Bug#860552: ITA: rbtools -- set of client tools to use with Review Board

[Philipp Huebner]

Hi,

Am 25.04.2017 um 12:33 schrieb LIU Qi:
> I use rbtools at work and had some experience on package maintaining. I
> would like to take it. Thanks a lot for your great work on this.

alright, it's yours!
Just don't upload to unstable until Stretch has been released.

Let me know if you need sponsoring.

Regards,
-- 
 .''`.   Philipp Huebner 
: :'  :  pgp fp: 6719 25C5 B8CD E74A 5225  3DF9 E5CA 8C49 25E4 205F
`. `'`
  `-



signature.asc
Description: OpenPGP digital signature

Bug#860352: [pkg-gnupg-maint] Bug#860352: gnupg: cannot handle hkps keyservers

[Daniel Kahn Gillmor]

Control: tags 860352 + unreproducible moreinfo

Hi Norbert--

On Sat 2017-04-15 10:37:52 +0900, Norbert Preining wrote:
> this is a very similar case to #811146 which supposedly is resolved,
> but it isn't:
>
> Relevant ~/.gnupg/gpg.conf lines:
>
>   keyserver hkps://hkps.pool.sks-keyservers.net
>   keyserver-options no-honor-keyserver-url
>
> Relevant ~/.gnupg/dirmngr.conf lines:
>
>   hkp-cacert /usr/share/gnupg/sks-keyservers.netCA.pem
>
> $ gpg --version
> gpg (GnuPG) 2.1.18
> ...
> $ dpkg -l gnupg
> ...
> ii  gnupg   2.1.18-6 amd64GNU privacy 
> guard - a free PGP replacement
>
> Searching with dirmngr directly succeeds (see above bug report),
> but gnupg fails with
>   General error
> $ gpg -vvv --debug-level 10 --search-key 58E11BB1E414D9AD
> gpg: using character set 'utf-8'
> gpg: enabled debug flags: packet mpi crypto filter iobuf memory cache memstat 
> trust ipc clock lookup extprog
> gpg: DBG: [not enabled in the source] start
> gpg: DBG: chan_3 <- # Home: /home/norbert/.gnupg
> gpg: DBG: chan_3 <- # Config: /home/norbert/.gnupg/dirmngr.conf
> gpg: DBG: chan_3 <- OK Dirmngr 2.1.18 at your service
> gpg: DBG: connection to the dirmngr established
> gpg: DBG: chan_3 -> GETINFO version
> gpg: DBG: chan_3 <- D 2.1.18
> gpg: DBG: chan_3 <- OK
> gpg: DBG: chan_3 -> KEYSERVER --clear hkps://hkps.pool.sks-keyservers.net
> gpg: DBG: chan_3 <- OK
> gpg: DBG: chan_3 -> KS_SEARCH -- 58E11BB1E414D9AD
> gpg: DBG: chan_3 <- ERR 1 General error 
> gpg: error searching keyserver: General error
> gpg: keyserver search failed: General error
> gpg: DBG: chan_3 -> BYE
> gpg: DBG: [not enabled in the source] stop
> gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
>   outmix=0 getlvl1=0/0 getlvl2=0/0
> gpg: secmem usage: 0/65536 bytes in 0 blocks
> $

I'm perplexed by this report, and am unable to reproduce the behavior.

Are you seeing it reproducibly?  If so, can you turn up the logging in
dirmngr itself?  you should be able to do this by adding a few lines to
~/.gnupg/dirmngr.conf:

debug-all
gnutls-debug 
debug-level expert

and then stop dirmngr:

gpgconf --kill dirmngr

and then do the query again and let me know what's shown in the output
of "systemctl --user status dirmngr" or "journalctl --user-unit dirmngr"

Thanks,

--dkg


signature.asc
Description: PGP signature

Bug#861219: salt: CVE-2017-8109

[Salvatore Bonaccorso]

Source: salt
Version: 2016.11.2+ds-1
Severity: important
Tags: security patch upstream
Forwarded: https://github.com/saltstack/salt/issues/40075

Hi,

the following vulnerability was published for salt.

CVE-2017-8109[0]:
| The salt-ssh minion code in SaltStack Salt before 2016.11.4 copied over
| configuration from the Salt Master without adjusting permissions, which
| might leak credentials to local attackers on configured minions
| (clients).

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-8109
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8109
[1] https://github.com/saltstack/salt/issues/40075
[2] https://github.com/saltstack/salt/pull/40609
[3] 
https://github.com/saltstack/salt/commit/8492cef7a5c8871a3978ffc2f6e48b3b960e0151

Please adjust the affected versions in the BTS as needed, I only
quickly checked the sid version for the affected source code, no
checks for jessie done yet.

Regards,
Salvatore

Bug#841724: jessie-pu: package guile-2.0/2.0.11+1-9

[Adam D. Barratt]

On Tue, 2017-04-25 at 23:23 -0500, Rob Browning wrote:
> Rob Browning  writes:
> 
> > I'll try to get some time this week to run the tests on a porterbox --
> > see if I can reproduce the problem there.
> 
> I was able to reproduce the problem on partch, and then poked around a
> bit.  It looks like this might be a glibc bug that's addressed in
> 2.19-18+deb8u8: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855606
> 
> I tested a trivial C program in jessie and sid chroots that just prints
> sqrt(2.0) and pow(2.0, 0.5) to 70 decimal places.
[...]
> Given that, I suspect that the buildd didn't have that version of libc,
> and if/when they do, the test will be fine.

Aha, interesting - thanks!

That glibc version got accepted last night, so hopefully we'll be in a
position to retry the guile-2.0 build later on.

Regards,

Adam

Bug#860970: release-notes: MariaDB vs MySQL section 2.2.3 needs clarifying on how to perform the upgrade

[Vincent McIntyre]

Hi Paul
 
If I understand correctly, you are suggesting this change:

  MariaDB is now the default MySQL variant in Debian, at version 10.1.
  The Stretch release introduces a new mechanism for switching the
  default variant, using metapackages created from the
  mysql-defaults source package.
  For example, installing the metapackage
  default-mysql-server will install
  mariadb-server-10.1.
- Users who had
+ For upgrading from jessie, it is recommended to install
+ this metapackage from the jessie-backports archive so that
+ users who have
  mysql-server-5.5 or mysql-server-5.6 will have it
  removed and replaced by the MariaDB equivalent.
  Similarly, installing default-mysql-client will install
  mariadb-client-10.1.

I don't think the release team want upgrades to depend on backports,
so I don't that's a viable option here.

But let's go back a step - you're saying that
if:   you have a jessie system with mysql-server-5.x
  and you dist-upgrade,
  without explicitly installing default-mysql-server
then: mysql-server-5.x gets uninstalled
  and no mariadb-server-* package gets installed ?

If correct, that's a big problem.

What the text is trying to tell people to do is to dist-upgrade,
then install default-mysql-server. That second action should
initiate the uninstall of mysql-server-5.x and then install
mariadb-server-10.1. Is that what you took from the text?
If not, can you think of a way to make it clearer?

Cheers
Vince

Bug#861218: libgssapi-krb5-2: soname-independent files in shared library package (policy 8.2)

[Helmut Grohne]

Package: libgssapi-krb5-2
Version: 1.15-1
Severity: serious
Justification: violates policy section 8.2

libgssapi-krb5-2 is a shared library package and contains
/etc/gss/mech.d/README. The latter filename does not depend on the
soname of the library and thus does not change when the soname changes.
Thus the package will not be coinstallable a newer soname of the same
library and make system upgrades unnecessarily difficult. This violates
the first sentence from policy section 8.2, which is a must:

| If your package contains files whose names do not change with each
| change in the library shared object version, you must not put them in
| the shared library package.

This actually causes problems today, due to a related bug in dpkg, which
does not properly support conffiles in m-a:same packages (#861217).

Please split the README to a different package (or remove it). Often
times a -common package is used for such files, e.g. libldap-common.

Helmut

Bug#858143: fix is not complete

[rolnas]

Version: 0.9.1-8

Dear all,

I'm investigated content of debian/patches/cve-2017-6967.diff from 
version 0.9.1-8 in unstable and by comparison with 
https://github.com/neutrinolabs/xrdp/commit/4b8a33e087ee9cf5556b40b717cd7e8ff243b3c3 
it is missing important sesman/session.c part of patch.


The version 0.9.2 would be much better solution, because it solves many 
more problems.


Regards,
Rolandas

Bug#861217: dpkg fails to unpack m-a:same instance with conffiles over removed but not purged instance

[Helmut Grohne]

Package: dpkg
Version: 1.18.23
User: helm...@debian.org
Usertags: rebootstrap

Hi Guillem,

it seems that dpkg exhibits a strange behaviour with Multi-Arch: same
and conffiles. If you have one instance removed, but not purged, and try
to install another instance, dpkg errors out with an unpack error on a
conffile. This is rather unexpected to me.

Example in a fresh sid amd64 debootstrap:
| # dpkg --add-architecture i386
| # apt-get update
| ...
| # apt-get install libgssapi-krb5-2
| ...
| # apt-get remove libgssapi-krb5-2
| ...
| # apt-get install libgssapi-krb5-2:i386
| ...
| Unpacking libgssapi-krb5-2:i386 (1.15-1) ...
| dpkg: error processing archive 
/tmp/apt-dpkg-install-6OFgRm/8-libgssapi-krb5-2_1.15-1_i386.deb (--unpack):
|  trying to overwrite shared '/etc/gss/mech.d/README', which is different from 
other instances of package libgssapi-krb5-2:i386
| dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
| Errors were encountered while processing:
|  /tmp/apt-dpkg-install-6OFgRm/8-libgssapi-krb5-2_1.15-1_i386.deb
| E: Sub-process /usr/bin/dpkg returned an error code (1)
| #

Skipping the removal step (i.e. installing both packages together) or
purging the other instance makes the sequence work. Thus the reported
difference does not exist. I conclude that something is fishy in dpkg
here.

Of course having a soname-independent (conf)file in a shared library is
a policy violation and will be reported separately.

Helmut

Bug#841724: jessie-pu: package guile-2.0/2.0.11+1-9

[Rob Browning]

Rob Browning  writes:

> I'll try to get some time this week to run the tests on a porterbox --
> see if I can reproduce the problem there.

I was able to reproduce the problem on partch, and then poked around a
bit.  It looks like this might be a glibc bug that's addressed in
2.19-18+deb8u8: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855606

I tested a trivial C program in jessie and sid chroots that just prints
sqrt(2.0) and pow(2.0, 0.5) to 70 decimal places.

jessie (glibc 2.19-18+deb8u7):
  1.41421356237309492343001693370752036571502685546875
  1.414213562373095145474621858738828450441360473632812500

sid (glibc 2.24-10):
  1.414213562373095145474621858738828450441360473632812500
  1.414213562373095145474621858738828450441360473632812500

Then I grabbed the 2.19-18+deb8u8 deb, unpacked it, and

  (jessie_powerpc-dchroot)rlb@partch:~/guile-2.0-2.0.11+1$ 
LD_LIBRARY_PATH=/home/rlb/libc6_2.19-18+deb8u8/lib/powerpc-linux-gnu 
./check-guile fractions.test
  Testing /home/rlb/guile-2.0-2.0.11+1/meta/guile ... fractions.test
  with GUILE_LOAD_PATH=/home/rlb/guile-2.0-2.0.11+1/test-suite
  Running fractions.test

  Totals for this test run:
  passes: 349
  failures:   0
  unexpected passes:  0
  expected failures:  0
  unresolved test cases:  0
  untested test cases:0
  unsupported test cases: 0
  errors: 0

Given that, I suspect that the buildd didn't have that version of libc,
and if/when they do, the test will be fine.

Thanks
-- 
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4

Bug#861198: simple-cdd: downloading docs/tools/README without ftp

[Vagrant Cascadian]

Control: severity 861198 important

On 2017-04-25, Vagrant Cascadian wrote:
>> Is there a different way to get a copy of the files in doc/ ? 
>
> At a quick glance, there is:
>
>   http://ftp.us.debian.org/debian/extrafiles
>
> Which has the added benefit of being signed, lists the files we want,
> with checksums.
>
> The code used to download debian-installer images based on the signed
> Release files in the distribution is similar to what's needed to parse
> extrafiles... e.g. download extrafiles, verify the signature, look for
> the files we want, download the individual files... so that code could
> be re-used, refactored, rewritten, etc. to support this.

Ok, I drafted up quick-and-dirty, cut-and-pasty, rough, untested,
conceptual code to handle downloading the individual files by matching
what's in the "extrafiles" file, much like how the debian-installer
files check against the Release files, to download the *SUMS files, to
then get a list of files to install.

Initially, it just switches to only using wget to fetch individual
files, which should be fairly easy to then switch to httplib or some
other native python library...

Having worked on this so infrequently... all simple-cdd code could
really use some refactoring once the proof-of-concept is done... *sigh*


live well,
  vagrant

diff --git a/simple_cdd/gnupg.py b/simple_cdd/gnupg.py
index 2a930db..ed17fe6 100644
--- a/simple_cdd/gnupg.py
+++ b/simple_cdd/gnupg.py
@@ -29,6 +29,18 @@ class Gnupg:
 self.import_keyring(keyring_file)
 
 
+def extract_inline_contents(self, pathname, sigpathname):
+args = ["gpg", "--no-default-keyring"]
+for k in self.env.get("keyring"):
+args.extend(("--keyring", k))
+args.extend("--decrypt")
+args.extend(sigpathname)
+contents = subprocess.Popen([args], stdout=subprocess.PIPE, 
stderr=subprocess.PIPE)
+x = open(pathname, 'rx')
+for line in contents:
+x.write(line)
+x.close()
+
 def verify_detached_sig(self, pathname, sigpathname):
 args = ["gpg", "--no-default-keyring"]
 for k in self.env.get("keyring"):
@@ -38,6 +50,15 @@ class Gnupg:
 if retval != 0:
 raise Fail("Signature verification failed on %s", pathname)
 
+def verify_inline_sig(self, pathname):
+args = ["gpg", "--no-default-keyring"]
+for k in self.env.get("keyring"):
+args.extend(("--keyring", k))
+args.extend(("--verify", pathname))
+retval = run_command("verify gpg signature", args)
+if retval != 0:
+raise Fail("Signature verification failed on %s", pathname)
+
 def import_keyring(self, keyring_file):
 """
 Import a keyring into our keyring file
diff --git a/simple_cdd/tools/mirror_wget.py b/simple_cdd/tools/mirror_wget.py
index d822936..7248270 100644
--- a/simple_cdd/tools/mirror_wget.py
+++ b/simple_cdd/tools/mirror_wget.py
@@ -35,26 +35,51 @@ class ToolMirrorWget(Tool):
 baseurl = env.get("wget_debian_mirror")
 path_depth = urlparse(baseurl).path.strip("/").count("/") + 1
 
-def _wget_many(urls):
-args = ["wget", "--continue", "--timestamping", "--no-verbose",
-"--no-parent", "--no-host-directories", "--recursive", 
"--cut-dirs={}".format(path_depth),
-"--directory-prefix=" + env.get("MIRROR")]
-args.extend(urls)
-retval = run_command("wget {} files".format(len(urls)), args, 
logfd=logfd, env=wget_env)
-if retval != 0:
-raise Fail("wget exited with code %s, see %s for full 
output log", retval, logfilename)
-
 def _wget_one(url, output):
+os.makedirs(os.path.dirname(output))
 args = ["wget", "-O", output, url]
 retval = run_command("wget {}".format(url), args, logfd=logfd, 
env=wget_env)
 if retval != 0:
 raise Fail("wget exited with code %s, see %s for full 
output log", retval, logfilename)
 
+if env.get("mirror_files"):
+# Download the checksums present in the archive "extrafiles" 
and verify
+extrafiles_file = os.path.join(env.get("simple_cdd_temp"), 
"extrafiles")
+extrafiles_file_inlinesig = extrafiles_file + ".inlinesig"
+download_extrafiles_file = 
os.path.join(env.get("wget_debian_mirror"), "extrafiles")
+_wget_one(download_extrafiles_file, extrafiles_file_inlinesig)
+self.gnupg.verify_inline_sig(extrafiles_file_inlinesig)
+self.gnupg.extract_inline_contents(extrafiles_file, 
extrafiles_file_inlinesig)
+
+# import checksums
+extrafile_sums = Checksums()
+extrafile_sums.parse_checksums_file(extrafiles_file, 'SHA256')
+
+ef=open(extrafiles_file, 'r')
+

Bug#861216: unblock: spin/6.4.5+dfsg-3

[tony mancill]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package spin.

Hello Release Team:

The upload spin_6.4.5+dfsg-3 should correctly resolve #861021, a file
conflict with older versions of the staden package.  You will notice
that there was a -2 version that used Breaks without Replaces.

Thank you to Niels for the email correspondence on the topic, and thank
you for your consideration.  Debdiffs are attached.

