Bug#870234: arename: Fix for perl 5.26 compatibility

[Steve Langasek]

Package: arename
Version: 4.0-3
Severity: important
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu artful ubuntu-patch autopkgtest

Hi Greg,

As seen at ,
arename's autopkgtests fail against perl 5.26 because this package is using
deprecated syntax.

Upstream has already fixed this issue in their git tree.  Attached please
find a cherry-pick of the upstream fix, allowing the autopkgtests to pass.

Cheers,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developerhttp://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru 
arename-4.0/debian/patches/0001-Silence-Unescaped-left-brace-in-regex-warning.patch
 
arename-4.0/debian/patches/0001-Silence-Unescaped-left-brace-in-regex-warning.patch
--- 
arename-4.0/debian/patches/0001-Silence-Unescaped-left-brace-in-regex-warning.patch
 1969-12-31 16:00:00.0 -0800
+++ 
arename-4.0/debian/patches/0001-Silence-Unescaped-left-brace-in-regex-warning.patch
 2017-07-30 22:37:16.0 -0700
@@ -0,0 +1,54 @@
+From ad2e74cd77ed75d6a8c84013f9fa8ffd512bbaa0 Mon Sep 17 00:00:00 2001
+From: Frank Terbeck 
+Date: Tue, 5 Jan 2016 14:37:26 +0100
+Subject: [PATCH] Silence "Unescaped left brace in regex" warning
+
+Using [\] character class to do it. Passes the test suite.
+
+Signed-off-by: Frank Terbeck 
+---
+ ARename.pm.in | 8 
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/ARename.pm.in b/ARename.pm.in
+index 6b50263..9d1a676 100644
+--- a/ARename.pm.in
 b/ARename.pm.in
+@@ -958,7 +958,7 @@ sub __tokenize_template {
+ # Now for stuff we can read at once:
+ 
+ # The complex and simple sized expression types.
+-} elsif (!$nest && ($in =~ m/\G\&{([\d\w]+\[\d+\])}/gc ||
++} elsif (!$nest && ($in =~ m/\G\&[{]([\d\w]+\[\d+\])[}]/gc ||
+ $in =~ m/\G\&([\d\w]+\[\d+\])/gc))
+ {
+ my ($match, $more) = ($1, $EMPTY);
+@@ -972,7 +972,7 @@ sub __tokenize_template {
+ $buf = $EMPTY;
+ 
+ # The trivial expression (the complex-looking one and the real deal).
+-} elsif (!$nest && ($in =~ m/\G\&{([\d\w]+)}/gc ||
++} elsif (!$nest && ($in =~ m/\G\&[{]([\d\w]+)[}]/gc ||
+ $in =~ m/\G\&([\d\w]+)/gc))
+ {
+ push @{ $out }, [ 'LITERAL', $buf ] if ($buf ne $EMPTY);
+@@ -983,14 +983,14 @@ sub __tokenize_template {
+ # here on out needs to be copied literally until the matching
+ # "}" is found. That is why the token-handling above looks
+ # at `$nest', too.
+-} elsif (!$nest && $in =~ m/\G\&{/gc) {
++} elsif (!$nest && $in =~ m/\G\&[{]/gc) {
+ $nest++;
+ push @{ $out }, [ 'LITERAL', $buf ] if ($buf ne $EMPTY);
+ $buf = $EMPTY;
+ 
+ # When we're looking at a nested expression already, we need
+ # to read the "&{" literally.
+-} elsif ($nest && $in =~ m/\G\&{/gc) {
++} elsif ($nest && $in =~ m/\G\&[{]/gc) {
+ $nest++;
+ $buf .= q<&{>;
+ $cplxbuf .= q<&{>;
+-- 
+2.11.0
+
diff -Nru arename-4.0/debian/patches/series arename-4.0/debian/patches/series
--- arename-4.0/debian/patches/series   2015-05-23 10:59:59.0 -0700
+++ arename-4.0/debian/patches/series   2017-07-30 22:37:53.0 -0700
@@ -4,3 +4,4 @@
 cope-with-slashes-in-tag-names.patch
 dont-ignore-gen-script-failures.patch
 possible-precedence-issue-with-control-flow-operator.patch
+0001-Silence-Unescaped-left-brace-in-regex-warning.patch

Bug#870233: smplayer: executes javascript code downloaded from insecure URL

[Jonas Smedegaard]

Source: smplayer
Version: 17.7.0~ds0-1
Severity: grave
Tags: security
Justification: user security hole

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

smplayer includes code in src/basegui.cpp to download and (I guess)
execute javascript code for parsing youtube paths.  The download URL is
http://updates.smplayer.info/yt.js which is insecure and therefore I
suspect easy to replace with evil code.


 - Jonas

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAll+w9sACgkQLHwxRsGg
ASEgTA//QMLa7jZwjXz3F1r+2NkukhdvQ5QQyZsXbk8sfHyOnCpHJmy2fqZhudmx
uq3hhOyCD1SVGLTGp0YURWe8ScwhebjqXfvtNIV4Xzz7oGkXGqWeBaYuYuEyvOF+
UtTDmKtg2ZbvbOjyuq4krEr8sKEH37WJn02esrDsrXSGrXmz5I42+pAlau5/vecb
NaHmcBs+jDKkLkoziKn3CSauqmmHXIn58ECO/cLD1ziPYGuZDjjgafUKxhQfDcKz
v5S/NbleKzWIMbgicpcXoru3FE88iBs8rKW0X8o0rg2AYXlvYjoTKFj3SAv5MYiv
Tlo9TgT7iWNXb2yK0FuxDDeG/FaM5g741CAWfAj/j9qTEF1E2Zf3F+YOrReFtMdw
szl2q2kw6vkmQzVA+0jBZIIw2VJCuMyDBxV5aDEEyaaw7Mc0l1rAFxHPcdq/Os/Q
UkW38xn5M0GMYOZAMOu55ymP6f5StrOTRqURUGCxY3ZcVTBSRMzG57ds8WlkcGa0
Rxb8EK/nCjAkbye7k1g9ajYuYEbYqdknBLZs9ngAEPF/CmadUmv7a+dfwAhfjy99
vXBiyJxNrwHwMZqqbZ7GYkplZOap5cuthJsA127bd9M4935ZmwgGY6hrx3+y4b5J
9FNO/9x1etJ2+skGjY+1t9vDBOuhqtE6VlR0i0N1bMKkxKM7J2w=
=ZQlT
-END PGP SIGNATURE-

Bug#870201: Use better compression for udebs?

[Niels Thykier]

On Mon, 31 Jul 2017 00:44:30 +0300 Adrian Bunk  wrote:
> Package: debhelper
> Version: 10.2.5
> Severity: normal
> 
> Following up on an observation I made in #868674:
> 
> udebs are currently compressed with "xz -1 -extreme",
> while normal packages are compressed with "xz -6".
> 
> "xz -1" requires 2 MiB memory for decompression and
> "xz -6" requires 9 MiB memory for decompression.
> 
> Is there any situation left where these 7 MiB difference still matter?
> 
> Is there is no situation left where 9 MiB memory usage for
> decompression are a problem, then "xz -6 -extreme" would
> be a better choice.
> 
> 

I think this is a question better asked in debian-boot.  :)

Thanks,
~Niels

Bug#869898: RFS: dtkcore/0.3.3-1 [ITP]

[Liang Guo]

On Mon, Jul 31, 2017 at 1:13 PM, Boyuan Yang <073p...@gmail.com> wrote:
>>>
>>> Meanwhile, source packages on debomatic-amd64, mentors.d.o and Git 
>>> repository
>>> has been updated already to fix problems of non-existent pkg-deepin team 
>>> (See
>>> #868544). I believe the source package should be ready for an upload.
>> Cannot you cate pkg-deepin team in alioth?  It's a good idea to
>> maintain package by
>> team.
>
> Unfortunately not at this time. I asked on #alioth yesterday but no
> one stepped out to deal with the team creation request.  formorer said
> it is not his part of job and I don't know who is going to take care
> of related works.
>
I have created project pkg-deepin on alioth, pease join in

https://alioth.debian.org/projects/pkg-deepin/

-- 
Liang Guo

Bug#869898: RFS: dtkcore/0.3.3-1 [ITP]

[Boyuan Yang]

2017-07-31 13:00 GMT+08:00 Liang Guo :
> On Mon, Jul 31, 2017 at 10:17 AM, Boyuan Yang <073p...@gmail.com> wrote:
>>
>> Sure. I have reminded them of this issue. I will update debian/copyright file
>> as soon as new upstream version (with fixes) gets released. My opinion is 
>> that
>> this issue shouldn't be a blocker for upload.
> IMO, upstream should fix this problem BEFORE it can be uploaded to Debian, But
> I'm not sure if it is madated in Debian, I advice you raise this
> problem in debian-devel

Perhaps. I will try to urge upstream to make a new tag (release) with
the fix to circumvent this problem.

> or debian-legel maillist.
>
>>
>> Meanwhile, source packages on debomatic-amd64, mentors.d.o and Git repository
>> has been updated already to fix problems of non-existent pkg-deepin team (See
>> #868544). I believe the source package should be ready for an upload.
> Cannot you cate pkg-deepin team in alioth?  It's a good idea to
> maintain package by
> team.

Unfortunately not at this time. I asked on #alioth yesterday but no
one stepped out to deal with the team creation request.  formorer said
it is not his part of job and I don't know who is going to take care
of related works.


If I write down pkg-deepin now in d/control, the package will be
rejected according to ftp-masters' words.

>
> Thanks,
> --
> Liang Guo

Regards,
Boyuan Yang

Bug#870232: flex FTBFS: dh_install: Cannot find (any matches for) "debian/tmp/include" (tried in ., debian/tmp)

[Helmut Grohne]

Source: flex
Version: 2.6.1-1.3
Severity: serious
User: helm...@debian.org
Usertags: rebootstrap

flex fails to build from source in unstable amd64.

| dh_install
| dh_install: Cannot find (any matches for) "debian/tmp/include" (tried in ., 
debian/tmp)
| 
| dh_install: libfl-dev missing files: debian/tmp/include
| dh_install: Cannot find (any matches for) "debian/tmp/lib" (tried in ., 
debian/tmp)
| 
| dh_install: libfl-dev missing files: debian/tmp/lib
| dh_install: missing files, aborting
| debian/rules:43: recipe for target 'override_dh_install' failed
| make[1]: *** [override_dh_install] Error 25
| make[1]: Leaving directory '/<>'
| debian/rules:27: recipe for target 'binary-arch' failed
| make: *** [binary-arch] Error 2
| dpkg-buildpackage: error: fakeroot debian/rules binary-arch gave error exit 
status 2

I guess #813266 is the cause.

Helmut

Bug#869898: RFS: dtkcore/0.3.3-1 [ITP]

[Liang Guo]

On Mon, Jul 31, 2017 at 10:17 AM, Boyuan Yang <073p...@gmail.com> wrote:
>
> Sure. I have reminded them of this issue. I will update debian/copyright file
> as soon as new upstream version (with fixes) gets released. My opinion is that
> this issue shouldn't be a blocker for upload.
IMO, upstream should fix this problem BEFORE it can be uploaded to Debian, But
I'm not sure if it is madated in Debian, I advice you raise this
problem in debian-devel
or debian-legel maillist.

>
> Meanwhile, source packages on debomatic-amd64, mentors.d.o and Git repository
> has been updated already to fix problems of non-existent pkg-deepin team (See
> #868544). I believe the source package should be ready for an upload.
Cannot you cate pkg-deepin team in alioth?  It's a good idea to
maintain package by
team.

Thanks,
-- 
Liang Guo

Bug#870231: linux-image-4.9.0: nOOAOO~[5~[~[~[cannot boot into 4.9 kernel

[Gary Dale]

Package: src:linux
Version: 4.9.30-2+deb9u2
Severity: important
File: linux-image-4.9.0

Dear Maintainer,

*** Reporter, please consider answering these questions, where 
appropriate ***


   * What led up to the situation?
I upgraded from Jessie to Stretch on my server.

   * What exactly did you do (or not do) that was effective (or 
ineffective)?
I can boot into a 4.9 kernel using SystemRescueCD and I can still boot 
into the old

Jessie 3.16 kernel without problems.

Details:
My system boots from an SDD and uses a 4-drive RAID 6 array for /home. 
The motherboard
has 6 SATA ports but for the last couple of years I had been using an 
add-in SATA card
instead of the last 2 onboard ports. For some reason, the kernel stopped 
accepting those two ports.


When I first upgraded to Stretch 2 weeks ago, this arrangement stopped 
working. I was able to
get the computer working again by connectingthe hard drives to 
motherboard SATA ports 0 - 3
and connecting the boot SSD to port 4 (using port 5 for a SATA optical 
drive).


A week ago my computer experienced a power supply failure. When I 
replaced the power
supply and tried to boot, it never completed. I could however boot into 
the 3.16 kernel.
At the same time, the RAID 6 array was running on only 2 drives. To fix 
this, I had to

reinstall the SATA card and run two hard drives from it (again).

Once the RAID 6 array had rebuilt, I tried booting into the 4.9 kernel 
again. I left it
for a couple of hours but the boot never completed. The computer wasn't 
locked up - I
could hit  and the screen would scroll - but it did have a 
unusual error messages

(including something about jiffies) that I've not seen before.

Even with persistent logging, attempts to boot into 4.9 are not 
recorded. The journal only

records the 3.16 boots.


*** End of the template - remove these template lines ***


-- Package-specific info:
** Kernel log: boot messages should be attached
Sorry. Not getting any in dmesg or Journalctl.

** Model information
sys_vendor: Gigabyte Technology Co., Ltd.
product_name: GA-MA790GP-UD4H
product_version:
chassis_vendor: Gigabyte Technology Co., Ltd.
chassis_version:
bios_vendor: Award Software International, Inc.
bios_version: F6
board_vendor: Gigabyte Technology Co., Ltd.
board_name: GA-MA790GP-UD4H
board_version: x.x

** Network interface configuration:

auto lo
iface lo inet loopback

iface eth0 inet manual

auto br0
iface br0 inet static
address 192.168.1.14
netmask 255.255.255.0
broadcast 192.168.1.255
gateway 192.168.1.1
bridge_ports eth0
bridge_stp off
bridge_fd 0
bridge_maxwait 0

** PCI devices:
00:00.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] RS780 
Host Bridge [1022:9600]
Subsystem: Advanced Micro Devices, Inc. [AMD] RS780 Host Bridge 
[1022:9600]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz+ UDF- FastB2B- ParErr- DEVSEL=medium >TAbort- 
SERR- 
Latency: 32
NUMA node: 0
Region 3: Memory at  (64-bit, non-prefetchable)
Capabilities: 

00:01.0 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] 
RS780/RS880 PCI to PCI bridge (int gfx) [1022:9602] (prog-if 00 [Normal 
decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz+ UDF- FastB2B- ParErr- DEVSEL=medium >TAbort- 
SERR- 
Latency: 99
NUMA node: 0
Bus: primary=00, secondary=01, subordinate=01, sec-latency=68
I/O behind bridge: e000-efff
Memory behind bridge: fdd0-fdef
Prefetchable memory behind bridge: d000-dfff
Secondary status: 66MHz+ FastB2B- ParErr- DEVSEL=medium >TAbort- 

BridgeCtl: Parity- SERR- NoISA- VGA+ MAbort- >Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel modules: shpchp

00:06.0 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] RS780 PCI 
to PCI bridge (PCIE port 2) [1022:9606] (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- 
SERR- 
Latency: 0, Cache Line Size: 4 bytes
Interrupt: pin A routed to IRQ 40
NUMA node: 0
Bus: primary=00, secondary=02, subordinate=02, sec-latency=0
I/O behind bridge: d000-dfff
Memory behind bridge: fdc0-fdcf
Prefetchable memory behind bridge: fdb0-fdbf
Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast >TAbort- 

BridgeCtl: Parity- SERR- NoISA- VGA- MAbort- >Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport
Kernel modules: shpchp

00:0a.0 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] 
RS780/RS880 PCI to PCI bridge (PCIE port 5) [1022:9609] 

Bug#870230: libpng-dev: error when installing together: trying to overwrite shared '/usr/bin/libpng16-config'

[Helmut Grohne]

Package: libpng-dev
Version: 1.6.30-2
Severity: important
User: helm...@debian.org
Usertags: rebootstrap

When installing a libpng-dev built with debhelper (<< 10.7) and a
libpng-dev built with debhelper (>= 10.7) together, dpkg errors out:

| Unpacking libpng-dev:mips (1.6.30-2) ...
| dpkg: error processing archive 
/tmp/apt-dpkg-install-gmKkex/19-libpng-dev_1.6.30-2_mips.deb (--unpack):
|  trying to overwrite shared '/usr/bin/libpng16-config', which is different 
from other instances of package libpng-dev:mips
| dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)

libpng-config.in interpolates @includedir@ which happens to be
${prefix}/include on older debhelper releases and /usr/include on newer
ones. Thus the interpolated file differs (in bytes, not in behaviour).

The relevant debhelper change is #813266.

I believe that a good solution to this problem would be adding a version
constraint on debhelper. There are two reasonable choices:

 * Build-Depends: debhelper (>= 10.7~)
 * Build-Depends: debhelper (<< 10.7~)

The former is useful for unstable and the latter is useful for
backports.

