date:20170218

Bug#854804: [sane-devel] Bug#854804: saned: SANE_NET_CONTROL_OPTION response packet may contain memory contents of the server

2017-02-18 Thread Olaf Meeuwissen

Hi Kritphong,

Kritphong Mongkhonvanit writes:

> On 02/14/2017 09:04 PM, Olaf Meeuwissen wrote:
>> Could you run
>>
>>   SANE_DEBUG_SANEI_WIRE=128 saned -d128 2> saned.log
>>
>> reproduce and provide the saned.log (compressed if big)?
> The requested log is attached.

Thanks!!

I didn't write the code but, if my analysis is correct, it is actually
worse than sending server memory content over the wire.  It looks like
saned is clobbering memory, i.e. it's writing past the end of allocated
memory, as well.

According to your log (at line 4007), the saned process gets its first
SANE_NET_CONTROL_OPTION request.  That request tries to fetch the value
of the 8th option (compression) which is a string value that can be up
to 1024 (0x400) bytes long.  The request also sends a value with this
request, a NUL-terminated 1-byte long empty string.

# Code line references against f450049b.

At this point we are around line 4045 of the log.  Now let's switch to
the code.  The incoming request is handled in the case statement on line
1979 of frontend/saned.c.  The sanei_w_control_option_req() call has
taken care of the incoming request and the req structure now contains

  req.handle = 0;
  req.option = 8;  // 'compression'
  req.action = 0;  // SANE_ACTION_GET_VALUE
  req.value_type = 3;  // SANE_TYPE_STRING
  req.value_size = 1024;
  req.value  = "\0";

Most importantly, req.value was allocated as a *1*-byte buffer.  This
happens in the if-block starting at line 204 in sanei/sanei_wire.c.
Note that the `len` is passed back up via `len_ptr` but that that value
does *not* make it back to req.value_size because the w_option_value()
call in sanei_w_control_option_req() passes by value, not by reference.

This means that sane_control_option() on line 1999 in frontend/saned.c
happily passes a 1-byte buffer to the backend.  The backend assumes that
it can store up to 1024 bytes in that buffer and writes a NUL-terminated
five byte "JPEG" string into the 1-byte buffer.  Oops!

On line 2003 of frontend/saned.c the reply.value_size is set to the
value fo req.value_size (still 1024) and sanei_w_reply gets a reply
struct that:

 - has a pointer to a 1-byte block of memory
 - which holds a five byte string value
 - that is sent back as a 1024 buffer

Ouch!

This code has been around since the summer of 1999.  Seeing that we have
not had anyone complain about this before, please check my analysis with
care.  I have only "eyeballed" the code.  I have not tried to reproduce
or run things in a debugger or anything.

Attached is a minimal hack/patch that *tries* to fix it.  I have only
checked that it compiles.  Could you take a look at whether it fixes
the issue and does not break saned?

Hope this helps,
--
Olaf Meeuwissen, LPIC-2FSF Associate Member since 2004-01-27
 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13  F43E B8A4 A88A F84A 2DD9
 Support Free Softwarehttps://my.fsf.org/donate
 Join the Free Software Foundation  https://my.fsf.org/join
>From 46bab8cea5000b363ca4eb360e635285feb14ac7 Mon Sep 17 00:00:00 2001
From: Olaf Meeuwissen 
Date: Sun, 19 Feb 2017 16:45:45 +0900
Subject: [PATCH] Address memory corruption and information leakage.

---
 frontend/saned.c | 26 ++
 1 file changed, 26 insertions(+)

diff --git a/frontend/saned.c b/frontend/saned.c
index 0aba1755..8c4fa13a 100644
--- a/frontend/saned.c
+++ b/frontend/saned.c
@@ -1992,6 +1992,32 @@ process_request (Wire * w)
 	return 1;
 	  }

+/* Debian BTS #853804 */
+if (w->direction == WIRE_DECODE
+&& req.value_type == SANE_TYPE_STRING
+&& req.action == SANE_ACTION_GET_VALUE)
+  {
+if (req.value)
+  {
+/* FIXME: If req.value contained embedded NUL
+ *characters, this is wrong.
+ */
+w->allocated_memory -= (1 + strlen (req.value));
+free (req.value);
+  }
+req.value = malloc (req.value_size);
+if (!req.value)
+  {
+w->status = ENOMEM;
+DBG (DBG_ERR,
+ "process_request: (control_option) "
+ "h=%d (%s)\n", req.handle, strerror (w->status));
+return 1;
+  }
+memset (req.value, 0, req.value_size);
+w->allocated_memory += req.value_size;
+  }
+
 	can_authorize = 1;

 	memset (, 0, sizeof (reply));	/* avoid leaking bits */
-- 
2.11.0

Bug#854488: missing dependency

2017-02-18 Thread Carsten Schoenert

Hello,

On Sun, Feb 19, 2017 at 12:23:11AM +0100, VA wrote:
... 
> I started thunderbird and got anxious seeing it was taking more than 30
> seconds. After some investigation by running htop, I saw it was migrating my
> profile, but it was unexpected.
> 
> I searched a bit and stumbled upon this bug report. However, I didn't get
> any message.
> Judging 
> https://anonscm.debian.org/cgit/pkg-mozilla/icedove.git/tree/debian/thunderbird-wrapper.sh?h=debian/sid
> I guess it's because I'm running xfce, but zenity is not installed by
> xfce...

no one of us is using Xfce so we couldn't have tested a migration within
Xfce. But yes, it looks like zenity needed to be installed additionally on
Xfce.

> Either zenity should be added as a dependency, or the migration script
> should rather check which message box tool is installed and run that one,
> instead of the most cosmetic - yet unavailable - tool.

We can't add zenity as a dependency directly to thunderbird. We can't
add any such dependency for thunderbird as it would be overbloated for
the migration.

But we need to ensure we have the fallback for a desktop notification on
the system. This fallback is xmessage from the x11-utils package. I
added this package to the dependency list of thunderbird.

Regards
Carsten

Bug#855493: ejabberd: Please consider adding more examples to default ejabberd.yml

2017-02-18 Thread Johannes Schauer

Source: ejabberd
Severity: wishlist

Hi,

I recently configured my ejabberd server for compliance with the
ComplianceTester by Daniel Gultsch [1] and with the IM Observatory [2].
I would like to propose adding more example documentation to
ejabberd.yml such that it becomes easier for the user to achieve the
same.

Here is a list of possible improvements:

Use macros
==

Especially SSL options will be used at several places in ejabberd.yml.
Together with client to server, server to server, http upload and admin
web interface I ended up using the same options five times. I only
stumbled over the possibility to use macros in the configuration by
chance and think they deserve more wide-spread use because they allow
one to do the configuration in a central place. I use this:

define_macro:
  'CERTFILE': "/etc/ejabberd/ejabberd.pem"
  'CIPHERS': "ECDH:DH:!3DES:!aNULL:!eNULL:!MEDIUM@STRENGTH"
  'TLSOPTS':
- "no_sslv3"
- "cipher_server_preference"
- "no_compression"
  'DHFILE': "/etc/ejabberd/dhparams.pem" # generated with: openssl dhparam -out 
dhparams.pem 2048

And then later at many places in my config:

certfile: 'CERTFILE'
protocol_options: 'TLSOPTS'
dhfile: 'DHFILE'
ciphers: 'CIPHERS'

Which brings me to the next point:

Default TLS Options
===

It might make sense to document more secure TLS options than the
default. See above for some examples.

mod_http_upload
===

I understand why this should not be enabled by default but I think it
might make sense to make enabling it easier by supplying some commented
default like:

#  -
#port: 5443
#ip: "::"
#module: ejabberd_http
#request_handlers:
#  "": mod_http_upload
#tls: true
#certfile: 'CERTFILE'
#protocol_options: 'TLSOPTS'
#dhfile: 'DHFILE'
#ciphers: 'CIPHERS'

And then later:

#  mod_http_upload:
## docroot: "@HOME@/upload" # this is the default
#put_url: "https://@HOST@:5443; # default: "http://@HOST@:5444;
#thumbnail: false # otherwise needs the identify command from ImageMagick 
installed
#  mod_http_upload_quota:
#max_days: 30

mod_mam
===

Same for this one:

# XEP-0313: Message Archive Management
# You might want to setup a SQL backend for MAM because the mnesia database is
# limited to 2GB which might be exceeded on large servers
#  mod_mam: {}

Admin User
==

There is a small typo in the comment for admin user. It currently says:

  ## admin:
  ##   user:
  ## - "aleksey@localhost"
  ## - "erm...@example.org"

But this now became a key/value pair and would better be written as:

  ## admin:
  ##   user:
  ## - "aleksey": "localhost"
  ## - "ermine": "example.org"

TLS for s2s Communication
=

The default for this setting is currently:

-s2s_use_starttls: optional

which surprised me a lot. Should the default not be to always encrypt
and then the admin should make the concious choice when they want to
allow plain-text communication between servers?

I suppose this is set to optional because the google servers do not
support this? I still would argue that the default Debian configuration
should be secure end encrypted by default. I'd suggest changing this
setting to "required" and mention that the gmail server doesn't support
it in a comment next to it.

Thanks!

cheers, josch

[1] https://github.com/iNPUTmice/ComplianceTester (unfortunately this
cannot be built from source in Debian yet)
[2] https://xmpp.net/

Bug#855492: six: Please package sphinx documentation

2017-02-18 Thread Brian May

Source: six
Version: 1.10.0-3
Severity: important

Please package python-six-doc. This is required so that we can fix
#852512 in python-django.

Thanks

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (100, 
'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#704303: violates Debian Policy 2.3 Copyright considerations

2017-02-18 Thread Pirate Praveen

Control: reassign -1 firefox, firefox-esr

On Sun, 1 Jan 2017 16:55:52 +0500 Andrey Rahmatullin 
wrote:
> Note that since Policy 3.9.9 MPL should be in common-licenses.

Reassigning to firefox, which also has the same issue. When is Policy
3.9.9 expected to be released, would it be before stretch release?



signature.asc
Description: OpenPGP digital signature

Bug#855491: texlive-latex-recommended: emph macro is broken in fontspec 2.5c; please update to 2.5d

2017-02-18 Thread Chris Lawrence

Package: texlive-latex-recommended
Version: 2016.20170123-3
Severity: important
Tags: upstream

Per upstream issue https://github.com/wspr/fontspec/issues/254,
fontspec 2.5c does not properly italicize text marked with \emph{}
when in use. This is a rather serious "brown paper bug" affecting the
usability of the fontspec package with XeLaTeX and LuaLaTeX and
probably ought to be fixed despite the freeze.

The bug is fixed in upstream version 2.5d and later.

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing'), (400, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.10 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages texlive-latex-recommended depends on:
ii  tex-common  6.06
ii  texlive-base2016.20170123-3
ii  texlive-binaries2016.20160513.41080.dfsg-1
ii  texlive-latex-base  2016.20170123-3

Versions of packages texlive-latex-recommended recommends:
ii  prosper1.00.4+cvs.2007.05.01-4.1
ii  texlive-latex-recommended-doc  2016.20170123-3

Versions of packages texlive-latex-recommended suggests:
ii  texlive-pstricks  2016.20170123-3

Versions of packages tex-common depends on:
ii  dpkg  1.18.22
ii  ucf   3.0036

Versions of packages tex-common suggests:
ii  debhelper  10.2.5

Versions of packages texlive-latex-recommended is related to:
ii  tex-common6.06
ii  texlive-binaries  2016.20160513.41080.dfsg-1

-- no debconf information

Bug#794410: however powerpc in default install works

2017-02-18 Thread John Plumridge

Further to my report a little earlier on, I wish to confirm that the repeated 
problems I had were installing Jessie (stable) in ‘expert mode’; however I now 
find in default ‘install’ the 'Installation of Extra Software' proceeds after 
only a brief pause, to match software to the system. I checked by repeating the 
installation, and it worked again.
I’m sorry I cant provide any more details, as I am new to Debian installation.

SIncerely,
John Plumridge

Bug#853792: res_rtp_asterisk.c: Unable to allocate RTP socket: Address family not supported by protocol

2017-02-18 Thread Grzegorz Ojrzanowski

On Tue, 14 Feb 2017 23:13:17 +0100 Bernhard Schmidt 
wrote:
> Could you please try 13.14.0 from experimental? You might need to enable
> sid to install it (there is yet another ffmpeg version bump that has not
> migrated to stretch yet).
> 
> Please report back. If 13.14.0 works better for you I'll try to get the
> release team's approval for this version (or backport the fix, whatever
> they agree on).

Yes, I can confirm upgrading asterisk from 1:13.13.1~dfsg-4 to
1:13.14.0~dfsg-1~exp1 fixes the issue.

Grzegorz

Bug#855406: [thunderbird] commandline argument "-compose attachment" not recognized

2017-02-18 Thread Carsten Schoenert

Hello John,

On Sat, Feb 18, 2017 at 11:03:52PM +0100, John Landmesser wrote:

> I developed it on my own/with help of google and members of siduction-Forum
> 
> It was ok and working fine with icedove, multiple attachments with long
> filenames.
> 
> But it stopped working when the new Debian-Thunderbird showed up.
> 
> One of these siduction forum members showed me this:
> 
> > In man bash we can read in Shell Builtin Commands section:
> > 
> > Unless otherwise noted, each builtin command documented in this section as
> > accepting options preceded by - accepts -- to signify the end of the
> > options.
> > 
> > The :, true, false, and test builtins do not accept options and do not
> > treat
> > -- specially. The exit, logout, break, continue, let, and shift builtins
> > accept and process arguments beginning with - without requiring --. Other
> > builtins that accept arguments but are not specified as accepting options
> > interpret arguments beginning with - as invalid options and require -- to
> > prevent this interpretation.
> > 
> > Note that echo does not interpret -- to mean the end of options.
> 
> ... and that "--"  seems to be the problem?

no not really. We need the '--' operator to split of the options for the
wrapper and thunderbird. If you simply call 'thunderbird' the first
matching excecutable from the PATH variable will be used, and that will
be /usr/bin/thunderbird. Otherwise you need to giv the full path to the
binary, but without the use of /usr/bin/thunderbird there are some
environments not set up that can provoke other weird messages. So every
call to thunderbird should really be go through /usr/bin/thunderbird.

> thunderbird -- -compose "attachment='$(echo %F | sed 's: /:,/:g')'"
> 
> this does not work with Debian-thunderbird!
> 
> i can't give you the error message, because i went back to
> Mozilla-Thunderbird and i'm happy with that, because it's just working fine
> with my "menu entry"

A log or output message is always nice to have more corner information,
but I think your problem is related to #855334

https://bugs.debian.org/855334

Could you test Daniels changes and give some feedback?
Note that maybe the desktop entry needs to be different from the command
line command.
Note, a 'set -x' could help to see more detailed what the shell is
doing. Your problem here is simply the wrapper isn't giving the right
arguments to thunderbird. We need to find out where this is breaking.

Regards
Carsten

Bug#794410: also here on powerpc jessie install

2017-02-18 Thread John Plumridge

I also experience this problem on powerpc net install (mini.iso) . It stalls at 
‘Select and Install software’ from the start , at 1%. encountered three times 
in a row.

Bug#855432: unblock: openssl/1.1.0e-1

2017-02-18 Thread Cyril Brulebois

Kurt Roeckx  (2017-02-18):
> On Sat, Feb 18, 2017 at 06:16:28PM +0100, Cyril Brulebois wrote:
> > How soon do you want to see this package in testing? Given I've just
> > fixed a few things related to https support in d-i, it would be nice if
> > I were able to perform a full test with https here, making sure we don't
> > hit a regression there. If a reply this sunday is sufficient, I can do
> > that.

We have this right now:

wget-udeb  | 1.18-4| testing  → built against 1.0.2
wget-udeb  | 1.19.1-1  | unstable → built against 1.1

If we're not getting a newer wget for stretch (at least I didn't find
anything wget-related relevant for stretch in my debian-release folder),
I can't think of another libssl user for d-i, which seems confirmed by
looking at libssl*-udeb rdepends in sid.

