Bug#922357: internetarchive: new upstream version available

2019-04-21 Thread Linda Lapinlampi 
Control: notfixed -1 1.8.3-1
Control: tags -1 - fixed-in-experimental

1.8.4 has been released and 1.8.5 is to be released eventually, heads
up. Thank you for the previous upload to experimental!

Bug#927736: Please build with --enable-pmnull

2019-04-21 Thread Dmitry Smirnov 
Source: rsyslog
Version: 8.1901.0-1
Severity: wishlist

https://www.rsyslog.com/doc/v8-stable/configuration/modules/pmnull.html

-- 
Best wishes,
 Dmitry Smirnov.

---

A man who knows a subject thoroughly, a man so soaked in it that he eats
it, sleeps it and dreams it - this man can always teach it with success, no
matter how little he knows of technical pedagogy.
-- H. L. Mencken



signature.asc
Description: This is a digitally signed message part.

Bug#927732: unblock: variety/0.7.1-2 (pre-approval)

2019-04-21 Thread Niels Thykier 
Control: tags -1 moreinfo confirmed

James Lu:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Dear Release Team,
> 
> Please consider unblocking variety 0.7.1-2. I've backported a couple of
> fixes from the newest upstream version, which fix a couple of subtle but
> annoying bugs. The changelog is as follows:
> 
> variety (0.7.1-2) unstable; urgency=medium
> 
>   * Backport bugfixes from Variety 0.7.2:
> - fix-crash-on-help-version.patch: Don't forward --help or --version to
>   running Variety instances, as this causes it to crash.
> - fix-spurious-error-when-analyzing-gifs.patch: Fix spurious
>   FileNotFoundError when analyzing GIFs inside a wallpaper folder
> 
>  -- James Lu   Sun, 21 Apr 2019 19:10:58 -0700
> 
> The debdiff is attached.
> 
> Best,
> James
> 

Hi James,

Please go ahead with this upload and remove the moreinfo tag when it is
in unstable and ready to be unblocked.

Thanks,
~Niels

Bug#927734: scdoc: New upstream version available

2019-04-21 Thread Linda Lapinlampi 
Source: scdoc
Severity: wishlist
Control: block 927723 by -1

Dear Maintainer,

please package the latest upstream version of scdoc available. Packaging sway
1.0 (currently 1.0~rc3) depends on scdoc >= 1.9.2.

As of right now, the latest version available from upstream is 1.9.4:
https://git.sr.ht/~sircmpwn/scdoc/refs/1.9.4

See: https://git.sr.ht/~sircmpwn/scdoc/refs


-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Bug#927717: pkg/config file still with some problems

2019-04-21 Thread Ondřej Surý 
Control: severity -1 minor

Please don’t abuse severities. Or explain how this “makes the package in 
question unusable or mostly so, or causes data loss, or introduces a security 
hole allowing access to the accounts of users who use the package.”

Ondrej
--
Ondřej Surý 

> On 21 Apr 2019, at 22:34, PICCORO McKAY Lenz  wrote:
> 
> Package: libjpeg-dev
> Version: 1:1.5.1-2
> Severity: grave
> 
> Dear Maintainer.
> It appeares that the provided pkg-config libjpeg.pc file contains
> an unsubsituted 'regexp', @VERSIONH@.
> 
> It is guessed that the rules file does not define it
> 
> Lenz McKAY Gerardo (PICCORO)
> http://qgqlochekone.blogspot.com

Bug#927723: sway: Please upload new upstream version

2019-04-21 Thread Linda Lapinlampi 
On Mon, Apr 22, 2019 at 03:13:00AM +, Linda Lapinlampi wrote:
> Finally, the "1.0" in master branch in VCS is currently unusable for two
> additional reasons:

Actually three, and the third reason is upstream's 1.0 version is broken
because of -Werror=alloc-size-larger-than= in swaybar/tray/icon.c.

https://github.com/swaywm/sway/issues/3862
https://github.com/swaywm/sway/commit/bcde298a719f60b9913133dbd2a169dedbc8dd7d

I'm attaching a DEP-3 patch for 1.0 (although you could in theory "just"
make a package release with version number 1.0+bcde298 instead, it's
one commit ahead of the 1.0 Git tag it seems).
Bug: https://github.com/swaywm/sway/issues/3862
Bug-Debian: https://bugs.debian.org/927723
Origin: upstream, https://github.com/swaywm/sway/commit/bcde298
From: emersion 
Subject: Fix size_t temporary underflow in log_loaded_themes

`len` will underflow but will overflow right after, so it's not as bad as it
may appear. Still better not to under/overflow at all.

Fixes https://github.com/swaywm/sway/issues/3862
---
 swaybar/tray/icon.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/swaybar/tray/icon.c b/swaybar/tray/icon.c
index c7ce20b4d..2276e36de 100644
--- a/swaybar/tray/icon.c
+++ b/swaybar/tray/icon.c
@@ -307,16 +307,16 @@ static void log_loaded_themes(list_t *themes) {
 		return;
 	}
 
-	const char *sep = ", ";
+	const char sep[] = ", ";
 	size_t sep_len = strlen(sep);
 
-	size_t len = 1 - sep_len;
+	size_t len = 0;
 	for (int i = 0; i < themes->length; ++i) {
 		struct icon_theme *theme = themes->items[i];
 		len += strlen(theme->name) + sep_len;
 	}
 
-	char *str = malloc(len);
+	char *str = malloc(len + 1);
 	if (!str) {
 		return;
 	}

Bug#927733: exim4-config: Please expand default 'ignore_target_hosts'

2019-04-21 Thread Dean Hamstead 
Package: exim4-config
Version: 4.89-2+deb9u3
Severity: wishlist

Dear Maintainer,

in router/200-exim4-config_primary i would like to recommend expanding
this list as follows:


  # Don't allow domains whose single MX (or A) record is a
  # "special-use IPv4 address", as listed in RFC 3330.
  ignore_target_hosts = <; 0::0/0 ; \
# Hosts on "this network"; RFC 1700 (page 4) states that these
# are only allowed as source addresses
0.0.0.0/8 ; \
# Private networks, RFC 1918
10.0.0.0/8 ; 172.16.0.0/12 ; 192.168.0.0/16 ; \
# Carrier NAT, RFC6598
100.64.0.0/10 ; \
# Internet host loopback address, RFC 1700 (page 5)
127.0.0.0/8 ; \
# "Link local" block
169.254.0.0/16 ; \
# "TEST-NET-1" - should not appear on the public Internet
192.0.2.0/24 ; \
# "TEST-NET-2" - should not appear on the public Internet
198.51.100.0/24 ; \
# 6to4 relay anycast addresses, RFC 3068
192.88.99.0/24 ; \
# Network interconnect device benchmark testing, RFC 2544
198.18.0.0/15 ; \
# "TEST-NET-3" - should not appear on the public Internet
203.0.113.0/24 ; \
# Multicast addresses, RFC 3171
224.0.0.0/4 ; \
# Reserved for future use, RFC 1700 (page 4)
240.0.0.0/4


-- Package-specific info:
Exim version 4.92 #5 built 02-Mar-2019 14:59:31
Copyright (c) University of Cambridge, 1995 - 2018
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2018
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DANE DKIM DNSSEC 
Event OCSP PRDR SOCKS TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz 
dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
Configuration file search path is 
/etc/exim4/exim4.conf:/var/lib/exim4/config.autogenerated
Configuration file is /var/lib/exim4/config.autogenerated

-- System Information:
Debian Release: 9.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-0.bpo.4-cloud-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages exim4-config depends on:
ii  adduser3.115
ii  debconf [debconf-2.0]  1.5.61

exim4-config recommends no packages.

exim4-config suggests no packages.

