve is in effect

Subject: [PATCH 34/34] syntax: email: use a character class, as \s does not
 work inside brackets

Subject: [PATCH 35/35] justify: correctly determine whether top-of-buffer has
 been reached
diff -Nru nano-5.4/debian/changelog nano-5.4/debian/changelog
--- nano-5.4/debian/changelog   2021-02-08 00:21:28.0 +0100
+++ nano-5.4/debian/changelog   2021-11-22 01:07:23.0 +0100
@@ -1,3 +1,12 @@
+nano (5.4-2+deb11u1) bullseye; urgency=medium
+
+  * The "Bueno, de verdad, hasta luego, paso" release.
+  * Add additional patches from Benno Schulenberg with post 5.4
+crash, docs and general fixes.
+  * Change debian-branch to bullseye.
+
+ -- Jordi Mallach   Mon, 22 Nov 2021 01:07:23 +0100
+
 nano (5.4-2) unstable; urgency=medium
 
   * The "M." release.
diff -Nru nano-5.4/debian/gbp.conf nano-5.4/debian/gbp.conf
--- nano-5.4/debian/gbp.conf2020-01-30 08:53:56.0 +0100
+++ nano-5.4/debian/gbp.conf2021-11-22 01:06:58.0 +0100
@@ -1,5 +1,5 @@
 [DEFAULT] 
 pristine-tar = true 
-debian-branch = master 
+debian-branch = bullseye
 upstream-branch = upstream
 upstream-vcs-tag = v%(version)s
diff -Nru 
nano-5.4/debian/patches/0012-linter-block-the-resizing-signal-while-reading-outpu.patch
 
nano-5.4/debian/patches/0012-linter-block-the-resizing-signal-while-reading-outpu.patch
--- 
nano-5.4/debian/patches/0012-linter-block-the-resizing-signal-while-reading-outpu.patch
 1970-01-01 01:00:00.0 +0100
+++ 
nano-5.4/debian/patches/0012-linter-block-the-resizing-signal-while-reading-outpu.patch
 2021-10-20 11:00:15.0 +0200
@@ -0,0 +1,45 @@
+From 83ae0b25acdaf3e54bf5e78b5b37aa62014914d5 Mon Sep 17 00:00:00 2001
+From: Benno Schulenber

Bug#989479: sogo: CVE-2021-33054

[Jordi Mallach]

Hi Salvatore,

El dv. 04 de 06 de 2021 a les 23:07 +0200, en/na Salvatore Bonaccorso
va escriure:
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2021-33054
>     https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33054
> [1]
> https://github.com/inverse-inc/sogo/commit/e53636564680ac0df11ec898304bc442908ba746
> 
> Please adjust the affected versions in the BTS as needed.

I have prepared a source package for bullseye, with a debdiff attached.

I have built it in a bullseye chroot, but I assume you'll want a source
only upload.

I'll upload as soon as you ack it, and will prepare a similar package
for buster at your request.

Thanks,
Jordi


-- 
Jordi Mallach 
Debian Project

Bug#989479: sogo: CVE-2021-33054

[Jordi Mallach]

Hi,

El dj. 11 de 11 de 2021 a les 22:07 +0100, en/na Jordi Mallach va
escriure:
> Hi Salvatore,
> 
> El dv. 04 de 06 de 2021 a les 23:07 +0200, en/na Salvatore Bonaccorso
> va escriure:
> > If you fix the vulnerability please also make sure to include the
> > CVE (Common Vulnerabilities & Exposures) id in your changelog
> > entry.
> > 
> > For further information see:
> > 
> > [0] https://security-tracker.debian.org/tracker/CVE-2021-33054
> >     https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33054
> > [1]
> > https://github.com/inverse-inc/sogo/commit/e53636564680ac0df11ec898304bc442908ba746
> > 
> > Please adjust the affected versions in the BTS as needed.
> 
> I have prepared a source package for bullseye, with a debdiff
> attached.

Now attached...

Jordi

-- 
Jordi Mallach 
Debian Project
diff -Nru sogo-5.0.1/debian/changelog sogo-5.0.1/debian/changelog
--- sogo-5.0.1/debian/changelog	2021-02-02 01:28:14.0 +0100
+++ sogo-5.0.1/debian/changelog	2021-11-11 21:44:21.0 +0100
@@ -1,3 +1,11 @@
+sogo (5.0.1-4+deb11u1) bullseye-security; urgency=high
+
+  * [CVE-2021-33054] fixes validation of SAML message signatures
+(closes: #989479)
+  * Switch gbp debian branch to bullseye.
+
+ -- Jordi Mallach   Thu, 11 Nov 2021 21:44:21 +0100
+
 sogo (5.0.1-4) unstable; urgency=medium
 
   * Build against OpenSSL, now that ftpmaster considers it a system
diff -Nru sogo-5.0.1/debian/gbp.conf sogo-5.0.1/debian/gbp.conf
--- sogo-5.0.1/debian/gbp.conf	2019-10-31 09:28:21.0 +0100
+++ sogo-5.0.1/debian/gbp.conf	2021-11-11 21:43:53.0 +0100
@@ -1,5 +1,5 @@
 [DEFAULT]
 pristine-tar = True
-debian-branch = debian
-upstream-branch=upstream
+debian-branch = bullseye
+upstream-branch = upstream
 upstream-vcs-tag = SOGo-%(version)s
diff -Nru sogo-5.0.1/debian/patches/cve-2021-33054.patch sogo-5.0.1/debian/patches/cve-2021-33054.patch
--- sogo-5.0.1/debian/patches/cve-2021-33054.patch	1970-01-01 01:00:00.0 +0100
+++ sogo-5.0.1/debian/patches/cve-2021-33054.patch	2021-11-11 21:40:56.0 +0100
@@ -0,0 +1,18 @@
+commit e53636564680ac0df11ec898304bc442908ba746
+Author: Francis Lachapelle 
+Date:   Mon May 17 10:10:01 2021 -0400
+
+fix(saml): don't ignore the signature of messages
+
+diff --git a/SoObjects/SOGo/SOGoSAML2Session.m b/SoObjects/SOGo/SOGoSAML2Session.m
+index 782bc1f2c..e07f84116 100644
+--- a/SoObjects/SOGo/SOGoSAML2Session.m
 b/SoObjects/SOGo/SOGoSAML2Session.m
+@@ -454,7 +454,6 @@ static NSMapTable *serverTable = nil;
+ 
+   responseData = strdup ([authnResponse UTF8String]);
+ 
+-  lasso_profile_set_signature_verify_hint(lassoLogin, LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE);
+   rc = lasso_login_process_authn_response_msg (lassoLogin, responseData);
+   if (rc)
+ [NSException raiseSAML2Exception: rc];
diff -Nru sogo-5.0.1/debian/patches/series sogo-5.0.1/debian/patches/series
--- sogo-5.0.1/debian/patches/series	2021-02-02 01:28:14.0 +0100
+++ sogo-5.0.1/debian/patches/series	2021-11-11 21:41:21.0 +0100
@@ -9,3 +9,4 @@
 0008-Unset-MAKEFLAGS-and-MFLAGS-in-configure.patch
 0009-Omit-signedViewer-altogether-when-not-using-openssl.patch
 python3.patch
+cve-2021-33054.patch

Bug#997840: mailutils: [security] mail(1) processes command escapes also if used non-interactively

[Jordi Mallach]

tags 997840 + security
thanks

Hi Christian,

El dl. 25 de 10 de 2021 a les 19:51 +0200, en/na Christian Franke va
escriure:
> Package: mailutils
> Version: 1:3.10-3
> 
> Steps to reproduce:
> 
> $ printf 'test:\n~! echo ALERT\nbye!\n' | mail TO_SOME_ADDRESS
> 
> Observed: "ALERT" is printed to standard output.
> Expected: String "~! echo ALERT" shall be send as second line of the
> mail.
> 
> Command escapes should only be processed if used interactively.
> 
> Related security issues:
> https://security-tracker.debian.org/tracker/CVE-2021-32749
> https://www.smartmontools.org/ticket/1535
> 
> Fixed in mailutils 3.13, see https://savannah.gnu.org/bugs/?60937
> If possible, please backport the fix to (old)stable.

Thanks, I'll see with the release team if this goes through Debian
security or via the next point release.


-- 
Jordi Mallach 
Debian Project

Bug#971332: alsa-plugins: diff for NMU version 1.2.2-2.1

[Jordi Mallach]

Hi Sebastian and Diederik,

Argh, I just noticed I was inconveniently unsubscribed from the alsa
mailing list.

El dg. 22 de 08 de 2021 a les 16:42 +0200, en/na Sebastian Ramacher va
escriure:
> Control: severity -1 serious
> Control: tags -1 ftbfs
> 
> On 2021-08-21 14:30:43, Diederik de Haas wrote:
> > On 15 Aug 2021 20:25:59 +0200 Sebastian Ramacher
> >  wrote:
> > > Dear maintainer,
> > > 
> > > as I intend to upload ffmpeg without libavresample-dev soon, I've
> > > prepared an NMU for alsa-plugins (versioned as 1.2.2-2.1) and
> > > uploaded
> > > it to DELAYED/7. Please feel free to tell me if I should delay it
> > > longer.
> > 
> > I just noticed that 1.2.5-1 has been uploaded to unstable:
> > https://tracker.debian.org/news/1249246/accepted-alsa-plugins-125-1-source-into-unstable/
> > 
> > Wouldn't that cause a problem/conflict with the NMU?
> 
> That means that the NMU will be rejected. Unfortunately the changes
> to
> switch to libswsample-dev were not included in 1.2.5-1. As ffmpeg
> without libavresample-dev is now in unstable, alsa-plugins now FTBFS.
> Hence raising the severity to serious.

Thanks for the heads up and for the NMU, I just uploaded 1.2.5-2 to
avert this crisis. I'm sorry this happened, the 1.2.5-1 had been
prepared for quite a few days before the upload so the timing of the
events was quite unfortunate.

Jordi
-- 
Jordi Mallach 
Debian Project

Bug#981595: sogo: Please link against OpenSSL

[Jordi Mallach]

Hi,

El dl. 01 de 02 de 2021 a les 21:55 +0100, en/na Sebastian Andrzej
Siewior va escriure:
> Package: sogo
> Version: 5.0.1-3
> Severity: wishlist
> 
> Please link against OpenSSL. OpenSSL is considered as a system
> library
> so there should no license restriction, see #924937.

Interestingly, I had been talking about this during the morning and had
decided to go with OpenSSL, so the timing of your bug report is
perfect. :)

-- 
Jordi Mallach 

Bug#976275: Please add a libncursesw6-udeb package

[Jordi Mallach]

Hi Sven!