Cheers,
tony

unblock spin/6.4.5+dfsg-3
diff -Nru spin-6.4.5+dfsg/debian/changelog spin-6.4.5+dfsg/debian/changelog
--- spin-6.4.5+dfsg/debian/changelog2016-07-05 21:51:10.0 -0700
+++ spin-6.4.5+dfsg/debian/changelog2017-04-25 20:22:12.0 -0700
@@ -1,3 +1,15 @@
+spin (6.4.5+dfsg-3) unstable; urgency=medium
+
+  * Add Replaces: for staden (<< 2.0.0+b11) (Closes: #861021)
+
+ -- tony mancill   Tue, 25 Apr 2017 20:22:12 -0700
+
+spin (6.4.5+dfsg-2) unstable; urgency=medium
+
+  * Declare Breaks with staden (<< 2.0.0+b11) (Closes: #861021)
+
+ -- tony mancill   Mon, 24 Apr 2017 07:59:27 -0700
+
 spin (6.4.5+dfsg-1) unstable; urgency=medium
 
   * Repack source to exclude iSpin
diff -Nru spin-6.4.5+dfsg/debian/control spin-6.4.5+dfsg/debian/control
--- spin-6.4.5+dfsg/debian/control  2016-07-05 21:51:10.0 -0700
+++ spin-6.4.5+dfsg/debian/control  2017-04-25 20:22:12.0 -0700
@@ -12,6 +12,8 @@
 Package: spin
 Architecture: any
 Depends: ${shlibs:Depends}, ${misc:Depends}
+Breaks: staden (<< 2.0.0+b11)
+Replaces: staden (<< 2.0.0+b11)
 Description: formal software verification tool
  Spin is a popular open-source software verification tool, used by thousands
  of people worldwide. The tool can be used for the formal verification of
[The following lists of changes regard files as different if they have
different names, permissions or owners.]

Files in second .changes but not in first
-
-rw-r--r--  root/root   
/usr/lib/debug/.build-id/e2/9b8c845736db864f93b1d591b05bed13742d2c.debug

Files in first .changes but not in second
-
-rw-r--r--  root/root   
/usr/lib/debug/.build-id/c6/e46c049caccd8a9a55a294cbc638c7535f815a.debug

Control files of package spin: lines which differ (wdiff format)

{+Breaks: staden (<< 2.0.0+b11)+}
{+Replaces: staden (<< 2.0.0+b11)+}
Version: [-6.4.5+dfsg-1-] {+6.4.5+dfsg-3+}

Control files of package spin-dbgsym: lines which differ (wdiff format)
---
Build-Ids: [-c6e46c049caccd8a9a55a294cbc638c7535f815a-] 
{+e29b8c845736db864f93b1d591b05bed13742d2c+}
Depends: spin (= [-6.4.5+dfsg-1)-] {+6.4.5+dfsg-3)+}
Installed-Size: [-372-] {+381+}
Version: [-6.4.5+dfsg-1-] {+6.4.5+dfsg-3+}


signature.asc
Description: PGP signature

Bug#861215: xdotool: unpredictable behaviour if input from stdin is not newline-terminated

[Andrei Mikhailov]

Package: xdotool
Version: 1:3.20160805.1-3
Severity: normal

Dear Maintainer,

   * What led up to the situation?
   execution of xdotool
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
 echo -n key --delay 250 e quotedbl greater backslash less dollar percent 
plus minus a b c d e f | xdotool -
   * What was the outcome of this action?
   e">\<$%+-abcdef5
   * What outcome did you expect instead?
   e">\<$%+-abcdef
   (there should be no 5 at the end)
   It seems that this happens when using echo with -n switch


-- System Information:
Debian Release: 9.0
  APT prefers testing-proposed-updates
  APT policy: (500, 'testing-proposed-updates'), (500, 'testing'), (1, 
'experimental')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages xdotool depends on:
ii  libc6 2.24-9
ii  libx11-6  2:1.6.4-3
ii  libxdo3   1:3.20160805.1-3

xdotool recommends no packages.

xdotool suggests no packages.

-- no debconf information

Bug#861151: W: initramfs-tools configuration sets RESUME=UUID=... warning even though RESUME=none

[Ben Hutchings]

Control: tag -1 moreinfo

On Tue, 25 Apr 2017 17:18:28 +0200 Sven Joachim  wrote:
> On 2017-04-25 12:52 +0930, Arthur Marsh wrote:
> 
> > Package: initramfs-tools
> > Version: 0.129
> > Severity: normal
> >
> > Dear Maintainer,
> >
> > *** Reporter, please consider answering these questions, where appropriate 
> > ***
> >
> >* What led up to the situation?
> >
> > set RESUME=none in /etc/initramfs-tools/initramfs.conf but
> > still get messages:
> >
> > W: initramfs-tools configuration sets 
> > RESUME=UUID=604db355-002c-4f41-b31c-438fe788b26d
> 
> That may be coming from a stale file /etc/initramfs-tools/conf.d/resume,
> which is the location where the RESUME variable had to be set in
> versions prior to 0.129.
> 
> AFAICS mkinitramfs sources /etc/initramfs-tools/initramfs.conf before
> any files in /etc/initramfs-tools/conf.d which does not look quite
> right, but maybe there are reasons for that.
[...]

Yes, that's what it does - and this is documented at the top of
initramfs.conf(5).

Arthur, please confirm whether RESUME is set somewhere else.

Ben.

-- 
Ben Hutchings
All extremists should be taken out and shot.



signature.asc
Description: This is a digitally signed message part

Bug#861214: ITP: elpa-smart-mode-line -- A powerful and beautiful mode-line for Emacs

[Nicholas D Steeves]

Package: wnpp
Severity: wishlist

Package name: elpa-writegood-mode
Version : 2.0.2
Upstream Author : Artur Malabarba
URL : http://github.com/Malabarba/smart-mode-line
License : GPL-2+
Programming Lang: Elisp
Description : A powerful and beautiful mode-line for Emacs

Smart Mode Line is a sexy mode-line for Emacs. It aims to be easy to
read from small to large monitors. Its main features are:

 * Highlights the most important information
 * Intelligently truncates path name and mode names
 * Allows right indentation of strings in the mode-line
 * Directory as prefixes e.g. ~/.emacs.d/ is translated to :ED:
 * Hide or highlight minor-modes
 * Very easy to configure all colours and variables
 * Compatible with any other packages that write to the mode-line

I am in the process of transitioning my ancient and monolithic
.emacs.el to a more modern and modular configuration.  Smart Mode Line
is central to a project I have begun to work on as a sub project of
pkg-emacsen.  I plan to write documentation too!

While it is similar to elpa-powerline, I am much more confident that
my project will succede with elpa-smart-mode-line than with the less
configurable elpa-powerline.

Bug#779675: lintian: Add flag --list-tags that will list all tags Lintian knows about

[Stuart Prescott]

As another use case for a --list-tags:

In discussing things in #debian-mentors or #debian-qa it's not uncommon that I 
want to look up information from the long description of a tag... but first I 
need to guess what the tag is. The long description often has really useful 
rationale and links to policy, bugs or other documentation.

My current crappy solution is

$ dpkg -L lintian | xargs grep -hs ^Tag:

My wishlist is:

$ lintian-info --list-tags | grep encoding
debian-changelog-file-uses-obsolete-national-encoding
debian-news-file-uses-obsolete-national-encoding
debian-control-file-uses-obsolete-national-encoding
debian-copyright-file-uses-obsolete-national-encoding

$ lintian-info -t debian-copyright-
debian-copyright-file-uses-obsolete-national-encoding
debian-copyright-is-symlink


(perhaps lintian-info -t could take a glob or regex as an alternative to a 
simple tag name)

-- 
Stuart Prescotthttp://www.nanonanonano.net/   stu...@nanonanonano.net
Debian Developer   http://www.debian.org/ stu...@debian.org
GPG fingerprint90E2 D2C1 AD14 6A1B 7EBB 891D BBC1 7EBB 1396 F2F7

Bug#848671: xpdf: Many errors "Config Error: Unknown config file command..."

[Joao Borges]

I can also confirm this bug in testing (Stretch).

xpdf version 3.04-4

Apparently the bug is similar to the bug 640162 (
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640162)

Bug#851462: [pkg-gnupg-maint] Bug#851462: #851462 gpg-agent: a gpg-agent is already running - not starting a new one

[Thomas Dickey]

On Tue, Apr 25, 2017 at 05:55:18PM -0400, Daniel Kahn Gillmor wrote:
> Hi Thomas--
> 
> I'm sorry, but i don't understand what you're trying to do here.  I'm
> re-closing this bug report (#851462) because it doesn't seem to be
> related to the original report anyway, other than the string "gpg-agent
> is already running" appearing in both of them.
> 
> I've asked you some questions below about what you're trying to do --
> feel free to open a new bug report when answering them with a clearer
> description (or to reopen this one again if you're sure this is the same
> issue).

You should reopen it.
 
> On Sat 2017-02-11 19:51:29 -0500, Thomas Dickey wrote:
> > It's broken, and recently.  I noticed this about a week ago.
> >
> > On my machines, I mostly use ssh to connect, and have a script which
> > ties together gpg/ssh, using gpg-agent.  I do this to get the keys
> > for both in - package signing and network connections.
> 
> "to get the keys for both in" what?

both means two:

1 = ssh
2 = gpg

Referring to the manual page:

 gpg-agent --daemon --enable-ssh-support \

I tried using the ssh-support option, have never seen it work reliably.
After some experimentation a few years ago, I came up with this working
solution.

The updates for gpg-agent in January broke my solution (and the
explanation of the "new" behavior sounds as though it's been "improved"
to only work in a desktop session - if that is incorrect, you should
provide that information clearly in the README.Debian file - as written
it does not address this bug report:

gnupg-agent (2.1.18-1) unstable; urgency=medium

  If your machine is configured with system user session management,
  gpg-agent will be managed automatically by systemd's user sessions on
  machines configured with use systemd.  Please consider installing the
  packages that the gnupg-agent package Suggests:, and see
  /usr/share/doc/gnupg-agent/README.Debian for more details.

and

Users who don't want systemd to manage their gpg-agent in this way for
all future sessions should do:

systemctl --user mask --now gpg-agent.service gpg-agent.socket 
gpg-agent-ssh.socket gpg-agent-extra.socket gpg-agent-browser.socket

Doing this means that gpg-agent will fall back to its manual mode of
operation.  (This decision can be reversed by the user with "unmask"
instead of "mask")

leaves a lot unsaid.  In my case, there was no desktop session.
(The package still depends upon either pinentry-curses or pinentry).

> > Here's the script:
> >
> > #!/bin/sh
> > # $Id: wrapssh,v 1.9 2015/12/21 09:47:59 tom Exp $
> > # vi:ts=4 sw=4
> > # Initialize a subshell which will run ssh-agent, sets a variable that we 
> > can
> > # use in the initialization to force an ssh-add prompt.
> >
> > unset SSH_AGENT_PID
> > unset SSH_AUTH_SOCK
> > unset SSH2_AUTH_SOCK
> > unset SSH2_AGENT_PID
> >
> > if test -f /usr/bin/ssh-agent
> > then
> > SSH_ADD="passphrase"
> > export SSH_ADD
> > if test -f /usr/bin/gpg-agent && test -f /usr/bin/pinentry-curses
> > then
> > killall gpg-agent 2>/dev/null
> > ssh-agent presign
> > else
> > ssh-agent $SHELL
> > fi
> > fi
> 
> why are you doing "killall gpg-agent" ?  what do you hope to gain from that?
> 
> what is "presign" ?  is that the script below?

hmm - no: I overlooked that.  It's been a couple of years since I put these
together.  The "killall" in "wrapssh" is redundant; I'm killing it in
"presign" so that I can force it to use pinentry-curses

#!/bin/sh
# $Id: presign,v 1.2 2014/09/01 14:54:50 tom Exp $
# vi:ts=4
# Initialize a subshell which will run gpg-agent, sets a variable that we can
# use in the initialization to force an gpg-sign prompt.

unset GPG_ADD

if test -f /usr/bin/gpg-agent && test -f /usr/bin/pinentry-curses
then
GPG_ADD="${GNUPGHOME:=HOME}/.gpg-agent-`hostname`"
export GPG_ADD
pgrep gpg-agent
killall gpg-agent 2>/dev/null

OPTS="--csh"
OPTS="$OPTS --pinentry-program /usr/bin/pinentry-curses"
OPTS="$OPTS -vvv --debug-level 8 --debug-all"
PROG=$SHELL
/usr/bin/gpg-agent --log-file /tmp/gpgagent.log --daemon $OPTS 
--write-env-file $GPG_ADD $PROG
fi

... and Debian/testing isn't the only system that I use it on.
 
> > ...and it calls back with a new shell (tcsh in my case) to activate this:
> >
> > if ( $?GPG_ADD ) then
> > setenv GPG_TTY `tty`
> > unsetenv GPG_ADD
> > echo "GPG-signing on $GPG_TTY ..."
> > if ( -e /usr/bin/gpg ) then
> > echo | gpg -s >/dev/null
> > else
> > echo | gpg2 -s >/dev/null
> > endif
> > echo "...GPG-signing"
> > endif
> > if ( $?SSH_ADD ) then
> > echo "prompt $SSH_ADD"
> > unsetenv SSH_ADD
> > ssh-add
> > endif
> 
> the trace (below) doesn't seem to trace into this stuff, does it?  I
> don't speak tsch fluently, and i don't 

Bug#790796: sensord: RRD data loss

[Paul Wise]

On Tue, 2017-04-25 at 17:22 +0200, Aurelien Jarno wrote:

> What's your use case for sensord without RRD? Logging values and alarms
> into syslog?

Yes, when a machine powers off overnight, having that info in syslog
helps diagnose what happened.

> In that case we might just want to remove/disable RRD support while
> keeping the rest of the features.

I think it would be better to keep it if possible.

> This is true, that said while lm-sensors is dead for a bit less than 2
> years now, there hasn't been any change to sensord for more than 5
> years, and no major change for more than 8 years.

I guess it does what is needed with no major changes?

> Hmm, it only works for one change, after that the .old file will be
> overwritten causing the data loss. I guess the filename should include
> the date and time.

Yes, I didn't implement this because my C skills are rusty. Also, the
time between events should be long so the admin should notice the log
error before the old file is overwritten and RRD rotates out old data
anyway AFAIK. Also the old file will be in backups.

> While that might work (provided we keep multiple versions of the file),
> I think the data are not really usable as each period will have a
> different format. The real way to fix that would be to use one RRD file
> per sensor, but it becomes a major change to the software, and I am not
> sure we want to do that given the dead upstream

I don't intend to work on multiple files as my C skills are rusty.
Agreed that fixing this properly can wait until upstream returns.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#861213: unicode: please print wcwidth

[Adam Borowski]

Package: unicode
Version: 2.4
Severity: wishlist

Hi!
It'd be nice if you included the value of wcwidth().  It'd be useful as some
characters like "〈" are unexpectedly double-width.  Especially Plane 1 is
an awful mess for example U+1F0CF PLAYING CARD BLACK JOKER has width of 2
while every other character in that block, including U+1F0DF PLAYING CARD
WHITE JOKER, have width 1.

If you do so, please include it in an existing line -- the per-character
output of your tool is already too long while most lines are mostly empty.
As wcwidth is derived from "Category" and "East Asian Width", it'd fit
well in the line with "Category".


Meow!
-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), 
(150, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-rc8+ (SMP w/6 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages unicode depends on:
pn  python:any  

Versions of packages unicode recommends:
ii  unicode-data  9.0-1

unicode suggests no packages.

-- no debconf information

Bug#861212: nslcd: certificate authentication fails with Unknown authentication method: SASL(-4)

[Matt Weatherford]

Package: nslcd
Version: 0.9.7-2
Severity: important

Dear Maintainer,


debian 7 install works fine with certificate auth.
Debian 9 install with same config files appears to not work and throws these 
erros:

Apr 25 16:41:08 nori nslcd[1376]: [52255a]  failed to bind to LDAP 
server ldap://ldi.s.uw.edu: Unknown authentication method: SASL(-4): no 
mechanism available:
Apr 25 16:41:08 nori nslcd[1376]: [52255a]  no available LDAP 
server found: Unknown authentication method: Bad file descriptor
Apr 25 16:41:13 nori nslcd[1376]: [9cf92e]  no available LDAP 
server found: Server is unavailable: Bad file descriptor
Apr 25 16:41:18 nori nslcd[1376]: [ed7263] 

Bug#860966: (no subject)

[Pablo Barciela]

more info, permissions (third patch):

tests with eom 1.16.0



debian stretch master machine:

0400 -> rotate save and quit -> 0400 and eom doesn't save the image



debian stretch virtual machine:

0400 -> rotate save and quit -> 0600 and eom saves the image



I don't have tested in a jessie master machine, but I suppose happen the 
same, so, it is a VM issue related


I think the patch must work fine

Bug#861079: chromium: Remote extensions not enabled by default in 58.0.3029.81-1

[Michael Gilbert]

control: tag -1 moreinfo, unreproducible

> chromium still need to be launched with --enable-remote-extensions
> in order to get the extensions working.