-- Configuration Files:
/etc/exim4/passwd.client changed [not included]

-- debconf information excluded

Bug#927723: sway: Please upload new upstream version

2019-04-21 Thread Linda Lapinlampi 
Control: tags -1 + experimental

On Mon, Apr 22, 2019 at 01:03:55AM +, Linda Lapinlampi wrote:
> 1.0~rc5 and 1.0 have been packaged a month ago at VCS (salsa), but never
> uploaded to Debian's distribution. Could you please upload sway 1.0 to
> unstable distribution, please? (I'm aware Buster is in full freeze, and
> won't be migrated to testing.)

I can see now what's going on with this package.

The maintainer bumped debian/changelog version from `1.0~rc4` to `1.0`,
but didn't merge upstream tag `1.0` into the package or create
upstream/1.0 branch.

wlroots (libwlroots-dev) is available in Debian from experimental
distribution only, and upstream considers it as a "pre-release" with ABI
breakages. Since sway depends on wlroots, I don't think sway is ready
for unstable distribution yet.

Another dependency is on libjson-c-dev: 0.13.1 is only in experimental
distribution, unstable has 0.12.1.

Finally, the "1.0" in master branch in VCS is currently unusable for two
additional reasons:

1. sway has Build-Depends on both libelogind-dev and libsystemd-dev, but
only one of these can be installed at a time due to conflicts/breaks,
and the maintainer forgot to make this as a group of alternative packages.
2. When cloning from Salsa, `meson.build`'s `if git.found()` triggers
and later the C build fails to -Werror=date-time (which can be resolved
by patching that line or removing the .git directory for building
purposes).

Hope that helps. Consider adding tag "help" to this bug, if necessary.

Bug#927732: unblock: variety/0.7.1-2 (pre-approval)

2019-04-21 Thread James Lu 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Dear Release Team,

Please consider unblocking variety 0.7.1-2. I've backported a couple of
fixes from the newest upstream version, which fix a couple of subtle but
annoying bugs. The changelog is as follows:

variety (0.7.1-2) unstable; urgency=medium

  * Backport bugfixes from Variety 0.7.2:
- fix-crash-on-help-version.patch: Don't forward --help or --version to
  running Variety instances, as this causes it to crash.
- fix-spurious-error-when-analyzing-gifs.patch: Fix spurious
  FileNotFoundError when analyzing GIFs inside a wallpaper folder

 -- James Lu   Sun, 21 Apr 2019 19:10:58 -0700

The debdiff is attached.

Best,
James
diff -Nru variety-0.7.1/debian/changelog variety-0.7.1/debian/changelog
--- variety-0.7.1/debian/changelog  2018-10-28 20:45:18.0 -0700
+++ variety-0.7.1/debian/changelog  2019-04-21 19:10:58.0 -0700
@@ -1,3 +1,13 @@
+variety (0.7.1-2) unstable; urgency=medium
+
+  * Backport bugfixes from Variety 0.7.2:
+- fix-crash-on-help-version.patch: Don't forward --help or --version to
+  running Variety instances, as this causes it to crash.
+- fix-spurious-error-when-analyzing-gifs.patch: Fix spurious
+  FileNotFoundError when analyzing GIFs inside a wallpaper folder
+
+ -- James Lu   Sun, 21 Apr 2019 19:10:58 -0700
+
 variety (0.7.1-1) unstable; urgency=medium
 
   [ Jelmer Vernooij ]
diff -Nru variety-0.7.1/debian/patches/fix-crash-on-help-version.patch 
variety-0.7.1/debian/patches/fix-crash-on-help-version.patch
--- variety-0.7.1/debian/patches/fix-crash-on-help-version.patch
1969-12-31 16:00:00.0 -0800
+++ variety-0.7.1/debian/patches/fix-crash-on-help-version.patch
2019-04-21 19:10:58.0 -0700
@@ -0,0 +1,33 @@
+Description: Don't forward --help or --version to running Variety instances, 
as this causes it to crash.
+ Parse options before checking for running instance to show help.
+Author: Pedro Romano 
+Origin: upstream, 
https://github.com/varietywalls/variety/commit/4977f86ffc662ae3909cf97f6baa892ea17b4fc5
+Applied-Upstream: 0.7.2
+---
+ variety/__init__.py | 6 --
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+--- a/variety/__init__.py
 b/variety/__init__.py
+@@ -148,6 +148,9 @@
+ 
+ arguments = sys.argv[1:]
+ 
++# validate arguments
++options, args = VarietyWindow.VarietyWindow.parse_options(arguments)
++
+ bus = dbus.SessionBus()
+ # ensure singleton
+ if bus.request_name(DBUS_KEY) != 
dbus.bus.REQUEST_NAME_REPLY_PRIMARY_OWNER:
+@@ -161,10 +164,9 @@
+ safe_print(result)
+ return
+ 
+-# validate arguments and set up logging
++# set up logging
+ # set_up_logging must be called after the DBus checks, only by one 
running instance,
+ # or the log file can be corrupted
+-options, args = VarietyWindow.VarietyWindow.parse_options(arguments)
+ set_up_logging(options.verbose)
+ 
+ if options.verbose >= 2:
diff -Nru 
variety-0.7.1/debian/patches/fix-spurious-error-when-analyzing-gifs.patch 
variety-0.7.1/debian/patches/fix-spurious-error-when-analyzing-gifs.patch
--- variety-0.7.1/debian/patches/fix-spurious-error-when-analyzing-gifs.patch   
1969-12-31 16:00:00.0 -0800
+++ variety-0.7.1/debian/patches/fix-spurious-error-when-analyzing-gifs.patch   
2019-04-21 19:10:58.0 -0700
@@ -0,0 +1,45 @@
+Description: Fix spurious FileNotFoundError when analyzing GIFs inside a 
wallpaper folder.
+ The path being passed to the helper function was not correct.
+Author: James Lu 
+Origin: upstream, 
https://github.com/varietywalls/variety/commit/25714cd13e80602a5e08bf02ab1baf2dd9e1a97e
+Bug: https://github.com/varietywalls/variety/issues/132
+Applied-Upstream: 0.7.2
+---
+ variety/Util.py | 9 ++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/variety/Util.py b/variety/Util.py
+index 86c70de..e038ff0 100644
+--- a/variety/Util.py
 b/variety/Util.py
+@@ -363,6 +363,7 @@ class Util:
+ def list_files(files=(), folders=(), filter_func=(lambda f: True), 
max_files=1, randomize=True):
+ count = 0
+ for filepath in files:
++logger.debug(lambda: 'checking file %s against filter_func %s' % 
(filepath, filter_func))
+ if filter_func(filepath) and os.access(filepath, os.R_OK):
+ count += 1
+ yield filepath
+@@ -379,14 +380,16 @@ class Util:
+ random.shuffle(files)
+ random.shuffle(subFolders)
+ for filename in files:
+-if filter_func(filename):
++logger.debug(lambda: 'checking file %s against 
filter_func %s (root=%s)' % (filename, filter_func, root))
++path = os.path.join(root, filename)
++if filter_func(path):
+

