Bug#970350: linux: Enable CONFIG_NET_SWITCHDEV in Buster kernel

[Vasudev Kamath]

Source: linux
Version: 4.19.132-1
Severity: normal

Dear Maintainer,

The regression issue which I reported in [1] has been fixed by Mellanox upstream
[2] and is now part of linux-4.19.145-1 [3]. So can we now enable the 
CONFIG_NET_SWITCHDEV
support in Debian Buster?

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949863#43
[2] https://lkml.org/lkml/2020/8/7/451
[3] https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.145


Cheers,
Vasudev


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.7.0-3-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#970214: RFS: rednotebook/2.20+ds-1 [ITP] [Team] -- Modern desktop diary and personal journaling tool

[Adam Borowski]

On Sun, Sep 13, 2020 at 05:11:52AM +0100, Phil Wyett wrote:
>  * Package name: rednotebook
>Version : 2.20+ds-1

> Changes since the last upload:
> 
>  rednotebook (2.20+ds-1) unstable; urgency=medium
>  .
>* Team upload.
>* New upstream version 2.20.
>* Reintroduction to debian - ITP. (Closes: #970204)

Fails to build:

.[ Build Type: source ]
Command: dpkg-buildpackage -us -uc -S -rfakeroot
dpkg-buildpackage: info: source package rednotebook
dpkg-buildpackage: info: source version 2.20+ds-1
dpkg-buildpackage: info: source distribution unstable
dpkg-buildpackage: info: source changed by Phil Wyett 

 dpkg-source --before-build .
 debian/rules clean
dh clean --with python3 --buildsystem=pybuild
dh: error: unable to load addon python3: Can't locate 
Debian/Debhelper/Sequence/python3.pm in @INC (you may need to install the 
Debian::Debhelper::Sequence::python3 module) (@INC contains: /etc/perl 
/usr/local/lib/x86_64-linux-gnu/perl/5.30.3 /usr/local/share/perl/5.30.3 
/usr/lib/x86_64-linux-gnu/perl5/5.30 /usr/share/perl5 
/usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.30 
/usr/share/perl/5.30 /usr/local/lib/site_perl) at (eval 13) line 1.
BEGIN failed--compilation aborted at (eval 13) line 1.

make: *** [debian/rules:8: clean] Error 25
dpkg-buildpackage: error: debian/rules clean subprocess returned exit status 2
`

(I haven't looked any further.)


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ “Exegi monumentum aere perennius” -- “I made a monument more
⢿⡄⠘⠷⠚⠋⠀ durable than bronze”.
⠈⠳⣄   -- Horace (65-8 BC), leaving the loo, constipated

Bug#970351: installation-reports: System installed on encrypted temporary partitions destroys partitions on hosts

[Axel Stammler]

Package: installation-reports
Severity: important

Dear Maintainer,

the installer created these lines in /etc/crypttab:

sdb2_crypt /dev/sdb2 /dev/urandom cipher=aes-xts-plain64,size=256,swap,discard
sdb5_crypt /dev/sdb5 /dev/urandom cipher=aes-xts-plain64,size=256,tmp,discard
sdb8_crypt UUID=7bc39f4e-4efe-4494-acbb-fd276296a29e none luks,discard

After installation, I used the USB key as intended to work on different 
machines. If a
machine contained an /dev/sdb disk (so that the USB key was now at /dev/sdc), 
its
/dev/sdb5 partition was overwritten.

I changed /etc/crypttab like this, which removed the problem:

deb_usb_2_crypt PARTUUID=a81b4eec-02 /dev/urandom 
cipher=aes-xts-plain64,size=256,swap,discard
deb_usb_5_crypt PARTUUID=a81b4eec-05 /dev/urandom 
cipher=aes-xts-plain64,size=256,tmp,discard
deb_usb_8_crypt UUID=7bc39f4e-4efe-4494-acbb-fd276296a29e none luks,discard

(Obviously I also adapted /etc/fstab.)



-- Package-specific info:

Boot method: CD image on memory card
Image version: Buster 10 5 0 dated 7 Sept 2020 netinstall
Date: 

Machine: X230 with 60 GB USB key
Partitions: 

FilesystemType 1K-blocks Used Available Use% 
Mounted on
udev  devtmpfs9930400993040   0% 
/dev
tmpfs tmpfs   203172 6276196896   4% 
/run
/dev/sda1 ext4   377861685992   3480964   3% /
/dev/sda6 ext4  10506488  4802424   5150644  49% 
/usr
tmpfs tmpfs  10158520   1015852   0% 
/dev/shm
tmpfs tmpfs 51204  5116   1% 
/run/lock
tmpfs tmpfs  10158520   1015852   0% 
/sys/fs/cgroup
/dev/sda7 ext4   2817056   578964   2075276  22% 
/var
/dev/mapper/deb_teach_usb_5_crypt ext2960504 1344910368   1% 
/tmp
/dev/mapper/deb_teach_usb_8_crypt ext4  40412656 23129776  15200320  61% 
/home
tmpfs tmpfs   203168   20203148   1% 
/run/user/1001

Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it

Initial boot:   [O]
Detect network card:[O]
Configure network:  [O]
Detect CD:  [O]
Load installer modules: [O]
Clock/timezone setup:   [O]
User/password setup:[O]
Detect hard drives: [O]
Partition hard drives:  [O] — but see problem description above
Install base system:[O]
Install tasks:  [O]
Install boot loader:[O]
Overall install:[O] — but see above

Comments/Problems:

see top

-- 

Please make sure that the hardware-summary log file, and any other
installation logs that you think would be useful are attached to this
report. Please compress large files using gzip.

Once you have filled out this report, mail it to sub...@bugs.debian.org.

==
Installer lsb-release:
==
DISTRIB_ID=Debian
DISTRIB_DESCRIPTION="Debian GNU/Linux installer"
DISTRIB_RELEASE="10 (buster) - installer build 20190702+deb10u5"
X_INSTALLATION_MEDIUM=cdrom

==
Installer hardware-summary:
==
uname -a: Linux deb-teach-usb 4.19.0-10-amd64 #1 SMP Debian 4.19.132-1 
(2020-07-24) x86_64 GNU/Linux
lspci -knn: 00:00.0 Host bridge [0600]: Intel Corporation Atom Processor 
D4xx/D5xx/N4xx/N5xx DMI Bridge [8086:a010] (rev 02)
lspci -knn: Subsystem: ASUSTeK Computer Inc. Device [1043:83ac]
lspci -knn: 00:02.0 VGA compatible controller [0300]: Intel Corporation Atom 
Processor D4xx/D5xx/N4xx/N5xx Integrated Graphics Controller [8086:a011] (rev 
02)
lspci -knn: Subsystem: ASUSTeK Computer Inc. Device [1043:83ac]
lspci -knn: 00:02.1 Display controller [0380]: Intel Corporation Atom Processor 
D4xx/D5xx/N4xx/N5xx Integrated Graphics Controller [8086:a012] (rev 02)
lspci -knn: Subsystem: ASUSTeK Computer Inc. Device [1043:83ac]
lspci -knn: 00:1b.0 Audio device [0403]: Intel Corporation NM10/ICH7 Family 
High Definition Audio Controller [8086:27d8] (rev 02)
lspci -knn: Subsystem: ASUSTeK Computer Inc. Device [1043:84d3]
lspci -knn: 00:1c.0 PCI bridge [0604]: Intel Corporation NM10/ICH7 Family PCI 
Express Port 1 [8086:27d0] (rev 02)
lspci -knn: Kernel driver in use: pcieport
lspci -knn: 00:1c.1 PCI bridge [0604]: Intel Corporation NM10/ICH7 Family PCI 
Express Port 2 [8086:27d2] (rev 02)
lspci -knn: Kernel driver in use: pcieport
lspci -knn: 00:1c.3 PCI bridge [0604]: Intel Corporation NM10/ICH7 Family PCI 
Express Port 4 [8086:27d6] (rev 02)
lspci -knn: Kernel driver in use: pcieport
lspci -knn: 00:1d.0 USB controller [0c03]: Intel Corporation NM10/ICH7 Family 
USB UHCI Controller #1 [8086:27c8] (rev 02)
lspci -knn: Subsystem: ASUSTeK Computer Inc. Device [1043:83ad]
lspci -knn: 

Bug#970352: unprivileged podman dies with gibberish

[Harald Dunkel]

Package: podman
Version: 2.0.6+dfsg1-1

Unprivileged podman dies with some gibberish instead of a readable
error message:

% podman run -it debian /bin/bash
Trying to pull quay.io/debian...
  error parsing HTTP 404 response body: invalid character '<' looking for beginning of value: "\n404 Not Found\nNot Found\nThe requested URL was not found on the server. If you entered the URL manually please check 
your spelling and try again.\n"

Trying to pull docker.io/library/debian...
Getting image source signatures
Copying blob 57df1a1f1ad8 done
Copying config f6dcff9b59 done
Writing manifest to image destination
Storing signatures
ERRO[0010] Error while applying layer: ApplyLayer exit status 1 stdout:  
stderr: there might not be enough IDs available in the namespace (requested 
0:42 for /etc/gshadow): lchown /etc/gshadow: invalid argument
  ApplyLayer exit status 1 stdout:  stderr: there might not be enough IDs 
available in the namespace (requested 0:42 for /etc/gshadow): lchown 
/etc/gshadow: invalid argument
Error: unable to pull debian: 2 errors occurred:
* Error initializing source docker://quay.io/debian:latest: Error reading manifest latest in quay.io/debian: error parsing HTTP 404 response body: invalid character '<' looking for beginning of value: "\n404 Not 
Found\nNot Found\nThe requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.\n"
* Error committing the finished image: error adding layer with blob "sha256:57df1a1f1ad841deaf50c8f662d77e93b4b17af776ed66148116607f9aceffa8": ApplyLayer exit status 1 stdout:  stderr: there might not be enough IDs available in the namespace (requested 0:42 for /etc/gshadow): lchown 
/etc/gshadow: invalid argument



Regards
Harri

Bug#968620:

[Francisco M Neto]

Control: retitle 968620 'ITA: wiki2beamer -- Tool to create LaTeX beamer 
presentations in wiki syntax'



signature.asc
Description: This is a digitally signed message part

Bug#970347: keepassxc: file handles leaking, until keepassxc can no longer open its database

[Noel]

Package: keepassxc
Version: 2.3.4+dfsg.1-1
Severity: normal

KeepassXC leaks file handles during normal operation. After running for a few
days it exhausts the allowed file handles and cannot open the password database 
until it
is restarted. When you try to unlock KeepassXC displays a red backgrounded 
message
saying "Too many open files".

Sometimes, this is logged in /var/log/messages and keepassxc crashes:

Sep 15 12:31:00 moriarty kernel: [1819009.252670] traps: keepassxc[13185] trap 
int3 ip:7f95e9478c75 sp:7f95c65b76c0 error:0 in 
libglib-2.0.so.0.5800.3[7f95e944+7e000]
Sep 15 12:31:00 moriarty org.keepassxc.KeePassXC.desktop[28230]: 
(keepassxc:30366): GLib-ERROR **: 12:31:00.468: Creating pipes for GWakeup: Too 
many open files

$ ps -fC keepassxc
UIDPID  PPID  C STIME TTY  TIME CMD
noeld30366 28230  0 Aug31 tty2 00:01:46 keepassxc

$ ulimit -n
1024

# lsof -p 30366|wc -l
1194

lsof shows lots and lots of open FIFOs (662) plus a further 338 open timerfd
objects:

keepassxc 30366 noeld   71r FIFO   0,12  0t0  8985395 pipe
keepassxc 30366 noeld   72w FIFO   0,12  0t0  8985395 pipe
keepassxc 30366 noeld   73u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld   74r FIFO   0,12  0t0  8984435 pipe
keepassxc 30366 noeld   75w FIFO   0,12  0t0  8984435 pipe
keepassxc 30366 noeld   76u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld   77r FIFO   0,12  0t0  9003187 pipe
keepassxc 30366 noeld   78w FIFO   0,12  0t0  9003187 pipe
keepassxc 30366 noeld   79u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld   80r FIFO   0,12  0t0  9009935 pipe
keepassxc 30366 noeld   81w FIFO   0,12  0t0  9009935 pipe
keepassxc 30366 noeld   82u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld   83r FIFO   0,12  0t0  9022897 pipe
keepassxc 30366 noeld   84w FIFO   0,12  0t0  9022897 pipe
keepassxc 30366 noeld   85u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld   86r FIFO   0,12  0t0  9023162 pipe
keepassxc 30366 noeld   87w FIFO   0,12  0t0  9023162 pipe
keepassxc 30366 noeld   88u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld   89r FIFO   0,12  0t0  9023295 pipe
keepassxc 30366 noeld   90w FIFO   0,12  0t0  9023295 pipe
keepassxc 30366 noeld   91u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld   92r FIFO   0,12  0t0  9039327 pipe
keepassxc 30366 noeld   93w FIFO   0,12  0t0  9039327 pipe
keepassxc 30366 noeld   94u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld   95r FIFO   0,12  0t0  9046512 pipe
keepassxc 30366 noeld   96w FIFO   0,12  0t0  9046512 pipe
keepassxc 30366 noeld   97u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld   98r FIFO   0,12  0t0  9047996 pipe
keepassxc 30366 noeld   99w FIFO   0,12  0t0  9047996 pipe
keepassxc 30366 noeld  100u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld  101r FIFO   0,12  0t0  9048550 pipe
keepassxc 30366 noeld  102w FIFO   0,12  0t0  9048550 pipe
keepassxc 30366 noeld  103u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld  104r FIFO   0,12  0t0  9051557 pipe
keepassxc 30366 noeld  105w FIFO   0,12  0t0  9051557 pipe
keepassxc 30366 noeld  106u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld  107r FIFO   0,12  0t0  9051867 pipe
keepassxc 30366 noeld  108w FIFO   0,12  0t0  9051867 pipe
keepassxc 30366 noeld  109u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld  110r FIFO   0,12  0t0  9054205 pipe
keepassxc 30366 noeld  111w FIFO   0,12  0t0  9054205 pipe
keepassxc 30366 noeld  112u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld  113r FIFO   0,12  0t0  9059108 pipe
keepassxc 30366 noeld  114w FIFO   0,12  0t0  9059108 pipe
keepassxc 30366 noeld  115u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld  116r FIFO   0,12  0t0  9059311 pipe
keepassxc 30366 noeld  117w FIFO   0,12  0t0  9059311 pipe
keepassxc 30366 noeld  118u  a_inode   0,130 9262 
[timerfd]
keepassxc 30366 noeld  119r FIFO   0,12  0t0  9068847 pipe
keepassxc 

Bug#970349: buster-pu: package icinga2/2.10.3-2+deb10u1

[Bas Couwenberg]

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu

icinga2 is buster is affected by CVE-2020-14004 as reported in #970252.

As it was deemed no-dsa it should be fixed via stable update.

