Bug#926952: sa-exim: Unbuildable/uninstallable in sid

[Andreas Metzler]

On 2019-04-20 Magnus Holmgren  wrote:
> tisdag 16 april 2019 kl. 18:46:56 CEST skrev du:
[...] 
> > I have just uploaded exim 4.92-6 to exoerimental which /should/
> > work with sa-exim, allowing you to debug properly.

> Thanks. So far I haven't managed to reproduce the problem of the malformed 
> body file, though.

That is kind of good news, it suggests some temporary bakage in exim
that was fixed since.

> However, I produced a segfault in local_scan() when I fed 
> exim a spam message using BDAT with report_safe = 1 in local.cf, 
> SARewriteBody: 1 in sa-exim.conf and spool_wireformat = true in 
> exim4.conf(.template).

Is this reproducible?

cu Andreas

-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

Bug#927680: Code name spelling (upper/lower) is used inconsistently in Debian communication/documentation

[Andrei POPESCU]

Package: release.debian.org
Severity: minor
X-Debbugs-CC: debian-public...@lists.debian.org, debian-...@lists.debian.org, 
debian-...@lists.debian.org

On Sb, 20 apr 19, 21:11:09, Justin B Rye wrote:
> 
> But I've given up trying to get this sorted out, just as I've given up
> asking why it is that we write "stretch" when the release announcement
> called it "Stretch" and it's named after something called "Stretch"!

Dear Release Team,

Apparently the code name for Debian releases has been used 
inconsistently in various documentation and communication.

As the team delegated to (among many others) decide the code name of 
Debian releases please kindly rule on the correct spelling (lower or 
upper case), i.e. 'buster' or 'Buster'.

Many thanks,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Bug#927679: Please use docbook entities strictly for re-usable parts

[Andrei POPESCU]

Package: release-notes
Severity: wishlist
X-Debbugs-CC: debian-i...@lists.debian.org

On Sb, 20 apr 19, 21:11:09, Justin B Rye wrote:
> Andrei POPESCU wrote:
> >> +  disable it before the upgrade, to ensure login sessions work on
> >> +  . (A possible route to re-enabling it is outlined on 
> >> the
> > 
> > Any particular reason for using "" instead of "buster"?
> > 
> > At least for me it's easier to read (and understand) the source text 
> > without so much markup.
> 
> I'll just have been copying the prevailing markup features from
> neighbouring sections..
> 
> Personally I would be happy to see  etc. eliminated in
> any section that won't be kept for the buster->bullseye edition (and
> the places that don't change should rarely mention releasenames).
> It's not quite as bad as , which almost never makes sense,
> since anybody recycling this document for (e.g.) Devuan would need to
> change almost everything else, too.

It appears to be best practice in programming to use variables just 
about everywhere.

In my opinion the same does not necessarily apply here because:

1. This is documentation

2. The source code itself is read by many, potentially non-programmers 
(i.e. translators).

Turning this into a wishlist bug against the Release Notes, hopefully to 
be considered for bullseye.
 
Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Bug#927450: base-files: breaks debian-security-support, which then breaks package installations

[Christoph Anton Mitterer]

On Sat, 2019-04-20 at 09:22 +0200, Santiago Vila wrote:
> I'm adding "affect base-files" so that people see this bug in the BTS
> page for base-files and nobody thinks the problem is in base-files,
> but just for that.

Well at least with this it does *not* show up in apt-listbugs and
prevent people from upgrading it until the bug in d-s-s is fixed...

Bug#927562: Updating the elilo-installer Uploaders list

[Pedro Miguel Justo]

Hi Adrian.



I’d like to update my ELILO to 3.16 before making the jump to GRUB.



_

Pedro




From: John Paul Adrian Glaubitz 
Sent: Saturday, April 20, 2019 12:03:05 PM
To: Tobias Frost
Cc: 927...@bugs.debian.org; debian-i...@lists.debian.org
Subject: Re: Bug#927562: Updating the elilo-installer Uploaders list


> On Apr 20, 2019, at 8:44 PM, Tobias Frost  wrote:
>
> Source: elilo-installer
> Version: 1.34
> Severity: minor
> User: m...@qa.debian.org
> Usertags: mia-teammaint
>
> We are tracking their status in the MIA team and would like to ask you
> to remove them from the Uploaders list of the package so we can close
> that part of the file.

elilo-installer can actually be removed as elilo is no longer part of the 
archive (although I actually created an updated 3.16 package which I could 
upload).

GRUB actually works fine on ia64 and I’m going to switch it over by patching 
grub-installer and partman-auto once Buster has been released (I avoid pushing 
any Ports-related changes during freeze).

I’ll file a removal request later. There are also remnants of elilo references 
in debian-installer and debian-cd.

Adrian

Bug#927678: elpa-beginend installs but is not accessible in emacs

[Damon Thomas]

Package: elpa-beginend
Version: 2.0.0-3
Severity: normal

Dear Maintainer,

After install of elpa-beginend (and restart of Emacs) the package does not seem 
to be present in Emacs.  Using '(beginend-global-mode)' in the init gives an 
error that the command is not available and M-x shows no signs of elpa-beginend 
being installed. This has persisted through several Emacs restarts.


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (900, 'testing'), (300, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages elpa-beginend depends on:
ii  emacsen-common  3.0.4

Versions of packages elpa-beginend recommends:
ii  emacs  1:26.1+1-3.2
ii  emacs-gtk [emacs]  1:26.1+1-3.2

elpa-beginend suggests no packages.

-- no debconf information

Bug#927669: (nvpy: could not connect to simplenote server)

[Luis Mochan]

I have installed the github version with
   pip install 'git+https://github.com/cpbotha/nvpy.git#egg=nvpy'
and it seems to work correctly.

Regards,
Luis

-- 

  o
W. Luis Mochán,  | tel:(52)(777)329-1734 /<(*)
Instituto de Ciencias Físicas, UNAM  | fax:(52)(777)317-5388 `>/   /\
Apdo. Postal 48-3, 62251 |   (*)/\/  \
Cuernavaca, Morelos, México  | moc...@fis.unam.mx   /\_/\__/
GPG: 791EB9EB, C949 3F81 6D9B 1191 9A16  C2DF 5F0A C52B 791E B9EB

Bug#825864: RFP: sedutil -- Drive Trust Alliance utilities for TCG OPAL 2.00 Self Encrypting Drives (SED)

[Nicholas D Steeves]

Control: noowner -1
Control: retitle -1 RFP: sedutil -- Drive Trust Alliance utilities for TCG OPAL 
2.00 Self Encrypting Drives (SED)

Hi Jan Luca,

Are you still pursuing this ITP?  It's been almost three years, and
the deadline for buster has passed, so I've taken the liberty to unset
you as owner and classify it as an RFP.  Please feel free to retake
ownership if this is in error.


Hi Adrian,

Would you still like to sponsor this package when it's ready for an
RFS?


On Fri, Feb 23, 2018 at 03:36:46PM +, Nicholas Brown wrote:
> For sedutil to be useful the kernel will need to built
> with CONFIG_BLK_SED_OPAL. This is requested by debbug 891213
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891213

Buster kernel has CONFIG_BLK_SED_OPAL=y


Regards,
Nicholas


signature.asc
Description: PGP signature

Bug#927677: Can not attach to server 2.4.3; TypeError: '>' not supported between instances of 'str' and 'int'

[Dmitry Smirnov]

Package: xpra
Version: 2.5.1+dfsg1-1
Severity: serious


$ xpra attach :33
xpra main error:
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/xpra/scripts/main.py", line 87, in 
main
options, args = do_parse_cmdline(cmdline, defaults)
  File "/usr/lib/python3/dist-packages/xpra/scripts/parsing.py", line 252, in 
do_parse_cmdline
version = "xpra v%s" % full_version_str()
  File "/usr/lib/python3/dist-packages/xpra/version_util.py", line 30, in 
full_version_str
s += "-r%s%s" % (REVISION, "M" if LOCAL_MODIFICATIONS>0 else "")
TypeError: '>' not supported between instances of 'str' and 'int'


-- 
All the best,
 Dmitry Smirnov

---

Truth — Something somehow discreditable to someone.
-- H. L. Mencken, 1949


signature.asc
Description: This is a digitally signed message part.

Bug#927324: Additional reports; partial logs during resume display blank issue.

[hoxp18]

Dear maintainers,

Reproduction itself is unstable, but the blank screen
after system resume still remains.

* changing ttys multiple times, mostly it recovers.
  It seems tty1 (gdm3) tends to make it better than other
  console ttys.

* NOTE: /tmp is mounted nosuid,nodev,noexec on this machine.