Bug#927731: Missing Dependency on libdazzle

2019-04-21 Thread 積丹尼 Dan Jacobson 
Package: epiphany-browser
Version: 3.32.1.2-1

Users will get the message

Error loading module

'/usr/lib/i386-linux-gnu/epiphany-browser/web-extensions/libephywebextension.so':
libdazzle-1.0.so.0: cannot open shared object file: No such file or
directory

Because you removed the Dependency.

Bug#927730: Please build with --enable-mmtaghostname

2019-04-21 Thread Dmitry Smirnov 
Source: rsyslog
Version: 8.1901.0-1
Severity: wishlist

https://www.rsyslog.com/doc/v8-stable/configuration/modules/mmtaghostname.html

-- 
All the best,
 Dmitry Smirnov.

---

The cure for the evils of democracy is more democracy.
-- H. L. Mencken


signature.asc
Description: This is a digitally signed message part.

Bug#927729: lxqt-config-appearance UI/UX weirdnesses

2019-04-21 Thread scott092707 
Package: lxqt-config
Version: 0.14.1-2
Severity: normal

Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Scott Jacobs 
To: Debian Bug Tracking System 
Subject: lxqt-config-appearance UI/UX weirdnesses

Bcc: Scott Jacobs 
Message-ID: 
<155546438664.31723.10562576445905050748.report...@asus-prime-b350m-a-csm.com>
X-Mailer: reportbug 7.5.2
Date: Tue, 16 Apr 2019 21:26:26 -0400
X-Debbugs-Cc: scott092...@aol.com

Dear Maintainer,

I had installed Debian Testing LXQt, and was exploring LXQt theming options,
and was iterating through Appearance->Widget Styles, clicking on Apply for
each.
Several times, the app appeared to crash, as the window disappeared.  I
subsequently found that for several of the widget styles, the buttons Cancel
and Apply switched places; thus when I thought I was again clicking on Apply, I
was actually clicking on Cancel.
Other weirdnesses:
The drop down list sometimes drops up, instead of down; sometimes has
unreadable items (dark on dark, sometimes I believe the list was dark on
transparent, and one could see the rest of the window behind the widget style
name text).
When one of the two BB10* themes is selected, several things happen:
The window and buttons become very large (this is perhaps intended - they may
be HiDPI themes), but if one of the other themes is then selected, the window
does not revert to the smaller size.
The the "GTK 2 Theme" text overlays the Set GTK Themes button.
The Set GTK Themes text line / button wipe out most of the top line of the box
surrounding the GTK section.

I imagine that this would be confusing to others as well.  It is, of course,
not a serious problem, and can be worked with/around.

I have created a Simple Screen Recorder file showing (most of) this, and will
attach it to the email.



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_CRAP
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages lxqt-config depends on:
ii  libc6 2.28-8
ii  libkf5screen-bin  4:5.14.5-1
ii  libkf5screen7 4:5.14.5-1
ii  liblxqt0  0.14.1-1
ii  libqt5core5a  5.11.3+dfsg1-1
ii  libqt5gui55.11.3+dfsg1-1
ii  libqt5svg55.11.3-2
ii  libqt5widgets55.11.3+dfsg1-1
ii  libqt5x11extras5  5.11.3-2
ii  libqt5xdg33.3.1-1
ii  libqt5xml55.11.3+dfsg1-1
ii  libstdc++68.3.0-6
ii  libudev1  241-3
ii  libx11-6  2:1.6.7-1
ii  libxcb-randr0 1.13.1-2
ii  libxcb1   1.13.1-2
ii  libxcursor1   1:1.1.15-2
ii  libxfixes31:5.0.3-1
ii  libxi62:1.7.9-1
ii  zlib1g1:1.2.11.dfsg-1

Versions of packages lxqt-config recommends:
ii  disk-manager   1.1.1-2
ii  galternatives  1.0.4
ii  lxqt-config-l10n   0.14.1-2
ii  lxqt-policykit 0.14.1-1
ii  lxqt-powermanagement   0.14.1-1
ii  lxqt-qtplugin  0.14.0-2
ii  lxqt-session   0.14.1-1
ii  qt5-style-plugins  5.0.0+git23.g335dbec-2+b17
ii  system-config-printer  1.5.11-4
ii  xsettingsd 0.0.20171105+1+ge4cf9969-1

Versions of packages lxqt-config suggests:
pn  adwaita-qt 
ii  cmst   2019.01.13-1
pn  faenza-icon-theme  
pn  gnome-themes-standard  
pn  lxappearance   
ii  lxqt   29
ii  lxqt-core  29
pn  obconf-qt  
ii  partitionmanager   3.3.1-5
ii  synaptic   0.84.5

-- no debconf information

Bug#927728: gnome-maps: search functionality (main or directions) causes a crash (SIGSEGV)

2019-04-21 Thread Paul Wise 
Package: gnome-maps
Version: 3.30.3-1
Severity: serious
Control: found -1 3.32.1-1
Usertags: crash

The search functionality (both the main search and the directions
search) causes a crash (SIGSEGV) of GNOME Maps. Since the search
functionality is a pretty major part of the Maps app, I think this
issue should be fixed in buster. IIRC it started occurring after the recent gjs 
transition. The experimental version crashes too. The issue doesn't seem to be 
specific to particular GPU vendors, I can reproduce it with nouveau & intel 
GPUs. 

