Bug#776379: zpaq: out-of-bounds read

[Jakub Wilk]

Package: zpaq
Version: 1.10-1
Usertags: afl

zpaq crashes when trying to extract this (slightly corrupted) archive:

$ zpaq x crash.zpaq
Segmentation fault


Valgrind says it's an out-of-bounds read:

==1787== Invalid read of size 4
==1787==at 0x804EDED: Predictor::update0(int) (zpaq.cpp:2718)
==1787==by 0x8056AFB: Predictor::update(int) (zpaq.cpp:2817)
==1787==by 0x8050B5F: Decoder::decompress() (zpaq.cpp:3558)
==1787==by 0x80523A0: decompress(int, char**) (zpaq.cpp:4021)
==1787==by 0x805417E: main (zpaq.cpp:4622)
==1787==  Address 0x57c928c0 is not stack'd, malloc'd or (recently) free'd


This bug was found using American fuzzy lop:
https://packages.debian.org/experimental/afl

-- System Information:
Debian Release: 8.0
 APT prefers unstable
 APT policy: (990, 'unstable'), (500, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages zpaq depends on:
ii  libc6   2.19-13
ii  libgcc1 1:4.9.2-10
ii  libstdc++6  4.9.2-10

--
Jakub Wilk


crash.zpaq
Description: Binary data

Bug#775888: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427

[Ritesh Raj Sarraf]

On 01/27/2015 03:51 PM, Moritz Mühlenhoff wrote:
 Please find attached the debdiff. Please give me an ACK, and then I'll
  do the upload.
 Looks good to me. Please upload to security-master, I'll take care of
 the update.

Thanks Moritz. The upload is done.

-- 
Ritesh Raj Sarraf | http://people.debian.org/~rrs
Debian - The Universal Operating System



signature.asc
Description: OpenPGP digital signature

Bug#775888: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427

[Gianfranco Costamagna]

Hi Aron,
can you please also followup on squeeze-bpo?
(might need a kbuild backport to make it build)

cheers,

(thanks)

G.





Il Martedì 27 Gennaio 2015 13:57, Aron Xu happyaron...@gmail.com ha scritto:
I'll follow-up in wheezy-backports this weekend, at that time it
should land in jessie already.

Best,
Aron


On Tue, Jan 27, 2015 at 6:21 PM, Moritz Mühlenhoff j...@inutil.org wrote:
 On Mon, Jan 26, 2015 at 09:14:55PM +0530, Ritesh Raj Sarraf wrote:
 On 01/26/2015 09:07 PM, Ritesh Raj Sarraf wrote:
  On 01/21/2015 01:23 PM, Moritz Muehlenhoff wrote:
  In the past someone from upstream posted the upstream commits to the
  bug log, maybe you can contact them for more information so that we
  can merge the isolated fixes into the jessie version? Cheers, Moritz
 
  Moritz,
 
  For unstable, I've pushed the upload an d asked for an exception.
 
  For Wheezy, it is building right now. Once the build is complete, I'll
  push it to s-p-u. And send you the debdiff.

 Please find attached the debdiff. Please give me an ACK, and then I'll
 do the upload.

 Looks good to me. Please upload to security-master, I'll take care of
 the update.

 Cheers,
 Moritz




-- 
Regards,
Aron Xu


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776380: please document APT::Periodic::RandomSleep

[Tomas Pospisek]

Package: apt
Version: 1.0.9.6
Severity: wishlist
Tags: patch

Hello,

the patch for the documentation can be found here:

  
http://anonscm.debian.org/cgit/users/tpo/apt.git/commit/?id=993307ba632edf409b14bdb368eb770bc7c84d1a

and can be pulled from here:

  git://git.debian.org/users/tpo/apt.git

Thank you
*t

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_CH.utf8, LC_CTYPE=de_CH.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages apt depends on:
ii  debian-archive-keyring  2014.3
ii  gnupg   1.4.18-6
ii  libapt-pkg4.12  1.0.9.6
ii  libc6   2.19-13
ii  libgcc1 1:4.9.1-19
ii  libstdc++6  4.9.1-19

apt recommends no packages.

Versions of packages apt suggests:
pn  apt-doc none
ii  aptitude0.6.11-1+b1
ii  dpkg-dev1.17.23
ii  python-apt  0.9.3.11

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776050: Bug#776237: xen-hypervisor-4.4-amd64: kernel panic on dom0 boot

[Ian Campbell]

Control: merge 776050 776236

On Tue, 2015-01-27 at 00:10 -0500, Gedalya wrote:
 On Mon, 26 Jan 2015 10:24:41 + Ian Campbell wrote:
  
  This is actually a kernel issue I think, so reassigning accordingly.
  
  2c3fc8d26dd0 swiotlb-xen: pass dev_addr to
 swiotlb_tbl_unmap_single
  was backported to the stable kernel but this commit was reverted in
  mainline via dbdd74763f1f.
  
  I'll revert it in the Debian kernel and let the stable kernel folks
  know.
  
  Ian.
  
  
  
 
 Could #776237 be related to #776050?
 
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776050

It's quite possible and the coincidence of the issue arising in ckt4
makes me think it most likely is.

Lets assume it is for now, I've merged the two bugs. If the issue
persists after the fix for #776050 is uploaded we can always unmerge.

Ian.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776359: icedove: szstem integration dialog is non-functional

[Dominik George]

Package: icedove
Version: 34.0~b1-2
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

The dialog asking whether Icedove shall be made the default application
for various tasks is non-functional. The checkboxes can be enabled, but
both buttons simply do nothing.

This could remotely be related to me using MATE desktop, but I do not
really think that's the case.

- -- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages icedove depends on:
ii  debianutils   4.4+b1
ii  fontconfig2.11.0-6.3
ii  libasound21.0.28-1
ii  libatk1.0-0   2.14.0-1
ii  libc6 2.19-13
ii  libcairo2 1.14.0-2.1
ii  libdbus-1-3   1.8.12-3
ii  libdbus-glib-1-2  0.102-1
ii  libevent-2.0-52.0.21-stable-2
ii  libffi6   3.1-2+b2
ii  libfontconfig12.11.0-6.3
ii  libfreetype6  2.5.2-2
ii  libgcc1   1:4.9.1-19
ii  libgdk-pixbuf2.0-02.31.1-2+b1
ii  libglib2.0-0  2.42.1-1
ii  libgtk2.0-0   2.24.25-1
ii  libhunspell-1.3-0 1.3.3-3
ii  libnspr4  2:4.10.7-1
ii  libnss3   2:3.17.2-1.1
ii  libpango-1.0-01.36.8-3
ii  libpangocairo-1.0-0   1.36.8-3
ii  libpangoft2-1.0-0 1.36.8-3
ii  libpixman-1-0 0.32.6-3
ii  libsqlite3-0  3.8.7.1-1
ii  libstartup-notification0  0.12-4
ii  libstdc++64.9.1-19
ii  libvpx1   1.3.0-3
ii  libx11-6  2:1.6.2-3
ii  libxcomposite11:0.4.4-1
ii  libxdamage1   1:1.1.4-2+b1
ii  libxext6  2:1.3.3-1
ii  libxfixes31:5.0.1-2+b2
ii  libxrender1   1:0.9.8-1+b1
ii  libxt61:1.1.4-1+b1
ii  psmisc22.21-2
ii  zlib1g1:1.2.8.dfsg-2+b1

Versions of packages icedove recommends:
ii  hunspell-de-at [hunspell-dictionary]  20131206-5
ii  hunspell-de-ch [hunspell-dictionary]  20131206-5
ii  hunspell-de-de [hunspell-dictionary]  20131206-5
ii  hunspell-en-us [hunspell-dictionary]  20070829-6

Versions of packages icedove suggests:
pn  fonts-lyx none
ii  libgssapi-krb5-2  1.12.1+dfsg-16

- -- no debconf information

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQJOBAEBCAA4BQJUx01MMRpodHRwczovL3d3dy5kb21pbmlrLWdlb3JnZS5kZS9n
cGctcG9saWN5LnR4dC5hc2MACgkQt5o8FqDE8pYVZg//bRlvrOL1b+pSpE7lU79z
CFkxRRavfAtco30g6FgOywTT8elazHzZkVAoK18dU7S4Xa8/DMRFOeENENjfGjZj
lTD+g7PR8ZsPWKiDKLnD4mR5q2YvKWYhGJJDtM3d8MkE5BLajp19NzaiQKZBXOaG
5+abGNW/ciHt83c4gml4h8sCnGbiveaKrM0KaPFWy3QH1/x6flfz3hUYzeLHwjHJ
E8zOz7Beg5X1Q0KsBz6n6GJqMNL56B0Z6TN91+TktcZxWedrJiHJD0Mvnvk1KxsB
oiMtPrkTH93/acscvauuGWYTvk3ddNS35VS4nTPMDuZg/UmbQeED6RoVpJDPcSQW
zlNhXtyQWpMuVokcFa+APNp+aXlev/1poAdgxvUrGPx6hnKvvp6e+aMEc7P7DCI5
Y2FJKEvvJPpXZTmMSjOV7U7ibZ+soDk3dTxH2EQ+9xXDA81blJNe03GmhPaShtdo
KA7BYBcfCK8FmSwafkPOlJNSKZTcn+KJOimjUnJpnoU2osUovcXuzSL3JbpQ7t3h
wE3uZHAT6EyDYe1QoZZ44n36SDcqEaWsTn6nWPO8bU1sdXFnjw13xuC6bHKpVfC+
SiJWCi41P5Dr4WprrK9uqOkNswaYUM0qA7T7rMU5G/mZfYaFl5774Wi53uzxYTOM
rYFzuVeYVUgcJQwspFOVYoU=
=MAx8
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776381: RFP: mate-applet-lockkeys -- Keyboard LED indicator applet for the MATE desktop environment

[Vangelis Mouhtsis]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Package: wnpp
Severity: wishlist

* Package name : mate-applet-lockkeys
  Version  : 1.9.0
  Upstream Author  : Stefano Karapetsas staf...@karapetsas.com
* URL  : http://www.mate-desktop.org
* License  : GPL
  Programming Lang : C
  Description  : Keyboard LED indicator applet for MATE desktop

 mate-applet-lockkeys is a MATE applet, that shows the status of the
 Caps, Num and Scroll Lock keys of your keyboard. This isn't
 especially useful for normal keyboards as they have LEDs for that.
 But some keyboards (espesially wireless keyboards) don't.
 One more feature of the applet is that it saves the status of the
 lock keys and restores them when starting MATE.
 .
 This package will be maintaining by the Debian MATE Packagin Team.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEcBAEBAgAGBQJUx5NjAAoJEGaW2W7vxiDhJgMH/iuOUUC3VL+B8syd+DaEAImK
uIwPeV+CjVWdP9DqSQzKaCzMmPQAW70Z9BQO4z2LWqU2PCjr90kd4fdTBGu0tkdA
hg8nR0e2P3vymTUre9kxhUw8ROwmUOXxBdJI6p+pnjrBb18wKbopfgmjyU6DTa5J
izSGnY6dKK8jNnJm11dOX9zU46Qn3zx4Hbm9jx2q6cXzUmqUwD2B3U9Q+pN/msgy
2QyGqDpruxZhReL6bP3t2NTMy2wwh04duEkT8eF2p6CpKCUlKbBc8KpE1kALBNXR
o4po2oayZFaniZ6Ibh+ATgqSIqrw/1cYZ+OtYN/vGY8EnoPOLBIzPGhGj07YjvI=
=ejxA
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775888: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427

[Aron Xu]

I'll check, if that's not too complicated I'll do it.

Cheers,
Aron


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775897: gnome-panel: horizontal spacing between icons is too much large

[Pierre Crescenzo]

Hello,

 Control: reassign -1 gnome-shell 3.14.2-3
[...]
 The screenshot is a (heavily customized) gnome-shell, not gnome-panel.

Yes, you're right. Thank you.

Regards,

-- 
Pierre Crescenzo
  mailto:pie...@crescenzo.nom.fr
  http://www.crescenzo.nom.fr/


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#725402: debian-handbook: Minor style and readability enhancements

[Raphael Hertzog]

Hi Carey,

On Tue, 27 Jan 2015, Carey Walker wrote:
 Quick question. When I got the above feedback, pretty sure I recall going
 to the handbook page a doing a quick online browse to see how the accepted
 changes turned out. Also pretty sure I saw all the changes I sent back!
 
 I went back today to look at something again and can't see any of the
 changes. Maybe I'm going mad, but just wanted to check if there has been a
 roll-back maybe to an earlier version since I last looked at it?

All your changes have been merged in the master branch, and what's online
is currently the wheezy/master branch.

So your changes have never been online (or only by mistake).

Regards,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#774328: [Pkg-samba-maint] Bug#774328: ctdb: Failed to start ctdb.service: Unit ctdb.service failed to load: No such file or directory.

[Mathieu Parent]

2015-01-16 9:20 GMT+01:00 Martin Schwenke mar...@meltin.net:
 On Tue, 13 Jan 2015 11:26:48 +0100, Mathieu Parent
 math.par...@gmail.com wrote:

 2014-12-31 23:16 GMT+01:00 Martin Schwenke mar...@meltin.net:

  # systemctl start ctdb
  Failed to start ctdb.service: Unit ctdb.service failed to load: No such 
  file or directory.
 [...]

 Couldn't reproduce here. But I need to test again in a clean VM.

 Yikes!  :-(

Still not reproducable with:
- a clean VM
- apt-get install ctdb
- sed -i 's/^CTDB_RECOVERY_LOCK/#CTDB_RECOVERY_LOCK/' /etc/default/ctdb
- edit /etc/ctdb/nodes (a one node cluster)
- touch /etc/ctdb/public_addresses
- sudo systemctl start ctdb
- wait ...
- ctdb status - OK (this node)

 Anything relevant in /var/log/{syslog,ctdb/log.ctdb}? journalctl -u
 ctdb.service?

 No, nothing at all.  It looks like it is failing somewhere in systemd.

It's /var/log/ctdb/log.ctdb. Have you checked it too?

 Well, I do get this from selinux:

   Jan 16 18:52:20 rover kernel: audit: type=1107 audit(1421394740.536:41175): 
 pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 
 msg='Unknown permission start for class system exe=/lib/systemd/systemd 
 sauid=0 hostname=? addr=? terminal=?'

 However, I am running in *permissive* mode, so selinux shouldn't be
 getting in the way:

   # sestatus | grep -i mode
   Current mode:   permissive
   Mode from config file:  permissive

 My gut is telling me that this has something to do with the selinux
 message... but how can this happen in permissive mode?

 Was this machine migrated from wheezy? Do you have rsyslog installed?

 Yes, this machine was probably upgraded from wheezy.  I have rsyslog
 installed.

 Do you know if there's a way of getting some debug out of systemd?

What journalctl --unit ctdb.service says ?

Is there any red line in systemctl list-units?

Can your try to reboot with sysvinit?

...

Regards

-- 
Mathieu


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#774328: Tagging bug

[Mathieu Parent]

tag 774328 + moreinfo unreproducible help
severity 774328 important
thanks

I'm lowering it since it's not reproducible.

Regards
-- 
Mathieu Parent


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776308: nagios-nrpe-server: Bad SSL_shutdown() causes Return code of 141 is out of bounds SIGPIPE/TCP RST

[Ivan Vilata i Balaguer]

According to [this comment](http://tracker.nagios.org/view.php?id=305#c1337),
the bug was fixed in NRPE 2.14.  I checked that it longer exists in Jessie/Sid.

Thanks,
-- 
Ivan Vilata i Balaguer


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776349: grass-gui: wx gui tries to load images from wrong location

[Sebastiaan Couwenberg]

Control: tags -1 confirmed

Hi Ambrose,

Thanks for reporting this issue.

On 01/27/2015 04:28 AM, Ambrose Andrews wrote:
 The gui wizard responded with some pop-up errors from gui such as:
 can't open file '/usr/lib/grass64/etc/gui/images/startup_banner.gif' (error 
 2:
 No such file or directory)
 
 (apparently such a file does exist at
 /usr/share/grass64/etc/gui/images/startup_banner.gif i.e. under /usr/share, 
 not
 /usr/lib)

For some reason the symlinks from the images under /usr/share to
/usr/lib are missing.

Among others, both /usr/lib/grass64/etc/gui/{icons,images}/ are
symlinked from /usr/share to have the images in the FHS mandated path,
but also have them available in the paths expected by GRASS.

http://anonscm.debian.org/cgit/pkg-grass/grass.git/tree/debian/grass-gui.links#n40

The symlinks are included in the package, but not on the filesystem
after installation:

$ dpkg-deb -c grass-gui_6.4.4-1_amd64.deb | grep ^l | egrep (images|icons)
lrwxrwxrwx root/root 0 2014-09-05 12:02 ./usr/lib/grass64/etc/gui/icons
- ../../../../share/grass64/etc/gui/icons
lrwxrwxrwx root/root 0 2014-09-05 12:02 ./usr/lib/grass64/etc/gui/images
- ../../../../share/grass64/etc/gui/images
lrwxrwxrwx root/root 0 2014-09-05 12:02 ./usr/lib/grass64/bwidget/images
- ../../../share/grass64/bwidget/images

$ ls -ld /usr/lib/grass64/etc/gui/icons /usr/lib/grass64/etc/gui/images
/usr/lib/grass64/bwidget/images
drwxr-xr-x 2 root root 4096 Sep  8 08:22 /usr/lib/grass64/bwidget/images
drwxr-xr-x 2 root root 4096 Sep  8 08:22 /usr/lib/grass64/etc/gui/icons
drwxr-xr-x 2 root root 4096 Sep  8 08:22 /usr/lib/grass64/etc/gui/images

This problem is limited to the directory symlinks, the symlinks for
individual files are working fine.

I'll look into the problem and fix the symlinks one way or the other.

Since this is not a release critical bug we can't fix in 6.4.4-1 before
the release, but we can probably get a targeted fix for this problem
into jessie with one of the stable updates.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/E88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776410: linux: FTBFS on arm64 - find: `debian/zlib-modules-3.16.0-4-arm64-di': No such file or directory

[Niels Thykier]

Source: linux
Version: 3.16.7-ckt4-1
Severity: serious

Hi,

The linux source package FTBFS on arm64[1].  I have include the
(hopefully) relevant part of the log below:


These modules from 3.16.0-4-arm64 are unpackaged:
kernel/arch/arm64/crypto/aes-ce-blk.ko
[... long list of .ko files ...]
kernel/sound/usb/snd-usbmidi-lib.ko
kernel-wedge strip-modules 3.16.0-4-arm64
kernel-wedge check kernel-image-3.16.0-4-arm64-di nic-modules-3.16.0-4-arm64-di 
nic-wireless-modules-3.16.0-4-arm64-di nic-shared-modules-3.16.0-4-arm64-di 
ppp-modules-3.16.0-4-arm64-di cdrom-core-modules-3.16.0-4-arm64-di 
scsi-core-modules-3.16.0-4-arm64-di scsi-modules-3.16.0-4-arm64-di 
loop-modules-3.16.0-4-arm64-di btrfs-modules-3.16.0-4-arm64-di 
ext4-modules-3.16.0-4-arm64-di isofs-modules-3.16.0-4-arm64-di 
jfs-modules-3.16.0-4-arm64-di xfs-modules-3.16.0-4-arm64-di 
fat-modules-3.16.0-4-arm64-di md-modules-3.16.0-4-arm64-di 
multipath-modules-3.16.0-4-arm64-di usb-modules-3.16.0-4-arm64-di 
usb-storage-modules-3.16.0-4-arm64-di input-modules-3.16.0-4-arm64-di 
event-modules-3.16.0-4-arm64-di nic-usb-modules-3.16.0-4-arm64-di 
sata-modules-3.16.0-4-arm64-di core-modules-3.16.0-4-arm64-di 
crc-modules-3.16.0-4-arm64-di crypto-modules-3.16.0-4-arm64-di 
crypto-dm-modules-3.16.0-4-arm64-di efi-modules-3.16.0-4-arm64-di 
ata-modules-3.16.0-4-arm64-di mmc-modules-3.16.0-4-arm64-di nbd-module
 s-3.16.0-4-arm64-di squashfs-modules-3.16.0-4-arm64-di 
virtio-modules-3.16.0-4-arm64-di uinput-modules-3.16.0-4-arm64-di 
zlib-modules-3.16.0-4-arm64-di udf-modules-3.16.0-4-arm64-di 
fuse-modules-3.16.0-4-arm64-di
find: `debian/zlib-modules-3.16.0-4-arm64-di': No such file or directory
zlib-modules-3.16.0-4-arm64-di will be empty
make[2]: *** [install-udeb_arm64] Error 1
make[1]: *** [binary-arch_arm64] Error 2
debian/rules.real:426: recipe for target 'install-udeb_arm64' failed
make[2]: Leaving directory '/«PKGBUILDDIR»'
debian/rules.gen:34: recipe for target 'binary-arch_arm64' failed
make[1]: Leaving directory '/«PKGBUILDDIR»'
make: *** [binary-arch] Error 2
debian/rules:42: recipe for target 'binary-arch' failed
dpkg-buildpackage: error: fakeroot debian/rules binary-arch gave error exit 
status 2


~Niels

[1] 
https://buildd.debian.org/status/fetch.php?pkg=linuxarch=arm64ver=3.16.7-ckt4-1stamp=1421386740


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775882: [debian-mysql] Bug#775882: mariadb-10.0: affected by CVEs of the Oracle Patch Update for January 2015?