That is expected and /etc/chromium.d/extensions should cause it to be
set automatically.  Have you modified the chromium launcher script or
anything in /etc/chromium.d that would prevent that from happening?

Best wishes,
Mike

Bug#861100: chromium: Extensions from Debian packages no longer work

[Michael Gilbert]

control: tag -1 moreinfo, unreproducible

This works correctly for me.  What is do you see in the Command Line
field shown by chrome://version?  Have you modified anything in
/etc/chromium.d?

Best wishes,
Mike

Bug#861149: maint-guide: Please remove statements about DEHS service in section 5.22

[Osamu Aoki]

On Tue, Apr 25, 2017 at 10:51:14AM +0800, Boyuan Yang wrote:
> Source: maint-guide
> Version: 1.2.38
> Severity: minor
> 
> Section 5.22 mentioned the DEHS service.
> 
> According to https://wiki.debian.org/DEHS, it is closed since 2011. UDD is
> being used instead.

But for the watch file, I see it is mostly used like
 https://qa.debian.org/cgi-bin/watch?pkg=getmail4
 which is usually accessed indirectly from watch column in pages like
 https://qa.debian.org/developer.php?login=os...@debian.org 

Let me think a bit more what is most appropriate text replacing the
current one.

Osamu

Bug#861146: maint-guide: Please deprecate section 5.17 (debian/menu support)

[Osamu Aoki]

On Tue, Apr 25, 2017 at 10:32:02AM +0800, Boyuan Yang wrote:
> Source: maint-guide
> Version: 1.2.38
> Severity: normal
> 
> As per tech-ctte's decision on #741573, menu files are to be dropped if a
> proper desktop file is provided.
> 
> Please document such changes and deprecate that section.

document and deprecate in debmake/debmake-doc.  For maint-guide, simply
drop section (minimal translation breakage).

Fixed in vcs

Osamu

Bug#861211: festival: text2wave no longer works in pipe

[Andy Bennett]

Package: festival
Version: 1:2.1~release-8
Severity: important

Dear Maintainer,

I have been using text2wave in a script under Wheezy thus:

-
echo "$string" | text2wave |aplay -q
-

This now no longer works under Jessie.


text2wave receives a SIGPIPE and no audio is heard:

-
$ echo "hello" |text2wave | aplay
Playing WAVE 'stdin' : Signed 16 bit Little Endian, Rate 16000 Hz, Mono

0:0,141,0
$
-



If you run the following two commands, the file generated by each is different:

-
$ echo "hello" |text2wave > /tmp/x0.wav
$ echo "hello" |text2wave | cat > /tmp/x1.wav
-

-
$ diff /tmp/x0.wav /tmp/x1.wav
Binary files /tmp/x0.wav and /tmp/x1.wav differ
-

-
$ diff /tmp/x0.wav /tmp/x1.wav  -a
1c1
� RIFF 
�>}datan��
---
� RIFF$WAVEfmt 
�>}data��
432c432
���
\ No newline at end of file
---
���RIFF �>}datan
\ No newline at end of file
-

x0.wav works (audio is heard):

-
$ aplay /tmp/x0.wav
Playing WAVE '/tmp/x0.wav' : Signed 16 bit Little Endian, Rate 16000 Hz, Mono
-

x1.wav does not work (no audio is heard, but no error is reported):

-
$ aplay /tmp/x1.wav
Playing WAVE '/tmp/x1.wav' : Signed 16 bit Little Endian, Rate 16000 Hz, Mono
-


Thanks for anything you can do to get me working again!




-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-0.bpo.2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages festival depends on:
ii  adduser3.113+nmu3
ii  alsa-utils 1.0.28-1
ii  libasound2 1.0.28-1
ii  libc6  2.19-18+deb8u7
ii  libestools2.1  1:2.1~release-8
ii  libgcc11:4.9.2-10
ii  libncurses55.9+20140913-1+b1
ii  libstdc++6 4.9.2-10
ii  libtinfo5  5.9+20140913-1+b1
ii  lsb-base   4.1+Debian13+nmu1
ii  sgml-base  1.26+nmu4

Versions of packages festival recommends:
ii  festvox-kallpc16k [festival-voice]  1.4.0-5

Versions of packages festival suggests:
pn  festival-freebsoft-utils  
pn  pidgin-festival   

-- no debconf information

Bug#861125: ITP: elpa-writegood-mode -- Minor mode for Emacs to improve English writing

[Antoine Beaupré]

On 2017-04-25 18:27:11, Nicholas D Steeves wrote:
> On Tue, Apr 25, 2017 at 01:37:12PM -0400, Antoine Beaupré wrote:
>> On 2017-04-25 11:17:28, Nicholas D Steeves wrote:
>> >
>> > It will take some time to learn how this one works, but another reason
>> > I'm interested in maintaining writegood-mode is I'm certain I can
>> > contribute to it.  Preliminary packaging is here:
>> > ssh://git.debian.org/git/pkg-emacsen/pkg/writegood-mode.git
>> 
>> Excellent. Same remark than writeroom about uploading to
>> mentors.debian.net. :) But it's great you pushed into git!
>> 
>> (It's just that I'm lazy: mentors.debian.net shows lintian output for
>> me... ;))
>
> I've uploaded a package for review.  Since I'm still a DM, would you
> please sponsor it if it looks good?  I'd be happy to add you to
> uploaders, if you'd like.
>
> https://mentors.debian.net/package/writegood-mode
> dget -x 
> https://mentors.debian.net/debian/pool/main/w/writegood-mode/writegood-mode_2.0.2-1.dsc

thanks!

here's a short review.

 1. the package's description doesn't mention "emacs" or "english" - in
the original RFP, i used this instead:

Description : Minor mode for Emacs to improve English writing
  This is a minor mode to aid in finding common writing
  problems. Matt Might’s weaselwords scripts inspired this mode.
  .
  It highlights text based on a set of weasel-words, passive-voice
  and duplicate words.

 2. that version patch - really necessary? if upstream screwed up their
versioning, it's kind of their problem no? since it's just a
cosmetic change, I would avoid it, personnally.

 3. if you still think it's necessary, explain *why* it is there in the
changelog, not just "it's there". :) same in the patch: not "what"
but "why" in commitlogs...

 4. picking a random elpa package (elpa-helm), i notice it depends on
"emacs" while yours depend on "emacs-common" - why? and why the
versioned dependencies?

https://anonscm.debian.org/git/pkg-emacsen/pkg/helm.git/tree/debian/control

I'm not very familiar with "elpa" packages, so I don't know if it works
or not - did you actually test this? :)

Thanks!

A.

-- 
Never be deceived that the rich will allow you to vote away their wealth.
- Lucy Parsons

Bug#861210: gnome-settings-daemon: Online-Accounts borked again

[Michael Biebl]

Am 26.04.2017 um 00:57 schrieb S.Allen:
> Package: gnome-settings-daemon
> Version: 3.22.2-1
> Severity: normal
> 
> Dear Maintainer,
> 
> Gnome-Online-Accounts specifically the google account plugin isn't working -
> won't accept my login credentials as valid. Also when this happens, shouldn't
> Gnome notify the end user? It doesn't presently, so I have no idea how long
> this has been borked, I only noticed it this morning.

Somehow I lost my crystal ball today so I don't know how
gnome-online-accounts is "borked". Care to provide any specifics or
should we guess?


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#861084: maint-guide: Quilt customization breaks shell auto-complete

[Osamu Aoki]

On Tue, Apr 25, 2017 at 05:11:58PM +0200, Rock Storm wrote:
> On Tue, 2017-04-25 at 22:05 +0900, Osamu Aoki wrote:
> > I copied from quilt  let's see 
> > 
> > /etc/bash_completion.d/quilt has:
> > 
> > [ ${BASH_VERSINFO[0]} '>' 2 -o \
> >   ${BASH_VERSINFO[0]}  =  2 -a ${BASH_VERSINFO[1]} '>' 04 ] \
> > && _quilt_complete_opt="-o filenames"
> > complete -F _quilt_completion $_quilt_complete_opt quilt
> > 
> > 
> > Maybe I should follow this ...  Your comment?
> 
> Well, since the oldest version of bash in Debian is 4.1, it seems
> '__quilt_complete_opt' is always going to be equal to "-o filenames". I
> don't see a reason to keep the conditionals. However, I'm no expert.
> Probably the "safest" option is to simply replicate quilt's code.

Very true.  fixed in VCS.

Osamu

Bug#861204: deb-systemd-invoke: fails to handle units with escaped characters

[Michael Biebl]

Am 26.04.2017 um 00:23 schrieb Bernd Zeimetz:
> Hi,
> 
>> Does this break existing services/packages in stretch? If so, which ones?
>> I'm trying to evaluate if this RC or can be fixed for buster.
> 
> yes. As mentioned, #856429 - run-vmblock\x2dfuse.mount from
> open-vm-tools-desktop.

Hm, but #856429 is severity minor. Something doesn't compute here.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#861210: gnome-settings-daemon: Online-Accounts borked again

[S.Allen]

Package: gnome-settings-daemon
Version: 3.22.2-1
Severity: normal

Dear Maintainer,

Gnome-Online-Accounts specifically the google account plugin isn't working -
won't accept my login credentials as valid. Also when this happens, shouldn't
Gnome notify the end user? It doesn't presently, so I have no idea how long
this has been borked, I only noticed it this morning.



-- System Information:
Debian Release: 9.0
  APT prefers testing-proposed-updates
  APT policy: (500, 'testing-proposed-updates'), (500, 'testing')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnome-settings-daemon depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.26.0-2+b1
ii  gsettings-desktop-schemas3.22.0-1
ii  libasound2   1.1.3-5
ii  libc62.24-10
ii  libcairo21.14.8-1
ii  libcanberra-gtk3-0   0.30-3
ii  libcanberra0 0.30-3
ii  libcolord2   1.3.3-2
ii  libcups2 2.2.1-8
ii  libfontconfig1   2.11.0-6.7+b1
ii  libgdk-pixbuf2.0-0   2.36.5-2
ii  libgeoclue-2-0   2.4.5-1
ii  libgeocode-glib0 3.20.1-2
ii  libglib2.0-0 2.50.3-2
ii  libgnome-desktop-3-123.22.2-1
ii  libgtk-3-0   3.22.11-1
ii  libgudev-1.0-0   230-3
ii  libgweather-3-6  3.20.4-1
ii  liblcms2-2   2.8-4
ii  libnm0   1.6.2-3
ii  libnotify4   0.7.7-2
ii  libnspr4 2:4.12-6
ii  libnss3  2:3.26.2-1
ii  libpam-systemd   232-22
ii  libpango-1.0-0   1.40.4-1
ii  libpangocairo-1.0-0  1.40.4-1
ii  libpolkit-gobject-1-00.105-17
ii  libpulse-mainloop-glib0  10.0-1
ii  libpulse010.0-1
ii  librsvg2-2   2.40.16-1+b1
ii  libupower-glib3  0.99.4-4+b1
ii  libwacom20.22-1+b1
ii  libwayland-client0   1.12.0-1
ii  libx11-6 2:1.6.4-3
ii  libxext6 2:1.3.3-1+b2
ii  libxi6   2:1.7.9-1
ii  libxtst6 2:1.2.3-1
ii  nautilus-data3.22.3-1

Versions of packages gnome-settings-daemon recommends:
ii  iio-sensor-proxy  2.0-4
ii  pulseaudio10.0-1

gnome-settings-daemon suggests no packages.

-- no debconf information

Bug#861209: Only 64 cores available on arm64

[Ben Hutchings]

Control: tag -1 pending

On Tue, 2017-04-25 at 23:02 +0100, Tim Retout wrote:
> Package: src:linux
> Version: 4.9.18-1
> Severity: normal
> 
> Similarly to bug #858731, there are machines now available for arm64
> which have more than 64 cores:
> 
>   https://www.packet.net/bare-metal/servers/type-2a/
> 
> It would be nice to have CONFIG_NR_CPUS set higher on this
> architecture.

There's already a pending change to set it to 256.

Ben.

-- 
Ben Hutchings
Larkinson's Law: All laws are basically false.



signature.asc
Description: This is a digitally signed message part

Bug#861057: Today I suddenly see swap warning

[Ben Hutchings]

Control: found -1 0.114

On Tue, 2017-04-25 at 07:34 +0800, 積丹尼 Dan Jacobson wrote:
> Today I suddenly see:
> 
> Processing triggers for initramfs-tools (0.129) ...
> update-initramfs: Generating /boot/initrd.img-4.9.0-2-amd64
> W: initramfs-tools configuration sets RESUME=UUID=eff505d5-d5bf-4bba-
> 8a07-f3d0d11018b9
> W: but no matching swap device is available.
> I: The initramfs will attempt to resume from /dev/sda9
> I: (UUID=eff505d5-d5bf-4bba-8a07-f3d0d11018b9)
> I: Set the RESUME variable to override this.
> Processing triggers for libc-bin (2.24-10) ...
> Processing triggers for menu (2.1.47+b1) ...
> 
> I have never messed with any of this.

This is not actually a new bug.  UUID and LABEL syntax was also broken
in jessie, but the fallback code (which used to be quiet, and is now
verbose) apparently worked well enough that no-one noticed!  And it was
the one case I forgot to test.

Anyway, I'll fix this shortly.

Ben.

-- 
Ben Hutchings
Larkinson's Law: All laws are basically false.



signature.asc
Description: This is a digitally signed message part

Bug#861125: ITP: elpa-writegood-mode -- Minor mode for Emacs to improve English writing

[Nicholas D Steeves]

On Tue, Apr 25, 2017 at 01:37:12PM -0400, Antoine Beaupré wrote:
> On 2017-04-25 11:17:28, Nicholas D Steeves wrote:
> >
> > It will take some time to learn how this one works, but another reason
> > I'm interested in maintaining writegood-mode is I'm certain I can
> > contribute to it.  Preliminary packaging is here:
> > ssh://git.debian.org/git/pkg-emacsen/pkg/writegood-mode.git
> 
> Excellent. Same remark than writeroom about uploading to
> mentors.debian.net. :) But it's great you pushed into git!
> 
> (It's just that I'm lazy: mentors.debian.net shows lintian output for
> me... ;))

I've uploaded a package for review.  Since I'm still a DM, would you
please sponsor it if it looks good?  I'd be happy to add you to
uploaders, if you'd like.

https://mentors.debian.net/package/writegood-mode
dget -x 
https://mentors.debian.net/debian/pool/main/w/writegood-mode/writegood-mode_2.0.2-1.dsc

> > Oh, I failed to ask in the writeroom RFP thread: Do you like the idea
> > of teaming up for that mini project (or a similar project).
> 
> Sure, I can try - but I don't have much time unfortunately. I would
> rather see the other emacsen people join in here - I'm not even part of
> that team yet!

I'd even appreciate occasional mockups/screenshots, brainstorming, or
wish lists, because I find they're good for staying motivated and
avoiding the "questions have more than one answer" pitfall when
implementing solutions ;-)

Cheers,
Nicholas

Bug#861204: deb-systemd-invoke: fails to handle units with escaped characters

[Bernd Zeimetz]

Hi,

> Does this break existing services/packages in stretch? If so, which ones?
> I'm trying to evaluate if this RC or can be fixed for buster.

yes. As mentioned, #856429 - run-vmblock\x2dfuse.mount from
open-vm-tools-desktop.

Please upload it for stretch.

Thanks,

Bernd

-- 
 Bernd ZeimetzDebian GNU/Linux Developer
 http://bzed.dehttp://www.debian.org
 GPG Fingerprint: ECA1 E3F2 8E11 2432 D485  DD95 EB36 171A 6FF9 435F

Bug#861033: gpsshogi FTBFS with libosl 0.8.0-1.2: /usr/share/libosl-dev/makefile.conf: No such file or directory

[Andreas Beckmann]

Control: reassign -1 libosl-dev 0.8.0-1.2

On 2017-04-24 00:02, Adrian Bunk wrote:
> make[1]: Entering directory '/«PKGBUILDDIR»/lib'
> ../makefile.conf:5: /usr/share/libosl-dev/makefile.conf: No such file or 
> directory

OK, adding back makefile.conf


Andreas

Bug#771678: bash_completion for dcfldd

[Eriberto Mota]

2017-04-21 3:56 GMT-03:00  :
> I have done a first version, you find it on
> https://github.com/bernhardbrunner/dcfldd
>
> Cheers,
> Bernhard


Thanks.

I started to work over this issue three weeks ago. However, I stopped
due to work and family commitments. I already have a completion but I
need to review and test my work. I will try do it soon.

