Bug#892860: python-paramiko: please accommodate pre-GSSException python-gssapi

[Jeremy T. Bouse]

There is already an upstream bug filed about this and potential patch
but I was reluctant to apply it as I hadn't seen any real comments on it
from upstream yet.


On 3/13/2018 5:31 PM, Aaron M. Ucko wrote:
> Package: python-paramiko
> Version: 2.4.0-1
> Severity: important
> Tags: upstream
>
> [python-gssapi maintainer X-Debbugs-Cc:ed]
>
> Hi, Jeremy.
>
> Attempting to import paramiko when python(3)-gssapi is also installed
> now fails with an AttributeError:
>
>   >>> import paramiko
>   Traceback (most recent call last):
> File "", line 1, in 
> File "/usr/lib/python2.7/dist-packages/paramiko/__init__.py", line 22, in 
> 
>   from paramiko.transport import SecurityOptions, Transport
> File "/usr/lib/python2.7/dist-packages/paramiko/transport.py", line 38, 
> in 
>   from paramiko.auth_handler import AuthHandler
> File "/usr/lib/python2.7/dist-packages/paramiko/auth_handler.py", line 
> 48, in 
>   from paramiko.ssh_gss import GSSAuth, GSS_EXCEPTIONS
> File "/usr/lib/python2.7/dist-packages/paramiko/ssh_gss.py", line 54, in 
> 
>   GSS_EXCEPTIONS = (gssapi.GSSException,)
>   AttributeError: 'module' object has no attribute 'GSSException'
>
> ssh_gss.py evidently accommodates the possibility that the gssapi module
> is absent altogether, but not that it is present but incompatible.  I
> initially considered suggesting arranging to set
>
> GSS_EXCEPTIONS = (gssapi.exceptions.GSSError, gssapi.exceptions.GeneralError)
>
> in this case, but it looks like there may be deeper incompatibilities,
> so it would probably be more prudent to punt altogether on
> AttributeError, as already done for other specific exception types.
>
> Also, you probably ought to version the suggestion on python-gssapi, but
> I'm not sure what the minimum should be.  (1.4.1 is current, but for all
> I know 1.3.x is new enough.)
>
> Could you please take a look?
>
> Thanks!
>
> -- System Information:
> Debian Release: buster/sid
>   APT prefers testing
>   APT policy: (500, 'testing'), (500, 'stable'), (300, 'unstable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386, x32
>
> Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
> LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
> Versions of packages python-paramiko depends on:
> ii  python   2.7.14-4
> ii  python-bcrypt3.1.4-2
> ii  python-cryptography  2.1.4-1
> ii  python-nacl  1.1.2-1+b1
> ii  python-pyasn10.4.2-3
>
> python-paramiko recommends no packages.
>
> Versions of packages python-paramiko suggests:
> ii  python-gssapi  1.2.0-1+b2
>
> -- no debconf information
>

Bug#892803: di-netboot-assistant: unsigned daily images

[Cyril Brulebois]

Matt Taggart  (2018-03-13):
> In the package provided di-sources.list file, in the daily section,
> there are the following comments,
> 
>   ## Daily netboot DI images (not signed?!?). Read:
>   # https://d-i.debian.org/daily-images/build-logs.html
>   # http://wiki.debian.org/DebianInstaller/Today

https://d-i.debian.org/daily-images/daily-build-overview.html is what
should be advertised. The other one was broken in the first place, and
is only kept for the debian-cd part which wasn't integrated in the
“new” view yet. The web server serving the cdimage logs has been shut
down anyway IIRC from a few weeks ago.

And yeah, nobody maintains /Today…

> It would be nice if the d-i daily's were signed, even if they had to
> use a different key that I would then need to install on the system so
> that this di-netboot-assistant check could use. Is there already a bug
> open requesting daily image signing? If not then maybe this one can be
> cloned and reassigned to the right place.

I don't think that's a reasonable thing to do. Images are built on
porterboxes, centralized on dillon, which is used for quite a number
of other things.

What extra security would signing images bring here?


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#892889: eric: please update eric6 in 18.03

[ilovesusu]

Package: eric
Version: 17.11.1-1
Severity: normal

https://sourceforge.net/projects/eric-ide/files/eric6/stable/18.03/



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8), 
LANGUAGE=zh_CN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages eric depends on:
ii  python-chardet  3.0.4-1
ii  python3 3.6.4-1
ii  python3-pygments2.2.0+dfsg-1
ii  python3-pyqt5   5.9.2+dfsg-1
ii  python3-pyqt5.qsci  2.10.2+dfsg-4+b1
ii  python3-pyqt5.qtsql 5.9.2+dfsg-1
ii  python3-pyqt5.qtsvg 5.9.2+dfsg-1
ii  python3-pyqt5.qtwebkit  5.9.2+dfsg-1

Versions of packages eric recommends:
ii  eric-api-files  17.11.1-1
ii  python-rope 0.10.5-2

Versions of packages eric suggests:
ii  pyqt5-dev-tools   5.9.2+dfsg-1
pn  pyqt5-doc 
ii  python [python-profiler]  2.7.14-4
pn  python-doc
pn  python-qt4-doc
pn  python3-doc   
pn  qt4-doc-html  
pn  qt5-doc-html  
pn  qtbase5-doc-html  
ii  qttools5-dev  5.9.2-6
ii  ruby  1:2.3.3

-- no debconf information

Bug#892888: mirror listing update for dist1.800hosting.com

[800hosting]

Package: mirrors
Severity: minor
User: mirr...@packages.debian.org
Usertags: mirror-list

Submission-Type: update
Site: dist1.800hosting.com
Type: leaf
Archive-architecture: amd64 i386
Archive-http: /debian/
Archive-rsync: debian/
Maintainer: 800hosting 
Country: US United States
Location: Dallas
Sponsor: 800hosting http://800hosting.com




Trace Url: http://dist1.800hosting.com/debian/project/trace/
Trace Url: 
http://dist1.800hosting.com/debian/project/trace/ftp-master.debian.org
Trace Url: http://dist1.800hosting.com/debian/project/trace/dist1.800hosting.com

Bug#892887: dosemu: CPU is running at 100%

[Ernst Otto Schäfer]

Package: dosemu
Version: 1.4.0.7+20130105+b028d3f-2+b1
Severity: important

Dear Maintainer,


CPU is always running at 100%

20   0   82724  20280  12512 R 100,0  0,2   0:09.90 dosemu.bin


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dosemu depends on:
ii  libasound2   1.1.3-5
ii  libc62.27-1
ii  libgpm2  1.20.7-5
ii  libsdl1.2debian  1.2.15+dfsg2-0.1
ii  libslang22.3.2-1
ii  libsndfile1  1.0.28-4
ii  libx11-6 2:1.6.4-3
ii  libxext6 2:1.3.3-1+b2
ii  libxxf86vm1  1:1.1.4-1+b2
ii  xfonts-utils 1:7.7+4

dosemu recommends no packages.

dosemu suggests no packages.

-- no debconf information

Bug#887082: (no subject)

[Youhei SASAKI]

Control: reopen -1

Package: gnome-shell
Version: 3.27.92-2
Severity: normal

Dear Maintainer, this bug is not fiexed in this version.

Best wishes

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8), 
LANGUAGE=ja_JP.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnome-shell depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.26.1-3
ii  evolution-data-server3.26.5-2
ii  gir1.2-accountsservice-1.0   0.6.45-1
ii  gir1.2-atspi-2.0 2.28.0-1
ii  gir1.2-freedesktop   1.54.1-4
ii  gir1.2-gcr-3 3.28.0-1
ii  gir1.2-gdesktopenums-3.0 3.27.92-1
ii  gir1.2-gdm-1.0   3.26.2.1-3
ii  gir1.2-geoclue-2.0   2.4.7-1
ii  gir1.2-glib-2.0  1.54.1-4
ii  gir1.2-gnomebluetooth-1.03.28.0-1
ii  gir1.2-gnomedesktop-3.0  3.27.92-1
ii  gir1.2-gtk-3.0   3.22.28-1
ii  gir1.2-gweather-3.0  3.28.0-2
ii  gir1.2-ibus-1.0  1.5.17-3
ii  gir1.2-mutter-2  3.28.0-1
ii  gir1.2-nm-1.01.10.6-2
ii  gir1.2-nma-1.0   1.8.10-2
ii  gir1.2-pango-1.0 1.40.14-1
ii  gir1.2-polkit-1.00.105-18
ii  gir1.2-rsvg-2.0  2.40.20-2
ii  gir1.2-soup-2.4  2.62.0-1
ii  gir1.2-upowerglib-1.00.99.7-2
ii  gjs  1.50.3-2
ii  gnome-backgrounds3.27.90-1
ii  gnome-settings-daemon3.26.2-1+b1
ii  gnome-shell-common   3.27.92-2
ii  gsettings-desktop-schemas3.27.92-1
ii  libatk-bridge2.0-0   2.26.1-1
ii  libatk1.0-0  2.26.1-3
ii  libc62.27-2
ii  libcairo21.15.10-2
ii  libcanberra-gtk3-0   0.30-6
ii  libcanberra0 0.30-6
ii  libcroco30.6.12-2
ii  libecal-1.2-19   3.26.5-2
ii  libedataserver-1.2-223.26.5-2
ii  libgcr-base-3-1  3.28.0-1
ii  libgdk-pixbuf2.0-0   2.36.11-1
ii  libgirepository-1.0-11.54.1-4
ii  libgjs0g [libgjs0-libmozjs-52-0] 1.50.3-2
ii  libglib2.0-0 2.54.3-2
ii  libglib2.0-bin   2.54.3-2
ii  libgstreamer1.0-01.12.4-1
ii  libgtk-3-0   3.22.28-1
ii  libical3 3.0.1-5
ii  libjson-glib-1.0-0   1.4.2-3
ii  libmutter-2-03.28.0-1
ii  libnm0   1.10.6-2
ii  libpango-1.0-0   1.40.14-1
ii  libpangocairo-1.0-0  1.40.14-1
ii  libpolkit-agent-1-0  0.105-18
ii  libpolkit-gobject-1-00.105-18
ii  libpulse-mainloop-glib0  11.1-4
ii  libpulse011.1-4
ii  libsecret-1-00.18.5-6
ii  libstartup-notification0 0.12-5
ii  libsystemd0  238-2
ii  libx11-6 2:1.6.4-3
ii  libxfixes3   1:5.0.3-1
ii  mutter   3.28.0-1
ii  python3  3.6.4-1

Versions of packages gnome-shell recommends:
pn  chrome-gnome-shell
pn  gdm3  
ii  gkbd-capplet  3.26.0-3
ii  gnome-control-center  1:3.27.92-1
pn  gnome-user-docs   
pn  iio-sensor-proxy  
pn  switcheroo-control
ii  unzip 6.0-21

Versions of packages gnome-shell suggests:
pn  gir1.2-telepathyglib-0.12   
pn  gir1.2-telepathylogger-0.2  

-- no debconf information

Bug#891892: lintian: False positive: statically-linked-binary despite the Build-Depends on golang-go

[Chris Lamb]

Hi Arnaud,

> > $built_with_golang
> >   = $src->info->relation('build-depends')
> >   ->implies('golang-go | golang-any');
> >
> > Not sure whether it's the >= version of the "golang-go" part or
> > the "golang-1.9-go" part in itself is causing it not to match..
> 
> These lines do not raise a warning
> 
>   golang-any (>= 2:1.9~)
>   golang-go (>= 2:1.9~)
> 
> However this one raise a warning
> 
>   golang-any | golang-1.9-go

Ah, sorry, I should/could have told you that :(  Sorry for causing you
extra work..

> let me just clarify that with the go packaging team, and fix the control
> file to start with.

Can you clarify? As in, shall we close this bug?


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#891843: RFS: libhinawa/0.8.2-2

[Kentaro Hayashi]

On Wed, 14 Mar 2018 02:42:19 +0100 Adam Borowski  wrote:
> $ dget -u 
> https://mentors.debian.net/debian/pool/main/libh/libhinawa/libhinawa_0.8.2-2.dsc
> dget: retrieving 
> https://mentors.debian.net/debian/pool/main/libh/libhinawa/libhinawa_0.8.2-2.dsc
snip
> curl: (22) The requested URL returned error: 404 Not Found
> dget: curl libhinawa_0.8.2.orig.tar.gz.asc 
> https://mentors.debian.net/debian/pool/main/libh/libhinawa/libhinawa_0.8.2.orig.tar.gz.asc
>  failed
> dpkg-source: info: extracting libhinawa in libhinawa-0.8.2
> dpkg-source: info: unpacking libhinawa_0.8.2.orig.tar.gz
> dpkg-source: info: unpacking libhinawa_0.8.2-2.debian.tar.xz
> dpkg-source: error: cannot open ./libhinawa_0.8.2-2.debian.tar.xz: No such 
> file or directory
> tar: This does not look like a tar archive
> tar: Exiting with failure status due to previous errors
> dpkg-source: error: tar -xf - --no-same-permissions --no-same-owner 
> subprocess returned exit status 2

I've force uploaded again, could you check please?

dget -x -u 
https://mentors.debian.net/debian/pool/main/libh/libhinawa/libhinawa_0.8.2-2.dsc
dget: retrieving 
https://mentors.debian.net/debian/pool/main/libh/libhinawa/libhinawa_0.8.2-2.dsc
  % Total% Received % Xferd  Average Speed   TimeTime Time  Current
 Dload  Upload   Total   SpentLeft  Speed
100  2488  100  24880 0   2076  0  0:00:01  0:00:01 --:--:--  2076
dget: using existing libhinawa_0.8.2.orig.tar.gz
dget: using existing libhinawa_0.8.2.orig.tar.gz.asc
dget: using existing libhinawa_0.8.2-2.debian.tar.xz
dpkg-source: info: extracting libhinawa in libhinawa-0.8.2
dpkg-source: info: unpacking libhinawa_0.8.2.orig.tar.gz
dpkg-source: info: unpacking libhinawa_0.8.2-2.debian.tar.xz


pgpej0_hi4l6o.pgp
Description: PGP signature

Bug#891892: lintian: False positive: statically-linked-binary despite the Build-Depends on golang-go

[Arnaud]

Hi,

I did a few tests !


On 03/02/2018 09:20 PM, Chris Lamb wrote:
> Hi Arnaud,
>
>> The statically-linked-binary warninf shouldn't be there, as the field
>> Build-Depends contains:
>>
>> golang-go (>= 2:1.9~) | golang-1.9-go
> The Lintian code in question is:
>
> $built_with_golang
>   = $src->info->relation('build-depends')
>   ->implies('golang-go | golang-any');
>
> Not sure whether it's the >= version of the "golang-go" part or
> the "golang-1.9-go" part in itself is causing it not to match..

These lines do not raise a warning

  golang-any (>= 2:1.9~)
  golang-go (>= 2:1.9~)

However this one raise a warning

  golang-any | golang-1.9-go

And this last one, more interesting, fails the build:

  golang-1.9-go

Actually, only 'golang-go' installs the binary '/usr/bin/go' (which is
just a symlink). Installing only 'golang-1.x-go'  is not enough, so let
me just clarify that with the go packaging team, and fix the control
file to start with.

Cheers

  Arnaud

Bug#892886: launchy: Please switch upstream and package the new version

[Boyuan Yang]

Source: launchy
Version: 2.5-4
Severity: normal

This is a placeholder report to remind the newcomers that original launchy
upstream has dead.

There is a new upstream (fork project) available on GitHub:

https://github.com/OpenNingia/Launchy

Anyone interested in launchy in Debian should switch the upstream and try to
package the new version.

--
Regards,
Boyuan Yang



-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'buildd-unstable'), (500, 
'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#892885: geophar: Wrongly build-dep on package build-essential

[Boyuan Yang]

Source: geophar
Version: 16.08.4~dfsg1-1
Severity: normal

Dear maintainer,

your package "geophar" in Debian build-depends on package "build-essential",
which would raise a lintian error. There's no need to build-depend on build-
essential since all packaging environments are expected to have it installed.

Debian packages should be lintian-clean and eliminate lintian errors. Please
fix this problem in the next upload.

--
Regards,
Boyuan Yang



-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'buildd-unstable'), (500, 
'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#892883: mirrors: Debian mirror opensource.nchc.org.tw: add as candidate of ftp.tw

[魏銘廷]

Package: mirrors
Severity: wishlist
X-Debbugs-CC: debian-mirr...@lists.debian.org, Steven Shiau 
, Ceasar Sun Chen-kai , Thomas 


Hi,

As stated in the debian-mirrors mailing list, NCHC wants to list
ftp.tw.debian.org as their primary mirror:

  https://lists.debian.org/debian-mirrors/2018/03/msg0.html

Also, according to the mirror status webpage:

  https://mirror-master.debian.org/status/mirror-status.html

NCHC needs to use ftpsync rather than typical rsync to sync the mirror,
because of lacking sitetrace.

Yao Wei


signature.asc
Description: PGP signature

Bug#892884: python-neutron-taas build-depends on cruft package python-neutron

[peter green]

Package: python-neutron-taas
Severity: serious
Tags: buster, sid

python-neutron-taas depends on python-neutron which is no longer built by the 
neutron source package. It appears to have been replaced by python3-neutron.

Bug#892882: python-networking-mlnx build-depends on cruft package python-neutron

[peter green]

Package: python-networking-mlnx
Severity: serious
Tags: buster, sid

python-networking-mlnx depends on python-neutron which is no longer built by 
the neutron source package. It appears to have been replaced by python3-neutron.

Bug#892881: python-networking-arista build-depends on cruft package python-neutron

[peter green]

Package: python-networking-arista
Severity: serious
Tags: buster, sid

python-networking arista depends on python-neutron which is no longer built by 
the neutron source package. It appears to have been replaced by python3-neutron.