[Otto Kekäläinen]

2015-01-27 8:09 GMT+02:00 Salvatore Bonaccorso car...@debian.org:
 Thanks for the update and checking with upstream regarding the two
 other CVEs. 10.0.16 seems now avaiable[1] (even though not yet
 announced on the webpage itself).

  [1]  https://downloads.mariadb.com/files/MariaDB/mariadb-10.0.16/source


10.0.16 has now been officially announced and I've updated both the
master and jessie branches of the Debian packaging repo:
http://anonscm.debian.org/cgit/pkg-mysql/mariadb-10.0.git/

Local builds pass OK. Currently I am running with the full test suite
etc and if they pass I'll upload master to experimental, and if it is
fully OK, I'll update jessie branch to unstable. As Jessie is not
released, there is no jessie-security upload target yet, right?


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#774899: libdrm-intel1: 855GM: Failed to submit batch buffer, expect rendering corruption: No space left on device

[Matthias Großmann]

Update on this bug: My first assumption that
drm_intel_gem_check_aperture_space() causes this problem is probably
wrong. As it turned out, this function fails a lot more often than I
see the failed to submit batch buffer message in Xorg.0.log - in
general without any noticeable impact.

After enabling some more debug output, I am now seeing the error
message

Execbuffer fails to pin. Estimate: 234897408. Actual: 67125248. Available: 
130940928

so I guess that the DRM_IOCTL_I915_GEM_EXECBUFFER2 ioctl in do_exec2()
causes the failure.

LibreOffice's print dialog can (sometimes) also trigger this bug.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776404: unblock: geoip/1.6.2-4

[Patrick Matthäi]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package geoip

It fixes the RC bug #775851


diff -Naur '--exclude=.svn' 1.6.2-3/debian/changelog 1.6.2-4/debian/changelog
--- 1.6.2-3/debian/changelog2015-01-05 10:19:53.916837259 +0100
+++ 1.6.2-4/debian/changelog2015-01-27 12:25:28.416240069 +0100
@@ -1,3 +1,10 @@
+geoip (1.6.2-4) unstable; urgency=high
+
+  * Fix for generating v6 and city database.
+Closes: #775851
+
+ -- Patrick Matthäi pmatth...@debian.org  Tue, 27 Jan 2015 12:20:30 +0100
+
 geoip (1.6.2-3) unstable; urgency=low
 
   * geoip-generator: Add support for skipping locations if the location ID is
diff -Naur '--exclude=.svn' 1.6.2-3/debian/src/geoip-csv-to-dat.cpp 
1.6.2-4/debian/src/geoip-csv-to-dat.cpp
--- 1.6.2-3/debian/src/geoip-csv-to-dat.cpp 2015-01-05 10:19:53.920837251 
+0100
+++ 1.6.2-4/debian/src/geoip-csv-to-dat.cpp 2015-01-27 12:25:28.440240068 
+0100
@@ -705,8 +705,18 @@
// location info's out of order).
std::vectorint location_pos;
 
+   // Set of location IDs that are actually going to be used;
+   // we'll silently ignore any locations not in this set.
+   std::setint needed_locations;
+ 
city_dat_writer(const char *dat_file_name, GeoIPDBTypes 
database_type);
 
+   // Notify of a location ID we need -- this MUST be
+   // called for every location ID you care about before
+   // the location CSV is read; any ID not explicitly
+   // notified will be discarded.
+   void notify_need_location(int loc_id);
+
void serialize_location_info(std::vectorstd::string info,
 const char *input_file_name,
 int input_line_number);
@@ -722,6 +732,11 @@
: dat_writer(dat_file_name, database_type)
 { }
 
+void city_dat_writer::notify_need_location(int loc_id)
+{
+   needed_locations.insert(loc_id);
+}
+
 void city_dat_writer::finalize_location_offsets(binary_trie trie)
 {
// We're going to convert the location numbers in the trie
@@ -751,7 +766,11 @@
int loc_id = it-edges[0] - 0x100;
if (loc_id = location_pos.size() || 
location_pos[loc_id] == -1)
error(EX_DATAERR, 1, Location %d exists in 
blocks but not in locations, loc_id);
-   it-edges[0] = location_pos[loc_id] + trie_size;
+
+   int offset = location_pos[loc_id] + trie_size;
+   if (offset  0xFF)
+   error(EX_DATAERR, 1, Overflow! Offset for 
location %d too large (0x%x  0xFF), loc_id, offset);
+   it-edges[0] = offset;
}
// Any other value would indicate a non-leaf node
 
@@ -761,7 +780,11 @@
int loc_id = it-edges[1] - 0x100;
if (loc_id = location_pos.size() || 
location_pos[loc_id] == -1)
error(EX_DATAERR, 1, Location %d exists in 
blocks but not in locations, loc_id);
-   it-edges[1] = location_pos[loc_id] + trie_size;
+
+   int offset = location_pos[loc_id] + trie_size;
+   if (offset  0xFF)
+   error(EX_DATAERR, 1, Overflow! Offset for 
location %d too large (0x%x  0xFF), loc_id, offset);
+   it-edges[1] = offset;
}
// Any other value would indicate a non-leaf node
}
@@ -812,8 +835,16 @@
  const char *input_file_name,
  int input_line_number)
 {
-   // First, we save the offset of this location block.
+   // First, we determine the offset of this location block.
int loc_id = ::atoi(info[0].c_str());
+
+   if (needed_locations.find(loc_id) == needed_locations.end()) {
+   // We don't need this location, so we skip serializing
+   // it altogether.
+
+   return;
+   }
+
if (loc_id = location_pos.size()) {
// We need to add to the location table (this is the
// usual case).
@@ -881,8 +912,8 @@
 
// Area code and metro code
if (info[1] == US) {
-   int area_code = ::atoi(info[7].c_str());
-   int metro_code = ::atoi(info[8].c_str());
+   int metro_code = ::atoi(info[7].c_str());
+   int area_code = ::atoi(info[8].c_str());
int area_metro_combined = metro_code * 1000 + area_code;
location_stream.put((area_metro_combined   0)  0xFF);
location_stream.put((area_metro_combined   8)  0xFF);
@@ -959,6 +990,7 @@
   

Bug#776414: Blurry EFI splash

[jnqnfe]

Package: debian-cd

When an official Debian disc image is loaded on a system with EFI, the
bootloader is displayed at at size of 800x600, larger than that used on
BIOS systems (640x480). The disc images include a bootloader splash
image (found in the syslinux directory) which has dimensions of 640x480
however, which is displayed sharp and clear on BIOS systems, but on EFI
systems, this splash image is stretched up to 800x600 making it blurry.

Please either swap the 640x480 image with an 800x600 one (presuming
syslinux will scale it down correctly), or include an additional 800x600
sized one for the grub (EFI) bootloader to use.

I have attached a copy of an updated/alternative 'Lines' theme svg,
which I also sent to the debian-cd team recently for consideration. This
uses the latest 'Lines' theme assets (I noticed tiny differences in the
logo compared to the current png that is available in the debian-cd_info
archive available on the mirrors), and I made an attempt to clean up the
'GNU/Linux' text (which someone other than the theme author has added on
top and imo looked messy).

CC-ing the debian-installer team, since the debian-cd_info archive is
held under the installer directories on the mirrors.

Bug#776407: RM: fribid -- ROM; unusable due to new network protocol

[Samuel Lidén Borell]

Package: ftp.debian.org
Severity: normal

Hi,

Please remove fribid. The package is no longer usable due to not
implementing a new network protocol (old software is now rejected almost
everywhere).

Thanks,
Samuel


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776408: unblock: geoip-database/20141027-2

[Patrick Matthäi]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package geoip-database

It fixes the RC bug #775638

diff -Naur '--exclude=.svn' 20141027-1/debian/changelog 
20141027-2/debian/changelog
--- 20141027-1/debian/changelog 2014-10-29 09:32:47.040286367 +0100
+++ 20141027-2/debian/changelog 2015-01-27 19:30:00.475552430 +0100
@@ -1,3 +1,10 @@
+geoip-database (20141027-2) unstable; urgency=high
+
+  * Set minimum required geoip version for building this package to 1.6.2-4.
+Closes: #775638
+
+ -- Patrick Matthäi pmatth...@debian.org  Tue, 27 Jan 2015 19:20:47 +0100
+
 geoip-database (20141027-1) unstable; urgency=low
 
   * New upstream release.
diff -Naur '--exclude=.svn' 20141027-1/debian/control 20141027-2/debian/control
--- 20141027-1/debian/control   2014-10-29 09:32:47.044286367 +0100
+++ 20141027-2/debian/control   2015-01-27 19:30:00.475552430 +0100
@@ -4,8 +4,8 @@
 Homepage: http://www.maxmind.com/
 Maintainer: Patrick Matthäi pmatth...@debian.org
 Build-Depends: debhelper (= 9),
- geoip-bin (= 1.6.2-2),
- libgeoip-dev (= 1.6.2-2)
+ geoip-bin (= 1.6.2-4),
+ libgeoip-dev (= 1.6.2-4)
 Standards-Version: 3.9.6
 
 Package: geoip-database


unblock geoip-database/20141027-2

-- System Information:
Debian Release: 7.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775916: unblock (pre-approval): caja/1.8.2-2

[Niels Thykier]

Control: tags -1 confirmed moreinfo

On 2015-01-21 15:06, Mike Gabriel wrote:
 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: unblock
 
 Please consider unblocking of planned upload of package caja
 
 [...]
 
 light+love,
 Mike
 
 unblock caja/1.8.2-2
 
 [...]

Ack, please upload it and remove the moreinfo tag once it is accepted
into unstable.

Thanks,
~Niels


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775925: RFP: lighthouse -- a peer to peer crowdfunding app that uses Bitcoin

[Joseph Bisch]

For the info of anyone looking to package lighthouse:

I haven't looked into all the dependencies of lighthouse, but one of
the dependencies is bitcoinj (see #629008), so that should be packaged
before lighthouse.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775882: [debian-mysql] Bug#775882: mariadb-10.0: affected by CVEs of the Oracle Patch Update for January 2015?

[Salvatore Bonaccorso]

Hi Otto,

On Tue, Jan 27, 2015 at 09:20:51PM +0200, Otto Kekäläinen wrote:
 2015-01-27 8:09 GMT+02:00 Salvatore Bonaccorso car...@debian.org:
  Thanks for the update and checking with upstream regarding the two
  other CVEs. 10.0.16 seems now avaiable[1] (even though not yet
  announced on the webpage itself).
 
   [1]  https://downloads.mariadb.com/files/MariaDB/mariadb-10.0.16/source
 
 
 10.0.16 has now been officially announced and I've updated both the
 master and jessie branches of the Debian packaging repo:
 http://anonscm.debian.org/cgit/pkg-mysql/mariadb-10.0.git/
 
 Local builds pass OK. Currently I am running with the full test suite
 etc and if they pass I'll upload master to experimental, and if it is
 fully OK, I'll update jessie branch to unstable. As Jessie is not
 released, there is no jessie-security upload target yet, right?

Yes right, so release team needs to ack it and give an unblock for it.
I hope this will be not problem, so that we can have alreayd
mariadb-10.0/10.0.16-1 in jessie.

Thanks for your work and keeping us up-to-date,

Regards,
Salvatore


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776413: Policy violation: ed priority optional, should be important

[Pigeon]

Package: ed
Version: any

The priority of the ed package has been changed to optional.
According to the changelog this is apparently for no reason other than
a response to bug #416585, the content of which is simply one person's
suggestion which he makes without providing any justification beyond
his personal whim.

The Debian policy manual
http://www.debian.org/doc/debian-policy/ch-archive.html#s-priorities
says: If the expectation is that an experienced Unix person who found
it missing would say What on earth is going on, where is foo?, it
must be an important package. Surely it is beyond question that this
applies to ed. Anyone needing to edit a file via a simple
line-oriented interface on a Unix-like system will automatically reach
for ed and will be most disconcerted to find it missing. And certainly
ed used to have priority important as this suggests it should.

The assertion in bug #416585 that anyone who wants it can easily
install it is not true. The principal value of ed is that it is an
editor which works when nothing else does. If the system is broken, or
incompletely installed, or only accessible via the most primitive of
interfaces, or in other situations of a like kind, which are the sort
of situations in which ed or an equivalent is likely to be the only
editor that is usable at all, it is also highly likely that installing
ed (or anything else for that matter) will be impossible. And the lack
of a functional editor makes it many times harder to fix whatever
problem has given rise to the need for it.

I have recently been caught this way a couple of times myself. In one
case I was able to copy /bin/ed from another system onto a USB stick
and use that. In another I had to use yucky workarounds like
sed -i -e 'editing commands' 'filename'.

Another virtue of ed is that it is possible to use it to patch
binaries without the risk that arises with less primitive editors of
some automatic formatting function messing the whole thing up. For
instance if a hard-coded pathname is causing problems then ed is
capable of changing it to something else of the same or shorter length
with no collateral damage. The kind of situation in which such a problem
is likely to arise is also the kind of situation in which editing the
source and recompiling is likely to be impossible.

In short, not only is it a policy violation for ed to have priority
optional, it also means that an important repair and rescue tool is
likely to be unavailable when it is most needed. Therefore I strongly
suggest that the priority for ed be reset to important.

-- 
Pigeon

Be kind to pigeons- -Pigeon's Nest: http://pigeonsnest.co.uk/
GPG key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x21C61F7F


signature.asc
Description: Digital signature

Bug#770533: release-notes: [jessie]: add note about removal of lire (once Bug#770532 has been dealt with)

[Niels Thykier]

On Sat, 22 Nov 2014 06:14:41 +0100 Joost van =?utf-8?Q?Baal-Ili=C4=87?=
joostvb-debian-b...@mdcc.cx wrote:
 Package: release-notes
 Severity: wishlist
 
 Hi,
 
 Once Bug#770532: (RM: lire) has been closed, we should probably add a note
 about why lire is not shipped with Debian jessie and mention alternatives
 (webalizer and friends).
 
 Bye,
 
 Joost
 
 PS: I'll likely fix this bug myself.  Don't let that stop you from fixing it
 earlier, though!
 [...]

Hi Joost,

Any news on this? :)

~Niels


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#745195: status

[Willi Mann]

Control: tag -1 + pending

I've upgraded this bug to RC status because it is a regression from
wheezy. It is especially bad because it may bite some reverse
dependencies that use unrtf as part of a processing chain.

Salvatore Bonaccorso has already proposed a fix for this bug, based on
the upstream fix in newer versions.

WM


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#767067: Retitling

[Lisandro Damián Nicanor Pérez Meyer]

On Tuesday 27 January 2015 15:57:00 you wrote:
 Hello Lisandro,
 
 Am Montag, den 26.01.2015, 18:50 -0300 schrieb Lisandro Damián Nicanor
 Pérez Meyer:
 [...]
 
  Hi! I have just uploaded Choqok 1.5 to experimental untill the freeze is
  over. If you use sid it should be quite straightforward to test, you can
  also wait until it gets into unstable/testing.
 
 If have tested Choqok 1.4-1:
 
 First with kwallet with the result that Choqok lost the auth data many
 times in a day.
 
 The I tested it with the gnome-keyring. With them it work very well,
 since weeks no data lose :-)
 
 For verifying I test it again with kwallet -- lost data.

Interesting, because I was also suspecting a problem with kwallet.

 Now I have Choqok 1.5-1 installed and I test it again.

I'll wait for your tests then :)

-- 
15: Que es el Correo Electronico
* El correo que te llega por la corriente
Damian Nadales
http://mx.grulic.org.ar/lurker/message/20080307.141449.a70fb2fc.es.html

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/


signature.asc
Description: This is a digitally signed message part.

Bug#775921: unblock: torbrowser-launcher/0.1.8-1 (pre-approval)

[Holger Levsen]

Hi,

On Dienstag, 27. Januar 2015, Niels Thykier wrote:
 Ack, please go ahead and remove the moreinfo tag once it has been
 uploaded to unstable.

thanks! but sadly 0.1.8-1 is not suitable and probably I dont want 0.1.9-1 
neither, the changes due to github tickets #155 and 157 might be too 
invasive/unsafe...

So maybe the diff will be even smaller than 0.1.8-1 in which case i'll just 
upload to sid as 0.1.7+debian-1. If we decide to go with 0.1.9-1 instead, I'll 
come back to you first though.

de13483 (from 0.1.8) and 3f1146e (from 0.1.9, fixing de13483) are the 
problematic upstream commits I'm talking about...


cheers,
Holger




signature.asc
Description: This is a digitally signed message part.

Bug#775502: [Pkg-openssl-devel] Bug#775502: openssl: 1.0.1e-2+deb7u14 broke DTLS handshake with Chrome/Firefox

[Kurt Roeckx]

On Mon, Jan 19, 2015 at 03:15:38PM +0300, ?? ??? wrote:
 Fri, 16 Jan 2015 18:43:36 +0100 ?? Kurt Roeckx k...@roeckx.be:
  
  There is an upstream bug report about the patch for CVE-2015-0206
  breaking it.  Are you sure it's the right patch?
 
 That's the patch removing which fixed the problem for me. I tried removing 
 the patch for CVE-2015-0206 
 (0112-A-memory-leak-can-occur-in-dtls1_buffer_record-if-ei.patch) and keeping 
 others but it didn't help - the problem is still present. I didn't try every 
 patch added in u14 indivilually though.
 
  The fix for that issue was to use SSL_CTX_set_read_ahead() setting
  it to 1.  Can you check that fixes it for you?
 
 That worked, thanks. Adding that function call fixes DTLS handshake with the 
 stock 1.0.1e-2+deb7u14 package.
 
 So, should this be considered a bug in libwebrtc or is this an unintended 
 breaking change in openssl?

The fix just uncovered a different bug.  The problem is that
recvfrom() might throw away the rest of a package if you didn't
receive the whole packet.  So the fix it to always read the whole
packet, by always doing the read ahead in the DTLS case.  This was
fixed usptream in commit 8dd4ad0ff5d1d07ec4b6dd5d5104131269a472aa.


Kurt


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776406: [Pkg-perl-maintainers] [Bug 1412071] [NEW] perl Time::Format module's $time returns negative milliseconds

[gregor herrmann]

Package: libtime-format-perl
Version: 1.11-1
Forwarded: https://rt.cpan.org/Public/Bug/Display.html?id=44167

On Tue, 27 Jan 2015 13:31:54 -, Launchpad Bug Tracker wrote:

 I'm using Linux Mint 17.
 
 dpkg-query -l libtime-format-perl:
 ii  libtime-format-perl  1.11-1   
  all   module for easy date/time formatting
 
 You can duplicate the problem by running:
 perl -e 'use Time::Format qw(%time %strftime); print 
 $time{mmdd.hhmmss.mmm}'
 
 which will produce something like:
 20150117.160824.-617

Confirmed on Debian jessie, same version of libtime-format-perl:

# amd64 chroot:
% perl -E 'use Time::Format qw(%time %strftime); say 
$time{mmdd.hhmmss.mmm}'
20150127.181509.-358

# i386 chroot:
% perl -E 'use Time::Format qw(%time %strftime); say 
$time{mmdd.hhmmss.mmm}'
20150127.181746.-405

 I found this perlmonks link from 2009 which addresses the bug:
 http://www.perlmonks.org/?node_id=750652
 Which references this bug report:
 https://rt.cpan.org/Public/Bug/Display.html?id=44167
 And that bug report says it is fixed in version 1.12

Thanks.
 
 For the record, the patch does seem to fix the bug (for me).  But March
 of 2009 was a *long* time ago (almost 6 years) -- is this bug going to
 be patched for the 1.11 version, or are there any plans to update to
 1.12?

1.12 is in our [0] git repo but not uploaded; according to our notes,
there were problems with some tests ...

Not sure if this bug (which doesn't seem to have affected anyone in Debian or 
Ubuntu
in ages) warrants an upload to Debian during the freeze; in any case,
I'm submitting it the Debian BTS now.


Cheers,
gregor, Debian Perl Group

-- 
 .''`.  Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06
 : :' : Debian GNU/Linux user, admin, and developer  -  http://www.debian.org/
 `. `'  Member of VIBE!AT  SPI, fellow of the Free Software Foundation Europe
   `-   NP: DKP: Die Internationale


signature.asc
Description: Digital Signature

Bug#775921: unblock: torbrowser-launcher/0.1.8-1 (pre-approval)

[Niels Thykier]

Control: tags -1 confirmed moreinfo

On 2015-01-21 16:16, Holger Levsen wrote:
 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: unblock
 x-debbugs-cc: pkg-anonymity-to...@lists.alioth.debian.org
 
 Hi,
 
 this is a pre-approval unblock request to upload a new upstream verion of
 torbrowser-launcher to fix a serious and an important bug in jessie. The new
 upstream release contains one other meaningful change which is the last
 hunk in the diff below (that's to fix opening links in TBB if one originally
 opened TBB without clicking a link, aka just started it.)
 