Helmut

Bug#870229: cairo-dock: Adapt to gnome-settings-daemon 3.24

[Jeremy Bicha]

From 693da85e85e62255e98647ced9035377a9e19aca Mon Sep 17 00:00:00 2001
From: Jeremy Bicha 
Date: Mon, 31 Jul 2017 00:21:22 -0400
Subject: [PATCH] Add Adapt-to-gsd-3.24.patch

Closes: #870229
---
 debian/control |  2 +-
 debian/patches/Adapt-to-gsd-3.24.patch | 60 ++
 debian/patches/series  |  1 +
 3 files changed, 62 insertions(+), 1 deletion(-)
 create mode 100644 debian/patches/Adapt-to-gsd-3.24.patch

diff --git a/debian/control b/debian/control
index 67fa5d1..f3e4a69 100644
--- a/debian/control
+++ b/debian/control
@@ -27,7 +27,7 @@ Vcs-Browser: http://anonscm.debian.org/cgit/pkg-cairo-dock/cairo-dock.git
 
 Package: cairo-dock
 Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, cairo-dock-core (= ${binary:Version}), cairo-dock-plug-ins (>= 3.4.1)
+Depends: ${shlibs:Depends}, ${misc:Depends}, cairo-dock-core (= ${binary:Version}), cairo-dock-plug-ins (>= 3.4.1), gnome-settings-daemon (>= 3.24)
 Description: Metapackage for cairo-dock
  Cairo-dock has a family-likeness with OS X dock, but with more options.
  It uses cairo to render nice graphics, and Glitz to use hardware acceleration.
diff --git a/debian/patches/Adapt-to-gsd-3.24.patch b/debian/patches/Adapt-to-gsd-3.24.patch
new file mode 100644
index 000..24da4df
--- /dev/null
+++ b/debian/patches/Adapt-to-gsd-3.24.patch
@@ -0,0 +1,60 @@
+From: Jeremy Bicha 
+Date: Mon, 31 Jul 2017 00:18:59 -0400
+Subject: Adapt to gsd 3.24
+
+Bug-Debian: https://bugs.debian.org/870229
+---
+ data/desktop-manager/gnome-session-3.0/cairo-dock-fallback.session  | 2 +-
+ .../desktop-manager/gnome-session-3.0/cairo-dock-unity-fallback.session | 2 +-
+ data/desktop-manager/gnome-session-3.0/cairo-dock-unity.session | 2 +-
+ data/desktop-manager/gnome-session-3.0/cairo-dock.session   | 2 +-
+ 4 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/data/desktop-manager/gnome-session-3.0/cairo-dock-fallback.session b/data/desktop-manager/gnome-session-3.0/cairo-dock-fallback.session
+index b06b2ed..8df77c3 100644
+--- a/data/desktop-manager/gnome-session-3.0/cairo-dock-fallback.session
 b/data/desktop-manager/gnome-session-3.0/cairo-dock-fallback.session
+@@ -1,6 +1,6 @@
+ [GNOME Session]
+ Name=Cairo-Dock Session fallback (Safe Mode)
+-RequiredComponents=gnome-settings-daemon;
++RequiredComponents=org.gnome.SettingsDaemon.A11yKeyboard;org.gnome.SettingsDaemon.A11ySettings;org.gnome.SettingsDaemon.Clipboard;org.gnome.SettingsDaemon.Color;org.gnome.SettingsDaemon.Datetime;org.gnome.SettingsDaemon.Housekeeping;org.gnome.SettingsDaemon.Keyboard;org.gnome.SettingsDaemon.MediaKeys;org.gnome.SettingsDaemon.Mouse;org.gnome.SettingsDaemon.Power;org.gnome.SettingsDaemon.PrintNotifications;org.gnome.SettingsDaemon.Rfkill;org.gnome.SettingsDaemon.ScreensaverProxy;org.gnome.SettingsDaemon.Sharing;org.gnome.SettingsDaemon.Smartcard;org.gnome.SettingsDaemon.Sound;org.gnome.SettingsDaemon.Wacom;org.gnome.SettingsDaemon.XSettings;
+ RequiredProviders=windowmanager;panel;
+ DefaultProvider-windowmanager=metacity
+ DefaultProvider-panel=cairo-dock
+diff --git a/data/desktop-manager/gnome-session-3.0/cairo-dock-unity-fallback.session b/data/desktop-manager/gnome-session-3.0/cairo-dock-unity-fallback.session
+index 72c5a12..0601cc7 100644
+--- a/data/desktop-manager/gnome-session-3.0/cairo-dock-unity-fallback.session
 b/data/desktop-manager/gnome-session-3.0/cairo-dock-unity-fallback.session
+@@ -1,6 +1,6 @@
+ [GNOME Session]
+ Name=Cairo-Dock Session with Unity fallback (Safe Mode)
+-RequiredComponents=gnome-settings-daemon;
++RequiredComponents=org.gnome.SettingsDaemon.A11yKeyboard;org.gnome.SettingsDaemon.A11ySettings;org.gnome.SettingsDaemon.Clipboard;org.gnome.SettingsDaemon.Color;org.gnome.SettingsDaemon.Datetime;org.gnome.SettingsDaemon.Housekeeping;org.gnome.SettingsDaemon.Keyboard;org.gnome.SettingsDaemon.MediaKeys;org.gnome.SettingsDaemon.Mouse;org.gnome.SettingsDaemon.Power;org.gnome.SettingsDaemon.PrintNotifications;org.gnome.SettingsDaemon.Rfkill;org.gnome.SettingsDaemon.ScreensaverProxy;org.gnome.SettingsDaemon.Sharing;org.gnome.SettingsDaemon.Smartcard;org.gnome.SettingsDaemon.Sound;org.gnome.SettingsDaemon.Wacom;org.gnome.SettingsDaemon.XSettings;
+ RequiredProviders=windowmanager;panel;panel_top;
+ DefaultProvider-windowmanager=metacity
+ DefaultProvider-panel=cairo-dock
+diff --git a/data/desktop-manager/gnome-session-3.0/cairo-dock-unity.session b/data/desktop-manager/gnome-session-3.0/cairo-dock-unity.session
+index 13b4c0f..bb51199 100644
+--- a/data/desktop-manager/gnome-session-3.0/cairo-dock-unity.session
 b/data/desktop-manager/gnome-session-3.0/cairo-dock-unity.session
+@@ -1,6 +1,6 @@
+ [GNOME Session]
+ Name=Cairo-Dock Session with Unity
+-RequiredComponents=gnome-settings-daemon;

Bug#166028: Question from the EIU Contact Us Page

[webmaster]

xsqweb,

Thank you for contacting Eastern Illinois University via our Web site.  Your 
inquiry/concern will be directed toward the proper university department for 
review.  If you do not receive a response in a timely manner, please respond to 
this e-mail and we will try to help resolve any problems.

Eastern Illinois University
http://www.eiu.edu/
600 Lincoln Avenue
Charleston, IL 61920-3099
217-581-5000

Your Question
注册送58【太阳城集团】真人视讯连赢奖不停： 
www.6663401.com/? å…
¨çƒæœ€é¡¶çº§çœŸäººå¨±ä¹è§†è®¯ï¼ˆç™¾å®¶ä¹ã€é¾™è™Žç­‰ï¼‰ä»»æ‚¨ç•…
玩，美丽性感的荷官与您甜蜜互动，帮您加油打气。

天天享返水2.0%，1元起即可存取，支付宝、微信扫ç 
å³å¯è½»æ¾å­˜ï¼Œå‡ºæ¬¾30秒火速到帐。

--

northward.I wonder what is happening in this land!''Let us go!'said Legolas.So 
the third day of their pursuit began.During all its long hours of cloud

Bug#870229: cairo-dock: Adapt to gnome-settings-daemon 3.24

[Jeremy Bicha]

Package: cairo-dock
Version: 3.4.1-1
Severity: important
User: pkg-gnome-maintain...@lists.alioth.debian.org
Usertags: gsd324
Tags: buster sid patch

cairo-dock includes gnome-session files to allow users to easily log
in to a GNOME Flashback session running cairo-dock.
gnome-settings-daemon 3.24 has split itself into separate binaries and
the gnome-session files will no longer work. The new version of
gnome-settings-daemon is available for testing now in Debian
experimental.

In my next email, I will attach a patch that can fix this issue.

We intend to upload gnome-settings-daemon 3.24 to Debian unstable
about a week from now on Sunday, August 6.

I suggest uploading the fix to the DELAYED queue for that date so that
this transition will be easy and smooth.

On behalf of the Debian GNOME team,
Jeremy Bicha

Bug#870227: openbox-gnome-session: Adapt to gnome-settings-daemon 3.24

[Jeremy Bicha]

Control: tags -1 +patch
From 306aa5b2fa79d3f70d43ccd97bef3d513e4536b6 Mon Sep 17 00:00:00 2001
From: Jeremy Bicha 
Date: Mon, 31 Jul 2017 00:06:56 -0400
Subject: [PATCH] Add adapt-to-gsd-324.patch

Closes: #870227
---
 debian/control|  2 +-
 debian/patches/adapt-to-gsd-324.patch | 30 ++
 debian/patches/series |  1 +
 3 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 debian/patches/adapt-to-gsd-324.patch

diff --git a/debian/control b/debian/control
index b78cf54..9c9b209 100644
--- a/debian/control
+++ b/debian/control
@@ -130,7 +130,7 @@ Description: command line utility to invoke GNOME panel run dialog/menu
 Package: openbox-gnome-session
 Architecture: all
 Depends: ${shlibs:Depends}, ${misc:Depends}, openbox (>= ${source:Version}), 
- gnome-session-bin, gconf2, x11-utils
+ gnome-session-bin, gnome-settings-daemon (>= 3.24), gconf2, x11-utils
 Enhances: gnome-session
 Replaces: openbox (<< 3.5.2-5)
 Breaks: openbox (<< 3.5.2-5)
diff --git a/debian/patches/adapt-to-gsd-324.patch b/debian/patches/adapt-to-gsd-324.patch
new file mode 100644
index 000..9a10fc2
--- /dev/null
+++ b/debian/patches/adapt-to-gsd-324.patch
@@ -0,0 +1,30 @@
+From: Jeremy Bicha 
+Date: Mon, 31 Jul 2017 00:00:00 -0400
+Subject: adapt-to-gsd-324
+
+Bug-Debian: https://bugs.debian.org/870227
+---
+ data/gnome-session/openbox-gnome-fallback.session | 2 +-
+ data/gnome-session/openbox-gnome.session  | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/data/gnome-session/openbox-gnome-fallback.session b/data/gnome-session/openbox-gnome-fallback.session
+index 0909fa7..3bb4718 100644
+--- a/data/gnome-session/openbox-gnome-fallback.session
 b/data/gnome-session/openbox-gnome-fallback.session
+@@ -1,4 +1,4 @@
+ [GNOME Session]
+ Name=GNOME/Openbox fallback (Safe Mode)
+-RequiredComponents=openbox;gnome-settings-daemon
++RequiredComponents=openbox;org.gnome.SettingsDaemon.A11yKeyboard;org.gnome.SettingsDaemon.A11ySettings;org.gnome.SettingsDaemon.Clipboard;org.gnome.SettingsDaemon.Color;org.gnome.SettingsDaemon.Datetime;org.gnome.SettingsDaemon.Housekeeping;org.gnome.SettingsDaemon.Keyboard;org.gnome.SettingsDaemon.MediaKeys;org.gnome.SettingsDaemon.Mouse;org.gnome.SettingsDaemon.Orientation;org.gnome.SettingsDaemon.Power;org.gnome.SettingsDaemon.PrintNotifications;org.gnome.SettingsDaemon.Rfkill;org.gnome.SettingsDaemon.ScreensaverProxy;org.gnome.SettingsDaemon.Sharing;org.gnome.SettingsDaemon.Smartcard;org.gnome.SettingsDaemon.Sound;org.gnome.SettingsDaemon.Wacom;org.gnome.SettingsDaemon.XSettings;
+ DesktopName=GNOME
+diff --git a/data/gnome-session/openbox-gnome.session b/data/gnome-session/openbox-gnome.session
+index ffeccdb..a93187b 100644
+--- a/data/gnome-session/openbox-gnome.session
 b/data/gnome-session/openbox-gnome.session
+@@ -1,4 +1,4 @@
+ [GNOME Session]
+ Name=GNOME/Openbox
+-RequiredComponents=openbox;gnome-settings-daemon;gnome-panel;nautilus-classic;gnome-flashback-services
++RequiredComponents=openbox;org.gnome.SettingsDaemon.A11yKeyboard;org.gnome.SettingsDaemon.A11ySettings;org.gnome.SettingsDaemon.Clipboard;org.gnome.SettingsDaemon.Color;org.gnome.SettingsDaemon.Datetime;org.gnome.SettingsDaemon.Housekeeping;org.gnome.SettingsDaemon.Keyboard;org.gnome.SettingsDaemon.MediaKeys;org.gnome.SettingsDaemon.Mouse;org.gnome.SettingsDaemon.Power;org.gnome.SettingsDaemon.PrintNotifications;org.gnome.SettingsDaemon.Rfkill;org.gnome.SettingsDaemon.ScreensaverProxy;org.gnome.SettingsDaemon.Sharing;org.gnome.SettingsDaemon.Smartcard;org.gnome.SettingsDaemon.Sound;org.gnome.SettingsDaemon.Wacom;org.gnome.SettingsDaemon.XRANDR;org.gnome.SettingsDaemon.XSettings;gnome-panel;nautilus-classic;gnome-flashback-services
+ DesktopName=GNOME
diff --git a/debian/patches/series b/debian/patches/series
index 36bfb49..c7eddb8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -12,3 +12,4 @@
 808138_Replace-getgrent-with-getgroups.patch
 d9a405e9.patch
 fix-spelling-error-in-binary.patch
+adapt-to-gsd-324.patch
-- 
2.11.0

Bug#870228: physamp: fails to upgrade from 'stretch' - trying to overwrite /usr/bin/bppphysamp

[Andreas Beckmann]

Package: physamp
Version: 1.0.2-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'stretch'.
It installed fine in 'stretch', then the upgrade to 'sid' fails
because it tries to overwrite other packages files without declaring a
Breaks+Replaces relation.

See policy 7.6 at
https://www.debian.org/doc/debian-policy/ch-relationships.html#s-replaces

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package physamp.
  Preparing to unpack .../physamp_1.0.2-1_amd64.deb ...
  Unpacking physamp (1.0.2-1) ...
  dpkg: error processing archive 
/var/cache/apt/archives/physamp_1.0.2-1_amd64.deb (--unpack):
   trying to overwrite '/usr/bin/bppphysamp', which is also in package bppsuite 
2.2.0-0.1+b1
  dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
  Errors were encountered while processing:
   /var/cache/apt/archives/physamp_1.0.2-1_amd64.deb


cheers,

Andreas


bppsuite=2.2.0-0.1+b1_physamp=1.0.2-1.log.gz
Description: application/gzip

Bug#870227: openbox-gnome-session: Adapt to gnome-settings-daemon 3.24

[Jeremy Bicha]

Package: openbox-gnome-session
Version: 3.6.1-4
Severity: important
User: pkg-gnome-maintain...@lists.alioth.debian.org
Usertags: gsd324
Tags: buster sid

openbox-gnome-sessions includes gnome-session files to allow users to
easily log in to a GNOME Flashback session running openbox.
gnome-settings-daemon 3.24 has split itself into separate binaries and
the gnome-session files will no longer work. The new version of
gnome-settings-daemon is available for testing now in Debian
experimental.

In my next email, I will attach a patch that can fix this issue.

We intend to upload gnome-settings-daemon 3.24 to Debian unstable
about a week from now on Sunday, August 6.

I suggest uploading the fix to the DELAYED queue for that date so that
this transition will be easy and smooth.

On behalf of the Debian GNOME team,
Jeremy Bicha

Bug#870226: curvedns’s max tcp buffer of 8192 is too small

[James Cloos]

Package: curvedns
Version: 0.87-3
Severity: normal

Testing out curvedns, I discovered that a dnssec any query for the
apex of my primary zone failed to send anything.

It turns out that with a rsa 1k zsk a reasonably long spf txt rr and
the ns and mx names in the zone (thus including their a and  rrs
in the additional secion) the reply grows past 8192 octets.

global_ip_tcp_buffersize in curvedns’ io.c needs to be larger.

16384 is likely enough.  (10k would be enough for my zone, even with
the ns names switched to dnscurve style names).

This is also reported as:

https://github.com/curvedns/curvedns/issues/4

but a debian-specific patch increasing global_ip_tcp_buffersize would
be welcome.

The patch is just:

diff --git a/ip.c b/ip.c
index 664377b..c3b4493 100644
--- a/ip.c
+++ b/ip.c
@@ -45,7 +45,7 @@ int global_ip_sockets_count = 0;
 ev_tstamp  global_ip_internal_timeout = 1.2;
 ev_tstamp  global_ip_tcp_external_timeout = 60.0;
 intglobal_ip_tcp_max_number_connections = 25;
-size_t global_ip_tcp_buffersize = 8192;
+size_t global_ip_tcp_buffersize = 16384;
 size_t global_ip_udp_buffersize = 4096;
 uint8_tglobal_ip_udp_retries = 2;
 anysin_t   global_target_address;


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.5.0-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages curvedns depends on:
ii  adduser  3.115
ii  init-system-helpers  1.49
ii  libc62.24-12
ii  libev4   1:4.22-1+b1
ii  libsodium18  1.0.13-1
ii  lsb-base 9.20161125

curvedns recommends no packages.

curvedns suggests no packages.

-- Configuration Files:
/etc/default/curvedns changed [not included]

-- no debconf information

Bug#870225: manpages-dev: fails to upgrade from 'stretch' - trying to overwrite /usr/share/man/man3/explicit_bzero.3.gz

[Andreas Beckmann]

Package: manpages-dev
Version: 4.12-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'stretch'.
It installed fine in 'stretch', then the upgrade to 'buster' fails
because it tries to overwrite other packages files without declaring a
Breaks+Replaces relation.

See policy 7.6 at
https://www.debian.org/doc/debian-policy/ch-relationships.html#s-replaces

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package manpages-dev.
  Preparing to unpack .../manpages-dev_4.12-1_all.deb ...
  Unpacking manpages-dev (4.12-1) ...
  dpkg: error processing archive 
/var/cache/apt/archives/manpages-dev_4.12-1_all.deb (--unpack):
   trying to overwrite '/usr/share/man/man3/explicit_bzero.3.gz', which is also 
in package libbsd-dev:amd64 0.8.3-1
  Errors were encountered while processing:
   /var/cache/apt/archives/manpages-dev_4.12-1_all.deb


cheers,

Andreas


libbsd-dev=0.8.3-1_manpages-dev=4.12-1.log.gz
Description: application/gzip

Bug#870224: wixl-data: fails to upgrade from 'stretch' - trying to overwrite /usr/share/wixl-0.96/include/SDL.wxi

[Andreas Beckmann]

Package: wixl-data
Version: 0.96-3
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'stretch'.
It installed fine in 'stretch', then the upgrade to 'buster' fails
because it tries to overwrite other packages files without declaring a
Breaks+Replaces relation.

See policy 7.6 at
https://www.debian.org/doc/debian-policy/ch-relationships.html#s-replaces

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package wixl-data.
  Preparing to unpack .../wixl-data_0.96-4_all.deb ...
  Unpacking wixl-data (0.96-4) ...
  dpkg: error processing archive 
/var/cache/apt/archives/wixl-data_0.96-4_all.deb (--unpack):
   trying to overwrite '/usr/share/wixl-0.96/include/SDL.wxi', which is also in 
package wixl 0.96-2
  dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
  Errors were encountered while processing:
   /var/cache/apt/archives/wixl-data_0.96-4_all.deb


cheers,

Andreas


wixl=0.96-2_wixl-data=0.96-4.log.gz
Description: application/gzip

Bug#870223: libmaven-plugin-testing-1.3-java: fails to upgrade from 'stretch' - trying to overwrite /usr/share/java/maven-plugin-testing-harness-1.3.jar

[Andreas Beckmann]

Package: libmaven-plugin-testing-1.3-java
Version: 1.3-3
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'stretch'.
It installed fine in 'stretch', then the upgrade to 'buster' fails
because it tries to overwrite other packages files without declaring a
Breaks+Replaces relation.