Kind Regards,

Bas
diff -Nru icinga2-2.10.3/debian/changelog icinga2-2.10.3/debian/changelog
--- icinga2-2.10.3/debian/changelog 2019-03-01 12:18:30.0 +0100
+++ icinga2-2.10.3/debian/changelog 2020-09-14 06:47:22.0 +0200
@@ -1,3 +1,12 @@
+icinga2 (2.10.3-2+deb10u1) buster; urgency=medium
+
+  * Team upload.
+  * Update branch in gbp.conf & Vcs-Git URL.
+  * Add upstream patch to fix CVE-2020-14004.
+(closes: #970252)
+
+ -- Bas Couwenberg   Mon, 14 Sep 2020 06:47:22 +0200
+
 icinga2 (2.10.3-2) unstable; urgency=medium
 
   * Team upload.
diff -Nru icinga2-2.10.3/debian/control icinga2-2.10.3/debian/control
--- icinga2-2.10.3/debian/control   2018-12-25 23:27:26.0 +0100
+++ icinga2-2.10.3/debian/control   2020-09-14 06:47:22.0 +0200
@@ -29,7 +29,7 @@
po-debconf
 Standards-Version: 4.3.0
 Vcs-Browser: https://salsa.debian.org/nagios-team/pkg-icinga2
-Vcs-Git: https://salsa.debian.org/nagios-team/pkg-icinga2.git
+Vcs-Git: https://salsa.debian.org/nagios-team/pkg-icinga2.git -b buster
 Homepage: https://icinga.com
 
 Package: icinga2
diff -Nru icinga2-2.10.3/debian/gbp.conf icinga2-2.10.3/debian/gbp.conf
--- icinga2-2.10.3/debian/gbp.conf  2018-12-12 08:10:41.0 +0100
+++ icinga2-2.10.3/debian/gbp.conf  2020-09-14 06:47:22.0 +0200
@@ -6,7 +6,7 @@
 
 # The default name for the Debian branch is "master".
 # Change it if the name is different (for instance, "debian/unstable").
-debian-branch = master
+debian-branch = buster
 
 # git-import-orig uses the following names for the upstream tags.
 # Change the value if you are not using git-import-orig
diff -Nru 
icinga2-2.10.3/debian/patches/0001-prepare-dirs-combine-mkdir-and-chmod.patch 
icinga2-2.10.3/debian/patches/0001-prepare-dirs-combine-mkdir-and-chmod.patch
--- 
icinga2-2.10.3/debian/patches/0001-prepare-dirs-combine-mkdir-and-chmod.patch   
1970-01-01 01:00:00.0 +0100
+++ 
icinga2-2.10.3/debian/patches/0001-prepare-dirs-combine-mkdir-and-chmod.patch   
2020-09-14 06:47:22.0 +0200
@@ -0,0 +1,23 @@
+Description: prepare-dirs: combine mkdir and chmod
+ Fixes CVE-2020-14004
+Author: "Alexander A. Klimov" 
+Origin: 
https://github.com/Icinga/icinga2/commit/2f0f2e8c355b75fa4407d23f85feea037d2bc4b6
+Bug: https://github.com/Icinga/icinga2/pull/8046
+
+--- a/etc/initsystem/prepare-dirs.cmake
 b/etc/initsystem/prepare-dirs.cmake
+@@ -26,12 +26,10 @@ getent group $ICINGA2_GROUP >/dev/null 2
+ getent group $ICINGA2_COMMAND_GROUP >/dev/null 2>&1 || (echo "Icinga command 
group '$ICINGA2_COMMAND_GROUP' does not exist. Exiting." && exit 6)
+ 
+ if [ ! -e "$ICINGA2_INIT_RUN_DIR" ]; then
+-  mkdir "$ICINGA2_INIT_RUN_DIR"
+-  mkdir "$ICINGA2_INIT_RUN_DIR"/cmd
++  mkdir -m 755 "$ICINGA2_INIT_RUN_DIR"
++  mkdir -m 2750 "$ICINGA2_INIT_RUN_DIR"/cmd
+ fi
+ 
+-chmod 755 "$ICINGA2_INIT_RUN_DIR"
+-chmod 2750 "$ICINGA2_INIT_RUN_DIR"/cmd
+ chown -R $ICINGA2_USER:$ICINGA2_COMMAND_GROUP "$ICINGA2_INIT_RUN_DIR"
+ 
+ test -e "$ICINGA2_LOG_DIR" || install -m 750 -o $ICINGA2_USER -g 
$ICINGA2_COMMAND_GROUP -d "$ICINGA2_LOG_DIR"
diff -Nru icinga2-2.10.3/debian/patches/series 
icinga2-2.10.3/debian/patches/series
--- icinga2-2.10.3/debian/patches/series2019-03-01 12:17:29.0 
+0100
+++ icinga2-2.10.3/debian/patches/series2020-09-14 06:47:22.0 
+0200
@@ -1,3 +1,4 @@
 21_config_changes
 postgres-checkcommand.patch
 comparepasswords_issafe.patch
+0001-prepare-dirs-combine-mkdir-and-chmod.patch

Bug#970252: [Pkg-nagios-devel] Bug#970252: Bug#970252: CVE-2020-14004

[Salvatore Bonaccorso]

Hi Sebastiaan,

On Mon, Sep 14, 2020 at 07:09:05AM +0200, Sebastiaan Couwenberg wrote:
> On 9/14/20 6:38 AM, Sebastiaan Couwenberg wrote:
> > On 9/14/20 5:41 AM, Sebastiaan Couwenberg wrote:
> >> On 9/13/20 10:39 PM, Moritz Muehlenhoff wrote:
> >>> Please see https://www.openwall.com/lists/oss-security/2020/06/12/1
> >>
> >> This is fixed upstream in:
> >>
> >>  v2.12.0 v2.11.5 v2.11.4
> >>
> >> The former is already in experimental, and the 2.11 package in unstable
> >> will be updated to .5 to have the fix as well.
> > 
> > icinga2 (2.11.5-1) has been uploaded to unstable.
> 
> The update for buster is also available:
> 
>  https://salsa.debian.org/nagios-team/pkg-icinga2/-/commits/buster
> 
> Is it alright to upload the -sa build to security-master?

This is likely a no-dsa candidate, but can you fix the issue via the
upcoming point release?

The window for uploads should be closing the upcoming weekend for
inclusion in 10.6.

Regards,
Salvatore

Bug#970282: O: python-inflect -- Generate plurals, singular nouns, ordinals, indefinite articles

[Arto Jantunen]

"Iain R. Learmonth"  writes:
> Package: wnpp
> Severity: normal
> X-Debbugs-Cc: debian-pyt...@lists.debian.org
>
> I intend to orphan the python-inflect package. This would be a good
> candidate for the Python team. It has reverse dependencies in Debian:
> python3-jaraco.itertools and sqlacodegen.
>
> The package description is:
>  The inflect Python module correctly generates plurals, singular nouns,
>  ordinals and indefinite articles. It can also convert numbers to words.

Agreed, this should be transferred to the Python team. I can be an
uploader for it (I already maintain sqlacodegen, even though it appears
to have been abandoned upstream).

-- 
Arto Jantunen

Bug#969324: mutt feature request add configure option --enable-autocrypt

[Arsen STASIC]

Dear package maintainers,

autocrypt is a cryptographic protocol for email clients aiming to simplify key 
exchange and enabling encryption on basis of OpenPGP and due to the fact that 
WoT (Web of Trust) is broken [0] since June 2019 [1] (Daniel Kahn Gillmor 
(dkg)) it's a needed feature.

These MUAs (Mail User Agents) support autocrypt already:
Thunderbird, Mailpile, Delta Chat Messenger, K-9 Mail and Mutt.

Please consider my patch.

cheers,
Arsen

[0] https://lwn.net/Articles/792366/
[1] https://dkg.fifthhorseman.net/blog/openpgp-certificate-flooding.html

Bug#905968: mdadm can assemble wrong version, when write-mostly feature used

[Felix Lechner]

Hi Ian,

> [0001-Assemble.c-Use-MD_-names-when-checking-state-for-mos.patch (text/plain, 
> inline)]

This patch applies to the version in unstable (no one bothered to
touch the '6') but it brings no functional change. I am happy to
forward it upstream. Unfortunately, I am not sure they will respond.

> [0002-Assemble.c-Do-not-disregard-write-mostly-disks.patch (text/plain, 
> inline)]

This change, which fixes your bug,  was cherry-picked from upstream
some time ago. [1] It is already available in stable (4.1-1).

[1] 
https://sources.debian.org/src/mdadm/4.1-6/debian/patches/0007-Assemble-mask-FAILFAST-and-WRITEMOSTLY-flags-when-fi.patch/

> [0003-Assemble.c-Do-not-disregard-to-be-replaced-disks.patch (text/plain, 
> inline)]

The source prompting your change was totally rewritten. Do you feel
like taking another look?

Other than that, would you be okay if I close this bug after accepting
the first patch (using string constants instead of '6')? Thanks!

Kind regards
Felix Lechner

Bug#864145: mdadm will only start root device degraded

[Felix Lechner]

Hi Felix,

> An entry in
> /etc/crypttab is created and the device is apparently unlocked as I
> don't need to enter the password after the boot process.

Do you still use this setup, and do you still have the issue?

What is in your /etc/crypttab? Do you perhaps need an offset to
preserve mdadm metadata? For example, I have 'offset=8' for an
encrypted swap partition, but it is not an mdadm device:

cryptswap /dev/mapper/optivg-swap /dev/urandom
swap,offset=8,cipher=aes-cbc-essiv:sha256,size=256,hash=ripemd160

The last suggestion is just a guess.

Kind regards
Felix Lechner

Bug#857284: mdadm: subprocess installed post-installation script returned error exit status 128

[Felix Lechner]

Hi Asensu,

> if [ ! "$DEBIAN_HAS_FRONTEND" ]; then

The postinst script was totally rewritten [1] since you filed your
bug. Do you still experience this issue?

Kind regards
Felix Lechner

[1] https://sources.debian.org/src/mdadm/4.1-6/debian/mdadm.postinst/

Bug#855871: mdadm: maximum of 27 block devices for RAID assembly

[Felix Lechner]

Hi Ian,

Thank you for the informative details in your bug report. At this
point, I am trying to figure out if your issue still exists.

> quote: "MD_SB_DISKS indicates that each software array is limited to 27
member disks."

Have you tried it with a more recent kernel?

> mdadm won't allow the v1.2 superblock type with a non-metadata array:

Or that, with a more recent version of mdadm? Thank you!

Kind regards
Felix Lechner

Bug#954816: mdadm: Debian stable system does not boot after kernel upgrade, RAID0 not activated

[Felix Lechner]

Hi Răzvan,

> systemctl status lvm2-pvscan

Are you having an interaction with device mapper facilities for RAID
(i.e. dmraid or lvm2)?

> the same system boots normally if, during boot, one chooses manually the 
> 4.19.0-6 kernel
> in grub's boot menu.

What are the kernel options for the different boot paths in GRUB, i.e.
the manual and the automatic setting?

Kind regards
Felix Lechner

Bug#966373: general: Higher version for uploads to stable and oldstable distributions

[Javier Serrano Polo]

Control: reopen -1

El dg 06 de 09 de 2020 a les 22:50 +0200, Javier Serrano Polo va
escriure:
> Otherwise, I will reopen this report.

Reopening then.

smime.p7s
Description: S/MIME cryptographic signature

Bug#970274: lintian: False positive globbing-patterns-out-of-order with *.foo wildcards

[Dmitry Shachnev]

Package: lintian
Version: 2.94.0
Severity: normal

Dear Maintainer,

In several Qt packages, we have copyright fragments like this:

Files: examples/*
Copyright: 2017-2020 The Qt Company Ltd.
License: BSD-3-clause

Files: *.qdoc
Copyright: 2015-2020 The Qt Company Ltd.
License: GFDL-NIV-1.3

Lintian complains about this:

W: qtquickcontrols2-opensource-src source: globbing-patterns-out-of-order 
examples/* *.qdoc

However, the second wildcard (*.qdoc) is there to match all *.qdoc files
in the tree, including those in examples. So it partially overrides the
previous section.

E.g. examples/quickcontrols2/gallery/doc/src/qtquickcontrols2-gallery.qdoc
has GFDL license, not BSD.

If I swap these two sections, it would be considered as BSD, which is wrong.

And I don't want to write "examples/*.qdoc" because the same section also
applies to src/*.qdoc and possibly other sub-directories containing qdoc
files.

The copyright specification says:

> Both [wildcards] match slashes (/) and leading dots, unlike shell globs.
> The pattern *.in therefore matches any file whose name ends in .in anywhere
> in the source tree, not just at the top level.

So I think my use of wildcards is valid, and Lintian tag is wrong.

--
Dmitry Shachnev


signature.asc
Description: PGP signature

Bug#970228: nemo: Can no longer copy files

[Simon McVittie]

Control: retitle -1 nemo: Can no longer copy files on zfs since GLib 2.66.x
Control: retitle 970263 glib2.0: nemo can no longer copy files on zfs since 
2.66.x

On Mon, 14 Sep 2020 at 11:19:04 +0200, Holger Schröder wrote:
> I have zfs only.

zfs implemented how? The zfs-dkms kernel module, or zfs-fuse?

I suspect this bug might be specific to zfs, or perhaps specific to
one of the implementations of zfs - I wouldn't be surprised if GLib's new
statx()-based file metadata handling works fine with in-tree filesystems
like ext4 and btrfs but behaves oddly in some way with out-of-tree zfs.

smcv

Bug#970132: rustc 1.41.1+dfsg1-1~deb10u1 flagged for acceptance

[Adam D Barratt]

package release.debian.org
tags 970132 = buster pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian buster.

Thanks for your contribution!

Upload details
==

Package: rustc
Version: 1.41.1+dfsg1-1~deb10u1

Explanation: new upstream stable release

Bug#731852: illuminate

[Service]

-- 
Wiadomo, że ILLUMINATI składa się z Multi
Milionerzy, miliarderzy, którzy mają duży wpływ na
sprawy globalne i planowanie nowego porządku świata. Wielu światowych
przywódców, prezydentów, premierów, członków rodziny królewskiej i
wyższej kadry kierowniczej jest członkami ILLUMINATI. postępuj zgodnie
z instrukcjami programu Excel w życiu. będziesz miał wiele korzyści,
po raz pierwszy w historii otwieramy nasze drzwi tym, którzy wierzą.
Jeśli chcesz dołączyć do ILLUMINATI, zarejestruj się Tekst:
johnmark4...@gmail.com
SMS WhatsApp +2348054779589

WITAJCIE W BRATRZU ..

Bug#731852: illuminate

[Service]

-- 
Wiadomo, że ILLUMINATI składa się z Multi
Milionerzy, miliarderzy, którzy mają duży wpływ na
sprawy globalne i planowanie nowego porządku świata. Wielu światowych
przywódców, prezydentów, premierów, członków rodziny królewskiej i
wyższej kadry kierowniczej jest członkami ILLUMINATI. postępuj zgodnie
z instrukcjami programu Excel w życiu. będziesz miał wiele korzyści,
po raz pierwszy w historii otwieramy nasze drzwi tym, którzy wierzą.
Jeśli chcesz dołączyć do ILLUMINATI, zarejestruj się Tekst:
johnmark4...@gmail.com
SMS WhatsApp +2348054779589

WITAJCIE W BRATRZU ..

Bug#970289: RM: python-flask-rdf -- ROM; no rdepends, no popcon

[Iain R. Learmonth]

Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: debian-pyt...@lists.debian.org

Hi,

Please remove python-flask-rdf from unstable. It has no reverse
dependencies, almost no popcon.

Python team in CC in case anyone does want to grab this and adopt it,
but I don't think it's likely enough to risk filing an O and letting it
rot unattended.

Thanks,
Iain.

Bug#965363: Fwd: Bug#965363: RFS: opencpn/5.2.0+dfsg-1 [RC] -- Open Source Chartplotter and Marine GPS Navigation Software

[Tobias Frost]

On Sun, Sep 13, 2020 at 11:19:33PM +0200, Alec Leamas wrote:
> Hi,
> 
> On Sun, 13 Sep 2020 15:27:24 +0200 Tobias Frost  wrote:
> > On Sun, Sep 13, 2020 at 02:50:43PM +0200, Tobias Frost wrote:
> > > On Sun, Sep 13, 2020 at 01:23:41PM +0200, Alec Leamas wrote:
> >
> > > So far for now…
> > 
> > More stuff. Lintian this time.
> > 
> > - Lintian overrides
> > Lintian overrides should only be used if Lintian is wrong, not to silence 
> > problems
> > (even if the problems are not actionable right now, like patches not yet 
> > forwarded)
> > So time to clean those up…
> 
> What does "being wrong" mean in this context? Just false positives? Or
> also situations like the get-orig-source or "there is no checksums"?

false positives. For example the mispelling message is on of those that
can be silenced.

The gpg signature messge is a good counter example: If there is no signature,
don't silence it.
 
> > As a bonus, after cleaning those will be fixed:
> > E: opencpn source: malformed-override Unknown tag 
> > testsuite-autopkgtest-missing in line 2
> 
> I have been a too lazy human being and not not updated my sid host.
> After doing so I see the same messages as you. This helps, but see my
> question above.

You should looking into setting up sbuild, pbuilder or some of that kind tools:
This will allow you to build in a clean enviornment without the need to have
always sid on your machine. Also it eliminates the "dirty build env" problem we
often see here.

> 
> 
> Cheers!
> --alec

Bug#968603: memcached should enable TLS by default

[Tomas Korbar]

Hi Chriss,
I'm the maintainer of memcached on Fedora and RHEL,

On Thu, 10 Sep 2020 22:58:03 - "Chris Lamb" 
wrote:
> Hi Moises,
>
> > We run the tests afterward on a dedicated machine..
>
> The question here is not when or where these tests are run - can you
> reproduce these test failures at all on this other machine? I can
> reproduce them locally here (NB. with TLS enabled during the build).
>
> If you can/cannot, sharing the test log would be a good next step.
I can not. The testsuite on Fedora does not hang. I remember a
situation similar to this. When i first enabled tls in Fedoras memcached
the testsuite hanged because test certificates had short key and
Fedora has hardened crypto environment, thus memcached crashed
during testing and suite was not prepared for that.

