Bug#839985: bluetooth: cannot receive files from android 5.1.1 / no obvious idea how to send

[Darshaka Pathirana]

On Sat, 8 Oct 2016 02:26:46 +1100 Fulano Diego Perez 
 wrote:
> 
> this is logs when trying to receive file:
> 
> Oct 08 02:23:23 local obexd[26073]: CONNECT(0x0), (null)(0x)
> Oct 08 02:23:23 local obexd[26073]: CONNECT(0x0), (null)(0x0)
> Oct 08 02:23:23 local obexd[26073]: PUT(0x2), (null)(0x)
> Oct 08 02:23:23 local obexd[26073]: PUT(0x2), FORBIDDEN(0x43)
> Oct 08 02:23:23 local obexd[26073]: DISCONNECT(0x1), (null)(0x)
> Oct 08 02:23:23 local obexd[26073]: DISCONNECT(0x1), SUCCESS(0x20)
> Oct 08 02:23:23 local obexd[26073]: disconnected: Transport got disconnected
> Oct 08 02:23:23 local bluetoothd[23051]: Unable to get io data for
> Object Push: getpeername: Transport endpoint is not connected (107)
> 
> eventually i could send to the phone - i had to change phone settings

I get the same log output too. After trying a multiple things the solution
seems to be that the mobile phone needs to be paired first.

Can you confirm that?

JFTR: I am (still) running Debian/Jessie with blueman from jessie-backports:

-- System Information:
Debian Release: 8.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable'), (99, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

ii  blueman  2.0.4-1~bpo8+1
ii  bluetooth5.23-2
ii  bluez5.23-2+b1
ii  bluez-obexd  5.23-2+b1
ii  cinnamon [notification-daemon]   3.2.7+betsy
ii  dbus 1.8.20-0+deb8u1
ii  dconf-gsettings-backend [gsettings-backend]  0.22.0-1
ii  gir1.2-appindicator3-0.1 0.4.92-3.1
ii  gir1.2-gdkpixbuf-2.0 2.31.1-2+deb8u5
ii  gir1.2-glib-2.0  1.42.0-2.2
ii  gir1.2-gtk-3.0   3.14.5+4
ii  gir1.2-notify-0.70.7.6-2
ii  gir1.2-pango-1.0 1.36.8-3
ii  gnome-icon-theme 3.12.0-1
ii  libbluetooth35.23-2+b1
ii  libc62.19-18+deb8u9
ii  libglib2.0-0 2.42.1-1+b1
ii  libpulse-mainloop-glib0  5.0-13
ii  libpython3.4 3.4.2-1
ii  librsvg2-common  2.40.5-1+deb8u2
ii  python3  3.4.2-2
ii  python3-cairo1.10.0+dfsg-4+b1
ii  python3-dbus 1.2.0-2+b3
ii  python3-gi   3.14.0-1
ii  python3-gi-cairo 3.14.0-1

Versions of packages blueman recommends:
ii  policykit-1  0.105-15~deb8u2

Regards,
 - Darsha



signature.asc
Description: OpenPGP digital signature

Bug#862491: Fw: [Pkg-amule-devel] Bug#862491: amule backtrace error when applying ip-filtering Filter servers URL

[Michael Kahle]

 
- Forwarded Message -
 From: Michael Kahle 
 To: Sandro Tosi  
 Sent: Wednesday, May 31, 2017 5:46 AM
 Subject: Re: [Pkg-amule-devel] Bug#862491: amule backtrace error when applying 
ip-filtering Filter servers URL
   
Hi Sandro,
I think this is what you asked for.
RegardsMichael


  From: Sandro Tosi 
 To: Michael.K ; 862...@bugs.debian.org 
 Sent: Monday, May 29, 2017 12:28 AM
 Subject: Re: [Pkg-amule-devel] Bug#862491: amule backtrace error when applying 
ip-filtering Filter servers URL
  
control: tags -1 +moreinfo

On Sat, May 13, 2017 at 11:21 AM, Michael.K  wrote:
>
>    * What exactly did you do (or not do) that was effective (or
>      ineffective)?
>
> Under section Options/Security. ip-filtering Filter servers, the following URL
> was applied.
> 1. http://list.iblocklist.com/?list=bt_level1=p2p=gz
> 2. Auto-update ipfilter at startup was deselected.
> 3. Press "Update now" button next to filter server URL
>
>    * What was the outcome of this action?
>
> There appears to be a download progress before the following error window pops
> up.
>
> backtrace-error
> ASSERT INFO:
> ../src/unix/sockunix.cpp(143): assert "m_fd != INVALID_SOCKET" failed in
> OnReadWaiting(): invalid socket ready for reading?
> BACKTRACE:
> (null)

can you please install amule-gdb, run amule via gdb and when it
crashes run "bt ; bt full ; thread apply all bt" in gdb and report
back here the backtrace?

Regards,

-- 
Sandro "morph" Tosi
My website: http://sandrotosi.me/
Me at Debian: http://wiki.debian.org/SandroTosi
G+: https://plus.google.com/u/0/+SandroTosi


   

   GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from amule...(no debugging symbols found)...done.
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
(gdb) run
Starting program: /usr/bin/amule 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffead60700 (LWP 1189)]
[New Thread 0x7fffea55f700 (LWP 1190)]
[New Thread 0x7fffe9d5e700 (LWP 1191)]
[New Thread 0x7fffe955d700 (LWP 1192)]
[New Thread 0x7fffe8d5c700 (LWP 1193)]
[New Thread 0x7fffdbfff700 (LWP 1194)]
[Thread 0x7fffdbfff700 (LWP 1194) exited]
[New Thread 0x7fffdbfff700 (LWP 1195)]
[Thread 0x7fffdbfff700 (LWP 1195) exited]
[New Thread 0x7fffdb7fe700 (LWP 1196)]
[New Thread 0x7fffdaffd700 (LWP 1198)]
[Thread 0x7fffdaffd700 (LWP 1198) exited]
[New Thread 0x7fffdaffd700 (LWP 1201)]
[Thread 0x7fffdaffd700 (LWP 1201) exited]
[New Thread 0x7fffd9d63700 (LWP 1204)]
[New Thread 0x7fffd9562700 (LWP 1205)]

Thread 1 "amule" received signal SIGTRAP, Trace/breakpoint trap.
raise (sig=5) at ../sysdeps/unix/sysv/linux/raise.c:51
(gdb) bt
#0  raise (sig=5) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x761ed6bd in wxGUIAppTraits::ShowAssertDialog(wxString const&) () 
from /usr/lib/x86_64-linux-gnu/libwx_gtk2u_core-3.0.so.0
#2  0x758ce2d2 in ?? () from 
/usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0
#3  0x758d1b9d in wxAppConsoleBase::OnAssertFailure(wchar_t const*, 
int, wchar_t const*, wchar_t const*, wchar_t const*) ()
   from /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0
#4  0x761ac0d0 in wxApp::OnAssertFailure(wchar_t const*, int, wchar_t 
const*, wchar_t const*, wchar_t const*) ()
   from /usr/lib/x86_64-linux-gnu/libwx_gtk2u_core-3.0.so.0
#5  0x556f6f9e in ?? ()
#6  0x758d2242 in ?? () from 
/usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0
#7  0x758cc23a in wxOnAssert(char const*, int, char const*, char 
const*, char const*) ()
   from /usr/lib/x86_64-linux-gnu/libwx_baseu-3.0.so.0
#8  0x75d3b4e6 in ?? () from 
/usr/lib/x86_64-linux-gnu/libwx_baseu_net-3.0.so.0
#9  0x761cf758 in ?? () from 
/usr/lib/x86_64-linux-gnu/libwx_gtk2u_core-3.0.so.0
#10 0x7355f6aa in g_main_context_dispatch () from 
/lib/x86_64-linux-gnu/libglib-2.0.so.0
#11 0x7355fa60 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#12 0x7355fd82 in 

Bug#864016: [Pkg-dns-devel] Bug#864016: dns-root-data: Upgrade breaks dnsmasq

[Robert Edmonds]

Robert Luberda wrote:
> Upgraded dns-root-data should declare "Breaks: dnsmasq (<< 2.77-1~)",
> see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863896#15

A "Breaks" doesn't really make sense here. There are only cosmetic
differences between the root.ds file format generated by previous
versions of dns-root-data and the current version in testing/unstable.
If we're going to make another dns-root-data upload for stretch we
should just switch the format to something that dnsmasq in testing can
understand.

Something like this in root.ds would support both the ad hoc sed parsers
in dnsmasq 2.76-5 (testing) and dnsmasq 2.77-1:

. IN DS 19036 8 2 
49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
. IN DS 20326 8 2 
e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d

The attached patch implements this format.

(BTW, I'm not sure what's going on with the just-uploaded sed parser in
dnsmasq 2.77-2. It generates the message "sed: -e expression #1, char
103: Invalid range end" when I try to run it.)

-- 
Robert Edmonds
edmo...@debian.org
>From bf353876ab64a7c3afe9c72ea8019d6df89bbf42 Mon Sep 17 00:00:00 2001
From: Robert Edmonds 
Date: Tue, 6 Jun 2017 00:55:19 -0400
Subject: [PATCH] Change DS creation to omit TTL and use spaces instead of tabs
 (Closes: #864016)

The version of dnsmasq in testing (currently 2.76-5) and which will
apparently be released with stretch uses the following sed parser to
convert the root.ds file in dns-root-data to command-line arguments for
dnsmasq:

sed -e s/". IN DS "/--trust-anchor=.,/ -e s/" "/,/g $ROOT_DS

This chokes on the root.ds file shipped in the dns-root-data 2017041101
package. (See #858506 and #860064.) Consequently dnsmasq 2.77-1 shipped
the following parser:

sed -e s/"^.*DS[\t ]"/--trust-anchor=.,/ -e s/" "/,/g $ROOT_DS

This commit relaxes the format of the root.ds file so that it can be
parsed by the init script in both dnsmasq 2.76-5 and dnsmasq 2.77-1, by
removing the TTL field (which doesn't make much sense for a trust anchor
anyway) and converting the tab characters to spaces. This results in the
following root.ds content:

. IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
. IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d

Both the dnsmasq 2.76-5 and 2.77-1 parsers convert the above root.ds
content to the following dnsmasq command-line arguments:

--trust-anchor=.,19036,8,2,49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
--trust-anchor=.,20326,8,2,e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d

For comparison, previous versions of dns-root-data (before we started
shipping the second trust anchor for the KSK rollover) formatted the
root.ds file like this:

. IN DS 19036 8 2 49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5

This commit also adds a workaround in debian/rules to munge the output
of ldns-key2ds so that the diff comparison will succeed.
---
 debian/rules  | 2 +-
 parse-root-anchors.sh | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/debian/rules b/debian/rules
index 16893f5..b697fc0 100755
--- a/debian/rules
+++ b/debian/rules
@@ -18,7 +18,7 @@ override_dh_auto_build:
 	./parse-root-anchors.sh < root-anchors.xml > root-anchors.ds
 
 	# Create key from downloaded root.key
-	/usr/bin/ldns-key2ds -n -2 root.key > root.ds
+	/usr/bin/ldns-key2ds -n -2 root.key | sed -e 's/\t/ /g' -e 's/ 172800//' > root.ds
 
 	# Compare the DS from root.key and from root-anchors.xml
 	diff root-anchors.ds root.ds
diff --git a/parse-root-anchors.sh b/parse-root-anchors.sh
index 3f96d69..4281534 100755
--- a/parse-root-anchors.sh
+++ b/parse-root-anchors.sh
@@ -2,8 +2,6 @@
 
 unset ZONE KTAG ALGO DTYPE DIGEST
 
-TTL=172800
-
 export IFS="="
 xml2 | while read -r KEY VAL; do
 case "$KEY" in
@@ -17,7 +15,7 @@ xml2 | while read -r KEY VAL; do
 		echo "Missing some KeyDigest parameter"
 		exit 1
 	fi
-	printf "%s\t%s\tIN\tDS\t%s %s %s %s\n" "$ZONE" "$TTL" "$KTAG" "$ALGO" "$DTYPE" "$DIGEST"
+	printf "%s IN DS %s %s %s %s\n" "$ZONE" "$KTAG" "$ALGO" "$DTYPE" "$DIGEST"
 	unset KTAG ALGO DTYPE DIGEST
 	;;
 esac
-- 
2.11.0

Bug#846548: marked as pending

[Eric Dorland]

OK, apologies for the delay (and I know we're getting down to the
wire). I just uploaded libp11-openssl1.1 to experimental and of course
it's in NEW. If this looks ok let me know what the next steps are if
we want to try to get it into stretch.

* Julien Cristau (jcris...@debian.org) wrote:
> On 05/30/2017 07:16 AM, Eric Dorland wrote:
> > * Julien Cristau (jcris...@debian.org) wrote:
> >> On 05/29/2017 03:15 AM, Eric Dorland wrote:
> >>> * Julien Cristau (jcris...@debian.org) wrote:
>  On Mon, May 22, 2017 at 03:42:57 +, Eric Dorland wrote:
> 
> > tag 846548 pending
> > thanks
> >
> > Hello,
> >
> > Bug #846548 reported by you has been fixed in the Git repository. You 
> > can
> > see the changelog below, and you can check the diff of the fix at:
> >
> > 
> > https://anonscm.debian.org/cgit/pkg-opensc/libp11.git/commit/?id=e8d6da0
> >
>  So, erm.  This seems like it would break using libengine-pkcs11-openssl
>  in an application using libssl1.0.2.  As a SONAME bump it also seems
>  rather inappropriate during the freeze.
> >>>
> >>> That's a good point. I was trying to provide an alternative to the
> >>> broken NMU that was going to be uploaded, but yes this will break
> >>> applications built against libssl1.0.2. It does fix using this with
> >>> the openssl tool however.
> >>>
> >> Right.
> >>
>  I'm very interested in having this fixed in stretch so I can get the
>  secure-boot stuff working on ftp-master, but this doesn't look like the
>  way to go.  Not to mention that you'd have to justify the bump from
>  0.4.3 to 0.4.4.
> 
>  Can you explain your plans here?
> >>>
> >>> As you suggested in your followup, the way forward would appear to be
> >>> to upload a new libp11 source package that builds against
> >>> libssl1.0.2. I can also backport all of the changes to 0.4.3 and
> >>> upload to testing-proposed-updates. Does that sound reasonable?
> >>>
> >> Having read through the 0.4.4 changes I think I'd be ok with getting
> >> that in if you're confident.  I guess the other question is should
> >> libp11-dev come from the openssl1.1-using package or the
> >> openssl1.0.2-using one.  At this late stage I guess it's safer to stay
> >> with 1.0.2, and have the libp11-openssl1.1 package (or however it's
> >> called) only provide a libengine-pkcs11-openssl1.1 binary?
> > 
> > OK, I like this plan. We should get the naming right going forward
> > though for the libengine-pkcs11-openssl1.1 package. Is that how other
> > packages are handling naming when they depend on a particular version
> > of openssl?
> > 
> I'm not sure, to be honest.  I don't know if there are any other similar
> cases right now.  This package name wouldn't survive stretch in any
> case, I guess?
> 
> > I should be able to get fixed uploads to unstable in a couple of days.
> > 
> Nice.  Thanks.
> 
> Cheers,
> Julien

-- 
Eric Dorland 
43CF 1228 F726 FD5B 474C  E962 C256 FBD5 0022 1E93


signature.asc
Description: PGP signature

Bug#864272: This bug on ubuntuusers forum

[Max Kubierschky]

There is a discussion on this bug at
https://forum.ubuntuusers.de/topic/lubuntu-cups-auf-englisch/#post-8045288

Bug#864241: RFS: pnmixer/0.7.2-1 -- Simple mixer application for system tray

[Paul Wise]

On Mon, Jun 5, 2017 at 11:35 PM, Arnaud wrote:

> mentors.debian.net says there's a problem. I'm not sure what's wrong.

Probably due to the old version of uscan it uses.

> The package is now built with `gbp` from a git tag. I guess it fixes the 
> problem.

Please verify that is the case.

> I have no idea where are the source images, when I jumped in PNMixer 
> development there was only the PNG files, and I don't think the XCF files 
> will ever be found.

That is a shame, you might want to mention in the README that the XCF
files were lost so now any modifications will be to the PNG files.

>> Instead of g_spawn_command_line_async() you should use g_spawn_async().
>
> Sorry, disagreeing on this one, g_spawn_command_line_async() is definitely 
> what I want to use, it's the right tool for the job.

Looking more closely it seems I was wrong and the
g_spawn_command_line*() functions are actually safe. I had assumed
they would run the command-line by using the shell, which could mean
shell metacharacter injection attacks.

> And if the implementation is bad and uses too many pid, no worries.

I think you may have misunderstood the point of my blog post, it is
more about shell metacharacter injection attacks.

> Fixed a few things, but there's way too much stuff there, I didn't take time 
> to look through everything. For the next release :)

Please consider running lintian/check-all-the-things/etc as often as
you can (such as before each release or before every commit) and
chipping away at the issues when you have time.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Bug#862915: squid: please drop required dependency on logrotate

[Amos Jeffries]

FYI: The cache.log, store log, and HDD swap.state journals produced by 
Squid are system-specific and not able to be sent to any remote logging 
systems. Logrotate is still the best system in Debian (as far as I am 
aware anyhow) to manage those log files needs.



Where and how the access.log records are delivered is purely optional 
and syslog systems can be used there at administrator discretion.  
syslog use is more impacted by several other major issues:


Firstly; syslog timestamping does not represent sub-millisecond and 
ranged time durations as required by a proxy to display a transaction. 
This causes a requirement to duplicate the timestamp information in each 
log entry (syslog time and squid time).



Secondly; The latency delays in syslog delivery and recording over the 
network in turn often results in the "duplicate" timestamps to display 
conflicting information. While a second or two may seem small, when one 
second can contain upwards of a 20,000 transactions with order-dependent 
behaviours this discrepancy can be a major issue in detecting traffic 
problems.



Thirdly; syslog being a networked delivery mechanism over UDP is prone 
to loss of log information at the most critical high-load periods where 
it is most vital to retain.



On high performance systems, the traffic accounting and records are 
maintained through a local logging daemon or pipe, which may deliver to 
a billing system with neither local file nor syslog involvement.


Overall syslog may be favoured by some admin but for Squid it is among 
the worst of the available logging mechanims. So I do not think it is 
something we want to be encouraging for use with the Squid package.



Amos

Bug#864272: firefox-esr: Login to cups server does not work with umlaut in the password

[Max Kubierschky]

Source: firefox-esr
Severity: normal
Tags: upstream

Dear Maintainer,

I cannot login to the cups server with firefox, when the password contains 
umlauts

reproducing the bug:

* Use german installation of debian 8
* Install firefox-esr and cups
* Add user cupsys, choose password with umlaut
* Point firefox to http://localhost:631/admin
* Try to add printer (or any other admin option)
* Cups will ask for authentication. Try to log in as cupsys
* Cups will not accept the password

Yours,
Max

-- System Information:
Debian Release: 8.8
  APT prefers stable
  APT policy: (900, 'stable'), (100, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#864271: RFS: protobuf/3.3.1-0.1 [NMU]

[Lumin]

Package: sponsorship-requests
Severity: normal
Tags: morinfo
X-Debbugs-CC: pkg-protobuf-de...@lists.alioth.debian.org

Clarification-moreinfo:
  this tag is for protbuf maintainers to approve this NMU.

  Dear mentors,

  I am looking for a sponsor for my package "protobuf"

 * Package name: protobuf
   Version : 3.3.1-0.1
   Upstream Author : [fill in name and email of upstream]
 * URL : [fill in URL of upstreams web site]
 * License : [fill in]
   Section : devel

  It builds those binary packages:

libprotobuf-dev - protocol buffers C++ library (development files)
 libprotobuf-java - Java bindings for protocol buffers
 libprotobuf-lite13 - protocol buffers C++ library (lite version)
 libprotobuf13 - protocol buffers C++ library
 libprotoc-dev - protocol buffers compiler library (development files)
 libprotoc13 - protocol buffers compiler library
 protobuf-compiler - compiler for protocol buffer definition files
 python-protobuf - Python bindings for protocol buffers
 python3-protobuf - Python 3 bindings for protocol buffers

  To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/protobuf

  Alternatively, one can download the package with dget using this command:

dget -x 
http://debomatic-amd64.debian.net/debomatic/experimental/pool/protobuf_3.3.1-0.1/protobuf_3.3.1-0.1.dsc

  More information about hello can be obtained from

http://debomatic-amd64.debian.net/distribution#experimental/protobuf/3.3.1-0.1/buildlog

  Changes since the last upload:

protobuf (3.3.1-0.1) experimental; urgency=medium

  * Non-maintainer upload.
  * New upstream release.
  * Replace Build-Deps google-mock and libgtest-dev with googletest.
Both google-mock and libgtest-dev are stub packages now.
+ Update gmock and gtest source path in rules.
  * Remove patches included in upstream code:
- Restore-New-Callback-into-google-protobuf-namespace.patch
- expect_death.patch
- java-test-scope.patch
- python3_long_fix.patch
- misleading-indentation.patch (Not merged but the bug is fixed)
  * Refresh remaining patches.
  * Bump ABI version to 13, renaming lib packages.