See policy 7.6 at
https://www.debian.org/doc/debian-policy/ch-relationships.html#s-replaces

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package libmaven-plugin-testing-1.3-java.
  Preparing to unpack .../9-libmaven-plugin-testing-1.3-java_1.3-3_all.deb ...
  Unpacking libmaven-plugin-testing-1.3-java (1.3-3) ...
  dpkg: error processing archive 
/tmp/apt-dpkg-install-FLV6NX/9-libmaven-plugin-testing-1.3-java_1.3-3_all.deb 
(--unpack):
   trying to overwrite '/usr/share/java/maven-plugin-testing-harness-1.3.jar', 
which is also in package libmaven-plugin-testing-java 1.3-2
  Errors were encountered while processing:
   /tmp/apt-dpkg-install-FLV6NX/9-libmaven-plugin-testing-1.3-java_1.3-3_all.deb


cheers,

Andreas


libmaven-plugin-testing-java=1.3-2_libmaven-plugin-testing-1.3-java=1.3-3.log.gz
Description: application/gzip

Bug#870222: RFS: groonga/7.0.5-1

[Kentaro Hayashi]

Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for my package "groonga"

* Package name: groonga
  Version : 7.0.5-1
  Upstream Author : Groonga Project 
* Url : http://groonga.org/
* Licenses: LGPL-2.1
  Section : database

It builds those binary packages:

  * groonga
  * groonga-server-common
  * groonga-server-gqtp
  * libgroonga-dev
  * libgroonga0
  * groonga-tokenizer-mecab
  * groonga-token-filter-stem
  * groonga-plugin-suggest
  * groonga-bin
  * groonga-httpd
  * groonga-doc
  * groonga-examples
  * groonga-munin-plugins

To access further information about this package, visit the following URL:

https://mentors.debian.net/package/groonga

Alternatively, one can download the package with dget using this command:
dget -x 
https://mentors.debian.net/debian/pool/main/g/groonga/groonga_7.0.5-1.dsc


More information about groonga can be obtained from
http://groonga.org/

Changes since last upload:

  * New upstream release.
  * debian/patches/fix-nginx-FTBFS-on-kfreebsd.patch
- Refresh patch to fix FTBFS on kFreeBSD.

Regards,


pgpBwJL9DIBAA.pgp
Description: PGP signature

Bug#865308: khronos-api is not Multi-Arch compatible

[Michael Gilbert]

On Fri, Jul 21, 2017 at 3:03 PM, Jens Reyer wrote:
> I just uploaded 0~svn33340-0.1 to delayed/10, debdiff attached.
>
> Changelog:
>
> khronos-api (0~svn33340-0.1) unstable; urgency=medium
>
>   * Non-maintainer upload.
>   * New (and final in svn) upstream revision 33340.
>   * Refresh timestamps.patch.
>   * Make package Multi-Arch: foreign (closes: #865308).
> Thanks to Hugh McMaster
>   * Minor improvement to the package description (closes: #865307).
>   * Bump standards version to 4.0.0, no changes needed.
>   * Fix file exclusion in tarball generation.

Hi Jens,

This isn't really a great version, but ok it will land later today.
It would be far better to update to upstream git, which is now in sync
with the latest opengl 4.5 spec.

By the way, NMUs are not supposed to touch maintainer fields like the
standards version, but it's not a big deal.

Best wishes,
Mike

Bug#869416: [pkg-gnupg-maint] Bug#869416: pinentry-gtk2: fails to request passphrase when importing OpenPGP secret key with Seahorse

[NIIBE Yutaka]

Thanks for your reply.

intrigeri  wrote:
> Anything else I should try? Something about $GPG_TTY, or starting
> Seahorse from GNOME Terminal (instead of the GNOME Overview), perhaps?

It seems that the most likely case is the following scenario:

  (1) Upon login, gpg-agent is invoked with no DISPLAY.
  (2) While Sheahorse has DISPLAY and invokes gpg by gpgme,
  gpg connects to existing gpg-agent.
  (3) Because gpg-agent has no DISPLAY, when gpg-agent invokes
  pinentry, it fails at isatty(3).

Could you please try this?

  $ gpg-connect-agent updatestartuptty /bye

It should be done from your GNOME Terminal, before importing key by
Seahorse.  It updates variables of DISPLAY and TTY in gpg-agent.
-- 

Bug#870221: dpkg: please sort the "unused substitution" warnings

[Chris Lamb]

Source: dpkg
Version: 1.18.24
Severity: wishlist
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: hashordering toolchain
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Hi,

Whilst working on the Reproducible Builds effort [0], we noticed
that dpkg emits "unused substitution" warnings in a non-deterministic
Perl hash order.

Correcting this would be helpful for the Reproducible Builds effort
as it removes differences between in log between package builds.

Whilst the build log is not part of the defined reproducible build
output (!) we use the diff of two build logs as a useful debugging aid
when working out why a package is not reproducible, and reducing any
noise makes this easier.

  --- a/scripts/Dpkg/Substvars.pm
  +++ b/scripts/Dpkg/Substvars.pm
  @@ -342,7 +342,7 @@ sub warn_about_unused {
   my ($self, %opts) = @_;
   $opts{msg_prefix} //= $self->{msg_prefix};
 
  -foreach my $vn (keys %{$self->{vars}}) {
  +foreach my $vn (sort keys %{$self->{vars}}) {
   next if $self->{attr}{$vn} & SUBSTVAR_ATTR_USED;
   # Empty substitutions variables are ignored on the basis
   # that they are not required in the current situation


Patch attached.

 [0] https://reproducible-builds.org/


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#869898: RFS: dtkcore/0.3.3-1 [ITP]

[Boyuan Yang]

在 2017年7月31日星期一 CST 上午9:53:58，Liang Guo 写道：
> Have you ask upstream to correct source file's license header ?
> 
> Thanks,

Sure. I have reminded them of this issue. I will update debian/copyright file 
as soon as new upstream version (with fixes) gets released. My opinion is that 
this issue shouldn't be a blocker for upload.

Meanwhile, source packages on debomatic-amd64, mentors.d.o and Git repository 
has been updated already to fix problems of non-existent pkg-deepin team (See 
#868544). I believe the source package should be ready for an upload.

Regards,
Boyuan Yang

signature.asc
Description: This is a digitally signed message part.

Bug#870219: ITP: libxcam -- Extended camera features and cross platform computer vision project

[Yinhang Liu]

Package: wnpp
Severity: wishlist
Owner: Yinhang Liu 

* Package name: libxcam
  Version : 1.0.0
  Upstream Author : Wind Yuan 
* URL : https://github.com/01org/libxcam
* License : Apache-2.0
  Programming Lang: C, C++ 
  Description : Extended camera features and cross platform computer vision 
project

libXCam is a project for extended camera features and focus on
image/video quality improvement. There are lots features supported
in image pre-processing, image post-processing and smart analysis.
This library makes GPU/CPU working together to improve image quality.
OpenCL is used to improve performance in different platforms.

Bug#870220: RFS: rmlint/2.6.1-1

[Carlos Maddela]

Package: sponsorship-requests
Severity: normal

Dear mentors,

  I am looking for a sponsor for my package "rmlint"

 * Package name: rmlint
   Version : 2.6.1-1
   Upstream Author : Christopher Pahl 
 * URL : https://rmlint.readthedocs.io/
 * License : GPL-3
   Section : utils

  It builds these binary packages:

rmlint - Extremely fast tool to remove filesystem lint
 rmlint-doc - HTML documentation for rmlint
 rmlint-gui - GTK+ frontend to rmlint

  To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/rmlint


  Alternatively, one can download the package with dget using this command:

dget -x 
https://mentors.debian.net/debian/pool/main/r/rmlint/rmlint_2.6.1-1.dsc

  More information about hello can be obtained from 
https://rmlint.readthedocs.io/.

  Changes since the last upload:

   * New upstream version [2.6.1].
   * Rebase patch queue and drop changes already applied upstream.
   * Indicate compliance with latest standards version [4.0.0].
   * Make 'parameterized' module available to 'nose' tests.
   * Simplify (and hopefully make adaptable to future changes in host
 names and version numbers) the sed rules for patching HTML docs.
   * Fix man page typos.
   * Avoid calling dpkg-parsechangelog directly from debian/rules.
   * Fix new privacy breach issues by disabling the asciinema demo
 and the use of web fonts.
   * Add package test to prevent privacy breach issues in HTML docs.


  Regards,
   Carlos Maddela

Bug#870218: (no subject)

[Yinhang Liu]

Package: wnpp
Severity: wishlist
Owner: Yinhang Liu 

* Package name: libxcam
  Version : 1.0.0
  Upstream Author : Wind Yuan 
* URL : https://github.com/01org/libxcam
* License : Apache-2.0
  Programming Lang: C, C++ 
  Description : Extended camera features and cross platform computer vision 
project

libXCam is a project for extended camera features and focus on
image/video quality improvement. There are lots features supported
in image pre-processing, image post-processing and smart analysis.
This library makes GPU/CPU working together to improve image quality.
OpenCL is used to improve performance in different platforms.

Bug#870217: glm: FTBFS with gcc-7: Test failures

[Daniel Schepler]

Source: glm
Version: 0.9.8.4-1
Severity: important

>From my pbuilder build log, using gcc-defaults from experimental:

...
97% tests passed, 3 tests failed out of 108

Total Test time (real) =   2.37 sec

The following tests FAILED:
12 - test-core_type_mat2x4 (Failed)
15 - test-core_type_mat3x4 (Failed)
18 - test-core_type_mat4x4 (Failed)
Errors while running CTest
Makefile:98: recipe for target 'test' failed
make[2]: *** [test] Error 8
make[2]: Leaving directory '/build/glm-0.9.8.4/obj-x86_64-linux-gnu'
debian/rules:22: recipe for target 'override_dh_auto_test' failed
make[1]: *** [override_dh_auto_test] Error 2
make[1]: Leaving directory '/build/glm-0.9.8.4'
debian/rules:7: recipe for target 'build' failed
make: *** [build] Error 2
dpkg-buildpackage: error: debian/rules build gave error exit status 2
-- 
Daniel Schepler

Bug#869898: RFS: dtkcore/0.3.3-1 [ITP]

[Liang Guo]

Have you ask upstream to correct source file's license header ?

Thanks,

On Thu, Jul 27, 2017 at 11:40 PM, Boyuan Yang <073p...@gmail.com> wrote:
> 2017-07-27 22:47 GMT+08:00 Liang Guo :
>> On Thu, Jul 27, 2017 at 10:25 PM, ChangZhuo Chen  wrote:
>>> On Thu, Jul 27, 2017 at 09:30:52PM +0800, Boyuan Yang wrote:
   Alioth packaging repository:

 https://anonscm.debian.org/git/collab-maint/dtkcore.git
>>>
>>> * The copyrights in src/log/* are different from other files, please
>>>   check copyright header of every file and list them in
>>>   debian/copyright.
>>>
>>> * This symbol control file for libdtkcore.so is missing. Please help to
>>>   add it.
>>
>> Agree, beside these problem, please notice:
>>
>> * debian/docs is empty please remove
>>
>> * Their should be an short license declaration in each *.{c,h,cpp}
>> file.  For GPL3 license files, the short license should like this:
>> 
>> Copyright (C)   
>>
>> This program is free software: you can redistribute it and/or modify
>> it under the terms of the GNU General Public License as published by
>> the Free Software Foundation, either version 3 of the License, or
>> (at your option) any later version.
>>
>> This program is distributed in the hope that it will be useful,
>> but WITHOUT ANY WARRANTY; without even the implied warranty of
>> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
>> GNU General Public License for more details.
>>
>> You should have received a copy of the GNU General Public License
>> along with this program.  If not, see .
>>
>> Please ask the original author to complete the license declaration.
>>
>> * debian/copyright file should obey DEP-5 proposal[1]
>>
>>
>> [1] https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
>>
>>
>> --
>> Liang Guo
>> http://guoliang.me/
>
> Thank you all for detailed review with this package.
>
> I have checked the packaging src again with check-all-the-things and
> fixed all problems that can be fixed in debian/ directory. d/copyright
> information has been updated after manual check with the source code.
>
> Detailed changes can be found on
> anonscm.debian.org/git/collab-maint/dtkcore.git git repository. Source
> packages on mentors.d.o and debomatic-amd64.d.o are also updated
> accordingly.
>
> Thanks,
> Boyuan Yang



-- 
Liang Guo
http://guoliang.me/

Bug#870215: RFS: stendhal/0.1-1 [ITP] -- Multiplayer online adventure game with an old school feel

[Carlos Donizete Froes]

Em dom, 2017-07-30 às 21:24 -0400, Paul Wise escreveu:
> In my first mail I was confused, since you previously had an ITP/RFS
> for stendhal-installer and I assumed this package was the proper
> package of Stendhal from source, instead of a wrapper script.
> 
> In addition; you are misrepresenting Stendhal as your own project.
> Your project is not Stendhal, it is a wrapper script for Stendhal. I
> suggest you rename your project to stendhal-installer,
> stendhal-wrapper or similar and mention the original upstream project.
> In addition, the claim "as that would breach copyright laws" seems to
> be incorrect since the Stendhal project appears to be DFSG-free as it
> is licensed under GPLv2+

Understood, I'll make the changes. Thank you very much!

-- 
⢀⣴⠾⠻⢶⣦⠀ Carlos Donizete Froes [a.k.a coringao]
⣾⠁⢠⠒⠀⣿⡁ - https://wiki.debian.org/coringao
⢿⡄⠘⠷⠚⠋⠀ GPG: 4096R/B638B780
⠈⠳⣄⠀⠀⠀   2157 630B D441 A775 BEFF  D35F FA63 ADA6 B638 B780

signature.asc
Description: This is a digitally signed message part

Bug#870215: RFS: stendhal/0.1-1 [ITP] -- Multiplayer online adventure game with an old school feel

[Paul Wise]

On Sun, Jul 30, 2017 at 8:58 PM, Carlos Donizete Froes wrote:

> Sorry, I have a question, even though it is a project of my own.
>
> Do I have to add the Stendhal link?

In my first mail I was confused, since you previously had an ITP/RFS
for stendhal-installer and I assumed this package was the proper
package of Stendhal from source, instead of a wrapper script.

In addition; you are misrepresenting Stendhal as your own project.
Your project is not Stendhal, it is a wrapper script for Stendhal. I
suggest you rename your project to stendhal-installer,
stendhal-wrapper or similar and mention the original upstream project.
In addition, the claim "as that would breach copyright laws" seems to
be incorrect since the Stendhal project appears to be DFSG-free as it
is licensed under GPLv2+

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Bug#870042: RFS: gsettings-qt/0.1+16.04.20170729-1 [ITP]

[Boyuan Yang]

2017-07-31 9:04 GMT+08:00 Lisandro Damián Nicanor Pérez Meyer
:
> On sábado, 29 de julio de 2017 11:21:40 -03 Pino Toscano wrote:
>> Hi,
>>
>> I'm not uploading it myself,
>
> Neither me, but I wanted to add some more info to what Pino already provided.
>
>> but there are various things that ought to
>> be fixed:
>>
>> a) qtchooser is not needed in Build-Depends, it's an "implementation
>>detail"
>
> You might want to take a look at
>
> 
>
>> b) we don't use a "qtdeclarative5-" prefix for QML modules, but
>>"qml-module-"
>
> See 
>
>
>
> --
> Alas, I am dying beyond my means.
>   Oscar Wilde, as he sipped champagne on his deathbed
>
> Lisandro Damián Nicanor Pérez Meyer
> http://perezmeyer.com.ar/
> http://perezmeyer.blogspot.com/

Thank you all for the detailed review, which really helps.

I'm not really familiar with C++/Qt/KDE packaging but this package
falls in this range as a dependency unfortunately.
I will read those instructions and fix problems.

Regards,
Boyuan Yang

Bug#870042: RFS: gsettings-qt/0.1+16.04.20170729-1 [ITP]

[Lisandro Damián Nicanor Pérez Meyer]

On sábado, 29 de julio de 2017 11:21:40 -03 Pino Toscano wrote:
> Hi,
> 
> I'm not uploading it myself,

Neither me, but I wanted to add some more info to what Pino already provided.

> but there are various things that ought to
> be fixed:
> 
> a) qtchooser is not needed in Build-Depends, it's an "implementation
>detail"

You might want to take a look at



> b) we don't use a "qtdeclarative5-" prefix for QML modules, but
>"qml-module-"

See 



-- 
Alas, I am dying beyond my means.
  Oscar Wilde, as he sipped champagne on his deathbed

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/


signature.asc
Description: This is a digitally signed message part.

Bug#870215: RFS: stendhal/0.1-1 [ITP] -- Multiplayer online adventure game with an old school feel

[Carlos Donizete Froes]

Em dom, 2017-07-30 às 20:41 -0400, Paul Wise escreveu:
> On Sun, Jul 30, 2017 at 8:22 PM, Carlos Donizete Froes wrote:
> 
> >  * URL : https://github.com/coringao/stendhal
> 
> This is the wrong link, it should be:
> 
> https://stendhalgame.org/
> 
> >  * License : GPL-2+
> >    Section : contrib/games
> 
> This is the wrong section for a package that seems to be DFSG-free at
> first glance, it should be 'games'.
> 

Sorry, I have a question, even though it is a project of my own.

Do I have to add the Stendhal link?

-- 
⢀⣴⠾⠻⢶⣦⠀ Carlos Donizete Froes [a.k.a coringao]
⣾⠁⢠⠒⠀⣿⡁ - https://wiki.debian.org/coringao
⢿⡄⠘⠷⠚⠋⠀ GPG: 4096R/B638B780
⠈⠳⣄⠀⠀⠀   2157 630B D441 A775 BEFF  D35F FA63 ADA6 B638 B780

signature.asc
Description: This is a digitally signed message part

Bug#870216: tex-common: Old configuration style (still) found in /etc/texmf/fmt.d

[Jon]

Package: tex-common
Version: 6.06
Severity: normal

Dear Maintainer,

   * What led up to the situation?

Upgraded from jessie (8.9) to stretch (9.1)

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

During install, got the exact same 'Warning: Old configuration style found in
/etc/texmf/fmt.d'
dialog seen in bug 851598. That bug is archived and appears to
claim that it's fixed in tex-common 6.06, but in fact I was
installing tex-common 6.06 and the problem with the extraneous
/etc/texmf/fmt.d/10texlive-math-extra.cnf file still came up.

After poking around 851598 for a while, I ended up doing
'dpkg -P texlive-math-extra' which removed the ancient
file being warned about.

   * What was the outcome of this action?

I did not expect the warning on upgrading.

   * What outcome did you expect instead?

That the upgrade would remove any such leftover configuration
files from packages that had been obsoleted and replaced.



-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages tex-common depends on:
ii  dpkg  1.18.24
ii  ucf   3.0036

tex-common recommends no packages.