I can show you a test log from Fedora Rawhide where we have 1.6.7.
https://tkorbar.fedorapeople.org/test.log

I will try to install debian VM and reproduce this.

>
> > ...we do not run memcacheds test suite during build because it is
cpu
> > load dependent and not stable enough for us to rely on it during
build.
>
> As an unrelated remark, if the tests are CPU-load dependent (and
> therefore non-deterministic) I would suggest you file that as an
> upstream issue. A randomly-failing testsuite is, as I am sure you are
> aware, not good software engineering practice.
>
Yeah, i know that the suite is not ideal but i did not yet get to
handle that. It is stable on normal build machines
but if you run it on some powerful server CPU then techniques
like "sleep(0.5)" starts to fail. I will keep in mind to fix this.
> Thanks for looking into this so far.
>
> Regards,
>
> --
>   ,''`.
>  : :'  : Chris Lamb
>  `. `'`  la...@debian.org  chris-lamb.co.uk
>`-
>
>
Regards.

Bug#970276: New upstream version: 2020-07-27

[Domenico Andreoli]

Package: urjtag
Severity: wishlist

Please update to the latest release at https://sourceforge.net/projects/urjtag

Thanks,
Domenico

rsa4096: 3B10 0CA1 8674 ACBA B4FE FCD2 CE5B CF17 9960 DE13
ed25519: FFB4 0CC3 7F2E 091D F7DA 356E CC79 2832 ED38 CB05

Bug#970278: smartlist: please make the build reproducible

[Chris Lamb]

Source: smartlist
Version: 3.15-25
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: environment
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Hi,

Whilst working on the Reproducible Builds effort [0] we noticed that
smartlist could not be built reproducibly.

This is because the choplist binary contains the current user via the
LISTID define. Given that has been the build user's username for many
years (?), I suspect it makes no difference what value this actually
has, but patch attached that sets it to "list" (ie. to match the name
of uid 38).

 [0] https://reproducible-builds.org/


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
--- a/debian/patches/reproducible-build 1970-01-01 01:00:00.0 +0100
--- b/debian/patches/reproducible-build 2020-09-14 10:51:03.215780208 +0100
@@ -0,0 +1,15 @@
+Description: Make the build reproducible
+Author: Chris Lamb 
+Last-Update: 2020-09-14
+
+--- smartlist-3.15.orig/SmartList/install.sh2
 smartlist-3.15/SmartList/install.sh2
+@@ -26,7 +26,7 @@ hfile=targetdir.h
+ 
+ cat >$hfile <

Bug#970282: O: python-inflect -- Generate plurals, singular nouns, ordinals, indefinite articles

[Iain R. Learmonth]

Package: wnpp
Severity: normal
X-Debbugs-Cc: debian-pyt...@lists.debian.org

I intend to orphan the python-inflect package. This would be a good
candidate for the Python team. It has reverse dependencies in Debian:
python3-jaraco.itertools and sqlacodegen.

The package description is:
 The inflect Python module correctly generates plurals, singular nouns,
 ordinals and indefinite articles. It can also convert numbers to words.

Bug#970285: live-wrapper: please remove irl from uploaders

[Iain R. Learmonth]

Package: live-wrapper
Severity: normal

Hi,

I'm not a useful person to list in the uploaders, I have not worked on
this for a long time.

Thanks,
Iain.

Bug#970286: live-tools: please remove irl from uploaders

[Iain Learmonth]

Package: live-tools
Severity: normal

Hi,

I'm not a useful person to list in the uploaders, I have not worked on
this for a long time.

Thanks,
Iain.



signature.asc
Description: OpenPGP digital signature

Bug#970288: live-boot: please remove irl from uploaders

[Iain Learmonth]

Package: live-boot
Severity: normal

Hi,

I'm not a useful person to list in the uploaders, I have not worked on
this for a long time.

Thanks,
Iain.



signature.asc
Description: OpenPGP digital signature

Bug#970287: live-config: please remove irl from uploaders

[Iain Learmonth]

Package: live-config
Severity: normal

Hi,

I'm not a useful person to list in the uploaders, I have not worked on
this for a long time.

Thanks,
Iain.



signature.asc
Description: OpenPGP digital signature

Bug#970264: slrn cannot connect when using SSL encrypted connections

[Moritz Muehlenhoff]

On Sun, Sep 13, 2020 at 03:54:04PM -0700, Brian Murray wrote:
> Package: slrn
> Version: 1.0.3+dfsg-4
> Severity: important
> User: ubuntu-de...@lists.ubuntu.com
> Usertags: origin-ubuntu groovy
> 
> Dear Maintainer,
> 
> It is not possible to connect to a secure news server. The following
> command fails:
> 
> NNTPSERVER=snews://secure-us.news.easynews.com:8000 slrn --create
> ...
> Connecting to host secure-us.news.easynews.com ...
> Failed to initialize server
> Run-Time Error
> Reason:
> slrn fatal error:
> Failed to initialize server.
> 
> The servers for easynews listen on mutliple ports
> (https://help.easynews.com/kb/article/11-nntp-server-addresses/) but it
> is not possible to connect to any of the SSL setups. However, using
> NNTP=news.easynews.com:8000 works without error.

Can you try a local build with OpenSSL instead of GNUTLS? (by removing
the --with-gnutls in debian/rules)

As soon as OpenSSL 3.0 is released and uploaded to unstable (which has a
GPL-compatible license) I'm planning to switch slrn to OpenSSL.

Cheers,
Moritz

Bug#949985: cmake vs blender

[Mathieu Malaterre]

Control: reassign -1 src:cmake 3.15.4-1

> Package: blender
> Version: 2.81.a+dfsg-5
[...]
> https://buildd.debian.org/status/fetch.php?pkg=cmake=alpha=3.15.4-1=1579830052=0

Assuming user error, so reassigning to cmake package.

Cheers.

Bug#970275: lintian: Please allow /usr/share/gtk-doc/html without emitting package-contains-documentation-outside-usr-share-doc

[Simon McVittie]

Package: lintian
Version: 2.92.0
Severity: wishlist

Libraries that are documented using gtk-doc install documentation into
/usr/share/gtk-doc/html. This is technically part of the package's
functional interface, because higher-level libraries that depend on
a lower-level library can build-depend on the lower-level library's
documentation in order to adjust cross-references in the higher-level
library documentation to point to a local copy instead of an Internet
copy; so my interpretation of Policy §12.3 is that it would be wrong
to move this documentation into /usr/share/doc, because of this paragraph:

Packages must not require the existence of any files in
/usr/share/doc/ in order to function.[6] Any files that are used or
read by programs but are also useful as stand alone documentation
should be installed elsewhere, such as under /usr/share/package/,
and then included via symbolic links in /usr/share/doc/package.

For example, GTK has Build-Depends-Indep on GLib documentation in order
to fix cross-references to base classes like GObject and GInterface.
GTK-based GUI libraries like WebKitGTK have Build-Depends-Indep on GTK
documentation to fix cross-references to GtkWindow, and so on.

The GNOME team mostly handles this by leaving the real files that make
up the documentation in /usr/share/gtk-doc/html/mylib, and having
symbolic links like
/usr/share/doc/libmylib-{dev,doc}/html -> /usr/share/gtk-doc/html/mylib
to make it easy to discover via the usual paths. I believe this is
compatible with both the letter and the spirit of Policy.

However, it currently causes Lintian to emit
package-contains-documentation-outside-usr-share-doc. Perhaps there could
be logic like this pseudocode?

for each file outside /usr/share/doc that looks like documentation:
if there is a symlink in /usr/share/doc to the file or one of
its ancestor directories:
# assume it is used or read by programs
no tag
else:
package-contains-documentation-outside-usr-share-doc

Thanks,
smcv

Bug#578434: Bug still exists ?

[Xavier]

Control: tags -1 + moreinfo

Hi,

Could you tell me if these bugs still exists in current supported
versions of cyrus-imapd ?

Cheers,
Xavier

Bug#927449: cyrus-imapd won't start after upgrade to stretch

[Xavier]

Control: tags -1 + wontfix

Hi,

Debian Stretch entered in long-time-support. Since you found a
workaround, I think this bug will stay unfixed.

Cheers,
Xavier

Bug#970277: bookworm: manpage contains debugging information from runing binary

[Chris Lamb]

Package: bookworm
Version: 1.1.2+git20200823-1
Severity: normal
User: reproducible-bui...@lists.alioth.debian.org
Usertags: timestamps
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Hi,

The manpage contains (useless/distracting) debugging output from
the binary:

  .\" DO NOT MODIFY THIS FILE!  It was generated by help2man 1.47.16.
  .TH COM.GITHUB.BABLUBOY.BOOKWORM "1" "September 2020" 
"com.github.babluboy.bookworm 1.1.2+git20200823-1" "User Commands"
  .SH NAME
  com.github.babluboy.bookworm \- bookworm
  .SH DESCRIPTION
  (process:6854): GLib\-GIO\-DEBUG: 21:16:55.242: _g_io_module_get_default: 
Found default implementation local (GLocalVfs) for ?gio\-vfs?
  ** (process:6854): DEBUG: 21:16:55.244: bookworm.vala:128: Bookworm Install 
Directory: \fI\,/usr/share\/\fP
  ** (process:6854): DEBUG: 21:16:55.244: bookworm.vala:129: Bookworm Install 
Tasks Scripts Directory: 
\fI\,/usr/share/com.github.babluboy.bookworm/scripts/tasks\/\fP
  ** (process:6854): DEBUG: 21:16:55.244: bookworm.vala:130: Bookworm Install 
Mobi Scripts Directory: 
\fI\,/usr/share/com.github.babluboy.bookworm/scripts/mobi_lib\/\fP
  ** (process:6854): DEBUG: 21:16:55.244: bookworm.vala:131: Bookworm User Data 
Directory: /home/lamby/.local/share/com.github.babluboy.bookworm
  Usage:

I tried to remove this by setting G_DEBUG= to various values as well
as passing --info as well, but no dice. I suspect it will be easier to
resolve for someone who knows Vala / Glib.

This is also preventing the build from being reproducible.


Regards,

--
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#578434: Bug still exists ?

[Jakobus Schürz]

Hi There!

Sorry, this bug is 10 years old... i switched to dovecot years ago...
because of this bug. There are no problems with dovecot. I do not use
cyrus any more.


Am 14.09.20 um 10:47 schrieb Xavier:
> Control: tags -1 + moreinfo
>
> Hi,
>
> Could you tell me if these bugs still exists in current supported
> versions of cyrus-imapd ?
>
> Cheers,
> Xavier
>

Thank you.


Jakob

Bug#970251: [debian-mysql] Bug#970251: mysqld manual page is worthless

[Otto Kekäläinen]

Hello!

Indeed, the man mysqld (or man mariadbd) page is very brief. The
reason is probably because it is maintained manually, while the
`mysqld --verbose --help` prints out an automatic listing of all
config options.

Debian packagers don't maintain the man pages. I suggest you file this
issue upstream (e.g. https://jira.mariadb.org/) and champion it there.

Bug#970273: virtualbox-dkms: Cannot compile modules on kernel version 5.9-rc4

[Michael Ott]

Package: virtualbox-dkms
Version: 6.1.14-dfsg-3
Severity: important

Dear Maintainer,

Try to compile the modules against 5.9.rc4
and i got this error message:
/var/lib/dkms/virtualbox/6.1.14/build/vboxdrv/r0drv/linux/the-linux-kernel.h:141:11:
 fatal error: linux/smp_lock.h: No such file or directory
141 | # include 


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (710, 'unstable'), (670, 'testing'), (660, 'experimental'), (600, 
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 5.9.0-rc4-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages virtualbox-dkms depends on:
ii  dkms  2.8.3-4

Versions of packages virtualbox-dkms recommends:
ii  virtualbox  6.1.14-dfsg-3

virtualbox-dkms suggests no packages.

-- no debconf information

Bug#965363: Fwd: Bug#965363: RFS: opencpn/5.2.0+dfsg-1 [RC] -- Open Source Chartplotter and Marine GPS Navigation Software

[Alec Leamas]

On Sun, 13 Sep 2020 15:27:24 +0200 Tobias Frost  wrote:
> On Sun, Sep 13, 2020 at 02:50:43PM +0200, Tobias Frost wrote:
> > On Sun, Sep 13, 2020 at 01:23:41PM +0200, Alec Leamas wrote:

> More stuff. Lintian this time.
>
> - Lintian overrides
> Lintian overrides should only be used if Lintian is wrong, not to 
silence problems
> (even if the problems are not actionable right now, like patches not 
yet forwarded)

> So time to clean those up…
>
> As a bonus, after cleaning those will be fixed:
> E: opencpn source: malformed-override Unknown tag 
testsuite-autopkgtest-missing in line 2
> P: opencpn source: renamed-tag send-patch => 
patch-not-forwarded-upstream in line 14

>
> This override should not be using a wildcard, but exactly match the 
false postive only.

> # False positive from translations.
> spelling-error-in-binary usr/bin/opencpn *


Done, as well as some general cleanup. Nothing about patches is 
overridden, things became so much easier after updating sid thus getting 
rid of what might have been multiple lintian bugs.Still overriding 
warnings about get-orig-source and doc files used in runtime. 
Personally, I find the comments used in the override files a nice way to 
document things which looks peculiar in the package.


In the end it's a choice, I guess.


> You should looking into setting up sbuild, pbuilder or some of that 
kind tools:


> This will allow you to build in a clean enviornment without the need 
to have



I'm using cowbuilder. But then again, it must also be updated. I'm 
probably damaged  by my Fedora roots, where corresponding tools just 
sort of works. Need to learn.


Uploading a new version. Timestamp at mentors: 2020-09-14 07:53


Cheers!
--alec

Bug#914396: mupdf: Add binary for mupdf-gl

[Emmanuel Halbwachs]

Package: mupdf
Version: 1.14.0+ds1-2
Severity: wishlist

Dear maintainer,

On Fri, Nov 23, 2018 at 01:05:12PM +1300, Otis Wright wrote:
> mupdf have released a mupdf-gl version which has support for
> persistent bookmarks, a save file menu, and more, link here
> https://mupdf.com/docs/manual-mupdf-gl.html.

I would like to say that I'm equally interested to see mupdf-gl in
Debian.

> I think it's better to create a new binary package. I'll start to work
> on this after I release the 1.15.0 version.

Thank you very much for your work. I can't help you in this task but
here is some moral support to keep your motivation. :-)

Thanks again,

-- 
Emmanuel

Bug#970228: nemo: Can no longer copy files

[Simon McVittie]

Control: tags -1 + moreinfo unreproducible

On Sun, 13 Sep 2020 at 11:26:46 +0200, Holger Schröder wrote:
> Can no longer copy files with Nemo.
> 
> error when getting information for file descriptor numerical: result out of
> range

What filesystem (ext4? btrfs? FAT? NTFS? ...) are you copying from?

What filesystem are you copying to?

If you run nemo from a terminal (xterm, gnome-terminal or equivalent),
does the bug still happen?

If you run it as `strace -efile nemo`, does the bug still happen? What
output does it produce?

I was unable to reproduce this bug: nemo copies files successfully from
btrfs to btrfs for me.

Please copy and paste messages exactly, and do not rephrase them: they
are a useful tool to find what is happening.

I think this is probably a problem with GLib's new statx() support, in
gio/glocalfile.h (which is working for me, but apparently not for you).

On Mon, 14 Sep 2020 at 07:35:27 +0900, Norbert Preining wrote:
> reassign -1 libglib2.0-0

When reassigning bugs, please remember to Cc the maintainers
of the new package via their ${package}@packages.debian.org or
${package}@tracker.debian.org address.

