Bug#863453: unblock: acmetool/0.0.59-1

2017-05-26 Thread Niels Thykier 
Control: tags -1 moreinfo

Peter Colberg:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Dear Debian Release Team,
> 
> [...]

Hi,

> 
> Could you please unblock a new upstream bugfix release of acmetool, a
> client for the Let’s Encrypt TLS certificate authority? This version
> was uploaded to Debian unstable back in February, shortly after the
> beginning of the full freeze [0].
> 

Any particular reason why you have waited until now with filing the
unblock request?

> The release comprises the following bug and usability fixes:
> 
>   * Validate hostnames in 'acmetool want' [1]
>   * Allow environment variables to be passed to challenge hooks [2]
>   * Allow acmeapi to obtain new nonces if nonce pool is depleted [3]
>   * Don't attempt fdb permission tests on non-cgo builds [4]
>   * Add read/write timeouts to redirector server [5]
>   * Allow hidden files within the state directory [6]
> 
> Regards,
> Peter
> 
> [...]

Thanks,
~Niels

Bug#823796: phatch: impossible to use phatch there is just the logo that is displayed

2017-05-26 Thread Marc Dequènes 
Quack,

On 05/27/2017 08:57 AM, Steve Cotton wrote:

> This is a caused by a change in the PIL library, but it can be worked
> round with a one-line change to Phatch, which seems the best option
> before the Stretch release.

This patch works well here. I think it is simple enough to be accepted
by the release team.

You do not seem to be a Debian contributor (yet). If noone from the PAPT
steps up, I guess they won't object to an upload from a former DPMT
member :-).

\_o<




signature.asc
Description: OpenPGP digital signature

Bug#860950: steam: crashes at startup

2017-05-26 Thread Michael Gilbert 
control: severity -1 normal
control: tag -1 moreinfo, unreproducible

Can you provide more information about your system and how to
reproduce this?  Others have tried and failed, so there must be more
to it.  Try backing up .steam somewhere else so it tries to start
fresh.

Best wishes,
Mike

Bug#859598:

2017-05-26 Thread Josh Haertel 
Package: broadcom-sta-dkms
Version: 6.30.223.271-5

I too have had the same issue. Attempts to fix it include turning power
management off with iwconfig (with edits to
/etc/NetworkManager/conf.d/default-wifi-powersave-on.conf to make it
persistent through reboots as confirmed by iwconfig) and disabling IPv6,
booth by ignoring it in the Network Manager GUI and editing
/etc/sysctl.conf (IPv6 was confirmed as being off by monitoring with
iftop). It is worth noting that the network initially seems to be fine and
doesn't have issues until the computer has been in use for more than about
10 minutes. This also, incidentally, correlates to a few more open tabs in
my browser and more network traffic. However, in my stress testing I have
been fine with three youtube videos downloading at 1080p and one git hub
repo cloning and deleting itself for about 10 minutes. After that, the
problem occurs every few minutes, initially lasting only for a few seconds
and then eventually minutes. Monitoring through iftop confirms that
download rate drops from 5 mbps to a variety of lower speeds between 0 and
a couple 100 kbps. Additional side effects include the network signal
showing 100% in the toolbar when the connection is dropped. Htop shows no
abuse of system memory (3.1G/15.G in use) nor the systems four cores (each
between 5-20%) when the wireless is on and when it is lost.

My main suspicion is that this is power/heat related. One time, while
reinstalling one of the other driver alternatives for the nth time, my
computer completely froze and had to be rebooted -- a problem common with
high cpu temperatures. The mac mini chassis always gets hot after a few
minutes of use (though it is not scathing to touch). Interestingly enough,
the wired network still seems to work fine under these conditions. This
could be attributed to better power management in that system or even
physical real estate of the chips on the motherboard with regards to
proximity of the fan and sources of heat. Here are a few snapshots of the
head of my sensors output:
$ sensors  # On solely wifi
coretemp-isa-
Adapter: ISA adapter
Package id 0:  +81.0°C  (high = +87.0°C, crit = +105.0°C)
Core 0:+81.0°C  (high = +87.0°C, crit = +105.0°C)
Core 1:+79.0°C  (high = +87.0°C, crit = +105.0°C)

applesmc-isa-0300
Adapter: ISA adapter
Exhaust  :   2193 RPM  (min = 1800 RPM, max = 5500 RPM)


$ sensors  # On solely network cable -- meaning this could be a heating
issue unrelated to the driver, albeit affecting wireless more directly
coretemp-isa-
Adapter: ISA adapter
Package id 0:  +92.0°C  (high = +87.0°C, crit = +105.0°C)
Core 0:+91.0°C  (high = +87.0°C, crit = +105.0°C)
Core 1:+92.0°C  (high = +87.0°C, crit = +105.0°C)

applesmc-isa-0300
Adapter: ISA adapter
Exhaust  :   2182 RPM  (min = 1800 RPM, max = 5500 RPM)


Below are more specs on the system:

Mac Mini Late 2012
$ sudo dmidecode -s system-product-name
Macmini6,1

Ubuntu 17.04
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 17.04
Release: 17.04
Codename: zesty

Linux Kernel
$ uname -a
Linux Ubuntu 4.10.0-21-generic #23-Ubuntu SMP Fri Apr 28 16:14:22 UTC 2017
x86_64 x86_64 x86_64 GNU/Linux

Broadcom chip 4331 with wl driver (all others have been blacklisted in):
$ lspci -vvnn | grep -A9 Network
02:00.0 Network controller [0280]: Broadcom Limited BCM4331 802.11a/b/g/n
[14e4:4331] (rev 02)
Subsystem: Apple Inc. AirPort Extreme [106b:010e]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: wl
Kernel modules: bcma, wl

Driver release 6.30.223.271-5
$ apt list broadcom-sta-dkms
Listing... Done
broadcom-sta-dkms/zesty,zesty,now 6.30.223.271-5 all [installed]

Unless anyone has any other leads (likely kernel related), I will look more
into power management and increasing the fan speeds as a temporary band aid.

Bug#863455: firefoxdriver: switch to geckodriver?

2017-05-26 Thread Paul Wise 
Package: firefoxdriver
Severity: wishlist

Have you considered upgrading selenium in Debian, packaging geckodriver
 and removing firefoxdriver so that support for Firefox in Selenium
works without using non-free software?

https://github.com/mozilla/geckodriver

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#863454: ITP: libplack-builder-conditionals-perl -- Plack::Builder extension

2017-05-26 Thread Robert J. Clay 
Package: wnpp
Owner: Robert James Clay 
Severity: wishlist
X-Debbugs-CC: debian-de...@lists.debian.org, debian-p...@lists.debian.org

* Package name: libplack-builder-conditionals-perl
  Version : 0.05
  Upstream Author : Masahiro Nagano 
* URL : https://metacpan.org/release/Plack-Builder-Conditionals
* License : Artistic or GPL-1+
  Programming Lang: Perl
  Description : Plack::Builder extension for Conditionals

Plack::Builder::Conditionals is an extension that provide the following
functions: 'match_if', 'addr', 'path', 'method', 'header', 'browser',
'all', and 'any'.
The package will be maintained under the umbrella of the Debian Perl Group.


-- 
Robert J. Clay
rjc...@gmail.com
j...@rocasa.us

Bug#863453: unblock: acmetool/0.0.59-1

2017-05-26 Thread Peter Colberg 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear Debian Release Team,

Please accept my apology for the belated request:

unblock acmetool/0.0.59-1

Could you please unblock a new upstream bugfix release of acmetool, a
client for the Let’s Encrypt TLS certificate authority? This version
was uploaded to Debian unstable back in February, shortly after the
beginning of the full freeze [0].

The release comprises the following bug and usability fixes:

  * Validate hostnames in 'acmetool want' [1]
  * Allow environment variables to be passed to challenge hooks [2]
  * Allow acmeapi to obtain new nonces if nonce pool is depleted [3]
  * Don't attempt fdb permission tests on non-cgo builds [4]
  * Add read/write timeouts to redirector server [5]
  * Allow hidden files within the state directory [6]

Regards,
Peter

[0] https://tracker.debian.org/news/839171
[1] 
https://github.com/hlandau/acme/commit/96126c04eb76c1921127731ea3ae562a67459b2d
[2] 
https://github.com/hlandau/acme/commit/c8f5d91e3b1d5fab90fda1298a65f5f283555097
[3] 
https://github.com/hlandau/acme/commit/a087733bf7567b224b8d192e2747f794fc93a27c
[4] 
https://github.com/hlandau/acme/commit/ca02f4791ab63b92907c2dfcf7d1f9a1f62b7b87
[5] 
https://github.com/hlandau/acme/commit/b9637d98466b45de1b7fc848474d1fc10ef60667
[6] 
https://github.com/hlandau/acme/commit/677aa28007341961102375d45857e26fac149e80
diff -Nru acmetool-0.0.58/.travis/after_success acmetool-0.0.59/.travis/after_success
--- acmetool-0.0.58/.travis/after_success	2016-09-03 08:30:08.0 -0400
+++ acmetool-0.0.59/.travis/after_success	2017-02-17 06:26:01.0 -0500
@@ -32,20 +32,25 @@
 
 # Prepare Ubuntu PPA signing key.
 echo Preparing Ubuntu PPA signing key...
-cd "$ACME_DIR/.travis"
-wget -c "https://www.devever.net/~hl/f/gnupg-ppa-data.tar.gz.enc;
-openssl enc -d -aes-128-cbc -md sha256 -salt -pass env:PPA_ENCRYPTION_PASS -in "gnupg-ppa-data.tar.gz.enc" -out "gnupg-ppa-data.tar.gz"
-tar xvf gnupg-ppa-data.tar.gz
-shred -u gnupg-ppa-data.tar.*
-cd "$ACME_DIR"
+wget -qO ppa-private.asc.enc "https://www.devever.net/~hl/f/ppa-private-${PPA_ENCRYPTION_ID}.asc.enc;
+export PPA_ENCRYPTION_ID=
+openssl enc -d -aes-128-cbc -md sha256 -salt -pass env:PPA_ENCRYPTION_PASS -in "ppa-private.asc.enc" -out "ppa-private.asc"
+export PPA_ENCRYPTION_PASS=
+shred -u ppa-private.asc.enc
 export GNUPGHOME="$ACME_DIR/.travis/.gnupg"
+mkdir -p "$GNUPGHOME"
+gpg --batch --import < ppa-private.asc
+shred -u ppa-private.asc
+cat < "$HOME/.devscripts"
-DEBSIGN_KEYID="Hugo Landau (2016 PPA Signing) "
+DEBSIGN_KEYID="Hugo Landau (2017 PPA Signing) "
 END
 
-UBUNTU_RELEASES="xenial precise trusty vivid wily"
+UBUNTU_RELEASES="precise trusty xenial yakkety zesty vivid"
 for distro_name in $UBUNTU_RELEASES; do
   echo Creating Debian source environment for ${distro_name}...
   $GOPATH/src/github.com/$TRAVIS_REPO_SLUG/.travis/make_debian_env "$GOPATH/releasing/dbuilds/$distro_name" "$GOPATH/releasing/dist/" "$TRAVIS_TAG" "$distro_name"
@@ -90,7 +95,7 @@
 cat < /tmp/rpm-metadata
 {
   "project_id": $COPR_PROJECT_ID,
-  "chroots": ["fedora-23-i386", "fedora-23-x86_64", "epel-7-x86_64", "fedora-24-i386", "fedora-24-x86_64"]
+  "chroots": ["fedora-23-i386", "fedora-23-x86_64", "epel-7-x86_64", "fedora-24-i386", "fedora-24-x86_64", "fedora-25-i386", "fedora-25-x86_64", "fedora-26-i386", "fedora-26-x86_64"]
 }
 END
   else
diff -Nru acmetool-0.0.58/.travis/boulder.patch acmetool-0.0.59/.travis/boulder.patch
--- acmetool-0.0.58/.travis/boulder.patch	2016-09-03 08:30:08.0 -0400
+++ acmetool-0.0.59/.travis/boulder.patch	2017-02-17 06:26:01.0 -0500
@@ -11,7 +11,7 @@
  
  # If we reach here, a child died early. Log what died:
 diff --git a/test/config-next/va.json b/test/config-next/va.json
-index c237d7f..1336bb5 100644
+index 374ff68..4e701da 100644
 --- a/test/config-next/va.json
 +++ b/test/config-next/va.json
 @@ -4,7 +4,7 @@
@@ -23,35 +23,42 @@
"httpsPort": 5001,
"tlsPort": 5001
  },
-@@ -56,4 +56,4 @@
- "dnsTimeout": "10s",
- "dnsAllowLoopbackAddresses": true
-   }
--}
-\ No newline at end of file
-+}
 diff --git a/test/config/ca.json b/test/config/ca.json
-index a4d71c8..9057f6f 100644
+index eb6a2c1..7c6c0e3 100644
 --- a/test/config/ca.json
 +++ b/test/config/ca.json
-@@ -5,10 +5,10 @@
+@@ -5,11 +5,11 @@
  "ecdsaProfile": "ecdsaEE",
- "debugAddr": "localhost:8001",
+ "debugAddr": ":8001",
  "Issuers": [{
 -  "ConfigFile": "test/test-ca.key-pkcs11.json",
 +  "File": "test/test-ca.key",
-   "CertFile": "test/test-ca2.pem"
+   "CertFile": "test/test-ca2.pem",
+   "NumSessions": 2
  }, {
 -  "ConfigFile": "test/test-ca.key-pkcs11.json",
 +  "File": "test/test-ca.key",
-   "CertFile": "test/test-ca.pem"
+   "CertFile": "test/test-ca.pem",
+   "NumSessions": 2
  }],
- "expiry": "2160h",
+diff

Bug#863452: xterm fonts too small

2017-05-26 Thread David Lawyer 
Package: xterm
Version: 327-2

I set the font to "huge" by pressing ctrl-rt-click.  While it's much larger
than before, it's still small.  I've used a real VT100 terminal a lot in
the past and the built in fonts were normally significantly larger than
what xterm calls "huge".  Of course the reason is likely that old bitmaps,
intended for the obsolete low resolution terminals of the early 1980's,
are being used for xterm..

So "huge" needs to be relabelled "small" (or perhaps "medium", etc.) and
larger fonts obtained.  On my console I use 16x32 font which is large.
Should xterm give the option of using the same fonts as for the console?
This would be of value if one has already set up the fonts for the
console, (as I have) since the default console fonts seem to also be way
too small.

David Lawyer

Bug#863451: veusz: Segmentation fault

2017-05-26 Thread Kingsley G. Morse Jr. 
Package: veusz
Version: 1.21.1-1
Severity: important

O' mighty maintainers o' mega math maps!

   * What led up to the situation?

root$ aptitude install veusz
The following NEW packages will be installed:
  veusz veusz-helpers{a}

kingsley$ veusz

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

Curse these good looks!

;-)

   * What was the outcome of this action?

VO table import: astropy module not available
SAMP: sampy module not available
Segmentation fault

   * What outcome did you expect instead?

A Louvre-worthy GUI.

Thanks,
Kingsley

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 4.4.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages veusz depends on:
ii  python 2.7.13-1
ii  python-numpy   1:1.12.0-2
ii  python-qt4 4.11.4+dfsg-2
ii  veusz-helpers  1.21.1-1

veusz recommends no packages.

Versions of packages veusz suggests:
ii  python-dbus1.2.0-2+b4
pn  python-h5py
pn  python-pyfits  

-- no debconf information

Bug#862555: linux: please ship efivarfs into efi-modules

2017-05-26 Thread Cyril Brulebois 
Hi,

Cyril Brulebois  (2017-05-14):
> Source: linux
> Version: 4.9.25-1
> Severity: normal
> Tags: patch
> 
> Hi,
> 
> During the Paris BSP I've discovered that a number of laptops need
> firmware but also configuration files which are found in efivarfs.
> 
> Please find attached a prospective, untested patch to ship efivarfs
> inside efi-modules, so that one has a chance of mounting that special
> FS from within d-i.
> 
> A thread happened earlier on debian-boot:
>   https://lists.debian.org/debian-boot/2016/05/msg00318.html
> 
> (cc'ing debian-boot@ and Steve who wanted to get this fixed.)

Just out of curiosity, is there any chance this could be fixed in time
for stretch r0, or should I keep an eye on this for a later point
release?


KiBi.


signature.asc
Description: Digital signature

Bug#823796: phatch: impossible to use phatch there is just the logo that is displayed

2017-05-26 Thread Steve Cotton 
On Sun, May 07, 2017 at 02:39:07PM +0200, Marc Dequènes wrote:
> Quack,

>   File "/usr/share/phatch/phatch/lib/pyWx/treeEdit.py", line 120, in
> _AddFormToImageList
> wx_image = pil_wxImage(wxImage_pil(wx_image).resize(icon_size,\
>   File "/usr/share/phatch/phatch/lib/pyWx/wxPil.py", line 45, in wxImage_pil
> image = Image.new('RGB', size)
>   File "/usr/lib/python2.7/dist-packages/PIL/Image.py", line 2051, in new
> _check_size(size)
>   File "/usr/lib/python2.7/dist-packages/PIL/Image.py", line 2027, in
> _check_size
> raise ValueError("Size must be a tuple")
> ValueError: Size must be a tuple
> 
> \_o<

This is a caused by a change in the PIL library, but it can be worked
round with a one-line change to Phatch, which seems the best option
before the Stretch release.

Steve


From: Steve Cotton 
Date: Sat, 27 May 2017 01:32:21 +0200
Subject: [PATCH] Convert images' wx.Size object to a tuple for the PIL library

The wxPython library wraps image sizes in a wx.Size object, a class
which provides the __len__ and accessor methods expected for a tuple.
There's been a breaking change to the PIL library, which now
explicitly checks the type of the size passed to it, and rejects
anything which is not a tuple or a list.

This patch adds a call to wx.Size.Get(), which returns the size as a
tuple.

Bug-Debian: https://bugs.debian.org/823796

PIL library change: 
https://github.com/python-pillow/Pillow/commit/445451c0b9347b50e0f603db33f196e207de470d
---
 phatch/lib/pyWx/wxPil.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/phatch/lib/pyWx/wxPil.py b/phatch/lib/pyWx/wxPil.py
index cf8c940..be73074 100644
--- a/phatch/lib/pyWx/wxPil.py
+++ b/phatch/lib/pyWx/wxPil.py
@@ -41,7 +41,7 @@ def pil_wxBitmap(image):
 
 
 def wxImage_pil(wx_image):
-size = wx_image.GetSize()
+size = wx_image.GetSize().Get()
 image = Image.new('RGB', size)
 image.frombytes(wx_image.GetData())
 if wx_image.HasAlpha():

Bug#863389: Fwd: Bug#863389: linux-image-4.9.0-0.bpo.3-amd64: After update to linux-image-4.9.0.0-0.bpo.3, no route to host via IPV4

2017-05-26 Thread Jason Wittlin-Cohen 
Hi Ben,

Thanks for the reply. You're absolutely right about the ordering of the
iface statements.  I modified my interfaces file such that the bonding
parameters followed "iface bond0 inet static" and now it loads the bonding
module and adds a default gateway for IPV4.  The configuration below works
properly.  I'm pretty sure I know what happened.  I've been using bonding
with IPV4-only for quite a while; I used the Debian howto to set it up.  I
recently added a Hurricane Electric 6in4 tunnel to my pfsense router and
therefore added the "iface bond0 inet6 static" section.  Restarting the
bond using "ifdown bond0 && ifup bond0" worked, perhaps because the bonding
module was already loaded.  I wasn't able to find much documentation about
how to setup a bond with both IPV4 and IPV6.  The bonding guide is IPV4
only, and the IPV6 guide doesn't discuss bonding.

However, I still think there's something wrong with my configuration. If I
attempt to use "iface bond0 inet6 dhcp", I get an IP from the DHCPv6
server, but no default gateway is created, so attempting to access the
internet results in no route to host.  I know Router Advertisements and
DHCPv6 are working as other Windows and Linux clients are working (tested
with both SLAAC and DHCPv6 w/RA).  Do you know why I'm not getting a
default route when using DHCPv6?


auto lo
iface lo inet loopback
iface eth0 inet manual
iface eth1 inet manual

auto bond0
iface bond0 inet dhcp
   slaves eth0 eth1
   bond_mode 802.3ad
   bond_miimon 100
   bond_downdelay 200
   bond_updelay 200
   mtu 9000

iface bond0 inet6 static
   address 2001:470:8:1141::2
   netmask 64
   gateway 2001:470:8:1141::1

auto eth2
iface eth2 inet static
address 10.0.0.1
netmask 255.255.255.0
mtu 9000

Thanks,

Jason



On Fri, May 26, 2017 at 7:30 PM, Ben Hutchings  wrote:

> Control: tag -1 moreinfo
>
> I don't see any changes in the kernel bonding driver, or any relevant
> changes to kernel networking.
>
> On Fri, 2017-05-26 at 00:31 -0400, Jason Cohen wrote:
> > ** Network interface configuration:
> [...]
> > auto bond0
> > iface bond0 inet static
> > address 192.168.1.200
> > netmask 255.255.255.0
> > network 192.168.1.0
> > gateway 192.168.1.1
> > iface bond0 inet6 static
> >   address 2001:470:8:1141::2
> >   netmask 64
> >   gateway 2001:470:8:1141::1
> > slaves eth0 eth1
> > bond_mode 802.3ad
> > bond_miimon 100
> > bond_downdelay 200
> > bond_updelay 200
> > mtu 9000
> [...]
>
> I'm pretty sure this configuration never worked, and that you just
> found that out by rebooting after the upgrade.
>
> The problem is that ifupdown treats each 'iface' statement as
> introducing a separate interface configuration, so the above is parsed
> as:
>
> iface bond0 inet static
> address 192.168.1.200
> netmask 255.255.255.0
> network 192.168.1.0
> gateway 192.168.1.1
>
> iface bond0 inet6 static
> address 2001:470:8:1141::2
> netma
> sk 64
> gateway 2001:470:8:1141::1
> slaves eth0 eth1
>
> bond_mode 802.3ad
> bond_miimon 100
> bond_downdelay 200
>
> bond_updelay 200
> mtu 9000
>
> I think it will first try to apply the first interface configuration.
> There are no bonding parameters so the code to create a bonding
> interface (and load the bonding module) doesn't run.  As there is no
> such interface, the IPv4 configuration can't be applied either.
>
> I don't know whether ifupdown tries to process the second interface
> configuration after this failure, but I would guess not.
>
> If you move all the bonding and mtu parameters into the first interface
> configuration, does the bonding interface start working again?
>
> Ben.
>
> --
> Ben Hutchings
> The generation of random numbers is too important to be left to chance.
>- Robert Coveyou
>

Bug#863450: unblock: gajim/0.16.6-1.1

2017-05-26 Thread W. Martin Borgert 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package gajim

Added an upstream commit/patch to solve security problem #863445.


diff -Nru gajim-0.16.6/debian/changelog gajim-0.16.6/debian/changelog
--- gajim-0.16.6/debian/changelog   2016-10-08 12:10:31.0 +0200
+++ gajim-0.16.6/debian/changelog   2017-05-27 00:35:49.0 +0200
@@ -1,3 +1,10 @@
+gajim (0.16.6-1.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Apply upstream patch to make XEP-0146 opt-in (Closes: #863445)
+
+ -- W. Martin Borgert   Fri, 26 May 2017 22:35:49 +
+
 gajim (0.16.6-1) unstable; urgency=low
 