Bug#892880: pencil2d: New upstream release

[Mattia Rizzolo]

Hi Chris,

On Wed, Mar 14, 2018 at 02:57:10AM +, Chris Lamb wrote:
> New upstream 3.0.4 release is available at:
> 
>   https://pencil.evolus.vn/Downloads.html

That's not the fork pencil2d is following, and just looking at the
screenshot on https://pencil.evolus.vn/ it actually looks like an
entirely different program.

What this package is tracking is https://github.com/pencil2d/pencil/ or
http://www.pencil2d.org/ .

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#892880: pencil2d: New upstream release

[Chris Lamb]

Source: pencil2d
Version: 0.6.0+ds-1
Severity: wishlist

Hi,

New upstream 3.0.4 release is available at:

  https://pencil.evolus.vn/Downloads.html


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#892879: less: Outdated version in distribution

[Igor Liferenko]

Package: less
Version: 487-0.1
Severity: normal

Dear Maintainer,

"less" version in debian repository is 487. Please upgrade to current version 
530.


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages less depends on:
ii  debianutils  4.8.4
ii  libc62.26-4
ii  libtinfo56.0+20171125-1

less recommends no packages.

less suggests no packages.

-- no debconf information

Bug#892722: Place the files there manually?

[Simon Quigley]

Hi there!

One thing I would like you to try (to see if this does indeed work) is
to install the voice packages in /usr/share/gcompris-qt/boards/voices/
(just like the old voice packages did, but manually).

What I'm trying to see here is if I can package these and they will Just
Work, or if I need to do some magic within the GCompris-Qt code itself.

Thank you for using GCompris-Qt!

-- 
Simon Quigley
tsimo...@ubuntu.com
tsimonq2 on freenode and OFTC
5C7A BEA2 0F86 3045 9CC8
C8B5 E27F 2CF8 458C 2FA4



signature.asc
Description: OpenPGP digital signature

Bug#892878: RM: consolekit/0.4.6-6

[Michael Biebl]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm

Please remove consolekit 0.4.6-6 from testing.
It is no longer useful on Linux, so I made an upload to unstable turning
it into a !Linux package.
But as the package builds no binaries anymore on Linux, the package will
not migrate automatically to testing.

I think the solution for this is to remove all binaries from testing.

Thanks,
Michael
-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#892877: python-urwid-doc: removal of python-urwid-doc makes files disappear from python-urwid

[Andreas Beckmann]

Package: python-urwid-doc
Version: 2.0.1-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts replaces-without-breaks

Hi,

during a test with piuparts and DOSE tools I noticed your package causes
removal of files that also belong to another package.
This is caused by using Replaces without corresponding Breaks.

The installation sequence to reproduce this problem is

  apt-get install python-urwid/stretch
  # (1)
  apt-get install python-urwid-doc/buster
  apt-get remove python-urwid-doc
  # (2)

The list of installed files at points (1) and (2) should be identical,
but the following files have disappeared:

  usr/share/doc/python-urwid/examples/bigtext.py.gz
  usr/share/doc/python-urwid/examples/browse.py.gz
  usr/share/doc/python-urwid/examples/calc.py.gz
  usr/share/doc/python-urwid/examples/dialog.py.gz
  usr/share/doc/python-urwid/examples/edit.py.gz
  usr/share/doc/python-urwid/examples/fib.py
  usr/share/doc/python-urwid/examples/graph.py.gz
  usr/share/doc/python-urwid/examples/input_test.py
  usr/share/doc/python-urwid/examples/lcd_cf635.py.gz
  usr/share/doc/python-urwid/examples/palette_test.py.gz
  usr/share/doc/python-urwid/examples/pop_up.py
  usr/share/doc/python-urwid/examples/subproc.py
  usr/share/doc/python-urwid/examples/tour.py.gz
  usr/share/doc/python-urwid/examples/treesample.py.gz
  usr/share/doc/python-urwid/examples/twisted_serve_ssh.py.gz
  usr/share/doc/python-urwid/examples/twisted_serve_ssh.tac
  usr/share/doc/python-urwid/html/_images/adventure1.png
  usr/share/doc/python-urwid/html/_images/adventure2.png
  usr/share/doc/python-urwid/html/_images/adventure3.png
  usr/share/doc/python-urwid/html/_images/adventure4.png
  usr/share/doc/python-urwid/html/_images/attr1.png
  usr/share/doc/python-urwid/html/_images/attr2.png
  usr/share/doc/python-urwid/html/_images/attr3.png
  usr/share/doc/python-urwid/html/_images/attr4.png
  usr/share/doc/python-urwid/html/_images/bigtext2.png
  usr/share/doc/python-urwid/html/_images/bigtext3.png
  usr/share/doc/python-urwid/html/_images/bright_combinations1.png
  usr/share/doc/python-urwid/html/_images/browse2.png
  usr/share/doc/python-urwid/html/_images/cmenu1.png
  usr/share/doc/python-urwid/html/_images/cmenu2.png
  usr/share/doc/python-urwid/html/_images/cmenu3.png
  usr/share/doc/python-urwid/html/_images/cmenu4.png
  usr/share/doc/python-urwid/html/_images/display_modules.png
  usr/share/doc/python-urwid/html/_images/edit1.png
  usr/share/doc/python-urwid/html/_images/edit2.png
  usr/share/doc/python-urwid/html/_images/graph2.png
  usr/share/doc/python-urwid/html/_images/highcolors1.png
  usr/share/doc/python-urwid/html/_images/hmenu1.png
  usr/share/doc/python-urwid/html/_images/hmenu2.png
  usr/share/doc/python-urwid/html/_images/hmenu3.png
  usr/share/doc/python-urwid/html/_images/hmenu4.png
  usr/share/doc/python-urwid/html/_images/input1.png
  usr/share/doc/python-urwid/html/_images/input2.png
  usr/share/doc/python-urwid/html/_images/input3.png
  usr/share/doc/python-urwid/html/_images/input4.png
  usr/share/doc/python-urwid/html/_images/input5.png
  usr/share/doc/python-urwid/html/_images/introduction.png
  usr/share/doc/python-urwid/html/_images/minimal1.png
  usr/share/doc/python-urwid/html/_images/multiple1.png
  usr/share/doc/python-urwid/html/_images/multiple2.png
  usr/share/doc/python-urwid/html/_images/multiple3.png
  usr/share/doc/python-urwid/html/_images/multiple4.png
  usr/share/doc/python-urwid/html/_images/palette_test2.png
  usr/share/doc/python-urwid/html/_images/pop_up1.png
  usr/share/doc/python-urwid/html/_images/pop_up2.png
  usr/share/doc/python-urwid/html/_images/qa1.png
  usr/share/doc/python-urwid/html/_images/qa2.png
  usr/share/doc/python-urwid/html/_images/qa3.png
  usr/share/doc/python-urwid/html/_images/safe_combinations1.png
  usr/share/doc/python-urwid/html/_images/sig1.png
  usr/share/doc/python-urwid/html/_images/sig2.png
  usr/share/doc/python-urwid/html/_images/sig3.png
  usr/share/doc/python-urwid/html/_images/sig4.png
  usr/share/doc/python-urwid/html/_images/smenu1.png
  usr/share/doc/python-urwid/html/_images/smenu2.png
  usr/share/doc/python-urwid/html/_images/smenu3.png
  usr/share/doc/python-urwid/html/_images/subproc1.png
  usr/share/doc/python-urwid/html/_images/subproc2.png
  usr/share/doc/python-urwid/html/_images/tour1.png
  usr/share/doc/python-urwid/html/_images/tour2.png
  usr/share/doc/python-urwid/html/_images/urwid_widgets_1.png
  usr/share/doc/python-urwid/html/_images/urwid_widgets_2.png
  usr/share/doc/python-urwid/html/_images/widget_layout.png
  usr/share/doc/python-urwid/html/_static/ajax-loader.gif
  usr/share/doc/python-urwid/html/_static/basic.css
  usr/share/doc/python-urwid/html/_static/classic.css
  usr/share/doc/python-urwid/html/_static/comment-bright.png
  usr/share/doc/python-urwid/html/_static/comment-close.png
  usr/share/doc/python-urwid/html/_static/comment.png
  usr/share/doc/python-urwid/html/_static/default.css
  

Bug#892876: python3-distro description says package is for Py 2

[Daniel Axtens]

Package: python3-distro
Severity: minor

Dear Maintainer,

Looking at the package description at 
https://packages.debian.org/sid/python3-distro 
or through apt, it contains the line

"This is the Python 2 version of the library."

This seems to be a simple copy-paste error from python-distro. It should read
"This is the Python 3 version of the library."

Regards,
Daniel

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.13.0-36-generic (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968), LANGUAGE=C 
(charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect

Versions of packages python3-distro depends on:
ii  lsb-release  9.20170808
ii  python3  3.6.4-1

python3-distro recommends no packages.

python3-distro suggests no packages.

Bug#892710: {tcl,tk}-i{tcl,tk}4-{dev,doc}: missing Conflicts: i{tcl,tk}-{dev,doc}

[Andreas Beckmann]

Followup-For: Bug #892710
Control: found -1 4.1.1-2
Control: found -1 4.1.0-2

Hi,

unfortunately i{tcl,tk}3-dev in stretch did not provide a virtual
package, so you'll need Breaks+Replaces or Conflicts against the real
packages. (Sorry, didn't check the -dev packages in detail, just assumed
they worked similarily to the -doc packages.)

  Selecting previously unselected package tcl-itcl4-dev:amd64.
  Preparing to unpack .../tcl-itcl4-dev_4.1.1-2_amd64.deb ...
  Unpacking tcl-itcl4-dev:amd64 (4.1.1-2) ...
  dpkg: error processing archive 
/var/cache/apt/archives/tcl-itcl4-dev_4.1.1-2_amd64.deb (--unpack):
   trying to overwrite '/usr/lib/x86_64-linux-gnu/itclConfig.sh', which is also 
in package itcl3-dev:amd64 3.4.3-1
  Selecting previously unselected package tk-itk4:amd64.
  Preparing to unpack .../tk-itk4_4.1.0-2_amd64.deb ...
  Unpacking tk-itk4:amd64 (4.1.0-2) ...
  Selecting previously unselected package tk-itk4-dev:amd64.
  Preparing to unpack .../tk-itk4-dev_4.1.0-2_amd64.deb ...
  Unpacking tk-itk4-dev:amd64 (4.1.0-2) ...
  dpkg: error processing archive 
/var/cache/apt/archives/tk-itk4-dev_4.1.0-2_amd64.deb (--unpack):
   trying to overwrite '/usr/lib/x86_64-linux-gnu/itkConfig.sh', which is also 
in package itk3-dev:amd64 3.4.2-1
  Errors were encountered while processing:
   /var/cache/apt/archives/tcl-itcl4-dev_4.1.1-2_amd64.deb
   /var/cache/apt/archives/tk-itk4-dev_4.1.0-2_amd64.deb


Andreas

Bug#892875: poedit: Messy error message displayed when str check failed under zh_CN.UTF-8 env (wrong encoding?)

[Boyuan Yang]

Package: poedit
Version: 2.0.6-1
Severity: normal

Dear Maintainer,

The following steps could reproduce the problem:

1. Enable zh_CN.UTF-8 locale
2. Install any CJK fonts on system (fonts-noto-cjk for example)
3. Open a random PO file with poedit under zh_CN.UTF-8 locale
4. (Wrongly) edit translation so that the check would fail
   For example, deliberately translate a %ld to %lu which would
   cause a mismatch.
5. Save the file.

In this way, messy error message would appear in poedit window.

A screenshot is provided.

https://i.loli.net/2018/03/14/5aa8823a50631.png

--
Regards,
Boyuan Yang



-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'buildd-unstable'), (500, 
'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages poedit depends on:
ii  gettext   0.19.8.1-4
ii  libboost-iostreams1.62.0  1.62.0+dfsg-5
ii  libboost-system1.62.0 1.62.0+dfsg-5
ii  libboost-thread1.62.0 1.62.0+dfsg-5
ii  libc6 2.27-2
ii  libcld2-0 0.0.0-git20150806-6
ii  libcpprest2.102.10.2-1
ii  libgcc1   1:8-20180312-2
ii  libglib2.0-0  2.54.3-2
ii  libgtk2.0-0   2.24.32-1
ii  libgtkspell0  2.0.16-1.2
ii  libicu57  57.1-8
ii  liblucene++0v53.0.7-8+b2
ii  libsecret-1-0 0.18.5-6
ii  libssl1.1 1.1.0g-2
ii  libstdc++68-20180312-2
ii  libwxbase3.0-0v5  3.0.3.1+dfsg2-1
ii  libwxgtk3.0-0v5   3.0.3.1+dfsg2-1
ii  poedit-common 2.0.6-1

poedit recommends no packages.

poedit suggests no packages.

-- no debconf information

Bug#892874: libmatio-doc: fails to upgrade from 'stable' to 'sid' - trying to overwrite /usr/share/doc/libmatio-dev/NEWS.gz

[Andreas Beckmann]

Package: libmatio-doc
Version: 1.5.12-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'stable'.
It installed fine in 'stable', then the upgrade to 'sid' fails
because it tries to overwrite other packages files without declaring a
Breaks+Replaces relation.

See policy 7.6 at
https://www.debian.org/doc/debian-policy/#overwriting-files-and-replacing-packages-replaces

This test intentionally skipped 'testing' to find file overwrite
problems before packages migrate from 'unstable' to 'testing'.

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package libmatio-doc.
  Preparing to unpack .../libmatio-doc_1.5.12-1_all.deb ...
  Unpacking libmatio-doc (1.5.12-1) ...
  dpkg: error processing archive 
/var/cache/apt/archives/libmatio-doc_1.5.12-1_all.deb (--unpack):
   trying to overwrite '/usr/share/doc/libmatio-dev/NEWS.gz', which is also in 
package libmatio-dev:amd64 1.5.9-1+b1
  dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
  Errors were encountered while processing:
   /var/cache/apt/archives/libmatio-doc_1.5.12-1_all.deb


cheers,

Andreas


libmatio-dev=1.5.9-1+b1_libmatio-doc=1.5.12-1.log.gz
Description: application/gzip

Bug#891843: RFS: libhinawa/0.8.2-2

[Adam Borowski]

On Thu, Mar 01, 2018 at 10:51:51PM +0900, Kentaro Hayashi wrote:
>  * Package name: libhinawa
>Version : 0.8.2-2

> https://mentors.debian.net/package/libhinawa
>   dget -x 
> https://mentors.debian.net/debian/pool/main/libh/libhinawa/libhinawa_0.8.2-2.dsc

Alas, parts of the packaging on mentors.d.n are somehow missing.:

$ dget -u 
https://mentors.debian.net/debian/pool/main/libh/libhinawa/libhinawa_0.8.2-2.dsc
dget: retrieving 
https://mentors.debian.net/debian/pool/main/libh/libhinawa/libhinawa_0.8.2-2.dsc
  % Total% Received % Xferd  Average Speed   TimeTime Time  Current
 Dload  Upload   Total   SpentLeft  Speed
100  2488  100  24880 0   9718  0 --:--:-- --:--:-- --:--:--  9680
dget: retrieving 
https://mentors.debian.net/debian/pool/main/libh/libhinawa/libhinawa_0.8.2.orig.tar.gz
  % Total% Received % Xferd  Average Speed   TimeTime Time  Current
 Dload  Upload   Total   SpentLeft  Speed
100  460k  100  460k0 0   858k  0 --:--:-- --:--:-- --:--:--  860k
dget: retrieving 
https://mentors.debian.net/debian/pool/main/libh/libhinawa/libhinawa_0.8.2.orig.tar.gz.asc
  % Total% Received % Xferd  Average Speed   TimeTime Time  Current
 Dload  Upload   Total   SpentLeft  Speed
  0 00 00 0  0  0 --:--:-- --:--:-- --:--:-- 0
curl: (22) The requested URL returned error: 404 Not Found
dget: curl libhinawa_0.8.2.orig.tar.gz.asc 
https://mentors.debian.net/debian/pool/main/libh/libhinawa/libhinawa_0.8.2.orig.tar.gz.asc
 failed
dpkg-source: info: extracting libhinawa in libhinawa-0.8.2
dpkg-source: info: unpacking libhinawa_0.8.2.orig.tar.gz
dpkg-source: info: unpacking libhinawa_0.8.2-2.debian.tar.xz
dpkg-source: error: cannot open ./libhinawa_0.8.2-2.debian.tar.xz: No such file 
or directory
tar: This does not look like a tar archive
tar: Exiting with failure status due to previous errors
dpkg-source: error: tar -xf - --no-same-permissions --no-same-owner subprocess 
returned exit status 2


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀ 
⣾⠁⢠⠒⠀⣿⡁ A dumb species has no way to open a tuna can.
⢿⡄⠘⠷⠚⠋⠀ A smart species invents a can opener.
⠈⠳⣄ A master species delegates.

Bug#892871: tome: Segfaults when started

[Vincent Lefevre]

On 2018-03-13 23:26:26 +, Pelle Hjek wrote:
> Package: tome
> Version: 2.4~0.git.2015.12.29-1.2
> Severity: grave
> Justification: renders package unusable
> 
> Dear Maintainer,
> 
> Starting Tome gives me this error:
> 
> % tome
> ASAN:DEADLYSIGNAL
> =
> ==28204==ERROR: AddressSanitizer: SEGV on unknown address 0xb7eede70 (pc 
> 0xb7eede84 bp 0xb7a89320 sp 0xbfaabf4c T16777215)
> ==28204==The signal is caused by a WRITE memory access.
> #0 0xb7eede83 in _dl_get_tls_static_info (/lib/ld-linux.so.2+0x11e83)
> #1 0xb79f7ff9  (/usr/lib/i386-linux-gnu/libasan.so.4+0x101ff9)
> #2 0xb79e3f15  (/usr/lib/i386-linux-gnu/libasan.so.4+0xedf15)
> #3 0xb7eeb91a  (/lib/ld-linux.so.2+0xf91a)
> #4 0xb7edccb9  (/lib/ld-linux.so.2+0xcb9)
> 
> AddressSanitizer can not provide additional info.
> SUMMARY: AddressSanitizer: SEGV (/lib/ld-linux.so.2+0x11e83) in 
> _dl_get_tls_static_info
> ==28204==ABORTING

This bug should probably be reassigned to libasan4.
All libasan* packages are probably broken with glibc 2.27.