Thanks,
smcv

Bug#970266: mount: comment=x-gvfs-show not removed from options for non-reoot user

[Martin Schwenke]

On Mon, 14 Sep 2020 08:45:04 +0200, Chris Hofstaedtler
 wrote:

> * Martin Schwenke  [200914 01:48]:
> [..]
> > I add this to /etc/fstab:
> > 
> >   //digby/flac/mnt/flac   cifs
> > noauto,user,username=guest,password=,ro,soft,vers=3,comment=x-gvfs-show 
> >  0   0
> > 
> > "mount /mnt/flac" as root works without a problem.
> >   
> [..]
> > /var/log/kern.log shows:
> > 
> >   Sep 14 09:38:05 kloof kernel: [183360.156767] CIFS: Attempting to mount 
> > //digby/flac
> >   Sep 14 09:38:05 kloof kernel: [183360.156809] CIFS: Unknown mount option 
> > "comment=x-gvfs-show"
> > 
> > So it appears that the comment is being passed to the helper, which
> > does not follow the documentation.  
> 
> Please be so kind and run this on your machine:
> 
> $ strace -ttf -bexecve -s3 mount /mnt/flac
> 
> And look for the execve() line, probably something like this:
> 
> pid 1687840] 06:42:51.534769 execve("/sbin/mount.cifs", 
> ["/sbin/mount.cifs", "/mnt/flac", "-o", ... 
> 
> Please check if comment=x-gvfs-show actually appears there.
> In my limited testing I found mount does not pass a comment=...
> option to mount.cifs.

Wow!  Correct:

  [pid 267848] 17:03:57.171924 execve("/sbin/mount.cifs",
  ["/sbin/mount.cifs", "//digby/flac", "/mnt/flac", "-o", 
"ro,noexec,nosuid,nodev,username=guest,password=,soft,vers=3,user"], 
0x7ffd9d0a9fa0 /* 42 vars */strace: Process 267848 detached

So the question is how does that option get passed to the kernel?
Surely mount.cifs doesn't re-read /etc/fstab?  Also, the problem does
not occur for root.

I might try wrapping /sbin/mount.cifs in a script to log invocations,
including arguments and parent process.  Perhaps there's a surprise I'm
not expecting (e.g. systemd?).

Wow...

peace & happiness,
martin

Bug#970228: nemo: Can no longer copy files

[Holger Schröder]

Am 14.09.20 um 11:31 schrieb Simon McVittie:

Control: retitle -1 nemo: Can no longer copy files on zfs since GLib 2.66.x
Control: retitle 970263 glib2.0: nemo can no longer copy files on zfs since 
2.66.x

On Mon, 14 Sep 2020 at 11:19:04 +0200, Holger Schröder wrote:

I have zfs only.

zfs implemented how? The zfs-dkms kernel module, or zfs-fuse?



zfs-dkms, zfs-initramfs    (zfs rootfs)

https://github.com/openzfs/zfs

As said, there is only zfs and no other file system.


dpkg -l | grep zfs
ii  libzfs2linux 0.8.4-2 amd64    
OpenZFS filesystem library for Linux
ii  zfs-dkms 0.8.4-2 all  OpenZFS 
filesystem kernel modules for Linux
ii  zfs-initramfs 0.8.4-2 all  
OpenZFS root filesystem capabilities for Linux - initramfs
ii  zfsutils-linux 0.8.4-2 amd64    
command-line tools to manage OpenZFS filesystems



...

Bug#968603: memcached should enable TLS by default

[Chris Lamb]

Hi Tomas,

> I can show you a test log from Fedora Rawhide where we have 1.6.7.
> https://tkorbar.fedorapeople.org/test.log

Thanks. Replying quickly, but I notice that "your" log does not say:

Running basic tests with TLS

This comes from upstream's Makefile.am. Are you sure you are building
and running the tests with SSL mode? The lack of this message would
suggest not and could be the reason why you are not seeing the same
crash/hang.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org  chris-lamb.co.uk
   `-

Bug#970284: flatbuffers: please backport flatbuffers to buster-backports

[Sascha Steinbiss]

Source: flatbuffers
Severity: wishlist

Dear Maintainer,

I would like to request a buster backport of flatbuffers.

Thanks and best regards
Sascha

Bug#970283: RM: gsmc -- ROM; old libs; unmaintained upstream

[Iain R. Learmonth]

Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: debian-h...@lists.debian.org

Hi,

Please remove gsmc from unstable. It depends on GTK 2 and it's unlikely
this will be ported to GTK 3.

Thanks,
Iain.

Bug#966850: iverilog: bison 3.7 fix available

[aelmahmoudy]

I think the pull request below fixes the issue: 
https://github.com/steveicarus/iverilog/pull/349

Bug#955390: Same problem here

[evilphish]

Hi,

same problem here on Debian 10.5:


Installing for x86_64-efi platform.
grub-install: warning: efivarfs_get_variable: 
open(/sys/firmware/efi/efivars/blk0-47c7b225-c42a-11d2-8e57-00a0c969723b): No 
such file or directory.
grub-install: warning: efi_get_variable: ops->get_variable failed: No such file 
or directory.
grub-install: warning: efi_va_generate_file_device_path_from_esp: could not 
open device for ESP: Bad address.
grub-install: warning: efi_generate_file_device_path_from_esp: could not 
generate File DP from ESP: Bad address.
grub-install: error: failed to register the EFI boot entry: Bad address.

@cyril: Can you point me towards the bug script that you mentioned? That way I 
can attach a log as well.

cheers
Alex


pgpsUFqpWkF3o.pgp
Description: OpenPGP digital signature

Bug#968396: wireguard-dkms: kernel module fails to build

[Cristian Ionescu-Idbohrn]

On Fri, 14 Aug 2020, Thomas K. wrote:
> 
> Package: wireguard-dkms
> Version: 0.0.20200128-1
> Severity: normal

I'm in the same boat (almost).  Also raspbian.

Package: wireguard-dkms
Version: 0.0.20200318-1~bpo10+1

I'd set the Severity: important, as the bug makes the package unusable 
for me.

# uname -a
Linux raspberrypi3 5.4.51-v7+ #1333 SMP Mon Aug 10 16:45:19 BST 2020 armv7l 
GNU/Linux

I found a hack here:

https://www.spinics.net/lists/linux-fsdevel/msg165431.html

Applying it:

--- /usr/src/wireguard-0.0.20200318/queueing.h.orig 2020-03-28 
13:12:04.0 +0100
+++ /usr/src/wireguard-0.0.20200318/queueing.h  2020-09-14 11:56:12.063773807 
+0200
@@ -103,7 +103,8 @@
skb->dev = NULL;
 #ifdef CONFIG_NET_SCHED
skb->tc_index = 0;
-   skb_reset_tc(skb);
+   skb_reset_redirect(skb);
 #endif
skb->hdr_len = skb_headroom(skb);
skb_reset_mac_header(skb);

makes it at least build clean.  Did not yet test if it's actually 
usable, though.



Cheers,

-- 
Cristian

Bug#970228: nemo: Can no longer copy files

[Holger Schröder]

Am 14.09.20 um 10:09 schrieb Simon McVittie:

Control: tags -1 + moreinfo unreproducible

On Sun, 13 Sep 2020 at 11:26:46 +0200, Holger Schröder wrote:

Can no longer copy files with Nemo.

error when getting information for file descriptor numerical: result out of
range

What filesystem (ext4? btrfs? FAT? NTFS? ...) are you copying from?

What filesystem are you copying to?


I have zfs only.




If you run nemo from a terminal (xterm, gnome-terminal or equivalent),
does the bug still happen?


Terminal no error output.




If you run it as `strace -efile nemo`, does the bug still happen? What
output does it produce?


I will give it later tonight when I am at home.


...

Bug#871921: Problem will stay unfixed

[Xavier]

Control: tags -1 + wontfix

Hi,

sadly Debian 9 is LTS, so this bug will stay unfixed. You could perhaps
upgrade your system to Debian/10 (cyrus-imapd 3.0.8 + backports availables)?

Cheers (and sorry),
Xavier (new cyrus-imapd maintainer)

Bug#970279: O: nutsqlite -- Dietary nutrition analysis software

[Iain R. Learmonth]

Package: wnpp
Severity: normal
X-Debbugs-Cc: debian-...@lists.debian.org

I intend to orphan the nutsqlite package. I've not used this package for
years. The upstream has generally been helpful.

The package description is:
 NUTsqlite uses the USDA database and stores this along with your personal data
 in a portable SQLite database allowing you to perform analysis and plan for
 your nutrition. Features include:
 .
  * The complete USDA database, your personal data, and the program code all
stored in a portable SQLite database
  * Foods easy to find and add to daily meals
  * Configurable for 1-19 meals per day and any dietary plan--including
ketogenic, low carb, zone, low fat
  * Comprehensive meal analysis for any number of consecutive meals
  * Presents both easy-to-read percentage summaries and in-depth nutrient
analysis, including Omega-3 and Omega-6 essential fatty acids
  * Foods can be weighed in grams or ounces
  * Includes novel meal planning feature: you choose the food, NUT adjusts the
quantities to your plan
  * Calorie Auto-Set feature uses linear regression on daily scale measurements
of weight and body fat percentage to find optimal calorie level for
improved body composition
  * Allows recording of recipes and customary meals for fast data entry
  * Sorts foods richest in each of the 150 nutrients
  * Reveals which foods contribute most to user's nutrition

If you do take this on, you might want to look at splitting out the data
from the application to reduce the size of the arch specific binaries,
and maybe even (if possible) encourage reuse of the data across
applications (the USDA database in particular).

Thanks,
Iain.

Bug#970280: RM: lysdr -- ROM; unmaintained upstream; low popcon; alternatives exist

[Iain R. Learmonth]

Package: ftp.debian.org
Severity: normal
X-Debbugs-Cc: debian-h...@lists.debian.org

Hi,

There are piling up "libraries going away" bugs on this one. Upstream
does not have new releases. We have plenty of alternative SDR
applications in Debian.

Please remove lysdr from unstable.

Thanks,
Iain.

Bug#970281: O: zshdb -- debugger for Z-Shell scripts

[Iain R. Learmonth]

Package: wnpp
Severity: normal
X-Debbugs-Cc: pkg-zsh-de...@lists.alioth.debian.org

Hi,

I intend to orphan the zshdb package. I've not used it in years.

The popcon is low, I would support an RM if the Zsh maintainers don't
want to adopt this. bashdb, of which this is a port, was removed from
Debian by RoQA and has not been reintroduced.

The package description is:
 A zsh script to which arranges for another zsh script to be debugged. zshdb is
 a port of bashdb, a similar debugger for bash scripts, to zsh. The command
 syntax generally follows that of the trepanning debuggers and, more generally,
 GNU debugger gdb.

Thanks,
Iain.

Bug#970293: ax25-apps: please remove irl from uploaders

[Iain R. Learmonth]

Package: ax25-apps
Version: 0.0.8-rc5+git20190411+0ff1383-2
Severity: normal
X-Debbugs-Cc: debian-h...@lists.debian.org

Hi,

I think I've done all I'm going to do for these packages. The
effort/reward ratio is for me just not there. Please remove me from the
uploaders list on the next upload.

I'd like to thanks Francois for coming in recently and doing an upload
here, I hope that's something that continues.

Thanks,
Iain.

Bug#970084: corosync: Corosync becomes unresponsive and disconnects from the rest of the cluster when primary link is lost

[Valentin Vidic]

On Mon, Sep 14, 2020 at 01:35:24PM +0200, Dominik Klein wrote:
> we installed libknet1 from buster-backports and this fixed the described
> problem.

Great, thanks for confirming this is a knet issue.

-- 
Valentin

Bug#970295: gnome-shell: JS ERROR: TypeError: null has no properties

[tkoeck]

Package: gnome-shell
Version: 3.36.5-1
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

journalctl output

Aug 18 16:40:29 tron-nb gnome-shell[3018]: JS ERROR: TypeError: null has no 
properties
   
_onFocusChanged@resource:///org/gnome/shell/ui/closeDialog.js:135:9
   
reset@resource:///org/gnome/shell/ui/viewSelector.js:452:26
   
show@resource:///org/gnome/shell/ui/viewSelector.js:275:14
   
_animateVisible@resource:///org/gnome/shell/ui/overview.js:580:27
   
show@resource:///org/gnome/shell/ui/overview.js:566:14
   
toggle@resource:///org/gnome/shell/ui/overview.js:689:18
   
_initializeUI/<@resource:///org/gnome/shell/ui/main.js:220:22
Aug 18 16:40:29 tron-nb gnome-shell[3018]: JS ERROR: TypeError: null has no 
properties
   
_onFocusChanged@resource:///org/gnome/shell/ui/closeDialog.js:135:9
   
reset@resource:///org/gnome/shell/ui/viewSelector.js:452:26
   
show@resource:///org/gnome/shell/ui/viewSelector.js:275:14
   
_animateVisible@resource:///org/gnome/shell/ui/overview.js:580:27


*** End of the template - remove these template lines ***


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.8.0-1-amd64 (SMP w/16 CPU threads)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnome-shell depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.36.0-1
ii  evolution-data-server3.36.4-1
ii  gir1.2-accountsservice-1.0   0.6.55-3
ii  gir1.2-atspi-2.0 2.36.1-1
ii  gir1.2-freedesktop   1.64.1-1
ii  gir1.2-gcr-3 3.36.0-2
ii  gir1.2-gdesktopenums-3.0 3.36.1-1
ii  gir1.2-gdm-1.0   3.36.2-1
ii  gir1.2-geoclue-2.0   2.5.6-1
ii  gir1.2-glib-2.0  1.64.1-1
ii  gir1.2-gnomebluetooth-1.03.34.1-1
ii  gir1.2-gnomedesktop-3.0  3.36.4-1
ii  gir1.2-gtk-3.0   3.24.23-1
ii  gir1.2-gweather-3.0  3.36.1-1
ii  gir1.2-ibus-1.0  1.5.22-5
ii  gir1.2-mutter-6  3.36.5-1
ii  gir1.2-nm-1.01.26.2-1
ii  gir1.2-nma-1.0   1.8.30-1
ii  gir1.2-pango-1.0 1.46.1-1
ii  gir1.2-polkit-1.00.105-29
ii  gir1.2-rsvg-2.0  2.48.8+dfsg-1
ii  gir1.2-soup-2.4  2.70.0-1
ii  gir1.2-upowerglib-1.00.99.11-2
ii  gjs  1.64.3-1
ii  gnome-backgrounds3.36.0-1
ii  gnome-settings-daemon3.36.1-1
ii  gnome-shell-common   3.36.5-1
ii  gsettings-desktop-schemas3.36.1-1
ii  libatk-bridge2.0-0   2.34.1-3
ii  libatk1.0-0  2.36.0-2
ii  libc62.31-3
ii  libcairo21.16.0-4
ii  libecal-2.0-13.36.4-1
ii  libedataserver-1.2-243.36.4-1
ii  libgcr-base-3-1  3.36.0-2
ii  libgdk-pixbuf2.0-0   2.40.0+dfsg-5
ii  libgirepository-1.0-11.64.1-1
ii  libgjs0g 1.64.3-1
ii  libgles2 1.3.2-1
ii  libglib2.0-0 2.66.0-1
ii  libglib2.0-bin   2.66.0-1
ii  libgnome-autoar-0-0  0.2.4-2
ii  libgnome-desktop-3-193.36.4-1
ii  libgraphene-1.0-01.10.2-1
ii  libgstreamer1.0-01.16.2-2
ii  libgtk-3-0   3.24.23-1
ii  libical3 3.0.8-2
ii  libjson-glib-1.0-0   1.4.4-2
ii  libmutter-6-03.36.5-1
ii  libnm0   1.26.2-1
ii  libpango-1.0-0   1.46.1-1
ii  

Bug#970313: slib: syntax error loading mzscheme.init

[Nick Gasson]

Package: slib
Version: 3b6-1
Severity: normal

Dear Maintainer,

Welcome to Racket v7.8.
> (load "/usr/share/slib/mzscheme.init")
; /usr/share/slib/mzscheme.init:307:6: if: missing an "else" expression
;   in: (if (provided? (quote trace)) (print-call-stack cep))
; [,bt for context]
> 

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.7.0-3-amd64 (SMP w/12 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages slib depends on:
ii  dpkg1.19.7
ii  install-info6.7.0.dfsg.2-5
ii  sensible-utils  0.0.12+nmu1

slib recommends no packages.

slib suggests no packages.

-- no debconf information

Bug#970084: corosync: Corosync becomes unresponsive and disconnects from the rest of the cluster when primary link is lost

[Dominik Klein]

Hi

we installed libknet1 from buster-backports and this fixed the described
problem.

