Bug#862945: unblock: jbig2dec/0.13-4.1
On Fri, May 19, 2017 at 07:22:12AM +0200, Salvatore Bonaccorso wrote: > The full debdiff is attached t othis mail as debdiff against the current > version in testing. Or not... Salvatore diff -Nru jbig2dec-0.13/debian/changelog jbig2dec-0.13/debian/changelog --- jbig2dec-0.13/debian/changelog 2017-01-23 21:13:34.0 +0100 +++ jbig2dec-0.13/debian/changelog 2017-05-16 20:08:21.0 +0200 @@ -1,3 +1,13 @@ +jbig2dec (0.13-4.1) unstable; urgency=high + + * Non-maintainer upload. + * Prevent integer overflow vulnerability (CVE-2017-7885) (Closes: #860460) + * Prevent SEGV due to integer overflow (CVE-2017-7975) (Closes: #860788) + * Bounds check before reading from image source data (CVE-2017-7976) +(Closes: #860787) + + -- Salvatore BonaccorsoTue, 16 May 2017 20:08:21 +0200 + jbig2dec (0.13-4) unstable; urgency=medium * Add patches cherry-picked upstream to squash signed/unsigned diff -Nru jbig2dec-0.13/debian/patches/020170426~5e57e48.patch jbig2dec-0.13/debian/patches/020170426~5e57e48.patch --- jbig2dec-0.13/debian/patches/020170426~5e57e48.patch1970-01-01 01:00:00.0 +0100 +++ jbig2dec-0.13/debian/patches/020170426~5e57e48.patch2017-05-16 20:08:21.0 +0200 @@ -0,0 +1,26 @@ +Description: Bug 697693: Prevent SEGV due to integer overflow. + While building a Huffman table, the start and end points were susceptible + to integer overflow. + . +Thank you to Jiaqi for finding this issue and suggesting a patch. +Origin: upstream, http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5e57e483298dae8b +Bug: https://bugs.ghostscript.com/show_bug.cgi?id=697693 +Bug-Debian: https://bugs.debian.org/860788 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-7975 +Forwarded: not-needed +Author: Shailesh Mistry +Last-Update: 2017-05-16 + +--- a/jbig2_huffman.c b/jbig2_huffman.c +@@ -422,8 +422,8 @@ jbig2_build_huffman_table(Jbig2Ctx *ctx, + + if (PREFLEN == CURLEN) { + int RANGELEN = lines[CURTEMP].RANGELEN; +-int start_j = CURCODE << shift; +-int end_j = (CURCODE + 1) << shift; ++uint32_t start_j = CURCODE << shift; ++uint32_t end_j = (CURCODE + 1) << shift; + byte eflags = 0; + + if (end_j > max_j) { diff -Nru jbig2dec-0.13/debian/patches/020170503~b184e78.patch jbig2dec-0.13/debian/patches/020170503~b184e78.patch --- jbig2dec-0.13/debian/patches/020170503~b184e78.patch1970-01-01 01:00:00.0 +0100 +++ jbig2dec-0.13/debian/patches/020170503~b184e78.patch2017-05-16 20:08:21.0 +0200 @@ -0,0 +1,27 @@ +Description: Bug 697703: Prevent integer overflow vulnerability. + Add extra check for the offset being greater than the size + of the image and hence reading off the end of the buffer. + . + Thank you to Dai Ge for finding this issue and suggesting a patch. +Origin: upstream, http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b184e783702246e15 +Bug: https://bugs.ghostscript.com/show_bug.cgi?id=697703 +Bug-Debian: https://bugs.debian.org/860460 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-7885 +Forwarded: not-needed +Author: Shailesh Mistry +Last-Update: 2017-05-16 +--- + jbig2dec/jbig2_symbol_dict.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/jbig2_symbol_dict.c b/jbig2_symbol_dict.c +@@ -629,7 +629,7 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, + byte *dst = image->data; + + /* SumatraPDF: prevent read access violation */ +-if (size - jbig2_huffman_offset(hs) < image->height * stride) { ++if ((size - jbig2_huffman_offset(hs) < image->height * stride) || (size < jbig2_huffman_offset(hs))) { + jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "not enough data for decoding (%d/%d)", image->height * stride, + size - jbig2_huffman_offset(hs)); + jbig2_image_release(ctx, image); diff -Nru jbig2dec-0.13/debian/patches/020170510~ed6c513.patch jbig2dec-0.13/debian/patches/020170510~ed6c513.patch --- jbig2dec-0.13/debian/patches/020170510~ed6c513.patch1970-01-01 01:00:00.0 +0100 +++ jbig2dec-0.13/debian/patches/020170510~ed6c513.patch2017-05-16 20:08:21.0 +0200 @@ -0,0 +1,28 @@ +Description: Bug 697683: Bounds check before reading from image source data. + Add extra check to prevent reading off the end of the image source + data buffer. + . + Thank you to Dai Ge for finding this issue and suggesting a patch. +Origin: upstream, http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ed6c5133a1004ce8d +Bug: https://bugs.ghostscript.com/show_bug.cgi?id=697683 +Bug-Debian: https://bugs.debian.org/860787 +Bug-Debian-Security:
Bug#862945: unblock: jbig2dec/0.13-4.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi Please unblock package jbig2dec It fixes three CVEs (which as well were addressed in a DSA): https://www.debian.org/security/2017/dsa-3855 +jbig2dec (0.13-4.1) unstable; urgency=high + + * Non-maintainer upload. + * Prevent integer overflow vulnerability (CVE-2017-7885) (Closes: #860460) + * Prevent SEGV due to integer overflow (CVE-2017-7975) (Closes: #860788) + * Bounds check before reading from image source data (CVE-2017-7976) +(Closes: #860787) + + -- Salvatore BonaccorsoTue, 16 May 2017 20:08:21 +0200 unblock jbig2dec/0.13-4.1 The full debdiff is attached t othis mail as debdiff against the current version in testing. Thanks in advance already, Regards, Salvatore -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init)
Bug#861018: Permissions on folders and access problems
@all Due a misspelled email address of Ulrike I'm just resend all again. Sorry Am 19.05.2017 um 07:11 schrieb Carsten Schoenert: > Control: retitle -1 Thunderbird apparmor profile: access problem on /mnt > > Hello Simon, > > On Thu, May 18, 2017 at 06:51:14PM -0400, Simon Deziel wrote: >> On Thu, 27 Apr 2017 12:01:47 +0100 Jim Cobley>> wrote: >>> audit: type=1400 audit(1493287998.510:88): apparmor="DENIED" >>> operation="open" profile="thunderbird" >>> name="/mnt/Z/temp/Bluebell/TyreSize.jpg" pid=4537 comm="thunderbird" >>> requested_mask="r" denied_mask="r" fsuid=1900 ouid=1900 >> >> Right, /mnt isn't accessible as the Apparmor policy mostly only >> authorize reading files from $HOME and /opt. I think that granting read >> access to the following directories: >> >> /data >> /media >> /mnt >> /srv >> >> And let "owner" write to those would make sense. Carsten, I've pushed a >> commit [*] doing just that. > > thanks for taking care! I'll pick that up too. > >>> audit: type=1400 audit(1493288317.390:149): apparmor="DENIED" >>> operation="exec" profile="thunderbird" >>> name="/usr/lib/firefox-esr/firefox-esr" pid=4906 comm="thunderbird" >>> requested_mask="x" denied_mask="x" fsuid=1900 ouid=0 >> >> It seems like the ESR version of Firefox would need to be added to >> "abstractions/ubuntu-browsers" or it's Debian equivalent. > > The only file I've seen there on my system is for evince. I've installed > firefox-esr. > >> $ ls /etc/apparmor.d/abstractions >> evince > > @Ulrike > You have better knowledge about the apparmor universe in Debian, what we > need to do here? > > ... >> *: >> https://github.com/simondeziel/aa-profiles/blob/master/16.04/usr.bin.thunderbird >> commit 51548d63b2 > > Regards > Carsten > -- Regards Carsten Schoenert
Bug#861018: Permissions on folders and access problems
Control: retitle -1 Thunderbird apparmor profile: access problem on /mnt Hello Simon, On Thu, May 18, 2017 at 06:51:14PM -0400, Simon Deziel wrote: > On Thu, 27 Apr 2017 12:01:47 +0100 Jim Cobley> wrote: > > audit: type=1400 audit(1493287998.510:88): apparmor="DENIED" > > operation="open" profile="thunderbird" > > name="/mnt/Z/temp/Bluebell/TyreSize.jpg" pid=4537 comm="thunderbird" > > requested_mask="r" denied_mask="r" fsuid=1900 ouid=1900 > > Right, /mnt isn't accessible as the Apparmor policy mostly only > authorize reading files from $HOME and /opt. I think that granting read > access to the following directories: > > /data > /media > /mnt > /srv > > And let "owner" write to those would make sense. Carsten, I've pushed a > commit [*] doing just that. thanks for taking care! I'll pick that up too. > > audit: type=1400 audit(1493288317.390:149): apparmor="DENIED" > > operation="exec" profile="thunderbird" > > name="/usr/lib/firefox-esr/firefox-esr" pid=4906 comm="thunderbird" > > requested_mask="x" denied_mask="x" fsuid=1900 ouid=0 > > It seems like the ESR version of Firefox would need to be added to > "abstractions/ubuntu-browsers" or it's Debian equivalent. The only file I've seen there on my system is for evince. I've installed firefox-esr. > $ ls /etc/apparmor.d/abstractions > evince @Ulrike You have better knowledge about the apparmor universe in Debian, what we need to do here? ... > *: > https://github.com/simondeziel/aa-profiles/blob/master/16.04/usr.bin.thunderbird > commit 51548d63b2 Regards Carsten
Bug#826026: Upstream 2.0 resolves #329192
Hi I'm hitting bug #329192 (permanent SMTP failures are retried endlessly) a lot. Where did you get with posting an upgraded nullmailer package? Regards Donald
Bug#860981: CVE-2016-4484 still Exists
Well, since Red Hat is not going to take any action, I think you are right https://access.redhat.com/security/cve/cve-2016-4484 Best Regards, XU Guang-zhao
Bug#862944: django-floppyforms: spelling error in description
Package: django-floppyforms Severity: minor Tags: patch Please see the attached patch to fix a spelling error in the package description (foppy -> floppy). From 6aecbca2730d9d72d3bf66a0578e4310adba107b Mon Sep 17 00:00:00 2001 From: James ValleroyDate: Thu, 18 May 2017 22:14:39 -0400 Subject: [PATCH] Fix spelling error in description --- debian/control | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/debian/control b/debian/control index 03cf8bc..76d192d 100644 --- a/debian/control +++ b/debian/control @@ -35,7 +35,7 @@ Depends: python-django, ${python:Depends} Suggests: python-django-floppyforms-doc Description: better control of form rendering in Django - Django-foppyforms is an application that gives you full control of the + Django-floppyforms is an application that gives you full control of the output of forms rendering. This is more a widgets library than a forms library but form fields are provided for convenience. The forms API and features are exactly the same as Djangoâs, the key difference is that @@ -55,7 +55,7 @@ Depends: python3-django, ${python3:Depends} Suggests: python-django-floppyforms-doc Description: better control of form rendering in Django (Python3 version) - Django-foppyforms is an application that gives you full control of the + Django-floppyforms is an application that gives you full control of the output of forms rendering. This is more a widgets library than a forms library but form fields are provided for convenience. The forms API and features are exactly the same as Djangoâs, the key difference is that @@ -74,7 +74,7 @@ Section: doc Architecture: all Depends: ${misc:Depends}, ${sphinxdoc:Depends} Description: better control of form rendering in Django (Documentation) - Django-foppyforms is an application that gives you full control of the + Django-floppyforms is an application that gives you full control of the output of forms rendering. This is more a widgets library than a forms library but form fields are provided for convenience. The forms API and features are exactly the same as Djangoâs, the key difference is that -- 2.11.0 signature.asc Description: OpenPGP digital signature
Bug#861754: libpll: FTBFS on non-x86: x86intrin.h: No such file or directory
Christian Seilerwrites: > On 05/16/2017 01:28 PM, James Cowgill wrote: >> +ifneq ($(filter $(DEB_HOST_ARCH_CPU), amd64 i386),) > > Also, you should add x32 to the list of archs next to amd64 and > i386 where SSE3 and higher should be disabled. AFAICT, amd64 should cover it: $ dpkg-architecture -ax32 -qDEB_HOST_ARCH x32 $ dpkg-architecture -ax32 -qDEB_HOST_ARCH_CPU amd64 I suppose that also bears mention in a comment, though. -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu
Bug#862051: Refer #862051 to ctte (WAS: nodejs-legacy: possibly drop this package, now that ax25-node has been removed?)
Control: reassign -1 tech-ctte Control: retitle -1 Rename nodejs back to node for buster, now that ax25-node has been removed? Dear tech-ctte, In 2012, the decision was made to rename Node.js' "node" name to nodejs-legacy, and transition the existing "node" package to ax25-node. However, ax25-node (and the "node" package following) were removed in 2015 citing lack of activity: https://packages.qa.debian.org/n/node.html Thus, would it be possible to revert the original decision, and rename nodejs back to node in the next Debian release? Doing so would make working with JavaScript programs outside of Debian a lot easier, as projects tend to hardcode the "node" interpreter name. Best, James On Thu, 18 May 2017 22:12:00 +0200 =?utf-8?b?SsOpcsOpbXkgTGFs?=wrote: > Package: nodejs-legacy > Version: 6.10.2~dfsg-1 > Followup-For: Bug #862051 > > I would love to do that, but the reason behind the rename came from > https://bugs.debian.org/614907. > > Feel free to ask TC to find a new solution. > > Jérémy
Bug#862943: texlive-binaries: online display does not work in MetaFont
Package: texlive-binaries Version: 2016.20160513.41080.dfsg-2 Severity: important Dear Maintainer, Consider this example "test.mf": drawdot (35,70); showit; If we run "mf test" the graphics window comes up but nothing is displayed. -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages texlive-binaries depends on: ii dpkg 1.18.23 ii install-info 6.3.0.dfsg.1-1+b2 ii libc6 2.24-10 ii libcairo2 1.14.8-1 ii libfontconfig12.11.0-6.7+b1 ii libfreetype6 2.6.3-3.2 ii libgcc1 1:6.3.0-16 ii libgmp10 2:6.1.2+dfsg-1 ii libgraphite2-31.3.9-4 ii libgs99.20~dfsg-3.1 ii libharfbuzz-icu0 1.4.2-1 ii libharfbuzz0b 1.4.2-1 ii libice6 2:1.0.9-2 ii libicu57 57.1-6 ii libkpathsea6 2016.20160513.41080.dfsg-2 ii libmpfr4 3.1.5-1 ii libpaper1 1.1.24+nmu5 ii libpixman-1-0 0.34.0-1 ii libpng16-16 1.6.28-1 ii libpoppler64 0.48.0-2 ii libpotrace0 1.13-3 ii libptexenc1 2016.20160513.41080.dfsg-2 ii libsm62:1.2.2-1+b3 ii libstdc++66.3.0-16 ii libsynctex1 2016.20160513.41080.dfsg-2 ii libtexlua52 2016.20160513.41080.dfsg-2 ii libtexluajit2 2016.20160513.41080.dfsg-2 ii libx11-6 2:1.6.4-3 ii libxaw7 2:1.0.13-1+b2 ii libxext6 2:1.3.3-1+b2 ii libxi62:1.7.9-1 ii libxmu6 2:1.1.2-2 ii libxpm4 1:3.5.12-1 ii libxt61:1.1.5-1 ii libzzip-0-13 0.13.62-3+b2 ii perl 5.24.1-2 ii t1utils 1.39-2 ii tex-common6.06 ii zlib1g1:1.2.8.dfsg-5 Versions of packages texlive-binaries recommends: ii python2.7.13-2 ii ruby 1:2.3.3 ii texlive-base 2016.20170123-5 ii tk [wish] 8.6.0+9 texlive-binaries suggests no packages. -- no debconf information
Bug#814755: texlive-binaries: LuaTeX "checksum mismatch" warnings in some OVF fonts on 64bit
This has been fixed: http://tracker.luatex.org/view.php?id=965 The bug report may be closed.