$ gdb -batch -n -ex 'set pagination off' -ex run -ex bt -ex 'thread apply all 
bt full' --args gjs /usr/bin/gnome-maps
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7223a700 (LWP 2064)]
[Thread 0x7223a700 (LWP 2064) exited]
[New Thread 0x7223a700 (LWP 2065)]
[New Thread 0x7fffec76c700 (LWP 2066)]
[New Thread 0x7fffec56b700 (LWP 2067)]
[New Thread 0x7fffec36a700 (LWP 2068)]
[New Thread 0x7fffebebe700 (LWP 2069)]
[New Thread 0x7fffeb6bd700 (LWP 2070)]
[New Thread 0x7fffea233700 (LWP 2071)]

(org.gnome.Maps:2059): Gjs-WARNING **: 09:47:26.521: Some code called 
array.toString() on a Uint8Array instance. Previously this would have 
interpreted the bytes of the array as a string, but that is nonstandard. In the 
future this will return the bytes as comma-separated digits. For the time 
being, the old behavior has been preserved, but please fix your code anyway to 
explicitly call ByteArray.toString(array).
(Note that array.toString() may have been called implicitly.)
0  ["resource:///org/gnome/Maps/js/osmTypes.js":32]
1  ["resource:///org/gnome/Maps/js/osmEditDialog.js":35]
2  ["resource:///org/gnome/Maps/js/osmEdit.js":25]
3  ["resource:///org/gnome/Maps/js/contextMenu.js":33]
4  ["resource:///org/gnome/Maps/js/mainWindow.js":33]
5  ["resource:///org/gnome/Maps/js/application.js":35]
6  ["resource:///org/gnome/Maps/js/main.js":43]
7 start() ["resource:///org/gnome/gjs/modules/package.js":209]
8  ["/usr/bin/gnome-maps":2]

[New Thread 0x7fffe3ad9700 (LWP 2100)]
[New Thread 0x7fff9de21700 (LWP 2132)]
[New Thread 0x7fff9d184700 (LWP 2137)]

(org.gnome.Maps:2059): GLib-GObject-WARNING **: 09:49:11.709: The property 
GTlsClientConnectionGnutls:use-ssl3 is deprecated and shouldn't be used 
anymore. It will be removed in a future version.

(org.gnome.Maps:2059): GLib-GObject-WARNING **: 09:49:13.039: The property 
SoupSession:ssl-ca-file is deprecated and shouldn't be used anymore. It will be 
removed in a future version.

(org.gnome.Maps:2059): Gjs-WARNING **: 09:49:13.106: Some code called 
array.toString() on a Uint8Array instance. Previously this would have 
interpreted the bytes of the array as a string, but that is nonstandard. In the 
future this will return the bytes as comma-separated digits. For the time 
being, the old behavior has been preserved, but please fix your code anyway to 
explicitly call ByteArray.toString(array).
(Note that array.toString() may have been called implicitly.)
0 load() ["resource:///org/gnome/Maps/js/placeStore.js":168]
1 _initPlaceStore() ["resource:///org/gnome/Maps/js/application.js":186]
2 vfunc_startup() ["resource:///org/gnome/Maps/js/application.js":233]
3 main() ["resource:///org/gnome/Maps/js/main.js":57]
4 run() ["resource:///org/gnome/gjs/modules/package.js":225]
5 start() ["resource:///org/gnome/gjs/modules/package.js":209]
6  ["/usr/bin/gnome-maps":2]


(org.gnome.Maps:2059): GLib-GObject-WARNING **: 09:49:13.924: The property 
GtkContainer:child is deprecated and shouldn't be used anymore. It will be 
removed in a future version.

(org.gnome.Maps:2059): GLib-GObject-WARNING **: 09:49:14.035: The property 
GtkPopover:transitions-enabled is deprecated and shouldn't be used anymore. It 
will be removed in a future version.
[New Thread 0x7fff9b8b4700 (LWP 2144)]
[New Thread 0x7fff9b0b3700 (LWP 2145)]
[New Thread 0x7fff9a8b2700 (LWP 2146)]
[New Thread 0x7fff9a0b1700 (LWP 2147)]
[New Thread 0x7fff998b0700 (LWP 2148)]
[New Thread 0x7fff990af700 (LWP 2149)]
[New Thread 0x7fff988ae700 (LWP 2150)]
[New Thread 0x7fff980ad700 (LWP 2151)]
[New Thread 0x7fff978ac700 (LWP 2152)]
[Thread 0x7fff978ac700 (LWP 2152) exited]
[Thread 0x7fff988ae700 (LWP 2150) exited]
[Thread 0x7fff990af700 (LWP 2149) exited]
[Thread 0x7fff998b0700 (LWP 2148) exited]
[Thread 0x7fff9a0b1700 (LWP 2147) exited]
[Thread 0x7fff9a8b2700 (LWP 2146) exited]
[Thread 0x7fff9b0b3700 (LWP 2145) exited]
[Thread 0x7fff9b8b4700 (LWP 2144) exited]
[Thread 0x7fff9d184700 (LWP 2137) exited]
[New Thread 0x7fff988ae700 (LWP 2159)]
[New Thread 0x7fff978ac700 (LWP 2160)]
[New Thread 0x7fff9a0b1700 (LWP 2161)]
[New Thread 0x7fff9b0b3700 (LWP 2162)]
[New Thread 0x7fff9b8b4700 (LWP 2163)]
[New Thread 0x7fff9a8b2700 (LWP 2164)]
[New Thread 0x7fff998b0700 (LWP 2165)]
[New Thread 0x7fff990af700 (LWP 2166)]
[New Thread 0x7fff95037700 (LWP 2167)]
[New Thread 0x7fff94836700 (LWP 2168)]
[New Thread

Bug#927726: wlroots: Please upload new upstream version

2019-04-21 Thread Linda Lapinlampi 
Source: wlroots
Severity: wishlist

Dear Maintainer,

0.4 and 0.5.0 have been have been packaged a month ago at VCS (salsa),
but never uploaded to Debian's distribution. Could you upload wlroots
0.5.0 to experimental distribution, please?

unstable could be fine too, but not because upstream still considers the
0.5.0 release as a "pre-release" and has breaking changes.

-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#927724: Please build with --enable-imdocker

2019-04-21 Thread Dmitry Smirnov 
Source: rsyslog
Version: 8.1901.0-1
Severity: wishlist

https://www.rsyslog.com/doc/v8-stable/configuration/modules/imdocker.html

-- 
All the best,
 Dmitry Smirnov.



signature.asc
Description: This is a digitally signed message part.

Bug#927725: Please build with --enable-mmdblookup

2019-04-21 Thread Dmitry Smirnov 
Source: rsyslog
Version: 8.1901.0-1
Severity: wishlist

https://www.rsyslog.com/doc/v8-stable/configuration/modules/mmdblookup.html

Enabling "mmdblookup" requires adding "libmaxminddb-dev" to Build-Depends.

-- 
Regards,
 Dmitry Smirnov


signature.asc
Description: This is a digitally signed message part.

Bug#927723: sway: Please upload new upstream version

2019-04-21 Thread Linda Lapinlampi 
Package: sway
Severity: wishlist

Dear Maintainer,

1.0~rc5 and 1.0 have been packaged a month ago at VCS (salsa), but never
uploaded to Debian's distribution. Could you please upload sway 1.0 to
unstable distribution, please? (I'm aware Buster is in full freeze, and
won't be migrated to testing.)