Thank you very much

On Fri, Sep 11, 2020 at 12:00 PM Valentin Vidic  wrote:

> On Fri, Sep 11, 2020 at 11:45:54AM +0200, Valentin Vidic wrote:
> > This might be a knet problem. Can you test if just installing knet
> > libs from backports with corosync 3.0.1-2+deb10u1 solves the issue
> > you are seeing?
>
> Also knet update for buster has not been approved yet, but can be
> tracked here:
>
>   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950488
>
> --
> Valentin
>

Bug#970302: icingaweb2-module-idoreports - Reports for ldo datatbase

[David Kunz]

Package: wnpp
Owner: david.k...@dknet.ch

* Package name    : icingaweb2-module-idoreports
  Upstream Author : Icinga Development Team 
* License : GPL-2
  Description : Reports for ldo datatbase

  Icinga Web 2 is a very modular, fast and simple web interface for
  your Icinga monitoring environment.
  .
  Host and service availability reports for ido database.

Greetings,
David

Bug#970017: README.Debian refers to the obsolete AllowSupplementaryGroups option for clamav-daemon

[Charles Goyard]

Package: amavisd-new
Version: 1:2.11.0-6.1
Followup-For: Bug #970017

By adding the clamav to the amavis group, things work.

Please find attached a patch that updates the documentation with this
respect.


(It's my first time with reportbug, please forgive any mistakes in the
format)

Thanks,

-- 
Charles
diff -u -r old/debian/README.Debian new/debian/README.Debian
--- old/debian/README.Debian2020-03-21 23:34:14.0 +0100
+++ new/debian/README.Debian2020-09-14 15:43:30.454032954 +0200
@@ -72,12 +72,10 @@
 /usr/share/amavis/conf.d/20-package. To enable them, edit
 /etc/amavis/conf.d/15-content_filter_mode.
 
-If you use clamav-daemon, make sure that it is configured to init supplementary
-groups when it drops privileges, and that you add the clamav user to the
-amavis group: add AllowSupplementaryGroups to /etc/clamav/clamd.conf if it is
-not there yet, and run "adduser clamav amavis" as root. The preferred method
-for using other virus scanners which run as a different unprivileged user is to
-change their primary group to amavis (you can change this with "usermod -g").
+If you use clamav-daemon, add the clamav user to the amavis group by running
+"adduser clamav amavis" as root. The preferred method for using other virus
+scanners which run as a different unprivileged user is to change their primary
+group to amavis (you can change this with "usermod -g").
 
 If you use spamassassin with the Bayes database system, you should make sure
 that the spamassassin configuration option "bayes_auto_expire 0" is set in

Bug#970305: dh-autoreconf: support -Wl,--whole-archive in libtool

[Luca Boccassi]

Package: dh-autoreconf
Version: 19
Tags: patch
X-Debbugs-CC: pkg-dpdk-de...@lists.alioth.debian.org

Dear Maintainer(s),

dh-autoreconf provides an --as-needed option to allow packages to use
-Wl,---as-needed with libtool, since libtool otherwise reorders the
flags and breaks compilation.

The same reordering problem affects programs building with --whole-
archive, in the exact same way. I've come across this when building
src:openvswitch with src:dpdk.

I have opened an MR on Salsa to add a --whole-archive autoreconf option
that works exactly as --as-needed to fix this. It fixes the build of
openvswitch with a new version of dpdk that is in development.

https://salsa.debian.org/debian/dh-autoreconf/-/merge_requests/2

Thanks!

-- 
Kind regards,
Luca Boccassi


signature.asc
Description: This is a digitally signed message part

Bug#970306: unused-license-paragraph-in-dep5-copyright is a false positive when "+" is involved

[Julien Puydt]

Package: lintian
Version: 2.14.0
Severity: minor

I get many unused-license-paragraph-in-dep5-copyright I:-type messages
from lintian, because the paragraphs in question are License: foo and
used as License: foo+. Lintian should see that it's compatible and
accept it.

I hope that helps,

JP

Bug#970310: slib: Incorrect hard-coded path in chez.init

[Nick Gasson]

Package: slib
Version: 3b6-1
Severity: normal

Dear Maintainer,

$ chezscheme
Chez Scheme Version 9.5
Copyright 1984-2017 Cisco Systems, Inc.

> (load "/usr/share/slib/chez.init")
Exception in load: failed for /usr/local/lib/slib/require.scm: no such file or 
directory
Type (debug) to enter the debugger.

The file name should be corrected to the Debian install directory under
/usr/share/slib.

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (650, 'testing'), (600, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.7.0-3-amd64 (SMP w/12 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages slib depends on:
ii  dpkg1.19.7
ii  install-info6.7.0.dfsg.2-5
ii  sensible-utils  0.0.12+nmu1

slib recommends no packages.

slib suggests no packages.

-- no debconf information

Bug#970290: RM: paris-traceroute -- ROM; unmaintained upstream; ftbfs on gcc 10

[Iain R. Learmonth]

Package: ftp.debian.org
Severity: normal

Hi,

This is unmaintained upstream, and it turns out that every time this has
run and not segfaulted has been pure luck. Bugs I filed in 2016 have
gone unanswered.

Also discussed with acute@d.o, and she agrees.

Thanks,
Iain.

Bug#970294: libax25: please remove irl from uploaders

[Iain Learmonth]

Package: libax25
Severity: normal
X-Debbugs-Cc: debian-h...@lists.debian.org

Hi,

I think I've done all I'm going to do for these packages. The
effort/reward ratio is for me just not there. Please remove me from the
uploaders list on the next upload.

Thanks,
Iain.



signature.asc
Description: OpenPGP digital signature

Bug#970304: libdrm: FTBFS on kfreebsd-any

[Svante Signell]

Source: libdrm
Version: 2.4.102-1
Severity: important
Tags: ftbfs, patch
User: debian-k...@lists.debian.org
Usertags: kfreebsd

Hello,

Currently libdrm FTBFS GNU/kFreeBSD (and GNU/Hurd) due to usage of
#elif __FreeBSD__ instead of #elif defined(__FreeBSD__) in xf86drm.c.

Attached is a patch to fix this: xf86drm.c.diff. For completeness all
entries of #ifdef __linux__ are also replaced by #if
defined(__linux__), and similar for ifdef __FreeBSD__. This patch is
enough to make libdrm build properly on kfreebsd-any.

Patches for Hurd together with fixes for PATH_MAX issues will be added
to bug report #909436. 

Thanks!
Index: libdrm-2.4.102/xf86drm.c
===
--- libdrm-2.4.102.orig/xf86drm.c
+++ libdrm-2.4.102/xf86drm.c
@@ -491,7 +491,7 @@ drm_public int drmAvailable(void)
 int   fd;
 
 if ((fd = drmOpenMinor(0, 1, DRM_NODE_PRIMARY)) < 0) {
-#ifdef __linux__
+#if defined(__linux__)
 /* Try proc for backward Linux compatibility */
 if (!access("/proc/dri/0", R_OK))
 return 1;
@@ -524,7 +524,7 @@ static int drmGetMinorBase(int type)
 
 static int drmGetMinorType(int major, int minor)
 {
-#ifdef __FreeBSD__
+#if defined(__FreeBSD__)
 char name[SPECNAMELEN];
 int id;
 
@@ -688,7 +688,7 @@ static int drmOpenByName(const char *nam
 }
 }
 
-#ifdef __linux__
+#if defined(__linux__)
 /* Backward-compatibility /proc support */
 for (i = 0; i < 8; i++) {
 char proc_name[64], buf[512];
@@ -2775,7 +2775,7 @@ drm_public int drmIsMaster(int fd)
 
 drm_public char *drmGetDeviceNameFromFd(int fd)
 {
-#ifdef __FreeBSD__
+#if defined(__FreeBSD__)
 struct stat sbuf;
 int maj, min;
 int nodetype;
@@ -2815,14 +2815,14 @@ drm_public char *drmGetDeviceNameFromFd(
 
 static bool drmNodeIsDRM(int maj, int min)
 {
-#ifdef __linux__
+#if defined(__linux__)
 char path[64];
 struct stat sbuf;
 
 snprintf(path, sizeof(path), "/sys/dev/char/%d:%d/device/drm",
  maj, min);
 return stat(path, ) == 0;
-#elif __FreeBSD__
+#elif defined(__FreeBSD__)
 char name[SPECNAMELEN];
 
 if (!devname_r(makedev(maj, min), S_IFCHR, name, sizeof(name)))
@@ -2894,7 +2894,7 @@ drm_public int drmPrimeFDToHandle(int fd
 
 static char *drmGetMinorNameForFD(int fd, int type)
 {
-#ifdef __linux__
+#if defined(__linux__)
 DIR *sysdir;
 struct dirent *ent;
 struct stat sbuf;
@@ -2935,7 +2935,7 @@ static char *drmGetMinorNameForFD(int fd
 
 closedir(sysdir);
 return NULL;
-#elif __FreeBSD__
+#elif defined(__FreeBSD__)
 struct stat sbuf;
 char dname[SPECNAMELEN];
 const char *mname;
@@ -2998,7 +2998,7 @@ static char *drmGetMinorNameForFD(int fd
 return NULL;
 
 n = snprintf(buf, sizeof(buf), dev_name, DRM_DIR_NAME, min);
-if (n == -1 || n >= sizeof(buf))
+if (n == -1 || n >= (int)sizeof(buf))
 return NULL;
 
 return strdup(buf);
@@ -3015,7 +3015,7 @@ drm_public char *drmGetRenderDeviceNameF
 return drmGetMinorNameForFD(fd, DRM_NODE_RENDER);
 }
 
-#ifdef __linux__
+#if defined(__linux__)
 static char * DRM_PRINTFLIKE(2, 3)
 sysfs_uevent_get(const char *path, const char *fmt, ...)
 {
@@ -3062,7 +3062,7 @@ sysfs_uevent_get(const char *path, const
 /* Little white lie to avoid major rework of the existing code */
 #define DRM_BUS_VIRTIO 0x10
 
-#ifdef __linux__
+#if defined(__linux__)
 static int get_subsystem_type(const char *device_path)
 {
 char path[PATH_MAX + 1] = "";
@@ -3101,7 +3101,7 @@ static int get_subsystem_type(const char
 
 static int drmParseSubsystemType(int maj, int min)
 {
-#ifdef __linux__
+#if defined(__linux__)
 char path[PATH_MAX + 1] = "";
 char real_path[PATH_MAX + 1] = "";
 int subsystem_type;
@@ -3128,7 +3128,7 @@ static int drmParseSubsystemType(int maj
 #endif
 }
 
-#ifdef __linux__
+#if defined(__linux__)
 static void
 get_pci_path(int maj, int min, char *pci_path)
 {
@@ -3146,7 +3146,7 @@ get_pci_path(int maj, int min, char *pci
 }
 #endif
 
-#ifdef __FreeBSD__
+#if defined(__FreeBSD__)
 static int get_sysctl_pci_bus_info(int maj, int min, drmPciBusInfoPtr info)
 {
 char dname[SPECNAMELEN];
@@ -3208,7 +3208,7 @@ static int get_sysctl_pci_bus_info(int m
 
 static int drmParsePciBusInfo(int maj, int min, drmPciBusInfoPtr info)
 {
-#ifdef __linux__
+#if defined(__linux__)
 unsigned int domain, bus, dev, func;
 char pci_path[PATH_MAX + 1], *value;
 int num;
@@ -3255,7 +3255,7 @@ static int drmParsePciBusInfo(int maj, i
 info->func = pinfo.func;
 
 return 0;
-#elif __FreeBSD__
+#elif defined(__FreeBSD__)
 return get_sysctl_pci_bus_info(maj, min, info);
 #else
 #warning "Missing implementation of drmParsePciBusInfo"
@@ -3317,7 +3317,7 @@ static int drmGetMaxNodeName(void)
3 /* length of the node number */;
 }
 
-#ifdef __linux__
+#if defined(__linux__)
 static int parse_separate_sysfs_files(int maj, int min,
   

Bug#970307: buster-pu: package node-mysql/2.16.0-1+deb10u1

[Xavier Guimard]

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu

[ Reason ]
node-mysql is vulnerable to CVE-2019-14939 (#934712)

[ Impact ]
Default "LOAD DATA LOCAL INFILE" is too permissive

[ Tests ]
Sadly tests were not enabled in buster

[ Risks ]
Patch is exactly upstream one, seems low risky (it just adds a new
option)

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
Add a `localInfile` option that permits to change default LOCAL_FILES
flag
diff --git a/debian/changelog b/debian/changelog
index 8717915..a67cec7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+node-mysql (2.16.0-1+deb10u1) buster; urgency=medium
+
+  * Team upload
+  * Add localInfile option to control LOAD DATA LOCAL INFILE
+(Closes: #934712, CVE-2019-14939)
+
+ -- Xavier Guimard   Mon, 14 Sep 2020 15:57:57 +0200
+
 node-mysql (2.16.0-1) unstable; urgency=medium
 
   * Team upload
diff --git a/debian/patches/CVE-2019-14939.patch 
b/debian/patches/CVE-2019-14939.patch
new file mode 100644
index 000..8fe1dc7
--- /dev/null
+++ b/debian/patches/CVE-2019-14939.patch
@@ -0,0 +1,312 @@
+Description: Add localInfile option to control LOAD DATA LOCAL INFILE
+Author: Douglas Christopher Wilson 
+Origin: upstream, https://github.com/mysqljs/mysql/commit/337e87ae
+Bug: https://github.com/mysqljs/mysql/issues/2257
+Bug-Debian: https://bugs.debian.org/934712
+Forwarded: not-needed
+Reviewed-By: Xavier Guimard 
+Last-Update: 2020-09-14
+
+--- a/Readme.md
 b/Readme.md
+@@ -229,6 +229,7 @@
+ * `trace`: Generates stack traces on `Error` to include call site of library
+entrance ("long stack traces"). Slight performance penalty for most calls.
+(Default: `true`)
++* `localInfile`: Allow `LOAD DATA INFILE` to use the `LOCAL` modifier. 
(Default: `true`)
+ * `multipleStatements`: Allow multiple mysql statements per query. Be careful
+   with this, it could increase the scope of SQL injection attacks. (Default: 
`false`)
+ * `flags`: List of connection flags to use other than the default ones. It is
+@@ -1362,7 +1363,8 @@
+ - `FOUND_ROWS` - Send the found rows instead of the affected rows as 
`affectedRows`.
+ - `IGNORE_SIGPIPE` - Old; no effect.
+ - `IGNORE_SPACE` - Let the parser ignore spaces before the `(` in queries.
+-- `LOCAL_FILES` - Can use `LOAD DATA LOCAL`.
++- `LOCAL_FILES` - Can use `LOAD DATA LOCAL`. This flag is controlled by the 
connection
++  option `localInfile`. (Default on)
+ - `LONG_FLAG`
+ - `LONG_PASSWORD` - Use the improved version of Old Password Authentication.
+ - `MULTI_RESULTS` - Can handle multiple resultsets for COM_QUERY.
+--- a/lib/ConnectionConfig.js
 b/lib/ConnectionConfig.js
+@@ -33,6 +33,9 @@
+   this.ssl= (typeof options.ssl === 'string')
+ ? ConnectionConfig.getSSLProfile(options.ssl)
+ : (options.ssl || false);
++  this.localInfile= (options.localInfile === undefined)
++? true
++: options.localInfile;
+   this.multipleStatements = options.multipleStatements || false;
+   this.typeCast   = (options.typeCast === undefined)
+ ? true
+@@ -114,6 +117,11 @@
+ '+TRANSACTIONS'   // Expects status flags
+   ];
+ 
++  if (options && options.localInfile !== undefined && !options.localInfile) {
++// Disable LOCAL modifier for LOAD DATA INFILE
++defaultFlags.push('-LOCAL_FILES');
++  }
++
+   if (options && options.multipleStatements) {
+ // May send multiple statements per COM_QUERY and COM_STMT_PREPARE
+ defaultFlags.push('+MULTI_STATEMENTS');
+--- a/lib/protocol/packets/EmptyPacket.js
 b/lib/protocol/packets/EmptyPacket.js
+@@ -2,5 +2,8 @@
+ function EmptyPacket() {
+ }
+ 
++EmptyPacket.prototype.parse = function parse() {
++};
++
+ EmptyPacket.prototype.write = function write() {
+ };
+--- /dev/null
 b/lib/protocol/packets/LocalInfileRequestPacket.js
+@@ -0,0 +1,21 @@
++module.exports = LocalInfileRequestPacket;
++function LocalInfileRequestPacket(options) {
++  options = options || {};
++
++  this.filename = options.filename;
++}
++
++LocalInfileRequestPacket.prototype.parse = function parse(parser) {
++  if (parser.parseLengthCodedNumber() !== null) {
++var err  = new TypeError('Received invalid field length');
++err.code = 'PARSER_INVALID_FIELD_LENGTH';
++throw err;
++  }
++
++  this.filename = parser.parsePacketTerminatedString();
++};
++
++LocalInfileRequestPacket.prototype.write = function write(writer) {
++  writer.writeLengthCodedNumber(null);
++  writer.writeString(this.filename);
++};
+--- a/lib/protocol/packets/ResultSetHeaderPacket.js
 b/lib/protocol/packets/ResultSetHeaderPacket.js
+@@ -3,23 +3,12 @@
+   options = options || {};
+ 
+   this.fieldCount = options.fieldCount;
+-  this.extra  = options.extra;
+ }
+ 
+ 

Bug#970242: debian-history: The current DPL info is outdated, please update

[Boyuan Yang]

Hi,

在 2020-09-13星期日的 22:01 -0600，Bdale Garbee写道：
> Boyuan Yang  writes:
> 
> > Let me know if it's okay for me to make a quick 0-day NMU and fix
> > this
> > info
> 
> Yes.