Regards,

Eriberto

Bug#845208: apport-retrace crashed with IOError in _get_primary_mirror_from_apt_sources(): [Errno 2] No such file or directory: u'Debian GNU/Debian testing/sources.list'

[Brian Murray]

What is in the directory which you passed to the -S switch? That
directory should be structured so that you have folders matching
releases and in those folders sources.list files for that release.
Here's an example from my system:

 $ ls ~/source-trees/daisy/watchtower-archive 
crashdb.conf  Ubuntu 11.04  Ubuntu 12.04  Ubuntu 13.04  Ubuntu 14.04
Ubuntu 15.04  Ubuntu 16.04  Ubuntu 17.04Ubuntu RTM 14.09
Ubuntu 10.04  Ubuntu 11.10  Ubuntu 12.10  Ubuntu 13.10  Ubuntu 14.10
Ubuntu 15.10  Ubuntu 16.10  Ubuntu Core 16
[  2:56PM 10151 ]  [
bdmurray@impulse:~/source-trees/error-tracker-deployment/trunk ]
 $ ls ~/source-trees/daisy/watchtower-archive/Ubuntu\ 17.04 
arm64  armhf  codename  powerpc  ppc64el  sources.list

So I call apport-retrace with:

"-S ~/source-trees/daisy/watchtower-archive/"

apport then reads DistroRelease from the report to choose which
directory in the argument to -S to search for sources.list.

Cheers,
--
Brian Murray @ubuntu.com


signature.asc
Description: PGP signature

Bug#861209: Only 64 cores available on arm64

[Tim Retout]

Package: src:linux
Version: 4.9.18-1
Severity: normal

Similarly to bug #858731, there are machines now available for arm64
which have more than 64 cores:

  https://www.packet.net/bare-metal/servers/type-2a/

It would be nice to have CONFIG_NR_CPUS set higher on this architecture.

Kind regards,

Tim



-- Package-specific info:
** Version:
Linux version 4.9.0-2-arm64 (debian-ker...@lists.debian.org) (gcc version 6.3.0 
20170321 (Debian 6.3.0-11) ) #1 SMP Debian 4.9.18-1 (2017-03-30)

** Command line:
BOOT_IMAGE=/boot/vmlinuz-4.9.0-2-arm64 root=/dev/sda2 ro initrd=initrd.gz quiet

** Tainted: W (512)
 * Taint on warning.

** Kernel log:
Unable to read kernel log; any relevant messages should be attached

** Model information
Device Tree model: Cavium ThunderX CN88XX board

** Loaded modules:
nls_ascii
nls_cp437
vfat
fat
evdev
cavium_rng_vf
rng_core
ast
aes_ce_blk
ttm
ablk_helper
cryptd
aes_ce_cipher
drm_kms_helper
ghash_ce
sha2_ce
sha1_ce
drm
i2c_algo_bit
sg
gpio_keys
cavium_rng
efi_pstore
efivars
efivarfs
ip_tables
x_tables
autofs4
ext4
crc16
jbd2
crc32c_generic
fscrypto
ecb
mbcache
sd_mod
nicvf
ahci
libahci
libata
xhci_pci
xhci_hcd
usbcore
scsi_mod
nicpf
thunder_bgx
usb_common
thunder_xcv
mdio_thunder
i2c_thunderx
mdio_cavium
of_mdio
i2c_smbus
fixed_phy
libphy

** PCI devices:
:00:01.0 PCI bridge [0604]: Cavium, Inc. THUNDERX PCC Bridge [177d:a002] 
(rev 09) (prog-if 00 [Normal decode])
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 

:00:09.0 Processing accelerators [1200]: Cavium, Inc. THUNDERX Random 
Number Generator [177d:a018] (rev 09)
Subsystem: Cavium, Inc. THUNDERX Random Number Generator [177d:a118]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: cavium_rng_pf
Kernel modules: cavium_rng

:00:09.1 Processing accelerators [1200]: Cavium, Inc. THUNDERX Random 
Number Generator virtual function [177d:a033] (rev 09)
Subsystem: Cavium, Inc. THUNDERX Random Number Generator virtual 
function [177d:a133]
Control: I/O- Mem- BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: cavium_rng_vf
Kernel modules: cavium_rng_vf

:00:10.0 USB controller [0c03]: Cavium, Inc. THUNDERX xHCI USB Controller 
[177d:a01b] (rev 09) (prog-if 30 [XHCI])
Subsystem: Cavium, Inc. THUNDERX xHCI USB Controller [177d:a11b]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: xhci_hcd
Kernel modules: xhci_pci

:00:11.0 USB controller [0c03]: Cavium, Inc. THUNDERX xHCI USB Controller 
[177d:a01b] (rev 09) (prog-if 30 [XHCI])
Subsystem: Cavium, Inc. THUNDERX xHCI USB Controller [177d:a11b]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: xhci_hcd
Kernel modules: xhci_pci

:00:14.0 PCI bridge [0604]: Cavium, Inc. THUNDERX PCC Bridge [177d:a002] 
(rev 09) (prog-if 00 [Normal decode])
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 

:00:15.0 PCI bridge [0604]: Cavium, Inc. THUNDERX PCC Bridge [177d:a002] 
(rev 09) (prog-if 00 [Normal decode])
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 

:00:16.0 PCI bridge [0604]: Cavium, Inc. THUNDERX PCC Bridge [177d:a002] 
(rev 09) (prog-if 00 [Normal decode])
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 

:01:00.0 System peripheral [0880]: Cavium, Inc. ThunderX MRML(Master RML 
Bridge to RSL devices) [177d:a001] (rev 09)
Subsystem: Cavium, 

Bug#851462: [pkg-gnupg-maint] Bug#851462: #851462 gpg-agent: a gpg-agent is already running - not starting a new one

[Daniel Kahn Gillmor]

Hi Thomas--

I'm sorry, but i don't understand what you're trying to do here.  I'm
re-closing this bug report (#851462) because it doesn't seem to be
related to the original report anyway, other than the string "gpg-agent
is already running" appearing in both of them.

I've asked you some questions below about what you're trying to do --
feel free to open a new bug report when answering them with a clearer
description (or to reopen this one again if you're sure this is the same
issue).

On Sat 2017-02-11 19:51:29 -0500, Thomas Dickey wrote:
> It's broken, and recently.  I noticed this about a week ago.
>
> On my machines, I mostly use ssh to connect, and have a script which
> ties together gpg/ssh, using gpg-agent.  I do this to get the keys
> for both in - package signing and network connections.

"to get the keys for both in" what?

> Here's the script:
>
> #!/bin/sh
> # $Id: wrapssh,v 1.9 2015/12/21 09:47:59 tom Exp $
> # vi:ts=4 sw=4
> # Initialize a subshell which will run ssh-agent, sets a variable that we can
> # use in the initialization to force an ssh-add prompt.
>
> unset SSH_AGENT_PID
> unset SSH_AUTH_SOCK
> unset SSH2_AUTH_SOCK
> unset SSH2_AGENT_PID
>
> if test -f /usr/bin/ssh-agent
> then
>   SSH_ADD="passphrase"
>   export SSH_ADD
>   if test -f /usr/bin/gpg-agent && test -f /usr/bin/pinentry-curses
>   then
>   killall gpg-agent 2>/dev/null
>   ssh-agent presign
>   else
>   ssh-agent $SHELL
>   fi
> fi

why are you doing "killall gpg-agent" ?  what do you hope to gain from that?

what is "presign" ?  is that the script below?

> ...and it calls back with a new shell (tcsh in my case) to activate this:
>
> if ( $?GPG_ADD ) then
>   setenv GPG_TTY `tty`
>   unsetenv GPG_ADD
>   echo "GPG-signing on $GPG_TTY ..."
>   if ( -e /usr/bin/gpg ) then
>   echo | gpg -s >/dev/null
>   else
>   echo | gpg2 -s >/dev/null
>   endif
>   echo "...GPG-signing"
> endif
> if ( $?SSH_ADD ) then
>   echo "prompt $SSH_ADD"
>   unsetenv SSH_ADD
>   ssh-add
> endif

the trace (below) doesn't seem to trace into this stuff, does it?  I
don't speak tsch fluently, and i don't understand what the SSH_ADD and
GPG_ADD environment variables are trying to do here.  can you explain?

> With the newly broken package, I don't get a gpg-prompt.  
> Ditto for ssh-prompt.  What I get is this (turning on the trace):
>
> ~ (101) sh -x wrapssh
> + unset SSH_AGENT_PID
> + unset SSH_AUTH_SOCK
> + unset SSH2_AUTH_SOCK
> + unset SSH2_AGENT_PID
> + test -f /usr/bin/ssh-agent
> + SSH_ADD=passphrase
> + export SSH_ADD
> + test -f /usr/bin/gpg-agent
> + test -f /usr/bin/pinentry-curses
> + killall gpg-agent
> + ssh-agent presign
> gpg-agent[1791]: reading options from '/users/tom/.gnupg/gpg-agent.conf'
> gpg-agent[1791]: WARNING: "--write-env-file" is an obsolete option - it has 
> no effect
> gpg-agent[1791]: enabled debug flags: cache ipc
> gpg-agent: a gpg-agent is already running - not starting a new one
> gpg-agent: secmem usage: 0/65536 bytes in 0 blocks
>
> By the way, I don't have a gpg-agent.conf (so that's another error).

Are you saying that /users/tom/.gnupg/gpg-agent.conf doesn't exist, but
gpg-agent is somehow claiming that it does?


Regards,

--dkg


signature.asc
Description: PGP signature

Bug#852697: [pkg-gnupg-maint] Bug#852697: gnupg-agent: automatically starts gpg-agent in root user slice

[Daniel Kahn Gillmor]

Control: reassign 852697 daptup
Control: retitle 852697 daptup: automatically starts gpg-agent in root user 
slice
Control: affects 852697 + gnupg-agent

On Sun 2017-02-05 10:21:58 +0100, Laurent Bonnaud wrote:
> On 05/02/2017 10:08, Daniel Kahn Gillmor wrote:
>
>> Were you able to isolate what's launching the process?
>
> Yes I finally took the time to test all apt hooks and found the cause: it is 
> /etc/apt/apt.conf.d/11daptup from package daptup.
>
> Should I reassign the bug?

I'm reassigning it now, sorry for the delay.

>> btw, that gpg-agent process is a systemd user service.  when root fully
>> logs out of the machine, that user service should also terminate.
>> perhaps its running might cause you less worry if you know it will get
>> cleaned up at logout?
>
> It is more complicated than that: since I have cron-apt on my system, a new 
> gpg-agent process is spawned automatically each night and does not go away.

so the underlying question is: why does daptup launch gpg-agent?  I
don't think it should be doing anything with GnuPG secret key material.

  --dkg


signature.asc
Description: PGP signature

Bug#861153: reportbug: Architecture field split into two lines

[Nis Martensen]

Paul Wise wrote:
> Package: reportbug
> Version: 7.1.6
> Severity: minor
> 
> The architecture field is currently split into two lines:
> 
> Architecture: amd64
>  (x86_64)
> 
> With earlier versions of reportbug it was only one line:
> 
> https://bugs.debian.org/823456
> Architecture: amd64 (x86_64)

Thanks for reporting this. It is only one symptom of the actual bug.
Let's fix this before we find out exactly what else was broken by my
patch in reportbug 7.1.6. Follow-up patch attached.
>From 892d6fb67fbe2e9198884e020e8f1926c7a1188b Mon Sep 17 00:00:00 2001
From: Nis Martensen 
Date: Tue, 25 Apr 2017 22:30:40 +0200
Subject: [PATCH] utils.py: Avoid unwanted newlines

In contrast to subprocess.getoutput(), the new get_command_output()
function does not strip trailing newlines from the returned output.
Failure to account for this in the utils/get_arch() function caused
various subtle breakage in multiple places.

Strip newlines in get_arch() to fix the resulting problems in
bin/reportbug, reportbug/checkbuildd.py, reportbug/checkversions.py and
reportbug/debbugs.py.

In lsb_release_info(), do not add the (now unnecessary) additional
newline.
---
 reportbug/utils.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/reportbug/utils.py b/reportbug/utils.py
index e3084bb..086dd9b 100644
--- a/reportbug/utils.py
+++ b/reportbug/utils.py
@@ -783,11 +783,11 @@ def get_debian_release_info():
 
 
 def lsb_release_info():
-return get_command_output('lsb_release -a 2>/dev/null') + '\n'
+return get_command_output('lsb_release -a 2>/dev/null')
 
 
 def get_arch():
-arch = get_command_output('COLUMNS=79 dpkg --print-architecture 2>/dev/null')
+arch = get_command_output('COLUMNS=79 dpkg --print-architecture 2>/dev/null').strip()
 if not arch:
 un = os.uname()
 arch = un[4]
-- 
2.1.4

Bug#861204: deb-systemd-invoke: fails to handle units with escaped characters

[Michael Biebl]

Hi

Am 25.04.2017 um 22:09 schrieb Bernd Zeimetz:
> Package: init-system-helpers
> Version: 1.47
> Severity: serious
> Tags: patch
> 
> Hi,
> 
> to fix #856429 I need to handle a unit with an escaped character
> correctly in the maintainer scripts generated by dh_systemd*.
> 
> Unfortunately deb-systemd-invoke does not quote the unit name
> properly in a systemctl call, so it fails to handle the unit.
> 
> A patch is attached, with it deb-systemd-invoke works as expected.
> I did not test my changes to t/001-deb-systemd-helper.t as I don't
> have the necessary perl module installed and didn't want to mess
> with CPAN. But I'd assume its correct.

Does this break existing services/packages in stretch? If so, which ones?
I'm trying to evaluate if this RC or can be fixed for buster.

Michael


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#861208: ITP: node-minimalistic-crypto-utils -- Minimalistic tools for JS crypto modules

[Bastien ROUCARIES]

Package: wnpp
Severity: wishlist
Owner: ro...@debian.org
X-Debbugs-CC: debian-de...@lists.debian.org

* Package name: node-minimalistic-crypto-utils
  Version : 1.0.1
  Upstream Author : Fedor Indutny 
* URL : https://github.com/indutny/minimalistic-crypto-utils#readme
* License : Expat
  Programming Lang: JavaScript
  Description : Minimalistic tools for JS crypto modules

This package includes tools useful for implementing cryptographic
operation in pure javascript.
.
This a dependency of browserify, a tool that create self contained module
that run in browser contextg
 .
 Node.js is an event-based server-side JavaScript engine.

Bug#860798: jessie-pu: yara/3.1.0-2+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Sun, 2017-04-23 at 20:33 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Thu, 2017-04-20 at 11:15 +0200, Hilko Bengen wrote:
> > I would like to update yara in jessie to include fixes for 4 bugs in the
> > rule parsing code that have been assigned CVE-2016-10210,
> > CVE-2016-10211, CVE-2017-5923, CVE-2017-5924.
> 
> Your debdiff has the distribution set to "jessie-security". Assuming
> that the intention was to upload to p-u, please change that to "jessie"
> and go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Bug#860017: jessie-pu: package nvidia-graphics-modules/340.102+3.16.0+1

[Adam D. Barratt]

Control: tags -1 + pending

On Sun, 2017-04-23 at 21:20 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Mon, 2017-04-10 at 12:18 +0200, Andreas Beckmann wrote:
> > As always, we have to rebuild the pre-built binary modules for the
> > new upstream release nvidia-graphics-drivers package ...
> 
> Please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Bug#860577: jessie-pu: package sus/7.20161013~deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Sun, 2017-04-23 at 21:13 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Tue, 2017-04-18 at 23:12 +0200, Andreas Beckmann wrote:
> > sus is a downloader package in contrib.
> > The download URL+checksum for susv4 has changed ... rendering the
> > package uninstallable.
> > This is a backport of the package in sid with the debhelper bump
> > reverted.
> 
> Please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Bug#851678: jessie-pu: package openchange/1:2.2-6+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Tue, 2017-04-25 at 09:46 +0800, Paul Wise wrote:
> On Mon, 2017-04-24 at 22:12 +0100, Adam D. Barratt wrote:
> 
> > That sounds okay, although I wonder if it's worth mentioning the unusual
> > version progression in the changelog.
> 
> I've rebuilt the package including this additional changelog entry:
> 
>   * Use version -6+ instead of -5+ because samba-libs conflicts with
> openchangeproxy (<< 1:2.2-6), making openchangeproxy -5+ uninstallable.
> 
> The result has been uploaded and is on its way to pu-new.

Thanks; flagged for acceptance.

Regards,

Adam

Bug#860156: [pkg-gnupg-maint] Bug#860156: gnupg: gpg stays inactive, program not terminating

[Daniel Kahn Gillmor]

Control: tags 860156 + moreinfo unreproducible

On Wed 2017-04-12 11:29:50 +0200, Gabriel Hondet wrote:
> When gpg is called, nothing happens and program seems to be waiting for
> something (i.e. program is not terminating and no errors are shown). The
> same happens for gpg-agent.

how are you invoking gpg?

if you invoke it with no arguments, it expects to be in a pipeline with
some sort of guess at what it is supposed to do.  this is not an
advisable mode to operate any tool, especially a security-sensitive
one.  give it an explicit command instead!