El dc. 02 de 12 de 2020 a les 20:30 +0100, en/na Sven Joachim va
escriure:
> Sorry for not following up on this MR sooner, have done that now.
> 
> > The next version of nano will remove Slang support, so this will
> > now be
> > necessary in order to be able to include new versions in bullseye.
> > 
> > Thanks for considering,
> 
> Have you asked debian-boot and the d-i maintainer already?

Yes, I did yesterday
(https://lists.debian.org/debian-boot/2020/12/msg00020.html) but no
followups yet. I contacted the d-i maintainer on IRC a few weeks ago
and he deferred me to -boot as he had no time to have a look.


> From the ncurses side there is the problem that the current version
> needs to go into testing first.  It has been blocked for 12 days,
> first
> by #975455 and now by the udeb freeze. :-(

Ugh, we'll see how this goes then.

> Uploading to experimental would be possible, but at this point it
> only
> makes sense if the libncursesw6-udeb package actually ends up in
> bullseye eventually.

Agreed.

Jordi
-- 
Jordi Mallach 
Debian Project

Bug#976275: Please add a libncursesw6-udeb package

[Jordi Mallach]

Source: ncurses
Version: 6.2+20201114-1
Severity: normal
Tags: d-i

Hi,

I've posted a MR in Salsa to add a libncursesw6-udeb package, in order
to make it possible to build nano-udeb against it.

https://salsa.debian.org/debian/ncurses/-/merge_requests/3

The next version of nano will remove Slang support, so this will now be
necessary in order to be able to include new versions in bullseye.

Thanks for considering,

Jordi


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.9.0-3-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_WARN
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#960788: ITP: alsa-sof-firmware -- Intel SOF audio firmware and topology

[Jordi Mallach]

Hi,

El dj. 03 de 09 de 2020 a les 08:11 +0200, en/na intrigeri va escriure:
> Hi Jordi,
> 
> I see you took responsibility for this ITP a few months ago.
> 
> Are you in a position to share a rough timeline?

After claiming it and looking at the source, I resolved this probably
belongs as part of linux-firmware or whatever the source name is, as
Ubuntu did. zumbi@ has been talking to the kernel people about this but
right now I'm unsure what the status is.

Jordi
-- 
Jordi Mallach 
Debian Project

Bug#968883: mame FTBFS on !x86

[Jordi Mallach]

Hi Adrian,

El dg. 23 de 08 de 2020 a les 08:45 +0300, en/na Adrian Bunk va
escriure:
> Source: mame
> Version: 0.223+dfsg.1-1
> Severity: serious
> Tags: ftbfs
> 
> https://buildd.debian.org/status/logs.php?pkg=mame=0.223%2Bdfsg.1-1=sid
> 
> Errors look quite different on different architectures.

I'm aware, yes. I need to dig into this because it's most probably
related to build options applied to each arch that has changed
upstream. In any case, a new release is two days away, so I'll wait for
that first.

Thanks for the bug report,
Jordi

Bug#968761: mailutils: not binnmu safe.

[Jordi Mallach]

El dv. 21 de 08 de 2020 a les 03:53 +0100, en/na Peter Green va
escriure:
> Package: mailutils
> Version: 1:3.9-3.2
> Tags: patch
> 
> I run a derivative called raspbian and I noticed that mailutils was
> getting repeatedly
> binnmu'd by our autobinnmuer because the binary packages were not
> installable.
> 
> I don't know what exactly triggered the first binnmu (our
> autobinnmuer does suffer from
> some false-positives) but the repeated binnmus were being caused by
> the package not
> being binnmu safe, so after the first binnmu libmailutils6 was not
> installable.
> 
> Specifically the dependencies on libmu-dbm6 (= ${source:Version})
> should instead be
> dependencies on libmu-dbm6 (= ${binary:Version}). Please consider
> changing them in
> your next upload.

As far as I know, this is fixed in 1:3.10-1.

Jordi
-- 
Jordi Mallach 
Debian Project

Bug#957517: mailutils: diff for NMU version 1:3.9-3.2

[Jordi Mallach]

Hey there,

El Llu 27 de 07 de 2020 a les 10:38 +0200, en/na Sebastian Ramacher va
escriure:
> Control: tags 957517 + patch
> 
> Dear maintainer,
> 
> I've prepared an NMU for mailutils (versioned as 1:3.9-3.2). The diff
> is attached to this message.

Thank you very much!

Jordi

-- 
Jordi Mallach 
Debian Project

Bug#963211: Still occurs in 1:3.9-3

[Jordi Mallach]

Hi, I'm away for the week so I'd welcome a nmu. I assume this just needs 
further bumping the breaks/replaces to - 3~, but have no means to test. 

El 25 de juny de 2020 14:58:05 CEST, Cyril Brulebois  ha 
escrit:
>Kyle Robbertze  (2020-06-23):
>> This error is still occurring:
>> 
>> > Unpacking libmu-dbm6:amd64 (1:3.9-3) ...
>> > dpkg: error processing archive
>/var/cache/apt/archives/libmu-dbm6_1%3a3.9-3_amd64.deb (--unpack):
>> >  trying to overwrite
>'/usr/lib/x86_64-linux-gnu/libmu_dbm.so.6.0.0', which is also in
>package libmailutils6:amd64 1:3.7-2.1
>> > dpkg-deb: error: paste subprocess was killed by signal (Broken
>pipe)
>
>Confirmed while upgrading my sid devel chroot.
>
>Had to purge libmailutils6 (removing mailutils that depends on it) to
>get past this.
>
>
>Cheers,
>-- 
>Cyril Brulebois (k...@debian.org)
>D-I release manager -- Release team member -- Freelance Consultant

-- 
Enviat des del meu dispositiu Android amb el K-9 Mail. Disculpeu la brevetat.

Bug#963513: Please restore LC_TIME symlinks

[Jordi Mallach]

Package: coreutils
Version: 8.30-3+b1
Severity: normal
Tags: l10n

Hi,

In #584837, it was requested that the symlinks from
   ...//LC_MESSAGES/coreutils.mo
to
   ../LC_TIME/coreutils.mo

were removed due to being pointless and unused.

I'm unsure if that was the case at that point (it's been 10 years), but
current implementations of some of the commands in coreutils do need and
expect LC_TIME to operate correctly:

openat(AT_FDCWD, "/usr/share/locale/ca/LC_TIME/coreutils.mo", O_RDONLY) = 3

In particular, at least ls and date will try to use it to represent date
formats correctly on verbose outputs. This affects at least Catalan,
which shows time incorrectly unless you force a date format string by
hand.

See also https://debbugs.gnu.org/cgi/bugreport.cgi?bug=33211 for some
related issue.

Thanks,
Jordi

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.6.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages coreutils depends on:
ii  libacl1  2.2.53-8
ii  libattr1 1:2.4.48-5
ii  libc62.30-8
ii  libselinux1  3.0-1+b3

coreutils recommends no packages.

coreutils suggests no packages.

-- no debconf information

Bug#956901: ITP: nginx-confgen -- Nginx configuration file macro language and preprocessor

[Jordi Mallach]

Package: wnpp
Severity: wishlist
Owner: Jordi Mallach 

* Package name: nginx-confgen
  Version : 1.2
  Upstream Author : Yoran Heling 
* URL : https://dev.yorhel.nl/nginx-confgen/
* License : MIT
  Programming Lang: Haskell
  Description : Nginx configuration file macro language and preprocessor

 This is a preprocessor and macro system for nginx(-like) configuration
 files. It can be used to do pre-processing for nginx configuration files
 (and other configuration files with a similar syntax). It has support for
 "compile-time" macro expansion and variable interpolation, which should make it
 less tedious to maintain large and complex configurations.

Bug#944265: mailutils: local privilege escalation in maidag utility (fixed in 3.8)

[Jordi Mallach]

Hi all,

El dl. 11 de 11 de 2019 a les 21:32 +0100, en/na Salvatore Bonaccorso
va escriure:
> Control: retitle -1 mailutils: local privilege escalation in maidag
> utility (fixed in 3.8) (CVE-2019-18862)

Given this does not affect Debian by default, should my upload go
through debian-security or just s-p-u?

https://salsa.debian.org/debian/mailutils/commit/c1683e71301e3c7454ab407334a211759148d47e

Jordi
-- 
Jordi Mallach 

Bug#943787: mailutils: Please rebuild package with source-only upload

[Jordi Mallach]

El dt. 29 de 10 de 2019 a les 15:50 -0400, en/na Boyuan Yang va
escriure:
> Your latest upload for package mailutils in Debian (1:3.7-1) will
> never
> migrate to testing since this upload contains maintainer-built binary
> package
> (.deb files). Please make another source-only upload and solve this
> issue.

Ugh. I had to upload binaries because NEW. :|

> You may find more information about source-only upload at h
> ttps://wiki.debian.org/SourceOnlyUpload .
> 
> Please let me know if there's any issues.

Jordi

Bug#935392: buster-pu: package sogo/4.0.7-1+deb10u1

[Jordi Mallach]

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu

Hi,

I'm requesting permission to upload sogo to stable-pu, to fix a high impact
usability bug when dealing with S/MIME signed emails.

Debdiff follows.

Thanks!
Jordi


diff -Nru sogo-4.0.7/debian/changelog sogo-4.0.7/debian/changelog
--- sogo-4.0.7/debian/changelog 2019-02-28 01:43:48.0 +0100
+++ sogo-4.0.7/debian/changelog 2019-08-01 14:19:34.0 +0200
@@ -1,3 +1,12 @@
+sogo (4.0.7-1+deb10u1) buster; urgency=medium
+
+  * Omit signedViewer altogether when not using openssl.
+Thanks Hanno Stock  for the patch.
+(Closes: #889994)
+  * Set debian-branch to buster in gbp.conf.
+
+ -- Jordi Mallach   Thu, 01 Aug 2019 14:19:34 +0200
+
 sogo (4.0.7-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru sogo-4.0.7/debian/gbp.conf sogo-4.0.7/debian/gbp.conf
--- sogo-4.0.7/debian/gbp.conf  2019-01-10 09:44:25.0 +0100
+++ sogo-4.0.7/debian/gbp.conf  2019-08-01 14:18:41.0 +0200
@@ -1,5 +1,5 @@
 [DEFAULT]
 pristine-tar = True
-debian-branch = debian
+debian-branch = buster
 upstream-branch=upstream
 upstream-vcs-tag = SOGo-%(version)s
diff -Nru 
sogo-4.0.7/debian/patches/0009-Omit-signedViewer-altogether-when-not-using-openssl.patch
 