Unless I'm missing something obvious: no objections.

KiBi.

signature.asc
Description: Digital signature

Bug#854925: closed by Michael Gilbert <mgilb...@debian.org> (Re: Bug#854925: chromium: Chromium does not start -- execv failed: No such file or directory)

2017-02-18 Thread Alexei Gonçalves de Oliveira

UPDATE: Chromium came back to life after upgrade to version 
56.0.2924.76. Thank you!




Em 17-02-2017 01:00, Debian Bug Tracking System escreveu:

This is an automatic notification regarding your Bug report
which was filed against the chromium package:

#854925: chromium: Chromium does not start -- execv failed: No such file or 
directory

It has been closed by Michael Gilbert .

Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Michael Gilbert 
 by
replying to this email.

Bug#855489: lilo-installer: fails in postinst: sfdisk: invalid option -- '1'

2017-02-18 Thread Cyril Brulebois

Control: tag -1 patch pending

Hi,

Adam Borowski  (2017-02-19):
> (reported by "jim" on #debian-boot)
> 
> After choosing LILO rather than GRUB as the boot loader,
> lilo-installer fails when invoking sfdisk.
> 
> Tested on /dev/vda and /dev/vda1.
> 
> 
> A totally untested idea for a patch attached.

I've reworded the patch a little, see attached file.

diskutils/sfdisk.c was rewritten anew in v2.26-rc1 and support for the
old shortcut was dropped when --activate was added again after they
restarted from a fresh main(), with getopts.

Pointers:
 * Switch to basic main(), old code deletion
   → 1881390de25df8587b8fc281c451796f7d032dd3
 * (Re)addition of--activate
   → 54b13b0c5caf6ae1745cbd526ea7e6581811b37f

Old comments:
/*
 * Activate: usually one wants to have a single primary partition
 * to be active. OS/2 fdisk makes non-bootable logical partitions
 * active - I don't know what that means to OS/2 Boot Manager.
 *
 * Call: activate /dev/hda 2 5 7   make these partitions active
 * and the remaining ones inactive
 * Or:   sfdisk -A /dev/hda 2 5 7
 *
 * If only a single partition must be active, one may also use the form
 *   sfdisk -A2 /dev/hda
 *
 * With "activate /dev/hda" or "sfdisk -A /dev/hda" the active partitions
 * are listed but not changed. To get zero active partitions, use
 * "activate /dev/hda none" or "sfdisk -A /dev/hda none".
 * Use something like `echo ",,,*" | sfdisk -N2 /dev/hda' to only make
 * /dev/hda2 active, without changing other partitions.
 *
 * A warning will be given if after the change not precisely one primary
 * partition is active.
 *
 * The present syntax was chosen to be (somewhat) compatible with the
 * activate from the LILO package.
 */

Awaiting test results from the reporter before pushing.


KiBi.
From 5470ee9fafecfc897503e18ce89dc9b11f528251 Mon Sep 17 00:00:00 2001
From: Adam Borowski 
Date: Sun, 19 Feb 2017 05:43:39 +0100
Subject: [PATCH] Reverse the order of arguments to sfdisk -A, and switch to
 --activate.

During a massive overhaul in util-linux 2.26, sfdisk -A accidentally
changed meaning to --append. This change was later reverted, but the
parsing was also reworked, and support for shortcuts like "fdisk -A2
/dev/hda" instead of "fdisk -A /dev/hda 2" was dropped.

So switch from -A to --activate for safety, and use the expected
argument order.

Submitted-by: Adam Borowski 

Commit message amended based on some util-linux history digging, and
quotes added to all arguments.

Signed-off-by: Cyril Brulebois 
---
 debian/changelog | 9 +
 debian/postinst  | 4 ++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 875dcdc..0a156fc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+lilo-installer (1.52) UNRELEASED; urgency=medium
+
+  [ Adam Borowski ]
+  * Reverse the order of arguments to sfdisk -A, and switch to --activate
+for extra safety since util-linux upstream had -a/-A mixed up at some
+point, and support for old syntax was dropped anyway (Closes: #855489).
+
+ -- Cyril Brulebois   Sun, 19 Feb 2017 06:05:22 +0100
+
 lilo-installer (1.51) unstable; urgency=medium
 
   [ Updated translations ]
diff --git a/debian/postinst b/debian/postinst
index 58ab0ce..dca8a4a 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -155,7 +155,7 @@ if (echo "${bootdev}" | grep -v '/c[0-9]d[0-9]$' | grep -q '[0-9]$') \
 		if [ "${RET}" = "true" ]; then
 			pnum=$(echo ${bootdev} | sed 's/^.*\([0-9]\+\)$/\1/')
 			echo -n "I: Setting partition to active..." >&2
-			sfdisk -A${pnum} ${disc_offered_devfs}
+			sfdisk --activate "${disc_offered_devfs}" "${pnum}"
 			echo "done." >&2
 		fi
 	fi
@@ -174,7 +174,7 @@ if [ "${raid_boot}" = no ] && (! fdisk -l "$disc_offered_devfs" | grep '^/dev/'
 		# /boot.
 		pnum="$(echo "$bootfs" | sed 's/^.*\([0-9]\+\)$/\1/')"
 		echo -n "I: Setting partition $bootfs to active..." >&2
-		sfdisk -A"$pnum" "$disc_offered_devfs"
+		sfdisk --activate "${disc_offered_devfs}" "${pnum}"
 		echo "done." >&2
 	fi
 fi
-- 
2.1.4



signature.asc
Description: Digital signature

Bug#855436: [Pkg-e-devel] Bug#855436: e17: Newer version of Enlightenment in Debian/testing

2017-02-18 Thread Adrian Immanuel Kieß

Hello Andreas,

thank you for your answer.

With friendly greetings,

Adrian Immanuel Kieß

-- 
With many greetings from Leipzig, Germany.
Adrian Immanuel Kieß 

Gothaer Straße 34
D-04155 Leipzig

Administrator & programmer
Unix ∧ Perl ∧ Java ∧ LaTeX

 — < adrian@kiess.engineer >
 — http://www.kiess.engineer # Homepage of Adrian Immanuel Kieß
 — http://www.totaleueberwachung.de # Site for people who hear voices
 — http://www.outanekka.org # Outanekka online image gallery

--SYSTEM--
echo "Your fortune cookie: " && /usr/games/fortune -c -s
> (miscellaneous) % Huh?

echo "IMMANUELK.NET uptime: " && /usr/bin/uptime
> 06:21:12 up 3 days, 1:04, 9 users, load average: 1.30, 1.17, 1.35


On Sat, 2017-02-18 at 07:36 +0100, Andreas Metzler wrote:
> On 2017-02-18 Adrian Immanuel Kiess  wrote:
> > Package: e17
> > Version: 0.17.6-1.1
> > Severity: wishlist
> > Dear Maintainer,
> > would it be possible to have a newer version of Enlightenment in
> > Debian/testing?
> > I already suggested this once.
> > The V17 of Enlightenment is quite outdated and it would be nice to
> > have a newer version in the repositories.
> 
> Hello,
> 
> it is not possible currently, Debian/testing has been in transition
> freeze since November 5th 2016.
> 
> Newer packages are available in Debian/experimental.
> 
> cu Andreas
> 

signature.asc
Description: This is a digitally signed message part

Bug#855490: xapian-omega: Term based date range filtering broken

2017-02-18 Thread Olly Betts

Package: xapian-omega
Version: 1.4.3-2
Severity: important
Tags: patch upstream

Upstream changes in 1.4.2 (to fix new GCC 7 warnings) broke term-based
date range filtering, which is the default date range filtering mode.

Unfortunately there's not a simple general workaround for this breakage.
Using value ranges for date filtering is also supported since 1.4.0, but
isn't a clean drop-in replacement - for example, it requires having
equivalent date information available in a value slot, and doesn't
support a way to have documents which match any range (for "sticky"
posts, etc).

The attached patch is the fix applied upstream.

Cheers,
Olly
commit dbc785d336daf7a33a7d86af16e28b16c47ca66e
Author: Olly Betts 
Date:   Tue Feb 14 15:45:17 2017 +1300

Fix term-based date ranges

Broken by changes in 1.4.2.  Found and diagnosed by Gaurav Arora.

diff --git a/xapian-applications/omega/date.cc 
b/xapian-applications/omega/date.cc
index b142e8fce45c..2f9b34717799 100644
--- a/xapian-applications/omega/date.cc
+++ b/xapian-applications/omega/date.cc
@@ -53,7 +53,7 @@ static void
 format_int_fixed_width(char * p, int v, int w)
 {
 while (--w >= 0) {
-   p[w] = v % 10;
+   p[w] = '0' + (v % 10);
v /= 10;
 }
 }
@@ -63,7 +63,7 @@ date_range_filter(int y1, int m1, int d1, int y2, int m2, int 
d2)
 {
 char buf[10];
 format_int_fixed_width(buf + 1, y1, 4);
-format_int_fixed_width(buf + 1, m1, 2);
+format_int_fixed_width(buf + 5, m1, 2);
 vector v;
 
 int d_last = last_day(y1, m1);
@@ -80,7 +80,7 @@ date_range_filter(int y1, int m1, int d1, int y2, int m2, int 
d2)
}
 } else {
buf[0] = 'M';
-   v.push_back(Xapian::Query(string(buf, 9)));
+   v.push_back(Xapian::Query(string(buf, 7)));
 }
 
 if (y1 == y2 && m1 == m2) {
diff --git a/xapian-applications/omega/omegatest 
b/xapian-applications/omega/omegatest
index 8bbd83942b0b..509b5beeb5e3 100755
--- a/xapian-applications/omega/omegatest
+++ b/xapian-applications/omega/omegatest
@@ -156,6 +156,63 @@ qtestcase 'VALUE_RANGE 0 20141104 20151103~' DATEVALUE=0 
END=20151103 SPAN=365
 # Check that if START, END and SPAN are all passed, START is ignored:
 qtestcase 'VALUE_RANGE 0 20151104 20151106~' DATEVALUE=0 START=19700101 
END=20151106 SPAN=3
 
+# Tests of term-based date range filtering:
+
+qtestcase '((M197001 OR M197002 OR M197003 OR M197004 OR M197005 OR M197006 OR 
M197007 OR M197008 OR M197009 OR M197010 OR M197011 OR M197012 OR Y1971 OR 
Y1972 OR Y1973 OR Y1974 OR Y1975 OR Y1976 OR Y1977 OR Y1978 OR Y1979 OR Y1980 
OR Y1981 OR Y1982 OR Y1983 OR Y1984 OR Y1985 OR Y1986 OR Y1987 OR Y1988 OR 
Y1989 OR Y1990 OR Y1991 OR Y1992 OR Y1993 OR Y1994 OR Y1995 OR Y1996 OR Y1997 
OR Y1998 OR M199901 OR M199902 OR M199903 OR M199904 OR M199905 OR M199906 OR 
M199907 OR M199908 OR M199909 OR M199910 OR M199911 OR M199912) OR Dlatest)' 
END=19991231
+qtestcase '((M197001 OR M197002 OR M197003 OR M197004 OR M197005 OR M197006 OR 
M197007 OR M197008 OR M197009 OR M197010 OR M197011 OR M197012 OR Y1971 OR 
Y1972 OR Y1973 OR Y1974 OR Y1975 OR Y1976 OR Y1977 OR Y1978 OR Y1979 OR Y1980 
OR Y1981 OR Y1982 OR Y1983 OR Y1984 OR Y1985 OR Y1986 OR Y1987 OR Y1988 OR 
M198901 OR M198902 OR M198903 OR M198904 OR M198905 OR M198906 OR M198907 OR 
M198908 OR M198909 OR M198910 OR M198911 OR M198912) OR Dlatest)' END=19891231
+qtestcase '((M197001 OR M197002 OR M197003 OR M197004 OR M197005 OR M197006 OR 
M197007 OR M197008 OR M197009 OR M197010 OR M197011 OR M197012 OR Y1971 OR 
Y1972 OR Y1973 OR M197401 OR M197402 OR M197403 OR M197404 OR M197405 OR 
M197406 OR M197407 OR M197408 OR M197409 OR M197410 OR M197411 OR M197412) OR 
Dlatest)' END=19741231
+qtestcase '((M197001 OR M197002 OR M197003 OR M197004 OR M197005 OR M197006 OR 
M197007 OR M197008 OR M197009 OR M197010 OR M197011 OR M197012 OR Y1971 OR 
Y1972 OR Y1973 OR Y1974 OR Y1975 OR Y1976 OR Y1977 OR Y1978 OR Y1979 OR Y1980 
OR Y1981 OR Y1982 OR Y1983 OR Y1984 OR Y1985 OR Y1986 OR M198701 OR M198702 OR 
M198703 OR M198704 OR M198705 OR M198706 OR M198707 OR M198708 OR M198709) OR 
Dlatest)' END=19870930
+qtestcase '((M197001 OR M197002 OR M197003 OR M197004 OR M197005 OR M197006 OR 
M197007 OR M197008 OR M197009 OR M197010 OR M197011 OR M197012 OR Y1971 OR 
Y1972 OR Y1973 OR Y1974 OR Y1975 OR Y1976 OR Y1977 OR Y1978 OR Y1979 OR Y1980 
OR Y1981 OR Y1982 OR Y1983 OR Y1984 OR Y1985 OR Y1986 OR Y1987 OR Y1988 OR 
Y1989 OR Y1990 OR Y1991 OR Y1992 OR Y1993 OR Y1994 OR Y1995 OR Y1996 OR Y1997 
OR Y1998 OR Y1999 OR Y2000 OR Y2001 OR Y2002 OR Y2003 OR Y2004 OR Y2005 OR 
Y2006 OR Y2007 OR Y2008 OR Y2009 OR Y2010 OR Y2011 OR Y2012 OR Y2013 OR Y2014 
OR M201501 OR M201502 OR M201503 OR M201504 OR M201505 OR M201506 OR M201507 OR 
M201508 OR M201509 OR M201510 OR M201511) OR Dlatest)' END=20151130
+qtestcase '((M197001 OR M197002 OR M197003 OR M197004 OR M197005 OR M197006 OR 
M197007 OR M197008 OR M197009 OR M197010 OR M197011 OR M197012 OR

Bug#855489: lilo-installer: fails in postinst: sfdisk: invalid option -- '1'

2017-02-18 Thread Adam Borowski

Package: lilo-installer
Version: 1.51
Severity: grave
Justification: renders package unusable


(reported by "jim" on #debian-boot)

After choosing LILO rather than GRUB as the boot loader, lilo-installer fails
when invoking sfdisk.

Tested on /dev/vda and /dev/vda1.


A totally untested idea for a patch attached.
>From 227e1812e381be61b40330e372d62348a9e8dd75 Mon Sep 17 00:00:00 2001
From: Adam Borowski 
Date: Sun, 19 Feb 2017 05:43:39 +0100
Subject: [PATCH] Reverse the order of arguments to sfdisk -A, add a space.