The package at mentors is not the latest, please use the debomatic dsc link.
The whole patchset for packaging update is attached.


3.0.0-9_to_3.3.1-0.1_patches.tar.gz
Description: GNU Zip compressed data

Bug#864246: os-probe: Also skip over bcache partitions.

[Mike Mestnik]

This patch also adds bcache to list of partitions types to skip.

Note that linux-boot-probes/common/50mounted-tests is missing
LVM2_member from said list.
From 6439f5a40bd4e610a462292c646098eeb4d5bcb1 Mon Sep 17 00:00:00 2001
From: Michael Mestnik 
Date: Mon, 5 Jun 2017 11:52:17 -0500
Subject: [PATCH] Add in bcache devices

---
 linux-boot-probes/common/50mounted-tests |  3 +++
 os-prober| 10 ++
 os-probes/common/50mounted-tests |  3 +++
 3 files changed, 16 insertions(+)

diff --git a/linux-boot-probes/common/50mounted-tests b/linux-boot-probes/common/50mounted-tests
index ad68874..937553a 100755
--- a/linux-boot-probes/common/50mounted-tests
+++ b/linux-boot-probes/common/50mounted-tests
@@ -25,6 +25,9 @@ elif [ "$types" = swap ]; then
 elif [ "$types" = crypto_LUKS ]; then
 	debug "$1 is a LUKS partition; skipping"
 	exit 0
+elif [ "$types" = bcache ]; then
+	debug "$1 is an bcache partition; skipping"
+	exit 0
 elif [ "$types" = ntfs ]; then
 	if type ntfs-3g >/dev/null 2>&1; then
 		types='ntfs-3g ntfs'
diff --git a/os-prober b/os-prober
index a48863e..ab2dee1 100755
--- a/os-prober
+++ b/os-prober
@@ -45,6 +45,16 @@ partitions () {
 			fi
 		done
 
+		# bcahce
+		for part in /sys/block/bcache*; do
+			if [ -f "$part/inflight" ]; then
+name="$(echo "${part##*/}" | sed 's,[!.],/,g')"
+if [ -e "/dev/$name" ]; then
+	echo "/dev/$name"
+fi
+			fi
+		done
+
 		# Add Serial ATA RAID devices
 		if type dmraid >/dev/null 2>&1 && \
 		   dmraid -s -c >/dev/null 2>&1; then
diff --git a/os-probes/common/50mounted-tests b/os-probes/common/50mounted-tests
index fca15cb..09c88b3 100755
--- a/os-probes/common/50mounted-tests
+++ b/os-probes/common/50mounted-tests
@@ -27,6 +27,9 @@ elif [ "$types" = crypto_LUKS ]; then
 elif [ "$types" = LVM2_member ]; then
 	debug "$1 is an LVM member; skipping"
 	exit 0
+elif [ "$types" = bcache ]; then
+	debug "$1 is an bcache partition; skipping"
+	exit 0
 elif [ "$types" = ntfs ]; then
 	if type ntfs-3g >/dev/null 2>&1; then
 		types='ntfs-3g ntfs'
-- 
2.11.0

Bug#863896: Can confirm bugs(s) and fixes

[Paul Tagliamonte]

I got around to doing some network maintaince, and upgraded the
non-critical packages on my router, along with dns-root-data. dnsmasq's
version did not change during this operation.

After restarting dnsmasq, the dhcpd was down, and clients weren't
getting IPs. After digging a bit (set -x on the init script, and
friends), I was able to work back to dns-root-data, and confirmed the
package version did change.

I saw these bugs, and I saw dnsmasq handles this better in sid -
thankfully, I keep sid pinned down for just such a bug :)

I upgraded dnsmasq, and I can confirm clients are happy again.

Hopefully we can push the migration to testing before more folks get
caught in this (although, I guess folks who run their own dhcpd tend to
be able to find bug reports such as this -- hey there, other nerds!)

Thanks for the fix, and thanks for maintaining these packages,
  Paul

-- 


signature.asc
Description: PGP signature

Bug#592985: ITP: pragha -- Lightweight Music Player

[Gabriel F. T. Gomes]

Package: wnpp
Followup-For: Bug #592985
Owner: "Gabriel F. T. Gomes" 

I have this software installed in my computer as a Debian package.  Now,
I'd like to check with the community if the package is ready for Debian,
or if more work is needed (I'm willing to make the required changes for
making it a Debian package).

Bug#863109: iannix: FTBFS on armel and armhf: mixes double and qreal

[Aaron M. Ucko]

notfixed 863109 0.9.17~dfsg0-2
found 863109 0.9.17~dfsg0-2
thanks

Thanks for looking into this bug.  Builds on these architectures now
make more progress, but still fail due to discrepancies between qreal
(float) and mu::value_type (double).  Could you please take another
look?  Also, I see the same errors on the (non-release) sh4
architecture, so please extend any architecture-based special casing
accordingly.

https://buildd.debian.org/status/fetch.php?pkg=iannix=armel=0.9.17%7Edfsg0-2=1496698963=0
https://buildd.debian.org/status/fetch.php?pkg=iannix=armhf=0.9.17%7Edfsg0-2=1496699440=0
https://buildd.debian.org/status/fetch.php?pkg=iannix=sh4=0.9.17%7Edfsg0-2=1496701904=0

Thanks!

-- 
Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org)
http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?a...@monk.mit.edu

Bug#864233: unblock: linux/4.9.30-1

[Ben Hutchings]

On Tue, 2017-06-06 at 01:29 +0200, Axel Beckert wrote:
> Hi,
> 
> Ben Hutchings wrote:
> > This includes many important bug fixes, including security fixes.  It
> > adds support for system reset on Malta boards, additional GPUs on
> > ARM64 systems, and PL011 serial consoles on ARM64 systems.  It makes
> > the efivarfs module available in the installer, which is important for
> > supporting some x86 systems.
> > 
> > The debdiff would be too large for you to review, unfortunately.
> > Instead, here are the changelog entries:
> > 
> > linux (4.9.30-1) unstable; urgency=medium
> 
> JFTR: This upload of linux 4.9.30-1 to unstable made at least one
> package start to FTBFS in unstable, namely radvd. Please see
> https://bugs.debian.org/864269 for details.

radvd's autoconf test for  has probably failed at least
since Linux 2.6.32 when I made sure the kernel headers would never
define struct sockaddr for userland:


But the conflict between  and  is far
older than that, so if the test ever passed it should have resulted in
this build failure.  I think that's a clear bug in radvd.  It should
use either one or the other, and I think the sensible thing is to use
 as it has been doing up until now.

Ben.

-- 
Ben Hutchings
Every program is either trivial or else contains at least one bug


signature.asc
Description: This is a digitally signed message part

Bug#864260: Missing kernel in debian-installer sd-card images for armhf (stretch)

[Cyril Brulebois]

Hi,

Diego Roversi  (2017-06-05):
> Package: debian-installer
> Version: 20170525
> 
> The sd-card images of debian-installer for arm-hf don't have a kernel
> image inside, and they can't boot from sd.
> 
> To reproduce the problem:
> 
> #wget 
> http://ftp.uk.debian.org/debian/dists/stretch/main/installer-armhf/current/images/netboot/SD-card-images/firmware.A10-OLinuXino-Lime.img.gz
> 
> #wget 
> http://ftp.uk.debian.org/debian/dists/stretch/main/installer-armhf/current/images/netboot/SD-card-images/partition.img.gz
> 
> #zcat firmware.A10-OLinuXino-Lime.img.gz partition.img.gz > image_a10.img
> 
> # ls -lrt
> total 63628
> -rw-r--r-- 1 root root 23891122 May 25 12:21 partition.img.gz
> -rw-r--r-- 1 root root   224112 May 25 12:21 
> firmware.A10-OLinuXino-Lime.img.gz
> -rw-r--r-- 1 root root 4096 Jun  4 21:57 image_a10.img
> 
> # losetup /dev/loop0 image_a10.img 
> # fdisk -lu /dev/loop0
> Disk /dev/loop0: 39.1 MiB, 4096 bytes, 8 sectors
> Units: sectors of 1 * 512 = 512 bytes
> Sector size (logical/physical): 512 bytes / 512 bytes
> I/O size (minimum/optimal): 512 bytes / 512 bytes
> Disklabel type: dos
> Disk identifier: 0x0eded707
> 
> Device   Boot Start   End Sectors  Size Id Type
> /dev/loop0p1 * 2048 7   77952 38.1M  c W95 FAT32 (LBA)
> 
> # partprobe /dev/loop0
> # mount /dev/loop0p1 /mnt/card
> # ls -l /mnt/card/
> total 20732
> -rwxr-xr-x 1 root root 1575 May 25 10:50 boot.scr
> drwxr-xr-x 2 root root41984 May 25 10:50 dtbs
> -rwxr-xr-x 1 root root 21185369 May 25 10:50 initrd.gz
> 
> The boot from this sd image give this error:
> 
> Scanning mmc 0:1...   
> Found U-Boot script /boot.scr 
> reading /boot.scr 
> 1575 bytes read in 25 ms (61.5 KiB/s) 
> ## Executing script at 4310   
> Mainline u-boot / new-style environment detected. 
> reading vmlinuz   
> 3701008 bytes read in 391 ms (9 MiB/s)
> reading dtbs/sun4i-a10-olinuxino-lime.dtb 
> 27941 bytes read in 621 ms (43 KiB/s) 
> reading initrd.gz 
> ** Unable to read file initrd.gz **   
> SCRIPT FAILED: continuing...

I'm not familiar with those images, but they should contain u-boot
configuration and needed bits. From the log above, it looks like a
vmlinuz was found, but initrd.gz couldn't be read. Cc'ing debian-arm@
since I don't know much more about this.



KiBi.


signature.asc
Description: Digital signature

Bug#864268: Documentation mentions ext3 as default filesystem

[Cyril Brulebois]

Maxime Buquet  (2017-06-05):
> Source: debian-installer
> Version: 20170525
> 
> The documentation[0] still states that ext3 is the default filesystem.
> This should probably be updated to ext4.
> 
> [0]: 
> https://sources.debian.net/src/debian-installer/20170525/doc/devel/partman-auto-recipe.txt

Thanks for the report.

I'm a bit conflicted. It would be easy to s/ext3/ext4/g over the file
but it might be good to update the whole thing entirely, and we're
currently busy getting ready for the stretch release.

In the meanwhile, the installation guide should have the most uptodate
documentation, as opposed to “devel” doc hidden in the source package.

Excerpt from 
:
| The following file systems are supported.
| 
| ext2, ext3, ext4
| 
| The default file system selected in most cases is ext4; for /boot
| partitions ext2 will be selected by default when guided partitioning
| is used.

Hope this helps.


KiBi.


signature.asc
Description: Digital signature

Bug#864270: libgcrypt20: Since the update pushed to stretch today the library seemingly broke gnome-based filemanagers like caja, nemo and nautilus.

[Omar Jair Purata Funes]

Package: libgcrypt20
Version: 1.7.6-2
Severity: important

Dear Maintainer,


Today June 5th of 2017 a library update was pushed into stretch, it seems
that libgcrypt20 is a core part for running some gnome-based desktops, after
the update caja, nautilus & nemo applications stop responding after init, the
superuser can start and use them flawlessly but when a normal user tries to
open a window to work it stops responding, not just the window but the entire
caja process freezes, I've reproduced this in my main laptop and 2 other 
computers running Debian Stretch & MATE 1.16 just upgrade those 2 libraries to
see the effects.


-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=es_MX.UTF-8, LC_CTYPE=es_MX.UTF-8 (charmap=UTF-8), 
LANGUAGE=es_MX:es (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Norbert Preining]

> If you can't say immediately "oh, this will clearly break things", and
> mixing 2014+2016 is merely an unsupported configuration, I would ignore

Thanks, I will ignore it. All files in the package are replaced,
besides maybe some files in /usr/share/doc/, so nothing that will
influence typesetting.

Thanks and all the best

Norbert

--
PREINING Norbert   http://www.preining.info
Accelia Inc. +JAIST +TeX Live +Debian Developer
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Bug#721430: crosstool-ng mailinglist and Debian developer

[Chris Packham]

On 03/06/17 05:54, Geert Stappers wrote:
> On Sun, May 28, 2017 at 09:25:18PM +, Chris Packham wrote:
>>
>> I'll incorporate Geert's changes an update PR352. Still looking for an
>> actual Debian developer help get this into unstable/testing/whatever.
>
>  (-:
>
> You found that Debian developer:  Me

Great. Thanks.

>
> This email is to tell that I found the crossgcc mailing
> and that I'm subscribed to it.
>
>  :-)

I've updated https://github.com/crosstool-ng/crosstool-ng/pull/352

Where to next.

Bug#844056: Missing brcmfmac43362-sdio.txt stops wireless working

[Ben Hutchings]

On Sat, 12 Nov 2016 04:23:18 + Wookey  wrote:
[...]
> There may well be more that one variant of this for different boards,
> but this one covers several, probably everything using the ap6210.
[...]
> macaddr=00:90:4c:07:71:12
[...]

...as long as you don't ever use two of the same network, right? :-)

Ben.

-- 
Ben Hutchings
Every program is either trivial or else contains at least one bug



signature.asc
Description: This is a digitally signed message part

Bug#844056: Missing brcmfmac43362-sdio.txt stops wireless working

[Ben Hutchings]

Control: tag -1 wontfix

On Sat, 12 Nov 2016 04:23:18 + Wookey  wrote:
> Package: firmware-brcm80211
> Version: 20160824-1
> Severity: normal
> 
> The firmware file brcm/brcmfmac43362-sdio.bin is available in the
> package, but the driver brcmfmac (at least on cubietruck and maybe
> always) does not work unless the file brcmfmac43362-sdio.txt is also
> supplied.
[...]

This file is machine-specific, so we should not just install a version
that's known to work on one particular machine.

In theory we could collect versions for different machines and symlink
the right one into place at install time based on machine ID.  But I
think that's beyond the scope of this package.

Ben.

-- 
Ben Hutchings
Every program is either trivial or else contains at least one bug



signature.asc
Description: This is a digitally signed message part

Bug#864224: sisu-pdf: switch dependency from texlive-math-extra to texlive-science

[Ralph Amissah]

Andreas, thank you,
Ralph

On Mon, Jun 5, 2017 at 4:59 PM, Andreas Beckmann  wrote:
> Followup-For: Bug #864224
> Control: tag -1 patch pending
>
> Hi,
>
> I just uploaded a 0-day NMU directly to sid, s.t. this can still reach
> stretch r0.
>
>
> Andreas

Bug#864233: unblock: linux/4.9.30-1

[Axel Beckert]

Hi,

Ben Hutchings wrote:
> This includes many important bug fixes, including security fixes.  It
> adds support for system reset on Malta boards, additional GPUs on
> ARM64 systems, and PL011 serial consoles on ARM64 systems.  It makes
> the efivarfs module available in the installer, which is important for
> supporting some x86 systems.
> 
> The debdiff would be too large for you to review, unfortunately.
> Instead, here are the changelog entries:
> 
> linux (4.9.30-1) unstable; urgency=medium

JFTR: This upload of linux 4.9.30-1 to unstable made at least one
package start to FTBFS in unstable, namely radvd. Please see
https://bugs.debian.org/864269 for details.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Andreas Beckmann]

On 2017-06-06 00:38, Norbert Preining wrote:
> Hi Andreas,
> 
>>   install ok installed   texlive-latex-base  texlive-latex-base  
>> 2016.20170123-5
>>   install ok installed   texlive-math-extra  texlive-math-extra  
>> 2014.20141024-1
> 
> Interesting. Thanks for the information.
> What do you think should be done for stretch? Should I prepare new
> packages and try to get them into stretch? Doesn't look too promising
> at that late time.

If you can't say immediately "oh, this will clearly break things", and
mixing 2014+2016 is merely an unsupported configuration, I would ignore
it. Maybe queue it in case you need to do a stretch-pu at some point.
I don't expect this to happen frequently ... with the 5 packages now all
dependening on texlive-science instead of texlive-math-extra, this
occurrence is gone. So now maybe the only way to achieve the mismatch is
to perform partial upgrades. I don't want to search for them. Too many
possibilities. :-)


Andreas

Bug#864269: radvd: FTFBS in sid (but not in stretch)

[Axel Beckert]

Control: severity -1 serious

Hi,

Christoph Biedl wrote:
> for the time being just a heads-up: radvd fails to build in sid due
> to a change in linux-libc-dev (4.9.25-1 vs. 4.9.30-1):
[...]
> Not sure whether radvd is to blame or linux-libc-dev, feel free to
> re-assign. Just be prepared your package will break in case 4.9.30-1
> will reach stretch (I don't know whether this is planned).

JFTR: This is definitely planned as there's an unblock request for it
at https://bugs.debian.org/864233

Raising the severity to serious because of that.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#855395: firmware-atheros have buggy firmwares for AR3011 bluetooth (ath3k)

[Ben Hutchings]

Control: tag -1 - patch

On Fri, 17 Feb 2017 14:43:07 +0200 sniskorodov  wrote:
> Package: firmware-atheros
> Version: 20160110-1~bpo8+1
> Severity: grave
> Tags: patch
> Justification: renders package unusable
> 
> Hi, I have found that with firmwares for notebook internal bluetooth adapter
> AR3011 (AthrBT_0x11020100.dfu, ramps_0x11020100_40.dfu) from package, 
> bluetooth
> working incorrect with headset (frequently interrupts sound, and wrote error
> messages in dmesg).
> =-=-=-=
> [  207.491195] Bluetooth: hci0 SCO packet for unknown connection handle 60
> [  207.511120] Bluetooth: hci0 SCO packet for unknown connection handle 47615
> [  207.521126] Bluetooth: hci0 SCO packet for unknown connection handle 65497
> [  207.531118] Bluetooth: hci0 SCO packet for unknown connection handle 9
> [  207.531125] Bluetooth: hci0 SCO packet for unknown connection handle 7168
> [  207.541148] Bluetooth: hci0 SCO packet for unknown connection handle 76
> [  207.551120] Bluetooth: hci0 SCO packet for unknown connection handle 57344
> =-=-=-=
> 
> So, I found working firmwares in this thread
> https://forums.gentoo.org/viewtopic-t-1013336-start-0.html
> Can you replace it in package, please?

I have no reason to trust these files, so no.  They might not even be
legal to redistribute.

Ben.

-- 
Ben Hutchings
Every program is either trivial or else contains at least one bug



signature.asc
Description: This is a digitally signed message part

Bug#864262: unblock: espeak-ng/1.49.0+dfsg-11

[Cyril Brulebois]

Hi,

Samuel Thibault  (2017-06-05):
> espeak-ng used to have overlapping speech synthesis issues (#848016):
> e.g. while moving fast in a list of items, the speech of each item would
> get mixed with the previous one, making it difficult or impossible to
> hear. We reduced the buffer size of espeak-ng from 200ms to 50ms to
> considerably reduce the issue.
> 
> However, the modified buffer size happened to break the use of mbrola
> voices (#860891), so we raised it a bit, from 50ms to 60ms, like
> upstream did, to fix that.
> 
> However, that brought back some of the overlapping issues, making it
> tedious to use...
> (https://lists.debian.org/debian-accessibility/2017/06/msg2.html)
> 
> I have thus uploaded a version -11 of espeak-ng (attached debdiff) which
> reduces it to 49ms, which avoids the overlapping regression, and which I
> have tested as working with all mbrola voices.
> 
> unblock espeak-ng/1.49.0+dfsg-11
> 
> This contains udebs, so Cc-ing KiBi for the udeb ack.

No objections, feel free to unblock & urgent ASAP.