   * New upstream release (closes: #839780)
diff -Nru gajim-0.16.6/debian/patches/fix-xep-0146-opt-in 
gajim-0.16.6/debian/patches/fix-xep-0146-opt-in
--- gajim-0.16.6/debian/patches/fix-xep-0146-opt-in 1970-01-01 
01:00:00.0 +0100
+++ gajim-0.16.6/debian/patches/fix-xep-0146-opt-in 2017-05-27 
00:35:49.0 +0200
@@ -0,0 +1,35 @@
+Description: Add config option to activate XEP-0146 commands
+ Some of the Commands have security implications, thats why we disable them 
per default
+Author: Philipp Hörist
+Origin: upstream, 
https://dev.gajim.org/gajim/gajim/commit/cb65cfc5aed9efe05208ebbb7fb2d41fcf7253cc
+Bug: https://dev.gajim.org/gajim/gajim/issues/8378
+Bug-Debian: https://bugs.debian.org/863445
+Last-Update: 2017-05-27
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/src/common/commands.py
 b/src/common/commands.py
+@@ -345,9 +345,10 @@
+ def __init__(self):
+ # a list of all commands exposed: node -> command class
+ self.__commands = {}
+-for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand,
+-LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand):
+-self.__commands[cmdobj.commandnode] = cmdobj
++if gajim.config.get('remote_commands'):
++for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand,
++LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand):
++self.__commands[cmdobj.commandnode] = cmdobj
+ 
+ # a list of sessions; keys are tuples (jid, sessionid, node)
+ self.__sessions = {}
+--- a/src/common/config.py
 b/src/common/config.py
+@@ -313,6 +313,7 @@
+ 'ignore_incoming_attention': [opt_bool, False, _('If True, Gajim 
will ignore incoming attention requestd ("wizz").')],
+ 'remember_opened_chat_controls': [ opt_bool, True, _('If enabled, 
Gajim will reopen chat windows that were opened last time Gajim was closed.')],
+ 'positive_184_ack': [ opt_bool, False, _('If enabled, Gajim will 
show an icon to show that sent message has been received by your contact')],
++'remote_commands': [opt_bool, False, _('If True, Gajim will 
execute XEP-0146 Commands. Dangerous!')],
+ }, {})
+ 
+ __options_per_key = {
diff -Nru gajim-0.16.6/debian/patches/series gajim-0.16.6/debian/patches/series
--- gajim-0.16.6/debian/patches/series  1970-01-01 01:00:00.0 +0100
+++ gajim-0.16.6/debian/patches/series  2017-05-27 00:35:49.0 +0200
@@ -0,0 +1 @@
+fix-xep-0146-opt-in


unblock gajim/0.16.6-1.1

Bug#862258: [Pkg-mlmmj-devel] Bug#862258: add an user for mlmmj

2017-05-26 Thread Geert Stappers 
On Thu, May 25, 2017 at 01:43:01PM +0200, Thomas Goirand wrote:
> On 05/25/2017 10:59 AM, Geert Stappers wrote:
> > On Wed, May 24, 2017 at 04:00:37PM +0200, Thomas Goirand wrote:
> >> just leave the choice to the user and let him do it by hand.
> > 
> > It is the "add an user _by hand_" that I want to avoid.
> 
> There's no way to avoid it, since this is a very specific way to use
> MLMMJ (ie: using a single mlmmj system account isn't the way when doing
> virtual hosting).
> 
> >> I believe here, you're maybe too much influenced by bad practice with
> >> less good list manager, like mailman, maybe?
> > 
> > Both http://mlmmj.org/docs/readme-exim4/ and 
> > http://mlmmj.org/docs/readme-postfix/
> > say to create a mlmmj user.
> 
> This is *one way* to do things, yes.

Those who want to use that mlmmj user will benefit from the "postinst adduser".
 

> > What would an acceptable place for inclusion of 
> > 
> > adduser --system --quiet \
> > --home /var/spool/mlmmj --no-create-home \
> > --shell /bin/false --ingroup mlmmj \
> > --gecos "Mailing List Management Made Joyful" \
> > mlmmj
> 
> I don't think so.
> 


Thing I miss in this discussion is how a mlmmj user is harming other workflows.

Could the virtual hosting workflow / setup be elaborated?



Groeten
Geert Stappers
-- 
Leven en laten leven

Bug#863389: linux-image-4.9.0-0.bpo.3-amd64: After update to linux-image-4.9.0.0-0.bpo.3, no route to host via IPV4

2017-05-26 Thread Ben Hutchings 
Control: tag -1 moreinfo

I don't see any changes in the kernel bonding driver, or any relevant
changes to kernel networking.

On Fri, 2017-05-26 at 00:31 -0400, Jason Cohen wrote:
> ** Network interface configuration:
[...]
> auto bond0
> iface bond0 inet static
> address 192.168.1.200
> netmask 255.255.255.0
> network 192.168.1.0
> gateway 192.168.1.1
> iface bond0 inet6 static
>   address 2001:470:8:1141::2
>   netmask 64
>   gateway 2001:470:8:1141::1
> slaves eth0 eth1
> bond_mode 802.3ad
> bond_miimon 100
> bond_downdelay 200
> bond_updelay 200
> mtu 9000
[...]

I'm pretty sure this configuration never worked, and that you just
found that out by rebooting after the upgrade.

The problem is that ifupdown treats each 'iface' statement as
introducing a separate interface configuration, so the above is parsed
as:

iface bond0 inet static
address 192.168.1.200
netmask 255.255.255.0
network 192.168.1.0
gateway 192.168.1.1

iface bond0 inet6 static
address 2001:470:8:1141::2
netma
sk 64
gateway 2001:470:8:1141::1
slaves eth0 eth1

bond_mode 802.3ad
bond_miimon 100
bond_downdelay 200

bond_updelay 200
mtu 9000

I think it will first try to apply the first interface configuration. 
There are no bonding parameters so the code to create a bonding
interface (and load the bonding module) doesn't run.  As there is no
such interface, the IPv4 configuration can't be applied either.

I don't know whether ifupdown tries to process the second interface
configuration after this failure, but I would guess not.

If you move all the bonding and mtu parameters into the first interface
configuration, does the bonding interface start working again?

Ben.

-- 
Ben Hutchings
The generation of random numbers is too important to be left to chance.
       - Robert Coveyou


signature.asc
Description: This is a digitally signed message part

Bug#863449: [libgl1-mesa-dri] libGL error: unable to load driver: radeonsi_dri.so

2017-05-26 Thread Xavier SELLIER 
Package: libgl1-mesa-dri:amd64, libgl1-mesa-dri:i386
Version: 17.1.0-1

All the Mesa libraries are upgraded at the same time (with apt-get upgrade
-t experimental). The package is installed and configured.

Command:glxinfo | grep -i opengl
Output:

  libGL error: unable to load driver: radeonsi_dri.so
  libGL error: driver pointer missing
  libGL error: failed to load driver: radeonsi
  libGL error: unable to load driver: radeonsi_dri.so
  libGL error: driver pointer missing
  libGL error: failed to load driver: radeonsi
  libGL error: unable to load driver: swrast_dri.so
  libGL error: failed to load driver: swrast
  X Error of failed request:  GLXBadContext
Major opcode of failed request:  156 (GLX)
Minor opcode of failed request:  6 (X_GLXIsDirect)
Serial number of failed request:  55
Current serial number in output stream:  54

If I downgrade with this command apt-get install
libgl1-mesa-dri:amd64=17.0.4-1 libgl1-mesa-dri:i386=17.0.4-1, then the
direct rendering will work:

Command: glxinfo | grep -i opengl

Output:
  OpenGL vendor string: X.Org
  OpenGL renderer string: Gallium 0.4 on AMD HAWAII (DRM 2.49.0 /
4.11.0-trunk, LLVM 4.0.1)
  OpenGL core profile version string: 4.5 (Core Profile) Mesa 17.0.4
  OpenGL core profile shading language version string: 4.50
  OpenGL core profile context flags: (none)
  OpenGL core profile profile mask: core profile
  OpenGL core profile extensions:
  OpenGL version string: 3.0 Mesa 17.0.4
  OpenGL shading language version string: 1.30
  OpenGL context flags: (none)
  OpenGL extensions:
  OpenGL ES profile version string: OpenGL ES 3.1 Mesa 17.0.4
  OpenGL ES profile shading language version string: OpenGL ES GLSL ES 3.10
  OpenGL ES profile extensions:

Thank you for your amazing job,
Regards
Xavier

Bug#863398: [gimp] menu bar not visibile

2017-05-26 Thread Ari Pollak 
Could this be a GTK+ theme issue? Do other GTK+2 programs have the same
problem (audacity or inkscape for example)?

Bug#863267: [Python-modules-team] Bug#863267: Miscalculates MigrationHistory dependencies between multiple django apps - regression from 1.8

2017-05-26 Thread Brian May 
Some misconceptions resolved:

* This bug does not cause any data to be deleted.
* This bug does not cause any data to be currupted.
* This bug does not cause any data to be lost.
* This bug only affects one application. Out of many others that use Django.

The damage this bug does cause:

* If you try to upgrade the package in question, the migrations will run
  in the postinst script. These migrations will fail - before even
  touching the database. This is a pre-migration sanity check that
  fails. This in turn means the postinst script will fail and the
  package is marked as bad.

  All the data is still there, and it hasn't been touched. It may not be
  accessible to the application however, as it will depend on the
  migrations being run. The application may crash as the database schema
  is different from what it expects.

I do not believe this should be an RC bug against Django.
-- 
Brian May

Bug#863149: [pkg-gnupg-maint] Bug#863149: libgpgmepp-dev: please split the qtgpgme(pp) stuff out

2017-05-26 Thread Rene Engelhard 
On Sat, May 27, 2017 at 01:02:24AM +0200, Sandro Knauß wrote:
> well why this has changed is that upstream imcluded  qtgpgme(pp) into 
> gpgmepp,> so a  developer can expect to install the gpgmepp-dev package to 
> have all
> language bindings to be installed (cpp, qt,...) . 

Honestly, this doesn't make sense to me. if it had Haskell, or D or Ada or
whatever else obscure binding, would it be there, too?

Besides, that, the python binding is not a dependency of that -dev either.
  
>I would recommend, when the gpgmepp-dev package depends on gpgmepp-cpp-dev and 
>> gpgmepp-qt-dev package etc. so your package can select gpgmepp-cpp-dev etc.

That would also work but IMHO is a over-abstraction.

> Qt4 is EOL and also stretch should not be released with it! But there was to 
> much depending on it, so we had to drop the plan to get rid of Qt4 . But this 
> won't happend for buster so please file a bug upstream to switch to Qt5 fast. 

Off-topic, but: won't work:

https://wiki.documentfoundation.org/Development/GSoC/Ideas#KDE5:_port_KDE4_plugin_to_KF5

Regards,

Rene

Bug#863448: unblock: wimlib/1.11.0-3

2017-05-26 Thread Hilko Bengen 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear release team,

please unblock version 1.11.0-3 of package wimlib. It fixes an RC bug,
#863397, which prevented mkwinpeimg from creating bootable WinPE images.

The debdiff between 1.11.0-1 and 1.11.0-3 is attached.

Cheers,
-Hilko
diff -Nru wimlib-1.11.0/debian/changelog wimlib-1.11.0/debian/changelog
--- wimlib-1.11.0/debian/changelog	2017-01-23 20:43:59.0 +0100
+++ wimlib-1.11.0/debian/changelog	2017-05-26 20:02:14.0 +0200
@@ -1,3 +1,16 @@
+wimlib (1.11.0-3) unstable; urgency=medium
+
+  * Remove x32 FTBFS patch (#814138), it is no longer needed.
+
+ -- Hilko Bengen   Fri, 26 May 2017 20:02:14 +0200
+
+wimlib (1.11.0-2) unstable; urgency=medium
+
+  * Add patch to fix syslinux module directory (Closes: #863397)
+  * Add ifdef fix to enable building on x32 (Closes: #814138)
+
+ -- Hilko Bengen   Fri, 26 May 2017 19:34:25 +0200
+
 wimlib (1.11.0-1) unstable; urgency=medium
 
   * New upstream version 1.11.0
diff -Nru wimlib-1.11.0/debian/patches/0002-Disable-FUSE-related-tests.patch wimlib-1.11.0/debian/patches/0002-Disable-FUSE-related-tests.patch
--- wimlib-1.11.0/debian/patches/0002-Disable-FUSE-related-tests.patch	2017-01-23 20:43:53.0 +0100
+++ wimlib-1.11.0/debian/patches/0002-Disable-FUSE-related-tests.patch	2017-05-26 19:33:27.0 +0200
@@ -7,10 +7,10 @@
  1 file changed, 8 deletions(-)
 
 diff --git a/Makefile.am b/Makefile.am
-index f630cf7..82af948 100644
+index 8d0b6cf..a09bd43 100644
 --- a/Makefile.am
 +++ b/Makefile.am
-@@ -325,14 +325,6 @@ dist_check_SCRIPTS = tests/test-imagex \
+@@ -326,14 +326,6 @@ dist_check_SCRIPTS = tests/test-imagex \
  		 tests/test-imagex-capture_and_apply \
  		 tests/test-imagex-update_and_extract
  
diff -Nru wimlib-1.11.0/debian/patches/0003-mkwinpeimg-Fix-syslinux-modules-directory.patch wimlib-1.11.0/debian/patches/0003-mkwinpeimg-Fix-syslinux-modules-directory.patch
--- wimlib-1.11.0/debian/patches/0003-mkwinpeimg-Fix-syslinux-modules-directory.patch	1970-01-01 01:00:00.0 +0100
+++ wimlib-1.11.0/debian/patches/0003-mkwinpeimg-Fix-syslinux-modules-directory.patch	2017-05-26 19:33:27.0 +0200
@@ -0,0 +1,21 @@
+From: Hilko Bengen 
+Date: Fri, 26 May 2017 19:21:01 +0200
+Subject: mkwinpeimg: Fix syslinux modules directory
+
+---
+ programs/mkwinpeimg.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/programs/mkwinpeimg.in b/programs/mkwinpeimg.in
+index 42b4779..4d7eee6 100755
+--- a/programs/mkwinpeimg.in
 b/programs/mkwinpeimg.in
+@@ -485,7 +485,7 @@ make_disk_img() {
+ 
+ 	syslinux --install "$image"
+ 
+-	syslinuxdir="/usr/lib/syslinux"
++	syslinuxdir="/usr/lib/syslinux/modules"
+ 
+ 	if [ -d "$syslinuxdir/bios" ]; then
+ 		biosdir="$syslinuxdir/bios"
diff -Nru wimlib-1.11.0/debian/patches/series wimlib-1.11.0/debian/patches/series
--- wimlib-1.11.0/debian/patches/series	2017-01-23 20:43:46.0 +0100
+++ wimlib-1.11.0/debian/patches/series	2017-05-26 20:01:02.0 +0200
@@ -1,2 +1,3 @@
 0001-Fix-mkntfs-path.patch
 0002-Disable-FUSE-related-tests.patch
+0003-mkwinpeimg-Fix-syslinux-modules-directory.patch

Bug#863149: [pkg-gnupg-maint] Bug#863149: libgpgmepp-dev: please split the qtgpgme(pp) stuff out

2017-05-26 Thread Sandro Knauß 
Hey,

well why this has changed is that upstream imcluded  qtgpgme(pp) into gpgmepp, 
so a  developer can expect to install the gpgmepp-dev package to have all 
language bindings to be installed (cpp, qt,...) . 

I would recommend, when the gpgmepp-dev package depends on gpgmepp-cpp-dev and 
gpgmepp-qt-dev package etc. so your package can select gpgmepp-cpp-dev etc.

see also the old mail thread:
https://lists.alioth.debian.org/pipermail/pkg-kde-talk/2016-October/
002410.html

> but starting from LibreOffice 5.4 we have libreoffice-core having a
> build-dependency on libgpgmepp-dev and LibreOffice (still, yes, I consider
> that a bug, but..) uses Qt4/KDE for -kde, not Qt5.

Qt4 is EOL and also stretch should not be released with it! But there was to 
much depending on it, so we had to drop the plan to get rid of Qt4 . But this 
won't happend for buster so please file a bug upstream to switch to Qt5 fast. 
So forcing you to switch to Qt5 via gpgmepp is a nice side effect :)

Best regards,

sandro




signature.asc
Description: This is a digitally signed message part.

Bug#863149: libgpgmepp-dev: please split the qtgpgme(pp) stuff out

2017-05-26 Thread Rene Engelhard 
tag 863149 + patch
thanks

Hi,

On Fri, May 26, 2017 at 04:45:05PM -0400, Daniel Kahn Gillmor wrote:
> On Mon 2017-05-22 20:32:48 +0200, Rene Engelhard wrote:
> > Can the qgpgme(pp) stuff split out to an own -dev (As was already done
> > with the library itself.) and only that one be made depedant on libqgpgme7?
> > ( This would probably require a transition and the above apps changing their
> > Build-Depends:, but..)
> 
> I think that makes sense, but don't have the time to work on it right
> now myself.  I'd be happy to review patches along these lines, though.

Attached. Based on experimental.

Pretty straightforward but I didn't test it yet (except that it builds,
packages and the files are where I would expect that). Should work, though.

Regards,

Rene
>From 16d127a52442af0c0be87c99c978e7b7a06a9c49 Mon Sep 17 00:00:00 2001
From: Rene Engelhard 
Date: Sat, 27 May 2017 00:53:35 +0200
Subject: [PATCH] split qgpgme into own -dev

---
 debian/changelog  |  7 +++
 debian/control| 29 +++--
 debian/libgpgmepp-dev.install |  6 +-
 debian/libgpgmepp-dev.links   |  1 -
 debian/libqgpgme-dev.install  |  5 +
 debian/libqgpgme-dev.links|  1 +
 6 files changed, 37 insertions(+), 12 deletions(-)
 create mode 100644 debian/libqgpgme-dev.install
 create mode 100644 debian/libqgpgme-dev.links

diff --git a/debian/changelog b/debian/changelog
index 3958fa81..b39a9b33 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+gpgme1.0 (1.9.0-2.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * split qgpgme into own -dev
+
+ -- Rene Engelhard   Sat, 27 May 2017 00:22:10 +0200
+
 gpgme1.0 (1.9.0-2) experimental; urgency=medium
 
   * Remove Jose Carlos Garcia Sogo from Uploaders (Closes: #862622)
diff --git a/debian/control b/debian/control
index 233d53ea..d733f470 100644
--- a/debian/control
+++ b/debian/control
@@ -153,17 +153,34 @@ Priority: extra
 Architecture: any
 Depends:
  libgpgmepp6 (= ${binary:Version}),
- libqgpgme7 (= ${binary:Version}),
- qtbase5-dev,
  ${misc:Depends},
  ${shlibs:Depends},
 Recommends:
  libgpgmepp-doc (= ${binary:Version}),
+Description: C++ wrapper library for GPGME (development files)
+ GpgME++ (aka GpgMEpp) is a C++ wrapper (or C++ bindings) for the
+ GnuPG project's GPGME (GnuPG Made Easy) library.
+ .
+ This package contains the headers and other files needed to compile
+ against it.
+
+Package: libqgpgme-dev
+Section: libdevel
+Priority: extra
+Architecture: any
+Depends:
+ libgpgmepp-dev (= ${binary:Version}),
+ libqgpgme7 (= ${binary:Version}),
+ qtbase5-dev,
 Breaks:
- kdepimlibs5-dev
+ kdepimlibs5-dev,
+ libgpgmepp-dev (<< 1.9.0-3)
 Replaces:
- kdepimlibs5-dev
-Description: C++ and Qt bindings for GPGME (development files)
+ kdepimlibs5-dev,
+ libgpgmepp-dev (<< 1.9.0-3)
+Recommends:
+ libgpgmepp-doc (= ${binary:Version}),
+Description: Qt bindings for GPGME (development files)
  GpgME++ (aka GpgMEpp) is a C++ wrapper (or C++ bindings) for the
  GnuPG project's GPGME (GnuPG Made Easy) library.
  .
@@ -171,7 +188,7 @@ Description: C++ and Qt bindings for GPGME (development files)
  and some Qt datatypes (e.g. QByteArray).
  .
  This package contains the headers and other files needed to compile
- against either of these libraries.
+ against this library.
 
 Package: libgpgmepp-doc
 Section: doc
diff --git a/debian/libgpgmepp-dev.install b/debian/libgpgmepp-dev.install
index df13d706..813e1868 100644
--- a/debian/libgpgmepp-dev.install
+++ b/debian/libgpgmepp-dev.install
@@ -1,8 +1,4 @@
-usr/include/QGpgME
 usr/include/gpgme++
-usr/include/qgpgme
-usr/lib/*/cmake
+usr/lib/*/cmake/Gpgmepp
 usr/lib/*/libgpgmepp.a
 usr/lib/*/libgpgmepp.so
-usr/lib/*/libqgpgme.a
-usr/lib/*/libqgpgme.so
diff --git a/debian/libgpgmepp-dev.links b/debian/libgpgmepp-dev.links
index e08e7fd0..1a9fed5c 100644
--- a/debian/libgpgmepp-dev.links
+++ b/debian/libgpgmepp-dev.links
@@ -1,2 +1 @@
 usr/share/doc/libgpgmepp6/README usr/share/doc/libgpgmepp-dev/README.gpgmepp
-usr/share/doc/libqgpgme/README usr/share/doc/libgpgmepp-dev/README.qgpgme
diff --git a/debian/libqgpgme-dev.install b/debian/libqgpgme-dev.install
new file mode 100644
index ..01e98ce0
--- /dev/null
+++ b/debian/libqgpgme-dev.install
@@ -0,0 +1,5 @@
+usr/include/QGpgME
+usr/include/qgpgme
+usr/lib/*/cmake/QGpgme
+usr/lib/*/libqgpgme.a
+usr/lib/*/libqgpgme.so
diff --git a/debian/libqgpgme-dev.links b/debian/libqgpgme-dev.links
new file mode 100644
index ..ca7343a9
--- /dev/null
+++ b/debian/libqgpgme-dev.links
@@ -0,0 +1 @@
+usr/share/doc/libqgpgme/README usr/share/doc/libgpgmepp-dev/README.qgpgme
-- 
2.11.0

Bug#862355: mate-settings-daemon: Can't change wallpaper when selecting one

2017-05-26 Thread Michael Milliman 

On 05/25/2017 04:25 PM, Iván Baldo wrote:
>   So according to upstream upgrading mate-desktop to 1.16.2 and caja to
> 1.16.3 fixes this.
>   Should a bug report be made for each one of them and close this one or
> the maintainers are aware of this anyway?
>   Thanks!
> 
Yeah, I read that this was the case.  Upstream says that the problem is
a Debian problem, and that the upgrade would fix it.  Unfortunately, the
upgrade has not made it to the Debian repositories.  IMHO, the bug for
Debian should remain open until the maintainers get it fixed in Debian,
either by patching the existing software, or more probably by upgrading
the software in the repositories appropriately.  AFAIK, Stretch has not
as of yet been frozen, so the maintainers have the flexibility to fix it
by incorporating the newer version of caja (I believe the mate-desktop
is already at 1.16.2 in the repository).