Partial log
---

gnome-shell[2840]: JS ERROR: TypeError: monitor is null

_reposition@resource:///org/gnome/shell/ui/boxpointer.js:508:13

wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22

_allocate@resource:///org/gnome/shell/ui/boxpointer.js:235:13

wrapper@resource:///org/gnome/gjs/modules/_legacy.js:82:22
   _init/<@resource:///org/gnome/shell/ui/layout.js:211:17
gnome-shell[2840]: Failed to apply DRM plane transform 0: Permission denied
gsd-color[2991]: failed to create device: failed to obtain 
org.freedesktop.color-manager.create-device auth
gsd-color[2991]: could not find device: property match 
'XRANDR_name'='HDMI-2' does not exist
gnome-session-binary[5266]: WARNING: Could not parse desktop file 
orca-autostart.desktop or it references a not found TryExec binary
gnome-shell[2840]: Failed to read EDID from 'HDMI-2': No such file or 
directory

gsd-color[2991]: failed to get edid: unable to get EDID for output
gsd-color[2991]: failed to create device: failed to obtain 
org.freedesktop.color-manager.create-device auth
gsd-color[2991]: could not find device: property match 
'XRANDR_name'='HDMI-2' does not exist
org.gnome.Shell.desktop[5281]: can't load 
/usr/lib/x86_64-linux-gnu/spa/support/libspa-support.so: 
/usr/lib/x86_64-linux-gnu/spa/support/libspa-support.so: cannot open 
shared object file: No such file or directory
gnome-shell[5281]: JS WARNING: 
[resource:///org/gnome/shell/ui/windowManager.js 1569]: reference to 
undefined property "MetaWindowXwayland"
gsd-color[2991]: no xrandr-Mitsubishi Electric 
Corporation-RDT233WLM-11200460AJ device found: Failed to find output 
xrandr-Mitsubishi Electric Corporation-RDT233WLM-11200460AJ
gnome-shell[5281]: JS WARNING: [resource:///org/gnome/shell/ui/layout.js 
553]: reference to undefined property 0
gnome-shell[5281]: meta_display_get_monitor_geometry: assertion 'monitor 
>= 0 && monitor < n_logical_monitors' failed

kernel: i2c i2c-1: sendbytes: NAK bailout.
gsd-color[2991]: failed to set screen _ICC_PROFILE: Failed to open file 
“/var/lib/gdm3/.local/share/icc/edid-c3d50cb0df295749399a46cf8877286c.icc”: 
Permission denied
at-spi-bus-launcher[5299]: XIO:  fatal IO error 11 (Resource temporarily 
unavailable) on X server ":1024"
at-spi-bus-launcher[5299]:   after 21 requests (21 known processed) 
with 0 events remaining.

gnome-shell[5281]: Connection to xwayland lost
gsd-color[2991]: failed to connect to device: Failed to connect to 
missing device 
/org/freedesktop/ColorManager/devices/xrandr_Mitsubishi_Electric_Corporation_RDT233WLM_11200460AJ_Debian_gdm_116


Regards.

Bug#927676: android-platform-build: FTBFS randomly (jh_build returned exit code 123)

[Santiago Vila]

Package: src:android-platform-build
Version: 1:8.1.0+r23-2
Severity: serious
Tags: ftbfs

Dear maintainer:

I tried to build this package in buster but it failed:


[...]
 debian/rules build-indep
dh build-indep --with javahelper
   dh_update_autotools_config -i
   dh_autoreconf -i
   jh_linkjars -i
   debian/rules override_dh_auto_build-indep
make[1]: Entering directory '/<>/android-platform-build-8.1.0+r23'
jh_build --javacopts="-source 7" --no-javadoc 
--main=com.android.signapk.SignApk signapk.jar tools/signapk/
warning: [options] bootstrap class path not set in conjunction with -source 7
1 warning
javadoc: error - No public or protected classes found to document.
1 error
jh_build: find tools/signapk/ -name '*.java' -and -type f -print0 | xargs -s 
512000 -0 /usr/lib/jvm/default-java/bin/javadoc -locale en_US -classpath 
/usr/share/java/bcprov.jar:/usr/share/java/bcpkix.jar:/usr/share/java/apksig.jar:debian/_jh_build.signapk
 -d debian/_jh_build.javadoc/api -quiet -encoding ISO8859-1 -source 1.7 
-notimestamp  returned exit code 123
make[1]: *** [debian/rules:25: signapk.jar] Error 2
make[1]: Leaving directory '/<>/android-platform-build-8.1.0+r23'
make: *** [debian/rules:31: build-indep] Error 2
dpkg-buildpackage: error: debian/rules build-indep subprocess returned exit 
status 2


This happens randomly but the failure rate measured here is around 50%,
not something that could be called "build from source". I've tried in
lots of different systems, with different amounts of memory, with 1 CPU
and 2 CPUs, self-hosted with KVM and commercial VPS, and the
randomness always happens.

I've put a bunch of build logs here:

https://people.debian.org/~sanvila/build-logs/android-platform-build/

Unfortunately, I don't have a "recipe" to reproduce it as such, except
that I would expect this randomness to be "intrinsic" to the pàckage
and the tools used by the package, given that I can reproduce it
everywhere.

In either case, if you need a test machine to reproduce the randomness
please contact me privately and I will gladly offer ssh access.

If this is really a bug in one of the build-depends, please use
reassign and affects, so that this is still visible in the BTS web
page for this package.

BTW: I suspect of javahelper (CC to Niels because of this), and in
fact I tried this but didn't work: There are two "find" commands in
jh_build at lines 231 and 233. I tried inserting a "sort -z" between
the "find" and the "xargs" but the failures were still random, so
apparently it must be something else.

(This is the trick used by Cyril Brulebois when debugging the clojure
packages, but unfortunately does not seem to work here).

Thanks.

Bug#927675: RFS: golang-github-src-d-gcfg

[Jongmin Kim]

Dear Go team,

I'm looking for a sponsor for the package
   "golang-github-src-d-gcfg" (#927675).
This package is a prerequisite for upcoming package "lazygit" (#908894).

https://salsa.debian.org/go-team/packages/golang-github-src-d-gcfg

The package was tested on both gbp and sbuild. It's also lintian-clean.
Please consider to review and upload it. Any kind of suggestions are
appreciated.

Thanks,


-- 
Jongmin Kim

OpenPGP key located at https://jongmin.dev/pgp
OpenPGP fingerprint: 012E 4A06 79E1 4EFC DAAE  9472 D39D 8D29 BAF3 6DF8


signature.asc
Description: PGP signature

Bug#925298: ceilometer: CVE-2019-3830: ceilometer-agent prints sensitive data from config files through log files

[Thomas Goirand]

On 4/20/19 11:32 PM, Moritz Mühlenhoff wrote:
> On Fri, Mar 22, 2019 at 05:25:47PM +0100, Salvatore Bonaccorso wrote:
>> Source: ceilometer
>> Version: 1:11.0.1-4
>> Severity: important
>> Tags: security upstream
>> Forwarded: https://bugs.launchpad.net/ceilometer/+bug/1811098/
>>
>> Hi,
>>
>> The following vulnerability was published for ceilometer.
>>
>> CVE-2019-3830[0]:
>> | ceilometer-agent prints sensitive data from config files through log
>> | files
>>
>> If you fix the vulnerability please also make sure to include the
>> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>>
>> For further information see:
>>
>> [0] https://security-tracker.debian.org/tracker/CVE-2019-3830
>> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3830
>> [1] https://bugs.launchpad.net/ceilometer/+bug/1811098/
>> [2] https://review.openstack.org/#/c/629891/
> 
> This is fixed in 
> https://github.com/openstack/ceilometer/commit/8881a42af169a2d7c912b1434911f978883c83f3
> Could we please get that fixed in buster?
> 
> Stretch is not affected.
> 
> Cheers,
> Moritz

Hi Moritz, Salavatore,

The fix that Moritz linked to is already included in Ceilometer 12.0.0
which is in Experimental.

I've just uploaded 1:11.0.1-5 with the fix (with urgency=high).

Cheers,

Thomas Goirand (zigo)

Bug#927675: ITP: golang-github-src-d-gcfg -- reads INI-style configuration files into Go structs

[Jongmin Kim]

Package: wnpp
Severity: wishlist
Owner: Jongmin Kim 
X-Debbugs-CC: debian-de...@lists.debian.org, debian...@lists.debian.org

* Package name: golang-github-src-d-gcfg
  Version : 1.4.0-1
  Upstream Author : source{d}
* URL : https://github.com/src-d/gcfg
* License : BSD-3-Clause
  Programming Lang: Go
  Description : reads INI-style configuration files into Go structs

 Gcfg reads INI-style configuration files into Go structs; supports
 user-defined types and subsections.
 .
 This package provides go-gcfg/gcfg fork for usage in src-d/go-git.

This package is a prerequisite for upcoming package "lazygit" (#908894).


-- 
Jongmin Kim

OpenPGP key located at https://jongmin.dev/pgp
OpenPGP fingerprint: 012E 4A06 79E1 4EFC DAAE  9472 D39D 8D29 BAF3 6DF8


signature.asc
Description: PGP signature

Bug#927674: CVE-2019-3902

[Moritz Muehlenhoff]

Source: mercurial
Version: 4.8.2-1
Severity: grave
Tags: security

See https://www.mercurial-scm.org/wiki/WhatsNew from 4.9:

This was assigned CVE-2019-3902:
It was possible to use symlinks and subrepositories to defeat Mercurial's 
path-checking
logic and write files outside a repository. This has been fixed. Users on older 
versions
can either disable subrepositories with [subrepos] allowed=false in their 
configuration
or by ensuring any cloned repositories don't contain malicious symlinks.