sogo-4.0.7/debian/patches/0009-Omit-signedViewer-altogether-when-not-using-openssl.patch
--- 
sogo-4.0.7/debian/patches/0009-Omit-signedViewer-altogether-when-not-using-openssl.patch
1970-01-01 01:00:00.0 +0100
+++ 
sogo-4.0.7/debian/patches/0009-Omit-signedViewer-altogether-when-not-using-openssl.patch
2019-08-01 14:17:24.0 +0200
@@ -0,0 +1,25 @@
+From: Hanno Stock 
+Date: Tue, 30 Jul 2019 16:32:59 +0200
+Subject: Omit signedViewer altogether when not using openssl
+
+---
+ UI/MailPartViewers/UIxMailRenderingContext.m | 4 
+ 1 file changed, 4 insertions(+)
+
+diff --git a/UI/MailPartViewers/UIxMailRenderingContext.m 
b/UI/MailPartViewers/UIxMailRenderingContext.m
+index e2cf011..2086d96 100644
+--- a/UI/MailPartViewers/UIxMailRenderingContext.m
 b/UI/MailPartViewers/UIxMailRenderingContext.m
+@@ -192,7 +192,11 @@ static BOOL showNamedTextAttachmentsInline = NO;
+ || [st isEqualToString: @"appledouble"])
+   return [self mixedViewer];
+   else if ([st isEqualToString: @"signed"])
++#ifdef HAVE_OPENSSL
+   return [self signedViewer];
++#else
++  return [self mixedViewer];
++#endif
+   else if ([st isEqualToString: @"alternative"])
+   return [self alternativeViewer];
+ 
+
\ No hi ha cap caràcter de salt de línia al final del fitxer
diff -Nru sogo-4.0.7/debian/patches/series sogo-4.0.7/debian/patches/series
--- sogo-4.0.7/debian/patches/series2019-02-26 13:24:47.0 +0100
+++ sogo-4.0.7/debian/patches/series2019-08-01 14:17:24.0 +0200
@@ -5,3 +5,4 @@
 disable_test_rendering.patch
 0007-Do-not-use-OpenSSL-when-we-are-configured-to-use-Gnu.patch
 0008-Unset-MAKEFLAGS-and-MFLAGS-in-configure.patch
+0009-Omit-signedViewer-altogether-when-not-using-openssl.patch

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.2.0-2-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#889994: [Pkg-sogo-maintainers] Bug#889994: (no subject)

[Jordi Mallach]

El dj. 01 de 08 de 2019 a les 11:32 +0200, en/na Hanno Stock va
escriure:
> Thank you very much!
> 
> Any chance we can get this fix in stable, also?

It is my intention, yes!

Jordi
-- 
Jordi Mallach Pérez  -- Debian developer  https://www.debian.org/
jo...@sindominio.netjo...@debian.org  https://www.sindominio.net/
GnuPG public key information available at https://oskuro.net/

Bug#930397: [pre-approval] unblock: nano/3.2-3

[Jordi Mallach]

Hi,

El dt. 18 de 06 de 2019 a les 21:56 +0200, en/na Paul Gevers va
escriure:
> Control: tags -1 moreinfo
> 
> Hi Jordi,
> 
> On 12-06-2019 03:52, Jordi Mallach wrote:
> > Hi release team,
> > 
> > Nano's upstream has been focusing on fixing some crashers and hangs
> > lately,
> > and as nano froze a while back, he was kind enough to backport all
> > the fixes
> > he deems interesting for the buster release.
> > 
> > The following debdiff adds 7 patches (and renames the already
> > existing one).
> > 
> > All patches are simple, some of them one liners.
> > 
> > If you can signal if this is OK for an upload now, I'll act
> > accordingly ASAP.
> 
> Please go ahead, taking into account that the package needs to be
> ready
> to migrate at 2019-06-25 13:00 UTC [1].

Thanks, I've uploaded nano -3 now, I assume it'll be ready for one of
the last migrations.

Jordi
-- 
Jordi Mallach Pérez  -- Debian developer  https://www.debian.org/
jo...@sindominio.netjo...@debian.org  https://www.sindominio.net/
GnuPG public key information available at https://oskuro.net/



signature.asc
Description: This is a digitally signed message part

Bug#930397: [pre-approval] unblock: nano/3.2-3

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi release team,

Nano's upstream has been focusing on fixing some crashers and hangs lately,
and as nano froze a while back, he was kind enough to backport all the fixes
he deems interesting for the buster release.

The following debdiff adds 7 patches (and renames the already existing one).

All patches are simple, some of them one liners.

If you can signal if this is OK for an upload now, I'll act accordingly ASAP.

unblock nano/3.2-3

-- System Information:
Debian Release: 10.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru nano-3.2/debian/changelog nano-3.2/debian/changelog
--- nano-3.2/debian/changelog   2019-02-20 12:27:34.0 +0100
+++ nano-3.2/debian/changelog   2019-06-12 02:34:18.0 +0200
@@ -1,3 +1,11 @@
+nano (3.2-3) unstable; urgency=medium
+
+  * Add series of patches from Benno, to address several known crashes and
+hangs, as well as a couple presentation issues.
+  * Add gbp.conf with debian branch pointing to buster.
+
+ -- Jordi Mallach   Wed, 12 Jun 2019 02:34:18 +0200
+
 nano (3.2-2) unstable; urgency=medium
 
   * The "#JoAcuso" release.
diff -Nru nano-3.2/debian/gbp.conf nano-3.2/debian/gbp.conf
--- nano-3.2/debian/gbp.conf1970-01-01 01:00:00.0 +0100
+++ nano-3.2/debian/gbp.conf2019-06-12 02:33:34.0 +0200
@@ -0,0 +1,3 @@
+[DEFAULT]
+pristine-tar = True
+debian-branch = buster
diff -Nru 
nano-3.2/debian/patches/0001-options-exit-on-a-bad-quoting-regex-instead-of-crash.patch
 
nano-3.2/debian/patches/0001-options-exit-on-a-bad-quoting-regex-instead-of-crash.patch
--- 
nano-3.2/debian/patches/0001-options-exit-on-a-bad-quoting-regex-instead-of-crash.patch
 1970-01-01 01:00:00.0 +0100
+++ 
nano-3.2/debian/patches/0001-options-exit-on-a-bad-quoting-regex-instead-of-crash.patch
 2019-06-12 02:26:08.0 +0200
@@ -0,0 +1,46 @@
+From d12fb86e18b826ef7f341c14b27acec4d137f191 Mon Sep 17 00:00:00 2001
+From: David Lawrence Ramsey 
+Date: Mon, 10 Dec 2018 14:25:15 -0600
+Subject: [PATCH 1/8] options: exit on a bad quoting regex, instead of crashing
+ later
+
+The paragraph-jumping functions used the regex unverified...
+
+This fixes https://savannah.gnu.org/bugs/?55169.
+---
+ src/nano.c | 2 ++
+ src/text.c | 5 -
+ 2 files changed, 2 insertions(+), 5 deletions(-)
+
+diff --git a/src/nano.c b/src/nano.c
+index e121722a..9825d457 100644
+--- a/src/nano.c
 b/src/nano.c
+@@ -2481,6 +2481,8 @@ int main(int argc, char **argv)
+ 
+   quoteerr = charalloc(size);
+   regerror(quoterc, , quoteerr, size);
++
++  die(_("Bad quoting regex \"%s\": %s\n"), quotestr, quoteerr);
+   }
+ #endif /* ENABLE_JUSTIFY */
+ 
+diff --git a/src/text.c b/src/text.c
+index abdd243d..70953379 100644
+--- a/src/text.c
 b/src/text.c
+@@ -2145,11 +2145,6 @@ bool find_paragraph(size_t *const quote, size_t *const 
par)
+   filestruct *current_save;
+   /* The line at the beginning of the paragraph we search for. */
+ 
+-  if (quoterc != 0) {
+-  statusline(ALERT, _("Bad quote string %s: %s"), quotestr, 
quoteerr);
+-  return FALSE;
+-  }
+-
+   /* If we're at the end of the last line of the file, it means that
+* there aren't any paragraphs left, so get out. */
+   if (openfile->current == openfile->filebot && openfile->current_x ==
+-- 
+2.20.1
+
diff -Nru 
nano-3.2/debian/patches/0002-history-use-an-unfreed-position_history-to-avoid-a-p.patch
 
nano-3.2/debian/patches/0002-history-use-an-unfreed-position_history-to-avoid-a-p.patch
--- 
nano-3.2/debian/patches/0002-history-use-an-unfreed-position_history-to-avoid-a-p.patch
 1970-01-01 01:00:00.0 +0100
+++ 
nano-3.2/debian/patches/0002-history-use-an-unfreed-position_history-to-avoid-a-p.patch
 2019-06-12 02:26:08.0 +0200
@@ -0,0 +1,45 @@
+From 2204d14c86f17f13ad1f23e62af80bff406425cb Mon Sep 17 00:00:00 2001
+From: Brand Huntsman 
+Date: Wed, 27 Feb 2019 02:40:18 -0700
+Subject: [PATCH 2/8] history: use an unfreed 'position_history' to avoid a
+ possible crash
+
+The reload_positions_if_needed() routine can free the existing
+'position_history' and allocate a new one.  Using the old one,
+from before the reload, could lead to a crash.
+
+This fixes https://savannah.gnu.org/bugs/?55792.
+Reported-by: Enrico Mioso 
+
+Bug existed since the reloading of the position-histo

Bug#929015: unblock: goiardi/0.11.9-3

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package goiardi

This 1 liner patch fixes chef client creation when using recent
chef tools, by allowing an extra element name.

unblock goiardi/0.11.9-3

Thank you!

The full source debdiff follows:

diff -Nru goiardi-0.11.9/debian/changelog goiardi-0.11.9/debian/changelog
--- goiardi-0.11.9/debian/changelog 2019-02-19 11:14:26.0 +0100
+++ goiardi-0.11.9/debian/changelog 2019-05-15 11:22:09.0 +0200
@@ -1,3 +1,10 @@
+goiardi (0.11.9-3) unstable; urgency=medium
+
+  * Add patch from upstream git to add "create_key" to the list
+of valid elements, to fix client creation with newer chef tools.
+
+ -- Jordi Mallach   Wed, 15 May 2019 11:22:09 +0200
+
 goiardi (0.11.9-2) unstable; urgency=medium
 
   * Drop Dependency on golang-golang-x-exp-dev from
diff -Nru goiardi-0.11.9/debian/patches/create_key_validelement.patch 
goiardi-0.11.9/debian/patches/create_key_validelement.patch
--- goiardi-0.11.9/debian/patches/create_key_validelement.patch 1970-01-01 
01:00:00.0 +0100
+++ goiardi-0.11.9/debian/patches/create_key_validelement.patch 2019-05-15 
11:19:31.0 +0200
@@ -0,0 +1,19 @@
+commit a327416f516a6df7394951b539b04c49294ad020
+Author: ctdk 
+Date:   Mon May 13 08:12:32 2019 -0700
+
+add 'create_key' to validElements for clients
+
+diff --git a/client/client.go b/client/client.go
+index d86bc08..5b338e0 100644
+--- a/client/client.go
 b/client/client.go
+@@ -368,7 +368,7 @@ func (c *Client) UpdateFromJSON(jsonActor 
map[string]interface{}) util.Gerror {
+ 
+   /* Validations. */
+   /* Invalid top level elements */
+-  validElements := []string{"name", "json_class", "chef_type", 
"validator", "org_name", "orgname", "public_key", "private_key", "admin", 
"certificate", "password", "node_name", "clientname"}
++  validElements := []string{"name", "json_class", "chef_type", 
"validator", "org_name", "orgname", "public_key", "private_key", "admin", 
"certificate", "password", "node_name", "clientname", "create_key"}
+ ValidElem:
+   for k := range jsonActor {
+   for _, i := range validElements {
diff -Nru goiardi-0.11.9/debian/patches/series 
goiardi-0.11.9/debian/patches/series
--- goiardi-0.11.9/debian/patches/series2018-06-05 00:32:28.0 
+0200
+++ goiardi-0.11.9/debian/patches/series2019-05-15 11:19:37.0 
+0200
@@ -1 +1,2 @@
 avoid_vault_import.patch
+create_key_validelement.patch

-- System Information:
Debian Release: 10.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.0.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#924644: unblock: mailutils/1:3.5-3

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello release team,

Please unblock package mailutils

I uploaded -3 with a trivial patch to fix bug #918806 that can lead to data
loss when using mail/mailx to send email with attachments.

unblock mailutils/1:3.5-3

Thanks!