If i launch gpg 2.1.20 with no arguments, i get:

0 dkg@alice:~$ gpg
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
gpg: Go ahead and type your message ...


so i'm unable to reproduce the problem you describe.

> I assume it does not depend on my configuration as gpg version of stable
> release (1.4.18) works fine.

gpg1 1.4.21 shows me this when invoked with no arguments:

0 dkg@alice:~$ gpg1
gpg: Go ahead and type your message ...


Can you provide more details please?

--dkg


signature.asc
Description: PGP signature

Bug#861206: [git-buildpackage/master] clone: Add support for pseudo protocols like vcsgit: and github:

[Guido Günther]

tag 861206 pending
thanks

Date:   Tue Apr 25 20:22:34 2017 +0200
Author: Guido Günther 
Commit ID: 1113c9590ca2847f586441e857e3f17698a35020
Commit URL: 
https://git.sigxcpu.org/cgit/git-buildpackage//commit/?id=1113c9590ca2847f586441e857e3f17698a35020
Patch URL: 
https://git.sigxcpu.org/cgit/git-buildpackage//patch/?id=1113c9590ca2847f586441e857e3f17698a35020

clone: Add support for pseudo protocols like vcsgit: and github:

to make cloning simpler

Closes: #861206

  

Bug#858082: [pkg-gnupg-maint] Bug#858082: gpg manual/info docs: incorrect filename options.skel instead of gpg-conf.skel

[Daniel Kahn Gillmor]

Control: forwarded 858082 https://dev.gnupg.org/T3086

Even better, gnupg should stop shipping the .skel files entirely and rip
out this functionality, as i've recommended upstream.  it causes more
problems than it solves.


signature.asc
Description: PGP signature

Bug#859801: jessie-pu: package logback/1:1.1.2-1

[Adam D. Barratt]

Control: tags -1 + pending

On Mon, 2017-04-24 at 13:56 +0200, Markus Koschany wrote:
> Am 23.04.2017 um 22:27 schrieb Adam D. Barratt:
> > Control: tags -1 + confirmed
> > 
> > On Fri, 2017-04-07 at 15:57 +0200, Markus Koschany wrote:
> >> I have prepared a security update for logback. [1]
> >> The security team marked this issue as no-dsa hence I would like
> >> to include it in the next point-release for Jessie.
> > 
> > Please go ahead.
> > 
> > Regards,
> > 
> > Adam
> 
> Uploaded. Thank you.

Flagged for acceptance.

Regards,

Adam

Bug#861056: jessie-pu: package minicom/2.7-1+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Mon, 2017-04-24 at 10:19 +0200, Salvatore Bonaccorso wrote:
> Hi Adam,
> 
> On Mon, Apr 24, 2017 at 09:07:27AM +0100, Adam D. Barratt wrote:
> > Control: tags -1 + confirmed
> > 
> > On 2017-04-24 8:31, Salvatore Bonaccorso wrote:
> > >A DSA for minicom is not needed, and given the next point release is
> > >approaching, I would like to propose to fix CVE-2017-7467, which is
> > >#860940 in the BTS, via a point release.
> > 
> > Please go ahead.
> 
> Thank you! Uploaded.

Flagged for acceptance into p-u.

Regards,

Adam

Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3

[Adam D. Barratt]

Control: tags -1 + pending

On Mon, 2017-04-24 at 06:37 +0200, Salvatore Bonaccorso wrote:
> Hi,
> 
> On Sun, Apr 23, 2017 at 08:48:29PM +0100, Adam D. Barratt wrote:
> > Control: tags -1 + confirmed
> > 
> > On Fri, 2017-04-14 at 08:36 +0200, Salvatore Bonaccorso wrote:
> > > Given the next jessie point release is approaching I would like to
> > > propose a fix for CVE-2017-5029, #858546 via the upcoming point
> > > release.
> > > 
> > > Attached is the full debdiff.
> > > 
> > > The debian/changelog reads as
> > > 
> > > +libxslt (1.1.28-2+deb8u3) jessie; urgency=medium
> > > +
> > > +  * Non-maintainer upload.
> > > +  * Check for integer overflow in xsltAddTextString (CVE-2017-5029)
> > > +(Closes: #858546)
> > 
> > Please go ahead, thanks.
> 
> Thank you, uploaded.

Flagged for acceptance into p-u, thanks.

Regards,

Adam

Bug#860745: [pkg-gnupg-maint] Bug#860745: Please suggest a fix for "server $SOMETHING is older than us" message

[Daniel Kahn Gillmor]

Control: tags 860745 + upstream
Control: forwarded 860745 https://dev.gnupg.org/T3117

On Sun 2017-04-23 18:52:11 +0200, Werner Koch wrote:
> Well, correct installation of a software update is the task of the
> sysadmin or the distribution.  This is the same as an update of libc or
> other libraries; something(tm) must happen to restart all processes
> using an updated library.

Do you recommend terminating all per-user gpg-agent and dirmngr
instances upon package upgrade?  This would be a significant change from
the traditional debian packaging approach, in which the package is only
really responsible for restarting system-level daemons (not user-level
daemons).

>>   gpg: WARNING: server 'dirmngr' is older than us (2.1.17 < 2.1.18). Run 
>> with --verbose for details.
>>   gpg: further info: Outdated servers may lack important security fixes.
>>   gpg: further info: A restart can be forced using "gpgconf --kill all"
>
> Hmmm.  Can you file a report to bugs.gnupg.org ?

I just filed it here:  https://dev.gnupg.org/T3117

  --dkg


signature.asc
Description: PGP signature

Bug#859906: jessie-pu: package kup/0.3.2-2

[Adam D. Barratt]

Control: tags -1 + pending

On Sun, 2017-04-23 at 21:24 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Sun, 2017-04-09 at 04:16 +0100, Ben Hutchings wrote:
> > The upload service at kernel.org will soon be changed in a way that is
> > incompatible with the current kup client.  The changes below add
> > support for this new configuration, and have been tested against a
> > test server.
> 
> Please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Bug#858680: jessie-pu: package erlang/1:17.3-dfsg-4+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Mon, 2017-04-24 at 09:54 +0300, Sergei Golovan wrote:
> On Sun, Apr 23, 2017 at 11:48 PM, Adam D. Barratt
>  wrote:
> >
> > Please go ahead.
> 
> Done.

Flagged for acceptance.

Regards,

Adam

Bug#860276: jessie-pu: package glibc/2.19-18+deb8u8

[Adam D. Barratt]

Control: tags -1 + pending

On Mon, 2017-04-24 at 08:45 +0200, Aurelien Jarno wrote:
> On 2017-04-23 21:58, Adam D. Barratt wrote:
> > Control: tags -1 + confirmd
> > 
> > On Sun, 2017-04-23 at 22:52 +0200, Cyril Brulebois wrote:
> > > Adam D. Barratt  (2017-04-23):
> > > > While I doubt that either of the above should have any noticeable effect
> > > > on the installer, I'd appreciate a d-i ack in any case; CCing.
> > > 
> > > No objections, thanks.
> > 
> > Thanks for the quick response.
> > 
> > Aurelien, please feel free to upload.
> 
> I have just upload it.

Flagged for acceptance, thanks.

Regards,

Adam

Bug#856685: the upstream bugs were closed last year

[積丹尼 Dan Jacobson]

OA> ibus has many use cases and this is not currently affecting me.
You are able to change the font size?

OA> Also, your yelling tone post just makes me very ... sad.
I am saying just like looking at BIG FONTS makes some people sad,
looking at small fonts makes others sad.

Bug#861201: python3: Incoherent "for" behaviour with different iterables

[Florian Bruhin]

On Tue, Apr 25, 2017 at 09:55:01PM +0200, Dominik George wrote:
> Hi,
> 
> > Python should raise a RuntimeError exception with a list as with a set.
> 
> It *does*, for a list.
> 
> But in Python 3, with [], you do not get a list, but an iterator with a 
> list-like API ;). It wraps a list which you add to, but __next__ will yield 
> the next item if there is one.

That's not true:

Python 3.6.1 (default, Mar 27 2017, 00:27:06)
[GCC 6.3.1 20170306] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> list()
[]
>>> type(list())

>>> type([])


If you want an iterator, you need to explicitly ask for it:

>>> iter([])


Calling next() on a list won't work:

>>> next([])
Traceback (most recent call last):
  File "", line 1, in 
TypeError: 'list' object is not an iterator

Florian

-- 
https://www.qutebrowser.org  | m...@the-compiler.org (Mail/XMPP)
   GPG: 916E B0C8 FD55 A072  | https://the-compiler.org/pubkey.asc
 I love long mails!  | https://email.is-not-s.ms/


signature.asc
Description: PGP signature

Bug#861206: clone: make it simpler to clone from vcs-git et. al

[Guido Günther]

Package: git-buildpackage
Version: 0.8.14
Severity: wishlist


Being able to clone from the vcs-git URL via

  git clone vcsgit:

would be nice. Also things like

  git clone github:user/repo

might be helpful.
Cheers,
 -- Guido

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'stable-updates'), (500, 'unstable'), (500, 'stable'), 
(500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages git-buildpackage depends on:
ii  devscripts2.17.5
ii  git   1:2.11.0-2
ii  man-db2.7.6.1-2
ii  python-dateutil   2.5.3-2
ii  python-pkg-resources  33.1.1-1
ii  python-six1.10.0-3
pn  python:any

Versions of packages git-buildpackage recommends:
ii  cowbuilder   0.85
ii  pbuilder 0.228.6
ii  pristine-tar 1.38
ii  python-requests  2.12.4-1
ii  sbuild   0.73.0-4

Versions of packages git-buildpackage suggests:
ii  python-notify  0.1.1-4
ii  sudo   1.8.19p1-1
ii  unzip  6.0-21

-- no debconf information

Bug#860627: The issue looks like not enough RAM

[Thomas Goirand]

On 04/25/2017 05:56 PM, Lucas Nussbaum wrote:
> On 25/04/17 at 16:23 +0200, Thomas Goirand wrote:
>> Hi,
>>
>> As much as I can tell, it looks like to me that there's random crashes
>> on i386 because of the lack of RAM. It looks like the test suite needs
>> more than i386 can offer. Indeed, removing the --parallel option when
>> running the tests seem to improve the situation. Though I'm not convince
>> that removing that option is the thing to do. Anyway, I don't see a real
>> user using a machine with 4GB as compute host these days. Even if
>> someone would, they could well use the pre-built package, or not attempt
>> to run tests when building.
>>
>> Therefore, I'll be lowering this bug severity to important, until I can
>> get a reply from upstream.
>>
>> Your thoughts?
> 
> Well the machine had 256 GB of RAM, but of course on i386 that's only
> 4 GB per process.
> 
> Lucas

Yes, and OpenStack's gating is made with 8GB VMs.

Anyway, I still stand by the fact that i386 has very little importance
for something like OpenStack. I very much would prefer to invest time on
ppcel64 and arm64.

Cheers,

Thomas Goirand (zigo)

Bug#861050: [pkg-gnupg-maint] Bug#861050: gnupg-agent: GPG_AGENT_INFO is not set according to /etc/X11/Xsession.d/90gpg-agent

[Daniel Kahn Gillmor]

Control: tags 861050 + moreinfo

On Mon 2017-04-24 02:24:37 +0200, does not starts wrote:

> Upon xsession start I need to have variable GPG_AGENT_INFO for one older
> program as described in
> https://wiki.debian.org/Teams/GnuPG/UsingGnuPGv2#GPG_AGENT_INFO_variable

What older program do you need this for?  We should fix that program.

> It should be probably done through the script /etc/X11/Xsession.d/90gpg-agent.
> But is not. Manual execution of commands from this script:
>   agent_sock=$(gpgconf --list-dirs agent-socket)
>   export GPG_AGENT_INFO=${agent_sock}:0:1
> sets this variable properly.
>
> Why is script /etc/X11/Xsession.d/90gpg-agent not automatically parsed?

how does your start X11?  do you have a display manager? if so, which
one?  do you log in from the text-mode console?

  --dkg

Bug#861205: pinpoint: speaker mode does not work

[Lucas Kanashiro]

Package: pinpoint
Version: 1:0.1.8-2+b1
Severity: normal

Dear Maintainer,

I tried to use the speaker mode (-s) in one of my presentations and suddenly
pinpoint crashes. Below is the standard error output:

(pinpoint:17850): Gdk-ERROR **: The program 'pinpoint' received an X Window 
System error.
This probably reflects a bug in the program.
The error was 'GLXBadDrawable'.
  (Details: serial 506 error_code 171 request_code 155 (GLX) minor_code 29)
  (Note to programmers: normally, X errors are reported asynchronously;
   that is, you will receive the error a while after causing it.
   To debug your program, run it with the GDK_SYNCHRONIZE environment
   variable to change this behavior. You can then get a meaningful
   backtrace from your debugger if you break on the gdk_x_error() function.)
Trace/breakpoint trap


I did not have enough time to debug it, when I have some free time I will try
to do it.

Cheers.

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pinpoint depends on:
ii  libc6 2.24-10
ii  libcairo2 1.14.8-1
ii  libclutter-1.0-0  1.26.0+dfsg-3
ii  libclutter-gst-3.0-0  3.0.24-1
ii  libclutter-gtk-1.0-0  1.8.2-2
ii  libgdk-pixbuf2.0-02.36.5-2
ii  libglib2.0-0  2.50.3-2
ii  libgstreamer1.0-0 1.10.4-1
ii  libgtk-3-03.22.12-1
ii  libpango-1.0-01.40.5-1
ii  libpangocairo-1.0-0   1.40.5-1

pinpoint recommends no packages.

pinpoint suggests no packages.

-- no debconf information

Bug#861168: qa.debian.org: msg parameter inserts extra line numbers

[Matthieu Caneill]

Hi,

On Tue, Apr 25, 2017 at 01:49:13PM -0400, James McCoy wrote:
> When I view that URL, it looks as per your expectations.  After
> disabling Javascript, I see that the line numbers aren't adjusted.

Thanks for the report and the additional information!

I've dug it a bit, and it indeed comes from the fact the additional
space needed between line numbers to align well (when a popup message
is present) is done in javascript in debsources.js.

A solution could be adding these empty lines server-side. It was the
case before e246fcf, but it was needed to fix #762941…

Cheers,
--
Matthieu


signature.asc
Description: PGP signature

Bug#861204: deb-systemd-invoke: fails to handle units with escaped characters

[Bernd Zeimetz]

Package: init-system-helpers
Version: 1.47
Severity: serious
Tags: patch

Hi,

to fix #856429 I need to handle a unit with an escaped character
correctly in the maintainer scripts generated by dh_systemd*.

Unfortunately deb-systemd-invoke does not quote the unit name
properly in a systemctl call, so it fails to handle the unit.

A patch is attached, with it deb-systemd-invoke works as expected.
I did not test my changes to t/001-deb-systemd-helper.t as I don't
have the necessary perl module installed and didn't want to mess
with CPAN. But I'd assume its correct.

Thanks for fixing,

Bernd

-- 
 Bernd ZeimetzDebian GNU/Linux Developer
 http://bzed.dehttp://www.debian.org
 GPG Fingerprint: ECA1 E3F2 8E11 2432 D485  DD95 EB36 171A 6FF9 435F
From f506723313b8b85e062b61ccda5e31d7adc3a176 Mon Sep 17 00:00:00 2001
From: Bernd Zeimetz 
Date: Tue, 25 Apr 2017 21:40:00 +0200
Subject: [PATCH] Handle units with escaped characters correctly.