 [...]

Ack, please go ahead and remove the moreinfo tag once it has been
uploaded to unstable.

Thanks,
~Niels


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776412: chromium: beinsportsconnect.tv broken in chromium

[Sylvain Archenault]

Package: chromium
Version: 40.0.2214.91-1
Severity: minor

The beIn Sports Connect website
http://www.beinsportsconnect.tv/select-provider doesn't work on chromium, when
I click on any provider it doesn't redirect me to their side to sign in.

This works under iceweasel.

It's probably an upstream issue.



-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages chromium depends on:
ii  libasound2   1.0.28-1
ii  libc62.19-13
ii  libcairo21.14.0-2.1
ii  libcap2  1:2.24-6
ii  libcups2 1.7.5-10
ii  libdbus-1-3  1.8.14-1
ii  libexpat12.1.0-6+b3
ii  libfontconfig1   2.11.0-6.3
ii  libfreetype6 2.5.2-2
ii  libgdk-pixbuf2.0-0   2.31.1-2+b1
ii  libglib2.0-0 2.42.1-1
ii  libgnome-keyring03.12.0-1+b1
ii  libgtk2.0-0  2.24.25-1
ii  libharfbuzz0b0.9.35-2
ii  libjpeg62-turbo  1:1.3.1-11
ii  libnspr4 2:4.10.7-1
ii  libnspr4-0d  2:4.10.7-1
ii  libnss3  2:3.17.2-1.1
ii  libpango-1.0-0   1.36.8-3
ii  libpangocairo-1.0-0  1.36.8-3
ii  libpci3  1:3.2.1-3
ii  libspeechd2  0.8-7
ii  libspeex11.2~rc1.2-1
ii  libsrtp0 1.4.5~20130609~dfsg-1.1
ii  libstdc++6   4.9.2-10
ii  libudev1 215-10
ii  libx11-6 2:1.6.2-3
ii  libxcomposite1   1:0.4.4-1
ii  libxcursor1  1:1.1.14-1+b1
ii  libxdamage1  1:1.1.4-2+b1
ii  libxext6 2:1.3.3-1
ii  libxfixes3   1:5.0.1-2+b2
ii  libxi6   2:1.7.4-1+b2
ii  libxml2  2.9.2+dfsg1-1+b1
ii  libxrandr2   2:1.4.2-1+b1
ii  libxrender1  1:0.9.8-1+b1
ii  libxslt1.1   1.1.28-2+b2
ii  libxss1  1:1.2.2-1
ii  libxtst6 2:1.2.2-1+b1
ii  x11-utils7.7+2
ii  xdg-utils1.1.0~rc1+git20111210-7.3

chromium recommends no packages.

Versions of packages chromium suggests:
ii  chromium-inspector  40.0.2214.91-1
pn  chromium-l10n   none

-- Configuration Files:
/etc/chromium/default 3c0d2b6ec05d1629d94b328966a074bc [Errno 2] No such file 
or directory: u'/etc/chromium/default 3c0d2b6ec05d1629d94b328966a074bc'
/etc/chromium/initial_bookmarks.html a054d9aeaf28b7a9b564e7e8be177932 [Errno 2] 
No such file or directory: u'/etc/chromium/initial_bookmarks.html 
a054d9aeaf28b7a9b564e7e8be177932'
/etc/chromium/master_preferences 692be212bebbeafd4d034b479f983833 [Errno 2] No 
such file or directory: u'/etc/chromium/master_preferences 
692be212bebbeafd4d034b479f983833'

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776383: system hangs from btrfs

[Martin Steigerwald]

Hello!

Am Dienstag, 27. Januar 2015, 15:43:01 schrieb chrysn:
 Package: src:linux
 Version: 3.16.7-ckt2-1
 Severity: normal
 
 under conditions i can not narrow down further[1], all processes that
 try to access a given mounted btrfs file system freeze. this affects
 even processes like `ps u` called by a user not at home in the affected
 file system inside the first read to an opened /proc/8119/cmdline file.

I suggest you to report this upstream.

There are at least two known BTRFS hang issues even with 3.19 kernel being 
reported on the BTRFS upstream mailing list at vger.kernel.org.

See this thread:

3.19-rc5: Bug 91911: [REGRESSION] rm command hangs big time with deleting 
a lot of files at once

(and bugzilla.kernel.org bug with that number)

3.15 and 3.16 had another hang issue that should be fixed with 3.17 and 
hopefully also with a 3.16 update see:

fix for the infamous deadlock [1] 
https://btrfs.wiki.kernel.org/index.php/Changelog#v3.17_.28Oct_2014.29

[1] 
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9e0af23764344f7f1b68e4eefbe7dc865018b63d

(I think there are some other related commits fixing hanging along 
compressed write, like with compress=lzo mount option, I think they may be 
already in the 3.16 kernel you are using from the package.)


Also a general recommendation for me, leave enough free space. Ideally so 
much that BTRFS can still allocate new chunks from unreserved space, see:

[Bug 90401] New: btrfs kworker thread uses up 100% of a Sandybridge core 
for minutes on random write into big file


I am not sure whether any of the mentioned bugs are similar to what you 
see as I didn´t compare the backtraces. If the backtrace looks different 
than any of those in the bug reports and related mail threads, I strongly 
recommend that you report a bug upstream with bugzilla.kernel.org

I think it can help the debian kernel team tremendously to be able to 
cherry-pick an upstream patch, but for that one needs to be written or 
exist already :).  I am not a member of the Debian kernel team, I just 
monitor the debian-kernel mailinglist and use BTRFS since several years 
already on an increasing amount of systems.

That just as a few pointers that you may use to find your way to move along 
with the bug you have.

If you choose to report upstream, do some

echo t  /proc/sysrq-trigger

and cut attach the correspondending output of /var/log/kern.log to the 
upstream bug report.

Ciao,,
-- 
Martin 'Helios' Steigerwald - http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA  B82F 991B EAAC A599 84C7

signature.asc
Description: This is a digitally signed message part.

Bug#776409: —Bug#767832— not fixed in cryptsetup 2:1.6.6-4 nor 2:1.6.6-5

[zer0 divide]

Package: initramfs-tools
Version: 0.118_all
Severity: Critical

Hi,

Unfortunately, the 767832 bug still relevant  with :

 * cryptsetup 2:1.6.6-5amd64
 * initramfs-tools 0.118


My system does not start automatically after entering the password for 
unlocking the root partition. I have to unlock manually /usr (from 
initramfs ), and then do CTRL + D or typing «exit».


Finally, my system boot perfectly with initramfs-tools_0.116_all.deb.

Here what I get before booting manually initramfs-tools_0.118_all.deb, :
/
//
/ /Decompressiong Linux… Parsing ELF… done.//
//Booting the kernel.//
//Loading, please wait...//
//Please unlock disk sda1_crypt://
//cryptsetup: sda1_crypt set up successfully//
//fsck from util-linux 2.25.2//
///dev/mapper/sda1_crypt: clean, 7869/170688 files, 89041/682752 blocks//
//Gave up waiting for /usr device.  Common problems://
// - Boot args (cat /proc/cmdline)//
//   - Check rootdelay= (did the system wait long enough?)//
// - Missing modules (cat /proc/modules; ls /dev)//
//ALERT!  /dev/mapper/sda5_crypt does not exist.  Dropping to a shell!//
//modprobe: module ehci-orion not found in modules.dep//
//
//
//BusyBox v1.22.1 (Debian 1:1.22.0-9) built-in shell (ash)//
//Enter 'help' for a list of built-in commands./

Kind regards.

---BeginMessage---
This is an automatic notification regarding your Bug report
which was filed against the cryptsetup package:

#767832: cryptsetup: does not decrypt a split /usr as required by 
initramfs-tools = 0.118

It has been closed by Jonas Meurer m...@debian.org.

Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Jonas Meurer 
m...@debian.org by
replying to this email.


-- 
767832: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767832
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Source: cryptsetup
Source-Version: 2:1.6.6-4

We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 767...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonas Meurer m...@debian.org (supplier of updated cryptsetup package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Wed, 17 Dec 2014 14:24:41 +0100
Source: cryptsetup
Binary: cryptsetup cryptsetup-bin libcryptsetup4 libcryptsetup-dev 
cryptsetup-udeb libcryptsetup4-udeb
Architecture: source amd64
Version: 2:1.6.6-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Cryptsetup Team 
pkg-cryptsetup-de...@lists.alioth.debian.org
Changed-By: Jonas Meurer m...@debian.org
Description:
 cryptsetup - disk encryption support - startup scripts
 cryptsetup-bin - disk encryption support - command line tools
 cryptsetup-udeb - disk encryption support - commandline tools (udeb) (udeb)
 libcryptsetup-dev - disk encryption support - development files
 libcryptsetup4 - disk encryption support - shared library
 libcryptsetup4-udeb - disk encryption support - shared library (udeb) (udeb)
Closes: 764564 767832 768407
Changes:
 cryptsetup (2:1.6.6-4) unstable; urgency=medium
 .
   [ Simon McVittie ]
   * debian/initramfs/cryptroot-script: decrypt /usr as well as / so that
 split-/usr will work with initramfs-tools (= 0.118). (closes: #767832)
 .
   [ Jonas Meurer ]
   * debian/cryptdisks.funcctions: check for cryptdisks-udev initscript before
 actually invoking 'status' on it. It's only useful in ubuntu+upstart
 environment anyway. (closes: #764564)
   * debian/askpas.c: fix systemd_read() to really strip trailing newline from
 input. Thanks to Quentin Lefebvre for report and patch. (closes: #768407)
Checksums-Sha1:
 936823b42885dcd6f9f707eea950c1ecf5333441 2624 cryptsetup_1.6.6-4.dsc
 42b656a159c463aed36c2eaad44ad3833e22 82848 cryptsetup_1.6.6-4.debian.tar.xz
 01b311e05c39dfffc887cbe008d9d3607ed71dfa 159436 cryptsetup_1.6.6-4_amd64.deb
 602f9940f314c71dede8b4fd8ef81a19856b3a79 175504 
cryptsetup-bin_1.6.6-4_amd64.deb
 462b154b510fc695512082aa39fe067758405504 103142 
libcryptsetup4_1.6.6-4_amd64.deb
 079c0e89dc8b261f6484a228d1b3bb145d7b3fb7 49720 
libcryptsetup-dev_1.6.6-4_amd64.deb
 e622e08734147050239fdafc63481b40378e51fc 36700 
cryptsetup-udeb_1.6.6-4_amd64.udeb
 65cd68dd5561bcc8068bd62187e04038e0d17a67 64828 
libcryptsetup4-udeb_1.6.6-4_amd64.udeb
Checksums-Sha256:
 d7126c3675793555c8d7fa084505cf0a4dbfaa80e2903379afd21036489d9074 2624 
cryptsetup_1.6.6-4.dsc
 

Bug#776360: nmu: user-mode-linux_3.16-1um-0.1

[Niels Thykier]

Control: tags -1 moreinfo

On 2015-01-27 09:53, Ansgar Burchardt wrote:
 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: binnmu
 
 Hi,
 
 user-mode-linux is built against an old kernel version (3.16.5-1). I
 think it should be rebuilt against the current version before release.
 
   nmu user-mode-linux_3.16-1um-0.1 . ALL . -m Rebuilt against linux 
 3.16.7-ckt4-1.
 
 Ansgar
 
 

The current version of the kernel FTBFS on arm64, so we might see a
newer version of Linux.

~Niels


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#772886: RFP: bitsquare -- The decentralized bitcoin exchange

[Joseph Bisch]

For the info of anyone looking to package bitsquare:

I haven't looked into all the dependencies for bitsquare, but one of
the dependencies is bitcoinj (see #629008), so that should be packaged
before bitsquare.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775882: [debian-mysql] Bug#775882: mariadb-10.0: affected by CVEs of the Oracle Patch Update for January 2015?

[Otto Kekäläinen]

Here is the reply from a MariaDB core developer:

2015-01-26 21:39 GMT+02:00 Sergei Golubchik s...@mariadb.org:
 Hi, Otto!

 On Jan 26, Otto Kekäläinen wrote:
 Hello Sergei!

 The page https://mariadb.com/kb/en/mariadb/security/ does not mention
 the ones Salvatore asks about below: 0385 and 0409. Any info on them?

 Salvatore is right - these bugs are 5.6 only and we don't have Server :
 Optimizer and Server : Pluggable Auth 5.6 code in MariaDB-10.x

 Generally from all 5.6-only MySQL bugs only InnoDB issues apply to
 MariaDB-10.x.

 Hmm, I've just checked the source code patch between 5.6.21 and 5.6.22 -
 there were *no* changes to the pluggable authentication code. None
 whatsoever. I don't know what Oracle means by

 CVE-2015-0385 Server: Pluggable Auth 5.6.21 and earlier


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776360: nmu: user-mode-linux_3.16-1um-0.1

[Ansgar Burchardt]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

Hi,

user-mode-linux is built against an old kernel version (3.16.5-1). I
think it should be rebuilt against the current version before release.

  nmu user-mode-linux_3.16-1um-0.1 . ALL . -m Rebuilt against linux 
3.16.7-ckt4-1.

Ansgar


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#733910: Added ckon to highenergy-physics-dev (as per your SoB Wiki entry)

[Patrick Huck]

Hi Andreas,
+Suggests: ckon 
which will put this package on the according tasks page (for instance by 
pinging the Debian Science list)
I was aware of the request to put this package on the tasks page but couldn’t 
find out how to. Thanks for showing me and taking care of it. I’ll make sure to 
do it next time.

$ cme fix dpkg-control 
- source DM-Upload-Allowed : dropping deprecated parameter 
I’m fine with all the changes and believe that DM-Upload-Allowed is deprecated 
unlike documented in the Debian Science Policy. I made a note to ensure I run 
cme next time.

debian/README.source: Please remove this useless boilerplate
Done.

debian/changelog: The latest changelog entry should close the ITP bug. I'd 
recommend to remove all old 
entries and just leave the recent one.
Done.

debian/copyright: use an extra Files: debian/* paragraph
Done.

debian/rules: I'm a bit allergic against remaining boilerplates.
Ok, this sponsee also knows that now :-) I removed the boilerplate comments.

Please let me know if you fixed these issue and I check a build.
All issues fixed [1] and new version uploaded [2]

[1] http://anonscm.debian.org/cgit/debian-science/packages/ckon.git/

[2] http://mentors.debian.net/package/ckon

best and thanks, Patrick

Bug#776329: installation-reports: Jessie RC1 on Dell Vostro 550

[Cyril Brulebois]

Hi Simon,

and thanks for your report!

Simon Josefsson si...@josefsson.org (2015-01-27):
 Installation went fine, but some nits:
 
 1) I tried a graphical install, but the builtin mouse did not work
well: moving the cursor didn't work, but clicking buttons did.

I really should get my hands on some such laptop to debug this issue.

Since we have several of those already, I'm not sure cloning a separate
bug report is needed here.

 2) It queries for IWLWIFI firmware and mentions the following
firmwares:
 
   iwlwifi-6000g2b-5.ucode iwlwifi-6000g2b-6.ucode iwlwifi-6000g2b-5.ucode 
 iwlwifi-6000g2b-6.ucode
 
   Note how the filenames are duplicated.  This seems like a cosmetic
   problem?

Deduplicating shouldn't cost much, yeah. $files and $modules in the
check_missing() function of check-missing-firmware.sh (package
hw-detect), if somebody wants to take a look. Can be cloned away.

 3) After inserting a USB stick with firmware, it loads
iwlwifi-6000g2b-6.ucode fine (and wifi works).  However, it still
complains about missing firmware files:
 
iwlwifi-6000g2b-5.ucode iwlwifi-6000g2b-5.ucode
 
I click 'No' and continue installation.  The -5 firmware file is
not included in the firmware-iwlwifi package -- should it be?

ISTR there's some kind of versioning here, and without knowing about it
much, I'd guess -6 obsoleted -5 and is sufficient there.

Wifi appears to be working fine without it, though.  Or should the
installer be tought that the firmware isn't needed?

I'm not familiar with these components, but: maybe the firmware check
doesn't distinguish between early and later requests? I'd expect the
kernel not to complain anymore about a missing -5 if it's presented with
-6 in the meanwile. That should be easy to check in your installer logs
(/var/log/installer/syslog).

If the kernel indeed complains about -5 on the second attempt, I'm not
sure how we can deal with that; if it doesn't, chaning check_missing()
to only look at later kernel logs shouldn't be hard; in which case that
can be cloned away.

 4) The machine also requires firmware for the builtin NIC
(rtl_nic/rtl8168e-2.fw) but I don't get a question about it.  While
this may be intention (there is just one global
load-non-free-firmware-yes-no?), it is a bit sub-optimal.  Maybe I
only want to load firmware for one of the hardware pieces in my
machine and not the others?  This doesn't seem possible.  So this
is a feature request to prompt with explicit filenames for every
different hardware separately.

Again, not familiar with these components, so I'll stick don't know
for now, sorry.

Mraw,
KiBi.


signature.asc
Description: Digital signature

Bug#775571: mate-session-manager: gnome-keyring integration broken (by patch from #775189)

[Dominik George]

Control: severity -1 important

I realised that this bug breaks a lot of integration within our workshop
environment.

Although technically, not using GNOME Keyring at all in MATE seems
legit, the behaviour with the bug is a regression that breaks things
that used to just work.

Raising severity to important to maybe flatten the unblock path ;).

-- 
Dominik George (1. Vorstandsvorsitzender, Pädagogischer Leiter)
Teckids e.V. - Erkunden, Entdecken, Erfinden.
https://www.teckids.org



signature.asc
Description: OpenPGP digital signature

Bug#773319: pre-approval: unblock: sudo/1.8.10p3-1.1; possibly sudo/1.8.11p2-1.1?

[Christian Kastner]

Control: tags -1 - moreinfo

Hi,

On 2015-01-17 20:38, Ivo De Decker wrote:
 Don't remove the moreinfo tag from this bug when the upload enters t-p-u
 (unless you have other info to add to the discussion). Leave it there for at
 least 5 days. After that, remove the moreinfo tag from this bug and let us
 know whether you had any reports about the upload (good or bad). We will
 review the situation at that point.

sudo 1.8.10p3-1+deb8u1 was uploaded to t-p-u on 2015-01-19. In the week
since then, no new bugs were reported, nor have I become aware of any
other issues.

Regards,
Christian


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775921: A user who uses TBB now and then.

[shirish शिरीष]

Hi all,
While the Stable Release Managers (SRM's) would have the last laugh, I
do think it would be nice if we can get 1.8.1 release in Debian. From
the debdiff shared it seems only 8 lines of working code are changed
excluding comments and the changelog. I don't know python so can't
help there.

I hope somebody looks at those 8 lines and makes a resolution quickly
so we (the users) can get it in Jessie.

If somebody can provide instructions to get the .deb package, can
install it and report back.
-- 
  Regards,
  Shirish Agarwal  शिरीष अग्रवाल
  My quotes in this email licensed under CC 3.0
http://creativecommons.org/licenses/by-nc/3.0/
http://flossexperiences.wordpress.com
EB80 462B 08E1 A0DE A73A  2C2F 9F3D C7A4 E1C4 D2D8


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#771925: [release-notes] Add a note of base-passwd hardening shell on backup user - reviewed (corrected some typos and spaces)

[Niels Thykier]

On 2015-01-27 10:38, Stephan Beck wrote:
 Package: release-notes
 
 --- Please enter the report below this line. ---
 
 Hi Niels,
 
 I reviewed the patch and corrected some typos and spaces.
 Moreover, I'd prefer to use ...corresponding instead of necessary in the 
 If
 your local setup requires... sentence, merely a question of style, though.
 Take it or leave it :-)
 
 Attached you'll find the diff of the patch. I renamed it using 0002-...
 I hope that's ok.
 
 Regards
 
 Stephan Beck
 

Applied, thanks.

~Niels


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776317: Jessie RC1 amd64 mini image missing efi bootloader

[Cyril Brulebois]

Hi Jack,

and thanks for your report.

Jack Truong jack.tru...@uwaterloo.ca (2015-01-26):
 Package: cdimage.debian.org
 
 Apologies if this is the wrong package.

This might be, but don't worry, we'll sort it out.

 I'm using the jessie rc1 amd64 mini.iso and the EFI partition doesn't seem
 to have anything in it. It should have efi/boot/bootarch.efi for EFI
 firmware to load properly. It also doesn't seem to exist in the i386 image
 either.

mini.iso is produced during the build of the debian-installer package, and 
later installed on mirrors in e.g.:
  
http://ftp.fr.debian.org/debian/dists/testing/main/installer-amd64/20141002/images/netboot/
  
http://ftp.fr.debian.org/debian/dists/testing/main/installer-amd64/20150107/images/netboot/

I've just grabbed mini.iso in both (respectively used for Beta 2 and RC
1), and both seem to have efi bits inside (at least according to a loop
mount). I don't know much about EFI Partition etc. therefore I'm not
sure how they're related to an ISO9660 image. :/

It'd be nice to start by telling us the full URL to the mini.iso you
downloaded.