-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#927387: invesalius: crashes after splash screen

2019-04-21 Thread David Paul 
> What is the content of the folder /usr/lib/invesalius/invesalius_cy/ ?

```
$ ls -AlF /usr/lib/invesalius/invesalius_cy/
total 1380
-rw-r--r-- 1 root root 246352 Sep 12  2018 
cy_mesh.cpython-36m-x86_64-linux-gnu.so
-rw-r--r-- 1 root root 339928 Sep 12  2018 
floodfill.cpython-36m-x86_64-linux-gnu.so
-rw-r--r-- 1 root root  0 Sep 12  2018 __init__.py
-rw-r--r-- 1 root root 370080 Sep 12  2018 
interpolation.cpython-36m-x86_64-linux-gnu.so
-rw-r--r-- 1 root root 200128 Sep 12  2018 mips.cpython-36m-x86_64-linux-gnu.so
-rw-r--r-- 1 root root 247424 Sep 12  2018 
transforms.cpython-36m-x86_64-linux-gnu.so
```

Bug#927722: ipset: postinst unconditionally deletes conffile

2019-04-21 Thread Sean Whitton 
Package: ipset
Version: 6.38-1
Severity: serious

Dear maintainer,

I noticed that ipset's postinst unconditionally deletes
/etc/bash_completion.d/ipset.  But the file might contain user
modifications.  Instead, assuming I'm not missing something,
dpkg-maintscript-helper(1) should be used to remove the obsolete file
only if the user has not modified it.  See Debian Policy 10.7.3.

Thanks.

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#927071: xen: More balloon-leak observation

2019-04-21 Thread Elliott Mitchell 
Refering to this as "balloon-leak" as it looks sort of like a
memory-leak, but is instead memory disappearing into the balloon.

There are two things which have been happening more recently which may
have exaggerated this problem.  First, one of the DomUs is acting as a
fileserver and that has been getting more usage recently.  Second, I've
been testing block-device hotplug as a mechanism to transfer data between
VMs (xl block-detach from one VM, then xl block-attach to another VM).

The DomUs appear absolutely uneffected by this.  Even as Dom0 has gotten
to a situation where `shutdown -r now` fails, the DomUs appear to be
chugging away with no problems.

There is plenty of free memory for creating additional VMs (perhaps too
much, and that confused Xen?), so this is really puzzling that memory is
being ballooned away from Dom0.  At this point I plan after the next
restart to double the allocation for Dom0 and see whether Dom0 is able
to last more than a week.


-- 
(\___(\___(\__  --=> 8-) EHM <=--  __/)___/)___/)
 \BS (| ehem+sig...@m5p.com  PGP 87145445 |)   /
  \_CS\   |  _  -O #include  O-   _  |   /  _/
8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445

Bug#924583: spamassassin: razor2 had unknown error during get_server_info at /usr/share/perl5/Mail/SpamAssassin/Plugin/Razor2.pm line 186

2019-04-21 Thread Santiago Vila 
On Fri, 5 Apr 2019, Andreas Tille wrote:

> if you turn this into a patch I'd volunteer to sponsor the package.

"The software does not need to change" from the ubuntu bug:

https://www.mail-archive.com/ubuntu-bugs@lists.ubuntu.com/msg5560883.html

But unfortunately razor has just been removed from testing today,
which means there will be no razor in Debian 10.

I would say the policy freeze of never getting back to testing should be
revised for cases like this one. This was not a fault in the program,
it was just a fault in the servers.

Thanks.

Bug#883872: bitlbee: Extremely incomplete d/copyright

2019-04-21 Thread dequis 
I've integrated the NMU and fixed the rest of the issues with the
copyright file in the following pull request:

https://github.com/bitlbee/bitlbee/pull/127

Please review.

>- It implies all of the names listed hold copyright on most files

This one is just a side effect of how "decopy", the tool which seems
to have generated the file, groups by license by default.

Bug#925971: release-notes: should mention secure boot in d-i

2019-04-21 Thread Ben Hutchings 
On Fri, 2019-03-29 at 16:45 +0100, Paul Gevers wrote:
> Package: release-notes
> X-Debbugs-CC: debian-b...@lists.debian.org
> 
> As now discussion on the RT sprint, the release notes should probably
> say something about the work on secure boot.
> 
> I wouldn't know what to put in, so proposals are welcome. Until that
> time, I file this bug to not forget.

I don't have a complete proposed text, but I think the key points to
include are:

* Secure Boot is a feature enabled on most PCs that prevents loading
  unsigned code, protecting against some kinds of bootkit and rootkit.

* Debian can now be installed and run on most PCs with Secure Boot
  enabled.

* It is possible to enable Secure Boot on a system that has an existing
  Debian installation, if it already boots using UEFI.  Before doing
  this, it's necessary to install shim-signed, grub-efi-amd64-signed or
  grub-efi-ia32-signed, and a Linux kernel package from buster.

* Some features of GRUB and Linux are restricted in Secure Boot mode,
  to prevent modifications to their code.

* More information can be found on the Debian wiki at
  .

Ben.

-- 
Ben Hutchings
It is easier to write an incorrect program
than to understand a correct one.



signature.asc
Description: This is a digitally signed message part

Bug#927721: protobuf: please build PHP package

2019-04-21 Thread Dominik George 
Source: protobuf
Version: 3.6.1.3-2
Severity: wishlist

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

The attached patch adds a new package that contains the native PHP package
for protobuf.  It is a trivial patch - it does not build the C extension,
which has better performance, but is otherwise the same.

The package will be needed for the movim package in the future.

-BEGIN PGP SIGNATURE-

iQKJBAEBCgBzFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAly86XkxGmh0dHBzOi8v
d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYyMcZG9taW5p
ay5nZW9yZ2VAaXQucGlyYXRlbnBhcnRlaS5kZQAKCRC3mjwWoMTyll1WEADCXq4X
Wk3qCrlW1SB9UoiCNeQ3OpjKi9TShwbzVaWGX5Kten+3cWSYNyYxXj3qKyFcGCff
ezvBWQa6w+ziC0r62mOKJcBXJrYpK2L93LA8F5O2jLXKo4h8Mr1HZU63u79MffZc
d2xWM+DbfD90K58ShL1zROWg5bF++8uiDGpXqmIvZVGd97W5gHT6Mqm5azBmsg38
6y1P+DK7GfuqflXmkjax4iVSl/6YtgpWTfz3HZwJVyhVRdjcNVGnAkoGieifFbxt
NYBblMYY4H9jp3Giy5xXXv2cQ3C4jDQpbLqTM6j/sBbCFE1jOPj6yMuqbVjvVkDL
4AzMIAKTDUCzc3ulIebaRGfny5tPiH5C/AXKHXnTDxDvIiSDzDnYIaRtpiRdyPqs
q0eEKToUxSNt36VS4aqkT/jf/2CW6vyo6Ix6nNliT0kPCII9ovnTXtL311ivchNF
BqHnwU028XJO4qXHTpqu2GtsRPMsgKnx3Uboon8w+Td6Taa3CtsGukpqtlCMNOlO
ZbofKXysrayyFSXUYNee9FUpQZNQVWcD55vtV6GxTU0vTpPIOLVilWO8Zi954zwC
dDiJrcrJs4Zl+ixLwO8quHbWljleha/k2qNeX/kHwaPKy0F8SWH6+pqCqIVk0U24
14SrywdKQQ4jb8d68efnsDAwqLSO+Hpnne67Mw==
=aUWg
-END PGP SIGNATURE-
diff -Nru protobuf-3.6.1.3/debian/changelog protobuf-3.6.1.3/debian/changelog
--- protobuf-3.6.1.3/debian/changelog   2019-04-17 00:12:03.0 +0200
+++ protobuf-3.6.1.3/debian/changelog   2019-04-21 23:14:53.0 +0200
@@ -1,3 +1,10 @@
+protobuf (3.6.1.3-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Build PHP package..
+
+ -- Dominik George   Sun, 21 Apr 2019 23:14:53 +0200
+
 protobuf (3.6.1.3-2) unstable; urgency=medium
 