Also see
https://www.freedesktop.org/software/systemd/man/systemd-escape.html
---
 script/deb-systemd-invoke  |  2 +-
 t/001-deb-systemd-helper.t | 10 +-
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/script/deb-systemd-invoke b/script/deb-systemd-invoke
index 4255d06..a4b3fbc 100755
--- a/script/deb-systemd-invoke
+++ b/script/deb-systemd-invoke
@@ -85,7 +85,7 @@ if ($action eq "start" || $action eq "restart") {
 my $global_exit_code = 0;
 for my $unit (@units) {
 my $unit_installed = 0;
-my $enabled_output = `/bin/systemctl is-enabled -- $unit`;
+my $enabled_output = `/bin/systemctl is-enabled -- '$unit'`;
 # matching enabled and enabled-runtime as an installed non static unit
 if ($enabled_output =~ /enabled/) {
 $unit_installed = 1;
diff --git a/t/001-deb-systemd-helper.t b/t/001-deb-systemd-helper.t
index 64332e3..2d5da28 100644
--- a/t/001-deb-systemd-helper.t
+++ b/t/001-deb-systemd-helper.t
@@ -54,7 +54,7 @@ unless ($ENV{'TEST_ON_REAL_SYSTEM'}) {
 # ┃ Verify “is-enabled” is not true for a random, non-existing unit file. ┃
 # ┗━━━┛
 
-my ($fh, $random_unit) = tempfile('unitX',
+my ($fh, $random_unit) = tempfile('unit\x2dX',
 SUFFIX => '.service',
 TMPDIR => 1,
 UNLINK => 1);
@@ -303,13 +303,13 @@ ExecStart=/bin/sleep 1
 
 [Install]
 WantedBy=multi-user.target
-Alias=footest.service
+Alias=foo\x2dtest.service
 EOT
 close($fh);
 
 isnt_enabled($random_unit);
-isnt_enabled('footest.service');
-my $alias_path = "/etc/systemd/system/footest.service";
+isnt_enabled('foo\x2dtest.service');
+my $alias_path = "/etc/systemd/system/foo\x2dtest.service";
 ok(! -l $alias_path, 'alias link does not exist yet');
 $retval = system("DPKG_MAINTSCRIPT_PACKAGE=test $dsh enable $random_unit");
 is($retval, 0, "enable command succeeded");
@@ -376,7 +376,7 @@ EOT
 close($fh);
 
 isnt_enabled($random_unit);
-isnt_enabled('footest.service');
+isnt_enabled('foo\x2dtest.service');
 # note that in this case $alias_path and $mask_path are identical
 $retval = system("DPKG_MAINTSCRIPT_PACKAGE=test $dsh enable $random_unit");
 is($retval, 0, "enable command succeeded");
-- 
2.11.0

Bug#861112: xsane: always crashes on start

[Aaro Koskinen]

Hi,

Seems to happen also with scanimage:

$ scanimage -L
scanimage: thread-watch.c:171: avahi_threaded_poll_lock: Assertion `p' failed.
Aborted

A.

Bug#861201: python3: Incoherent "for" behaviour with different iterables

[Dominik George]

Hi,

> Python should raise a RuntimeError exception with a list as with a set.

It *does*, for a list.

But in Python 3, with [], you do not get a list, but an iterator with a 
list-like API ;). It wraps a list which you add to, but __next__ will yield the 
next item if there is one.

-nik

Bug#860691: jnr-posix: FTBFS on i386: dh_auto_test: /usr/lib/jvm/default-java/bin/java -noverify -cp /usr/share/maven/boot/plexus-classworlds-2.x.jar:/usr/lib/jvm/default-java/lib/tools.jar -Dmaven.ho

[Markus Koschany]

forwarded 860691 https://github.com/jnr/jnr-posix/issues/99
thanks

I have forwarded this bug report upstream. I can confirm that two tests
fail on i386 but succeed on amd64. The version in experimental is also
affected. Four tests are failing here. If we can't come up with a better
solution, we can still make tests failures non-fatal.

Markus



signature.asc
Description: OpenPGP digital signature

Bug#856429: open-vm-tools: vgauth.service Unit File is Missing VGAuthService Option -s

[Bernd Zeimetz]

Hi,

>* What led up to the situation?
>  After a recent update added the vgauth.service unit file, I checked
>  the status of vgauthd.service.  While it apparently starts, I noticed
>  there was no logging to /var/log/vmware-vgauthsvc.log.0. Comparing
>  the setup to my Rawhide and Tumbleweed installations,
>  I noticed that unlike Rawhide and Tumbleweed, Debian's
>  /lib/systemd/system/vgauth.service does not use the -s option to
>  VGAuthService. According to the program's help info, -s causes
>  it to run in daemon mode. Note that the current Debian setup is
>  consistent with the sample unit file provided in BUG#855337, which
>  also omits the -s option.

with systemd you should use journalctl -u vgauth.service.

It might be necessary to add -s in the init script, though - for those
who don't use systemd.


Cheers,

Bernd

-- 
 Bernd ZeimetzDebian GNU/Linux Developer
 http://bzed.dehttp://www.debian.org
 GPG Fingerprint: ECA1 E3F2 8E11 2432 D485  DD95 EB36 171A 6FF9 435F

Bug#854963: banshee: Crashes when importing media

[Alex Brett]

On Sun, 12 Feb 2017 10:59:08 -0500 "Frank Green, Jr." 
 wrote:

Package: banshee
Version: 2.6.2-6.1
Severity: important

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
Discovered banshee would crash when importing any media last month

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
Disabled all plugins (bpm detection turned off), rescanned library, deleted
~/.config/banshee-1/, downgraded to previous version of this package (2.6.2-6),
tried older versions of libsqlite3-0, tried importing different files such as
mp3 and flac

   * What was the outcome of this action?
Crashes every time, see output:

frankjr@frankjr-desktop ~ $ banshee --debug --debug-sql
** Running Mono with --debug   **
[1 Debug 10:32:04.800] Bus.Session.RequestName ('org.bansheeproject.Banshee')
replied with PrimaryOwner
[1 Info  10:32:04.811] Running Banshee 2.6.2: [Debian GNU/Linux buildd-unstable
(sid) (linux-gnu, x86_64) @ 2016-12-15 16:07:50 UTC]
[1 Debug 10:32:04.818] Initializing GTK

** (Banshee:3656): WARNING **: Couldn't register with accessibility bus: Did
not receive a reply. Possible causes include: the remote application did not
send a reply, the message bus security policy blocked the reply, the reply
timeout expired, or the network connection was broken.
[1 Debug 10:32:05.851] Post-Initializing GTK
[1 Debug 10:32:05.870] Configuration client extension loaded
(Banshee.GnomeBackend.GConfConfigurationClient)
[1 Debug 10:32:05.873] Using default gconf-base-key
[1 Debug 10:32:05.958] Core service started (DBusServiceManager, 0.001497)
[1 Debug 10:32:05.961] Registering remote object
/org/bansheeproject/Banshee/DBusCommandService
(Banshee.ServiceStack.DBusCommandService) on org.bansheeproject.Banshee
[1 Debug 10:32:05.966] Core service started (DBusCommandService, 0.008326)
[1 Debug 10:32:05.999] Opened SQLite (version 3.16.2) connection to
/home/frankjr/.config/banshee-1/banshee.db
[1 Debug 10:32:06.000] Core service started (DbConnection, 0.03375)
[1 Warn  10:32:06.005] HyenaSqliteConnection command issued from the main
thread
[4 Debug 10:32:06.006] Executed in 0ms SELECT COUNT(*) FROM sqlite_master WHERE
Type='table' AND Name='CoreConfiguration'
[1 Warn  10:32:06.006] HyenaSqliteConnection command issued from the main
thread
[4 Debug 10:32:06.006] Executed in 1ms SELECT Value FROM CoreConfiguration
WHERE Key = 'DatabaseVersion'
[1 Warn  10:32:06.006] HyenaSqliteConnection command issued from the main
thread
[4 Debug 10:32:06.007] Executed in 0ms SELECT COUNT(*) FROM sqlite_master WHERE
Type='table' AND Name='CoreConfiguration'
[1 Warn  10:32:06.007] HyenaSqliteConnection command issued from the main
thread
[4 Debug 10:32:06.007] Executed in 0ms SELECT Value FROM CoreConfiguration


(a) I am reproducing: Banshee 2.6.2 under Debian stretch.

(b) On selecting Media -> Import Media -> Choose Folders -> Import, 
Banshee crashes, regardless of which folders or files are selected, with 
a trace as above.


(c) Import from CD works with no problems.

(d) Tools -> Rescan Music Library works with no problems to make Banshee 
aware of music files that result in a crash when I attempt to import 
them via the Import Media workflow.

Bug#861202: ceilometer-agent-central systemd service fails to start

[Valentin Vidic]

Package: ceilometer-agent-central
Version: 1:7.0.1-3
Severity: important

Dear Maintainer,

The ceilometer-agent-central.service fails to start after
installation:

Apr 25 21:35:32 srv systemd[1]: Starting OpenStack Ceilometer Agent Central...
Apr 25 21:35:32 srv systemd[1]: Started OpenStack Ceilometer Agent Central.
Apr 25 21:35:32 srv systemd[20087]: ceilometer-agent-central.service: Failed at 
step EXEC spawning /etc/init.d/ceilometer-polling: No such file or directory
Apr 25 21:35:32 srv systemd[1]: ceilometer-agent-central.service: Main process 
exited, code=exited, status=203/EXEC
Apr 25 21:35:32 srv systemd[1]: ceilometer-agent-central.service: Unit entered 
failed state.
Apr 25 21:35:32 srv systemd[1]: ceilometer-agent-central.service: Failed with 
result 'exit-code'.

It seems to be calling a nonexistent file /etc/init.d/ceilometer-polling
where it should probably use /etc/init.d/ceilometer-agent-central


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages ceilometer-agent-central depends on:
ii  ceilometer-common1:7.0.1-3
ii  init-system-helpers  1.47
ii  lsb-base 9.20161125

ceilometer-agent-central recommends no packages.

ceilometer-agent-central suggests no packages.

-- no debconf information

Bug#861203: ceilometer-agent-compute: ceilometar-agent-compute systemd service fails to start

[Valentin Vidic]

Package: ceilometer-agent-compute
Version: 1:7.0.1-3
Severity: important

Dear Maintainer,

The ceilometer-agent-compute.service fails to start
after installation:

Apr 25 21:40:57 srv systemd[1]: Starting OpenStack Ceilometer Agent Compute...
Apr 25 21:40:57 srv systemd[1]: Started OpenStack Ceilometer Agent Compute.
Apr 25 21:40:57 srv systemd[22602]: ceilometer-agent-compute.service: Failed at 
step EXEC spawning /etc/init.d/ceilometer-polling: No such file or directory
Apr 25 21:40:57 srv systemd[1]: ceilometer-agent-compute.service: Main process 
exited, code=exited, status=203/EXEC
Apr 25 21:40:57 srv systemd[1]: ceilometer-agent-compute.service: Unit entered 
failed state.
Apr 25 21:40:57 srv systemd[1]: ceilometer-agent-compute.service: Failed with 
result 'exit-code'.

It seems to be calling nonexistent /etc/init.d/ceilometer-polling
where it should probably use /etc/init.d/ceilometer-agent-compute


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages ceilometer-agent-compute depends on:
ii  ceilometer-common1:7.0.1-3
ii  init-system-helpers  1.47
ii  lsb-base 9.20161125

ceilometer-agent-compute recommends no packages.

ceilometer-agent-compute suggests no packages.

-- no debconf information

Bug#860520: Voting for TC Chair

[Tollef Fog Heen]

]] Didier 'OdyX' Raboud 

> ===BEGIN===
> 
> The chair of the Debian Technical Committee will be:
> 
> A: Keith Packard 
> B: Didier Raboud 
> C: Tollef Fog Heen 
> D: Sam Hartman 
> E: Phil Hands 
> F: Margarita Manterola 
> G: David Bremner 
> ===END===

I vote

B > D = E > A = C = F = G

-- 
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are

Bug#861201: python3: Incoherent "for" behaviour with different iterables

[Nicolas Patrois]

Package: python3
Version: 3.5.3-1
Severity: wishlist
Tags: upstream

Dear Maintainer,

In this thread (in French), I saw that the for loop behaves differently with 
sets, lists or frozensets.
http://www.les-mathematiques.net/phorum/read.php?15,1446990,1446990#msg-1446990

With a set:
>>> ens={1, 2}
>>> for i in ens:
...   ens.add(i+1)
...
Traceback (most recent call last):
  File "", line 1, in 
RuntimeError: Set changed size during iteration

With a frozenset:
>>> ens=frozenset({1,2})
>>> for i in ens:
...   ens=ens|{i+1}
... 
>>> ens
frozenset({1, 2, 3})

All is right, if the iterable is a hashable container, the for loops on a fixed 
list.

Now, with a list:
>>> ens=[1, 2]
>>> for i in ens:
...   ens.append(i+1)
...
^CTraceback (most recent call last):
  File "", line 1, in 
KeyboardInterrupt
>>> len(ens)
14453388

And a tuple:
>>> ens=(1,2)
>>> for i in ens:
...   ens=ens+(i,)
... 
>>> 
>>> ens
(1, 2, 1, 2)

Python should raise a RuntimeError exception with a list as with a set.

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386
 (i686)

Kernel: Linux 4.3.0-1-686-pae (SMP w/3 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python3 depends on:
ii  dh-python  2.20170125
ii  libpython3-stdlib  3.5.3-1
ii  python3-minimal3.5.3-1
ii  python3.5  3.5.3-1

python3 recommends no packages.

Versions of packages python3 suggests:
ii  python3-doc   3.5.3-1
ii  python3-tk3.5.3-1
pn  python3-venv  

-- no debconf information

Bug#861200: jessie-pu: package activemq/5.6.0+dfsg1-4+deb8u2

[Markus Koschany]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Hi,

I would like to fix CVE-2015-7599 for Jessie. The security team marked
this issue as no-dsa. Please find attached the debdiff.

Regards,

Markus
diff -Nru activemq-5.6.0+dfsg1/debian/changelog 
activemq-5.6.0+dfsg1/debian/changelog
--- activemq-5.6.0+dfsg1/debian/changelog   2016-03-18 22:24:26.0 
+0100
+++ activemq-5.6.0+dfsg1/debian/changelog   2017-04-25 21:01:20.0 
+0200
@@ -1,3 +1,11 @@
+activemq (5.6.0+dfsg1-4+deb8u3) jessie; urgency=medium
+
+  * Team upload.
+  * Fix CVE-2015-7599:
+DoS in activemq-core via shutdown command. (Closes: #860866)
+
+ -- Markus Koschany   Tue, 25 Apr 2017 21:01:20 +0200
+
 activemq (5.6.0+dfsg1-4+deb8u2) jessie-security; urgency=high
 
   * Team upload.
diff -Nru activemq-5.6.0+dfsg1/debian/patches/CVE-2015-7559.patch 
activemq-5.6.0+dfsg1/debian/patches/CVE-2015-7559.patch
--- activemq-5.6.0+dfsg1/debian/patches/CVE-2015-7559.patch 1970-01-01 
01:00:00.0 +0100
+++ activemq-5.6.0+dfsg1/debian/patches/CVE-2015-7559.patch 2017-04-25 
21:01:20.0 +0200
@@ -0,0 +1,47 @@
+From: Markus Koschany 
+Date: Tue, 25 Apr 2017 20:59:50 +0200
+Subject: CVE-2015-7559
+
+Bug-Debian: https://bugs.debian.org/860866
+Bug-Upstream: https://issues.apache.org/jira/browse/AMQ-6470
+Origin: https://git-wip-us.apache.org/repos/asf?p=activemq.git;h=b8fc78e
+---
+ .../java/org/apache/activemq/ActiveMQConnection.java   | 18 --
+ 1 file changed, 18 deletions(-)
+
+diff --git 
a/activemq-core/src/main/java/org/apache/activemq/ActiveMQConnection.java 
b/activemq-core/src/main/java/org/apache/activemq/ActiveMQConnection.java
+index 57ca8f1..d5797d6 100755
+--- a/activemq-core/src/main/java/org/apache/activemq/ActiveMQConnection.java
 b/activemq-core/src/main/java/org/apache/activemq/ActiveMQConnection.java
+@@ -1860,7 +1860,6 @@ public class ActiveMQConnection implements Connection, 
TopicConnection, QueueCon
+ 
+ @Override
+ public Response processControlCommand(ControlCommand 
command) throws Exception {
+-onControlCommand(command);
+ return null;
+ }
+ 
+@@ -2296,23 +2295,6 @@ public class ActiveMQConnection implements Connection, 
TopicConnection, QueueCon
+ inputStreams.remove(stream);
+ }
+ 
+-protected void onControlCommand(ControlCommand command) {
+-String text = command.getCommand();
+-if (text != null) {
+-if ("shutdown".equals(text)) {
+-LOG.info("JVM told to shutdown");
+-System.exit(0);
+-}
+-if (false && "close".equals(text)){
+-LOG.error("Broker " + getBrokerInfo() + "shutdown 
connection");
+-try {
+-close();
+-} catch (JMSException e) {
+-}
+-}
+-}
+-}
+-
+ protected void onConnectionControl(ConnectionControl command) {
+ if (command.isFaultTolerant()) {
+ this.optimizeAcknowledge = false;
diff -Nru activemq-5.6.0+dfsg1/debian/patches/series 
activemq-5.6.0+dfsg1/debian/patches/series
--- activemq-5.6.0+dfsg1/debian/patches/series  2016-03-18 22:24:26.0 
+0100
+++ activemq-5.6.0+dfsg1/debian/patches/series  2017-04-25 21:01:20.0 
+0200
@@ -11,3 +11,4 @@
 CVE-2014-3612.patch
 CVE-2014-3576.patch
 CVE-2015-5254.patch
+CVE-2015-7559.patch

Bug#861199: ceilometer-api systemd service fails to start

[Valentin Vidic]

Package: ceilometer-api
Version: 1:7.0.1-3
Severity: important

Dear Maintainer,

The ceilometer-api.service does not start properly after
installation.  The following error is reported in syslog:

Apr 25 21:15:27 srv systemd[1]: Starting OpenStack Ceilometer API...
Apr 25 21:15:27 srv systemd[1]: Started OpenStack Ceilometer API.
Apr 25 21:15:29 srv ceilometer-api[18277]: usage: ceilometer-api [-h] [--port 
PORT] -- [passed options]
Apr 25 21:15:29 srv ceilometer-api[18277]: ceilometer-api: error: unrecognized 
arguments: --config-file=/etc/ceilometer/ceilometer.conf 
--log-file=/var/log/ceilometer/ceilometer-api.log
Apr 25 21:15:29 srv systemd[1]: ceilometer-api.service: Main process exited, 
code=exited, status=2/INVALIDARGUMENT
Apr 25 21:15:29 srv systemd[1]: ceilometer-api.service: Unit entered failed 
state.
Apr 25 21:15:29 srv systemd[1]: ceilometer-api.service: Failed with result 
'exit-code'.