Bug#862529: uncommons-watchmaker-doc: Rename the documentation package to lib*-java-doc
On 05/18/2017 06:48 PM, 殷啟聰 wrote: > The reason behind this package name is that it provides the Javadoc > for both of the 2 library packages > (libuncommons-watchmaker-framework-java & > libuncommons-watchmaker-swing-java). If I split their Javadocs, there > will be dead hyperlinks (or in fact the class fullname instead of > hyperlinks) throughout the Javadoc of > libuncommons-watchmaker-swing-java. I agree this is a tricky case. I'm not even sure maven-debian-helper is able to wire properly the javadocs of different modules from the same package. In this case I'd suggest basing the name of the javadoc package on the main binary package, so here that would be libuncommons-watchmaker-framework-java-doc. > pkg:gradle-doc follows the same reason, I guess. Besides, I fail to > find a javadoc package naming rule in the current Debian Java Policy. gradle is a bit different, it's a command line tool and not a library. You are right to point out this isn't specified in the policy. The lib*-java-doc pattern is commonly used though and for consistency it would be good to stick to it.
Bug#862824: xserver-xorg-core: tigervncserver crash in WriteToClient shortly after VNC client connecs
On 18/05/17 09:32 PM, Rafal wrote: > > One notice not related to this error. I'm looking at FlushClient > function in io.c and I see one weird thing. It contains the following "if": > > if (trans_conn && (len = _XSERVTransWritev(trans_conn, iov, i)) >>= 0) {... > > Later there are "else if" constructs with checks of errno variable, but > it makes sense to check errno only when _XSERVTransWritev() was invoked > and returned error. If the trans_conn variable is set to 0, the errno is > 0 (it is set before the "if"). In particular when SUSNSYSV is defined, > the second "if" is always true when trans_conn is NULL. I think it was > not the intention. Such questions should be directed upstream, e.g. on the xorg-de...@lists.freedesktop.org mailing list. -- Earthling Michel Dänzer | http://www.amd.com Libre software enthusiast | Mesa and X developer
Bug#857766: wget failed to download
This package is outdated; points to a wrong and unavailable download of the flashplugin. Currently pointing to 24.0.0.186; Needs to be updated to 25.0.0.171 Maybe convert Ubuntu's tool to Debian? Sent from [ProtonMail](https://protonmail.com), Swiss-based encrypted email. Sent with [ProtonMail](https://protonmail.com) Secure Email.
Bug#862942: firefox-esr: Attempting to launch Firefox locks up my Stretch RC3 system
Package: firefox-esr Version: 45.9.0esr-1 Severity: normal Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? * What outcome did you expect instead? *** End of the template - remove these template lines *** Running Stretch RC3 with all updates as of 5-18-17. Attempting to launch Firefox locks up my system. When I tried to launch it froma command line I got the following: "An error occurred while loading or saving configuration information for firefox-esr. Some of your configuration settings may not work properly. No D-BUS daemon running" When I ran # dmesg | grep failed I got: [1.174383] acpi PNP0A03:00: _OSC failed (AE_NOT_FOUND); disabling ASPM -- Package-specific info: -- Extensions information Name: Adblock Plus Location: ${PROFILE_EXTENSIONS}/{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi Status: enabled Name: AdBlocker for YouTube™ Location: ${PROFILE_EXTENSIONS}/jid1-q4sg8pyhq8k...@jetpack.xpi Status: enabled Name: Default theme Location: /usr/lib/firefox-esr/browser/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi Package: firefox-esr Status: enabled Name: Disconnect Location: ${PROFILE_EXTENSIONS}/2...@disconnect.me.xpi Status: enabled Name: Element Hiding Helper for Adblock Plus Location: ${PROFILE_EXTENSIONS}/elemhidehel...@adblockplus.org.xpi Status: enabled Name: Firefox Hello Beta Location: ${PROFILE_EXTENSIONS}/l...@mozilla.org.xpi Status: enabled Name: New Tab Homepage Location: ${PROFILE_EXTENSIONS}/{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi Status: enabled Name: NoScript Location: ${PROFILE_EXTENSIONS}/{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi Status: enabled Name: Open Bookmarks in New Tab Location: ${PROFILE_EXTENSIONS}/openbookmarkin...@piro.sakura.ne.jp.xpi Status: enabled Name: YouTube Video and Audio Downloader Location: ${PROFILE_EXTENSIONS}/feca4b87-3be4-43da-a1b1-137c24220...@jetpack.xpi Status: enabled -- Plugins information Name: IcedTea-Web Plugin (using IcedTea-Web 1.6.2 (1.6.2-3.1)) Location: /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/amd64/IcedTeaPlugin.so Package: icedtea-8-plugin:amd64 Status: enabled Name: iTunes Application Detector Location: /usr/lib/mozilla/plugins/librhythmbox-itms-detection-plugin.so Package: rhythmbox-plugins Status: enabled -- Addons package information ii firefox-esr45.9.0esr-1 amd64Mozilla Firefox web browser - Ext ii icedtea-8-plug 1.6.2-3.1amd64web browser plugin based on OpenJ ii rhythmbox-plug 3.4.1-2+b1 amd64plugins for rhythmbox music playe -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages firefox-esr depends on: ii debianutils 4.8.1 ii fontconfig2.11.0-6.7+b1 ii libasound21.1.3-5 ii libatk1.0-0 2.22.0-1 ii libc6 2.24-10 ii libcairo2 1.14.8-1 ii libdbus-1-3 1.10.18-1 ii libdbus-glib-1-2 0.108-2 ii libevent-2.0-52.0.21-stable-3 ii libffi6 3.2.1-6 ii libfontconfig12.11.0-6.7+b1 ii libfreetype6 2.6.3-3.2 ii libgcc1 1:6.3.0-16 ii libgdk-pixbuf2.0-02.36.5-2 ii libglib2.0-0 2.50.3-2 ii libgtk2.0-0 2.24.31-2 ii libhunspell-1.4-0 1.4.1-2+b2 ii libnspr4 2:4.12-6 ii libnss3 2:3.26.2-1 ii libpango-1.0-01.40.5-1 ii libsqlite3-0 3.16.2-3 ii libstartup-notification0 0.12-4+b2 ii libstdc++66.3.0-16 ii libvpx4 1.6.1-3 ii libx11-6 2:1.6.4-3 ii libxcomposite11:0.4.4-2 ii libxdamage1 1:1.1.4-2+b3 ii libxext6 2:1.3.3-1+b2 ii libxfixes31:5.0.3-1 ii libxrender1 1:0.9.10-1 ii libxt61:1.1.5-1 ii procps2:3.3.12-3 ii zlib1g1:1.2.8.dfsg-5 Versions of packages firefox-esr recommends: ii gstreamer1.0-libav 1.10.4-1 ii gstreamer1.0-plugins-good 1.10.4-1 Versions of packages firefox-esr suggests: pn fonts-lmodern pn fonts-stix | otf-stix ii libcanberra0 0.30-3 ii libgnomeui-0 2.24.5-3.1 ii libgssapi-krb5-2 1.15-1 pn mozplugger -- no debconf information
Bug#862941: binNMUs needed for multiple arm64 packages (#850814)
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Hey folks, As first discussed a while back, we've had a bug in gold which caused some broken builds of some arm64 packages. These were mostly in backports, with a few example in the early life of stretch. Now that #850814 is fixed and we have an updated binutils in stable too, I've re-scanned the archive for arm64 binaries with broken alignment. Please binNMU the following (I hope I got the syntax right!): Backports: nmu haskell-cabal_1.22.4.0-2~bpo8+1 . arm64 . jessie-backports -m "Rebuild with fixed binutils" nmu haskell-hierarchical-clustering_0.4.6-1~bpo8+1 . arm64 . jessie-backports -m "Rebuild with fixed binutils" nmu haskell-http_4000.2.20-3~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu haskell-mtl_2.2.1-2~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu haskell-network_2.6.2.1-3~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu haskell-network-uri_2.6.0.3-3~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu haskell-old-locale_1.0.0.7-2~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu haskell-old-time_1.1.0.3-2~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu haskell-parsec_3.1.9-4~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu haskell-prettyclass_1.0.0.0-4~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu haskell-random_1.1-3~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu haskell-stm_2.4.4-4~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu haskell-text_1.2.1.3-2~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu haskell-zlib_0.5.4.2-4~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu systemd_230-7~bpo8+2 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" nmu wine-development_2.0.3~bpo8+1 . arm64 . jessie-backports . -m "Rebuild with fixed binutils" Unstable: nmu wine-development_2.0.3 . arm64 . -m "Rebuild with fixed binutils" Experimental: nmu wine-development_2.8-1 . arm64 . experimental . -m "Rebuild with fixed binutils" nmu wine-2.0.1-1 . arm64 . experimental . -m "Rebuild with fixed binutils" I'm *guessing* all the Haskell packages might involve triggering more rebuild of all the rdeps too, not sure... -- System Information: Debian Release: 8.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-0.bpo.1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#861612: pixbros: level designs appear to be non-free
On Fri, May 12, 2017 at 11:03:24PM +0200, Markus Koschany wrote: > What we need to check is: Does the game comply with the DFSG and does it > infringe the copyright of another programmer/artist. In my opinion that > is not the case here because the license is DFSG-compatible and the game > looks and works differently in style and artwork. We are not aware of a > verdict which states that the level resemblance infringes the rights of > another party. Hi Markus, To clarify, I think it's a copyright violation. The copyrights in question are the layout of the levels, the level designers' choices of where the platforms are. For a simple level like level 30 it would be unremarkable for games in the same genre to have a similar level, but not the complex designs of most of the levels from 31 to 49. > This whole bug report reminds me of Giana Sisters, ... > On the other hand we have many open source games that try to clone an > older game but they look and behave often differently and use their own > graphics or they just reinvent the engine and then use the original > artwork (hence why those games are shipped in contrib) But the ones in contrib using original artwork only have the DFSG parts in contrib, the copy of the original artwork isn't in contrib. > Look at Pathological which is obviously a clone of Logical or Tuxpuck > which very much resembles the Shuffle Puck Cafe game. Are they non-free > too? I don't think so because I have played the original games and I can > tell you that the older games had both better graphics, more levels and > were more feature complete. They resemble each other but they are not on > a par and the risk that some company sues Debian just for distributing > them is highly unlikely because we make no money with them either. Just as they used new artwork, Pathological used (AFAIK) new level designs. The first level looks like a level of Logical, but that's forced by the genre, there's a limited set of level designs for a tutorial level that introduces the concept of the game. With tuxpuck the level design seems to be a rectangular table, with a rectangular area of that table that the player can move the bat to. Neither of these games seems to have a direct copy from the game that inspired them. Regards, Steve
Bug#758004: uswsusp: package does not play well with systemd
Package: uswsusp Version: 1.0+20120915-6.1+b1 Followup-For: Bug #758004 Dear Maintainer, An effective workaround is to use systemd overrides as mentioned earlier, from the Arch Linux wiki. Adapted for Debian, this becomes: $ cat /etc/systemd/system/systemd-{suspend,hybrid-sleep,hibernate}.service.d/override.conf [Service] ExecStart= ExecStartPre=-/usr/bin/run-parts -v -a pre /lib/systemd/system-sleep ExecStart=/usr/sbin/{s2ram,s2both,s2disk} ExecStartPost=-/usr/bin/run-parts -v --reverse -a post /lib/systemd/system-sleep Or you can mix-and-match as desired; for example I'm using {suspend,s2both} because the XFCE GUI doesn't have a "hybrid sleep" option. This works even if the whole disk is encrypted, including the swap partition. After your initramfs decrypts the relevant partitions, the s2disk resume logic kicks in as normal. X -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (300, 'unstable'), (200, 'experimental'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages uswsusp depends on: ii debconf [debconf-2.0] 1.5.60 ii libblkid1 2.29.2-1 ii libc6 2.24-10 ii liblzo2-2 2.08-1.2+b2 ii libpci31:3.5.2-1 ii libx86-1 1.1+ds1-10.2 Versions of packages uswsusp recommends: ii initramfs-tools 0.130 ii mount2.29.2-1 uswsusp suggests no packages. -- debconf information excluded
Bug#862940: RFS: slick-greeter/1.0.3-1 ITP
Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "slick-greeter" * Package name: slick-greeter Version : 1.0.3-1 Upstream Author : Clement Lefebvre* URL : https://github.com/linuxmint/slick-greeter/ * License : GPL-3+ Section : x11 It builds those binary packages: slick-greeter - Slick-looking LightDM greeter To access further information about this package, please visit the following URL: https://mentors.debian.net/package/slick-greeter Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/s/slick-greeter/slick-greeter_1.0.3-1.dsc Notes: Slick-Greeter has been created by Linux Mint as their primary LightDM greeter for their distro. It is being promoted as a distro-agnostic greeter. I am aware it is available in several non-Debian based distro's. Given the limited number of LightDM based greeters available in Debian I believe this is a good complement for Debian with a long-term upstream viability. Packaging issues. Linux Mint do not PGP sign their packages. The upstream tarball contains their Debian package specific to their Distro. I asked the question whether they would separate distro specific packaging from the source but this was declined -https://github.com/linuxmint/slick-greeter/issues/22 As such to build this package I am prepared to maintain the Debian package under our distro GithHub organisation Ubuntu Budgie To build this I have had to-do the following: uscan to autodownload the upstream tarball via the debian/watch in this Debian package Unpack the published upstream tarball. Remove the upstream Debian folder and its contents Copy back from the published UbuntuBudgie slick-greeter debian branch the Debian package. This Debian package contains one patch - this is to replace the upstream specific font dependency with what I consider a good font available in Debian and all Debian based distros (font-cantarell) I'm aware of the release state of Stretch; this package is therefore not appropriate for Stretch. Please let me know if experimental is perhaps more appropriate than unstable given the status of Stretch. I can confirm that the necessary build dependency differences between Ubuntu and Debian have been met here i.e. builds successfully both on Debian and Ubuntu without needing separate distro packages. Have run check-all-the-things on the source and adjusted the debian/copyright accordingly. Doesnt appear to be any other changes required as a result of the check-all-the-things output. Also ran lintian -i -I on the built changes and this returned no issues. Changes since the last upload: * Initial release. (Closes: #862934) Regards, David Mohammed
Bug#861754: libpll: FTBFS on non-x86: x86intrin.h: No such file or directory
Hi, a small comment on the patch: On 05/16/2017 01:28 PM, James Cowgill wrote: > override_dh_auto_configure: > - ./autogen.sh > -ifeq ($(DEB_BUILD_ARCH),i386) > - ./autogen.sh --disable-avx --disable-sse > - dh_auto_configure -- --disable-avx --disable-sse > +ifneq ($(filter $(DEB_HOST_ARCH_CPU), amd64 i386),) > + dh_auto_configure > else > - ./autogen.sh --disable-avx > - dh_auto_configure -- --disable-avx > + dh_auto_configure -- --disable-sse --disable-avx --disable-avx2 > endif At first glance this appears to be wrong, as SSE2 is part of the amd64 base ISA. However, --disable-sse actually disables SSE3 (not part of amd64 base ISA), so it's not actually wrong - you'd probably want to add a comment to d/rules that indicates that --disable-sse is for SSE3 though. Also, you should add x32 to the list of archs next to amd64 and i386 where SSE3 and higher should be disabled. Regards, Christian
Bug#862939: RFP : golang-github-fatih-color-dev -- Color package for Go
Package: wnpp Severity: wishlist Upstream Author : Fatih ArslanURL : https://github.com/fatih/color/ License : MIT Language : Go Description : Color lets you use colorized outputs in terms of ANSI Escape Codes in Go (Golang). The API can be used in several ways, pick one that suits you.
Bug#862938: RFP : gostack-stack -- utilities to capture, manipulate, and format call stacks
Package: wnpp Severity: wishlist Upstream Author : Chris Hines URL : https://github.com/go-stack/stack License : MIT Language : Go Description : Package stack implements utilities to capture, manipulate, and format call stacks. It provides a simpler API than package runtime. The implementation takes care of the minutia and special cases of interpreting the program counter (pc) values returned by runtime.Callers.