Full debdiff follows.


⏚ [jordi:~/git/debian] 2 % debdiff mailutils_3.5-2.dsc mailutils_3.5-3.dsc 
diff -Nru mailutils-3.5/debian/changelog mailutils-3.5/debian/changelog
--- mailutils-3.5/debian/changelog  2019-01-06 23:35:44.0 +0100
+++ mailutils-3.5/debian/changelog  2019-03-14 09:32:01.0 +0100
@@ -1,3 +1,11 @@
+mailutils (1:3.5-3) unstable; urgency=medium
+
+  * Set gbp's debian-branch to buster.
+  * Cherry-pick patch from upstream git to avoid discarding stdin when
+mail is used to send email with attachments (closes: #918806).
+
+ -- Jordi Mallach   Thu, 14 Mar 2019 09:32:01 +0100
+
 mailutils (1:3.5-2) unstable; urgency=medium
 
   * Relax the dependency on a MTA to a recommendation.
diff -Nru mailutils-3.5/debian/gbp.conf mailutils-3.5/debian/gbp.conf
--- mailutils-3.5/debian/gbp.conf   2016-11-28 12:29:24.0 +0100
+++ mailutils-3.5/debian/gbp.conf   2019-03-14 09:25:43.0 +0100
@@ -1,2 +1,3 @@
 [DEFAULT]
 pristine-tar = true
+debian-branch = buster
diff -Nru mailutils-3.5/debian/patches/mime-attachments.patch 
mailutils-3.5/debian/patches/mime-attachments.patch
--- mailutils-3.5/debian/patches/mime-attachments.patch 1970-01-01 
01:00:00.0 +0100
+++ mailutils-3.5/debian/patches/mime-attachments.patch 2019-03-14 
09:31:46.0 +0100
@@ -0,0 +1,23 @@
+commit 43214185092e714e0c233bf196f571bba5c17be0
+Author: Sergey Poznyakoff 
+Date:   Wed Mar 13 22:42:12 2019 +0200
+
+mail: force mime mode if at least one attachment was given
+
+This fixes https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918806
+
+* mail/mail.c (cli_attach): Set mime_option.
+
+Index: mailutils/mail/mail.c
+===
+--- mailutils.orig/mail/mail.c
 mailutils/mail/mail.c
+@@ -151,6 +151,8 @@ cli_attach (struct mu_parseopt *po, stru
+   default_content_type, default_encoding))
+ exit (po->po_exit_error);
+ 
++  mime_option = 1;
++  
+   free (content_name);
+   content_name = NULL;
+   free (content_filename);
diff -Nru mailutils-3.5/debian/patches/series 
mailutils-3.5/debian/patches/series
--- mailutils-3.5/debian/patches/series 1970-01-01 01:00:00.0 +0100
+++ mailutils-3.5/debian/patches/series 2019-03-14 09:31:46.0 +0100
@@ -0,0 +1 @@
+mime-attachments.patch

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=ca_ES:ca (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#918417: Status update

[Jordi Mallach]

Hi,

I'm looking at this bug because it's menacing my package goiardi.

The removal count expires today; in the meanwhile goiardi 0.11.9 has
been uploaded a few days ago, and does no longer require -x-exp-dev to
build.

The other two source packages requiring -x-exp-dev to build are
kubernetes and cadvisor, which are not in testing.

I have tried to build the newest snapshot of golang-golang-x-dev but it
seems to fail in the same way as the current one.

I'll upload the resulting package anyway.

Jordi
-- 
Jordi Mallach Pérez  -- Debian developer  https://www.debian.org/
jo...@sindominio.netjo...@debian.org  https://www.sindominio.net/
GnuPG public key information available at https://oskuro.net/

Bug#920423: sogo: Exception thrown on "rich" email view after 4.0.5 upgrade (from 3.2.6)

[Jordi Mallach]

Hi Onur,

El dl. 11 de 02 de 2019 a les 18:31 +0300, en/na Onur Tolga Sehitoglu
va escriure:
> I just posted the following on the SOGO bugtracker issue page.
> Patched fixed the problem for me:
> 
> I figured out the problem. The shouldAskReceipt function in
> UIxMailView.m
> sends a nil email parameter to NGMailAddressParser which calls
> [NSString stringWithString] with this parameter. Prior versions of
> gnustep
> tolerated this but not 1.26.

Thanks for spending some time on this and providing a fix! The patch
looks good, and I have uploaded a new SOGo revision that includes it.

Jordi
-- 
Jordi Mallach Pérez  -- Debian developer  https://www.debian.org/
jo...@sindominio.netjo...@debian.org  https://www.sindominio.net/
GnuPG public key information available at https://oskuro.net/

Bug#920423: sogo: Exception thrown on "rich" email view after 4.0.5 upgrade (from 3.2.6)

[Jordi Mallach]

El dj. 31 de 01 de 2019 a les 20:06 +, en/na Matthew Hall va
escriure:
> No problem!
> 
> It seems to actually be a known issue(?) with SOGo upstream, I’ve
> managed to open a bug report on there own tracker:
> 
> https://sogo.nu/bugs/view.php?id=4659
> 
> Looks like at least one other punter is having the same issue, which
> I guess makes it reproducible!
> 
> Presumably the Debian package will be rebuilt from their sources once
> they’ve patched it?

Yes, once there's a patch we would include it in our version ASAP.

If you're monitoring the issue, feel free to ping us here if you see a
fix has landed.

Jordi
-- 
Jordi Mallach Pérez  -- Debian developer  https://www.debian.org/
jo...@sindominio.netjo...@debian.org  https://www.sindominio.net/
GnuPG public key information available at https://oskuro.net/

Bug#920423: sogo: Exception thrown on "rich" email view after 4.0.5 upgrade (from 3.2.6)

[Jordi Mallach]

Hi Matthew, apologies for the late reply,

El dv. 25 de 01 de 2019 a les 10:15 +, en/na Matthew Hall va
escriure:
> Package: sogo
> Version: 4.0.5-2
> Severity: grave
> Justification: renders package unusable
> 
> Dear Maintainer,
> 
> I’ve just upgraded (and due to reasons entirely my fault, I’ve
> realised I have no downgrade path… backup fail) from 3.2.6 (I believe
> it was) to 4.0.5.
> 
> It’s a Debian box, using the “official Debian sogo packages” - I’m
> now running on Debian Buster (due for release later this year).
> 
> Everything is working a charm - upgrading the database appears to
> have worked perfectly - all except the “/view” URL used by the AJAX
> UI for retrieving a “rich” email from a folder...
> (So by extension, I simply cannot view emails in the SOGo webmail
> client.)

Interesting. It works for me using an internal backport to stretch.

Have you tried downgrading to 4.0.4? 
https://snapshot.debian.org/archive/debian/20181227T030651Z/pool/main/s/sogo/sogo_4.0.4-2_amd64.deb
and 
https://snapshot.debian.org/archive/debian/20181227T030651Z/pool/main/s/sogo/sogo-common_4.0.4-2_all.deb

Let me know if this version works,
Jordi
-- 
Jordi Mallach Pérez  -- Debian developer  https://www.debian.org/
jo...@sindominio.netjo...@debian.org  https://www.sindominio.net/
GnuPG public key information available at https://oskuro.net/

Bug#914524: Forwarded upstream

[Jordi Mallach]

I have forwarded this upstream, here:

https://sogo.nu/bugs/view.php?id=4625

-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/


signature.asc
Description: PGP signature

Bug#906271: [Pkg-sogo-maintainers] Bug#906271: sogo: "An error occurred during object publishing" when opening webmail

[Jordi Mallach]

El dj. 16 de 08 de 2018 a les 12:29 +0200, en/na Arnaud Loonstra va
escriure:
> Package: sogo
> Version: 4.0.1-1
> Severity: normal
> 
> Dear Maintainer,
> 
> 
> * What led up to the situation?
>   I guess a recent update to the Sogo package?

What version were you coming from?

-- 
Jordi Mallach Pérez  --  Debian developer https://www.debian.org/
jo...@sindominio.net jo...@debian.org https://www.sindominio.net
/
GnuPG public key information available at https://oskuro.net/

Bug#894378: RM: gnome-video-arcade [powerpc powerpcspe ppc64 ppc64el] -- ANAIS; Dependency mame no longer buildable

[Jordi Mallach]

Package: ftp.debian.org
Severity: normal

This is related to #894281, that asks for the removal of mame binaries for PPC.

As g-v-a is an rdep, it also needs to get its binaries removed.

Thanks,
Jordi

Bug#894281: RM: mame [powerpc powerpcspe ppc64 ppc64el] -- ANAIS; No longer buildable by GCC

[Jordi Mallach]

Package: ftp.debian.org
Followup-For: Bug #894281

Hello,

I was pointed out by Adrian Bunk on IRC that the ppc binaries for
gnome-video-arcade should also be removed.

Thanks,
Jordi

Bug#894281: RM: mame [powerpc, ppc64, ppc64le, powerpcspe] -- ANAIS; No longer buildable by GCC

[Jordi Mallach]

Package: ftp.debian.org
Severity: normal

Hello,

I recently uploaded a new version of MAME to unstable that introduces code
that hits limitations in GCC:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=26374

Unfortunately, a 12 year old bug that does not look like it'll be fixed any
time soon.

I think it'd be wise to get rid of the powerpc* binaries from unstable to
ease migration to testing.

Thanks,
Jordi

Bug#888939: Nautilus 3.26 or 3.28 for Debian now?