Versions of packages tex-common suggests:
ii  debhelper  10.2.5

Versions of packages texlive-base depends on:
ii  debconf [debconf-2.0]  1.5.61
ii  libpaper-utils 1.1.24+nmu5
ii  texlive-binaries   2016.20160513.41080.dfsg-2
ii  ucf3.0036
ii  xdg-utils  1.1.1-1

Versions of packages texlive-base recommends:
ii  lmodern  2.004.5-3

Versions of packages texlive-base suggests:
ii  acroread [pdf-viewer]9.5.5-dmo2
ii  evince [postscript-viewer]   3.22.1-3+deb9u1
ii  ghostscript [postscript-viewer]  9.20~dfsg-3.2
ii  gv [postscript-viewer]   1:3.7.4-1+b1
ii  okular [postscript-viewer]   4:16.08.2-1+b1
pn  perl-tk  
ii  xpdf [pdf-viewer]3.04-4

Versions of packages texlive-binaries depends on:
ii  dpkg  1.18.24
ii  install-info  6.3.0.dfsg.1-1+b2
ii  libc6 2.24-11+deb9u1
ii  libcairo2 1.14.8-1
ii  libfontconfig12.11.0-6.7+b1
ii  libfreetype6  2.6.3-3.2
ii  libgcc1   1:6.3.0-18
ii  libgmp10  2:6.1.2+dfsg-1
ii  libgraphite2-31.3.10-1
ii  libgs99.20~dfsg-3.2
ii  libharfbuzz-icu0  1.4.2-1
ii  libharfbuzz0b 1.4.2-1
ii  libice6   2:1.0.9-2
ii  libicu57  57.1-6
ii  libkpathsea6  2016.20160513.41080.dfsg-2
ii  libmpfr4  3.1.5-1
ii  libpaper1 1.1.24+nmu5
ii  libpixman-1-0 0.34.0-1
ii  libpng16-16   1.6.28-1
ii  libpoppler64  0.48.0-2
ii  libpotrace0   1.13-3
ii  libptexenc1   2016.20160513.41080.dfsg-2
ii  libsm62:1.2.2-1+b3
ii  libstdc++66.3.0-18
ii  libsynctex1   2016.20160513.41080.dfsg-2
ii  libtexlua52   2016.20160513.41080.dfsg-2
ii  libtexluajit2 2016.20160513.41080.dfsg-2
ii  libx11-6  2:1.6.4-3
ii  libxaw7   2:1.0.13-1+b2
ii  libxext6  2:1.3.3-1+b2
ii  libxi62:1.7.9-1
ii  libxmu6   2:1.1.2-2
ii  libxpm4   1:3.5.12-1
ii  libxt61:1.1.5-1
ii  libzzip-0-13  0.13.62-3.1
ii  perl  5.24.1-3+deb9u1
ii  t1utils   1.39-2
ii  zlib1g1:1.2.8.dfsg-5

Versions of packages texlive-binaries recommends:
ii  python2.7.13-2
ii  ruby  1:2.3.3
ii  texlive-base  2016.20170123-5
ii  tk [wish] 8.6.0+9

-- debconf information:
  tex-common/check_texmf_wrong:
  texlive-base/texconfig_ignorant:
  tex-common/check_texmf_missing:
  texlive-base/binary_chooser: pdftex, dvips, dvipdfmx, xdvi

Bug#861378: lists.debian.org: Please update list description for debian-chinese-{gb,big5}

[Boyuan Yang]

2017-07-30 19:08 GMT+08:00 Hanno 'Rince' Wagner :
> Hi Boyuan!
>
> On Sun, 30 Jul 2017, Boyuan Yang wrote:
>
>> I'm sorry, but you seem to have text of two lists mixed up.
>
> Yes, it was mixed up; I fixed it now.
>
> if you want to drop or create other mailinglists, please create
> open another bug since the main problem (wrong descriptions) is now
> fixed.
>
> Mit freundlichen Grüßen, Hanno Wagner
> best regards, Hanno Wagner, Listmaster of the day

Thanks. Confirmed that the text is correct now.

Issues around dropping certain list will be discussed on DebConf 2017.
Let's wait till after that
and discuss the issue in another bug if needed.

Regards,
Boyuan Yang

Bug#870215: RFS: stendhal/0.1-1 [ITP] -- Multiplayer online adventure game with an old school feel

[Paul Wise]

On Sun, Jul 30, 2017 at 8:22 PM, Carlos Donizete Froes wrote:

>  * Package name: stendhal
> dget -x 
> https://mentors.debian.net/debian/pool/contrib/s/stendhal/stendhal_0.1-1.dsc

Since this does not include stendhal, just a script to download the
upstream JAR, I think you should call this stendhal-installer or
similar.

It would also be better to package stendhal properly, since it seems
to be DFSG-free.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Bug#870215: RFS: stendhal/0.1-1 [ITP] -- Multiplayer online adventure game with an old school feel

[Paul Wise]

On Sun, Jul 30, 2017 at 8:22 PM, Carlos Donizete Froes wrote:

>  * URL : https://github.com/coringao/stendhal

This is the wrong link, it should be:

https://stendhalgame.org/

>  * License : GPL-2+
>Section : contrib/games

This is the wrong section for a package that seems to be DFSG-free at
first glance, it should be 'games'.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Bug#870185: Acknowledgement (FATAL: kernel 4.11.0-0.bpo.1-marvell does not boot on QNAP TS-219P II)

[Robert Schlabbach]

I made a little mistake in the description above: The kernel I had on my QNAP 
TS-219P II before was linux-image-4.9.0-3-marvell_4.9.30-2+deb9u2 - and this 
appears to be the last version that boots.

I've tried loading mkimage'd kernels+dtbs via tftpd into my broken QNAP TS-219P 
II from these packages and _none_ of these boots:

linux-image-4.11.0-0.bpo.1-marvell_4.11.6-1~bpo9+1_armel.deb
linux-image-4.11.0-1-marvell_4.11.6-1_armel.deb
linux-image-4.11.0-2-marvell_4.11.11-1+b1_armel.deb

when I do the same procedure using the kernel+dtb from 
linux-image-4.9.0-3-marvell_4.9.30-2+deb9u2_armel.deb, it does boot. Not fully, 
since the flashed initramfs does not match the kernel version, but at least it 
doesn't die immediately like all the 4.11 kernel builds do.

Bug#870215: RFS: stendhal/0.1-1 [ITP] -- Multiplayer online adventure game with an old school feel

[Carlos Donizete Froes]

Package: sponsorship-requests
Severity: normal


  Dear mentors,

  I am looking for a sponsor for my package "stendhal"

 * Package name: stendhal
   Version : 0.1-1
   Upstream Author : Carlos Donizete Froes 
 * URL : https://github.com/coringao/stendhal
 * License : GPL-2+
   Section : contrib/games

  It builds those binary packages:

stendhal   - Multiplayer online adventure game with an old school feel

  To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/stendhal

  Alternatively, one can download the package with dget using this command:

dget -x 
https://mentors.debian.net/debian/pool/contrib/s/stendhal/stendhal_0.1-1.dsc

  More information about stendhal can be obtained from 
https://github.com/coringao/stendhal/wiki.

  Regards,
   Carlos Donizete Froes

Bug#870214: backupninja: sys handler wrongly reports warning due to wrong devices list

[quidame]

Package: backupninja
Version: 1.0.1-2
Severity: normal
Tags: upstream

Hi,

After upgrading to Stretch, backupninja's sys handler reports
warnings saying that "the partition table for /dev/mapper/vg-lv
could not be saved" (one warning per Logical Volume)

Reading in /usr/share/backupninja/sys, it appears that the
devices list is filtered from the 'sfdisk -l' output. Then
devices are processed by 'sfdisk -d'.

But the behavior of 'sfdisk -d' has changed:

- Jessie:
root@host:~# sfdisk -d /dev/mapper/vg0-lv0; echo $?
0

- Stretch:
root@host:~# sfdisk -d /dev/mapper/vg0-lv0; echo $?
sfdisk: /dev/mapper/vg0-lv0: does not contain a recognized partition table
1

It means that what was silently ignored is now clearly a case of
failure. But as 'sfdisk -d' by itsel is a purpose of the sys
plugin, and so can't be changed, the way devices are listed
should probably be changed.

Parsing 'lsblk -o kname,type' instead of 'sfdisk -l' to build
the devices list fixed the problem on our server.

Cheers,
quidame



-- System Information:
Debian Release: 8.9
  APT prefers oldstable
  APT policy: (990, 'oldstable'), (500, 'oldstable-updates'), (500, 
'oldstable-proposed-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages backupninja depends on:
ii  bash4.3-11+deb8u1
ii  bsd-mailx [mailx]   8.1.2-0.20141216cvs-2
ii  dialog  1.2-20140911-1
ii  gawk1:4.1.1+dfsg-1
ii  heirloom-mailx [mailx]  12.5-4
ii  mawk1.3.3-17

backupninja recommends no packages.

Versions of packages backupninja suggests:
ii  bzip2  1.0.6-7+b3
ii  debconf-utils  1.5.56+deb8u1
ii  duplicity  0.6.24-1
ii  genisoimage9:1.1.11-3
ii  hwinfo 21.6-1
ii  mdadm  3.3.2-5+deb8u2
pn  rdiff-backup   
ii  rsync  3.1.1-3
ii  subversion 1.8.10-6+deb8u4
pn  trickle
ii  wodim  9:1.1.11-3

-- Configuration Files:
/etc/backupninja.conf changed [not included]

-- no debconf information

Bug#870213: pajeng FTBFS with perl 5.26

[Adrian Bunk]

Source: pajeng
Version: 1.3.4-2
Severity: serious
Tags: buster sid

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/pajeng.html

...
  Start 12: pj_validate_simu-mardi
 1/12 Test  #4: pj_dump_native_paje ..***Failed0.10 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.

 2/12 Test  #7: pj_dump_small ***Failed0.09 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.

 3/12 Test  #6: pj_dump_simu-mardi ...***Failed0.11 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.

 4/12 Test  #5: pj_dump_shurakai .***Failed0.12 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.

 5/12 Test  #2: pj_dump_g5k ..***Failed0.14 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.

 6/12 Test  #3: pj_dump_ms ...***Failed0.13 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.

 7/12 Test  #1: pj_dump_categories ...***Failed0.14 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.

 8/12 Test  #8: pj_equals ***Failed0.10 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.

 9/12 Test #10: pj_validate_g5k ..***Failed0.07 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.

10/12 Test  #9: pj_validate_categories ...***Failed0.08 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.

11/12 Test #11: pj_validate_ms ...***Failed0.11 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.

12/12 Test #12: pj_validate_simu-mardi ...***Failed0.09 sec
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/\${ <-- HERE (\w+)(?::[=-][^}]*)?}/ at 
/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu/bin/tesh line 235.


0% tests passed, 12 tests failed out of 12

Total Test time (real) =   0.21 sec

The following tests FAILED:
  1 - pj_dump_categories (Failed)
  2 - pj_dump_g5k (Failed)
  3 - pj_dump_ms (Failed)
  4 - pj_dump_native_paje (Failed)
  5 - pj_dump_shurakai (Failed)
  6 - pj_dump_simu-mardi (Failed)
  7 - pj_dump_small (Failed)
  8 - pj_equals (Failed)
  9 - pj_validate_categories (Failed)
 10 - pj_validate_g5k (Failed)
 11 - pj_validate_ms (Failed)
 12 - pj_validate_simu-mardi (Failed)
Errors while running CTest
Makefile:97: recipe for target 'test' failed
make[1]: *** [test] Error 8
make[1]: Leaving directory '/build/1st/pajeng-1.3.4/obj-x86_64-linux-gnu'
dh_auto_test: make -j16 test ARGS+=-j16 returned exit code 2
debian/rules:13: recipe for target 'build' failed
make: *** [build] Error 2

Bug#870076: marked as done (src:chrony: maintainer address bounces)

[Vincent Blut]

On Sat, Jul 29, 2017 at 03:53:28PM -0400, Paul Gevers wrote:

Hi,


Hello Paul,


On 29-07-17 10:15, Debian Bug Tracking System wrote:

The maintainer address for chrony bounces, see below.


Indeed, that seems to happen from time to time. Sadly, my provider
remains silent about these issues.

I’m naively closing the bug report in the hope that things will improve.


As sponsor for Vincent, I vouch that indeed it can't be "failing for a
long time" in general as I generally contact Vincent via that
e-mail-address as well.


Thanks you for your support.


The issue is severe though. Vincent, is there
any way to bug your provider a bit more?


Sure, I will try again.

I wonder if it is similar to my issues with my ISP where DKIM is broken 
in the BTS, i.e. my ISP puts responses that arrive via the BTS and that 
are DKIM signed in my SPAM box (including my own).


According to the message reported by the MTA (all hosts for 'free.fr' have
been failing for a long time…), it looks more like a temporary failure of the
service provided by my ISP.


Also my ISP doesn't respond to my queries.


Seems to be common these days. :(


Paul


Cheers,
Vincent


signature.asc
Description: PGP signature

Bug#870212: mate-panel FTBFS: org.mate.panel.toplevel.gschema.xml:24:1 Error on line 24 char 1: not (yet) defined.. --strict was specified; exiting.

[Adrian Bunk]

Source: mate-panel
Version: 1.18.4-1
Severity: serious

https://buildd.debian.org/status/package.php?p=mate-panel=sid

...
Making all in data
make[3]: Entering directory '/<>/data'
glib-mkenums --comments '' --fhead "" --vhead "  
<@type@ id='org.mate.panel.@EnumName@'>" --vprod "" --vtail "  " --ftail "" 
../mate-panel/panel-enums-gsettings.h > org.mate.panel.enums.xml.tmp && mv 
org.mate.panel.enums.xml.tmp org.mate.panel.enums.xml
/usr/lib/x86_64-linux-gnu/glib-2.0/glib-compile-schemas --strict --dry-run 
--schema-file=org.mate.panel.enums.xml --schema-file=org.mate.panel.gschema.xml 
&& mkdir -p . && touch org.mate.panel.gschema.valid
/usr/lib/x86_64-linux-gnu/glib-2.0/glib-compile-schemas --strict --dry-run 
--schema-file=org.mate.panel.enums.xml 
--schema-file=org.mate.panel.object.gschema.xml && mkdir -p . && touch 
org.mate.panel.object.gschema.valid
/usr/lib/x86_64-linux-gnu/glib-2.0/glib-compile-schemas --strict --dry-run 
--schema-file=org.mate.panel.enums.xml 
--schema-file=org.mate.panel.toplevel.gschema.xml && mkdir -p . && touch 
org.mate.panel.toplevel.gschema.valid
/usr/lib/x86_64-linux-gnu/glib-2.0/glib-compile-schemas --strict --dry-run 
--schema-file=org.mate.panel.enums.xml 
--schema-file=org.mate.panel.menubar.gschema.xml && mkdir -p . && touch 
org.mate.panel.menubar.gschema.valid
org.mate.panel.toplevel.gschema.xml:24:1  Error on line 24 char 1:  not (yet) defined..  --strict was 
specified; exiting.
Makefile:638: recipe for target 'org.mate.panel.toplevel.gschema.valid' failed
make[3]: *** [org.mate.panel.toplevel.gschema.valid] Error 1
make[3]: *** Waiting for unfinished jobs
make[3]: Leaving directory '/<>/data'
Makefile:534: recipe for target 'all-recursive' failed
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory '/<>'
Makefile:466: recipe for target 'all' failed
make[1]: *** [all] Error 2
make[1]: Leaving directory '/<>'
dh_auto_build: make -j4 returned exit code 2
debian/rules:10: recipe for target 'build-arch' failed
make: *** [build-arch] Error 2

Bug#870202: mosh-server failing to start with a missing symbol

[Ivan Vučica]

Good point. I did indeed have protobuf and protoc libraries lying around in
/usr/local.

I thought I checked all the stuff, but I guess I should have done that
strace I considered doing.

Thanks, sorry for the spurious bug report.

On Sun, Jul 30, 2017, 23:24 Keith Winstein  wrote:

> Thank you for this report. Is it possible you have a different version of
> libprotobuf in your LD_LIBRARY_PATH, or a different version of mosh-server
> in your PATH?
>
> (Do you have anything related to libprotobuf in /usr/local ?)
>
> On Sun, Jul 30, 2017 at 2:40 PM, Ivan Vucica  wrote:
>
>> Package: mosh
>> Version: 1.2.6-1+b2
>> Severity: important
>>
>> Dear Maintainer,
>>
>> Yesterday I updated almost all of my system to stretch / stable.
>> (Stragglers
>> include things like php which might break some of my projects.)
>>
>> Today I am no longer able to connect to my server with mosh. Running
>> mosh-server manually results in:
>>
>>   mosh-server: symbol lookup error: mosh-server: undefined symbol:
>> _ZNK6google8protobuf11MessageLite25InitializationErrorStringB5cxx11Ev
>>
>> Perhaps there is some incompatibility with libprotobuf?
>>
>> Could we please patch stretch / stable?
>>
>> -- System Information:
>> Debian Release: 9.1
>>   APT prefers stable
>>   APT policy: (500, 'stable')
>> Architecture: amd64 (x86_64)
>>
>> Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
>> Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968), LANGUAGE=en_US:en
>> (charmap=ANSI_X3.4-1968)
>> Shell: /bin/sh linked to /bin/dash
>> Init: systemd (via /run/systemd/system)
>>
>> Versions of packages mosh depends on:
>> ii  dpkg1.18.24
>> ii  libc6   2.24-11+deb9u1
>> ii  libgcc1 1:6.3.0-18
>> ii  libprotobuf10   3.0.0-9
>> ii  libssl1.1   1.1.0f-3
>> ii  libstdc++6  6.3.0-18
>> ii  libtinfo5   6.0+20161126-1
>> ii  libutempter01.1.6-3
>> ii  openssh-client  1:7.4p1-10+deb9u1
>> ii  zlib1g  1:1.2.8.dfsg-5
>>
>> Versions of packages mosh recommends:
>> ii  perl-base [libio-socket-ip-perl]  5.24.1-3+deb9u1
>>
>> mosh suggests no packages.
>>
>> -- no debconf information
>>
>
>

Bug#870211: Dead link: "Wiki help"

[Luke W Faraone]

Package: nm.debian.org
Severity: normal

There's a link from /process/:id to the [wiki][1], but unfortunately
it appears to be dead.

I looked around and wasn't able to find the correct link target.

[1]: https://wiki.debian.org/nm.debian.org/Process

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Bug#870210: slic3r-prusa: Execute end G-code on abort

[Joe Pfeiffer]

Package: slic3r-prusa
Version: 1.36.0+dfsg-1
Severity: wishlist

It would be nice if it were possible to execute the custom End G-code
when a print is aborted.  I end up doing all the steps manually
anyway, and it would add a bit of convenience.

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (700, 'testing'), (650, 'stable'), (600, 'unstable'), (550, 
'experimental'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages slic3r-prusa depends on:
ii  libboost-filesystem1.62.0  1.62.0+dfsg-4+b1
ii  libboost-geometry-utils-perl   0.15-2+b6
ii  libboost-log1.62.0 1.62.0+dfsg-4+b1
ii  libboost-system1.62.0  1.62.0+dfsg-4+b1
ii  libboost-thread1.62.0  1.62.0+dfsg-4+b1
ii  libc6  2.24-12
ii  libencode-locale-perl  1.05-1
ii  libexpat1  2.2.2-2
ii  libgcc11:7.1.0-10
ii  libgl1-mesa-glx [libgl1]   13.0.6-1+b2
ii  libglew2.0 2.0.0-4
ii  libglu1-mesa [libglu1] 9.0.0-2.1
ii  libio-stringy-perl 2.111-2
ii  libmath-convexhull-monotonechain-perl  0.1-1+b6
ii  libmath-geometry-voronoi-perl  1.3-2+b5
ii  libmath-planepath-perl 124-1
ii  libmoo-perl2.003002-1
ii  libperl5.26 [libtime-hires-perl]   5.26.0-4
ii  libstdc++6 7.1.0-10
pn  libstorable-perl   
ii  libtbb24.3~20150611-2
ii  libwxbase3.0-0v5   3.0.2+dfsg-4
ii  libwxgtk3.0-0v53.0.2+dfsg-4
ii  perl   5.26.0-4

Versions of packages slic3r-prusa recommends:
ii  libclass-xsaccessor-perl  1.19-2+b9
ii  libio-all-perl0.86-2
ii  libopengl-perl0.6704+dfsg-2+b4
ii  libpdf-api2-perl  2.030-1
ii  libsvg-perl   2.64-1
ii  libwx-glcanvas-perl   0.09-3+b5
ii  libwx-perl1:0.9932-1+b1
ii  libxml-sax-expatxs-perl   1.33-2+b4

slic3r-prusa suggests no packages.