During a massive overhaul in util-linux 2.26, sfdisk -A accidentally changed
meaning to --append.  This change was later reverted, but while doing so the
parsing and argument order have changed.
---
 debian/postinst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/debian/postinst b/debian/postinst
index 58ab0ce..f81f89b 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -155,7 +155,7 @@ if (echo "${bootdev}" | grep -v '/c[0-9]d[0-9]$' | grep -q 
'[0-9]$') \
if [ "${RET}" = "true" ]; then
pnum=$(echo ${bootdev} | sed 's/^.*\([0-9]\+\)$/\1/')
echo -n "I: Setting partition to active..." >&2
-   sfdisk -A${pnum} ${disc_offered_devfs}
+   sfdisk --activate ${disc_offered_devfs} ${pnum}
echo "done." >&2
fi
fi
@@ -174,7 +174,7 @@ if [ "${raid_boot}" = no ] && (! fdisk -l 
"$disc_offered_devfs" | grep '^/dev/'
# /boot.
pnum="$(echo "$bootfs" | sed 's/^.*\([0-9]\+\)$/\1/')"
echo -n "I: Setting partition $bootfs to active..." >&2
-   sfdisk -A"$pnum" "$disc_offered_devfs"
+   sfdisk --activate ${disc_offered_devfs} ${pnum}
echo "done." >&2
fi
 fi
-- 
2.11.0

Bug#854658: unblock pre-approval request for gitlab

2017-02-18 Thread Pirate Praveen

On വെള്ളി 17 ഫെബ്രുവരി 2017 12:24 വൈകു, Pirate Praveen wrote:
> Attaching the debdiff (I'll upload it once current version in unstable
> migrates to testing).

gitlab 8.13.11+dfsg-3 is in unstable now.



signature.asc
Description: OpenPGP digital signature

Bug#855324: pdfsam fails to start

2017-02-18 Thread gregor herrmann

On Sat, 18 Feb 2017 18:25:32 -0800, tony mancill wrote:

> Change the value in the  element ~/.pdfsam/config.xml to '1':
> 
> ...
>
>  
>   1
>^
>|
> ...  

After this change, pdfsam starts for me and shows me an empty white
window (or grey-ish) with nothing in it.

On the console I see:

% pdfsam
[warning] /usr/bin/pdfsam: No java runtime was found
=

 pdfsam

  JAVA: java

  JAVA_OPTS: -Xmx256m

  CLASSPATH: 
/usr/share/pdfsam/pdfsam-1.1.4.jar:/usr/share/pdfsam/lib/dom4j.jar:/usr/share/pdfsam/lib/emp4j-1.0.1.jar:/usr/share/pdfsam/lib/itext.jar:/usr/share/pdfsam/lib/jaxen.jar:/usr/share/pdfsam/lib/log4j-1.2.jar:/usr/share/pdfsam/lib/looks.jar:/usr/share/pdfsam/lib/pdfsam-console-2.0.6e.jar:/usr/share/pdfsam/lib/pdfsam-jcmdline-1.0.3.jar:/usr/share/pdfsam/lib/pdfsam-langpack.jar

=

04:39:40,246 INFO  JMainFrame  Starting PDF Split and Merge basic Ver. 1.1.4
04:39:40,299 INFO  Configuration  Loading configuration..
04:39:40,347 INFO  Configuration  Getting language...
04:39:40,406 INFO  Configuration  Setting look and feel...
04:39:40,414 INFO  Configuration  Setting logging level...
04:39:40,415 INFO  Configuration  Logging level set to DEBUG
04:39:40,634 INFO  PlugInsLoader  Split plugin loaded.
04:39:40,667 INFO  PlugInsLoader  Merge/Extract plugin loaded.
04:39:40,927 INFO  JMainFrame  PDF Split and Merge basic Ver. 1.1.4 started in 
677ms
04:39:45,906 DEBUG UpdateManager  Checking if a new version is available.
04:39:46,458 INFO  UpdateCheckerMediator$UpdateChecker  New version available.

(Note the phoning home "feature" at the bottom.)

So there is still a (spurious?) warning at the top, and I have no
idea what I could do with the empty window :)

[The warning indeed disappears with
`JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 pdfsam'.]

Another try with the companion binary:

% pdfsam-console -h
[warning] /usr/bin/pdfsam-console: No java runtime was found
=

 pdfsam console

 available properties:
 pdfsam.log.console.level
 pdfsam.log.file.level
 pdfsam.log.file.filename

  JAVA: java

  JAVA_OPTS: -Dlog4j.configuration=console-log4j.xml

  CLASSPATH: 
:/usr/share/pdfsam/lib/dom4j.jar:/usr/share/pdfsam/lib/emp4j-1.0.1.jar:/usr/share/pdfsam/lib/itext.jar:/usr/share/pdfsam/lib/jaxen.jar:/usr/share/pdfsam/lib/log4j-1.2.jar:/usr/share/pdfsam/lib/looks.jar:/usr/share/pdfsam/lib/pdfsam-console-2.0.6e.jar:/usr/share/pdfsam/lib/pdfsam-jcmdline-1.0.3.jar:/usr/share/pdfsam/lib/pdfsam-langpack.jar

=

04:42:35,502 DEBUG  Console log level set to DEBUG
04:42:35,522 DEBUG  Starting arguments parsing.
java -jar pdfsam-console-2.0.6e.jar - merge, split, mix, setviewer, unpack,
  encrypt, slideshow, decrypt.

Usage: java -jar pdfsam-console-2.0.6e.jar [options] command

where:

command = command to execute {[concat], [split], [encrypt], [mix], [unpack],
  [setviewer], [slideshow], [decrypt]} (required)

and options are:

-?prints usage to stdout; exits (optional)
-hprints usage to stdout; exits (optional)
-help displays verbose help information (optional)
-license  displays license information (optional)
-version  displays command's version (optional)

Option tags are not case sensitive, and may be truncated as long as they remain
unambiguous.  Option tags must be separated from their corresponding values by
whitespace, or by an equal sign.  Boolean options (options that require no
associated value) may be specified alone (=true), or as 'tag=value' where value
is 'true' or 'false'.

And now it gets weird: I tried `DEBUG_WRAPPER=1 pdfsam' several
times, and at more or less each second invocation, I get java
exceptions:

% DEBUG_WRAPPER=1 pdfsam
[warning] /usr/bin/pdfsam: No java runtime was found
=

 pdfsam

  JAVA: java

  JAVA_OPTS: -Xmx256m

  CLASSPATH: 
/usr/share/pdfsam/pdfsam-1.1.4.jar:/usr/share/pdfsam/lib/dom4j.jar:/usr/share/pdfsam/lib/emp4j-1.0.1.jar:/usr/share/pdfsam/lib/itext.jar:/usr/share/pdfsam/lib/jaxen.jar:/usr/share/pdfsam/lib/log4j-1.2.jar:/usr/share/pdfsam/lib/looks.jar:/usr/share/pdfsam/lib/pdfsam-console-2.0.6e.jar:/usr/share/pdfsam/lib/pdfsam-jcmdline-1.0.3.jar:/usr/share/pdfsam/lib/pdfsam-langpack.jar

=

04:47:28,346 INFO  JMainFrame  Starting PDF Split and Merge basic Ver. 1.1.4
04:47:28,398 INFO  Configuration  Loading configuration..
04:47:28,453 INFO  Configuration  Getting language...
04:47:28,558 INFO  Configuration  Setting look and feel...
04:47:28,566 INFO  Configuration  Setting logging level...
04:47:28,568 INFO  Configuration  Logging level set to

Bug#855488: tendermint: FTBFS on ppc64el: consensus test times out (hangs?)

2017-02-18 Thread Aaron M. Ucko

Source: tendermint
Version: 0.8.0+git20170113.0.764091d-2
Severity: important
Justification: fails to build from source

The ppc64el build of tendermint failed, as detailed in
https://buildd.debian.org/status/fetch.php?pkg=tendermint=ppc64el=0.8.0%2Bgit20170113.0.764091d-2=1487432110=0:

  *** Test killed with quit: ran too long (10m0s).
  FAILgithub.com/tendermint/tendermint/consensus  600.013s

Could you please take a look?

Thanks!

-- 
Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org)
http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu

Bug#855487: tendermint: FTBFS (32-bit): TestByzantine index out of range

2017-02-18 Thread Aaron M. Ucko

Source: tendermint
Version: 0.8.0+git20170113.0.764091d-2
Severity: important
Justification: fails to build from source

Thanks for taking care of #854813, which allowed the automatic builds
on arm64 and ppc64 to succeed.  Alas, 32-bit builds (on armel, armhf,
and i386) are still failing -- on i386, for instance, I see

  --- FAIL: TestByzantine (0.12s)
  panic: runtime error: index out of range [recovered]
  panic: runtime error: index out of range
  
  goroutine 14 [running]:
  panic(0x8582780, 0x18c2a028)
  /usr/lib/go-1.7/src/runtime/panic.go:500 +0x331
  testing.tRunner.func1(0x18c6d900)
  /usr/lib/go-1.7/src/testing/testing.go:579 +0x14f
  panic(0x8582780, 0x18c2a028)
  /usr/lib/go-1.7/src/runtime/panic.go:458 +0x40b
  github.com/tendermint/tendermint/consensus.TestByzantine(0x18c6d900)
  
/«BUILDDIR»/tendermint-0.8.0+git20170113.0.764091d/obj-i686-linux-gnu/src/github.com/tendermint/tendermint/consensus/byzantine_test.go:109
 +0x154f
  testing.tRunner(0x18c6d900, 0x8769d30)
  /usr/lib/go-1.7/src/testing/testing.go:610 +0x8c
  created by testing.(*T).Run
  /usr/lib/go-1.7/src/testing/testing.go:646 +0x2a5
  exit status 2
  FAILgithub.com/tendermint/tendermint/consensus  0.237s

from 
https://buildd.debian.org/status/fetch.php?pkg=tendermint=i386=0.8.0%2Bgit20170113.0.764091d-2=1487431593=0

Could you please take a look?

(The consensus test also failed on ppc64el for an apparently unrelated
reason, which I'll report separately.)

Thanks!

-- 
Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org)
http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu

Bug#855486: libkf5purpose-bin: inappropriate install dependency on nodejs for some architectures

2017-02-18 Thread Bob Tracy

Package: libkf5purpose-bin
Version: 1.1-4
Severity: important

Dear Maintainer,

For several architectures, including at least alpha and hppa, there is no
"nodejs" package available.  For those architectures, "libkf5purpose-bin"
has an installation dependency on "nodejs" that needs to be removed.

The above action has supposedly already been taken for "armel", which also
does not have "nodejs" built.

Respectfully,
--Bob


-- System Information:
Debian Release: 9.0
  APT prefers unreleased
  APT policy: (500, 'unreleased'), (500, 'unstable')
Architecture: alpha

Kernel: Linux 4.9.0
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Bug#855485: runPmv script does not work

2017-02-18 Thread Ömer ÖZYILDIRIM

Package: mgltools-pmv
Version: 1.5.7~rc1+cvs.20140424-1

When I try to invoke runPmv script I get an error which I think is about 
Tkinter library.
Here is a transcript:

$ runPmv
Run PMV from  /usr/lib/python2.7/dist-packages/Pmv
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/Pmv/__init__.py", line 381, in runPmv
title=title, withShell= not interactive, verbose=False, gui=gui)
  File "/usr/lib/python2.7/dist-packages/Pmv/moleculeViewer.py", line 1026, in 
__init__
trapExceptions=trapExceptions)
  File "/usr/lib/python2.7/dist-packages/ViewerFramework/VF.py", line 387, in 
__init__
verbose=verbose)
  File "/usr/lib/python2.7/dist-packages/ViewerFramework/VFGUI.py", line 444, 
in __init__
verbose=verbose,guiMaster=VIEWER_root,)
  File "/usr/lib/python2.7/dist-packages/DejaVu/Viewer.py", line 586, in 
__init__
cnf=cnf, **kw)
  File "/usr/lib/python2.7/dist-packages/DejaVu/Viewer.py", line 285, in 
AddCamera
c = classCamera(master, screenName, self, num, cnf=cnf, **kw)
  File "/usr/lib/python2.7/dist-packages/DejaVu/Camera.py", line 2189, in 
__init__
self.AddTrackball()
  File "/usr/lib/python2.7/dist-packages/DejaVu/Camera.py", line 2583, in 
AddTrackball
self.trackball = Trackball(self, size, rscale, tscale, sscale, renorm )
  File "/usr/lib/python2.7/dist-packages/DejaVu/Trackball.py", line 88, in 
__init__
self.createSpinGui()
  File "/usr/lib/python2.7/dist-packages/DejaVu/Trackball.py", line 726, in 
createSpinGui
callback=self.setWithSpinGui,
  File 
"/usr/lib/python2.7/dist-packages/mglutil/gui/BasicWidgets/Tk/vector3DGUI.py", 
line 90, in __init__
self.createEntries(self.frame)
  File 
"/usr/lib/python2.7/dist-packages/mglutil/gui/BasicWidgets/Tk/vector3DGUI.py", 
line 360, in createEntries
self.f.grid(column=3, rowspan=3)
  File "/usr/lib/python2.7/lib-tk/Tkinter.py", line 2022, in grid_configure
+ self._options(cnf, kw))
TclError: cannot use geometry manager grid inside 
.139781089293520.139781089294024.139781017157144.139781017220880 which already 
has slaves managed by pack


I am using Debian GNU/Linux 8.7, kernel 3.16.0-4-amd64
and python 2.7.9-1

Bug#855324: pdfsam fails to start

2017-02-18 Thread tony mancill

On Fri, Feb 17, 2017 at 12:30:47PM +0100, Philip Rinn wrote:
> If you could point me to some document or tell me how to debug further, I'm
> willing to so but I need some guidance...

Hi Philip,

As a work-around, would you mind trying to following to see if it
resolves the problem for you?

Change the value in the  element ~/.pdfsam/config.xml to '1':

...

  1
   ^
   |
...  

It is set to '5' in the upstream sources here [1], which corresponds to
the PlasticXP LAF (Look And Feel), and the Debian packaging uses the
upstream template config as-is.  I'm not yet clear on why that LAF is
broken for pdfsam in Debian right now, but I believe it may be a more
general issue with Swing apps using that LAF.  The mapping of LAFs known
to pdfsam can be found in [2].

If you get a chance to test and report back, that would be helpful.

Thank you,
tony

[1] 
https://sources.debian.net/src/pdfsam/1.1.4-2/template-basic-1/config.xml/#L12 
[2] 
https://sources.debian.net/src/pdfsam/1.1.4-2/pdfsam-maine-br1/src/java/org/pdfsam/guiclient/utils/ThemeUtility.java/#L83-L91

signature.asc
Description: PGP signature

Bug#855484: unbound: Missing trust anchor for root KSK-2017 key

2017-02-18 Thread Robert Edmonds

Package: unbound
Version: 1.6.0-2
Severity: serious
Justification: package maintainer's opinion

Hi,

I'd like to update the DNSSEC root trust anchor embedded in the
unbound-anchor utility. This is used to bootstrap DNSSEC trust for the
unbound DNS server. The current trust anchor is for the 2010 DNSSEC KSK,
which is scheduled to be replaced this year and retired in 2018
(https://www.icann.org/resources/pages/ksk-rollover).

Upstream svn commit r4000 (post-1.6.0), attached for review, updates
unbound-anchor to include the additional trust anchor.

An unbound server that was offline during the KSK rollover can still
obtain the 2017 KSK securely by using unbound-anchor's out-of-band
fallback mechanism based on HTTP and S/MIME, but by including the trust
anchor for the 2017 key in the unbound package that ships with stretch
we can avoid having this rarely used code path exercised.