This is fixed in sid, but buster still has 4.8.2.

Cheers,
Moritz

Bug#927673: src:zookeeper: new upstream release 3.4.14

[tony mancill]

Package: src:zookeeper
Followup-For: Bug #927673

Forget that part about Yetus.  Emmanuel has already taken care of that
within Zookeeper.  (Thanks Emmanuel.)  So the update should go quickly


signature.asc
Description: PGP signature

Bug#919914: gnome-tweaks now equates "don't suspend on lid close" with "don't lock on lid close" (security issue)

[Simon McVittie]

Control: tags -1 + moreinfo

On Sun, 20 Jan 2019 at 08:55:23 -0800, Josh Triplett wrote:
> I disable suspend on lid close, but I *always* need the screen to lock
> when I close the lid.

This seems like an inherently "unstable" pattern: whatever the precise
design/meaning of this "tweak" might have been intended to be, you're
relying on the screen locking under precisely those conditions in which
you can't tell whether it has really happened, so any bugs or mismatched
expectations become highly problematic.

If screen locking is important to you, then either getting into the habit
of explicitly locking the screen with Super+L (Windows+L), or reverting
to the default suspend-on-lid-close, would be considerably safer. With
explicit locking, you can see that the screen has indeed locked before you
close the lid; with suspend-on-lid-close, most laptops have a visible
indication that they have indeed suspended (for example a power LED
switching from constantly-on to flashing or pulsing), and GNOME and
logind cooperate to ensure that the screen locks before this can happen.

As a result, I am not sure that "grave" severity is really justified here.

Would it address your concern if the option in gnome-tweaks was renamed
to "Ignore laptop lid being closed", with its sense reversed?
That's what is really happening behind the scenes (gnome-tweaks installs
an inhibitor for the handle-lid-switch logind event).

On Sun, 07 Apr 2019 at 19:25:40 +0200, intrigeri wrote:
> FWIW the patch proposed upstream applies nicely on top of our
> debian/unstable branch:
> https://salsa.debian.org/gnome-team/gnome-settings-daemon/merge_requests/3
> 
> I probably won't have time to test this myself in the next few days.
> Hoping this WIP MR might save someone else a tiny bit of time :)

Does this patch provide the behaviour you want?

It looks as though the patch has not been accepted upstream because there
is a concern that it breaks other valid use cases, possibly involving
tablet or 2-in-1 PCs locking and suspending when they should have locked
but continued to run (I'm not sure of the precise details).

As a result, if we diverge from upstream on this, we should be aware
that we might be causing important regressions.

(Also, I personally have my laptop configured to not suspend on lid
close, and expect this to *not* lock the screen: I press the suspend
or screen-lock hotkey if I'm going to stop using it, or close the lid
without doing either of those if I'm going to carry it to another room and
continue to use it. The proposed change would break this; I wouldn't say
that that's a particularly important regression, so I wouldn't want to
block the patch being applied if there is consensus that it is correct,
but it *is* a regression.)

smcv

Bug#922987: stretch-pu: package cernlib/20061220+dfsg3-4.3

[Gilles Filippini]

Adam D. Barratt a écrit le 20/04/2019 à 23:22 :
> On Sat, 2019-04-20 at 22:55 +0200, Gilles Filippini wrote:
>> Gilles Filippini a écrit le 20/04/2019 à 19:22 :
>>> Adam D. Barratt a écrit le 20/04/2019 à 12:41 :
 On Sat, 2019-04-20 at 10:43 +0100, Adam D. Barratt wrote:
> On Tue, 2019-04-16 at 19:37 +0200, Gilles Filippini wrote:
>> Adam D. Barratt a écrit le 14/04/2019 à 22:48 :
>>> Control: tags -1 + confirmed
>>>
>>> On Fri, 2019-02-22 at 17:29 +0100, Gilles Filippini wrote:
 Because RC bug #922453 affects Stretch as well, I propose
 a
 stable
 update
 for cernlib. Debdiff attached.
>>>
>>> cernlib (20061220+dfsg3-4.3+deb9u1) stable-proposed-
>>> updates;
>>> urgency=medium
>>>
>>> Please use "stretch" rather than "stable-proposed-updates"
>>> and go
>>> ahead.
>>
>> Done.
>
> Unfortunately, the arm64 build appears to be hitting #863152 in
> binutils. I'm not sure if there's anything that can be done to
> work
> around this in cernlib, but noting it here in any case, as it
> means
> that cernlib won't be getting into 9.9.

 For the record, if a fix for cernlib can get sorted before the
 9.9
 window closes later this weekend (e.g. simply disabling PIE on
 arm64
 may be sufficient) then getting the updates in should be OK.
>>>
>>> The cernlib build system is far from easy to understand and patch.
>>> I
>>> don't think I'll be able to find a solution in time for 9.9.
>>
>> I might have been over pessimistic. I found a way to force -no-pie
>> when linking fortran executables. Fix tested on an arm64 porter box.
>> Debdiff attached.
> 
> Great, thanks. Please feel free to upload the new version.

Done.

Thanks,

_g.



signature.asc
Description: OpenPGP digital signature

Bug#927191: python-django-casclient 1.2.0-2+deb9u1 flagged for acceptance

[Adam D Barratt]

Control: tags -1 + pending

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian stretch.

Thanks for your contribution!

Upload details
==

Package: python-django-casclient
Version: 1.2.0-2+deb9u1

Explanation: apply django 1.10 middleware fix; python(3)-django-casclient: add 
missing dependencies on python(3)-django

Bug#927672: CVE-2019-11372 CVE-2019-11373

[Moritz Muehlenhoff]

Source: libmediainfo
Severity: important
Tags: security

Please see
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11372
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11373

Cheers,
Moritz

Bug#927673: src:zookeeper: new upstream release 3.4.14

[tony mancill]

Package: src:zookeeper
Severity: wishlist

This bug is to track progress and prevent duplication of effort related
to the latest 3.4.x ZK release.

I have refreshed all of the patches against the new upstream version and
am now taking a look at whether we should package Apache Yetus audience
annotations [1] or patch ZK around it.  Spotbugs is another new dependency
introduced in this version that can either be packaged or patched.

Cheers,
tony

[1] https://github.com/apache/yetus/tree/master/audience-annotations-component

Bug#923962: 923962: tigervnc-standalone-server: crashes on ARM after VncAuth

[Bernhard Übelacker]

Dear Maintainer,
one short addition, I tried to install to a current buster system
some versions from snapshot.debian.org.

Some versions around Stretch release allow a connection and
interacting with the desktop is possible.
Just on disconnect Xtigervnc crashes but cannot
say if that is related.

Kind regards,
Bernhard



libunwind8_1.1-3.2_arm64.deb -> coredump after entering password
libunwind8_1.1-4_arm64.deb   -> works - coredump on disconnect
libunwind8_1.1-4.1_arm64.deb -> works - coredump on disconnect # Stretch
libunwind8_1.1-5_arm64.deb   -> works - coredump on disconnect
libunwind8_1.1-6_arm64.deb   -> works - coredump on disconnect
libunwind8_1.2.1-1_arm64.deb -> coredump after entering password
libunwind8_1.2.1-2_arm64.deb -> coredump after entering password

Bug#927671: CVE-2016-10542

[Moritz Muehlenhoff]

Package: node-ws
Severity: grave
Tags: security

Please see
https://nodesecurity.io/advisories/120
https://github.com/nodejs/node/issues/7388

Cheers,
Moritz
 
  

Bug#927467: dput-ng: FTBFS (failing tests)

[Santiago Vila]

On Sat, Apr 20, 2019 at 11:40:07PM +0200, Mattia Rizzolo wrote:
> Control: reassign distro-info-data 0.39
> Control: affects -1 dput-ng
> 
> On Sat, Apr 20, 2019 at 08:59:34AM +, Santiago Vila wrote:
> > Package: src:dput-ng
> > Version: 1.24
> > Severity: serious
> > Tags: ftbfs
> > 
> > Dear maintainer:
> > 
> > I tried to build this package in buster but it failed:
> 
> This is because ubuntu released disco, and now there is no development
> release.

Hmm, but why the building of a package should be affected by whatever
happens in the outside world? Is dput-ng using Internet during the build?

Thanks.

Bug#927669: nvpy: could not connect to simplenote server

[Luis Mochan]

Package: nvpy
Version: 1.0.0+git20171203.c91062c-1
Severity: important

Dear Maintainer,

I found recently that my notes don't sync with nvpy. The message I
receive is that nvpy could not connect to the Simplenote server. I
read that this is due to a change in the Simplenote API and that the
issue has been solved in recent versions of nvpy in github (I haven't
tested them), but I guess the changes haven't reached the debian
package yet.

Regards,
Luis


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages nvpy depends on:
ii  python   2.7.16-1
ii  python-markdown  3.0.1-3
ii  python-tk2.7.16-2

nvpy recommends no packages.

nvpy suggests no packages.