Bug#861686: unblock: openssl/1.1.0e-2
Sebastian Andrzej Siewior(2017-05-18): > On 2017-05-07 16:39:00 [+], Niels Thykier wrote: > > Sebastian Andrzej Siewior: > > > uploaded and built on all releases architectures. > > > > Ack/RT unblock, CC'ing KiBi for a d-i ack. > > I don't want to rush or anything but in case it got forgotten, we are > still waiting for the d-i ack. Thanks for prodding, I indeed missed the request initially… No objections, and sorry for the lag. KiBi. signature.asc Description: Digital signature
Bug#861018: Permissions on folders and access problems
On Thu, 27 Apr 2017 12:01:47 +0100 Jim Cobleywrote: > audit: type=1400 audit(1493287998.510:88): apparmor="DENIED" > operation="open" profile="thunderbird" > name="/mnt/Z/temp/Bluebell/TyreSize.jpg" pid=4537 comm="thunderbird" > requested_mask="r" denied_mask="r" fsuid=1900 ouid=1900 Right, /mnt isn't accessible as the Apparmor policy mostly only authorize reading files from $HOME and /opt. I think that granting read access to the following directories: /data /media /mnt /srv And let "owner" write to those would make sense. Carsten, I've pushed a commit [*] doing just that. > audit: type=1400 audit(1493288317.390:149): apparmor="DENIED" > operation="exec" profile="thunderbird" > name="/usr/lib/firefox-esr/firefox-esr" pid=4906 comm="thunderbird" > requested_mask="x" denied_mask="x" fsuid=1900 ouid=0 It seems like the ESR version of Firefox would need to be added to "abstractions/ubuntu-browsers" or it's Debian equivalent. Regards, Simon *: https://github.com/simondeziel/aa-profiles/blob/master/16.04/usr.bin.thunderbird commit 51548d63b2 signature.asc Description: OpenPGP digital signature
Bug#862727: ITP: libjasper -- JasPer JPEG-2000 runtime library
Control:retitle -1 ITP: jasper -- JasPer JPEG-2000 runtime library
Bug#862727: ITP: libjasper -- JasPer JPEG-2000 runtime library
Control:retitle -1 ITP: libjasper -- JasPer JPEG-2000 runtime library
Bug#858031: Please make volume id for netinst different from DVD
Control: tag -1 +pending On Thu, May 18, 2017 at 09:38:43PM +0200, Guido Günther wrote: >On Thu, May 18, 2017 at 08:31:18AM +0200, Thomas Schmitt wrote: >> Hi, >> >> Guido Günther wrote: >> > > Volume id: Debian stretch-DI-rc2 amd64 1 >> > > [...] >> > > >If the netinst variant would contain netinst or similar >> >> Steve McIntyre wrote: >> > I understand, yes. The problem we have is that the volume ID is very >> > limited in space available. We've run out... :-/ >> >> How about replacing the volume number "1" by "n" ? > >That would be great! ACK, that's a good option. :-) I've just committed code to do that, let's see how it looks on the next daily/weekly builds. -- Steve McIntyre, Cambridge, UK.st...@einval.com "Every time you use Tcl, God kills a kitten." -- Malcolm Ray
Bug#862937: unblock: firejail/0.9.44.8-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package firejail Version 0.9.44.8-2 includes a cherry-picked patch that fixes a memory corruption which leads to a crash when firejail is called with certain options (#862083). Kind regards, Reiner unblock firejail/0.9.44.8-2 diff -Nru firejail-0.9.44.8/debian/changelog firejail-0.9.44.8/debian/changelog --- firejail-0.9.44.8/debian/changelog 2017-01-19 23:14:35.0 +0100 +++ firejail-0.9.44.8/debian/changelog 2017-05-09 21:15:19.0 +0200 @@ -1,3 +1,10 @@ +firejail (0.9.44.8-2) unstable; urgency=medium + + * Cherry-pick upstream patch for memory corruption in noblacklist +processing (Closes: #862083). + + -- Reiner HerrmannTue, 09 May 2017 21:15:19 +0200 + firejail (0.9.44.8-1) unstable; urgency=medium * New upstream release. diff -Nru firejail-0.9.44.8/debian/patches/0001-bugfix-ugly-memory-corruption-in-noblacklist-process.patch firejail-0.9.44.8/debian/patches/0001-bugfix-ugly-memory-corruption-in-noblacklist-process.patch --- firejail-0.9.44.8/debian/patches/0001-bugfix-ugly-memory-corruption-in-noblacklist-process.patch 1970-01-01 01:00:00.0 +0100 +++ firejail-0.9.44.8/debian/patches/0001-bugfix-ugly-memory-corruption-in-noblacklist-process.patch 2017-05-09 21:10:12.0 +0200 @@ -0,0 +1,241 @@ +From: netblue30 +Subject: [PATCH] bugfix: ugly memory corruption in noblacklist processing +Origin: upstream, https://github.com/netblue30/firejail/commit/ad51fb7489a148ed87abe367a82e0d25203b2d28 +Debian-Bug: https://bugs.debian.org/862083 + +diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h +index 13be6b11..d1445ea3 100644 +--- a/src/firejail/firejail.h b/src/firejail/firejail.h +@@ -631,6 +631,7 @@ void run_symlink(int argc, char **argv); + + // paths.c + char **build_paths(void); ++unsigned int count_paths(void); + + // fs_mkdir.c + void fs_mkdir(const char *name); +diff --git a/src/firejail/fs.c b/src/firejail/fs.c +index 3ea4725b..3efaae93 100644 +--- a/src/firejail/fs.c b/src/firejail/fs.c +@@ -436,26 +436,35 @@ void fs_blacklist(void) { + + // Process noblacklist command + if (strncmp(entry->data, "noblacklist ", 12) == 0) { +- char **paths = build_paths(); +- +- char *enames[sizeof(paths)+1] = {0}; +- int i = 0; ++ char **enames; ++ int i; + + if (strncmp(entry->data + 12, "${PATH}", 7) == 0) { + // expand ${PATH} macro +- while (paths[i] != NULL) { +- if (asprintf([i], "%s%s", paths[i], entry->data + 19) == -1) ++ char **paths = build_paths(); ++ unsigned int npaths = count_paths(); ++ enames = calloc(npaths, sizeof(char *)); ++ if (!enames) ++ errExit("calloc"); ++ ++ for (i = 0; paths[i]; i++) { ++ if (asprintf([i], "%s%s", paths[i], ++ entry->data + 19) == -1) + errExit("asprintf"); +- i++; + } +- } else { ++ assert(enames[npaths-1] == 0); ++ ++ } ++ else { + // expand ${HOME} macro if found or pass as is ++ enames = calloc(2, sizeof(char *)); ++ if (!enames) ++ errExit("calloc"); + enames[0] = expand_home(entry->data + 12, homedir); +- enames[1] = NULL; ++ assert(enames[1] == 0); + } + +- i = 0; +- while (enames[i] != NULL) { ++ for (i = 0; enames[i]; i++) { + if (noblacklist_c >= noblacklist_m) { + noblacklist_m *= 2; + noblacklist = realloc(noblacklist, sizeof(*noblacklist) * noblacklist_m); +@@ -463,12 +472,9 @@ void fs_blacklist(void) { + errExit("failed increasing memory for noblacklist entries"); + } + noblacklist[noblacklist_c++] = enames[i]; +- i++; + } + +- while (enames[i] != NULL) { +- free(enames[i]); +-
Bug#862936: ITA: fonts-sil-annapurna -- smart font for languages using Devanagari script
Package: wnpp Version: N/A; reported 2017-05-18 Severity: normal The current maintainer, Daniel Glassey, has requested that I take over the packaging of the fonts that SIL International produces, such as this font. Bobby -- Bobby de Vos /bobby_de...@sil.org/
Bug#862935: installation-reports: vmlinuz missing from armhf netboot SD image
Package: installation-reports Severity: important -- Package-specific info: Boot method: netboot SD-card image Image version: http://ftp.nl.debian.org/debian/dists/testing/main/installer-armhf/current/images/netboot/SD-card-images/partition.img.gz [20170407] Date: 2017-05-18T22:00+01:00 Machine: BeagleBone Black Partitions: Disk /dev/mmcblk1: 3.6 GiB, 3825205248 bytes, 7471104 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x0aa12372 Device Boot Start End Sectors Size Id Type /dev/mmcblk1p1 * 2048 438271 436224 213M 83 Linux /dev/mmcblk1p2 438272 6483967 6045696 2.9G 83 Linux /dev/mmcblk1p3 6486014 7469055 983042 480M 5 Extended /dev/mmcblk1p5 6486016 7469055 983040 480M 82 Linux swap / Solaris Base System Installation Checklist: [O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it Initial boot: [E] Detect network card:[O] Configure network: [O] Detect CD: [ ] Load installer modules: [O] Clock/timezone setup: [O] User/password setup:[O] Detect hard drives: [O] Partition hard drives: [O] Install base system:[O] Install tasks: [O] Install boot loader:[O] Overall install:[O] Comments/Problems: I installed the system using a serial console from an Ubuntu 16.04 box using picocom and GNOME Terminal. I also used this Ubuntu box for downloading and manipulating boot images. I assembled an image from parts in images/netboot/SD-card-images: zcat firmware.BeagleBoneBlack.img.gz partition.img.gz | sudo sh -c 'cat > /dev/sdc' This failed to boot on my BeagleBone Black. Here is the console log: 8< U-Boot SPL 2016.11+dfsg1-4 (Mar 27 2017 - 18:39:51) Trying to boot from MMC1 MMC partition switch failed *** Warning - MMC partition switch failed, using default environment U-Boot 2016.11+dfsg1-4 (Mar 27 2017 - 18:39:51 +) CPU : AM335X-GP rev 2.1 I2C: ready DRAM: 512 MiB MMC: OMAP SD/MMC: 0, OMAP SD/MMC: 1 *** Warning - bad CRC, using default environment not set. Validating first E-fuse MAC Net: cpsw Press SPACE to abort autoboot in 2 seconds switch to partitions #0, OK mmc0 is current device SD/MMC found on device 0 reading boot.scr 1575 bytes read in 6 ms (255.9 KiB/s) Running bootscript from mmc0 ... ## Executing script at 8200 Mainline u-boot / new-style environment detected. This installer medium does not contain a suitable device-tree file for this system (am335x-boneblack.dtb). Aborting boot process. switch to partitions #0, OK mmc0 is current device Scanning mmc 0:1... Found U-Boot script /boot.scr reading /boot.scr 1575 bytes read in 7 ms (219.7 KiB/s) ## Executing script at 8000 Mainline u-boot / new-style environment detected. reading vmlinuz ** Unable to read file vmlinuz ** SCRIPT FAILED: continuing... switch to partitions #0, OK mmc0 is current device SD/MMC found on device 0 switch to partitions #0, OK mmc0 is current device SD/MMC found on device 0 reading boot.scr 1575 bytes read in 6 ms (255.9 KiB/s) Running bootscript from mmc0 ... ## Executing script at 8200 Mainline u-boot / new-style environment detected. reading vmlinuz ** Unable to read file vmlinuz ** ** Invalid partition 2 ** switch to partitions #0, OK mmc1(part 0) is current device Scanning mmc 1:1... switch to partitions #0, OK mmc1(part 0) is current device SD/MMC found on device 1 switch to partitions #0, OK mmc1(part 0) is current device SD/MMC found on device 1 reading boot.scr ** Unable to read file boot.scr ** reading uEnv.txt ** Unable to read file uEnv.txt ** ** File not found /boot/zImage ** ## Error: "bootcmd_nand0" not defined starting USB... USB0: Port not available. cpsw Waiting for PHY auto negotiation to complete. TIMEOUT ! BOOTP broadcast 1 >8 The critical line seems to be "** Unable to read file vmlinuz **". Indeed, there's no file called "vmlinuz" on the SD card. I tried to copy on the "vmlinuz" from images/netboot, but that failed: bjh21@sole:/tmp/debian-stretch-rc3$ sudo cp vmlinuz /media/bjh21/EB55-8514/. cp: error writing '/media/bjh21/EB55-8514/./vmlinuz': No space left on device I deleted the partition from the SD card, created a bigger one, and installed the contents of the partition image and the vmlinuz file referenced above. This booted successfully. The first question was a little odd, asking me to select a language for the installation process, with a choice between "English" and "C". There wasn't any clear explanation of what "C" meant. Thereafter, everything went well until the reboot after installation. First, the console started emitting "C" characters a few times per second, which makes me think of XMODEM. Maybe I accidentally typed something at the wrong moment while putting the MicroSD card away. Anyway, afterwards the GNOME
Bug#862922: aptitude: [INTL:nl] Dutch po file for the aptitude package
Control: tags -1 + pending 2017-05-18 20:18 Frans Spiesschaert: Package: aptitude Severity: wishlist Tags: l10n patch Dear Maintainer, == Please find attached the updated Dutch po file for the aptitude package. It has been submitted for review to the debian-l10n-dutch mailing list. Please add it to your next package revision. It should be put as "po/nl.po" in your package build tree. === Applied, thanks. -- Manuel A. Fernandez Montecelo
Bug#862934: ITP: slick-greeter -- slick-looking LightDM greeter
Package: wnpp Severity: wishlist Owner: David MohammedPackage name: slick-greeter Version: 1.0.3 Upstream Author : Clement Lefebvre URL: https://github.com/linuxmint/slick-greeter/ License: GPL 3+ Programming Lang: Vala Description: Slick-looking LightDM greeter Slick-Greeter is cross-distribution and should work pretty much anywhere. . All panel applets are embedded. No external indicators are launched or loaded by the greeter. . No settings daemon are launched or loaded by the greeter. . This greeter supports HiDPI. . Sessions are validated. If a default/chosen session isn't present on the system, the greeter scans for known sessions in /usr/share/xsessions and replaces the invalid session choice with a valid session. . You can take a screenshot by pressing PrintScrn. The screenshot is saved in /var/lib/lightdm/Screenshot.png. . Slick Greeter started as a fork of Unity Greeter 16.04.2, a greeter developed for Ubuntu by Canonical, which used indicators and unity-settings-daemon.
Bug#862917: Warzone 2100 3.2 campaign is buggy and unplayable. Debian should package version 3.1 until this is resolved
Am 18.05.2017 um 19:35 schrieb Evgeny Kapun: > Package: warzone2100 > Version: 3.2.1-2 > Severity: important > > Starting from version 3.2, campaign scripts in Warzone 2100 are being > rewritten in JavaScript [1]. As a result, they now have lots of bugs > (some examples: [2], [3], [4]), making the campaign more or less > unplayable. > > Because the developers are not very active in fixing those bugs, and > because the new version doesn't offer any significant advantages to > players, I think that Debian should stick to version 3.1 until the > situation improves. > > [1] https://forums.wz2100.net/viewtopic.php?f=35=11872 > [2] https://developer.wz2100.net/ticket/4541 > [3] https://developer.wz2100.net/ticket/4549 > [4] https://developer.wz2100.net/ticket/4565 It is far too late now to revert to version 3.1 in Debian Stretch and we will release with 3.2.1. Apparently those bugs were reported against 3.2.2, so perhaps Debian's version is not affected but I haven't tested it yet. Normally we would have received a concrete bug report by now though. We could also do a point release to fix specific bugs in Stretch if the patches are not too intrusive. At the moment I am not aware of any severe campaign bugs. As for packaging new upstream releases: We could use a helping hand with warzone2100, someone who is interested in properly maintaining the package. As it stands for now, only severe bugs will be addressed in the future and hopefully we get a new version into Buster but that's not for certain. Regards, Markus signature.asc Description: OpenPGP digital signature
Bug#862933: ITP: gmailfeed -- A plasmoid for notification and listing unread emails from your Gmail inbox
Package: wnpp Severity: wishlist Owner: Nicholas D Steeves* Package name: gmailfeed Version : 1.1 Upstream Author : Anthony Vital * URL : https://github.com/anthon38/gmailfeed * License : GPL-3 Programming Lang: C++ Description : A plasmoid for the notification and listing of unread emails from your Gmail inbox Gmail Feed is a plasmoid for Plasma 5. It provides a list of unread emails from your Gmail inbox. You also get notified when you receive new messages. -- To the best of my knowledge there is not yet a plasmoid in the archive that provides equivalent functionality. While most KDE users probably use KMail or Thunderbird, and with KDE5/Plasma Desktop can receive new email notification from an Android Phone, or allow their browser to display desktop notifications, I believe that it is useful to provide an applet such as this--particularly for memory-constrained systems where productivity is negatively affected by keeping a desktop email client running. Things I haven't yet investigated about this package: 1. Does it support kwallet? 2. Does it use the IMAP interface and/or OAuth 2.0? 3. Does it support GMail labels. - eg: Are the nofications/lists for IMAP INBOX or for "Primary" 4. If it supports GMail labels, are they configurable? I believe that it would probably be best to maintain it as part of the pkg-KDE team; however, I am not yet part of this team. Please CC this bug when replying. Failing that, I would use a git project in collab-maint. In terms of priority/timeline it will be at least a month or two before I have the time to package this. Cheers, Nicholas
Bug#859867: [buildd-tools-devel] Bug#859867: Please add a package which automatically configures sbuild for Debian packaging
Sorry for the late reply. On Tue, Apr 11, 2017 at 10:39 AM, Johannes Schauerwrote: > Hi, > > Quoting Michael Stapelberg (2017-04-08 11:28:12) > > One area where sbuild sorely lacks is configuration, though: pbuilder is > very > > easy to set up, whereas sbuild requires reading through > > https://wiki.debian.org/sbuild, performing a bunch of steps, only to > end up > > with a setup which works fine for unstable, but seems very clumsy when > > building packages for experimental or backports. > > > > One solution to this issue that I can see is to add a new binary > > package to src:sbuild which — possibly after a brief debconf prompt — > > performs all the necessary steps to end up with a setup that just > > works. > > > > What are your thoughts on this? Would patches be welcome to add such a > > package? > > patches totally welcome! :D > Cool! I’ll see if I can whip up such a package by working through the wiki page. > > This is a nice idea! > > Maybe these packages could be named sbuild-backend-${foo} where $foo is the > respective backend? At first, a package sbuild-backend-schroot would be > cool > because schroot is the default backend. It would be nice if that would set > up > sbuild schroots for stable-backports, unstable and experimental. Maybe that > package should also install and activate cron-jobs to regularly update > those > schroots? > Which other backends even are there, and do we really need to offer our users that choice, when we’re talking about a package with sane defaults for people who prefer not to make these choices right now? :) > > What irks me is, that this setup would be Debian specific. It doesn't make > much > sense for Debian's downstreams to have have schroots for Debian. Maybe the > distribution name should be part of the package name? Or maybe it should be > easy for downstreams that care to override the set of distributions the > schroots are created for? > Putting Debian into the package name seems reasonable. How about sbuild-debian-dev-setup? I originally thought of sbuild-debian-setup, but it could be confused to mean “a setup which reflects Debian’s official setup”, i.e. the buildds. The “setup” suffix to me conveys that this package offers only configuration, not new software. Perhaps there’s a more idiomatic term for that in Debian? > > Thanks! > > cheers, josch > -- Best regards, Michael
Bug#862580: Winbind crashes on ssh login of a domain user.