-- 
Robert Edmonds
edmo...@debian.org
From eae8248dd18575b06eb4f899bf9485734a1b8cec Mon Sep 17 00:00:00 2001
From: wouter 
Date: Tue, 7 Feb 2017 15:22:31 +
Subject: [PATCH] - Include root trust anchor id 20326 in unbound-anchor.

git-svn-id: http://unbound.nlnetlabs.nl/svn/trunk@4000 be551aaa-1e26-0410-a405-d3ace91eadb9
---
 doc/Changelog | 3 +++
 smallapp/unbound-anchor.c | 5 -
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/doc/Changelog b/doc/Changelog
index 6564b8e1..9831607e 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+7 February 2017: Wouter
+	- Include root trust anchor id 20326 in unbound-anchor.
+
 6 February 2017: Wouter
 	- Fix compile on solaris of the fix to use $host detect.
 
diff --git a/smallapp/unbound-anchor.c b/smallapp/unbound-anchor.c
index 68ff3ccc..2828088d 100644
--- a/smallapp/unbound-anchor.c
+++ b/smallapp/unbound-anchor.c
@@ -241,7 +241,10 @@ static const char*
 get_builtin_ds(void)
 {
 	return
-". IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5\n";
+/* anchor 19036 is from 2010 */
+/* anchor 20326 is from 2017 */
+". IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5\n"
+". IN DS 20326 8 2 E06D44B80B8F1D39A95C0B0D7C65D08458E880409BBC683457104237C7F8EC8D\n";
 }
 
 /** print hex data */
-- 
2.11.0



signature.asc
Description: PGP signature

Bug#855262: Set System Encoding as UTF-8

2017-02-18 Thread tony mancill

On Thu, Feb 16, 2017 at 03:28:20PM +0800, 殷啟聰 wrote:
> Package: gradle-debian-helper
> Version: 1.5.1
> Severity: wishlist
> 
> On Debian Buildd the default encoding on Java is usually not UTF-8,
> which results in compilation failure on source files containing CJK
> symbols or even a "©".
> 
> Currently we need to add `-Dfile.encoding=UTF-8` to
> `override_dh_auto_build`. Why not let gradle-debian-helper do it?
> 
> Looks like javadoc does not recognize this variable, we may need to
> configure it in the plugin as well.

Thank you for the bug report and +1 for the idea of using a consistent
default encoding for all of the tools in the Java toolchain.  This has
bitten us more than once.

(And time for me to start learning how to hack on g-d-h.)


signature.asc
Description: PGP signature

Bug#836609: [Pkg-mozext-maintainers] Bug#836609: nostalgy: please make the build reproducible

2017-02-18 Thread Sean Whitton

Hello Chris,

On Sun, Feb 19, 2017 at 11:05:34AM +1300, Chris Lamb wrote:
> > Would you consider applying this patch and uploading?
> 
> Friendly ping on this :)

It would surely be inadvisable to upload this to unstable during the freeze.

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#830207: Next try

2017-02-18 Thread Rolf Leggewie

On 19.02.2017 04:12, David Rabel wrote:
> I was just thinking: Do we have to add a paragraph in debian/copyright
> for files we delete with debian/clean?

Yes, absolutely.  The only other option is to create a separate
dfsg-free upstream tarball and strip the relevant files from that tarball.

In your case, of course, you might also use your upstream powers and
consider to drop the file upstream depending on whether or not it should
be shipped in upstream releases.

Bug#824506: Issues with GTK

2017-02-18 Thread Yuri D'Elia

Please close this, I'm reporting it upstream.

Bug#848913: libeigen3-doc

2017-02-18 Thread Yuri D'Elia

Sorry, never got this message since I wasn't cc-ed.
Got around it now as I'm re-checking my reports.

Yes, I'm sorry about this. It was an issue with my mirror.
The package is clearly fine.

You can close,
Thanks!

Bug#830207: Next try

2017-02-18 Thread Rolf Leggewie

Good morning David,

On 19.02.2017 03:59, David Rabel wrote:
> Hi Rolf,
>
> a general question: Are you OK with the way I commit every step in git
> or would you prefer that I clean up the history a little bit before pushing?

Whatever you think makes most sense.  Your style looks absolutely fine
to me.

>> I am sure Osmo did not intend to release as public domain.
> What you actually say is: IF we leave it as it is, the worst case is
> that the software could be public domain.

No.  The software has whatever license it has.  We are just documenting
what that is.  While doing this due diligence we might actually find out
that the license as stated is not what the author intended (a license
bug if that's how you want to look at it).  Debian is doing this to
guarantee to its users that all software complies with DFSG and thus the
users do not have to do this work.  Again, there really is no way around
this.

I am not sure that debian/copyright is currently complete, yet. 
"licensecheck -r" lists quite a few files under LGPL license for example
and "rgrep -i copyright ." gives a lot more names than currently
documented.  There's still work to be done here.

> We could drop the file, we just would have to run intltoolize before
> the build process. I was not quite sure how to do it.

It is already being done in line 18 of the current debian/rules file via
"--with autoreconf".  So, at least for Debian it seems that file (and
possibly others) is not necessary and will be replaced during the build
anyhow.

dh-autoreconf is a superset of autotools-dev and thus I pushed an
untested fix to the rl-wip branch on github.  Feel free to cherry-pick
after verification.

The Depends and Build-Depends lines look surprisingly long.  Why do you
have so many explicit runtime dependencies in Depends?  Isn't this
picked up automatically by ${misc:Depends} and ${shlibs:Depends}?  If
necessary this can be fixed later, but it struck me as odd when I
stumbled upon it now.

Thanks again for your work.

Regards

Rolf

Bug#826581: Issues on broadwell

2017-02-18 Thread Yuri D'Elia

Starting with 4.8 kernels, booting with i915.enable_rc6=0 fixes this
issue for me, including several other random crashes that were occurring
without apparent reason.

I guess it would be proper to move this report against one of the
current kernel images, since the problem still persists on current sid
kernels.

Bug#854496: python-qtpy: FTBFS randomly (failing tests)

2017-02-18 Thread Ghislain Vaillant

On Mon, 2017-02-13 at 19:42 +0100, Santiago Vila wrote:
> > As far as this bug is concerned, all I can do is tag it for help, since
> > I have no clue how to make any sort of progress. If yourself or someone
> > else finds a fix for it, I will happily incorporate the corresponding
> > patches.
> 
> A closer look tells me that this is not really random.
> 
> Instead, it always fails on the fast machines I have, and never on the
> slower ones. When it fails, we can see this in the build log:
> 
> tests/test_uic.py Aborted
> 
> so I tried "ulimit -c unlimited" before "dpkg-buildpackage -uc -us -b"
> and this was the result:
> 
> https://people.debian.org/~sanvila/python-qtpy/python-qtpy-1.2.1.build.tar.gz
> 
> This is the whole build tree, including the "core" file that was generated
> by the python interpreter, so in addition to the help tag, I would also:
> 
> a) disable tests/test_uic.py until further notice, as we don't know
> why it fails.

Well, it sounds like an environment related issue. The fact that it
builds correctly both on the builders and locally, and tests fine on
both debci (which runs the very same test suite) and upstream travis
hints me towards this conclusion.

Also, looking at the current logs in reproducible builds, the execution
of the tests is aborted (timeout?), not marked as FAILED, which is a
sign that the failure of the tests is triggered by something external.

Actually, the termination of the tests does not systematically happen
at `tests/test_uic.py` (at `tests/test_patch_qheaderview.py` on amd64,
at `tests/test_patch_qcombobox.py` on arm64). So, the solution you
proposed would not solve what is happening on reproducible builds.

> b) forward the bug upstream so that the author investigates about it.

Done. Upstream is clueless, unsurprisingly.

Bug#855399: debian-installer: EXTRAFILES copies all parent directories and does not copy directories

2017-02-18 Thread Cyril Brulebois

Hi,

Tshepang Lekhonkhobe  (2017-02-17):
> Adding 'EXTRAFILES = ~/foo/bar/baz' to config/local resulted in
> /home/tshepang/foo/bar directory initrd.
> Also, if 'baz' is a directory, it did not get copied.

Please note it's called EXTRA*FILES* so I'm not really surprised that it
works on files instead of on directories… Anyway, you could just put the
files you need in the build/ directory, that works well with:

EXTRA_FILES = foo/bar/baz/*

If you have several levels, you can use this instead:

EXTRAFILES = `find foo -type f`

If anything, I think we should improve (as in: write) documentations in
build/README instead of changing a long standing behaviour which might
be relied on.

By the way, this patch seems to be reversed:
> diff --git a/build/Makefile b/build/Makefile
> index 88ccad9fd..8f87b1559 100644
> --- a/build/Makefile
> +++ b/build/Makefile
> @@ -400,8 +400,8 @@ ifdef EXTRAFILES
>   # Copy in any extra files.
>   set -e; \
>   for file in $(EXTRAFILES); do \
> - mkdir --parents $(TREE); \
> - cp --archive --recursive $$file $(TREE); \
> + mkdir -p $(TREE)/`dirname $$file`; \
> + cp -a $$file $(TREE)/$$file; \
>   done
>  endif


KiBi.


signature.asc
Description: Digital signature

Bug#854488: missing dependency

2017-02-18 Thread VA


reopen 854488
thanks

Hello,

I started thunderbird and got anxious seeing it was taking more than 30 
seconds. After some investigation by running htop, I saw it was 
migrating my profile, but it was unexpected.


I searched a bit and stumbled upon this bug report. However, I didn't 
get any message.
Judging 
https://anonscm.debian.org/cgit/pkg-mozilla/icedove.git/tree/debian/thunderbird-wrapper.sh?h=debian/sid 
I guess it's because I'm running xfce, but zenity is not installed by 
xfce...
Either zenity should be added as a dependency, or the migration script 
should rather check which message box tool is installed and run that 
one, instead of the most cosmetic - yet unavailable - tool.

Bug#852361: jessie-pu: package initramfs-tools/0.120+deb8u3

2017-02-18 Thread Adam D. Barratt

Control: tags -1 + pending

On Sat, 2017-01-28 at 12:00 +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Mon, 2017-01-23 at 20:50 +, Ben Hutchings wrote:
> > - Boot failure due to missing drivers on some (mostly ARM-based) systems
> >   (#762634, #825687).  This doesn't just appear immediately after
> >   installation but may also appear as a regression when upgrading the
> >   kernel to a new upstream version, due to added cross-device
> >   dependencies.
> > - Boot failure to missing keyboard driver for a less common keyboard
> >   interface (#639876).  This makes cryptsetup and the initramfs panic
> >   shell unusable.  The fix for this resulted in a new warning message
> >   (similar to #792910) so I want to include the fix for that as well.
> > - Missing fsck of root and /usr if initramfs-tools was installed in a
> >   chroot without /proc mounted (#845581).  This affects all images
> >   built with vmdebootstrap until something triggers an initramfs
> >   rebuild.
> 
> Please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Bug#841875: better message for build-dep error

2017-02-18 Thread Manuel A. Fernandez Montecelo


Control: tags -1 + pending


2016-10-24 04:21 積丹尼 Dan Jacobson:

Package: aptitude
Version: 0.8.3-1+b1
Severity: wishlist
File: /usr/bin/aptitude-curses

Please use a message like apt-get does.
# aptitude build-dep linux
Unable to find the source package for "linux"
Unable to apply some actions, aborting
# apt-get build-dep linux
Reading package lists... Done
E: You must put some 'source' URIs in your sources.list


Fixed, marking as +pending.

Thanks.

--
Manuel A. Fernandez Montecelo

Bug#854449: [Pkg-dns-devel] Bug#854449: dns-root-data: New root keys and hint file changes

2017-02-18 Thread Robert Edmonds

Christian Hofstaedtler wrote:
> Dear Maintainers,
> 
> IANA has published new hint files and new root keys.
> It'd be good if those would be updated for stretch.

Hi,

I've pushed a branch KSK-2017 to the dns-root-data repository that
partially(?) addresses this:

https://anonscm.debian.org/cgit/pkg-dns/dns-root-data.git/log/?h=KSK-2017

This branch causes the package to ship the two DS records in the root.ds
file, but I'm not sure if we should also be shipping two DNSKEY records
in the root.key file? (I wasn't able to get unbound-anchor to produce
two DNSKEY records.)

Also, I updated the hints root.hints file (which also closes #818291).

Ondřej, can you review?

(All the commits on that branch should be signed with my PGP key.)

-- 
Robert Edmonds
edmo...@debian.org

signature.asc
Description: PGP signature

Bug#855483: installation-reports: report against the installation-reports

2017-02-18 Thread Tim V

Package: installation-reports
Severity: normal

Package: installation-reports

Boot method: CD
Image version: http://cdimage.debian.org/cdimage/stretch_di_rc2/amd64/iso-
cd/debian-stretch-DI-rc2-amd64-netinst.iso

Date: Feb 16 2017 18:04:06

Machine: hp dv7 3085dx
Processor: Intel® Core™ i7 CPU Q 720 @ 1.60GHz × 8
Memory: 6 GB

Partitions:
Model: ATA ST9500420AS (scsi)
Disk /dev/sda: 500GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:
Number  Start   EndSizeType  File system Flags
 1  1049kB  210MB  209MB   primary   ntfsboot
 2  210MB   131GB  130GB   primary   ntfs
 3  131GB   260GB  129GB   primary   ext4
 4  260GB   500GB  240GB   extended
 5  260GB   261GB  1074MB  logical   linux-swap(v1)
 6  261GB   500GB  239GB   logical   ntfs


Output of lspci -nn:

00:00.0 Host bridge [0600]: Intel Corporation Core Processor DMI [8086:d132]
(rev 11)
00:03.0 PCI bridge [0604]: Intel Corporation Core Processor PCI Express Root
Port 1 [8086:d138] (rev 11)
00:08.0 System peripheral [0880]: Intel Corporation Core Processor System
Management Registers [8086:d155] (rev 11)
00:08.1 System peripheral [0880]: Intel Corporation Core Processor Semaphore
and Scratchpad Registers [8086:d156] (rev 11)
00:08.2 System peripheral [0880]: Intel Corporation Core Processor System
Control and Status Registers [8086:d157] (rev 11)
00:08.3 System peripheral [0880]: Intel Corporation Core Processor
Miscellaneous Registers [8086:d158] (rev 11)
00:10.0 System peripheral [0880]: Intel Corporation Core Processor QPI Link
[8086:d150] (rev 11)
00:10.1 System peripheral [0880]: Intel Corporation Core Processor QPI Routing
and Protocol Registers [8086:d151] (rev 11)
00:1a.0 USB controller [0c03]: Intel Corporation 5 Series/3400 Series Chipset
USB2 Enhanced Host Controller [8086:3b3c] (rev 05)
00:1b.0 Audio device [0403]: Intel Corporation 5 Series/3400 Series Chipset
High Definition Audio [8086:3b56] (rev 05)
00:1c.0 PCI bridge [0604]: Intel Corporation 5 Series/3400 Series Chipset PCI
Express Root Port 1 [8086:3b42] (rev 05)
00:1c.1 PCI bridge [0604]: Intel Corporation 5 Series/3400 Series Chipset PCI
Express Root Port 2 [8086:3b44] (rev 05)
00:1c.4 PCI bridge [0604]: Intel Corporation 5 Series/3400 Series Chipset PCI
Express Root Port 5 [8086:3b4a] (rev 05)
00:1c.7 PCI bridge [0604]: Intel Corporation 5 Series/3400 Series Chipset PCI
Express Root Port 8 [8086:3b50] (rev 05)
00:1d.0 USB controller [0c03]: Intel Corporation 5 Series/3400 Series Chipset
USB2 Enhanced Host Controller [8086:3b34] (rev 05)
00:1e.0 PCI bridge [0604]: Intel Corporation 82801 Mobile PCI Bridge
[8086:2448] (rev a5)
00:1f.0 ISA bridge [0601]: Intel Corporation PM55 Chipset LPC Interface
Controller [8086:3b03] (rev 05)
00:1f.2 SATA controller [0106]: Intel Corporation 5 Series/3400 Series Chipset
6 port SATA AHCI Controller [8086:3b2f] (rev 05)
00:1f.3 SMBus [0c05]: Intel Corporation 5 Series/3400 Series Chipset SMBus
Controller [8086:3b30] (rev 05)
01:00.0 VGA compatible controller [0300]: NVIDIA Corporation GT216M [GeForce GT
230M] [10de:0a28] (rev a2)
01:00.1 Audio device [0403]: NVIDIA Corporation GT216 HDMI Audio Controller
[10de:0be2] (rev a1)
02:00.0 Network controller [0280]: Intel Corporation PRO/Wireless 5100 AGN
[Shiloh] Network Connection [8086:4237]
03:00.0 Ethernet controller [0200]: Realtek Semiconductor Co., Ltd.
RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller [10ec:8168] (rev 03)
04:00.0 FireWire (IEEE 1394) [0c00]: JMicron Technology Corp. IEEE 1394 Host
Controller [197b:2380]
04:00.1 System peripheral [0880]: JMicron Technology Corp. SD/MMC Host
Controller [197b:2382]
04:00.2 SD Host controller [0805]: JMicron Technology Corp. Standard SD Host
Controller [197b:2381]
04:00.3 System peripheral [0880]: JMicron Technology Corp. MS Host Controller
[197b:2383]
04:00.4 System peripheral [0880]: JMicron Technology Corp. xD Host Controller
[197b:2384]
ff:00.0 Host bridge [0600]: Intel Corporation Core Processor QuickPath
Architecture Generic Non-Core Registers [8086:2c52] (rev 04)
ff:00.1 Host bridge [0600]: Intel Corporation Core Processor QuickPath
Architecture System Address Decoder [8086:2c81] (rev 04)
ff:02.0 Host bridge [0600]: Intel Corporation Core Processor QPI Link 0
[8086:2c90] (rev 04)
ff:02.1 Host bridge [0600]: Intel Corporation Core Processor QPI Physical 0
[8086:2c91] (rev 04)
ff:03.0 Host bridge [0600]: Intel Corporation Core Processor Integrated Memory
Controller [8086:2c98] (rev 04)
ff:03.1 Host bridge [0600]: Intel Corporation Core Processor Integrated Memory
Controller Target Address Decoder [8086:2c99] (rev 04)
ff:03.4 Host bridge [0600]: Intel Corporation Core Processor Integrated Memory
Controller Test Registers [8086:2c9c] (rev 04)
ff:04.0 Host bridge [0600]: Intel Corporation Core Processor Integrated Memory
Controller Channel 0 Control Registers [8086:2ca0] (rev 04)
ff:04.1 Host bridge [0600]: Intel Corporation Core Processor Integrated