See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892096
(for the case of gcc-snapshot, which provides its own libasan)
and the upstream bug I've reported:

  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84761

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#892832: ftp.debian.org: arbitrarily rejects packages and doesn't allow reupload

[Norbert Preining]

Hi Mattia,

thanks for your answer. The third upload after resigning the changes
file finally succeeded, nothing else has changed, though. 
So it is fine to ignore the rest of the email, as it will anyway not
help lift the veil of darkness.

Thanks

Norbert

> Please don't assume that the system is broken.
> Today, like any other day, thousands of uploads were processed just
> fine, just to prove that the system is not broken.

Indeed, but out of some reason one package wasn't ;-)

> It's *far* more likely that something you did was not ok.

Like
  dput *.changes
  # wait, drink coffee, do real company work, ...
  # see that dput succeeded in uploading
  # happily moved on to different things
  # get rejection email

> Please report the *exact* error message, together with your .changes
> and .dsc (if any).  Without it's pretty useless for anybody to speculate

The original error message was:
  texlive-lang_2018.20180313-1_amd64.changes: Refers to non-existing file 
'texlive-lang-japanese_2018.20180313-1_all.deb'
  Perhaps you need to include the file in your upload?
(see https://lists.debian.org/debian-tex-maint/2018/03/msg00038.html)

The changes and dsc files haven't changed between the previous and the
current (successful) upload. The only change I made was re-signing the
changes (.buildinfo,..).

> If I had to speculate on something it would be about Packages-List not
> containing the package, but who knows.

No, it was the other way round, the package list mentioned a file that
was somehow lost during transfer, although dput duly uploaded it and
said so. See above.

Sorry, I am not so paranoid to make logs of dput calls ;-) It is quite
good in telling me if I messed up something (like forgot to sign etc),
so I trust that if it finishes and puts a foobar.ftp-master.upload file
parallel to the changes file, I assume it is all settled.

All the best

Norbert

--
PREINING Norbert   http://www.preining.info
Accelia Inc. +JAIST +TeX Live +Debian Developer
GPG: 0x860CDC13   fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13

Bug#892096: libc6:i386 yields invalid writes, triggered by GCC's AddressSanitizer

[Vincent Lefevre]

On 2018-03-05 20:46:32 +0100, Aurelien Jarno wrote:
> The AddressSanitizer is using glibc internal functions though dlsym(),
> and such functions have the right to change in new major versions:
> 
> From libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc:
> |  void *get_tls_static_info_ptr = dlsym(RTLD_NEXT, 
> "_dl_get_tls_static_info");
> 
> And on the glibc side:
> | $ readelf -s /lib/ld-linux.so.2  | grep _dl_get_tls_static_info
> |  4: 00011e7035 FUNCGLOBAL DEFAULT   12 
> _dl_get_tls_static_info@@GLIBC_PRIVATE
> 
> This has been discussed for example there:
> https://www.sourceware.org/ml/libc-alpha/2018-02/msg00611.html
> 
> The AddressSanitizer people should discuss for a public API so that it
> doesn't happen again. Otherwise it might break at every new glibc
> version.

FYI, I reported the bug upstream:

  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84761

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#892873: gcc-snapshot: unusual version number

[Vincent Lefevre]

Package: gcc-snapshot
Version: 201803012-1
Severity: normal

The version number is 201803012-1 instead of the expected 20180312-1.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.15.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=POSIX 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gcc-snapshot depends on:
ii  binutils2.30-7
ii  lib32z1 1:1.2.8.dfsg-5
ii  libc6   2.27-2
ii  libc6-dev   2.27-2
ii  libc6-dev-i386  2.27-2
ii  libc6-dev-x32   2.27-2
ii  libc6-i386  2.27-2
ii  libc6-x32   2.27-2
ii  libgc1c21:7.4.2-8.1
ii  libgmp102:6.1.2+dfsg-3
ii  libisl150.18-1
ii  libmpc3 1.1.0-1
ii  libmpfr64.0.1-1
ii  python  2.7.14-4
ii  zlib1g  1:1.2.8.dfsg-5

gcc-snapshot recommends no packages.

Versions of packages gcc-snapshot suggests:
ii  binutils [binutils-gold]  2.30-7

-- no debconf information

Bug#776152: provide meaningful exit codes for network failures

[Justin Dove]

For laptop users in particular, the first run of apt-daily.service each day
is likely to occur on boot or after resume from suspend. Such a run will
fail to update package lists due to a DNS failure because of #834414. The
problem is made worse, however, because of apt's current exit code
behavior. After a failure to fetch, apt still exits with 0, and so the
apt.systemd.daily script considers it successful and touches the
update-stamp. Accordingly, all future runs of apt-daily.service that day
will check the update-stamp, see that it is recent, and abort running. So,
even if apt-daily.service has a chance to run later in the day when the
laptop is awake and network is up, it still will fail to update package
lists.

It seems that either apt's exit code behavior needs to change according to
this bug report, or if this is intended behavior then apt.systemd.daily
needs to check for DNS failure and handle it differently, in which case
perhaps a new bug report needs to be filed. Can someone advise?

When #834414 is fixed, this will not be as common of an issue, but it still
remains a separate bug as it is imaginable that the first run of
apt-daily.service in a given day could happen while DNS is down for any
number of reasons.

Bug#790158: sugar-toolkit: depends on python-rsvg which is deprecated

[Jeremy Bicha]

Hi,

It's been 2.5 months since I last pinged Jonas about this issue and 4
months since sugar-toolkit was removed from testing. It doesn't look
like there's been any activity on this recently.

sugar-toolkit is now one of only two packages preventing us from
removing gnome-python-desktop from Debian completely.

Only 2 of its rdepends even shipped in Stretch: sugar-irc-activity and
sugar-presence-service .sugar-presence-service was described as
deprecated 6 years ago in Debian. [1]

Please let us remove sugar-toolkit & its rdepends from Debian now.

[1] 
https://anonscm.debian.org/git/pkg-sugar/sugar-presence-service.git/commit/?id=288ab060

Thanks,
Jeremy Bicha

Bug#892872: redsocks: Redsocks 0.5 is incompatible with libevent 2.1

[CUI Hao]

Package: redsocks
Version: 0.5-1+b1
Severity: grave
Tags: upstream
Justification: renders package unusable

Dear Maintainer,

Redsocks doesn't function on Debian buster. It hangs after receiving
packets direct by iptables and never redirects packets to proxy.

It seems redsocks 0.5 is incompatible with libevent 2.1 which is in
buster and sid's repo. Here are related upstream issues:
https://github.com/darkk/redsocks/issues/107
https://github.com/darkk/redsocks/issues/122

After building redsocks against old libevent statically, the redirector
works again.

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing'), (150, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages redsocks depends on:
ii  adduser  3.117
ii  init-system-helpers  1.51
ii  libc62.27-1
ii  libevent-core-2.1-6  2.1.8-stable-4
ii  lsb-base 9.20170808

redsocks recommends no packages.

redsocks suggests no packages.

-- Configuration Files:
/etc/redsocks.conf changed [not included]

-- no debconf information

Bug#892854: Hostname resolution getting stuck for many seconds

[Simon McVittie]

On Tue, 13 Mar 2018 at 20:52:28 +0100, Eduard Bloch wrote:
> I checked the process with strace and saw something weird. My DNS was
> accessed, was queried, it returned data, then the connection was closed
> and then it started doing something with your library and THAT is where
> it didn't continue anymore.

What's in the hosts: line in your /etc/nsswitch.conf?

New installations of nss-mdns will set it up with

mdns4_minimal [NOTFOUND=return]

just before either resolve or dns, whichever is seen first. That means
only names in the .local domain are resolved this way. For example, on
a machine with systemd-resolved and various other non-standard modules,
I have:

hosts:  files mymachines gw_name myhostname mdns4_minimal 
[NOTFOUND=return] resolve [!UNAVAIL=return] dns

However, we don't edit nsswitch.conf if there is already a mention
of mdns (because that way there'd be a risk of overwriting sysadmin
configuration or otherwise breaking stuff), so in particular old
installations that already had nss-mdns installed before 2013 can have
a no-longer-recommended configuration left over.

>From your strace showing libnss_mdns4.so.2 being loaded, I think you
have mdns4 instead of mdns4_minimal. mdns{,4,6} tries to look up more
names in mDNS, and because of how mDNS works, will cause an arbitrary
delay for each name that cannot be resolved by any means (hosts file,
DNS, mDNS, whatever). I don't think there's much we can do about that
without making it impossible to choose the "non-minimal" behaviour.

If you purge and reinstall libnss-mdns, it should come back with a
better configuration that doesn't cause arbitrary delays (unless you
specifically ask to resolve a .local name that doesn't exist).

smcv

Bug#892871: tome: Segfaults when started

[Pelle Hjek]

Package: tome
Version: 2.4~0.git.2015.12.29-1.2
Severity: grave
Justification: renders package unusable

Dear Maintainer,

Starting Tome gives me this error:

% tome
ASAN:DEADLYSIGNAL
=
==28204==ERROR: AddressSanitizer: SEGV on unknown address 0xb7eede70 (pc 
0xb7eede84 bp 0xb7a89320 sp 0xbfaabf4c T16777215)
==28204==The signal is caused by a WRITE memory access.
#0 0xb7eede83 in _dl_get_tls_static_info (/lib/ld-linux.so.2+0x11e83)
#1 0xb79f7ff9  (/usr/lib/i386-linux-gnu/libasan.so.4+0x101ff9)
#2 0xb79e3f15  (/usr/lib/i386-linux-gnu/libasan.so.4+0xedf15)
#3 0xb7eeb91a  (/lib/ld-linux.so.2+0xf91a)
#4 0xb7edccb9  (/lib/ld-linux.so.2+0xcb9)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/ld-linux.so.2+0x11e83) in 
_dl_get_tls_static_info
==28204==ABORTING

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 4.15.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages tome depends on:
ii  libasan4   7.3.0-5
ii  libboost-filesystem1.62.0  1.62.0+dfsg-5
ii  libboost-system1.62.0  1.62.0+dfsg-5
ii  libc6  2.27-1
ii  libgcc11:8-20180218-1
ii  libjansson42.11-1
ii  libncurses56.1-1
ii  libsdl-image1.21.2.12-8
ii  libsdl-ttf2.0-02.0.11-4
ii  libsdl1.2debian1.2.15+dfsg2-0.1
ii  libstdc++6 8-20180218-1
ii  libtinfo5  6.1-1
ii  libubsan0  7.3.0-5
ii  libx11-6   2:1.6.4-3
ii  libxext6   2:1.3.3-1+b2

tome recommends no packages.

tome suggests no packages.

-- no debconf information

Bug#892760: antlr3: FTBFS with Java 9

[Tiago Daitx]

After reviewing this again I found out that the problem is caused by
the direct calling of javadoc's jar goal - note that this is specific
to cdbs, antlr4 relies on dh and calls the 3 goals "package
javadoc:jar javadoc:aggregate" together, which causes generate-sources
to be run before both javadoc goals.

When direct calling a goal, maven won't have a phase/lifecycle
associated to it, thus it won't activate any other plugins except for
the ones in the command line.

For antlr3 this causes a problem because javadoc:jar won't be able to
add the generated sources paths from antlr to javadoc's option
'sourcepath' as well as fail to properly accounting for the
org.antlr.gunit.swingui.parsers package.

Without the antlr3:antlr goal, javadoc:jar will set sourcepath as
'/build/antlr3/antlr3-3.5.2/gunit/src/main/java',
while if the antlr3:antlr goal is run before javadoc's goals the
sourcepath is set as
'/build/antlr3/antlr3-3.5.2/gunit/src/main/java:/build/antlr3/antlr3-3.5.2/gunit/target/generated-sources/antlr3'

And easy fix is to add generate-sources to the DEB_MAVEN_DOC_TARGET in
debian/rules, as such:
-DEB_MAVEN_DOC_TARGET := javadoc:jar javadoc:aggregate
+DEB_MAVEN_DOC_TARGET := generate-sources javadoc:jar javadoc:aggregate

thanks

-- 
Tiago Stürmer Daitx
Software Engineer
tiago.da...@canonical.com

PGP Key: 4096R/F5B213BE (hkp://keyserver.ubuntu.com)
Fingerprint = 45D0 FE5A 8109 1E91 866E  8CA4 1931 8D5E F5B2 13BE

Bug#892870: pleaes create bts-link@l.d.o

[Sandro Tosi]

Package: lists.debian.org
Severity: wishlist

Hello,
currently bts-link has 3 mailing lists on alioth

1. -commit, which can die whenever alioth will be deco'ed
2. -devel, for the development (and Debian BTS processing messages)
3. -upstream, for allow upstream to communicate with us + msgs we sent to the
   Debian BTS

we would like to create a single bts-link@l.d.o to merge 2. and 3. in it; we
noticed thru the years there isn't much traffic/difference in the 2 mailing
lists to justify a separation, but we do think it's important to provide a place
where external BTS admins can contact us for questions (it has happened).

We would like to preserve the archive of the 2 mls and merge them, but they date
back more than 12 years, so the requirements to scan for spam before uploading
them is really heavy - can it be lifted?

thanks,
sandro (bts-link admin)

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#892869: [sdcc] Please package new upstream version

[Bastien ROUCARIÈS]

Package: sdcc
Version: 3.5.0+dfsg-2+b1
Severity: wishlist

Could you please package the new upstream version ?

I could add myself as a maint (I am a dd) if needed

Thanks 

bastien

signature.asc
Description: This is a digitally signed message part.

Bug#892868: [libpreludedb] ax_lib_postgresql.m4 is fixed

[Bastien ROUCARIÈS]

Package: libpreludedb
Severity: important

Hi,

I have just fixed this on autoconf-archive.

So you need to built depends on autoconf-archive (>=20170928-2), and exec 
aclocal -I m4 --force

signature.asc
Description: This is a digitally signed message part.

Bug#892121: libxml-saxon-xslt2-perl FTBFS with libsaxonhe-java 9.8.0.8+dfsg+1-1

[gregor herrmann]

On Mon, 05 Mar 2018 21:54:43 +0200, Adrian Bunk wrote:

> Source: libxml-saxon-xslt2-perl
> Version: 0.010-2
> Severity: serious
> Tags: buster sid
> 
> https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/libxml-saxon-xslt2-perl.html

> PERL_DL_NONLAZY=1 "/usr/bin/perl" "-MExtUtils::Command::MM" "-MTest::Harness" 
> "-e" "undef *Test::Harness::Switches; test_harness(1, 'blib/lib', 
> 'blib/arch')" t/*.t
> Use of uninitialized value $home in string ne at /usr/share/perl5/Inline.pm 
> line 1352,  line 1.
> 
> A problem was encountered while attempting to compile and install your Inline
> Java code. The command that failed was:
>   "/usr/lib/jvm/default-java/bin/javac" -deprecation  -d 
> "/build/1st/libxml-saxon-xslt2-perl-0.010/_Inline/lib/auto/XML/Saxon/XSLT2_dbc0"
>  Transformer.java > cmd.out 2>&1
> 
> The build directory was:
> /build/1st/libxml-saxon-xslt2-perl-0.010/_Inline/build/XML/Saxon/XSLT2_dbc0
> 
> The error message was:
> Transformer.java:181: error: constructor Serializer in class Serializer 
> cannot be applied to given types;
>   Serializer out = new Serializer();
>^
>   required: Processor
>   found: no arguments
>   reason: actual and formal argument lists differ in length
> Note: Transformer.java uses unchecked or unsafe operations.
> Note: Recompile with -Xlint:unchecked for details.
> 1 error

Oh nice, a Java problem in a Perl module.

Looks like the constructor of Serializer() chhanged somehow in
libsaxonhe-java 9.8. I hope that the Java guys know better than me
what needs to be changed :)

The Java-code-embedded-in-Perl starts at
https://salsa.debian.org/perl-team/modules/packages/libxml-saxon-xslt2-perl/blob/master/lib/XML/Saxon/XSLT2.pm#L350
the error happens in line
https://salsa.debian.org/perl-team/modules/packages/libxml-saxon-xslt2-perl/blob/master/lib/XML/Saxon/XSLT2.pm#L531


Cheers,
gregor

-- 
 .''`.  https://info.comodo.priv.at -- Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
   `-   NP: Lenny Kravitz: Are You Gonna Go My Way


signature.asc
Description: Digital Signature

Bug#892863: [pkg-php-pear] Bug#892863: php-markdown: please package new version 1.8.0

[Florian Schlichting]

Hi Martin,

> Dear Florian, please package the new version 1.8.0.
> It is a requirement for movim-pod (#858367).

if you're going ahead with movim, please take over php-markdown
maintenance and close #886184 ("php-apigen/php-markdown is going away")

Florian

Bug#890878: RFS: company-irony

[Nicholas D Steeves]

Hi Alberto,

On Thu, Mar 08, 2018 at 05:10:13PM +0100, Alberto Luaces wrote:
> Thanks again, Nicholas:

You're welcome :-)

> Nicholas D Steeves writes:
> 
> > W: company-irony source: out-of-date-standards-version 4.1.1 (current is 
> > 4.1.3)
> 
> Ok.  Upgraded to 4.1.3 while checking that it complains with the Policy
> upgrades: basically none of them applied, except for the Vcs-* one, that
> this package is already compliant with.