Mraw,
KiBi.


signature.asc
Description: Digital signature

Bug#775888: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427

[Ritesh Raj Sarraf]

On 01/26/2015 10:51 PM, Moritz Mühlenhoff wrote:
 Moritz,
  
  For unstable, I've pushed the upload an d asked for an exception.
 I've added the VMSVGA fixes to the security tracker, but there are also
 two issues in Core, which apply to wheezy/jessie:

 Could you please check back with upstream on CVE-2015-0377 and CVE-2015-0418?

 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Frank from Oracle had mentioned that those 2 CVEs do not affect 4.3.x.
(Please see attached email).

For Wheezy, those CVE patches are included.


TO quote Frank and Gianfranco's conversation:
 CVE-2015-0418: VBox 4.3.x is not affected (only 4.2.x and older)
 CVE-2015-0377: VBox 4.3.x is not affected (only 4.2.x and older)
 do you have any patch for = 4.2.x then?

Attached.



-- 
Ritesh Raj Sarraf | http://people.debian.org/~rrs
Debian - The Universal Operating System

---BeginMessage---
Hi Gianfranco,

On Wednesday 21 January 2015 14:28:53 Gianfranco Costamagna wrote:
 the most CVEs from that CPU are related to the experimental VMSVGA
 implementation. This code is not documented and not announced and
 regular users will not use it. Therefore I suggest you to just disable
 that code by setting
 
   VBOX_WITH_VMSVGA=
   VBOX_WITH_VMSVGA3D=
 
 This will automatically omit CVE-2014-6595, CVE-2014-6590, CVE-2014-6589,
 CVE-2014-6588 and CVE-2015-0427. The actual patch to fix this code is a bit
 lengthy, therefore disabling this code is IMO the best solution.
 
 I presume starting from version 4.0 everything needs to be patched by
 disabling it?

that code does only exist in VBox 4.3.x, older branches are not affected.

 CVE-2015-0418: VBox 4.3.x is not affected (only 4.2.x and older)
 CVE-2015-0377: VBox 4.3.x is not affected (only 4.2.x and older)
 
 do you have any patch for = 4.2.x then?

Attached.

 4.0.10 4.1.12 4.1.18 4.3.10 4.3.14 4.3.18

These patches are against the latest code in the respective branches but
I hope they apply to these old versions. Sorry but it's not possible to
support such old versions, we only support the latest versions of a
specific branch.

 4.3.20 (not affected at all I presume)

Correct, already contains fixes for all these problems.

Frank
-- 
Dr.-Ing. Frank Mehnert | Software Development Director, VirtualBox
ORACLE Deutschland B.V.  Co. KG | Werkstr. 24 | 71384 Weinstadt, Germany

Hauptverwaltung: Riesstr. 25, D-80992 München
Registergericht: Amtsgericht München, HRA 95603
Geschäftsführer: Jürgen Kunz

Komplementärin: ORACLE Deutschland Verwaltung B.V.
Hertogswetering 163/167, 3543 AS Utrecht, Niederlande
Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
Geschäftsführer: Alexander van der Ven, Astrid Kepper, Val MaherIndex: src/VBox/VMM/VMMAll/IOMAllMMIO.cpp
===
--- src/VBox/VMM/VMMAll/IOMAllMMIO.cpp	(revision 95342)
+++ src/VBox/VMM/VMMAll/IOMAllMMIO.cpp	(revision 95343)
@@ -1290,7 +1290,13 @@
 if (rc2 == VERR_SEM_BUSY)
 return (uErrorCode  X86_TRAP_PF_RW) ? VINF_IOM_HC_MMIO_WRITE : VINF_IOM_HC_MMIO_READ;
 #endif
-VBOXSTRICTRC rcStrict = iomMMIOHandler(pVM, uErrorCode, pCtxCore, GCPhysFault, iomMMIOGetRange(pVM-iom.s, GCPhysFault));
+PIOMMMIORANGE pRange = iomMMIOGetRange(pVM-iom.s, GCPhysFault);
+if (RT_UNLIKELY(!pRange))
+{
+iomUnlock(pVM);
+return VERR_IOM_MMIO_RANGE_NOT_FOUND;
+}
+VBOXSTRICTRC rcStrict = iomMMIOHandler(pVM, uErrorCode, pCtxCore, GCPhysFault, pRange);
 iomUnlock(pVM);
 return VBOXSTRICTRC_VAL(rcStrict);
 }
Index: include/VBox/hwacc_vmx.h
===
--- include/VBox/hwacc_vmx.h	(revision 96156)
+++ include/VBox/hwacc_vmx.h	(revision 96157)
@@ -519,6 +519,12 @@
 #define VMX_EXIT_WBINVD 54
 /** 55 XSETBV. Guest software attempted to execute XSETBV. */
 #define VMX_EXIT_XSETBV 55
+/** 57 RDRAND. Guest software attempted to execute RDRAND. */
+#define VMX_EXIT_RDRAND 57
+/** 58 INVPCID. Guest software attempted to execute INVPCID. */
+#define VMX_EXIT_INVPCID58
+/** 59 VMFUNC. Guest software attempted to execute VMFUNC. */
+#define VMX_EXIT_VMFUNC 59
 /** @} */
 
 
Index: src/VBox/VMM/VMMR0/HWVMXR0.cpp
===
--- src/VBox/VMM/VMMR0/HWVMXR0.cpp	(revision 96156)
+++ src/VBox/VMM/VMMR0/HWVMXR0.cpp	(revision 96157)
@@ -4036,6 +4036,10 @@
 case VMX_EXIT_VMWRITE:  /* 25 Guest software executed VMWRITE. */
 case VMX_EXIT_VMXOFF:   /* 26 Guest software executed VMXOFF. */
 case VMX_EXIT_VMXON:/* 27 Guest software executed VMXON. */
+case VMX_EXIT_INVEPT:   /* 50 Guest software executed INVEPT. */
+case VMX_EXIT_INVVPID:  /* 53 Guest software executed INVVPID. */
+case VMX_EXIT_INVPCID:  /* 58 Guest software executed INVPCID. */
+case 

Bug#728455: rc bugs status page has not the website style (css)

[Tomas Pospisek]

On Sat, 24 Jan 2015, Tomas Pospisek wrote:

attached is a patch agains bugscan.git that implements the change proposed by 
Stéphane in http://bugs.debian.org/728455


Don has applied the patch, however it had some problems (introduced by 
myself...) so currently the output is a bit broken.


That has been fixed in my branch [1] (this time for good I think!) so 
after a pull by Don the generated pages should be fine.


Thanks,
*t

[1] https://github.com/tpo/bugscan

PS: Don: ping: please pull

Bug#776317: Jessie RC1 amd64 mini image missing efi bootloader

[Ian Campbell]

On Tue, 2015-01-27 at 09:15 +0100, Cyril Brulebois wrote:
 I've just grabbed mini.iso in both (respectively used for Beta 2 and RC
 1), and both seem to have efi bits inside (at least according to a loop
 mount).

Not speaking of bootarch.efi but -- there was no useful grub.cfg on
the x86 mini.iso until the 20150107 release (see #762618). So 20150107
is certainly necessary for a useful EFI boot from mini.iso and
everything was present and correct when I was looking at #762618.

It's possible I suppose that the lack of grub.cfg might look a bit like
a lack of bootarch.efi under some circumstances.

  I don't know much about EFI Partition etc. therefore I'm not
 sure how they're related to an ISO9660 image. :/

(Feel free to skip this bit if you don't care about the details!)

The EFI System Partition (ESP) is on the ISO as /boot/grub/efi.img,
which is a file with a suitable FAT partition for EFI to read (it's also
referenced by various ISO headers, el-torito/*mumble* etc).

AFAICT the beta release (20141002) had everything needed apart from the
grub.cfg:

$ wget 
http://ftp.fr.debian.org/debian/dists/testing/main/installer-amd64/20141002/images/netboot/mini.iso
$ isoinfo -i mini.iso -RJ -x /boot/grub/efi.img  efi.img
$ mdir -i efi.img ::efi/boot
 Volume in drive : has no label
 Volume Serial Number is FF65-0EDB
Directory for ::/efi/boot

.DIR 2014-09-27   0:08 
..   DIR 2014-09-27   0:08 
bootx64  efi392192 2014-09-27   0:08 
3 files 392 192 bytes
 10 240 bytes free
$

The remainder of the grub bits are then on the ISO (outside the ESP)
in /boot/grub/..., except as noted, that the grub.cfg in 20141002 was
empty.

$ isoinfo -i mini.iso -fRJ | grep /boot/grub
/boot/grub
/boot/grub/efi.img
/boot/grub/font.pf2
/boot/grub/grub.cfg
/boot/grub/x86_64-efi
/boot/grub/x86_64-efi/acpi.mod
[...lots more...]

 It'd be nice to start by telling us the full URL to the mini.iso you
 downloaded.

Yes, please.

Ian.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776361: nmu (for stable): user-mode-linux_3.2-2um-1+deb7u2

[Ansgar Burchardt]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

Hi,

user-mode-linux in stable is built against linux version 3.2.54-2, but
proposed-updates is already at version 3.2.65-1+deb7u1. user-mode-linux
should probably be rebuilt against the current version.

nmu user-mode-linux_3.2-2um-1+deb7u2 . ALL . -m Rebuilt against linux 
3.2.65-1+deb7u1.

(Note that the binary version for user-mode-linux is at +b2.)

Ansgar


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776362: dejagnu: spurious failures on multi-core setups

[Mark Wielaard]

Package: dejagnu
Version: 1.5-3
Severity: important
Tags: upstream patch

Dear Maintainer,

A very old bug, that was only recently patched in upstream dejagnu,
but that has been fixed in some other distros, causes dejagnu when
running on multiple cores to produce spurious errors/FAILs.

Depending on load dejagnu, when spawning a child process, might get a
SIGHUP when the child finishes, but not all output has been read in
the dejagnu parent process. This might cause dejagnu to report FAILs
for tests that should normally PASS.

The bug was found in 2005:
https://lists.gnu.org/archive/html/bug-dejagnu/2005-08/msg0.html

But only applied upstream in 2011:
https://lists.gnu.org/archive/html/dejagnu/2011-03/msg00019.html
http://git.savannah.gnu.org/gitweb/?p=dejagnu.git;a=patch;h=50a378f626fcdbaf30202a36bf73738de08a53bf

It didn't make it into the dejagnu 1.5 or 1.5.1 release yet.

But has been in for example the fedora dejagnu package for years.
http://pkgs.fedoraproject.org/cgit/dejagnu.git/commit/?id=7d64d9a9d8bac6e44ea82144c30087fec9369704

The backport to the packaged dejagnu is simple:

--- /usr/share/dejagnu/remote.exp   2011-11-23 14:12:26.0 +0100
+++ /usr/share/dejagnu/remote.exp   2015-01-26 22:01:05.670611971 +0100
@@ -86,11 +86,16 @@
 # doesn't assign process groups correctly and we can't reliably kill
 # programs that bear children. We can't use tcl's exec because it has
 # no way to timeout programs that hang. *sigh*
+#
+# The expect command will close the connection when it sees EOF. On
+# SMP machine, close the connection may send SIGHUP to the child
+# and cause it to exit before it can exit normally.  We should make
+# the child to ignore SIGHUP.
 
 global errorInfo
 if { $inp ==   $outp ==  } {
set id -1
-   set result [catch eval spawn \{${commandline}\} pid]
+   set result [catch eval spawn -ignore SIGHUP \{${commandline}\} pid]
if { $result == 0 } {
set result2 0
} else {
@@ -130,7 +135,7 @@
return [list -1 open of $commandline $inp $outp failed: 
$errorInfo]
}
set pid [pid $id]
-   set result [catch spawn -leaveopen $id result2]
+   set result [catch spawn -ignore SIGHUP -leaveopen $id result2]
 }
 # Prepend - to each pid, to generate the process group IDs needed by
 # kill.


-- System Information:
Debian Release: 7.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages dejagnu depends on:
ii  dpkg  1.16.15
ii  expect5.45-2
ii  install-info  4.13a.dfsg.1-10

dejagnu recommends no packages.

dejagnu suggests no packages.

-- debconf-show failed


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776357: libreoffice FTBFS on hppa architecture (with patch)

[Rene Engelhard]

On Tue, Jan 27, 2015 at 08:50:19AM +0100, Helge Deller wrote:
 Package: libreoffice
 Version: 4.4.0~rc3-1
 Severity: important

Seriously? For a ach not in Debiani/a arch which will probably never come
back to Debian given even HP stopped selling/supporting it?

Don't believe so.

 Tags: patch
 
 libreoffice fails to build because of this error during configure stage:
 configure: WARNING: You are building 64-bit binaries but the JDK 
 /usr/lib/jvm/java-gcj/bin/java is 32-bit
 configure: error: You should pass the --with-jdk-home option pointing to a 
 64-bit JDK
 Error running configure at ./autogen.sh line 266.

That is also the same on the kfreebsd-amd64 buildds, but only the experimental
ones...

 The attached patch fixes this. The problem is, that on the hppa architecture 
 we still only
 support 32bit userspace (although this 32bit userspace can run on a 64bit 
 kernel).
 The configure scripts in libreoffice assume we are 64bit userspace and as 
 such expects a 64bit JDK which is wrong.
 The attached patch moves the hppa platform down to the 32bit platforms.
 
 I assume that there are one or two further patches needed for hppa (The 
 source is still compiling since a day so I can't tell exactly yet)...

Well, it was available for hppa once, but probably, yes.

Regards,

Rene


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775571: GPG/SSH agent in MATE desktop stopped working

[Dominik George]

Hi Mike and others,

 this has been seen to in latest mate-session-manager upload-proposal 
 (1.8.1-7).
 See #775914 on Debian BTS [1]. Your issue has already been reported as 
 #775571 [2]. 

I have built 1.8.1-7 locally and can confirm that it works well.

Cheers,
Nik


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776317: Jessie RC1 amd64 mini image missing efi bootloader

[Thomas Schmitt]

Hi,

Summary:

There are two EFI System Partitions in mini.iso.
The one for booting from USB stick or qemu -hdb is indeed empty.

One could try whether it helps to copy the files from the FAT
image /boot/grub/efi.img in the ISO to MBR partition 2:

- Put mini.iso onto a USB stick /dev/sdb or other hard disk device

dd if=mini.iso of=/dev/sdb

- Mount the ISO image

mount -o loop mini.iso /mnt/iso

- Mount the FAT filesystem inside /mnt/iso/boot/grub/efi.img

mount -o loop /mnt/iso/boot/grub/efi.img /mnt/fat_iso

- Mount the FAT filesystem in MBR partition 2 of the USB stick

mount /dev/sdb2 /mnt/fat

- Copy from efi.img into partition 2 of the USB stick:

cp -a /mnt/fat_iso/* /mnt/fat

- Check for sucessful copy:

find /mnt/fat

  should yield

/mnt/fat
/mnt/fat/efi
/mnt/fat/efi/boot
/mnt/fat/efi/boot/bootx64.efi

- Unmount what you mounted:

umount /mnt/fat_iso /mnt/fat /mnt/iso 

- Try whether the stick boots via EFI.

---
Details:

Cyril Brulebois wrote:
 I don't know much about EFI Partition etc. therefore I'm not
 sure how they're related to an ISO9660 image. :/

mini.iso and debian-7*-amd64-netinst.iso differ in this aspect.

In Debian amd64 netinst, the EFI System Partition is a data file
inside the ISO filesystem which contains a FAT filesystem image.
In this FAT image there are the files which EFI will use for booting.
Debian has GRUB2 boot loader equipment in there.
The block address and size of the EFI partition is published by
an entry in the El Torito boot catalog, by a partition table entry
in the MBR, by a partition table entry in GPT, and by a (probably
useless) entry in Apple Partition Map.

Inspecting mini.iso

  
http://ftp.fr.debian.org/debian/dists/testing/main/installer-amd64/20150107/images/netboot/mini.iso

by xorriso-1.3.8 yields:

  Volume id: 'ISOIMAGE'
  El Torito catalog  : 59  1
  El Torito cat path : /boot.cat
  El Torito images   :   N  Pltf  B   Emul  Ld_seg  Hdpt  Ldsiz LBA
  El Torito boot img :   1  BIOS  y   none  0x  0x00  48959
  El Torito boot img :   2  UEFI  y   none  0x  0x008329205
  El Torito img path :   1  /isolinux.bin
  El Torito img opts :   1  boot-info-table isohybrid-suitable
  El Torito img path :   2  /boot/grub/efi.img
  System area options: 0x0302
  System area summary: MBR isohybrid cyl-align-all
  ISO image size/512 : 44332
  Partition offset   : 0
  MBR heads per cyl  : 64
  MBR secs per head  : 32
  MBR partition table:   N Status  TypeStart   Blocks
  MBR partition  :   1   0x80  0x17045056
  MBR partition  :   2   0x00  0x014505612288
  
So we have no GPT and no (probably useless) APM here.
There are two EFI partitions exposed.
One is the data file /boot/grub/efi.img of the ISO filesystem
pointed to by the El Torito boot catalog.
The other is an appended blob, marked by MBR partition 2.
(The partition type 0x01 is questionable.)

One can extract them by:

  mount -o loop mini.iso /mnt/iso
  cp /mnt/iso/boot/grub/efi.img eltorito_efi.img

  dd if=mini.iso bs=512 skip=45056 count=12288 of=mbr_efi.img

Both files differ heavily in size

  -r--r--r-- 1 thomas thomas  425984 2015-01-27 09:59 eltorito_efi.img
  -rw-r--r-- 1 thomas thomas 6291456 2015-01-27 10:00 mbr_efi.img

Inspecting both:

  $ mount -o loop eltorito_efi.img /mnt/fat
  $ find /mnt/fat
  /mnt/fat
  /mnt/fat/efi
  /mnt/fat/efi/boot
  /mnt/fat/efi/boot/bootx64.efi
  $ umount /mnt/fat
  $ mount -o loop mbr_efi.img /mnt/fat
  $ find /mnt/fat
  /mnt/fat
  $

So the El Torito advertised partition contains files,
whereas the MBR advertised partition has an empty filesystem.
Probably mini.iso will boot via EFI from CD/DVD/BD resp. qemu -cdrom,
but not from USB stick resp. qemu -hdb.
The presence of an isohybrid MBR will allow booting via BIOS emulation.

---

For comparison the boot anatomy of a amd64 netinst ISO:

  $ xorriso-1.3.8 -indev debian-7.7.0-amd64-netinst.iso \
  -report_el_torito plain -report_system_area plain
  ...
  Volume id: 'Debian 7.7.0 amd64 1'
  El Torito catalog  : 847  1
  El Torito cat path : /isolinux/boot.cat
  El Torito images   :   N  Pltf  B   Emul  Ld_seg  Hdpt  Ldsiz LBA
  El Torito boot img :   1  BIOS  y   none  0x  0x00  4 848
  El Torito boot img :   2  UEFI  y   none  0x  0x00896 860
  El Torito img path :   1  /isolinux/isolinux.bin
  El Torito img opts :   1  boot-info-table isohybrid-suitable
  El Torito img path :   2  /boot/grub/efi.img
  System area options: 0x0102
  System area summary: MBR isohybrid cyl-align-on GPT APM
  ISO image size/512 : 454656
  Partition offset   : 0
  MBR heads per cyl  : 64
  MBR secs per head  : 32
  MBR partition table:   N Status  TypeStart   Blocks
  MBR partition  :   1  

Bug#775888: virtualbox: CVE-2014-6588 CVE-2014-6589 CVE-2014-6590 CVE-2014-6595 CVE-2015-0418 CVE-2015-0427

[Gianfranco Costamagna]

Hi Moritz, please read carefully this thread :)


Could you please check back with upstream on CVE-2015-0377 and CVE-2015-0418?

jessie is not affected, and wheezy has already the patch on this thread

the two CVEs are for VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, 4.2.28

so 4.3 not affected.


Since jessie is already pending fixed, I propose to go for wheezy with the 
above one.
cheers,

G.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775882: [debian-mysql] Bug#775882: mariadb-10.0: affected by CVEs of the Oracle Patch Update for January 2015?

[Salvatore Bonaccorso]

Hi Otto,

On Tue, Jan 27, 2015 at 10:01:09AM +0200, Otto Kekäläinen wrote:
 Here is the reply from a MariaDB core developer:
 
 2015-01-26 21:39 GMT+02:00 Sergei Golubchik s...@mariadb.org:
  Hi, Otto!
 
  On Jan 26, Otto Kekäläinen wrote:
  Hello Sergei!
 