-- no debconf information

Bug#870209: cmake: Break build dependency cycle with libjsoncpp

[Daniel Schepler]

Source: cmake
Version: 3.9.0-1
Severity: wishlist

The cmake source package is currently not bootstrappable because even
in the stage1 build profile, it still Build-Depends on libjsoncpp-dev
which in turn Build-Depends on cmake.  It would be nice if stage1
could be built without libjsoncpp-dev.  Of course, then the resulting
binary package would be different, so probably that build profile
would need to produce a "cmake-stage1" package.  (And then, probably a
stage2 build would also be needed, which would provide the actual
cmake package but still without cmake-qt-gui.)
-- 
Daniel Schepler

Bug#870208: [Mudlet] Bug in Version 3.2.0 and (3.3.0) causes loss of user created content

[Stephen Lyons]

Package: Mudlet
Version: 1:3.2.0-1
Severity: grave

--- Please enter the report below this line. ---
ADVISORY FROM UPSTREAM:

A defect present in the Mudlet Version currently included in "Testing"
and "Unstable" causes user created content
("Triggers"/"Aliases"/"Buttons"/"Keys"/"Scripts") to be lost when a MUD
session/profile is closed and saved then opened and reloaded then closed
and saved a second time.  Due to a flag not being initialised when each
instance of any of the above "items" are loaded they can be incorrectly
marked as being "temporary" and thus not to be saved at the end of a
session.

This issue was reported in Issue:
https://github.com/Mudlet/Mudlet/issues/1174
and corrected by Pull-Request:
https://github.com/Mudlet/Mudlet/pull/1179 which was incorporated into
Version: 3.3.1

I am one of the "Mudlet Makers" (Upstream coders) and wish to ensure
that fellow Debian users do not suffer problems that we have already
fixed. 8-)

Stephen



signature.asc
Description: OpenPGP digital signature

Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1

[Luca Boccassi]

On Sun, 2017-07-30 at 23:44 +0100, Adam D. Barratt wrote:
> On Sun, 2017-07-30 at 23:23 +0100, Luca Boccassi wrote:
> > On Sun, 2017-07-30 at 23:19 +0100, Luca Boccassi wrote:
> > > Control: tags -1 - moreinfo
> > > 
> > > On Sun, 2017-07-30 at 23:04 +0100, Adam D. Barratt wrote:
> > > > Control: tags -1 + moreinfo
> > > > 
> > > > On Wed, 2017-07-26 at 22:51 +0100, Luca Boccassi wrote:
> > > > > The non-free proprietary nvidia-graphics-drivers version
> > > > > 375.66
> > > > > in
> > > > > Stretch is affected by CVE-2017-6257 and CVE-2017-6259.
> > > > > Debian
> > > > > bug:
> > > > > 
> > > > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783
> > > > > 
> > > > > Please consider allowing the new upstream version 375.82,
> > > > > which
> > > > > fixes
> > > > > these CVEs, in proposed-updates. As usual with these
> > > > > proprietary
> > > > > drivers, we cannot just cherry-pick the fixes for the CVEs as
> > > > > they
> > > > > are
> > > > > in the binary blobs.
> > > > > 
> > > > > I have tested this new version on a Stretch amd64 desktop and
> > > > > didn't
> > > > > encounter any issue.
> > > > > 
> > > > > The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached.
> > > > 
> > > > While I'm sure it's probably fine, could we have a diff of the
> > > > proposed
> > > > 375.82-1~deb9u1, as built and tested on stretch, please?
> 
> [...]
> > > There were no changes when I opened the bug apart from the new
> > > changelog entry.
> > > 
> > > Andreas has since committed 2 small fixes to the changelog as
> > > well,
> > > inlined, just minor clarifications. I still find the way upstream
> > > compiles their changelog quite confusing and often make mistakes
> > > when
> > > copying over :-)
> > > 
> > > Kind regards,
> > > Luca Boccassi
> > 
> > To further clarify, the debdiff I attached originally is the one
> > from
> > the source I built and tested on Stretch.
> 
> That's rather confusing, given that it had the changelog set to
> "unstable"...
> 
> Regards,
> 
> Adam

It was confusing, sorry about that.

It was a local build from SVN on my Stretch machine to test it, so I
hadn't updated the changelog with the stable entry yet.

Kind regards,
Luca Boccassi

signature.asc
Description: This is a digitally signed message part

Bug#870207: light-locker-command --lock returns 0 without locking (breaks slock)

[Daniel Shahaf]

Package: light-locker
Version: 1.7.0-3
Severity: serious
Justification: breaks unrelated software

Dear Maintainer,

On my system, 'light-locker-command --lock' returns 0 without doing
anything.  I presume that is because there no 'light-locker' process is
running (due to #858445).  In case it's relevant, I don't use lightdm
either; I login by running 'startx' in a vt.

That breaks the Ctrl+Alt+Del (lock screen) combination in xfce4, which
defaults to running xflock4.  xflock4 invokes a number of screen lockers
and exits whenever any one of them returns true:

% sh -x /usr/bin/xflock4
+ PATH=/bin:/usr/bin
+ export PATH
+ xscreensaver-command -lock
+ light-locker-command --lock
+ exit
(the screen did not lock)

Could the --lock option please learn to return non-zero when it did not
lock the screen.   This way, xflock4 would start working again.

Thanks,

Daniel

P.S. My /usr/bin/xflock4 comes from xfce4-session/4.12.1-5.


-- System Information:
Debian Release: 9.0
  APT prefers proposed-updates
  APT policy: (500, 'proposed-updates'), (500, 'stable'), (250, 'testing'), 
(200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages light-locker depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.26.0-2+b1
ii  libc62.24-11+deb9u1
ii  libcairo21.14.8-1
ii  libdbus-1-3  1.10.18-1
ii  libdbus-glib-1-2 0.108-2
ii  libglib2.0-0 2.50.3-2
ii  libgtk-3-0   3.22.11-1
ii  libpango-1.0-0   1.40.5-1
ii  libpangocairo-1.0-0  1.40.5-1
ii  libsystemd0  232-25
ii  libx11-6 2:1.6.4-3
ii  libxext6 2:1.3.3-1+b2
ii  libxss1  1:1.2.2-1
ii  lightdm  1.18.3-1

light-locker recommends no packages.

light-locker suggests no packages.

-- debconf-show failed

Bug#841951: [PATCH]: bitcoin-qt segfaults on startup

[Lisandro Damián Nicanor Pérez Meyer]

On domingo, 30 de julio de 2017 08:55:59 -03 Erik de Castro Lopo wrote:
> Lisandro Damián Nicanor Pérez Meyer wrote:
> > As you can see in
> > 
> >   
> > 
> > the patch is not exactly right.
> 
> I've have be running with that patch in its current form since the start
> of the year. Afaiac its works as intended.
> 
> > That needs to be fixed before we add that patch, be it locally or in
> > upstream (although upstream is much better).
> 
> So who is it that does that?

Whoever that has time in her/his hands. I currently don't, so I can push it 
further I'm afraid.


-- 
Los chicos tienen un mayor dominio de la tecnología (y las habilidades y
lenguaje que eso implica) que los adultos con los que se relacionan. Por lo
general saben más que sus propios padres, sus docentes, sus pediatras,
psicólogos, que los políticos y funcionarios de sus comunidades. Eso afectó la
autoridad que tenía un adulto para habilitar al mundo.
  Luis Pescetti
  http://www.luispescetti.com/regale-su-obra/

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/


signature.asc
Description: This is a digitally signed message part.

Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1

[Adam D. Barratt]

On Sun, 2017-07-30 at 23:23 +0100, Luca Boccassi wrote:
> On Sun, 2017-07-30 at 23:19 +0100, Luca Boccassi wrote:
> > Control: tags -1 - moreinfo
> > 
> > On Sun, 2017-07-30 at 23:04 +0100, Adam D. Barratt wrote:
> > > Control: tags -1 + moreinfo
> > > 
> > > On Wed, 2017-07-26 at 22:51 +0100, Luca Boccassi wrote:
> > > > The non-free proprietary nvidia-graphics-drivers version 375.66
> > > > in
> > > > Stretch is affected by CVE-2017-6257 and CVE-2017-6259. Debian
> > > > bug:
> > > > 
> > > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783
> > > > 
> > > > Please consider allowing the new upstream version 375.82, which
> > > > fixes
> > > > these CVEs, in proposed-updates. As usual with these proprietary
> > > > drivers, we cannot just cherry-pick the fixes for the CVEs as
> > > > they
> > > > are
> > > > in the binary blobs.
> > > > 
> > > > I have tested this new version on a Stretch amd64 desktop and
> > > > didn't
> > > > encounter any issue.
> > > > 
> > > > The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached.
> > > 
> > > While I'm sure it's probably fine, could we have a diff of the
> > > proposed
> > > 375.82-1~deb9u1, as built and tested on stretch, please?
[...]
> > There were no changes when I opened the bug apart from the new
> > changelog entry.
> > 
> > Andreas has since committed 2 small fixes to the changelog as well,
> > inlined, just minor clarifications. I still find the way upstream
> > compiles their changelog quite confusing and often make mistakes when
> > copying over :-)
> > 
> > Kind regards,
> > Luca Boccassi
> 
> To further clarify, the debdiff I attached originally is the one from
> the source I built and tested on Stretch.

That's rather confusing, given that it had the changelog set to
"unstable"...

Regards,

Adam

Bug#870136:

[Dennis van Dok]

On 30-07-17 12:27, Dio Putra wrote:
> Hi, sorry for this accident. However, please correct this typo in here. 
> Thanks.

OK, fixed; thanks for the translation.

Dennis

Bug#870206: synaptic: usability hell > bring back the menu icons

[HJ]

Package: synaptic
Version: 0.84.2
Severity: important

Dear Maintainer,

the GTK3 port removed all icons inside the application menus but other
applications(eg all MATE GTK3 ports) show that it is possible to have those in
GTK3. So would it be possible to re-add them?



-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.11.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages synaptic depends on:
ii  hicolor-icon-theme   0.15-1
ii  libapt-inst2.0   1.5~beta1
ii  libapt-pkg5.01.5~beta1
ii  libatk1.0-0  2.24.0-1
ii  libc62.24-12
ii  libcairo-gobject21.14.10-1
ii  libcairo21.14.10-1
ii  libept1.5.0  1.1+nmu3+b1
ii  libgcc1  1:7.1.0-10
ii  libgdk-pixbuf2.0-0   2.36.5-2
ii  libglib2.0-0 2.52.3-1
ii  libgnutls30  3.5.14-2
ii  libgtk-3-0   3.22.17-1
ii  libpango-1.0-0   1.40.6-1
ii  libpangocairo-1.0-0  1.40.6-1
ii  libpcre2-8-0 10.22-3
ii  libstdc++6   7.1.0-10
ii  libvte-2.91-00.46.2-1
ii  libx11-6 2:1.6.4-3
ii  libxapian30  1.4.4-2
ii  policykit-1  0.105-18
ii  zlib1g   1:1.2.8.dfsg-5

Versions of packages synaptic recommends:
ii  libgtk2-perl   2:1.24992-1+b1
pn  rarian-compat  
ii  xdg-utils  1.1.1-1

Versions of packages synaptic suggests:
pn  apt-xapian-index 
pn  deborphan
pn  dwww 
ii  menu 2.1.47+b1
pn  software-properties-gtk  
ii  tasksel  3.39

-- no debconf information

Bug#870205: stretch-pu: package librsb/1.2.0-rc5-3

[Rafael Laboissière]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

Dear Release Team,

Version 1.2.0-rc5-3 of the librsb package in stretch suffers a few severe 
bugs leading to numerically wrong results.  These were solved in the new 
upstream release 1.2.0-rc7.


Michele Martone, the upstream author, who also contributes to the Debian 
package, prepared a minimal patch by backporting the fixes from version 
1.2.0-rc7.  This patch was attached to the report of Bug#870137.


I am attaching below the debdiff between 1.2.0-rc5-3 and the stretch 
proposed-update 1.2.0-rc5-3+deb9u1.  This version includes the patch 
proposed by Michele Martone as well as a unit test C source file for 
verifying that the fix is really implemented.  I added small changes to 
debian/rules and debian/clean for compiling, running and cleaning this 
unit test.


Please, tell me whether this upload would be appropriate for the next 
point release of stretch.


Best regards,

Raael Laboissière

-- System Information: 
Debian Release: 9.0 
 APT prefers testing 
 APT policy: (650, 'testing'), (600, 'unstable'), (550, 'experimental'), (550, 'stable') 
Architecture: amd64 (x86_64) 
Foreign Architectures: i386


Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru librsb-1.2.0-rc5/debian/changelog librsb-1.2.0-rc5/debian/changelog
--- librsb-1.2.0-rc5/debian/changelog   2016-10-09 06:03:46.0 -0300
+++ librsb-1.2.0-rc5/debian/changelog   2017-07-30 18:01:10.0 -0300
@@ -1,3 +1,15 @@
+librsb (1.2.0-rc5-3+deb9u1) stretch; urgency=medium
+
+  * d/p/fix-numerical-computation.patch: New patch.
+This minimal patch backports the fixes to a few severe bugs leading to
+numerically wrong results.  These bugs are fixed in the upstream
+version 1.2.0-rc7.
+Thanks to Michele Martone for the patch (Closes: #870137)
+  * Add unit test for numerical bug fixed in version 1.2.0-rc7.
+Thanks to Michele Martone for the source file
+
+ -- Rafael Laboissiere   Sun, 30 Jul 2017 18:01:10 -0300
+
 librsb (1.2.0-rc5-3) unstable; urgency=medium
 
   * d/control: Use secure URL in Vcs-Git
diff -Nru librsb-1.2.0-rc5/debian/clean librsb-1.2.0-rc5/debian/clean
--- librsb-1.2.0-rc5/debian/clean   2016-09-22 16:57:56.0 -0300
+++ librsb-1.2.0-rc5/debian/clean   2017-07-30 17:57:26.0 -0300
@@ -10,3 +10,4 @@
 test.mtx
 doc/html/
 doc/man/man3/
+debian/rsb127_bugfix
diff -Nru librsb-1.2.0-rc5/debian/patches/fix-numerical-computation.patch 
librsb-1.2.0-rc5/debian/patches/fix-numerical-computation.patch
--- librsb-1.2.0-rc5/debian/patches/fix-numerical-computation.patch 
1969-12-31 21:00:00.0 -0300
+++ librsb-1.2.0-rc5/debian/patches/fix-numerical-computation.patch 
2017-07-30 18:00:11.0 -0300
@@ -0,0 +1,144 @@
+Description: Fix numerical computation bug
+ This is fixed in the upstream version 1.2.0-rc7.
+Author: Rafael Laboissiere 
+Forwarded: not-needed
+Last-Update: 2017-07-30
+
+--- librsb-1.2.0-rc5.orig/rsb_krnl_bcss_macros.m4
 librsb-1.2.0-rc5/rsb_krnl_bcss_macros.m4
+@@ -922,9 +922,9 @@ dnl// nt: ntransposition 
ttranspositi
+   k=fk;
+   if(k==lk)continue;
+   j=bindx[k];
+-  cacc += 
RSB_M4_CONJ(VA[k]*rhs[tcolsu*j*xstride],mtype,ntransposition,k_symmetry);
++  cacc += 
RSB_M4_CONJ(VA[k],mtype,ntransposition,k_symmetry)*rhs[tcolsu*j*xstride];
+   if(roff!=coff || (j!=i))
+-  
tout[(tcolsu)*(j)*ystride]+=RSB_M4_CONJ(VA[k]*bt,mtype,ttransposition,k_symmetry);
++  
tout[(tcolsu)*(j)*ystride]+=RSB_M4_CONJ(VA[k],mtype,ttransposition,k_symmetry)*bt;
+   ++k;
+ dnl RSB_M4_SIMPLE_LOOP_UNROLL_2S..
+ RSB_M4_SIMPLE_LOOP_UNROLL_2S_J(`k',`LI',`fk+1',`lk-1',`dnl
+@@ -933,7 +933,7 @@ dnl
+   `const mtype 
b_'``''LI`'=rhs[tcolsu*(`j_'``''LI`')*xstride];
+   `const mtype a_'``''LI`'=VA[k+LI];
+   `mtype 
c_'``''LI`'=RSB_M4_CONJ_SYM(mtype,ttransposition,k_symmetry)( `a_'``''LI)*bt;
+-dnl   `mtype c_'``''LI`'=RSB_M4_CONJ(( `a_'``''LI *bt 
),mtype,transposition,k_symmetry);
++dnl   `mtype c_'``''LI`'=RSB_M4_CONJ(( 
`a_'``''LI),mtype,transposition,k_symmetry) *bt ;
+ dnl
+ ',`dnl
+   cacc += 
RSB_M4_CONJ_SYM(mtype,ntransposition,k_symmetry)(`a_'``''LI)*b_``''LI;
+@@ -942,9 +942,9 @@ dnl
+   if(k

Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1

[Luca Boccassi]

On Sun, 2017-07-30 at 23:19 +0100, Luca Boccassi wrote:
> Control: tags -1 - moreinfo
> 
> On Sun, 2017-07-30 at 23:04 +0100, Adam D. Barratt wrote:
> > Control: tags -1 + moreinfo
> > 
> > On Wed, 2017-07-26 at 22:51 +0100, Luca Boccassi wrote:
> > > The non-free proprietary nvidia-graphics-drivers version 375.66
> > > in
> > > Stretch is affected by CVE-2017-6257 and CVE-2017-6259. Debian
> > > bug:
> > > 
> > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783
> > > 
> > > Please consider allowing the new upstream version 375.82, which
> > > fixes
> > > these CVEs, in proposed-updates. As usual with these proprietary
> > > drivers, we cannot just cherry-pick the fixes for the CVEs as
> > > they
> > > are
> > > in the binary blobs.
> > > 
> > > I have tested this new version on a Stretch amd64 desktop and
> > > didn't
> > > encounter any issue.
> > > 
> > > The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached.
> > 
> > While I'm sure it's probably fine, could we have a diff of the
> > proposed
> > 375.82-1~deb9u1, as built and tested on stretch, please?
> > 
> > Regards,
> > 
> > Adam
> 
> Hi Adam,
> 
> There were no changes when I opened the bug apart from the new
> changelog entry.
> 
> Andreas has since committed 2 small fixes to the changelog as well,
> inlined, just minor clarifications. I still find the way upstream
> compiles their changelog quite confusing and often make mistakes when
> copying over :-)
> 
> Kind regards,
> Luca Boccassi

To further clarify, the debdiff I attached originally is the one from
the source I built and tested on Stretch.