Nice, that's exactly how it's done.

> > I: company-irony source: testsuite-autopkgtest-missing
> 
> This is N/A, I think.

It's not required at this point in time, but someday it's possible
that self tests will be required.  Dh_elpa_test runs the tests as part
of a package build, and autopkgtest is a framework that automates
testing of packages in a container or virtual machine.  Because this
is Informational level lint it's not high priority for Lintian, but if
you ever want to write a test that gets an company-irony autocompleted
list for something, and then compares that against the expected list,
in the expected order.  Tests that provide assurances it won't do
hilarious/embarrassing autocompletion like cell phones do.  A Nice to
have, later, if you have time and find the challenge interesting ;-)

> > W: elpa-company-irony: new-package-should-close-itp-bug
> 
> Now I have a number assigned.

Thank you.

> > I: elpa-company-irony: extended-description-is-probably-too-short
> 
> Ok.  Rephrased.

I'll reply to points relating to the description with a couple of
comments later.

Because for now the most pressing issue is that it doesn't initialise
properly...

  Company backend 'company-clang' could not be initialized:
  Company found no clang executable

This was both with no configuration (and M-x company-mode), and with
following upstream's README in a clean sid chroot.  I opened a random
cpp from kdeconnect to test.  I suspect a documentation of
configuration issue because I would have expected company-irony to
load rather than company-clang...but it's possibly a bug.

Please let me know how you made company-irony work.

Cheers,
Nicholas


signature.asc
Description: PGP signature

Bug#892867: please create reportbug@l.d.o

[Sandro Tosi]

Package: lists.debian.org
Severity: wishlist

Hello,
we would like to ask for the creation of reportbug@l.d.o . this is to replace
the email we use as maintainer of reportbug in preparation for alioth deco.

I'm not sure i would like to share the current subscribers list on a public bug
report, but it may also be a good moment to "clean up" that list: this bug is
CC'ed to reportbug-maint@l.a.d.o and i'll send there an email once we migrate.

we would also very much like to keep the archive, but that goes back to Jun
2008, so the requirement of reviewing the archive for spam is quite heavy - any
chance you can lift that?

thanks,
Sandro (reportbug maint)

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#892866: RM: web2py -- RoQA; Unmaintained, license issues, security-buggy

[Moritz Muehlenhoff]

Package: ftp.debian.org
Severity: normal

Last upload in 2015, many open security issues, not in stable, dropped from 
testing for
over a year now and has open license issues which aren't even followed up upon 
since
1.5 years (#842303)

Cheers,
Moritz

Bug#892865: CVE-2017-11428

[Moritz Muehlenhoff]

Package: ruby-saml
Severity: grave
Tags: security

https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations

Bug#892864: CVE-2017-11430

[Moritz Muehlenhoff]

Package: ruby-omniauth-saml
Severity: grave
Tags: security

https://github.com/omniauth/omniauth-saml/issues/156
https://github.com/omniauth/omniauth-saml/pull/157
https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
https://www.kb.cert.org/vuls/id/475445

Cheers,
Moritz

Bug#892863: php-markdown: please package new version 1.8.0

[W. Martin Borgert]

Package: php-markdown
Version: 1.6.0-2

Dear Florian, please package the new version 1.8.0.
It is a requirement for movim-pod (#858367).

Bug#892862: Please package version >= 1.2.0

[Thomas Goirand]

Package: puppet-module-puppetlabs-apache
Severity: normal

Hi,

I'd like to upgrade the puppet-openstack packages in Debian, and for this, I
need puppet-module-puppetlabs-apache >= 1.2.0. Please upgrade your package.

Cheers,

Thomas Goirand (zigo)

Bug#892861: libglm-dev: removal of default type initialization breaking packages

[Andrew Caudwell]

Package: libglm-dev
Version: 0.9.9~a2-1
Severity: important

Dear Maintainer,

The packaged version of GLM, 0.9.9~a2 is an alpha (the current release is still
0.9.8.5) and removes the default initialization of vector, matrix and
quaternion types. Because of this code written against any earlier versions of
GLM may now have uninitialized value bugs introduced by this change (e.g. where
GLM types are member variables of a class) or now behave differently (mat4()
previously gave you an identity matrix, now this gives you a zero'd matrix).
Several issues have been raised upstream (including by myself) to re-add
initialization or at least make it optional.

This is the commit that introduced the change:

https://github.com/g-truc/glm/commit/4cf8a10af2bba678c2ad136006e6ec41118b6746

Additionally the requirement in this version to define GLM_ENABLE_EXPERIMENTAL
to use simple functions like length2() has broken multiple packages. I have put
off fixing this since making it compile just exposes the user to the
uninitialized value bugs. Unfortunately this has now meant my gource and
logstalgia debian packages have been removed from debian since they don't
complile with this GLM version.

Related upstream issues:

https://github.com/g-truc/glm/issues/740
https://github.com/g-truc/glm/issues/735
https://github.com/g-truc/glm/issues/732

IMO the ideal solution would be for 0.9.8.5 to be packaged instead, or at the
very least revert the initialization change.

I believe 0.9.9~a2 was originally packaged as it included an upstream fix to
compile with GCC 7.3. Some other distros have instead patched 0.9.8.5:

https://gitweb.gentoo.org/repo/gentoo.git/diff/media-
libs/glm?id=1e45f7cd1dfa04ef4b89eb453df04b62ee432425



-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_NZ:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- no debconf information

Bug#892860: python-paramiko: please accommodate pre-GSSException python-gssapi

[Aaron M. Ucko]

Package: python-paramiko
Version: 2.4.0-1
Severity: important
Tags: upstream

[python-gssapi maintainer X-Debbugs-Cc:ed]

Hi, Jeremy.

Attempting to import paramiko when python(3)-gssapi is also installed
now fails with an AttributeError:

  >>> import paramiko
  Traceback (most recent call last):
File "", line 1, in 
File "/usr/lib/python2.7/dist-packages/paramiko/__init__.py", line 22, in 

  from paramiko.transport import SecurityOptions, Transport
File "/usr/lib/python2.7/dist-packages/paramiko/transport.py", line 38, in 

  from paramiko.auth_handler import AuthHandler
File "/usr/lib/python2.7/dist-packages/paramiko/auth_handler.py", line 48, 
in 
  from paramiko.ssh_gss import GSSAuth, GSS_EXCEPTIONS
File "/usr/lib/python2.7/dist-packages/paramiko/ssh_gss.py", line 54, in 

  GSS_EXCEPTIONS = (gssapi.GSSException,)
  AttributeError: 'module' object has no attribute 'GSSException'

ssh_gss.py evidently accommodates the possibility that the gssapi module
is absent altogether, but not that it is present but incompatible.  I
initially considered suggesting arranging to set

GSS_EXCEPTIONS = (gssapi.exceptions.GSSError, gssapi.exceptions.GeneralError)

in this case, but it looks like there may be deeper incompatibilities,
so it would probably be more prudent to punt altogether on
AttributeError, as already done for other specific exception types.

Also, you probably ought to version the suggestion on python-gssapi, but
I'm not sure what the minimum should be.  (1.4.1 is current, but for all
I know 1.3.x is new enough.)

Could you please take a look?

Thanks!

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable'), (300, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, x32

Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages python-paramiko depends on:
ii  python   2.7.14-4
ii  python-bcrypt3.1.4-2
ii  python-cryptography  2.1.4-1
ii  python-nacl  1.1.2-1+b1
ii  python-pyasn10.4.2-3

python-paramiko recommends no packages.

Versions of packages python-paramiko suggests:
ii  python-gssapi  1.2.0-1+b2

-- no debconf information

Bug#892725: RFS: spacefm/1.0.6-1

[Adrian Bunk]

Control: owner -1 !
Control: tags -1 moreinfo

On Mon, Mar 12, 2018 at 10:58:19AM +0100, Mateusz Łukasik wrote:
>...
>   Changes since the last upload:
>   * New upstream release. (Closes: #892054)
> + Drop all patches included upstream.
>   * debian/control:
> + Bump debhelper version to 11.
> + Bump to Standards-Version to 4.1.3.
> + Add e2fsprogs to depends. (Closes: #887177 #887257)
>   * debian/patches:
> + Add drop-gnome-common-macros.patch to drop deprecated gnome-common
> macros/variables. (Closes: #830003)
>   * Update debian/copyright.
>   * Drop changes from Ubuntu - fixed upstream.
>   * Drop postinst script and clean postrm. (Closes: #860846)

Looks good, except for two problems with 
a790d3f0f665601a873a50e350bbf684bdf1ac04.patch:

1. The patch is not mentioned in the changelog.

2. A git commit id is not a good patch name.
This makes it impossible to see what is in a patch.
"git format-patch -1 " is a good option for
getting a properly named patch.


>   Regards,
>Mateusz Łukasik

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#892159: unattended-upgrades: Reboots with user logged in with Unattended-Upgrade::Automatic-Reboot-WithUsers "false"

[Bálint Réczey]

Hi Colin,

2018-03-07 11:17 GMT+01:00 Colin 't Hart :
> colin@quokka:~$ apt-config dump |grep Users
> Unattended-Upgrade::Automatic-Reboot-WithUsers "false";
> colin@quokka:~$
>
> I logged in from another PC and ran /usr/bin/users, it showed "colin
> colin" as output, so that seems OK.

A timed check that runs when the screensaver is running would be more
convincing.

Cheers,
Balint

>
> /Colin
>
> On 6 March 2018 at 11:26, Bálint Réczey  wrote:
>> Control: tags -1 moreinfo
>>
>> Hi Colin,
>>
>> 2018-03-06 10:33 GMT+01:00 Colin 't Hart :
>>> Package: unattended-upgrades
>>> Version: 0.93.1+nmu1
>>> Severity: normal
>>>
>>> I have
>>> Unattended-Upgrade::Automatic-Reboot-WithUsers "false"
>>> in my /etc/apt/apt.conf.d/50unattended-upgrades
>>>
>>> I have noticed several times now when I arrive at my office in the morning 
>>> that my machine has rebooted even though I was logged in when I left the 
>>> evening before. I use a standard install of XFCE with its screen locker and 
>>> my screen was locked when I left.
>>
>> Could you please check the output of apt-config to be sure that the
>> configuration takes place?
>> $ apt-config dump |grep Users
>>
>> Could you please check if /usr/bin/users lists you when your system is 
>> locked?
>>
>> Cheers,
>> Balint

Bug#892858: resolvconf setting also ignored

[draeath]

The "resolvconf" parameter in /etc/dnssec-trigger/dnssec-trigger.conf
is also ignored. I set this to a bogus file, and found the bogus file
was not created, and the existing resolv.conf was replaced.

It seems much of the configuration files don't match up with
implemented functionality.

Bug#892859: paramiko: CVE-2018-7750: Server implementation does not check for auth before serving later requests

[Salvatore Bonaccorso]

Source: paramiko
Version: 1.15.1-1
Severity: grave
Tags: security upstream
Forwarded: https://github.com/paramiko/paramiko/issues/1175

Hi,

the following vulnerability was published for paramiko.

CVE-2018-7750[0]:
| transport.py in the SSH server implementation of Paramiko before
| 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5,
| 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not
| properly check whether authentication is completed before processing
| other requests, as demonstrated by channel-open. A customized SSH
| client can simply skip the authentication step.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-7750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7750
[1] https://github.com/paramiko/paramiko/issues/1175

Regards,
Salvatore

Bug#892858: dnssec-trigger: only first defined search domain added to resolv.conf, domain ignored entirely

[Paul Bransford]

Package: dnssec-trigger
Version: 0.13-6
Severity: important

Two (related) problems I have identified with dnssec-triggerd:
1. only the first defined search domain is added to resolv.conf
2. the domain itself is absent from the resolv.conf entirely

Below information and output has some text redacted/replaced to avoid
exposing internal network configuration details via a public bug report,
and clarity.

-- Related configuration changes from package defaults
  /etc/dnssec.conf
set_search_domains=yes
  /etc/dnssec-trigger/dnssec-trigger.conf
domain: "zone0.example.com"
search: "zone1.example.com zone2.example.com zone3.example.com"
  /etc/NetworkManager/NetworkManager.conf
[main]
dns=unbound
  /etc/unbound/unbound.conf.d/99-custom.conf
# various server and forward-zone settings
# I do *not* have (or want) global forwarders

-- Generated resolv.conf
  # Generated by dnssec-trigger-script
  nameserver 127.0.0.1
  search zone1.example.com

-- Desired resolv.conf
  nameserver 127.0.0.1
  domain zone0.example.com
  search zone1.example.com zone2.example.com zone3.example.com

-- journalctl output for dnssec-triggerd
  systemd[1]: Starting Reconfigure local DNSSEC resolver on connectivity 
changes...
  dnssec-trigger-script[5784]: Backing up /etc/resolv.conf as 
/run/dnssec-trigger/resolv.conf.backup...
  dnssec-trigger-script[5784]: Cannot back up '/etc/resolv.conf' as 
'/run/dnssec-trigger/resolv.conf.backup': No such file or directory
  dnssec-triggerd[5789]: [5789] info: dnssec-trigger 0.13 start
  dnssec-triggerd[5789]: Search domains: zone1.example.com
  dnssec-triggerd[5789]: [5789] error: http_probe_create_get: Network is 
unreachable
  dnssec-triggerd[5789]: [5789] error: http_probe_create_get: Network is 
unreachable
  dnssec-triggerd[5789]: [5789] error: http_probe_create_get: Network is 
unreachable
  dnssec-trigger-script[5790]: Global forwarders: REDACTED REDACTED
  dnssec-triggerd[5789]: [5789] error: http_probe_create_get: Network is 
unreachable
  dnssec-triggerd[5789]: [5789] error: http_probe_create_get: Network is 
unreachable
  dnssec-triggerd[5789]: [5789] error: http_probe_create_get: Network is 
unreachable
  dnssec-triggerd[5789]: ok
  dnssec-triggerd[5789]: Search domains: zone1.example.com
  dnssec-trigger-script[5790]: Connection provided zone 'zone1.example.com' 
(validated): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone 'c.f.ip6.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone 'd.f.ip6.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '168.192.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '16.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '17.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '18.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '19.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '20.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '21.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '22.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '23.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '24.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '25.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '26.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '27.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '28.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '29.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '30.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '31.172.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  dnssec-trigger-script[5790]: Connection provided zone '10.in-addr.arpa' 
(insecure): REDACTED, REDACTED
  systemd[1]: Started Reconfigure local DNSSEC resolver on connectivity changes.

-- follows is reportbug included information --

-- System Information:
Debian Release: 9.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-6-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) 

Bug#890786: Question about adding autopkgtest for coils (#890786)

[Andreas Tille]

Hi Liubov,

On Tue, Mar 13, 2018 at 08:18:15PM +, Liubov Chuprikova wrote:
>
> I have just added an autopkgtest to *coils* (commit
> ).

Thanks a lot.

> Could you, please,  take a look at it and help me with a few questions I
> have about the process:
>
>1. I noticed that tests usually try to run a program using test data
>from a package and check for errors. There was one in *coils*
>available and I used it in my autopkgtest.

Very sensible.

>Is it enough to check that
>the program runs without errors or it would be preferable to check if the
>output is correct (there is a sample output in *coil's* Readme)?

We try to test as best as possible.  In other words: Comparing with a
known expected output would be better than just running the program.

>2. Was I right by indicating "Team upload" in *debian/changelog* or it
>should be NMU?

Team upload is perfect.

>3. What would be my next step? Should I find a sponsor?

I'll sponsor the package once you implemented the comparison you
mentioned above.

> I would really appreciate any feedback you can give me.

Thanks a lot for your work on this test.  You have proven that you
understood how this works.  I commited another change with the commit
description

Install run-unit-test in user visible doc directory to enable
users reproducing the test on their local machine and add
README.test to explain how this works.

That's cosmetics but I consider this an interesting feature for our
users.

Kind regards

  Andreas.

-- 
http://fam-tille.de

Bug#890786: Question about adding autopkgtest for coils (#890786)

[Liubov Chuprikova]

Sorry, I've just realized that I've forgotten to specify the subject.

вт, 13 мар. 2018 г. в 20:26, Liubov Chuprikova :

> Hi Andreas,
>
> I have just added an autopkgtest to *coils* (commit
> ).
> Could you, please,  take a look at it and help me with a few questions I
> have about the process:
>
>1. I noticed that tests usually try to run a program using test data
>from a package and check for errors. There was one in *coils*
>available and I used it in my autopkgtest. Is it enough to check that
>the program runs without errors or it would be preferable to check if the
>output is correct (there is a sample output in *coil's* Readme)?
>2. Was I right by indicating "Team upload" in *debian/changelog* or it
>should be NMU?
>3. What would be my next step? Should I find a sponsor?
>
> I would really appreciate any feedback you can give me.
>
> Thank you,
> Liubov
>

Bug#891364: Please update to latest polaris11 files

[Eduard Bloch]

Package: firmware-amd-graphics
Version: 20170823-1
Followup-For: Bug #891364

The package is still not uptodate, latest version of polaris11 firmware
are also missing. Mind the files with _2 in the filename! They are
listed on
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/amdgpu
but are not part of the Debian package.

Would you accept my help here? Even NMU?