Bug#836458: [pkg-gnupg-maint] Bug#836458: Cannot edit key stored with an empty passphrase

2017-02-18 Thread Yuri D'Elia

On Sat, Sep 03 2016, Werner Koch wrote:
> I just tried this:
>
>   gpg  --edit-key some_key_with_no_passphrase
>
> At the prompt, I set a new passphrase using the "passwd" command.  A bit
> annoying is that you need to repeat it for the subkey.  Next I used
> "passwd" again and entered an empty passphrase.  I had to confirm that I
> really want an empty one ("Yes, no protection needed") but then I got my
> passphrase less key back.  FWIW, I am using the standard Gtk+ Pinentry,

I refreshed my setup a week ago, and started with a fresh environment
where I re-imported my existing keys and attempted to create new ones.

I cannot reproduce this issue with the current gpg, so I apologize for
the noise. Maybe there was some issue on my part.

Please close.

Thanks.

Bug#854923: busybox: "sed -i" bug corrected in version 1.23.0

2017-02-18 Thread Cyril Brulebois

Hi,

Cyril Chaboisseau  (2017-02-18):
> Fine, but busybox will eventually be upgraded to a newer stable version
> at some point, or it will suffer from old/buggy version with potential
> security holes
> if not, it means that on the long run it will be very difficult to
> cherry-pick those security patches and the project wil not benefit from
> new features and improvements

I'm not disputing that, and that's why I mentioned in my first reply
that I called for help so that others give a hand and get a new upstream
packaged.

> as for bug #854924, don't you think it would have never occured if a
> newer version of busybox were installed? (after 1.23 at least)

With a newer sed (that is: including the fix you linked to), sed -i
would fail because of a missing file to work on, and would have broken
the installation process instead of generating a file with strange
permissions. That's why I mentioned we need to guard the sed call with a
test on its existence. In other words, the fix pushed for #854924 was
needed either way.


KiBi.


signature.asc
Description: Digital signature

Bug#855004: RM: swi-prolog [mips] -- ROM; dropped building of swi-prolog-java on mips due to FTBFS

2017-02-18 Thread Adam D. Barratt

On Thu, 2017-02-16 at 10:41 +0100, Emilio Pozuelo Monfort wrote:
> ftp-masters don't handle removals from testing/stable/oldstable, that's done 
> by
> the release team, so I'm not sure why reportbug has that in the template...
> maybe it should redirect the bugs to release.debian.org if you choose one of
> those suites...

It at least makes sure {,old}stable bugs are seen by -release:

if suite not in ('testing', 'unstable', 'experimental'):
headers.append('X-Debbugs-CC: debian-rele...@lists.debian.org')
ui.log_message('Your report will be carbon-copied to 
debian-release.\n')

I'm not sure why that list includes testing, however - nor how simple
having reportbug change the package name at that point would be.

Regards,

Adam

Bug#855482: audacity: data lost when saved (but still opened) project is removed

2017-02-18 Thread Reiner Herrmann

Package: audacity
Version: 2.1.2-2
Tags: upstream

Dear maintainer,

I noticed that Audacity loses recorded audio when a saved project is removed 
from
the filesystem, even though it is still open.
It happened to me when I wanted to export something as an audio file, but 
accidentally saved
the Audacity project. So I removed it again, and tried to export it again.
I would expect that this still succeeds, as the project is still opened and the 
data should
still be in memory; and it also still displayed the waveform of the tracks.

To reproduce:
- Record something.
- File -> Save Project
  (Until now playing back the recording or exporting it is still working fine.)
- Remove the recorded project again from the filesystem (but keep Audacity 
open).
  The track/waveform is now still visible in Audacity, but when played back, it 
only plays silence.
  When trying to export the audio, the file (e.g. wav) has the correct length 
(the same as in the
  recording), but contains only silence.

Kind regards,
  Reiner


signature.asc
Description: Digital signature

Bug#852820: closed by Guillem Jover <guil...@debian.org> (Bug#852820: fixed in dpkg 1.18.21)

2017-02-18 Thread Iain Lane

On Thu, Feb 16, 2017 at 11:11:58AM +, Iain Lane wrote:
> Otherwise, maybe in autopkgtest we could add a 'fail fast' mode that
> checks all the restrictions against the features in the selected runner
> and reports via a new exit code if they can't all be run. I'm not sure
> what kind of overhead we'd be talking about here in the failure case,
> but definitely more than being able to DTRT off the bat.

No, you see, this one would also fall foul of the original problem if
it's used for asking the question "are there any tests here that I can't
run?", which is what I would want to use it for. That is unless this
mode ignores tests which are skipped due to specifying unknown
restrictions.

Cheers,

-- 
Iain Lane  [ i...@orangesquash.org.uk ]
Debian Developer   [ la...@debian.org ]
Ubuntu Developer   [ la...@ubuntu.com ]

signature.asc
Description: PGP signature

Bug#842219: mention how to clean up if one doesn't need those build-depends anymore

2017-02-18 Thread Manuel A. Fernandez Montecelo


Control: tags -1 + wontfix
Control: close -1


2016-10-27 06:04 積丹尼 Dan Jacobson:

Package: aptitude
Version: 0.8.3-1+b1
Severity: wishlist
File: /usr/share/man/man8/aptitude-curses.8.gz

We read

  build-depends, build-dep
  Satisfy the build-dependencies of a package. Each package name may
  be a source package, in which case the build dependencies of that
  source package are installed; otherwise, binary packages are found
  in the same way as for the "install" command, and the
  build-dependencies of the source packages that build those binary
  packages are satisfied.

  If the command-line parameter --arch-only is present, only
  architecture-dependent build dependencies (i.e., not
  Build-Depends-Indep or Build-Conflicts-Indep) will be obeyed.

OK but then mention what command(s) can then remove all those packages
that got installed so that we are back at the state where we were before
using build-depends.


Well, as explained there, the packages are installed in the same way
that all installs, it's just "resolving" which packages need to be
installed what this command brings to the table.

So the usual methods for uninstalling apply, only that one needs to
either pay attention to the screen or look at the install logs to
uninstall the installed packages.

I don't think that a special way to uninstall these dependencies will
ever be created, so closing this report as +wontfix.

(And as explained many times in other similar bug requests, installing
and uninstalling doesn't leave the system in the same state / with the
same packages, mostly because of recommends and other details like the
constantly evolving state of the repositories.)


Cheers.
--
Manuel A. Fernandez Montecelo

Bug#855458: libssl1.0-dev: Development environment is incomplete w/o openssl tool

2017-02-18 Thread Bjarni Runar Einarsson

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi Sebastian,

My problem was just Pound - I'm just a user when it comes to
these tools.

I do not know how widespread this problem is or how common it is
for projects to use openssl dhparam -C during their build process
(as opposed to running it once and including the output in their
a source distribution). I performed a few quick searches and
found some examples - but not many.

The more I think about it, the more disappointed I am that
OpenSSL upstream don't feel it's worth their while to simply make
their code generator backwards compatible. But it's not my call.

I don't know how much effort is justified here, I just wanted to
be sure it was on your radar. Thank you for considering my
report.

Cheers,
 - Bjarni

Sebastian Andrzej Siewior  wrote:
> On 2017-02-18 15:23:02 [+], Bjarni R. Einarsson wrote:
> > When trying to build Pound against libssl1.0, the build fails because
> > Pound uses the openssl tool to generate C code containing DH parameters
> > (openssl dhparam -C ...).
> > 
> > The system-wide openssl on Debian testing is from OpenSSL 1.1, and
> > generates C code which is incompatible with OpenSSL 1.0. As a result it
> > is impossible to build some software (Pound) against OpenSSL 1.0 in
> > spite of having installed libssl1.0-dev.
> 
> Is you problem just pound? If so I'm not going to introduce
> openssl for 1.0.2 just for that. pound is on my list of things
> to do so it will be fixed shortly. I am not yet sure what I
> will do but something will be done…
> 
> Sebastian

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEcBAEBAgAGBQJYqMgHAAoJEI4ANxYAz5SRv6wH/RZt6UJsqw+N9JYuYRBdI6qq
7c/VBUKkcBoF+WTjZbG4GCl9+pBye52YbWMhpNp2mA0C+rs4wZ/aFgEIuMBzPplf
QVIH25AXh873lv+1sI0Yju7XGaTuNkntbYRfx5DgxUUkxBZzydZC2c2DbUoj0Wdi
vK2J4DULYgfD19g0F2rRdgpHCh+ufDntwq7y3evKtWSJoQpyatV3froGWYOA7tG3
BsnDySPQanxz3X0FkDEAyP53ZKh2bosHgTJ3xe9aJECZlhUWEzgKc5bqLHSwOwf6
kXqyw4JXugieREdUtRr8A0RNhaoPUTlU77ccSdFzHEQRBedza/UH/Nw3AA7f+jQ=
=mxao
-END PGP SIGNATURE-

Bug#831858: aptitude sets already auto-installed packages as manually installed

2017-02-18 Thread Manuel A. Fernandez Montecelo


Control: tags 831858 + pending


Hi,

2016-07-20 11:27 Vincent Lefevre:

Package: aptitude
Version: 0.8.1-1
Severity: normal

After installing packages (having dependencies) with "apt" and running
aptitude, aptitude sometimes changes the auto-installed dependencies
to manually installed in the /var/lib/apt/extended_states file.

To reproduce, the problem, I did the following:
[...]


Thanks for the clear case.



At this time, the "automatic" packages are marked as auto-installed
in /var/lib/apt/extended_states, i.e. with "Auto-Installed: 1".

But just after running aptitude as root with no arguments (just to
get the UI), for the above "automatic" packages, the Auto-Installed
field is changed to "Auto-Installed: 0".



2017-01-31 20:06 Piotr Jurkiewicz:

I also encountered this bug on Stretch with aptitude 0.8.4-1.

In my case it can be reproduced even simpler:
[...]


Same.


I think that this is the same problem as #841347, not merging just in
case, but I just commited a fix for this, so marking as pending.


Cheers.
--
Manuel A. Fernandez Montecelo

Bug#855343: thunderbird: AppArmor profile contains faulty characters (Syntax Error)

2017-02-18 Thread Reiner Herrmann

Control: tags -1 + patch security
Control: severity -1 serious
Justification: Breaks security feature

I can confirm that there are invalid characters in the included
AppArmor profile (it looks like they were copy from an editor
which highlights whitespaces).
Because of that it can no longer be loaded, so the AppArmor protection
is no longer working for Thunderbird.

Please include Kevin's fix in stretch.


signature.asc
Description: Digital signature

Bug#855481: RM: granule-manual/1.1.0+dfsg-2

2017-02-18 Thread Sandro Tosi

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm

please remove granule-manual from testing as it provides documentation for
granule, which is not in stretch (cfr 854196 for granule-manual and 805203 for
granule)

thanks

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#855480: examl: FTBFS with bash as /bin/sh

2017-02-18 Thread Chris Lamb

Source: examl
Version: 3.0.18-1
Severity: serious
Tags: patch
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Dear Maintainer,

examl fails to build from source in unstable/amd64 when 
/bin/sh is set to bash:

  […]

  dh_auto_clean
  for mfile in Makefile.AVX.gcc Makefile.OMP.AVX.gcc Makefile.OMP.SSE3.gcc 
Makefile.SSE3.gcc; do /usr/bin/make --directory=examl -f ${mfile} clean ; done
  make[2]: Entering directory '«BUILDDIR»/examl'
  rm -f *.o examl-AVX
  make[2]: Leaving directory '«BUILDDIR»/examl'
  make[2]: Entering directory '«BUILDDIR»/examl'
  rm -f *.o examl-OMP-AVX
  make[2]: Leaving directory '«BUILDDIR»/examl'
  make[2]: Entering directory '«BUILDDIR»/examl'
  rm -f *.o examl-OMP
  make[2]: Leaving directory '«BUILDDIR»/examl'
  make[2]: Entering directory '«BUILDDIR»/examl'
  rm -f *.o examl
  make[2]: Leaving directory '«BUILDDIR»/examl'
  /usr/bin/make --directory=parser -f Makefile.SSE3.gcc clean ; done
  /bin/sh: -c: line 0: syntax error near unexpected token `done'
  /bin/sh: -c: line 0: `/usr/bin/make --directory=parser -f Makefile.SSE3.gcc 
clean ; done'
  debian/rules:15: recipe for target 'override_dh_auto_clean' failed
  make[1]: *** [override_dh_auto_clean] Error 1
  make[1]: Leaving directory '«BUILDDIR»'
  debian/rules:12: recipe for target 'clean' failed
  make: *** [clean] Error 2
  dpkg-buildpackage: error: fakeroot debian/rules clean gave error exit status 2

  […]

Patch attached.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-


examl.3.0.18-1.unstable.amd64.log.txt.gz
Description: Binary data
diff --git a/debian/rules b/debian/rules
index 84fa450..ad28a42 100755
--- a/debian/rules
+++ b/debian/rules
@@ -14,9 +14,9 @@ SRCDIR:=examl
 override_dh_auto_clean:
dh_auto_clean
for mfile in $(MFILES); do $(MAKE) --directory=$(SRCDIR) -f $${mfile} 
clean ; done
-   $(MAKE) --directory=parser -f Makefile.SSE3.gcc clean ; done
+   $(MAKE) --directory=parser -f Makefile.SSE3.gcc clean
 
 override_dh_auto_build:
dh_auto_build
for mfile in $(MFILES); do $(MAKE) --directory=$(SRCDIR) -f $${mfile} ; 
done
-   $(MAKE) --directory=parser -f Makefile.SSE3.gcc ; done
+   $(MAKE) --directory=parser -f Makefile.SSE3.gcc

Bug#852746: beignet+mesa-opencl-icd crash if installed together

2017-02-18 Thread Rebecca N. Palmer


Control: tags -1 patch

Statically linking to LLVM (see attached) fixes this bug, but I'm not 
sure yet whether we want to do that.
diff --git a/debian/control b/debian/control
index cb2623c..a04fa1e 100644
--- a/debian/control
+++ b/debian/control
@@ -26,7 +26,10 @@ Build-Depends:
  libxext-dev,
  libxfixes-dev,
  libx11-dev,
- ikiwiki
+ ikiwiki,
+ libtinfo-dev,
+ libedit-dev,
+ zlib1g-dev
 Standards-Version: 3.9.8
 Homepage: https://www.freedesktop.org/wiki/Software/Beignet/
 Vcs-Git: https://anonscm.debian.org/git/pkg-opencl/beignet.git
diff --git a/debian/patches/series b/debian/patches/series
index c340adc..05905d1 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,7 +1,7 @@
 Debian-compliant-compiler-flags-handling.patch
 support-kfreebsd.patch
 reduce-notfound-output.patch
-shared-llvm.patch
+#shared-llvm.patch
 update-docs.patch
 ship-test-tool.patch
 find-python35.patch
@@ -11,3 +11,4 @@ llvm39-support.patch
 add-appstream-metadata.patch
 spelling.patch
 opencl2-runtime-detection.patch
+static-llvm.patch

Bug#835193: phpdox: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#833408: amora-server: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#831630: idjc: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#855479: resolved: Fails lookup with no-signature for a private/local domain

2017-02-18 Thread Sjoerd Simons

Package: systemd
Version: 232-18
Severity: important
Tags: patch

Hey,

One of my VPNs runs dnsmasq and seems to trigger systemd-resolved to fail the
lookup with dnssec errors:
  neon.elements: resolve call failed: DNSSEC validation failed: no-signature

This got fixed upstream in 97c2ea26456f21334ac164f330426dd518067f08 (hence the
patch flag).