KiBi.


signature.asc
Description: Digital signature

Bug#864269: radvd: FTFBS in sid (but not in stretch)

[Christoph Biedl]

Package: radvd
Version: 1:2.16-1
Severity: important

Dear Maintainer,

for the time being just a heads-up: radvd fails to build in sid due
to a change in linux-libc-dev (4.9.25-1 vs. 4.9.30-1):

--- /usr/include/linux/if.h 2017-05-02 17:21:44.0 +0200
+++ /usr/include/linux/if.h 2017-06-04 04:03:01.0 +0200
@@ -24,6 +24,8 @@
 #include   /* for "struct sockaddr" et al  */
/* for "__user" et al   */
 
+#include /* for struct sockaddr. 
*/
+
 #if __UAPI_DEF_IF_IFNAMSIZ
 #defineIFNAMSIZ16
 #endif /* __UAPI_DEF_IF_IFNAMSIZ */


This affects the build:

@@ -369,14 +365,9 @@
 checking ifaddrs.h usability... yes
 checking ifaddrs.h presence... yes
 checking for ifaddrs.h... yes
-checking linux/if_arp.h usability... no
+checking linux/if_arp.h usability... yes
 checking linux/if_arp.h presence... yes
-configure: WARNING: linux/if_arp.h: present but cannot be compiled
-configure: WARNING: linux/if_arp.h: check for missing prerequisite headers?
-configure: WARNING: linux/if_arp.h: see the Autoconf documentation
-configure: WARNING: linux/if_arp.h: section "Present But Cannot Be 
Compiled"
-configure: WARNING: linux/if_arp.h: proceeding with the compiler's result
-checking for linux/if_arp.h... no
+checking for linux/if_arp.h... yes
 checking machine/limits.h usability... no
 checking machine/limits.h presence... no
 checking for machine/limits.h... no

(...)

+In file included from includes.h:106:0,
+ from gram.y:17:
+/usr/include/linux/if_arp.h:113:8: error: redefinition of 'struct arpreq'
+ struct arpreq {
+^~
+In file included from includes.h:90:0,
+ from gram.y:17:
+/usr/include/net/if_arp.h:138:8: note: originally defined here
+ struct arpreq
+^~


Not sure whether radvd is to blame or linux-libc-dev, feel free to
re-assign. Just be prepared your package will break in case 4.9.30-1
will reach stretch (I don't know whether this is planned).

Christoph

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.28 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect

Versions of packages radvd depends on:
ii  adduser   3.115
ii  libc6 2.24-11
ii  lsb-base  9.20161125

radvd recommends no packages.

radvd suggests no packages.



signature.asc
Description: Digital signature

Bug#862792: dput: UnicodeDecodeError: 'ascii' codec can't decode byte 0xd0

[Ben Finney]

On 05-Jun-2017, Aleksey Samoilov wrote:
> I found the cause of the problem: if there is a no directory with a
> cyrillic name in the path of the file ("Загрузки" for example) -
> problem dissapears.

Thank you for the extra information.

Can you construct a simple test that will allow the maintainer to
verify this bug? In other words: please give exact steps to reproduce
this specific bug.

-- 
 \ “Don't be misled by the enormous flow of money into bad defacto |
  `\standards for unsophisticated buyers using poor adaptations of |
_o__) incomplete ideas.” —Alan Kay |
Ben Finney 


signature.asc
Description: PGP signature

Bug#863915: Please test webkit2gtk 2.16.3-2 with your packages for stretch now!

[Jeremy Bicha]

Please test your packages on stretch with webkit2gtk 2.16.3-2 which I
have requested to be unblocked for stretch this week. The current
version in stretch is 2.14.7-1. 2.16.3 is a new major release but it
is also a security release and the webkit2gtk developers try to be
careful to avoid regressions in new release and fix regressions
quickly once informed of them.

A list of affected packages can be found at https://paste.debian.net/961084/

I suggest briefly enabling unstable in your sources.list and running
commands like this:
sudo apt update
sudo apt install gir1.2-webkit2-4.0
and then disable unstable again.

If you find any problems as a result of this update, please reply to
Debian bug #863915

I do apologize for the lateness of this request, but it seems like it
would be better to do this major version bump now rather than for 9.1.

My intention is to try to package further webkit2gtk updates for
Debian 9 "stretch" until buster is released as the new stable release.
webkit2gtk has new major versions every March and September (like
GNOME) with periodic security and bugfix releases in between. These
new versions are being packaged in Ubuntu LTS and most other major
Linux distributions. For more details, see bug #863915.

Thank you,
Jeremy Bicha

Bug#863890: dblatex: postrm fails on jessie to stretch upgrade

[Norbert Preining]

Hi Andreas,

>   install ok installedtexlive-latex-base  texlive-latex-base  
> 2016.20170123-5
>   install ok installedtexlive-math-extra  texlive-math-extra  
> 2014.20141024-1

Interesting. Thanks for the information.
What do you think should be done for stretch? Should I prepare new
packages and try to get them into stretch? Doesn't look too promising
at that late time.

Norbert

--
PREINING Norbert   http://www.preining.info
Accelia Inc. +JAIST +TeX Live +Debian Developer
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Bug#864268: Documentation mentions ext3 as default filesystem

[Maxime Buquet]

Source: debian-installer
Version: 20170525

The documentation[0] still states that ext3 is the default filesystem.
This should probably be updated to ext4.

[0]: 
https://sources.debian.net/src/debian-installer/20170525/doc/devel/partman-auto-recipe.txt

-- 
Maxime “pep” Buquet


signature.asc
Description: PGP signature

Bug#864204: runit: Removal of runit-init removes /sbin/init breaking boot for runit users

[Michael Biebl]

On Mon, 5 Jun 2017 21:56:19 +0200 Mat  wrote:

> On the other hand, the runit package on jessie does provide the binaries
> /sbin/runit and /sbin/runit-init that can be given to the kernel command
> line option init=/sbin/runit-init. The runit package on stretch does not
> provide those binaries anymore. For those users the upgrade to stretch
> will break.

https://tracker.debian.org/news/846712

 runit (2.1.2-9.2) unstable; urgency=medium
 .
   * non-maintainer upload
   * re-add /sbin/runit{,-init} to runit package so it remains possible to
 use runit as PID 1
-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#863915: unblock: webkit2gtk/2.16.3-2

[Adam D. Barratt]

On Fri, 2017-06-02 at 11:52 -0400, Jeremy Bicha wrote:
> Here's my thinking as to how the first webkit2gtk stable update could work.
> 
> 1. A new webkit2gtk point release is released.
> 2. Since regressions are generally found within the first week and to
> try to limit the work needed by the SRMs, we wait a week before
> uploading to the s-p-u queue.
> 3. A SRM accepts it.
> 4. An email is sent out to the maintainers of the rdeps asking them to
> please test their package with the new webkit2gtk version in s-p-u
> within the next 2 weeks.
> 5. If no regressions are reported, the update is released in the next
> Debian 9 point release.

Has this been discussed with any of the r-dep maintainers? The plan only
really works if step 4 actually results in useful tests.

Regards,

Adam

Bug#863927: qtwebengine-opensource-src: FTBFS: memory exhausted

[Sandro Knauß]

Moin,

thanks for your work! I'll added the NMU patch to the git repo too.

Best regards,

sandro

--
On Montag, 5. Juni 2017 22:28:10 CEST Adrian Bunk wrote:
> On Mon, Jun 05, 2017 at 10:44:59AM +0200, Rene Engelhard wrote:
> >...
> >
> > This looks unnecessarily ugly to me (or I miss something). Why not use
> > dpkg-buildflags' mechanism for this? See e.g.
> >
> >...
> >
> > In this case maybe _APPEND -g1 (if you don't do the _STRIP)
> 
> Thanks, your _APPEND suggestion is much better than my original patch.
> 
> Sandro, the debdiff of my upload is attached.
> 
> > Regards,
> > 
> > Rene
> 
> cu
> Adrian



signature.asc
Description: This is a digitally signed message part.

Bug#864267: jessie-pu: package libterralib/4.3.0+dfsg.1-2+deb8u1

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

libterralib in jessie has Conflicts+Replaces against libterralib3, but
that package name has never been used before stretch. This causes
upgrade problems since apt does not consider libterralib3 from stretch
as a valid installation candidate. This does not seem to be solvable
within stretch.
A similar case was fixed in the previous jessie point release: openmpi.
Proposed patch attached.

Andreas
>From dc64a1dbcc9aaa2b3927fd4883e52ad7560b6e52 Mon Sep 17 00:00:00 2001
From: Andreas Beckmann 
Date: Mon, 5 Jun 2017 23:12:34 +0200
Subject: [PATCH] remove superfluous Conflicts/Replaces: libterralib3

---
 debian/changelog | 8 
 debian/control   | 4 ++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 7963767..2dc6e2f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+libterralib (4.3.0+dfsg.1-2+deb8u1) jessie; urgency=medium
+
+  * Non-maintainer upload.
+  * Remove superfluous Conflicts/Replaces: libterralib3 since that causes
+problems upgrading to stretch which has that package.  (Closes: #863885)
+
+ -- Andreas Beckmann   Mon, 05 Jun 2017 23:06:46 +0200
+
 libterralib (4.3.0+dfsg.1-2) unstable; urgency=medium
 
   * Remove libjpeg8-dev dependency; just use libjpeg-dev.
diff --git a/debian/control b/debian/control
index bc4a29c..72564ba 100644
--- a/debian/control
+++ b/debian/control
@@ -37,8 +37,8 @@ Multi-Arch: same
 Depends: ${shlibs:Depends}, ${misc:Depends}
 Pre-Depends: ${misc:Pre-Depends}
 Suggests: libterralib-doc (= ${binary:Version})
-Conflicts: libterralib1c2a, libterralib3
-Replaces: libterralib1c2a, libterralib3
+Conflicts: libterralib1c2a
+Replaces: libterralib1c2a
 Description: C++ library for Geographical Information Systems
  TerraLib enables quick development of custom-built geographical applications
  using spatial databases. As a research tool, TerraLib  is aimed at providing a
-- 
2.11.0

Bug#863885: libterralib: superfluous Conflicts/Replaces on libterralib3 cause problems on upgrades to stretch

[Andreas Beckmann]

Followup-For: Bug #863885
Control: tag -1 patch

Hi,

I just filed a jessie-pu request with the attached patch.
I plan to NMU libterralib for jessie to get this fixed in the next point
release.


Andreas
>From dc64a1dbcc9aaa2b3927fd4883e52ad7560b6e52 Mon Sep 17 00:00:00 2001
From: Andreas Beckmann 
Date: Mon, 5 Jun 2017 23:12:34 +0200
Subject: [PATCH] remove superfluous Conflicts/Replaces: libterralib3

---
 debian/changelog | 8 
 debian/control   | 4 ++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 7963767..2dc6e2f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+libterralib (4.3.0+dfsg.1-2+deb8u1) jessie; urgency=medium
+
+  * Non-maintainer upload.
+  * Remove superfluous Conflicts/Replaces: libterralib3 since that causes
+problems upgrading to stretch which has that package.  (Closes: #863885)
+
+ -- Andreas Beckmann   Mon, 05 Jun 2017 23:06:46 +0200
+
 libterralib (4.3.0+dfsg.1-2) unstable; urgency=medium
 
   * Remove libjpeg8-dev dependency; just use libjpeg-dev.
diff --git a/debian/control b/debian/control
index bc4a29c..72564ba 100644
--- a/debian/control
+++ b/debian/control
@@ -37,8 +37,8 @@ Multi-Arch: same
 Depends: ${shlibs:Depends}, ${misc:Depends}
 Pre-Depends: ${misc:Pre-Depends}
 Suggests: libterralib-doc (= ${binary:Version})
-Conflicts: libterralib1c2a, libterralib3
-Replaces: libterralib1c2a, libterralib3
+Conflicts: libterralib1c2a
+Replaces: libterralib1c2a
 Description: C++ library for Geographical Information Systems
  TerraLib enables quick development of custom-built geographical applications
  using spatial databases. As a research tool, TerraLib  is aimed at providing a
-- 
2.11.0

Bug#864028: unblock (pre-approval): flatpak/0.8.6-1

[Simon McVittie]

Control: retitle 864028 unblock (pre-approval): flatpak/0.8.6-1

> On Sat, 03 Jun 2017 at 12:47:30 +0100, Simon McVittie wrote:
> > The upstream developer is planning to release 0.8.6 at some point in the
> > near future, but for now here is an unblock request for the patchset that
> > would be in 0.8.6 if it was released today.

0.8.6 has now been released. It is identical to my proposed 0.8.5-3, other
than release stuff (configure.ac, NEWS), generated files and translations.

I attach an updated debdiff, with most of the generated bits filtered.

I suspect you're probably not going to want this for r0 at this point,
so I'll upload to unstable shortly to give it more visibility, with a
view to asking for a stretch-pu upload before r1. There is no new
public API, so that should be unproblematic.

Regards,
S
diffstat for flatpak-0.8.5 flatpak-0.8.6

 NEWS|   26 ++
 common/flatpak-dir.c|   70 +
 common/flatpak-run.c|  126 
 configure.ac|4 -
 dbus-proxy/flatpak-proxy.c  |2 
 debian/changelog|   27 ++
 document-portal/xdp-dbus.c  |   20 ++---
 document-portal/xdp-dbus.h  |2 
 lib/flatpak-version-macros.h|2 
 session-helper/flatpak-session-helper.c |2 
 tests/package_version.txt   |2 
 11 files changed, 222 insertions(+), 61 deletions(-)

diff -Nru --exclude configure --exclude po --exclude html flatpak-0.8.5/common/flatpak-dir.c flatpak-0.8.6/common/flatpak-dir.c
--- flatpak-0.8.5/common/flatpak-dir.c	2017-04-03 12:44:28.0 +0100
+++ flatpak-0.8.6/common/flatpak-dir.c	2017-06-05 13:45:47.0 +0100
@@ -3113,6 +3113,9 @@
   "X-Flatpak-Tags",
   (const char * const *) tags, length);
 }
+
+  /* Add a marker so consumers can easily find out that this launches a sandbox */
+  g_key_file_set_string (keyfile, "Desktop Entry", "X-Flatpak", app);
 }
 
   groups = g_key_file_get_groups (keyfile, NULL);
@@ -3408,21 +3411,33 @@
 GCancellable *cancellable,
 GError  **error)
 {
-  gboolean ret = FALSE;
+  const char *exported_subdirs[] = {
+"share/applications",  "../..",
+"share/icons", "../..",
+"share/dbus-1/services",   "../../.."
+  };
+  int i;
 
-  if (!flatpak_mkdir_p (destination, cancellable, error))
-goto out;
+  for (i = 0; i < G_N_ELEMENTS(exported_subdirs); i = i + 2)
+{
+  /* The fds are closed by this call */
+  g_autoptr(GFile) sub_source = g_file_resolve_relative_path (source, exported_subdirs[i]);
+  g_autoptr(GFile) sub_destination = g_file_resolve_relative_path (destination, exported_subdirs[i]);
+  g_autofree char *sub_symlink_prefix = g_build_filename (exported_subdirs[i+1], symlink_prefix, exported_subdirs[i], NULL);
 
-  /* The fds are closed by this call */
-  if (!export_dir (AT_FDCWD, flatpak_file_get_path_cached (source), symlink_prefix, "",
-   AT_FDCWD, flatpak_file_get_path_cached (destination),
-   cancellable, error))
-goto out;
+  if (!g_file_query_exists (sub_source, cancellable))
+continue;
 
-  ret = TRUE;
+  if (!flatpak_mkdir_p (sub_destination, cancellable, error))
+return FALSE;
 
-out:
-  return ret;
+  if (!export_dir (AT_FDCWD, flatpak_file_get_path_cached (sub_source), sub_symlink_prefix, "",
+   AT_FDCWD, flatpak_file_get_path_cached (sub_destination),
+   cancellable, error))
+return FALSE;
+}
+
+  return TRUE;
 }
 
 gboolean
@@ -7292,13 +7307,17 @@
  flatpak_repo_set_* () family of functions) */
   static const char *const supported_params[] = {
 "xa.title",
-"xa.default-branch", NULL
+"xa.default-branch",
+"xa.gpg-keys",
+"xa.redirect-url",
+NULL
   };
 
   g_autoptr(GVariant) summary = NULL;
   g_autoptr(GVariant) extensions = NULL;
   g_autoptr(GPtrArray) updated_params = NULL;
   GVariantIter iter;
+  g_autoptr(GBytes) gpg_keys = NULL;
 
   updated_params = g_ptr_array_new_with_free_func (g_free);
   summary = fetch_remote_summary_file (self, remote, cancellable, error);
@@ -7315,14 +7334,31 @@
 
   while (g_variant_iter_next (, "{sv}", , _var))
 {
-  /* At the moment, every supported parameter are strings */
-  if (g_strv_contains (supported_params, key) &&
-  g_variant_get_type_string (value_var))
+  /* At the moment, every supported parameter except gpg-keys are strings */
+  if (strcmp (key, "xa.gpg-keys") == 0 &&
+  g_variant_is_of_type (value_var, G_VARIANT_TYPE_BYTESTRING))
+{
+  const guchar *gpg_data = g_variant_get_data 

Bug#864004: dune-grid: FTBFS, and cruft package, on hurd-i386

[Ansgar Burchardt]

clone 864004 -1 -2 -3 -4
retitle -1 RM: dune-grid-glue [hurd-i386] -- RoM; Build-Depends on package not 
available on hurd-i386
retitle -2 RM: dune-pdelab [hurd-i386] -- RoM; Build-Depends on package not 
available on hurd-i386
retitle -3 RM: dune-geometry [hurd-i386] -- RoM; Build-Depends on package not 
available on hurd-i386
retitle -4 RM: dune-common [hurd-i386] -- RoM; FTBFS, MPI does not work on 
hurd-i386
thanks

Ralf Treinen writes:
>> MPI does not work on hurd-i386.  I don't have time to fix MPI, so
>> removal it is.
>
> Thanks! The situation seems to be the same with
>
> libdune-grid-glue-2.3.0 (from source dune-grid-glue)
> libdune-pdelab-2.0.0 (from source dune-pdelab)
>
> can you also ask for removal of these two on hurd-i386?

Sure.

Ansgar

Bug#859879: (no subject)

[Gordon Ball]

This is also a blocker for updating jupyter-notebook -> 5.0.

I have prepared a rough package:

https://git.chronitis.net/xterm.js/

The package could use some more tidying and testing, but should build
both the typescript part and a python script (crudely) emulates the
browserify part.

Gordon

Bug#864262: unblock: espeak-ng/1.49.0+dfsg-11

[Samuel Thibault]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hello,

espeak-ng used to have overlapping speech synthesis issues (#848016):
e.g. while moving fast in a list of items, the speech of each item would
get mixed with the previous one, making it difficult or impossible to
hear. We reduced the buffer size of espeak-ng from 200ms to 50ms to
considerably reduce the issue.

However, the modified buffer size happened to break the use of mbrola
voices (#860891), so we raised it a bit, from 50ms to 60ms, like
upstream did, to fix that.

However, that brought back some of the overlapping issues, making it
tedious to use...
(https://lists.debian.org/debian-accessibility/2017/06/msg2.html)

I have thus uploaded a version -11 of espeak-ng (attached debdiff) which
reduces it to 49ms, which avoids the overlapping regression, and which I
have tested as working with all mbrola voices.

unblock espeak-ng/1.49.0+dfsg-11

This contains udebs, so Cc-ing KiBi for the udeb ack.

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), 
(500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 
'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- 
Samuel
 ya(ka|ma|to)* ca existe une fois sur 2 au japon, c'est facile ;-)
 -+- #ens-mim au japon -+-
diff -Nru espeak-ng-1.49.0+dfsg/debian/changelog 
espeak-ng-1.49.0+dfsg/debian/changelog
--- espeak-ng-1.49.0+dfsg/debian/changelog  2017-04-29 16:32:54.0 
+0200
+++ espeak-ng-1.49.0+dfsg/debian/changelog  2017-06-05 22:04:57.0 
+0200
@@ -1,3 +1,11 @@
+espeak-ng (1.49.0+dfsg-11) unstable; urgency=medium
+
+  * patches/bufsize: Increasing the buffersize to 60ms brought back some
+overlapping. Revert this to 49ms, which both avoids overlapping, and
+was tested to work fine with all MBROLA voices.
+
+ -- Samuel Thibault   Mon, 05 Jun 2017 22:04:57 +0200
+
 espeak-ng (1.49.0+dfsg-10) unstable; urgency=medium
 
   * patches/bufsize: Increase buffersize to 60ms like upstream did, to fix 
using
diff -Nru espeak-ng-1.49.0+dfsg/debian/patches/bufsize 
espeak-ng-1.49.0+dfsg/debian/patches/bufsize
--- espeak-ng-1.49.0+dfsg/debian/patches/bufsize2017-04-29 
16:32:54.0 +0200
+++ espeak-ng-1.49.0+dfsg/debian/patches/bufsize2017-06-05 
22:04:57.0 +0200
@@ -5,7 +5,7 @@
// buflength is in mS, allocate 2 bytes per sample
if ((buffer_length == 0) || (output_mode & ENOUTPUT_MODE_SPEAK_AUDIO))
 -  buffer_length = 200;
-+  buffer_length = 60;
++  buffer_length = 49;
  
outbuf_size = (buffer_length * samplerate)/500;
out_start = (unsigned char *)realloc(outbuf, outbuf_size);

Bug#864261: mozc: Please add arm64 architecture.