[6.352463] amdgpu :01:00.0: firmware: failed to load 
amdgpu/polaris11_pfp_2.bin (-2)
[6.352465] amdgpu :01:00.0: Direct firmware load for 
amdgpu/polaris11_pfp_2.bin failed with error -2
[6.353842] amdgpu :01:00.0: firmware: direct-loading firmware 
amdgpu/polaris11_pfp.bin
[6.353856] amdgpu :01:00.0: firmware: failed to load 
amdgpu/polaris11_me_2.bin (-2)
[6.353857] amdgpu :01:00.0: Direct firmware load for 
amdgpu/polaris11_me_2.bin failed with error -2
[6.354361] amdgpu :01:00.0: firmware: direct-loading firmware 
amdgpu/polaris11_me.bin
[6.354375] amdgpu :01:00.0: firmware: failed to load 
amdgpu/polaris11_ce_2.bin (-2)
[6.354376] amdgpu :01:00.0: Direct firmware load for 
amdgpu/polaris11_ce_2.bin failed with error -2
[6.354787] amdgpu :01:00.0: firmware: direct-loading firmware 
amdgpu/polaris11_ce.bin
[6.355319] amdgpu :01:00.0: firmware: direct-loading firmware 
amdgpu/polaris11_rlc.bin
[6.355332] amdgpu :01:00.0: firmware: failed to load 
amdgpu/polaris11_mec_2.bin (-2)
[6.355332] amdgpu :01:00.0: Direct firmware load for 
amdgpu/polaris11_mec_2.bin failed with error -2

Regards,
Eduard.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

firmware-amd-graphics depends on no packages.

firmware-amd-graphics recommends no packages.

Versions of packages firmware-amd-graphics suggests:
ii  initramfs-tools  0.130

-- no debconf information

-- 
 trillian  hier passiert nichtmal was beim /hop
 und bei /quit
-!- huersch [n=huer...@p548c67d0.dip.t-dialin.net] has quit []

Bug#785651: glibc: test run times out on ci.debian.net; maybe don't force a build every time

[Paul Gevers]

On Mon, 18 May 2015 15:47:34 -0300 Antonio Terceiro
 wrote:
> The glibc test runs times out at ci.debian.net after running for ~3h,
> apparently since they were introduced:
> https://ci.debian.net/packages/g/glibc/unstable/amd64/

Is there any hope to have this fixed?

> I am blacklisting glibc for now, and will revisit that when this bug gets
> closed.

Soon, we want to use autopkgtest results to influence
unstable-to-testing migration. It would be a shame to have glibc missing.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#872543: apt does not honor trusted=yes from sources.list

[Dwayne Litzenberger]

Package: apt
Version: 1.4.8
Followup-For: Bug #872543

I saw a similar thing on one of my systems.  It looks like if the 
InRelease file is already downloaded, setting trusted=yes won't override 
the signature check.


Removing /var/lib/apt/lists/archive.cloudera.com_* and running apt 
update again seems to resolve this situation (without fixing the 
underlying bug).

Bug#892857: stretch-pu: package r-cran-mi/1.0-4+deb9u1

[Adrian Bunk]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

   * Add the missing dependency on r-cran-arm. (Closes: #877433)
diff -Nru r-cran-mi-1.0/debian/changelog r-cran-mi-1.0/debian/changelog
--- r-cran-mi-1.0/debian/changelog  2016-08-29 17:23:31.0 +0300
+++ r-cran-mi-1.0/debian/changelog  2018-03-13 21:53:01.0 +0200
@@ -1,3 +1,10 @@
+r-cran-mi (1.0-4+deb9u1) stretch; urgency=medium
+
+  * Non-maintainer upload.
+  * Add the missing dependency on r-cran-arm. (Closes: #877433)
+
+ -- Adrian Bunk   Tue, 13 Mar 2018 21:53:01 +0200
+
 r-cran-mi (1.0-4) unstable; urgency=medium
 
   * debian/copyright: completed; thanks Thorsten Alteholz
diff -Nru r-cran-mi-1.0/debian/control r-cran-mi-1.0/debian/control
--- r-cran-mi-1.0/debian/control2016-08-29 17:23:31.0 +0300
+++ r-cran-mi-1.0/debian/control2018-03-13 21:53:01.0 +0200
@@ -11,7 +11,7 @@
 
 Package: r-cran-mi
 Architecture: all
-Depends: ${R:Depends}, ${misc:Depends}
+Depends: ${R:Depends}, ${misc:Depends}, r-cran-arm
 Description: GNU R package for Missing Data Imputation and Model Checking -- mi
  The mi R package provides functions for data manipulation, imputing missing
  values in an approximate Bayesian framework, diagnostics of the models used to

Bug#892856: RFS: ncurses-hexedit/0.9.7+orig-3

[Carlos Maddela]

Package: sponsorship-requests
Severity: normal

  Dear mentors,

  I am looking for a sponsor for my package "ncurses-hexedit"

 * Package name: ncurses-hexedit
   Version : 0.9.7+orig-3
   Upstream Author : Adam Rogoyski 
 * URL : http://www.rogoyski.com/adam/programs/hexedit/
 * License : GPL-2.0+
   Section : editors

  It builds this binary package:

ncurses-hexedit - Edit files/disks in hex, ASCII and EBCDIC

  To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/ncurses-hexedit


  Alternatively, one can download the package with dget using this command:

dget -x 
https://mentors.debian.net/debian/pool/main/n/ncurses-hexedit/ncurses-hexedit_0.9.7+orig-3.dsc

  Changes since the last upload:

  * Enable LFS support for 32-bit architectures.
  * Fix buffer overruns when program is started without a file name
parameter from a terminal with a column width of less than 57
characters, or when the terminal is resized to such a width.
(Closes: #535848)


  Regards,
   Carlos Maddela

Bug#806420: debian-edu: test suite times out on ci.debian.net

[Paul Gevers]

On Fri, 27 Nov 2015 13:46:48 -0200 Antonio Terceiro
 wrote:
> On Fri, Nov 27, 2015 at 11:44:35AM +0100, Petter Reinholdtsen wrote:
> > [Antonio Terceiro]

>>> I am blacklisting debian-edu for now, and will revisit that when
>>> this bug is closed.>>
>> Sad to hear this.
>
> I'm not happy about it either, but right now the tests are broken 
> and the system can test hundreds or even thousands of packages during
> the time in which debian-edu would run and fail midway 100% of the
> time.
Any progress on this? We are on the verge of using autopkgtest results
for unstable-to-testing migration and missing debian-edu results seems
just like a shame.

If you want/need help to fix this bug, let me know and I'll try to have
a look.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#892855: Blake2bp_512 produces all zeros or segfaults

[Joey Hess]

Package: libghc-cryptonite-dev
Version: 0.23-2+b3
Severity: normal

{-# LANGUAGE OverloadedStrings, PackageImports #-}

import "cryptonite" Crypto.Hash
import Data.ByteString.Lazy

main = print $ blake foo
 where
blake :: ByteString -> Digest Blake2bp_512
blake = hashlazy
foo :: ByteString
foo = "foo"

When run in ghci, this program segfaults. When compiled with ghc and
run, it prints out a bunch of zeros which is not the correct hash.

I tried installing cryptonite-0.25 with cabal, and did not have the
problem with that build of the library.

Reproduced the problem on my Lenovo Yoga 710 laptop, and on a Linode
VPS, both running Debian unstable amd64.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libghc-cryptonite-dev depends on:
ii  ghc [libghc-integer-gmp-dev-1.0.0.1-b34f3]  8.0.2-11
ii  libc6   2.27-1
pn  libghc-base-dev-4.9.1.0-d28d6   
pn  libghc-bytestring-dev-0.10.8.1-45b2c
pn  libghc-deepseq-dev-1.4.2.0-fb727
ii  libghc-foundation-dev [libghc-foundation-dev-0.0.17-14e77]  0.0.17-1
pn  libghc-ghc-prim-dev-0.5.0.0-a46b8   
ii  libghc-memory-dev [libghc-memory-dev-0.14.11-1fadd] 0.14.11-1
ii  libgmp102:6.1.2+dfsg-2

libghc-cryptonite-dev recommends no packages.

Versions of packages libghc-cryptonite-dev suggests:
pn  libghc-cryptonite-doc   
pn  libghc-cryptonite-prof  

-- no debconf information

-- 
see shy jo


signature.asc
Description: PGP signature

Bug#892849: [3dprinter-general] Bug#892849: cura: Exception while launching cura

[Gregor Riepl]

> the sip module implements API v12.0 to v12.2 but the Arcus module requires 
> API v12.3

Can you give me the output of
dpkg-query -l libarcus3 python3-arcus python3-sip
?




signature.asc
Description: OpenPGP digital signature

Bug#892854: Hostname resolution getting stuck for many seconds

[Eduard Bloch]

Package: libnss-mdns
Version: 0.10-8
Severity: normal

Hi,

a few days ago I realized that something wrong is going on. The route
started freezing for no apparent reason, also ssh logins (which probably
include reverse hostname resolution) were stuck and even could timeout.

I figure that this might have to do something with unconventional
network interfaces being registered here.
Example with route:

Kernel-IP-Routentabelle
ZielRouter  Genmask Flags Metric RefUse Iface
default _gateway0.0.0.0 UG0  00 eth0
192.168.0.0 0.0.0.0 255.255.255.0   U 0  00 eth0

192.168.10.60.0.0.0 255.255.255.255 UH0  00 tap4

I checked the process with strace and saw something weird. My DNS was
accessed, was queried, it returned data, then the connection was closed
and then it started doing something with your library and THAT is where
it didn't continue anymore. So I removed your lib and it's all fine
again.

Details:

recvfrom(4, "3W\205\3\0\1\0\0\0\1\0\0\0016\00210\003168\003192\7in-add"..., 
1024, 0, {sa_family=AF_INET, sin_port=htons(53), 
sin_addr=inet_addr("8.8.8.8")}, [28->16]) = 93
close(4)= 0
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=291488, ...}) = 0
mmap(NULL, 291488, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7f59aec84000
close(4)= 0
access("/etc/ld.so.nohwcap", F_OK)  = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_mdns4.so.2", O_RDONLY|O_CLOEXEC) 
= 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\f\0\0\0\0\0\0"..., 
832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=10160, ...}) = 0
mmap(NULL, 2105360, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 
0x7f59ad724000
mprotect(0x7f59ad726000, 2093056, PROT_NONE) = 0
mmap(0x7f59ad925000, 8192, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x1000) = 0x7f59ad925000
close(4)= 0
mprotect(0x7f59ad925000, 4096, PROT_READ) = 0
munmap(0x7f59aec84000, 291488)  = 0
socket(AF_UNIX, SOCK_STREAM, 0) = 4
fcntl(4, F_GETFD)   = 0
fcntl(4, F_SETFD, FD_CLOEXEC)   = 0
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/avahi-daemon/socket"}, 110) = 0
fcntl(4, F_GETFL)   = 0x2 (flags O_RDWR)
fstat(4, {st_mode=S_IFSOCK|0777, st_size=0, ...}) = 0
write(4, "RESOLVE-ADDRESS 192.168.10.6\n", 29) = 29
read(4, ^C0x557ea9f505b0, 4096)   = ? ERESTARTSYS (To be restarted if 
SA_RESTART is set)

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- 
Eine Rechtsprechung, die an der grundsätzlichen Kriminalisierung von
Cannabis festhält, geht an medizinischen Erkenntnissen vorbei.
-- Ellis Huber

Bug#486541: Your Aliexpress needs to be verified !

[‪Aliexpress‬ ‪]

  

| 
| 
| 
| ALI EXPRESS |


| Your Aliexpress needs to be verified ! |


| Dear User,We noticed some strange activity in your AliexpressWe are always 
here to protect our customers Aliexpress.
We believe that there are some strange activity in your AliexpressWe have 
temporarily locked your AliexpressPlease continue to your Aliexpress by 
clicking the button below to verify it. |


| 
| 
| Confirm your Aliexpress |

 |

 |


| Your Aliexpress will remain locked until you verify it |

 |

 |

 |



   

   

   

   

   

   

Bug#892853: stretch-pu: package wicd/1.7.4+tb2-5~deb9u1

[Adrian Bunk]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

  * Replace dependencies on "net-tools | ethtool" and "net-tools |
iproute2" in wicd-daemon with a hard dependency on net-tools and
suggesting ethtool and iproute2 in python-wicd. Thanks to Neels
Hofmeyr for the bug report. (Closes: #881225)
diff -Nru wicd-1.7.4+tb2/debian/changelog wicd-1.7.4+tb2/debian/changelog
--- wicd-1.7.4+tb2/debian/changelog 2017-05-28 23:20:00.0 +0300
+++ wicd-1.7.4+tb2/debian/changelog 2018-03-13 21:38:29.0 +0200
@@ -1,3 +1,23 @@
+wicd (1.7.4+tb2-5~deb9u1) stretch; urgency=medium
+
+  * Non-maintainer upload.
+  * Rebuild for stretch.
+
+ -- Adrian Bunk   Tue, 13 Mar 2018 21:38:29 +0200
+
+wicd (1.7.4+tb2-5) unstable; urgency=medium
+
+  * Add location of Debian derivatives patches in debian/README.source.
+  * Declare compliance with Debian Policy 4.1.1.
++ Switch DEP5 copyright format URL to HTTPS.
+  * Replace dependencies on "net-tools | ethtool" and "net-tools |
+iproute2" in wicd-daemon with a hard dependency on net-tools and
+suggesting ethtool and iproute2 in python-wicd. Thanks to Neels
+Hofmeyr for the bug report. (Closes: #881225)
+  * Switch bugs.debian.org URLs in DEP3 headers to HTTPS and short form.
+
+ -- Axel Beckert   Sat, 11 Nov 2017 00:18:14 +0100
+
 wicd (1.7.4+tb2-4) unstable; urgency=medium
 
   [ Axel Beckert ]
diff -Nru wicd-1.7.4+tb2/debian/control wicd-1.7.4+tb2/debian/control
--- wicd-1.7.4+tb2/debian/control   2017-05-08 01:41:25.0 +0300
+++ wicd-1.7.4+tb2/debian/control   2017-11-11 00:37:34.0 +0200
@@ -10,7 +10,7 @@
 Build-Depends-Indep: gettext,
  po-debconf,
  python-babel
-Standards-Version: 3.9.8
+Standards-Version: 4.1.1
 Homepage: https://launchpad.net/wicd
 Vcs-Browser: https://anonscm.debian.org/cgit/pkg-wicd/wicd.git
 Vcs-Git: https://anonscm.debian.org/git/pkg-wicd/wicd.git
@@ -44,8 +44,6 @@
  dhcpcd5 | isc-dhcp-client | pump | udhcpc,
  iputils-ping | inetutils-ping,
  lsb-base (>= 3.2-13),
- net-tools | ethtool,
- net-tools | iproute2,
  psmisc,
  python-dbus,
  python-gobject,
@@ -151,7 +149,10 @@
 Architecture: all
 Section: python
 Depends: ${misc:Depends},
- ${python:Depends}
+ ${python:Depends},
+ net-tools
+Suggests: ethtool,
+  iproute2
 Breaks: wicd (<< 1.7.0~a3)
 Replaces: wicd (<< 1.7.0~a3)
 Description: wired and wireless network manager - Python module
diff -Nru wicd-1.7.4+tb2/debian/copyright wicd-1.7.4+tb2/debian/copyright
--- wicd-1.7.4+tb2/debian/copyright 2016-05-24 00:24:47.0 +0300
+++ wicd-1.7.4+tb2/debian/copyright 2017-11-11 00:37:26.0 +0200
@@ -1,4 +1,4 @@
-Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0
 Source: https://launchpad.net/wicd/+download
 
 Files: *
diff -Nru wicd-1.7.4+tb2/debian/patches/26-support_etc-network_scripts.patch 
wicd-1.7.4+tb2/debian/patches/26-support_etc-network_scripts.patch
--- wicd-1.7.4+tb2/debian/patches/26-support_etc-network_scripts.patch  
2016-05-24 00:24:47.0 +0300
+++ wicd-1.7.4+tb2/debian/patches/26-support_etc-network_scripts.patch  
2017-11-11 00:31:52.0 +0200
@@ -1,6 +1,6 @@
 From: David Paleino 
 Subject: support /etc/network/ hierarchy for connection scripts
-Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579497
+Bug-Debian: https://bugs.debian.org/579497
 Forwarded: no
 
 ---
diff -Nru wicd-1.7.4+tb2/debian/patches/32-prefer_gksu.patch 
wicd-1.7.4+tb2/debian/patches/32-prefer_gksu.patch
--- wicd-1.7.4+tb2/debian/patches/32-prefer_gksu.patch  2016-05-24 
00:24:47.0 +0300
+++ wicd-1.7.4+tb2/debian/patches/32-prefer_gksu.patch  2017-11-11 
00:32:01.0 +0200
@@ -1,6 +1,6 @@
 From: David Paleino 
 Subject: prefer gksu over gksudo, fixes weird behaviour on some systems
-Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575403
+Bug-Debian: https://bugs.debian.org/575403
 Forwarded: no
 
 ---
diff -Nru wicd-1.7.4+tb2/debian/README.source 
wicd-1.7.4+tb2/debian/README.source
--- wicd-1.7.4+tb2/debian/README.source 2017-05-24 22:36:58.0 +0300
+++ wicd-1.7.4+tb2/debian/README.source 2017-07-27 02:20:44.0 +0300
@@ -15,6 +15,8 @@
   https://github.com/dpaleino/wicd/pulls
 * openSUSE:
   https://build.opensuse.org/package/show/home:msalle:extras/wicd
+* Debian derivatives, including Ubuntu:
+  http://deriv.debian.net/patches/w/wicd/
 
 Bug reports with patches
 
@@ -23,4 +25,4 @@
 * Ubuntu:
   https://bugs.launchpad.net/ubuntu/+source/wicd/+bugs?field.tag=patch
 
- -- Axel Beckert , Wed, 24 May 2017 21:36:58 +0200
+ -- Axel Beckert , Thu, 27 

Bug#892851: openjdk-9: hppa port

[Emilio Pozuelo Monfort]

Source: openjdk-9
Severity: important
User: debian-...@lists.debian.org
Usertags: gcj-rm

Hi,

Since GCJ is being removed, that will leave hppa without Java. Thus
it becomes increasingly important to port OpenJDK to hppa. Cc'ing
the hppa list so they know about this and can take a look.