Fwiw the important is arguable, this does make resolved unusable for me in the
default settings on certain VPNs, but the usage of resolved is probably
uncommon.

-- Package-specific info:

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), 
(500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages systemd depends on:
ii  adduser 3.115
ii  libacl1 2.2.52-3
ii  libapparmor12.11.0-2
ii  libaudit1   1:2.6.7-1
ii  libblkid1   2.29.1-1
ii  libc6   2.24-9
ii  libcap2 1:2.25-1
ii  libcryptsetup4  2:1.7.3-3
ii  libgcrypt20 1.7.6-1
ii  libgpg-error0   1.26-2
ii  libidn111.33-1
ii  libip4tc0   1.6.0+snapshot20161117-5
ii  libkmod223-2
ii  liblz4-10.0~r131-2
ii  liblzma55.2.2-1.2
ii  libmount1   2.29.1-1
ii  libpam0g1.1.8-3.5
ii  libseccomp2 2.3.1-2.1
ii  libselinux1 2.6-3
ii  libsystemd0 232-18
ii  mount   2.29.1-1
ii  util-linux  2.29.1-1

Versions of packages systemd recommends:
ii  dbus1.10.16-1
ii  libpam-systemd  232-18

Versions of packages systemd suggests:
ii  policykit-10.105-17
ii  systemd-container  232-18
pn  systemd-ui 

Versions of packages systemd is related to:
ii  dracut   044+241-1
pn  initramfs-tools  
ii  udev 232-18

-- Configuration Files:
/etc/systemd/logind.conf changed [not included]

-- no debconf information

Bug#777417: ipsvd: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#836609: nostalgy: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#777321: dtaus: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#831585: tcpreen: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#828012: bind9: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#831417: xmlcopyeditor: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#797027: zyne: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#776935: cgilib: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#777483: jargon: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#778419: fedmsg: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#777428: libtnt: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#776941: dh-kpatches: please help make builds reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#855406: [thunderbird] commandline argument "-compose attachment" not recognized

2017-02-18 Thread John Landmesser


Am 18.02.2017 um 19:00 schrieb Carsten Schoenert:

On Fri, Feb 17, 2017 at 03:57:16PM +0100, John Landmesser wrote:

Package: thunderbird
Version: 1:45.7.1-1
Severity: normal

--- Please enter the report below this line. ---

this KDE-Service-Menue doesn't run with Debain Thunderbid, but it's ok with
Mozilla Thunderbird

[Desktop Entry]
Type=Service
Actions=SendToMailRcp
Encoding=UTF-8
MimeType=application/octet-stream
X-KDE-ServiceTypes=KonqPopupMenu/Plugin
X-KDE-Priority=TopLevel
X-KDE-Submenu=Send To

[Desktop Action SendToMailRcp]
Name=Mail Recipient...
Exec=/usr/bin/thunderbird -compose "attachment='$(echo %F | sed 's: /:,/:g')'"
Icon=thunderbird

Where this menu entry is come from? Debian hasn't a Desktop Action
section for Thunderbird. Please explain a little bit more how to
readjust this issue.

Regards
Carsten


I developed it on my own/with help of google and members of siduction-Forum

It was ok and working fine with icedove, multiple attachments with long 
filenames.


But it stopped working when the new Debian-Thunderbird showed up.

One of these siduction forum members showed me this:


In man bash we can read in Shell Builtin Commands section:

Unless otherwise noted, each builtin command documented in this section as
accepting options preceded by - accepts -- to signify the end of the 
options.


The :, true, false, and test builtins do not accept options and do not 
treat

-- specially. The exit, logout, break, continue, let, and shift builtins
accept and process arguments beginning with - without requiring --. Other
builtins that accept arguments but are not specified as accepting options
interpret arguments beginning with - as invalid options and require -- to
prevent this interpretation.

Note that echo does not interpret -- to mean the end of options.


... and that "--"  seems to be the problem?


thunderbird -- -compose "attachment='$(echo %F | sed 's: /:,/:g')'"

this does not work with Debian-thunderbird!

i can't give you the error message, because i went back to 
Mozilla-Thunderbird and i'm happy with that, because it's just working 
fine with my "menu entry"


Thanks for your post!

John Landmesser

Bug#841347: [Aptitude-devel] Bug#841347: packages are not marked as auto "i A" in aptitude

2017-02-18 Thread Manuel A. Fernandez Montecelo

Control: tags -1 + pending

Hi,

2016-10-20 02:51 Axel Beckert:

Control: tag -1 + confirmed

Hi Michael,

Michael Biebl wrote:

>> Is this not happening for you?
>
> Seems not, no. But then again, I'm using aptitude most of the time and
> apt only in a few percent of all cases.

It's safe to assume that you have a /var/lib/aptitude/pkgstates.
Can you try install a package via apt which you don't have installed yet
and pulls in other dependencies. Say libclang-4.0-dev (which pulls in
libclang-common-4.0-dev)

Thanks for making up a nice example which is easier for me to test.

+1

$ apt install libclang-4.0-dev
$ apt-mark showauto | grep libclang-common-4.0-dev
libclang-common-4.0-dev
$ aptitude show libclang-common-4.0-dev | grep Auto
Automatically installed: no

I'd be surprised if you get a different result.

There was a missing check for this case, I think that I fixed it now.
Let's hope that I can get it into stable.

Thanks for the report and the clear test case!

--
Manuel A. Fernandez Montecelo

Bug#802252: Re%3A gspiceui only gnucap fail%3F%3F

2017-02-18 Thread Ulrich Hauser-Ehninger

On Sun%2C 18 Oct 2015 21%3A18%3A04 %2B0200 miguel  wrote%3A%0A> It%27s only with gnucap core simualtion. At the 
moment i can switch to%0A> ngspice core and no appears any error.%0A> %0A> %0A

I experience the error message. The simulation runs and the result is given, 
but without the header line with the column labels.
Environment:
Kubuntu 16.10, kernel 4.8.0-37
Gnucap 2009.12.07 RCS 26.136
gSpiceUI Version 1.1.00

Backtrace:
ASSERT INFO:
../src/common/strconv.cpp(1208): assert "Assert failure" failed in 
FromWChar(): trying to encode undefined Unicode character

BACKTRACE:
[1] wxMBConvStrictUTF8::FromWChar(char*, unsigned long, wchar_t const*, 
unsigned long) const
[2] wxString::AsChar(wxMBConv const&) const
[3] wxFile::Write(wxString const&, wxMBConv const&)
[4] wxTextFile::OnWrite(wxTextFileType, wxMBConv const&)
[5] wxNavigationEnabled::AcceptsFocusFromKeyboard() const
[6] wxNavigationEnabled::AcceptsFocusFromKeyboard() const
[7] wxAppConsoleBase::CallEventHandler(wxEvtHandler*, wxEventFunctor&, 
wxEvent&) const
[8] wxEvtHandler::ProcessEventIfMatchesId(wxEventTableEntryBase const&, 
wxEvtHandler*, wxEvent&)
[9] wxEventHashTable::HandleEvent(wxEvent&, wxEvtHandler*)
[10] wxEvtHandler::TryHereOnly(wxEvent&)
[11] wxEvtHandler::ProcessEventLocally(wxEvent&)
[12] wxEvtHandler::ProcessEvent(wxEvent&)
[13] wxWindowBase::TryAfter(wxEvent&)
[14] wxEvtHandler::SafelyProcessEvent(wxEvent&)
[15] wxMenuBase::SendEvent(int, int)
[16] g_closure_invoke
[17] g_signal_emit_valist
[18] g_signal_emit
[19] gtk_widget_activate
[20] gtk_menu_shell_activate_item
[21] g_closure_invoke
[22] g_signal_emit_valist
[23] g_signal_emit
[24] gtk_propagate_event
[25] gtk_main_do_event
[26] g_main_context_dispatch
[27] g_main_loop_run
[28] gtk_main
[29] wxGUIEventLoop::DoRun()
[30] wxEventLoopBase::Run()
[31] wxAppConsoleBase::MainLoop()
[32] wxEntry(int&, wchar_t**)
[33] __libc_start_main

Bug#849314: node-gulp: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#851809: mono: please make the output of dh_makeclilibs reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#849968: pciutils: please make the build reproducible under i386 with an amd64 kernel

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#852482: flask-limiter: please make the build reproducible

2017-02-18 Thread Chris Lamb

> Would you consider applying this patch and uploading?

Friendly ping on this :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#855370: dracut-core: Check installation path of aufs-dkms in module-setup.sh

2017-02-18 Thread John Paul Adrian Glaubitz

Hi Thomas!

> I thought aufs was replaced by overlayfs. But you are right, there's
> still aufs in the dkms package.

Replacing aufs with overlayfs is currently *not* possible as overlayfs
still doesn't support NFS as a lowerdir [1]. Thus, trying to create a
union mount with a read-only NFS filesystem will not work.

If installing through FAI from an NFSROOT should work in Stretch, this
patch therefore *must* be merged and users have to use aufs instead
of overlayfs.

Let's get this patch merged and a file an unblock request for Stretch.

Adrian

> [1] https://www.kernel.org/doc/Documentation/filesystems/overlayfs.txt

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaub...@debian.org
`. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Bug#855478: x265: Incomplete debian/copyright?

2017-02-18 Thread Chris Lamb

Source: x265
Version: 2.3-1
Severity: serious
Justication: Policy 12.5
X-Debbugs-CC: Sebastian Ramacher 

Hi,

I just ACCEPTed x265 from NEW but noticed it was missing attribution 
in debian/copyright for at least:

source/cmake/FindNuma.cmake:17:# Copyright (c) 2015 Steve Borho
source/cmake/FindVLD.cmake:26:# Copyright (c) 2012 Sergiu Dotenco
source/cmake/FindVtune.cmake:8:# Copyright (c) 2015 Pradeep Ramachandran

(This is not exhaustive so please check over the entire package 
carefully and address these on your next upload.)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#855477: [astroplan] Failure with broadcasts in schedulers

2017-02-18 Thread Ole Streicher

Package: python-astroplan
Version: 0.2-4
Severity: important
Forwarded: https://github.com/astropy/astroplan/issues/282

While the fix of #851437 fixes the FTBFS of the package, the packages
still has significant usage problems connected with the schedulers:

self = 
instance = <[ValueError("attribute obstime should be scalar or have shape (2, 
1), but is has shape (2,) and could not be broadcast.") raised in repr()] AltAz 
object at 0x7f8032fb2470>
frame_cls = 

def __get__(self, instance, frame_cls=None):
[...]
if instance is not None:
instance_shape = getattr(instance, 'shape', None)
if instance_shape is not None and (getattr(out, 'size', 1) > 1 and
   out.shape != instance_shape):
# If the shapes do not match, try broadcasting.
try:
if isinstance(out, ShapedLikeNDArray):
out = out._apply(np_broadcast_to, shape=instance_shape,
>subok=True)

/usr/lib/python3/dist-packages/astropy/coordinates/baseframe.py:227: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = 
method = , args = ()
kwargs = {'shape': (2, 1), 'subok': True}, new_format = 'iso'
apply_method = . at 0x7f803a69c730>
jd1 = array([ 2457424.5,  2457424.5]), jd2 = array([ 0.125,  0.125])

def _apply(self, method, *args, **kwargs):
[...]
if callable(method):
apply_method = lambda array: method(array, *args, **kwargs)
else:
if method == 'replicate':
apply_method = None
else:
apply_method = operator.methodcaller(method, *args, **kwargs)

jd1, jd2 = self._time.jd1, self._time.jd2
if apply_method:
>   jd1 = apply_method(jd1)

/usr/lib/python3/dist-packages/astropy/time/core.py:849: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

array = array([ 2457424.5,  2457424.5])

>   apply_method = lambda array: method(array, *args, **kwargs)

/usr/lib/python3/dist-packages/astropy/time/core.py:840: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

array = array([ 2457424.5,  2457424.5]), shape = (2, 1), subok = True

def broadcast_to(array, shape, subok=False):
"""[...]"""
>   return _broadcast_to(array, shape, subok=subok, readonly=True)

/usr/lib/python3/dist-packages/numpy/lib/stride_tricks.py:174: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

array = array([ 2457424.5,  2457424.5]), shape = (2, 1), subok = True
readonly = True

def _broadcast_to(array, shape, subok, readonly):
[...]
broadcast = np.nditer(
(array,), flags=['multi_index', 'refs_ok', 'zerosize_ok'] + extras,
>   op_flags=[op_flag], itershape=shape, order='C').itviews[0]
E   ValueError: operands could not be broadcast together with remapped 
shapes [original->remapped]: (2,) and requested shape (2,1)

/usr/lib/python3/dist-packages/numpy/lib/stride_tricks.py:129: ValueError

During handling of the above exception, another exception occurred:

def test_transitioner():
blocks = [ObservingBlock(t, 55 * u.minute, i) for i, t in 
enumerate(targets)]
slew_rate = 1 * u.deg / u.second
trans = Transitioner(slew_rate=slew_rate)
start_time = Time('2016-02-06 03:00:00')
>   transition = trans(blocks[0], blocks[2], start_time, apo)

astroplan/tests/test_scheduling.py:112: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
astroplan/scheduling.py:842: in __call__
sep = aaz[0].separation(aaz[1])[0]
/usr/lib/python3/dist-packages/astropy/utils/misc.py:941: in __getitem__
return self._apply('__getitem__', item)
/usr/lib/python3/dist-packages/astropy/coordinates/sky_coordinate.py:279: in 
_apply
self._sky_coord_frame = self_frame._apply(method, *args, **kwargs)
/usr/lib/python3/dist-packages/astropy/coordinates/baseframe.py:1181: in _apply
value = getattr(self, attr)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = 
instance = <[ValueError("attribute obstime should be scalar or have shape (2, 
1), but is has shape (2,) and could not be broadcast.") raised in repr()] AltAz 
object at 0x7f8032fb2470>
frame_cls = 

def __get__(self, instance, frame_cls=None):
[...]
try:
if isinstance(out, ShapedLikeNDArray):
out = out._apply(np_broadcast_to, shape=instance_shape,
 subok=True)
else:
out = np_broadcast_to(out, instance_shape, subok=True)
except ValueError:
# raise more informative exception.
raise ValueError(
"attribute {0} should be scalar or have shape {1}, "

Bug#855476: nmu: last rebuilds against openssl1.1

2017-02-18 Thread Sebastian Andrzej Siewior

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: binnmu
Severity: normal

The following binNMU should move the remaining packages which are still
linked against libssl1.0.2 in the archive to libssl1.1. Each one of them
built successfully against openssl 1.1.0e recently [0] on amd64. I
checked the build logs and each source package had at least one binary
package linked against libssl so I doubt that we will lose ssl support
somewhere.

nmu erlang-p1-tls_1.0.7-2 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu ettercap_1:0.8.2-3 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu eurephia_1.1.0-6 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu fdm_1.7+cvs20140912-1 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu goldencheetah_4.0.0~DEV1607-2 . ANY . unstable . -m "rebuild against 
openssl 1.1"
nmu httrack_3.48.24-1 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu hyphy_2.2.7+dfsg-1 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu htmldoc_1.8.27-8 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu httping 2.5-1 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu ibm-3270_3.3.14ga11-1 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu identity4c_1.0-1 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu ike-scan_1.9.4-1 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu istgt_0.4~20111008-3 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu lepton_1.2.1-2 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu libtins_3.4-2 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu mokutil 0.2.0-1 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu pam-pkcs11_0.6.9-1 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu bitcoin_0.13.1-0.1 . ANY . unstable . -m "rebuild against openssl 1.1"
nmu efitools_1.4.2-2  . ANY . unstable . -m "rebuild against openssl 1.1"

Only sid-only package should remain after these binNMUs.