Thanks. Fix is uploaded and git commit pushed onto repository.

Best,
Boyuan Yang

Bug#968603: memcached should enable TLS by default

[Tomas Korbar]

You are right. It was not tested the same way as you do it,
but still i think that tls tests were executed for reasons which
are unrelated to this issue. I reproduced your test log bug i'm
still not encountering any issue on Fedora-rawhide neither
debian unstable. But unfortunately i do not have a powerful
debian machine so maybe i do not encounter some race condition
that you do. This can be possibly related to your package
build process. I will try to reproduce it with rebuild of your source
package
from https://packages.debian.org/source/sid/memcached
Thanks for cooperation.

On Mon, Sep 14, 2020 at 12:16 PM Chris Lamb  wrote:

> Hi Tomas,
>
> > I can show you a test log from Fedora Rawhide where we have 1.6.7.
> > https://tkorbar.fedorapeople.org/test.log
>
> Thanks. Replying quickly, but I notice that "your" log does not say:
>
> Running basic tests with TLS
>
> This comes from upstream's Makefile.am. Are you sure you are building
> and running the tests with SSL mode? The lack of this message would
> suggest not and could be the reason why you are not seeing the same
> crash/hang.
>
>
> Regards,
>
> --
>   ,''`.
>  : :'  : Chris Lamb
>  `. `'`  la...@debian.org  chris-lamb.co.uk
>`-
>
>

Bug#970296: Attach patch

[Lisandro Damián Nicanor Pérez Meyer]

Hi! I'm now attaching the debdiff patch.

-- 
Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/
diff -Nru qtbase-opensource-src-5.11.3+dfsg1/debian/changelog qtbase-opensource-src-5.11.3+dfsg1/debian/changelog
--- qtbase-opensource-src-5.11.3+dfsg1/debian/changelog	2020-01-30 10:42:01.0 -0300
+++ qtbase-opensource-src-5.11.3+dfsg1/debian/changelog	2020-09-14 09:15:20.0 -0300
@@ -1,3 +1,15 @@
+qtbase-opensource-src (5.11.3+dfsg1-1+deb10u4) buster; urgency=medium
+
+  [ Dmitry Shachnev ]
+  * Backport upstream patch to fix buffer overflow in XBM parser
+(CVE-2020-17507, closes: #968444).
+
+  [ Lisandro Damián Nicanor Pérez Meyer ]
+  * Backport XCB_Fix_clipboard_breaking_when_timer_wraps_after_50_days.patch
+(Closes: #961293). Thanks Nicolás for pointing us to the bug fix.
+
+ -- Lisandro Damián Nicanor Pérez Meyer   Mon, 14 Sep 2020 09:15:20 -0300
+
 qtbase-opensource-src (5.11.3+dfsg1-1+deb10u3) buster-security; urgency=high
 
   [ Dmitry Shachnev ]
diff -Nru qtbase-opensource-src-5.11.3+dfsg1/debian/patches/CVE-2020-17507.diff qtbase-opensource-src-5.11.3+dfsg1/debian/patches/CVE-2020-17507.diff
--- qtbase-opensource-src-5.11.3+dfsg1/debian/patches/CVE-2020-17507.diff	1969-12-31 21:00:00.0 -0300
+++ qtbase-opensource-src-5.11.3+dfsg1/debian/patches/CVE-2020-17507.diff	2020-09-04 18:08:50.0 -0300
@@ -0,0 +1,21 @@
+Description: fix buffer overflow in XBM parser
+Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=1616c71921b73b22
+Last-Update: 2020-08-18
+
+---
+ src/gui/image/qxbmhandler.cpp |4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/src/gui/image/qxbmhandler.cpp
 b/src/gui/image/qxbmhandler.cpp
+@@ -154,7 +154,9 @@ static bool read_xbm_body(QIODevice *dev
+ w = (w+7)/8;// byte width
+ 
+ while (y < h) {// for all encoded bytes...
+-if (p) {// p = "0x.."
++if (p && p < (buf + readBytes - 3)) {  // p = "0x.."
++if (!isxdigit(p[2]) || !isxdigit(p[3]))
++return false;
+ *b++ = hex2byte(p+2);
+ p += 2;
+ if (++x == w && ++y < h) {
diff -Nru qtbase-opensource-src-5.11.3+dfsg1/debian/patches/series qtbase-opensource-src-5.11.3+dfsg1/debian/patches/series
--- qtbase-opensource-src-5.11.3+dfsg1/debian/patches/series	2020-01-30 10:42:01.0 -0300
+++ qtbase-opensource-src-5.11.3+dfsg1/debian/patches/series	2020-09-04 18:08:50.0 -0300
@@ -10,6 +10,8 @@
 repolish_run_on_direct_children.diff
 CVE-2020-0569.diff
 CVE-2020-0570.diff
+XCB_Fix_clipboard_breaking_when_timer_wraps_after_50_days.patch
+CVE-2020-17507.diff
 
 # Debian specific.
 gnukfreebsd.diff
diff -Nru qtbase-opensource-src-5.11.3+dfsg1/debian/patches/XCB_Fix_clipboard_breaking_when_timer_wraps_after_50_days.patch qtbase-opensource-src-5.11.3+dfsg1/debian/patches/XCB_Fix_clipboard_breaking_when_timer_wraps_after_50_days.patch
--- qtbase-opensource-src-5.11.3+dfsg1/debian/patches/XCB_Fix_clipboard_breaking_when_timer_wraps_after_50_days.patch	1969-12-31 21:00:00.0 -0300
+++ qtbase-opensource-src-5.11.3+dfsg1/debian/patches/XCB_Fix_clipboard_breaking_when_timer_wraps_after_50_days.patch	2020-09-04 18:08:50.0 -0300
@@ -0,0 +1,47 @@
+From 036fe49580d7470eeaa4c168845bdf2483946f22 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Turek?= 
+Date: Fri, 22 Feb 2019 19:26:37 +0100
+Subject: [PATCH] XCB: Fix clipboard breaking when timer wraps after 50 days
+Reviewed-By: Lisandro Damián Nicanor Pérez Meyer 
+Bug-Debian: #961293
+
+xcb_timestamp_t is a 32-bit unsigned value in milliseconds, so it
+wraps after 49.7 days. When it happens, QXcbConnection::m_time stops
+updating and copy & paste in an application would not work until the
+application is restarted. This patch detects the timer wrap and
+allows m_time to wrap too. The fix was verified in KDE desktop with
+applications running for 51 days.
+
+Fixes: QTBUG-65145
+Change-Id: I328c4179c1b1f71914adda6f9a0ca3991a7e808e
+Reviewed-by: Uli Schlachter 
+Reviewed-by: Milian Wolff 
+Reviewed-by: Gatis Paeglis 
+---
+ src/plugins/platforms/xcb/qxcbconnection.h |6 --
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+--- a/src/plugins/platforms/xcb/qxcbconnection.h
 b/src/plugins/platforms/xcb/qxcbconnection.h
+@@ -470,10 +470,10 @@ public:
+ PeekOptions option = PeekDefault, qint32 peekerId = -1);
+ 
+ inline xcb_timestamp_t time() const { return m_time; }
+-inline void setTime(xcb_timestamp_t t) { if (t > m_time) m_time = t; }
++inline void setTime(xcb_timestamp_t t) { if (timeGreaterThan(t, m_time)) m_time = t; }
+ 
+ inline xcb_timestamp_t netWmUserTime() const { return m_netWmUserTime; }
+-inline void setNetWmUserTime(xcb_timestamp_t t) { if (t > m_netWmUserTime) m_netWmUserTime = t; }
++inline void 

Bug#970299: RFS: ipmiutil/3.1.7-1 -- IPMI management utilities

[Jörg Frings-Fürst]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "ipmiutil":

   Package name: ipmiutil
   Version : 3.1.7-1
   Upstream Author : 
   URL : https://sourceforge.net/projects/ipmiutil/
   License : BSD-3-clause, GPL-2+ with OpenSSL exception, Zlib, 
 Artistic-2.0, BSD-2-clause, GPL-2+
   Vcs : https://jff.email/cgit/ipmiutil.git
   Section : utils

It builds those binary packages:

  ipmiutil - IPMI management utilities

To access further information about this package, please visit the following
URL:

  https://mentors.debian.net/package/ipmiutil/

Alternatively, one can download the package with dget using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/i/ipmiutil/ipmiutil_3.1.7-1.dsc

or from 

 git https://jff.email/cgit/ipmiutil.git/?h=release%2Fdebian%2F3.1.7-1

Changes since the last upload:

 ipmiutil (3.1.7-1) unstable; urgency=medium
 .
   * New upstrewam release.
   * Reinstall init.d scripts.
   * Migrate to debhelper 13:
 - Bump minimum debhelper-compat version in debian/control to = 13.

CU
Jörg
- -- 
New:
GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB  30EE 09F8 9F3C 8CA1 D25D
GPG key (long) : 09F89F3C8CA1D25D
GPG Key: 8CA1D25D
CAcert Key S/N : 0E:D4:56

Old pgp Key: BE581B6E (revoked since 2014-12-31).

Jörg Frings-Fürst
D-54470 Lieser


git:  https://jff.email/cgit/

Threema:  SYR8SJXB
Wire: @joergfringsfuerst
Skype:joergpenguin
Ring: jff
Telegram: @joergfringsfuerst


My wish list: 
 - Please send me a picture from the nature at your home.

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAl9fZjwACgkQCfifPIyh
0l3c1A/8DAOWrEmVpnzWTwcTXN5Ht+QycdTXA55iqOdE8+/VbUCqeNyy0qdFQXGV
mXHMKe0VwPFIcsjakEcUNRDYuLwTZZ58JJ1J2NDMOTdoLPo1WVtqcrGKMIIKPry4
oVidEpTnED0hKJncXQt+8V+KKVnah/HohUxCHGmDDq7YmL1g7VOrHG19PVb07BHD
nQ1wB2ElkJc1D/tvlh+JUYbS9WOt9TDGitWNtUDggVkvvDJnX4ePimyNUAY2Yhep
8gEN2iTsfhKIuwONnjXhfqGgPIJvJni6dqX4uFOS+a/NEo/6tBmoPoaxJpunYbnn
g9poek60Lb/AB9sz5igMC/nwl7c7NGwezmwyBGIwfknjjmuGS9mNTzsXZg0w4SR9
AScfQINxYhcQrThyH9ZH+J53nwBFJWtb7F6Gvac8dN/unLY34s2ex+rqLqrukCPH
M77HgQ2EI4ff7ei1DGNAC/+eTTqXvbR0/PrsuHl7GsT3LliEuzFPg0dnKJTSQdRy
GRgI5Tt1vxv0XEaEZgLh20BKQ5xG1HKnt9c93Z6JJUmp8dBvFHLebtN0Pj7EfBGS
4n8cWAiOFUI1akhFTdiCdE49f0ww74269XYgZER3l4CrwCF0/Q2/osUSCNuDtKxr
nfgp3q2E2+ptpUXBs7YE6H19Lrd6ehXo6Cuiep1w02ZUcsG5T/w=
=sV7V
-END PGP SIGNATURE-

Bug#970298: RFS: ipmitool/1.8.18-10 [RC] -- utility for IPMI control with kernel driver or LAN interface (daemon)

[Jörg Frings-Fürst]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Package: sponsorship-requests
Severity: important

Dear mentors,

I am looking for a sponsor for my package "ipmitool":

   Package name: ipmitool
   Version : 1.8.18-10
   Upstream Author : 
   URL : https://github.com/ipmitool/ipmitool
   License : BSD-3-clause
   Vcs : https://jff.email/cgit/ipmitool.git
   Section : utils

It builds those binary packages:

  ipmitool - utility for IPMI control with kernel driver or LAN interface
(daemon)

To access further information about this package, please visit the following
URL:

  https://mentors.debian.net/package/ipmitool/

Alternatively, one can download the package with dget using this command:

 dget -x 
https://mentors.debian.net/debian/pool/main/i/ipmitool/ipmitool_1.8.18-10.dsc

or from

 git https://jff.email/cgit/ipmitool.git/?h=release%2Fdebian%2F1.8.18-10

Changes since the last upload:

 ipmitool (1.8.18-10) unstable; urgency=medium
 .
   * Add "Restrictions: superficial" to debian/tests/control (Closes: #969834).


CU
Jörg
- -- 
New:
GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB  30EE 09F8 9F3C 8CA1 D25D
GPG key (long) : 09F89F3C8CA1D25D
GPG Key: 8CA1D25D
CAcert Key S/N : 0E:D4:56

Old pgp Key: BE581B6E (revoked since 2014-12-31).

Jörg Frings-Fürst
D-54470 Lieser


git:  https://jff.email/cgit/

Threema:  SYR8SJXB
Wire: @joergfringsfuerst
Skype:joergpenguin
Ring: jff
Telegram: @joergfringsfuerst


My wish list: 
 - Please send me a picture from the nature at your home.

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAl9fZjYACgkQCfifPIyh
0l3xqRAAxWwgMO1mlGma0tQjZjNV/tKfUndP1YI29JUasmFl/6BeC/3L2oRxT5lX
t9UExw/abMsLtYESI5etcLGWUDCHgaypdS+GKIeBrMTP4hS0Uw+wXBNHvGKCctlz
vckhFYIPPxt9ixap6viVeioQ9yyCkURH1eGA88hFUxyU7cmi4J1BVjTwV2GJqSG0
YkHtIYg4gZIb6HLeY9WtaUDp5JzRWCdTMKtglccJXsMxoO8AfenLP/k9cUaOLfTm
DSg7O5eZbtslCURGIM05dJVfm9OyD9pweK5TJS8U9+EqFDj8A/hMPmUYN0mSVxEM
dZievxr8L4CtaS4YMIjUwJ30DcFnkSLYuCTtGXd9Izk8/W0fKT0t8qdPMEJg/oAC
h/W/LlONV+xtHcc0yW4S+2zJVDcomB0wvGaNWe9h/cxIfhMcuguiBlBD69A96GiN
nq6NZstuxprnMA86PcD87BDeu4XFBF9PBsIHUIZDAy0XgXkEklSVfiPX7TRE2bJU
36vqrOhLBjG6A7TXyAenomNikbb3cJnI+kpaiVIC7ZU2+CMQP8VR58uo8bSh2DsQ
jCLkdHZR1Ae+T3ooj7MILb3CJ+rNQCDPv72UEkyXYFqC6K3EOtlg09WQuc8VhvZl
77QYOeaFbuMXBGw4NS1sWJOqZIHBeztdKot3HTBU0YeU6FwIo58=
=jMEZ
-END PGP SIGNATURE-

Bug#970297: RFS: dmidecode/3.2-4 [RC] -- SMBIOS/DMI table decoder

[Jörg Frings-Fürst]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Package: sponsorship-requests
Severity: important

Dear mentors,

I am looking for a sponsor for my package "dmidecode":

   Package name: dmidecode
   Version : 3.2-4
   Upstream Author : dmidecode-de...@nongnu.org
   URL : https://nongnu.org/dmidecode/
   License : GPL-2+
   Vcs : https://jff.email/cgit/dmidecode.git/
   Section : utils

It builds those binary packages:

  dmidecode-udeb - SMBIOS/DMI table decoder (udeb)
  dmidecode - SMBIOS/DMI table decoder

To access further information about this package, please visit the following
URL:

  https://mentors.debian.net/package/dmidecode/

Alternatively, one can download the package with dget using this command:

 dget -x 
https://mentors.debian.net/debian/pool/main/d/dmidecode/dmidecode_3.2-4.dsc

or from 

 git https://jff.email/cgit/dmidecode.git/?h=release%2Fdebian%2F3.2-4

Changes since the last upload:

 dmidecode (3.2-4) unstable; urgency=medium
 .
   * Add "Restrictions: superficial" to debian/tests/control (Closes: #969819).