Emilio

Bug#892852: openjdk-9: hurd port

[Emilio Pozuelo Monfort]

Source: openjdk-9
Severity: important
User: debian-...@lists.debian.org
Usertags: gcj-rm

Hi,

Since GCJ is being removed, that will leave hurd without Java. Thus
it becomes increasingly important to port OpenJDK to hurd. Cc'ing
the hurd list so they know about this and can take a look.

Emilio

Bug#870258: GCC 7 related library transitions

[Emilio Pozuelo Monfort]

On 13/03/18 10:25, Matthias Klose wrote:
> On 13.03.2018 09:38, Emilio Pozuelo Monfort wrote:
>> On 03/03/18 10:59, Emilio Pozuelo Monfort wrote:
>>> As you can see it's a bunch of packages building with gcc-6 & g++-6. They 
>>> probably
>>> need new upstream versions that support GCC 7. The only exception is 
>>> libpam-script
>>> build-depending on libgfortran3 for no apparent good reason. I filed 
>>> #889876 for that.
>>
>> I filed bugs for these:
>>
>> https://bugs.debian.org/cgi-bin/pkgreport.cgi?users=debian-...@lists.debian.org;tag=gcc-6-rm
>>
>>> As for the GCJ removal, I crafted this list of binary packages. This is 
>>> running
>>> for sid, so it catches more stuff.
>>
>>> Some things here need to be updated to use openjdk or default-jdk, e.g. 
>>> kamailio, pdftk, libidn...
>>> Other things likely need to be removed since GCJ is no more, e.g. ant-gcj, 
>>> ecj-gcj...
>>
>> And for these:
>>
>> https://bugs.debian.org/cgi-bin/pkgreport.cgi?users=debian-...@lists.debian.org;tag=gcj-rm
> 
> Please could you extend the latter with bug reports where
> default-jdk/default-jre is going to away altogether because it's provided by
> gcj?  Things like db5.3 come to my mind ...

default-{jdk,jre} are provided by gcj on hurd and hppa. Worst case we'll have to
remove it and the rdeps on those architectures, but I'll open bugs against
openjdk-9 with a Cc for the porters in case they can take a look at it.

Emilio

Bug#892850: libapache2-mod-php7.0 setting up blank /etc/apache2/mods-available/ files on install

[Jason Bugler]

Package: libapache2-mod-php7.0
Version: 7.0.27-0+deb9u1
Severity: minor

Dear Maintainer,

Installing libapache2-mod-php7.0 via apt generates blank configuration files for
apache2:

/etc/apache2/mods-available/php7.0.conf
/etc/apache2/mods-available/php7.0.load

.conf should include:

FilesMatch ".+\.ph(p[3457]?|t|tml)$">
SetHandler application/x-httpd-php


.load should include:

LoadModule php7_module /usr/lib/apache2/modules/libphp7.0.so


-- Package-specific info:
 Additional PHP 7.0 information 

 PHP 7.0 SAPI (php7.0query -S): 

 PHP 7.0 Extensions (php7.0query -M -v): 

 Configuration files: 
[PHP]
engine = On
short_open_tag = Off
precision = 14
output_buffering = 4096
zlib.output_compression = Off
implicit_flush = Off
unserialize_callback_func =
serialize_precision = 17
disable_functions = 
pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
disable_classes =
zend.enable_gc = On
expose_php = Off
max_execution_time = 30
max_input_time = 60
memory_limit = 128M
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
display_errors = Off
display_startup_errors = Off
log_errors = On
log_errors_max_len = 1024
ignore_repeated_errors = Off
ignore_repeated_source = Off
report_memleaks = On
track_errors = Off
html_errors = On
variables_order = "GPCS"
request_order = "GP"
register_argc_argv = Off
auto_globals_jit = On
post_max_size = 8M
auto_prepend_file =
auto_append_file =
default_mimetype = "text/html"
default_charset = "UTF-8"
doc_root =
user_dir =
enable_dl = Off
file_uploads = On
upload_max_filesize = 2M
max_file_uploads = 20
allow_url_fopen = On
allow_url_include = Off
default_socket_timeout = 60
[CLI Server]
cli_server.color = On
[Date]
[filter]
[iconv]
[intl]
[sqlite3]
[Pcre]
[Pdo]
[Pdo_mysql]
pdo_mysql.cache_size = 2000
pdo_mysql.default_socket=
[Phar]
[mail function]
SMTP = localhost
smtp_port = 25
mail.add_x_header = On
[SQL]
sql.safe_mode = Off
[ODBC]
odbc.allow_persistent = On
odbc.check_persistent = On
odbc.max_persistent = -1
odbc.max_links = -1
odbc.defaultlrl = 4096
odbc.defaultbinmode = 1
[Interbase]
ibase.allow_persistent = 1
ibase.max_persistent = -1
ibase.max_links = -1
ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
ibase.dateformat = "%Y-%m-%d"
ibase.timeformat = "%H:%M:%S"
[MySQLi]
mysqli.max_persistent = -1
mysqli.allow_persistent = On
mysqli.max_links = -1
mysqli.cache_size = 2000
mysqli.default_port = 3306
mysqli.default_socket =
mysqli.default_host =
mysqli.default_user =
mysqli.default_pw =
mysqli.reconnect = Off
[mysqlnd]
mysqlnd.collect_statistics = On
mysqlnd.collect_memory_statistics = Off
[OCI8]
[PostgreSQL]
pgsql.allow_persistent = On
pgsql.auto_reset_persistent = Off
pgsql.max_persistent = -1
pgsql.max_links = -1
pgsql.ignore_notice = 0
pgsql.log_notice = 0
[bcmath]
bcmath.scale = 0
[browscap]
[Session]
session.save_handler = files
session.use_strict_mode = 0
session.use_cookies = 1
session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.cookie_httponly =
session.serialize_handler = php
session.gc_probability = 0
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.referer_check =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
session.hash_function = 0
session.hash_bits_per_character = 5
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
[Assertion]
zend.assertions = -1
[COM]
[mbstring]
[gd]
[exif]
[Tidy]
tidy.clean_output = Off
[soap]
soap.wsdl_cache_enabled=1
soap.wsdl_cache_dir="/tmp"
soap.wsdl_cache_ttl=86400
soap.wsdl_cache_limit = 5
[sysvshm]
[ldap]
ldap.max_links = -1
[mcrypt]
[dba]
[opcache]
[curl]
[openssl]

 /etc/php/7.0/apache2/conf.d/20-pdo_dblib.ini 
extension=pdo_dblib.so

 /etc/php/7.0/apache2/conf.d/20-calendar.ini 
extension=calendar.so

 /etc/php/7.0/apache2/conf.d/20-xsl.ini 
extension=xsl.so

 /etc/php/7.0/apache2/conf.d/20-ctype.ini 
extension=ctype.so

 /etc/php/7.0/apache2/conf.d/20-ftp.ini 
extension=ftp.so

 /etc/php/7.0/apache2/conf.d/20-sockets.ini 
extension=sockets.so

 /etc/php/7.0/apache2/conf.d/20-gd.ini 
extension=gd.so

 /etc/php/7.0/apache2/conf.d/20-posix.ini 
extension=posix.so

 /etc/php/7.0/apache2/conf.d/20-xmlwriter.ini 
extension=xmlwriter.so

 /etc/php/7.0/apache2/conf.d/20-pdo_mysql.ini 
extension=pdo_mysql.so

 /etc/php/7.0/apache2/conf.d/20-sysvsem.ini 
extension=sysvsem.so

 /etc/php/7.0/apache2/conf.d/20-dom.ini 
extension=dom.so

 /etc/php/7.0/apache2/conf.d/20-fileinfo.ini 
extension=fileinfo.so

 

Bug#877433: stretch update for r-cran-mi

[Sébastien Villemot]

On Tue, Mar 13, 2018 at 08:56:52PM +0200, Adrian Bunk wrote:
> On Sun, Oct 01, 2017 at 09:39:04PM +, Debian Bug Tracking System wrote:
> >...
> >  r-cran-mi (1.0-5) unstable; urgency=medium
> >...
> >* Convert to dh-r.
> >  Incidentally, this implies that r-cran-arm is a Depends. (Closes: 
> > #877433)
> >...
> 
> Thanks a lot for fixing this bug for unstable.
> 
> It is still present in stretch, could you also fix it there?
> Alternatively, I can fix it for stretch if you don't object.

Please go ahead and fix it in stretch, thanks!

-- 
⢀⣴⠾⠻⢶⣦⠀  Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁  Debian Developer
⢿⡄⠘⠷⠚⠋⠀  http://sebastien.villemot.name
⠈⠳⣄  http://www.debian.org


signature.asc
Description: PGP signature

Bug#881225: stretch update for wicd

[Axel Beckert]

Hi Adrian,

Adrian Bunk wrote:
> >* Replace dependencies on "net-tools | ethtool" and "net-tools |
> >  iproute2" in wicd-daemon with a hard dependency on net-tools and
> >  suggesting ethtool and iproute2 in python-wicd. Thanks to Neels
> >  Hofmeyr for the bug report. (Closes: #881225)
> 
> Thanks a lot for fixing this bug for unstable.
> 
> It is still present in stretch, could you also fix it there?

Can do, but I currently have some backlog wrt. to stable/oldstable
updates and that one is not top priority for me there.

> Alternatively, I can fix it for stretch if you don't object.

I don't object at all, in contrary.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#877433: stretch update for r-cran-mi

[Adrian Bunk]

On Sun, Oct 01, 2017 at 09:39:04PM +, Debian Bug Tracking System wrote:
>...
>  r-cran-mi (1.0-5) unstable; urgency=medium
>...
>* Convert to dh-r.
>  Incidentally, this implies that r-cran-arm is a Depends. (Closes: 
> #877433)
>...

Thanks a lot for fixing this bug for unstable.

It is still present in stretch, could you also fix it there?
Alternatively, I can fix it for stretch if you don't object.

Thanks
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#892610: Address already in use /etc/init.d/pdns-recursor restart

[René]

Hi,

thanks for your reply.

I've switched to systemd, will let you know if the issue persist.

Rene

Bug#892849: cura: Exception while launching cura

[Jean-Luc Coulon (f5ibh)]

Package: cura
Version: 3.1.0-1
Severity: grave
Justification: renders package unusable

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

While laaunching cura, I get the following:
Error in sys.excepthook:
Traceback (most recent call last):
  File "", line 983, in _find_and_load
  File "", line 967, in _find_and_load_unlocked
  File "", line 677, in _load_unlocked
  File "", line 678, in exec_module
  File "", line 219, in _call_with_frames_removed
  File "/usr/lib/python3/dist-packages/cura/CrashHandler.py", line 20, in 

from UM.Application import Application
  File "/usr/lib/python3/dist-packages/UM/Application.py", line 15, in 
from UM.Settings.ContainerRegistry import ContainerRegistry
  File "/usr/lib/python3/dist-packages/UM/Settings/ContainerRegistry.py", line 
36, in 
import UM.Qt.QtApplication
  File "/usr/lib/python3/dist-packages/UM/Qt/QtApplication.py", line 15, in 

from UM.FileHandler.ReadFileJob import ReadFileJob
  File "/usr/lib/python3/dist-packages/UM/FileHandler/ReadFileJob.py", line 5, 
in 
from UM.Application import Application
ImportError: cannot import name 'Application'

Original exception was:
Traceback (most recent call last):
  File "/usr/bin/cura", line 54, in 
import Arcus #@UnusedImport
RuntimeError: the sip module implements API v12.0 to v12.2 but the Arcus module 
requires API v12.3


Regards

Jean-Luc


- -- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (600, 'unstable'), (500, 'unstable-debug'), (500, 
'buildd-unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.16.0-rc5-i7-0.1 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages cura depends on:
ii  cura-engine 1:3.1.0-2
ii  fonts-open-sans 1.11-1
ii  python3 3.6.4-1
ii  python3-pyqt5   5.9.2+dfsg-1
ii  python3-pyqt5.qtopengl  5.9.2+dfsg-1
ii  python3-savitar 3.1.0-1
ii  python3-serial  3.4-1
ii  python3-uranium 3.1.0-1
ii  qml-module-qt-labs-folderlistmodel  5.9.2-3
ii  qml-module-qt-labs-settings 5.9.2-3
ii  qml-module-qtqml-models25.9.2-3
ii  qml-module-qtquick-controls 5.9.2-2
ii  qml-module-qtquick-dialogs  5.9.2-2
ii  uranium-plugins 3.1.0-1

Versions of packages cura recommends:
ii  fdm-materials 3.1.0-1
ii  python3-zeroconf  0.19.1-1

cura suggests no packages.

- -- no debconf information

-BEGIN PGP SIGNATURE-

iF0EARECAB0WIQT5el3FKLtmYO4UlQtR0YZfPMac0AUCWqgdMQAKCRBR0YZfPMac
0E/FAJ41rnMVzefh1QCGodicZkcNUbPH5gCffL6QLGqTuOgyQOGxU/9uo1Gj/P4=
=nEEw
-END PGP SIGNATURE-

Bug#881225: stretch update for wicd

[Adrian Bunk]

On Sat, Nov 11, 2017 at 12:09:03AM +, Debian Bug Tracking System wrote:
>...
>  wicd (1.7.4+tb2-5) unstable; urgency=medium
>...
>* Replace dependencies on "net-tools | ethtool" and "net-tools |
>  iproute2" in wicd-daemon with a hard dependency on net-tools and
>  suggesting ethtool and iproute2 in python-wicd. Thanks to Neels
>  Hofmeyr for the bug report. (Closes: #881225)
>...

Thanks a lot for fixing this bug for unstable.

It is still present in stretch, could you also fix it there?
Alternatively, I can fix it for stretch if you don't object.

Thanks
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#889740: stretch update for xmotd

[Adrian Bunk]

On Sun, Feb 18, 2018 at 09:51:05AM +, Debian Bug Tracking System wrote:
>...
>  xmotd (1.17.3b-10) unstable; urgency=medium
>  .
>* debian/patches/bugfix/fix-warnings-hardening-build.patch:
>  - Fix most compile time warnings and avoid crash with hardening
>flags (acknowledgments to Christoph Pleger for the patch)
>(Closes: #889740).
>...

Thanks a lot for fixing this bug for unstable.

It is still present in stretch, could you also fix it there?
Alternatively, I can fix it for stretch if you don't object.

Thanks
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#886096: lintian: Emit warnings for Alioth URLs in packaging (migration to Salsa)

[Chris Lamb]

Hi Stuart,

> we now only have 6 time quanta until alioth is read-only

I like this "time quanta" concept :)  Okay, agreed, let's get onto
this ASAP.

Can you help by drafting the specific tag (or tags?) and giving some
examples of Vcs-Foo it should trigger on?


Best wishes,

-- 
Chris Lamb
chris-lamb.co.uk / @lolamby

Bug#892848: gcc-7: OpenMP support is broken on hppa in gcc-7 and earlier

[John David Anglin]

Source: gcc-7
Severity: normal
Tags: patch

Dear Maintainer,

The 32-bit hppa architecture is one of a few callee-copies targets in gcc.
Objects larger than eight bytes are passed by invisible reference and the
callee is responsible to copy the object if necessary.

This results in a variety of differences in optimizing code from x86, etc.
In the case of OpenMP support, it is seriously broken handling objects
passed by invisible references and the problem is not easily fixed.
This is gcc PR middle-end/68733.

Helge Deller and I discussed the matter and decided the best way forward
was to switch the hppa ABI to caller copies as on x86.  This should also
help to eliminate various optimization bugs that are hidden due to limited
testing.

The attached patch has been installed in gcc-8.  We would appreciate your
installing this change in Debian gcc-6 and gcc-7 so others are not affected.

Regards,
Dave Anglin


-- System Information:
Debian Release: buster/sid
  APT prefers buildd-unstable
  APT policy: (500, 'buildd-unstable'), (500, 'unstable')
Architecture: hppa (parisc64)

Kernel: Linux 4.14.25+ (SMP w/4 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968), LANGUAGE=C 
(charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- no debconf information
2018-01-16  John David Anglin  

* config.gcc (hppa*-*-linux*): Change callee copies ABI to caller
copies.

Index: config.gcc
===
--- config.gcc  (revision 256716)
+++ config.gcc  (working copy)
@@ -1339,7 +1339,7 @@
gas=yes gnu_ld=yes
;;
 hppa*-*-linux*)
-   target_cpu_default="MASK_PA_11|MASK_NO_SPACE_REGS"
+   target_cpu_default="MASK_PA_11|MASK_NO_SPACE_REGS|MASK_CALLER_COPIES"
tm_file="${tm_file} dbxelf.h elfos.h gnu-user.h linux.h glibc-stdint.h 
pa/pa-linux.h \
 pa/pa32-regs.h pa/pa32-linux.h"
tmake_file="${tmake_file} pa/t-linux"

Bug#892847: lxc busybox template doesn't set ipv4 address correctly

[Brian Minton]

Package: lxc
Version: 1:2.0.9-6
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Dear Maintainer,

I created a new container, with the busybox template.  My network has a
dhcp server on it serving ipv4 addresses, and uses router advertisement
for ipv6 ones.  I can see from the console logs and my dhcp server logs
that I am assigned an ipv4 address, but ip addr show or ifconfig from
inside the container don't have the address.

bminton:/usr/share/lxc/templates# lxc-create -n client3 --template busybox
'dropbear' ssh utility installed
bminton:/usr/share/lxc/templates# lxc-start -F -n client3
udhcpc: started, v1.27.2
udhcpc: sending discover
udhcpc: sending discover
udhcpc: sending discover
udhcpc: sending discover
udhcpc: sending select for 192.168.1.117
udhcpc: lease of 192.168.1.117 obtained, lease time 600

Please press Enter to activate this console.