[Kenichiro MATOHARA]

Source: mozc
Version: 2.19.2623.102+dfsg-1
Severity: wishlist

Dear Maintainer,

I want to use Mozc on 96board. However, there is no mozc binary package on the 
arm64 architecture.
I tried packaging using dpkg-buildpackage myself and it was possible to create 
it by simply adding arm 64 to architecture of debian/control.
https://gist.githubusercontent.com/matoken/afce66ce67392c11d3ed20d7bbab5833

Would you please add arm64 to Architecture? It can also be used with 96board 
and PINE64 etc.


-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=ja_JP.utf8, LC_CTYPE=ja_JP.utf8 (charmap=UTF-8), 
LANGUAGE=ja_JP.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#864224: sisu-pdf: switch dependency from texlive-math-extra to texlive-science

[Andreas Beckmann]

Followup-For: Bug #864224
Control: tag -1 patch pending

Hi,

I just uploaded a 0-day NMU directly to sid, s.t. this can still reach
stretch r0.


Andreas
diff -Nru sisu-7.1.9/debian/changelog sisu-7.1.9/debian/changelog
--- sisu-7.1.9/debian/changelog	2016-08-01 03:31:50.0 +0200
+++ sisu-7.1.9/debian/changelog	2017-06-05 22:44:06.0 +0200
@@ -1,3 +1,12 @@
+sisu (7.1.9-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Switch dependency from texlive-math-extra to its successor
+texlive-science to ease upgrades from jessie to stretch.
+(Closes: #864224)
+
+ -- Andreas Beckmann   Mon, 05 Jun 2017 22:44:06 +0200
+
 sisu (7.1.9-1) unstable; urgency=medium
 
   [ Ralph Amissah ]
diff -Nru sisu-7.1.9/debian/control sisu-7.1.9/debian/control
--- sisu-7.1.9/debian/control	2016-08-01 03:31:50.0 +0200
+++ sisu-7.1.9/debian/control	2017-06-05 22:44:06.0 +0200
@@ -83,7 +83,7 @@
 Depends:
  ${misc:Depends}, ruby | ruby-interpreter, sisu (= ${source:Version}),
  texlive-latex-base, texlive-fonts-recommended, texlive-generic-recommended,
- texlive-latex-recommended, texlive-latex-extra, texlive-math-extra,
+ texlive-latex-recommended, texlive-latex-extra, texlive-science,
  texlive-xetex, fonts-liberation, lmodern, latex-cjk-all, texlive-lang-cjk
 Suggests: evince | pdf-viewer
 Description: dependencies to convert SiSU LaTeX output to pdf

Bug#863868: USB Memory Stick: Issues with win32diskimager

[Brian Potkin]

On Fri 02 Jun 2017 at 17:08:37 +0100, Steve McIntyre wrote:

> On Fri, Jun 02, 2017 at 06:45:33AM +0200, Cyril Brulebois wrote:
> >Hi,
> >
> >and thanks for your report.
> >
> >Varanka Risto  (2017-06-01):
> >> Package: installation-guide
> >> Severity: important
> >> Tags: security
> >> 
> >> The online installation guide for Debian Stable at
> >> https://www.debian.org/releases/stable/i386/ch04s03.html.en recommends
> >> the use of the win32diskimager utility for writing images to USB in
> >> section "4.3.1. Preparing a USB stick using a hybrid CD or DVD image".
> >> This software currently has issues, might compromise the security of
> >> Debian users and probably should not be recommended by Debian:
> >> 
> >> 1) User comments on the main page
> >> https://sourceforge.net/projects/win32diskimager/ report that the
> >> current version 1.0.0 contains malware, or tries to install crapware
> >> as part of the installation process. (If possible this should be
> >> investigated and if indeed the project is compromised, Debian users
> >> should be notified.)
> >
> >ISTR sf.net tends to do that for Windows binaries, and this might not be
> >specific to win32diskimager.
> >
> >> 2) Some user comments also state the tool does not work on Windows 10
> >> while others claim it does. I installed this on a Windows 10 system
> >> and the software turned out not to function properly, indicating that
> >> 1) might also be the case, and of course majorly impacting Debian
> >> installation experience. Details below.
> >> 
> >> Navigate to Files->Archive and click on
> >> win32diskimager-1.0.0-install.exe. On the following page download
> >> starts automatically. Install the tool, run it and provide
> >> administrator credentials. Try to select the file to write: the opened
> >> file browser does not display almost any directories, and when an .img
> >> file is copied to the directories available, it does not show up in
> >> the file browser.
> >> 
> >> I suggest to replace the recommended tool for the time being and to
> >> investigate the trustworthiness of the utility.
> >
> >Any recommendations for alternative software?
> 
> My own recommendation now would be Rufus, in dd mode.

My recommendation would be for nothing to be recommended. Changing it on

a year by year is hardly inspiring. Debian should not be *recommending* 

software it has no control over; especially in the Manual. The CD FAQ   

seems geared up for promoting guidance for other OSs.  Why not use that?



(Some of the issues raised in the OP are probably a load of nonsense so,

on the basis the devil you know is better than the one you don't, stick 

with win32diskmanager if it highly desirable to promote utilities of

this nature within official documentation).

Bug#810145: EXTREMELY PROOF OF CONCEPT OMG

[Thorsten Glaser]

Jo Shields dixit:

>This works, IME - no more multi-gig Jenkins logs spamming "cannot

Umm…

BUILDPLACE=-q

BUILDPLACE=.foo

Passing a user-controlled argument to grep without escaping
it beforehand (and choosing a grep dialect, especially as
GNU grep does not default to BRE) or switching grep to fixed
strings is bad.

Something like this, maybe?

… | grep -F -e "$BUILDPLACE" | …

People seem to assume that writing ${foo} instead of $foo
escapes more, when it makes no difference in fact.

bye,
//mirabilos
-- 
Yay for having to rewrite other people's Bash scripts because bash
suddenly stopped supporting the bash extensions they make use of
-- Tonnerre Lombard in #nosec

Bug#864154: [Pkg-xfce-devel] Bug#864154: language selection not working

[Daniel Auth]

Hello,

I have tried your suggestion but the problem
remains. Let me know if there is anything I can do
to help reproducing the problem.

regards,
-- 
Daniel Auth

Bug#864260: Missing kernel in debian-installer sd-card images for armhf (stretch)

[Diego Roversi]

Package: debian-installer
Version: 20170525

The sd-card images of debian-installer for arm-hf don't have a kernel image 
inside, and they can't boot from sd.

To reproduce the problem:

#wget 
http://ftp.uk.debian.org/debian/dists/stretch/main/installer-armhf/current/images/netboot/SD-card-images/firmware.A10-OLinuXino-Lime.img.gz

#wget 
http://ftp.uk.debian.org/debian/dists/stretch/main/installer-armhf/current/images/netboot/SD-card-images/partition.img.gz

#zcat firmware.A10-OLinuXino-Lime.img.gz partition.img.gz > image_a10.img

# ls -lrt
total 63628
-rw-r--r-- 1 root root 23891122 May 25 12:21 partition.img.gz
-rw-r--r-- 1 root root   224112 May 25 12:21 firmware.A10-OLinuXino-Lime.img.gz
-rw-r--r-- 1 root root 4096 Jun  4 21:57 image_a10.img

# losetup /dev/loop0 image_a10.img 
# fdisk -lu /dev/loop0
Disk /dev/loop0: 39.1 MiB, 4096 bytes, 8 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x0eded707

Device   Boot Start   End Sectors  Size Id Type
/dev/loop0p1 * 2048 7   77952 38.1M  c W95 FAT32 (LBA)

# partprobe /dev/loop0
# mount /dev/loop0p1 /mnt/card
# ls -l /mnt/card/
total 20732
-rwxr-xr-x 1 root root 1575 May 25 10:50 boot.scr
drwxr-xr-x 2 root root41984 May 25 10:50 dtbs
-rwxr-xr-x 1 root root 21185369 May 25 10:50 initrd.gz

The boot from this sd image give this error:

Scanning mmc 0:1...   
Found U-Boot script /boot.scr 
reading /boot.scr 
1575 bytes read in 25 ms (61.5 KiB/s) 
## Executing script at 4310   
Mainline u-boot / new-style environment detected. 
reading vmlinuz   
3701008 bytes read in 391 ms (9 MiB/s)
reading dtbs/sun4i-a10-olinuxino-lime.dtb 
27941 bytes read in 621 ms (43 KiB/s) 
reading initrd.gz 
** Unable to read file initrd.gz **   
SCRIPT FAILED: continuing...

I've also tried to download the image from 
http://d-i.debian.org/daily-images/armhf/daily/, but initrd.img is missing 
instead of vmlinuz.

-- 
Diego Roversi 

Bug#864204: runit: Removal of runit-init removes /sbin/init breaking boot for runit users

[Mat]

On Mon, 5 Jun 2017 12:38:15 +0300 Adrian Bunk  wrote:
> On Mon, Jun 05, 2017 at 10:40:25AM +0200, Simon Ruderich wrote:
> > Package: runit
> > Version: 2.1.2-9.2
> > Severity: grave
> > Justification: renders package unusable
> > 
> > Hello,
> > 
> > With the recent removal of runit-init in -9.1 /sbin/init is no
> > longer provided breaking the boot for users depending on runit as
> > init system. So a user happily running runit in Jessie will have
> > a system which no longer boots in Stretch.
> >...
> 
> How would that break things for *jessie* users?
> 
> The runit-init package is not in jessie, and the runit package in jessie 
> does not provide /sbin/init

On the other hand, the runit package on jessie does provide the binaries
/sbin/runit and /sbin/runit-init that can be given to the kernel command
line option init=/sbin/runit-init. The runit package on stretch does not
provide those binaries anymore. For those users the upgrade to stretch
will break.

I understand that runit as pid1 isn't supported in debian, fair enough,
but please at least package those few binaries along with the rest
(without replacing /sbin/init).

Cheers,

-- 
Mat 



signature.asc
Description: OpenPGP digital signature

Bug#864259: radvd 2.16 FTBFS on armhf

[Geert Stappers]

Package: radvd
Version: 1:2.16-2
Severity: important


Bugreport for reporting that 2.16-2 doesn't build on armhf.

The very same radvd 2.16 source did build for armhf.
In the archive is radvd_2.16-1_armhf.deb

Yes, that is strange.


The error:

   dh_auto_build
make -j1
make[1]: Entering directory '/tmp/buildd/radvd-2.16'
make  all-am
make[2]: Entering directory '/tmp/buildd/radvd-2.16'
/bin/bash ./ylwrap gram.y y.tab.c gram.c y.tab.h `echo gram.c | sed -e 
s/cc$/hh/ -e s/cpp$/hpp/ -e s/cxx$/hxx/ -e s/c++$/h++/ -e s/c$/h/` y.output 
gram.output -- bison -y -d 
updating gram.h
gcc -DINET6=1 -DLOG_FACILITY=LOG_DAEMON -DPATH_RADVD_CONF=\"/etc/radvd.conf\" 
-DPATH_RADVD_LOG=\"/var/log/radvd.log\" -DPATH_RADVD_PID=\"/var/run/radvd.pid\" 
-DVERSION=\"2.16\" -I.   -Wdate-time -D_FORTIFY_SOURCE=2 
-Wno-implicit-function-declaration -g -O2 
-fdebug-prefix-map=/tmp/buildd/radvd-2.16=. -fstack-protector-strong -Wformat 
-Werror=format-security -c -o libradvd_parser_a-gram.o `test -f 'gram.c' || 
echo './'`gram.c
In file included from includes.h:106:0,
 from gram.y:17:
/usr/include/linux/if_arp.h:113:8: error: redefinition of 'struct arpreq'
 struct arpreq {
^~
In file included from includes.h:90:0,
 from gram.y:17:
/usr/include/net/if_arp.h:138:8: note: originally defined here
 struct arpreq
^~
In file included from includes.h:106:0,
 from gram.y:17:
/usr/include/linux/if_arp.h:121:8: error: redefinition of 'struct arpreq_old'
 struct arpreq_old {
^~
In file included from includes.h:90:0,
 from gram.y:17:
/usr/include/net/if_arp.h:147:8: note: originally defined here
 struct arpreq_old
^~
In file included from includes.h:106:0,
 from gram.y:17:
/usr/include/linux/if_arp.h:141:8: error: redefinition of 'struct arphdr'
 struct arphdr {
^~
In file included from includes.h:90:0,
 from gram.y:17:
/usr/include/net/if_arp.h:54:8: note: originally defined here
 struct arphdr
^~
Makefile:945: recipe for target 'libradvd_parser_a-gram.o' failed
make[2]: *** [libradvd_parser_a-gram.o] Error 1
make[2]: Leaving directory '/tmp/buildd/radvd-2.16'
Makefile:755: recipe for target 'all' failed


The plan is to let the dust settle down   8^)

 
Groeten
Geert Stappers
-- 
Leven en laten leven

Bug#864257: python3-sleekxmpp: TLS certificate verification fails

[Gerald Turner]

Control: tags -1 + patch

Attached is a patch that adds quilt patch 003-fix_tls_date_check.patch
which removes two-digit-year variants from certificate validity date
decoding.

-- 
Gerald Turner Encrypted mail preferred!
OpenPGP: 4096R / CA89 B27A 30FA 66C5 1B80  3858 EC94 2276 FDB8 716D
commit 90189c8c64a6e7ccd967b244b2d5639600f4edc8
Author: Gerald Turner 
Date:   Mon Jun 5 12:22:29 2017 -0700

Added patch 003-fix_tls_date_check.patch which removes two-digit-year variants
from certificate validity date decoding (Closes: #864257)

diff --git a/debian/patches/003-fix_tls_date_check.patch b/debian/patches/003-fix_tls_date_check.patch
new file mode 100644
index 000..2f873d1
--- /dev/null
+++ b/debian/patches/003-fix_tls_date_check.patch
@@ -0,0 +1,32 @@
+Description: Remove two-digit-year variants from certificate validity date
+ decoding.
+Author: Gerald Turner 
+Bug-Debian: https://bugs.debian.org/864257
+Forwarded: no
+Last-Update: 2017-06-05
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/sleekxmpp/xmlstream/cert.py
 b/sleekxmpp/xmlstream/cert.py
+@@ -108,19 +108,11 @@ def extract_dates(raw_cert):
+ 
+ not_before = validity.getComponentByName('notBefore')
+ not_before = str(not_before.getComponent())
++not_before = datetime.strptime(not_before, '%Y%m%d%H%M%SZ')
+ 
+ not_after = validity.getComponentByName('notAfter')
+ not_after = str(not_after.getComponent())
+-
+-if isinstance(not_before, GeneralizedTime):
+-not_before = datetime.strptime(not_before, '%Y%m%d%H%M%SZ')
+-else:
+-not_before = datetime.strptime(not_before, '%y%m%d%H%M%SZ')
+-
+-if isinstance(not_after, GeneralizedTime):
+-not_after = datetime.strptime(not_after, '%Y%m%d%H%M%SZ')
+-else:
+-not_after = datetime.strptime(not_after, '%y%m%d%H%M%SZ')
++not_after = datetime.strptime(not_after, '%Y%m%d%H%M%SZ')
+ 
+ return not_before, not_after
+ 
diff --git a/debian/patches/series b/debian/patches/series
index 37acb6c..840f2a1 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 CVE-2017-5591.patch
 0001-get-rid-of-embedded-copies-dateutil-gnupg-ordereddic.patch
 002-fix_tls_version_check.patch
+003-fix_tls_date_check.patch


signature.asc
Description: PGP signature

Bug#864060: minetest: Please package the new upstream version 0.4.16

[Martin Quinson]

Hello,

On Mon, Jun 05, 2017 at 04:16:12PM +0200, Markus Koschany wrote:
> 
> I have just uploaded the new version to experimental. Fortunately the
> backport of minetest is not very difficult. I can do that as soon as
> stretch-backports is open.

Thanks a lot, you definitely rulez. And it's not just an packaging of
the next upstream, you really cleaned up the existing packaging, many
thanks for that too.

Bye, Mt.

signature.asc
Description: PGP signature

Bug#864121: [Pkg-xfce-devel] Bug#864121: lightdm: Please stop Build-Depending on libgcrypt11-dev transition package

[Yves-Alexis Perez]

On Sun, 2017-06-04 at 12:41 +0200, Andreas Metzler wrote:
> Source: lightdm
> Version: 1.18.3-2
> Severity: normal
> 
> lightdm build-depends on libgcrypt11-dev. This is a transition
> package, please use libgcrypt20-dev instead.
> 
Hi, I've commited the change to svn, it'll be part of the next upload.

Regards,
-- 
Yves-Alexis

signature.asc
Description: This is a digitally signed message part

Bug#862357: pidx % serv->sv_nrpools causes segfault

[Nye Liu]

At net/sunrpc/svc.c line 355 svc_pool_for_cpu(), srv->sv_nrpools can be 
zero:


return >sv_pools[pidx % serv->sv_nrpools];

Bug#863927: qtwebengine-opensource-src: FTBFS: memory exhausted

[Adrian Bunk]

On Mon, Jun 05, 2017 at 10:44:59AM +0200, Rene Engelhard wrote:
>...
> This looks unnecessarily ugly to me (or I miss something). Why not use
> dpkg-buildflags' mechanism for this? See e.g.
>...
> In this case maybe _APPEND -g1 (if you don't do the _STRIP)

Thanks, your _APPEND suggestion is much better than my original patch.

Sandro, the debdiff of my upload is attached.

> Regards,
> 
> Rene

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

diffstat for qtwebengine-opensource-src-5.7.1+dfsg 
qtwebengine-opensource-src-5.7.1+dfsg

 changelog |8 
 rules |8 
 2 files changed, 16 insertions(+)

diff -Nru qtwebengine-opensource-src-5.7.1+dfsg/debian/changelog 
qtwebengine-opensource-src-5.7.1+dfsg/debian/changelog
--- qtwebengine-opensource-src-5.7.1+dfsg/debian/changelog  2017-01-18 
20:08:01.0 +0200
+++ qtwebengine-opensource-src-5.7.1+dfsg/debian/changelog  2017-06-05 
16:16:54.0 +0300
@@ -1,3 +1,11 @@
+qtwebengine-opensource-src (5.7.1+dfsg-6.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Build with -g1 instead of -g on 32bit architectures.
+(Closes: #863927)
+
+ -- Adrian Bunk   Mon, 05 Jun 2017 16:16:54 +0300
+
 qtwebengine-opensource-src (5.7.1+dfsg-6) unstable; urgency=medium
 
   [ Sandro Knauß ]
diff -Nru qtwebengine-opensource-src-5.7.1+dfsg/debian/rules 
qtwebengine-opensource-src-5.7.1+dfsg/debian/rules
--- qtwebengine-opensource-src-5.7.1+dfsg/debian/rules  2017-01-18 
20:00:38.0 +0200
+++ qtwebengine-opensource-src-5.7.1+dfsg/debian/rules  2017-06-05 
16:16:54.0 +0300
@@ -6,6 +6,14 @@
 export NINJAFLAGS=-v
 include /usr/share/dpkg/default.mk
 
+DEB_HOST_ARCH_BITS ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_BITS)
+
+# TODO: properly integrate with the other debug setting
+ifeq (32,$(DEB_HOST_ARCH_BITS))
+   export DEB_CFLAGS_MAINT_APPEND = -g1
+   export DEB_CXXFLAGS_MAINT_APPEND = -g1
+endif
+
 export CFLAGS := $(shell dpkg-buildflags --get CFLAGS) $(shell dpkg-buildflags 
--get CPPFLAGS)
 export CXXFLAGS := $(shell dpkg-buildflags --get CXXFLAGS) $(shell 
dpkg-buildflags --get CPPFLAGS)
 export LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS) -Wl,--as-needed

Bug#864143: closed by Ben Hutchings <b...@decadent.org.uk> (Re: Bug#864143: initramfs-tools: missing dependency on busybox?)

[Ben Hutchings]

On Mon, 2017-06-05 at 17:13 +0100, Dave Love wrote:
> I guess I wrote that badly.
> 
> busybox isn't actually required by cryptsetup, just recommended, but it
> should be required by something.  The example shows it's possible to
> make packages uninstallable, if they pull the initramfs trigger, by
> removing busybox, which you can do cleanly as far as apt is concerned:

If cryptsetup's initramfs support was moved to a separate package, that
would depend on busybox.  See bug #783297.

Ben.

-- 
Ben Hutchings
It is easier to write an incorrect program than to understand a correct
one.


signature.asc
Description: This is a digitally signed message part

Bug#864258: git-gui: Amend Last Commit scrambles umlaut in author name.

[Bernhard Übelacker]

Package: git-gui
Version: 1:2.11.0-3
Severity: normal
Tags: patch

Dear Maintainer,
using "git gui" to "Amend Last Commit" scrambles the
"Author" name in the commit, if the name contains at least a "Ü".