Kind regards,
Luca Boccassi

signature.asc
Description: This is a digitally signed message part

Bug#870181: stretch-pu: package bareos/16.2.4-3+deb9u1

[Felix Geyer]

On 30.07.2017 23:41, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
> 
> On Sun, 2017-07-30 at 21:41 +0200, Felix Geyer wrote:
>> I'd like to fix three bugs in bareos for stretch:
>>
>> * Fix permissions of bareos-dir logrotate config on upgrade. (Closes: 
>> #864926)
>>
>> Removes executable permission for upgrades from < 15.2.2-1.
>>
>> * Remove duplicate config check call in the init script.
>>
>> Avoids warning when /etc/bareos/bareos-dir.conf doesn't exist.
>> It's harmless but might confuse admins.
>>
>> * Fix file corruption when using SHA1 signature. (Closes: #869608)
>>
>> Serious bug, data corruption of backups.
> 
> So far as I can tell, the first two of these also affect the package in
> unstable - is that correct?

Uh, you are right of course. Not sure how I missed that. Thanks for checking!
I've just upload 16.2.6-3 with those changes to unstable.

While looking further into it I noticed that the version check in
bareos-director.postinst is wrong.
Instead of 15.2.2-1~ it should be 16.2.4-3+deb9u1~

Felix

Bug#870202: mosh-server failing to start with a missing symbol

[Keith Winstein]

Thank you for this report. Is it possible you have a different version of
libprotobuf in your LD_LIBRARY_PATH, or a different version of mosh-server
in your PATH?

(Do you have anything related to libprotobuf in /usr/local ?)

On Sun, Jul 30, 2017 at 2:40 PM, Ivan Vucica  wrote:

> Package: mosh
> Version: 1.2.6-1+b2
> Severity: important
>
> Dear Maintainer,
>
> Yesterday I updated almost all of my system to stretch / stable.
> (Stragglers
> include things like php which might break some of my projects.)
>
> Today I am no longer able to connect to my server with mosh. Running
> mosh-server manually results in:
>
>   mosh-server: symbol lookup error: mosh-server: undefined symbol: _
> ZNK6google8protobuf11MessageLite25InitializationErrorStringB5cxx11Ev
>
> Perhaps there is some incompatibility with libprotobuf?
>
> Could we please patch stretch / stable?
>
> -- System Information:
> Debian Release: 9.1
>   APT prefers stable
>   APT policy: (500, 'stable')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
> Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968), LANGUAGE=en_US:en
> (charmap=ANSI_X3.4-1968)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages mosh depends on:
> ii  dpkg1.18.24
> ii  libc6   2.24-11+deb9u1
> ii  libgcc1 1:6.3.0-18
> ii  libprotobuf10   3.0.0-9
> ii  libssl1.1   1.1.0f-3
> ii  libstdc++6  6.3.0-18
> ii  libtinfo5   6.0+20161126-1
> ii  libutempter01.1.6-3
> ii  openssh-client  1:7.4p1-10+deb9u1
> ii  zlib1g  1:1.2.8.dfsg-5
>
> Versions of packages mosh recommends:
> ii  perl-base [libio-socket-ip-perl]  5.24.1-3+deb9u1
>
> mosh suggests no packages.
>
> -- no debconf information
>

Bug#870204: RFS: openfst/1.6.3-1 -- weighted finite-state transducers library

[Giulio Paci]

Package: sponsorship-requests
Severity: wishlist
X-Debbugs-CC: jw...@debian.org


Dear Jakub,

I am looking for a sponsor for my package "openfst".

 * Package name: openfst
   Version : 1.6.3-1
   Upstream Author : Cyril Allauzen , Michael Riley 

 * URL : http://www.openfst.org/
 * License : Apache-2.0
   Section : libs

It builds these binary packages:

libfst-tools - weighted finite-state transducers library (tools)
libfst8 - weighted finite-state transducers library (runtime)
libfst8-plugins-base -  weighted finite-state transducers library (base 
plugins)
libfst-dev - weighted finite-state transducers library (development)

To access further information about this package, please visit the
following Vcs URL:

 https://anonscm.debian.org/git/collab-maint/openfst.git

Regards,
   Giulio Paci



signature.asc
Description: OpenPGP digital signature

Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1

[Luca Boccassi]

Control: tags -1 - moreinfo

On Sun, 2017-07-30 at 23:04 +0100, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
> 
> On Wed, 2017-07-26 at 22:51 +0100, Luca Boccassi wrote:
> > The non-free proprietary nvidia-graphics-drivers version 375.66 in
> > Stretch is affected by CVE-2017-6257 and CVE-2017-6259. Debian bug:
> > 
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783
> > 
> > Please consider allowing the new upstream version 375.82, which
> > fixes
> > these CVEs, in proposed-updates. As usual with these proprietary
> > drivers, we cannot just cherry-pick the fixes for the CVEs as they
> > are
> > in the binary blobs.
> > 
> > I have tested this new version on a Stretch amd64 desktop and
> > didn't
> > encounter any issue.
> > 
> > The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached.
> 
> While I'm sure it's probably fine, could we have a diff of the
> proposed
> 375.82-1~deb9u1, as built and tested on stretch, please?
> 
> Regards,
> 
> Adam

Hi Adam,

There were no changes when I opened the bug apart from the new
changelog entry.

Andreas has since committed 2 small fixes to the changelog as well,
inlined, just minor clarifications. I still find the way upstream
compiles their changelog quite confusing and often make mistakes when
copying over :-)

Kind regards,
Luca Boccassi


@@ -1,14 +1,18 @@
+nvidia-graphics-drivers (375.82-1~deb9u1) stretch; urgency=medium
+
+  * Rebuild for stretch.
+
+ -- Luca Boccassi   Sun, 30 Jul 2017 23:09:12 +0100
+
 nvidia-graphics-drivers (375.82-1) unstable; urgency=high
 
   * New upstream long lived branch release 375.82 (2017-07-24).
 * Fixed CVE-2017-6257, CVE-2017-6259.  (Closes: #869783)
-- Fix a bug with GLX_EXT_buffer_age where incorrect buffer age values would
-  be reported for SLI AFR configurations. In such configurations buffer age
-  may now be greater than 3, the previous maximum buffer age.
+- Fix a bug with GLX_EXT_buffer_age where incorrect buffer age values
+  would be reported for SLI AFR configurations. In such configurations
+  buffer age may now be greater than 3, the previous maximum buffer age.
 - Fixed a bug that could cause hanging and Xids when performing RandR
   transforms with Overlay and SLI enabled.
-- Improved handling of framebuffer console restore on systems booted in
-  UEFI mode.
 - Extended the information reported by the NVIDIA Xinerama X extension to
   report PRIME displays in addition to directly-connected displays.
 - Fixed a bug that caused HDMI audio devices to appear or disappear
@@ -15,17 +19,13 @@
   inconsistently when HDMI devices were hotplugged or unplugged.
 - Fixed a bug that could cause driver errors when setting modes on X
   screens running at Depth 8 or Depth 15.
+- Added support for the following GPUs: GeForce GTX 1080 with Max-Q
+  Design, GeForce GTX 1070 with Max-Q Design,
+  GeForce GTX 1060 with Max-Q Design.
 - Fixed a bug that could cause intermittent kernel panics when running with
   PRIME Sync.
-- Fixed a bug that caused a kernel panic when hotplugging HDMI displays on
-  some Zotac mini PCs.
-- Updated nvidia-installer to label kernel modules with SELinux file type
-  'modules_object_t'. Some system SELinux policies only permit loading of
-  kernel modules with this SELinux file type.
-- Removed support for checking for and downloading updated driver packages
-  and precompiled kernel interfaces from nvidia-installer. This
-  functionality was limited to unencrypted ftp and http, and was
-  implemented using code that is no longer actively maintained.
+- Fixed a bug that caused a kernel panic when hotplugging HDMI displays
+  on some Zotac mini PCs.
 
   [ Andreas Beckmann ]
   * nvidia-kernel-dkms: Honor parallel setting from dkms.  (Closes: #864639)
@@ -33,7 +33,7 @@
   * Switch watch URL from ftp:// to https://.  (Closes: #868815)
 
   [ Luca Boccassi ]
-  * Add support for buster/sid in nvidia-detect.  (Closes: #866126)
+  * Add support for buster in nvidia-detect.  (Closes: #866126)
   * Update symbols files.
 
  -- Luca Boccassi   Wed, 26 Jul 2017 21:42:00 +0100

signature.asc
Description: This is a digitally signed message part

Bug#869667: stretch-pu: package xkeyboard-config/2.19-1

[Adam D. Barratt]

Control: tags -1 + moreinfo d-i

On Tue, 2017-07-25 at 19:20 +0530, Pirate Praveen wrote:
> This fixes serious bug #865316 (all Indic language users were unable to
> select their keyboard layouts in stretch introducing a regression. This
> was caused by an earlier commit upstream which blacklisted Indic
> keyboard layouts, upstream was convinced it was a mistake and reverted
> the blacklist. This update applies that patch to debian package so
> stretch users can type using Indic language keyboards again).

This looks okay to me, other than this noise in the diff:

--- xkeyboard-config-2.19.orig/debian/files
+++ xkeyboard-config-2.19/debian/files
@@ -0,0 +1 @@
+xkeyboard-config_2.19-1.1_source.buildinfo x11 extra

As the package produces a udeb, this will need an ack from the d-i RM as
well; CCing appropriately.

Regards,

Adam

Bug#869754: stretch-pu: package node-dateformat/1.0.11-3

[Adam D. Barratt]

Control: tags -1 + confirmed

On Wed, 2017-07-26 at 12:29 +0530, Sruthi Chandran wrote:
> This fixes RC bug #863934. debdiff attached.

Please go ahead.

Regards,

Adam

Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1

[Adam D. Barratt]

Control: tags -1 + moreinfo

On Wed, 2017-07-26 at 22:51 +0100, Luca Boccassi wrote:
> The non-free proprietary nvidia-graphics-drivers version 375.66 in
> Stretch is affected by CVE-2017-6257 and CVE-2017-6259. Debian bug:
> 
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783
> 
> Please consider allowing the new upstream version 375.82, which fixes
> these CVEs, in proposed-updates. As usual with these proprietary
> drivers, we cannot just cherry-pick the fixes for the CVEs as they are
> in the binary blobs.
> 
> I have tested this new version on a Stretch amd64 desktop and didn't
> encounter any issue.
> 
> The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached.

While I'm sure it's probably fine, could we have a diff of the proposed
375.82-1~deb9u1, as built and tested on stretch, please?

Regards,

Adam

Bug#869772: stretch-pu: package node-brace-expansion/1.1.6-1

[Adam D. Barratt]

Control: tags -1 + confirmed

On Wed, 2017-07-26 at 16:06 +0530, Sruthi Chandran wrote:
> This fixes security bug #862712 - regular expression denial of service.
> debdiff attached.

Please go ahead.

Regards,

Adam

Bug#864028: stretch-pu: package flatpak 0.8.7-1~deb9u1

[Adam D. Barratt]

Control: tags -1 + confirmed

On Thu, 2017-07-27 at 07:28 +0100, Simon McVittie wrote:
> Hi,
> Now that stretch r1 is out, can this update be considered for r2?
> 
> Filtered diff (patched tree in security vs. what I propose) in
> https://lists.debian.org/debian-release/2017/07/msg00555.html aka
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864028#57 aka
> Message-ID: <20170715163609.nemdxrefaeird...@perpetual.pseudorandom.co.uk>.
> Notes on the differences and what I filtered are in the same mail.
> 
> I would also be happy to add the equivalent of
> https://anonscm.debian.org/git/collab-maint/flatpak.git/diff/?id=debian/0.8.7-2=debian/0.8.7-1
> to make this flatpak compatible with buster's libostree, if the SRMs
> would be OK with that; that would turn it into 0.8.7-2~deb9u1. The
> relevant commits will be in upstream release 0.8.8 eventually.

That sounds okay to me. Sorry for the delay in getting back to you.

Regards,

Adam

Bug#870203: dune-grid FTBFS on mips: test-ug (Timeout)

[Adrian Bunk]

Source: dune-grid
Version: 2.5.1-1
Severity: serious

https://buildd.debian.org/status/fetch.php?pkg=dune-grid=mips=2.5.1-1=1500401835=0

...
  Start 31: test-ug
31/60 Test #31: test-ug 
...***Timeout 300.02 sec
Testing UGGrid<2> and UGGrid<3> with red/green refinement
DimX=1, DimY=1, DimZ=1
DimX=1, DimY=1, DimZ=1
WARNING: Entities for codim 1 are not being tested!
WARNING: Entities for codim 1 are not being tested!
Lifetime / consistency check for entities, codim 0
WARNING! Requested check of first 32 entities, but grid view only contains 11 
entities
SKIPPING lifetime / consistency check for missing entities, codim 1
Lifetime / consistency check for entities, codim 2
WARNING! Requested check of first 32 entities, but grid view only contains 16 
entities
Intersection Lifetime / consistency check
WARNING! Requested check of intersections for first 32 elements, but grid view 
only contains 11 elements
Lifetime / consistency check for entities, codim 0
WARNING! Requested check of first 32 entities, but grid view only contains 11 
entities
SKIPPING lifetime / consistency check for missing entities, codim 1
Lifetime / consistency check for entities, codim 2
WARNING! Requested check of first 32 entities, but grid view only contains 16 
entities
Intersection Lifetime / consistency check
WARNING! Requested check of intersections for first 32 elements, but grid view 
only contains 11 elements
WARNING: Entities for codim 2 are not being tested!
WARNING: Entities for codim 1 are not being tested!
WARNING: Entities for codim 2 are not being tested!
WARNING: Entities for codim 1 are not being tested!
Lifetime / consistency check for entities, codim 0
SKIPPING lifetime / consistency check for missing entities, codim 1
SKIPPING lifetime / consistency check for missing entities, codim 2
Lifetime / consistency check for entities, codim 3
Intersection Lifetime / consistency check
Lifetime / consistency check for entities, codim 0
SKIPPING lifetime / consistency check for missing entities, codim 1
SKIPPING lifetime / consistency check for missing entities, codim 2
Lifetime / consistency check for entities, codim 3
Intersection Lifetime / consistency check
WARNING: Entities for codim 1 are not being tested!
WARNING: Entities for codim 1 are not being tested!
WARNING: Entities for codim 1 are not being tested!
Lifetime / consistency check for entities, codim 0
WARNING! Requested check of first 32 entities, but grid view only contains 18 
entities
SKIPPING lifetime / consistency check for missing entities, codim 1
Lifetime / consistency check for entities, codim 2
WARNING! Requested check of first 32 entities, but grid view only contains 21 
entities
Intersection Lifetime / consistency check
WARNING! Requested check of intersections for first 32 elements, but grid view 
only contains 18 elements
Lifetime / consistency check for entities, codim 0
WARNING! Requested check of first 32 entities, but grid view only contains 18 
entities
SKIPPING lifetime / consistency check for missing entities, codim 1
Lifetime / consistency check for entities, codim 2
WARNING! Requested check of first 32 entities, but grid view only contains 21 
entities
Intersection Lifetime / consistency check
WARNING! Requested check of intersections for first 32 elements, but grid view 
only contains 18 elements
WARNING: Entities for codim 2 are not being tested!
WARNING: Entities for codim 1 are not being tested!
WARNING: Entities for codim 2 are not being tested!
WARNING: Entities for codim 1 are not being tested!
WARNING: Entities for codim 2 are not being tested!
WARNING: Entities for codim 1 are not being tested!
Lifetime / consistency check for entities, codim 0
SKIPPING lifetime / consistency check for missing entities, codim 1
SKIPPING lifetime / consistency check for missing entities, codim 2
Lifetime / consistency check for entities, codim 3
Intersection Lifetime / consistency check
Lifetime / consistency check for entities, codim 0
SKIPPING lifetime / consistency check for missing entities, codim 1
SKIPPING lifetime / consistency check for missing entities, codim 2
Lifetime / consistency check for entities, codim 3
Intersection Lifetime / consistency check
WARNING: Entities for codim 1 are not being tested!
WARNING: Entities for codim 1 are not being tested!
WARNING: Entities for codim 1 are not being tested!
WARNING: Entities for codim 1 are not being tested!
Lifetime / consistency check for entities, codim 0
SKIPPING lifetime / consistency check for missing entities, codim 1
Lifetime / consistency check for entities, codim 2
Intersection Lifetime / consistency check
Lifetime / consistency check for entities, codim 0
SKIPPING lifetime / consistency check for missing entities, codim 1
Lifetime / consistency check for entities, codim 2
Intersection Lifetime / consistency check
WARNING: Entities for codim 2 are not being tested!
WARNING: Entities for codim 1 are not being tested!
WARNING: Entities for 

Bug#869920: stretch-pu: package whois/5.2.17+deb9u1

[Adam D. Barratt]

Control: tags -1 + confirmed

On Thu, 2017-07-27 at 17:51 +0200, Marco d'Itri wrote:
> ICANN mandated a whois output change that broke the .com, .net, .jobs, 
> .bz, .cc and .tv gTLDs, so we need a stable update.
> At the same time I would also like to fix support for 6to4 IP addresses, 
> which I forgot to upload in time for the release.
> The other changes are just database updates.

+whois (5.2.17+deb9u1) unstable; urgency=high

That wants to be 5.2.17~deb9u1 (to be lower than the unstable upload),
with a distribution of "stretch", please.

With those changes, feel free to upload.

Regards,

Adam

Bug#868609: le FTBFS with latest ncurses

[Thomas Dickey]

On Wed, Jul 26, 2017 at 05:18:57AM -0400, Thomas Dickey wrote:
> On Tue, Jul 25, 2017 at 01:19:16PM +0300, Alexander V. Lukyanov wrote:
> > On Tue, Jul 25, 2017 at 04:55:54AM -0400, Thomas Dickey wrote:
> > > > > e) fix a different fail-to-build with the opaque TERMTYPE
> > > >
> > > > I don't see how these lines are equivalent:
> > > >
> > > > -   TERMTYPE *tp = _term->type;
> > > > +   TERMTYPE *tp = (TERMTYPE *)(_term);
> > >
> > > They're the same because the first member of TERMINAL happens to be
> > > a TERMTYPE, and since TERMINAL is opaque in current code (so you
> > > cannot refer to the "type" member any longer).
> > 
> > But shouln't it be (TERMTYPE *)(cur_term) ?
> 
> hmm - I agree that doesn't look right (the problem with casts).
> I'm surprised it worked.

attaching an improved patch (with some additional compiler-warning fixes)

sadly enough, either way the cast gives no warnings, and the program
appears to run.

also attaching a copy of valgrind log from running the program with
the _nc_free_and_exit function turned on (just from opening a file,
looking at some menus and quitting - ymmv).