[Jordi Mallach]

El ds 24 de 03 de 2018 a les 16:15 -0400, en/na Jeremy Bicha va
escriure:
> Hi,
> 
> There was a Nautilus 3.26.3 release with lots of fixes today. Do we
> want to push that version to Unstable or do we want Nautilus 3.28.0
> now instead?

FWIW, I would just go with 3.28. But this is purely my personal
opinion, not a strong one or anything.

-- 
Jordi Mallach Pérez  --  Debian developer   https://www.debian.org/
jo...@sindominio.net jo...@debian.org   https://www.sindominio.net/
GnuPG public key information available at https://oskuro.net/

Bug#682347: mark 'editor' virtual package name as obsolete

[Jordi Mallach]

Hey there,

Sorry, I was on offline vacation until now. :)

El dt 26 de 12 de 2017 a les 15:24 +, en/na Holger Levsen va
escriure:
> On Mon, Dec 25, 2017 at 05:02:01PM -0800, Russ Allbery wrote:
> > I think there are three options, and I'd love to get feedback on
> > which of
> > those three options we should take.
> > 
> > 1. Status quo: there is an undocumented editor virtual package,
> > Policy
> >says that nothing has to provide or depend on it, and some
> > random
> >collection of editors provide it.  I think this is a bad place
> > to be,
> >so I would hope we can rule out sticking with that status quo.
> > 
> > 2. Document editor and recommend everyone implement it
> > properly.  Since
> >we're going to allow packages to depend on editor, I think
> > providing it
> >would need to be a should, so that's going to be a lot of buggy
> > (but
> >not RC-buggy) editor packages.  But it would get us to a clean
> >dependency system. 
> > 
> > 3. Mark editor obsolete.
> 
> looking at these three options for "for doing the best solution" I
> think we should go for 2 or maybe 3, but then I think it's a sensible
> thing to depend on, so I would say we should go with option 2.

I personally would go with 2 as well, even if there's some trivial work
to do to get all editors to adapt. I think the editor virtual package
adds some value and completing coverage of all package should be easy
and completion can be encouraged via a release goal or something
similar.

Let me know what the outcome is and I'll adapt nano right away.

Jordi
-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

signature.asc
Description: This is a digitally signed message part

Bug#858269: Fails to build, test try things not allowed as non-root

[Jordi Mallach]

Package: docker.io
Version: 1.13.0~ds1-3
Followup-For: Bug #858269

Hi Tim,

I've extended the patches so they fix the testsuite errors.

Attached are the new two patches for debian/patches. With them, docker.io
builds with a non-priviledged user.

Jordi


-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (1, 
'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages docker.io depends on:
ii  adduser  3.115
ii  containerd   0.2.3~git20161117.78.03e5862~ds1-2+b1
ii  golang-libnetwork0.8.0~dev.2+git20161130.568.fd27f22-4+b1
ii  init-system-helpers  1.48
ii  iptables 1.6.0+snapshot20161117-6
ii  libapparmor1 2.11.0-3
ii  libc62.24-10
ii  libdevmapper1.02.1   2:1.02.137-2
ii  libsqlite3-0 3.16.2-3
ii  libsystemd0  232-23
ii  lsb-base 9.20161125
ii  runc 1.0.0~rc2+git20161109.131.5137186-2+b1

Versions of packages docker.io recommends:
ii  ca-certificates  20161130
ii  cgroupfs-mount   1.4
ii  git  1:2.11.0-2
ii  xz-utils 5.2.2-1.2+b1

Versions of packages docker.io suggests:
pn  aufs-tools   
ii  btrfs-progs  4.9.1-1
ii  debootstrap  1.0.90
pn  docker-doc   
pn  rinse
pn  zfs-fuse | zfsutils  

-- no debconf information
Index: docker.io-1.13.0~ds1/profiles/seccomp/seccomp.go
===
--- docker.io-1.13.0~ds1.orig/profiles/seccomp/seccomp.go
+++ docker.io-1.13.0~ds1/profiles/seccomp/seccomp.go
@@ -17,7 +17,7 @@ import (
 
 // GetDefaultProfile returns the default seccomp profile.
 func GetDefaultProfile(rs *specs.Spec) (*specs.Seccomp, error) {
-   return setupSeccomp(DefaultProfile(), rs)
+   return setupSeccomp(DefaultProfile(rs), rs)
 }
 
 // LoadProfile takes a file path and decodes the seccomp profile.
Description: allow skipping "privileged" tests with "-test.short"
Author: Tianon Gravi 
Forwarded: no

Index: docker.io-1.13.0~ds1/daemon/daemon_test.go
===
--- docker.io-1.13.0~ds1.orig/daemon/daemon_test.go
+++ docker.io-1.13.0~ds1/daemon/daemon_test.go
@@ -158,6 +158,10 @@ func TestValidContainerNames(t *testing.
 }
 
 func TestContainerInitDNS(t *testing.T) {
+   if testing.Short() {
+   t.Skip("Skipping privileged test in short mode")
+   }
+
tmp, err := ioutil.TempDir("", "docker-container-test-")
if err != nil {
t.Fatal(err)
Index: docker.io-1.13.0~ds1/daemon/graphdriver/aufs/aufs_test.go
===
--- docker.io-1.13.0~ds1.orig/daemon/graphdriver/aufs/aufs_test.go
+++ docker.io-1.13.0~ds1/daemon/graphdriver/aufs/aufs_test.go
@@ -28,6 +28,10 @@ func init() {
 }
 
 func testInit(dir string, t testing.TB) graphdriver.Driver {
+   if testing.Short() {
+   t.Skip("Skipping privileged test in short mode")
+   }
+
d, err := Init(dir, nil, nil, nil)
if err != nil {
if err == graphdriver.ErrNotSupported {
Index: docker.io-1.13.0~ds1/daemon/graphdriver/devmapper/devmapper_test.go
===
--- docker.io-1.13.0~ds1.orig/daemon/graphdriver/devmapper/devmapper_test.go
+++ docker.io-1.13.0~ds1/daemon/graphdriver/devmapper/devmapper_test.go
@@ -11,50 +11,70 @@ import (
"github.com/docker/docker/daemon/graphdriver/graphtest"
 )
 
-func init() {
+func shortSkip(t *testing.T) {
+   if testing.Short() {
+   t.Skip("Skipping privileged test in short mode")
+   }
+}
+
+// This avoids creating a new driver for each test if all tests are run
+// Make sure to put new tests between TestDevmapperSetup and 
TestDevmapperTeardown
+func TestDevmapperSetup(t *testing.T) {
+   shortSkip(t)
+
// Reduce the size the the base fs and loopback for the tests
defaultDataLoopbackSize = 300 * 1024 * 1024
defaultMetaDataLoopbackSize = 200 * 1024 * 1024
defaultBaseFsSize = 300 * 1024 * 1024
defaultUdevSyncOverride = true
if err := graphtest.InitLoopbacks(); err != nil {
-   panic(err)
+   t.Fatal(err)
}
-}
 
-// This avoids creating a new driver for each test if all tests are run
-// Make sure to put new tests between TestDevmapperSetup and 
TestDevmapperTeardown
-func TestDevmapperSetup(t *testing.T) {
graphtest.GetDriver(t, "devicemapper")
 }
 
 func TestDevmapperCreateEmpty(t *testing.T) {
+   shortSkip(t)
+
graphtest.DriverTestCreateEmpty(t, "devicemapper")
 }

Bug#860977: unblock: sogo/3.2.6-2

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package sogo

Shortly after the release of 3.2.6, the SOGo upstreams published a hotfix
release "3.2.6a" with two important fixes that -2 includes. I think we should
have these two patches included in the version we're going to support. I've
been running them at $work for months (the change had been sitting in git
for ages) and they seem to cause no problems.

unblock sogo/3.2.6-2

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru sogo-3.2.6/debian/changelog sogo-3.2.6/debian/changelog
--- sogo-3.2.6/debian/changelog 2017-01-24 00:04:21.0 +0100
+++ sogo-3.2.6/debian/changelog 2017-04-11 01:52:41.0 +0200
@@ -1,3 +1,11 @@
+sogo (3.2.6-2) unstable; urgency=medium
+
+  * Cherry pick important fixes from the upstream 3.2.6a release.
+- [core] fixed "include in freebusy"
+- [web] improved ACLs handling of inactive users
+
+ -- Jordi Mallach <jo...@debian.org>  Tue, 11 Apr 2017 01:52:41 +0200
+
 sogo (3.2.6-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru 
sogo-3.2.6/debian/patches/improve-acl-handling-of-inactive-users.patch 
sogo-3.2.6/debian/patches/improve-acl-handling-of-inactive-users.patch
--- sogo-3.2.6/debian/patches/improve-acl-handling-of-inactive-users.patch  
1970-01-01 01:00:00.0 +0100
+++ sogo-3.2.6/debian/patches/improve-acl-handling-of-inactive-users.patch  
2017-02-10 18:20:47.0 +0100
@@ -0,0 +1,152 @@
+commit d14b0b0b5e1b34dd9a407295247f7015d2728967
+Author: Francis Lachapelle <flachape...@inverse.ca>
+Date:   Thu Jan 26 12:48:21 2017 -0500
+
+(js) Improve ACLs handling of inactive users
+
+diff --git a/NEWS b/NEWS
+index 73b834ad7..5987fda3b 100644
+--- a/NEWS
 b/NEWS
+@@ -1,3 +1,12 @@
++3.2.7 (2017-01-DD)
++--
++
++Enhancements
++ - [web] improved ACLs handling of inactive users
++
++Bug fixes
++ - [core] fixed "include in freebusy" (reverts #3354)
++
+ 3.2.6 (2017-01-23)
+ --
+ 
+diff --git a/UI/Templates/AdministrationUI/UIxAdministrationAclEditor.wox 
b/UI/Templates/AdministrationUI/UIxAdministrationAclEditor.wox
+index 1fa3430bb..69c3bf38f 100644
+--- a/UI/Templates/AdministrationUI/UIxAdministrationAclEditor.wox
 b/UI/Templates/AdministrationUI/UIxAdministrationAclEditor.wox
+@@ -80,12 +80,12 @@
+  size="40">{{ user.$avatarIcon 
}}
+   
+   
+-{{user.cn}}
++{{user.$fullname()}}
+ {{user.c_email}}
+   
+ 
++ ng-hide="!acl.showRights(user) || user.$isSpecial()">
+ select_all
+   
+   
+ 
+   
+-  
++  
+ 
+   {{ user.$avatarIcon 
}}
+ 
+ 
+-  {{user.cn}}
++  {{user.$fullname()}}
+   {{user.c_email}}
+ 
+   
++   ng-hide="!acl.showRights(user) || user.$isSpecial()">
+   select_all
+ 
+ 
+   
+ 
+-
++
+   
+ 
+Date:   Thu Jan 26 11:52:58 2017 -0500
+
+Revert "(fix) properly honor "include in freebusy"
+
+This reverts commit eed5679068480963f0f5de9a9e784f642fbfb575.
+
+diff --git a/SoObjects/Appointments/SOGoAppointmentFolder.m 
b/SoObjects/Appointments/SOGoAppointmentFolder.m
+index d688a256b..f9974047e 100644
+--- a/SoObjects/Appointments/SOGoAppointmentFolder.m
 b/SoObjects/Appointments/SOGoAppointmentFolder.m
+@@ -423,32 +423,26 @@ static Class iCalEventK = nil;
+ //
+ // If the user is the owner of the calendar, by default we include the 
freebusy information.
+ //
+-// If the user is NOT the owner of the calendar but is subscribed, by default 
we exclude the freebusy information.
++// If the user is NOT the owner of the calendar, by default we exclude the 
freebusy information.
+ //
+ // We must include the freebusy information of other users if we are actually 
looking at their freebusy information
+ // but we aren't necessarily subscribed to their calendars.
+ //
+ - (BOOL) includeInFreeBusy
+ {
+-  NSString *userLogin, *subscriptionReference;
+   NSNumber *excludeFromFreeBusy;
++  NSString *userLogin;
++  BOOL is_owner;
+   
+-  BOOL is_owner, is_subscription;
+-
+   userLogin = [[context activeUser] login];
+   is_owner = [userLogin isEqualToString: self->owne