A "new" commit is not affected. But on every amend it gets
scrambled more.

New: From: =?UTF-8?q?Test=20=C3=9Ctest?= 
Amend 1: From: =?UTF-8?q?Test=20=C3=83=C2=9Ctest?= 
Amend 2: From: =?UTF-8?q?Test=20=C3=83=C2=83=C3=82=C2=9Ctest?= 
...

I tried to report this issue upstream here [1], but it seems
I failed to put the right persons on CC.

Attached patch tries to maintain encoding.
Also a file containing commands to reproduce is attached.

Kind regards,
Bernhard


[1] http://www.spinics.net/lists/git/msg295855.html



-- System Information:
Debian Release: 9.0
  APT prefers testing-proposed-updates
  APT policy: (500, 'testing-proposed-updates'), (500, 'testing-debug'), (500, 
'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/16 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages git-gui depends on:
ii  git  1:2.11.0-3
ii  tk   8.6.0+9

Versions of packages git-gui recommends:
ii  gitk  1:2.11.0-3

Versions of packages git-gui suggests:
ii  aspell   0.60.7~20110707-3+b2
ii  git-doc  1:2.11.0-3

-- no debconf information

mkdir test
cd test
git init
git config user.name "Test Ütest"
git config user.email "test@localhost"

echo 1 > testfile
git add testfile
git commit -m "Test commit."
git format-patch --keep-subject -o . -1
cat ./0001-Test-commit.patch | grep From:
From: =?UTF-8?q?Test=20=C3=9Ctest?= 

echo 2 > testfile
echo $LANG
de_DE.UTF-8
git gui&
Kontext zur Bereitstellung Hinzufügen (Stage Hunk For Commit)
Letzte nachbessern (Amend Last Commit)
Eintragen (Commit)
Ctrl+Q
git format-patch --keep-subject -o . -1
cat ./0001-Test-commit.patch | grep From:
From: =?UTF-8?q?Test=20=C3=83=C2=9Ctest?= 

-

From: =?UTF-8?q?Test=20=C3=9Ctest?= 
From: =?UTF-8?q?Test=20=C3=83=C2=9Ctest?= 
From: =?UTF-8?q?Test=20=C3=83=C2=83=C3=82=C2=9Ctest?= 
From: =?UTF-8?q?Test=20=C3=83=C2=83=C3=82=C2=83=C3=83=C2=82=C3=82=C2=9Ctes?=
 =?UTF-8?q?t?= 
>From eaa17c49d8dd7f9fd52dba5d0b42a9ffc4e8a323 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernhard=20=C3=9Cbelacker?= 
Date: Tue, 14 Feb 2017 23:21:26 +0100
Subject: [PATCH/RFC] git-gui: Fix author name encoding in Amend Last Commit.

In "New Commit" author name is set correctly.
But when doing "Amend Last Commit" the encoding gets wrong.

This patch adds in load_last_commit a similar assignment converting
to tcl encoding for commit_author as already exists for msg.
---
 lib/commit.tcl | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/commit.tcl b/lib/commit.tcl
index 83620b7..f5357f2 100644
--- a/lib/commit.tcl
+++ b/lib/commit.tcl
@@ -46,6 +46,9 @@ You are currently in the middle of a merge that has not been 
fully completed.  Y
set msg [encoding convertfrom $enc $msg]
}
set msg [string trim $msg]
+   if {$enc ne {}} {
+   set commit_author [encoding convertfrom $enc 
$commit_author]
+   }
} err]} {
error_popup [strcat [mc "Error loading commit data for amend:"] 
"\n\n$err"]
return
-- 
2.11.0

Bug#864154: [Pkg-xfce-devel] Bug#864154: language selection not working

[Yves-Alexis Perez]

On Sun, 2017-06-04 at 15:40 +0200, Daniel Auth wrote:
> xfce's language is determined not by the current
> language chosen in lightdm, but by the language that
> was chosen in lightdm before the last login.
> 
>    * What outcome did you expect instead?
> 
> Selecting a language in lightdm should affect
> the current session.

Actuall it does, but if you chose the language before entering your name (or
chosing it from the menu) it'll load the saved language for that user.

Chose the langage after selecting the user and it should work.

Regards,
-- 
Yves-Alexis

signature.asc
Description: This is a digitally signed message part

Bug#862357: divide error in 4.9.30-1

[Nye Liu]

Similar to the problem reported here:

https://bugzilla.redhat.com/show_bug.cgi?id=1427493#c31

Jun  5 11:41:06 ospylac kernel: [ 1155.573913] divide error:  [#1] SMP
Jun  5 11:41:06 ospylac kernel: [ 1155.573929] Modules linked in: joydev 
rpcsec_gss_krb5 nfsv4 dns_resolver nfs fscache binfmt_misc intel_rapl sb_e
dac edac_core x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel 
kvm iTCO_wdt iTCO_vendor_support evdev mgag200 ttm irqbypass crct10dif_pclmu
l crc32_pclmul ghash_clmulni_intel drm_kms_helper drm ioatdma wmi 
i2c_algo_bit sg intel_cstate intel_uncore intel_rapl_perf serio_raw 
acpi_power_me
ter hpwdt lpc_ich hpilo pcspkr mfd_core button ipmi_si ipmi_msghandler 
dca pcc_cpufreq acpi_cpufreq shpchp nfsd auth_rpcgss oid_registry nfs_acl lo
ckd grace loop parport_pc ppdev lp parport sunrpc ip_tables x_tables 
autofs4 btrfs crc32c_generic xor raid6_pq ata_generic hid_generic usbhid 
hid s
d_mod crc32c_intel aesni_intel aes_x86_64 glue_helper lrw gf128mul 
ablk_helper cryptd psmouse ata_piix uhci_hcd
Jun  5 11:41:06 ospylac kernel: [ 1155.575576]  ehci_pci ehci_hcd libata 
hpsa usbcore scsi_transport_sas usb_common tg3 ptp scsi_mod pps_core libph

y thermal
Jun  5 11:41:06 ospylac kernel: [ 1155.577539] CPU: 2 PID: 3859 Comm: 
rpc.nfsd Not tainted 4.9.0-3-amd64 #1 Debian 4.9.30-1
Jun  5 11:41:06 ospylac kernel: [ 1155.578297] Hardware name: HP 
ProLiant DL380p Gen8, BIOS P70 02/10/2014
Jun  5 11:41:06 ospylac kernel: [ 1155.579069] task: 94c8b82510c0 
task.stack: a7dbc5a0c000
Jun  5 11:41:06 ospylac kernel: [ 1155.579842] RIP: 
0010:[]  [] 
svc_pool_for_cpu+0x27/0x70 [sunrpc]
Jun  5 11:41:06 ospylac kernel: [ 1155.581143] RSP: 
0018:a7dbc5a0fd28  EFLAGS: 00010246
Jun  5 11:41:06 ospylac kernel: [ 1155.581941] RAX:  
RBX: 94c8b83dd000 RCX: 
Jun  5 11:41:06 ospylac kernel: [ 1155.582752] RDX:  
RSI: 0002 RDI: 94c8c28c7200
Jun  5 11:41:06 ospylac kernel: [ 1155.583563] RBP: 94c8b83dd000 
R08: 94c8c28c7228 R09: 00018783
Jun  5 11:41:06 ospylac kernel: [ 1155.585105] R10: 0006 
R11: 0009 R12: 94c8bfb72008
Jun  5 11:41:06 ospylac kernel: [ 1155.585931] R13: 94c8c28c7200 
R14: 94c8b83dd000 R15: 55d94bf2c880
Jun  5 11:41:06 ospylac kernel: [ 1155.586766] FS: 
7f56a5df5740() GS:94c8de68() knlGS:
Jun  5 11:41:06 ospylac kernel: [ 1155.587610] CS:  0010 DS:  ES: 
 CR0: 80050033
Jun  5 11:41:06 ospylac kernel: [ 1155.589181] CR2: 7ffcb813af90 
CR3: 0007f809b000 CR4: 001406e0

Jun  5 11:41:06 ospylac kernel: [ 1155.590040] Stack:
Jun  5 11:41:06 ospylac kernel: [ 1155.590897]  c0560bfe 
94c8b83dd000 94c8b83dd010 94c8bfb72008
Jun  5 11:41:06 ospylac kernel: [ 1155.591776]  94c8c28c7200 
94c8b83dd000 55d94bf2c880 c05605a8
Jun  5 11:41:06 ospylac kernel: [ 1155.593147]  0010 
0ff8 c0553d4e 0010fffe

Jun  5 11:41:06 ospylac kernel: [ 1155.594040] Call Trace:
Jun  5 11:41:06 ospylac kernel: [ 1155.594939]  [] ? 
svc_xprt_do_enqueue+0xde/0x250 [sunrpc]
Jun  5 11:41:06 ospylac kernel: [ 1155.595852]  [] ? 
svc_xprt_received+0x48/0xb0 [sunrpc]
Jun  5 11:41:06 ospylac kernel: [ 1155.597012]  [] ? 
svc_addsock+0x12e/0x1e0 [sunrpc]
Jun  5 11:41:06 ospylac kernel: [ 1155.597923]  [] ? 
recalc_sigpending+0x17/0x50
Jun  5 11:41:06 ospylac kernel: [ 1155.598844]  [] ? 
svc_unregister.isra.9+0xb6/0x130 [sunrpc]
Jun  5 11:41:06 ospylac kernel: [ 1155.599763]  [] ? 
__getnstimeofday64+0x3c/0xd0
Jun  5 11:41:06 ospylac kernel: [ 1155.601654]  [] ? 
do_gettimeofday+0x25/0x90
Jun  5 11:41:06 ospylac kernel: [ 1155.602585]  [] ? 
write_ports+0x266/0x2e0 [nfsd]
Jun  5 11:41:06 ospylac kernel: [ 1155.603515]  [] ? 
alloc_pages_current+0x91/0x140
Jun  5 11:41:06 ospylac kernel: [ 1155.604696]  [] ? 
__check_object_size+0xfa/0x1d8
Jun  5 11:41:06 ospylac kernel: [ 1155.605628]  [] ? 
write_recoverydir+0x100/0x100 [nfsd]
Jun  5 11:41:06 ospylac kernel: [ 1155.606568]  [] ? 
nfsctl_transaction_write+0x43/0x70 [nfsd]
Jun  5 11:41:06 ospylac kernel: [ 1155.607512]  [] ? 
vfs_write+0xb0/0x190
Jun  5 11:41:06 ospylac kernel: [ 1155.608944]  [] ? 
SyS_write+0x52/0xc0
Jun  5 11:41:06 ospylac kernel: [ 1155.609885]  [] ? 
system_call_fast_compare_end+0xc/0x9b
Jun  5 11:41:06 ospylac kernel: [ 1155.610826] Code: 00 00 00 00 0f 1f 
44 00 00 48 8b 87 98 00 00 00 48 83 78 08 00 74 10 8b 05 5b 52 02 00 83 
f8 01 74 3f 83 f8 02 74 18 31 c0 31 d2  b7 88 00 00 00 89 d0 48 c1 
e0 07 48 03 87 90 00 00 00 c3 48
Jun  5 11:41:06 ospylac kernel: [ 1155.613815] RIP  [] 
svc_pool_for_cpu+0x27/0x70 [sunrpc]

Jun  5 11:41:06 ospylac kernel: [ 1155.614809]  RSP 
Jun  5 11:41:06 ospylac kernel: [ 1155.615804] ---[ end trace 
081a0f3a5c87c639 ]---

Bug#864257: python3-sleekxmpp: TLS certificate verification fails

[Gerald Turner]

Package: python3-sleekxmpp
Version: 1.3.1-6
Severity: normal

Dear Maintainer,

I have been using painintheapt on several systems running jessie,
jessie-backports, and stretch.  For quite some time the hosts running
jessie-backports and stretch have been failing to execute painintheapt,
in fact there's an infinite loop.  Today I decided to investigate the
problem and discovered a bug in sleekxmpp.

I tweaked a copy of the painintheapt script to enable debug logging
which produced the following output, with reconnection attempts repeated
indefinitely:

  DEBUGWaiting 2.072999311351683 seconds before connecting.
  DEBUGDNS: Querying SRV records for unzane.com
  DEBUGDNS: Querying jabber.unzane.com for  records.
  DEBUGDNS: Querying jabber.unzane.com for A records.
  DEBUGConnecting to [2001:470:e861:4::2]:5222
  DEBUGEvent triggered: connected
  DEBUG  TRANSITION disconnected -> connected
  DEBUGStarting HANDLER THREAD
  DEBUGLoading event runner
  DEBUGSEND (IMMED): 
  DEBUGRECV: 
  DEBUGRECV: http://etherx.jabber.org/streams;>http://jabber.org/protocol/caps; 
node="http://www.process-one.net/en/ejabberd/; hash="sha-1" 
ver="N+nCub6oxVjIxxoREHOeJv4wQNU=" />http://jabber.org/features/compress;>zlib
  DEBUGSEND (IMMED): 
  DEBUGRECV: 
  DEBUGStarting TLS
  INFO Negotiating TLS
  INFO Using SSL version: TLSv1
  DEBUGCERT: -BEGIN CERTIFICATE-
  MIIGdjCCBF6gAwIBAgIEALIrzTANBgkqhkiG9w0BAQsFADBdMTgwNgYDVQQDEy9V
  bnphbmUgSW50ZXJtZWRpYXRlIENlcnRpZmljYXRlIEF1dGhvcml0eSAoUlNBKTEh
  MB8GA1UECgwY8J+GhPCfhb3wn4aJ8J+FsPCfhb3wn4W0MCIYDzIwMTQwNDA3MTcy
  NzAwWhgPMjAzODAxMTkwMzE0MDdaMCIxIDAeBgNVBAMTF255YXJsYXRob3RlcC51
  bnphbmUuY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo/IzfzDD
  EHc1NO/EzOGT8+l8Uqiu2ZLt89gohrxgohijWRFLJCJHoD8Q9NgVhYRXPQMzWxC1
  hzZfps8UDGUeDfgfEbW2NdvXRElSUexgcb4pqIJlQEUQ7qe22mETMqYwu7jSgswz
  Rg7LQqbNRQRKYQRbAezhGe/reHm8mhKoV6guz7XPBHGxJMvWxgiwfNXFZJ3tlp7W
  Qu0zz/f/CZKS+Y5QqfAcwyfbnD/jV4ekixi/utt77Qq3AhxbZmW6TuoKuGiD9JBA
  +51XFbI3Xkf5yokfZaj7cVGes+ntZMNmDOXyuHnf1zsUYfDentWqwclMdjPO6hu4
  oagzy245PlsAiRgdFqrngrimTmKn+Ab/uaMq/y+XU5e1wnBP1WgWynFmfIw3fXhI
  gRjrrnM2tcLshS0Tmwf8NAUivKS+yf5wEdFdXmAWwjaOqIm4Co7PxCb722X4MaR4
  0y9whFDVFl87wv2C21n0yPRqnsk6CViSA1NqFk7IEiYF/VrQRZ5wtZor4ImzLyNM
  gfaI7WrkbnRn5isSZZn3CIKkSelcVADPAq0XuLqAcY4pr3ttt3DJd9bgYRsKq9ZQ
  f408fRlLmVbxYh2sl15p8uowClHTxng7wnuMt+kCVL8TACXiohnF7TrvOL+/5zjz
  jzgCgC8NfHnhnCyY/jlOOqnOewS44Dx7o4UCAwEAAaOCAXMwggFvMAwGA1UdEwEB
  /wQCMAAwJwYDVR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMBBggrBgEFBQcDETCB
  owYDVR0RBIGbMIGYghdueWFybGF0aG90ZXAudW56YW5lLmNvbYIKdW56YW5lLmNv
  bYIRamFiYmVyLnVuemFuZS5jb22CEyouamFiYmVyLnVuemFuZS5jb22CEHdlYXZl
  LnVuemFuZS5jb22CD3NvZ28udW56YW5lLmNvbYITZnVuYW1ib2wudW56YW5lLmNv
  bYIRbXVtYmxlLnVuemFuZS5jb20wDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQU
  2aIsO1Rktllh9KaeS6LqBYp2A+cwHwYDVR0jBBgwFoAUuz3o+9sxu31sw58Q19zU
  HVuefiUwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cHM6Ly93d3cudW56YW5lLmNvbS94
  NTA5L3Jldm9jYXRpb24tcnNhLnBlbTANBgkqhkiG9w0BAQsFAAOCAgEAmGKimuSw
  xMtIomsygb0U1qoui5h2pkhI5UnPMAFvUm5bMwkSHgrMhyC31P2XI1zA9FovtTxV
  Olm8RrdPV0wJ/tgfBHLZ6a8DpuEYhD+1llrQ81RowcfQHYsdKs2SHuChe85hJiVz
  IpZZXDXKsiyKnrvtOPETitWI+KhYcEDChO/kwoL3jG6ffKhjrkNDXO4iuiwTJidN
  CHNmkKWKwN1ywXmuopt5eD6x/QMPjs45GPL7WU5FtHcdjDHPcWv4xl4yXj/O2HBy
  RgoshWLdxOisP7Cy+BT6IM9PwqqNF657ke7nsdZr/BA2AdXlcwObGixLqLMcz6On
  IGR8RfenmcZVBWrZnMOPuv9snJZzPWmbYGl/v0Tk+L72WhJa4/22TnjJWRmq4Daq
  DLOZYQtsV/FPHM+Q+Je9amR7CXZx/j+s97ZVQEaj5Y6bqgQoTL36L2LtKlUo2tI2
  y4FjGiMdI+bqOqfe1TOV6F4NoepDoAtT6DUvH/rdB2GV8MKe8YPaimhJe62L9gzx
  LkuFv4uPO+qhzP8MN9tbB3F6jyHYJI7d0sn2WFzFIBlbNkaI3oYvxevpugEkLP1t
  KgeGGXolMxYz8S9rNTr9aSSYjLVsdOsTOMS6h0nvFIF/EhvWOqIDAXkj+v9TIwyH
  j3shn0Jwh8RgTYLNHNyD36+MO6p5imiVODg=
  -END CERTIFICATE-

  DEBUGEvent triggered: ssl_cert
  ERRORtime data '20140407172700Z' does not match format '%y%m%d%H%M%SZ'
  Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/sleekxmpp/xmlstream/xmlstream.py", 
line 1492, in _process
  if not self.__read_xml():
File "/usr/lib/python3/dist-packages/sleekxmpp/xmlstream/xmlstream.py", 
line 1564, in __read_xml
  self.__spawn_event(xml)
File "/usr/lib/python3/dist-packages/sleekxmpp/xmlstream/xmlstream.py", 
line 1632, in __spawn_event
  handler.prerun(stanza_copy)
File 
"/usr/lib/python3/dist-packages/sleekxmpp/xmlstream/handler/callback.py", line 
64, in prerun
  self.run(payload, True)
File 
"/usr/lib/python3/dist-packages/sleekxmpp/xmlstream/handler/callback.py", line 
76, in run
  self._pointer(payload)
File 
"/usr/lib/python3/dist-packages/sleekxmpp/features/feature_starttls/starttls.py",
 line 64, in _handle_starttls_proceed
  if self.xmpp.start_tls():
File "/usr/lib/python3/dist-packages/sleekxmpp/xmlstream/xmlstream.py", 
line 889, in start_tls
  cert.verify(self._expected_server_name, self._der_cert)
File 

Bug#864256: unblock: lhs2tex/1.19-5

[Joachim Breitner]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package lhs2tex

it fixes the seroius bug #864225

unblock lhs2tex/1.19-5

Patch below:

diff -Nru lhs2tex-1.19/debian/changelog lhs2tex-1.19/debian/changelog
--- lhs2tex-1.19/debian/changelog   2016-10-27 18:37:21.0 -0400
+++ lhs2tex-1.19/debian/changelog   2017-06-05 12:29:08.0 -0400
@@ -1,3 +1,9 @@
+lhs2tex (1.19-5) unstable; urgency=high
+
+  * Depend on texlive-science (closes: #864225)
+
+ -- Joachim Breitner   Mon, 05 Jun 2017 12:28:59 -0400
+
 lhs2tex (1.19-4) unstable; urgency=medium
 
   * Upload to unstable as part of GHC 8 transition.
diff -Nru lhs2tex-1.19/debian/control lhs2tex-1.19/debian/control
--- lhs2tex-1.19/debian/control 2016-10-27 18:37:21.0 -0400
+++ lhs2tex-1.19/debian/control 2017-06-05 14:01:10.0 -0400
@@ -21,7 +21,7 @@
 Multi-Arch: foreign
 Depends:
  texlive-latex-base,
- texlive-math-extra,
+ texlive-science,
  ${misc:Depends},
  ${shlibs:Depends},
 Description: Generates LaTeX code from literate Haskell sources


Thanks,
Joachim


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#791944: /etc/init.d/sendsigs kills systemd-udevd upon shutdown, causing dmsetup to hang

[Pali Rohár]

On Monday 05 June 2017 20:23:52 Michael Biebl wrote:
> Am 05.06.2017 um 13:12 schrieb Pali Rohár:
> >> Am 05.06.2017 um 09:59 schrieb Pali Rohár:
> >>> /etc/rc0.d/K08cryptdisks
> >>> /etc/rc0.d/K09cryptdisks-early
> >>> /etc/rc0.d/K10udev
> > 
> > Problem is that in K08 and K09 phase is udev not running, but
> > socket is present. udev is probably killed by
> > /etc/rc0.d/K03sendsigs which is before K08 and K09. Above patch
> > modify K10 which is *after* K08 and K09, therefore it has
> > absolutely no effect on fixing this issue.
> 
> Ah, ok. The info about sendsigs being ordered before udev on shutdown
> was missing.