It seems that -- is missing before the arguments for the service.

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages ceilometer-api depends on:
ii  adduser 3.115
ii  ceilometer-common   1:7.0.1-3
ii  debconf [debconf-2.0]   1.5.60
ii  init-system-helpers 1.47
ii  lsb-base9.20161125
ii  python-openstackclient  3.2.1-1
ii  python-q-text-as-data [q-text-as-data]  1.4.0-1
pn  python2.7:any   

ceilometer-api recommends no packages.

Versions of packages ceilometer-api suggests:
pn  mongodb  

-- Configuration Files:
/etc/init.d/ceilometer-api changed [not included]

-- debconf information:
  ceilometer/endpoint-ip:
  ceilometer/keystone-project-name: admin
* ceilometer/register-endpoint: false
  ceilometer/region-name: regionOne
  ceilometer/keystone-admin-name: admin
  ceilometer/keystone-ip:
--- ceilometer-api.dist 2017-04-25 21:15:51.266598558 +0200
+++ ceilometer-api  2017-04-25 21:16:04.122546393 +0200
@@ -91,7 +91,7 @@
 }
 
 do_systemd_start() {
-   exec $DAEMON $DAEMON_ARGS
+   exec $DAEMON -- $DAEMON_ARGS
 }
 
 case "$1" in

Bug#861198: simple-cdd: downloading docs/tools/README without ftp

[Vagrant Cascadian]

Package: simple-cdd
X-Debbugs-Cc: enr...@enricozini.org, bou...@debian.org

On 2017-04-25, Enrico Zini wrote:
> On Tue, Apr 25, 2017 at 03:19:01PM +0200, Cédric Boutillier wrote:
>
>> After many years of serving the needs of our users, and some more of
>> declining usage in favor of better options, all public-facing debian.org
>> FTP services will be shut down on November 1, 2017. These are:
>> 
>>   * ftp://ftp.debian.org
>>   * ftp://security.debian.org

> simple-cdd currently depends on ftp to be able to get files in
> http://ftp.de.debian.org/debian/doc/ that are needed by debian-cd. It
> needs ftp because with http there is no reliable way to enumerate the
> list of files in doc/ to be downloaded. That is the only reason there's
> still a need of the mirror_wget tool and all the download can't just be
> done via python's http client libraries.

Thanks for pointing this out!


> Is there a different way to get a copy of the files in doc/ ? 

At a quick glance, there is:

  http://ftp.us.debian.org/debian/extrafiles

Which has the added benefit of being signed, lists the files we want,
with checksums.

The code used to download debian-installer images based on the signed
Release files in the distribution is similar to what's needed to parse
extrafiles... e.g. download extrafiles, verify the signature, look for
the files we want, download the individual files... so that code could
be re-used, refactored, rewritten, etc. to support this.

This sounds better from a number of angles! Thanks for decomissioning
ftp!


It shouldn't be too difficult with the version in stretch; the version
in jessie will have a harder time.


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#861197: unblock: glm/0.9.8.3-2

[Guus Sliepen]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package glm.

This fixes a FTBFS (#860701), caused by the test suite which caught an
infinite loop.

unblock glm/0.9.8.3-2

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (1001, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/12 CPU cores)
Locale: LANG=nl_NL.utf8, LC_CTYPE=nl_NL.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru glm-0.9.8.3/debian/changelog glm-0.9.8.3/debian/changelog
--- glm-0.9.8.3/debian/changelog2017-01-12 00:58:59.0 +0100
+++ glm-0.9.8.3/debian/changelog2017-04-19 16:39:23.0 +0200
@@ -1,3 +1,9 @@
+glm (0.9.8.3-3) unstable; urgency=medium
+
+  * Fix FTBFS on i386. Closes: 860701
+
+ -- Guus Sliepen   Wed, 19 Apr 2017 16:39:23 +0200
+
 glm (0.9.8.3-2) unstable; urgency=medium
 
   * Team upload
diff -Nru glm-0.9.8.3/debian/patches/fix-infiloop 
glm-0.9.8.3/debian/patches/fix-infiloop
--- glm-0.9.8.3/debian/patches/fix-infiloop 1970-01-01 01:00:00.0 
+0100
+++ glm-0.9.8.3/debian/patches/fix-infiloop 2017-04-19 16:20:31.0 
+0200
@@ -0,0 +1,24 @@
+Description: Fix potential infinite loop in float_distance()
+Author: Guus Sliepen 
+Last-Update: 2017-04-19
+
+--- glm-0.9.8.3.orig/glm/gtc/ulp.inl
 glm-0.9.8.3/glm/gtc/ulp.inl
+@@ -287,7 +287,7 @@ namespace glm
+   if(x < y)
+   {
+   T temp = x;
+-  while(temp != y)// && ulp < 
std::numeric_limits::max())
++  while(temp < y)// && ulp < 
std::numeric_limits::max())
+   {
+   ++ulp;
+   temp = next_float(temp);
+@@ -296,7 +296,7 @@ namespace glm
+   else if(y < x)
+   {
+   T temp = y;
+-  while(temp != x)// && ulp < 
std::numeric_limits::max())
++  while(temp < x)// && ulp < 
std::numeric_limits::max())
+   {
+   ++ulp;
+   temp = next_float(temp);
diff -Nru glm-0.9.8.3/debian/patches/fix-packing-test 
glm-0.9.8.3/debian/patches/fix-packing-test
--- glm-0.9.8.3/debian/patches/fix-packing-test 1970-01-01 01:00:00.0 
+0100
+++ glm-0.9.8.3/debian/patches/fix-packing-test 2017-04-19 16:18:44.0 
+0200
@@ -0,0 +1,61 @@
+Description: Fix failure of gtc_packing test on i386 
+Author: Guus Sliepen 
+Last-Update: 2017-04-19
+
+--- glm-0.9.8.3.orig/test/gtc/gtc_packing.cpp
 glm-0.9.8.3/test/gtc/gtc_packing.cpp
+@@ -100,8 +100,8 @@ int test_Half4x16()
+   glm::u16vec4 p2 = glm::packHalf(v0);
+   glm::vec4 v2 = glm::unpackHalf(p2);
+ 
+-  Error += glm::all(glm::equal(v0, v1)) ? 0 : 1;
+-  Error += glm::all(glm::equal(v0, v2)) ? 0 : 1;
++  Error += !!memcmp(, , sizeof v0);
++  Error += !!memcmp(, , sizeof v0);
+   }
+ 
+   return Error;
+@@ -125,7 +125,7 @@ int test_I3x10_1x2()
+   glm::ivec4 v0 = glm::unpackI3x10_1x2(p0);
+   glm::uint32 p1 = glm::packI3x10_1x2(v0);
+   glm::ivec4 v1 = glm::unpackI3x10_1x2(p1);
+-  Error += glm::all(glm::equal(v0, v1)) ? 0 : 1;
++  Error += !!memcmp(, , sizeof v0);
+   }
+ 
+   return Error;
+@@ -149,7 +149,7 @@ int test_U3x10_1x2()
+   glm::uvec4 v0 = glm::unpackU3x10_1x2(p0);
+   glm::uint32 p1 = glm::packU3x10_1x2(v0);
+   glm::uvec4 v1 = glm::unpackU3x10_1x2(p1);
+-  Error += glm::all(glm::equal(v0, v1)) ? 0 : 1;
++  Error += !!memcmp(, , sizeof v0);
+   }
+ 
+   return Error;
+@@ -173,7 +173,7 @@ int test_Snorm3x10_1x2()
+   glm::vec4 v0 = glm::unpackSnorm3x10_1x2(p0);
+   glm::uint32 p1 = glm::packSnorm3x10_1x2(v0);
+   glm::vec4 v1 = glm::unpackSnorm3x10_1x2(p1);
+-  Error += glm::all(glm::equal(v0, v1)) ? 0 : 1;
++  Error += !!memcmp(, , sizeof v0);
+   }
+ 
+   return Error;
+@@ -197,7 +197,7 @@ int test_Unorm3x10_1x2()
+   glm::vec4 v0 = glm::unpackUnorm3x10_1x2(p0);
+   glm::uint32 p1 = glm::packUnorm3x10_1x2(v0);
+   glm::vec4 v1 = glm::unpackUnorm3x10_1x2(p1);
+-  Error += glm::all(glm::equal(v0, v1)) ? 0 : 1;
++  Error += !!memcmp(, , sizeof v0);
+   }
+ 
+   return Error;
+@@ -221,6 +221,7 @@ int test_F2x11_1x10()
+   glm::vec3 v0 = glm::unpackF2x11_1x10(p0);
+   glm::uint32 p1 = glm::packF2x11_1x10(v0);
+   glm::vec3 v1 = glm::unpackF2x11_1x10(p1);
++  Error += !!memcmp(, , sizeof v0);
+ 

Bug#861196: tuxmath-data: Please do not suggest transitional dummy pkg ttf-wqy-zenhei and ttf-arphic-uming

[Boyuan Yang]

Package: tuxmath-data
Version: 2.0.3-1
Severity: minor

Dear maintainer,

Your package wotsap suggests the following transitional dummy packages:

* ttf-arphic-uming, which has been removed since Jessie. It should be fonts-
arphic-uming now
* ttf-wqy-zenhei, which should be fonts-wqy-zenhei now

Please update your dependency list and suggest real packages in the next
upload.

Thanks!



-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#861195: kernel-image-4.9.0-2-686-pae-di: RC 3 Installer: missing kernel module for Texas Instruments card reader

[Brian Potkin]

Package: kernel-image-4.9.0-2-686-pae-di
Severity: normal
Tags: d-i


There has been a longish discussion on -user relating to card readers.
It begins at

  https://lists.debian.org/debian-user/2017/04/msg00329.html

The issue which this bug report concerns is in

  https://lists.debian.org/debian-user/2017/04/msg00792.html

I hope there is sufficient detail to make clear what the problem is.
Basically, the installer does not provide the tifm_7xx1 kernel module.
An SD card in the reader is not offered for partitioning.

Regards,

Brian.

Bug#861194: opencv: please include contrib modules

[Mattia Rizzolo]

Source: opencv
Version: 3.1.0+dfsg-1~exp0
Severity: important
Control: block 841733 by -1
Control: block 841411 by -1


There are packages requiring OpenCV's modules that are only present in
contrib.  At the very least libkf5kface requires the 'face' module.
If my tests are correct also gst-plugins-bad1.0 requires a contrib
module (bgsegm, but I'm waiting on the experimental packages to be
installable to file a Debian bug for this).

There is a WIP/prototype for that in the with-contrib branch:
https://anonscm.debian.org/git/debian-science/packages/opencv.git/log/?h=with-contrib

Solving this bug is a prerequisite for the OpenCV 3.x transition.


If I had to comment on that branch, I'd say that:
* instead of doing that fancy work in d/rules it would be better to use
  the features the new d/watch (i.e. uscan) version=4 provides for
  support of multiple upstream tarballs
* for removing non-dfsg files using Files-Excluded in d/copyright would
  feel a lot clearer

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#861193: Please enable heartbeat support

[Alexandre Viau]

Package: libgnutls30
Version: 3.5.8-5
Severity: normal

Dear Maintainer,

Please enable heartbeart support, which is needed for newer versions of
the ring source package.

MTU discovery by heartbeat with DTLS is mentioned in RFC 6520 (DTLS)[1]
and defined in RFC 4821[2].

It seems that heartbeat support was disabled in 2013, with no reason
given in the commit message[2].

1. https://tools.ietf.org/html/rfc6520
2. https://tools.ietf.org/html/rfc4821
3.
https://anonscm.debian.org/cgit/pkg-gnutls/gnutls.git/commit/?id=2d95b4765dd92827c7899dc484ada34690cabe5a

-- 
Alexandre Viau
av...@debian.org



signature.asc
Description: OpenPGP digital signature

Bug#861168: qa.debian.org: msg parameter inserts extra line numbers

[James McCoy]

Control: retitle -1 [debsources] msg parameter displays extra line numbers when 
Javascript is disabled
Control: tag -1 confirmed

On Tue, Apr 25, 2017 at 05:57:48PM +0800, Paul Wise wrote:
> Normally the cowsay code header looks like this:
> 
> https://sources.debian.net/src/cowsay/3.03%2Bdfsg2-3/cowsay
> 
> 1   #!/usr/bin/perl
> 2
> 3   ##
> 4   ## Cowsay 3.03
> 5   ##
> 6   ## This file is part of cowsay.  (c) 1999-2000 Tony Monroe.
> 7   ##
> 
> When I add a msg parameter it looks like this:

Like this:

https://sources.debian.net/src/cowsay/3.03%2Bdfsg2-3/cowsay/?msg=4:title:message

> 1   #!/usr/bin/perl
> 2   
> 3   ##
> 4   ## Cowsay 3.03
> 5   
> 6   title
> 7   text
> 8   
> 9   ##
> 10  ## This file is part of cowsay.  (c) 1999-2000 Tony Monroe.
> 11  ##
> 
> I didn't expect that the msg paramer would insert line numbers,
> I would expect these line numbers instead:
> 
> 1   #!/usr/bin/perl
> 2   
> 3   ##
> 4   ## Cowsay 3.03
> 
> title
> text
> 
> 5   ##
> 6   ## This file is part of cowsay.  (c) 1999-2000 Tony Monroe.
> 7   ##

When I view that URL, it looks as per your expectations.  After
disabling Javascript, I see that the line numbers aren't adjusted.

Cheers,
James

Bug#861191: wmforkplop: Please do not depend on transitional dummy pkg ttf-dejavu

[Boyuan Yang]

Package: wmforkplop
Version: 0.9.3-2.1+b2
Severity: minor

Dear maintainer,

Your package wmforkplop depends on the following transitional dummy packages:

* ttf-dejavu, which should be fonts-dejavu now

Please update your dependency list and depend on real package in the next
upload.

Thanks!



-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#861192: tkcvs: Please do not depend on transitional dummy pkg ttf-dejavu

[Boyuan Yang]

Package: tkcvs
Version: 8.2.3-1.1
Severity: minor

Dear maintainer,

Your package tkcvs depends on the following transitional dummy packages:

* ttf-dejavu, which should be fonts-dejavu now

Please update your dependency list and depend on real package in the next
upload.

Thanks!



-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#861190: wotsap: Please do not depend on transitional dummy pkg ttf-freefont | ttf-dejavu

[Boyuan Yang]

Package: wotsap
Version: 0.7-4
Severity: minor

Dear maintainer,

Your package wotsap depends on the following transitional dummy packages:

* ttf-freefont, which should be fonts-freefont now
* ttf-dejavu, which should be fonts-dejavu now

Please update your dependency list and depend on real packages in the next
upload.

Thanks!



-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#860796: appears to be linked to the lack of a running "nautilus --gapplication-service"

[Simon McVittie]

On Tue, 25 Apr 2017 at 18:37:43 +0200, Michael Biebl wrote:
> Am 25.04.2017 um 18:21 schrieb Jason Crain:
> > I don't know if there's a way to tell dbus to start different
> > services for different DEs.

There is not.

The only package that makes the D-Bus name foo.bar.baz activatable, if any,
should be the one that contains
/usr/share/dbus-1/services/foo.bar.baz.desktop.

Nautilus actually sort of gets this right - it provides
/usr/share/dbus-1/services/org.freedesktop.FileManager1.service - but
that can't work if other file managers want to be co-installable with
Nautilus. In Ben's file listing, both XFCE and MATE install a file of
the wrong name for this service.

Recent Lintian will advise maintainers not to do this:
https://lintian.debian.org/tags/dbus-session-service-wrong-name.html

It would be better if all the file managers followed rules like these:

* none of them install a .service file with Name=org.freedesktop.FileManager1
  (so sending messages to that name never starts a file manager, only
  communicates with an existing file manager)
* none of them fail to start up if a different file manager already owns
  the org.freedesktop.FileManager1 name (they can either replace it, if it
  will let them, or quietly stay out of its way)
* they can be service-activatable if they want to, but only via their
  implementation-specific names like org.gnome.Nautilus

Nautilus gets very close to this - it uses org.gnome.Nautilus for its
GApplication, and treats inability to acquire the
org.freedesktop.FileManager1 name as non-fatal. However, it does install
a D-Bus session .service file for it, which I think is not a good idea.