[0] 
https://breakpoint.cc/openssl-rebuild/2017-02-16-rebuild-sid-openssl1.1.0e/successful

Sebastian

Bug#844367: ada-default-project-path.diff

2017-02-18 Thread Nicolas Boulenguez

Hello.

As far as I understand the situation, disabling the whole patch at
https://anonscm.debian.org/viewvc/gcccvs/branches/sid/gcc-7/debian/patches/ada-default-project-path.diff?view=markup
was the right choice for gnat-7.

It may probably be dropped, as gprbuild is already patched to search
projects in both /usr/share/gpr (upstream default) and
/usr/share/ada/adainclude (Debian default).

Bug#855462: Update [Wrong Subject] (bleachbit: Starting as SUDO, Password Not Accepted)

2017-02-18 Thread Stephen Allen

Ugh I'm not starting it as sudo, starting it the usual way, but password not 
accepted when I enter my sudo password. Therefore to launch it, either have to 
use a terminal via sudo or gksudo. I'm assuming this error is because there 
isn't a root user account?

Bug#853100: linux-image-4.9.0-1-amd64: Blocked tasks and no X on Latitude E6530

2017-02-18 Thread Ben Hutchings

On Thu, 2017-02-16 at 20:17 -0700, Thomas Vaughan wrote:
> I have attached the output both for linux-3.16 (which seems to have no
> problem) and for linux-4.9.

OK, so you have the VirtalBox and Broadcom wl modules loaded.  I doubt
that they are involved in this bug.

Can you look through /var/log/messages and extract the messages around
the same time as "INFO: task worker/1:1:68 blocked for more than 120
seconds"?

Ben.

-- 
Ben Hutchings
Knowledge is power.  France is bacon.

signature.asc
Description: This is a digitally signed message part

Bug#855475: libreswan: [INTL:nl] Dutch translation of debconf messages

2017-02-18 Thread Frans Spiesschaert

 

Package: libreswan 
Severity: wishlist 
Tags: l10n patch 
 

Dear Maintainer, 
 
== 
Please find attached the updated Dutch translation of libreswan debconf 
messages. 
It has been submitted for review to the debian-l10n-dutch mailing list. 
Please add it to your next package revision. 
It should be put as debian/po/nl.po in your package build tree. 
=== 

-- 
Regards,
Frans



nl.po.gz
Description: application/gzip


signature.asc
Description: This is a digitally signed message part

Bug#837186: Loading certain (SSL?) sites like google.com and facebook.com aborts

2017-02-18 Thread cacatoes

Package: firefox-esr
Version: 45.7.0esr-4
Followup-For: Bug #837186

Experiencing something alike here, I get blank page as soon as I try to visit 
some specific website : https://uzbl.org
No error message, no answer from webserver.
I can get the page well with simple wget or other web browsers.
Wireshark & openssl logs attached as a bonus.

-- Package-specific info:

-- Extensions information
Name: Firefox Hello Beta
Location: ${PROFILE_EXTENSIONS}/l...@mozilla.org.xpi
Status: enabled

Name: Français Language Pack locale
Location: 
/usr/lib/firefox-esr/browser/extensions/langpack...@firefox-esr.mozilla.org.xpi
Package: firefox-esr-l10n-fr
Status: enabled

Name: Thème par défaut theme
Location: 
/usr/lib/firefox-esr/browser/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Package: firefox-esr
Status: enabled

Name: uBlock Origin
Location: 
/usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/ublo...@raymondhill.net
Package: xul-ext-ublock-origin
Status: enabled

-- Plugins information
Name: Shockwave Flash (13.1.2.3)
Location: 
/usr/lib/browser-plugin-freshplayer-pepperflash/libfreshwrapper-flashplayer.so
Package: browser-plugin-freshplayer-pepperflash
Status: enabled


-- Addons package information
ii  browser-plugin 0.3.5-1+b1   i386 PPAPI-host NPAPI-plugin adapter f
ii  firefox-esr45.7.0esr-4  i386 Mozilla Firefox web browser - Ext
ii  firefox-esr-l1 45.7.0esr-4  all  French language package for Firef
ii  xul-ext-ublock 1.10.4+dfsg- all  general-purpose lightweight ads, 

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 4.9.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages firefox-esr depends on:
ii  debianutils   4.8.1
ii  fontconfig2.11.0-6.7
ii  libasound21.1.3-4
ii  libatk1.0-0   2.22.0-1
ii  libc6 2.24-9
ii  libcairo2 1.14.8-1
ii  libdbus-1-3   1.10.14-1
ii  libdbus-glib-1-2  0.108-2
ii  libevent-2.0-52.0.21-stable-2.1
ii  libffi6   3.2.1-6
ii  libfontconfig12.11.0-6.7
ii  libfreetype6  2.6.3-3+b1
ii  libgcc1   1:6.3.0-6
ii  libgdk-pixbuf2.0-02.36.4-1
ii  libglib2.0-0  2.50.2-2
ii  libgtk2.0-0   2.24.31-2
ii  libhunspell-1.4-0 1.4.1-2+b1
ii  libnspr4  2:4.12-6
ii  libnss3   2:3.26.2-1
ii  libpango-1.0-01.40.3-3
ii  libsqlite3-0  3.16.2-2
ii  libstartup-notification0  0.12-4
ii  libstdc++66.3.0-6
ii  libvpx4   1.6.1-2
ii  libx11-6  2:1.6.4-3
ii  libxcomposite11:0.4.4-2
ii  libxdamage1   1:1.1.4-2+b1
ii  libxext6  2:1.3.3-1
ii  libxfixes31:5.0.3-1
ii  libxrender1   1:0.9.10-1
ii  libxt61:1.1.5-1
ii  procps2:3.3.12-3
ii  zlib1g1:1.2.8.dfsg-5

Versions of packages firefox-esr recommends:
pn  gstreamer1.0-libav 
pn  gstreamer1.0-plugins-good  

Versions of packages firefox-esr suggests:
pn  fonts-lmodern  
pn  fonts-stix | otf-stix  
pn  libcanberra0   
pn  libgnomeui-0   
ii  libgssapi-krb5-2   1.15-1
pn  mozplugger 

-- no debconf information

CONNECTED(0003)
Server did acknowledge servername extension.
---
Certificate chain
 0 s:/CN=uzbl.org
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-BEGIN CERTIFICATE-
MIIGAjCCBOqgAwIBAgISA0RABV3HaA4QfX75bih8oQMiMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNjEyMzAwMjMzMDBaFw0x
NzAzMzAwMjMzMDBaMBMxETAPBgNVBAMTCHV6Ymwub3JnMIICIjANBgkqhkiG9w0B
AQEFAAOCAg8AMIICCgKCAgEAzj0qN7ZsZolchPPk3UL/apG7itbkgIxzA+31pfFN
EKAphaHY56OqEMwt+7qUzPBYB8hXim1l7D1gXRswdVPh0uBuq6xA1VIMUA5DC0LJ
gc1wwV//Xjfb7woONUdmtEO7GswFYhKe0dTjQ8ootSDrGSoNXv7X5qXcrcLg0mjW
asgzC2IwZsYtDhiuUjWpeNLJC2oxcmUfpePMcnHPnH7i1DfnjumZmLu2kcRlWcmD
TsdZNjAzx8PxBZMakV04p4eWIXCAIbgUs5I1NDLOcfstmEgsXiTevDLWrwBYdzX1
umpu2gg/4DsSpAXl4SUkpBJ7Pkt2EShm2hlbtgeFVJX5Q3DyiCi1szq6EpWgOFSq
UZpz2X7ryFljQquEYQWzMRmKJ+ZFCqr4ALk6u07v7JW67DF8XqnCsSPpXRBcPAPR
u9oPymquxMNezUe2EQELHSFF9VUt/efXYWyXxGav0CkLt8EzN1HjCqOabYHmcGkJ
G6lIv6sj/Z6+KGGwRrNZoA11D5TRsU77+n1LZ+sXR1UCKoiPOD0X6TzuwLplwmfq
6G/JgOqjImaEOUAG5cmeBG/PDLMTt9E4RL+nb7O//lVke2tSqPvqxrxdKzskM2pS
ZH+jgy0U2yPQY8KM9uoiaMDD+unGaWzhxvu0X194bGTZA5TZwZNoVZ93aiiVphZc
QI0CAwEAAaOCAhcwggITMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF

Bug#854677: linux-image-amd64 - patches from kernel source required

2017-02-18 Thread Ben Hutchings

On Fri, 2017-02-17 at 09:03 +0530, Narayanan R S wrote:
> Hi Ben,
> 
> I can try (re)running the 4.9 backport and see if the issue resurfaces.
> 
> What is the correlation between the debian kernel (backported) and the
> mainline one (it says version 4.9.2-2~bpo8+1 - so is it essentially
> _EXACTLY_ 4.9.2)?

It has some patches on top of 4.9.2, but none involving netfilter.

Ben.

-- 
Ben Hutchings
Knowledge is power.  France is bacon.



signature.asc
Description: This is a digitally signed message part

Bug#855474: lyskom-server: [INTL:nl] Dutch translation of debconf messages

2017-02-18 Thread Frans Spiesschaert

 

Package: lyskom-server 
Severity: wishlist 
Tags: l10n patch 
 

Dear Maintainer, 
 
== 
Please find attached the updated Dutch translation of lyskom-server debconf 
messages. 
It has been submitted for review to the debian-l10n-dutch mailing list. 
Please add it to your next package revision. 
It should be put as debian/po/nl.po in your package build tree. 
=== 

-- 
Regards,
Frans



nl.po.gz
Description: application/gzip


signature.asc
Description: This is a digitally signed message part

Bug#855458: libssl1.0-dev: Development environment is incomplete w/o openssl tool

2017-02-18 Thread Sebastian Andrzej Siewior

On 2017-02-18 15:23:02 [+], Bjarni R. Einarsson wrote:
> When trying to build Pound against libssl1.0, the build fails because
> Pound uses the openssl tool to generate C code containing DH parameters
> (openssl dhparam -C ...).
> 
> The system-wide openssl on Debian testing is from OpenSSL 1.1, and
> generates C code which is incompatible with OpenSSL 1.0. As a result it
> is impossible to build some software (Pound) against OpenSSL 1.0 in
> spite of having installed libssl1.0-dev.

Is you problem just pound? If so I'm not going to introduce openssl for
1.0.2 just for that. pound is on my list of things to do so it will be
fixed shortly. I am not yet sure what I will do but something will be
done…

Sebastian

Bug#830207: Next try

2017-02-18 Thread David Rabel

On 18.02.2017 20:59, David Rabel wrote:
>> 329aa8ce287
>> "Other" is not a good name for License.  I suggest to follow
>> https://tracker.debian.org/media/packages/g/granule/copyright-1.4.0-7-4
>> or https://github.com/giuliopaci/SPro/blob/master/debian/copyright which
>> I found doing a quick Google search. 
> 
> I adjusted this.

I was just thinking: Do we have to add a paragraph in debian/copyright
for files we delete with debian/clean?

David



signature.asc
Description: OpenPGP digital signature

Bug#830207: Changing copyright again

2017-02-18 Thread David Rabel

Hi Osmi,

Rolf is probably right, that you are actually the only copyright holder.

What do you think? Would it be OK for you to change the copyright for
the code to your name and mention the whole Linux community and / or
team audio recorder in the AUTHORS file instead?

Yours
  David



signature.asc
Description: OpenPGP digital signature

Bug#830207: Next try

2017-02-18 Thread David Rabel

Hi Rolf,

a general question: Are you OK with the way I commit every step in git
or would you prefer that I clean up the history a little bit before pushing?

On 18.02.2017 20:14, Rolf Leggewie wrote:
> 60fd5fd4c
> It's a trivial fix, but if upstream has that spelling error I think it
> would be better to keep it.  Where do you draw the line?  Who knows,
> there might be some kind of intended meaning that you and I missed?  In
> that part of our work, we are just documenting, not correcting IMO.

The spelling error was not from upstream, it was mine. ;) And I found a
second one in the same line. I corrected it, now.


> 08dc66295a
> I'm not sure if changing "The entire Linux community" to "Team audio
> recorder" is sufficient. 

The ftp master who rejected the package is fine with this solution. Of
course we can still try to find a better solution.


> I'm not sure such an entity exists and it's
> basically equally opaque.  If it's not specific enough to understand who
> to contact in case you'd like to ask for a relicensing of the code then
> it's not specific enough for Debian.  Let's say you'd like to develop a
> closed-source variety of audio-recorder, who would you need to ask for
> permission? 

You might be right on this. For me it was quite clear, that Team
audio-recorder is the launchpad team:
https://launchpad.net/~audio-recorder
Maybe we could add this link instead of the email address to the
copyright file?


> Besides, as I already mentioned previously, my feeling is
> that nobody but Osmo Antero has copyright.  There are two conditions
> that need to be met for this NOT to be true; 1) significant
> contributions from third parties and 2) those parties requested for
> copyright when making those contributions.  2) is not documented in the
> files and it should be IF there was a third-party copyright.

I will ask Osmo if he is fine with changing the copyright to him only. I
will keep you and the bug in CC. Just did not want to spam Osmo with the
rest of the email, since most of it is not interesting for him.


> I understand that Osmo enjoys drinking his vine and keep things simple. 
> But he is making things unnecessarily complicated here by adding an
> opaque group of people to the copyright holders.  I believe that what he
> wants to do is acknowledge outside contributions.  That's what the
> AUTHORS file is for which is actually present but does not list anybody
> besides him.  It's fine for him to make a broad statement there such as
> "a multitude of patches were gladly received by a number of people from
> the Linux community.  If you'd like to see your name here specifically
> contact me at XYZ".  Copyright is about who owns the ultimate rights to
> the source.  GPL extends quite a few of those rights to the users (such
> as the right to modify, redistribute, etc.)  What Osmo is doing (and I'm
> absolutely certain that is unintentional) is to give basically everyone
> who can somehow claim to be part of the Linux community to fully OWN the
> code and that includes the right to relicense it, for example.  This
> would effectively make the source public domain and strip it of the
> protections the GPL provides (such as disallowing redistribution as a
> closed-source binary program).  I am sure Osmo did not intend to release
> as public domain.

What you actually say is: IF we leave it as it is, the worst case is
that the software could be public domain.


> This absolutely needs clarification, no way around that.  My suggestion
> is to simply drop the erroneous and very dangerous line giving the Linux
> community or Team Audiorecorder the copyright.  All users already have
> very broad rights protected under the GPL.  Adding that line actually
> puts those rights in jeopardy.

There is other software under permissive licenses in Debian... I think
there are worse things than that.


> 329aa8ce287
> "Other" is not a good name for License.  I suggest to follow
> https://tracker.debian.org/media/packages/g/granule/copyright-1.4.0-7-4
> or https://github.com/giuliopaci/SPro/blob/master/debian/copyright which
> I found doing a quick Google search. 