  The page https://mariadb.com/kb/en/mariadb/security/ does not mention
  the ones Salvatore asks about below: 0385 and 0409. Any info on them?
 
  Salvatore is right - these bugs are 5.6 only and we don't have Server :
  Optimizer and Server : Pluggable Auth 5.6 code in MariaDB-10.x
 
  Generally from all 5.6-only MySQL bugs only InnoDB issues apply to
  MariaDB-10.x.
 
  Hmm, I've just checked the source code patch between 5.6.21 and 5.6.22 -
  there were *no* changes to the pluggable authentication code. None
  whatsoever. I don't know what Oracle means by
 
  CVE-2015-0385 Server: Pluggable Auth 5.6.21 and earlier

Thanks, have updated the security-tracker information about these.

Regards,
Salvatore


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#733910: Added ckon to highenergy-physics-dev (as per your SoB Wiki entry)

[Andreas Tille]

Hi Patrick,

On Tue, Jan 27, 2015 at 12:25:31AM -0800, Patrick Huck wrote:
  +Suggests: ckon 
  which will put this package on the according tasks page (for instance by 
  pinging the Debian Science list)
 I was aware of the request to put this package on the tasks page but couldn’t 
 find out how to. Thanks for showing me and taking care of it. I’ll make sure 
 to do it next time.

OK. As I said pinging the Debian Science list is sufficient.  Otherwise
you need to become a member of the Debian Blends team that has commit
permissions.  But just for a single package you probably do not want to
become a member of just another team so I'm fine to proxy this.

  $ cme fix dpkg-control 
  - source DM-Upload-Allowed : dropping deprecated parameter 
 I’m fine with all the changes and believe that DM-Upload-Allowed is 
 deprecated unlike documented in the Debian Science Policy.

Unfortunately this policy is unmaintained for a long time. :-(

 I made a note to ensure I run cme next time.

That's a godd idea anyway.
 
  debian/changelog: The latest changelog entry should close the ITP bug. I'd 
  recommend to remove all old 
  entries and just leave the recent one.
 Done.

I did some slight reordering and moved the Closes #ITP line on top.
This helps ftpmaster to spot the relevant part for them.

 debian/copyright: use an extra Files: debian/* paragraph
 Done.

OK.
 
 debian/rules: I'm a bit allergic against remaining boilerplates.
 Ok, this sponsee also knows that now :-) I removed the boilerplate comments.

:-)
 
 Please let me know if you fixed these issue and I check a build.
 All issues fixed [1] and new version uploaded [2]
 
 [1] http://anonscm.debian.org/cgit/debian-science/packages/ckon.git/

Sponsored and uploaded to new queue from there.

 [2] http://mentors.debian.net/package/ckon

I personally ignore mentors.debian.net to make sure that VCS is in good
shape and builds nicely which is more relevant for team maintenance.

 best and thanks, Patrick

Thanks for your contribution

   Andreas.
 

-- 
http://fam-tille.de


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776363: Keyboard/Mouse devices are disconnecting after some time or event (capslock, ) - unknown main item tag 0x0

[Michal Zimen]

Package: bluez
Version: 5.23-2+b1
Severity: important

Related to this https://bugzilla.kernel.org/show_bug.cgi?id=85701

After some time the keyboard (sometimes even the mouse) are disconencted.
(segfault in bluetoothd)


The keyboard is mostly with this issue unusable.

[   25.439734] hidraw: raw HID events driver (C) Jiri Kosina
[   25.440869] Bluetooth: HIDP (Human Interface Emulation) ver 1.2
[   25.440877] Bluetooth: HIDP socket layer initialized
[   25.442332] hid-generic 0005:03F0:044C.0001: unknown main item tag 0x0
[   25.442414] input: HP Touch to Pair Mouse as
/devices/pci:00/:00:14.0/usb2/2-6/2-6:1.0/bluetooth/hci0/hci0:256/0005:03F0:044C.0001/input/input14
[   25.442531] hid-generic 0005:03F0:044C.0001: input,hidraw0: BLUETOOTH HID
v1.08 Mouse [HP Touch to Pair Mouse] on 0c:8b:fd:c8:d7:ea
[   51.478019] Bluetooth: RFCOMM TTY layer initialized
[   51.478028] Bluetooth: RFCOMM socket layer initialized
[   51.478033] Bluetooth: RFCOMM ver 1.11
[   55.526938] pci_pm_runtime_suspend(): hcd_pci_runtime_suspend+0x0/0x60
[usbcore] returns -16
[  261.649228] xhci_hcd :00:14.0: xHC is not running.
[  281.697231] xhci_hcd :00:14.0: Port resume took longer than 2 msec,
port status = 0x400603
[  749.475112] usb 2-6: USB disconnect, device number 3
[  749.975388] usb 2-6: new full-speed USB device number 5 using xhci_hcd
[  750.104543] usb 2-6: New USB device found, idVendor=8087, idProduct=07dc
[  750.104546] usb 2-6: New USB device strings: Mfr=0, Product=0,
SerialNumber=0
[  750.118998] Bluetooth: hci0: read Intel version: 370710018002030d37
[  750.119001] Bluetooth: hci0: Intel device is already patched. patch num: 37
[  759.646932] hid-generic 0005:03F0:044C.0002: unknown main item tag 0x0
[  759.647039] input: HP Touch to Pair Mouse as
/devices/pci:00/:00:14.0/usb2/2-6/2-6:1.0/bluetooth/hci0/hci0:256/0005:03F0:044C.0002/input/input15
[  759.647830] hid-generic 0005:03F0:044C.0002: input,hidraw0: BLUETOOTH HID
v1.08 Mouse [HP Touch to Pair Mouse] on 0c:8b:fd:c8:d7:ea
[ 3419.121637] hid-generic 0005:045E:07A4.0003: unknown main item tag 0x0
[ 3419.121735] input: Microsoft Sculpt Mobile Keyboard as
/devices/pci:00/:00:14.0/usb2/2-6/2-6:1.0/bluetooth/hci0/hci0:256/0005:045E:07A4.0003/input/input16
[ 3419.121836] hid-generic 0005:045E:07A4.0003: input,hidraw0: BLUETOOTH HID
v1.02 Keyboard [Microsoft Sculpt Mobile Keyboard] on 0c:8b:fd:c8:d7:ea
[ 3419.122159] hid-generic 0005:03F0:044C.0004: unknown main item tag 0x0
[ 3419.17] input: HP Touch to Pair Mouse as
/devices/pci:00/:00:14.0/usb2/2-6/2-6:1.0/bluetooth/hci0/hci0:512/0005:03F0:044C.0004/input/input17
[ 3419.122362] hid-generic 0005:03F0:044C.0004: input,hidraw1: BLUETOOTH HID
v1.08 Mouse [HP Touch to Pair Mouse] on 0c:8b:fd:c8:d7:ea
[ 4080.086842] bluetoothd[2191]: segfault at 10 ip 7fae53eb9937 sp
7fff9e377330 error 4 in bluetoothd[7fae53e7a000+e3000]
[ 7477.381389] perf interrupt took too long (2519  2500), lowering
kernel.perf_event_max_sample_rate to 5




-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (900, 'testing'), (700, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.18.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages bluez depends on:
ii  dbus 1.8.12-3
ii  init-system-helpers  1.22
ii  kmod 18-3
ii  libc62.19-13
ii  libdbus-1-3  1.8.12-3
ii  libglib2.0-0 2.42.1-1
ii  libreadline6 6.3-8+b3
ii  libudev1 215-8
ii  lsb-base 4.1+Debian13+nmu1
ii  udev 215-8

bluez recommends no packages.

bluez suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#771925: [release-notes] Add a note of base-passwd hardening shell on backup user - reviewed (corrected some typos and spaces)

[Stephan Beck]

Package: release-notes

--- Please enter the report below this line. ---

Hi Niels,

I reviewed the patch and corrected some typos and spaces.
Moreover, I'd prefer to use ...corresponding instead of necessary in the If
your local setup requires... sentence, merely a question of style, though.
Take it or leave it :-)

Attached you'll find the diff of the patch. I renamed it using 0002-...
I hope that's ok.

Regards

Stephan Beck





Index: 0001-en-issues-Document-the-base-password-shell-reset.patch
===
--- 0001-en-issues-Document-the-base-password-shell-reset.patch	(Revision 1)
+++ 0001-en-issues-Document-the-base-password-shell-reset.patch	(Arbeitskopie)
@@ -23,7 +23,7 @@
 +  systemitem role=packagebase-passwd/systemitem/title
 +  para
 +The upgrade of systemitem role=packagebase-passwd/systemitem
-+package will reset the shell of system users that is provides to
++package will reset the shell of system users that is provided to
 +the nologin shell.  This includes the following users:
 +  /para
 +  itemizedlist
@@ -79,13 +79,13 @@
 +  para
 +If your local setup requires that any of these users have a shell,
 +you should say no to migrating or migrate and then change the shell
-+of the necessary users.  Notable examples includes local backups
++of the corresponding users. Notable examples include local backups
 +done via the backup user with an ssh-key authentication.
 +  /para
 +  caution
 +para
 +  The migration will happen automatically if your debconf question
-+  priorty is high or above.
++  priority is high or above.
 +/para
 +  /caution
 +  para
@@ -98,7 +98,7 @@
 +  para
 +Where replaceableusername/replaceable is the name of the user
 +in question and replaceablecurrent-shell-mangled/replaceable
-+is the mangled name of the shell.  The mangling is done by
++is the mangled name of the shell. The mangling is done by
 +replacing all non-alphanumerical, non-dashes and non-underscores
 +with underscores.  E.g. /bin/bash becomes _bin_bash.
 +  /para


signature.asc
Description: OpenPGP digital signature

Bug#776417: fai-cd Not Using /boot/grub/i386-pc when $NFSROOT is jessie+ and FAI server is not

[Kevin Newman]

Package: fai-server
Version: 4.3.1
Severity: normal

Hi,

So, my NFSROOT is now higher than the server on which I'm running fai-server. 
My NFSROOT is Ubuntu Trusty and my fai-server is Ubuntu precise. The fai-cd 
script seems to be checking the kernel.img for the GRUB modules path in my FAI 
server rather than the kernel.img inside the $NFSROOT.

Current version of /usr/sbin/fai-cd:
100 # check for jessie path
101 if strings /usr/lib/grub/i386-pc/kernel.img | grep -q i386-pc/%s.mod; 
then
102 grubtarget=$tmp/boot/grub/i386-pc
103 else
104 # wheezy
105 grubtarget=$tmp/boot/grub
106 fi


Change to this?
100 # check for jessie path
101 if strings $NFSROOT/usr/lib/grub/i386-pc/kernel.img | grep -q 
i386-pc/%s.mod; then
102 grubtarget=$tmp/boot/grub/i386-pc
103 else
104 # wheezy
105 grubtarget=$tmp/boot/grub
106 fi


Without this change, booting off the resultant FAI CD results in GRUB stopping 
with an error of error: file '/grub/i386-pc/normal.mod' not found. A simple 
ls of (cd0)/boot/grub shows that the modules are indeed present, just not in 
the i386-pc directory that Trusty/jessie expects them.

Also, I apologize for the previous bug reports - it does look like those paths 
are valid even with the two slashes in the middle of the filesystem path.

Thanks,

-Kevin

__

See http://www.peak6.com/email_disclaimer/ for terms and conditions related to 
this email

Bug#776418: According to ubuntu reports, this appears to be a regression.

[Olliver Schinagl]

Searching a bit more,
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1384297

Ubuntu users notice this as being a regression with the later 3.16 
series of kernels.



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776420: libreoffice-calc terminates unexpectedly when deleting a row in a spreadsheet

[Hubert]

Package: libreoffice-calc
Version: 1:4.3.3-2
Severity: important
Tags: upstream

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
 I got an Excel file from a friend and edited it with libreoffice.
 As soon as I delete a row, calc crashes

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
 delete any row on the first tab of the spredsheet

   * What was the outcome of this action?
 libreoffice closes

   * What outcome did you expect instead?
 one row less in the spreadsheet

   * gdb output:

Starting program: /usr/lib/libreoffice/program/soffice.bin
[Thread debugging using libthread_db enabled]
Using host libthread_db library /lib/x86_64-linux-gnu/libthread_db.so.1.
[New Thread 0x7fffe7aaa700 (LWP 29932)]
[New Thread 0x7fffe159d700 (LWP 29933)]
[New Thread 0x7fffe0d9c700 (LWP 29934)]
[New Thread 0x7fffda2ed700 (LWP 29935)]
[Thread 0x7fffe159d700 (LWP 29933) exited]
[New Thread 0x7fffe159d700 (LWP 29936)]
[New Thread 0x7fffc700 (LWP 29937)]
[New Thread 0x7fffcf7fe700 (LWP 29938)]
[New Thread 0x7fffcd32c700 (LWP 29939)]
[Thread 0x7fffcd32c700 (LWP 29939) exited]
[Thread 0x7fffcf7fe700 (LWP 29938) exited]
[New Thread 0x7fffcf7fe700 (LWP 29941)]
[New Thread 0x7fffcd32c700 (LWP 29942)]
[New Thread 0x7fffbfba2700 (LWP 29943)]
[New Thread 0x7fffbf3a1700 (LWP 29944)]
[New Thread 0x7fffbe2d0700 (LWP 29945)]
[New Thread 0x7fffbdacf700 (LWP 29946)]
[New Thread 0x7fffbd2ce700 (LWP 29947)]
[New Thread 0x7fffbcacd700 (LWP 29948)]
[New Thread 0x7fffb7fff700 (LWP 29949)]
[New Thread 0x7fffb77fe700 (LWP 29950)]
[New Thread 0x7fffb6ffd700 (LWP 29951)]
[Thread 0x7fffbdacf700 (LWP 29946) exited]
[Thread 0x7fffbd2ce700 (LWP 29947) exited]
[Thread 0x7fffbcacd700 (LWP 29948) exited]
[Thread 0x7fffb7fff700 (LWP 29949) exited]
[Thread 0x7fffb77fe700 (LWP 29950) exited]
[Thread 0x7fffb6ffd700 (LWP 29951) exited]
[Thread 0x7fffbfba2700 (LWP 29943) exited]
[Thread 0x7fffbf3a1700 (LWP 29944) exited]
[Thread 0x7fffcd32c700 (LWP 29942) exited]
[New Thread 0x7fffcd32c700 (LWP 29952)]
[New Thread 0x7fffbf3a1700 (LWP 29953)]
[New Thread 0x7fffbfba2700 (LWP 29954)]
[New Thread 0x7fffb6ffd700 (LWP 29955)]
[New Thread 0x7fffbdacf700 (LWP 29956)]
[New Thread 0x7fffbd2ce700 (LWP 29957)]
[Thread 0x7fffbf3a1700 (LWP 29953) exited]
[Thread 0x7fffbdacf700 (LWP 29956) exited]
[Thread 0x7fffbe2d0700 (LWP 29945) exited]
[Thread 0x7fffb6ffd700 (LWP 29955) exited]
[Thread 0x7fffbfba2700 (LWP 29954) exited]
[Thread 0x7fffcd32c700 (LWP 29952) exited]
[New Thread 0x7fffcd32c700 (LWP 29958)]
[Thread 0x7fffcd32c700 (LWP 29958) exited]
[New Thread 0x7fffcd32c700 (LWP 29959)]
[Thread 0x7fffbd2ce700 (LWP 29957) exited]
[New Thread 0x7fffbd2ce700 (LWP 29960)]
[Thread 0x7fffbd2ce700 (LWP 29960) exited]
[New Thread 0x7fffbd2ce700 (LWP 29961)]
[Thread 0x7fffbd2ce700 (LWP 29961) exited]
[New Thread 0x7fffbd2ce700 (LWP 29962)]
[Thread 0x7fffbd2ce700 (LWP 29962) exited]
[New Thread 0x7fffbd2ce700 (LWP 29963)]
[Thread 0x7fffbd2ce700 (LWP 29963) exited]
[New Thread 0x7fffbd2ce700 (LWP 29964)]
[Thread 0x7fffbd2ce700 (LWP 29964) exited]
[New Thread 0x7fffbd2ce700 (LWP 29965)]
[Thread 0x7fffbd2ce700 (LWP 29965) exited]
[New Thread 0x7fffbd2ce700 (LWP 29966)]
[Thread 0x7fffcd32c700 (LWP 29959) exited]
[New Thread 0x7fffcd32c700 (LWP 29967)]
[New Thread 0x7fffbfba2700 (LWP 29968)]
[Thread 0x7fffbfba2700 (LWP 29968) exited]
[Thread 0x7fffcd32c700 (LWP 29967) exited]
[New Thread 0x7fffbfba2700 (LWP 29970)]
[New Thread 0x7fffcd32c700 (LWP 29971)]
[Thread 0x7fffcd32c700 (LWP 29971) exited]
[Thread 0x7fffbfba2700 (LWP 29970) exited]

Program received signal SIGSEGV, Segmentation fault.
0x7fff92f70634 in ScRangeList::operator[] (this=this@entry=0x2bcf3e8,
idx=idx@entry=0)
at /build/libreoffice-
9dBYD4/libreoffice-4.3.3/sc/source/core/tool/rangelst.cxx:1122
1122/build/libreoffice-
9dBYD4/libreoffice-4.3.3/sc/source/core/tool/rangelst.cxx: No such file or
directory.


*** End of the template - remove these template lines ***



-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-rc6 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libreoffice-calc depends on:
ii  coinor-libcbc32.8.12-1
ii  coinor-libcoinmp1 1.7.6+dfsg1-1
ii  libboost-iostreams1.55.0  1.55.0+dfsg-3
ii  libc6 2.19-13
ii  libgcc1   1:4.9.1-19
ii  libicu52  52.1-7
ii  liblcms2-22.6-3+b3
ii  libmwaw-0.3-3 0.3.1-2
ii  libodfgen-0.1-1   0.1.1-2
ii  liborcus-0.8-00.7.0+dfsg-9
ii  libreoffice-base-core 1:4.3.3-2
ii  libreoffice-core  1:4.3.3-2
ii  librevenge-0.0-0  0.0.1-3
ii  

Bug#776415: kfreebsd-10: CVE-2014-8612: SCTP kernel mem disclosure/corruption

[Steven Chamberlain]

Package: kfreebsd-10
Version: 10.1~svn274115-1
Severity: grave
Tags: security patch

Hi,

A kernel memory disclosure/corruption vulnerability was announced,
in the FreeBSD kernel's implementation of SCTP:
https://security.FreeBSD.org/advisories/FreeBSD-SA-15:02.kmem.asc

This could affect the kfreebsd-10 package if SCTP is used.  A patch
from upstream should be uploaded soon fixing this.

kfreebsd-9 in stable is not affected, since the last security upload
9.0-10+deb70.8 already disabled this protocol.

kfreebsd-8 does not receive regular security updates, but we may decide
to disable SCTP there too.

kfreebsd-11 experimental will be affected until updated to a newer
snapshot.

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable')
Architecture: kfreebsd-amd64 (x86_64)

Kernel: kFreeBSD 9.0-2-amd64-xenhvm-ipsec
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776418: linux-base: i915 fails occasionally to suspend

[Olliver Schinagl]

Package: linux-base
Version: 3.5
Severity: important

Dear Maintainer,

The 3.16-series have some kernel bugs with the i915 video driver causing
suspend to occasionally fail. When it fails, it keeps failing and only a reboot
fixes it. This has been noticed on 2013 macbook airs, but I'll keep this report
to my own macbook pro mid 2013.