CU
Jörg
- -- 
New:
GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB  30EE 09F8 9F3C 8CA1 D25D
GPG key (long) : 09F89F3C8CA1D25D
GPG Key: 8CA1D25D
CAcert Key S/N : 0E:D4:56

Old pgp Key: BE581B6E (revoked since 2014-12-31).

Jörg Frings-Fürst
D-54470 Lieser


git:  https://jff.email/cgit/

Threema:  SYR8SJXB
Wire: @joergfringsfuerst
Skype:joergpenguin
Ring: jff
Telegram: @joergfringsfuerst


My wish list: 
 - Please send me a picture from the nature at your home.

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAl9fZjQACgkQCfifPIyh
0l07oA/8DbKkoKW+Dh32cPs+nppCwu6vHS3GicI3nA4RkY59GI6BL0RIDsfQgafF
3BlmbrDjGgwkSJtYraYqZfHuir5f6IuFKxcMASEdnV3WxrXhVrJC/iql0jCtgTDF
JZg7gAfdiET3vvpdPoONvCI2EYTcO8PxBar8mVDSmetyQAhhsdAn4Ysvxf/Xb9JZ
0opkDHdFr9q3CQprOmIQ/EBF4LMxtpleNaiQdGp47TBGtVzvaJuaF5cC9bf54b0f
Va6yyDdlmBsXtGHNQqarxe5SuX4yJjL0kACiIr1sa1cHp2xV15Bo3TtqWita8I4s
s7biCMYD+gO6hiGPUMULm1qVX6blRMw7ce/plb3qEZtmiNBgbMcLUXhuLSeWFjWA
4CTtGXod60RkrEV4pKyfrIKjIoCxK7OCeyndBRogYqFKmiTk11X1nIe1f0cYxuFb
Cruo5V+QJQ1yx2v4IRuU1cTJmMAFcw+UdHSh+mcNEweSD4MjLB37gnPhXPXdH5Gq
4t7on5PE7m5au09vr38N+CyKBPC8ZHe7Dp7ElMeLdz7ILepSPUqIEOyKmr4dcg/a
VTgNCJk+SpO2bKaEPYgrJUkVMJnUeIexTJWdSvqrQS6YY0//OLQl99TPTGmAhYNF
Yd9J708bHw5eoo50uZJHdT/j+av0KpSMCGFNEWjjvVoT50JRq/Q=
=9QIC
-END PGP SIGNATURE-

Bug#970300: ITP: r-cran-hdf5r -- Interface to the 'HDF5' Binary Data Format

[Steffen Moeller]

Package: wnpp
Severity: wishlist

Subject: ITP: r-cran-hdf5r -- Interface to the 'HDF5' Binary Data Format
Package: wnpp
Owner: Steffen Moeller 
Severity: wishlist

* Package name: r-cran-hdf5r
  Version : 1.3.3
  Upstream Author : Holger Hoefling
* URL : https://cran.r-project.org/package=hdf5r
* License : Apache-2.0
  Programming Lang: GNU R
  Description : Interface to the 'HDF5' Binary Data Format
 'HDF5' is a data model, library and file format for storing
 and managing large amounts of data. This package provides a nearly
 feature complete, object oriented  wrapper for the 'HDF5' API
  using R6 classes.
 Additionally, functionality is added so that 'HDF5' objects behave very
 similar to their corresponding R counterparts.

Remark: This package is maintained by Debian R Packages Maintainers at
   https://salsa.debian.org/r-pkg-team/r-cran-hdf5r

Bug#970292: RM: vagrant-digitalocean -- ROM; very old, low popcon

[Iain R. Learmonth]

Package: ftp.debian.org
Severity: normal

Hi,

I've not used this in a long time, it probably doesn't work anymore, low
popcon too so best to remove it. Someone could reintroduce in the future
if they want.

Thanks,
Iain.

Bug#970279: O: nutsqlite -- Dietary nutrition analysis software

[Andreas Tille]

Hi Iain,

On Mon, Sep 14, 2020 at 11:34:23AM +0100, Iain R. Learmonth wrote:
> Package: wnpp
> Severity: normal
> X-Debbugs-Cc: debian-...@lists.debian.org
> 
> I intend to orphan the nutsqlite package. I've not used this package for
> years. The upstream has generally been helpful.
> 
> The package description is:
>  NUTsqlite uses the USDA database and stores this along with your personal 
> data
>  in a portable SQLite database allowing you to perform analysis and plan for
>  your nutrition. Features include:
>  .
>   * The complete USDA database, your personal data, and the program code all
> stored in a portable SQLite database
>   * Foods easy to find and add to daily meals
>   * Configurable for 1-19 meals per day and any dietary plan--including
> ketogenic, low carb, zone, low fat
>   * Comprehensive meal analysis for any number of consecutive meals
>   * Presents both easy-to-read percentage summaries and in-depth nutrient
> analysis, including Omega-3 and Omega-6 essential fatty acids
>   * Foods can be weighed in grams or ounces
>   * Includes novel meal planning feature: you choose the food, NUT adjusts the
> quantities to your plan
>   * Calorie Auto-Set feature uses linear regression on daily scale 
> measurements
> of weight and body fat percentage to find optimal calorie level for
> improved body composition
>   * Allows recording of recipes and customary meals for fast data entry
>   * Sorts foods richest in each of the 150 nutrients
>   * Reveals which foods contribute most to user's nutrition

Would you mind pushing your latest changes to the package to Git?
I'd volunteer to add my ID as Uploader (if nobody else wants to for
sure!)

> If you do take this on, you might want to look at splitting out the data
> from the application to reduce the size of the arch specific binaries,
> and maybe even (if possible) encourage reuse of the data across
> applications (the USDA database in particular).

If I'm not misleaded the whole package is arch all so I do not see
any actual need for splitting as long as there is no other package
inside Debian that needs thoses data.

Kind regards

Andreas. 

-- 
http://fam-tille.de

Bug#970296: buster-pu: package qtbase-opensource-src/5.11.3+dfsg1-1+deb10u3 -> 5.11.3+dfsg1-1+deb10u4

[Lisandro Damián Nicanor Pérez Meyer]

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu

Dear stable release team,

I'd like to update qtbase-opensource-src in stable in order to fix two bugs:
- #968444 CVE-2020-17507 The security team decided not to issue a DSA
but it would be good to have it fixed non the less.
- #961293 A bug that affects people having their sessions open for many days.

Both bug fixes have been in testing for a while now, especially #961293.

I'll be uploading to buster-p-u soon.

Thanks for considering them, Lisandro.

-- 
Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/

Bug#347650: Buster links with --as-needed by default

[Luca Boccassi]

On Tue, 28 Apr 2020 17:37:55 +0200 wf...@niif.hu wrote:
> Hi,
> 
> Just noting that according to #956146 "the bullseye toolchain
defaults
> to linking with --as-needed", so this won't hurt us so bad in the
> future.
> -- 
> Feri

Unfortunately the exact same issue is present with --whole-archive. It
would be really great if libtool could be fixed. I'll propose a patch
to dh-autoreconf that deals with it in the same way it deals with --as-
needed.

-- 
Kind regards,
Luca Boccassi


signature.asc
Description: This is a digitally signed message part

Bug#912299: blender: make the build reproducible

[Mathieu Malaterre]

Control: fixed -1  2.81.a+dfsg-4

On Mon, Sep 14, 2020 at 12:06 PM Chris Lamb  wrote:
>
> Hi Mathieu,
>
> > The original text pasted patch does not apply anymore in the current
> > blender/sid version.
> >
> > Could you confirm the bug is fixed ? If not please provide an
> > updated patch.
>
> I glanced at this patch/bug (from 2018), but it seems like blender
> became reproducible in Debian/amd64/sid around version 2.81.a+dfsg-4.

ACK. Thanks !

Bug#970306: unused-license-paragraph-in-dep5-copyright is a false positive when "+" is involved

[Felix Lechner]

Hi Julien,

On Mon, Sep 14, 2020 at 7:03 AM Julien Puydt  wrote:
>
> I get many unused-license-paragraph-in-dep5-copyright I:-type messages
> from lintian

Which package are you working on, please? We cannot investigate your
claim without the information.

> because the paragraphs in question are License: foo and
> used as License: foo+. Lintian should see that it's compatible and
> accept it.

Where does it state that using License namesthat way is okay, please?
The plus usually indicates the presence of an 'or later' clause in
GPL-style licenses. It is a distinctive feature, i.e GPL-2 is
different from GPL-2+.

Kind regards
Felix Lechner

Bug#970309: src:python-loompy: Please provide autopkgtest

[Nilesh Patra]

Source: python-loompy
Version: 3.0.6+dfsg-2
Severity: wishlist
Tags: newcomer

Dear Maintainer,

Please provide autopkgtest for this package.


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.7.0-2-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE
not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Thank you for using reportbug

Bug#970311: buster-pu: qt4-x11/4:4.8.7+dfsg-18 -> 4:4.8.7+dfsg-18+deb10u1

[Lisandro Damián Nicanor Pérez Meyer]

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu

Dear stable release team,

I'd like to update qt4-x11 in stable in order to fix Debian bug
#970308 CVE-2020-17507
The security team decided not to issue a DSA but it would be good to
have it fixed non the less.

I'll be uploading to buster-p-u soon.

Thanks for considering it, Lisandro.

-- 
Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/
diff -Nru qt4-x11-4.8.7+dfsg/debian/changelog qt4-x11-4.8.7+dfsg/debian/changelog
--- qt4-x11-4.8.7+dfsg/debian/changelog	2019-04-12 17:10:28.0 -0300
+++ qt4-x11-4.8.7+dfsg/debian/changelog	2020-09-14 10:56:35.0 -0300
@@ -1,3 +1,10 @@
+qt4-x11 (4:4.8.7+dfsg-18+deb10u1) buster; urgency=medium
+
+  * Backport upstream patch to fix buffer overflow in XBM parser
+(CVE-2020-17507, closes: #968444).
+
+ -- Lisandro Damián Nicanor Pérez Meyer   Mon, 14 Sep 2020 10:56:35 -0300
+
 qt4-x11 (4:4.8.7+dfsg-18) unstable; urgency=medium
 
   * Team upload.
diff -Nru qt4-x11-4.8.7+dfsg/debian/patches/CVE-2020-17507.patch qt4-x11-4.8.7+dfsg/debian/patches/CVE-2020-17507.patch
--- qt4-x11-4.8.7+dfsg/debian/patches/CVE-2020-17507.patch	1969-12-31 21:00:00.0 -0300
+++ qt4-x11-4.8.7+dfsg/debian/patches/CVE-2020-17507.patch	2020-09-14 09:52:18.0 -0300
@@ -0,0 +1,21 @@
+Description: fix buffer overflow in XBM parser
+Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=1616c71921b73b22
+Last-Update: 2020-08-18
+
+---
+ src/gui/image/qxbmhandler.cpp |4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+--- a/src/gui/image/qxbmhandler.cpp
 b/src/gui/image/qxbmhandler.cpp
+@@ -154,7 +154,9 @@ static bool read_xbm_body(QIODevice *dev
+ w = (w+7)/8;// byte width
+ 
+ while (y < h) {// for all encoded bytes...
+-if (p) {// p = "0x.."
++if (p && p < (buf + readBytes - 3)) {  // p = "0x.."
++if (!isxdigit(p[2]) || !isxdigit(p[3]))
++return false;
+ *b++ = hex2byte(p+2);
+ p += 2;
+ if (++x == w && ++y < h) {
diff -Nru qt4-x11-4.8.7+dfsg/debian/patches/series qt4-x11-4.8.7+dfsg/debian/patches/series
--- qt4-x11-4.8.7+dfsg/debian/patches/series	2019-04-12 17:10:28.0 -0300
+++ qt4-x11-4.8.7+dfsg/debian/patches/series	2020-09-14 10:04:34.0 -0300
@@ -19,6 +19,7 @@
 CVE-2018-19871.patch
 CVE-2018-19872.patch
 CVE-2018-19873.patch
+CVE-2020-17507.patch
 
 # qt-copy patches
 0195-compositing-properties.diff

Bug#970312: src:intake: Please provide autopkgtest

[Nilesh Patra]

Source: intake
Version: 0.6.0-3
Severity: wishlist
Tags: newcomer

Dear Maintainer,

Please provide autopkgtest for this package.


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.7.0-2-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE
not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Thank you for using reportbug

Bug#932378: Debian bug #932378

[Jörg Frings-Fürst]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

found 932378 2.94.0
- -- 
New:
GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB  30EE 09F8 9F3C 8CA1 D25D
GPG key (long) : 09F89F3C8CA1D25D
GPG Key: 8CA1D25D
CAcert Key S/N : 0E:D4:56

Old pgp Key: BE581B6E (revoked since 2014-12-31).

Jörg Frings-Fürst
D-54470 Lieser


git:  https://jff.email/cgit/

Threema:  SYR8SJXB
Wire: @joergfringsfuerst
Skype:joergpenguin
Ring: jff
Telegram: @joergfringsfuerst


My wish list: 
 - Please send me a picture from the nature at your home.

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEY+AHX8jUOrs1qzDuCfifPIyh0l0FAl9fVmsACgkQCfifPIyh
0l03lw/9EAHz5ueJx3DgTuIz+PNuK7T6YkAZhvOyJwUpCBepoP24RjJALzrOO6J8
f0wi5Ki1winK/5kEYTSRuTXLS2GwruaFh5XCqaPKJ95cO9bKdgC+u0374QHPcEo8
4KdStcIflviO3WRj9uqtXNqeMZXaUY+lGxcwath+4bFvEK/Bd6Fy1qNFy04bSLNk
WpBPx7hVyygBZ8pf3R+GRtMIFmbovjTZwtYsZilfW3Hkv2veZOzM6XwjgAwAafb6
QSREJKiDJaQomCHJDbl/RbTj1fAKEDIunu3FbfdTlz3meUpzceN5JoBjULzCnq6/
5w9YTLLekzCNy2+q9dQpZR8upzmbOqqOfTV3HHoY45WZ2qYdQTW9Z0ecyKmlb7CA
EZC6N+mePCmanBLV0fzVLD9Qc8iv4qfPSePODwKeAa9kviluZ/jaw0+rcegRxkv+
uxPb6+rLCGnKYhPu444TB96eVZrOEZkQDmM3UQBJvzgJTkQTOW6m3wGmAkZwpD+3
7ub1LBbejoIXvybps6ReMKrpgjXmuQzQz70lTZAxKm8ojupjhRCmd+Vs0onhnnD6
AehuYGsk70aHv99s+1Mcugc4nYAbAjrJgMtNJfVKwDv+OJktPPBB+DmSH5+QkXWm
r7vg3rcPm/J3inHXBUUGhh/NIjWiBdM2xfaYgCAu865CHTm1/8E=
=HEe8
-END PGP SIGNATURE-

Bug#970279: O: nutsqlite -- Dietary nutrition analysis software

[Iain Learmonth]

Hi Andreas,

On 14/09/2020 12:25, Andreas Tille wrote:
> Would you mind pushing your latest changes to the package to Git?
> I'd volunteer to add my ID as Uploader (if nobody else wants to for
> sure!)

I am not a member of the Debian Med team on Salsa, which must have been
what stopped me before. This was I think the last of my Debian Med
packages so little point adding me now. Instead, I've pushed the changes to:

https://git.sr.ht/~irl/debian-nutsqlite.git

You can pull from there and push back to Salsa. The package probably
needs a little modernizing, like debhelper compat level. Just remove me
from uploaders when you make an upload.

>> If you do take this on, you might want to look at splitting out the data
>> from the application to reduce the size of the arch specific binaries,
>> and maybe even (if possible) encourage reuse of the data across
>> applications (the USDA database in particular).
> 
> If I'm not misleaded the whole package is arch all so I do not see
> any actual need for splitting as long as there is no other package
> inside Debian that needs thoses data.