I adjusted this.


> https://lists.debian.org/debian-legal/2015/01/msg00054.html says there
> is a later version of the file with a better worded license term.  If
> that's the case it would be advisable for upstream to exchange the
> current for the later version.  If upstream doesn't do this, we can also
> do it in Debian only.  If the file is not necessary to build the binary,
> we might want to simply drop it via debian/clean.  This question needs
> more consideration.

Upstream in this case is me. ;) I have write access to the upstream
repository and I put the po/Makefile.in.in there. The file I added is
from the current Testing version of gettext (0.19.8.1-2). I copied the
license text from there.

We could drop the file, we just would have to run intltoolize before the
build process. I was not quite sure how to do it.


>> Mainly it is an

Bug#855433: devscripts: wrap-and-sort: Add missing build dependency fields

2017-02-18 Thread Mattia Rizzolo

Control: tag -1 pending

On Sat, Feb 18, 2017 at 01:56:37AM +0100, Guillem Jover wrote:
> Attached a patch adding several missing fields.

Thanks, applied!
https://anonscm.debian.org/git/collab-maint/devscripts.git/commit/?id=c9e4a8e7f8a27afde97be11c409dff3c774e79b3

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#855472: (no subject)

2017-02-18 Thread Josua Mayer

This is about linux-image-4.9.0-1-armmp in stretch, armhf.

Bug#855472: display drivers missing for gta04 board

2017-02-18 Thread Josua Mayer

Package: src:linux
Version: 4.9.6-3
Severity: normal
Tags: upstream

Dear Maintainers,

Please enable following set of configs to support the display on GTA04 phone:
CONFIG_DRM_OMAP_PANEL_TPO_TD028TTEC1=m
CONFIG_PWM_OMAP_DMTIMER=m

This enables the driver for the connected display, and the pwm driver that is 
used for backlight.

br
Josua Mayer

Bug#855473: nodm: [INTL:nl] Dutch translation of debconf messages

2017-02-18 Thread Frans Spiesschaert

 

Package: nodm 
Severity: wishlist 
Tags: l10n patch 
 

Dear Maintainer, 
 
== 
Please find attached the updated Dutch translation of nodm debconf messages. 
It has been submitted for review to the debian-l10n-dutch mailing list. 
Please add it to your next package revision. 
It should be put as debian/po/nl.po in your package build tree. 
=== 

-- 
Regards,
Frans



nl.po.gz
Description: application/gzip


signature.asc
Description: This is a digitally signed message part

Bug#853904: osmo: cut text from a day in one month, paste to another month, original remains

2017-02-18 Thread Markus Koschany

Control: tags -1 unreproducible

On Wed, 01 Feb 2017 22:18:22 + ruffwoof  wrote:
> Package: osmo
> Version: 0.2.12-1+deb8u1
> Severity: normal
> 
> Dear Maintainer,
> 
> *** Reporter, please consider answering these questions, where appropriate ***
> 
>* What led up to the situation?
>* What exactly did you do (or not do) that was effective (or
>  ineffective)?
>* What was the outcome of this action?
>* What outcome did you expect instead?
> 
> *** End of the template - remove these template lines ***
> 
> osmo 0.2.12 (debian jessie stable)
> cut text from a day in one month
> use arrow to step to next month
> paste text in a day in that next month
> original text not cut (remains and have two copies of text
> in two different dates)

Hello,

I cannot reproduce this behaviour. Cutting text works as expected. Do
you use a special kind of clipboard application? Is this issue
reproducible with other applications? What desktop environment do you use?

Regards,

Markus



signature.asc
Description: OpenPGP digital signature

Bug#853037: aptitude: debtags view: duplicate tags, some with missing description

2017-02-18 Thread Manuel A. Fernandez Montecelo


Control: notfound -1 aptitude/0.6.11-1+b1
Control: found -1 aptitude/0.6.11-1


--
Manuel A. Fernandez Montecelo

Bug#855336: make hangs when synchronizing output and redirecting to null

2017-02-18 Thread James Cowgill

Hi,

On 18/02/17 08:27, Norbert Lange wrote:
> Hi,
> 
> sorry for messing up years.
> lslocks only showed makes locking /dev/null, but it appears to be that
> the culprit is a running dockerd daemon.

lslocks shouldn't be showing make holding a lock in /dev/null because it
does so for a very short period of time. It's also not in the list you
posted below.

> I dont understand why, but with the service disabled a blocked make
> will suddenly continue.

Both make and docker are locking the same file. Only one will be able to
obtain it and the other will probably hang (or fail in another way).

> to install the service:
> echo > /etc/apt/sources.list.d/docker.list 'deb [arch=amd64]
> https://apt.dockerproject.org/repo/ debian-stretch main'
> apt-get update; apt-get install docker-engine
> 
> For completeness, the lslocks output:
> $ lslocks
> COMMAND   PID   TYPE   SIZE MODE  M  STARTEND PATH
[...]
> dockerd  3732 OFDLCKREAD  0  0  0 /dev...

You may need to run lslocks as root to get the rest of this path.
Assuming this is a lock on /dev/null, then this is probably a bug in
docker rather than make. No-one should be holding long lived locks on
"global" files like that.

> dockerd  3732  FLOCK   128K WRITE 0  0  0
> /var/lib/docker/volumes/metadata.db

Thanks,
James

signature.asc
Description: OpenPGP digital signature

Bug#853037: aptitude: debtags view: duplicate tags, some with missing description

2017-02-18 Thread Manuel A. Fernandez Montecelo


Control: found -1 aptitude/0.6.11-1+b1
Control: tags -1 + pending

(It seems to happen also in stable releases.)


Hi,

2017-01-29 08:06 Paul Wise:

Package: aptitude
Version: 0.8.5-1
Severity: normal

When I go to the debtags view I get some duplicate tags, where one copy
of the tag has no description and the other has one. There are some
examples below but there are a lot more in other facets.

--\ accessibility - Accessibility Support (285)
  --- input
  --- input - Input Systems (131)
  --- speech
  --- speech - Speech Synthesis (100)
...


In the cases that I checked, like those above, the subtree without
description contains packages which only have "accessibilty::input" as a
tag, whereas the other contains packages with more than a tag.

Newline characters were added to the last tag (or the only one), and it
caused extra problems like classifying the tag in their own subtree due
to the new-line mismatch in the tag name.


Cheers.
--
Manuel A. Fernandez Montecelo

Bug#855471: RFP: node-bin-version-check -- Check whether a version satisfies a semver range

2017-02-18 Thread Ross Gammon


Package: wnpp
Severity: wishlist
X-Debbugs-CC: pkg-javascript-de...@lists.alioth.debian.org

* Package name: node-bin-version-check
  Version : 3.0.0
  Upstream Author : Sindre Sorhus  
(sindresorhus.com)

* URL : https://github.com/sindresorhus/bin-version-check
* License : Expat
  Programming Lang: JavaScript
  Description : Check whether a binary version satisfies a semver range

 Node-bin-version-check checks whether a binary version satisfies a semver
 range. This is useful when you have a thing that only works with specific
 versions of a binary.
 .
 Node.js is an event-based server-side JavaScript engine.

Node-bin-version-check is a dependency of grunt-contrib-compass and 
should probably be packaged within the Debian Javascript Team.

Bug#830207: Next try

2017-02-18 Thread Rolf Leggewie

On 18.02.2017 20:37, David Rabel wrote:
> Hi there,
>
> I uploaded a new audio-recorder package to mentors:
> https://mentors.debian.net/package/audio-recorder

Awesome!  Thanks.

I see you pushed changes to github so I will focus my review on what's
up there, assuming it is identical to what's on mentors.debian.net  I've
not looked at mentors.

60fd5fd4c
It's a trivial fix, but if upstream has that spelling error I think it
would be better to keep it.  Where do you draw the line?  Who knows,
there might be some kind of intended meaning that you and I missed?  In
that part of our work, we are just documenting, not correcting IMO.

08dc66295a
I'm not sure if changing "The entire Linux community" to "Team audio
recorder" is sufficient.  I'm not sure such an entity exists and it's
basically equally opaque.  If it's not specific enough to understand who
to contact in case you'd like to ask for a relicensing of the code then
it's not specific enough for Debian.  Let's say you'd like to develop a
closed-source variety of audio-recorder, who would you need to ask for
permission?  Besides, as I already mentioned previously, my feeling is
that nobody but Osmo Antero has copyright.  There are two conditions
that need to be met for this NOT to be true; 1) significant
contributions from third parties and 2) those parties requested for
copyright when making those contributions.  2) is not documented in the
files and it should be IF there was a third-party copyright.

I understand that Osmo enjoys drinking his vine and keep things simple. 
But he is making things unnecessarily complicated here by adding an
opaque group of people to the copyright holders.  I believe that what he
wants to do is acknowledge outside contributions.  That's what the
AUTHORS file is for which is actually present but does not list anybody
besides him.  It's fine for him to make a broad statement there such as
"a multitude of patches were gladly received by a number of people from
the Linux community.  If you'd like to see your name here specifically
contact me at XYZ".  Copyright is about who owns the ultimate rights to
the source.  GPL extends quite a few of those rights to the users (such
as the right to modify, redistribute, etc.)  What Osmo is doing (and I'm
absolutely certain that is unintentional) is to give basically everyone
who can somehow claim to be part of the Linux community to fully OWN the
code and that includes the right to relicense it, for example.  This
would effectively make the source public domain and strip it of the
protections the GPL provides (such as disallowing redistribution as a
closed-source binary program).  I am sure Osmo did not intend to release
as public domain.

This absolutely needs clarification, no way around that.  My suggestion
is to simply drop the erroneous and very dangerous line giving the Linux
community or Team Audiorecorder the copyright.  All users already have
very broad rights protected under the GPL.  Adding that line actually
puts those rights in jeopardy.

dfe98839e3 adds Ian Holmes as copyright holder for src/gst-recorder.c. 
If there are any other other copyright holders then that's the way we
should handle copyright attribution for them as well, unless they have
copyright in a broad number of files.

329aa8ce287
"Other" is not a good name for License.  I suggest to follow
https://tracker.debian.org/media/packages/g/granule/copyright-1.4.0-7-4
or https://github.com/giuliopaci/SPro/blob/master/debian/copyright which
I found doing a quick Google search. 
https://lists.debian.org/debian-legal/2015/01/msg00054.html says there
is a later version of the file with a better worded license term.  If
that's the case it would be advisable for upstream to exchange the
current for the later version.  If upstream doesn't do this, we can also
do it in Debian only.  If the file is not necessary to build the binary,
we might want to simply drop it via debian/clean.  This question needs
more consideration.

> Mainly it is an update of the debian/copyright file. But while I edited
> it, I found a lot of auto-generated files in the source tarball. So I
> deleted them via dquilt patch. I hope this is the right way to handle
> such files.

Are they giving any problems during the build?  If no, then I'd say not
to bother with them at all.  If yes and they aren't removed by "dh
clean" already then the file debian/clean is the proper place.  Have a
look at "man dh_clean".  Simply put, you can list file names one per
line in debian/clean to be removed as one of the first steps during the
build. Wildcards are allowed, RegExp might be.  This is better than
using patches because deleting a 1MB file it takes a patch that's
slightly bigger than 1MB.  It's easier to read during code inspection as
well.

Regards

Rolf

Bug#854923: busybox: "sed -i" bug corrected in version 1.23.0

2017-02-18 Thread Cyril Chaboisseau

Hi Cyril,

Fine, but busybox will eventually be upgraded to a newer stable version
at some point, or it will suffer from old/buggy version with potential
security holes
if not, it means that on the long run it will be very difficult to
cherry-pick those security patches and the project wil not benefit from
new features and improvements

as for bug #854924, don't you think it would have never occured if a
newer version of busybox were installed? (after 1.23 at least)

 Le 18 février vers 18:38, Cyril Brulebois écrivait:
> > this bug https://bugs.busybox.net/show_bug.cgi?id=7484 is corrected in
> > version 1.23.0
> 
> Thanks for the link. Given the patch, we need to be careful about the
> sed -i call anyway (https://bugs.debian.org/854924), since we would be
> setting exitcode to EXIT_FAILURE (and most code has set -e).
> 
> > busybox should be upgrade to a newer stable version 1.23.2 (or newer :
> > 1.26.2)



-- 
Cyril Chaboisseau

Bug#855470: thunderbird: logging error in nsSmtpProtocol::AuthLoginStep1

2017-02-18 Thread Daniel Kahn Gillmor

Package: thunderbird
Version: 1:45.7.1-1
Severity: normal
Control: forwarded -1 https://bugzilla.mozilla.org/show_bug.cgi?id=1340724


Launch thunderbird with:

NSPR_LOG_MODULES=smtp:5 NSPR_LOG_FILE=/tmp/thunderbird.log thunderbird

compose and send a message.

the log /tmp/thunderbird.log will contain something like:

 -321738944[7fb1eb8a2380]: SMTP AuthLoginStep1() for 
testu...@example.com@<90>^K^?

that trailing garbage is bad!  it should represent a string-like
description of the smtp server or something.

Looking at:

https://dxr.mozilla.org/comm-central/source/mailnews/compose/src/nsSmtpProtocol.cpp#1460

shows that what should be a string pointer is being retrieved from an
nsCOMPtr.get() function, which is just a nsISmtpServer*
-- i think it should be calling GetHostname or GetDescription or
something comparable instead of handing a raw pointer to the logging
function.

sorry i don't have the build capacity to test a patch right now (i
wish it was cheaper and simpler to build thunderbird!), but i think
that's where it needs to be fixed.

I've also reported the problem upstream, though i don't know how much
activity is there these days.

   --dkg


-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (200, 
'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages thunderbird depends on:
ii  debianutils   4.8.1
ii  fontconfig2.11.0-6.7
ii  libasound21.1.3-4
ii  libatk1.0-0   2.22.0-1
ii  libc6 2.24-9
ii  libcairo2 1.14.8-1
ii  libdbus-1-3   1.10.14-1
ii  libdbus-glib-1-2  0.108-2
ii  libevent-2.0-52.0.21-stable-2.1
ii  libffi6   3.2.1-6
ii  libfontconfig12.11.0-6.7
ii  libfreetype6  2.6.3-3+b1
ii  libgcc1   1:6.3.0-6
ii  libgdk-pixbuf2.0-02.36.4-1
ii  libglib2.0-0  2.50.2-2
ii  libgtk2.0-0   2.24.31-2
ii  libhunspell-1.4-0 1.4.1-2+b1
ii  libicu57  57.1-5
ii  libnspr4  2:4.12-6
ii  libnss3   2:3.26.2-1
ii  libpango-1.0-01.40.3-3
ii  libpangocairo-1.0-0   1.40.3-3
ii  libpangoft2-1.0-0 1.40.3-3
ii  libpixman-1-0 0.34.0-1
ii  libsqlite3-0  3.16.2-2
ii  libstartup-notification0  0.12-4
ii  libstdc++66.3.0-6
ii  libvpx4   1.6.1-2
ii  libx11-6  2:1.6.4-3
ii  libxcomposite11:0.4.4-2
ii  libxdamage1   1:1.1.4-2+b1
ii  libxext6  2:1.3.3-1
ii  libxfixes31:5.0.3-1
ii  libxrender1   1:0.9.10-1
ii  libxt61:1.1.5-1
ii  psmisc22.21-2.1+b1
ii  zlib1g1:1.2.8.dfsg-5

Versions of packages thunderbird recommends:
ii  lightning 1:45.7.1-1
pn  myspell-en-us | hunspell-dictionary | myspell-dictionary  

Versions of packages thunderbird suggests:
pn  apparmor  
ii  fonts-lyx 2.2.2-1
ii  libgssapi-krb5-2  1.15-1

-- no debconf information

1 2 >

1 - 100 of 198 matches

Mail list logo