-- no debconf information

-- 

  o
W. Luis Mochán,  | tel:(52)(777)329-1734 /<(*)
Instituto de Ciencias Físicas, UNAM  | fax:(52)(777)317-5388 `>/   /\
Apdo. Postal 48-3, 62251 |   (*)/\/  \
Cuernavaca, Morelos, México  | moc...@fis.unam.mx   /\_/\__/
GPG: 791EB9EB, C949 3F81 6D9B 1191 9A16  C2DF 5F0A C52B 791E B9EB

Bug#927670: RM: radiusd-livingston -- RoQA; dead upstream, orphaned, technically outdated

[Moritz Muehlenhoff]

Package: ftp.debian.org
Severity: normal

radiusd-livingston is dead upstream and hasn't been adopted. As pointed
out by Alan DeKok from the FreeRadius project it's obsolete as it doesn't
implement any of the modern Radius standards:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923034#10

Cheers,
Moritz

Bug#923034: FreeRADIUS status

[Moritz Mühlenhoff]

On Sat, Feb 23, 2019 at 02:25:49PM -0500, Alan DeKok wrote:
>   I'll note that Debian also packages "livingston-radius", which hasn't had 
> any source changes in 20 years.  There's no mailing list, no support, and it 
> doesn't implement any of the modern RADIUS standards.
> 
>   Including that package does a disservice to people who install it, and then 
> realize it's next to useless.

Thanks for the pointer, I've just requested livingston-radius's removal from 
the archive.

Cheers,
Moritz

Bug#927467: dput-ng: FTBFS (failing tests)

[Mattia Rizzolo]

Control: reassign distro-info-data 0.39
Control: affects -1 dput-ng

On Sat, Apr 20, 2019 at 08:59:34AM +, Santiago Vila wrote:
> Package: src:dput-ng
> Version: 1.24
> Severity: serious
> Tags: ftbfs
> 
> Dear maintainer:
> 
> I tried to build this package in buster but it failed:

This is because ubuntu released disco, and now there is no development
release.

> Test the upload of a package ... Uploading fnord using local to test (host: 
> test; directory: /dev/null)
> running required-fields: check whether a field is present and non-empty in 
> the changes file
> ERROR
> Test a double-upload (and force block) ... Uploading fnord using local to 
> test (host: test; directory: /dev/null)
> running required-fields: check whether a field is present and non-empty in 
> the changes file
> ERROR
> Test the upload of a package to a PPA (no Launchpad-Bugs-Fixed) ... Uploading 
> fnord using local to ppa (host: ppa.launchpad.net; directory: ~foo/bar)
> running required-fields: check whether a field is present and non-empty in 
> the changes file
> running supported-distribution: check whether the target distribution is 
> currently supported (using distro-info)
> {'allowed': ['release'], 'known': ['release']}
…
> ==
> ERROR: Test the upload of a package
> --
> Traceback (most recent call last):
>   File "/usr/lib/python3/dist-packages/nose/case.py", line 197, in runTest
> self.test(*self.arg)
>   File 
> "/<>/.pybuild/cpython3_3.7_dput/build/tests/test_upload.py", 
> line 31, in test_upload
> upload(path, 'test')
>   File "/<>/.pybuild/cpython3_3.7_dput/build/dput/uploader.py", 
> line 261, in invoke_dput_simple
> return invoke_dput(changes, config)
>   File "/<>/.pybuild/cpython3_3.7_dput/build/dput/uploader.py", 
> line 313, in invoke_dput
> run_pre_hooks(changes, profile)
>   File "/<>/.pybuild/cpython3_3.7_dput/build/dput/hook.py", line 
> 54, in run_pre_hooks
> run_hook(name, hook, changes, profile)
>   File "/<>/.pybuild/cpython3_3.7_dput/build/dput/hook.py", line 
> 83, in run_hook
> return run_func_by_name('hooks', name, changes, profile)
>   File "/<>/.pybuild/cpython3_3.7_dput/build/dput/util.py", line 
> 377, in run_func_by_name
> obj(changes, profile, interface)
>   File 
> "/<>/.pybuild/cpython3_3.7_dput/build/dput/hooks/distro_info_checks.py",
>  line 160, in required_fields
> supported -= set([distro_info.devel(), 'experimental'])
>   File "/usr/lib/python3/dist-packages/distro_info.py", line 133, in devel
> raise DistroDataOutdated()
> distro_info.DistroDataOutdated: Distribution data outdated. Please check for 
> an update for distro-info-data. See 
> /usr/share/doc/distro-info-data/README.Debian for details.

↑

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#927160: publicsuffix 20190415.1030-0+deb9u1 flagged for acceptance

[Adam D Barratt]

Control: tags -1 + pending

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian stretch.

Thanks for your contribution!

Upload details
==

Package: publicsuffix
Version: 20190415.1030-0+deb9u1

Explanation: update included data

Bug#926666: CVE-2019-9718 CVE-2019-9721

[Moritz Mühlenhoff]

On Mon, Apr 08, 2019 at 08:31:43PM +0200, Moritz Muehlenhoff wrote:
> Package: ffmpeg
> Version: 7:4.1.1-1
> Severity: important
> Tags: security
> 
> https://security-tracker.debian.org/tracker/CVE-2019-9718
> https://security-tracker.debian.org/tracker/CVE-2019-9721
> 
> Both a fixed in the 4.1.3 release, which also fixes a number of
> additional issues without a CVE ID.

Also these were assigned and are fixed in 4.1.3:
https://security-tracker.debian.org/tracker/CVE-2019-11338
https://security-tracker.debian.org/tracker/CVE-2019-11339

Cheers,
Moritz

 

Bug#927424: rails 4.2.7.1-1+deb9u1 flagged for acceptance

[Adam D Barratt]

Control: tags -1 + pending

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian stretch.

Thanks for your contribution!

Upload details
==

Package: rails
Version: 4.2.7.1-1+deb9u1

Explanation: security updates [CVE-2018-16476 CVE-2019-5418 CVE-2019-5419]

Bug#925298: ceilometer: CVE-2019-3830: ceilometer-agent prints sensitive data from config files through log files

[Moritz Mühlenhoff]

On Fri, Mar 22, 2019 at 05:25:47PM +0100, Salvatore Bonaccorso wrote:
> Source: ceilometer
> Version: 1:11.0.1-4
> Severity: important
> Tags: security upstream
> Forwarded: https://bugs.launchpad.net/ceilometer/+bug/1811098/
> 
> Hi,
> 
> The following vulnerability was published for ceilometer.
> 
> CVE-2019-3830[0]:
> | ceilometer-agent prints sensitive data from config files through log
> | files
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2019-3830
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3830
> [1] https://bugs.launchpad.net/ceilometer/+bug/1811098/
> [2] https://review.openstack.org/#/c/629891/

This is fixed in 
https://github.com/openstack/ceilometer/commit/8881a42af169a2d7c912b1434911f978883c83f3
Could we please get that fixed in buster?

Stretch is not affected.

Cheers,
Moritz

Bug#923675: debian-installer: consider using haveged to gather entropy

[Cyril Brulebois]

Hi Holger,

Holger Levsen  (2019-04-20):
> On Sat, Apr 20, 2019 at 02:39:49AM +0200, Cyril Brulebois wrote:
> > I've tweaked it a little so that we log whether haveged is available,
> > and whether it should be started, in case we need to investigate:
> >   
> > https://salsa.debian.org/installer-team/rootskel/blob/master/src/lib/debian-installer-startup.d/S50entropy-source
> 
> nice work!
> 
> does that also mean that haveged get's installed on the final system if
> it's deemed to be useful in d-i or is that still missing?

There's nothing in what I have written (on this bug report or in the
code I've quoted or pointed to) that references /target, no.


TBF I have no idea whether we should do that; the situation is slightly
different as a non-installer/non-live system can carry over entropy from
one boot to the next one, which d-i can't do.

I've focussed on getting entropy issues within d-i fixed, which seemed
urgently needed. I'm fine with people seeking a consensus through
debian-boot@ (and maybe debian-devel@) regarding what should happen in
the installed system.

(I almost mentioned the fix would be trivial as it's about pulling an
extra package, but since we have no rng support in udebs at the moment,
we would have no rng support in d-i thus haveged running, while the
installed system could have rng support… Anyway: deciding what to do is
the important part; implementation should be much more straightforward
than the haveged udeb addition dance I've just orchestrated.)