> > Is there a new function or macro to get current TERMTYPE, so that I could
> > use it if available?
> 
> Not syntactically the same.  This is what I use in term.h:
> 
> /* The cast works because TERMTYPE is the first data in TERMINAL */
> #define CUR ((TERMTYPE *)(cur_term))->

I'm reluctant to add a new function for accessing things that "should"
just work: the definitions in term.h are the defined interface, and
providing a function to access those in a different way doesn't seem
a good solution.

Of course, if that structure hadn't happened to be first in TERMINAL,
I'd have had to provide a function, just to keep TERMINAL opaque.

Since I'm keeping binary compatibility (aside from preventing applications
from knowing how large TERMINAL is), it's good enough for now.

-- 
Thomas E. Dickey 
http://invisible-island.net
ftp://invisible-island.net
# ftp://invisible-island.net/temp/le-1.16.3-fix2.patch.gz
# patch by Thomas E. Dickey 
# created  Sun Jul 30 21:45:33 UTC 2017
# --
# color.cc |6 +++---
# edit.cc  |   26 ++
# keymap.cc|4 ++--
# keynames.cc  |2 +-
# make-mainmenu.pl |2 +-
# regex.c  |   10 --
# 6 files changed, 33 insertions(+), 17 deletions(-)
# --
Index: src/color.cc
--- le-1.16.3/src/color.cc	2013-03-18 13:44:31.0 +
+++ le-1.16.3-fix2/src/color.cc	2017-07-22 12:42:26.0 +
@@ -33,7 +33,7 @@
 int   can_use_default_colors;
 
 int   next_pair;
-static int find_pair(int fg,int bg)
+static int find_or_init_pair(int fg,int bg)
 {
if(!can_use_default_colors)
{
@@ -67,7 +67,7 @@
   attr_table[an].n_attr=0;
   if(pal[i].fg!=NO_COLOR || pal[i].bg!=NO_COLOR)
   {
-	 pair=find_pair(pal[i].fg,pal[i].bg);
+	 pair=find_or_init_pair(pal[i].fg,pal[i].bg);
 	 attr_table[an].n_attr|=COLOR_PAIR(pair);
   }
   attr_table[an].n_attr|=pal[i].attr;
@@ -94,7 +94,7 @@
 	 else
 	 {
 	attr_table[i].so_attr=(attr_table[i].n_attr|hl->attr)&~A_COLOR;
-	pair=find_pair(hl->fg,pal[p].bg);
+	pair=find_or_init_pair(hl->fg,pal[p].bg);
 	attr_table[i].so_attr|=COLOR_PAIR(pair);
 	 }
   }
Index: src/edit.cc
--- le-1.16.3/src/edit.cc	2015-12-03 07:15:40.0 +
+++ le-1.16.3-fix2/src/edit.cc	2017-07-22 13:15:35.0 +
@@ -53,6 +53,15 @@
 # define fcntl(x,y,z)	(0)
 #endif
 
+#ifdef HAVE__NC_FREE_AND_EXIT
+extern "C" {
+extern void _nc_free_and_exit(int);
+#define ExitProgram(code) _nc_free_and_exit(code)
+};
+#else
+#define ExitProgram(code) exit(code)
+#endif
+
 #include 
 #include "localcharset.h"
 
@@ -385,7 +394,7 @@
if(le_scr==NULL)
{
   fprintf(stderr,"le: newterm() failed. Check your $TERM variable.\n");
-  exit(1);
+  ExitProgram(1);
}
 #endif
 
@@ -529,7 +538,7 @@
 
TermCurses();
 
-   exit(0);
+   ExitProgram(0);
 }
 
 void  PrintUsage(int arg)
@@ -557,7 +566,7 @@
 	  "\n"
 	  "The last file will be loaded. If no files specified, last readable file\n"
 	  "from history will be loaded if the path is relative or it is the last.\n");
-   exit(1);
+   ExitProgram(1);
 }
 
 #if USE_MULTIBYTE_CHARS
@@ -680,19 +689,19 @@
 	 break;
   case('?'):
 	 fprintf(stderr,"%s: Try `%s --help' for more information\n",Program,argv[0]);
-	 exit(1);
+	 ExitProgram(1);
   case(DUMP_KEYMAP):
 	 WriteActionMap(stdout);
-	 exit(0);
+	 ExitProgram(0);
   case(DUMP_COLORS):
 	 DumpDefaultColors(stdout);
-	 exit(0);
+	 ExitProgram(0);
   case(PRINT_HELP):
 	 PrintUsage(0);
-	 exit(0);
+	 ExitProgram(0);
   case(PRINT_VERSION):
 	 PrintVersion();
-	 exit(0);
+	 ExitProgram(0);
   case(USE_MMAP):
 	 opt_use_mmap=1;
 	 

Bug#869949: jessie-pu: package ipsec-tools/1:0.8.2+20140711-2+deb8u1

[Adam D. Barratt]

Control: tags -1 + confirmed

On Thu, 2017-07-27 at 15:01 -0700, Noah Meyerhans wrote:
> I'd like to update ipsec-tools in the next oldstable point release to
> address a security vulnerability in which a remote unauthenticated
> attacker could cause racoon to exhause CPU resources resulting in a
> denial-of-service. Because the issue has been known for some time, the
> security team does not feel that this warrants a DSA. Instead it should
> be updated via (old)stable-updates. See
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867986 for details.

+ipsec-tools (1:0.8.2+20140711-2+deb8u2) oldstable; urgency=medium

We'd prefer that codenames were used for changelog distributions - i.e.
"jessie" here.

Please go ahead.

Regards,

Adam

Bug#869991: jessie-pu: package slurm-llnl/14.03.9-5

[Adam D. Barratt]

Control: tags -1 + confirmed

On Fri, 2017-07-28 at 15:40 +0200, Gennaro Oliva wrote:
> I'd like to update slurm-llnl in the next oldstable point release to
> address a vulnerability in how the slurmd daemon informs users of
> a Prolog failure on a compute node. That vulnerability could allow a
> user to assume control of an arbitrary file on the system. Any
> exploitation of this is dependent on the user being able to cause or
> anticipate the failure (non-zero return code) of a Prolog script that
> their job would run on (CVE-2016-10030).

+slurm-llnl (14.03.9-5+deb8u1) jessie-security; urgency=high

The distribution there wants to be "jessie". With that change, please go
ahead.

Regards,

Adam

Bug#869966: stretch-pu: package gosa-plugin-mailaddress/0.99.5-2+deb9u1

[Adam D. Barratt]

Control: tags -1 + confirmed

On Fri, 2017-07-28 at 10:59 +0200, Mike Gabriel wrote:
> Vincent Danjean spotted a flaw in gosa-plugin-mailaddress, recently, that 
> relates to the
> renaming of class constructor names as required with PHP 7.
> 
> The attached .debdiff fixes this issue for Debian stretch. Please accept the 
> .debdiff as
> a stretch-pu upload candidate.

+gosa-plugin-mailaddress (0.99.5-2+deb9u1) stretch-proposed-updates; 
urgency=medium

The preferred changelog distribution is simply "stretch".

Please go ahead.

Regards,

Adam

Bug#870202: mosh-server failing to start with a missing symbol

[Ivan Vucica]

Package: mosh
Version: 1.2.6-1+b2
Severity: important

Dear Maintainer,

Yesterday I updated almost all of my system to stretch / stable. (Stragglers
include things like php which might break some of my projects.)

Today I am no longer able to connect to my server with mosh. Running
mosh-server manually results in:

  mosh-server: symbol lookup error: mosh-server: undefined symbol: 
_ZNK6google8protobuf11MessageLite25InitializationErrorStringB5cxx11Ev

Perhaps there is some incompatibility with libprotobuf?

Could we please patch stretch / stable?

-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968), LANGUAGE=en_US:en 
(charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages mosh depends on:
ii  dpkg1.18.24
ii  libc6   2.24-11+deb9u1
ii  libgcc1 1:6.3.0-18
ii  libprotobuf10   3.0.0-9
ii  libssl1.1   1.1.0f-3
ii  libstdc++6  6.3.0-18
ii  libtinfo5   6.0+20161126-1
ii  libutempter01.1.6-3
ii  openssh-client  1:7.4p1-10+deb9u1
ii  zlib1g  1:1.2.8.dfsg-5

Versions of packages mosh recommends:
ii  perl-base [libio-socket-ip-perl]  5.24.1-3+deb9u1

mosh suggests no packages.

-- no debconf information

Bug#870201: Use better compression for udebs?

[Adrian Bunk]

Package: debhelper
Version: 10.2.5
Severity: normal

Following up on an observation I made in #868674:

udebs are currently compressed with "xz -1 -extreme",
while normal packages are compressed with "xz -6".

"xz -1" requires 2 MiB memory for decompression and
"xz -6" requires 9 MiB memory for decompression.

Is there any situation left where these 7 MiB difference still matter?

Is there is no situation left where 9 MiB memory usage for
decompression are a problem, then "xz -6 -extreme" would
be a better choice.

Bug#870181: stretch-pu: package bareos/16.2.4-3+deb9u1

[Adam D. Barratt]

Control: tags -1 + moreinfo

On Sun, 2017-07-30 at 21:41 +0200, Felix Geyer wrote:
> I'd like to fix three bugs in bareos for stretch:
> 
> * Fix permissions of bareos-dir logrotate config on upgrade. (Closes: #864926)
> 
> Removes executable permission for upgrades from < 15.2.2-1.
> 
> * Remove duplicate config check call in the init script.
> 
> Avoids warning when /etc/bareos/bareos-dir.conf doesn't exist.
> It's harmless but might confuse admins.
> 
> * Fix file corruption when using SHA1 signature. (Closes: #869608)
> 
> Serious bug, data corruption of backups.

So far as I can tell, the first two of these also affect the package in
unstable - is that correct?

Regards,

Adam

Bug#870178: jessie-pu: package bareos/14.2.1+20141017gitc6c5b56-3+deb8u3

[Adam D. Barratt]

Control: tags -1 + moreinfo

On Sun, 2017-07-30 at 21:42 +0200, Felix Geyer wrote:
> On Sun, 30 Jul 2017 21:37:20 +0200 Felix Geyer  wrote:
> > debdiff is attached.
> 
> Now for real.

So far as I can tell, the logrotate issues also affects the package in
unstable - is that correct?

Regards,

Adam

Bug#790201: geany-plugins: diff for NMU version 1.31+dfsg-1.1

[Adrian Bunk]

Control: tags 790201 + patch
Control: tags 790201 + pending

Dear maintainer,

I've prepared an NMU for geany-plugins (versioned as 1.31+dfsg-1.1) and
uploaded it to DELAYED/14.

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

diff -Nru geany-plugins-1.31+dfsg/debian/changelog geany-plugins-1.31+dfsg/debian/changelog
--- geany-plugins-1.31+dfsg/debian/changelog	2017-07-24 19:55:40.0 +0300
+++ geany-plugins-1.31+dfsg/debian/changelog	2017-07-30 23:54:55.0 +0300
@@ -1,3 +1,12 @@
+geany-plugins (1.31+dfsg-1.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Disable the devhelp, markdown and webhelper plugins due to
+their dependency on an obsolete WebKitGTK+ version.
+(Closes: #790201)
+
+ -- Adrian Bunk   Sun, 30 Jul 2017 23:54:55 +0300
+
 geany-plugins (1.31+dfsg-1) unstable; urgency=medium
 
   * [b9b8fe5] New upstream version 1.31+dfsg
diff -Nru geany-plugins-1.31+dfsg/debian/control geany-plugins-1.31+dfsg/debian/control
--- geany-plugins-1.31+dfsg/debian/control	2017-07-24 19:55:40.0 +0300
+++ geany-plugins-1.31+dfsg/debian/control	2017-07-30 23:54:44.0 +0300
@@ -18,16 +18,15 @@
python-docutils,
libxml2-dev (>= 2.6.27),
libsoup2.4-dev (>= 2.4.0),
-   libwebkitgtk-dev (>= 1.1.18) | libwebkit-dev (>= 1.1.18),
libgdk-pixbuf2.0-dev (>= 2.0),
libgpgme11-dev,
libvte-dev (>= 1:0.24),
libwnck-dev (>= 2.10.0),
libgconf2-dev (>= 2.6.0),
-   libmarkdown2-dev,
libgit2-dev,
python-gtk2-dev,
valac (>= 0.7.0)
+Build-Conflicts: libwebkitgtk-dev
 Standards-Version: 3.9.8
 Homepage: http://plugins.geany.org
 Vcs-Git: https://anonscm.debian.org/git/pkg-geany/packages/geany-plugins.git
@@ -44,7 +43,6 @@
  geany-plugin-ctags (>= ${source:Version}),
  geany-plugin-debugger (>= ${source:Version}),
  geany-plugin-defineformat (>= ${source:Version}),
- geany-plugin-devhelp (>= ${source:Version}),
  geany-plugin-doc (>= ${source:Version}),
  geany-plugin-extrasel (>= ${source:Version}),
  geany-plugin-gendoc (>= ${source:Version}),
@@ -56,7 +54,6 @@
  geany-plugin-lua (>= ${source:Version}),
  geany-plugin-lineoperations (>= ${source:Version}),
  geany-plugin-macro (>= ${source:Version}),
- geany-plugin-markdown (>= ${source:Version}),
  geany-plugin-miniscript (>= ${source:Version}),
  geany-plugin-multiterm (>= ${source:Version}),
  geany-plugin-overview (>= ${source:Version}),
@@ -76,7 +73,6 @@
  geany-plugin-spellcheck (>= ${source:Version}),
  geany-plugin-treebrowser (>= ${source:Version}),
  geany-plugin-updatechecker (>= ${source:Version}),
- geany-plugin-webhelper (>= ${source:Version}),
  geany-plugin-xmlsnippets (>= ${source:Version}),
  ${misc:Depends}
 Description: set of plugins for Geany
@@ -257,22 +253,22 @@
  Geany is a small and lightweight integrated development environment using the
  Gtk+ toolkit.
 
-Package: geany-plugin-devhelp
-Enhances: geany
-Architecture: any
-Depends: ${geany:ABI}, geany-plugins-common (= ${source:Version}),
- ${shlibs:Depends}, ${misc:Depends}
-Description: DevHelp plugin for Geany
- This plugin embeds an API documentation browser and search functionality
- directly into Geany's user interface.
- .
- Devhelp is an API documentation browser mainly aimed at GNOME-related
- libraries, although there are Devhelp books for a wide range of library
- APIs. Check your package manager and/or Google and you should have no trouble
- finding books that can be viewed with Devhelp.
- .
- Geany is a small and lightweight integrated development environment using the
- GTK+ toolkit.
+#Package: geany-plugin-devhelp
+#Enhances: geany
+#Architecture: any
+#Depends: ${geany:ABI}, geany-plugins-common (= ${source:Version}),
+# ${shlibs:Depends}, ${misc:Depends}
+#Description: DevHelp plugin for Geany
+# This plugin embeds an API documentation browser and search functionality
+# directly into Geany's user interface.
+# .
+# Devhelp is an API documentation browser mainly aimed at GNOME-related
+# libraries, although there are Devhelp books for a wide range of library
+# APIs. Check your package manager and/or Google and you should have no trouble
+# finding books that can be viewed with Devhelp.
+# .
+# Geany is a small and lightweight integrated development environment using the
+# GTK+ toolkit.
 
 Package: geany-plugin-doc
 Enhances: geany
@@ -457,16 +453,16 @@
  Geany is a small and lightweight integrated development environment using the
  Gtk+ toolkit.
 

Bug#870200: mariadb-server-10.1: jessie --> stretch: starting mariadb impossible (Failed at step NAMESPACE spawning /usr/bin/install: Value too large for defined data type)

[oxi]

Package: mariadb-server-10.1
Version: 10.1.23-9+deb9u1
Severity: important

Dear Maintainer,

Good evening everyone. I just just upgraded fromJessie to stretch and cannot 
install/run mariadb at all.
*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation? Updating jessie to stretch
   * What exactly did you do (or not do) that was effective (or
 ineffective)? apt dist-upgrade, I had mysqlserver 5.5 in use before
   * What was the outcome of this action? running sql server
   * What outcome did you expect instead? failed to install/start

It fails at installation already. apt install -f gives:
root@h1342773:~# apt install -f
Reading package lists... Done
Building dependency tree   
Reading state information... Done
The following packages were automatically installed and are no longer required:
[...]
Use 'apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Setting up mariadb-server-10.1 (10.1.23-9+deb9u1) ...
Job for mariadb.service failed because the control process exited with error 
code.
See "systemctl status mariadb.service" and "journalctl -xe" for details.
invoke-rc.d: initscript mysql, action "start" failed.
* mariadb.service - MariaDB database server
   Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: 
enabled)
   Active: failed (Result: exit-code) since Sun 2017-07-30 23:09:56 CEST; 14ms 
ago
  Process: 3119 ExecStartPre=/usr/bin/install -m 755 -o mysql -g root -d 
/var/run/mysqld (code=exited, status=226/NAMESPACE)
dpkg: error processing package mariadb-server-10.1 (--configure):
 subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
 mariadb-server-10.1
E: Sub-process /usr/bin/dpkg returned an error code (1)


If I try to start manually, it gives
root@h1342773:~# mysqld  
2017-07-30 23:14:23 3056408576 [Note] Using unique option prefix 'key_buffer' 
is error-prone and can break in the future. Please use the full name 
'key_buffer_size' instead.
2017-07-30 23:14:23 3056408576 [Note] mysqld (mysqld 10.1.23-MariaDB-9+deb9u1) 
starting as process 3171 ...
2017-07-30 23:14:23 3056408576 [Note] Using unique option prefix 
'myisam-recover' is error-prone and can break in the future. Please use the 
full name 'myisam-recover-options' instead.
2017-07-30 23:14:24 3056408576 [Note] InnoDB: Using mutexes to ref count buffer 
pool pages
2017-07-30 23:14:24 3056408576 [Note] InnoDB: The InnoDB memory heap is disabled
2017-07-30 23:14:24 3056408576 [Note] InnoDB: Mutexes and rw_locks use GCC 
atomic builtins
2017-07-30 23:14:24 3056408576 [Note] InnoDB: GCC builtin 
__atomic_thread_fence() is used for memory barrier
2017-07-30 23:14:24 3056408576 [Note] InnoDB: Compressed tables use zlib 1.2.8
2017-07-30 23:14:24 3056408576 [Note] InnoDB: Using Linux native AIO
2017-07-30 23:14:24 3056408576 [Note] InnoDB: Using generic crc32 instructions
2017-07-30 23:14:24 3056408576 [Note] InnoDB: Initializing buffer pool, size = 
512.0M
2017-07-30 23:14:24 3056408576 [Note] InnoDB: Completed initialization of 
buffer pool
2017-07-30 23:14:24 3056408576 [Note] InnoDB: Highest supported file format is 
Barracuda.
2017-07-30 23:14:24 3056408576 [Note] InnoDB: 128 rollback segment(s) are 
active.
2017-07-30 23:14:24 3056408576 [Note] InnoDB: Waiting for purge to start
2017-07-30 23:14:24 3056408576 [Note] InnoDB:  Percona XtraDB 
(http://www.percona.com) 5.6.35-80.0 started; log sequence number 4856681904
2017-07-30 23:14:24 3056408576 [Note] Plugin 'FEEDBACK' is disabled.
2017-07-30 23:14:24 1463786304 [Note] InnoDB: Dumping buffer pool(s) not yet 
started
2017-07-30 23:14:24 3056408576 [Note] Server socket created on IP: '127.0.0.1'.
2017-07-30 23:14:24 3056408576 [ERROR] Can't start server : Bind on unix 
socket: No such file or directory
2017-07-30 23:14:24 3056408576 [ERROR] Do you already have another mysqld 
server running on socket: /var/run/mysqld/mysqld.sock ?
2017-07-30 23:14:24 3056408576 [ERROR] Aborting

but /var/run/mysqld is not existing. Even when I create it manually it gives:
root@h1342773:~# mkdir /var/run/mysqld
root@h1342773:~# mysqld
2017-07-30 23:16:50 3056605184 [Note] Using unique option prefix 'key_buffer' 
is error-prone and can break in the future. Please use the full name 
'key_buffer_size' instead.
2017-07-30 23:16:50 3056605184 [Note] mysqld (mysqld 10.1.23-MariaDB-9+deb9u1) 
starting as process 3216 ...
2017-07-30 23:16:50 3056605184 [Note] Using unique option prefix 
'myisam-recover' is error-prone and can break in the future. Please use the 
full name 'myisam-recover-options' instead.
2017-07-30 23:16:50 3056605184 [Note] InnoDB: Using mutexes to ref count buffer 
pool pages
2017-07-30 23:16:50 3056605184 [Note] InnoDB: The InnoDB memory heap is disabled
2017-07-30 23:16:50 3056605184 