I think the actual root cause of this bug is that
nautilus-desktop/nautilus-desktop-application.c (the part of Nautilus
that draws files on the desktop) uses org.freedesktop.FileManager1 to
communicate with Nautilus. This means that if you double-click on a
folder on the desktop while Nautilus and some other file manager are
installed, but neither is currently running, service-activation will
pick a random file manager to run. This is clearly not very helpful.

I speculate that in Ben's case, dbus-daemon might be selecting a file
manager that is broken in some way, such that it silently fails to
start up. Running "dbus-monitor --session" while reproducing this bug
might provide evidence for or against this.

I think it would be better for nautilus-desktop-application to use
the org.gnome.Nautilus bus name, so it always launches specifically
Nautilus.

The down side of this is that if for some reason you are using Nautilus
to display folders on your desktop, but you are also actively running
some other desktop's file manager for some reason (let's say Caja), and you
double-click on the Foo folder on your desktop, arguably you might prefer
it if ~/Desktop/Foo was opened in Caja rather than Nautilus. But that seems
rather a contrived setup...

> Having multiple D-Bus service files provide the same D-Bus name and
> relying on D-Bus activation sounds like a recipe for disaster as you
> will get unpredictable behavior depending on what's installed.

Yes. Don't do this. dbus-daemon has no concept of priority for files
in the same directory: if you try to autostart org.freedesktop.FileManager1
while multiple .service files with that Name exist in the same directory
(and none in a higher-priority directory like ~/.local/share), you will get
a randomly chosen implementation dependent on readdir() order.

> I wonder if it wouldn't be better if desktop environments started an
> implementation of their choice via an XDG autostart file which is
> specific to their desktop environment via OnlyShowIn=

Yes, probably.

I'd also be happy to review designs and patches from any desktop
environment maintainers who want to define a way for this to work,
perhaps something like this:

# /usr/share/dbus-1/services/org.gnome.Nautilus.service

[D-BUS Service]
Name=org.gnome.Nautilus
Exec=/usr/bin/nautilus --gapplication-service

[Implements org.freedesktop.FileManager1.service]
ConditionDesktop=GNOME;Unity;

However, I'm unlikely to get round to writing a formal specification for
that, or implementing it.

S

Bug#852700: unixodbc: Please (allow me) backport 2.3.4-1

[Ferenc Wágner]

Hi,

I'll start preparing a jessie backport soon.
If no complication arises, I'll simply upload it and close this bug.
-- 
Thanks,
Feri

Bug#861125: ITP: elpa-writegood-mode -- Minor mode for Emacs to improve English writing

[Antoine Beaupré]

On 2017-04-25 11:17:28, Nicholas D Steeves wrote:
> control: tags -1 pending
>
> Hi Antoine,
>
> On Tue, Apr 25, 2017 at 08:06:50AM -0400, Antoine Beaupré wrote:
>> On 2017-04-24 20:46:13, Nicholas D Steeves wrote:
>> 
>> > Y-a-t'il une version française?
>> > C'est quelque dont j'apprécierais énormément!
>> 
>> This is for english, and is rather simple, as I mentioned. A french
>> version would require a completely different package, or a severe
>> reconfiguration of this one... I looked into Grammalecte here:
>> 
>> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860579
>> 
>> .. but it's not quite ready to be packaged just yet...
>
> It will take some time to learn how this one works, but another reason
> I'm interested in maintaining writegood-mode is I'm certain I can
> contribute to it.  Preliminary packaging is here:
> ssh://git.debian.org/git/pkg-emacsen/pkg/writegood-mode.git

Excellent. Same remark than writeroom about uploading to
mentors.debian.net. :) But it's great you pushed into git!

(It's just that I'm lazy: mentors.debian.net shows lintian output for
me... ;))

> Oh, I failed to ask in the writeroom RFP thread: Do you like the idea
> of teaming up for that mini project (or a similar project).

Sure, I can try - but I don't have much time unfortunately. I would
rather see the other emacsen people join in here - I'm not even part of
that team yet!

> I can't wait until Grammalecte is ready! :-)  How does it compare to a
> famous business wordprocessor's grammar check, or to bonpatron?

I don't quite know yet.

A.

-- 
Code is law.
 - Lawrence Lessig

Bug#861124: ITP: elpa-writeroom-mode -- distraction-free writing for Emacs

[Antoine Beaupré]

On 2017-04-25 11:05:57, Nicholas D Steeves wrote:
> control: pending -1

Just for the record - we usually mark bugs as "tags -1 +pending" when an
upload is ready in VCS or just uploaded to ftp-master. Not sure the
above does anything. :)

> Hi Antoine,
>
> On Tue, Apr 25, 2017 at 08:04:56AM -0400, Antoine Beaupré wrote:
>> On 2017-04-24 20:37:20, Nicholas D Steeves wrote:

[...]

>> > How responsive is upstream to patches?
>> 
>> Pretty responsive, I'd say. If you look at the Github pull request list:
> [...]
>> I have specifically requested two things, which got more or less
>> implemented completely:
>> 
>> https://github.com/joostkremers/writeroom-mode/issues/22
>> https://github.com/joostkremers/writeroom-mode/issues/24
>
> Nice!  Sorry I was unclear, I meant I'll package the official version
> and send patches or pull requests to upstream.

Excellent. :)

>> > I find it really useful to remove the fringes and margins when going
>> > from fullscreen to windowed, and to have modeline enabled for
>> > fullscreen, for battery status, clock, word count, etc, but to have
>> > these disabled for windowed.
>> 
>> That seems completely counter-intuitive to me, but I guess if those are
>> made into separate modes, that should be fine. :)
>
> :-) Exactly.  My setup is a bit bizarre, but it basically evolved to
> cope with the transition from a 17" 4:3 screen to a 10" 16:9 netbook,
> and to get positive feedback from the word count and pressure from the
> clock while typing way too forcefully while trying to meet deadlines.
> It would be even more intense with a countdown timer...  The premise
> being that you sit down to write, start writeroom, and the combo of
> the carrot and stick helps with productivity: an interval of working
> fast, then a relaxing and/or thinking/planning interval.

Is this similar to the pomodoro technique?

What do you use for the word count, by the way? I just M-x count-words
regularly, and since the message bar still shows, that just works...

>> > One of my other little personal projects is to change the font size
>> > when going between windowed and fullscreen.
>> 
>> That seems like a good idea - a separate effect too?
>
> I haven't actually done the work for it yet, but I've been wanting to
> implement it "someday" for years.  I think the easiest thing to do,
> for the purposes of writeroom, would probably be to configure a
> scaling factor for 'text-scale-adjust as part of the fullscreen hook.

I would make it a completely separate effect - but that's just me. I
encourage you to file an issue upstream, maybe the author already has
something in mind for this or even do the work for you. ;)

[...]

>> Anwyays, this is all stuff that should be discussed in the upstream
>> trackers, and not necessarily here. I think we should try to follow
>> upstream as closely as possible here and get patches merged back
>> upstream.
>
> Merged back, for sure.  Is the "discuss it on the BTS first" policy
> for more users->BTS->maintainers->upstream?

I'm not sure what you mean... In general, Debian welcomes upstream bugs
in the Debian bugtrackers because we want to support our users. Then
Debian package maintainers can sort through issues and forward some
upstream, sometimes fixing it with a patch in the Debian package...

But in general, I believe there is a consensus that we try to follow
upstream as much as possible.

>> So I encourage you to submit pull requests and issues for the things you
>> feel need to change in writeroom. So far, I have managed to use it
>> without patching it, and that is why I would like it to be packaged as
>> is in Debian.
>
> Preliminary packaging is here:
> ssh://git.debian.org/git/pkg-emacsen/pkg/writeroom-mode.git

Awesome! If you are not yet a Debian member, I encourage you to upload
a build to mentors.debian.net so that you can get better peer reviews as
well.

> I need to email to team to find out what the preferred way of managing
> things in the VCS during a deep freeze (eg: push tags only, push an
> experimental branch and keep master's changelog UNRELEASED, etc).

The freeze shouldn't matter in this case: it's a new package, so it
won't migrate to testing and there's no package in testing to update so
it's okay to upload to unstable. It's only when there's a version in
testing that you should avoid uploading to unstable unless it's to fix
RC bugs, and upload to experimental otherwise.

I use the UNRELEASED suite in the changelog when I upload signed
packages for public testing so that they don't get uploaded without my
explicit consent. Otherwise I generally don't use that feature, but
that's just me.

The emacsen team may indeed has its own peculiar ways of doing things
and it's good practice to join forces with them.

> Also, I'm not sure what to license debian/* as wrt BSD-3-clause.

I'm not sure what you mean. You need to specify the license of the
various writeroom-mode files in debian/copyright. Then you chose the
copyright you prefer for files in 

Bug#861058: hydra: on resume, children die with "double free or corruption"

[Ivan Krylov]

Hi Lukas,

On Mon, 24 Apr 2017 18:53:02 +0200
Lukas Schwaighofer  wrote:
> thanks for reporting this bug.  I was able to reproduce the problem
> (also for the version 8.3-2 from Debian stretch).

Thank you for such a swift response!

> The bug is also already known upstream:
>   https://github.com/vanhauser-thc/thc-hydra/issues/27

Oops, should have checked the upstream first.

> I've just looked into the problem and I think I found the cause. I've
> created a pull request
>   https://github.com/vanhauser-thc/thc-hydra/pull/209
> which seemed to fix the problem for me.  However, I'd like to wait for
> feedback from the author and possibly other affected users before
> applying the fix to the Debian version.

That's great! It works for me, too.

> If you need a workaround until the issue has been properly fixed: The
> issue does not affect the i386 version of the software (as also
> confirmed by the original author in one of his messages to the github
> issue).  You can try to add the i386 architecture to dpkg and then
> install the hydra:i386 package (let me know if you need help with
> that).

`apt-get source hydra && cd hydra* && xclip -o | patch -p1
&& ./configure && make` seemed like less of a hassle (for now).

-- 
Best regards,
Ivan

Bug#783228: Still broken

[Dominic Hargreaves]

As reported in https://lists.debian.org/debian-user/2016/03/msg01091.html,
the default configuration now sends out cronspam once every four hours.

It can be disabled with

si_dbs=""

in /etc/clamav-unofficial-sigs.conf.d/local.conf

Dominic.

Bug#860796: appears to be linked to the lack of a running "nautilus --gapplication-service"

[Michael Biebl]

Am 25.04.2017 um 18:21 schrieb Jason Crain:
> On Tue, Apr 25, 2017 at 02:20:08PM +0100, Ben Green wrote:
>> I do have KDE, mate and xfce4 installed. Having removed and purged KDE from
>> my laptop, which shares the same issue, there's no difference.
>>
>> There used to be a problem that clicking on a desktop file would launch
>> dolphin. I've fixed this in the past by removing:
>>
>> /usr/share/dbus-1/services/org.kde.dolphin.FileManager1.service
>>
>> Though it's presence, tested through reboots, makes no difference to the
>> current situation.
>>
>> Here's a listing of /usr/share/dbus-1/services/ FWIW
>>
> [snip]
>>
>> I'll next try removing mate and xfce4 to see if that helps.
> 
> I think that if you remove org.mate.freedesktop.FileManager1.service,
> that might fix it.  These all provide the org.freedesktop.FileManager1
> dbus service and they might be interfering with each other.  Ideally KDE
> would use dolphin, mate would use caja, and gnome would use nautilus,
> but I don't know if there's a way to tell dbus to start different
> services for different DEs.

Having multiple D-Bus service files provide the same D-Bus name and
relying on D-Bus activation sounds like a recipe for disaster as you
will get unpredictable behavior depending on what's installed.

I wonder if it wouldn't be better if desktop environments started an
implementation of their choice via an XDG autostart file which is
specific to their desktop environment via OnlyShowIn=





-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#857013: reportbug: Attaching patch

[Michal Suchanek]

On 19 April 2017 at 03:07, Sandro Tosi  wrote:
> On Thu, Apr 13, 2017 at 4:52 AM, Michal Suchanek  wrote:
>> --- /usr/lib/python3/dist-packages/reportbug/utils.py   2017-04-13 
>> 10:49:24.126454516 +0200
>> +++ /usr/lib/python3/dist-packages/reportbug/utils.py~  2017-04-13 
>> 10:49:17.663966502 +0200
..
> is this in reverse order?

Yes, you can see that the file marked with +++ is a backup file and
has the current code.

Thanks

Michal

Bug#861180: shc: infinite loop does not work properly

[Tong Sun]

Thanks Eriberto for the offer.
I don't know how fast Francisco can response. Javier, could you see if you
can do anything? Thanks.

On Tue, Apr 25, 2017 at 12:24 PM, Eriberto  wrote:

> 2017-04-25 13:09 GMT-03:00 Tong Sun :
> > Thanks for the detailed steps Eriberto, forwarding to the upstream
> author.
> >
> > Francisco, could you take a look at it please?
> >
> > Thanks
>
>
> This bug could be solved soon to avoid shc be excluded from next
> Debian Stable. I can sponsor the package if you want.
>
> Thanks in advance.
>
> Regards,
>
> Eriberto
>

Bug#861180: shc: infinite loop does not work properly

[Eriberto]

2017-04-25 13:09 GMT-03:00 Tong Sun :
> Thanks for the detailed steps Eriberto, forwarding to the upstream author.
>
> Francisco, could you take a look at it please?
>
> Thanks


This bug could be solved soon to avoid shc be excluded from next
Debian Stable. I can sponsor the package if you want.

Thanks in advance.

Regards,

Eriberto

Bug#860796: appears to be linked to the lack of a running "nautilus --gapplication-service"

[Jason Crain]

On Tue, Apr 25, 2017 at 02:20:08PM +0100, Ben Green wrote:
> I do have KDE, mate and xfce4 installed. Having removed and purged KDE from
> my laptop, which shares the same issue, there's no difference.
> 
> There used to be a problem that clicking on a desktop file would launch
> dolphin. I've fixed this in the past by removing:
> 
> /usr/share/dbus-1/services/org.kde.dolphin.FileManager1.service
> 
> Though it's presence, tested through reboots, makes no difference to the
> current situation.
> 
> Here's a listing of /usr/share/dbus-1/services/ FWIW
> 
[snip]
> 
> I'll next try removing mate and xfce4 to see if that helps.

I think that if you remove org.mate.freedesktop.FileManager1.service,
that might fix it.  These all provide the org.freedesktop.FileManager1
dbus service and they might be interfering with each other.  Ideally KDE
would use dolphin, mate would use caja, and gnome would use nautilus,
but I don't know if there's a way to tell dbus to start different
services for different DEs.

On Tue, Apr 25, 2017 at 02:28:19PM +0100, Ben Green wrote:
> having had a looking journalctl and /var/log/syslog, I note that there is no
> output produced when clicking desktop icons.

I'm surprised there's not at least something about dbus not being able
to start the org.freedesktop.FileManager1 service, or nautilus not being
able to show items.

Bug#861189: keystone: CVE-2017-2673: federated user gets wrong role

[Salvatore Bonaccorso]

Source: keystone
Version: 2:10.0.0-8
Severity: grave
Tags: patch security upstream

Hi,

the following vulnerability was published for keystone.

CVE-2017-2673[0]:
federated user gets wrong role

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-2673
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2673
[1] http://www.openwall.com/lists/oss-security/2017/04/25/10
[2] https://bugs.launchpad.net/keystone/+bug/1677723

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#861180: shc: infinite loop does not work properly

[Tong Sun]

Thanks for the detailed steps Eriberto, forwarding to the upstream author.

Francisco, could you take a look at it please?

Thanks

On Tue, Apr 25, 2017 at 10:20 AM, Eriberto Mota  wrote:

> 2017-04-25 10:42 GMT-03:00 Tong Sun :
> > Hi Eriberto,
> >
> > Is your infinite loop problem exactly as described in
> > https://sfxpt.wordpress.com/2014/02/23/shc-3-8-9-is-not-usable/ ?
>
> Hi Tong! Thanks for your quick reply.
>
> No, not embedded here. See the following step-by-step:
>
> 1. The script test.sh:
>
> #!/bin/bash
>
> echo ok
> exit 0
>
> 2. The compilation (Debian Stretch, kernel 4.9.0-2-amd64, gcc6.3.0
> 20170406):
>
> $ shc -f test.sh
>
> 3. Execution:
>
> $ ./test.sh.x
>
>
> > == no reply.
>
> 4. The loop:
>
> $ strace ./test.sh.x
>
> Thanks!
>
> Eriberto
>