-- 
73's,
WB5VQX -- The Very Quick X-ray

Bug#863447: dh_install -X is ignored for --list/fail-missing

2017-05-26 Thread Michael Biebl 
Package: debhelper
Version: 10.4
Severity: normal

Hi,

I just tried debhelper 10.4 from experimental which implements
dh_install --list/fail-missing via the new dh_missing tool.

I don't use dh_missing directly yet, but rely on the backwards compat
support. My debian/rules contains

override_dh_install:
dh_install -X.la --list-missing

Apparently the -X.la is ignored though and dh_missing still complains
about the libtool .la files:


   debian/rules override_dh_install
make[1]: Verzeichnis „/home/michael/debian/build-area/network-manager-1.8.0“ 
wird betreten
dh_install -X.la --list-missing
dh_install: Please use dh_missing --list-missing/--fail-missing instead
dh_install: This feature will be removed in compat 11.
dh_missing: usr/lib/pppd/2.4.7/nm-pppd-plugin.la exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/lib/x86_64-linux-gnu/libnm-util.la exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/lib/x86_64-linux-gnu/libnm-glib.la exists in debian/tmp but is 
not installed to anywhere
dh_missing: usr/lib/x86_64-linux-gnu/libnm-glib-vpn.la exists in debian/tmp but 
is not installed to anywhere
dh_missing: usr/lib/x86_64-linux-gnu/libnm.la exists in debian/tmp but is not 
installed to anywhere
dh_missing: 
usr/lib/x86_64-linux-gnu/NetworkManager/libnm-device-plugin-bluetooth.la exists 
in debian/tmp but is not installed to anywhere
dh_missing: usr/lib/x86_64-linux-gnu/NetworkManager/libnm-device-plugin-team.la 
exists in debian/tmp but is not installed to anywhere
dh_missing: 
usr/lib/x86_64-linux-gnu/NetworkManager/libnm-settings-plugin-ibft.la exists in 
debian/tmp but is not installed to anywhere
dh_missing: 
usr/lib/x86_64-linux-gnu/NetworkManager/libnm-settings-plugin-ifupdown.la 
exists in debian/tmp but is not installed to anywhere
dh_missing: usr/lib/x86_64-linux-gnu/NetworkManager/libnm-device-plugin-wifi.la 
exists in debian/tmp but is not installed to anywhere
dh_missing: usr/lib/x86_64-linux-gnu/NetworkManager/libnm-wwan.la exists in 
debian/tmp but is not installed to anywhere
dh_missing: usr/lib/x86_64-linux-gnu/NetworkManager/libnm-device-plugin-wwan.la 
exists in debian/tmp but is not installed to anywhere
dh_missing: usr/lib/x86_64-linux-gnu/NetworkManager/libnm-device-plugin-adsl.la 
exists in debian/tmp but is not installed to anywhere
dh_missing: usr/lib/x86_64-linux-gnu/NetworkManager/libnm-ppp-plugin.la exists 
in debian/tmp but is not installed to anywhere
dh_missing: usr/share/doc/NetworkManager/examples/server.conf exists in 
debian/tmp but is not installed to anywhere
The following debhelper tools have reported what they installed (with 
files per package)
 * dh_install: gir1.2-networkmanager-1.0 (2), gir1.2-nm-1.0 (1), 
libnm-dev (7), libnm-glib-dev (36), libnm-glib-vpn-dev (6), libnm-glib-vpn1 
(2), libnm-glib4 (2), libnm-util-dev (36), libnm-util2 (2), libnm0 (2), 
network-manager (36), network-manager-config-connectivity-debian (1), 
network-manager-dev (7)
If the missing files are installed by another tool, please file a bug 
against it.
Be sure to test with dpkg-buildpackage -A/-B as the results may vary 
when only a subset is built
For a short-term work-around: Add the files to debian/not-installed


I also note, that usr/share/doc/NetworkManager/examples/server.conf is
actually installed via debian/network-manager.examples, which contains:
debian/tmp/usr/share/doc/NetworkManager/examples/server.conf

I assume dh_installexamples is simply not updated yet to support the new
dh_missing functionality?

Regards,
Michael

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages debhelper depends on:
ii  autotools-dev20161112.1
ii  binutils 2.28-5
ii  dh-autoreconf14
ii  dh-strip-nondeterminism  0.034-1
ii  dpkg 1.18.24
ii  dpkg-dev 1.18.24
ii  file 1:5.30-1
ii  libdpkg-perl 1.18.24
ii  man-db   2.7.6.1-2
ii  perl 5.24.1-2
ii  po-debconf   1.0.20

debhelper recommends no packages.

Versions of packages debhelper suggests:
ii  dh-make  2.201608

-- no debconf information

Bug#863446: lepton: Please make "Architecture: any"

2017-05-26 Thread Edmund Grimley Evans 
Source: lepton
Version: 1.2.1+20170405-1

I was able to build it on arm64 with just a few changes:

1. Change to "Architecture: any" in debian/control, obviously.

2. In debian/rules, use:
CPPFLAGS="-DUSE_SYSTEM_MD5_DEPENDENCY" dh_auto_configure --
--enable-system-dependencies --disable-vectorization

Note 2.1: The "USE_SYSTEM_MD5_DEPENDENCY" might fix bug #835108 for
you. I saw a similar problem where the local "md5.h" was used together
with the system library.

Note 2.2: You should make the "--disable-vectorization" conditional on
the Debian architecture, of course. Don't disable it on Intel
architectures.

3. Add the obvious pair of lines in srcio/Seccomp.cc:

#elif defined(__aarch64__)
#  define ARCH_NR AUDIT_ARCH_AARCH64

4. In src/lepton/jpgcoder.cc replace "#ifndef _ARCH_PPC" with
something like "#if defined(__i386__) || defined(__x86_64__)".

Probably the same or similar changes would make this package build on
most architectures, so please try it some time.

Bug#863445: possible to remote extract plain-text from encrypted sessions

2017-05-26 Thread W. Martin Borgert 
Package: gajim
Version: 0.16.6-1
Severity: grave
Tags: patch security upstream

grave, because introduces a security hole allowing unencrypted
access to supposedly encrypted messages

Gajim implements unconditionally XEP-0146, which allows other
clients to access certain user data. This can be abused by
malicious XMPP servers:
https://dev.gajim.org/gajim/gajim/issues/8378

It seems, that XMPP experts already plan to deprecate the
feature:
https://mail.jabber.org/pipermail/standards/2016-August/031335.html

Gajim upstream made the feature an opt-in, which is IMHO good
enough for now:
https://dev.gajim.org/gajim/gajim/commit/cb65cfc5aed9efe05208ebbb7fb2d41fcf7253cc

We just need to apply the change to the Debian package.

Bug#863386:

2017-05-26 Thread Dylan 
tags 863386 + patch
thanks

Hi,
Please find attached a small patch which adjust the section for the
libjs-* packages to javascript section from web section.


Best regards,
Dylan
From fe905052e351d83214953c9582998479535114f8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dylan=20A=C3=AFssi?= 
Date: Fri, 26 May 2017 13:12:04 +
Subject: [PATCH] libjs-* packages should be in javascript section instead web
 section

---
 checks/fields.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/checks/fields.pm b/checks/fields.pm
index f44905e..292eae1 100644
--- a/checks/fields.pm
+++ b/checks/fields.pm
@@ -113,7 +113,7 @@ my @NAME_SECTION_MAPPINGS = (
 [qr/^lib.*-(?:ocaml|camlp4)-dev$/ => 'ocaml'],
 [qr/^lib.*-dev$/  => 'libdevel'],
 [qr/^gir\d+\.\d+-.*-\d+\.\d+$/=> 'introspection'],
-[qr/^libjs-/  => 'web'],
+[qr/^libjs-/  => 'javascript'],
 );
 
 my %VCS_EXTRACT = (
-- 
2.1.4

Bug#673071: #673071 RFP: vodstok -- Voluntary Distributed Storage Kit

2017-05-26 Thread Dmitry Smirnov 
Project appears to be dormant with no activity since 2013/2014:

https://github.com/virtualabs/Vodstok

IMHO it is not worthy of packaging effort. Tagging "wontfix"...


signature.asc
Description: This is a digitally signed message part.

Bug#860304: flash-kernel: Incorrect installation path for dtbs

2017-05-26 Thread Vagrant Cascadian 
On 2017-05-26, Heinrich Schuchardt wrote:
> On 05/26/2017 08:58 PM, Vagrant Cascadian wrote:
>> On 2017-05-26, Cyril Brulebois  wrote:
> I recently created file /etc/flash-kernel/ubootenv.d/fdtfile with
>
> setenv fdtfile meson-gxbb-odroidc2.dtb

Oh, I didn't even know/remember that feature, that's really useful!


>> I think the best thing to do would be to install in both
>> /boot/dtbs/VERSION/FDTFILE and /boot/boot/dtbs/VERSION/SUBDIR/*.dtb, or
>> create symlinks (if supported by the filesystem) if the file is found in
>> a subdir... hopefully that won't require mangling the code too much;
>> I'll take a look at it... or feel free to beat me to it! :)
>> 
>
> /boot/boot/dtbs/VERSION/SUBDIR/*.dtb is what my patch does if a subdir
> is provided in /usr/share/flash-kernel/db/all.db.

It looks like your patches only copies it to the SUBDIR, but I think it
would be safer to copy it twice in both /boot/dtbs/VERSION/FDTFILE as
well as /boot/dtbs/VERSION/SUBDIR/FDTFILE, as different versions of
u-boot may support inside or outside the SUBDIR.

That said, bootscr.uboot-generic *should* fall back to the
/boot/dtb-VERSION or /boot/dtb symlinks, after it fails to find the file
based on $fdtfile, which *should* work around the problem entirely, even
if a bit ugly.


> If we want a more radical redesign:
>
> Why do we rely on environment variable fdtfile at all?
>
> The current device tree supplies file /proc/device-tree/model.
> We read all.db to find the name of the dtb with this model name and than
> install just this dtb from the Kernel installation.
> So there is not much of a choice for U-Boot to pass different values of
> fdtfile which will be of use when booting.
>
> Couldn't we simply write the dtb file name from all.db to /boot/boot.scr?

Overall, I like this idea, but not all boot scripts work the same
way... they may not even load a .dtb at all.

Also, using what's requested from the bootloader would help if you've
transferred the image to a compatible system that loads a different .dtb
(e.g. wandboard-revc vs. wandboard-revb).


> Should the dtb file name or the model string change between two Kernel
> releases we are anyway in deep trouble when upgrading (unfortunately
> this may happen, cf.
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d59561479e6f91d5905db37f668e1cbfdac2).

Which is why I'd like to implement a feature to copy all .dtb files for
boards with a sufficiently large /boot ... but it's a bit late in the
freeze to implement such a thing...


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#863444: unblock: apt-dater/1.0.3-4

2017-05-26 Thread Patrick Matthäi 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package apt-dater

This update adds one upstream patch to fix the broken Tcl filters in the UI.
They are failing because of incorrect return values.

diff -Naur '--exclude=.svn' 1.0.3-3/debian/changelog 1.0.3-4/debian/changelog
--- 1.0.3-3/debian/changelog2016-11-22 11:33:34.715749952 +0100
+++ 1.0.3-4/debian/changelog2017-05-26 16:00:16.415094385 +0200
@@ -1,3 +1,9 @@
+apt-dater (1.0.3-4) unstable; urgency=medium
+
+  * Add upstream patch 03-broken-tcl-filters to fix broken Tcl filters.
+
+ -- Patrick Matthäi   Fri, 26 May 2017 15:54:42 +0200
+
 apt-dater (1.0.3-3) unstable; urgency=medium

   * Replace patch 01-grep-syntax-error with 02-fix-default-err-pattern from
diff -Naur '--exclude=.svn' 1.0.3-3/debian/patches/03-broken-tcl-filters.diff 
1.0.3-4/debian/patches/03-broken-tcl-filters.diff
--- 1.0.3-3/debian/patches/03-broken-tcl-filters.diff   1970-01-01 
01:00:00.0 +0100
+++ 1.0.3-4/debian/patches/03-broken-tcl-filters.diff   2017-05-26 
16:00:16.411094403 +0200
@@ -0,0 +1,21 @@
+# Upstream fix for Tcl filters never matching due to broken return code
+# handling.
+# URL: 
https://github.com/DE-IBH/apt-dater/commit/c6c41e8fe32b6c80ed6629f0b88e3a429a85a779
+
+diff --git a/src/ui.c b/src/ui.c
+index edf92e2..037340c 100644
+--- a/src/ui.c
 b/src/ui.c
+@@ -2813,10 +2813,10 @@ void applyFilter(GList *hosts) {
+   case TCL_OK:
+   case TCL_RETURN:
+   filtered = atoi(Tcl_GetStringResult(tcl_interp)) > 0;
+-  ;;
++  break;
+   default:
+   filtered = FALSE;
+-  ;;
++  break;
+ }
+
+ if(filtered != n->filtered) {
diff -Naur '--exclude=.svn' 1.0.3-3/debian/patches/series 
1.0.3-4/debian/patches/series
--- 1.0.3-3/debian/patches/series   2016-11-22 11:33:34.715749952 +0100
+++ 1.0.3-4/debian/patches/series   2017-05-26 16:00:16.411094403 +0200
@@ -1 +1,2 @@
 02-fix-default-err-pattern.diff
+03-broken-tcl-filters.diff

unblock apt-dater/1.0.3-4

-- System Information:
Debian Release: 8.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#863443: unblock: needrestart/2.11-3

2017-05-26 Thread Patrick Matthäi 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package needrestart

It fixes a RC bug by blacklisting for oneshot services, while it is closing
one important and one serious bug.
It also adds a patch (already in jessie-bpo) to fix a Perl warning, which only
affects Perl 5.20.x, it makes backports easier.

diff -Naur '--exclude=.svn' 2.11-2/debian/changelog 2.11-3/debian/changelog
--- 2.11-2/debian/changelog 2017-01-24 10:56:05.028489330 +0100
+++ 2.11-3/debian/changelog 2017-05-26 15:59:51.615213743 +0200
@@ -1,3 +1,23 @@
+needrestart (2.11-3) unstable; urgency=high
+
+  * Add patch 03-perl-warning to fix a warning from Perl triggered in version
+5.20.
+  * Merge 2.11-2~bpo8+1 changelog.
+  * Add patch 04-ignore-systemd-services to ignore apt-daily.service,
+apt-daily-upgrade.service, unattended-upgrades.service and
+rc-local.service.
+Closes: #862840, #852864
+
+ -- Patrick Matthäi   Fri, 26 May 2017 15:45:04 +0200
+
+needrestart (2.11-2~bpo8+1) jessie-backports; urgency=medium
+
+  * Rebuild for jessie-backports.
+  * Add patch 03-perl-warning to fix a warning from Perl triggered in version
+5.20.
+
+ -- Patrick Matthäi   Mon, 06 Feb 2017 10:42:32 +0100
+
 needrestart (2.11-2) unstable; urgency=high

   * Add patch 02-install-restart-d to fix installation of restart.d/ script
diff -Naur '--exclude=.svn' 2.11-2/debian/patches/03-perl-warning.diff 
2.11-3/debian/patches/03-perl-warning.diff
--- 2.11-2/debian/patches/03-perl-warning.diff  1970-01-01 01:00:00.0 
+0100
+++ 2.11-3/debian/patches/03-perl-warning.diff  2017-05-26 15:59:51.615213743 
+0200
@@ -0,0 +1,14 @@
+# Fix warning in Perl 5.20.x. Not triggered in 5.24.x.
+
+diff -Naur needrestart-2.11.orig/ex/needrestart.conf 
needrestart-2.11/ex/needrestart.conf
+--- needrestart-2.11.orig/ex/needrestart.conf  2017-01-17 16:00:20.0 
+0100
 needrestart-2.11/ex/needrestart.conf   2017-02-06 10:40:29.008100902 
+0100
+@@ -150,7 +150,7 @@
+ qr(^/\[aio\]),
+
+ # Oil Runtime Compiler's JIT files
+-qr(/orcexec\.[\w\d]+( \(deleted\))?$),
++qr#/orcexec\.[\w\d]+( \(deleted\))?$#,
+ ];
+
+ # Verify mapped files in fileystem:
diff -Naur '--exclude=.svn' 
2.11-2/debian/patches/04-ignore-systemd-services.diff 
2.11-3/debian/patches/04-ignore-systemd-services.diff
--- 2.11-2/debian/patches/04-ignore-systemd-services.diff   1970-01-01 
01:00:00.0 +0100
+++ 2.11-3/debian/patches/04-ignore-systemd-services.diff   2017-05-26 
15:59:51.607213783 +0200
@@ -0,0 +1,24 @@
+# Ignore / Blacklist apt-daily.service, apt-daily-upgrade.service,
+# unattended-upgrades.service and rc-local.service.
+# Closes: #852864
+# Closes: #862840
+
+diff -Naur needrestart-2.11.orig/ex/needrestart.conf 
needrestart-2.11/ex/needrestart.conf
+--- needrestart-2.11.orig/ex/needrestart.conf  2017-05-26 15:46:38.987005457 
+0200
 needrestart-2.11/ex/needrestart.conf   2017-05-26 15:49:06.062305440 
+0200
+@@ -121,6 +121,15 @@
+ qr(^emergency\.service$) => 0,
+ qr(^rescue\.service$) => 0,
+
++  # Do not restart oneshot service apt-daily, unattended-upgrades.service
++  # and apt-daily-upgrade.service,see #862840
++  qr(^apt-daily\.service$) => 0,
++  qr(^apt-daily-upgrade\.service$) => 0,
++  qr(^unattended-upgrades\.service$) => 0,
++
++  # Ignore rc-local.service, see #852864
++  qr(^rc-local\.service$) => 0,
++
+ # don't restart systemd-logind, see #798097
+ qr(^systemd-logind) => 0,
+ };
diff -Naur '--exclude=.svn' 2.11-2/debian/patches/series 
2.11-3/debian/patches/series
--- 2.11-2/debian/patches/series2017-01-24 10:56:05.020489378 +0100
+++ 2.11-3/debian/patches/series2017-05-26 15:59:51.607213783 +0200
@@ -1,2 +1,4 @@
 01-use-invoke-rc-d.diff
 02-install-restart-d.diff
+03-perl-warning.diff
+04-ignore-systemd-services.diff

unblock needrestart/2.11-3

-- System Information:
Debian Release: 8.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#863414: coyim FTBFS: xmpp: failed to verify TLS certificate: x509: certificate signed by unknown authority

2017-05-26 Thread Chris Lamb 
Chris Lamb wrote:

>  http://sources.debian.net/src/coyim/0.3.7-2/xmpp/dns_test.go/#L46

Sorry, that should have been:

  http://sources.debian.net/src/coyim/0.3.7-2/xmpp/connection_go16_test.go/#L124


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#863414: coyim FTBFS: xmpp: failed to verify TLS certificate: x509: certificate signed by unknown authority

2017-05-26 Thread Chris Lamb 
Hi,

> coyim FTBFS: xmpp: failed to verify TLS certificate: x509:
> certificate signed by unknown authority

See:

 http://sources.debian.net/src/coyim/0.3.7-2/xmpp/dns_test.go/#L46


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#863442: pan window to large

2017-05-26 Thread Ralf 
Package: pan
Version: 0.141-2
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
When I launch pan, the windows size is to large, it's impossible to reduce the
size

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
The origin seems to be a post in a debian newgroup, the linux.debian.ports.hurd
contains a post titled "Still Failing: g-i-
installation_debian_sid_daily_hurd_lxde/353". It contain a line with following
urls : "ee https://jenkins.debian.net/job/g-i-
installation_debian_sid_daily_hurd_lxde/353/ and
https://jenkins.debian.net/job/g-i-
installation_debian_sid_daily_hurd_lxde/353//console and
https://jenkins.debian.net/job/g-i-
installation_debian_sid_daily_hurd_lxde/353//artifact/results/ if there are
any."

The lengths of this post always expands the windows size, which then is
impossible to reduce

   * What was the outcome of this action?

the application window expands to much
   * What outcome did you expect instead?
I expected the windows size to fit at least within the desktop size

Cheers, Ralf



-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pan depends on:
ii  gnome-keyring3.20.0-3
ii  gnupg2.1.18-8
ii  libatk1.0-0  2.22.0-1
ii  libc62.24-10
ii  libcairo-gobject21.14.8-1
ii  libcairo21.14.8-1
ii  libgcc1  1:6.3.0-18
ii  libgdk-pixbuf2.0-0   2.36.5-2
ii  libglib2.0-0 2.50.3-2
ii  libgmime-2.6-0   2.6.22+dfsg2-1
ii  libgnome-keyring03.12.0-1+b2
ii  libgnutls30  3.5.8-5
ii  libgtk-3-0   3.22.12-1
ii  libnotify4   0.7.7-2
ii  libpango-1.0-0   1.40.5-1
ii  libpangocairo-1.0-0  1.40.5-1
ii  libstdc++6   6.3.0-18
ii  zlib1g   1:1.2.8.dfsg-5

pan recommends no packages.

pan suggests no packages.

-- no debconf information

Bug#863441: symfony: fix testsuite failures with PHP7.1

2017-05-26 Thread Nishanth Aravamudan 
Package: symfony
Version: 2.8.7+dfsg-1.2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu artful ubuntu-patch

Dear Maintainer,

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/fix-php-7.1-vardumper-failures: Fix VarDumper and
VarDumper tests on PHP7.1.  Thanks to Nicolas Grekas
.
  * debian/patches/fix-php-7.1-classloader-failures: Fix ClassLoader
tests with PHP7.1.  Thanks to Nicolas Grekas
..
  * debian/patches/fix-php-7.1-filesystem-failures: Fix Filesystem test
with PHP7.1.


Thanks for considering the patch.