Okay, since it's a winbind bug, some more winbind related information: This is a reproducible bug and a regression from jessie to stretch. Please fix it before the release of stretch. As a "workaround": After login as a local user you can successfull login as a domain user for some time. When you wait too long winbind crashes again on login. I'm using idmap config * : backend = tdb idmap config * : range = 11000-2 winbind enum groups = yes winbind enum users = yes winbind use default domain = yes winbind refresh tickets = yes and my "log level = 2 winbind:3" log reports a winbindd_sig_term for a failed ssh-login. The log says: [2017/05/18 10:22:54.102583, 3] ../source3/winbindd/winbindd_misc.c:396(winbindd_interface_version) [2017/05/18 10:22:54.102670, 3] ../source3/winbindd/winbindd_misc.c:429(winbindd_priv_pipe_dir) [2017/05/18 10:22:54.102796, 3] ../source3/winbindd/winbindd_getgroups.c:60(winbindd_getgroups_send) [2017/05/18 10:22:54.243679, 3] ../source3/winbindd/winbindd_misc.c:396(winbindd_interface_version) [2017/05/18 10:22:54.243765, 3] ../source3/winbindd/winbindd_misc.c:429(winbindd_priv_pipe_dir) [2017/05/18 10:22:54.243851, 3] ../source3/winbindd/winbindd_getgroups.c:60(winbindd_getgroups_send) [2017/05/18 10:22:54.288895, 3] ../source3/winbindd/winbindd_misc.c:396(winbindd_interface_version) [2017/05/18 10:22:54.289037, 3] ../source3/winbindd/winbindd_misc.c:429(winbindd_priv_pipe_dir) [2017/05/18 10:22:54.289157, 3] ../source3/winbindd/winbindd_getgroups.c:60(winbindd_getgroups_send) [2017/05/18 10:22:54.365699, 0] ../source3/winbindd/winbindd.c:279(winbindd_sig_term_handler) [2017/05/18 13:22:54.031839, 0] ../source3/winbindd/winbindd.c:279(winbindd_sig_term_handler) [2017/05/18 13:22:54.090085, 2] ../source3/param/loadparm.c:314(max_open_files) [2017/05/18 13:22:54.090436, 2] ../source3/lib/interface.c:345(add_interface) [2017/05/18 13:22:54.090511, 2] ../source3/lib/interface.c:345(add_interface) [2017/05/18 13:22:54.093370, 0] ../source3/winbindd/winbindd_cache.c:3244(initialize_winbindd_cache) [2017/05/18 13:22:54.096237, 2] ../source3/winbindd/winbindd_util.c:288(add_trusted_domain_from_tdc) [2017/05/18 13:22:54.096281, 2] ../source3/winbindd/winbindd_util.c:288(add_trusted_domain_from_tdc) [2017/05/18 13:22:54.096374, 2] ../source3/winbindd/winbindd_util.c:288(add_trusted_domain_from_tdc) [2017/05/18 13:22:54.096426, 2] ../source3/lib/tallocmsg.c:56(register_msg_pool_usage) [2017/05/18 13:22:54.096486, 2] ../source3/lib/dmallocmsg.c:78(register_dmalloc_msgs) [2017/05/18 13:22:54.097043, 0] ../lib/util/become_daemon.c:124(daemon_ready) [2017/05/18 13:22:54.146436, 3] ../source3/winbindd/winbindd_misc.c:396(winbindd_interface_version) [2017/05/18 13:22:54.146508, 3] ../source3/winbindd/winbindd_misc.c:429(winbindd_priv_pipe_dir) [2017/05/18 13:22:54.146564, 3] ../source3/winbindd/winbindd_getgroups.c:60(winbindd_getgroups_send) [2017/05/18 13:22:54.312783, 3] ../source3/winbindd/winbindd_misc.c:396(winbindd_interface_version) [2017/05/18 13:22:54.312852, 3] ../source3/winbindd/winbindd_misc.c:429(winbindd_priv_pipe_dir) [2017/05/18 13:22:54.312942, 3] ../source3/winbindd/winbindd_getgroups.c:60(winbindd_getgroups_send) [2017/05/18 13:22:54.386732, 3] ../source3/winbindd/winbindd_misc.c:396(winbindd_interface_version) [2017/05/18 13:22:54.386829, 3] ../source3/winbindd/winbindd_misc.c:429(winbindd_priv_pipe_dir) [2017/05/18 13:22:54.386966, 3] ../source3/winbindd/winbindd_getgroups.c:60(winbindd_getgroups_send) [2017/05/18 13:22:54.400652, 0] ../source3/winbindd/winbindd.c:279(winbindd_sig_term_handler) [2017/05/18 13:22:54.449974, 2] ../source3/param/loadparm.c:314(max_open_files) [2017/05/18 13:22:54.450316, 2] ../source3/lib/interface.c:345(add_interface) [2017/05/18 13:22:54.450392, 2] ../source3/lib/interface.c:345(add_interface) [2017/05/18 13:22:54.452112, 0] ../source3/winbindd/winbindd_cache.c:3244(initialize_winbindd_cache) [2017/05/18 13:22:54.453401, 2] ../source3/winbindd/winbindd_util.c:288(add_trusted_domain_from_tdc) [2017/05/18 13:22:54.453443, 2] ../source3/winbindd/winbindd_util.c:288(add_trusted_domain_from_tdc) [2017/05/18 13:22:54.453483, 2] ../source3/winbindd/winbindd_util.c:288(add_trusted_domain_from_tdc) [2017/05/18 13:22:54.453525, 2] ../source3/lib/tallocmsg.c:56(register_msg_pool_usage) [2017/05/18 13:22:54.453541, 2] ../source3/lib/dmallocmsg.c:78(register_dmalloc_msgs) [2017/05/18 13:22:54.454603, 0] ../lib/util/become_daemon.c:124(daemon_ready) [2017/05/18 13:22:54.659064, 3] ../source3/winbindd/winbindd_misc.c:396(winbindd_interface_version) [2017/05/18 13:22:54.659149, 3] ../source3/winbindd/winbindd_misc.c:429(winbindd_priv_pipe_dir) [2017/05/18 13:22:54.659240, 3] ../source3/winbindd/winbindd_getgroups.c:60(winbindd_getgroups_send) [2017/05/18 13:22:54.788824, 3] ../source3/winbindd/winbindd_misc.c:396(winbindd_interface_version) [2017/05/18 13:22:54.788904, 3]
Bug#857573: Processed: Re: systemd: Raise network interfaces fails to stop cleanly on shutdown/reboot
Am 18.05.2017 um 10:32 schrieb Christoph Biedl: > Michael Biebl wrote... > >> To mark as mountpoint as network mount, there is the _netdev mount >> option. > > While I can confirm this provides a sane and safe shutdown for a mounted > AoE-device, this works only if the device was initially mounted using > that extra option. A later "mount -o remount,_netdev" exits zero but > does not change /proc/mounts, hence resulting in havoc. If you could > shed some light on this? > >> See man systemd.mount. systemd tries to autodetect that for >> various network file systems >> >> https://github.com/systemd/systemd/blob/master/src/fstab-generator/fstab-generator.c#L164 >> >> https://github.com/systemd/systemd/blob/master/src/basic/mount-util.c#L516 > > As a suggestion (probably too late for stretch), an extension of that > check could inspect the device name as well, to detect AoE, NBD and even > iSCSI devices - the latter probably needs some extra magic. That sounds like a reasonable request if those mount points can be detected reliably. Would you mind filing an upstream bug report that at https://github.com/systemd/systemd/issues I personally have no experience with AoE Regards, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth? signature.asc Description: OpenPGP digital signature
Bug#862932: ferret-vis: ppl and font directories not recognised
Package: ferret-vis Version: 7.0-2 Severity: normal Dear maintainer, I have installed `ferret-vis` on stretch, set several `FER_*` paths and ran the program. The program runs and I can load a dataset. However, when I try to plot something from the dataset, the program crashes: ``` marco@graviton ~ $ set | grep FER_ FER_DATA=/usr/share/ferret-vis/data FER_DESCR=/usr/share/ferret-vis/descr FER_DIR=/usr/share/ferret-vis FER_DSETS=/usr/share/ferret-vis/data FER_FONTS=/usr/share/ferret-vis/ppl/fonts FER_GO=/usr/share/ferret-vis/jnls FER_GRIDS=/usr/share/ferret-vis/grids FER_PALETTE=/usr/share/ferret-vis/ppl marco@graviton ~ $ ls -l ${FER_DATA}/levitus_climatology.cdf -rw-r--r-- 1 root root 10373712 Dec 25 10:51 /usr/share/ferret-vis/data/levitus_climatology.cdf marco@graviton ~ $ ls -l ${FER_FONTS}/fondat.dat -rw-r--r-- 1 root root 1234 Dec 25 10:51 /usr/share/ferret-vis/ppl/fonts/fondat.dat marco@graviton ~ $ ls -l ${FER_PALETTE}/default.spk ls: cannot access '/usr/share/ferret-vis/ppl/default.spk': No such file or directory marco@graviton ~ $ ls ${FER_PALETTE}/ fonts marco@graviton ~ $ ferret_c NOAA/PMEL TMAP FERRET v7.01 (optimized) Linux 4.8.0-2-amd64 - 12/25/16 18-May-17 21:37 yes? use levitus_climatology yes? shade temp[k=1] PPL+ error: Unable to read "default.spk" to set shade and fill colors. PPL+ error: Unable to read "default.spk" to set shade and fill colors. *** NOTE: Fonts directory is undefined. Check the Ferret environment. **ERROR: file undefined or not found: fondat.dat ``` As you can see, I have set $FER_DATA, $FER_PALETTE and $FER_FONTS (amongst other variables). Indeed there is no problem with $FER_DATA and the file that I try to load. However, the file `default.spk` (amongst other files typically part of a Ferret installation) is missing from $FER_PALETTE. And then the $FER_FONTS directory does contain `fondat.dat` but Ferret thinks otherwise. Note that I run plain ferret (through `ferret_c`); so far I've never used pyferret. -- System Information: Debian Release: 9.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=eo.utf8, LC_CTYPE=eo.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.utf8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages ferret-vis depends on: ii libc6 2.24-10 ii libgfortran36.3.0-16 ii libnetcdf11 1:4.4.1.1-2 ii libnetcdff6 4.4.4+ds-2 ii libreadline77.0-2 ii libx11-62:1.6.4-3 ii libxgks22.6.1+dfsg.2-4+b1 ii tcsh [c-shell] 6.20.00-7 Versions of packages ferret-vis recommends: ii ferret-datasets 7.0-2 ii python-ferret7.0.0-2 ii python3-ferret 7.0.0-2 ferret-vis suggests no packages. -- no debconf information
Bug#862930: RFS: node-big-integer/1.6.22-1 [ITP]
Package: sponsorship-requests Severity: wishlist Dear mentors, I am looking for a sponsor for my package "node-big-integer" * Package name: node-big-integer Version : 1.6.22-1 Upstream Author : Peter Olson* URL : https://github.com/peterolson/BigInteger.js * License : Unlicense Section : web It builds those binary packages: node-big-integer - Arbitrary length integer library for Javascript To access further information about this package, please visit the following URL: https://mentors.debian.net/package/node-big-integer Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/main/n/node-big-integer/node-big-integer_1.6.22-1.dsc Regards,
Bug#862931: RM: openjdk-6/experimental -- RoQA; obsolete
Package: ftp.debian.org Severity: normal Hi, please remove openjdk-6. It was already removed from unstable, but still in experimental to stage uploads for Debian LTS and Ubuntu precise. Support for precise has now ended and Wheezy LTS moved to openjdk-7, so it can be removed now. (This ws discussed with Matthias on IRC) Cheers, Moritz
Bug#862929: CVE-2016-10371
Source: tiff Severity: important Tags: security Hi, please see http://bugzilla.maptools.org/show_bug.cgi?id=2535 http://bugzilla.maptools.org/show_bug.cgi?id=2612 Patch is here: https://github.com/vadz/libtiff/commit/0abd094b6e5079c4d8be733829240491cb230f3d Cheers, Moritz
Bug#862928: openvpn: systemd redirect impacts restart and init script functionality and should be disabled of fixed
Package: openvpn Version: 2.3.4-5+deb8u1 Severity: important Tags: patch Dear Maintainer, * What led up to the situation? Restart of openvpn daemon failed, caused by "Address already in use" See OpenVPN ticket #891 * What exactly did you do (or not do) that was effective (or ineffective)? Problem has to do with systemd. Daemon is stopped and started immediately, while openvpn was not finished with its shutdown. The start fails because the management socket is still open. The init script has protection for this problem, with sleep (old days) or start-stop-daemon in current init script. But systemd stops and starts in aggressive mode. So it hits this open socket. * What was the outcome of this action? As a work-around, I suppressed the systemd redirect by inserting the following: --- openvpn 2017-05-17 22:05:22.209221894 +0200 +++ openvpn.new 2017-05-18 22:30:05.587801865 +0200 @@ -20,6 +20,9 @@ # Modified for openvpn by Alberto Gonzalez Iniesta# Modified for restarting / starting / stopping single tunnels by Richard Mueller +# Let systemd not intercept this script +# Needed for restart (openvpn#891) and other init script functionality +_SYSTEMCTL_SKIP_REDIRECT=1 . /lib/lsb/init-functions test $DEBIAN_SCRIPT_DEBUG && set -v -x With this patch, the init script is not interupted by systemd. Tested with: - reboot - systemctl restart openvpn - /etc/init.d/openvn restart - service openvpn restart * What outcome did you expect instead? Restart should work. -- System Information: Debian Release: 8.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.16.0-4-686-pae (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages openvpn depends on: ii debconf [debconf-2.0] 1.5.56 ii init-system-helpers1.22 ii initscripts2.88dsf-59 ii iproute2 3.16.0-2 ii libc6 2.19-18+deb8u9 ii liblzo2-2 2.08-1.2 ii libpam0g 1.1.8-3.1+deb8u2 ii libpkcs11-helper1 1.11-2 ii libssl1.0.01.0.1t-1+deb8u6 Versions of packages openvpn recommends: ii easy-rsa 2.2.2-1 Versions of packages openvpn suggests: ii openssl 1.0.1t-1+deb8u6 pn resolvconf -- Configuration Files: /etc/default/openvpn changed [not included] -- debconf information excluded
Bug#809066: tiff: CVE-2015-7554
On Thu, May 18, 2017 at 09:09:11PM +0200, Salvatore Bonaccorso wrote: > Hi, > > On Thu, May 18, 2017 at 08:12:50PM +0200, László Böszörményi (GCS) wrote: > > Hi Moritz, > > > > On Thu, May 18, 2017 at 7:36 PM, Moritz Muehlenhoffwrote: > > > On Sat, Dec 26, 2015 at 10:21:52PM +0100, Salvatore Bonaccorso wrote: > > >> Source: tiff > > >> Version: 4.0.5-1 > > >> Severity: important > > >> Tags: security upstream > > >> > > >> the following vulnerability was published for tiff. > > >> > > >> CVE-2015-7554[0]: > > >> invalid write > > > > > > I'm attaching the patch used by Red Hat for RHEL. It doesn't > > > seem to have been sent upstream, but seems sane. > > I miss the patch, did you attach it? > > This one should basically correspond: Ack that's the correct patch, sorry. Cheers, Moritz
Bug#797931: 7779
Bug#862927: gnat (GCC 7) fails to build on m68k