The kernel trace:
[44652.015163] ---[ end trace 97db4adad9ce9344 ]---
[44652.015182] [ cut here ]
[44652.015201] WARNING: CPU: 0 PID: 735 at /build/linux-
CMiYW9/linux-3.16.7-ckt2/drivers/gpu/drm/i915/intel_pm.c:5997
intel_display_power_put+0x127/0x150 [i915]()
[44652.015204] Modules linked in: bnep ecb btusb bluetooth 6lowpan_iphc pl2303
usbserial cdc_acm binfmt_misc snd_hda_codec_cirrus snd_hda_codec_hdmi
snd_hda_codec_generic iTCO_wdt iTCO_vendor_support hid_generic hid_apple joydev
usbhid bcm5974 hid nfsd auth_rpcgss oid_registry nfs_acl nfs lockd fscache
sunrpc nls_utf8 nls_cp437 vfat fat evdev applesmc input_polldev
x86_pkg_temp_thermal intel_powerclamp intel_rapl coretemp efi_pstore kvm_intel
kvm crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul
glue_helper ablk_helper cryptd wl(PO) pcspkr efivars cfg80211 rfkill
thunderbolt lpc_ich i2c_i801 mfd_core snd_hda_intel snd_hda_controller
snd_hda_codec i915 sbs sbshc snd_hwdep drm_kms_helper snd_pcm drm ac video
i2c_algo_bit snd_timer battery apple_bl button snd mei_me soundcore i2c_core
[44652.015292]  shpchp mei processor thermal_sys fuse parport_pc ppdev lp
parport autofs4 ext4 crc16 mbcache jbd2 dm_mod sg sd_mod crc_t10dif
crct10dif_generic usb_storage ahci libahci crct10dif_pclmul libata
crct10dif_common crc32c_intel scsi_mod tg3 ptp pps_core libphy xhci_hcd usbcore
usb_common
[44652.015332] CPU: 0 PID: 735 Comm: Xorg Tainted: PW  O
3.16.0-4-amd64 #1 Debian 3.16.7-ckt2-1
[44652.015336] Hardware name: Apple Inc. MacBookPro11,1/Mac-189A3D4F975D5FFC,
BIOS MBP111.88Z.0138.B03.1310291227 10/29/2013
[44652.015338]  0009 81507263 
81065847
[44652.015345]  88026544002c 8802631ab000 88026544
000b
[44652.015351]  880265448520 a03af167 8802631ab000
8802631ab000
[44652.015358] Call Trace:
[44652.015364]  [81507263] ? dump_stack+0x41/0x51
[44652.015371]  [81065847] ? warn_slowpath_common+0x77/0x90
[44652.015390]  [a03af167] ? intel_display_power_put+0x127/0x150
[i915]
[44652.015415]  [a040d8cc] ? intel_dp_get_modes+0x6c/0x100 [i915]
[44652.015429]  [a0396966] ?
drm_helper_probe_single_connector_modes_merge_bits+0x286/0x370 [drm_kms_helper]
[44652.015446]  [a0305ccd] ? drm_mode_getconnector+0x3dd/0x450 [drm]
[44652.015453]  [811b8930] ? poll_select_copy_remaining+0x140/0x140
[44652.015468]  [a02f78b7] ? drm_ioctl+0x1c7/0x5b0 [drm]
[44652.015478]  [81088cad] ? __hrtimer_start_range_ns+0x1cd/0x390
[44652.015484]  [811b7d2f] ? do_vfs_ioctl+0x2cf/0x4b0
[44652.015490]  [814017be] ? __sys_recvmsg+0x3e/0x80
[44652.015496]  [811b7f91] ? SyS_ioctl+0x81/0xa0
[44652.015503]  [8150d32d] ? system_call_fast_compare_end+0x10/0x15
[44652.015506] ---[ end trace 97db4adad9ce9345 ]---

and upstream is some noice about this aswell.
https://freedesktop.org/patch/30470/

00:02.0 VGA compatible controller: Intel Corporation Device 0a2e (rev 09)
[2.598451] fbcon: inteldrmfb (fb0) is primary device
[3.996610] i915 :00:02.0: fb0: inteldrmfb frame buffer device
model name: Intel(R) Core(TM) i5-4258U CPU @ 2.40GHz

Thanks,

Olliver



-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages linux-base depends on:
ii  debconf [debconf-2.0]  1.5.55
ii  libuuid-perl   0.05-1+b1
ii  udev   215-10
ii  util-linux 2.25.2-4.1

linux-base recommends no packages.

linux-base suggests no packages.

-- debconf information:
  linux-base/disk-id-manual:
  linux-base/disk-id-convert-plan-no-relabel: true
  linux-base/disk-id-convert-plan: true
  linux-base/disk-id-convert-auto: true
  linux-base/disk-id-manual-boot-loader:
  linux-base/do-bootloader-default-changed:
  linux-base/disk-id-update-failed:

-- debsums errors found:
debsums: missing file /usr/share/doc/linux-base/NEWS.Debian.gz (from linux-base 
package)
debsums: missing file /usr/share/doc/linux-base/changelog.gz (from linux-base 
package)
debsums: missing file /usr/share/doc/linux-base/copyright (from linux-base 
package)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776400: grub-ieee1275: ppc64el-disable-vsx.patch applied to 32-bit kernel.img causes exception at 0x20000008 (mtmsrd 0)

[Colin Watson]

On Tue, Jan 27, 2015 at 11:17:04AM -0600, Mark wrote:
  On a powerpc g4 (mac) system I am trying to switch from yaboot to grub.
 The provided image always faults 8 bytes in. Looking at the patches for
 grub I see ppc64el-disable-vsx.patch 
 http://anonscm.debian.org/cgit/pkg-grub/grub.git/tree/debian/patches/ppc64el-disable-vsx.patch?id=debian/2.02.beta2-20
 is causing the problem with the mtmsrd instruction.
 
 I think the solution is to not apply this patch for 32-bit builds.

Thanks.  I prefer not to apply patches conditionally.  However, it
should be sufficient to use the mtmsr instruction rather than mtmsrd;
the bit we're trying to change is in the bottom 32 bits of the MSR in
any case.

Please could you test version 2.02~beta2-21 when it becomes available in
unstable (I'm preparing the upload now), and report how it behaves for
you?

Thanks,

-- 
Colin Watson   [cjwat...@debian.org]


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775395: partman-zfs in d-i jessie image does not create grub-compatible /boot ZFS mirror

[Steven Chamberlain]

Control: severity -1 important

Michael Milligan wrote:
 Package: partman-zfs
 Version: 42
 Severity: grave
 Tags: d-i
 Justification: renders package unusable for ZFS-based install
 
 (which is probably the reason someone is trying Debian/kFreeBSD .. to
 use ZFS)

Since this is a kfreebsd-any package, and we're not part of the
official stable release, I have to lower this to non-RC severity.

We should still fix it for the GNU/kFreeBSD release though.

Regards,
-- 
Steven Chamberlain
ste...@pyro.eu.org


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776416: kfreebsd-10: CVE-2014-8613: SCTP stream reset vulnerability

[Steven Chamberlain]

Package: kfreebsd-10
Version: 10.1~svn274115-1
Severity: grave
Tags: security patch

Hi,

A unprivileged local DoS was reported in the FreeBSD kernel
implementation of SCTP:
https://security.freebsd.org/advisories/FreeBSD-SA-15:03.sctp.asc

This only affects systems serving SCTP connections.  A patch from
upstream should be uploaded soon fixing this in kfreebsd-10.

kfreebsd-9 in stable is not affected, since the last security upload
9.0-10+deb70.8 disabled this protocol.

kfreebsd-8 does not receive regular security updates, but we may decide
to disable SCTP there too.  (It's expected nobody would be using SCTP in
GNU/kFreeBSD squeeze or prior, because no userland tools had been ported
yet).

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable')
Architecture: kfreebsd-amd64 (x86_64)

Kernel: kFreeBSD 9.0-2-amd64-xenhvm-ipsec
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#669785: websvn attempts to install its configuration file in /etc/apache2/conf.d/

[Nye Liu]

Package: websvn
Version: 2.3.3-1.2
Followup-For: Bug #669785

On post install:

failed to create symbolic link ‘/etc/apache2/conf.d/websvn’: No such file or 
directory

Why is websvn still trying to install files to /etc/apache2/conf.d/?

That has been gone for years.

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.13.7-x86_64-linode38 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages websvn depends on:
ii  apache2 [httpd]2.4.10-9
ii  debconf [debconf-2.0]  1.5.52
ii  libapache2-mod-php55.6.4+dfsg-2
ii  php-geshi  1.0.8.11-2
ii  php5   5.6.4+dfsg-2
ii  po-debconf 1.0.16+nmu2
ii  subversion 1.8.10-5
ii  ucf3.0027+nmu1

Versions of packages websvn recommends:
ii  enscript  1.6.5.90-2

websvn suggests no packages.

-- debconf information:
* websvn/repositories: /var/lib/svn
* websvn/permissions:
* websvn/configuration: true
* websvn/parentpath: /var/lib/svn
* websvn/webservers: apache2


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776263: tecnoballz: Right click cause game over

[Bruno Ethvignot]

Hi,

Le 27/01/2015 02:34, Celelibi a écrit :

2015-01-26 16:22 UTC+01:00, Markus Koschany a...@gambaru.de:

Apparently, right clicking when loosing the last ball cause a game
over instead of simply loosing a life. It seems that this bug is easier
to reproduce when the ball is falling vertically. At least I could get
to reproduce it fairly easily by repeteadly right clicking while missing
the ball falling straight.

Hello and thanks for your reports,
I'm CCing Bruno because he is the upstream developer for tecnoballz and
might be interested in your bug reports too. I'm replying to all of them
separately.
@bug 776263
I can confirm that repeatedly right-clicking sometimes triggers game
over instead of just losing a life when the player misses the ball.
However this behaviour is rather random. It doesn't always have to be
the last ball.

FWIW: this bug can be reliably triggered by holding the right click
pressed and losing the last ball. I cannot reproduce the bug when it's
not the last ball that is lost.


I was able to reproduce the bug. I confirm.

--
Bruno


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#773386: release-notes: Systemd related updates to before reboot and Recovery proceedures

[Niels Thykier]

Control: tags -1 help

On 2014-12-17 20:37, Niels Thykier wrote:
 Package: release-notes
 Severity: normal
 Tags: jessie
 
 (X-CC to systemd maintainers for input)
 
 The release notes have a Prepare for recovery[1] and Things
 to do before rebooting section[2].  They currently does not cover any
 systemd related preparation.
 
 I believe we should consider covering some/all of:
 
  * My system does not boot after upgrading to systemd.  How do I figure out
what the problem is and how do I get a shell/some method to fix it?
 

This seems to have partly forked into #774233, so please follow up with
relevant information to that.

  * Is there someone I can do to check for issues after upgrading but before
rebooting?  Like do we have a tool to report:
- There are cycles in your init configuration between the following
  services / init.d scripts.
- You have an old init.d script laying around that is likely to break
  stuff because of reason X
- etc.
 

Still hoping for more information here.  I would strongly prefer that we
could have users test their box before hitting reboot.

 
 So far, I got following for recovery:
 
   * (When boot fails) Reboot and alter kernel command line to include
 systemd.unit=rescue.target.

Covered in #774233

   * (Before reboot or from rescue shell) Run systemctl enable
 debug-shell.service to get a (passwordless) root shell on TTY9
 just in case

Should possibly be included in #774233 as well, but I forgot it in my draft.

   * (Before upgrade) Back up /sbin/init and use it on the kernel cmd line
  as last resort [Presumably Jessie-only]
 

As Andrei pointed out, the sysvinit package handles this.

 
 On the before reboot, I got nothing so far.  I am hoping you do.
 
 If you got known issues to be documented in the Release Notes (or
 other suggestions for improvements), please file additional bugs.
 We got some items covered in [3], but I would not be surprised if I
 had missed one or some of the existing ones could be improved.
 
 Thanks,
 ~Niels
 
 [...]

Such extra bugs are still welcome!

~Niels


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#475728: spell error for a surname in the description file and adding a link

[Riley Baird]

 The file talks about Leither instead of Leitner (according to the
 homepage of the granule program):
 http://granule.sourceforge.net/grapp_about.html

Good pickup. This will be fixed in the next version.

 It could be a good idea to add a reference to the page of the project
 too at the end of the file. A lot of description files do it:
 Homepage: http://granule.sourceforge.net/

It seems like this part has already been fixed.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775395: partman-zfs in d-i jessie image does not create grub-compatible /boot ZFS mirror

[Steven Chamberlain]

Hi,

Michael Milligan wrote:
 But installing Grub failed with unknown filesystem.  In
 troubleshooting the issue, it seems grub2 (version currently is
 2.02~beta2-19) does not recognize the feature@lz4_compress option (and
 had been previously reported) of the ZFS pools that kFreeBSD kernel 10.1
 creates.

Thanks for the report.

It is actually expected that grub2 since 2.02 should understand these
feature flags, including LZ4 compression.  I thought it was working for
me when I last tested.

Hopefully this can be figured out without having to default to using
-d (disabling new features including LZ4 metadata compression).

Regards,
-- 
Steven Chamberlain
ste...@pyro.eu.org


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776422: [systemd] power button does poweroff instead of STR after each upgrade of systemd

[Timo Weingärtner]

Package: systemd
Version: 215-10
Severity: grave
Justification: causes data loss

I configured the power button to do STR in KDE. After each upgrade of systemd 
the power button does poweroff instead causing loss of unsaved work.

This did not happen before the introduction of systemd as a replacement for 
$everything, so I have to guess systemd is the problem; please reassign if you 
know better.


Regards
Timo

--- System information. ---
Architecture: amd64
Kernel:   Linux 3.16.0-4-amd64

Debian Release: 8.0
  900 testing http.debian.net 
  800 unstablehttp.debian.net 

--- Package information. ---
Depends (Version) | Installed
=-+-==
libacl1 (= 2.2.51-8) | 2.2.52-2
libaudit1(= 1:2.2.1) | 1:2.4-1+b1
libblkid1 (= 2.17.2) | 2.25.2-4.1
libcap2   (= 1:2.10) | 1:2.24-6
libcryptsetup4   (= 2:1.4.3) | 2:1.6.6-4
libdbus-1-3(= 1.1.1) | 1.8.12-3
libkmod2  (= 5~) | 18-3
libpam0g(= 0.99.7.1) | 1.1.8-3.1
libselinux1(= 2.1.9) | 2.3-2
libsystemd-journal0 (= 208-8) | 
libudev1 (= 189) | 215-10
libwrap0  (= 7.6-4~) | 7.6.q-25
libsystemd-login0   (= 208-8) | 
util-linux  (= 2.19.1-2) | 2.25.2-4.1
initscripts (= 2.88dsf-53.2) | 2.88dsf-58
sysv-rc   | 2.88dsf-58
udev  | 215-10
acl   | 2.2.52-2
adduser   | 3.113+nmu3
libcap2-bin   | 1:2.24-6


Recommends  (Version) | Installed
=-+-===
libpam-systemd| 215-10


Suggests(Version) | Installed
=-+-===
systemd-ui| 



--- Output from package bug script ---


signature.asc
Description: This is a digitally signed message part.

Bug#536775: granule: Granule closes down whenever I enter to as the start of my answer for checking.

[Riley Baird]

 Granule closes itself down whenever I enter to  as the start of my answer 
 for checking (i.e. 
 the word to followed by a space.) It doesn't matter what, if anything, 
 follows to .
 
 I've created a Deck with a single card to test and it doesn't seem to care 
 what words are on the front
  and back of the card. Entering answers, I've gone through the two letter 
 combinations with o as
  the second letter followed by a space like ao , bo , etc., and to  is 
 the only one that crashes
  Granule. It also happens with the example decks provided on SourceForge.
 
 As the infinitives of English verbs all begin with to  you'll understand me 
 doubting myself here when 
 trying a package widely used for language learning.

I've tried to reproduce this bug on the latest version, but I was unable
to. If you still find this issue in the latest version, then let me know.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#770009: Backtrace for the hang

[Vincent Fourmond]

  I've run the build on the MIPS portebox. It hangs on the first SVG
to PNG conversion. Here is a full backtrace. The process is for now
stopped on the porterbox; I think I can leave it for some hours more
at least, if other information could be useful.

  Hope it helps,

  Vincent


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776421: parted: Segfault on align-check

[Lucio Crusca]

Package: parted
Version: 3.2-6
Severity: normal

While using parted I got the following SIGSEGV report:

(parted) align-check min 1

You found a bug in GNU Parted! Here's what you have to do:

Don't panic! The bug has most likely not affected any of your data.
[...]

# parted /dev/vda unit co print unit s print

Model: Virtio Block Device (virtblk)
Disk /dev/vda: 1136GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags: 

Number  Start   End SizeType File system  Flags
 1  1049kB  1136GB  1136GB  primary   boot, lvm

Model: Virtio Block Device (virtblk)
Disk /dev/vda: 2218786816s
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags: 

Number  Start  End  Size Type File system  Flags
 1  2048s  221875s  2218747953s  primary   boot, lvm


and the following history of commands I entered:

help
select /dev/vda
resize
resizepart
1
max
print devices
resizepart
1
1136GB
align-check min 1

Error: SEGV_MAPERR (Address not mapped to object)
Backtrace has 11 calls on stack:
  11: /lib/x86_64-linux-gnu/libparted.so.2(ped_assert+0x44) [0x7f64ba92d644]
  10: parted() [0x40a934]
  9: /lib/x86_64-linux-gnu/libc.so.6(+0x35180) [0x7f64ba125180]
  8: /lib/x86_64-linux-gnu/libparted.so.2(+0x157a8) [0x7f64ba9357a8]
  7: 
/lib/x86_64-linux-gnu/libparted.so.2(ped_device_get_minimum_alignment+0x1d) 
[0x7f64ba92e11d]
  6: parted() [0x4083d5]
  5: parted() [0x4084e4]
  4: parted(interactive_mode+0xff) [0x40ca2f]
  3: parted(main+0x119f) [0x405f6f]
  2: /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f64ba111b45]
  1: parted() [0x405fc7]


Assertion (0) at ../../parted/ui.c:356 in function sa_sigsegv_handler() failed.
  
-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/6 CPU cores)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages parted depends on:
ii  libc6 2.19-13
ii  libparted23.2-6
ii  libreadline6  6.3-8+b3
ii  libtinfo5 5.9+20140913-1+b1

parted recommends no packages.

Versions of packages parted suggests:
pn  parted-doc  none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776423: iceweasel: OOM on OGG file

[Jakub Wilk]

Package: iceweasel
Version: 35.0-1
Usertags: afl

Iceweasel runs out of memory and crashes on the attached OGG file:

$ ulimit -v 100
$ iceweasel oom.ogg 


(process:4029): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size 
== 0' failed
out of memory: 0x4B139378 bytes requested
Segmentation fault (core dumped)


This bug was found using American fuzzy lop:
https://packages.debian.org/experimental/afl

-- System Information:
Debian Release: 8.0
 APT prefers unstable
 APT policy: (990, 'unstable'), (500, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages iceweasel depends on:
ii  debianutils   4.4+b1
ii  fontconfig2.11.0-6.3
ii  libasound21.0.28-1
ii  libatk1.0-0   2.14.0-1
ii  libc6 2.19-13
ii  libcairo2 1.14.0-2.1
ii  libdbus-1-3   1.8.14-1
ii  libdbus-glib-1-2  0.102-1
ii  libevent-2.0-52.0.21-stable-2
ii  libffi6   3.1-2+b2
ii  libfontconfig12.11.0-6.3
ii  libfreetype6  2.5.2-2
ii  libgcc1   1:4.9.2-10
ii  libgdk-pixbuf2.0-02.31.1-2+b1
ii  libglib2.0-0  2.42.1-1
ii  libgtk2.0-0   2.24.25-1
ii  libhunspell-1.3-0 1.3.3-3
ii  libnspr4  2:4.10.7-1
ii  libnss3   2:3.17.2-1.1
ii  libpango-1.0-01.36.8-3
ii  libsqlite3-0  3.8.7.4-1
ii  libstartup-notification0  0.12-4
ii  libstdc++64.9.2-10
ii  libvpx1   1.3.0-3
ii  libx11-6  2:1.6.2-3
ii  libxcomposite11:0.4.4-1
ii  libxdamage1   1:1.1.4-2+b1
ii  libxext6  2:1.3.3-1
ii  libxfixes31:5.0.1-2+b2
ii  libxrender1   1:0.9.8-1+b1
ii  libxt61:1.1.4-1+b1
ii  procps2:3.3.9-8
ii  zlib1g1:1.2.8.dfsg-2+b1

--
Jakub Wilk


oom.ogg
Description: audio/ogg

Bug#776424: can be crashed by some network traffic

[Joey Hess]

Source: kgb-bot
Version: 1.33-2
Severity: important
Tags: security

2015.01.19 18:08:39: Listening on http://0.0.0.0:?session=KGB
2015.01.19 18:08:43: Connected to freenode (holmes.freenode.net)
2015.01.19 18:08:43: Joining #commits...
2015.01.19 18:08:43: Connected to oftc (graviton.oftc.net)
2015.01.19 18:08:43: Joining #ikiwiki #vcs-home #git-annex...
Did not get DONE/CLOSE event for Wheel ID 73 from IP 222.186.34.155 at
/usr/share/perl5/POE/Component/Server/SimpleHTTP.pm line 221.
I had a problem posting to event Got_Request of session SOAPServer for
DIR handler '.*'. As reported by Kernel: 'No such file or directory',
perhaps the session name is spelled incorrectly for this handler? at
/usr/share/perl5/POE/Session.pm line 483.

This has happened to me twice now, and it takes the bot down.

root@elephant:/home/joeysystemctl  status kgb-bot.service 
● kgb-bot.service - LSB: Collaborative IRC helper
   Loaded: loaded (/etc/init.d/kgb-bot)
   Active: active (exited) since Mon 2015-01-19 14:08:39 JEST; 1 weeks 1 days 
ago
  Process: 26584 ExecReload=/etc/init.d/kgb-bot reload (code=exited, 
status=0/SUCCESS)

Jan 26 03:57:27 elephant kgb-bot[26584]: Reloading Collaborative IRC helper: 
kgb-bot.

systemd thinks the service is running ok, but the daemon has in fact crashed or
exited because of the event logged above. Both service kbg-bot start and
systemctl start kgb-bot do nothing. I have to service kgb-bot stop to get
out of this state. (It seems that this could stand to be improved, by eg,
writing a systemd service file that doesn't let the daemon fork, so systemd
can handle logging and know when the process has exited.)