   * Prevent installation of non-working combination of libarcus3 and
diff -Nru protobuf-3.6.1.3/debian/control protobuf-3.6.1.3/debian/control
--- protobuf-3.6.1.3/debian/control 2019-04-17 00:12:03.0 +0200
+++ protobuf-3.6.1.3/debian/control 2019-04-21 23:14:53.0 +0200
@@ -26,6 +26,8 @@
 # Ruby
  , rake-compiler
  , gem2deb
+# PHP
+ , pkg-php-tools (>= 1.7~)
 Build-Depends-Indep:
 # Java
  , ant
@@ -253,3 +255,29 @@
  need the protoc tool (in the protobuf-compiler package) to compile your
  definition to Java classes, and then the modules in this package will allow
  you to use those classes in your programs.
+
+Package: php-google-protobuf
+Architecture: all
+Section: php
+Depends: ${misc:Depends}, ${phpcomposer:Debian-require}
+Recommends: ${phpcomposer:Debian-recommend}
+Suggests: ${phpcomposer:Debian-suggest}
+Replaces: ${phpcomposer:Debian-replace}
+Breaks: ${phpcomposer:Debian-conflict}, ${phpcomposer:Debian-replace}
+Provides: ${phpcomposer:Debian-provide}
+Description: PHP bindings for protocol buffers
+ Protocol buffers are a flexible, efficient, automated mechanism for
+ serializing structured data - similar to XML, but smaller, faster, and
+ simpler. You define how you want your data to be structured once, then you can
+ use special generated source code to easily write and read your structured
+ data to and from a variety of data streams and using a variety of languages.
+ You can even update your data structure without breaking deployed programs
+ that are compiled against the "old" format.
+ .
+ Google uses Protocol Buffers for almost all of its internal RPC protocols and
+ file formats.
+ .
+ This package contains the PHP bindings for the protocol buffers. You will
+ need the protoc tool (in the protobuf-compiler package) to compile your
+ definition to PHP code, and then the modules in this package will allow
+ you to use those classes in your programs.
diff -Nru protobuf-3.6.1.3/debian/php-google-protobuf.install 
protobuf-3.6.1.3/debian/php-google-protobuf.install
--- protobuf-3.6.1.3/debian/php-google-protobuf.install 1970-01-01 
01:00:00.0 +0100
+++ protobuf-3.6.1.3/debian/php-google-protobuf.install 2019-04-21 
23:14:53.0 +0200
@@ -0,0 +1,2 @@
+php/src/Google usr/share/php/
+php/src/GPBMetadata usr/share/php/
diff -Nru protobuf-3.6.1.3/debian/rules protobuf-3.6.1.3/debian/rules
--- protobuf-3.6.1.3/debian/rules   2018-11-27 00:23:31.0 +0100
+++ protobuf-3.6.1.3/debian/rules   2019-04-21 23:14:53.0 +0200
@@ -15,7 +15,7 @@
 endif
 
 %:
-   dh $@ --with autoreconf,python2,python3
+   dh $@ --with autoreconf,python2,python3,phpcomposer
 
 ifneq ($(DEB_BUILD_ARCH),$(DEB_HOST_ARCH))
 override_dh_auto_configure:

Bug#927720: unblock: umlet/13.3-1.2

2019-04-21 Thread Emmanuel Bourg 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi,

I'd like to request umlet to be allowed to transition to testing. The package
was removed from testing in January due to a build failure that has now been
fixed in unstable. Umlet is a simple Java based UML editor with a popcon of 
~800.
It has been part of Debian since Squeeze.

Thank you,

Emmanuel Bourg

unblock umlet/13.3-1.2

Bug#927436: gnome-shell: segfault error 4 in libgnome-shell.so

2019-04-21 Thread Simon McVittie 
Control: tags -1 + moreinfo

On Fri, 19 Apr 2019 at 14:07:06 -0500, Pavlo Solntsev wrote:
> I have a crash that I can't to reproduce. The user session is terminated and I
> logged out. In dmesg I see:
> [20044.478027] gnome-shell[19403]: segfault at 0 ip 7f2bca1d03bf sp
> 7ffcdcc37660 error 4 in libgnome-shell.so[7f2bca1c8000+1f000]

On Fri, 19 Apr 2019 at 23:04:04 +0200, Bernhard Übelacker wrote:
> from the segfault and also the code line this
> may be a duplicate of #926212.
> 
> At least the crash points to the same source line:
> 
> src/shell-app.c, line 1485.

If that is the case, then this might be fixed in gnome-shell 3.30.2-8,
which will be available in unstable soon. Please try that version.

smcv

Bug#926212: gnome-shell crashed: segfault in libgnome-shell.so after printing email from evolution

2019-04-21 Thread Simon McVittie 
On Tue, 16 Apr 2019 at 22:47:14 +0100, Simon McVittie wrote:
> On Tue, 02 Apr 2019 at 08:11:23 +0200, Guenter Grodotzki wrote:
> > [39719.061358] gnome-shell[1279]: segfault at 0 ip 7fd4fa6ae3bf sp
> > 7ffcf4dbaea0 error 4 in libgnome-shell.so[7fd4fa6a6000+1f000]
> 
> How often has this happened? Is it reproducible, or is it something
> that happened once and has not recurred?

Please try gnome-shell 3.30.2-8 when it becomes available in unstable.
I think it might fix this crash.

smcv

Bug#914109: xscreensaver-data: looks for image files to display even though it is told not to

2019-04-21 Thread Jamie Zawinski 
Well, there's no way for glitchpeg to work on your desktop image, because your 
desktop is not a jpeg...