BusyBox v1.27.2 (Debian 1:1.27.2-2) built-in shell (ash)
Enter 'help' for a list of built-in commands.

/ # ip addr
1: lo:  mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
   valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
   valid_lft forever preferred_lft forever
25: eth0@if26:  mtu 1500 qdisc noqueue 
qlen 1000
link/ether 1e:0c:f7:73:82:6b brd ff:ff:ff:ff:ff:ff
inet6 fd21:3dd1:6b84:0:1c0c:f7ff:fe73:826b/64 scope global dynamic
   valid_lft forever preferred_lft forever
inet6 2001:470:e295:0:1c0c:f7ff:fe73:826b/64 scope global dynamic
   valid_lft forever preferred_lft forever
inet6 fe80::1c0c:f7ff:fe73:826b/64 scope link
   valid_lft forever preferred_lft forever
/ #

- -- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.1+ (SMP w/16 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages lxc depends on:
ii  libapparmor1  2.12-3
ii  libc6 2.26-6
ii  libcap2   1:2.25-1.2
ii  libgnutls30   3.5.18-1
ii  liblxc1   1:2.0.9-6
ii  libseccomp2   2.3.1-2.1
ii  libselinux1   2.7-2+b1
ii  lsb-base  9.20170808
ii  python3   3.6.4-1
ii  python3-lxc   1:2.0.9-6

Versions of packages lxc recommends:
ii  bridge-utils  1.5-15
ii  debootstrap   1.0.93
ii  dirmngr   2.2.5-1
ii  dnsmasq-base  2.78-3
ii  gnupg 2.2.5-1
ii  iptables  1.6.2-1
ii  libpam-cgfs   2.0.8-1
ii  lxcfs 2.0.8-1
ii  openssl   1.1.0g-2
ii  rsync 3.1.2-2.1
ii  uidmap1:4.5-1

Versions of packages lxc suggests:
ii  apparmor 2.12-3
ii  btrfs-progs  4.15.1-1
ii  lvm2 2.02.176-4.1

- -- Configuration Files:
/etc/lxc/default.conf changed:
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0


- -- no debconf information

-BEGIN PGP SIGNATURE-

iHUEAREIAB0WIQT5xLt2Dng/DewQpoprjrOgZc+6qQUCWqgURAAKCRBrjrOgZc+6
qTluAP9HcurSwjcDIvIrAgk1uitoLRDEO6qKKCQUGZX0V9EH/AD+OL8FKa0YCQ6Y
OiJnUOt/vUPUsn1G1MO5V6PRd01GApeIdQQBFggAHRYhBO7QFYAT3C5tbgAepDe5
UHrP8gFuBQJaqBRKAAoJEDe5UHrP8gFuWVABAPOVDaqLo3XHfn6I0HbbEc0TJq3U
U8g+fCtUYa6JqfCQAP9tLnic1lCTeR/c1nfWBKNau4JqoYxkCYjQriBF7YDNBQ==
=DsvL
-END PGP SIGNATURE-

Bug#892846: libgdbm-compat4: short description is incorrect (regression)

[Vincent Lefevre]

Package: libgdbm-compat4
Version: 1.14.1-5
Severity: normal

The short description of the package has changed from

  GNU dbm database routines (legacy support runtime version)

in 1.14.1-4 to

  (legacy support runtime version)

in 1.14.1-5.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.15.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=POSIX 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libgdbm-compat4 depends on:
ii  libc6 2.27-2
ii  libgdbm5  1.14.1-5

libgdbm-compat4 recommends no packages.

libgdbm-compat4 suggests no packages.

-- no debconf information

Bug#882694: [sysadmin] Signatures on uncompressed archives

[Konstantin Ryabitsev]

On 03/13/18 05:33, Uwe Kleine-König wrote:
>>> But it also has an impact on security: As long as the signature isn't
>>> verified I have to consider the .tar.xz "untrusted" and the less tools I
>>> have to make operate on it the better.  This scheme allows an attacker
>>> that has control over a mirror to provide a .tar.xz that makes unxz do
>>> undesirable things, see https://en.wikipedia.org/wiki/Zip_bomb for an
>>> attack idea.
>>
>> Which is why we provide sha256sums.asc in each directory.
> 
> That would be worth to point out more prominently on the above webpage
> then IMHO.

We do, we have a whole section about sha256sums.asc files:
https://www.kernel.org/signature.html#kernel-org-checksum-autosigner-and-sha256sums-asc

> When you recompress files you have to resign your sha256sum file, so I
> don't see the advantage "without needing to re-sign all files" you
> mentioned above. 

Released tarballs carry signatures from developers, not from any
automated infrastructure, so you can see how that complicates the
picture if we have to ask Linus or Greg KH to create new signatures for
all tarballs they've ever created.

> (Also recompressing has the immediate downside to break
> third-party tools that rely on unchanged files from upstream, which IMHO
> outweighs the disk space gained from recompressing.)

I would say such tools are wrong because they expect non-normalized
formats to remain constant. I appreciate that I'm basically saying
"everyone is doing it wrong and we're the only ones who are shiny and
smell nice," but I do believe there's at least solid technical reasoning
behind our decision to sign .tar archives and not the compressed versions.

I think it will help you understand the reasoning more if I explain the
workflow behind how releases are currently produced (you can see my talk
about the entirety of the release process here:
https://www.youtube.com/watch?v=vohrz14S6JE):

1. Linus creates a .tar archive locally on his laptop, using "git
archive" -- which is always deterministic
2. Linus creates a detached signature of that tar archive
3. Linus sends us a very small request with just three things in it

   a. the tag
   b. the prefix to use with "git archive"
   c. the detached signature

4. We use these to create the .tar archive from our version of the tree,
verify it against Linus's detached signature, and if (and only if) the
signature verifies, we create .gz and .xz archives and upload them to
the frontends.

There are the following major benefits behind this process:

1. Linus only has to upload a few KB of data to produce a release,
instead of 200+ MB of combined .xz and .gz archive data. Since he
routinely produces releases while at conferences and remote diving
locations, he greatly appreciates not having to do that.
2. More importantly, if Linus's laptop is compromised and someone tries
to sneak in a trojaned tarball between the time when "git archive"
finishes and "gpg --detach-sign" fires off, the signature verification
will fail when we try to generate the tarball on our end. Any trojans
would need to exist in the git tree, where they have a much greater
chance of being discovered than in a one-off tarball. By using our
current procedure we significantly reduce the risks of workstation
compromises resulting in trojaned tarballs carrying legitimate developer
signatures.

It's true, we could ask Linus to generate signatures for the .xz archive
on his end, but this would require that he runs "xz -9" on a 600MB
tarball and wait half an hour for it to finish -- and then hope we
produce the same resulting .xz on our end, which is not at all
guaranteed between different xz versions, whereas git has tests that
specifically check that git-archive generated .tar archives are
identical between git releases.

> Also for the attack vector against the decompressor, this effectively
> renders the developer's signature useless because I have to trust the
> sha256sum.asc (and so the archive key) before handing the compressed
> file to the decompressor.
> (Yeah I know, this is harder to exploit than introducing changes to the
> tar archive, but IMHO this is no reason to keep this flaw unfixed.)

I hope I've demonstrated how "fixing" this attack vector opens up a
whole another one that is much, much worse.

> Would it be possible to provide signatures on the compressed archives
> using the same key that today signs sha256sums? I imagine this wouldn't
> result in a significant retooling issue on your side and in return it
> would simplify the handling of signature verification for all those who
> care.

No, because this would pretty much guarantee that people will not bother
checking developer signatures and would just rely on automatically
generated ones. This would violate our grand principle of "trust the
developer, not infrastructure."

I believe our approach has merit and results in better security
protections. To verify the validity of any release you should:

1. Download the tarball and 

Bug#892845: stretch-pu: package openni2/2.2.0.33+dfsg-7+deb9u1

[Adrian Bunk]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

  * Fix armhf baseline violation and armel FTBFS caused by NEON usage.
(Closes: #874220)

This aims at a small change without affecting other architectures.

Taking the fix from unstable verbatim was also not possible due to
2.2.0.33+dfsg-10 not building on stretch - the following compile
error is present with gcc 6 but for some reason not with gcc 7:

Linux/XnLinuxUSBDevice.cpp: In function 'XnBool 
handleGetStringDescriptor(XnUSBDevice*, __u16, __u16, __u8)':
Linux/XnLinuxUSBDevice.cpp:401:18: error: dereferencing type-punned pointer 
will break strict-aliasing rules [-Werror=strict-aliasing]
   *(__u16*)[2] = __cpu_to_le16(USB_LANGUAGE_ENGLISH_US);
  ^

Fixing the typo in ThirdParty/PSCommon/BuildSystem/Platform.generic
(see #874220) might be advisable for unstable, but for stretch the
different change avoids this change (that would also affect other
architectures).
diff -Nru openni2-2.2.0.33+dfsg/debian/changelog 
openni2-2.2.0.33+dfsg/debian/changelog
--- openni2-2.2.0.33+dfsg/debian/changelog  2016-09-12 12:32:44.0 
+0300
+++ openni2-2.2.0.33+dfsg/debian/changelog  2018-03-13 17:52:24.0 
+0200
@@ -1,3 +1,11 @@
+openni2 (2.2.0.33+dfsg-7+deb9u1) stretch; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix armhf baseline violation and armel FTBFS caused by NEON usage.
+(Closes: #874220)
+
+ -- Adrian Bunk   Tue, 13 Mar 2018 17:52:24 +0200
+
 openni2 (2.2.0.33+dfsg-7) unstable; urgency=medium
 
   * Don't link plugins in pkg-config file
diff -Nru openni2-2.2.0.33+dfsg/debian/patches/0014-No-NEON.patch 
openni2-2.2.0.33+dfsg/debian/patches/0014-No-NEON.patch
--- openni2-2.2.0.33+dfsg/debian/patches/0014-No-NEON.patch 1970-01-01 
02:00:00.0 +0200
+++ openni2-2.2.0.33+dfsg/debian/patches/0014-No-NEON.patch 2018-03-13 
17:52:24.0 +0200
@@ -0,0 +1,23 @@
+Description: Fix armhf baseline violation and armel FTBFS caused by NEON usage
+Author: Adrian Bunk 
+Bug-Debian: https://bugs.debian.org/874220
+
+--- openni2-2.2.0.33+dfsg.orig/ThirdParty/PSCommon/BuildSystem/Platform.Arm
 openni2-2.2.0.33+dfsg/ThirdParty/PSCommon/BuildSystem/Platform.Arm
+@@ -4,7 +4,7 @@ export GLUT_SUPPORTED=1
+ ifeq "$(CFG)" "Release"
+ 
+ # Hardware specifying flags
+-CFLAGS += -Wno-unused-local-typedefs -march=armv7-a -mtune=cortex-a9 
-mfpu=neon #-mfloat-abi=softfp #-mcpu=cortex-a8
++CFLAGS += -Wno-unused-local-typedefs #-march=armv7-a -mtune=cortex-a9 
-mfpu=neon #-mfloat-abi=softfp #-mcpu=cortex-a8
+ 
+ # Optimization level, minus currently buggy optimizing methods (which 
break bit-exact)
+ CFLAGS += -O3 -fno-tree-pre -fno-strict-aliasing
+@@ -12,6 +12,6 @@ ifeq "$(CFG)" "Release"
+ # More optimization flags
+ CFLAGS += -ftree-vectorize -ffast-math -funsafe-math-optimizations 
#-fsingle-precision-constant
+ 
+-DEFINES += XN_NEON
++#DEFINES += XN_NEON
+ CFLAGS += -flax-vector-conversions
+ endif
diff -Nru openni2-2.2.0.33+dfsg/debian/patches/series 
openni2-2.2.0.33+dfsg/debian/patches/series
--- openni2-2.2.0.33+dfsg/debian/patches/series 2016-01-23 17:53:07.0 
+0200
+++ openni2-2.2.0.33+dfsg/debian/patches/series 2018-03-13 17:52:24.0 
+0200
@@ -11,3 +11,4 @@
 0011-Mark-variables-unused.patch
 0012-generic-linux.patch
 0013-Fix-GCC6-compilation.patch
+0014-No-NEON.patch

Bug#892734: stretch-pu: package dehydrated/0.3.1-3+deb9u2

[Mattia Rizzolo]

On Tue, Mar 13, 2018 at 05:26:18PM +0100, Cyril Brulebois wrote:
> Control: tag -1 +confirmed

Thanks, uploaded and accepted into stable-new.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#881347: rdiff-backup: Crashing on Exception '[Errno 61] No data available'

[Jonathan Dowland]

On Fri, Nov 10, 2017 at 03:49:02PM +, j...@debian.org wrote:

This has just started to happen to me for my root filesystem backup, which runs
nightly.I think it's failed 2-3 times now, and I'm not sure what the trigger
was. This seems to have been reported upstream (or at least GH) where there's a
simple patch that I am trying locally. I'll report whether it works.


The patch works. I tested a restore after applying it and all was well.
I've had the patch applied locally for months now without issue.

Bug#892806: Acknowledgement (AH00169: caught SIGTERM, shutting down)

[Xavier Bestel]

The issue was with certbot stopping apache for certs renewal, failing,
and not restarting apache afterwards:

mars 13 12:02:15 kawa systemd[1]: Stopping The Apache HTTP Server... 
mars 13 12:02:15 kawa systemd[1]: Stopped The Apache HTTP Server. 
mars 13 12:02:26 kawa certbot[6014]: Attempting to renew cert from 
/etc/letsencrypt/renewal/awak.mobi.conf produced an unexpected error: Failed 
authorization procedure. awak.mobi (tls-sni-01): urn:acme:error:unauthorized :: 
The client lacks sufficient authorization :: Incorrect validation certificate 
for tls-sni-01 challenge. Requested 
50a921b19347a4333a7d292d565adb89.a85575dc3cec8fca7c1c5f2350711608.acme.invalid 
from 78.207.29.31:443. Received 2 certificate(s), first certificate had names 
"awak.mobi". Skipping. 
mars 13 12:02:26 kawa certbot[6014]: All renewal attempts failed. The following 
certs could not be renewed: 
mars 13 12:02:26 kawa certbot[6014]:   
/etc/letsencrypt/live/awak.mobi/fullchain.pem (failure) 
mars 13 12:02:26 kawa certbot[6014]: 1 renew failure(s), 0 parse failure(s) 
mars 13 12:02:26 kawa systemd[1]: certbot.service: Main process exited, 
code=exited, status=1/FAILURE 
mars 13 12:02:26 kawa systemd[1]: Failed to start Certbot. 
mars 13 12:02:26 kawa systemd[1]: certbot.timer: Adding 15min 58.754102s random 
time. 
mars 13 12:02:26 kawa systemd[1]: certbot.service: Unit entered failed state. 
mars 13 12:02:26 kawa systemd[1]: certbot.timer: Adding 59min 29.268333s random 
time. 
mars 13 12:02:26 kawa systemd[1]: certbot.service: Failed with result 
'exit-code'. 

Sorry for the noise. Please close bug.

Regards,

Xav

Bug#886044: syncmaildir: raising severity of gconf dependency bug

[gregor herrmann]

Control: tag -1 + patch

On Mon, 12 Mar 2018 01:24:02 -0400, Jeremy Bicha wrote:

> Please try to port your package away from gconf. Otherwise, please
> consider requesting that your package be removed from Debian to help us
> complete this goal.

Looking at the ChangeLog and the git history, it seems that gconf has
been replaced by gsettings already in 1.2.6.
Grepping through the code shows two leftovers, the build dependency in
debian/control, and a mentioning in PKGS_VALA in Makefile.

If I remove those two pieces, the package builds and the Depends line
of the syncmaildir-applet binary package loses gconf-service and
libgconf-2-4.

Patch (git diff against master) attached.

Enrico, do you have time to work on this? Otherwise I'm happy to
make an upload based on this diff.


Cheers,
gregor

-- 
 .''`.  https://info.comodo.priv.at -- Debian Developer https://www.debian.org
 : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
 `. `'  Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
   `-   NP: Pixies: The Holiday Song
diff --git a/debian/control b/debian/control
index 07d30c5..72b4953 100644
--- a/debian/control
+++ b/debian/control
@@ -2,7 +2,7 @@ Source: syncmaildir
 Section: mail
 Priority: optional
 Maintainer: Enrico Tassi 
-Build-Depends: debhelper (>= 7.0.50~), txt2man, pkg-config, libglib2.0-dev (>= 2.19.1), libgtk-3-dev, libnotify-dev (>= 0.7), libgconf2-dev, libgee-0.8-dev, lua5.1, xdelta, moreutils (>= 0.38)
+Build-Depends: debhelper (>= 7.0.50~), txt2man, pkg-config, libglib2.0-dev (>= 2.19.1), libgtk-3-dev, libnotify-dev (>= 0.7), libgee-0.8-dev, lua5.1, xdelta, moreutils (>= 0.38)
 Standards-Version: 3.9.3
 Vcs-Git: git://git.debian.org/git/collab-maint/syncmaildir.git
 Vcs-Browser:  http://git.debian.org/?p=collab-maint/syncmaildir.git
diff --git a/debian/patches/no-gconf b/debian/patches/no-gconf
new file mode 100644
index 000..b1a19e5
--- /dev/null
+++ b/debian/patches/no-gconf
@@ -0,0 +1,11 @@
+--- a/Makefile
 b/Makefile
+@@ -25,7 +25,7 @@
+ BENCH_SUITES=benchmarks
+ PKG_GTK=gtk+-3.0 
+ SMD_APPLET_C=smd-applet.c 
+-PKGS_VALA=glib-2.0 $(PKG_GTK) libnotify gconf-2.0 gee-0.8 gio-2.0
++PKGS_VALA=glib-2.0 $(PKG_GTK) libnotify gee-0.8 gio-2.0
+ TARGET_GLIB=2.32
+ PKGCONFIG_CHECK_GLIB_VERSION=--atleast-version=$(TARGET_GLIB) glib-2.0
+ PKGCONFIG_GLIB_VERSION=--modversion glib-2.0
diff --git a/debian/patches/series b/debian/patches/series
index 7e552f8..9b8524c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 #link-against-gthread2
+no-gconf


signature.asc
Description: Digital Signature

Bug#879076: Clip_Tests.cpp errors

[Frédéric Bonnard]

Hi,
I had a look at the failures in Clip_Tests.cpp .
Actually comparing with what is done on other architectures, the content
of the frame is already wrong before the effect being applied, that is
the content that is imported from the test .mp4 seems false.
I digged into FFmpegReader.cpp and pixels get wrong content after
sws_scale is called in FFmpegReader::ProcessVideoPacket .
This function comes from libswscale (ffmpeg) .
This library has accelerated altivec code on powerpc for colorspace
conversion and forcing use of software processing there makes the
Clip tests works.