Package: src:gcc-7-cross-ports Version: 1 Trying to build a gnat m68k cross compiler fails with: /home/packages/cross/7/p/gcc-7-cross-ports-1/gcc/build/./gcc/xgcc -B/home/packages/cross/7/p/gcc-7-cross-ports-1/ gcc/build/./gcc/ -B/usr/m68k-linux-gnu/bin/ -B/usr/m68k-linux-gnu/lib/ -isystem /usr/m68k-linux-gnu/include -isys tem /usr/m68k-linux-gnu/sys-include -isystem /home/packages/cross/7/p/gcc-7-cross-ports-1/gcc/build/sys-include -c -g -O2 -W -Wall -gnatpg -nostdinc s-maccod.ads -o s-maccod.o s-maccod.ads:36:15: violation of No_Elaboration_Code_All at line 37 s-maccod.ads:36:15: unit "System" does not have No_Elaboration_Code_All ../gcc-interface/Makefile:311: recipe for target 's-maccod.o' failed make[9]: *** [s-maccod.o] Error 1 make[9]: Leaving directory '/home/packages/cross/7/p/gcc-7-cross-ports-1/gcc/build/gcc/ada/rts' gcc-interface/Makefile:2748: recipe for target 'gnatlib' failed make[8]: *** [gnatlib] Error 2 make[8]: Leaving directory '/home/packages/cross/7/p/gcc-7-cross-ports-1/gcc/build/gcc/ada' gcc-interface/Makefile:2836: recipe for target 'gnatlib-shared-dual' failed make[7]: *** [gnatlib-shared-dual] Error 2 make[7]: Leaving directory '/home/packages/cross/7/p/gcc-7-cross-ports-1/gcc/build/gcc/ada' gcc-interface/Makefile:2932: recipe for target 'gnatlib-shared' failed make[6]: *** [gnatlib-shared] Error 2 make[6]: Leaving directory '/home/packages/cross/7/p/gcc-7-cross-ports-1/gcc/build/gcc/ada' Makefile:113: recipe for target 'gnatlib-shared' failed make[5]: *** [gnatlib-shared] Error 2 make[5]: Leaving directory '/home/packages/cross/7/p/gcc-7-cross-ports-1/gcc/build/m68k-linux-gnu/libada' Makefile:14110: recipe for target 'all-target-libada' failed make[4]: *** [all-target-libada] Error 2
Bug#831360:
Bug#862926: RFS: fonts-firacode/1.204-2~bpo8+1
Package: sponsorship-requests Severity: normal [important for RC bugs, wishlist for new packages] Dear mentors, I am looking for a sponsor for my package "fonts-firacode" * Package name: fonts-firacode Version : 1.204-2~bpo8+1 Upstream Author : Nikita Prokopov * URL : https://github.com/tonsky/FiraCode * License : OFL-1.1 Section : fonts It builds those binary packages: fonts-firacode - Monospaced font with programming ligatures To access further information about this package, please visit the following URL: https://mentors.debian.net/package/fonts-firacode Alternatively, one can download the package with dget using this command: dget -x https://mentors.debian.net/debian/pool/contrib/f/fonts-firacode/fonts-firacode_1.204-2~bpo8+1.dsc Changes since the last upload: * Rebuild for jessie-backports. Regards,
Bug#831360: /usr/bin/lush must not link libbfd-*-system.so dynamically
On Fri, 15 Jul 2016 00:06:18 +0200 Helmut Grohnewrote: > Package: lush > Version: 1.2.1-9+cvs20110227+nmu1+b4 > Severity: grave > > /usr/bin/lush currently links libbfd dynamically. Since binutils 2.26.1, > that library went away but lush's dependency is still satisfied > resulting in a broken binary. Dynamically linking libbfd is not allowed > (see package description of binutils-dev). > > Helmut > >
Bug#862051: nodejs-legacy: possibly drop this package, now that ax25-node has been removed?
Package: nodejs-legacy Version: 6.10.2~dfsg-1 Followup-For: Bug #862051 I would love to do that, but the reason behind the rename came from https://bugs.debian.org/614907. Feel free to ask TC to find a new solution. Jérémy
Bug#862925: python2.7: Python not compiled with -fexceptions in ppc64le
Package: python2.7 Version: 2.7.13-2 Severity: normal Tags: upstream Dear Maintainer, Pytorch (https://github.com/pytorch/pytorch) is an application that is written in python, C and C++. There's high interoperalibity between code written in these languages therex. The issue is that there are cases when an exception is thrown by C++ code that subsequentely calls some C code before being caught. In ppc64le builds, without the -fexceptions gcc flag, such exceptions are not caught when the execution returns to C++ code from C code. This makes some Pytorch tests fail. Compiling CPython with -fexceptions seems to solve this issue. -- System Information: Debian Release: 9.0 APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: ppc64el (ppc64le) Kernel: Linux 3.16.0-4-powerpc64le (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages python2.7 depends on: ii libpython2.7-stdlib 2.7.13-2 ii mime-support 3.60 ii python2.7-minimal2.7.13-2 python2.7 recommends no packages. Versions of packages python2.7 suggests: ii binutils 2.28-5 pn python2.7-doc -- no debconf information
Bug#861686: unblock: openssl/1.1.0e-2
On 2017-05-07 16:39:00 [+], Niels Thykier wrote: > Sebastian Andrzej Siewior: > > uploaded and built on all releases architectures. > > Ack/RT unblock, CC'ing KiBi for a d-i ack. I don't want to rush or anything but in case it got forgotten, we are still waiting for the d-i ack. > Thanks, > ~Niels Sebastian
Bug#862398: [pkg-gnupg-maint] Bug#862398: build wks client and server tools
Hi Stefan-- On Thu 2017-05-18 18:37:04 +0200, Stefan Bühler wrote: > There are a lot of manpages in debian/* - so it looks to me like > upstream isn't really interested in maintaining them. If upstream isn't > maintaining them, it might be easier to keep them in debian. these are specific to the debian package: migrate-pubring-from-classic-gpg.1 gpgv-static.1 but these should probably be upstreamed, you're right (unless we want to drop some of these tools): gpg-check-pattern.1 gpgsplit.1 gpg-zip.1 kbxutil.1 lspgpot.1 > Does upstream know about these at least? I'm not against getting them > upstream, I'm just not sure whether it is worth my time. that makes sense -- whose time is it worth? :) at some point Someone™ will need to push them all upstream. But i wouldn't want that to block your contributions here. I'll take a look at importing your patches, the latest round looks pretty reasonable. thanks for persevering! --dkg signature.asc Description: PGP signature
Bug#858031: Please make volume id for netinst different from DVD
On Thu, May 18, 2017 at 08:31:18AM +0200, Thomas Schmitt wrote: > Hi, > > Guido Günther wrote: > > > Volume id: Debian stretch-DI-rc2 amd64 1 > > > [...] > > > >If the netinst variant would contain netinst or similar > > Steve McIntyre wrote: > > I understand, yes. The problem we have is that the volume ID is very > > limited in space available. We've run out... :-/ > > How about replacing the volume number "1" by "n" ? That would be great! Cheers, -- Guido > > Debian stretch-DI-rc2 amd64 n > > > Above volume id leaves room for three more characters (the Joliet limit > has been exceeded by 13, already). If the architecture name gets longer > than 8 characters or the Toystory name gets longer than 10, then the > naming scheme does not fit into the Volume Id field of the PVD. > > The kfreebsd-amd64 ISOs have an abbreviated arch name in their volume id: > Debian 7.9.0 f-amd64 1 > Mr. Pricklepants is still waiting to get chosen as release name. > > > An obvious possibility to densify the id text is to give up the cute names > and to use release numbers instead. Like: > > Debian 9-DI-rc2 amd64 n > > > Have a nice day :) > > Thomas >
Bug#862914: nmu: veusz_1.21.1-1
On Thu, May 18, 2017 at 07:00:00PM +, Niels Thykier wrote: > Control: block -1 by 831860 > > Adrian Bunk: > > Package: release.debian.org > > Severity: normal > > User: release.debian@packages.debian.org > > Usertags: binnmu > > > > nmu veusz_1.21.1-1 . ANY . unstable . -m "rebuild with sip-api-11.3" > > nmu python-poppler-qt4_0.24.0-1 . ANY . unstable . -m "rebuild with > > sip-api-11.3" > > > > See #831860 for background. > > > > Thanks, > > If I read this correctly, we should wait with carrying these binNMUs out > until #831860 has been fixed, so we are sure that the rebuilds depends > on the correct sip API. They will get the latest API automatically when rebuilt. > Thanks, > ~Niels cu Adrian -- "Is there not promise of rain?" Ling Tan asked suddenly out of the darkness. There had been need of rain for many days. "Only a promise," Lao Er said. Pearl S. Buck - Dragon Seed
Bug#862923: po4a: [INTL:nl] Dutch po file for the po4a package
package: po4a tag 862923 fixed-upstream pending thanks Hello, I just commited your work in the tree, many thanks. It will be part of the next release, which should occure soon after the Debian release. Thanks again, Mt. On Thu, May 18, 2017 at 08:19:40PM +0200, Frans Spiesschaert wrote: > > > Package: po4a > Severity: wishlist > Tags: l10n patch > > > Dear Maintainer, > > == > Please find attached the updated Dutch po file for the po4a package. > It has been submitted for review to the debian-l10n-dutch mailing list. > Please add it to your next package revision. > It should be put as "po/nl.po" in your package build tree. > === > > > -- > Regards, > Frans > -- I'm not griping, I'm just observing what a miserable experience this is. --- Calvin signature.asc Description: PGP signature
Bug#809066: tiff: CVE-2015-7554
Hi, On Thu, May 18, 2017 at 08:12:50PM +0200, László Böszörményi (GCS) wrote: > Hi Moritz, > > On Thu, May 18, 2017 at 7:36 PM, Moritz Muehlenhoffwrote: > > On Sat, Dec 26, 2015 at 10:21:52PM +0100, Salvatore Bonaccorso wrote: > >> Source: tiff > >> Version: 4.0.5-1 > >> Severity: important > >> Tags: security upstream > >> > >> the following vulnerability was published for tiff. > >> > >> CVE-2015-7554[0]: > >> invalid write > > > > I'm attaching the patch used by Red Hat for RHEL. It doesn't > > seem to have been sent upstream, but seems sane. > I miss the patch, did you attach it? This one should basically correspond: https://git.centos.org/raw/rpms!libtiff/1ad9335dc0c1325262c62842eda01476243ec821/SOURCES!libtiff-CVE-2015-7554.patch Regards, Salvatore diff -pur tiff-4.0.4/tools/tiffsplit.c tiff-4.0.4_patch/tools/tiffsplit.c --- tiff-4.0.4/tools/tiffsplit.c 2015-05-28 15:10:26.0 +0200 +++ tiff-4.0.4_patch/tools/tiffsplit.c 2016-02-12 19:15:30.532005041 +0100 @@ -179,8 +179,9 @@ tiffcp(TIFF* in, TIFF* out) TIFFSetField(out, TIFFTAG_JPEGTABLES, count, table); } } + uint32 count = 0; CopyField(TIFFTAG_PHOTOMETRIC, shortv); - CopyField(TIFFTAG_PREDICTOR, shortv); + CopyField2(TIFFTAG_PREDICTOR, count, shortv); CopyField(TIFFTAG_THRESHHOLDING, shortv); CopyField(TIFFTAG_FILLORDER, shortv); CopyField(TIFFTAG_ORIENTATION, shortv); @@ -188,7 +189,7 @@ tiffcp(TIFF* in, TIFF* out) CopyField(TIFFTAG_MAXSAMPLEVALUE, shortv); CopyField(TIFFTAG_XRESOLUTION, floatv); CopyField(TIFFTAG_YRESOLUTION, floatv); - CopyField(TIFFTAG_GROUP3OPTIONS, longv); + CopyField2(TIFFTAG_GROUP3OPTIONS, count, longv); CopyField(TIFFTAG_GROUP4OPTIONS, longv); CopyField(TIFFTAG_RESOLUTIONUNIT, shortv); CopyField(TIFFTAG_PLANARCONFIG, shortv);
Bug#861282: changes merged upstream
Hi All, The original patch should not be used in any distributed version of packer. A complete fix has been merged into packer master. Please double check the complete patch here https://github.com/hashicorp/packer/pull/4900 Thanks, --Matt Hooker
Bug#817837: closed by Jonathan McDowell <nood...@earth.li> (Bug#817837: fixed in l2tpns 2.2.1-2)
On Sun, May 14, 2017 at 09:15:50PM +0300, Adrian Bunk wrote: > On Tue, Jul 05, 2016 at 10:09:57AM +, Debian Bug Tracking System wrote: > >... > > l2tpns (2.2.1-2) unstable; urgency=low > > . > >* Fix log buffer overrun, thanks to Dave Reeve (closes: #817837) > >... > > Hi Jonathan, > > thanks a lot for fixing this bug for stretch. > > It is still present in jessie, could you also fix it there? > Alternatively, I can fix it for jessie if you don't object. I had avoided fixing it on jessie because it wasn't clear to me it would be permitted by the stable-release masters, and there had been little indication there was active use of the package (I'm planning to have it removed post stretch as no one has stepped up to my intent to orphan it). If you want to take the package over entirely you're more than welcome to do so. J. -- Web [Know Thy User.] site: http:// [ ] Made by www.earth.li/~noodles/ [ ] HuggieTag 0.0.24
Bug#862914: nmu: veusz_1.21.1-1
Control: block -1 by 831860 Adrian Bunk: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: binnmu > > nmu veusz_1.21.1-1 . ANY . unstable . -m "rebuild with sip-api-11.3" > nmu python-poppler-qt4_0.24.0-1 . ANY . unstable . -m "rebuild with > sip-api-11.3" > > See #831860 for background. > Thanks, If I read this correctly, we should wait with carrying these binNMUs out until #831860 has been fixed, so we are sure that the rebuilds depends on the correct sip API. Thanks, ~Niels
Bug#862923: po4a: [INTL:nl] Dutch po file for the po4a package
Package: po4a Severity: wishlist Tags: l10n patch Dear Maintainer, == Please find attached the updated Dutch po file for the po4a package. It has been submitted for review to the debian-l10n-dutch mailing list. Please add it to your next package revision. It should be put as "po/nl.po" in your package build tree. === -- Regards, Frans nl.po.gz Description: application/gzip signature.asc Description: This is a digitally signed message part
Bug#862922: aptitude: [INTL:nl] Dutch po file for the aptitude package
Package: aptitude Severity: wishlist Tags: l10n patch Dear Maintainer, == Please find attached the updated Dutch po file for the aptitude package. It has been submitted for review to the debian-l10n-dutch mailing list. Please add it to your next package revision. It should be put as "po/nl.po" in your package build tree. === -- Met vriendelijke groet, Frans Spiesschaert nl.po.gz Description: application/gzip signature.asc Description: This is a digitally signed message part
Bug#862920: traildb: FTBFS (32-bit): __uint128_t not defined
Source: traildb Version: 0.6+dfsg1-1 Severity: important Tags: upstream Justification: fails to build from source Builds of traildb for 32-bit architectures such as i386 have been failing: checking for __uint128_t... no configure: error: __uint128_t not defined Ideally, traildb would be able to make do without this type. However, if it can't, please restrict its Architecture: field accordingly. (I think x32 might be a special case here, so I'd try allowing it for now.) Thanks! -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu
Bug#862921: RFP: epub-tools -- A suite of command-line utilities for creating and manipulating epub book files.