Bug#927719: gnome-shell: pressing Ctrl or Alt sometimes deletes text in WebKitGTK

2019-04-21 Thread Simon McVittie 
Package: gnome-shell
Version: 3.30.2-7
Severity: important
Tags: upstream patch fixed-upstream
Forwarded: https://gitlab.gnome.org/GNOME/gtk/issues/1447

There is a bad interaction between gnome-shell, GTK, non-English input
methods, WebKitGTK and Evolution that can cause text to be deleted
unintentionally. I have not verified whether Debian is still affected by
this (it's a tricky interaction between several components, and multiple
workarounds and fixes have been applied upstream, some of which might
already be in buster) but there is a patch for gnome-shell in upstream's
gnome-3-30 branch, which I think we should consider applying for buster
to try to rule out data loss.

https://gitlab.gnome.org/GNOME/gtk/issues/1447:
> evolution-3.30.2-2.fc29.x86_64; webkit2gtk3-2.22.3-1.fc29.x86_64
> Steps:
>
> Enable: Edit > Preferences > Mail Preferences > HTML Messages >
>  Plain Text Mode > Show suppressed HTML parts as attachments.
> Disable: Edit > Preferences > Composer Preferences > Default Behavior >
>  Format messages in HTML
> Open 
> https://mail.gnome.org/archives/evolution-list/2018-November/msg00023.html
> Press Ctrl+L (reply)
> Mark any lines of text in the email
> Press the Ctrl key
>
> Expected outcome: Nothing
>
> Actual outcome: The marked text get deleted.

See attached patches (untested).

smcv
>From 401062800186ca26135d270f2285d8b2b5446437 Mon Sep 17 00:00:00 2001
From: Carlos Garnacho 
Date: Tue, 13 Nov 2018 18:26:13 +0100
Subject: [PATCH 1/2] inputMethod: Avoid calling set_preedit_text() if
 unnecessary

This is easier down on clients.

(cherry-picked from 8c3811a866017943c276fa7d9e2aed4c0f0554ae)
---
 js/misc/inputMethod.js | 14 ++
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/js/misc/inputMethod.js b/js/misc/inputMethod.js
index 4a92dc49b..e22dfccc5 100644
--- a/js/misc/inputMethod.js
+++ b/js/misc/inputMethod.js
@@ -144,8 +144,11 @@ var InputMethod = new Lang.Class({
 this._updateCapabilities();
 }
 
-// Unset any preedit text
-this.set_preedit_text(null, 0);
+if (this._preeditStr) {
+// Unset any preedit text
+this.set_preedit_text(null, 0);
+this._preeditStr = null;
+}
 },
 
 vfunc_reset() {
@@ -154,8 +157,11 @@ var InputMethod = new Lang.Class({
 this._emitRequestSurrounding();
 }
 
-// Unset any preedit text
-this.set_preedit_text(null, 0);
+if (this._preeditStr) {
+// Unset any preedit text
+this.set_preedit_text(null, 0);
+this._preeditStr = null;
+}
 },
 
 vfunc_set_cursor_location(rect) {
-- 
2.20.1

>From 1cda65973272baff218244e69dca0afc329ba6da Mon Sep 17 00:00:00 2001
From: Carlos Garnacho 
Date: Tue, 13 Nov 2018 18:28:15 +0100
Subject: [PATCH 2/2] inputMethod: Keep track of preedit string visibility

So we can silence update-preedit-text signals that keep the
preedit string invisible.

Closes: https://gitlab.gnome.org/GNOME/gtk/issues/1447

(cherry-picked from 6f5a099184a1a5ecf558b36f2d00d2bfb074628e)
---
 js/misc/inputMethod.js | 17 +
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/js/misc/inputMethod.js b/js/misc/inputMethod.js
index e22dfccc5..0f5590b3f 100644
--- a/js/misc/inputMethod.js
+++ b/js/misc/inputMethod.js
@@ -17,6 +17,7 @@ var InputMethod = new Lang.Class({
 this._currentFocus = null;
 this._preeditStr = '';
 this._preeditPos = 0;
+this._preeditVisible = false;
 this._ibus = IBus.Bus.new_async();
 this._ibus.connect('connected', this._onConnected.bind(this));
 this._ibus.connect('disconnected', this._clear.bind(this));
@@ -80,6 +81,7 @@ var InputMethod = new Lang.Class({
 this._enabled = false;
 this._preeditStr = ''
 this._preeditPos = 0;
+this._preeditVisible = false;
 },
 
 _emitRequestSurrounding() {
@@ -98,20 +100,27 @@ var InputMethod = new Lang.Class({
 _onUpdatePreeditText(context, text, pos, visible) {
 if (text == null)
 return;
-this._preeditStr = text.get_text();
-this._preeditPos = pos;
+
+let preedit = text.get_text();
+
 if (visible)
-this.set_preedit_text(this._preeditStr, pos);
-else
+this.set_preedit_text(preedit, pos);
+else if (this._preeditVisible)
 this.set_preedit_text(null, pos);
+
+this._preeditStr = preedit;
+this._preeditPos = pos;
+this._preeditVisible = visible;
 },
 
 _onShowPreeditText(context) {
+this._preeditVisible = true;
 this.set_preedit_text(this._preeditStr, this._preeditPos);
 },
 
 _onHidePreeditText(context) {
 this.set_preedit_text(null, this._preeditPos);
+this._preeditVisible = false;
 },
 
 _onForwardKeyEvent(context, keyval, keycode, state) {
-- 
2.20.1

Bug#887519: Fixed.

2019-04-21 Thread Hilko Bengen 
control: fixed -1 1:1.34.6-3

Bugs #887519, #897932 were fixed in 1:1.34.6-3.

Bug#921447: Please confirm subscription to 921...@bugs.debian.org (etckeeper: Unnecessary dependency on python2)

2019-04-21 Thread Antoine Beaupré 
On 2019-04-21 21:24:02, Varac wrote:
> Hey,
>
> I wanted to remove python2 from my Laptop for a very long time now,
> and one package standing in the way is etckeeper.
> I'd be happy if the py2 dep could be removed, given it's such an easy "fix".

I'm not sure I can get away with this one during the freeze,
unfortunately. :/

But as soon as buster-backports opens, this will be a distinct
possibility. Remind me then if I forget...

a.
-- 
It is not enough to fight for the land; it is even more important to
enjoy it. While you can. While it’s still here.
- Edward Abbey

Bug#927718: gnome-shell: performance regression for graphically intensive full-screen apps (games) since 3.30.1

2019-04-21 Thread Simon McVittie 
Package: gnome-shell
Version: 3.30.2-7
Severity: important
Tags: patch upstream fixed-upstream
Forwarded: https://gitlab.gnome.org/GNOME/gnome-shell/issues/799

https://gitlab.gnome.org/GNOME/gnome-shell/issues/799
> I've experienced a rather severe drop in performance after upgrading
> to gnome-shell 3.30.2-1 in Fedora 29.
...
> I think 62c2dbbc broke unredirection of fullscreen windows after a
> notification has been shown.