You're right, it's been so long that I'd forgotten that this is a Tcl
package. There still might be a use case for splitting out the database,
but perhaps it is more difficult in this incarnation of NUT because now
the database is integrated into the sqlite db.

This was just something I had in my notes from a while ago and wanted to
mention because I bet there's other nutrition software out there that
uses the USDA database even if it's not yet in Debian. There may be no
standard format to consume it in.

Thanks,
Iain.



signature.asc
Description: OpenPGP digital signature

Bug#970301: phybin: Please provide autopkgtest

[Nilesh Patra]

Package: phybin
Severity: wishlist
X-Debbugs-Cc: npatra...@gmail.com
Tags: newcomer

Dear Maintainer,

Please provide autopkgtest for this package.


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.7.0-2-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE
not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Thank you for using reportbug

Bug#970303: chirp: please remove irl from uploaders

[Iain R. Learmonth]

Package: chirp
Version: 1:20200227+py3+20200213-3
Severity: normal
X-Debbugs-Cc: tmanc...@debian.org, debian-h...@lists.debian.org

Hi,

Please remove me from the uploaders on the next upload. I've not worked
on this package since the switch to Python 3 and there are better people
than me to be named on this package already there.

Thanks,
Iain.

Bug#970315: txtorcon: please remove irl from uploaders

[Iain R. Learmonth]

Source: txtorcon
Severity: normal
User: i...@debian.org
Usertags: refactor2020
X-Debbugs-Cc: pkg-privacy-maintain...@lists.alioth.debian.org

Hi,

I am taking a step back from Debian for a while. To keep the list of
uploaders as an accurate list of people that you can talk to about this
package, please remove me from that list on the next upload.

Thanks,
Iain.

Bug#970316: vanguards: please remove irl from uploaders

[Iain R. Learmonth]

Package: vanguards
Severity: normal
User: i...@debian.org
Usertags: refactor2020

Hi,

I am taking a step back from Debian for a while. To keep the list of
uploaders as an accurate list of people that you can talk to about this
package, please remove me from that list on the next upload.

Thanks,
Iain.

Bug#970317: plymouth can cause initrd creation to fail.

[Sven Mueller]

Package: plymouth
Version: 0.9.4-3

We encountered a way how plymouth can cause initrd creation to fail:

/usr/share/initramfs-tools/hooks/plymouth
contains a call to plymouth-set-default-theme, reading the set theme name.
plymouth-set-default-theme fails back to "text" apparently, if the desired
theme (set via plymouthd.conf) is unknown.

If this name is not "text" or "details", the script later on tries to copy
/etc/fonts/fonts.conf

However, if fontconfig-config isn't yet installed (and thus plymouth-themes
isn't installed yet), then the following sequence can (and for us
reproducibly did) happen:

- Configuration file plymouthd.conf was written, setting theme "lines".
- Installation of kernel, plymouth, plymouth-themes, desktop-base,
fontconfig-config requested
- packages are unpacked by dpkg (which doesn't copy conffiles to their
destination)
- Note: plymouth hook script is now active (not a conffile)
- kernel gets configured. tries to build initrd
- plymouth hook gets executed
- plymouth hook reads desired theme, finds "lines" (installed by
desktop-base)
- plymouth hook fails to copy /etc/fonts/fonts.conf and aborts

I'll describe multiple options. The first two are the most sensible IMHO.

Option 1:

Let the hook script or plymouth-set-default-theme fall back to the "text"
or "details" theme if required files are not available yet. At least in our
case, the initrd would have gotten rebuilt again later on, eliminating the
issue of a silent fallback.

Option 2:

Let plymouth declare a "Pre-Depends: fontconfig-config" to ensure that the
conffile from fontconfig-config is actually available at the time plymouth
gets installed and thus activates the initramfs-tools hook script. This
introduces an indirect dependency on various fonts, but seems reasonable
anyways. Would eliminate the silent fallback and would thus probably come
closest to user expectation.

Option 3:

Let both desktop-base and plymouth-themes Pre-Depend on fontconfig-config -
This would move the responsibility to whoever provides a plymouth theme. As
the set of such packages is not necessarily a closed set, I'm not sure if
this is maintainable in the long run.

My personal preference would probably be Option 2: It would get the issue
fixed for everyone at little extra cost.

Bug#909436: libdrm 2.4.102-1: FTBFS on hurd-i386 (updated patches)

[Svante Signell]

found 909436 2.4.102-1
thanks

Hello again,

libdrm still FTBFS on GNU/Hurd now due to bug #970304 and still missing
support for Hurd in drm.h and xf86drm.h. Attached is a patch, hurd-
port.diff, to fix this. The rest of that patch address PATH_MAX issues
in xf86dri.c as PATH_MAX is not defined for GNU/Hurd.

Note: hurd-port.diff depends on that xf86drm.c.diff in #970304 is
applied before!

Additionally the patches debian_rules.diff and debian_control.diff adds
Hurd to the architecture list.

Thanks!
Index: libdrm-2.4.102/include/drm/drm.h
===
--- libdrm-2.4.102.orig/include/drm/drm.h
+++ libdrm-2.4.102/include/drm/drm.h
@@ -42,6 +42,22 @@
 #include 
 typedef unsigned int drm_handle_t;
 
+#elif defined(__GNU__)
+
+#include 
+#include 
+#include 
+typedef __int8_t   __s8;
+typedef __uint8_t  __u8;
+typedef __int16_t  __s16;
+typedef __uint16_t __u16;
+typedef __int32_t  __s32;
+typedef __uint32_t __u32;
+typedef __int64_t  __s64;
+typedef __uint64_t __u64;
+typedef size_t   __kernel_size_t;
+typedef unsigned int drm_handle_t;
+
 #else /* One of the BSDs */
 
 #include 
Index: libdrm-2.4.102/xf86drm.h
===
--- libdrm-2.4.102.orig/xf86drm.h
+++ libdrm-2.4.102/xf86drm.h
@@ -56,6 +56,16 @@ extern "C" {
 #define DRM_IOC_READWRITE	_IOC_READ|_IOC_WRITE
 #define DRM_IOC(dir, group, nr, size) _IOC(dir, group, nr, size)
 
+#elif defined(__GNU__)
+#include 
+#include 
+#define DRM_IOCTL_NR(n) ((n) & 0xff)
+#define DRM_IOC_VOIDIOC_VOID
+#define DRM_IOC_READIOC_OUT
+#define DRM_IOC_WRITE   IOC_IN
+#define DRM_IOC_READWRITE   IOC_INOUT
+#define DRM_IOC(dir, group, nr, size) _IOC(dir, group, nr, size)
+
 #else /* One of the *BSDs */
 
 #include 
Index: libdrm-2.4.102/xf86drm.c
===
--- libdrm-2.4.102.orig/xf86drm.c
+++ libdrm-2.4.102/xf86drm.c
@@ -2980,7 +2980,8 @@ static char *drmGetMinorNameForFD(int fd
 return strdup(name);
 #else
 struct stat sbuf;
-char buf[PATH_MAX + 1];
+char *buf = NULL;
+int len = 0;
 const char *dev_name = drmGetDeviceName(type);
 unsigned int maj, min;
 int n;
@@ -2997,11 +2998,18 @@ static char *drmGetMinorNameForFD(int fd
 if (!dev_name)
 return NULL;
 
-n = snprintf(buf, sizeof(buf), dev_name, DRM_DIR_NAME, min);
-if (n == -1 || n >= (int)sizeof(buf))
+len = snprintf(NULL, 0, dev_name, DRM_DIR_NAME, min);
+if (len < 0)
 return NULL;
+len++;
+buf = malloc(len);
+n = snprintf(buf, len, dev_name, DRM_DIR_NAME, min);
+if (n == -1 || n >= len) {
+free(buf);
+return NULL;
+}
 
-return strdup(buf);
+return buf;
 #endif
 }
 
@@ -3947,17 +3955,30 @@ process_device(drmDevicePtr *device, con
bool fetch_deviceinfo, uint32_t flags)
 {
 struct stat sbuf;
-char node[PATH_MAX + 1];
+char *node = NULL;
 int node_type, subsystem_type;
+int len = 0, n, ret = 0;
 unsigned int maj, min;
 
 node_type = drmGetNodeType(d_name);
 if (node_type < 0)
 return -1;
 
-snprintf(node, PATH_MAX, "%s/%s", DRM_DIR_NAME, d_name);
-if (stat(node, ))
+len = snprintf(NULL, 0, "%s/%s", DRM_DIR_NAME, d_name);
+if (len < 0)
+  return -1;
+len++;
+node = malloc(len);
+n = snprintf(node, len, "%s/%s", DRM_DIR_NAME, d_name);
+if (n == -1 || n >= len) {
+free(node);
 return -1;
+}
+
+if (stat(node, )) {
+free(node);
+return -1;
+}
 
 maj = major(sbuf.st_rdev);
 min = minor(sbuf.st_rdev);
@@ -3972,18 +3993,27 @@ process_device(drmDevicePtr *device, con
 switch (subsystem_type) {
 case DRM_BUS_PCI:
 case DRM_BUS_VIRTIO:
-return drmProcessPciDevice(device, node, node_type, maj, min,
+ret = drmProcessPciDevice(device, node, node_type, maj, min,
fetch_deviceinfo, flags);
+	free(node);
+	return ret;
 case DRM_BUS_USB:
-return drmProcessUsbDevice(device, node, node_type, maj, min,
+ret = drmProcessUsbDevice(device, node, node_type, maj, min,
fetch_deviceinfo, flags);
+	free(node);
+	return ret;
 case DRM_BUS_PLATFORM:
-return drmProcessPlatformDevice(device, node, node_type, maj, min,
+ret = drmProcessPlatformDevice(device, node, node_type, maj, min,
 fetch_deviceinfo, flags);
+	free(node);
+	return ret;
 case DRM_BUS_HOST1X:
-return drmProcessHost1xDevice(device, node, node_type, maj, min,
+ret = drmProcessHost1xDevice(device, node, node_type, maj, min,
   fetch_deviceinfo, flags);
+	free(node);
+	return ret;
 default:
+free(node);
 return -1;
}
 }
@@ -4306,10 +4336,10 @@ drm_public char 

Bug#970323: dpkg-deb fails to create package > 2 GB

[Francois Gouget]

Package: dpkg
Version: 1.19.7
Severity: normal

Dear Maintainer,

dpkg-deb fails to create a package with a size greater than 2 GB.
To reproduce this issue use the attached file to create a 2.4 GB
package, this despite being on a 64-bit system:

$ tar xfz testpkg.tar.gz
$ cd testpkg
$ fakeroot ./build
[...]
+ dh_builddeb --destdir=.
dpkg-deb: building package 'testpkg' in './testpkg_1.0-1_all.deb'.
dpkg-deb (subprocess): compressing tar member: lzma write error: No space left 
on device
dpkg-deb: error:  from tar -cf subprocess returned error exit status 2
dh_builddeb: dpkg-deb --build debian/testpkg . returned exit code 2
dh_builddeb: Aborting due to earlier error

Note that neither tar nor ar have any trouble dealing with archives with
a size greater than 2 GB.
Also this is not specific to the lzma compressor: using gzip instead
produces the same error.


-- Package-specific info:

-- System Information:
Debian Release: 10.5
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-10-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr:en_US (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dpkg depends on:
ii  libbz2-1.0   1.0.6-9.2~deb10u1
ii  libc62.28-10
ii  liblzma5 5.2.4-1
ii  libselinux1  2.8-1+b1
ii  tar  1.30+dfsg-6
ii  zlib1g   1:1.2.11.dfsg-1

dpkg recommends no packages.

Versions of packages dpkg suggests:
ii  apt1.8.2.1
pn  debsig-verify  

-- no debconf information


testpkg.tar.gz
Description: application/gzip

Bug#970291: golang-github-avast-apkverifier-dev misses description in Translation-en.bz2 for Sid

[s3v]

Package: ftp.debian.org
Severity: minor
Control: affects -1 golang-github-avast-apkverifier-dev

Dear Maintainers,

I just find out golang-github-avast-apkverifier-dev [1] has not
description in Translation-en.bz2 file [2].

 $ bzgrep golang-github-avast-apkverifier-dev Translation-en.bz2
 $

I don't know if this issue is related either to
golang-github-avast-apkverifier-dev package itself or to FTP-side
gears, so please feel free to route this report on the right track.
ATM golang-github-avast-apkverifier-dev is the only package misses
description in Translation-en.bz2 file for Sid.

Thanks for reading.

Kind Regards.

[1] https://tracker.debian.org/pkg/golang-github-avast-apkverifier
[2] http://ftp.debian.org/debian/dists/sid/main/i18n/Translation-en.bz2

Bug#970318: O: dmrconfig -- Configuration utility for DMR radios

[Iain R. Learmonth]

Package: wnpp
Severity: normal
User: i...@debian.org
Usertags: refactor2020
X-Debbugs-Cc: debian-h...@lists.debian.org

I intend to orphan the dmrconfig package.

The package description is:
 DMRconfig is a utility for programming digital radios via USB programming
 cable. It can read and write codeplug, configuration and contacts from and to
 the radio. Various TYT, Baofeng, Radioddity, Anytone, BTECH, Zastone and Radtel
 radios are supported.

Bug#970319: bootp FTCBFS: does not pass cross tools to make

[Helmut Grohne]

Source: bootp
Version: 2.4.3-19
Tags: patch
User: debian-cr...@lists.debian.org
Usertags: ftcbfs

bootp fails to cross build from source, because it does not pass cross
tools to make. The easiest way of fixing that - using dh_auto_build -
makes bootp cross buildable. Please consider applying the attached
patch.

Helmut
diff --minimal -Nru bootp-2.4.3/debian/changelog bootp-2.4.3/debian/changelog
--- bootp-2.4.3/debian/changelog2020-07-09 05:40:44.0 +0200
+++ bootp-2.4.3/debian/changelog2020-09-14 17:58:57.0 +0200
@@ -1,3 +1,10 @@
+bootp (2.4.3-19.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTCBFS: Let dh_auto_build pass cross tools to make. (Closes: #-1)
+
+ -- Helmut Grohne   Mon, 14 Sep 2020 17:58:57 +0200
+
 bootp (2.4.3-19) unstable; urgency=medium
 
   * Source format is 3.0 (quilt)
diff --minimal -Nru bootp-2.4.3/debian/rules bootp-2.4.3/debian/rules
--- bootp-2.4.3/debian/rules2020-07-09 04:19:36.0 +0200
+++ bootp-2.4.3/debian/rules2020-09-14 17:58:56.0 +0200
@@ -7,8 +7,7 @@
 
 build:
dh_testdir
-
-   $(MAKE) SYSDEFS=-DETC_ETHERS
+   dh_auto_build -- SYSDEFS=-DETC_ETHERS
 
 clean:
dh_testdir

Bug#911411: general: Computer freezes after suspend/hibernate

[Vladimir K]

It may be that in my case the problem occurs during getting into suspend. 
System appears to stop in every way but power indicator.
It also MAY be caused by r8169 module.

I configured unloading r8169 for suspend, and haven't had any freeze since 
that. Although due to rarity of those freezes, it's hard to say for sure.

$ cat /lib/systemd/system-sleep/unload_eth_r8169 
#!/bin/sh
case $1 in
  pre)
/sbin/modprobe -r r8169
;;
  post)
/sbin/modprobe r8169
;;
esac

Bug#970305: dh-autoreconf: support -Wl,--whole-archive in libtool

[Julian Andres Klode]

On Mon, Sep 14, 2020 at 02:58:02PM +0100, Luca Boccassi wrote:
> Package: dh-autoreconf
> Version: 19
> Tags: patch
> X-Debbugs-CC: pkg-dpdk-de...@lists.alioth.debian.org
> 
> Dear Maintainer(s),
> 
> dh-autoreconf provides an --as-needed option to allow packages to use
> -Wl,---as-needed with libtool, since libtool otherwise reorders the
> flags and breaks compilation.
> 
> The same reordering problem affects programs building with --whole-
> archive, in the exact same way. I've come across this when building
> src:openvswitch with src:dpdk.
> 
> I have opened an MR on Salsa to add a --whole-archive autoreconf option
> that works exactly as --as-needed to fix this. It fixes the build of
> openvswitch with a new version of dpdk that is in development.
> 
> https://salsa.debian.org/debian/dh-autoreconf/-/merge_requests/2

I'm not supposed to have the --as-needed stuff in there in the first
place, so I'd rather not make it even worse.

Could you take this up with libtool upstream and come to a solution
there?
-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en