Anyway, if you are patching K10udev and whole freeze happens in 
K08cryptdisks and K09cryptdisks-early, then such patch is noop as whole 
freeze happens before patch line is executed. sendsigs does not change 
behaviour of patch.

> I guess we need both then:
> - udev using the sendsigs.omit.d interface to avoid being killed by
> /etc/init.d/sendsigs
> and
> - removing the socket on stop and making sure udev is stopped in 0 /
> 6.
> 
> Anyone willing to work on a patch?

I think the first thing which needs to be done is to define order 
sendsigs, cryptdisks and udev. Should be udev really stopped after 
cryptdisks? Or not? If not, then udev should be stopped *before* 
sendsigs. Otherwise sendsigs needs to be patched to not kill udev.

But other question is what happens in system when udev is still running 
even after unmounting filesystem and when basically all other remaining 
services were already killed by sendsigs...

-- 
Pali Rohár
pali.ro...@gmail.com


signature.asc
Description: This is a digitally signed message part.

Bug#791944: /etc/init.d/sendsigs kills systemd-udevd upon shutdown, causing dmsetup to hang

[Michael Biebl]

Am 05.06.2017 um 13:12 schrieb Pali Rohár:
>> Am 05.06.2017 um 09:59 schrieb Pali Rohár:

>>> /etc/rc0.d/K08cryptdisks
>>> /etc/rc0.d/K09cryptdisks-early
>>> /etc/rc0.d/K10udev

> Problem is that in K08 and K09 phase is udev not running, but socket is
> present. udev is probably killed by /etc/rc0.d/K03sendsigs which is
> before K08 and K09. Above patch modify K10 which is *after* K08 and K09,
> therefore it has absolutely no effect on fixing this issue.

Ah, ok. The info about sendsigs being ordered before udev on shutdown
was missing. I guess we need both then:
- udev using the sendsigs.omit.d interface to avoid being killed by
/etc/init.d/sendsigs
and
- removing the socket on stop and making sure udev is stopped in 0 / 6.

Anyone willing to work on a patch?







signature.asc
Description: OpenPGP digital signature

Bug#864254: RFS: dblatex/0.3.9-2 [RC]

[Andreas Hoenen]

Package: sponsorship-requests
Severity: important

Dear mentors,

I am looking for a sponsor for my package "dblatex"

  Package name: dblatex
  Version : 0.3.9-3
  Upstream Author : Benoît Guillon 
  URL : http://dblatex.sourceforge.net/
  License : GPL V2+
  Section : text

It builds those binary packages:

  dblatex - Produces DVI, PostScript, PDF documents from DocBook sources
  dblatex-doc - Documentation for dblatex

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/dblatex

Alternatively, one can download the package with dget using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/d/dblatex/dblatex_0.3.9-3.dsc

Changes since the last upload:

  * Fix upgrade errors when dist-upgrading from jessie to stretch:
+ Change the dependency from meanwhile virtual package
  texlive-math-extra to its successor texlive-science.
  Closes: #863683
+ Remove the call of command mktexlsr in postrm as it may be
  temporarily unavailable when dblatex postrm is called and as it is
  superfluous (mktexlsr gets called via a trigger anyway).
+ Remove postinst as it consists only of the problematic and
  superfluous mktexlsr call.
Thanks to all the people who helped to analyze and to resolve this
problem.  Closes: #863890

It's quite important that this fix gets included into stretch, as it
will avoid jessie-stretch upgrade problems for systems with dblatex
installed.  Thus shamelessly adding those to cc: who have been involved
in analyzing and resolving this problem until now.

Thanks, Andreas
-- 
Andreas Hoenen 
GPG: 1024D/B888D2CE
 A4A6 E8B5 593A E89B 496B
 82F0 728D 8B7E B888 D2CE


signature.asc
Description: PGP signature

Bug#864255: ITP: vzlogger -- log a wide variety of measurements from smartmeters and sensors

[Andreas Moog]

Package: wnpp
Severity: wishlist
Owner: Andreas Moog 

* Package name: vzlogger
  Version : 0.6.1
  Upstream Author : Steffen Vogel 
* URL : https://github.com/volkszaehler/vzlogger/
* License : GPL3
  Programming Lang: C++
  Description : log a wide variety of measurements from smartmeters and 
sensors

vzlogger is a tool to read and log measurements of a wide variety of 
 smartmeters and sensors. It supports various commonly used protocols such as
 s0, d0, sml, oms and others. It can report the readings to a volkszaehler.org 
 middleware (part of the Volkszaehler open smart meter platform) or directly
 into a database for later analysis.

Bug#864253: Please remove bcrypt- it has not been updated in 15 years, manpage is incorrect, and package is incorrectly named

[Aaron Toponce]

Package: bcrypt
Version: 1.1-8.1+b1

The bcrypt package is 15 years outdated, with no updates. The last update was
2002-09-13: https://sourceforge.net/projects/bcrypt/files/.

In addition, bug #700758 mentions that bcrypt does not use a secure form of
encryption, in that it uses the Blowfish algorithm. Indeed, Blowfish is a
64-bit cipher, and is vulnerable to the Sweet32 Birthday attack. See
https://sweet32.info/.

Further, it uses Blowfish in ECB mode (as bug #700758 mentions). ECB mode
retains structure of the file that it encrypts, and should never be used as a
serious mode of encryption.

Continuing, aside from using an ECB mode, the encryption is not authenticated
using a message authentication code (MAC). As such, the encrypted data is
subject to bit flipping attacks, replay attacks, and other vulnerabilities.

If that's not bad enough, the term `bcrypt' is actually a password hashing
function with a tunable parameter as a CPU cost. However, this package is not
doing password hashing, but instead doing only Blowfish encryption. See
https://en.wikipedia.org/wiki/Bcrypt versus
https://en.wikipedia.org/wiki/Blowfish_(cipher). Blowfish is not bcrypt, and
bcrypt is not Blowfish.

In the manpage, it provides http://www.counterpane.com/bfsh-koc.zip as a link
to download the original Blowfish sources, but that link redirects to
https://www.globalservices.bt.com/uk/en/products_category/security_and_risk_management.
Further, the domain to the email address of  is no
longer valid.

Due to the bugs:

* Using Blowfish
* Using ECB mode
* Not using authenticated encryption
* Manpage outdated
* Package incorrectly named (confusing with the password hashing alg.)
* Sources outdated

This package should just be dropped from the repositories.

-- 
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o


signature.asc
Description: PGP signature

Bug#864235: rygel: Enhancement Request - Samsung TV "AllShare" Support (et al.)

[Jens Georg]

> Package: rygel
> Version: 0.32.1-3
> Severity: wishlist
>  
> Interesting comparison of Rygel vs. miniDLNA/ReadyMedia in my

environment which
> includes a Samsung TV.

Samsung's AllShare is severely screwed and changes bugs/regressions
from release to release. I wonder what they managed to broke now.

Please take this upstream, from your description I assume that just the
mime type is not matching.

To fix this, I need a packet capture of the working case of
communication when playing the file from minidlna. See https://wiki.gno
me.org/Projects/Rygel/tcpdump for acquiring such a dump.

Bug#864252: phpMyAdmin package not using admin-user preseed (still)

[Steven Maddox]

Package: phpmyadmin
Version: 4:4.2.12-2+deb8u2

I've had to log this as a fresh bug as I can't seem to re-open bug
619362... I just get back "smtp; 550 Unknown or archived bug"

So the last time I logged this it was Debian 6 and people thought it was
dbconfig-common for some reason (I'm not convinced).

Now it's Debian 8...

Give it a test like thusly on a fresh box/VM...

# Setup...

echo mysql-server-5.5 mysql-server/root_password password sqlpass | sed
'P;s/ /_again /2' | debconf-set-selections
apt-get -y install mysql-server-5.5
mysql -psqlpass mysql -e "UPDATE mysql.user SET user='sqluser' WHERE
user='root'; FLUSH PRIVILEGES"
echo phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2 |
debconf-set-selections
echo phpmyadmin phpmyadmin/dbconfig-install boolean true |
debconf-set-selections
echo phpmyadmin phpmyadmin/mysql/admin-pass password sqluser |
debconf-set-selections
echo phpmyadmin phpmyadmin/mysql/admin-user string sqlpass |
debconf-set-selections
echo phpmyadmin phpmyadmin/mysql/app-pass password apppass | sed
'P;s/\/mysql//;s/ /word-confirm /2' | debconf-set-selections

# Main event (get popcorn)...

apt-get -y install phpmyadmin


-- 
Steven Maddox
Lantizia

Bug#863308: fixed in golang-1.7 1.7.6-1

[Hilko Bengen]

* Michael Hudson-Doyle:

> On 4 June 2017 at 19:10, Moritz Mühlenhoff  wrote:
>
> On Thu, Jun 01, 2017 at 10:05:07AM +, Michael Hudson-Doyle wrote:
> > Closes: 863308
> > Changes:
> >  golang-1.7 (1.7.6-1) unstable; urgency=medium
> >  .
> >    * New upstream release. (Closes: #863308)
> >    * Remove d/patches/cl-29995--tzdata-2016g.patch, applied upstream.
>
> Are you planning to file an unblock request for this (and the similar
> change for Go 1.8)?
>
> AIUI Hilko (Cc) was.

I have filed an unblock request for the golang-1.7 and golang-1.8
packages. Please see #863956.

Cheers,
-Hilko

Bug#852962: ycmd FTBFS on mipsel: test failures

[Christoph Biedl]

James Cowgill wrote...

> On Thu, 1 Jun 2017 00:15:28 +0200 Christoph Biedl

> > Did so, but failed to reproduce the issue on the mipsel porter box.
> > However, the bug seems to manifest when building in a qemu-static
> > chroot. In that scenario however, diagnostic tools like strace
> > fail.
> > 
> > Updates will follow as I get them.
> 
> I've tried this on various mips hardware and I can only seems to fail on
> Loongsons (where is reliably fails 100% of the time). Blacklisting it on
> those machines could be an option given how close to the release we are.

Thanks for looking into this, James. Personally, if such a blacklisting
was acceptable for the release team (Cc:'ed), I was happy to spend the
remaining time on other issues in stretch. Since I still haven't figured
out what actually goes wrong during the test suite, I'd just like to
avoid this package (and its reverse dependencies) fall out of stretch.

Christoph


signature.asc
Description: Digital signature

Bug#864251: RFS: quark-sphinx-theme/0.5.0-1

[Felix Krull]

Package: sponsorship-requests
Severity: normal
X-Debbugs-CC: debian-pyt...@lists.debian.org

Dear mentors,

I am looking for a sponsor for my package "quark-sphinx-theme"

* Package name: quark-sphinx-theme
  Version : 0.5.0-1
  Upstream Author : Felix Krull 
* URL : https://pypi.python.org/pypi/quark-sphinx-theme
* License : BSD
  Section : python

It builds those binary packages:

 python-quark-sphinx-theme - Sphinx theme designed for QTextBrowser (Python 2)
 python3-quark-sphinx-theme - Sphinx theme designed for QTextBrowser (Python 3)

To access further information about this package, please visit the
following URL:

 https://mentors.debian.net/package/quark-sphinx-theme

Alternatively, one can download the package with dget using this command:

 dget -x 
https://mentors.debian.net/debian/pool/main/q/quark-sphinx-theme/quark-sphinx-theme_0.5.0-1.dsc

Changes since the last upload:

 * Import quark-sphinx-theme_0.5.0.orig.tar.bz2
 * debian/control: update build dependencies to include tinycss and mock.
 * debian/copyright: update copyright.

This is an upload for a new upstream release. Since tinycss is now
packaged in Debian,
I could also finally enable that dependency for the tests.

Regards,
Felix Krull

Bug#864244: [Pkg-pascal-devel] Bug#864244: libqtpas: Please update symbols file for m68k

[John Paul Adrian Glaubitz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hi Paul!

On 06/05/2017 07:32 PM, Paul Gevers wrote:
> A library transition is pending in experimental. Do you want to drive this 
> for stretch? Do you think you can persuade the release team?

Nah, no need to push this into Stretch. m68k isn't a release architecture
anyway, so there is no need to hurry.

> If not, then lets fix this in experimental (with fully updated symbols 
> already, there were massive changes in the symbols file).

Yep, that should be fine.

Thanks for consideration!

Adrian

- -- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaub...@debian.org
`. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEYv+KdYTgKVaVRgAGdCY7N/W1+RMFAlk1mAMACgkQdCY7N/W1
+RPBExAAvWOABgUSJehAToHq+axpEr0cIeKrSHdhzezs1Hejx6Hf2XsZhzKzudBt
ZNOdJV5QDbXV3lTrJH/fRSb0lZdfdp+IGs/7xYNxCImvgf0JHpTMf9/etMzif/6O
MYIt/moDzSlVLhna8M2jdhO+SQCT8J+N8c3yj5lFgSQk7fg3VVHded4yw8ac/HRv
QtHv38nsO7DctExiMFiPU48DDWan7zqptZZElkq9azZn8+y6uPZ+JlA8u216d+1p
Dnv0u+hrsZ9lkbDqKjxtTK03lmcgrjyZq0iAc4YIwjgEXIEyB/qMai3XFOKQ+BlD
aohsiHLXtYgHtNQFi+A6+3pzdSbhR7zs+LgVraSRoRIl3WvFmtHC//CC9utSt9x3
yvVCblby80dGDRw1f1oUuPALd6nuctpEZKdUgH+7EHQu7Ecw2xF7RXtHzhux4nHj
STyR4qJaWkLjxWUL+/53/kPfw572X14yew95CgKaL4fPDNEtU6vCfNCFDBN6Mz1R
L7aU7NpuY9EpzI88bjbtog+OzFda3tobHHYYujGOLqxoSbMnMTZp8syRlfcgl7SF
wZsbO514/VHOIXvi/pVkvgiPR6UoS5iMI87gT5pYRsPFf4O7D+5Ugefd475MZUAg
qZTqa4X7xrFUfI3WJxGTsv2DfoUO0se6MXNckwyHISlPoCksw40=
=2XD2
-END PGP SIGNATURE-

Bug#837784: scribus: Some EPS files are rotated when I export the poster to a PDF file

[Mattia Rizzolo]

Control: tag -1 fixed-upstream

https://bugs.scribus.net/view.php?id=14289

Now upstream fixed it in their trunk:
https://www.scribus.net/websvn/revision.php?repname=Scribus=%2F=1=22053
Although upstream doesn't feel confident about that commit to the point
of backporting it.
There have also been several other commits involving import/export of
stuff in/out of PDFs fixing other bugs, so probably I won't do any
cherry-picking and instead just waiting for them to release something
containing those fixes.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#864249: unblock: pycorrfit/0.9.9+dfsg-2

[Andreas Tille]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package pycorrfit

Recommends: s/texlive-math-extra/texlive-science/
Closes: #864226

unblock pycorrfit/0.9.9+dfsg-2

-- System Information:
Debian Release: 8.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru pycorrfit-0.9.9+dfsg/debian/changelog pycorrfit-0.9.9+dfsg/debian/changelog
--- pycorrfit-0.9.9+dfsg/debian/changelog	2016-07-22 16:18:11.0 +0200
+++ pycorrfit-0.9.9+dfsg/debian/changelog	2017-06-05 18:24:28.0 +0200
@@ -1,3 +1,10 @@
+pycorrfit (0.9.9+dfsg-2) unstable; urgency=medium
+
+  * Recommends: s/texlive-math-extra/texlive-science/
+Closes: #864226
+
+ -- Andreas Tille   Mon, 05 Jun 2017 18:24:28 +0200
+
 pycorrfit (0.9.9+dfsg-1) unstable; urgency=medium
 
   * Drop get-orig-source target
diff -Nru pycorrfit-0.9.9+dfsg/debian/control pycorrfit-0.9.9+dfsg/debian/control
--- pycorrfit-0.9.9+dfsg/debian/control	2016-07-22 16:18:11.0 +0200
+++ pycorrfit-0.9.9+dfsg/debian/control	2017-06-05 18:24:28.0 +0200
@@ -40,7 +40,7 @@
  ${misc:Depends},
  ${python:Depends},
  ${shlibs:Depends}
-Recommends: dvipng, python-sympy, texlive-latex-base, texlive-math-extra
+Recommends: dvipng, python-sympy, texlive-latex-base, texlive-science
 Description: tool for fitting correlation curves on a logarithmic plot
  PyCorrFit is a general-purpose FCS evaluation software that,
  amongst other formats, supports the established Zeiss ConfoCor3 ~.fcs

Bug#864244: [Pkg-pascal-devel] Bug#864244: libqtpas: Please update symbols file for m68k

[Paul Gevers]

Hi Adrian,

On 05-06-17 18:08, John Paul Adrian Glaubitz wrote:
> libqtpas currently fails to build from source on m68k because the symbols
> file does not match the symbols found by dpkg-gensymbols [1]:

A library transition is pending in experimental. Do you want to drive
this for stretch? Do you think you can persuade the release team?

If not, then lets fix this in experimental (with fully updated symbols
already, there were massive changes in the symbols file).

Paul



signature.asc
Description: OpenPGP digital signature

Bug#864190: openssh-server: Missing privilege separation directory: /run/sshd

[Russ Allbery]

Dmitry Smirnov  writes:

> Interesting... Why not use Debhelper to install the file? Historical
> reasons?  ;)

It's in /run, which is ephemeral and destroyed on each reboot, and
maintainer scripts created by debhelper (and directories shipped in the
package) are only created once during package installation.

-- 
Russ Allbery (r...@debian.org)   

Bug#864247: unblock: wordpress/4.7.5+dfsg-2

[Salvatore Bonaccorso]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi

Please unblock package wordpress

It fixes #862053, CVE-2017-8295, which was addressed already in the
DSA for jessie (and would otherwise be a regression).

Changelog entry:

>wordpress (4.7.5+dfsg-2) unstable; urgency=medium
>
>  * Don't trust SERVER_NAME variable for emails
>CVE-2017-8295 Closes: #862053
>
> -- Craig Small   Mon, 05 Jun 2017 21:45:59 +1000

unblock wordpress/4.7.5+dfsg-2

I'm attaching the full debdiff against the current version in testing.
Note it as well adjust the older changelog entry to add the CVE
identiiers.