*** /tmp/tmpnCEGox/symfony_2.8.7+dfsg-1.2ubuntu2.debdiff
diff -Nru symfony-2.8.7+dfsg/debian/patches/fix-php-7.1-classloader-failures 
symfony-2.8.7+dfsg/debian/patches/fix-php-7.1-classloader-failures
--- symfony-2.8.7+dfsg/debian/patches/fix-php-7.1-classloader-failures  
1969-12-31 16:00:00.0 -0800
+++ symfony-2.8.7+dfsg/debian/patches/fix-php-7.1-classloader-failures  
2017-05-26 11:55:05.0 -0700
@@ -0,0 +1,52 @@
+Description: Fix ClassLoader tests with PHP7.1
+Author: Nicolas Grekas .
+Origin: upstream, 
https://github.com/symfony/symfony/commit/0f95708a1dea343784f5b7b8533faf4240e0f7da
+Reviewed-by: Nishanth Aravamudan 
+Last-Update: 2017-05-26
+
+--- 
symfony-2.8.7+dfsg.orig/src/Symfony/Component/ClassLoader/Tests/ClassCollectionLoaderTest.php
 
symfony-2.8.7+dfsg/src/Symfony/Component/ClassLoader/Tests/ClassCollectionLoaderTest.php
+@@ -31,14 +31,14 @@ class ClassCollectionLoaderTest extends
+ $m = $r->getMethod('getOrderedClasses');
+ $m->setAccessible(true);
+ 
+-$ordered = 
$m->invoke('Symfony\Component\ClassLoader\ClassCollectionLoader', 
array('CTFoo'));
++$ordered = $m->invoke(null, array('CTFoo'));
+ 
+ $this->assertEquals(
+ array('TD', 'TC', 'TB', 'TA', 'TZ', 'CTFoo'),
+ array_map(function ($class) { return $class->getName(); }, 
$ordered)
+ );
+ 
+-$ordered = 
$m->invoke('Symfony\Component\ClassLoader\ClassCollectionLoader', 
array('CTBar'));
++$ordered = $m->invoke(null, array('CTBar'));
+ 
+ $this->assertEquals(
+ array('TD', 'TZ', 'TC', 'TB', 'TA', 'CTBar'),
+@@ -62,7 +62,7 @@ class ClassCollectionLoaderTest extends
+ $m = $r->getMethod('getOrderedClasses');
+ $m->setAccessible(true);
+ 
+-$ordered = 
$m->invoke('Symfony\Component\ClassLoader\ClassCollectionLoader', $classes);
++$ordered = $m->invoke(null, $classes);
+ 
+ $this->assertEquals($expected, array_map(function ($class) { return 
$class->getName(); }, $ordered));
+ }
+@@ -120,7 +120,7 @@ class ClassCollectionLoaderTest extends
+ $m = $r->getMethod('getOrderedClasses');
+ $m->setAccessible(true);
+ 
+-$ordered = 
$m->invoke('Symfony\Component\ClassLoader\ClassCollectionLoader', $classes);
++$ordered = $m->invoke(null, $classes);
+ 
+ $this->assertEquals($expected, array_map(function ($class) { return 
$class->getName(); }, $ordered));
+ }
+@@ -162,7 +162,7 @@ class ClassCollectionLoaderTest extends
+ $m = $r->getMethod('getOrderedClasses');
+ $m->setAccessible(true);
+ 
+-$ordered = 
$m->invoke('Symfony\Component\ClassLoader\ClassCollectionLoader', $classes);
++$ordered = $m->invoke(null, $classes);
+ 
+ $this->assertEquals($expected, array_map(function ($class) { return 
$class->getName(); }, $ordered));
+ }
diff -Nru symfony-2.8.7+dfsg/debian/patches/fix-php-7.1-filesystem-failures 
symfony-2.8.7+dfsg/debian/patches/fix-php-7.1-filesystem-failures
--- symfony-2.8.7+dfsg/debian/patches/fix-php-7.1-filesystem-failures   
1969-12-31 16:00:00.0 -0800
+++ symfony-2.8.7+dfsg/debian/patches/fix-php-7.1-filesystem-failures   
2017-05-26 14:30:59.0 -0700
@@ -0,0 +1,21 @@
+Description: Fix Filesystem test with PHP7.1
+ PHP7.1 has changed tempnam() to print a notice when falling back to the
+ system temporary directory. This leads to a testcase failure. For
+ reference, PHP bug/feature change is
+ https://bugs.php.net/bug.php?id=69489.
+Author: Nishanth Aravamudan 
+Origin: vendor
+Forwarded: yes, https://github.com/symfony/symfony/pull/22923
+Last-Update: 2017-05-26
+
+--- a/src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
 b/src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
+@@ -1091,7 +1091,7 @@
+ $scheme = 'file://';
+ $dirname = 
$scheme.$this->workspace.DIRECTORY_SEPARATOR.'does_not_exist';
+ 
+-$filename = $this->filesystem->tempnam($dirname, 'bar');
++$filename = @$this->filesystem->tempnam($dirname, 'bar');
+ $realTempDir = realpath(sys_get_temp_dir());
+ $this->assertStringStartsWith(rtrim($scheme.$realTempDir, 
DIRECTORY_SEPARATOR),

Bug#841407: eviacam:FTBFS: error with opencv 3.1

2017-05-26 Thread Nobuhiro Iwamatsu 
Hi,

Sorry for delay about this.
I just upload to unstable.

Best regards,
  Nobuhiro

2017-04-25 5:33 GMT+09:00 Nobuhiro Iwamatsu :
> Hi,
>
> Thanks for your work.
> I will check this.
>
> Best regards,
>   Nobuhiro
>
> 2017-04-25 3:44 GMT+09:00 Cesar Mauri :
>> Hi,
>>
>> I've uploaded the package to mentors.
>>
>> https://mentors.debian.net/package/eviacam
>>
>> Hope it helps.
>>
>> Regards,
>>
>> Cesar Mauri
>>
>>
>> El 24/04/17 a las 19:30, Mattia Rizzolo escribió:
>>
>>> On Sun, Oct 23, 2016 at 06:31:10AM +0900, Nobuhiro Iwamatsu wrote:

 Control: forwarded -1 https://github.com/cmauri/eviacam/issues/2

 Hi,

 This issue was fixed in devel branch.
>>>
>>> I'm working on doing the OpenCV transition to 3.1.0 in Ubuntu, and this
>>> package is a blocker for it.
>>>
>>> Upstream did a new release for this, I'd appreciate if you could package
>>> it and upload it to experimental soon.
>>>
>>> Thank you.
>>>
>>
>
>
>
> --
> Nobuhiro Iwamatsu
>iwamatsu at {nigauri.org / debian.org}
>GPG ID: 40AD1FA6



-- 
Nobuhiro Iwamatsu
   iwamatsu at {nigauri.org / debian.org}
   GPG ID: 40AD1FA6

Bug#813658: Please enable virgl support

2017-05-26 Thread Erik Adler 
>> Hi.
>>
>> I'm on current Debian testing, and have:
>>
>> qemu-*: 1:2.8+dfsg-1
>>
>> libvirt0: 2.5.0-3
>> libvirglrenderer0: 0.5.0-1
>> virt-manager: 1:1.4.0-5
>>
>> libspice-server1: 0.13.3-1 (installed from:
>> https://github.com/adlererik/spice-virgl/releases ).
>
> Please don't fill bug reports about software not
> shipped by Debian.
>
> Note that in order to enable opengl support in spice
> in qemu, you have to build qemu with a spice wich has
> opengl support.
>
> Thanks,
>
> /mjt

I also have full QEMU builds with SPICE 0.13.3-1 for OpenGL/VirGL. Been
using then for a few months and they work very nicely. Testing full
Gnome and Unity desktop environments with acceleration with close to no
issues.

https://github.com/adlererik/qemu-virgl/releases


Erik Adler

GPG/PGP key ID: 0x2B4B58FE
gpg --keyserver pgp.mit.edu --recv-keys 0x2B4B58FE

Bug#863440: Please introduce "nice" variation in reproducible builds

2017-05-26 Thread Vagrant Cascadian 
On 2017-05-26, Chris Lamb wrote:
> Please introduce a "nice" variation in reproducible builds (from IRC):
>
>  vagrantc was just thinking that the nice level should be higher
>  for the first build, under the same  premise that we allow the
>  2nd build more hours to complete and then i realized that was
>  also a potential build variation :)
>
>  […]
>
>  the second build should have a lower nice than the first so as
>  to get prioritized better

Thanks for the *quick* response in git, holger! :)

I would recommend having the first build be a higher nice level than the
second build:

diff --git a/bin/reproducible_build.sh b/bin/reproducible_build.sh
index 9018ceb6..8b40acd4 100755
--- a/bin/reproducible_build.sh
+++ b/bin/reproducible_build.sh
@@ -633,7 +633,7 @@ EOF
echo "BUILDDIR=/build" >> "$TMPCFG"
fi
# remember to change the sudoers setting if you change the following 
command
-   ( sudo timeout -k 18.1h 18h /usr/bin/ionice -c 3 /usr/bin/nice \
+   ( sudo timeout -k 18.1h 18h /usr/bin/ionice -c 3 /usr/bin/nice -n 12\
  /usr/sbin/pbuilder --build \
--configfile $TMPCFG \
--debbuildopts "-b --buildinfo-id=${ARCH}" \
@@ -701,7 +701,7 @@ EOF
# remember to change the sudoers setting if you change the following 
command
# (the 2nd build gets a longer timeout trying to make sure the first 
build
# aint wasted when then 2nd happens on a highly loaded node)
-   sudo timeout -k 24.1h 24h /usr/bin/ionice -c 3 /usr/bin/nice -n 12 \
+   sudo timeout -k 24.1h 24h /usr/bin/ionice -c 3 /usr/bin/nice \
/usr/bin/unshare --uts -- \
/usr/sbin/pbuilder --build \
--configfile $TMPCFG \
diff --git a/bin/reproducible_common.sh b/bin/reproducible_common.sh
index 9c93d3cf..3b585db7 100755
--- a/bin/reproducible_common.sh
+++ b/bin/reproducible_common.sh
@@ -404,7 +404,7 @@ write_variation_table() {
write_page "env 
BUILDUSERNAMEBUILDUSERNAME=\"pbuilder1\"BUILDUSERNAME=\"pbuilder2\""
write_page "env 
USERUSER=\"pbuilder1\"USER=\"pbuilder2\""
write_page "env 
HOMEHOME=\"/nonexistent/first-build\"HOME=\"/nonexistent/second-build\""
-   write_page "niceness1012"
+   write_page "niceness1210"
write_page 
"uiduid=uid="
write_page 
"gidgid=gid="
write_page 
"/bin/sh/bin/dash/bin/bash"


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#863149: libgpgmepp-dev: please split the qtgpgme(pp) stuff out

2017-05-26 Thread Daniel Kahn Gillmor 
Hi Rene--

On Mon 2017-05-22 20:32:48 +0200, Rene Engelhard wrote:
> Can the qgpgme(pp) stuff split out to an own -dev (As was already done
> with the library itself.) and only that one be made depedant on libqgpgme7?
> ( This would probably require a transition and the above apps changing their
> Build-Depends:, but..)

I think that makes sense, but don't have the time to work on it right
now myself.  I'd be happy to review patches along these lines, though.

Thanks for making the suggestion,

--dkg

Bug#860304: flash-kernel: Incorrect installation path for dtbs

2017-05-26 Thread Heinrich Schuchardt 
On 05/26/2017 08:58 PM, Vagrant Cascadian wrote:
> On 2017-05-26, Cyril Brulebois  wrote:
>> And thanks for being persistent.
> 
> Indeed, I've been working around this issue locally rather than doing
> the right things by filing bugs and writing patches... :)

I recently created file /etc/flash-kernel/ubootenv.d/fdtfile with

setenv fdtfile meson-gxbb-odroidc2.dtb

on my Odroid C2 as workaround. But that is not a good permanent solution.

> I think the best thing to do would be to install in both
> /boot/dtbs/VERSION/FDTFILE and /boot/boot/dtbs/VERSION/SUBDIR/*.dtb, or
> create symlinks (if supported by the filesystem) if the file is found in
> a subdir... hopefully that won't require mangling the code too much;
> I'll take a look at it... or feel free to beat me to it! :)
> 

/boot/boot/dtbs/VERSION/SUBDIR/*.dtb is what my patch does if a subdir
is provided in /usr/share/flash-kernel/db/all.db.

---

If we want a more radical redesign:

Why do we rely on environment variable fdtfile at all?

The current device tree supplies file /proc/device-tree/model.
We read all.db to find the name of the dtb with this model name and than
install just this dtb from the Kernel installation.
So there is not much of a choice for U-Boot to pass different values of
fdtfile which will be of use when booting.

Couldn't we simply write the dtb file name from all.db to /boot/boot.scr?

Should the dtb file name or the model string change between two Kernel
releases we are anyway in deep trouble when upgrading (unfortunately
this may happen, cf.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d59561479e6f91d5905db37f668e1cbfdac2).

Best regards

Heinrich Schuchardt

Bug#863439: wimlib: FTBFS on hurd-i386: PATH_MAX undeclared

2017-05-26 Thread Aaron M. Ucko 
Source: wimlib
Version: 1.11.0-1
Severity: important
Justification: fails to build from source

Thanks for fixing the x32 build.  Alas, I now see that builds of
wimlib for hurd-i386 (admittedly not a release architecture either)
have been failing:

  src/unix_capture.c:700:26: error: 'PATH_MAX' undeclared (first use in this 
function)
path_bufsz = min(32790, PATH_MAX + 1);

This code already uses dynamic allocation, so falling back on pathconf
should be straightforward:

#ifndef PATH_MAX
long PATH_MAX = pathconf(root_disk_path, _PC_PATH_MAX);
if (PATH_MAX < 0)
PATH_MAX = 32789;
#endif

Alternatively, unix_build_dentry_tree could dispense with any
calculations and set path_bufsz to 32790, either unconditionally or in
the absence of PATH_MAX.

Could you please take a look?

Thanks!

-- 
Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org)
http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu

Bug#863440: Please introduce "nice" variation in reproducible builds

2017-05-26 Thread Chris Lamb 
Package: jenkins.debian.org
Severity: wishlist
X-Debbugs-CC: vagr...@debian.org

Hi,

Please introduce a "nice" variation in reproducible builds (from IRC):

 vagrantc was just thinking that the nice level should be higher
 for the first build, under the same  premise that we allow the
 2nd build more hours to complete and then i realized that was
 also a potential build variation :)

 […]

 the second build should have a lower nice than the first so as
 to get prioritized better


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#863437: grep(1): The string "\*(Dt" is not defined

2017-05-26 Thread Bjarni Ingi Gislason 
Package: grep
Version: 2.27-2
Severity: minor

  "[gn]roff" (inside "man") reported:

:23: warning: macro `Dt' not defined

  The 23th line is:

.TH GREP 1 \*(Dt "GNU grep 2.27" "User Commands"

  The parent-line in the source file "grep.1.in" is:

.TH GREP 1 @UPDATED@ "GNU grep @VERSION@" "User Commands"

  So the string "@UPDATED@" does not get the valid value.


-- System Information:
Debian Release: 9.0
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable')
Architecture: amd64
 (x86_64)

Kernel: Linux 3.16.39-1u2 (SMP w/2 CPU cores)
Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages grep depends on:
ii  dpkg  1.18.24
ii  install-info  6.3.0.dfsg.1-1+b2
ii  libc6 2.24-10
ii  libpcre3  2:8.39-3

grep recommends no packages.

Versions of packages grep suggests:
ii  libpcre3  2:8.39-3

-- no debconf information

-- 
Bjarni I. Gislason

Bug#860297: Patch

2017-05-26 Thread bernd 
Please understand, the problem is not, to run multiple Tor Browsers as  
the same user.
The problem is to run multiple Tor Browsers, each from a different  
user at the same time on the same machine.


After investigation I found, that this is because of a fixed SOCKSPORT  
and and fixed CONTROLPORT.

But each user needs his own SOCKSPORT and CONTROLPORT.

To fix this, the upstream script which is installed at  
~/.local/share/torbrowser/tbb/x86_64/tor-browser_de/Browser/start-tor-browser  
has to be changed for each user. The patch is attached.


The patch first searches for free ports and then modifies the config  
files to use the free ports.


I have build a wrapper script for torbrowser-launcher to apply the  
patch, if it isn't already applied.

But I hope it will be fixed by upstream.



--- start-tor-browser.org	2017-05-26 19:55:30.120192846 +
+++ start-tor-browser	2017-05-26 19:58:31.671710018 +
@@ -164,6 +164,31 @@
 detach=0
 fi
 
+# Use free ports as SOCKSPORT and CONTROLPORT
+GREPUSEDPORTS=$(netstat -na |
+  sed -n "s/^tcp\s\+\S\+\s\+\S\+\s\+127.0.0.1:\(\S\+\)\s.*$/-e \"<\1>\"/p" |
+  awk '{printf("%s ",$0)}' )
+FREEPORTS="$(seq 9150 9190 | eval "grep -v $GREPUSEDPORTS" | head -2)"
+if [ $(echo "$FREEPORTS" | wc -l) -ne 2 ]; then
+   complain "No Free ports for found in range from 9150 to 9190 for SocksPort and ControlPort" 
+   exit 1
+fi
+SOCKSPORT="$(echo "$FREEPORTS" | head -1)"
+CONTROLPORT="$(echo "$FREEPORTS" | tail -1)"
+echo "Using SOCKSPORT=<$SOCKSPORT> and CONTROLPORT=<$CONTROLPORT> pwd=<$(/bin/pwd)>." >&2
+PREFS="$(cat Browser/TorBrowser/Data/Browser/profile.default/prefs.js |
+  grep -v -e "extensions.torlauncher.control_port" -e "extensions.torbutton.custom.socks_port" \
+  -e "extensions.torbutton.custom.socks_host" -e "network.proxy.socks_port")"
+cat < Browser/TorBrowser/Data/Browser/profile.default/prefs.js
+$PREFS
+user_pref("extensions.torlauncher.control_port",$CONTROLPORT);
+user_pref("extensions.torbutton.custom.socks_port",$SOCKSPORT);
+user_pref("extensions.torbutton.custom.socks_host","127.0.0.1");
+user_pref("network.proxy.socks_port",$SOCKSPORT);
+END
+sed -i "s/^SocksPort\s\+\S\+/SocksPort $SOCKSPORT/" Browser/TorBrowser/Data/Tor/torrc-defaults
+sed -i "s/^ControlPort\s\+\S\+/ControlPort $CONTROLPORT/" Browser/TorBrowser/Data/Tor/torrc-defaults
+
 if [ "$show_output" -eq 0 ]; then
 # If the user hasn't requested 'debug mode' or --help, close stdout and stderr,
 # to keep Firefox and the stuff loaded by/for it (including the


binaBhP2iA4Dx.bin
Description: Öffentlicher PGP-Schlüssel

Bug#860297: Patch

2017-05-26 Thread bernd 
Please understand, the problem is not, to run multiple Tor Browsers as  
the same user.
The problem is to run multiple Tor Browsers, each from a different  
user at the same time on the same machine.


After investigation I found, that this is because of a fixed SOCKSPORT  
and and fixed CONTROLPORT.

But each user needs his own SOCKSPORT and CONTROLPORT.

To fix this, the upstream script which is installed at  
~/.local/share/torbrowser/tbb/x86_64/tor-browser_de/Browser/start-tor-browser  
has to be changed for each user. The patch is attached.


The patch first searches for free ports and then modifies the config  
files to use the free ports.


I have build a wrapper script for torbrowser-launcher to apply the  
patch, if it isn't already applied.

But I hope it will be fixed by upstream.





binTV19DbG2gB.bin
Description: Öffentlicher PGP-Schlüssel

Bug#863436: grub-efi-amd64: Since installing Debian-9-RC3, Grub User Menuentries don't display on Boot Menu

2017-05-26 Thread Harrison 
Package: grub-efi-amd64
Version: 2.02~beta3-5
Severity: normal

After upgrading from Debian-9-RC1 to Debian-9-RC3, my existing "40_custom"
Menuentries were not displayed on the Boot Menu and I could not add them.
However, I see my additions in /boot/grub/grub.cfg?  I do not know what
"update-grub" does but there are only a couple of directories and "grubx64.efi"
in the ESP Partition?

I do not know whether this is related but after installing Debian-9-RC3, I did
a "sudo apt-get dist-upgrade" and saw that "vmlinuz-4.9.0-2-amd64" was upgraded
to "vmlinuz-4.9.0-3-amd64".  But, Grub continued to boot
"vmlinuz-4.9.0-2-amd64" until I chose "Advanced Options" on the Boot Menu,
selected the default "*Debian 4.9.0-3" at the top and then Grub began booting
"Debian 4.9.0-3" by default?

I will be happy to provide you with almost anything you need but will not be
able to delete all of the Partitions on harddrive to test in an absolutely
"pristine" environment for another month.



-- Package-specific info:

*** BEGIN /proc/mounts
/dev/sda3 / ext4 rw,relatime,errors=remount-ro,data=ordered 0 0
/dev/sda1 /boot/efi vfat 
rw,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro
 0 0
/dev/sda7 /mnt/Data ext4 rw,nosuid,nodev,noexec,relatime,data=ordered 0 0
/dev/sda8 /mnt/Non-Backed ext4 rw,nosuid,nodev,noexec,relatime,data=ordered 0 0
/dev/sda8 /media/Videos ext4 ro,relatime,data=ordered 0 0
/dev/sda8 /media/Music ext4 ro,relatime,data=ordered 0 0
*** END /proc/mounts

*** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
  set have_grubenv=true
  load_env
fi
if [ "${next_entry}" ] ; then
   set default="${next_entry}"
   set next_entry=
   save_env next_entry
   set boot_once=true
else
   set default="0"
fi

if [ x"${feature_menuentry_id}" = xy ]; then
  menuentry_id_option="--id"
else
  menuentry_id_option=""
fi

export menuentry_id_option

if [ "${prev_saved_entry}" ]; then
  set saved_entry="${prev_saved_entry}"
  save_env saved_entry
  set prev_saved_entry=
  save_env prev_saved_entry
  set boot_once=true
fi

function savedefault {
  if [ -z "${boot_once}" ]; then
saved_entry="${chosen}"
save_env saved_entry
  fi
}
function load_video {
  if [ x$feature_all_video_module = xy ]; then
insmod all_video
  else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
  fi
}

if [ x$feature_default_font_path = xy ] ; then
   font=unicode
else
insmod part_gpt
insmod ext2
set root='hd0,gpt3'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt3 
--hint-efi=hd0,gpt3 --hint-baremetal=ahci0,gpt3  
572068bb-9d9f-44a0-aa84-299ac89db31c
else
  search --no-floppy --fs-uuid --set=root 572068bb-9d9f-44a0-aa84-299ac89db31c
fi
font="/usr/share/grub/unicode.pf2"
fi

if loadfont $font ; then
  set gfxmode=auto
  load_video
  insmod gfxterm
  set locale_dir=$prefix/locale
  set lang=en_US
  insmod gettext
fi
terminal_output gfxterm
if [ "${recordfail}" = 1 ] ; then
  set timeout=30
else
  if [ x$feature_timeout_style = xy ] ; then
set timeout_style=menu
set timeout=5
  # Fallback normal timeout code in case the timeout_style feature is
  # unavailable.
  else
set timeout=5
  fi
fi
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/05_debian_theme ###
insmod part_gpt
insmod ext2
set root='hd0,gpt3'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt3 
--hint-efi=hd0,gpt3 --hint-baremetal=ahci0,gpt3  
572068bb-9d9f-44a0-aa84-299ac89db31c
else
  search --no-floppy --fs-uuid --set=root 572068bb-9d9f-44a0-aa84-299ac89db31c
fi
insmod png
if background_image /usr/share/desktop-base/softwaves-theme/grub/grub-4x3.png; 
then
  set color_normal=white/black
  set color_highlight=black/white
else
  set menu_color_normal=cyan/blue
  set menu_color_highlight=white/blue
fi
### END /etc/grub.d/05_debian_theme ###

### BEGIN /etc/grub.d/10_linux ###
function gfxmode {
set gfxpayload="${1}"
}
set linux_gfx_mode=
export linux_gfx_mode
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu 
--class os $menuentry_id_option 
'gnulinux-simple-572068bb-9d9f-44a0-aa84-299ac89db31c' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod ext2
set root='hd0,gpt3'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt3 
--hint-efi=hd0,gpt3 --hint-baremetal=ahci0,gpt3  
572068bb-9d9f-44a0-aa84-299ac89db31c
else
  search

Bug#854801: Network Manager, Stretch and ipv6

2017-05-26 Thread Bernhard Schmidt 
On Fri, May 26, 2017 at 06:58:03PM +0200, Julien Cristau wrote:
> +rdisc6 maintainer
> 
> > IMO we should change d-i/netcfg to just never install rdnssd.  I guess
> > that might negatively impact systems on ipv6-only networks that don't
> > have any other means to pick up name servers, but that seems strictly
> > better than installing a package which conflicts with NM.