Package: wnpp Severity: wishlist -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 * Package name: epub-tools Version : 2.10 Upstream Author : Dino MorelliURL : https://hub.darcs.net/dino/epub-tools * License : BSD3 Programming Lang: Haskell Description : A suite of command-line utilities for creating and manipulating epub book files. epubmeta is a command-line utility for examining and editing epub book metadata. With it you can export, import and edit the raw OPF Package XML document for a given book. Or simply dump the metadata to stdout for viewing in a friendly format. epubname is a command-line utility for renaming epub ebook files based on their OPF Package metadata. It tries to use author names and title info to construct a sensible name. epubzip is a handy utility for zipping up the files that comprise an epub into an .epub zip file. Using the same technology as epubname, it can try to make a meaningful filename for the book. -BEGIN PGP SIGNATURE- iQGzBAEBCAAdFiEE3VS2dnyDRXKVCQCp8gKXHaSnniwFAlkd5VAACgkQ8gKXHaSn niykPgv+OAvP6lB31XAqK02wHrOEggNuqozhykx/otRt4WZ7e2Dl/Vdgi7BZJgQU iG4O2qOGXd6iZDJZiIBhSrtYVSydh7qBRIToP7RYDpPEV3rkWPQJmr7mSWt4D/TH rJxTrbiTxqLTmR5y/c5aI0HmrPdqrDprdFNG1xYsTSAp/jGjMY1fD84sPkmuEBrz ojFmQv50AWuysajiph/E/zK5Iq+PIeciTgLclTPTn9iCNHvbprf6talqloQlOQS4 4/UBbSDWcAwnwFQ8nlv72fGVbphBFqFuiySHt+CWub/FkD2bo6iT2+E9lqUXhMVb l2THQD61IPh8qXM8+YQlkmEzjcPyLgBAk/atbG22GWCFO+GAcc9KZLGsHAbIspS0 S0QZeKb+sCqcQd3rh1gzU6YdCBkit223DGPNGRY3teg1mk/c5C354tMxHdFWtvme C4qEdzBFtzmjrSFYVvr3kGHj5JvE4jS8ajq46oWs+D3Pk8YbBQcV9EXFek0vwuaE vfar+QTu =mCvp -END PGP SIGNATURE-
Bug#809066: tiff: CVE-2015-7554
Hi Moritz, On Thu, May 18, 2017 at 7:36 PM, Moritz Muehlenhoffwrote: > On Sat, Dec 26, 2015 at 10:21:52PM +0100, Salvatore Bonaccorso wrote: >> Source: tiff >> Version: 4.0.5-1 >> Severity: important >> Tags: security upstream >> >> the following vulnerability was published for tiff. >> >> CVE-2015-7554[0]: >> invalid write > > I'm attaching the patch used by Red Hat for RHEL. It doesn't > seem to have been sent upstream, but seems sane. I miss the patch, did you attach it? Cheers, Laszlo/GCS
Bug#862919: traildb: FTBFS on non-x86: emmintrin.h absent
Source: traildb Version: 0.6+dfsg1-1 Severity: important Tags: upstream Justification: fails to build from source Builds of traildb on non-x86 architectures have been failing: In file included from src/tdb_encode_model.c:22:0: src/dsfmt/dSFMT.h:148:25: fatal error: emmintrin.h: No such file or directory If it is possible to get by without this header, please arrange to use it (and the intrinsics it declares) only on x86. (Also, please conditionalize use of intrinsics on runtime CPU type.) Otherwise, please restrict the architecture accordingly, to either Architecture: any-amd64 any-x32 or Architecture: any-amd64 any-i386 any-x32 depending on how essential it is to have __uint128_t. Thanks! -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu
Bug#862918: New version available upstream: 4.0.2
Package: libjs-bignumber Severity: normal Version: 1.3.0+dfsg-1 Looks like this package hasn't been updated to upstream in quite awihle - 3 major versions have been released since ~2013 where 1.3.1 seems to date from.
Bug#848834: fails to build stretch image on stretch: systemd-machine-id-setup error
Control: tags 848834 + moreinfo unreproducible Control: reassign 848834 docker.io Control: retitle 848834 fails to build stretch image in stretch docker Control: affects 848834 debirf On Mon 2016-12-19 21:29:30 -0500, Antoine Beaupré wrote: > I have recently tried building a stretch image in a stretch docker > container. The build aborts with: > > I: Unpacking the base system... > W: Failure trying to run: chroot /tmp/minimal/root dpkg --force-overwrite > --force-confold --skip-same-version --install > /var/cache/apt/archives/adduser_3.115_all.deb > /var/cache/apt/archives/libapparmor1_2.10.95-8_amd64.deb > /var/cache/apt/archives/libcryptsetup4_2%3a1.7.3-3_amd64.deb > /var/cache/apt/archives/libip4tc0_1.6.0+snapshot20161117-4_amd64.deb > /var/cache/apt/archives/libkmod2_23-1_amd64.deb > /var/cache/apt/archives/libcap2_1%3a2.25-1_amd64.deb > /var/cache/apt/archives/libidn11_1.33-1_amd64.deb > /var/cache/apt/archives/libseccomp2_2.3.1-2.1_amd64.deb > /var/cache/apt/archives/dmsetup_2%3a1.02.137-1_amd64.deb > /var/cache/apt/archives/libdevmapper1.02.1_2%3a1.02.137-1_amd64.deb > /var/cache/apt/archives/systemd_232-8_amd64.deb > W: See /tmp/minimal/root/debootstrap/debootstrap.log for details (possibly > the package systemd is at fault) > > I attached the complete debootstrap.log. > > The container was built with the "debian:testing" image, which is: > > Linux 3e139afbcccd 4.7.0-0.bpo.1-amd64 #1 SMP Debian 4.7.8-1~bpo8+1 > (2016-10-19) x86_64 GNU/Linux > > so fairly new. It's an "official" image, according to this: > > https://hub.docker.com/_/debian/ > > I am assuming the problem is not related to docker, but maybe that > assumption is flawed as well. To reproduce: > > sudo apt-get install docker.io > sudo adduser $(id -un) docker > newgrp > docker run -t -i debian:testing /bin/bash > apt-get update -qq ; apt-get install -y debirf sudo > cd /tmp > tar xfz /usr/share/doc/debirf/example-profiles/minimal.tgz > sudo -u nobody debirf make minimal hm, this reproduction step isn't possible in stretch, since docker.io isn't in stretch. It's not clear to me why you'd want to run debirf within docker anyway, since debirf is designed to run as a non-privileged user. but i tried it anyway, and i was unable to get past the "docker run" line: 0 dkg@sid:~$ docker run -t -i debian:testing /bin/bash docker: Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused "process_linux.go:359: container init caused \"rootfs_linux.go:54: mounting \\\"cgroup\\\" to rootfs \\\"/var/lib/docker/overlay2/e0801abba1fcdb2fb6dd685710127b1f797d98a6554e5da427dc2681afe9e1a4/merged\\\" at \\\"/sys/fs/cgroup\\\" caused \\\"no subsystem for mount\\\"\"". 125 dkg@sid:~$ fwiw, i also think you probably also want to unpack the profile .tgz as the user that's going to run debirf -- it looks like you're extracting the tgz as root, and then working in the profile as a non-priv user. > Justification for severity: I believe this falls in the category of > "makes the package in question unusable by most or all users" and > should be marked as "grave". Obviously, I can't test for all users' > environments and considering I heard reports from the maintainers this > was working in *sid*, I assume it *must* be working for other > users. This could be a docker-specific thing, but I actually doubt > that. So if someone can reproduce on a regular stretch system, this > should probably be bumped to "grave". I've done the standard build as a non-root user using the just-uplodaed 0.37 bugfix release, and it works fine, so i'm inclined to say this is a problem with docker (or perhaps with the docker image for debian testing? i don't really know how to attribute breakage inside docker images, but i welcome pointers or help in doing so). So i've reassigned this bug to docker, since it seems to be peculiar to that environment, though i'm unable to reproduce it myself because i can't get docker to behave as you describe. --dkg signature.asc Description: PGP signature
Bug#862917: Warzone 2100 3.2 campaign is buggy and unplayable. Debian should package version 3.1 until this is resolved
Package: warzone2100 Version: 3.2.1-2 Severity: important Starting from version 3.2, campaign scripts in Warzone 2100 are being rewritten in JavaScript [1]. As a result, they now have lots of bugs (some examples: [2], [3], [4]), making the campaign more or less unplayable. Because the developers are not very active in fixing those bugs, and because the new version doesn't offer any significant advantages to players, I think that Debian should stick to version 3.1 until the situation improves. [1] https://forums.wz2100.net/viewtopic.php?f=35=11872 [2] https://developer.wz2100.net/ticket/4541 [3] https://developer.wz2100.net/ticket/4549 [4] https://developer.wz2100.net/ticket/4565
Bug#809066: tiff: CVE-2015-7554
On Sat, Dec 26, 2015 at 10:21:52PM +0100, Salvatore Bonaccorso wrote: > Source: tiff > Version: 4.0.5-1 > Severity: important > Tags: security upstream > > Hi, > > the following vulnerability was published for tiff. > > CVE-2015-7554[0]: > invalid write I'm attaching the patch used by Red Hat for RHEL. It doesn't seem to have been sent upstream, but seems sane. Cheers, Moritz
Bug#861952: libcgi-validop-perl: FTBFS on May 1st (?)
On Thu, May 18, 2017 at 05:26:00PM +, Niels Thykier wrote: > gregor herrmann: > > > So we might as well remove this package ... > > I would consider that a "fix for stretch" ;) I am not in a hurry to find a fix either, so this is up to you. I just want packages in stretch to be buildable any day of the year... As Chris Lamb would say: If the test fails some days in the year, does it mean we can't trust the code to be right those days in the year? Thanks.
Bug#862899: rsync: insufficient escaping/quoting of arguments
Paul Slootman dixit: >Please try again with the --protect-args option, which is meant for such >situations. Ah, new post-2.x… *tries* No change, this still transfers the entire home directory. I think it’s meant for something else (I usually do quote whitespace and so on for remote if necessary). >BTW, why specify '--rsh=ssh -T', what's wrong with the default? The default can be anything, including rsh. By specifying this always, I know that ⓐ ssh is called, ⓑ -T is passed which makes ssh change its QoS from interactive to bulk, and ⓒ can add -4 or -6 to force the IP protocol version (I recently learnt that Debian has a local patch to pass -4/-6 from rsync to ssh, but Debian’s isn’t the only package I use). I always use a wrapper around rsync calling it like this (incidentally called rcp…). bye, //mirabilos -- > Wish I had pine to hand :-( I'll give lynx a try, thanks. Michael Schmitz on nntp://news.gmane.org/gmane.linux.debian.ports.68k a.k.a. {news.gmane.org/nntp}#news.gmane.linux.debian.ports.68k in pine
Bug#861952: libcgi-validop-perl: FTBFS on May 1st (?)
gregor herrmann: > On Sat, 06 May 2017 11:30:00 +, Niels Thykier wrote: > >> [...] >> >> Which looks like it would get this wrong for all months with < 31 days >> in them on the yesterday. I have tagged it stretch-ignore, but I am >> happy to consider a fix for stretch. > > Additional data: > - popcon vote: 0 > - reverse dependencies: 0 > - last release: 2009 or 2010 > - not on metacpan; search.cpan.org has only older version. > http://search.cpan.org/dist/CGI-ValidOp/ > > So we might as well remove this package ... > > > Cheers, > gregor > I would consider that a "fix for stretch" ;) Thanks, ~Niels
Bug#861952: libcgi-validop-perl: FTBFS on May 1st (?)