Here's the log from the previous time it happened:

2015.01.15 23:05:33: Connected to freenode (wolfe.freenode.net)
2015.01.15 23:05:33: Joining #commits...
Did not get DONE/CLOSE event for Wheel ID 1089 from IP 222.186.34.155 at 
/usr/share/perl5/POE/Component/Server/SimpleHTTP.pm line 221.
I had a problem posting to event Got_Request of session SOAPServer for DIR 
handler '.*'. As reported by Kernel: 'No such file or directory', perhaps the 
session name is spelled incorrectly for this handler? at 
/usr/share/perl5/POE/Session.pm line 483.

I don't know the IP 222.186.34.155. I assume it is trying to exploit my
server with its DIR .*

Since this appears to be at least a DOS, I've tagged the bug as a minor
security issue.

-- 
see shy jo


signature.asc
Description: Digital signature

Bug#774233: systemd shell

[Niels Thykier]

Control: tags -1 patch

On 2014-12-30 17:10, Antoine Beaupré wrote:
 And actually, maybe it should be a subsection like 4.1.4.1 that would be
 refered to by 5.5...
 

Hi,

Thanks for reporting this.

The attached patch attempts to cover a basic 4.1.4.2 section for
describing how to obtain a shell under systemd if booting fails.
Admittedly, it lacks a reference from 5.5, but that should be fairly
trivial once the contents of 4.1.4.2 is in place.

A review would be greatly appreciated.

Thanks,
~Niels


diff --git a/en/upgrading.dbk b/en/upgrading.dbk
index 4bbc849..394b60f 100644
--- a/en/upgrading.dbk
+++ b/en/upgrading.dbk
@@ -189,7 +189,32 @@ course you will also need to fix the underlying problem and regenerate the
 initrd so the next boot won't fail again.
 /para
 /section
-
+section id=recovery-shell-systemd
+  titleDebug shell during boot using systemd/title
+  para
+In case the boot fails under systemd, it is possible to obtain a
+debug root shell by changing the kernel command line.  If the
+basic boot succeeds, but some of the services fails to start, it
+may be useful to add literalsystemd.unit=rescue.target/literal
+to the kernel parameters.
+  /para
+  para
+Otherwise, the kernel parameter
+literalsystemd.unit=emergency.target/literal will provide you
+with an root shell at the earliest possible point.  However, this
+is done before mounting the root file system with read-write
+permissions.  You will have to do that manually with:
+  /para
+  screen
+mount -o remount,rw /
+  /screen
+  para
+For more information on debugging a broken boot under systemd
+can be found in the ulink
+url=http://freedesktop.org/wiki/Software/systemd/Debugging/;
+Diagnosing Boot Problems/ulink article.
+  /para
+/section
 /section
 
 section id=upgrade-preparations

Bug#677456: awesome: status bar vanishes when started with startx and the process gets input on console

[Roland Hieber]

On Mon, Jul 02, 2012 at 06:07:38PM +0200, Roland Hieber wrote:
 I could isolate the issue further, it only happens when I give the
 option --exit-with-session to dbus-launch in my .xinitrc. It also
 happens with other window managers (I tried fluxbox). Without
 --exit-with-session, the issue is gone.

With current behaviour of startx, the issue is no longer relevant. Xorg takes
over the tty anyways and vlock is no longer needed. dbus-launch
--exit-session works fine now.

 - Roland


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776419: xdg-utils: xdg-open incorrectly parses .desktop files with Desktop Action sections

[Vladimir Kudrya]

Package: xdg-utils
Version: 1.1.0~rc1+git20111210-7.3
Severity: important
Tags: patch

Dear Maintainer, xdg-open garbles exec arguments when opening files with
something that has [Desktop Action...] sections.
(open_generic funcion)
i.e. 'xdg-open somefile.pdf' will launch:
/usr/bin/qpdfview --unique somefile.pdf qpdfview --unique 
--choose-instance somefile.pdf qpdfview somefile.pdf
instead of 
/usr/bin/qpdfview --unique somefile.pdf

This happens because open_generic_xdg_mime funcion grabs all Exec values from
entire .desktop file regardless of sections.

To correct this, section filter should be added with this patch:
8---
550c550
 set -- $(sed -n 's/^Exec\(\[[^]]*\]\)\{0,1\}=//p' $file)
---
 set -- $(sed -n '/^[[:space:]]*\[[Dd]esktop 
 [Ee]ntry\]/,/^[[:space:]]*\[/p' $file | sed 
 's/^Exec\(\[[^]]*\]\)\{0,1\}=//p')
8---
This way xdg-open will only use Exec from Desktop Entry section.

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (900, 'testing'), (400, 'unstable'), (300, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=ru_RU.UTF-8@ISO, LC_CTYPE=ru_RU.UTF-8@ISO (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

xdg-utils depends on no packages.

Versions of packages xdg-utils recommends:
ii  libfile-mimeinfo-perl  0.26-1
ii  libnet-dbus-perl   1.0.0-2+b2
ii  libx11-protocol-perl   0.56-6
ii  x11-utils  7.7+2
ii  x11-xserver-utils  7.7+3+b1

Versions of packages xdg-utils suggests:
pn  gvfs-bin  none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#774266: Wide gamut display not necessary

[Michael Below]

At the start, I thought this was about wide gamut displays. This is
not true, the effect is also visible on normal sRGB displays. It's just
more noticeable if the display has a good quality and you trust the
colors.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776349: grass-gui: wx gui tries to load images from wrong location

[Sebastiaan Couwenberg]

Control: tags -1 pending

On 01/27/2015 07:55 PM, Sebastiaan Couwenberg wrote:
 For some reason the symlinks from the images under /usr/share to
 /usr/lib are missing.

 The symlinks are included in the package, but not on the filesystem
 after installation:

 This problem is limited to the directory symlinks, the symlinks for
 individual files are working fine.

The problem is the switch to symlinks in 6.4.4-1, when upgrading from an
earlier version the existing directories are not replaced by the symlinks.

I've commited a fix using dpkg-maintscript-helper to replace the
directories with symlinks on upgrade. And aim to get it included in the
first stable update of jessie.

As a workaround in the mean time you can purge the grass-gui package and
install it (and the dependencies removed along with grass-gui) again.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/E88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776422: [systemd] power button does poweroff instead of STR after each upgrade of systemd

[Michael Biebl]

control: severity -1 normal
control: tags -1 moreinfo unreproducible

Am 27.01.2015 um 22:40 schrieb Timo Weingärtner:
 Package: systemd
 Version: 215-10
 Severity: grave
 Justification: causes data loss
 
 I configured the power button to do STR in KDE. After each upgrade of systemd 
 the power button does poweroff instead causing loss of unsaved work.
 
 This did not happen before the introduction of systemd as a replacement for 
 $everything, so I have to guess systemd is the problem; please reassign if 
 you 
 know better.

Please provide more information why you think there is a bug in systemd.

The current information you provided is not sufficient to make an
analysis of the problem. My uneducated guess would be, that KDE does not
deal with logind being restarted as part of the upgrade.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#776425: ebview: dpkg-buildflags-missing warning when building ebview-client

[paulownia]

Package: ebview
Version: 0.3.6.2-1.3
Tags: patch

CPPFLAGS and LDFLAGS are currently not passed to the compiler when
building ebview-client; I think this is the cause of the
dpkg-buildflags-missing warning reported by the build log scanner
https://qa.debian.org/bls/packages/e/ebview.html (cdbs handles the
buildflags automatically for everything else).

The following patch fixes this:

--- a/debian/rules
+++ b/debian/rules
@@ -10,7 +10,7 @@ DEB_CONFIGURE_EXTRA_FLAGS := --sysconfdir=/etc
 DEB_MAKE_INSTALL_TARGET := install prefix=$(CURDIR)/debian/ebview/usr
 
 build/ebview::
-   $(CC) $(CFLAGS) -o $(CURDIR)/src/ebview-client 
$(CURDIR)/src/ebview-client.c
+   $(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -o $(CURDIR)/src/ebview-client 
$(CURDIR)/src/ebview-client.c
 
 install/ebview::
install -m 755 $(CURDIR)/src/ebview-client 
$(CURDIR)/debian/ebview/usr/bin


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#774233: systemd shell

[Antoine Beaupré]

On 2015-01-27 15:30:24, Niels Thykier wrote:
 Control: tags -1 patch

 On 2014-12-30 17:10, Antoine Beaupré wrote:
 And actually, maybe it should be a subsection like 4.1.4.1 that would be
 refered to by 5.5...
 

 Hi,

 Thanks for reporting this.

 The attached patch attempts to cover a basic 4.1.4.2 section for
 describing how to obtain a shell under systemd if booting fails.
 Admittedly, it lacks a reference from 5.5, but that should be fairly
 trivial once the contents of 4.1.4.2 is in place.

 A review would be greatly appreciated.

I am not familiar with the XML syntax, but the text looks fine.

Thanks!

A.

-- 
Code is law.
 - Lawrence Lessig


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776428: tracker.debian.org: Add a link to the Security Bug Tracker

[Frederic MASSOT]

Package: tracker.debian.org
Severity: wishlist

Dear Maintainer,

Can you add a link to the Security Bug Tracker ?

https://security-tracker.debian.org/tracker/

Regards.

-- System Information:
Debian Release: 8.0
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'stable-updates'), (500, 
'testing'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776437: network-manager: After suspend the routing table is sometimes wrong

[Cesar Enrique Garcia]

Package: network-manager
Version: 0.9.10.0-5
Severity: important

 After I suspending my laptop and waking it up again, the routing table is
 no longer a valid one:

 # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse Iface
192.168.0.0 0.0.0.0 255.255.255.0   U 0  00 eth1

 whereas the routing table before suspending is:
  # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG1024   00 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1000   00 eth1
192.168.0.0 0.0.0.0 255.255.255.0   U 0  00 eth1

 nm-applet shows that the eth1 is connected to the Wi-Fi.

 The error cannot be reproduced all the time. Since it is a quite old and 
 slow laptop, there might be some race condition.

 I see no error messages in /var/log/daemon.log.

 The IPv6 routing table also changed. Before:
Kernel IPv6 routing table
DestinationNext Hop   Flag Met Ref Use If
::/0   :: !n   -1  1 11760 lo
::1/128:: U256 0 0 lo
2001:4c50:2ce:1600:216:6fff:fe4a:3fc2/128 :: Ue   256 0 
0 eth1
2001:4c50:2ce:1600::/64:: U10  0 0 eth1
2001:4c50:2ce:1600::/56fe80::c627:95ff:feb0:f03   UG   10  0 0 eth1
fe80::/64  :: U256 0 0 eth1
::/0   fe80::c627:95ff:feb0:f03   UG   1024 0 0 eth1
::/0   :: !n   -1  1 11760 lo
::1/128:: Un   0   167 lo
2001:4c50:2ce:1600:216:6fff:fe4a:3fc2/128 :: Un   0   1 
6 lo
fe80::216:6fff:fe4a:3fc2/128   :: Un   0   1   169 lo
ff00::/8   :: U256 2 0 eth1
::/0   :: !n   -1  1 11760 lo


After:

Kernel IPv6 routing table
DestinationNext Hop   Flag Met Ref Use If
::/0   :: !n   -1  1  4552 lo
::1/128:: U256 0 0 lo
2001:4c50:2ce:1600:216:6fff:fe4a:3fc2/128 :: Ue   256 0 
0 eth1
2001:4c50:2ce:1600::/64:: U10  0 0 eth1
2001:4c50:2ce:1600::/56fe80::c627:95ff:feb0:f03   UG   10  0 0 eth1
fe80::/64  :: U256 0 0 eth1
::/0   fe80::c627:95ff:feb0:f03   UG   1024 0 0 eth1
::/0   :: !n   -1  1  4552 lo
::1/128:: Un   0   123 lo
2001:4c50:2ce:1600:216:6fff:fe4a:3fc2/128 :: Un   0   5 
  979 lo
fe80::216:6fff:fe4a:3fc2/128   :: Un   0   1   218 lo
ff00::/8   :: U256 2 0 eth1
::/0   :: !n   -1  1  4552 lo

Regards

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/1 CPU core)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages network-manager depends on:
ii  adduser3.113+nmu3
ii  dbus   1.8.12-3
ii  init-system-helpers1.22
ii  isc-dhcp-client4.3.1-5
ii  libc6  2.19-13
ii  libdbus-1-31.8.12-3
ii  libdbus-glib-1-2   0.102-1
ii  libgcrypt201.6.2-4+b1
ii  libglib2.0-0   2.42.1-1
ii  libgnutls-deb0-28  3.3.8-5
ii  libgudev-1.0-0 215-8
ii  libmm-glib01.4.0-1
ii  libndp01.4-2
ii  libnewt0.520.52.17-1+b1
ii  libnl-3-2003.2.24-2
ii  libnl-genl-3-200   3.2.24-2
ii  libnl-route-3-200  3.2.24-2
ii  libnm-glib40.9.10.0-5
ii  libnm-util20.9.10.0-5
ii  libpam-systemd 215-8
ii  libpolkit-gobject-1-0  0.105-8
ii  libreadline6   6.3-8+b3
ii  libsoup2.4-1   2.48.0-1
ii  libsystemd0215-8
ii  libteamdctl0   1.12-1
ii  libuuid1   2.25.2-4
ii  lsb-base   4.1+Debian13+nmu1
ii  policykit-10.105-8
ii  udev   215-8
ii  wpasupplicant  2.3-1

Versions of packages network-manager recommends:
ii  crda3.13-1
ii  dnsmasq-base2.72-2
ii  iptables1.4.21-2+b1
ii  iputils-arping  3:20121221-5+b2
ii  modemmanager1.4.0-1
ii 

Bug#775990: bug 775990

[Sandro Knauß]

tags 775990 +patch
severity 775990 grave
thanks

* The link has a patch mentioned:

http://quickgit.kde.org/?p=akonadi.gita=commith=4ef5e13b047b73de1c9dee1ee4705fdb93c1fbe4

* Deadlock makes the package not usable, so set severity to grave.

regards,

sandro


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776343: tecnoballz: Lack of a --no-verbose option

[Celelibi]

2015-01-27 17:36 UTC+01:00, Markus Koschany a...@gambaru.de:
 On Tue, 27 Jan 2015 03:13:16 +0100 Celelibi celel...@gmail.com wrote:
 Package: tecnoballz
 Version: 0.93.1-2
 Severity: wishlist

 Hello again :),

 When tecnoballz has been launched with --verbose option, it is recorded
 and every subsequent run will be verbose. The only way I found to
 disable the verbose option is by editing by hand the config file.

 Actually, I'd even question the relevance of saving this option. It's
 not a user preference like the language or the user names. It's more
 like a one-time usage to debug something.

 Regards,
 Celelibi

 Hello,

 I agree with you that saving the verbose option is not really useful.
 Indeed the only way to revert --verbose is by editing the config file.
 Nevertheless this looks like an intended design decision. I will ask the
 developer about this when he responds to your other bug reports, but
 don't expect a resolution for your problem. It might be wontfix.

 Regards,

 Markus

If saving the setting is a design choice for whatever reason,
implenting a --no-verbose should be reasonable.


Regards,
Celelibi


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775661: [775661] additional info to odd completion candidates

[lumin]

I'm sorry to reply so late.

In fact, these 3 files were generated from one of my python scripts.

-rw-r--r-- 1 x x 201K Jan 18 10:13 linux?.0
-rw-r--r-- 1 x x 113K Jan 18 10:13 linux?.1
-rw-r--r-- 1 x x 151K Jan 18 10:13 linux?.2

And I then found that, the ? displayed in filename field denotes '\n'.
at the beginning I tried to fix the issue in my script:

f = open (filename.replace('?', ''), 'w+') [0]

but it doesn't work. however another replace action

f = open (filename.replace('\n', ''), 'w+') [1]

really kills that odd character.

thank you,
Ville Skyttä
Peter Cordes
for looking into this issue.

[0] where filename is a string object, the method replace does
replacement in the string.
[1] means delete all the newline character.
-- 
 .''`.
: :' :
`. `' 
  `-  


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776428: tracker.debian.org: Add a link to the Security Bug Tracker

[Paul Wise]

On Wed, Jan 28, 2015 at 6:30 AM, Frederic MASSOT wrote:

 Can you add a link to the Security Bug Tracker ?

Packages with security issues already have action items that link to
the security tracker. Is there anything more you would like to see
added? Please give an example package and explanation of what is
missing from the tracker page.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#775661: [775661] additional info to odd completion candidates

[lumin]

I extracted the lines of python code below,
 which contribute to this issue.

:)
Thanks.

foo.py
---
|#!/usr/bin/python3.4
|# -*- Coding: UTF-8 -*-
|
|for i in range (3):
|   with open (linux + \n. + str(i), w+) as f:
|   f.write( )


-- 
 .''`.
: :' :
`. `' 
  `-  


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776005: general: After finished the installation, I rebooted and the initialization has been stopped

[Riley Baird]

I'm not sure - sorry. I have noticed, however, that you forgot to CC the
bug. I've just done that now, so hopefully someone else will know.

On 24/01/15 23:54, Fco. Javier Fdez. Serrador wrote:
 No, I cannot it because the keyboard does not start. I started with
 Advanced Options -- Debian GNU/Linux (recovery mode).
 Then, as root, I do a exit, and then it start the rest OK greeen, and
 then start LXDE.
 
 
 2015-01-22 21:04 GMT+01:00 Riley Baird
 bm-2cvqnduybau5do2dfjtrn7zbaj246s4...@bitmessage.ch:
 The initialization is stoped and the system does not do anything. I have to 
 do
 a hard reboot, and select the emergency bootup.

 Does it work when you use the sysvinit option?
 
 
 


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#762330: Is libjsoncpp still active maintained?

[Peter Spiess-Knafl]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I am currently in discussion with the upstream author:

https://github.com/open-source-parsers/jsoncpp/issues/147

ABI compatibility looks terrible.

On 01/27/2015 12:57 PM, Martin Quinson wrote:
 On Tue, Jan 27, 2015 at 11:41:49AM +, Peter Spiess-Knafl
 wrote:
 The actual maintainer seems unresponsive. I contacted him 2
 months ago and pinged again now, no luck so far.
 
 Can I adopt it, if there is no RFA? What if the current
 maintainer does not answer at all?
 
 Anyway I will start packaging current 0.7.x. And maybe the latest
 1.3 for experimental.
 
 Would you be able to review/sponsor it, if it is done?
 
 I'm affraid I'm really overloaded right now. But if you come up
 with a repackaging of libjsoncpp, we'll find a solution. There is
 quite a few reverse dependencies (afaik), so we will find someone
 to review and sponsor your packaging. I will have a very bad time
 helping you packaging the stuff, though.
 
 If the maintainer is MIA, then we can upload the new versions as
 NMU or even move to a team maintenance, don't stress. 2 months is
 already something, but I'd prefer to not hijack the package before
 another 2 months period, to give enough time to the maintainer to
 react.
 
 I'm not really aware of what are the good practices in this domain
 for debian. You should ask to some QA mailing list, maybe.
 
 Bye, Mt.
 

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEcBAEBAgAGBQJUyEUYAAoJEAwiV48qkHlkytUH/iY9Q0HPFfXny7gUX3O3MB6b
fvNKpRQkw++vaup3Dw61npvSbkHvDZuJGxpALAYx1k2vmW6et1iCTKfvFgdgZNan
yxPOGaliIoMFA08tda9c54pI2+cNw6eQAD0wC1g1bub3pvkOhV5ea/SL6YlCLJyI
irEDu2b2MhcMJ5CRtaDfS4ZfsK38KVKBmRIDuZ6Tn5zvOwRmlWddWqInVyMjFTdW
sRQ2SAytXZLQrZ7AYHjRemve5Lpe/vtoTtJ0bsNMK1TnGpKGssEXow3HwCbCIj5B
RTsrfLS5k3cAXCuRh1yUC7zlVFdQLbIMImCG7nY/H6CLc8bb7U3aZq4rV+u8fe0=
=Mzdt
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776095: wheezy-pu: package sudo/1.8.5p2-1+nmu2

[Andreas Beckmann]

Followup-For: Bug #776095
Control: tag -1 - confirmed

Hi,

further testing revealed that the fix in 1.8.7-1 (that I backported)
was insufficient for sudo-ldap since in lenny sudo and sudo-ldap
created different /etc/sudoers, but only the one from sudo/lenny was
covered so far.
An updated diff is attached, adding more md5sums.
It also contains some git adjustments.

There is not much point in fixing this in jessie, since that would only
help on this unsupported upgrade path:

  lenny - squeeze - jessie

i.e. skipping over wheezy.
(But since there are other issues with sudo and the patch is pretty
straightforward, the fix may end up in jessie anyway.)