I'm fine with that change. 

I had offered to

| I can fix the latter by removing the conflicts and changing the hook
| again to be a no-op if network-manager is installed.

but I think that's too late in the release cycle.

Bernhard


signature.asc
Description: Digital signature

Bug#837701: apper: Same Letter Problem here with fresh install, seen with updates of perlmagick and imagemagick.

2017-05-26 Thread Kay Martinen 
Package: apper
Version: 0.9.1-2
Followup-For: Bug #837701

Dear Maintainer,

I got the same problem (like 2 other bugreports) with german umlauts shown as ? 
here when running
apper as it updates perlmagick, imagemagick and some libs for it.
The ? was seen only on the noted program description line in apper but too when
downloading AND updating them.
It may be cosmetic but i do not know if there is another problem leading to
this.

The download and update seemed to work out successfully. No errors seen.

-- System Information:
Debian Release: 8.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages apper depends on:
ii  apper-data   0.9.1-2
ii  kde-runtime  4:4.14.2-2
ii  libappstream10.7.3-1
ii  libc62.19-18+deb8u9
ii  libdebconf-kde0  0.3-1
ii  libgcc1  1:4.9.2-10
ii  libgee-0.8-2 0.16.1-1+deb8u1
ii  libglib2.0-0 2.42.1-1+b1
ii  libkcmutils4 4:4.14.2-5+deb8u2
ii  libkdecore5  4:4.14.2-5+deb8u2
ii  libkdeui54:4.14.2-5+deb8u2
ii  libkemoticons4   4:4.14.2-5+deb8u2
ii  libkidletime44:4.14.2-5+deb8u2
ii  libkio5  4:4.14.2-5+deb8u2
ii  libkprintutils4  4:4.14.2-5+deb8u2
ii  libkutils4   4:4.14.2-5+deb8u2
ii  libkworkspace4abi2   4:4.11.13-2
ii  liblistaller-glib0   0.5.9-4
ii  libpackagekitqt4-0   0.9.5-1
ii  libqt4-dbus  4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libqt4-declarative   4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libqt4-network   4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libqt4-sql   4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libqt4-svg   4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libqt4-xml   4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libqt4-xmlpatterns   4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libqtcore4   4:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libqtgui44:4.8.6+git64-g5dc8b2b+dfsg-3+deb8u1
ii  libsolid44:4.14.2-5+deb8u2
ii  libstdc++6   4.9.2-10
ii  packagekit   1.0.1-2
ii  policykit-1-gnome0.105-2
ii  polkit-kde-1 0.99.1-1
ii  software-properties-kde  0.92.25debian1

Versions of packages apper recommends:
ii  appstream-index  0.7.3-1

Versions of packages apper suggests:
pn  debconf-kde-helper  
ii  listaller   0.5.9-4

-- no debconf information

Bug#863435: open-iscsi-udeb: finish-install script always thinks that iSCSI is used

2017-05-26 Thread Christian Seiler 
Package: open-iscsi-udeb
Version: 2.0.874-2
Severity: important
Affects: debian-installer
X-Debbugs-Cc: debian-b...@lists.debian.org, k...@debian.org
Control: tags -1 + stretch sid

Dear Maintainer,

As reported on debian-release@/debian-boot@ recently, a
recent change in how the initiator name was generated in
the package causes finish-install to assume iSCSI is
always used.

This has two consequences:

 - update-initramfs -k all -u is needlessly called on
   all Debian installations, even those without iSCSI
   (looses a couple of seconds time, on _really_ slow
   systems possibly even a minute)

 - clutters every new installation with
   /etc/iscsi/initiatorname.iscsi, even those that don't
   use iSCSI

This is harmless (nothing breaks), but can be annoying.
Also, for Buster this risks that other installer components
start relying on the fact that the initramfs is regenerated
late in the installation process - which they shouldn't.
It probably hasn't affected anything in Stretch yet, but
this should be fixed really early in the Buster cycle to
avoid any such problems.

KiBi said that for Stretch this should be fixed in the
first point release, so the plan is to open a p-u bug
once this is fixed in sid after the Stretch release.

Regards,
Christian

-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (1, 
'experimental-debug')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#721976: ca-certificates contains both server and email certificates

2017-05-26 Thread Michael Shuler 
On 05/26/2017 02:18 PM, Jacob Hoffman-Andrews wrote:
> Hi, just checking in on the status of this. I provided a patch above;
> does it look good to you?

The patch is simple, so I see no particular issue with it. My time has
been crunched lately, but I have some vacation soon with plans for some
Debian work. I will get this committed for the next release round for
unstable and mark it pending when I do so.

Thanks for the ping and your patience.

-- 
Kind regards,
Michael



signature.asc
Description: OpenPGP digital signature

Bug#863348: dput: please use ftp.security.upload.debian.org for security uploads

2017-05-26 Thread Julien Cristau 
On Fri, May 26, 2017 at 21:57:13 +0200, Julien Cristau wrote:

> On Fri, May 26, 2017 at 10:33:58 +1000, Ben Finney wrote:
> 
> > The only change from the current default is that the ‘fqdn’ value is
> > now “ftp.security.upload.debian.org” for both sections.
> > 
> > Is that right?
> > 
> Correct.
> 
Oh, and it would be good to have this change in stretch so we can move
the upload queue sooner.  This might mean a stable update in the first
point release if the change doesn't make it in time for 9.0.

Cheers,
Julien

Bug#863434: multistrap cannot bootstrap metapackages with foreign dependencies

2017-05-26 Thread Erich E. Hoover 
Package: multistrap
Version: 2.2.9
Severity: normal
Tags: patch

Dear Maintainer,

The multiarch feature does not currently allow for metapackages to have foreign
dependencies.  For example, if you create a "my-system-configuration" package
with dependencies on both armel and armhf packages then this will fail at the
initial dependency step.  The attached patch fixes this problem by adding the
foreign architectures to the list of apt-recognized architectures (-o
APT::Architectures::=).



-- System Information:
Debian Release: stretch/sid
  APT prefers xenial-updates
  APT policy: (500, 'xenial-updates'), (500, 'xenial-security'), (500, 
'xenial'), (100, 'xenial-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.4.0-78-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages multistrap depends on:
ii  apt1.2.20
ii  libconfig-auto-perl0.44-1
ii  liblocale-gettext-perl 1.07-1build1
ii  libparse-debian-packages-perl  0.03-2
pn  perl:any   

multistrap recommends no packages.

Versions of packages multistrap suggests:
ii  fakeroot  1.20.2-1ubuntu1

-- no debconf information
>From 07e73e7ae7347927ea1e89ccd4b76886258a3069 Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" 
Date: Fri, 26 May 2017 13:09:57 -0600
Subject: Allow bootstrapping metapackages with foreign dependencies.

---
 multistrap | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/multistrap b/multistrap
index ad1f94f..92ff6fe 100755
--- a/multistrap
+++ b/multistrap
@@ -315,6 +315,8 @@ close CONFIG;
 
 $config_str = '';
 $config_str .= " -o Apt::Architecture=" . shellescape($arch);
+$config_str .= " -o APT::Architectures::=" . shellescape($_)
+	foreach (@foreignarches);
 $config_str .= " -o Dir::Etc::TrustedParts=" . shellescape("${dir}${etcdir}trusted.gpg.d");
 $config_str .= " -o Dir::Etc::Trusted=" . shellescape("${dir}${etcdir}trusted.gpg");
 if (defined $noauth) {
-- 
2.7.4

Bug#863348: dput: please use ftp.security.upload.debian.org for security uploads

2017-05-26 Thread Julien Cristau 
On Fri, May 26, 2017 at 10:33:58 +1000, Ben Finney wrote:

> On 25-May-2017, Ansgar Burchardt wrote:
> 
> > So please update the default dput.cf to upload security uploads to
> > ftp.security.upload.debian.org instead of directory to
> > security-master.debian.org.
> 
> Thank you for the explanation.
> 
Please Cc the submitter if you want them to see your followup questions
:)

> If I understand correctly, to resolve this bug, the default ‘dput’
> configuration should be changed to have these sections:
> 
> =
> [security-master]
> fqdn  = ftp.security.upload.debian.org
> method= ftp
> incoming  = /pub/SecurityUploadQueue
> login = anonymous
> allow_dcut= 1
> # This has been added at the request of the security team.
> # Please be sure to know what you are doing before taking it out.
> pre_upload_command= /usr/share/dput/helper/security-warning
> 
> [security-master-unembargoed]
> fqdn  = ftp.security.upload.debian.org
> method= ftp
> incoming  = /pub/OpenSecurityUploadQueue
> login = anonymous
> allow_dcut= 1
> # This has been added at the request of the security team.
> # Please be sure to know what you are doing before taking it out.
> pre_upload_command= /usr/share/dput/helper/security-warning
> =
> 
> The only change from the current default is that the ‘fqdn’ value is
> now “ftp.security.upload.debian.org” for both sections.
> 
> Is that right?
> 
Correct.

Cheers,
Julien

Bug#863433: multistrap cannot use expired Release files

2017-05-26 Thread Erich E. Hoover 
Package: multistrap
Version: 2.2.9
Severity: normal
Tags: patch

Dear Maintainer,

multistrap encounters the "Release file expired" error when using old Debian
snapshots.  This can be worked around by passing "-o Acquire::Check-Valid-
Until=false" to apt.  The attached patch adds this option when operating under
the "noauth" condition, permitting multistrap to work with such old
repositories.



-- System Information:
Debian Release: stretch/sid
  APT prefers xenial-updates
  APT policy: (500, 'xenial-updates'), (500, 'xenial-security'), (500, 
'xenial'), (100, 'xenial-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.4.0-78-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages multistrap depends on:
ii  apt1.2.20
ii  libconfig-auto-perl0.44-1
ii  liblocale-gettext-perl 1.07-1build1
ii  libparse-debian-packages-perl  0.03-2
pn  perl:any   

multistrap recommends no packages.

Versions of packages multistrap suggests:
ii  fakeroot  1.20.2-1ubuntu1

-- no debconf information
>From 1555be1197ea0bee8545b779992baf062c9a99f1 Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" 
Date: Mon, 17 Apr 2017 14:51:13 -0600
Subject: Allow expired Release files when 'noauth' is set.

This change allows multiarch to use old Debian snapshots when the
noauth option is enabled.
---
 multistrap | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/multistrap b/multistrap
index 4b4db50..ad1f94f 100755
--- a/multistrap
+++ b/multistrap
@@ -317,8 +317,10 @@ $config_str = '';
 $config_str .= " -o Apt::Architecture=" . shellescape($arch);
 $config_str .= " -o Dir::Etc::TrustedParts=" . shellescape("${dir}${etcdir}trusted.gpg.d");
 $config_str .= " -o Dir::Etc::Trusted=" . shellescape("${dir}${etcdir}trusted.gpg");
-$config_str .= " -o Apt::Get::AllowUnauthenticated=true"
-	if (defined $noauth);
+if (defined $noauth) {
+	$config_str .= " -o Apt::Get::AllowUnauthenticated=true";
+	$config_str .= " -o Acquire::Check-Valid-Until=false";
+}
 $config_str .= " -o Apt::Get::Download-Only=true";
 $config_str .= " -o Apt::Install-Recommends=false"
 	if (not defined $allow_recommends);
-- 
2.7.4

Bug#721976: (no subject)

2017-05-26 Thread Jacob Hoffman-Andrews 
Hi, just checking in on the status of this. I provided a patch above;
does it look good to you?

Bug#863432: RFS: bluemon/1.4-7 [QA-Upload]

2017-05-26 Thread Andreas Moog 
Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for a QA-Upload for the package "bluemon"

 * Package name: bluemon
   Version : 1.4-7
 * License : GPL-2
   Section : net

It builds those binary packages:

  bluemon- Activate or deactivate programs based on Bluetooth link quality

To access further information about this package, please visit the following 
URL:

https://mentors.debian.net/package/bluemon

Alternatively, one can download the package with dget using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/b/bluemon/bluemon_1.4-7.dsc

Changes since the last upload:

 bluemon (1.4-7) unstable; urgency=medium
 
   * QA upload.
   * Convert to Source-Format 3.0 (quilt)
   * debian/control, debian/compat:
 - change debhelper-compat level to 10
   * debian/control:
 - set Maintainer to QA group, package is orphaned (#762537)
 - add dependency on lsb-base for init script
 - run wrap-and-sort -sa
 - declare policy-compliance for Policy 3.9.8
 - Add a homepage field
   * debian/rules:
 - use dh
   * debian/prerm+preinst:
 - Remove prerm file, was only needed for upgrades from version 1.3-1.2,
   which no longer is in any supported Debian release
 - Remove preinst file, debhelper does the right thing automatically
   * debian/dirs:
 - Remove, not needed
   * debian/init:
 - Add $remote_fs to Required-Start/-Stop
 - Also stop at runlevel 1
 - Don't start daemon on restart action if disabled in /etc/defaults/bluemon
   (Closes: #679109)
   * debian/copyright:
 - Add a machine-readable copyright-file
   * debian/patches:
 - add-cppflags-hardening.patch: Add CPPFLAGS and LDFLAGS to pass hardening
   options to the compiler. This also fixes build with binutils-gold
   (Closes: #612181)
 - add clang-ftbfs.diff to Fix FTBFS with clang:
   Fixed the non-void function should return a value in
   bluetooth-monitor.c (Closes: #740036)
   Patch from Arthur Marble 

Regards,
 Andreas Moog

-- 
PGP-encrypted mails preferred
PGP Fingerprint: 74CD D9FE 5BCB FE0D 13EE 8EEA 61F3 4426 74DE 6624


signature.asc
Description: PGP signature

Bug#863394: [Reportbug-maint] Bug#863394: reportbug: fails to send reports to t...@security.debian.org with smtphost reportbug.debian.org

2017-05-26 Thread Uwe Kleine-König 
Hello,

On Fri, May 26, 2017 at 02:07:00PM -0400, Sandro Tosi wrote:
> > Maybe reportbug.debian.org should be reconfigured to allow relaying to
> > security.debian.org?
> 
> and as reported in the documentation:
> 
> $ zcat /usr/share/doc/reportbug/README.Users.gz  | tail -n3
> Let us also clarify that this service is in no way controlled by
> reportbug maintainers, so in case any questions/complaints/information
> requests you have to contact ow...@bugs.debian.org .
> 
> please do that.

Ah, I didn't see this. So:

@owner@bugs.d.o: Would you consider it an added benefit to make
reoprtbug.debian.org relay to security.debian.org? It would make it
possible to report security sensible stuff with reportbug when
reportbug.debian.org is used as smtphost.

Best regards
Uwe


signature.asc
Description: PGP signature

Bug#860304: flash-kernel: Incorrect installation path for dtbs

2017-05-26 Thread Vagrant Cascadian 
On 2017-05-26, Cyril Brulebois  wrote:
> And thanks for being persistent.

Indeed, I've been working around this issue locally rather than doing
the right things by filing bugs and writing patches... :)


> Heinrich Schuchardt  (2017-05-25):
>> In
>> https://patchwork.ozlabs.org/patch/753871/
>> I suggested to change U-Boot environment variable fdtfile to
>> meson-gxbb-odroidc2.dtb for the Odroid C2.
>> 
>> Unfortunately this patch was not accepted.
>> 
>> So we will need flash-kernel to accommodate U-Boot having
>> a directory path in fdtfile. For the Odroid C2 this is:
>> fdtfile=amlogic/meson-gxbb-odroidc2.dtb
>> 
>> Kindly review the patch to flash-kernel I have proposed:
>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860304#20
>> 
>> Best regards
>> 
>> Heinrich Schuchardt
>
> vagrant, any opinion on this topic? Too little flash-kernel knowledge
> locally to decide on this.

ARM64 boards all appear to have the .dtb in a sub-dir, but the fun part
is u-boot may not consistantly include the subdir when setting the
fdtfile variable.

I think the best thing to do would be to install in both
/boot/dtbs/VERSION/FDTFILE and /boot/boot/dtbs/VERSION/SUBDIR/*.dtb, or
create symlinks (if supported by the filesystem) if the file is found in
a subdir... hopefully that won't require mangling the code too much;
I'll take a look at it... or feel free to beat me to it! :)


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#861591: libgnupg-interface-perl: FTBFS: Failed 10/22 test programs. 23/53 subtests failed.

2017-05-26 Thread Daniel Kahn Gillmor 
On Thu 2017-05-25 13:13:43 -0400, Daniel Kahn Gillmor wrote:
> On Thu 2017-05-25 18:35:13 +0200, Chris Lamb wrote:
>> Daniel Kahn Gillmor wrote:
>>
>>> The failures on repeat are presumably because of something related to
>>> the gpg-agent daemon persisting across the tests.I'll look into
>>> invoking "gpgconf --kill all" at the start of the test suite
>>
>> Is that safe? What if I'm running gpgconf outside of the build? :)
>
> I think i'll run it with the designated --homedir for the test suite
> itself, which should be safe.
>
> Also, i may decide to change the testing homedir to be
> randomly-generated, inside /tmp, rather than having it in the build
> tree.
>
> frustrating and annoying to have to deal with this, but this is what we
> get for relying on the constrained length of un_path in the unix domain
> socket struct. :/

I've uploaded 0.52-7 with this fix to experimental.  If anyone was
having FTBFS issues with prior versions, please test and reopen if
there's still a problem.

--dkg


signature.asc
Description: PGP signature

Bug#861591: Pending fixes for bugs in the libgnupg-interface-perl package

2017-05-26 Thread pkg-perl-maintainers 
tag 861591 + pending
thanks

Some bugs in the libgnupg-interface-perl package are closed in
revision 1977297160208cb20edaf2339eee8eae0490271b in branch ' 
experimental' by Daniel Kahn Gillmor

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-perl/packages/libgnupg-interface-perl.git/commit/?id=1977297

Commit message:

Use temporary, short-path GNUPGHOME for test suites (Closes: #861591)

Bug#754504: Recommend closing this bug

2017-05-26 Thread Phil Hagelberg 
This bug should probably be closed; libpedantic is no longer its own
independent library but has been merged into Leiningen itself:

https://github.com/technomancy/leiningen/commit/c968fa5068fafada

Thanks,
Phil


signature.asc
Description: PGP signature

Bug#863431: unblock: sane-backends/1.0.25-4.1

2017-05-26 Thread Chris Lamb 
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock

Dear Release Team,

Please consider unblocking sane-backends 1.0.25-4.1 which fixes an
RC bug:

 sane-backends (1.0.25-4.1) unstable; urgency=medium
 
   * Non-maintainer upload.
   * Correct missing error handler in (generated) prerm script by dropping the
 "error" handler entirely; it was only printing a generic message anyway.
 (Closes: #862334)


The full debdiff is attached.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
diffstat for sane-backends-1.0.25 sane-backends-1.0.25

 changelog   |9 +
 rules   |2 +-
 sane-utils.postinst |4 
 3 files changed, 10 insertions(+), 5 deletions(-)

diff -Nru sane-backends-1.0.25/debian/changelog 
sane-backends-1.0.25/debian/changelog
--- sane-backends-1.0.25/debian/changelog   2017-04-19 12:07:38.0 
+0200
+++ sane-backends-1.0.25/debian/changelog   2017-05-21 10:04:48.0 
+0200
@@ -1,3 +1,12 @@
+sane-backends (1.0.25-4.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Correct missing error handler in (generated) prerm script by dropping the
+"error" handler entirely; it was only printing a generic message anyway.
+(Closes: #862334)
+
+ -- Chris Lamb   Sun, 21 May 2017 10:04:48 +0200
+
 sane-backends (1.0.25-4) unstable; urgency=medium
 
   * CVE-2017-6318:
diff -Nru sane-backends-1.0.25/debian/rules sane-backends-1.0.25/debian/rules
--- sane-backends-1.0.25/debian/rules   2016-12-10 11:35:33.0 +0100
+++ sane-backends-1.0.25/debian/rules   2017-05-21 10:04:48.0 +0200
@@ -128,7 +128,7 @@
chrpath -d debian/sane-utils/usr/bin/sane-find-scanner
 
 override_dh_installinit-arch:
-   dh_installinit -psane-utils --name=saned --error-handler=saned_eh
+   dh_installinit -psane-utils --name=saned
 
 override_dh_systemd_enable-arch:
dh_systemd_enable --no-enable saned.socket
diff -Nru sane-backends-1.0.25/debian/sane-utils.postinst 
sane-backends-1.0.25/debian/sane-utils.postinst
--- sane-backends-1.0.25/debian/sane-utils.postinst 2015-05-21 
07:15:33.0 +0200
+++ sane-backends-1.0.25/debian/sane-utils.postinst 2017-05-21 
10:04:48.0 +0200
@@ -4,10 +4,6 @@
 
 SANED_DEFAULT=/etc/default/saned
 
-saned_eh () {
-echo "saned couldn't start; check your inetd configuration and 
README.Debian"
-}
-
 #
 # POSIX-compliant shell function
 # to check for the existence of a command

Bug#863430: fsharp: created .exe files chmod 644

2017-05-26 Thread Heinrich Schuchardt 
Package: fsharp
Version: 4.0.0.4+dfsg2-2
Severity: normal

Dear Maintainer,

fsharpc compiles *.fs to *.exe.

The *.exe file is chmod 644. It should be chmod 755.

Best regards

Heinrich Schuchardt

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages fsharp depends on:
ii  libfsharp-core4.3-cil   4.0.0.4+dfsg2-2
ii  libmono-compilerservices-symbolwriter4.0-cil4.6.2.7+dfsg-1
ii  libmono-corlib4.5-cil   4.6.2.7+dfsg-1
ii  libmono-microsoft-build-framework4.0-cil4.6.2.7+dfsg-1
ii  libmono-microsoft-build-tasks-v4.0-4.0-cil  4.6.2.7+dfsg-1
ii  libmono-microsoft-build-utilities-v4.0-4.0-cil  4.6.2.7+dfsg-1
ii  libmono-system-core4.0-cil  4.6.2.7+dfsg-1
ii  libmono-system-numerics4.0-cil  4.6.2.7+dfsg-1
ii  libmono-system-runtime4.0-cil   4.6.2.7+dfsg-1
ii  libmono-system-windows-forms4.0-cil 4.6.2.7+dfsg-1
ii  libmono-system-xml4.0-cil   4.6.2.7+dfsg-1
ii  libmono-system4.0-cil   4.6.2.7+dfsg-1
ii  mono-devel  4.6.2.7+dfsg-1
ii  mono-runtime4.6.2.7+dfsg-1
ii  mono-xbuild 4.6.2.7+dfsg-1

fsharp recommends no packages.

fsharp suggests no packages.

-- no debconf information

Bug#863429: openssl: Please make long-running commands such as dhparam 4096 multithreaded.

2017-05-26 Thread Brian Minton 
Package: openssl
Version: 1.1.0f-1
Severity: wishlist
Tags: upstream

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Dear Maintainer,

When generating large DH parameters, the command can take a very long
time.  For instance:

$ openssl dhparam  -out dhparams_4096.pem 4096
Generating DH parameters, 4096 bit long safe prime, generator 2
This is going to take a long time
...

When looking at the CPU usage, I notice that openssl is taking up 100.0%
CPU, implying it is only using one core.  However, I have 16 cores on my
system, and it seems reasonable that each of the cores could run an
indipendent search for a safe prime starting with a different random
number.  This would consume more entropy from the system, but assuming
sufficient entropy, should produce a result much sooner.