Regards,
Salvatore
diff -Nru wordpress-4.7.5+dfsg/debian/changelog 
wordpress-4.7.5+dfsg/debian/changelog
--- wordpress-4.7.5+dfsg/debian/changelog   2017-05-17 14:28:18.0 
+0200
+++ wordpress-4.7.5+dfsg/debian/changelog   2017-06-05 13:45:59.0 
+0200
@@ -1,20 +1,26 @@
+wordpress (4.7.5+dfsg-2) unstable; urgency=medium
+
+  * Don't trust SERVER_NAME variable for emails
+CVE-2017-8295 Closes: #862053
+
+ -- Craig Small   Mon, 05 Jun 2017 21:45:59 +1000
+
 wordpress (4.7.5+dfsg-1) unstable; urgency=high
 
   * New upstream release fixes 6 security issues Closes: #862816
-CVEs to be added once issued
-- CVE-2017-XXX
+- CVE-2017-9066
   Insufficient redirect validation in the HTTP class.
-- CVE-2017-XXX
+- CVE-2017-9062
   Improper handling of post meta data values in the XML-RPC API.
-- CVE-2017-XXX
+- CVE-2017-9065
   Lack of capability checks for post meta data in the XML-RPC API.
-- CVE-2017-XXX
+- CVE-2017-9064
   A Cross Site Request Forgery (CRSF) vulnerability was discovered
   in the filesystem credentials dialog.
-- CVE-2017-XXX
+- CVE-2017-9061
   A cross-site scripting (XSS) vulnerability was discovered when
   attempting to upload very large files.
-- CVE-2017-XXX
+- CVE-2017-9063
   A cross-site scripting (XSS) vulnerability was discovered related
   to the Customizer.
 
diff -Nru wordpress-4.7.5+dfsg/debian/patches/CVE-2017-8295 
wordpress-4.7.5+dfsg/debian/patches/CVE-2017-8295
--- wordpress-4.7.5+dfsg/debian/patches/CVE-2017-8295   1970-01-01 
01:00:00.0 +0100
+++ wordpress-4.7.5+dfsg/debian/patches/CVE-2017-8295   2017-06-05 
13:45:59.0 +0200
@@ -0,0 +1,36 @@
+Description: Don't use SERVER_NAME for emails
+ WordPress uses the SERVER_NAME variable to generate the from address for
+ password resets. This variable can be set by the hostname sent by the
+ client, which means it can be spoofed.
+
+ This patch fixes CVE-2017-8295
+Author: Maarten de Boer
+Origin: upstream, 
https://core.trac.wordpress.org/attachment/ticket/25239/CVE-2017-8295.patch
+Bug: https://core.trac.wordpress.org/ticket/25239
+Bug-Debian: https://bugs.debian.org/862053
+Reviewed-by: Craig Small 
+--- a/wp-includes/pluggable.php
 b/wp-includes/pluggable.php
+@@ -323,11 +323,8 @@
+ 
+   if ( !isset( $from_email ) ) {
+   // Get the site domain and get rid of www.
+-  $sitename = strtolower( $_SERVER['SERVER_NAME'] );
+-  if ( substr( $sitename, 0, 4 ) == 'www.' ) {
+-  $sitename = substr( $sitename, 4 );
+-  }
+-
++  $sitename = parse_url( network_home_url(), PHP_URL_HOST );
++  
+   $from_email = 'wordpress@' . $sitename;
+   }
+ 
+@@ -1491,7 +1488,7 @@
+   $notify_message .= sprintf( __( 'Spam it: %s' ), admin_url( 
"comment.php?action=spam={$comment->comment_ID}#wpbody-content" ) ) . "\r\n";
+   }
+ 
+-  $wp_email = 'wordpress@' . preg_replace('#^www\.#', '', 
strtolower($_SERVER['SERVER_NAME']));
++  $wp_email = 'wordpress@' . parse_url(network_home_url(), PHP_URL_HOST);
+ 
+   if ( '' == $comment->comment_author ) {
+   $from = "From: \"$blogname\" <$wp_email>";
diff -Nru wordpress-4.7.5+dfsg/debian/patches/series 
wordpress-4.7.5+dfsg/debian/patches/series
--- wordpress-4.7.5+dfsg/debian/patches/series  2017-05-17 14:28:18.0 
+0200
+++ wordpress-4.7.5+dfsg/debian/patches/series  2017-06-05 13:45:59.0 
+0200
@@ -3,3 +3,4 @@
 003installer.patch
 010disabling_update_note.patch
 #011support-symlinks-for-plugins.patch
+CVE-2017-8295

Bug#864158: qtcharts-opensource-src: Files wrongly declared as non-free in tarball

[Lisandro Damián Nicanor Pérez Meyer]

severity 864158 important
thanks

Fixed in https://codereview.qt-project.org/#/c/196447/3//ALL,unified

On 4 June 2017 at 11:35, Lisandro Damián Nicanor Pérez Meyer
 wrote:
> Source: qtcharts-opensource-src
> Version: 5.7.1-3
> Severity: serious
> Justification: Files declared as only commercial
> Forwarded: https://bugreports.qt.io/browse/QTBUG-61126
>
> Files in the tarball has been incorrectly marked as commercial-only
> by upstream.
>
> The files are meant to be DFSG-compatible, so I'll briefly wait for upstream 
> to
> fix this. In case it doesn't happens soon I plan to ask for the source 
> removal.
>
> -- System Information:
> Debian Release: 9.0
>   APT prefers unstable
>   APT policy: (990, 'unstable'), (500, 'unstable-debug'), (500, 
> 'testing-debug'), (500, 'buildd-unstable'), (500, 'testing'), (500, 
> 'stable'), (1, 'experimental-debug')
> Architecture: amd64
>  (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores)
> Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
> Init: systemd (via /run/systemd/system)



-- 
Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/

Bug#864243: [Pkg-php-pecl] Bug#864243: php5-memcached: I have a Unable to load dynamic library '/usr/lib/php5/20131226/memcached.so' error message

[Ondřej Surý]

Hi,

what's output of

ldd /usr/lib/php5/20131226/memcached.so

aka delete your /usr/local libraries...

Ondřej


On 5 June 2017 6:03:12 p.m. root  wrote:


Package: php5-memcached
Version: 2.2.0-2
Severity: important

Dear Maintainer,

The complete message I get is:

PHP Warning:  PHP Startup: Unable to load dynamic library 
'/usr/lib/php5/20131226/memcached.so' - 
/usr/lib/php5/20131226/memcached.so: undefined symbol: 
memcached_destroy_sasl_auth_data in Unknown on line 0



   * What led up to the situation?
	I suppose the issue happens after having done update of all packages 
suggested in my ISPConfig.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
I tried to reinstall php5-memecached package, unsuccessfully.
apt-get install --reinstall php5-memcached
   * What was the outcome of this action?
No changes.
   * What outcome did you expect instead?
	I expected to have an update on library memcached.so that awould avoi to 
have the WARNING alert.




-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.14.32--grs-ipv6-64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages php5-memcached depends on:
ii  libc6  2.19-18+deb8u7
ii  libmemcached11 1.0.18-4
ii  libmemcachedutil2  1.0.18-4
ii  libsasl2-2 2.1.26.dfsg1-13+deb8u1
ii  php5-common [phpapi-20131226]  5.6.30+dfsg-0+deb8u1
ii  ucf3.0030
ii  zlib1g 1:1.2.8.dfsg-2+b1

php5-memcached recommends no packages.

php5-memcached suggests no packages.

-- no debconf information

___
Pkg-php-pecl mailing list
pkg-php-p...@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-php-pecl

Bug#737579: rygel: Please disable upload and delete by default

[Jens Georg]

> Package: rygel
> Version: 0.20.3-1
> Severity: normal
> 
> Dear Maintainer,
> 
> By default rygel allows upload and deletion of files.
> As a user will likely start rygel using the minimal gnome sharing
user GUI, he may not understand that all his files could be deleted
neither anyone can fill modify his files or fill his disk.
> So I would rather change the setting so the upload and deletion are
disabled.
> Moreover almost all usable DLNA client are only players/controllers
and don't support upload/deletion of files. So basically, it
a  security hole without any useability counterpart.
> 

This has been changed upstream in 0.31.0, see

https://git.gnome.org/browse/rygel/commit/?id=a0d8e17fb9fa779ace6e0a2fa
10ef016ea2ee5c6

Bug#864246: os-prober: Add bcache support.

[Mike Mestnik]

Package: os-prober
Version: 1.75
Severity: normal
Tags: patch

Looks like bcache devices are not detected.

- -- System Information:
Debian Release: 8.7
  APT prefers stable
  APT policy: (500, 'stable'), (490, 'testing'), (480, 'unstable'),
(470, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 4.2.0-19-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages os-prober depends on:
ii  grub-common  2.02~beta3-5
ii  libc62.24-9

os-prober recommends no packages.

os-prober suggests no packages.

- -- no debconf information
From c297939ba83ae45f0a0eb6bee10b9641d4f2d798 Mon Sep 17 00:00:00 2001
From: Michael Mestnik 
Date: Mon, 5 Jun 2017 11:52:17 -0500
Subject: [PATCH] Add in bcache devices

---
 os-prober | 10 ++
 1 file changed, 10 insertions(+)

diff --git a/os-prober b/os-prober
index a48863e..ab2dee1 100755
--- a/os-prober
+++ b/os-prober
@@ -45,6 +45,16 @@ partitions () {
 			fi
 		done
 
+		# bcahce
+		for part in /sys/block/bcache*; do
+			if [ -f "$part/inflight" ]; then
+name="$(echo "${part##*/}" | sed 's,[!.],/,g')"
+if [ -e "/dev/$name" ]; then
+	echo "/dev/$name"
+fi
+			fi
+		done
+
 		# Add Serial ATA RAID devices
 		if type dmraid >/dev/null 2>&1 && \
 		   dmraid -s -c >/dev/null 2>&1; then
-- 
2.11.0

Bug#864213:

[Sam Bull]

And the contents of /etc/pm/power.d/10_anacron:

#!/bin/sh
test -x /etc/init.d/anacron && /usr/sbin/invoke-rc.d anacron start 
>/dev/null

signature.asc
Description: This is a digitally signed message part

Bug#864217: unblock: sudo/1.8.19p1-2.1 (pre-approval request)

[Salvatore Bonaccorso]

Control: tags -1 - moreinfo

Hi Niels,

On Mon, Jun 05, 2017 at 02:05:00PM +, Niels Thykier wrote:
> Control: tags -1 confirmed moreinfo
> 
> Salvatore Bonaccorso:
> > Control: tags -1 - moreinfo
> > 
> > Hi Niels, hi Bdale,
> > 
> > On Mon, Jun 05, 2017 at 12:20:00PM +, Niels Thykier wrote:
> >> Control: tags -1 moreinfo
> >>
> >> [...]
> >>
> >> According to the BTS, #863897 affects and is unfixed in unstable.  Lets
> >> fix it in unstable first.
> > 
> > Yes that's true. Okay I have uploaded (without delay, and hope this is
> > fine with Bdale!) the NMU to sid.
> > 
> >> Otherwise, the diff look fine (feel free to include
> >> https://www.sudo.ws/repos/sudo/rev/6f3d9816541b as well).
> > 
> > Thanks, feel more confortable to follow upstream. Attached is a new
> > debdiff!
> > 
> > Regards,
> > Salvatore
> > 
> 
> 
> Thanks, please go ahead with the tpu upload.

Thank you, done!

Regards,
Salvatore

Bug#778664: pam_tty_audit: Cannot make/remove an entry for the specified session

[James Le Cuirot]

This issue is apparently fixed in Linux-PAM 1.2.0. We're still stuck on
1.1.8 while 1.3.0 was released over a year ago. It sucks that Stretch
is going to ship with this old and broken release.

Bug#864143: closed by Ben Hutchings <b...@decadent.org.uk> (Re: Bug#864143: initramfs-tools: missing dependency on busybox?)

[Dave Love]

I guess I wrote that badly.

busybox isn't actually required by cryptsetup, just recommended, but it
should be required by something.  The example shows it's possible to
make packages uninstallable, if they pull the initramfs trigger, by
removing busybox, which you can do cleanly as far as apt is concerned:

  # dpkg -l initramfs*
  Desired=Unknown/Install/Remove/Purge/Hold
  | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
  |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
  ||/ Name   Version  Architecture Description
  +++-==---=
  ii  initramfs-tool 0.130all  generic modular initramfs generat
  ii  initramfs-tool 0.130all  generic modular initramfs generat
  # dpkg -l busybox*
  Desired=Unknown/Install/Remove/Purge/Hold
  | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
  |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
  ||/ Name   Version  Architecture Description
  +++-==---=
  un  busybox  (no description available)
  un  busybox-static   (no description available)
  # apt-get check
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  # 

Bug#797964: still happens

[Russell Coker]

severity 797964 important
thanks

On Monday, 5 June 2017 10:50:00 AM AEST Christoph Biedl wrote:
> > On Mon, 4 Apr 2016 07:33:18 PM Russell Coker wrote:
> > > This still happens exactly as reported in version 1:7.2p2-2.
> > 
> > I've attached a 1 line patch to fix this.  Here is the output of using ssh
> > to transfer 1MB of /dev/urandom from a remote system to a local system
> > with the
> > version in Unstable:
> What the status on this? People out there run statistics on that output,
> and I'm not at all keen on providing them a patched openssh-client
> package over the entire stretch lifecycle. Especially since Russell's
> patch is extremely simple and certainly does the right things. I did a
> few more tests that confirm this.

I believe that this is an important issue.  It has a significant effect on the 
usability of the package for people who track data transfers and the ratio of 
significance to effort to fix is large.

If the decision is made to not include it for Stretch (which is at a late 
stage now) I think it should be included in a Stretch update.

-- 
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/

Bug#864245: unblock: seelablet/1.0.6-2

[Georges Khaznadar]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package seelablet

The package seelablet is currently blocked due to a
build-dependency on the package blockdiag. A workaround has
been found to get rid of this build-dependency, at the expense of one single
missing image in the HTML documentation
provided by the binary package seelablet-doc.

--8<--- here is the debdiff ---
diff -Nru seelablet-1.0.6/debian/changelog seelablet-1.0.6/debian/changelog
--- seelablet-1.0.6/debian/changelog2016-05-14 19:32:48.0 +0200
+++ seelablet-1.0.6/debian/changelog2017-06-05 17:35:20.0 +0200
@@ -1,3 +1,11 @@
+seelablet (1.0.6-2) unstable; urgency=medium
+
+  * dropped the build-dependency on blockdiag, in order to prevent removal
+from Stretch. Build-dependencies on python-sphinx and python-numpy
+have been added instead.
+
+ -- Georges Khaznadar   Mon, 05 Jun 2017 17:35:20 +0200
+
 seelablet (1.0.6-1) unstable; urgency=medium

   * New upstream release
diff -Nru seelablet-1.0.6/debian/control seelablet-1.0.6/debian/control
--- seelablet-1.0.6/debian/control  2016-05-14 19:31:47.0 +0200
+++ seelablet-1.0.6/debian/control  2017-06-05 17:35:20.0 +0200
@@ -4,7 +4,7 @@
 Maintainer: Georges Khaznadar 
 Build-Depends: debhelper (>= 9), python-all, python3-all,
  python-setuptools, python3-setuptools, dh-python,
- dvipng, python-sphinxcontrib.blockdiag,
+ dvipng, python-sphinx, python-numpy,
  python-serial
 Standards-Version: 3.9.8
 Homepage: https://pypi.python.org/pypi/seelablet

--8<---

unblock seelablet/1.0.6-2

-- System Information:
Debian Release: 9.0
  APT prefers stable
  APT policy: (500, 'stable'), (499, 'testing')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)

Bug#864244: libqtpas: Please update symbols file for m68k

[John Paul Adrian Glaubitz]

Source: libqtpas
Version: 2.5-18
Severity: normal
User: debian-...@lists.debian.org
Usertags: m68k

Hi!

libqtpas currently fails to build from source on m68k because the symbols
file does not match the symbols found by dpkg-gensymbols [1]:

dpkg-gensymbols: warning: some new symbols appeared in the symbols file: see 
diff output below
dpkg-gensymbols: warning: some symbols or patterns disappeared in the symbols 
file: see diff output below
dpkg-gensymbols: warning: debian/libqt4pas5/DEBIAN/symbols doesn't match 
completely debian/libqt4pas5.symbols
--- debian/libqt4pas5.symbols (libqt4pas5_2.5-18_m68k)
+++ dpkg-gensymbolsyt0pTz 2017-05-30 20:38:43.856993454 +
@@ -7733,21 +7733,21 @@
  
(optional=templinst|subst)_Z30copyPtrIntArrayToQListTemplateI{qreal}EvPvR5QListIT_E@Base
 2.4
  
(optional=templinst)_Z30copyQListTemplateToPtrIntArrayIN13QFontDatabase13WritingSystemEEvR5QListIT_EPv@Base
 2.4
  
(optional=templinst)_Z30copyQListTemplateToPtrIntArrayIN8QPrinter8PageSizeEEvR5QListIT_EPv@Base
 2.4
- (arch=amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 kfreebsd-i386 
powerpc ppc64 
sparc)_Z30copyQListTemplateToPtrIntArrayIP10QTextFrameEvR5QListIT_EPv@Base 2.5
- (arch=amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 kfreebsd-i386 
powerpc ppc64 
sparc)_Z30copyQListTemplateToPtrIntArrayIP11QDockWidgetEvR5QListIT_EPv@Base 2.5
+ _Z30copyQListTemplateToPtrIntArrayIP10QTextFrameEvR5QListIT_EPv@Base 2.5
+ _Z30copyQListTemplateToPtrIntArrayIP11QDockWidgetEvR5QListIT_EPv@Base 2.5
  
(optional=templinst)_Z30copyQListTemplateToPtrIntArrayIP13QGraphicsItemEvR5QListIT_EPv@Base
 2.4
- (arch=amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 kfreebsd-i386 
powerpc ppc64 
sparc)_Z30copyQListTemplateToPtrIntArrayIP13QGraphicsViewEvR5QListIT_EPv@Base 
2.5
- (arch=amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 kfreebsd-i386 
powerpc ppc64 
sparc)_Z30copyQListTemplateToPtrIntArrayIP13QMdiSubWindowEvR5QListIT_EPv@Base 
2.5
+ _Z30copyQListTemplateToPtrIntArrayIP13QGraphicsViewEvR5QListIT_EPv@Base 2.5
+ _Z30copyQListTemplateToPtrIntArrayIP13QMdiSubWindowEvR5QListIT_EPv@Base 2.5
  
(optional=templinst)_Z30copyQListTemplateToPtrIntArrayIP13QStandardItemEvR5QListIT_EPv@Base
 2.4
- (arch=amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 kfreebsd-i386 
powerpc ppc64 
sparc)_Z30copyQListTemplateToPtrIntArrayIP15QAbstractButtonEvR5QListIT_EPv@Base 
2.5
- (arch=amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 kfreebsd-i386 
powerpc ppc64 
sparc)_Z30copyQListTemplateToPtrIntArrayIP15QGraphicsWidgetEvR5QListIT_EPv@Base 
2.5
+ _Z30copyQListTemplateToPtrIntArrayIP15QAbstractButtonEvR5QListIT_EPv@Base 2.5
+ _Z30copyQListTemplateToPtrIntArrayIP15QGraphicsWidgetEvR5QListIT_EPv@Base 2.5
  
(optional=templinst)_Z30copyQListTemplateToPtrIntArrayIP15QListWidgetItemEvR5QListIT_EPv@Base
 2.4
  
(optional=templinst)_Z30copyQListTemplateToPtrIntArrayIP15QTreeWidgetItemEvR5QListIT_EPv@Base
 2.4
  
(optional=templinst)_Z30copyQListTemplateToPtrIntArrayIP16QTableWidgetItemEvR5QListIT_EPv@Base
 2.4
- (arch=amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 kfreebsd-i386 
powerpc ppc64 
sparc)_Z30copyQListTemplateToPtrIntArrayIP7QActionEvR5QListIT_EPv@Base 2.5
- (arch=amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 kfreebsd-i386 
powerpc ppc64 
sparc)_Z30copyQListTemplateToPtrIntArrayIP7QObjectEvR5QListIT_EPv@Base 2.5
- (arch=amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 kfreebsd-i386 
powerpc ppc64 
sparc)_Z30copyQListTemplateToPtrIntArrayIP7QWidgetEvR5QListIT_EPv@Base 2.5
- (arch=amd64 arm64 armel armhf hurd-i386 i386 kfreebsd-amd64 kfreebsd-i386 
powerpc ppc64 
sparc)_Z30copyQListTemplateToPtrIntArrayIP9QWebFrameEvR5QListIT_EPv@Base 2.5
+ _Z30copyQListTemplateToPtrIntArrayIP7QActionEvR5QListIT_EPv@Base 2.5
+ _Z30copyQListTemplateToPtrIntArrayIP7QObjectEvR5QListIT_EPv@Base 2.5
+ _Z30copyQListTemplateToPtrIntArrayIP7QWidgetEvR5QListIT_EPv@Base 2.5
+ _Z30copyQListTemplateToPtrIntArrayIP9QWebFrameEvR5QListIT_EPv@Base 2.5
  (arch=!armel !armhf !ia64 
!s390x)_Z30copyQListTemplateToPtrIntArrayIdEvR5QListIT_EPv@Base 2.5
  (optional=templinst|arch=armel 
armhf)_Z30copyQListTemplateToPtrIntArrayIfEvR5QListIT_EPv@Base 2.5
  (optional=templinst)_Z30copyQListTemplateToPtrIntArrayIiEvR5QListIT_EPv@Base 
2.4
@@ -7769,8 +7769,8 @@
  _ZN11QLabel_hook11qt_metacallEN11QMetaObject4CallEiPPv@Base 2.4
  _ZN11QLabel_hook11qt_metacastEPKc@Base 2.4
  _ZN11QLabel_hook16staticMetaObjectE@Base 2.4
- (arch=!amd64 !arm64 !armel !armhf !hurd-i386 !i386 !kfreebsd-amd64 
!kfreebsd-i386 !powerpc !ppc64 !sparc)_ZN11QStringListD1Ev@Base 2.5
- (arch=!amd64 !arm64 !armel !armhf !hurd-i386 !i386 !kfreebsd-amd64 
!kfreebsd-i386 !powerpc !ppc64 !sparc)_ZN11QStringListD2Ev@Base 2.5
+#MISSING: 2.5-18# (arch=!amd64 !arm64 !armel !armhf !hurd-i386 !i386 
!kfreebsd-amd64 !kfreebsd-i386 !powerpc !ppc64 !sparc)_ZN11QStringListD1Ev@Base 
2.5
+#MISSING: 2.5-18# (arch=!amd64 !arm64 !armel !armhf !hurd-i386 !i386 
!kfreebsd-amd64 !kfreebsd-i386 

Bug#864233: unblock: linux/4.9.30-1

[Cyril Brulebois]

Hi,

Ben Hutchings  (2017-06-05):
> Please unblock package linux
> 
> This includes many important bug fixes, including security fixes.  It
> adds support for system reset on Malta boards, additional GPUs on
> ARM64 systems, and PL011 serial consoles on ARM64 systems.  It makes
> the efivarfs module available in the installer, which is important for
> supporting some x86 systems.