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#922987: stretch-pu: package cernlib/20061220+dfsg3-4.3

[Adam D. Barratt]

On Sat, 2019-04-20 at 22:55 +0200, Gilles Filippini wrote:
> Gilles Filippini a écrit le 20/04/2019 à 19:22 :
> > Adam D. Barratt a écrit le 20/04/2019 à 12:41 :
> > > On Sat, 2019-04-20 at 10:43 +0100, Adam D. Barratt wrote:
> > > > On Tue, 2019-04-16 at 19:37 +0200, Gilles Filippini wrote:
> > > > > Adam D. Barratt a écrit le 14/04/2019 à 22:48 :
> > > > > > Control: tags -1 + confirmed
> > > > > > 
> > > > > > On Fri, 2019-02-22 at 17:29 +0100, Gilles Filippini wrote:
> > > > > > > Because RC bug #922453 affects Stretch as well, I propose
> > > > > > > a
> > > > > > > stable
> > > > > > > update
> > > > > > > for cernlib. Debdiff attached.
> > > > > > 
> > > > > > cernlib (20061220+dfsg3-4.3+deb9u1) stable-proposed-
> > > > > > updates;
> > > > > > urgency=medium
> > > > > > 
> > > > > > Please use "stretch" rather than "stable-proposed-updates"
> > > > > > and go
> > > > > > ahead.
> > > > > 
> > > > > Done.
> > > > 
> > > > Unfortunately, the arm64 build appears to be hitting #863152 in
> > > > binutils. I'm not sure if there's anything that can be done to
> > > > work
> > > > around this in cernlib, but noting it here in any case, as it
> > > > means
> > > > that cernlib won't be getting into 9.9.
> > > 
> > > For the record, if a fix for cernlib can get sorted before the
> > > 9.9
> > > window closes later this weekend (e.g. simply disabling PIE on
> > > arm64
> > > may be sufficient) then getting the updates in should be OK.
> > 
> > The cernlib build system is far from easy to understand and patch.
> > I
> > don't think I'll be able to find a solution in time for 9.9.
> 
> I might have been over pessimistic. I found a way to force -no-pie
> when linking fortran executables. Fix tested on an arm64 porter box.
> Debdiff attached.

Great, thanks. Please feel free to upload the new version.

Regards,

Adam

Bug#922987: stretch-pu: package cernlib/20061220+dfsg3-4.3

[Gilles Filippini]

Gilles Filippini a écrit le 20/04/2019 à 19:22 :
> Adam D. Barratt a écrit le 20/04/2019 à 12:41 :
>> On Sat, 2019-04-20 at 10:43 +0100, Adam D. Barratt wrote:
>>> On Tue, 2019-04-16 at 19:37 +0200, Gilles Filippini wrote:
 Adam D. Barratt a écrit le 14/04/2019 à 22:48 :
> Control: tags -1 + confirmed
>
> On Fri, 2019-02-22 at 17:29 +0100, Gilles Filippini wrote:
>> Because RC bug #922453 affects Stretch as well, I propose a
>> stable
>> update
>> for cernlib. Debdiff attached.
>
> cernlib (20061220+dfsg3-4.3+deb9u1) stable-proposed-updates;
> urgency=medium
>
> Please use "stretch" rather than "stable-proposed-updates" and go
> ahead.

 Done.
>>>
>>> Unfortunately, the arm64 build appears to be hitting #863152 in
>>> binutils. I'm not sure if there's anything that can be done to work
>>> around this in cernlib, but noting it here in any case, as it means
>>> that cernlib won't be getting into 9.9.
>>
>> For the record, if a fix for cernlib can get sorted before the 9.9
>> window closes later this weekend (e.g. simply disabling PIE on arm64
>> may be sufficient) then getting the updates in should be OK.
> 
> The cernlib build system is far from easy to understand and patch. I
> don't think I'll be able to find a solution in time for 9.9.

I might have been over pessimistic. I found a way to force -no-pie when
linking fortran executables. Fix tested on an arm64 porter box. Debdiff
attached.

_g.
diff -Nru cernlib-20061220+dfsg3/debian/changelog 
cernlib-20061220+dfsg3/debian/changelog
--- cernlib-20061220+dfsg3/debian/changelog 2019-02-16 12:17:12.0 
+0100
+++ cernlib-20061220+dfsg3/debian/changelog 2019-04-20 22:38:53.0 
+0200
@@ -1,3 +1,11 @@
+cernlib (20061220+dfsg3-4.3+deb9u2) stretch; urgency=medium
+
+  * Update patch 304-update-Imake-config-files.dpatch to force -no-pie
+when linking Fortran executables (workaround for #863152 being in the
+way of the previous fix)
+
+ -- Gilles Filippini   Sat, 20 Apr 2019 22:38:53 +0200
+
 cernlib (20061220+dfsg3-4.3+deb9u1) stretch; urgency=medium
 
   * Backport for stretch of the fix for #922453 bringed by 20061220+dfsg3-4.4
diff -Nru 
cernlib-20061220+dfsg3/debian/patches/304-update-Imake-config-files.dpatch 
cernlib-20061220+dfsg3/debian/patches/304-update-Imake-config-files.dpatch
--- cernlib-20061220+dfsg3/debian/patches/304-update-Imake-config-files.dpatch  
2019-02-16 12:17:12.0 +0100
+++ cernlib-20061220+dfsg3/debian/patches/304-update-Imake-config-files.dpatch  
2019-04-20 22:38:53.0 +0200
@@ -2002,7 +2002,7 @@
  #endif
  #ifndef ExtraLoadOptions
 -#define ExtraLoadOptions /**/
-+#define ExtraLoadOptions -Wl,-z,relro
++#define ExtraLoadOptions -Wl,-z,relro -no-pie
  #endif
  #ifndef ExtraLoadFlags
  #define ExtraLoadFlags /**/


signature.asc
Description: OpenPGP digital signature

Bug#927485: Heads-up: new lintian error: no-human-maintainers

[Cyril Brulebois]

Hi all,

With the removal of Christian Perrier from Uploaders in almost all d-i
packages, some of them now have an empty Uploaders field. With the
debian-boot@ list being in the Maintainer field, that can trigger this
lintian error on the source package:

E: tzsetup source: no-human-maintainers

My personal policy regarding this (carried over from my X.Org days) is
to ignore it entirely; I see no gain in having specific people being
listed in Uploaders. Feel free to do the same when you're about to
upload a package with pending l10n changes, or with various bug fixes
that were awaiting an upload in git…


I've opened a new thread for this heads-up, so that it can be spotted
easily instead of replying to the first bug report (bcc'd) we received
about the requested update of those Uploaders field:
  https://bugs.debian.org/927485#10

Expanding on this anyway: I won't be spending any time on copying +
pasting bug numbers into Closes statements in changelog entries as
that seems a big waste of time.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#924974: unblock (pre-approval) or RM: epiphany-browser/3.32.1.2-2

[Simon McVittie]

Control: retitle -1 unblock (pre-approval) or RM: epiphany-browser/3.32.1.2-2

On Mon, 25 Mar 2019 at 09:42:58 +, Simon McVittie wrote:
> According to upstream, 3.32.0 is not suitable and we should be using
> 3.32.1.2. That version has various post-release fixes, and also restores
> the bundled copy of libdazzle 3.32.x instead of using the system libdazzle
> 3.30.x: upstream say 3.32.x has important fixes for epiphany-browser.
> 
> I've prepared a draft package at
> 

Now that webkit2gtk 2.24.x is in buster, I've reverted the parts of that
draft package that were only there to relax the dependency on webkit2gtk
to 2.22.x, and uploaded it to experimental.

Here's a debdiff excluding the translations and the now-bundled copy
of libdazzle:
https://people.debian.org/~smcv/epiphany-browser_3.32.1.2-1_without-libdazzle.diff

and a separate debdiff between buster's libdazzle and the bundled copy,
in the hope that this is less horrible to review than the whole of the
bundled copy:
https://people.debian.org/~smcv/epiphany-browser_3.32.1.2-1_libdazzle.diff

An upload to unstable would presumably differ only by a
changelog entry.

> someone who knows the package better should probably take over at
> this point, so I'm marking the unblock request as moreinfo

This still stands. I don't use epiphany-browser myself, so if the GNOME
team is intending to release it in buster, I would strongly prefer for
someone else to do the upload to unstable.

If nobody is willing to do that, then we should remove epiphany-browser
from buster, and possibly reopen #916347 "epiphany-browser: Don't include
in Buster".

Thanks,
smcv

Bug#925552: release-notes: document problems with hidepid vs Buster systemd

[Justin B Rye]

Andrei POPESCU wrote:
>> +  disable it before the upgrade, to ensure login sessions work on
>> +  . (A possible route to re-enabling it is outlined on the
> 
> Any particular reason for using "" instead of "buster"?
> 
> At least for me it's easier to read (and understand) the source text 
> without so much markup.

I'll just have been copying the prevailing markup features from
neighbouring sections..

Personally I would be happy to see  etc. eliminated in
any section that won't be kept for the buster->bullseye edition (and
the places that don't change should rarely mention releasenames).
It's not quite as bad as , which almost never makes sense,
since anybody recycling this document for (e.g.) Devuan would need to
change almost everything else, too.

But I've given up trying to get this sorted out, just as I've given up
asking why it is that we write "stretch" when the release announcement
called it "Stretch" and it's named after something called "Stretch"!
-- 
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package

Bug#922323: [basilisk2] several network setups crash app

[Bernhard Übelacker]

Control: found 922323 0.9.20180101-1+b1
Control: tags 922323 + upstream


Dear Maintainer,
I tried to have a look at this segfault, and guess I
have found something.

The problem seems to be, that the slirp library used
by Basilisk is using some 32 bit types for pointers.
Unfortunately this does not work in 64 bit systems.

I could reproduce this also for current Buster/testing [2].

When I build a stretch package with ipqp_32 typedefed to
a 64 bit type "void*" the crash does not happen [3].
(Just tested if the crash happens anymore, nothing further tested.)