Regarding the version number, the following would probably work,too:

  1.8.5p2-1.2+deb7u2


Andreas
diff -Nru sudo-1.8.5p2/debian/changelog sudo-1.8.5p2/debian/changelog
--- sudo-1.8.5p2/debian/changelog	2013-03-01 06:18:08.0 +0100
+++ sudo-1.8.5p2/debian/changelog	2015-01-28 02:10:56.0 +0100
@@ -1,3 +1,12 @@
+sudo (1.8.5p2-1+nmu2) wheezy; urgency=medium
+
+  * Non-maintainer upload.
+  * Backport from 1.8.7-1: recognize lenny and squeeze unmodified sudoers to
+avoid dpkg questions about modified conffiles on upgrades to wheezy.
+(Closes: #660594)
+
+ -- Andreas Beckmann a...@debian.org  Wed, 28 Jan 2015 02:07:46 +0100
+
 sudo (1.8.5p2-1+nmu1) unstable; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff -Nru sudo-1.8.5p2/debian/control sudo-1.8.5p2/debian/control
--- sudo-1.8.5p2/debian/control	2012-06-28 20:06:35.0 +0200
+++ sudo-1.8.5p2/debian/control	2015-01-28 02:10:56.0 +0100
@@ -4,8 +4,8 @@
 Maintainer: Bdale Garbee bd...@gag.com
 Build-Depends: debhelper (= 7), libpam0g-dev, libldap2-dev, libsasl2-dev, libselinux1-dev [linux-any], autoconf, autotools-dev, bison, flex
 Standards-Version: 3.9.3
-Vcs-Git: git://git.gag.com/debian/sudo
-Vcs-Browser: http://git.gag.com/?p=debian/sudo
+Vcs-Git: git://anonscm.debian.org/collab-maint/sudo.git -b wheezy
+Vcs-Browser: https://anonscm.debian.org/cgit/collab-maint/sudo.git
 
 Package: sudo
 Architecture: any
diff -Nru sudo-1.8.5p2/debian/gbp.conf sudo-1.8.5p2/debian/gbp.conf
--- sudo-1.8.5p2/debian/gbp.conf	2012-06-28 20:06:35.0 +0200
+++ sudo-1.8.5p2/debian/gbp.conf	2015-01-28 02:10:56.0 +0100
@@ -8,7 +8,7 @@
 # the default branch for upstream sources:
 upstream-branch = upstream
 # the default branch for the debian patch:
-debian-branch = master
+debian-branch = wheezy
 # the default tag formats used:
 #upstream-tag = upstream/%(version)s
 #debian-tag = debian/%(version)s
diff -Nru sudo-1.8.5p2/debian/sudo-ldap.preinst sudo-1.8.5p2/debian/sudo-ldap.preinst
--- sudo-1.8.5p2/debian/sudo-ldap.preinst	2012-06-28 20:06:35.0 +0200
+++ sudo-1.8.5p2/debian/sudo-ldap.preinst	2015-01-28 02:10:56.0 +0100
@@ -8,7 +8,9 @@
 
   if [ -e $SUDOERS ]; then
 md5sum=$(md5sum $SUDOERS | sed -e 's/ .*//')
-if [ $md5sum = c5dab0f2771411ed7e67d6dab60a311f ]; then
+if [ $md5sum = c310ef4892a00cca8134f6e4fcd64b6d ] ||  #lenny/sudo
+   [ $md5sum = 4f29c034a4229544ffdd9168a14f6cde ] ||  #lenny/sudo-ldap
+   [ $md5sum = c5dab0f2771411ed7e67d6dab60a311f ]; then   #squeeze
 	# move unchanged sudoers file to avoid conffile question
 mv $SUDOERS $SUDOERS.pre-conffile
 fi
diff -Nru sudo-1.8.5p2/debian/sudo.preinst sudo-1.8.5p2/debian/sudo.preinst
--- sudo-1.8.5p2/debian/sudo.preinst	2012-06-28 20:06:35.0 +0200
+++ sudo-1.8.5p2/debian/sudo.preinst	2015-01-28 02:10:56.0 +0100
@@ -8,7 +8,9 @@
 
   if [ -e $SUDOERS ]; then
 md5sum=$(md5sum $SUDOERS | sed -e 's/ .*//')
-if [ $md5sum = c5dab0f2771411ed7e67d6dab60a311f ]; then
+if [ $md5sum = c310ef4892a00cca8134f6e4fcd64b6d ] ||  #lenny/sudo
+   [ $md5sum = 4f29c034a4229544ffdd9168a14f6cde ] ||  #lenny/sudo-ldap
+   [ $md5sum = c5dab0f2771411ed7e67d6dab60a311f ]; then   #squeeze
 	# move unchanged sudoers file to avoid conffile question
 mv $SUDOERS $SUDOERS.pre-conffile
 fi

Bug#776441: harden-nids: Alternative to snort is not NIDS software

[Javier Fernández-Sanguino Peña]

Source: harden
Version: 0.1.38+nmu1
Severity: important
Tags: patch

The harden-nids package claims to provide a network intrusion detection upon
installation but depends on: 'snort | ntop'

Snort is a network intrusion detection program, but ntop is not. Ntop is a
network traffic probe that makes it possible to do traffic analysis but it 
does not have any capabilities to detect malicious network traffic either
through behavioural or signature-based mechanisms (an upstream does not claim
it to).

Ntop does not comply with the package description definition either:  A
network intrusion detection system is a tool that analyzes network packets and
logs anomalies or known crack attempts. 

I would suggest the package to remove ntop and include 'suricata' instead which
*is* a network intrusion system. Attached is a patch that does just that.

I'm setting the severity to 'important' since currently, in testing, Snort is
not available (due to a removal from the Release Managers in December) and
users installing this package currently in testing (and possibly in the
'jessie' release) would be just installing 'ntop' and not really an NIDS.

In that way, the package description would be completely misleading.


-- System Information:
Debian Release: 8.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores)
Locale: LANG=es_ES.utf8, LC_CTYPE=es_ES.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- control.orig	2015-01-28 02:06:09.0 +0100
+++ control	2015-01-28 02:06:36.0 +0100
@@ -111,7 +111,7 @@
 
 Package: harden-nids
 Architecture: all
-Depends: snort | ntop
+Depends: snort | suricata
 Recommends: logcheck
 Description: Harden a system by using a network intrusion detection system
  This package helps you to install a network intrusion detection system.

Bug#776442: backportpackage: doesn't follow conventions on Debian

[Samuel Bronson]

Package: ubuntu-dev-tools
Version: 0.143
Severity: normal

Dear Maintainer,

The backportpackage doesn't appear to follow the
backports.debian.org conventions properly: it uses a strange version
numbering scheme, rather than doing what it says on
http://backports.debian.org/Contribute/, namely:

  * Append ~bpo${debian_release}+${build_int} to the version number,
e.g. 1.2.3-4 now becomes 1.2.3-4~bpo60+1, or for native
packages, 1.2.3 becomes 1.2.3~bpo60+1.

Also, it seems that it should ideally check what version's in the
target distro/backports already and pass it to dpkg-builpackage after
-v:

  * Include all changelog entries since the last version on
debian-backports or since stable if it's the first version. You
should do this by passing -v to dpkg-buildpackage. Eg: debuild
-v0.7.5-2, where 0.7.5-2 is the version in stable. If the
package wasn't in stable or backports before you don't have
include the changelog entrys (but you are free to do so).

Though, honestly, that would not have helped me much because I had to
unpack the package anyway in order to build it with debuild -- I don't
really feel the need to use a chroot for a private build targetting
the release I'm on ...

-- Thanks,
Samuel Bronson

-- System Information:
Debian Release: 7.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages ubuntu-dev-tools depends on:
ii  binutils   2.22-8+deb7u2
ii  dctrl-tools2.22.2
ii  devscripts 2.12.6+deb7u2
ii  diffstat   1.55-3
ii  distro-info0.10
ii  dpkg-dev   1.16.15
ii  lsb-release4.1+Debian8+deb7u1
ii  perl   5.14.2-21+deb7u2
ii  python 2.7.3-4+deb7u1
ii  python-apt 0.8.8.2
ii  python-debian  0.1.21
ii  python-distro-info 0.10
ii  python-httplib20.7.4-2+deb7u1
ii  python-launchpadlib1.9.12-2
ii  python-lazr.restfulclient  0.12.0-2+deb7u1
ii  python2.6  2.6.8-1.1
ii  python2.7  2.7.3-6+deb7u2
ii  sudo   1.8.5p2-1+nmu1

Versions of packages ubuntu-dev-tools recommends:
ii  bzr 2.6.0~bzr6526-1
ii  bzr-builddeb2.8.4
ii  ca-certificates 20130119+deb7u1
ii  cowdancer   0.70
ii  debian-archive-keyring  2014.3~deb7u1
ii  debian-keyring  2013.04.21
ii  debootstrap 1.0.48+deb7u2
ii  dput0.9.6.3+nmu2
ii  genisoimage 9:1.1.11-2
ii  libwww-perl 6.04-1
ii  lintian 2.5.30+deb8u2~bpo70+1
ii  patch   2.6.1-3
ii  pbuilder0.213
ii  perl-modules5.14.2-21+deb7u2
ii  python-dns  2.3.6-1+deb7u1
ii  python-gnupginterface   0.3.2-9.1
ii  python-soappy   0.12.0-4
ii  quilt   0.60-2
ii  reportbug   6.4.4+deb7u1

Versions of packages ubuntu-dev-tools suggests:
pn  ipythonnone
ii  python 2.7.3-4+deb7u1
ii  python-simplejson  2.5.2-1
pn  qemu-user-static   none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#776317: Jessie RC1 amd64 mini image missing efi bootloader

[Jack Truong]

Hi all,

The ISO in question was in fact the same one mentioned 
(http://ftp.fr.debian.org/debian/dists/testing/main/installer-amd64/20150107/images/netboot/mini.iso).


I have copied the contents of efi.img to the FAT partition and it does 
boot on my EFI firmware now. Thank you!


On 01/27/2015 04:47 AM, Thomas Schmitt wrote:

Hi,

Summary:

There are two EFI System Partitions in mini.iso.
The one for booting from USB stick or qemu -hdb is indeed empty.

One could try whether it helps to copy the files from the FAT
image /boot/grub/efi.img in the ISO to MBR partition 2:

- Put mini.iso onto a USB stick /dev/sdb or other hard disk device

 dd if=mini.iso of=/dev/sdb

- Mount the ISO image

 mount -o loop mini.iso /mnt/iso

- Mount the FAT filesystem inside /mnt/iso/boot/grub/efi.img

 mount -o loop /mnt/iso/boot/grub/efi.img /mnt/fat_iso

- Mount the FAT filesystem in MBR partition 2 of the USB stick

 mount /dev/sdb2 /mnt/fat

- Copy from efi.img into partition 2 of the USB stick:

 cp -a /mnt/fat_iso/* /mnt/fat

- Check for sucessful copy:

 find /mnt/fat

   should yield

 /mnt/fat
 /mnt/fat/efi
 /mnt/fat/efi/boot
 /mnt/fat/efi/boot/bootx64.efi

- Unmount what you mounted:

 umount /mnt/fat_iso /mnt/fat /mnt/iso

- Try whether the stick boots via EFI.

---
Details:

Cyril Brulebois wrote:

I don't know much about EFI Partition etc. therefore I'm not
sure how they're related to an ISO9660 image. :/


mini.iso and debian-7*-amd64-netinst.iso differ in this aspect.

In Debian amd64 netinst, the EFI System Partition is a data file
inside the ISO filesystem which contains a FAT filesystem image.
In this FAT image there are the files which EFI will use for booting.
Debian has GRUB2 boot loader equipment in there.
The block address and size of the EFI partition is published by
an entry in the El Torito boot catalog, by a partition table entry
in the MBR, by a partition table entry in GPT, and by a (probably
useless) entry in Apple Partition Map.

Inspecting mini.iso

   
http://ftp.fr.debian.org/debian/dists/testing/main/installer-amd64/20150107/images/netboot/mini.iso

by xorriso-1.3.8 yields:

   Volume id: 'ISOIMAGE'
   El Torito catalog  : 59  1
   El Torito cat path : /boot.cat
   El Torito images   :   N  Pltf  B   Emul  Ld_seg  Hdpt  Ldsiz LBA
   El Torito boot img :   1  BIOS  y   none  0x  0x00  48959
   El Torito boot img :   2  UEFI  y   none  0x  0x008329205
   El Torito img path :   1  /isolinux.bin
   El Torito img opts :   1  boot-info-table isohybrid-suitable
   El Torito img path :   2  /boot/grub/efi.img
   System area options: 0x0302
   System area summary: MBR isohybrid cyl-align-all
   ISO image size/512 : 44332
   Partition offset   : 0
   MBR heads per cyl  : 64
   MBR secs per head  : 32
   MBR partition table:   N Status  TypeStart   Blocks
   MBR partition  :   1   0x80  0x17045056
   MBR partition  :   2   0x00  0x014505612288

So we have no GPT and no (probably useless) APM here.
There are two EFI partitions exposed.
One is the data file /boot/grub/efi.img of the ISO filesystem
pointed to by the El Torito boot catalog.
The other is an appended blob, marked by MBR partition 2.
(The partition type 0x01 is questionable.)

One can extract them by:

   mount -o loop mini.iso /mnt/iso
   cp /mnt/iso/boot/grub/efi.img eltorito_efi.img

   dd if=mini.iso bs=512 skip=45056 count=12288 of=mbr_efi.img

Both files differ heavily in size

   -r--r--r-- 1 thomas thomas  425984 2015-01-27 09:59 eltorito_efi.img
   -rw-r--r-- 1 thomas thomas 6291456 2015-01-27 10:00 mbr_efi.img

Inspecting both:

   $ mount -o loop eltorito_efi.img /mnt/fat
   $ find /mnt/fat
   /mnt/fat
   /mnt/fat/efi
   /mnt/fat/efi/boot
   /mnt/fat/efi/boot/bootx64.efi
   $ umount /mnt/fat
   $ mount -o loop mbr_efi.img /mnt/fat
   $ find /mnt/fat
   /mnt/fat
   $

So the El Torito advertised partition contains files,
whereas the MBR advertised partition has an empty filesystem.
Probably mini.iso will boot via EFI from CD/DVD/BD resp. qemu -cdrom,
but not from USB stick resp. qemu -hdb.
The presence of an isohybrid MBR will allow booting via BIOS emulation.

---

For comparison the boot anatomy of a amd64 netinst ISO:

   $ xorriso-1.3.8 -indev debian-7.7.0-amd64-netinst.iso \
   -report_el_torito plain -report_system_area plain
   ...
   Volume id: 'Debian 7.7.0 amd64 1'
   El Torito catalog  : 847  1
   El Torito cat path : /isolinux/boot.cat
   El Torito images   :   N  Pltf  B   Emul  Ld_seg  Hdpt  Ldsiz LBA
   El Torito boot img :   1  BIOS  y   none  0x  0x00  4 848
   El Torito boot img :   2  UEFI  y   none  0x  0x00896 860
   El Torito img path :   1  /isolinux/isolinux.bin
   El Torito img 

Bug#776383: system hangs from btrfs

[chrysn]

Package: src:linux
Version: 3.16.7-ckt2-1
Severity: normal

under conditions i can not narrow down further[1], all processes that try to
access a given mounted btrfs file system freeze. this affects even processes
like `ps u` called by a user not at home in the affected file system inside the
first read to an opened /proc/8119/cmdline file.

for recovery, i did succede in logging in on the console as another user, but
that didn't help much in enumerating my currently open processes. (going
through the workspaces on my user's running X session did work, however, as
X and i3wm seem not to access the file system a lot).

the output of dmesg is attached, the relevant section seems to be:

[981640.274876] INFO: task btrfs-transacti:5427 blocked for more than 120 
seconds.
[981640.274886]   Tainted: G   O  3.16.0-4-amd64 #1
[981640.274889] echo 0  /proc/sys/kernel/hung_task_timeout_secs disables 
this message.
[981640.274892] btrfs-transacti D 8800d5a699c8 0  5427  2 0x
[981640.274902]  8800d5a69570 0046 00013280 
8800c92f3fd8
[981640.274908]  00013280 8800d5a69570 88012aa3bb40 
88012aa3bbb0
[981640.274913]  88012aa3b2d0 88012aa3bb40 8800d5a69570 
8800d5a69570
[981640.274919] Call Trace:
[981640.274994]  [a026c335] ? wait_for_commit.isra.15+0x35/0x60 
[btrfs]
[981640.275003]  [810a5940] ? prepare_to_wait_event+0xf0/0xf0
[981640.275044]  [a026d095] ? btrfs_commit_transaction+0x1a5/0x9c0 
[btrfs]
[981640.275077]  [a026d940] ? start_transaction+0x90/0x560 [btrfs]
[981640.275112]  [a0268efd] ? transaction_kthread+0x1ad/0x240 [btrfs]
[981640.275144]  [a0268d50] ? btrfs_cleanup_transaction+0x530/0x530 
[btrfs]
[981640.275152]  [81085f1d] ? kthread+0xbd/0xe0
[981640.275159]  [81085e60] ? kthread_create_on_node+0x180/0x180
[981640.275166]  [8150d27c] ? ret_from_fork+0x7c/0xb0
[981640.275172]  [81085e60] ? kthread_create_on_node+0x180/0x180

at no point since startup of the system have btrfs devices been added,
removed, or `btrfs send` been invoked.

please let me know if i should provide any other log files.

(sorry for not reporting this from the original kernel, i took notes in
the crashed situation and rebooted into the kernel that has been
installed at some point in time, but preserved the dmesg output; the
reported linux version and the linux version given below should match
the setup from back then, though.)

best regards
chrysn


[1] for sake of completeness, i'll try anyway: logged in as chrysn on an x
session, i was running epiphany, had an upload dialog open, entered a file name
(which in hindsight was probably nonexistent), pressed return and the dialog
froze, along with everything else.



-- Package-specific info:
** Version:
Linux version 3.16.0-4-amd64 (debian-ker...@lists.debian.org) (gcc version 
4.8.3 (Debian 4.8.3-16) ) #1 SMP Debian 3.16.7-ckt2-1 (2014-12-08)

** Command line:
BOOT_IMAGE=/vmlinuz-3.16.0-4-amd64 root=/dev/mapper/root ro 
rootflags=subvol=debian-sid-root quiet thinkpad_acpi.fan_control=1

** Tainted: O (4096)
 * Out-of-tree module has been loaded.

** Model information
sys_vendor: LENOVO
product_name: 20CD0035GE
product_version: ThinkPad S1 Yoga
chassis_vendor: LENOVO
chassis_version: Not Available
bios_vendor: LENOVO
bios_version: GQET34WW (1.14 )
board_vendor: LENOVO
board_name: 20CD0035GE
board_version: SDK0E50512 Std

** Loaded modules:
vboxpci(O)
vboxnetadp(O)
vboxnetflt(O)
vboxdrv(O)
pci_stub
ctr
ccm
tun
bnep
toshiba_acpi
sparse_keymap
hp_accel
lis3lv02d
input_polldev
binfmt_misc
nls_utf8
nls_cp437
vfat
fat
ext4
mbcache
jbd2
cuse
fuse
parport_pc
ppdev
lp
parport
hid_sensor_incl_3d
hid_sensor_magn_3d
hid_sensor_rotation
hid_sensor_gyro_3d
hid_sensor_als
hid_sensor_accel_3d
hid_sensor_trigger
industrialio_triggered_buffer
kfifo_buf
hid_sensor_iio_common
industrialio
uvcvideo
videobuf2_vmalloc
videobuf2_memops
videobuf2_core
v4l2_common
hid_sensor_hub
hid_multitouch
videodev
media
wacom
snd_hda_codec_conexant
joydev
snd_hda_codec_generic
snd_hda_codec_hdmi
arc4
iTCO_wdt
iTCO_vendor_support
iwlmvm
ecb
x86_pkg_temp_thermal
mac80211
btusb
bluetooth
6lowpan_iphc
intel_powerclamp
crc16
intel_rapl
snd_hda_intel
coretemp
psmouse
kvm_intel
evdev
i915
iwlwifi
drm_kms_helper
kvm
snd_hda_controller
snd_hda_codec
thinkpad_acpi
serio_raw
pcspkr
nvram
cfg80211
rfkill
drm
i2c_algo_bit
rtsx_pci_ms
efi_pstore
memstick
tpm_tis
tpm
efivars
i2c_i801
i2c_core
battery
wmi
snd_hwdep
snd_pcm
snd_timer
snd
soundcore
ac
mei_me
mei
lpc_ich
video
processor
intel_smartconnect
shpchp
button
btrfs
xor
raid6_pq
algif_skcipher
af_alg
dm_crypt
dm_mod
md_mod
sg
usbhid
hid
sd_mod
crc_t10dif
crct10dif_generic
crct10dif_pclmul
crct10dif_common
crc32_pclmul
crc32c_intel
rtsx_pci_sdmmc
mmc_core
ghash_clmulni_intel
aesni_intel
aes_x86_64
lrw
gf128mul
glue_helper
ablk_helper
cryptd
ahci
libahci
libata
xhci_hcd
scsi_mod
rtsx_pci
mfd_core
usbcore