I'm currently running a few d-i run-time tests on amd64, but also
waiting for daily re-builds for some archs (armhf, mips64el, mipsel)
which built against the old linux packages since linux builds didn't
finish in time for the last daily build from cron. The linux build for
mips is still going on anyway…

Just going through extra precautions since a linux upload usually
involves a bit more resources/delay than other packages, so better be
safe.


KiBi.


signature.asc
Description: Digital signature

Bug#864243: php5-memcached: I have a Unable to load dynamic library '/usr/lib/php5/20131226/memcached.so' error message

[root]

Package: php5-memcached
Version: 2.2.0-2
Severity: important

Dear Maintainer,

The complete message I get is:

PHP Warning:  PHP Startup: Unable to load dynamic library 
'/usr/lib/php5/20131226/memcached.so' - /usr/lib/php5/20131226/memcached.so: 
undefined symbol: memcached_destroy_sasl_auth_data in Unknown on line 0


   * What led up to the situation?
I suppose the issue happens after having done update of all packages 
suggested in my ISPConfig.
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
I tried to reinstall php5-memecached package, unsuccessfully.
apt-get install --reinstall php5-memcached
   * What was the outcome of this action?
No changes.
   * What outcome did you expect instead?
I expected to have an update on library memcached.so that awould avoi 
to have the WARNING alert.



-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.14.32--grs-ipv6-64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages php5-memcached depends on:
ii  libc6  2.19-18+deb8u7
ii  libmemcached11 1.0.18-4
ii  libmemcachedutil2  1.0.18-4
ii  libsasl2-2 2.1.26.dfsg1-13+deb8u1
ii  php5-common [phpapi-20131226]  5.6.30+dfsg-0+deb8u1
ii  ucf3.0030
ii  zlib1g 1:1.2.8.dfsg-2+b1

php5-memcached recommends no packages.

php5-memcached suggests no packages.

-- no debconf information

Bug#863950: gitlab: Fresh install does not start

[Pirate Praveen]

On Fri, 02 Jun 2017 10:08:42 +0200 Joerg Jaspert  wrote:
> root@nibbler:/# /etc/init.d/gitlab start
> Starting GitLab Unicorn
> Starting GitLab Sidekiq
> Starting GitLab Workhorse
> Could not find gem 'mysql2 (~> 0.3.16)' in any of the gem sources listed in 
> your Gemfile or available on this machine.
> Run `bundle install` to install missing gems.
> ..Waited 30s for the processes to write their 
> pids, something probably went wrong.
> root@nibbler:/# /etc/init.d/gitlab status
> The GitLab Unicorn web server is not running.
> The GitLab Sidekiq job dispatcher is not running.
> The GitLab Workhorse with pid 168334 is running.
> root@nibbler:/# 

This is failing only under sysvinit, works well in systemd. Can you try
adding export DB RAILS_ENV after it sources
/etc/gitlab/gitlab-debian.conf in /etc/default/gitlab?

# Read debian specific configuration
. /etc/gitlab/gitlab-debian.conf

export DB RAILS_ENV




signature.asc
Description: OpenPGP digital signature

Bug#738447: luakit

[Grégory DAVID]

Hello Herminio,
Hello Debianers,

I'm a luakit user and I wanted to request for the ITA on 'luakit'.

Herminio proposed to maintain it a year ago. What happened?

I use now a fresher version of luakit that is maintained on 
https://github.com/aidanholm/luakit by Aidan HOLM.


I asked Aidan a moment ago about a collaboration on maintaining the code 
(Aidan) and the Debian package (myself).


This new version is really nice and Aidan seems to be reaaly active and 
volonteer to make luakit better.


Luakit usage is less than before, probably due to its security issues 
relatives to WebKit's security holes.


What Aidan done was to port luakit to WebKit2 usage, what is more secure.

I really love luakit and want it to be maintain again.

What's next?

Cheers.

--
DAVID Grégory
Libre Software Developer
d...@groolot.net

https://framagit.org/groolot
https://github.com/groolot

smime.p7s
Description: S/MIME Cryptographic Signature

Bug#863308: fixed in golang-1.7 1.7.6-1

[Michael Hudson-Doyle]

On 4 June 2017 at 19:10, Moritz Mühlenhoff  wrote:

> On Thu, Jun 01, 2017 at 10:05:07AM +, Michael Hudson-Doyle wrote:
> > Closes: 863308
> > Changes:
> >  golang-1.7 (1.7.6-1) unstable; urgency=medium
> >  .
> >* New upstream release. (Closes: #863308)
> >* Remove d/patches/cl-29995--tzdata-2016g.patch, applied upstream.
>
> Are you planning to file an unblock request for this (and the similar
> change for Go 1.8)?
>

AIUI Hilko (Cc) was. There's not a lot of point unless we also do rebuilds
of the packages providing binaries build with the older golang-1.7-go and
that's (again AIUI) easier for someone who is a DD.

Cheers,
mwh

Bug#864242: acct monthly cron fails if /var/log/wtmp rotation has not happened

[Filippo Giunchedi]

Package: acct
Version: 6.6.2-1
Severity: normal

Hi,
on a freshly installed stretch system in case of no /var/log/wtmp.1 the acct
monthly cronjob isn't happy and generates "cron spam":

# bash -x /etc/cron.monthly/acct
+ LOGROTATE=/etc/cron.daily/logrotate
+ test -x /usr/sbin/accton
++ date
+ echo 'Login accounting for the month ended Mon Jun  5 15:42:39 UTC 2017:'
+ echo
+ '[' -f /etc/cron.daily/logrotate ']'
+ '[' -x /usr/sbin/logrotate ']'
+ '[' -f /var/log/wtmp.1 ']'
+ '[' -f /var/log/wtmp.1.gz ']'
+ ac -f '' -p
+ sort -nr -k2
couldn't open file '': No such file or directory
+ echo
+ last -f ''
last: cannot open : No such file or directory
+ '[' -n '' ']'
+ chown root:adm /var/log/wtmp.report
+ chmod 640 /var/log/wtmp.report


-- System Information:
Debian Release: 8.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 
'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#862531: Bug#862530: aoetools: provide a systemd service to allow proper shutdown of AoE mounts

[Wouter Verhelst]

Control: tags -1 + help

On Thu, May 18, 2017 at 06:41:59PM +0200, Christoph Biedl wrote:
> (At least) AoE devices are handled properly if mounted with the _netdev
> mount option.

... but NBD devices are not. I'm not sure what changed, have been trying
to figure that out for the past week or so. With a line like the
following in fstab...

/dev/nbd0 /mnt _netdev 0 0

...the system will boot properly in jessie, but not in stretch. It used
to work properly in stretch too, at least during dc16 when I wrote the
systemd support.

Not sure what changed, but this is a serious regression from jessie, and
I'd like to see it resolved before the release.

-release: This bug is currently marked as Grave. Not sure whether that's
appropriate, but I do think that "serious" is. However, I don't think
it's my bug, since this used to work.

Anyone have any clue what's happening, or what has changed? I've got no
clue, and I don't think I'll be able to fix this today anymore...

-- 
Help me, off-by-one kenobi. You're my only nought.

Bug#864241: RFS: pnmixer/0.7.2-1 -- Simple mixer application for system tray

[Arnaud]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "pnmixer"

* Package name: pnmixer
  Version : 0.7.2-1
  Upstream Author : Nick Lanham, Julian Ospald, Arnaud Rebillout
* URL : https://github.com/nicklan/pnmixer
* License : GPLv3
  Section : sound

It builds those binary packages:

pnmixer- Simple mixer application for system tray

To access further information about this package, please visit the following 
URL:

https://mentors.debian.net/package/pnmixer

Alternatively, one can download the package with dget using this command:

dget -x 
https://mentors.debian.net/debian/pool/main/p/pnmixer/pnmixer_0.7.2-1.dsc

More information about pnmixer can be obtained from 
https://github.com/nicklan/pnmixer.

Changes since the last upload:

  * New upstream release.
- Switch to cmake buildsystem.
- Use gettext instead of intltool for translation.
- Build is now reproducible. Closes: #854112.
  * Update watchfile to version 4.
  * Package is now versioned with git and build with gbp. See the control file 
for the url.

Additional notes

For the last release, Paul Wise made a thorough review, and I failed to reply 
in time (see #839289). So I will reply now.

> The file downloaded by uscan is different to the one you have included in 
> your Debian source package. Please adjust your debian/watch file to use the 
> correct one.

Done, the watch file seem to work according to `uscan`, but mentors.debian.net 
says there's a problem. I'm not sure what's wrong.

> I suggest that you try and make the github generated tarball as similar as 
> possible to the `make dist` generated tarball.

The package is now built with `gbp` from a git tag. I guess it fixes the 
problem.

> The debian/watch tells uscan that v0.7-rc1 is newer than v0.7. I think you 
> want uversionmangle=s/-rc/~rc/.

Yes indeed, fixed, thanks.

> The images say they were produced in GIMP and look like multi-layer images 
> that have been rendered to flat bitmaps, did you discard the XCF images or 
> are they hidden away somewhere? How were these images produced? In general it 
> is best to render final images from the source material at build time, using 
> xcf2png or similar.

I have no idea where are the source images, when I jumped in PNMixer 
development there was only the PNG files, and I don't think the XCF files will 
ever be found.

> Generated and stamp files should be removed from the upstream git repo and 
> added to .gitignore:

Done.

> I expect most of autogen.sh can be replaced with a call to autoreconf:

We switched to CMake in the end, no more autotools.

> Running wrap-and-sort would make diffs of the Debian packaging easier to read

Done, thx for the command.

> The system() and g_spawn_command_line_async() functions should not be used 
> and I don't think `which` is very portable. Instead of system()+`which` you 
> should use g_find_program_in_path().

Done, thx, I didn't know about this function.

> Instead of g_spawn_command_line_async() you should use g_spawn_async().

Sorry, disagreeing on this one, g_spawn_command_line_async() is definitely what 
I want to use, it's the right tool for the job. And if the implementation is 
bad and uses too many pid, no worries. In PNMixer, this function is rarely 
called, probably never called. But in other situations, if ever we made an 
extensive use of this function, then I would probably agree with you and use 
g_spawn_async().

>  Please add some upstream metadata

Done.

> Since you are upstream, please read our guide for upstreams

Oups, reading now :)

> Automatic checks

Fixed a few things, but there's way too much stuff there, I didn't take time to 
look through everything. For the next release :)

Best regards,
  Arnaud Rebillout

Bug#864240: release-notes: proofreading sweep - whats-new.dbk

[Justin B Rye]

Package: release-notes
Severity: wishlist
Tags: patch

The one I almost forgot, which fortunately is only wishlist
English language/style changes
 
 Index: whats-new.dbk
 ===
 --- whats-new.dbk  (revision 11552)
 +++ whats-new.dbk  (working copy)
 @@ -33,7 +33,7 @@
  
  
  
 -  Debian  regrettably remove support for the following architecture:
 +  Debian  regrettably removes support for the following architecture:
  
  


English number agreement.

 @@ -52,7 +52,7 @@
  The 32-bit PC support (known as the Debian architecture
  i386) now no longer covers a plain i586
  processor.  The new baseline is the i686, although some i586
 -processors (e.g. the "AMD Geode") will remain supported.
 +processors (e.g. the AMD Geode) will remain supported.


  Please refer to  for

Avoid ASCII quotes, here and repeatedly below.

 @@ -445,7 +445,7 @@
MariaDB replaces MySQL

  MariaDB is now the default MySQL variant in Debian, at version 10.1.
 -The  release introduces a new mechanism for switching the
 +The  release introduces a new mechanism for switching the
  default variant, using metapackages created from the
  mysql-defaults source package.
  For example, installing the metapackage

Releasenames are lowercase (and the &-entities are unhelpful in this
file, but never mind).

 @@ -481,25 +481,25 @@
  
  
  
 -  Improvements to apt and archive layouts
 +  Improvements to APT and archive layouts

Through all of this I'm capitalising the brandname of the "suite" as
opposed to the package or command (which should get their own markup).


  The apt package manager
  has seen a number of improvements since jessie.  Most of these
  apply to aptitude as well.
 -The following is a selected highlight of some of these.
 +Following are selected highlights of some of these.

Multiple highlights.



 -On the security side, apt now rejects weaker checksums by default
 +On the security side, APT now rejects weaker checksums by default
  (e.g. SHA1) and attempts to download as an unprivileged user.
  Please refer to 
  and  for more information.


 -The apt-based package managers have also gotten a number of
 -improvements that will remove the annoying "hash sum mismatch"
 +The APT-based package managers have also gotten a number of
 +improvements that will remove the annoying hash sum 
mismatch
  warning that occurs when running apt during a mirror
 -synchronisation.  This happens via the new
 -by-hash layout, which enables apt to download
 +synchronization.  This happens via the new
 +by-hash layout, which enables APT to download
  metadata files by their content hash.



en-US -ization to go with en-US "gotten".

 @@ -512,10 +512,10 @@
  format description


 -While possibly mostly interesting for mirror administrators, apt
 -in stretch can use DNS (SRV) records to locate a HTTP backend.
 +While this may be mostly interesting for mirror administrators, APT
 +in stretch can use DNS (SRV) records to locate an HTTP backend.

It's not saying that APT is uninteresting to normal users, just that
this following news-item might be.  Then HTTP begins with a vowel
sound.

  This is useful for providing a simple DNS name and then managing
 -backends via DNS rather than using a "redirector" service.  This
 +backends via DNS rather than using a redirector service.  
This
  feature is also used by the new Debian mirror described in .

 @@ -531,9 +531,9 @@
  under a single easy to remember hostname.


 -This service relies on the new DNS support in apt, but will
 -fallback to a regular redirect for HTTPS access or older versions
 -of apt.  More details are provided on https://deb.debian.org;>deb.debian.org.



One-word noun ("a fallback"), two-word verb ("to fall back, falling
back").

 @@ -546,7 +546,7 @@
Move to "Modern" GnuPG

  The stretch release is the first version of Debian to feature the
 -"Modern" branch of GnuPG in the modern branch of GnuPG in the gnupg package.  This brings with it
  elliptic curve cryptography, better defaults, a more modular
  architecture, and improved smartcard support.  The modern branch

While I'm fixing the quotes, make it consistently lowercase.

 @@ -556,7 +556,7 @@
  information.


 -We will continue to supply the "classic" branch of GnuPG as
 +We will continue to supply the classic branch of GnuPG as
  gnupg1 for people who need
  it, but it is now deprecated.

 @@ -572,16 +572,16 @@
  


 -Previously, the main debian archive would include packages
 +Previously, the main Debian archive would include packages

This might alternatively go in quotes like "debian-debug" below.

Bug#864239: node-rimraf: can remove files outside the intended tree

[Jeff Epler]

Package: node-rimraf
Version: 2.5.4-2
Severity: important
Tags: upstream

Dear Maintainer,

I was inspecting the source to node-rimraf.  I believe the code in node-rimraf
is unsafe if an adversary can manipulate the contents of the directory tree
to be removed, making it unsuitable for use on multiuser machines.

In particular, the adversary can cause files outside of the tree to be 
removed by the following sequence of manipulations:

rimraf  adversary
places a file
lstat() -> [not a directory]
replaces file with non-empty directory
unlink() -> EISDIR
rmdir() -> ENOTEMPTY
replaces directory with symlink
rmkids() -> readdir() [note: readdir follows symlink]

At this point, rimraf starts merrily removing stuff outside the intended 
tree.

To be safe, careful use of POSIX *at calls (openat, etc) with 
appropriate flags (O_NOFOLLOW) is necessary but these are probably not 
exposed in the node ecosystem.

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-rt-amd64 (SMP w/8 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages node-rimraf depends on:
ii  node-glob  7.1.1-1
ii  nodejs 4.8.2~dfsg-1

Versions of packages node-rimraf recommends:
ii  node-graceful-fs  4.1.11-1

node-rimraf suggests no packages.

-- no debconf information

Bug#864238: jenkins.debian.net: multiarch_versionskew gives warning, even if there is no versionskew

[Ivo De Decker]

package: jenkins.debian.org

Hi,

The udd_stretch_multiarch_versionskew is listed as 'warning', even if there is
no versionskew in stretch:
https://jenkins.debian.net/view/All/job/udd_stretch_multiarch_versionskew/131/console

In bin/udd-query.sh, psql is used to run the query. The job checks if the
outputfile is empty (using "[ -s "), but that's never the case, as psql
returns a newline, even if the result of the query is empty.

Cheers,

Ivo

Bug#863822: Use debhelper's meson support

[Mario.Limonciello]

> -Original Message-
> From: Iain Lane [mailto:la...@debian.org]
> Sent: Monday, June 5, 2017 9:53 AM
> To: Limonciello, Mario 
> Cc: 863...@bugs.debian.org
> Subject: Re: Bug#863822: Use debhelper's meson support
> 
> On Mon, Jun 05, 2017 at 02:47:43PM +, mario.limoncie...@dell.com wrote:
> > Oh cool!  Thanks for the diff (and the reminder I forgot to push).
> >
> > The multiarch thing for the daemon is not desirable actually.
> > There was another issue opened up talking about how this daemon doesn't make
> sense to have it's own multiarch path.
> >
> > I'll see if I can find a way to override just that bit.
> 
> What's the problem? I'd be interested to read that bug.
> 
> Anyway, something like (untested):
> 
>   override_dh_auto_configure:
> dh_auto_configure -- --libdir=/usr/lib
> 
> should work.
> 
> Cheers,
> 
> --
> Iain Lane  [ i...@orangesquash.org.uk ]
> Debian Developer   [ la...@debian.org ]
> Ubuntu Developer   [ la...@ubuntu.com ]
Oh good, I'll give that a go.

This is the bug that it was mentioned in in Debian:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808831

Bug#864166: release-notes: proofreading sweep - issues.dbk

[Julien Cristau]

On 06/05/2017 01:50 PM, Niels Thykier wrote:
> Hi,
> 
> CC'ing debian-x, who I hope can help us with some clarification.
> 
> Justin B Rye:
>> Niels Thykier wrote:
   
 
   This change only applies if your X Display Manager supports
  -running X as rootless (or if you start X manually via
  +running X without root privileges (or if you start X manually via
   startx).  Currently the only known display
  -manager supporting this is gdm.  Other display managers simply
  +manager supporting this is >>> role="package">gdm.
  +Other display managers simply
   start X as root regardless of this change.
 
   

This looks wrong, I believe the package name is gdm3, not gdm.


 [...]

 This way of phrasing it makes it really difficult to work out that
 using startx *does* require the installation of xserver-xorg-legacy.

>>>
>>> Sadly, then I have confused you.  Assuming the system meets the
>>> requirements, then the following will *not* require root:
>>>
>>>  * startx (from a virtual terminal "owned" by the current user)
>>>  * gdm (which knows how to start X without using root)
>>
>> I was assuming otherwise because the first symptom I ran into was that
>> running startx in the absence of xserver-xorg-legacy gave me an X
>> session with non-functional mouse and keyboard.
>>
>> But when I check now, installing every available xserver-xorg-*
>> package in main including -legacy as well as -input-libinput makes no
>> difference to that.  On a testbed stretch machine with functional
>> logind and so on but with an old KMS-incapable graphics card, I
>> haven't found any way of making startx usable.
>>
> 
> Not sure what is going there.  But I haven't used startx for years until
> I learned of this feature, so I am probably not the right person to ask
> what is going on/why it doesn't work.
> 
>> Switching over to lightdm I can get a usable session without -legacy
>> as long as I have -input-libinput.  So I'm afraid I have no idea
>> what's going on, or even how many problems there are.
>>
> 
> As I understand it, lightdm will start X as root unconditionally, so
> that will work with or without -legacy.  You want -legacy when using gdm
> (or startx) plus have "old drivers".
> 
>  * @debian-x: Is the above correct?
> 
Yes, any reasonable (read: KMS) setup will work fine without -legacy.
In the absence of KMS (e.g. virtualbox, or new hardware not supported by
the drivers we ship), you'll need either -legacy or a DM that hasn't
been updated to starting X as non-root yet.

Cheers,
Julien