On Sat, 06 May 2017 11:30:00 +, Niels Thykier wrote: > I looked at the code[1] and it has: > > > # Normlize > > # Unless we are checking the present or yesterday, assume the > > biggest day of the month is 28 > > my $maxday = ( > > $time eq 'present' or > > ( $time eq 'past' and $vector eq 'day' ) > > ) ? 31 : 28; > > Take the branch that leads to "31" and then: > > > [...] > > if ( $vectors->{ day } < 1 ) { > > $vectors->{ day } = $maxday; > > $vectors->{ month }--; > > } > > Which looks like it would get this wrong for all months with < 31 days > in them on the yesterday. I have tagged it stretch-ignore, but I am > happy to consider a fix for stretch. Additional data: - popcon vote: 0 - reverse dependencies: 0 - last release: 2009 or 2010 - not on metacpan; search.cpan.org has only older version. http://search.cpan.org/dist/CGI-ValidOp/ So we might as well remove this package ... Cheers, gregor -- .''`. https://info.comodo.priv.at/ - Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- signature.asc Description: Digital Signature
Bug#862861: libjs-jquery needs Breaks: libjs-chosen (<< 0.9.15-1~)
On Wed, May 17, 2017 at 11:05:36PM +0300, Adrian Bunk wrote: > Package: libjs-jquery > Version: 1.11.3+dfsg-1 > Severity: serious > > See #797166 for details > (and the Breaks is also missing in the backport to jessie). There were lots of Javascript packages that were incompatible with a non-obsolete jquery; it is not feasible to track all that by using Breaks: on the jquery side. Would you please provide a concrete issue where doing this would fix anything? signature.asc Description: PGP signature
Bug#862297: [Pkg-citadel-devel] Bug#862297: Install fails if SMTP server is running on port 25, rendering console unuseable
On Wed, May 10, 2017 at 03:36:21PM -0500, John Goerzen wrote: > I attempted to install citadel-server on a system that already had an MTA > installed, > using the same command as I showed in #862296. When doing so, my console -- > and every > ssh session to root -- became nearly unuseable as it was flooded with > continuous complaints > about the port 25 already being in use, at such a rate that I couldn't see > anything I > was typing. I was eventually able to blindly type "killall citserver" to get > rid of > this problem. It seems something changed on the upstream side since I think this used to work. But it definitely is an upstream bug imo because the installation explicitely sets ACT_AS_MTA to no. Michael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Meskes at (Debian|Postgresql) dot Org Jabber: michael at xmpp dot meskes dot org VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL
Bug#862296: [Pkg-citadel-devel] Bug#862296: Install hangs in postinst with error about c_Default_cal_zone
On Wed, May 10, 2017 at 02:53:17PM -0500, John Goerzen wrote: > On initial install, this package hangs in postinst, and spews several of > these messages across > the console: I cannot reproduce this either, maybe you could run some more tests for me. > Broadcast message from systemd-journald@sid (Wed 2017-05-10 14:45:52 CDT): > > citserver[12602]: configuration setting c_default_cal_zone is empty, but must > not - check your config! This might come but should certainly not cause a hang. Would you be able to find out where in postinst it hangs? And if it is in /usr/lib/citadel-server/setup where there? Thanks. Michael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Meskes at (Debian|Postgresql) dot Org Jabber: michael at xmpp dot meskes dot org VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL
Bug#862300: [Pkg-citadel-devel] Bug#862300: Crashes during the login process
severity 862300 important thanks > Severity: grave > ... I tried with different setups and different packages, freshly downloaded, newly compiled, etc. but I cannot reproduce this. Could it be that you have some special string testing library installed? Also I noticed: > -- System Information: > APT prefers unstable > Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) This doesn't look like a straight forward unstable installation. What exactly are you testing on? I downgraded the bug until we can figure out whether it affects a clean installation or which incompatibility is behind it. Michael -- Michael Meskes Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org) Meskes at (Debian|Postgresql) dot Org Jabber: michael at xmpp dot meskes dot org VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL
Bug#862529: uncommons-watchmaker-doc: Rename the documentation package to lib*-java-doc
The reason behind this package name is that it provides the Javadoc for both of the 2 library packages (libuncommons-watchmaker-framework-java & libuncommons-watchmaker-swing-java). If I split their Javadocs, there will be dead hyperlinks (or in fact the class fullname instead of hyperlinks) throughout the Javadoc of libuncommons-watchmaker-swing-java. pkg:gradle-doc follows the same reason, I guess. Besides, I fail to find a javadoc package naming rule in the current Debian Java Policy. The popcon is indeed low because it was merely meant for stc:android-toolchian-jack [1]. But now that Google has officially obsoleted this tool... [1]: https://bugs.debian.org/847427
Bug#862916: RFS: xtensor/0.10.2-1
Package: sponsorship-requests Severity: normal Dear mentors, I am looking for a sponsor for the following package: * Package name: xtensor Version : 0.10.2-1 Upstream Author : Johan Mabille and Sylvain Corlay * URL : http://quantstack.net/xtensor * License : BSD Section : libs One can check out the package by visiting the following URL: https://anonscm.debian.org/git/debian-science/packages/xtensor.git Changes since the last upload: * New upstream version 0.10.2 * Mark xtensor-dev Multi-Arch: foreign * Do not build with -march=native - New patch No-march-native.patch Best regards, Ghis
Bug#862530: aoetools: provide a systemd service to allow proper shutdown of AoE mounts
[ Cc:'ed to the nbd-client bug since things might be quite the same there ] Christoph Biedl wrote... > > Also, the SysV init script used to unmount these > > filesystems, but the aoetools package masks the systemd service. It > > would be better to provide a real systemd service script that restores > > the expected behaviour. > > Given the fact this is something for stretch and we're pretty far into > the freeze, there isn't the time for a few loops until such a unit works > as expected. Therefore I'm asking for help with this topic. I can do the > testing, then. After some testing it seems the issue has much less impact than it seemed initially: (At least) AoE devices are handled properly if mounted with the _netdev mount option. This applies to swap-over-AoE, too. Also, mounting these through /etc/fstab works in jessie only if _netdev is provided as a mount option as well. Then the issue boils down to manually mounted AoE devices that will no longer be umounted early enough. That's something that can be addressed in the release notes as well. I'll take care of this in the next days unless somebody objects or I find more issues. The more complex problem "LVM over AoE" was not supported in jessie so there's no reason to call this a blocker for stretch. It still was nice to have it supported in Debian. Some day. Christoph signature.asc Description: Digital signature
Bug#862398: [pkg-gnupg-maint] Bug#862398: build wks client and server tools
Hi dkg, On 05/15/2017 10:04 PM, Daniel Kahn Gillmor wrote: > Hi Stefan-- > > On Fri 2017-05-12 12:37:03 +0200, Stefan Bühler wrote: >> it would be nice to build and have packages for the gpg-wks-* tools. >> >> It seems there was already done some work in >> >> https://anonscm.debian.org/git/pkg-gnupg/gnupg2.git/log/?h=dev/wks >> >> I rebased that commit to the experimental branch, > > thanks for this work! > >> modified some texts and added man pages. > > It'd be great to get these manpages upstream. There are a lot of manpages in debian/* - so it looks to me like upstream isn't really interested in maintaining them. If upstream isn't maintaining them, it might be easier to keep them in debian. Does upstream know about these at least? I'm not against getting them upstream, I'm just not sure whether it is worth my time. >> Upstream install gpg-wks-client to /usr/lib/gnupg/, but I moved it in >> the package to /usr/bin - I get that it was designed to be a backend >> tool for MUAs, but right now I guess most people installing it will have >> to use it manually. > > I'm not so sure about diverging from upstream in our first introduction > of these tools in debian. If we do this, we're effectively committing > to this divergence forever (someone's going to write scripts that use > /usr/bin/gpg-wks-* and then get upset when we change it). and it means > that anyone who writes docs will have to have a different "how to do > this on debian" section from "how to do this on fedora" or whatever. > > would you object to using your packaging but shipping in the > upstream-approved location? or is it worth convincing upstream to ship > these tools in /usr/bin instead? I don't have any other (convincing) arguments, so I reverted the location to the upstream path. Now that I actually got it running I added some more infos to the manpages too. See attached updated patches, as previously my own changes in: 0001-wks-fix-debian-provide-man-pages-improve-texts.patch The complete patch (squashed with the dev/wks commit) is: 0001-create-WKS-server-and-client-packages.patch cheers, Stefan From 30dd3225cbbc9e408645b2be17e434dfb87a8daa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20Knau=C3=9F?=Date: Thu, 27 Oct 2016 19:16:14 +0200 Subject: [PATCH 1/1] Create WKS server and client packages --- debian/control | 45 ++ debian/gnupg-wks-client.install | 1 + debian/gnupg-wks-client.manpages | 1 + debian/gnupg-wks-server.install | 1 + debian/gnupg-wks-server.manpages | 1 + debian/gpg-wks-client.1 | 178 ++ debian/gpg-wks-server.1 | 180 +++ debian/rules | 1 + 8 files changed, 408 insertions(+) create mode 100644 debian/gnupg-wks-client.install create mode 100644 debian/gnupg-wks-client.manpages create mode 100644 debian/gnupg-wks-server.install create mode 100644 debian/gnupg-wks-server.manpages create mode 100644 debian/gpg-wks-client.1 create mode 100644 debian/gpg-wks-server.1 diff --git a/debian/control b/debian/control index ac0b07907..2b9360477 100644 --- a/debian/control +++ b/debian/control @@ -72,6 +72,51 @@ Description: GNU privacy guard - cryptographic agent provides a passphrase cache, which is used by pre-2.1 versions of GnuPG for OpenPGP operations. +Package: gnupg-wks-server +Architecture: any +Multi-Arch: foreign +Depends: + gnupg (= ${binary:Version}), + ${misc:Depends}, + ${shlibs:Depends}, +Description: GNU privacy guard - Web Key Service server + GnuPG is GNU's tool for secure communication and data storage. + It can be used to encrypt data and to create digital signatures. + It includes an advanced key management facility and is compliant + with the proposed OpenPGP Internet standard as described in RFC4880. + . + This package provides the GnuPG server for the Web Key Service + protocol. + . + A Web Key Service is a service that allows users to upload keys per + mail to be verified over https as described in + https://tools.ietf.org/html/draft-koch-openpgp-webkey-service + . + For more information see: https://wiki.gnupg.org/WKS + +Package: gnupg-wks-client +Architecture: any +Multi-Arch: foreign +Depends: + dirmngr (= ${binary:Version}), + gnupg (= ${binary:Version}), + ${misc:Depends}, + ${shlibs:Depends}, +Description: GNU privacy guard - Web Key Service client + GnuPG is GNU's tool for secure communication and data storage. + It can be used to encrypt data and to create digital signatures. + It includes an advanced key management facility and is compliant + with the proposed OpenPGP Internet standard as described in RFC4880. + . + This package provides the GnuPG client for the Web Key Service + protocol. + . + A Web Key Service is a service that allows users to upload keys per + mail to be verified over https as described in + https://tools.ietf.org/html/draft-koch-openpgp-webkey-service +
Bug#860188: v40 interpreter in 2.7
On Thu, May 18 2017, Laurent Bigonville wrote: > 2.7.1 is currently in experimental and AFAIKS the v40 interpreter is enabled > by > default in that version, see: > https://www.freetype.org/freetype2/docs/subpixel-hinting.html > > Where you thinking about something else? After rechecking with the experimental version, it looks like v40 is working as it should. I was just confused by ftview not showing the engine version, but this was due to me also enabling the v38 engine as well. Sorry for the noise.
Bug#862915: squid: please drop required dependency on logrotate (encourage logging to syslog or journald)
Package: squid Version: 3.5.23-3 Severity: normal squid Depends: logrotate But on modern systems, logrotate is unnecessary because logs are handled (and rotated) by a centralized logging daemon. a clean squid installation shouldn't need to know or do anything with log rotation -- it just needs to know how to hand its logs over to syslog and should let the daemon deal with it. It would be great to be able to have a machine with squid, but without logrotate installed. Thanks for maintaining squid in debian! --dkg -- System Information: Debian Release: 9.0 APT prefers testing-debug APT policy: (500, 'testing-debug'), (500, 'testing'), (200, 'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages squid depends on: ii adduser 3.115 ii libc62.24-10 ii libcap2 1:2.25-1 ii libcomerr2 1.43.4-2 ii libdb5.3 5.3.28-12+b1 ii libdbi-perl 1.636-1+b1 ii libecap3 1.0.1-3.2 ii libexpat12.2.0-2 ii libgcc1 1:6.3.0-16 ii libgssapi-krb5-2 1.15-1 ii libkrb5-31.15-1 ii libldap-2.4-22.4.44+dfsg-4+b1 ii libltdl7 2.4.6-2 ii libnetfilter-conntrack3 1.0.6-2 ii libnettle6 3.3-1+b1 ii libpam0g 1.1.8-3.5 ii libsasl2-2 2.1.27~101-g0780600+dfsg-3 ii libstdc++6 6.3.0-16 ii libxml2 2.9.4+dfsg1-2.2 ii logrotate3.11.0-0.1 ii lsb-base 9.20161125 ii netbase 5.4 ii squid-common 3.5.23-3 Versions of packages squid recommends: ii libcap2-bin 1:2.25-1 Versions of packages squid suggests: pn resolvconf ii smbclient2:4.5.8+dfsg-1 pn squid-cgi pn squid-purge pn squidclient pn ufw pn winbindd -- no debconf information
Bug#829046: Difficulties in packaging pagure
在 2017年5月18日星期四 +08 下午12:07:41,SJ Zhu 写道: > On Thu, May 18, 2017 at 11:59:36AM +0800, Boyuan Yang wrote: > > There are some problems: this packaging uses upstream source code directly > > from from Git repository, not the tarball upstream released on https:// > > pagures.io. > > Hi, > I import the source by `git archvie` and remove the minified js, > then import it to upstream branch like what sergiodj did. > > PS. I think I forget to remove some files which filename is not matched > by "*.min.js" I have several understandings on it: Option 1 * Will not use any bundled javascript libraries, no matter minified or not * Will depend on corresponding libjs-* packages and make symlinks to provide removed javascript libraries * If that package does not exist, package them first Option 2 * Only minified javascripts are not acceptable * Will use tools like yui-compressor to generate minified js files without using libjs-* packages * Write d/copyright for unminified js files Option 3 - * An mixture of 1 & 2 * Use libjs-* if that lib has been packaged in Debian * If not packaged, use non-minified version and run processor to generate minified js files I am not very familiar with Debian's JavaScript policies. Which of my understandings is correct? -- Boyuan Yang signature.asc Description: This is a digitally signed message part.
Bug#862541: Pre-approval request, unblock: caffe/1.0.0-2
Hi jmw, The difference between the 1.0.0~rc4 version and the 1.0.0 version is 162 git commits. I went through these git commits, and these commits are about: 1 documentation update / fix 2 code grooming 3 bug fix 4 add tests 5 support cudnn v6 (does not affect this package) 6 update docker scripts (does not affect this package) i.e. There is no major code / feature change from the 1.0.0~rc4 tag -> 1.0.0 tag. I've read the freeze policy but still want to apply for an unblock. This is a machine learning application which has no rdepends, and the latest stable version 1.0.0 more favorable to users and it's more convenient for upstream to support. Although the rc4 version works fine too. Apart from the upstream stable release, I will add one more patch to the packaging directory, which was already approved and merged by upstream: https://github.com/BVLC/caffe/commit/91b09280f5233cafc62954c98ce8bc4c204e7475 The patch will change a ambiguous static library name, and hence fixing the bug mentioned previously won't introduce more trouble. The 1.0.0-2 version was already prepared in the git repo: https://anonscm.debian.org/cgit/debian-science/packages/caffe.git/log/ If this change could be approved, I'll upload the 1.0.0-2 version to unstable, and wait for it to migrate. If not, can I upload 1.0.0~rc4-2 simply with the patch above applied and the fix for the bug mentioned above? Thank you :-) FYI: files changed git diff 1.0.0-rc4 1.0 --stat | cat Thu 18 May 2017 03:49:46 PM UTC .gitignore | 1 + CMakeLists.txt | 42 +- CONTRIBUTORS.md | 2 +- LICENSE | 4 +- Makefile| 8 +- Makefile.config.example | 14 +- README.md | 6 +- cmake/ConfigGen.cmake | 67 +-- cmake/Cuda.cmake| 14 +- cmake/Dependencies.cmake| 109 +++-- cmake/External/glog.cmake | 1 + cmake/Modules/FindAtlas.cmake | 4 +- cmake/Modules/FindNCCL.cmake| 26 ++ cmake/Modules/FindvecLib.cmake | 2 +- cmake/ProtoBuf.cmake| 4 +- cmake/Summary.cmake | 1 + cmake/Targets.cmake | 6 +- cmake/Templates/CaffeConfig.cmake.in| 15 +- cmake/Templates/caffe_config.h.in | 32 +- cmake/Uninstall.cmake.in| 26 ++ docker/Makefile | 50 --- docker/README.md| 69 ++- docker/{standalone => }/cpu/Dockerfile | 13 +- docker/{standalone => }/gpu/Dockerfile | 16 +- docker/templates/Dockerfile.template| 42 -- docs/_layouts/default.html | 2 +- docs/development.md | 4 +- docs/index.md | 47 +- docs/install_apt.md | 6 +- docs/install_apt_debian.md | 161 +++ docs/installation.md| 7 +- docs/model_zoo.md | 24 +- docs/multigpu.md| 4 +- docs/performance_hardware.md| 73 --- docs/tutorial/interfaces.md | 4 +- docs/tutorial/layers.md | 562 docs/tutorial/layers/absval.md | 22 + docs/tutorial/layers/accuracy.md| 20 + docs/tutorial/layers/argmax.md | 18 + docs/tutorial/layers/batchnorm.md | 20 + docs/tutorial/layers/batchreindex.md| 16 + docs/tutorial/layers/bias.md| 19 + docs/tutorial/layers/bnll.md| 25 ++ docs/tutorial/layers/concat.md | 40 ++ docs/tutorial/layers/contrastiveloss.md | 20 + docs/tutorial/layers/convolution.md | 63 +++ docs/tutorial/layers/crop.md| 20 + docs/tutorial/layers/data.md| 29 ++ docs/tutorial/layers/deconvolution.md | 22 + docs/tutorial/layers/dropout.md | 20 + docs/tutorial/layers/dummydata.md | 20 + docs/tutorial/layers/eltwise.md | 20 + docs/tutorial/layers/elu.md | 25 ++ docs/tutorial/layers/embed.md | 20 + docs/tutorial/layers/euclideanloss.md | 16 + docs/tutorial/layers/exp.md | 24 + docs/tutorial/layers/filter.md | 15 + docs/tutorial/layers/flatten.md | 21 + docs/tutorial/layers/hdf5data.md| 20 +
Bug#862914: nmu: veusz_1.21.1-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu nmu veusz_1.21.1-1 . ANY . unstable . -m "rebuild with sip-api-11.3" nmu python-poppler-qt4_0.24.0-1 . ANY . unstable . -m "rebuild with sip-api-11.3" See #831860 for background.