Bug#870199: lintian: file-contains-fixme-placeholder is "Certainty: certain" but has false positives

[Adrian Bunk]

Package: lintian
Version: 2.5.52
Severity: normal

E: geany-plugins source: file-contains-fixme-placeholder debian/control:119 
FIXME
N: 
N:This file appears to be incomplete or insufficiently modified as it
N:contains a "FIXME" placeholder text. These can often be generated by
N:package generation tools such as dh_make or npm2deb.
N:
N:Please double-check the file and replace the placeholder with the
N:required command or information.
N:
N:Severity: important, Certainty: certain
N:
N:Check: cruft, Type: source
N: 


That's a false positive:


Package: geany-plugin-addons
Source: geany-plugins
...
Description-en: miscellaneous plugins for Geany
 This plugin adds various small addons to Geany which aren't worth an
 individual plugin, but might still be useful for people.
  * DocList: This addon places a new item in the toolbar and when clicked
offers a menu listing all open files plus the 'Close All' and 'Close Other
Documents' menu items. This can be useful to quickly access open files and
switch to them.
  * OpenURI: Adds 'Open URI' and 'Copy URI' menu items to the editor menu when
the word under the cursor looks like a URI. 'Open URI' uses the browser
command configured in Geany to open it.
  * Tasks: The tasks plugin goes through a file being edited and picks out
lines with "TODO" or "FIXME" in them. It collects the text after those words
and puts them in a new "Tasks" tab in the message window. Clicking on a task
in that tab takes you to the line in the file where the task was defined.
  * Systray: Adds a status icon to the notification area (systray) and
provides a simple popup menu with some basic actions. It can also be used
to quickly show and hide the Geany main window.
 .
 Geany is a small and lightweight integrated development environment using the
 Gtk+ toolkit.

Bug#870195: Pending fixes for bugs in the golang-github-opentracing-contrib-go-stdlib package

[pkg-go-maintainers]

tag 870195 + pending
thanks

Some bugs in the golang-github-opentracing-contrib-go-stdlib package
are closed in revision 1e1a83f2c93a5e6a2e01bce488d18699533def27 in
branch 'debian/sid' by Martín Ferrari

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-go/packages/golang-github-opentracing-contrib-go-stdlib.git/commit/?id=1e1a83f

Commit message:

Initial release. Closes: #870195.

Bug#870198: xul-ext-sieve: Current Version 0.2.3d using an out-of-date API, please update to current Version 0.2.3k

[Jakobus Schürz]

Package: xul-ext-sieve
Version: 0.2.3d
Severity: important

Dear Maintainer,

The current Version from stretch doesn't work with Thunderbird 52.2.1.

>From the errorconsole:
[code]SyntaxError: missing ] after element list[Weitere Informationen]
SieveFilterEditor.js:140:42
DEPRECATION WARNING: The arguments you're passing to viewSource.xul are
using an out-of-date API.
You may find more details about this deprecation at:
https://developer.mozilla.org/en-US/Add-ons/Code_snippets/View_Source_for_XUL_Applications
[/code]

Please update this plugin in Stable-Repo to the current Version 0.2.3k
from github. This version is working with current Thunderbird from
updated stretch.

Thank you

Jakob

-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (990, 'stable'), (700, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.12.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages xul-ext-sieve depends on:
ii  icedove1:52.2.1-4~deb9u1
ii  libjs-codemirror   5.4.0-1
ii  libjs-jquery   3.1.1-2
ii  thunderbird [icedove]  1:52.2.1-4~deb9u1

xul-ext-sieve recommends no packages.

xul-ext-sieve suggests no packages.

Bug#870191: Pending fixes for bugs in the golang-github-opentracing-opentracing-go package

[pkg-go-maintainers]

tag 870191 + pending
thanks

Some bugs in the golang-github-opentracing-opentracing-go package are
closed in revision 4ecc3fe336b84e6b73e09c8c4639acc8cfced8a8 in branch
'debian/sid' by Martín Ferrari

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-go/packages/golang-github-opentracing-opentracing-go.git/commit/?id=4ecc3fe

Commit message:

Initial release. Closes: #870191.

Bug#870197: libytnef: CVE-2017-9473: memory allocation failure in TNEFFillMapi

[Salvatore Bonaccorso]

Source: libytnef
Version: 1.9.2-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/Yeraze/ytnef/issues/42

Hi,

the following vulnerability was published for libytnef.

CVE-2017-9473[0]:
| In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote
| attackers to cause a denial of service (memory consumption) via a
| crafted file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9473
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9473
[1] https://github.com/Yeraze/ytnef/issues/42

Please adjust the affected versions in the BTS as needed, older
versions than 1.9.2 as reported upstream might be affected as well.

Regards,
Salvatore

Bug#870196: libytnef: CVE-2017-9470: NULL pointer dereference in MAPIPrint

[Salvatore Bonaccorso]

Source: libytnef
Version: 1.9.2-2
Severity: important
Tags: upstream security
Forwarded: https://github.com/Yeraze/ytnef/issues/37

Hi,

the following vulnerability was published for libytnef.

CVE-2017-9470[0]:
| In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote
| attackers to cause a denial of service (NULL pointer dereference and
| application crash) via a crafted file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9470
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9470
[1] https://github.com/Yeraze/ytnef/issues/37

Please adjust the affected versions in the BTS as needed, older
versions than 1.9.2 might be affected as well.

Regards,
Salvatore

Bug#870194: libytnef: CVE-2017-9471: heap-based-buffer overflow in SwapWord

[Salvatore Bonaccorso]

Source: libytnef
Version: 1.9.2-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/Yeraze/ytnef/issues/39

Hi,

the following vulnerability was published for libytnef.

CVE-2017-9471[0]:
| In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote
| attackers to cause a denial of service (heap-based buffer over-read and
| application crash) via a crafted file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9471
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9471
[1] https://github.com/Yeraze/ytnef/issues/39

Please adjust the affected versions in the BTS as needed, older
versions than 1.9.2 might be affected as well.

Regards,
Salvatore

Bug#870195: ITP: golang-github-opentracing-contring-go-stdlib -- OpenTracing instrumentation for packages in the Go stdlib

[Martín Ferrari]

Package: wnpp
Severity: wishlist
Owner: =?utf-8?q?Mart=C3=ADn_Ferrari?= 

* Package name: golang-github-opentracing-contring-go-stdlib
  Version : 0.0+git201705028.48e4d76
  Upstream Author : opentracing-contrib
* URL : https://github.com/opentracing-contrib/go-stdlib
* License : BSD-3
  Programming Lang: Golang
  Description : OpenTracing instrumentation for packages in the Go stdlib

This package contains OpenTracing (http://opentracing.io/) instrumentation for
packages in the Go standard library.

Instrumentation is provided for the following packages, with the following 
caveats:

 * net/http: Client and server instrumentation. Only supported with Go 1.7 and 
later.

Bug#870193: libytnef: CVE-2017-9472: heap-based buffer overflow in SwapDWord

[Salvatore Bonaccorso]

Source: libytnef
Version: 1.9.2-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/Yeraze/ytnef/issues/41

Hi,

the following vulnerability was published for libytnef.

CVE-2017-9472[0]:
| In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote
| attackers to cause a denial of service (heap-based buffer over-read and
| application crash) via a crafted file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9472
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9472
[1] https://github.com/Yeraze/ytnef/issues/41

Please adjust the affected versions in the BTS as needed, older
version than 1.9.2 might be affected as well.

Regards,
Salvatore

Bug#870192: libytnef: CVE-2017-9474: heap-based buffer overflow in DecompressRTF

[Salvatore Bonaccorso]

Source: libytnef
Version: 1.9.2-2
Severity: important
Tags: upstream security
Forwarded: https://github.com/Yeraze/ytnef/issues/40

Hi,

the following vulnerability was published for libytnef.

CVE-2017-9474[0]:
| In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote
| attackers to cause a denial of service (heap-based buffer over-read and
| application crash) via a crafted file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9474
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9474
[1] https://github.com/Yeraze/ytnef/issues/40

Please adjust the affected versions in the BTS as needed, older
version than 1.9.2 might be similarly affected.

Regards,
Salvatore

Bug#870191: ITP: golang-github-opentracing-opentracing-go -- Go platform API for OpenTracing

[Martín Ferrari]

Package: wnpp
Severity: wishlist
Owner: =?utf-8?q?Mart=C3=ADn_Ferrari?= 

* Package name: golang-github-opentracing-opentracing-go
  Version : 1.0.2
  Upstream Author : The OpenTracing Authors
* URL : http://opentracing.io/
* License : MIT
  Programming Lang: Golang
  Description : Go platform API for OpenTracing

By offering consistent, expressive, vendor-neutral APIs for popular platforms,
OpenTracing makes it easy for developers to add (or switch) tracing
implementations with an O(1) configuration change. OpenTracing also offers a
lingua franca for OSS instrumentation and platform-specific tracing helper
libraries.

This package is a Go platform API for OpenTracing.

Bug#870190: RFS: python-parameterized/0.6.1-1 [ITP]

[Ghislain Vaillant]

Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for the following package:

* Package name: python-parameterized
  Version : 0.6.1-1
  Upstream Author : David Wolever
* URL : https://github.com/wolever/parameterized
* License : BSD
  Section : python

Please check out the package by visiting the following URL:

  
https://anonscm.debian.org/git/python-modules/packages/python-parameterized.git

Changes since the last upload:

  * Initial release. (Closes: #869976)

Best regards,
Ghis

Bug#870188: CVE-2017-11610

[Markus Koschany]

Control: merge 870187 870188




signature.asc
Description: OpenPGP digital signature

Bug#869891: pgpdump: infinite loop

[Christoph Biedl]

tags 869891 upstream,patch
thanks

Jakub Wilk wrote...

> This command seems to hang forever:
> 
>   $ printf -- '-BEGIN PGP\n\njAE0IM0D' | pgpdump

Appearently it's a bad idea to call BZ2_bzDecompress with avail_in set
to zero. The patch below catches that situation but still should
probably see more testing.

Christoph

--- a/buffer.c
+++ b/buffer.c
@@ -276,6 +276,8 @@
while (bz.avail_out != 0) {
if (bz.avail_in == 0) {
size = (*d_func2)(d_buf2, sizeof(d_buf2));
+   if (size == 0)
+   warn_exit("bzip2 no data for BZ2_bzDecompress");
bz.next_in  = (cast_t)d_buf2;
bz.avail_in = size;
}


signature.asc
Description: Digital signature

Bug#870189: RFS: pytest-qt/2.1.2-2

[Ghislain Vaillant]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for the following package:

* Package name: pytest-qt
  Version : 2.1.2-2
  Upstream Author : Bruno Oliveira
* URL : https://github.com/pytest-dev/pytest-qt
* License : Expat
  Section : python

Please check out the package by visiting the following URL:

  https://anonscm.debian.org/git/python-modules/packages/pytest-qt.git

Changes since the last upload:

  * Drop autopkgtests for PySide.
Reason: PySide is not available for Python 3.6
  * Mark doc package M-A foreign
  * Run the tests at build time

Regards,
Ghis

Bug#870187: supervisor: CVE-2017-11610: Command injection via malicious XML-RPC request

[Salvatore Bonaccorso]

On Sun, Jul 30, 2017 at 10:07:42PM +0200, Salvatore Bonaccorso wrote:
> I should add: I have choosen severity grave due to the potential of
> code execution as root if the service is enabled. Am I right that in
> *any* version present in Debian the web interface is started?
> 
> If so we might lower the severity.

Actually the unix_http_server is started by default. Still in default
installation it might be harder to exploit. Details are in the
upstream bug at https://github.com/Supervisor/supervisor/issues/964

CRIT Server 'unix_http_server' running without any HTTP authentication checking

Regards,
Salvatore

Bug#870187: supervisor: CVE-2017-11610: Command injection via malicious XML-RPC request

[Salvatore Bonaccorso]

I should add: I have choosen severity grave due to the potential of
code execution as root if the service is enabled. Am I right that in
*any* version present in Debian the web interface is started?

If so we might lower the severity.

Regards,
Salvatore

Bug#870188: CVE-2017-11610

[Markus Koschany]

Package: supervisor
X-Debbugs-CC: t...@security.debian.org 
secure-testing-t...@lists.alioth.debian.org
Severity: grave
Tags: security

Hi,

the following vulnerability was published for supervisor.

CVE-2017-11610[0]:
Authenticated RCE

This issue was fixed by upstream in version 3.3.3.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-11610
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11610

Please adjust the affected versions in the BTS as needed.

Regards,

Markus




signature.asc
Description: OpenPGP digital signature

Bug#870176: libdrm: Make source package bootstrappable

[Daniel Schepler]

On Sun, Jul 30, 2017 at 12:52 PM, Sven Joachim  wrote:
> Really?  There seems to be quite a bit of code that's conditional to
> #ifdev HAVE_VALGRIND, e.g. in intel/intel_bufmgr_gem.c, and I don't
> think building with the nocheck profile should alter the produced binary
> packages.

Hmm, I guess if it's indeed the case that it's generating valgrind
support stub assembly, or something along those lines, then it might
get more complex.  It might be necessary to produce libdrm2-stage1
etc. packages with shlibs/symbols set up to generate dependencies on
"libdrm2 | libdrm2-stage1".  Either that, or break the cycle somewhere
else, for example maybe by having valgrind able to produce a
valgrind-stage1 package without the correct gdb path encoded in.
-- 
Daniel

Bug#870187: supervisor: CVE-2017-11610: Command injection via malicious XML-RPC request

[Salvatore Bonaccorso]

Source: supervisor
Version: 3.0r1-1
Severity: grave
Tags: upstream security patch
Forwarded: https://github.com/Supervisor/supervisor/issues/964

Hi,

the following vulnerability was published for supervisor.

CVE-2017-11610[0]:
Command injection via malicious XML-RPC request

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-11610
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11610
[1] https://github.com/Supervisor/supervisor/issues/964

Regards,
Salvatore

Bug#870186: libsass: CVE-2017-11608

[Salvatore Bonaccorso]

Source: libsass
Version: 3.4.3-1
Severity: important
Tags: security upstream

Hi,

the following vulnerability was published for libsass.

CVE-2017-11608[0]:
| There is a heap-based buffer over-read in the
| Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A
| crafted input will lead to a remote denial of service attack.

Can you please double-check this report and possibly report it
upstream.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-11608
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11608
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1474276

Regards,
Salvatore

Bug#870185: FATAL: kernel 4.11.0-0.bpo.1-marvell does not boot on QNAP TS-219P II

[Robert Schlabbach]

Package: linux-image-4.11.0-0.bpo.1-marvell
Version: 4.11.6-1~bpo9+1: armel

I had Debian Stretch installed on my QNAP TS-219P II and already upgraded to 
the backports kernel linux-image-4.9.0-0.bpo.3-marvell (4.9.30-2+deb9u2~bpo8+1: 
armel). Upgrading that to the package specified above yielded a no-boot 
situation. The full output of the serial console:

 __  __  _ _
|  \/  | __ _ _    _| | |
| |\/| |/ _` | '__\ \ / / _ \ | |
| |  | | (_| | |   \ V /  __/ | |
|_|  |_|\__,_|_|\_/ \___|_|_|
 _   _   _
| | | |   | __ )  ___   ___ | |_ 
| | | |___|  _ \ / _ \ / _ \| __| 
| |_| |___| |_) | (_) | (_) | |_ 
 \___/|/ \___/ \___/ \__|  ** LOADER **
 ** MARVELL BOARD: DB-88F6282A-BP LE TS-219P2+ ,PHY=1.8v 

U-Boot 1.1.4 (Jan  3 2012 - 14:49:37) Marvell version: 3.5.3

U-Boot code: 0060 -> 0067FFF0  BSS: -> 006CD5C0

Soc: MV88F6282 Rev 1CPU running @ 2000Mhz L2 running @ 500Mhz
SysClock = 500Mhz , TClock = 200Mhz 

DRAM (DDR3) CAS Latency = 7 tRP = 7 tRAS = 20 tRCD=7
DRAM CS[0] base 0x   size 256MB 
DRAM CS[1] base 0x1000   size 256MB 
DRAM Total size 512MB  16bit width
Addresses 8M - 0M are saved for the U-Boot usage.
Mem malloc Initialization (8M - 7M): Done
[16384kB@f800] Flash: 16 MB

CPU : Marvell Feroceon (Rev 1)
USB 0: host mode
PEX 0: PCI Express Root Complex Interface
PEX interface detected Link X1
PEX 1: PCI Express Root Complex Interface
PEX interface detected Link X1

Reset IDE: 
Marvell Serial ATA Adapter
Integrated Sata device found

Net:   egiga0 [PRIME]
Hit any key to stop autoboot:  0 
QNAP: Recovery Button pressed: 0
Marvell>> boot
Send Cmd : 0x68 to UART1
## Booting image at 0080 ...
   Image Name:   kernel 4.11.0-0.bpo.1-marvell
   Created:  2017-07-30  18:55:56 UTC
   Image Type:   ARM Linux Kernel Image (uncompressed)
   Data Size:2076472 Bytes =  2 MB
   Load Address: 8000
   Entry Point:  8000
   Verifying Checksum ... OK
OK

Starting kernel ...

Uncompressing Linux... done, booting the kernel.



That's it, no further output, no boot. The kernel seems to die early on.

I've observed such early failures on another platform when a "bad" device tree 
binary was flashed. Is it possible that kernel 4.11 requires a changed dtb, and 
that was not correctly upgraded?