Bug#859065: unblock: goiardi/0.11.2-2

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package goiardi

It includes a backported fix for a server crash when handling objects with
duplicate array items. It also removes the logs on purge, a change that
should have been uploaded before the freeze but apparently didn't happen.

unblock goiardi/0.11.2-2

The debdiff is as follows:

+goiardi (0.11.2-2) unstable; urgency=medium
+
+  * Remove /var/log/goiardi on purge as well (really closes: #847354).
+  * Add databag_duplicate_field_crash.patch: cherrypick a fix for a server
+crash when handling objects with duplicate items in an array.
+
+ -- Jordi Mallach <jo...@debian.org>  Thu, 30 Mar 2017 02:51:02 +0200
+
 goiardi (0.11.2-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru goiardi-0.11.2/debian/patches/databag_duplicate_field_crash.patch 
goiardi-0.11.2/debian/patches/databag_duplicate_field_crash.patch
--- goiardi-0.11.2/debian/patches/databag_duplicate_field_crash.patch   
1970-01-01 01:00:00.0 +0100
+++ goiardi-0.11.2/debian/patches/databag_duplicate_field_crash.patch   
2017-03-30 02:50:08.0 +0200
@@ -0,0 +1,173 @@
+Index: goiardi/CHANGELOG
+===
+--- goiardi.orig/CHANGELOG
 goiardi/CHANGELOG
+@@ -4,6 +4,8 @@
+   Does require rebuilding the search index.
+ * Allow using 'novault' as a build tag to avoid having to have the vault api
+   present when building goiardi. Not relevant to most people.
++* Backport fix for duplicate items in arrays in indexed objects crashing the
++  server when saving.
+ 
+ 
+ 0.11.1
+Index: goiardi/circle.yml
+===
+--- goiardi.orig/circle.yml
 goiardi/circle.yml
+@@ -1,6 +1,6 @@
+ machine:
+   environment:
+-GODIST: "go1.7.3.linux-amd64.tar.gz"
++GODIST: "go1.7.4.linux-amd64.tar.gz"
+ dependencies:
+   pre:
+ - mkdir -p download
+Index: goiardi/indexer/postgres_indexer.go
+===
+--- goiardi.orig/indexer/postgres_indexer.go
 goiardi/indexer/postgres_indexer.go
+@@ -21,6 +21,7 @@ import (
+   "github.com/ctdk/goiardi/datastore"
+   "github.com/ctdk/goiardi/util"
+   "github.com/lib/pq"
++  "sort"
+   "strings"
+ )
+ 
+@@ -146,6 +147,11 @@ func (p *PostgresIndex) SaveItem(obj Ind
+   return err
+   }
+   case []string:
++  // remove dupes from slices of strings like we're doing
++  // now with the trie index, both to reduce ambiguity and
++  // to maybe make the indexes just a little bit smaller
++  sort.Strings(v)
++  v = util.RemoveDupStrings(v)
+   for _, w := range v {
+   w = util.IndexEscapeStr(w)
+   w = strings.Replace(w, "\n", "\\n", -1)
+Index: goiardi/search/search_test.go
+===
+--- goiardi.orig/search/search_test.go
 goiardi/search/search_test.go
+@@ -258,6 +258,14 @@ func TestSearchBasicQueryEscaped(t *test
+   }
+ }
+ 
++func TestIndexDupes(t *testing.T) {
++  r, _ := role.New("idx_role")
++  r.Default["foo"] = "bar"
++  r.Default["notdupe"] = []string{"I", "am", "good"}
++  r.Default["dupes"] = []string{"I", "", "will", "", "cause", "problems", 
"I", ""}
++  r.Save()
++}
++
+ // Probably don't want this as an always test, but it's handy to have 
available.
+ /*
+ func TestEmbiggenSearch(t *testing.T) {
+Index: goiardi/util/string_test.go
+===
+--- /dev/null
 goiardi/util/string_test.go
+@@ -0,0 +1,37 @@
++/*
++ * Copyright (c) 2013-2016, Jeremy Bingham (<jer...@goiardi.gl>)
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ * http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ */
++
++package util
++
++import (
++  "sort"
++  "testing"
++)
++
++func TestDupRemoval(t *testing.T) {
++  str

Bug#858268: swarmkit: FTBFS due to not strict enough deps on golang-gogoprotobuf

[Jordi Mallach]

Source: swarmkit
Severity: serious

Hello,

swarmkit fails to build on stretch, with golang-gogoprotobuf 0.3.

It does build against 0.3+git20170120.144.265e960d-1 from sid so I suggest
bumping the Build-Dep to at least 0.3+git20170120.144.265e960d-1~ to make
backports easier.

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#858267: golang-github-docker-libnetwork: Build-Deps not strict enough

[Jordi Mallach]

Source: golang-github-docker-libnetwork
Severity: serious

Hello,

I was trying to build this on a stretch chroot and found it failed due
to it not requiring a new enough golang-github-vishvananda-netlink.

The commit that adds the messing methood is
https://github.com/vishvananda/netlink/commit/17ea11b5a11c5614597c65a671105e8ee58c4d04

So I suggest making the dep (>= 0.0~git2016.0) or (>= 
0.0~git20170117.0.ebdfb74-1)


-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#858266: containerd: Assumes an amd64 build

[Jordi Mallach]

Package: containerd
Version: 0.2.3~git20161117.78.03e5862~ds1-1
Severity: serious

debian/rules contains:

  (cd obj-x86_64-linux-gnu/src/github.com/docker/containerd && \

which is totally not going to work for any of the architectures
except for amd64.

I suggest you define DEB_BUILD_GNU_TYPE with the output of
dpkg-architecture -qDEB_BUILD_GNU_TYPE and use that instead.

I haven't tested that at all though.

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages containerd depends on:
ii  libc6  2.24-9
ii  runc   1.0.0~rc2+git20161109.131.5137186-2

containerd recommends no packages.

containerd suggests no packages.

-- no debconf information

Bug#857447: unblock: libytnef/1.9.2-1

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package libytnef

Upstream continued work on security aspects of the code and fixed another
three issues.

[CVE-2017-6800] Invalid memory access (heap overrun) in handling
LONG data types
[CVE-2017-6801] Missing check for fields of size 0
[CVE-2017-6802] Potential buffer overrun in compressed RTF streams

unblock libytnef/1.9.2-1

This version has a seldomly used binary being renamed (removes the .pl suffix),
but it's been present in debian for 1.5 months only so I guess it's not a big
deal.

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#855832: unblock: libytnef/1.9.1-1

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package libytnef

Although this is a new upstream version, all the changes included in it are
security fixes, as can be seen here:

https://github.com/Yeraze/ytnef/pull/27

and here

http://www.openwall.com/lists/oss-security/2017/02/15/4

No CVE assigned yet.

unblock libytnef/1.9.1-1

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#855831: unblock: alsa-lib/1.1.3-5

[Jordi Mallach]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package alsa-lib

Included is a dpkg-buildpakcage -A FTBFS fix (#854474), and an important
license clarification.

Full source debdiff attached.

unblock alsa-lib/1.1.3-5

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru alsa-lib-1.1.3/debian/changelog alsa-lib-1.1.3/debian/changelog
--- alsa-lib-1.1.3/debian/changelog 2017-01-24 12:30:46.0 +0100
+++ alsa-lib-1.1.3/debian/changelog 2017-02-13 20:12:05.0 +0100
@@ -1,3 +1,18 @@
+alsa-lib (1.1.3-5) unstable; urgency=medium
+
+  [ Jordi Mallach ]
+  * Add 0008-topology-Fix-incorrect-license-in-source-comments.patch from
+upstream git to fix the license headers on src/topology/* from GPL-2
+to LGPL-2.1+ as originally intended.
+  * Drop GPL-2 paragraphs in d/copyright accordingly.
+
+  [ Elimar Riesebieter ]
+  * Add dh_auto_build to override_dh_auto_build-indep and dh_auto_install to
+override_dh_auto_install-indep to prevent a FTBFS with
+"dpkg-buildpackage -A". (closes: #854474)
+
+ -- Jordi Mallach <jo...@debian.org>  Mon, 13 Feb 2017 20:12:05 +0100
+
 alsa-lib (1.1.3-4) unstable; urgency=medium
 
   * Add copyright notes for src/topology. Thanks Thorsten Alteholz for
diff -Nru alsa-lib-1.1.3/debian/copyright alsa-lib-1.1.3/debian/copyright
--- alsa-lib-1.1.3/debian/copyright 2017-01-24 12:28:37.0 +0100
+++ alsa-lib-1.1.3/debian/copyright 2017-01-25 02:00:32.0 +0100
@@ -11,29 +11,12 @@
 Copyright: 1998-2017 Jarsolav Kysela <pe...@suse.cz> and others
 License: LPGL-2.1+
 
-Files: src/topology/*
-Copyright: 2014-2015 Intel Corporation
-License: GPL-2
-
 Files: debian/*
 Copyright: 1998-1999 Wichert Akkerman
1999-2002 Masato Taruishi
-   2002-2016 Debian ALSA Maintainers
+   2002-2017 Debian ALSA Maintainers
 License: LPGL-2.1+
 