Basically it seems related to upstream issue [1].
So, I assume, the 32bit builds may work as expected.

Kind regards,
Bernahrd



[1] https://github.com/cebix/macemu/issues/173



[2]
(gdb) bt
#0  0x55f8148a580f in do_get_mem_word (a=0x1) at 
./src/Unix/./sysdeps.h:428
#1  0x55f8148a580f in get_word (addr=3200692224) at 
./src/Unix/../uae_cpu/memory.h:143
#2  0x55f8148a580f in m68k_disasm(unsigned int, unsigned int*, int) 
(addr=, nextpc=nextpc@entry=0x7f748bcbce74, cnt=0, cnt@entry=1) 
at ./src/Unix/../uae_cpu/newcpu.cpp:1440
#3  0x55f8148a5e26 in m68k_dumpstate(unsigned int*) 
(nextpc=nextpc@entry=0x7f748bcbce74) at ./src/Unix/../uae_cpu/memory.h:171
#4  0x55f8148a2427 in sigsegv_dump_state(sigsegv_info_t*) (sip=) at ./src/Unix/main_unix.cpp:287
#5  0x55f814894a61 in handle_badaccess (sip=, 
scp=0x7f748bcbcf00) at ./src/Unix/../CrossPlatform/sigsegv.cpp:2651
#6  0x55f814894a61 in sigsegv_handler(int, siginfo_t*, void*) 
(sig=, sip=, scp=0x7f748bcbcf00) at 
./src/Unix/../CrossPlatform/sigsegv.cpp:2864
#7  0x7f74909b7730 in  () at 
/lib/x86_64-linux-gnu/libpthread.so.0
#8  0x55f8148ef4f5 in ip_slowtimo () at ./src/Unix/../slirp/ip_input.c:453
#9  0x55f8148ee265 in slirp_select_poll 
(readfds=readfds@entry=0x7f748bcbd400, writefds=writefds@entry=0x7f748bcbd480, 
xfds=xfds@entry=0x7f748bcbd500) at ./src/Unix/../slirp/slirp.c:368
#10 0x55f81489c797 in slirp_receive_func(void*) (arg=) at 
./src/Unix/ether_unix.cpp:836
#11 0x7f74909acfa3 in start_thread (arg=) at 
pthread_create.c:486
#12 0x7f748f9e482f in clone () at 
../sysdeps/unix/sysv/linux/x86_64/clone.S:95

(gdb) list ip_input.c:435,460
435
436 /*
437  * IP timer processing;
438  * if a timer expires on a reassembly
439  * queue, discard it.
440  */
441 void
442 ip_slowtimo()
443 {
444 register struct ipq *fp;
445
446 DEBUG_CALL("ip_slowtimo");
447
448 fp = (struct ipq *) ipq.next;
449 if (fp == 0)
450return;
451
452 while (fp != ) {
453 --fp->ipq_ttl;
454 fp = (struct ipq *) fp->next;
455 if (((struct ipq *)(fp->prev))->ipq_ttl == 0) {
456 ipstat.ips_fragtimeout++;
457 ip_freef((struct ipq *) fp->prev);
458 }
459 }
460 }




[3]
diff -Nurp orig/basilisk2-0.9.20120331/src/slirp/ip.h 
try1/basilisk2-0.9.20120331/src/slirp/ip.h
-typedef caddr32_t ipqp_32;
-typedef caddr32_t ipasfragp_32;
+typedef void* ipqp_32;
+typedef void* ipasfragp_32;

# Stretch amd64 qemu VM 2019-04-20, +contrib

apt update
apt dist-upgrade


apt install systemd-coredump xserver-xorg lightdm openbox unzip gdb dpkg-dev 
devscripts mc basilisk2 basilisk2-dbgsym
apt build-dep basilisk2


systemctl start lightdm


mkdir /home/benutzer/source/basilisk2/orig -p
cd/home/benutzer/source/basilisk2/orig
apt source basilisk2
cd




wget 
https://people.debian.org/~smarenka/d-i/m68k/cds/daily/debian-etch-m68k-m68k-netinst.iso
 
export DISPLAY=:0


/usr/bin/BasiliskII
- Serial/Network: slirp
- Memory/Misc: Configure ROM path
- Button "Start"



set width 0
set pagination off
bt



#



benutzer@debian:~$ /usr/bin/BasiliskII
Basilisk II V1.0 by Christian Bauer et al.
ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4528:(_snd_config_evaluate) function snd_func_card_driver 
returned error: Datei oder Verzeichnis nicht gefunden
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4528:(_snd_config_evaluate) function snd_func_concat returned 
error: Datei oder Verzeichnis nicht gefunden
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4528:(_snd_config_evaluate) function snd_func_refer returned 
error: Datei oder Verzeichnis nicht gefunden
ALSA lib conf.c:5007:(snd_config_expand) Evaluate error: Datei oder Verzeichnis 
nicht gefunden
ALSA lib pcm.c:2495:(snd_pcm_open_noupdate) Unknown PCM default
Reading ROM file...
WARNING: Cannot open audio: No available audio device
WARNING: No audio device found, audio output will be disabled.
Caught SIGSEGV at address 0x7b1281a8 [IP=0x55e27ae4f0ad]
D0:  D1:  D2:  D3:  
D4:  D5:  D6:  D7:  
A0:  A1:  A2:  

Bug#927668: powermgmt-base: on_ac_power fails if the path contains a whitespace

[Simon Quigley]

Package: powermgmt-base

Dear Maintainer,

I am upstreaming this bug report from Ubuntu[1]. Attached is the patch
they have proposed to fix this issue.

- Bug description -
on_ac_power fails if the path contains a whitespace, solution is
attached as patch.

before patch:
~# sh -x /usr/bin/on_ac_power; echo $?
+ set -e
+ OFF_LINE_P=no
+ [ -d /sys/class/power_supply/ ]
+ test -d
/sys/class/power_supply/hid-S!N:A7E462F2A0494518B37F374DE00488AA
Rev:PAACFS00-002-R003-battery
+ test -r
/sys/class/power_supply/hid-S!N:A7E462F2A0494518B37F374DE00488AA
Rev:PAACFS00-002-R003-battery/type
+ cat /sys/class/power_supply/hid-S!N:A7E462F2A0494518B37F374DE00488AA
Rev:PAACFS00-002-R003-battery/type
cat: '/sys/class/power_supply/hid-S!N:A7E462F2A0494518B37F374DE00488AA':
No such file or directory
cat: 'Rev:PAACFS00-002-R003-battery/type': No such file or directory
+ type=
1

after patch:
~# sh -x /usr/bin/on_ac_power; echo $?
+ set -e
+ OFF_LINE_P=no
+ [ -d /sys/class/power_supply/ ]
+ test -d
/sys/class/power_supply/hid-S!N:A7E462F2A0494518B37F374DE00488AA
Rev:PAACFS00-002-R003-battery
+ test -r
/sys/class/power_supply/hid-S!N:A7E462F2A0494518B37F374DE00488AA
Rev:PAACFS00-002-R003-battery/type
+ cat /sys/class/power_supply/hid-S!N:A7E462F2A0494518B37F374DE00488AA
Rev:PAACFS00-002-R003-battery/type
+ type=Battery
+ [ no = yes ]
+ [ -d /proc/acpi/ac_adapter ]
+ [ -r /proc/pmu/info ]
+ [ -r /proc/apm ]
+ exit 255
255
- End bug description -

Thanks.

[1] https://bugs.launchpad.net/ubuntu/+source/powermgmt-base/+bug/1816404

-- 
Simon Quigley
tsimo...@debian.org
tsimonq2 on freenode and OFTC
5C7A BEA2 0F86 3045 9CC8
C8B5 E27F 2CF8 458C 2FA4
diff -r -u powermgmt-base-1.33/on_ac_power powermgmt-base-1.33+whitespace/on_ac_power
--- powermgmt-base-1.33/on_ac_power	2018-03-12 02:51:32.0 +0200
+++ powermgmt-base-1.33+whitespace/on_ac_power	2019-02-18 13:23:33.292489081 +0200
@@ -25,11 +25,11 @@
 if [ -d /sys/class/power_supply/ ]; then
 for FN in /sys/class/power_supply/*; do
 	if test -d "${FN}" && test -r "${FN}/type"; then
-	type="$(cat ${FN}/type)"
+	type="$(cat "${FN}/type")"
 	case "${type}" in
 	Mains|USB*|BrickID)
 		if [ -r "${FN}/online" ]; then
-		online="$(cat ${FN}/online)"
+		online="$(cat "${FN}/online")"
 		[ "$online" = 1 ] && exit 0
 		[ "$online" = 0 ] && OFF_LINE_P=yes
 		fi;;


signature.asc
Description: OpenPGP digital signature

Bug#927482: unblock: u-boot/2019.01+dfsg-5

[Cyril Brulebois]

Hi,

Vagrant Cascadian  (2019-04-20):
> This upload is adds support for two more systems; orangepi_zero_plus2
> was simply a matter of enabling the target, while the teres_i laptop
> also required backporting a fix from upstream and adding a configuration
> and device-tree for the board. The u-boot-install-sunxi64 helper script
> was modified to auto-detect both of these boards.
> 
> All changes should be low risk for regressions in other boards.