Bug#831860: python{,3}-sip shouldn't provide more than one sip api
Control: reassign -1 src:sip4 4.18.1+dfsg-1 Control: retitle -1 python{,3}-sip shouldn't provide more than one sip api Control: affects -1 python-sip python3-sip On Thu, Feb 16, 2017 at 02:36:19PM +0100, di dit wrote: > Rebuilding veusz fixes this bug. >... Thanks a lot for your bug report, and also for this additional information. The trigger is the python-qt4 upgrade. Backtrace: #0 0x in ?? () #1 0x7fcb47dce997 in sip_api_get_cpp_ptr (sw=sw@entry=0x7fcb3d763410, td=0x7fcb4662ed00) at siplib.c:8571 #2 0x7fcb47dcfe38 in sip_api_convert_to_type ( pyObj=pyObj@entry=, td=, transferObj=0x0, flags=, statep=0x0, iserrp=iserrp@entry=0x7ffe94602bf4) at siplib.c:8756 #3 0x7fcb47dd3055 in parsePass2 (self=0x0, selfarg=0, sipArgs=sipArgs@entry=(,), sipKwdArgs=sipKwdArgs@entry=0x0, kwdlist=kwdlist@entry=0x0, fmt=0x7fcb46264f2c "", fmt@entry=0x7fcb46264f2a "J8", va=) at siplib.c:5458 #4 0x7fcb47dd3bd3 in parseKwdArgs (parseErrp=0x7ffe94602e60, sipArgs=(,), sipKwdArgs=0x0, kwdlist=0x0, unused=unused@entry=0x0, fmt=0x7fcb46264f2a "J8", va_orig=0x7ffe94602cf0) at siplib.c:3467 #5 0x7fcb47dd3da1 in sip_api_parse_kwd_args (parseErrp=, sipArgs=, sipKwdArgs=, kwdlist=, unused=0x0, fmt=) at siplib.c:3387 #6 0x7fcb4600a60e in ?? () from /usr/lib/python2.7/dist-packages/PyQt4/QtGui.x86_64-linux-gnu.so #7 0x7fcb47dcf7c3 in sipSimpleWrapper_init ( self=self@entry=0x7fcb3d763488, args=(,), kwds=0x0) at siplib.c:9861 #8 0x55d247e8d675 in wrap_init.lto_priv.1153 (kwds=, wrapped=0x7fcb47dcf4f0 , args=, self=) at ../Objects/typeobject.c:4862 #9 wrapper_call.lto_priv () at ../Objects/descrobject.c:1035 #10 0x55d247e03673 in PyObject_Call () at ../Objects/abstract.c:2547 ... After a rebuild python-qt4 now uses sip-api-11.3, but veusz-helpers still uses sip-api-11.1 To enforce that this problem can't happen again or during upgrades, python-sip and python3-sip shouldn't provide more than one sip api. This bug is to track that this gets fixed in python{,3}-sip for stretch. I'll also submit a binNMU request to get veusz and the other affected package in stretch rebuilt with sip-api-11.3 cu Adrian -- "Is there not promise of rain?" Ling Tan asked suddenly out of the darkness. There had been need of rain for many days. "Only a promise," Lao Er said. Pearl S. Buck - Dragon Seed
Bug#862871: unblock: intel-microcode/3.20170511.1
On Thu, 18 May 2017, Jonathan Wiltshire wrote: > On 2017-05-17 22:44, Henrique de Moraes Holschuh wrote: > >Please unblock package intel-microcode. > > Unblocked. Thank you! -- Henrique Holschuh
Bug#792923: After an update, the translation of KDE in french becomes very incomplete
¡Hola Etienne! El 2015-07-20 a las 10:04 +0200, Etienne MAHE escribió: Package: kde-l10n-fr Version: 4:4.14.0-2 After an update of french Localization of KDE files, the translation becomes very incomplete. For many menus and submenus, before this update, the translation was good. But after this same update, many menus switch from french to english, although french language is chosen in kde settings. The problems occurs for both testing and unstable versions. I wait for a solution to solve the problem. Sorry that it took so long to get back to you. The kde-l10n-* packages have been updated a couple of times since this was reported, right now in the 4:16.04.3-1 version that covers kde applications based on kde frameworks 5. While the current state is know not to be perfect I think that it's way better than it was when this was first reported. Are you still seeing a very incomplete localization for the french desktop? Happy hacking, -- "If you think your users are idiots, only idiots will use it." -- Linus Torvalds Saludos /\/\ /\ >< `/ signature.asc Description: PGP signature
Bug#862387: openstack-dashboard: instance delete fails with: 403 Forbidden - CSRF verification failed. Request aborted.
On Thu, May 18, 2017 at 05:14:10PM +0200, Thomas Goirand wrote: > FYI, I worked together with upstream during all of last summer to > somehow gain Django 1.10 compatibility. There was loads of issues, which > were fixed one by one. I guess this bug means we didn't fixed them all. > > If you're good enough with Django, we'd be very happy to add the patch > both upstream and in the Debian package. According to one of the > upstream "leaders" on IRC: > > zigo: Its on the batchActions and deleteActions > inside tables > so obviously, very severe. > What I dont understand is why this didnt break before Thanks for the info, unfortunately my Django skills are pretty basic, so I don't have a patch to share but just some more info that I found in the meanwhile. Tried a few Django packages from python-django git: * 1.8.16-1~bpo8+1 - works * 1.9.7-2 - works * 1.10-1 - fails Since it fails with the first 1.10 release it should definitely be some change introduced by the first Django 1.10 version. Like you mentioned the problem seems to be with the tables - from the page source in the browser the place where {% csrf_token %} should be inserted in templates/horizon/common/_data_table.html is blank. Apache error.log seems to confirm this: UserWarning: A {% csrf_token %} was used in a template, but the context did not provide the value. This is usually caused by not using RequestContext. Let me know if you have any ideas what I could try next. -- Valentin
Bug#846548: [pkg-opensc-maint] Bug#846548: patch for #846548
Sorry for not getting back to this sooner. I've canceled this upload since it has the side-effect of breaking libp11 (ie it bumps it's soname). I think the way forward would be to make that bump and rebuild the only dependency (pam-p11) against it, but I'm not 100% sure pam-p11 compiles with openssl 1.1. I guess this plan will require release manager approval since it's rather a lot of changes. * Luke Faraone (l...@faraone.cc) wrote: > On Thu, 11 May 2017 20:33:41 -0700 Luke W Faraonewrote: > > On Thu, 11 May 2017 19:45:51 -0700 Luke W Faraone > > wrote: > > > Attached is a patch to fix the path to the engine directory, and moves > > > this library back to libssl-dev. (it isn't clear to me from changelog or > > > git log why the move to 1.1 was originally reverted) > > > > And of course, that patch was bogus. Attached is a orrected patch. I > > intend to upload this to DELAYED/5 once I have a chance to test on real > > hardware. > > Tested (attached) and uploaded accordingly. > > -- Luke > $ openssl req -engine pkcs11 -keyform engine -new -key > "pkcs11:model=PKCS%2315%20emulated;manufacturer=piv_II;serial=[…];token=PIV_II%20%28PIV%20Card%20Holder%20pin%29;id=%01;object=PIV%20AUTH%20key;type=private" > -out req.pem -text -x509 -subj '/CN=Luke Faraone' > engine "pkcs11" set. > No private keys found. > PKCS#11 token PIN: > cobalt:/tmp/tmp.1Pc1kTLqDp$ cat req.pem > Certificate: > Data: > Version: 3 (0x2) > Serial Number: > a7:78:4e:07:98:95:7d:95 > Signature Algorithm: sha256WithRSAEncryption > Issuer: CN = Luke Faraone > Validity > Not Before: May 13 20:07:39 2017 GMT > Not After : Jun 12 20:07:39 2017 GMT > Subject: CN = Luke Faraone > Subject Public Key Info: > Public Key Algorithm: rsaEncryption > […] > -BEGIN CERTIFICATE- > […] > -END CERTIFICATE- > > ___ > pkg-opensc-maint mailing list > pkg-opensc-ma...@lists.alioth.debian.org > https://lists.alioth.debian.org/mailman/listinfo/pkg-opensc-maint -- Eric Dorland 43CF 1228 F726 FD5B 474C E962 C256 FBD5 0022 1E93
Bug#800831: Bug#800830: missing pre-gap and index mark data
Hi Daniel, In October 2015 you wrote: mkcue is behaving like "cdrdao --fast-toc", it is not reading the pre-gap and index mark details from the disk and it is not including those details in the Cue sheet. For some purposes, such as calculating a Musicbrainz disk ID, it may be necessary to have all these details. Did you end up just using cdrdao? Are there other features that would make it useful to you to fix this in mkcue, or would recommending cdrdao to new users be better? Moray
Bug#862913: [INTL:id] initial Indonesian debconf translation
Source: arb Version: 6.0.6-1 Severity: wishlist Tags: patch l10n X-Debbugs-CC: debian-l10n-indones...@lists.debian.org Dear maintainer, please find attachment for Indonesian debconf translations msgfmt -c -v -o /dev/null id.po 3 pesan diterjemahkan. Thank You -- Kukuh Syafaat # Translation of arb debconf templates to Indonesian # Copyright (C) Debian Indonesia Translator# This file is distributed under the same license as the arb package. # Kukuh Syafaat , 2017. # msgid "" msgstr "" "Project-Id-Version: arb\n" "Report-Msgid-Bugs-To: a...@packages.debian.org\n" "POT-Creation-Date: 2017-05-18 22:09+0700\n" "PO-Revision-Date: 2017-05-18 22:20+0700\n" "Last-Translator: Kukuh Syafaat \n" "Language-Team: Debian Indonesia Translator \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-Generator: Poedit 1.8.11\n" "Language: id\n" #. Type: multiselect #. Description #: ../arb-common.templates:2001 msgid "ARB PT-server administrators:" msgstr " Administrator ARB PT-server:" #. Type: multiselect #. Description #: ../arb-common.templates:2001 msgid "" "The default configuration of PT-server slots in /etc/arb/arb_tcp.dat gives " "ARB three global slots accessible by all users (connecting to localhost:" "${PORT}), as well as three slots to give private per-user access (connecting " "to ~/.arb_pts/${USER}${NUMBER}.socket)." msgstr "" "Konfigurasi bawaan slot PT-server di /etc/arb/arb_tcp.dat memberi ARB tiga " "slot global yang dapat diakses oleh semua pengguna (terhubung ke localhost:" "${PORT}), serta tiga slot untuk memberikan akses per pengguna pribadi " "(menghubungkan ke ~/.arb_pts/${USER}${NUMBER}.socket)." #. Type: multiselect #. Description #: ../arb-common.templates:2001 msgid "" "Only members of the \"arb\" system group will be able to build and update " "the shared PT-servers. Please enter the login names for these privileged " "users." msgstr "" "Hanya anggota grup sistem \"arb\" yang dapat membangun dan memperbarui " "shared server-PT. Harap masukkan nama login untuk pengguna istimewa ini."
Bug#862387: openstack-dashboard: instance delete fails with: 403 Forbidden - CSRF verification failed. Request aborted.
On 05/15/2017 11:44 AM, Valentin Vidic wrote: > On Fri, May 12, 2017 at 09:00:00AM +0200, Valentin Vidic wrote: >> Instance delete fails when I access: >> >> http://os-ctrl/horizon/project/instances/ >> >> and select "Delete Instance" from the list of actions with >> the error: >> >> Forbidden (403) >> CSRF verification failed. Request aborted. >> >> Help >> Reason given for failure: >> CSRF token missing or incorrect. > > Downgrading python-django to 1.8.16-1~bpo8+1 seems to help, > so it seems this version of horizon is not compatible with > django 1.10 somehow? Hi, FYI, I worked together with upstream during all of last summer to somehow gain Django 1.10 compatibility. There was loads of issues, which were fixed one by one. I guess this bug means we didn't fixed them all. If you're good enough with Django, we'd be very happy to add the patch both upstream and in the Debian package. According to one of the upstream "leaders" on IRC: zigo: Its on the batchActions and deleteActions inside tables so obviously, very severe. What I dont understand is why this didnt break before Cheers, Thomas Goirand (zigo)
Bug#862814: ibus-ui (systray icon) mis-detects Qt/KDE version
On Wed, May 17, 2017 at 02:03:22PM +0200, Ralf Jung wrote: > I can confirm that replacing the aforementioned piece of code by just > > m_indicator.set_icon_full(icon_name, ""); > > (i.e., removing the preprocessor conditional entirely) fixes the > problem: The icon is properly shown in the systray. Please send us a patch against current package Osamu > Kind regards, > Ralf >
Bug#862717: [Pkg-ime-devel] Bug#862717: ibus-daemon often crashes on suspend/resume
On Tue, May 16, 2017 at 08:43:02PM +0200, Ralf Jung wrote: > > The way this bug is happening, this looks like a bug on plasma-workspace > > or mozc. > What is mozc? It's another IM method used for ibus/uim/fcitx... for Japanese. Your comment in another mail that patching kde fixed some of the problem is interesting. For missing panel, did you install libqt5gui5 i A --\ libqt5gui55.7.1+dfsg-3+b 5.7.1+dfsg-3+b Description: Qt 5 GUI module Qt is a cross-platform C++ application framework. Qt's primary feature is its rich set of widgets that provide standard GUI functionality. The QtGui module extends QtCore with GUI functionality. Since it is a part of recommends, it is not installed by default. Osamu
Bug#862912: ITP: iannix -- graphical OSC sequencer for digital arts
Package: wnpp Severity: wishlist Owner: IOhannes m zmoelnig* Package name: iannix Version : 0.9.17 Upstream Author : Iannix Association * URL : https://iannix.org * License : GPL-3 Programming Lang: C++ Description : graphical OSC sequencer for digital arts IanniX is a graphical sequencer for digital arts, based on Iannis Xenakis works on graphical scores. IanniX manages events described via graphical elements (like curves) and controls your real-time environment via Open Sound Control (OSC). It can also be fully controlled via OSC (or FUDI, if you prefer). I intend to package this under the pkg-multimedia-maintainers umbrella.
Bug#862911: ITP: python-decouple -- Helps you to organize your Django|Flask settings
Package: wnpp Severity: wishlist Owner: Herbert Parentes Fortes Neto* Package name: python-decouple Version : 3.0 Upstream Author : Henrique Bastos * URL : https://pypi.python.org/pypi/python-decouple/ * License : MIT Programming Lang: Python Description : Decouple helps you to organize your Django settings Decouple helps you to organize your settings so that you can change parameters without having to redeploy your app. Framework :: Django Framework :: Flask
Bug#862910: [INTL:id] initial Indonesian debconf translation
Source: distributed-net Version: 2.9112.521-1 Severity: wishlist Tags: patch l10n X-Debbugs-CC: debian-l10n-indones...@lists.debian.org Dear maintainer, please find attachment for Indonesian debconf translations msgfmt -c -v -o /dev/null id.po 3 pesan diterjemahkan. Thank You -- Kukuh Syafaat # Translation of distributed-net debconf templates to Indonesian # Copyright (C) Debian Indonesia Translator# This file is distributed under the same license as the distributed-net package. # Kukuh Syafaat , 2017. # msgid "" msgstr "" "Project-Id-Version: distributed-net\n" "Report-Msgid-Bugs-To: distributed-...@packages.debian.org\n" "POT-Creation-Date: 2014-04-06 19:24+0200\n" "PO-Revision-Date: 2017-05-18 21:11+0700\n" "Language: id_ID\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=1; plural=0;\n" "Last-Translator: Kukuh Syafaat \n" "Language-Team: Debian Indonesia Translator \n" "X-Generator: Poedit 1.8.11\n" "X-Poedit-SourceCharset: UTF-8\n" #. Type: boolean #. Description #: ../distributed-net.templates:2001 msgid "Run the distributed.net client configuration utility?" msgstr "Jalankan utilitas konfigurasi klien distributed.net?" #. Type: boolean #. Description #: ../distributed-net.templates:2001 msgid "" "The distributed.net client needs to be configured before it can be used. " "While most options have reasonable defaults, you need to specify the e-mail " "address to which you would like distributed.net to credit any work done by " "the client. If you are installing the distributed-net package for the first " "time, then you must configure the client, otherwise the distributed.net " "client will refuse to start." msgstr "" "Klien distributed.net perlu dikonfigurasi sebelum dapat digunakan. Sementara " "sebagian besar pilihan memiliki bawaan yang masuk akal, Anda perlu " "menentukan alamat surel yang Anda inginkan untuk distributed.net ke kredit " "pekerjaan yang dilakukan oleh klien. Jika Anda memasang paket distributed-" "net untuk pertama kalinya, Anda harus mengkonfigurasi klien, jika tidak, " "klien distributed.net akan menolak untuk memulai." #. Type: boolean #. Description #: ../distributed-net.templates:2001 msgid "" "When the distributed.net client is run as a daemon (via /etc/init.d/" "distributed-net), the output will be redirected to /var/log/distributed-net." "log. You do not need to set up a log file. Since the init script is " "controlling the distributed.net client, you should not enable \"quiet mode\" " "as that breaks the init script." msgstr "" "Ketika klien distributed.net dijalankan sebagai daemon (via /etc/init.d/" "distributed-net), keluaran akan diarahkan ke /var/log/distributed-net.log. " "Anda tidak perlu membuat berkas log. Karena skrip init mengendalikan klien " "distributed.net, Anda seharusnya tidak mengaktifkan \"mode diam\" saat skrip " "init rusak."
Bug#862216: release-notes: [Stretch] improve text about iproute2 and net-tools
Hello Baptiste, On Thu, May 18, 2017 at 02:27:08PM +0200, Baptiste Jammet wrote: > Control: tags -1 patch [...] Just a minor nitpit, which is unrelated but that I noticed when looking at your patch. There seems to be a missing space in "netstat-r" which you might also want to fix while at it ( => "netstat -r"). Regards, Andreas Henriksson