-License: GPL-2
- This program is free software; you can redistribute it and/or modify
- it under the terms of version 2 of the GNU General Public License as
- published by the Free Software Foundation.
- .
- This program is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- General Public License for more details.
- .
- On Debian systems, the complete text of the GNU General Public License
- can be found in /usr/share/common-licenses/GPL-2.
-
 License: LPGL-2.1+
  This library is free software; you can redistribute it and/or modify
  it under the terms of the GNU Lesser General Public License as
diff -Nru 
alsa-lib-1.1.3/debian/patches/0008-topology-Fix-incorrect-license-in-source-comments.patch
 
alsa-lib-1.1.3/debian/patches/0008-topology-Fix-incorrect-license-in-source-comments.patch
--- 
alsa-lib-1.1.3/debian/patches/0008-topology-Fix-incorrect-license-in-source-comments.patch
  1970-01-01 01:00:00.0 +0100
+++ 
alsa-lib-1.1.3/debian/patches/0008-topology-Fix-incorrect-license-in-source-comments.patch
  2017-01-24 17:32:56.0 +0100
@@ -0,0 +1,349 @@
+From liam.r.girdw...@linux.intel.com Tue Jan 24 15:59:16 2017
+Return-Path: <liam.r.girdw...@linux.intel.com>
+Delivered-To: jo...@mallach.net
+Received: from mailly.debian.org (mailly.debian.org
+ [IPv6:2001:41b8:202:deb:6564:a62:52c3:4b72]) by tempesta.oskuro.net
+ (Postfix) with ESMTPS id AC49F851E5 for <jo...@mallach.net>; Tue, 24 Jan
+ 2017 15:59:16 +0100 (CET)
+Received: from mga03.intel.com ([134.134.136.65])
+   by mailly.debian.org with esmtps 
(TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
+   (Exim 4.84_2)
+   (envelope-from <liam.r.girdw...@linux.intel.com>)
+   id 1cW2Z1-0003Ok-6u
+   for jo...@mallach.net; Tue, 24 Jan 2017 14:59:15 +
+Received: from fmsmga003.fm.intel.com ([10.253.24.29])
+  by orsmga103.jf.intel.com with ESMTP; 24 Jan 2017 06:59:11 -0800
+X-ExtLoop1: 1
+X-IronPort-AV: E=Sophos;i="5.33,278,1477983600"; 
+   d="scan'208";a="812723074"
+Received: from rkinsell-mobl.ger.corp.intel.com (HELO [10.252.0.71])
+ ([10.252.0.71]) by FMSMGA003.fm.intel.com with ESMTP; 24 Jan 2017 06:59:10
+ -0800
+Message-ID: <1485269948.2625.50.camel@loki>
+Subject: [PATCH] topology: Fix incorrect license in source comments.
+From: Liam Girdwood <liam.r.girdw...@linux.intel.com>
+To: Takashi Iwai <ti...@suse.de>
+Cc: "alsa-de...@alsa-project.org" <alsa-de...@alsa-project.org>, Jordi
+   Mallach <jo...@debian.org>
+Date: Tue, 24 Jan 2017 14:59:0

Bug#835838: [Pkg-alsa-devel] Bug#835838: pulseaudio: Do not intercept ALSA if environment variable is set

[Jordi Mallach]

El dl 13 de 02 de 2017 a les 13:30 +0100, en/na Javier Serrano Polo va
escriure:
> X-Debbugs-CC: pkg-alsa-de...@lists.alioth.debian.org
> 
> El dc 21 de 09 de 2016 a les 10:36 -0300, Felipe Sateler va escriure:
> > Alsa maintainers, what do you think?
> 
> Maintainers remain silent.
> 
> > Adding a similar check for a variable named
> > like PULSE_DISABLE_ALSA_PLUGIN or something like that should be
> > very
> > simple.
> 
> Felipe, what do you prefer? To apply the patch with
> PULSE_ALSA_HOOK_CONF
> in pulseaudio or if I implement PULSE_DISABLE_ALSA_PLUGIN in ALSA and
> you do a NMU?

I think PULSE_DISABLE_ALSA_PLUGIN sounds fine, but please propose the
patch to alsa-devel@, and after it is accepted, I am open to apply it
in Debian. I don't want to drag this patch forever.

-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

signature.asc
Description: This is a digitally signed message part

Bug#852455: RM: alsa-base -- ROM; No longer needed, obsolete

[Jordi Mallach]

Hi Scott,

El dc 25 de 01 de 2017 a les 00:14 -0500, en/na Scott Kitterman va
escriure:
> On Tue, 24 Jan 2017 18:04:39 +0100 Jordi Mallach <jo...@debian.org>
> wrote:
> > Package: ftp.debian.org
> > Severity: normal
> > 
> > Hello ftp-master,
> > 
> > I just found out alsa-base is still in the archive.
> > 
> > This source only generates a alsa-base with maintscripts to remove
> > old conffiles, and should have been safe to remove from the archive
> > post-jessie.
> > 
> > Let's kill it before a new release happens, thanks!
> 
> This will have to be addressed first:
> 
> Checking reverse dependencies...
> # Broken Depends:
> mkchromecast: mkchromecast-alsa
> 
> Dependency problem found.
> 
> Please remove the moreinfo tag once it's resolved.

Bug filed and block tag added to this bug.

Thanks!

-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

Bug#852531: mkchromecast-alsa: Depends on obsolete package alsa-base

[Jordi Mallach]

Package: mkchromecast-alsa
Version: 0.3.6-3
Severity: important

Hi Muammar,

Your package depends on alsa-base, which has been an empty, featureless
package for many years.

Please drop this dependency: what alsa-base did in the past is now done
by kmod itself and hence you don't need to replace it with other
dependencies.

My goal is to get rid of alsa-base for stretch, so please upload even if the
freeze is ongoing, I'll try to get an exception for your change.

Thanks,
Jordi

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#852455: RM: alsa-base -- ROM; No longer needed, obsolete

[Jordi Mallach]

Package: ftp.debian.org
Severity: normal

Hello ftp-master,

I just found out alsa-base is still in the archive.

This source only generates a alsa-base with maintscripts to remove
old conffiles, and should have been safe to remove from the archive
post-jessie.

Let's kill it before a new release happens, thanks!

Bug#850489: RM: goiardi [s390x] -- RoM; ANAIS: left over of s390x golang removal

[Jordi Mallach]

Package: ftp.debian.org
Severity: normal

Hi ftp-master,

With the large removal of s390x arch-dep packages of golang bits, goiardi was
somehow left out, and is now having problems to transition due to missing
binaries.

Please remove goiardi/s390x.

Jordi

Bug#848961: nano: please update syntax highlighting for nftables

[Jordi Mallach]

Hey Benno! You're awesome. :D

El dc 21 de 12 de 2016 a les 12:29 +0100, en/na Benno Schulenberg va
escriure:
> Hello Arturo and Jordi,
> 
> On 2016-12-21 10:50, Arturo Borrero Gonzalez wrote:
> > On 21 December 2016 at 10:47, Jordi Mallach <jo...@mallach.net>
> > wrote:
> > > Can you submit this to nano-de...@gnu.org? I hope there'll be a
> > > release
> > > soonish and it can be included in stretch.
> > > 
> > > If you prefer, I can bring it up there for you, too.
> > 
> > I would prefer this path. Please go ahead :-)
> 
> No need to bring it to nano-devel -- I am subscribed to the Debian
> nano bugs.  :)  I will grab Arturo's file later today.  Is it okay
> if I add a Signed-off line to the commit message, Arturo?
> 
> Before when do you want a release, Jordi, in order to get it into
> Stretch still?

I'd say around the 22nd of January will be the last dates where normal
uploads will make it. On the 5th of Feb, the gates close for non-
serious bugfixes/security issues. Uploads now have a 10 day delay
before migration to stretch, so in principle the 25 would be ok still
*if* all buildds cooperate, if no issues arise with the new version,
etc., so that's why I'd give it a few more days just in case.

Benno, there's also #801103, which I've been wondering about.

Thanks to both!

Jordi
-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

Bug#848961: nano: please update syntax highlighting for nftables

[Jordi Mallach]

Hi Arturo,

El dc 21 de 12 de 2016 a les 09:26 +0100, en/na Arturo Borrero Gonzalez
va escriure:
> Package: nano
> Version: 2.7.1-1
> Severity: wishlist
> Tags: patch
> 
> Dear nano maintainers,
> 
> thanks for working in my editor of choice. It's really appreciated.
> 
> I tried to generate a patch for the nftables syntax highlighting, but
> failed
> to find the source repo (the current git link from the tracker points
> to an
> empty repository).
> 
> So, please, would you take the new file from here the file and push
> it
> yourself?:
> 
> https://raw.githubusercontent.com/aborrero/nftables-nano-syntax/maste
> r/nftables.nanorc

Can you submit this to nano-de...@gnu.org? I hope there'll be a release
soonish and it can be included in stretch.

If you prefer, I can bring it up there for you, too.

Jordi
-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

Bug#844804: Cannot reproduce

[Jordi Mallach]

severity 844804 important
tags 844804 + unreproducible
thanks

Hi Lucas,

I'm taking the liberty to lower the severity of this bug, as I can't reproduce
on a current sid pbuilder chroot.

I am thinking this might have been caused by the openssl mess, etc.

libsnmp-dev is definitely installable here, and my build succeeds:
dpkg-deb: building package 'zabbix-server-pgsql' in 
'../zabbix-server-pgsql_3.0.5+dfsg-1_amd64.deb'.

If you could revisit this bug and close if you think it was a transient
uninstallability problem, please go ahead.

Jordi
-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/


signature.asc
Description: PGP signature

Bug#844686: RM: gnome-video-arcade [armel] -- ROM; Missing "mame" dep

[Jordi Mallach]

Package: ftp.debian.org
Severity: normal

Hi,

Tl;dr: please remove gnome-video-arcade/armel binary.

Recently you got rid of mame's armel binary in order to make mame transition
to testing, as a gcc limitation no longer makes mame compilable on that arch.

pochu pointed out that gnome-video-arcade also needs its armel binary removed
from testing, or mame won't be able to transition.

Thanks,
Jordi

Note: this was a request for a partial removal from testing, converted in one 
for unstable

Bug#828247: Building with openssl 1.1

[Jordi Mallach]

Hi Marc and Salvatore,

Apologies,

My intention after the NMU (which was the minimal change approach: build with
the version known to previously work) was to get #828247 cloned and lowered
to severity important so the 1.1 patches that arrived minutes after my upload
wouldn't get obscured in a closed bug report.

I was going to do this today, as I was totally unable to do so during the
weekend. Sorry!

Also, Marc sorry about not pushing my git changes. I did build the release
from git but forgot to push to Alioth. It's been done now.

Jordi
-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/


signature.asc
Description: PGP signature

Bug#843830: ITP: golang-github-raintank-met -- an opinionated wrapper around metric client libraries

[Jordi Mallach]

El dj 10 de 11 de 2016 a les 01:33 +0100, en/na Jordi Mallach va
escriure:
> Package: wnpp
> Severity: wishlist
> Owner: Jordi Mallach <jo...@debian.org>
> 
> * Package name: golang-github-raintank-met
>   Version : 0.0~git20161103.0.05a94bb-1
>   Upstream Author : raintank
> * URL : https://github.com/raintank/met
> * License : TODO
  
This was meant to read AGPL-3.