Thanks for looping us in; no objections.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#927666: RFS: golang-github-mgutz-str

[Jongmin Kim]

Dear Go team,

I'm looking for a sponsor for the package
 "golang-github-mgutz-str" (#927666).
This package is a prerequisite for upcoming package "lazygit" (#908894).

https://salsa.debian.org/go-team/packages/golang-github-mgutz-str

The package was tested on both gbp and sbuild. It's also lintian-clean.
Please consider to review and upload it. Any kind of suggestions are
appreciated.

Thanks,


-- 
Jongmin Kim

OpenPGP key located at https://jongmin.dev/pgp
OpenPGP fingerprint: 012E 4A06 79E1 4EFC DAAE  9472 D39D 8D29 BAF3 6DF8


signature.asc
Description: PGP signature

Bug#927485: Updating the choose-mirror Uploaders list

[Cyril Brulebois]

Hi Tobias & MIA team,

Tobias Frost  (2019-04-20):
> Source: choose-mirror
> Version: 2.85 2.96 2.98 2.99
> Severity: minor
> User: m...@qa.debian.org
> Usertags: mia-teammaint
> 
> Christian Perrier  has retired, so can't work on
> the choose-mirror package anymore (at least with this address).
> 
> We are tracking their status in the MIA team and would like to ask you
> to remove them from the Uploaders list of the package so we can close
> that part of the file.
> 
> (If the person is listed as Maintainer, what we are asking is to please
> step in as a new maintainer.)

You could have considered pinging debian-boot@; a general sed would have
taken less than 2 minutes and we wouldn't have to copy-paste the
different bug numbers to close them all…


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#927667: gnome: please confirm or revert choice of Wayland for default desktop

[Simon McVittie]

Package: gnome
Version: 1:3.30+1
Severity: important
X-Debbugs-Cc: Jonathan Dowland , 
debian-gtk-gn...@lists.debian.org, debian-desk...@lists.debian.org

On the debian-devel mailing list, Jonathan Dowland wrote:
> I was surprised to learn — by way of synaptic being autoremoved — that
> the default desktop in Buster will be GNOME/Wayland. I personally do not
> think that Wayland is a sensible choice for the default *yet*; and if
> the consequence is that bugs for software that do not work properly with
> Wayland have their severity inflated such that they are autoremoved (and
> thus potentially removed entirely from Buster), a decision that — in
> isolation — makes sense to me; although Synaptic is quite a high profile
> package within Debian for this to happen.
>
> I think the default should be reconsidered.

I am not exactly a core member of the team (I joined to help to maintain
GLib), and I didn't make the decision to stop diverging from upstream
on this particular point, so I haven't been able to articulate why that
decision was made.

I can completely understand if other GNOME team members don't want to
interact with the -devel thread, given the amount of negativity it is
attracting from people who don't like GNOME and wouldn't use it whatever
we did; but I think it would be good to reassess the costs and benefits
of Wayland vs. X11 by default, and either make a positive decision to
keep Wayland as the default, or diverge from upstream and switch back
to Xorg by default like Debian stretch and Ubuntu 18.04 did.

We are now in hard freeze, so if the team does want to go back to Xorg
as the default, this is our last chance.

(As the maintainer of flatpak in Debian, I would be sad to see us go
back to a display protocol where every app can copy other apps' window
contents, inject fake input events or be a keylogger... but I'm also
aware that some programs rely on X11 not providing meaningful privilege
separation, and that the Wayland compositor model exacerbates any bugs
that cause GNOME Shell to crash.)

smcv

Bug#927666: ITP: golang-github-mgutz-str -- comprehensive set of string functions

[Jongmin Kim]

Package: wnpp
Severity: wishlist
Owner: Jongmin Kim 
X-Debbugs-CC: debian-de...@lists.debian.org, debian...@lists.debian.org

* Package name: golang-github-mgutz-str
  Version : 1.2.0-1
  Upstream Author : Mario Gutierrez
* URL : https://github.com/mgutz/str
* License : Expat
  Programming Lang: Go
  Description : comprehensive set of string functions

 This package provides a comprehensive set of string functions to build
 more Go awesomeness. The library complements Go's standard packages and 
 does not duplicate functionality found in 'strings' or 'strconv'.
 .
 This library is based on plain functions instead of object-based
 methods, consistent with Go standard string packages.

This package is a prerequisite for upcoming package "lazygit" (#908894).


-- 
Jongmin Kim

OpenPGP key located at https://jongmin.dev/pgp
OpenPGP fingerprint: 012E 4A06 79E1 4EFC DAAE  9472 D39D 8D29 BAF3 6DF8


signature.asc
Description: PGP signature

Bug#926952: sa-exim: Unbuildable/uninstallable in sid

[Magnus Holmgren]

tisdag 16 april 2019 kl. 18:46:56 CEST skrev du:
> On 2019-04-15 Magnus Holmgren  wrote:
> > So it seems that everything should work unless spool_wireformat=true
> > *and* SARewriteBody: 1. How do I detect in sa-exim whether wire format
> > is used for a given body file though?
> 
> -spool_file_wireformat in the -H file?

I mean from sa-exim.c. We don't read the -H file directly.

> I just do not think the reports of breakage where with
> spool_wireformat=true, true though. - Nobody mentioned it and it is not
> something one set accidentaly.
> 
> I have just uploaded exim 4.92-6 to exoerimental which /should/
> work with sa-exim, allowing you to debug properly.

Thanks. So far I haven't managed to reproduce the problem of the malformed 
body file, though. However, I produced a segfault in local_scan() when I fed 
exim a spam message using BDAT with report_safe = 1 in local.cf, 
SARewriteBody: 1 in sa-exim.conf and spool_wireformat = true in 
exim4.conf(.template).

-- 
Magnus Holmgrenholmg...@debian.org
Debian Developer 

signature.asc
Description: This is a digitally signed message part.

Bug#925552: release-notes: document problems with hidepid vs Buster systemd

[Andrei POPESCU]

On Sb, 20 apr 19, 18:40:17, Justin B Rye wrote:
> Andrei POPESCU wrote:
> > Justin B Rye wrote:
> >> The "hidepid" mount-options for /proc (as recommended by various
> > 
> > Why plural? Both the wiki and proc(5) are using singular.
> 
> You're right - I was thinking of "hidepid=0/1/2" as separate options,
> but yes, the approved terminology is to call it one option with
> multiple possible arguments.  I suppose I could argue that it's 
> only the non-zero arguments that cause problems rather than the 
> hidepid option itself, but no, here's a patch making it singular.

:)

> diff --git a/en/issues.dbk b/en/issues.dbk
> index 39d27b25..81ed5863 100644
> --- a/en/issues.dbk
> +++ b/en/issues.dbk
> @@ -41,15 +41,15 @@ information mentioned in .
>  
>
>  
> -Hidepid mount options for procfs unsupported
> +Hidepid mount option for procfs unsupported
>  
> -  The hidepid mount options for
> -  /proc are known to cause problems with current
> -  versions of systemd, and are considered by systemd upstream to be an
> +  Using the hidepid mount option for
> +  /proc is known to cause problems with current
> +  versions of systemd, and is considered by systemd upstream to be an
>unsupported configuration. Users who have modified
> -  /etc/fstab to enable these options are advised to
> -  disable them before the upgrade, to ensure login sessions work on
> -  . (A possible route to re-enabling them is outlined on the
> +  /etc/fstab to enable this option are advised to
> +  disable it before the upgrade, to ensure login sessions work on
> +  . (A possible route to re-enabling it is outlined on the

Any particular reason for using "" instead of "buster"?

At least for me it's easier to read (and understand) the source text 
without so much markup.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Bug#927664: Updating the lifelines Uploaders list

[Tobias Frost]

Source: lifelines
Version: 3.0.61-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the lifelines package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927653: Updating the fonts-ukij-uyghur Uploaders list

[Tobias Frost]

Source: fonts-ukij-uyghur
Version: 20110217-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-ukij-uyghur package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927662: Updating the fonts-rufscript Uploaders list

[Tobias Frost]

Source: fonts-rufscript
Version: 010-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-rufscript package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927660: Updating the fonts-gfs-solomos Uploaders list

[Tobias Frost]

Source: fonts-gfs-solomos
Version: 1.1-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-solomos package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927655: Updating the fonts-lklug-sinhala Uploaders list

[Tobias Frost]

Source: fonts-lklug-sinhala
Version: 0.6-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-lklug-sinhala package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927665: Updating the fonts-larabie Uploaders list

[Tobias Frost]

Source: fonts-larabie
Version: 1:20011216-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-larabie package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927659: Updating the fontforge-doc Uploaders list

[Tobias Frost]

Source: fontforge-doc
Version: 1:20170731~dfsg-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fontforge-doc package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927663: Updating the dl10n Uploaders list

[Tobias Frost]

Source: dl10n
Version: 3.00
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the dl10n package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927661: Updating the fonts-century-catalogue Uploaders list

[Tobias Frost]

Source: fonts-century-catalogue
Version: 001.001-6
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-century-catalogue package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927648: Updating the fonts-cwtex Uploaders list