So I'd say there is some issue in
ffmpeg-3.4.2/libswscale/ppc/yuv2rgb_altivec.c or around, that I've not
been able to locate so far.

F.


pgpBCjtH6AgpF.pgp
Description: PGP signature

Bug#886328: live-boot: Please use /run/live instead of /lib/live/mount

[Luca Boccassi]

On Tue, 2018-03-13 at 15:05 +0100, Raphael Hertzog wrote:
> Hi,
> 
> On Tue, 13 Mar 2018, Luca Boccassi wrote:
> > > > Or maybe have a backward-compatible symlinks?
> > > 
> > > This seems entirely reasonable. Can you work on this?
> > 
> > Yes no problem, I'll give it a shot and send a PR for review before
> > the
> > end of the week.
> 
> Great.
> 
> > > BTW, given your vested interested in the various live tools,
> > > would
> > > you like to join the maintenance team?
> > 
> > Certainly, I'm more than happy to help! We use the live tools in
> > our
> > derivative (Vyatta) so I can dedicate time at work to it.
> 
> I have added you to the live-team group on salsa as master. Welcome
> on
> board!
> 
> Use your best judgment when merging someone's else work and ask for
> review
> when you have doubts about your own work. And tested code is always
> better
> ;-)
> 
> Cheers,

Great, will do, thank you very much!

-- 
Kind regards,
Luca Boccassi

signature.asc
Description: This is a digitally signed message part

Bug#892844: [libreoffice-impress] Impress cant be use

[Rene Engelhard]

severity 892844 important
tag 892844 + moreinfo
thanks

Hi,

On Tue, Mar 13, 2018 at 04:51:42PM +0100, Wild Turtles wrote:
> Package: libreoffice-impress
> Version: 1:6.0.2-1+b1
> Severity: grave

Erm, no. You are the first reporting this after 6.0.2 being
there since ~ 2 weeks? This can't be a general problem.

> Impress just can’t be use … slow as a rock. It especially start when i
> try to use some template/ master page feature.  after that i can’t do
> anything instead of kill -9 the process or some ctrl+c in the term.
> 
> The only output i have is :
> Warning: failed to read path from javaldx

Well, that means you don't have Java and or Java support but that
doesn't affect Impress.

> i try soffice --backtrace but there is nothing interresting in (you can
> check)

Yeah, it's no crash.

> It not found dbg package (me too).

Because there is no -dbg package but -dbgsym. See
https://wiki.debian.org/AutomaticDebugPackages. Since ages.

> Ready to do more test if needed

strace (use -ff!) maybe?

> Thread 1 "soffice.bin" received signal SIGINT, Interrupt.
> 0x7fb9162b396f in __GI___select (nfds=7, readfds=0x7fff82d842f0, 
> writefds=0x0, exceptfds=0x7fff82d84370, timeout=0x7fff82d842d0) at 
> ../sysdeps/unix/sysv/linux/select.c:41
> 41../sysdeps/unix/sysv/linux/select.c: Aucun fichier ou dossier de ce 
> type.

English please?

Maybe it waits for something it want to talk to? Like "lo" for
interprocess communication over sockets?

Regards,

Rene

Bug#892734: stretch-pu: package dehydrated/0.3.1-3+deb9u2

[Cyril Brulebois]

Control: tag -1 +confirmed

Hi,

Mattia Rizzolo  (2018-03-12):
> Let's Encrypt decided to add a redirect in their API, and it turns
> out not all clients could cope with it seamlessly.
> 
> https://bugs.debian.org/892723
> 
> Attached, a tested patch fixing the bug.

Looks good to me, even if the last hunk is a bit strange.

> Given that the updater is just about terribily broken by this bug,
> I'd like to ask for a push to stable-updates.

That was my first reaction when discovering the bug report you linked
to on IRC. I've never handled such updates myself though.

> diff -Nru 
> dehydrated-0.3.1/debian/patches/Update-the-default-License-Subscriber-Agreement-URL.patch
>  
> dehydrated-0.3.1/debian/patches/Update-the-default-License-Subscriber-Agreement-URL.patch
> --- 
> dehydrated-0.3.1/debian/patches/Update-the-default-License-Subscriber-Agreement-URL.patch
>  2017-11-18 14:00:07.0 +0100
> +++ 
> dehydrated-0.3.1/debian/patches/Update-the-default-License-Subscriber-Agreement-URL.patch
>  2018-03-12 11:45:54.0 +0100
> @@ -5,9 +5,9 @@
>  Closes: #881974
>  Signed-off-by: Mattia Rizzolo 
>  ---
> - dehydrated| 2 +-
> - docs/examples/config  | 4 ++--
> - 3 files changed, 4 insertions(+), 3 deletions(-)
> + dehydrated   | 2 +-
> + docs/examples/config | 4 ++--
> + 2 files changed, 3 insertions(+), 3 deletions(-)
>  
>  diff --git a/dehydrated b/dehydrated
>  index 7b88ae9..882c6bd 100755

Would be great to avoid such noise in your upload, so please edit it
out as discussed on #debian-release.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#841786: gbp buildpackage Unmet build dependencies

[Geert Stappers]

Todays 'gbp buildpackage Unmet build dependencies' websearch
did bring me to this bugreport  :-/

Yes, `gbp buildpackage --options` did report unmet build dependencies
to me. Again in early stage during build. I have the feeling that
the check on build depends is done before entering the "cowbuilder"
environment.

Installing the build depends on the actual host, so not in
the "cowbuilder" / "pbuilder" environ, got me a succesfull build.

Now updating this bugreport. Hi Guido, thanks for having it open
and marked "wontfix". It allowed an updates like this.


Cheers
Geert Stappers
-- 
Leven en laten leven

Bug#892830: asciidoc: please update to python3

[Joseph Herlant]

Control: tags -1 + wontfix

Hi Daniel,

As announced in the NEWS for asciidoc 8.6.10, this is the last
upstream release of asciidoc:
https://salsa.debian.org/debian/asciidoc/blob/master/debian/NEWS
It is not compatible with python3 and will probably never be.
There has been a tentative of port to python3 by upstream a year ago:
https://github.com/asciidoc/asciidoc3 but it never went through. If
you want you can help there but there's a lot to do and not much help.

The package is in end of life and upstream advises to move to
asciidoctor (and already pushed most of their contributors there). You
can also use pandoc if you don't like asciidoctor.

Joseph

Bug#892844: [libreoffice-impress] Impress cant be use

[Wild Turtles]

Package: libreoffice-impress
Version: 1:6.0.2-1+b1
Severity: grave

--- Please enter the report below this line. ---

Impress just can’t be use … slow as a rock. It especially start when i
try to use some template/ master page feature.  after that i can’t do
anything instead of kill -9 the process or some ctrl+c in the term.

The only output i have is :
Warning: failed to read path from javaldx


i try soffice --backtrace but there is nothing interresting in (you can
check)
It not found dbg package (me too).

Ready to do more test if needed


--- System information. ---
Architecture:
Kernel: Linux 4.14.0-3-amd64

500 testing ftp.fr.debian.org
500 stable linux.teamviewer.com
500 preview linux.teamviewer.com

--- Package information. ---
Depends (Version) | Installed
===-+-===

libreoffice-core (= 1:6.0.2-1+b1) | 1:6.0.2-1+b1
libreoffice-draw (= 1:6.0.2-1+b1) | 1:6.0.2-1+b1
libc6 (>= 2.14) |
libepoxy0 (>= 1.0) |
libetonyek-0.1-1 |
libgcc1 (>= 1:3.0) |
libmwaw-0.3-3 |
libodfgen-0.1-1 |
librevenge-0.0-0 |
libstaroffice-0.0-0 |
libstdc++6 (>= 5) |
libxml2 (>= 2.6.27) |
uno-libs3 (>= 5.3.0~alpha) |
ure |
zlib1g (>= 1:1.1.4) |
fontconfig |
fonts-opensymbol |
libreoffice-common (>> 1:6.0.2) |
ure (>= 6.0.0~) |
libboost-date-time1.62.0 |
libboost-locale1.62.0 |
libc6 (>= 2.27) |
libcairo2 (>= 1.14.0) |
libclucene-contribs1v5 (>= 2.3.3.4+dfsg) |
libclucene-core1v5 (>= 2.3.3.4+dfsg) |
libcmis-0.5-5v5 (>= 0.5.1+git20160603) |
libcups2 (>= 1.7.0) |
libcurl3-gnutls (>= 7.16.2) |
libdbus-1-3 (>= 1.9.14) |
libdbus-glib-1-2 (>= 0.78) |
libdconf1 (>= 0.15.2) |
libeot0 |
libepoxy0 (>= 1.0) |
libexpat1 (>= 2.0.1) |
libexttextcat-2.0-0 (>= 2.2-8) |
libfontconfig1 (>= 2.12) |
libfreetype6 (>= 2.3.5) |
libgcc1 (>= 1:3.4) |
libglib2.0-0 (>= 2.38.0) |
libgpgmepp6 (>= 1.10.0) |
libgraphite2-3 (>= 1.2.2) |
libharfbuzz-icu0 (>= 0.9.42) |
libharfbuzz0b (>= 0.9.42) |
libhunspell-1.6-0 |
libhyphen0 (>= 2.7.1) |
libice6 (>= 1:1.0.0) |
libicu57 (>= 57.1-1~) |
libjpeg62-turbo (>= 1.3.1) |
liblcms2-2 (>= 2.2+git20110628) |
libldap-2.4-2 (>= 2.4.7) |
libmythes-1.2-0 |
libneon27-gnutls |
libnspr4 (>= 2:4.9-2~) |
libnss3 (>= 2:3.16) |
libodfgen-0.1-1 |
liborcus-0.13-0 (>= 0.13.3) |
libpng16-16 (>= 1.6.2-1) |
libpoppler73 (>= 0.62.0) |
librevenge-0.0-0 |
libsm6 |
libstdc++6 (>= 5.2) |
libx11-6 |
libxext6 |
libxinerama1 |
libxml2 (>= 2.7.4) |
libxmlsec1 (>= 1.2.25) |
libxmlsec1-nss (>= 1.2.25) |
libxrandr2 |
libxrender1 |
libxslt1.1 (>= 1.1.25) |
uno-libs3 (>= 5.3.0~alpha) |
zlib1g (>= 1:1.1.4) |
librdf0 (>= 1.0.17) |
libreoffice-core (= 1:6.0.2-1+b1) | 1:6.0.2-1+b1
libavahi-client3 (>= 0.6.16) |
libavahi-common3 (>= 0.6.16) |
libc6 (>= 2.14) |
libcdr-0.1-1 |
libdbus-1-3 (>= 1.9.14) |
libdbus-glib-1-2 (>= 0.78) |
libfreehand-0.1-1 |
libgcc1 (>= 1:3.0) |
libglib2.0-0 (>= 2.38.0) |
libicu57 (>= 57.1-1~) |
liblcms2-2 (>= 2.2+git20110628) |
libmspub-0.1-1 |
libmwaw-0.3-3 |
libodfgen-0.1-1 |
libpagemaker-0.0-0 |
libpng16-16 (>= 1.6.2-1) |
libqxp-0.0-0 |
librevenge-0.0-0 |
libstaroffice-0.0-0 |
libstdc++6 (>= 5.2) |
libvisio-0.1-1 |
libwpd-0.10-10 |
libwpg-0.3-3 |
libxml2 (>= 2.7.4) |
libzmf-0.0-0 |
uno-libs3 (>= 5.3.0~alpha) |
ure |
zlib1g (>= 1:1.1.4) |


Recommends (Version) | Installed
-+-===
libreoffice-avmedia-backend-gstreamer | 1:6.0.2-1+b1
OR libreoffice-avmedia-backend-vlc |
libpaper-utils | 1.1.24+nmu5


Suggests (Version) | Installed
===-+-===
bluez | 5.47-1+b1
warning: Currently logging to gdbtrace.log.  Turn the logging off and on to make the new setting effective.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fb90324f700 (LWP 20415)]
[New Thread 0x7fb901952700 (LWP 20417)]
[New Thread 0x7fb901151700 (LWP 20418)]
[Thread 0x7fb901952700 (LWP 20417) exited]
[New Thread 0x7fb901952700 (LWP 20422)]
[Thread 0x7fb901952700 (LWP 20422) exited]
[New Thread 0x7fb901952700 (LWP 20423)]
[New Thread 0x7fb8fb518700 (LWP 20424)]
[New Thread 0x7fb8fad0f700 (LWP 20425)]
[Thread 0x7fb8fad0f700 (LWP 20425) exited]
[New Thread 0x7fb8fad0f700 (LWP 20428)]
[Thread 0x7fb8fad0f700 (LWP 20428) exited]
[Thread 0x7fb901952700 (LWP 20423) exited]
[New Thread 0x7fb901952700 (LWP 20433)]
[Thread 0x7fb901952700 (LWP 20433) exited]
[New Thread 0x7fb901952700 (LWP 20436)]
[Thread 0x7fb901952700 (LWP 20436) exited]
[New Thread 0x7fb901952700 (LWP 20437)]
[Thread 0x7fb901952700 (LWP 20437) exited]
[New Thread 0x7fb901952700 (LWP 20438)]
[Thread 0x7fb901952700 (LWP 20438) exited]
[New Thread 0x7fb901952700 (LWP 20439)]
[Thread 0x7fb901952700 (LWP 20439) exited]
[New Thread 0x7fb901952700 (LWP 20440)]
[Thread 0x7fb901952700 (LWP 20440) exited]
[New Thread 0x7fb901952700 (LWP 20441)]
[Thread 0x7fb901952700 (LWP 20441) exited]
[New Thread 0x7fb901952700 (LWP 20442)]
[Thread 0x7fb901952700 (LWP 20442) exited]
[New Thread 

Bug#892843: ITP: gnucobol -- GnuCOBOL (formerly OpenCOBOL) is a free, modern COBOL compiler.

[Ludwin Janvier]

Package: wnpp
Severity: wishlist
Owner: Ludwin Janvier 

* Package name: gnucobol
  Version : 2.2
  Upstream Author : Simon Sobisch, Ron Norman, Edward Hart, Sergey
Kashyrin, Dave Pitts and Brian Tiffin
* URL : https://www.gnu.org/software/gnucobol/
* License : Mostly GPL3 and LGPL2
  Programming Lang: C
  Description : GnuCOBOL (formerly OpenCOBOL) is a free, modern COBOL
compiler.

GnuCOBOL implements a substantial part of the COBOL 85, COBOL 2002 and
COBOL 2014
standards and X/Open COBOL, as well as many extensions included in other
COBOL
compilers (IBM COBOL, MicroFocus COBOL, ACUCOBOL-GT and others).

This would replace the "open-cobol" in the archive, which is orphan since
4 Aug 2016 (#833460). The upstream project changed its name in 2013.
I need a sponsor because this is my first submission, and a pretty tough
one (contains libs, need to replace some packages and remove older one from
the archive, ...)

Bug#892256: system-config-printer: Doesn't launch anymore

[Jeremy Bicha]

system-config-printer-common already recommends gir1.2-secret-1.

According to Debian Policy § 7.2, Recommends "declares a strong, but
not absolute, dependency. The Recommends field should list packages
that would be found together with this one in all but unusual
installations." [1]

Please don't disable Recommends on your system.

But we should probably bump this from Recommends to Depends now.


[1] 
https://www.debian.org/doc/debian-policy/#binary-dependencies-depends-recommends-suggests-enhances-pre-depends

Thanks,
Jeremy Bicha

Bug#892167: Update for gcc-8-8-20180312-2

[Svante Signell]

found 892167 8-20180312-2
thanks

The go tests still fails on an amd64 platform:

make -C build check-go 2>&1 | tee ../make-check-go-8-8-20180312-1.log

tail build/gcc/testsuite/go/go.sum

 === go Summary ===

# of expected passes518
# of untested testcases 834

This is due to the following:
less build/gcc/testsuite/go/go.log
checksyms: found unexpected symbol "__libc_start_main@@GLIBC_2.2.5"
FAIL: checksyms

Fortunately all libgo tests now pass:

make -C build/x86_64-linux-gnu/libgo check 2>&1 | tee ../make-check-libgo-8-8-
20180312-2.1.log

tail build/x86_64-linux-gnu/libgo/libgo.sum

=== libgo Summary ===

# of expected passes162

Bug#892004: Please adapt to gnome-settings-daemon 3.28 by March 15

[Gianfranco Costamagna]

hello,

>I am unable to do something this week. Could someone else apply the
>change and upload the package?


in deferred/2

G.