Jordi
-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

Bug#843830: ITP: golang-github-raintank-met -- an opinionated wrapper around metric client libraries

[Jordi Mallach]

Package: wnpp
Severity: wishlist
Owner: Jordi Mallach <jo...@debian.org>

* Package name: golang-github-raintank-met
  Version : 0.0~git20161103.0.05a94bb-1
  Upstream Author : raintank
* URL : https://github.com/raintank/met
* License : TODO
  Programming Lang: Go
  Description : a wrapper around metric client libraries for Go

 This library provides an opinionated wrapper around metric client
 libraries for Go. It supports statsd (recommended) and dogstatsd.

This is a dependency of goiardi, a chef server written in Go that
I am packaging.

Bug#843827: ITP: golang-github-ctdk-go-trie -- Trie implementation based on a minimal automaton for Go

[Jordi Mallach]

Package: wnpp
Severity: wishlist
Owner: Jordi Mallach <jo...@debian.org>

* Package name: golang-github-ctdk-go-trie
  Version : 0.0~git20161027.0.6443fbc-1
  Upstream Author : Jeremy Bingham
* URL : https://github.com/ctdk/go-trie
* License : MIT
  Programming Lang: Go
  Description : Trie implementation based on a minimal automaton for Go

 This library implements tries, also known as prefix trees, using
 minimal acyclic finite-state automata for the Go programming language.

This is a dependency of my upcoming ITP goiardi, a chef server written in Go.

Bug#843825: ITP: golang-github-ctdk-chefcrypto -- Go cryptographic routines to interact with chef servers

[Jordi Mallach]

Package: wnpp
Severity: wishlist
Owner: Jordi Mallach <jo...@debian.org>

* Package name: golang-github-ctdk-chefcrypto
  Version : 0.0~git20161109.0.dea96d7-1
  Upstream Author : Jeremy Bingham
* URL : https://github.com/ctdk/chefcrypto
* License : Apache-2.0
  Programming Lang: Go
  Description : Go cryptographic routines to interact with chef servers

This library includes various cryptographic routines for communicating with
chef servers for golang programs and libraries. Originally part of goiardi,
it's been split out for packaging purposes.

It is being packaged as a dependency of go-chef, in turn a dependency of
goiardi, a chef server written in Go.

Bug#843772: ITP: golang-gopkg-alexcesaro-statsd.v1 -- simple and efficient Golang StatsD client

[Jordi Mallach]

Package: wnpp
Severity: wishlist
Owner: Jordi Mallach <jo...@debian.org>

* Package name: golang-gopkg-alexcesaro-statsd.v1
  Version : 0.0~git20160306.0.c289775-1
  Upstream Author : Alexandre Cesaro
* URL : https://github.com/alexcesaro/statsd
* License : MIT
  Programming Lang: Go
  Description : simple and efficient Golang StatsD client

This is a simple and efficient Golang StatsD client.
 
It supports all StatsD metrics: counter, gauge, timing and set, as well
as InfluxDB and Datadog tags.

It is fast and GC-friendly: all functions for sending metrics do not
allocate. It is efficient: metrics are buffered by default. It has a
simple and clean API.

I'm packaging this as an indirect dep of goiardi, a chef server written in
Golang.

Bug#843730: ITP: golang-github-go-chef-chef -- Chef-Server API client in golang

[Jordi Mallach]

Package: wnpp
Severity: wishlist
Owner: Jordi Mallach <jo...@debian.org>

* Package name: golang-github-go-chef-chef
  Version : 0.0.1+git20161023.60.deb8c38-1
  Upstream Author : 2013-2014 Jesse Nelson
* URL : https://github.com/go-chef/chef
* License : Apache-2.0
  Programming Lang: Go
  Description : Chef-Server API client in golang

This is a Golang library that can be used to write tools to interact
with a chef server.

It is a dependency of the upcoming ITP "goiardi", a chef server written
in golang.

Bug#837824: Fix uploaded to delayed/5

[Jordi Mallach]

tag 837824 + pending

Hi,

I've just uploaded a fixed package to delayed/5, and committed the changes
to git. Feel free to revert if you see a problem with this.

Jordi
-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/


signature.asc
Description: PGP signature

Bug#842922: RM: mame [armel] -- ROM; No longer builds from source due to library limitation

[Jordi Mallach]

Package: ftp.debian.org
Severity: normal

Hi ftpmaster,

mame 0.179 has added some code that uses C++ features not available in armel.

In particular, std::future as described in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727621 and
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64735

Please remove mame armel binaries so testing migration can resume.

Thanks,
Jordi

Note: this was a request for a partial removal from testing, converted in one 
for unstable

Bug#829654: fcgiwrap 1.1.0-7

[Jordi Mallach]

El ds 23 de 07 de 2016 a les 00:15 -0400, en/na Peter Colberg va
escriure:
> On Thu, Jul 14, 2016 at 12:49:37AM -0400, Peter Colberg wrote:
> > 
> > Hi Jordi,
> > 
> > Could you review the commits before I upload a new version of
> > fcgiwrap?
> 
> Should I just go ahead and upload?

Sorry, yes. Please ignore #831757 for now, as Sergio is definitely not
MIA.

Jordi
-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

Bug#829654: src:fcgiwrap: Co-maintaining fcgiwrap

[Jordi Mallach]

Hi Peter,

On Sat, Jul 09, 2016 at 11:53:21PM -0400, Peter Colberg wrote:
> Hi Jordi,
> 
> On Wed, Jul 06, 2016 at 09:18:49AM +0200, Jordi Mallach wrote:
> > This is all good news! I still use fcgiwrap myself so co-maintaining
> > sounds about right (although I'm happy to downgrade myself to Uploader
> > and have you as the main Maintainer if you want).
> 
> Great! I would be fine either way, but Maintainer might be better for
> the sake of hinting (when the time comes) that I am ready to become DD.
> 
> > Also happy about svn → git, it's something that's been on the list for
> > all of my packages but I've never come around to it.
> 
> Please take a close look at the carefully restored history:
> 
> git clone https://anonscm.debian.org/git/users/pc-guest/fcgiwrap.git
> 
> I have split the larger svn commits into multiple git commits so that
> each commit corresponds to one changelog entry. I verified that the
> debian/ tags match exactly the versions in snapshot.debian.org.

Woa, you've spent quite a bit doing this right? I can't spot a single
nitpick here. Nice!

> Would you be fine if we generate the changelog using "gbp dch" only
> right before each upload? This keeps the history simple and avoids
> potential merge conflicts in the changelog.

Yeah, that's fine. Whatever, if it's the recommended way in DEP14. As
in this case there's no strong recommendation, I can be convinced to do
gbp dch. I really hope I won't forget, as editing the changelog has been
part of my workflow for 15+ years. :)

> > I can give you the DM upload permissions straight away; I'm very happy
> > about you joining and caring about fcgiwrap!
> 
> Yes, that would be nice.
> 
> Could you also advocate for me to join collab-maint? I sent a request
> myself on alioth, but so far my account (pc-guest) has not been added.

Ok. Any pointer where I should be advocating you?

> That would be my next step after uploading the current version. I will
> see how to best integrate our patches and file pull requests upstream.
> 
> There is an open pull request [1] for a multi-instance systemd unit,
> which would allow running fcgiwrap under multiple users using the same
> systemd template, instead of running everything under www-data. In
> case of a serious bug in one CGI app, this separation prevents the
> hijacking of other CGI apps or the webserver itself.

That sounds useful, yes!

> [1] https://github.com/gnosek/fcgiwrap/pull/17

Jordi

-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/


signature.asc
Description: PGP signature

Bug#830742: src:fcgiwrap: Relicense Debian packaging to allow upstreaming of patches

[Jordi Mallach]

On Sun, Jul 10, 2016 at 06:46:36PM -0400, Peter Colberg wrote:
> Package: src:fcgiwrap
> Version: 1.1.0-6
> Severity: wishlist
> 
> Hi Jordi, hi Sergio,
> 
> The Debian packaging is currently licensed under GPL version 3 with
> you as the copyright holders. This is a perfectly fine choice, but
> usually the Debian packaging is licensed under the same terms as the
> upstream software, which in this case is the Expat license.
> 
> Would you agree to relicense the Debian packaging for fcgiwrap to the
> Expat license? This will allow us to submit Debian patches upstream.

Oops. Yes, no objection.

Jordi
-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/


signature.asc
Description: PGP signature

Bug#829654: src:fcgiwrap: Co-maintaining fcgiwrap

[Jordi Mallach]

Hi Peter,

El dl 04 de 07 de 2016 a les 23:41 -0400, en/na Peter Colberg va
escriure:
> Package: src:fcgiwrap
> Severity: wishlist
> 
> Hi Jordi,
> 
> I have been using fcgiwrap together with nginx for many years, mostly
> to run the cgit git browser. Would you be interested in co-
> maintaining
> fcgiwrap (or, iff you are no longer interested, passing on
> maintenance)?
> 
> I recently became DM [1] and would need upload rights sponsorship.
> For an example of prior work, please see the cgit package [2, 3].
> 
> [1] https://qa.debian.org/developer.php?login=peter%40colberg.org
> [2] https://bugs.debian.org/826764
> [3] https://anonscm.debian.org/git/pkg-cgit/pkg-cgit.git
> 
> If you are interested, I would begin by creating a collab-maint git
> repository from the svn history, and then fix all outstanding bugs.

This is all good news! I still use fcgiwrap myself so co-maintaining
sounds about right (although I'm happy to downgrade myself to Uploader
and have you as the main Maintainer if you want).

Also happy about svn → git, it's something that's been on the list for
all of my packages but I've never come around to it.

I can give you the DM upload permissions straight away; I'm very happy
about you joining and caring about fcgiwrap!

There's lots of bits that should be fed to gnosek via pull requests. In
particular, every distro have their own crazy patches for systemd unit
files. It would be nice to get something sorted in that direction. Our
systemd changes were mostly all proposed by the Debian systemd people,
and I think all of them make sense.

Jordi

-- 
Jordi Mallach Pérez  --  Debian developer http://www.debian.org/
jo...@sindominio.net jo...@debian.org http://www.sindominio.net/
GnuPG public key information available at http://oskuro.net/

signature.asc
Description: This is a digitally signed message part

Bug#827706: RM: gnome-video-arcade [ppc64el] -- ROM; Blocks testing migration of mame

[Jordi Mallach]

Package: ftp.debian.org
Severity: normal

Hi ftp-master,

In #826948, I recently requested the removal of the ppc64el binaries of MAME,
as a FTBFS has been holding mame's migration from non-free to main for weeks.

With that report I failed to realise gnome-video-arcade's ppc64el binary
would also result on a testing migration block due to causing
uninstallability of said binary on testing.

Can you please remove gnome-video-arcade/ppc64el as well?

Many thanks,
Jordi