[Tobias Frost]

Source: fonts-cwtex
Version: 1.0-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-cwtex package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927649: Updating the fonts-cmu Uploaders list

[Tobias Frost]

Source: fonts-cmu
Version: 0.7.0-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-cmu package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927651: Updating the fonts-cabin Uploaders list

[Tobias Frost]

Source: fonts-cabin
Version: 1.5-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-cabin package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927658: Updating the fonts-freefarsi Uploaders list

[Tobias Frost]

Source: fonts-freefarsi
Version: 1.0.0~beta1-7
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-freefarsi package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927657: Updating the fonts-dzongkha Uploaders list

[Tobias Frost]

Source: fonts-dzongkha
Version: 0.3-8
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-dzongkha package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927652: Updating the fonts-arphic-ukai Uploaders list

[Tobias Frost]

Source: fonts-arphic-ukai
Version: 0.2.20080216.2-4
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-arphic-ukai package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927656: Updating the fonts-lao Uploaders list

[Tobias Frost]

Source: fonts-lao
Version: 0.0.20060226-9
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-lao package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927650: Updating the fonts-cabinsketch Uploaders list

[Tobias Frost]

Source: fonts-cabinsketch
Version: 1.02-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-cabinsketch package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927654: Updating the fonts-tibetan-machine Uploaders list

[Tobias Frost]

Source: fonts-tibetan-machine
Version: 1.901b-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-tibetan-machine package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927637: Updating the fonts-gfs-bodoni-classic Uploaders list

[Tobias Frost]

Source: fonts-gfs-bodoni-classic
Version: 1.1-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-bodoni-classic package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#891795: /usr/bin/sensible-editor: The select-editor mechanism should be removed

[Luca Venturini]

Matthew Woodcraft is right.

On top of that, I'd add that the select-editor mechanism doesn't work 
properly:


4) if a system has only one editor, sensible-editor calls select-editor, 
that creates a zero-length file ~/.selected-editor, without asking 
anything to the user. If, at a second time, another editor is added to 
the system, select-editor finds the zero-length file and does not ask 
anything to the user.


Please, consider also, as a general rule, that asking questions to the 
user, should be always avoided, unless the user is expecting it.

Bug#927636: Updating the fonts-gfs-complutum Uploaders list

[Tobias Frost]

Source: fonts-gfs-complutum
Version: 1.1-6
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-complutum package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927632: Updating the fonts-gfs-neohellenic Uploaders list

[Tobias Frost]

Source: fonts-gfs-neohellenic
Version: 1.1-6
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-neohellenic package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927640: Updating the fontforge-extras Uploaders list

[Tobias Frost]

Source: fontforge-extras
Version: 0.3-4
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fontforge-extras package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927641: Updating the fonts-gfs-baskerville Uploaders list

[Tobias Frost]

Source: fonts-gfs-baskerville
Version: 1.1-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-baskerville package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927635: Updating the fonts-gfs-didot Uploaders list

[Tobias Frost]

Source: fonts-gfs-didot
Version: 1.1-6
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-didot package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927647: Updating the fonts-dosis Uploaders list

[Tobias Frost]

Source: fonts-dosis
Version: 1.7-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-dosis package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927646: Updating the fonts-ecolier-court Uploaders list

[Tobias Frost]

Source: fonts-ecolier-court
Version: 1.00-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-ecolier-court package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927643: Updating the fonts-farsiweb Uploaders list

[Tobias Frost]

Source: fonts-farsiweb
Version: 0.4.dfsg-12
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-farsiweb package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927381: RFS: golang-github-jesseduffield-go-getter

[Jongmin Kim]

Dear Go team,

I'm looking for a sponsor for the package
 "golang-github-jesseduffield-go-getter" (#927381).
This package is a prerequisite for upcoming package "lazygit" (#908894).

https://salsa.debian.org/go-team/packages/golang-github-jesseduffield-go-getter

The package was tested on both gbp and sbuild. It has 1 pedantic lintian
warning, as the upstream source embedded the .hg directory into testdata.

Please consider to review and upload it. Any kind of suggestions are
appreciated.

Thanks,

-- 
Jongmin Kim

OpenPGP key located at https://jongmin.dev/pgp
OpenPGP fingerprint: 012E 4A06 79E1 4EFC DAAE  9472 D39D 8D29 BAF3 6DF8


signature.asc
Description: PGP signature

Bug#927644: Updating the fonts-evertype-conakry Uploaders list

[Tobias Frost]

Source: fonts-evertype-conakry
Version: 0.002+source-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-evertype-conakry package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927645: Updating the fonts-ecolier-lignes-court Uploaders list

[Tobias Frost]

Source: fonts-ecolier-lignes-court
Version: 1.00-6
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-ecolier-lignes-court package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927634: Updating the fonts-gfs-didot-classic Uploaders list

[Tobias Frost]

Source: fonts-gfs-didot-classic
Version: 1.1-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-didot-classic package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927630: Updating the fonts-gfs-porson Uploaders list

[Tobias Frost]

Source: fonts-gfs-porson
Version: 1.1-6
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-porson package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927639: Updating the fonts-khmeros Uploaders list

[Tobias Frost]

Source: fonts-khmeros
Version: 5.0-7
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-khmeros package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927633: Updating the fonts-gfs-gazis Uploaders list

[Tobias Frost]

Source: fonts-gfs-gazis
Version: 1.1-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-gazis package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927631: Updating the fonts-gfs-olga Uploaders list

[Tobias Frost]

Source: fonts-gfs-olga
Version: 1.1-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-olga package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927638: Updating the fonts-dancingscript Uploaders list

[Tobias Frost]

Source: fonts-dancingscript
Version: 1.2-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-dancingscript package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927642: Updating the fonts-gfs-artemisia Uploaders list

[Tobias Frost]

Source: fonts-gfs-artemisia
Version: 1.1-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-artemisia package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927562: Updating the elilo-installer Uploaders list

[John Paul Adrian Glaubitz]

> On Apr 20, 2019, at 8:44 PM, Tobias Frost  wrote:
> 
> Source: elilo-installer
> Version: 1.34
> Severity: minor
> User: m...@qa.debian.org
> Usertags: mia-teammaint
> 
> We are tracking their status in the MIA team and would like to ask you
> to remove them from the Uploaders list of the package so we can close
> that part of the file.

elilo-installer can actually be removed as elilo is no longer part of the 
archive (although I actually created an updated 3.16 package which I could 
upload).

GRUB actually works fine on ia64 and I’m going to switch it over by patching 
grub-installer and partman-auto once Buster has been released (I avoid pushing 
any Ports-related changes during freeze).

I’ll file a removal request later. There are also remnants of elilo references 
in debian-installer and debian-cd.

Adrian

Bug#927625: Updating the fonts-lg-aboriginal Uploaders list

[Tobias Frost]

Source: fonts-lg-aboriginal
Version: 1.0-6
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-lg-aboriginal package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927629: Updating the fonts-gfs-theokritos Uploaders list

[Tobias Frost]

Source: fonts-gfs-theokritos
Version: 1.1-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-gfs-theokritos package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927628: Updating the fonts-inconsolata Uploaders list

[Tobias Frost]

Source: fonts-inconsolata
Version: 001.010-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-inconsolata package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927627: Updating the fonts-levien-museum Uploaders list

[Tobias Frost]

Source: fonts-levien-museum
Version: 001.002-4
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-levien-museum package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927619: Updating the fonts-sil-ezra Uploaders list

[Tobias Frost]

Source: fonts-sil-ezra
Version: 2.51-8
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-sil-ezra package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927622: Updating the fonts-oflb-euterpe Uploaders list

[Tobias Frost]

Source: fonts-oflb-euterpe
Version: 1.1-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-oflb-euterpe package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927626: Updating the fonts-levien-typoscript Uploaders list

[Tobias Frost]

Source: fonts-levien-typoscript
Version: 000.001-4
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-levien-typoscript package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927623: Updating the fonts-nafees Uploaders list

[Tobias Frost]

Source: fonts-nafees
Version: 1.2-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-nafees package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927615: Updating the fonts-sil-dai-banna Uploaders list

[Tobias Frost]

Source: fonts-sil-dai-banna
Version: 2.200-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-sil-dai-banna package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927610: Updating the fonts-unikurdweb Uploaders list

[Tobias Frost]

Source: fonts-unikurdweb
Version: 1.0-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-unikurdweb package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927621: Updating the fonts-oldstandard Uploaders list

[Tobias Frost]

Source: fonts-oldstandard
Version: 2.2really-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-oldstandard package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927624: Updating the fonts-linex Uploaders list

[Tobias Frost]

Source: fonts-linex
Version: 2.2-7
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-linex package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927620: Updating the fonts-paktype Uploaders list

[Tobias Frost]

Source: fonts-paktype
Version: 0.0svn20121225-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-paktype package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

Bug#927616: Updating the fonts-sil-abyssinica Uploaders list

[Tobias Frost]

Source: fonts-sil-abyssinica
Version: 1.500-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Christian Perrier  has retired, so can't work on
the fonts-sil-abyssinica package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.