- -- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.0-1-amd64 (SMP w/16 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openssl depends on:
ii  libc6  2.24-10
ii  libssl1.1  1.1.0f-1

openssl recommends no packages.

Versions of packages openssl suggests:
ii  ca-certificates  20161130+nmu1

- -- no debconf information

-BEGIN PGP SIGNATURE-

iHUEAREIAB0WIQT5xLt2Dng/DewQpoprjrOgZc+6qQUCWShojgAKCRBrjrOgZc+6
qXNfAP9kfJm9tO/0bQQPwqfCSCwD1zZ4a3sRnNi2uhH9fzfqyQD+McUcNsz+GOHc
NkeVWdL3iEg3TJZZpzr+ZIWvSoZEVWWIdQQBFggAHRYhBO7QFYAT3C5tbgAepDe5
UHrP8gFuBQJZKGiOAAoJEDe5UHrP8gFu8G8BAOe1c6x4QcEXClFWOguFuNvvHeAw
ZTy79AAy19jobCidAP0fZBnJ6OJCgz23GDp7whclmLsWXSoKEo25ymZWKy24BQ==
=OLD3
-END PGP SIGNATURE-

Bug#863428: unblock: publicsuffix/20170424.0717-1

2017-05-26 Thread Daniel Kahn Gillmor 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package publicsuffix

the publicsuffix package contains up-to-date descriptions of the
network environment.  in addition to capturing the most recent state
of the DNS's public cutpoints, the version in unstable closes three
non-controversial bugs (#855699, #855909, #840088) in a simple
fashion.

unblock publicsuffix/20170424.0717-1

-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (200, 
'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru publicsuffix-20170117/debian/changelog 
publicsuffix-20170424.0717/debian/changelog
--- publicsuffix-20170117/debian/changelog  2017-01-23 23:45:46.0 
-0500
+++ publicsuffix-20170424.0717/debian/changelog 2017-05-16 23:47:27.0 
-0400
@@ -1,3 +1,41 @@
+publicsuffix (20170424.0717-1) unstable; urgency=medium
+
+  * new upstream version
+
+ -- Daniel Kahn Gillmor   Tue, 16 May 2017 23:47:27 
-0400
+
+publicsuffix (20170303.1601-1) unstable; urgency=medium
+
+  * new upstream version
+
+ -- Daniel Kahn Gillmor   Tue, 21 Mar 2017 13:04:44 
-0400
+
+publicsuffix (20170223.0049-1) unstable; urgency=medium
+
+  * new upstream version
+
+ -- Daniel Kahn Gillmor   Thu, 23 Feb 2017 09:44:06 
-0500
+
+publicsuffix (20170206.1059-2) unstable; urgency=medium
+
+  * keep the build reproducible (Closes: #855909)
+
+ -- Daniel Kahn Gillmor   Thu, 23 Feb 2017 09:28:52 
-0500
+
+publicsuffix (20170206.1059-1) unstable; urgency=medium
+
+  * new upstream version
+  * .dafsa now always post-dates .dat (Closes: #855699)
+  * mark publicsuffix Multi-Arch: foreign (Closes: #840088)
+
+ -- Daniel Kahn Gillmor   Tue, 21 Feb 2017 21:37:34 
-0500
+
+publicsuffix (20170202-1) unstable; urgency=medium
+
+  * new upstream version
+
+ -- Daniel Kahn Gillmor   Sat, 04 Feb 2017 12:06:14 
-0500
+
 publicsuffix (20170117-1) unstable; urgency=medium
 
   * new upstream version
diff -Nru publicsuffix-20170117/debian/control 
publicsuffix-20170424.0717/debian/control
--- publicsuffix-20170117/debian/control2016-08-08 19:12:02.0 
-0400
+++ publicsuffix-20170424.0717/debian/control   2017-02-21 13:08:18.0 
-0500
@@ -12,6 +12,7 @@
 Provides: publicsuffix-dafsa
 Architecture: all
 Depends: ${misc:Depends}
+Multi-Arch: foreign
 Description: accurate, machine-readable list of domain name suffixes
  A machine-readable list of domain name suffixes that accept public
  registration.  Each suffix represents the part of a domain name which
diff -Nru publicsuffix-20170117/debian/new-upstream-version 
publicsuffix-20170424.0717/debian/new-upstream-version
--- publicsuffix-20170117/debian/new-upstream-version   2016-11-01 
17:16:06.0 -0400
+++ publicsuffix-20170424.0717/debian/new-upstream-version  2017-02-23 
09:41:16.0 -0500
@@ -4,7 +4,11 @@
 
 git remote update upstream
 git diff upstream..upstream/master
-date=$(git log -1 --date=short --pretty=format:%cd upstream/master | sed 
s/-//g)
+read -p "changes ok to continue? [y/N] " REPLY
+[ ${REPLY,,} = y ]
+date=$(date -u -d $(git log -1 --date=short --pretty=format:%cI 
upstream/master) +%Y%m%d.%H%M)
+git branch -D upstream
+git branch upstream upstream/master
 git tag "publicsuffix/${date}" upstream/master
 git merge -m "merge upstream changes to ${date}" "publicsuffix/${date}"
 git log -n30 upstream/master > debian/upstream-changes.txt
@@ -12,11 +16,7 @@
 dch --distribution unstable -v "${date}-1" 'new upstream version'
 git add debian/changelog
 git commit -m "new upstream version ${date}"
-gbp buildpackage -uc -us
-git branch -D upstream
-git branch upstream upstream/master
+gbp buildpackage --git-tag --changes-option=-S
 debian/rules clean
-gbp buildpackage --git-tag -S
-dupload ../publicsuffix_${date}-1_source.changes
+dupload "../publicsuffix_${date}-1_$(dpkg-architecture -q 
DEB_HOST_ARCH).changes"
 git push gdo --follow-tags master --follow-tags upstream
-
diff -Nru publicsuffix-20170117/debian/rules 
publicsuffix-20170424.0717/debian/rules
--- publicsuffix-20170117/debian/rules  2016-08-08 19:09:43.0 -0400
+++ publicsuffix-20170424.0717/debian/rules 2017-02-23 09:28:26.0 
-0500
@@ -1,4 +1,6 @@
 #!/usr/bin/make -f
+include /usr/share/dpkg/default.mk
+
 %:
dh $@
 
@@ -10,4 +12,6 @@
 
 override_dh_auto_build:
dh_auto_build
+   TZ=UTC touch -t $(subst .,,$(DEB_VERSION_UPSTREAM)) 
public_suffix_list.dat
psl-make-dafsa

Bug#863419: evince: selecting text and trying to drag it causes crash

2017-05-26 Thread Jason Crain 
Control: tags -1 + moreinfo

On Fri, May 26, 2017 at 06:25:52PM +0300, Sotiris Kouvopoulos wrote:
> When I select some text, for example a simple word and try to drag the
> selection (hold left mouse button and move mouse) the application crashes
> immediately.
> 
> This is the output when evince is started from terminal:
> (evince:7977): Gdk-ERROR **: The program 'evince' received an X Window
> System error.
> This probably reflects a bug in the program.
> The error was 'BadWindow (invalid Window parameter)'.
>   (Details: serial 3201 error_code 3 request_code 141 (Composite)
> minor_code 8)
>   (Note to programmers: normally, X errors are reported asynchronously;
>that is, you will receive the error a while after causing it.
>To debug your program, run it with the GDK_SYNCHRONIZE environment
>variable to change this behavior. You can then get a meaningful
>backtrace from your debugger if you break on the gdk_x_error() function.)
> Trace/breakpoint trap

I can't reproduce this.  What desktop environment are you using?  If you
are able, a backtrace with debug symbols and GDK_SYNCHRONIZE=1 as in
that error message would be helpful.

Bug#863427: fontconfig: fc-cache returns with exit code 0 on 256 errors

2017-05-26 Thread Chris Lamb 
Source: fontconfig
Version: 2.12.1-0.1
Severity: normal
Tags: patch

Hi,

fc-cache returns with exit code 0 if there were 256 errors as it increments
a "ret" int that is subsquently returned from main(). This also occurs with
512 errors, etc.

Patch attached.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
diff --git a/fc-cache/fc-cache.c b/fc-cache/fc-cache.c
index 0336073..800e74c 100644
--- a/fc-cache/fc-cache.c
+++ b/fc-cache/fc-cache.c
@@ -408,5 +408,5 @@ main (int argc, char **argv)
sleep (2);
 if (verbose)
printf ("%s: %s\n", argv[0], ret ? "failed" : "succeeded");
-return ret;
+return (ret == 0) ? 0 : 1;
 }

Bug#863426: isc-dhcp: dhclient DHCPv6 does not work with interface alias

2017-05-26 Thread Dan Streetman 
Package: isc-dhcp
Version: 4.3.5-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu artful ubuntu-patch

Dear Maintainer,

dhclient does not work when doing DHCPv6 with an interface alias, e.g.

dhclient -6 -v eth0:1

fails.  The attached patch is required to fix it.

  * When comparing enumerated interface name with cmdline interface name,
the cmdline interface name alias extension must be stripped since all
enumerated interface names have their alias extension stripped.
Without this, DHCPv6 fails for interface aliases. (LP: #1693819)


Thanks for considering the patch.


-- System Information:
Debian Release: stretch/sid
  APT prefers zesty-updates
  APT policy: (500, 'zesty-updates'), (500, 'zesty-security'), (500, 'zesty'), 
(100, 'zesty-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.10.0-20-generic (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru isc-dhcp-4.3.5/debian/control isc-dhcp-4.3.5/debian/control
--- isc-dhcp-4.3.5/debian/control   2017-01-19 12:11:21.0 -0500
+++ isc-dhcp-4.3.5/debian/control   2017-05-26 10:57:51.0 -0400
@@ -1,8 +1,7 @@
 Source: isc-dhcp
 Section: net
 Priority: important
-Maintainer: Ubuntu Developers 
-XSBC-Original-Maintainer: Debian ISC DHCP maintainers 

+Maintainer: Debian ISC DHCP maintainers 

 Uploaders: Andrew Pollock , Michael Gilbert 

 Vcs-Git: https://anonscm.debian.org/pkg-dhcp/isc-dhcp.git
 Vcs-Browser: 
https://anonscm.debian.org/gitweb/?p=pkg-dhcp/isc-dhcp.git;a=summary
diff -Nru isc-dhcp-4.3.5/debian/patches/series 
isc-dhcp-4.3.5/debian/patches/series
--- isc-dhcp-4.3.5/debian/patches/series2017-01-19 12:11:21.0 
-0500
+++ isc-dhcp-4.3.5/debian/patches/series2017-05-26 10:57:24.0 
-0400
@@ -32,3 +32,4 @@
 dhcp-improved-xid-correct-byte-order.patch
 dhcp-4.2.4-dhclient-options-changed.patch
 ubuntu-dhcpd-conf.patch
+strip-alias-when-comparing-interface-names.patch
diff -Nru 
isc-dhcp-4.3.5/debian/patches/strip-alias-when-comparing-interface-names.patch 
isc-dhcp-4.3.5/debian/patches/strip-alias-when-comparing-interface-names.patch
--- 
isc-dhcp-4.3.5/debian/patches/strip-alias-when-comparing-interface-names.patch  
1969-12-31 19:00:00.0 -0500
+++ 
isc-dhcp-4.3.5/debian/patches/strip-alias-when-comparing-interface-names.patch  
2017-05-26 10:57:32.0 -0400
@@ -0,0 +1,40 @@
+Author: Dan Streetman 
+Description: Since isc-dhcp strips the interface alias from all
+  interfaces it enumerates, when comparing the cmdline interface
+  name to find the matching enumerated interface, the cmdline name
+  must have its alias stripped also.  Without this, DHCPv6 fails
+  when using an interface alias.
+Forwarded: yes
+Bug: [ISC bug tracking is private; bug email has been sent]
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1693819
+
+---
+ common/discover.c | 15 ++-
+ 1 file changed, 14 insertions(+), 1 deletion(-)
+
+Index: isc-dhcp-4.3.5/common/discover.c
+===
+--- isc-dhcp-4.3.5.orig/common/discover.c
 isc-dhcp-4.3.5/common/discover.c
+@@ -600,7 +600,20 @@ discover_interfaces(int state) {
+ 
+   /* See if we've seen an interface that matches this one. */
+   for (tmp = interfaces; tmp; tmp = tmp->next) {
+-  if (!strcmp(tmp->name, info.name))
++#if defined(sun) || defined(__linux)
++  char *s, n[IFNAMSIZ];
++
++  strcpy(n, tmp->name);
++  /* next_iface() strips the interface alias,
++   * so we mustn't include it when strcmp */
++  s = strchr(n, ':');
++  if (s != NULL) {
++  *s = '\0';
++  }
++#else
++  char *n = tmp->name;
++#endif /* defined(sun) || defined(__linux) */
++  if (!strcmp(n, info.name))
+   break;
+   }
+

Bug#863425: latex2html: stops with error message: Can't use 'defined(@array)'

2017-05-26 Thread Peter Schaefer 
Package: latex2html
Version: 2015-debian1-1
Severity: normal

Dear Maintainer,

latex2html stops with error message: 
Can't use 'defined(@array)' (Maybe you should just omit the defined()?)
at /usr/share/latex2html/styles/natbib.perl line 1454,  line 6.
similar to closed (#789731) but other file
can be fixed by
#
--- oldversion/natbib.perl  2017-05-26 17:08:47.377554172 +0200
++
+ newversion/natbib.perl2017-05-26 17:12:07.422234392 +0200
@@
-1451,7 +1451,7 @@
 local($_) = @_;
 s/$next_pair_pr_rx//o;
 l
ocal($style)="citestyle_$2";
-if (defined @$style) {
+if
(@$style) {
    ($CITE_OPEN_DELIM,
     $CITE_CLOSE_DELIM,
    
 $CITE_ENUM,
###
###

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/6 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages latex2html depends on:
ii  ghostscript-x9.20~dfsg-3.2
ii  netpbm   2:10.0-15.3+b2
ii  perl 5.24.1-2
ii  perl-doc 5.24.1-2
ii  tex-common   6.06
ii  texlive-binaries [texlive-base-bin]  2016.20160513.41080.dfsg-2
ii  texlive-fonts-recommended2016.20170123-5
ii  texlive-latex-extra  2016.20170123-5
ii  texlive-latex-recommended2016.20170123-5

latex2html recommends no packages.

latex2html suggests no packages.

-- no debconf information

Bug#861614: rzip: CVE-2017-8364

2017-05-26 Thread Emilio Pozuelo Monfort 
Control: tags -1 pending

Hi,

On Fri, 26 May 2017 18:18:59 +0200 Emilio Pozuelo Monfort  
wrote:
> Control: tags -1 patch
> 
> Hi,
> 
> On Mon, 01 May 2017 16:14:08 +0200 Salvatore Bonaccorso  
> wrote:
> > Source: rzip
> > Version: 2.1-1
> > Severity: grave
> > Tags: security upstream
> > Justification: user security hole
> > 
> > Hi,
> > 
> > the following vulnerability was published for rzip, filled with RC
> > severity due to the heap overflow write, but no further investigation
> > done so far.
> > 
> > CVE-2017-8364[0]:
> > | The read_buf function in stream.c in rzip 2.1 allows remote attackers
> > | to cause a denial of service (heap-based buffer overflow and
> > | application crash) or possibly have unspecified other impact via a
> > | crafted archive.
> 
> openSUSE applied the attached patch, taken from the openSUSE leap 42.2 
> package [1].

I have verified the patch works fine (by testing with an asan build). I have
uploaded the attached debdiff to DELAYED/5. Let me know if I should delay it
further.

Cheers,
Emilio
diff -Nru rzip-2.1/debian/changelog rzip-2.1/debian/changelog
--- rzip-2.1/debian/changelog   2016-12-07 18:44:06.0 +0100
+++ rzip-2.1/debian/changelog   2017-05-26 18:40:30.0 +0200
@@ -1,3 +1,12 @@
+rzip (2.1-4.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * 80-CVE-2017-8364-fill-buffer.patch: fix heap buffer overflow write by
+allocating a properly sized buffer. Patch taken from openSUSE.
+(CVE-2017-8364). Closes: 861614.
+
+ -- Emilio Pozuelo Monfort   Fri, 26 May 2017 18:40:30 +0200
+
 rzip (2.1-4) unstable; urgency=medium
 
   * New maintainer. Thanks to all previous people that have helped
diff -Nru rzip-2.1/debian/patches/80-CVE-2017-8364-fill-buffer.patch 
rzip-2.1/debian/patches/80-CVE-2017-8364-fill-buffer.patch
--- rzip-2.1/debian/patches/80-CVE-2017-8364-fill-buffer.patch  1970-01-01 
01:00:00.0 +0100
+++ rzip-2.1/debian/patches/80-CVE-2017-8364-fill-buffer.patch  2017-05-26 
18:39:09.0 +0200
@@ -0,0 +1,35 @@
+Patch taken from the OpenSUSE leap 42.2 package
+
+Index: rzip-2.1/stream.c
+===
+--- rzip-2.1.orig/stream.c
 rzip-2.1/stream.c
+@@ -147,16 +147,16 @@ static int write_u32(int f, u32 v)
+   return 0;
+ }
+ 
+-static int read_buf(int f, uchar *p, int len)
++static int read_buf(int f, uchar *p, unsigned int len)
+ {
+   int ret;
+   ret = read(f, p, len);
+   if (ret == -1) {
+-  err_msg("Read of length %d failed - %s\n", len, 
strerror(errno));
++  err_msg("Read of length %u failed - %s\n", len, 
strerror(errno));
+   return -1;
+   }
+   if (ret != len) {
+-  err_msg("Partial read!? asked for %d bytes but got %d\n", len, 
ret);
++  err_msg("Partial read!? asked for %u bytes but got %d\n", len, 
ret);
+   return -1;
+   }
+   return 0;
+@@ -399,7 +399,7 @@ static int fill_buffer(struct stream_inf
+   if (sinfo->s[stream].buf) {
+   free(sinfo->s[stream].buf);
+   }
+-  sinfo->s[stream].buf = malloc(u_len);
++  sinfo->s[stream].buf = malloc(c_len > u_len ? c_len : u_len);
+   if (!sinfo->s[stream].buf) {
+   return -1;
+   }
diff -Nru rzip-2.1/debian/patches/series rzip-2.1/debian/patches/series
--- rzip-2.1/debian/patches/series  2016-03-07 22:36:29.0 +0100
+++ rzip-2.1/debian/patches/series  2017-05-26 18:40:30.0 +0200
@@ -5,3 +5,4 @@
 50_fhs.patch
 60_fix_manpage.patch
 70_hardeningflags.patch
+80-CVE-2017-8364-fill-buffer.patch

Bug#854801: Network Manager, Stretch and ipv6

2017-05-26 Thread Julien Cristau 
+rdisc6 maintainer

On 05/26/2017 06:49 PM, Julien Cristau wrote:
> On 05/26/2017 06:33 PM, Cyril Brulebois wrote:
>> Hi,
>>
>> Michael Biebl  (2017-05-23):
>>> Control: severity 854801 serious
>>> Control: reassign 854801 netcfg
>>>
>>> Hi
>>>
>>> This is https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854801
>>>
>>> Since this issue is now cropping up regularly, I'd say it's something
>>> which needs to be fixed for stretch, thus marking the bug as RC.
>>>
>>> Regards,
>>> Michael
>>
>> This issue is indeed (too) well known, but I need to grow a better
>> understanding of various IPv6 configurations to get this fixed properly
>> in stable suites. (I'm making progress on this front but I have a few
>> busy weeks in front of me before getting back to this.)
>>
>> In any case, this feels like something that might need to wait until
>> after r0 (can-defer in release team speak IIRC, cc'd).
>>
> IMO we should change d-i/netcfg to just never install rdnssd.  I guess
> that might negatively impact systems on ipv6-only networks that don't
> have any other means to pick up name servers, but that seems strictly
> better than installing a package which conflicts with NM.
> 
> Cheers,
> Julien
>

Bug#854801: Network Manager, Stretch and ipv6

2017-05-26 Thread Cyril Brulebois 
Julien Cristau  (2017-05-26):
> On 05/26/2017 06:33 PM, Cyril Brulebois wrote:
> > Hi,
> > 
> > Michael Biebl  (2017-05-23):
> >> Control: severity 854801 serious
> >> Control: reassign 854801 netcfg
> >>
> >> Hi
> >>
> >> This is https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854801
> >>
> >> Since this issue is now cropping up regularly, I'd say it's something
> >> which needs to be fixed for stretch, thus marking the bug as RC.
> >>
> >> Regards,
> >> Michael
> > 
> > This issue is indeed (too) well known, but I need to grow a better
> > understanding of various IPv6 configurations to get this fixed properly
> > in stable suites. (I'm making progress on this front but I have a few
> > busy weeks in front of me before getting back to this.)
> > 
> > In any case, this feels like something that might need to wait until
> > after r0 (can-defer in release team speak IIRC, cc'd).
> > 
> IMO we should change d-i/netcfg to just never install rdnssd.  I guess
> that might negatively impact systems on ipv6-only networks that don't
> have any other means to pick up name servers, but that seems strictly
> better than installing a package which conflicts with NM.

Based on Julien's feedback (which matches my initial impressions from
last time I looked into this), I've moved to preparing a new netcfg
upload with the attached change. Leaving a debug message behind will
make it possible to figure out what happens when users complain about
the lack of this rdnssd package, so that we might adjust if needed.

IIRC this issue is also affecting jessie so I'll make a note for
possibly pushing this for a later point release.


KiBi.
From ee0a5467181ff2f3a816ecc1230ba5e60bb5926b Mon Sep 17 00:00:00 2001
From: Cyril Brulebois 
Date: Fri, 26 May 2017 18:52:26 +0200
Subject: [PATCH] Stop queueing rdnssd's installation with IPv6 setups (Closes:
 #854801).

This component conflicts with network-manager and installing it from the
network configuration step might prevents large parts of desktop
environments from being installed. This isn't a perfect solution but
this should be way better than the current status quo.
---
 autoconfig.c |  2 +-
 debian/changelog | 10 ++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/autoconfig.c b/autoconfig.c
index a603f62..f254cf3 100644
--- a/autoconfig.c
+++ b/autoconfig.c
@@ -470,7 +470,7 @@ int netcfg_autoconfig(struct debconfclient *client, struct netcfg_interface *int
 	if (ipv6) {
 		read_rdnssd_nameservers(interface);
 		if (nameserver_count(interface) > 0) {
-			di_exec_shell_log("apt-install rdnssd");
+			di_debug("Not queueing rdnssd installation to make sure not to interfere with network-manager");
 		}
 	}
 	
diff --git a/debian/changelog b/debian/changelog
index 9132b33..6aa71b0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+netcfg (1.143) UNRELEASED; urgency=medium
+
+  * Stop queueing rdnssd's installation with IPv6 setups. This component
+conflicts with network-manager and installing it from the network
+configuration step might prevents large parts of desktop environments
+from being installed. This isn't a perfect solution but this should be
+way better than the current status quo (Closes: #854801).
+
+ -- Cyril Brulebois   Fri, 26 May 2017 18:45:55 +0200
+
 netcfg (1.142) unstable; urgency=medium
 
   * IPv6 autoconfiguration: fix NTP server name handling, which would be
-- 
2.1.4



signature.asc
Description: Digital signature

Bug#478161: [postmas...@sonaeim.com: Não entregue: porbase is in Tellico, is the porbase you wanted?]

2017-05-26 Thread Geert Stappers 

Hopefully does work the  e-mail address.

The other one bounced ...

- Forwarded message from postmas...@sonaeim.com -

Date: Fri, 26 May 2017 17:42:38 +0100
From: postmas...@sonaeim.com
To: stapp...@stappers.nl
Subject: Não entregue: porbase is in Tellico, is the porbase you wanted?

Falha na entrega a estes destinatários ou grupos:

Marcos Marado (marcos.mar...@sonae.com)
Não foi possível encontrar o endereço de correio eletrónico que introduziu. 
Verifique o endereço de correio eletrónico do destinatário e tente reenviar a 
mensagem. Se o problema continuar, contacte o suporte técnico.

Informações de diagnóstico para administradores:

Servidor de origem: LXDOMEXC01.ssidom.com

marcos.mar...@sonae.com
Remote Server returned '550 5.1.1 RESOLVER.ADR.RecipNotFound; not found'

Cabeçalhos originais da mensagem:

Received: from LXDOMEXC01.ssidom.com (10.228.250.33) by LXDOMEXC01.ssidom.com
 (10.228.250.33) with Microsoft SMTP Server (TLS) id 15.0.1076.9; Fri, 26 May
 2017 17:42:38 +0100
Received: from LXIMSVA02.SSIHV.SSI (10.228.250.15) by LXDOMEXC01.ssidom.com
 (10.228.250.30) with Microsoft SMTP Server (TLS) id 15.0.1076.9 via Frontend
 Transport; Fri, 26 May 2017 17:42:38 +0100
Received: from LXIMSVA02.SSIHV.SSI (unknown [127.0.0.1])
by IMSVA (Postfix) with ESMTP id 118B646063
for ; Fri, 26 May 2017 17:42:28 +0100 (WEST)
Received: from gpm.stappers.nl (unknown [82.161.218.215])
by LXIMSVA02.SSIHV.SSI (Postfix) with ESMTP id D25BD4605F
for ; Fri, 26 May 2017 17:42:27 +0100 (WEST)
Received: by gpm.stappers.nl (Postfix, from userid 1000)
id 772AE304007; Fri, 26 May 2017 18:42:35 +0200 (CEST)
Date: Fri, 26 May 2017 18:42:35 +0200
From: Geert Stappers 
To: Marcos Marado , Marcos Marado

CC: <478...@bugs.debian.org>
Subject: porbase is in Tellico, is the porbase you wanted?

Reporting-MTA: dns;LXDOMEXC01.ssidom.com
Received-From-MTA: dns;LXIMSVA02.SSIHV.SSI
Arrival-Date: Fri, 26 May 2017 16:42:38 +

Original-Recipient: rfc822;marcos.mar...@sonae.com
Final-Recipient: rfc822;marcos.mar...@sonae.com
Action: failed
Status: 5.1.1
Diagnostic-Code: smtp;550 5.1.1 RESOLVER.ADR.RecipNotFound; not found
X-Display-Name: Marcos Marado

  

- End forwarded message -

Bug#854801: Network Manager, Stretch and ipv6

2017-05-26 Thread Julien Cristau 
On 05/26/2017 06:33 PM, Cyril Brulebois wrote:
> Hi,
> 
> Michael Biebl  (2017-05-23):
>> Control: severity 854801 serious
>> Control: reassign 854801 netcfg
>>
>> Hi
>>
>> This is https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854801
>>
>> Since this issue is now cropping up regularly, I'd say it's something
>> which needs to be fixed for stretch, thus marking the bug as RC.
>>
>> Regards,
>> Michael
> 
> This issue is indeed (too) well known, but I need to grow a better
> understanding of various IPv6 configurations to get this fixed properly
> in stable suites. (I'm making progress on this front but I have a few
> busy weeks in front of me before getting back to this.)
> 
> In any case, this feels like something that might need to wait until
> after r0 (can-defer in release team speak IIRC, cc'd).
> 
IMO we should change d-i/netcfg to just never install rdnssd.  I guess
that might negatively impact systems on ipv6-only networks that don't
have any other means to pick up name servers, but that seems strictly
better than installing a package which conflicts with NM.

Cheers,
Julien

Bug#478161: porbase is in Tellico, is the porbase you wanted?

2017-05-26 Thread Geert Stappers 

Control: tag -1 moreinfo


Hello Marcos,

This is about a Debian bugreport from 2008.
Yes, that long ago.


Tellico has in "porbase"


$ grep --after=3 porbase src/fetch/z3950-servers.cfg 
[porbase]
Host=z3950.porbase.org
Port=210
Database=Default
Name=Portuguese National Library



It that the "porbase" you requested?

Or should it become

  host:porbase.bnportugal.pt
  port:210 
  database:porbase

as you wrote in 2009?


Groeten
Geert Stappers
DD
-- 
Leven en laten leven


signature.asc
Description: Digital signature

Bug#863423: git push to local repo containing colon fails with "object directory ... does not exist"

2017-05-26 Thread Mike Miller 
Package: git
Version: 1:2.11.0-4
Severity: important
Tags: upstream

Dear Maintainers,

Git 2.11.0 introduced a regression when pushing to a local repository
whose pathname contains a colon.

I have verified that this regression has been fixed upstream in Git
2.11.1 and 2.12.0.

Unfortunately the version that is in testing which will become stable
exhibits this bug.

This makes the package unusable for me for one project I work on, the
only workaround is to run a locally built git binary. But colons in
pathnames are admittedly rare.

I suspect the upstream commit that fixes this is
https://github.com/git/git/commit/cf3c6352100a, I have not verified yet.

Minimal working example:

## Make a root commit ...
git init testrepo
cd testrepo
echo one > README
git add .
git commit -a -m "Initial commit"
cd ..

## ... convert it to a bare repo with a colon in the name ...
git clone --bare testrepo testrepo.git
rm -rf testrepo
mv testrepo.git test:repo.git

## ... hack, push a commit to origin, error occurs
git clone test:repo.git testrepo
cd testrepo
echo two > README
git add .
git commit -a -m "Second commit"
git push origin master

The error message:

remote: error: object directory /path/to/test does not exist; check 
.git/objects/info/alternates.
remote: error: object directory repo.git/objects does not exist; check 
.git/objects/info/alternates.
remote: error: object directory /path/to/test does not exist; check 
.git/objects/info/alternates.
remote: error: object directory repo.git/objects does not exist; check 
.git/objects/info/alternates.
remote: error: refs/heads/master does not point to a valid object!
remote: fatal: bad object HEAD
error: object directory /path/to/test does not exist; check 
.git/objects/info/alternates.
error: object directory repo.git/objects does not exist; check 
.git/objects/info/alternates.
error: refs/heads/master does not point to a valid object!
fatal: bad object HEAD

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'unstable')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages git depends on:
ii  dpkg 1.18.24
ii  git-man  1:2.11.0-4
ii  libc62.24-10
ii  libcurl3-gnutls  7.52.1-5
ii  liberror-perl0.17024-1
ii  libexpat12.2.0-2
ii  libpcre3 2:8.39-3
ii  perl 5.24.1-2
ii  zlib1g   1:1.2.8.dfsg-5

Versions of packages git recommends:
ii  less 481-2.1
ii  openssh-client [ssh-client]  1:7.4p1-10
ii  patch2.7.5-1+b2

Versions of packages git suggests:
ii  gettext-base  0.19.8.1-2
pn  git-arch  
pn  git-cvs   
pn  git-daemon-run | git-daemon-sysvinit  
ii  git-doc   1:2.11.0-4
pn  git-el
pn  git-email 
pn  git-gui   
pn  git-mediawiki 
ii  git-svn   1:2.11.0-4
pn  gitk  
pn  gitweb

-- no debconf information

Bug#863424: jemalloc: Please build with -DLG_QUANTUM=4 on sh3

2017-05-26 Thread John Paul Adrian Glaubitz 
Source: jemalloc
Version: 3.6.0-9.1
Severity: normal
Tags: patch
User: debian-sup...@lists.debian.org
Usertags: sh3

Hi!

We're currently in the process of bootstrapping Debian on sh3 which is
an architecture similar to sh4 which is already in Debian Ports. sh3
is an older architecture which is currently being redeveloped as the
open source architecture J-Core, sh3 being the j3 CPU [1].

jemalloc is one of the few packages which still lack support for sh3
in Debian. Since adding support only involves setting the correct
size for LG_QUANTUM, supprt can be trivially added with the attached
patch. I will shortly send a pull request upstream to add the definition
there for sh3 as well.

Thanks for consideration.

Cheers,
Adrian

> [1] http://j-core.org/

--
 .''`.   John Paul Adrian Glaubitz
 : :' :  Debian Developer - glaub...@debian.org
 `. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
   `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913
diff -Nru jemalloc-3.6.0/debian/changelog jemalloc-3.6.0/debian/changelog
--- jemalloc-3.6.0/debian/changelog 2017-01-28 18:21:21.0 +0100
+++ jemalloc-3.6.0/debian/changelog 2017-05-26 18:23:37.0 +0200
@@ -1,3 +1,10 @@
+jemalloc (3.6.0-9.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Build with -DLG_QUANTUM=4 on sh3 (Closes: #nn)
+
+ -- John Paul Adrian Glaubitz   Fri, 26 May 2017 
18:23:37 +0200
+
 jemalloc (3.6.0-9.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru jemalloc-3.6.0/debian/rules jemalloc-3.6.0/debian/rules
--- jemalloc-3.6.0/debian/rules 2017-01-28 18:21:21.0 +0100
+++ jemalloc-3.6.0/debian/rules 2017-05-26 18:23:00.0 +0200
@@ -6,7 +6,7 @@
 DEB_HOST_ARCH := $(shell dpkg-architecture -qDEB_HOST_ARCH)
 DEB_HOST_ARCH_OS := $(shell dpkg-architecture -qDEB_HOST_ARCH_OS)
 
-ifneq (,$(findstring $(DEB_HOST_ARCH),sparc sparc64))
+ifneq (,$(findstring $(DEB_HOST_ARCH),sh3 sparc sparc64))
   DEB_CPPFLAGS_MAINT_APPEND += -DLG_QUANTUM=4
 endif

Bug#860304: flash-kernel: Incorrect installation path for dtbs

2017-05-26 Thread Cyril Brulebois 
Hi,

And thanks for being persistent.

Heinrich Schuchardt  (2017-05-25):
> In
> https://patchwork.ozlabs.org/patch/753871/
> I suggested to change U-Boot environment variable fdtfile to
> meson-gxbb-odroidc2.dtb for the Odroid C2.
> 
> Unfortunately this patch was not accepted.
> 
> So we will need flash-kernel to accommodate U-Boot having
> a directory path in fdtfile. For the Odroid C2 this is:
> fdtfile=amlogic/meson-gxbb-odroidc2.dtb
> 
> Kindly review the patch to flash-kernel I have proposed:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860304#20
> 
> Best regards
> 
> Heinrich Schuchardt

vagrant, any opinion on this topic? Too little flash-kernel knowledge
locally to decide on this.


KiBi.


signature.asc
Description: Digital signature

Bug#854801: Network Manager, Stretch and ipv6

2017-05-26 Thread Cyril Brulebois 
Hi,

Michael Biebl  (2017-05-23):
> Control: severity 854801 serious
> Control: reassign 854801 netcfg
> 
> Hi
> 
> This is https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854801
> 
> Since this issue is now cropping up regularly, I'd say it's something
> which needs to be fixed for stretch, thus marking the bug as RC.
> 
> Regards,
> Michael

This issue is indeed (too) well known, but I need to grow a better
understanding of various IPv6 configurations to get this fixed properly
in stable suites. (I'm making progress on this front but I have a few
busy weeks in front of me before getting back to this.)

In any case, this feels like something that might need to wait until
after r0 (can-defer in release team speak IIRC, cc'd).


KiBi.


signature.asc
Description: Digital signature

Bug#862992: systemd: avoid attempt to re-create /etc/mtab by systemd-tmpfiles-setup.service

2017-05-26 Thread Cyril Brulebois 
Hi,

Michael Biebl  (2017-05-19):
> In jessie we handled this slightly differently [1]. We had a dedicated
> service unit which checked if /etc/mtab was a symlink. So we didn't run
> into the issue there, that the symlink can be absolute or relative and
> point to either /proc/mounts or /proc/self/mounts.
> 
> We chose ../proc/self/mounts in debian.conf since that's also what's
> used by systemd upstream [2], i.e. we are consistent with other distros
> in that aspect.
> 
> Maybe we can change debootstrap to use ../proc/self/mounts or is there a
> good reason why it should point to ../proc/mounts?
> 
> CCed the debootstrap maintainers for their input.

I'm not exactly sure about the situation you describe, d-i does this
through a finish-install script (finish-install.d/70mtab):
| #! /bin/sh
| 
| # some things inside d-i will make an /etc/mtab file, but it shouldn't
| # be there in the installed system. Systemd will be desperately unhappy.
| if [ -f /target/etc/mtab ]; then
| ln -sf /proc/self/mounts /target/etc/mtab
| fi

debootstrap itself does this:
| clear_mtab () {
| if [ -f "$TARGET/etc/mtab" ] && [ ! -h "$TARGET/etc/mtab" ]; then
| rm -f "$TARGET/etc/mtab"
| fi
| }
[ which matches its changelog entry → “On Linux, clear out /etc/mtab on
  exit if it's not a symlink.” ]

and there's no /proc/*mounts in debootstrap's code.


Back to the original bug report:

Just performed a stretch debootststrap from a jessie system (with 1.0.67
version), no /etc/mtab afterwards. Did the same with debootstrap upgraded
to 1.0.90, same story.

Both times, with this command:
  sudo debootstrap stretch /scratch/stretch http://localhost/debian

with /scratch being a tmpfs and localhost being my local, partial mirror.


Maximilian: If you're seeing a /etc/mtab inside a debootstrap'd
environment, you'll have to be more specific about the way you're
generating it.


KiBi.


signature.asc
Description: Digital signature

Bug#863224: acl2: build fails on mips (mips-aql-05)

2017-05-26 Thread Héctor Orón Martínez 
Hello,

2017-05-26 15:41 GMT+02:00 Camm Maguire :
> Thanks!  Are you setting parallel fields in DEB_BUILD_OPTIONS?  If so
> can you try unsetting these temporarily?

This is a global switch, we cannot unset per package, however, you
should be able to disable parallel builds at package build level
(within the build rules).

Regards
-- 
 Héctor Orón  -.. . -... .. .- -.   -.. . ...- . .-.. --- .--. . .-.

Bug#863422: keepassx: Cant change keyboard layout after i accidently try to autotype greek

2017-05-26 Thread Georgios Pediaditis 
Package: keepassx
Version: 2.0.3-1
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
Tried to autotype login and password while im using the greek keyboard 
layout
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
I open my computer. 
I tried to login using autotype to the website https://top.host/
I forgot that at the time i tried the autotype combination i had the 
greek layout
Keepassx enter the password and login with greek characters.
When i realized that i tried to change the layout but it didnt 
change.(using the keyboard shortcat)
It happens everytime i follow the upper sequence
   * What was the outcome of this action?
Couldnt change layout using the keyboard shortcut
   * What outcome did you expect instead?
I expected that the keyboard shortcat for layout would work

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages keepassx depends on:
ii  libc62.24-10
ii  libgcrypt20  1.7.6-1
ii  libqtcore4   4:4.8.7+dfsg-11
ii  libqtgui44:4.8.7+dfsg-11
ii  libstdc++6   6.3.0-18
ii  libx11-6 2:1.6.4-3
ii  libxi6   2:1.7.9-1
ii  libxtst6 2:1.2.3-1
ii  zlib1g   1:1.2.8.dfsg-5

keepassx recommends no packages.

keepassx suggests no packages.

-- no debconf information

Bug#861614: rzip: CVE-2017-8364

2017-05-26 Thread Emilio Pozuelo Monfort 
Control: tags -1 patch

Hi,

On Mon, 01 May 2017 16:14:08 +0200 Salvatore Bonaccorso  
wrote:
> Source: rzip
> Version: 2.1-1
> Severity: grave
> Tags: security upstream
> Justification: user security hole
> 
> Hi,
> 
> the following vulnerability was published for rzip, filled with RC
> severity due to the heap overflow write, but no further investigation
> done so far.
> 
> CVE-2017-8364[0]:
> | The read_buf function in stream.c in rzip 2.1 allows remote attackers
> | to cause a denial of service (heap-based buffer overflow and
> | application crash) or possibly have unspecified other impact via a
> | crafted archive.

openSUSE applied the attached patch, taken from the openSUSE leap 42.2 package 
[1].

Cheers,
Emilio

[1]
http://download.opensuse.org/repositories/openSUSE:/Leap:/42.2:/Update/standard/src/rzip-2.1-151.3.1.src.rpm
Index: rzip-2.1/stream.c
===
--- rzip-2.1.orig/stream.c
+++ rzip-2.1/stream.c
@@ -147,16 +147,16 @@ static int write_u32(int f, u32 v)
 	return 0;
 }
 
-static int read_buf(int f, uchar *p, int len)
+static int read_buf(int f, uchar *p, unsigned int len)
 {
 	int ret;
 	ret = read(f, p, len);
 	if (ret == -1) {
-		err_msg("Read of length %d failed - %s\n", len, strerror(errno));
+		err_msg("Read of length %u failed - %s\n", len, strerror(errno));
 		return -1;
 	}
 	if (ret != len) {
-		err_msg("Partial read!? asked for %d bytes but got %d\n", len, ret);
+		err_msg("Partial read!? asked for %u bytes but got %d\n", len, ret);
 		return -1;
 	}
 	return 0;
@@ -399,7 +399,7 @@ static int fill_buffer(struct stream_inf
 	if (sinfo->s[stream].buf) {
 		free(sinfo->s[stream].buf);
 	}
-	sinfo->s[stream].buf = malloc(u_len);
+	sinfo->s[stream].buf = malloc(c_len > u_len ? c_len : u_len);
 	if (!sinfo->s[stream].buf) {
 		return -1;
 	}

Bug#861112: Debian bug #861112

2017-05-26 Thread Jörg Frings-Fürst 
severity 861112 important
thanks


Hello,

this bugs only effects some installations. So I set the serverity to
important.

CU
Jörg

-- 
New:
GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB  30EE 09F8 9F3C 8CA1 D25D
GPG key (long) : 09F89F3C8CA1D25D
GPG Key: 8CA1D25D
CAcert Key S/N : 0E:D4:56

Old pgp Key: BE581B6E (revoked since 2014-12-31).

Jörg Frings-Fürst
D-54470 Lieser

Threema: SYR8SJXB
Wire: @joergfringsfuerst

IRC: j_...@freenode.net
 j_...@oftc.net

My wish list: 
 - Please send me a picture from the nature at your home.


signature.asc
Description: This is a digitally signed message part

Bug#149452: (no subject)

2017-05-26 Thread Samuel Thibault 
Malte, on ven. 26 mai 2017 15:53:20 +, wrote:
> what would we have to do to make this happen?

as mentioned by Aurelien in his previous mail:

“this has to be done at the upstream level. We don't want to diverge
from upstream in the features and symbols we provide, as it will break
compatibility with other distributions.”

Samuel

Bug#859934: [Pkg-utopia-maintainers] Bug#859934: enable captive portal checking by default

2017-05-26 Thread Michael Biebl 
Am 26.05.2017 um 17:31 schrieb Michael Biebl:
> Unless someone complains loudly, I intend to go ahead using the package
> name network-manager-config-connectivity-debian.
> 
> The package will provide
> /usr/lib/NetworkManager/conf.d/20-connectivity-debian.conf

I pushed
https://anonscm.debian.org/cgit/pkg-utopia/network-manager.git/commit/?h=experimental=292772f681

Feedback welcome. Especially regarding the package description.

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#863416: jackeq: segmentation fault

2017-05-26 Thread James Cowgill 
Control: clone -1 -2
Control: reassign -2 timemachine 0.3.3-2
Control: retitle -2 timemachine: segfaults on startup
Control: clone -1 -3
Control: reassign -3 kluppe 0.6.20-1
Control: retitle -3 kluppe: segfaults when pressing 'new looper'

Hi again,

On 26/05/17 16:42, James Cowgill wrote:
> On 26/05/17 16:30, James Cowgill wrote:
>> On 26/05/17 16:01, Alex Wilk wrote:
>>> Package: jackeq
>>> Version: 0.5.9-2+b2
>>> Severity: normal
>>>
>>> Dear Maintainer!
>>>
>>> ,
>>> | $ jackeq 
>>> | jackEQ 0.5.9
>>> | (c) 2003 - 2009 P. Shirkey
>>> | Featuring the DJEQ ladspa plugin by S. Harris
>>> | With assistance from J. O'Quin on the awesome Jack i/o dropdown menu
>>> | This is free software, and you are welcome to redistribute it
>>> | under certain conditions; see the file COPYING for details.
>>> | Gtk-Message: (for origin information, set GTK_DEBUG): failed to retrieve 
>>> property `gtk-primary-button-warps-slider' of type `gboolean' from rc file 
>>> value "((GString*) 0x55e8dc961840)" of type `gboolean'
>>> | zsh: segmentation fault  jackeq
>>> `
>>
>> Unfortunately I cannot get jackeq to start at all so I'm raising the
>> severity.
>>
>> From a brief look in gdb, it seems that jackeq passes gtk a truncated
>> pointer. I expect this was triggered by the recent PIE rebuild exposing
>> the fact that jackeq is not 64-bit clean.
> 
> So the bug is in src/gtkmeter.c, where gtk_meter_get_type returns an
> unsigned int instead of a pointer. This code looked _very_ familiar
> because the exact same code has already been fixed in jamin! See #848672
> 
> Compare jamin from jessie with jackeq from stretch:
> https://sources.debian.net/src/jamin/0.97.14~cvs~81203-4/src/gtkmeter.c/
> https://sources.debian.net/src/jackeq/0.5.9-2/src/gtkmeter.c/
> 
> Code search:
> https://codesearch.debian.net/search?q=gtk_meter_get_type
> 
> So probably kluppe and timemachine are affected as well.

I've tested both kluppe and timemachine and they both segfault in
exactly the same place.

Kluppe segfaults when pressing "new looper" in the interface. Since this
seems to be a pretty critical feature of kluppe, I've kept the bug at
grave severity.

Timemachine just segfaults on startup like jackeq does.

Note you need a jack server running to reproduce both of these bugs.

Thanks,
James



signature.asc
Description: OpenPGP digital signature

Bug#861695: debian-archive-keyring: Please ship release-specific keys separately outside of /etc/apt/trusted.gpg.d/

2017-05-26 Thread Daniel Kahn Gillmor 
On Thu 2017-05-25 19:35:42 +0100, Adam D. Barratt wrote:
> On Tue, 2017-05-02 at 18:06 -0400, Daniel Kahn Gillmor wrote:
>> On Tue 2017-05-02 21:48:35 +0100, Adam D. Barratt wrote:
>> > It's quite late in the day to be making larger-scale changes to the
>> > package.
>> 
>> agreed, in terms of stretch.
>> 
>> > To clarify, are you suggesting shipping the separated files
>> > in /u/s/keyrings /as well as/ /etc/apt/trusted.gpg.d, or /instead of/
>> > the existing location?
>> 
>> for stretch, i think it'd need to be *as well as*, just because i don't
>> want to break existing usage.
>
> Apologies for taking a little while to get back to you again.
>
> After a little discussion during last night's team meeting, I'm afraid
> that the consensus appears to be that at this stage of the freeze we
> shouldn't be making changes that aren't directly related to updating the
> set of trusted keys.

well, i hope we can work something out for buster.

It's a bummer, because that means that instructions for making a
locked-down system for stretch and instructions for doing the same for
buster will vary more than they'd otherwise need to.

Please let me know how you think we should proceed post-stretch!

Ah well,

   --dkg

Bug#149452: (no subject)

2017-05-26 Thread Malte 
Hi,

what would we have to do to make this happen?

I am also one of the people who would like to use bcrypt with Dovecot.

I think asking people why they would like to do this is very
condescending, but the answer is not so far fetched: We would like
to make use of the user management of a piece of software that stores
the password hashed with bcrypt ¯\_(ツ)_/¯


Sincerely,

Malte


-- 
A322 62A5 D2BE EEF7 0B14 B7D7 67C1 D9EA 0FDC DA39
1BEA 8159 A070 2E53 0152 A59F 0CC5 76E9 703E 1DDC

Bug#557302: not so important

2017-05-26 Thread Geert Stappers 
Control: severity -1 normal

After no updates for more the seven years.

Bug#863416: jackeq: segmentation fault

2017-05-26 Thread James Cowgill 
On 26/05/17 16:30, James Cowgill wrote:
> Control: severity -1 grave
> 
> Hi
> 
> On 26/05/17 16:01, Alex Wilk wrote:
>> Package: jackeq
>> Version: 0.5.9-2+b2
>> Severity: normal
>>
>> Dear Maintainer!
>>
>> ,
>> | $ jackeq 
>> | jackEQ 0.5.9
>> | (c) 2003 - 2009 P. Shirkey
>> | Featuring the DJEQ ladspa plugin by S. Harris
>> | With assistance from J. O'Quin on the awesome Jack i/o dropdown menu
>> | This is free software, and you are welcome to redistribute it
>> | under certain conditions; see the file COPYING for details.
>> | Gtk-Message: (for origin information, set GTK_DEBUG): failed to retrieve 
>> property `gtk-primary-button-warps-slider' of type `gboolean' from rc file 
>> value "((GString*) 0x55e8dc961840)" of type `gboolean'
>> | zsh: segmentation fault  jackeq
>> `
> 
> Unfortunately I cannot get jackeq to start at all so I'm raising the
> severity.
> 
> From a brief look in gdb, it seems that jackeq passes gtk a truncated
> pointer. I expect this was triggered by the recent PIE rebuild exposing
> the fact that jackeq is not 64-bit clean.

So the bug is in src/gtkmeter.c, where gtk_meter_get_type returns an
unsigned int instead of a pointer. This code looked _very_ familiar
because the exact same code has already been fixed in jamin! See #848672

Compare jamin from jessie with jackeq from stretch:
https://sources.debian.net/src/jamin/0.97.14~cvs~81203-4/src/gtkmeter.c/
https://sources.debian.net/src/jackeq/0.5.9-2/src/gtkmeter.c/

Code search:
https://codesearch.debian.net/search?q=gtk_meter_get_type

So probably kluppe and timemachine are affected as well.

*sighs at code duplication*

James



signature.asc
Description: OpenPGP digital signature

Bug#859934: [Pkg-utopia-maintainers] Bug#859934: enable captive portal checking by default

2017-05-26 Thread Michael Biebl 
Hi there


On Mon, 10 Apr 2017 01:07:52 +0200 Michael Biebl  wrote:
> Am 09.04.2017 um 14:47 schrieb Michael Biebl:
> 

> > Fedora named this package NetworkManager-config-connectivity-fedora,
> > shipping /usr/lib/NetworkManager/conf.d/20-connectivity-fedora.conf. The
> > package is installed by default in a F25 workstation desktop.
> > 
> > Afair, Ubuntu had/has similar plans. Jeremy, can you comment on that?
> 
> I remember that I discussed that briefly with Jeremy on IRC. Such a
> separate binary package (even if tiny) seems like an approach to me
> which I'd be fine with.
> 
> I found this after a bit of searching:
> https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/997200
> https://lists.ubuntu.com/archives/ubuntu-devel/2017-February/039696.html
> 
> Next step would be to decide, how we name things, i.e. if we choose
> different names for Ubuntu and Debian, like
> network-manager-config-connectivity-debian and

Unless someone complains loudly, I intend to go ahead using the package
name network-manager-config-connectivity-debian.

The package will provide
/usr/lib/NetworkManager/conf.d/20-connectivity-debian.conf

Enabling the feature is then as simple as installing the package,
disabling it can be achieved by uninstalling it. That's why I don't want
to install the file in /etc/NetworkManager/conf.d, as we then would have
the known issue of conffiles not being removed on "remove".

It is planned that at least the gnome (or gnome-core) meta package will
pull in this package. Other desktop environments which provide captive
portal detection can do the same.
I guess we'll make that a Recommends, so users can uninstall the package
if they so prefer (e.g. due to privacy concerns)


> Mathieu Trudel-Lapierre thought it would be better for users if there
> was a handy toggle switch (likely in gnome-control-center's Privacy
> panel) before this feature was rolled out. At least for Ubuntu
> Desktop, it doesn't really matter then whether the implementation is a
> separate package or if gnome-control-center writes the config to an
> appropriate file itself.
> 
> The tracking bug for that is https://bugzilla.gnome.org/737362

This seems like a nice alternative solution which apparently is kinda
stuck though atm.
So for the time being a separate config package it is.
If we have support in gnome-control-center one day to write out that
config snippet (or NM providing a D-Bus API for setting that), we can
revisit that decision and drop the package again.

Regards,
Michael

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#855125: moc: Segmentation fault

2017-05-26 Thread Bernhard Übelacker 
Hello,
tried to debug it in a VM.


# apt install moc-dbgsym
$ gdb -q --args mocp
Reading symbols from mocp...Reading symbols from 
/usr/lib/debug/.build-id/a2/ee23893fc19ab8924a10916a485b2a9c478e7c.debug...done.
done.
(gdb) set width 0
(gdb) set height 0
(gdb) run
Starting program: /usr/bin/mocp 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1".

Program received signal SIGSEGV, Segmentation fault.
memcmp () at ../sysdeps/aarch64/memcmp.S:60
60  ../sysdeps/aarch64/memcmp.S: Datei oder Verzeichnis nicht gefunden.

(gdb) bt
#0  memcmp () at ../sysdeps/aarch64/memcmp.S:60
#1  0xaaac29b0 in free_popt_clone (opts=0xaabebf20) at main.c:759
#2  0xaaac29ec in free_popt_clone (opts=0xaabebbd0) at main.c:761
#3  0xaaac2d28 in render_popt_command_line () at main.c:894
#4  0xaaabbd68 in log_popt_command_line () at main.c:1168
#5  main (argc=, argv=) at main.c:1224
(gdb) up
#1  0xaaac29b0 in free_popt_clone (opts=0xaabebf20) at main.c:759
759 for (ix = 0; memcmp ([ix], _end, sizeof 
(table_end)); ix += 1) {

(gdb) print opts[0]
$1 = {longName = 0xaaafa340 "debug", shortName = 68 'D', argInfo = 0, arg = 
0x0, val = 1, descrip = 0xaaafa348 "Turn on logging to a file", argDescrip 
= 0x0}
...
(gdb) print opts[11]
$12 = {longName = 0xaaafa5e0 "nosync", shortName = 110 'n', argInfo = 0, 
arg = 0x0, val = 12, descrip = 0xaaafa5e8 "Don't synchronize the playlist 
with other clients", argDescrip = 0x0}
(gdb) print opts[12]
$13 = {longName = 0x0, shortName = 0 '\000', argInfo = 0, arg = 0x0, val = 0, 
descrip = 0x0, argDescrip = 0x0}

(gdb) print table_end
$14 = {longName = 0x0, shortName = 0 '\000', argInfo = 0, arg = 0x0, val = 0, 
descrip = 0x0, argDescrip = 0x0}

(gdb) print sizeof(opts[12])
$15 = 48

(gdb) x/48xb [12]
0xaabec160: 0x000x000x000x000x000x000x000x00
0xaabec168: 0x000x000x000x000x000x000x000x00
0xaabec170: 0x000x000x000x000x000x000x000x00
0xaabec178: 0x000x000x000x000x000x000x000x00
0xaabec180: 0x000x000x000x000x000x000x000x00
0xaabec188: 0x000x000x000x000x000x000x000x00
(gdb) x/48xb _end
0xf1d8: 0x000x000x000x000x000x000x000x00
0xf1e0: 0x000x310xbd0xaa0x000x000x000x00
0xf1e8: 0x000x000x000x000x000x000x000x00
0xf1f0: 0x000x000x000x000xaa0xaa0x000x00
0xf1f8: 0x000x000x000x000x000x000x000x00
0xf200: 0x000x000x000x000x000x000x000x00



This looks to me like padding bytes got initialized in the opts
array, specifically element at index 12.
But in the local variable table_end the padding bytes are not 
initialized to 0.
Therefore the memcmp cannot detect equality and the loop accesses opts
beyond its end.

Attached patch adds a small helper function poptcmp to do
explicit compares to each member of the struct.

With that applied it does not crash on arm64 anymore.


Kind regards,
Bernhard
From 56b8902f7456505563e8e910747b196a41872b85 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernhard=20=C3=83=C2=9Cbelacker?= 
Date: Fri, 26 May 2017 17:13:38 +0200
Subject: Stop iterating beyond the last option element.

https://bugs.debian.org/855125
---
 main.c | 26 --
 1 file changed, 20 insertions(+), 6 deletions(-)

diff --git a/main.c b/main.c
index e0b34ba..8d7afec 100644
--- a/main.c
+++ b/main.c
@@ -682,6 +682,20 @@ static void prepend_mocp_opts (poptContext ctx)
 	}
 }
 
+static int poptcmp (const struct poptOption* a, const struct poptOption* b)
+{
+	int equal = (
+		a->longName == b->longName &&
+		a->shortName == b->shortName &&
+		a->argInfo == b->argInfo &&
+		a->arg == b->arg &&
+		a->val == b->val &&
+		a->descrip == b->descrip &&
+		a->argDescrip == b->argDescrip);
+
+	return !equal;
+}
+
 /* Return a copy of the POPT option table structure which is suitable
  * for rendering the POPT expansions of the command line. */
 #ifndef OPENWRT
@@ -696,7 +710,7 @@ struct poptOption *clone_popt_options (struct poptOption *opts)
 	assert (opts);
 
 	for (count = 1;
-	 memcmp ([count - 1], [2], sizeof (struct poptOption));
+	 poptcmp ([count - 1], [2]);
 	 count += 1);
 
 	result = xcalloc (count, sizeof (struct poptOption));
@@ -705,15 +719,15 @@ struct poptOption *clone_popt_options (struct poptOption *opts)
 		if (opts[ix].argInfo == POPT_ARG_CALLBACK)
 			continue;
 
-		if (!memcmp ([ix], [0], sizeof (struct poptOption)))
+		if (!poptcmp ([ix], [0]))
 			continue;
 
-		if (!memcmp ([ix], [1], sizeof (struct poptOption)))
+		if (!poptcmp ([ix], [1]))
 			continue;
 
 		memcpy ([iy], [ix], sizeof (struct

Bug#863416: jackeq: segmentation fault

2017-05-26 Thread James Cowgill 
Control: severity -1 grave

Hi

On 26/05/17 16:01, Alex Wilk wrote:
> Package: jackeq
> Version: 0.5.9-2+b2
> Severity: normal
> 
> Dear Maintainer!
> 
> ,
> | $ jackeq 
> | jackEQ 0.5.9
> | (c) 2003 - 2009 P. Shirkey
> | Featuring the DJEQ ladspa plugin by S. Harris
> | With assistance from J. O'Quin on the awesome Jack i/o dropdown menu
> | This is free software, and you are welcome to redistribute it
> | under certain conditions; see the file COPYING for details.
> | Gtk-Message: (for origin information, set GTK_DEBUG): failed to retrieve 
> property `gtk-primary-button-warps-slider' of type `gboolean' from rc file 
> value "((GString*) 0x55e8dc961840)" of type `gboolean'
> | zsh: segmentation fault  jackeq
> `

Unfortunately I cannot get jackeq to start at all so I'm raising the
severity.

From a brief look in gdb, it seems that jackeq passes gtk a truncated
pointer. I expect this was triggered by the recent PIE rebuild exposing
the fact that jackeq is not 64-bit clean.

Thanks for the report!
James



signature.asc
Description: OpenPGP digital signature

Bug#863418: RFS: opencryptoki/3.7.0+dfsg-1

2017-05-26 Thread Paulo Ricardo Paz Vital 
Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "opencryptoki"

Package name : opencryptoki
Version : 3.7.0+dfsg-1
Upstream Author : none
URL : http://opencryptoki.sourceforge.net/
License : CPL
Section : admin

It builds those binary packages:

libopencryptoki-dev - PKCS#11 implementation (development)
libopencryptoki0 - PKCS#11 implementation (library)
opencryptoki - PKCS#11 implementation (daemon)

To access further information about this package, please visit the
following URL:

https://mentors.debian.net/package/opencryptoki

Alternatively, one can download the package with dget using this command:

dget -x
https://mentors.debian.net/debian/pool/main/o/opencryptoki/opencryptoki_3.7.0+dfsg-1.dsc

Changes since the last upload:

opencryptoki (3.7.0+dfsg-1) experimental; urgency=medium

* New upstream release.
* Updated debian/watch and script to get releases from git repository.
* Removed pacthes already applied upstream.

 Regards,
 Paulo Vital

-- 
Paulo Vital

Bug#863419: evince: selecting text and trying to drag it causes crash

2017-05-26 Thread Sotiris Kouvopoulos 
Package: evince
Version: 3.14.1-2+deb8u1
Severity: normal

Dear Maintainer,

When I select some text, for example a simple word and try to drag the
selection (hold left mouse button and move mouse) the application crashes
immediately.

This is the output when evince is started from terminal:
(evince:7977): Gdk-ERROR **: The program 'evince' received an X Window
System error.
This probably reflects a bug in the program.
The error was 'BadWindow (invalid Window parameter)'.
  (Details: serial 3201 error_code 3 request_code 141 (Composite)
minor_code 8)
  (Note to programmers: normally, X errors are reported asynchronously;
   that is, you will receive the error a while after causing it.
   To debug your program, run it with the GDK_SYNCHRONIZE environment
   variable to change this behavior. You can then get a meaningful
   backtrace from your debugger if you break on the gdk_x_error() function.)
Trace/breakpoint trap


-- System Information:
Debian Release: 8.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages evince depends on:
ii  evince-common  3.14.1-2+deb8u1
ii  gnome-icon-theme-symbolic  3.12.0-1
ii  libatk1.0-02.14.0-1
ii  libc6  2.19-18+deb8u9
ii  libcairo-gobject2  1.14.0-2.1+deb8u2
ii  libcairo2  1.14.0-2.1+deb8u2
ii  libevdocument3-4   3.14.1-2+deb8u1
ii  libevview3-3   3.14.1-2+deb8u1
ii  libgdk-pixbuf2.0-0 2.31.1-2+deb8u5
ii  libglib2.0-0   2.42.1-1+b1
ii  libgtk-3-0 3.14.5-1+deb8u1
ii  libnautilus-extension1a3.14.1-2
ii  libpango-1.0-0 1.36.8-3
ii  libpangocairo-1.0-01.36.8-3
ii  libsecret-1-0  0.18-1+b1
ii  libxml22.9.1+dfsg1-5+deb8u4
ii  shared-mime-info   1.3-1
ii  zlib1g 1:1.2.8.dfsg-2+b1

Versions of packages evince recommends:
ii  dbus-x11  1.8.22-0+deb8u1
ii  gvfs  1.22.2-1

Versions of packages evince suggests:
pn  nautilus  
ii  poppler-data  0.4.7-1
ii  unrar 1:5.2.7-0.1

-- no debconf information



--
Sotiris Kouvopoulos---
Architect-
Ydras 6A, Athens--
cadu.gr---
tel: +302108839103
mob: +306976860989

Bug#861282: packer: FTBFS

2017-05-26 Thread JD Friedrikson 

> 
> Thanks for your verifacation under qemu.
> So I'm going to release, as the autoremoval dealline is drawing very 
> near..
> 
> If you meet other issues, please report again.
> 
> Cheers,
> --
> Roger Shimizu, GMT +9 Tokyo
> PGP/GPG: 4096R/6C6ACD6417B3ACB1
> 

Hi Roger,

Thanks so much for your help! I can confirm that the patches work with 
Virtualbox too.

Cheers,
JD

Bug#863417: plasma-framework: Desktop icons are shown distorted; Upstream-patch available (meanwhile)

2017-05-26 Thread Gerhard A. Dittes 
Package: plasma-framework
Version: 5.28.0-2
Severity: normal
Tags: patch upstream

Dear Maintainer,

plasma-framework version 5.28, which is currently in Debian testing,
contains a bug, which leads to distorted/stretched icons on the Desktop
(or within the folderview widget).

This bug is very annoying as Desktop icons are sth. you always get in
touch with.

Fortunately, this issue is known by the upstream-developers and has
been fixed short time after releasing version 5.28, see:

https://bugs.kde.org/show_bug.cgi?id=355592

The provided patch is clear and applies without any conflicts (to
Debian's codebase):

https://commits.kde.org/plasma-framework/d46a91ea57f19e33e6f3a08ec86084b7e11a8e1a

I am using Debian testing (/stretch).

Please consider to integrate the patch (in one of the) upcoming Debian
revision(s).

(I also attached a "quilt patch" in case that it could be useful...)

Thanks a lot and regards, Gerhard


-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages plasma-framework depends on:
ii  kio  5.28.0-2
ii  kpackagetool55.28.1-1
ii  libc62.24-10
ii  libegl1-mesa [libegl1-x11]   13.0.6-1+b2
ii  libgl1-mesa-glx [libgl1] 13.0.6-1+b2
ii  libkf5activities55.28.0-1
ii  libkf5calendarevents55.28.0-1
ii  libkf5configcore55.28.0-2
ii  libkf5configgui5 5.28.0-2
ii  libkf5coreaddons55.28.0-2
ii  libkf5declarative5   5.28.0-1
ii  libkf5i18n5  5.28.0-2
ii  libkf5iconthemes55.28.0-2
ii  libkf5kiocore5   5.28.0-2
ii  libkf5notifications5 5.28.0-1
ii  libkf5package5   5.28.1-1
ii  libkf5plasma55.28.0-2
ii  libkf5plasmaquick5   5.28.0-2
ii  libkf5quickaddons5   5.28.0-1
ii  libkf5service-bin5.28.0-1
ii  libkf5service5   5.28.0-1
ii  libkf5windowsystem5  5.28.0-2
ii  libkf5xmlgui55.28.0-1
ii  libqt5core5a 5.7.1+dfsg-3+b1
ii  libqt5gui5   5.7.1+dfsg-3+b1
ii  libqt5qml5   5.7.1-2+b2
ii  libqt5quick5 5.7.1-2+b2
ii  libqt5widgets5   5.7.1+dfsg-3+b1
ii  libqt5x11extras5 5.7.1~20161021-2
ii  libstdc++6   6.3.0-18
ii  libx11-6 2:1.6.4-3
ii  libxcb-composite01.12-1
ii  libxcb-damage0   1.12-1
ii  libxcb1  1.12-1
ii  qml-module-org-kde-kquickcontrols5.28.0-1
ii  qml-module-org-kde-kquickcontrolsaddons  5.28.0-1
ii  qml-module-qtquick-controls  5.7.1~20161021-2

plasma-framework recommends no packages.

plasma-framework suggests no packages.

-- no debconf information
>From abcdc21037033f3b09ab45e2ccd0ae2b277074c3 Mon Sep 17 00:00:00 2001
From: "Gerhard A. Dittes" 
Date: Fri, 26 May 2017 16:36:16 +0200
Subject: [PATCH] Add patch "[Icon Item] Support non-square icons".

The fix is picked from upstream (w/o changes), see:
https://bugs.kde.org/show_bug.cgi?id=355592
---
 .../Icon-Item-Support-non-square-icons.patch   | 166 +
 debian/patches/series  |   1 +
 2 files changed, 167 insertions(+)
 create mode 100644 debian/patches/Icon-Item-Support-non-square-icons.patch

diff --git a/debian/patches/Icon-Item-Support-non-square-icons.patch 
b/debian/patches/Icon-Item-Support-non-square-icons.patch
new file mode 100644
index 000..1a8e754
--- /dev/null
+++ b/debian/patches/Icon-Item-Support-non-square-icons.patch
@@ -0,0 +1,166 @@
+Description: Pick "[Icon Item] Support non-square icons" (d46a91e).
+
+This fixes KDE#355592.
+
+--- plasma-framework-5.28.0.orig/autotests/iconitemtest.cpp
 plasma-framework-5.28.0/autotests/iconitemtest.cpp
+@@ -441,5 +441,44 @@ void IconItemTest::windowChanged()
+ QCOMPARE(grabImage(item), img);
+ }
+ 
++void IconItemTest::paintedSize()
++{
++QQuickItem *item = createIconItem();
++
++QCOMPARE(item->property("paintedWidth").toInt(), 
item->property("implicitWidth").toInt());
++QCOMPARE(item->property("paintedHeight").toInt(), 
item->property("implicitHeight").toInt());
++
++item->setWidth(40);
++item->setHeight(40);
++
++

Bug#861282: packer: FTBFS

2017-05-26 Thread JD Friedrikson 
> 
> Thanks for your verifacation under qemu.
> So I'm going to release, as the autoremoval dealline is drawing very 
> near..
> 
> If you meet other issues, please report again.
> 
> Cheers,
> --
> Roger Shimizu, GMT +9 Tokyo
> PGP/GPG: 4096R/6C6ACD6417B3ACB1
> 

Hi Roger,

Thanks so much for your help! I can confirm that the patches work with 
Virtualbox too.

Cheers,
JD

Bug#863415: ITP: r-bioc-delayedarray -- BioConductor delayed operations on array-like objects

2017-05-26 Thread Graham Inggs 
Package: wnpp
Severity: wishlist
Owner: Graham Inggs 
X-Debbugs-CC: debian-med-packag...@lists.alioth.debian.org,
debian-de...@lists.debian.org


* Package name: r-bioc-delayedarray
  Version : 0.2.4
  Upstream Author : Hervé Pagès 
* URL : https://bioconductor.org/packages/DelayedArray/
* License : Artistic-2.0
  Programming Lang: R
  Description : BioConductor delayed operations on array-like objects
 Wrapping an array-like object (typically an on-disk object) in
 a DelayedArray object allows one to perform common array operations
 on it without loading the object in memory. In order to reduce memory
 usage and optimize performance, operations on the object are either
 delayed or executed using a block processing mechanism. Note that this
 also works on in-memory array-like objects like DataFrame objects
 (typically with Rle columns), Matrix objects, and ordinary arrays and
 data frames.

r-bioc-delayedarray is a pre-requisite for r-bioc-summarizedexperiment 1.6.1

This package will be maintained by Debian Med team at:

  
svn://anonscm.debian.org/debian-med/trunk/packages/R/r-bioc-delayedarray/trunk/

  1   2   >