I believe this affects buster. Its practical effect is:

* Steps to reproduce: Do something that will provoke a notification later.
  Run a graphically-intensive fullscreen 3D game.
* Expected result: The game's performance drops while the notification is
  showing, but recovers afterwards.
* Actual result: The game's performance drops and does not recover.

I'm opening a bug for this because the change has been backported to the
upstream gnome-3-30 branch, and I think it's something we should consider
applying to buster.

smcv
>From 51b04134db2cce3a5a8b9074d8705e4284f5088d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Florian=20M=C3=BCllner?= 
Date: Thu, 22 Nov 2018 17:18:34 +
Subject: [PATCH] messageTray: Re-enable unredirection when banner is destroyed

The intention of commit 4dc20398 was to disable unredirection while
banners are shown, but the ::done-displaying signal currently used for
re-enabling unredirection is only emitted under some circumstances, so
it's possible that unredirection is left disabled indefinitely, whoops.

Fix this by tying disabling unredirection explicitly to the lifetime
of the banner actor.

https://gitlab.gnome.org/GNOME/gnome-shell/issues/799


(cherry picked from commit e5ce3d541e48dd75c9218312cd74ecb760ab857a)
---
 js/ui/messageTray.js | 7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/js/ui/messageTray.js b/js/ui/messageTray.js
index 20469afb3..99f0cf9e7 100644
--- a/js/ui/messageTray.js
+++ b/js/ui/messageTray.js
@@ -1309,10 +1309,8 @@ var MessageTray = new Lang.Class({
 }
 
 this._banner = this._notification.createBanner();
-this._bannerClickedId = this._banner.connect('done-displaying', () => {
-Meta.enable_unredirect_for_display(global.display);
-this._escapeTray();
-});
+this._bannerClickedId = this._banner.connect('done-displaying',
+ this._escapeTray.bind(this));
 this._bannerUnfocusedId = this._banner.connect('unfocused', () => {
 this._updateState();
 });
@@ -1462,6 +1460,7 @@ var MessageTray = new Lang.Class({
 
 this._pointerInNotification = false;
 this._notificationRemoved = false;
+Meta.enable_unredirect_for_display(global.display);
 
 this._banner.actor.destroy();
 this._banner = null;
-- 
2.20.1

Bug#927717: pkg/config file still with some problems

2019-04-21 Thread PICCORO McKAY Lenz 
Package: libjpeg-dev
Version: 1:1.5.1-2
Severity: grave

Dear Maintainer.
It appeares that the provided pkg-config libjpeg.pc file contains
an unsubsituted 'regexp', @VERSIONH@.

It is guessed that the rules file does not define it

Lenz McKAY Gerardo (PICCORO)
http://qgqlochekone.blogspot.com

Bug#927716: CVE-2018-1109

2019-04-21 Thread Moritz Muehlenhoff 
Package: node-braces
Severity: important
Tags: security

Please see https://snyk.io/vuln/npm:braces:20180219

Patch:
https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451

Cheers,
Moritz

Bug#927715: CVE-2017-16119

2019-04-21 Thread Moritz Muehlenhoff 
Package: node-fresh
Severity: important
Tags: security

Please see https://www.npmjs.com/advisories/526

Cheers,
Moritz

Bug#927714: CVE-2019-3885 CVE-2018-16877 CVE-2018-16878

2019-04-21 Thread Moritz Muehlenhoff 
Source: pacemaker
Severity: grave
Tags: security

Please see https://www.openwall.com/lists/oss-security/2019/04/17/1

Cheers,
Moritz

Bug#927713: CVE-2019-10740

2019-04-21 Thread Moritz Muehlenhoff 
Source: roundcube
Severity: important
Tags: security

This was assigned CVE-2019-10740:
https://github.com/roundcube/roundcubemail/issues/6638

Cheers,
Moritz

Bug#927712: unblock: libguestfs/1.40.2-2

2019-04-21 Thread Hilko Bengen 
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock

I uploaded a new libguestfs package, fixing #906234 (Please change
dependency on cryptsetup...).

The debidff is attached.

Please unblock. Thanks.

Cheers,
-Hilko
diff -Nru libguestfs-1.40.2/debian/changelog libguestfs-1.40.2/debian/changelog
--- libguestfs-1.40.2/debian/changelog	2019-02-10 22:09:07.0 +0100
+++ libguestfs-1.40.2/debian/changelog	2019-04-21 22:17:19.0 +0200
@@ -1,3 +1,9 @@
+libguestfs (1:1.40.2-2) unstable; urgency=medium
+
+  * Adjust cryptsetup dependencies (Closes: #906234)
+
+ -- Hilko Bengen   Sun, 21 Apr 2019 22:17:19 +0200
+
 libguestfs (1:1.40.2-1) unstable; urgency=medium
 
   * New upstream version 1.40.2
diff -Nru libguestfs-1.40.2/debian/control libguestfs-1.40.2/debian/control
--- libguestfs-1.40.2/debian/control	2019-01-22 13:27:36.0 +0100
+++ libguestfs-1.40.2/debian/control	2019-04-16 15:57:40.0 +0200
@@ -58,7 +58,7 @@
   btrfs-progs,
   bzip2,
   cpio,
-  cryptsetup, busybox,
+  cryptsetup-bin, busybox,
   dosfstools,
   exfat-utils,
   extlinux [i386 amd64],
diff -Nru libguestfs-1.40.2/debian/patches/0015-Change-cryptsetop-cryptsetup-bin-in-appliance.patch libguestfs-1.40.2/debian/patches/0015-Change-cryptsetop-cryptsetup-bin-in-appliance.patch
--- libguestfs-1.40.2/debian/patches/0015-Change-cryptsetop-cryptsetup-bin-in-appliance.patch	1970-01-01 01:00:00.0 +0100
+++ libguestfs-1.40.2/debian/patches/0015-Change-cryptsetop-cryptsetup-bin-in-appliance.patch	2019-04-16 15:58:24.0 +0200
@@ -0,0 +1,21 @@
+From: Hilko Bengen 
+Date: Tue, 16 Apr 2019 15:58:05 +0200
+Subject: Change cryptsetop->cryptsetup-bin in appliance
+
+---
+ appliance/packagelist.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/appliance/packagelist.in b/appliance/packagelist.in
+index b6ff265..1963ffd 100644
+--- a/appliance/packagelist.in
 b/appliance/packagelist.in
+@@ -60,7 +60,7 @@ ifelse(DEBIAN,1,
+   bsdmainutils
+ dnl old name used in Jessie and earlier
+   btrfs-tools
+-  cryptsetup
++  cryptsetup-bin
+   dash
+   extlinux
+   fdisk
diff -Nru libguestfs-1.40.2/debian/patches/series libguestfs-1.40.2/debian/patches/series
--- libguestfs-1.40.2/debian/patches/series	2019-02-10 22:08:35.0 +0100
+++ libguestfs-1.40.2/debian/patches/series	2019-04-16 15:58:24.0 +0200
@@ -12,3 +12,4 @@
 0012-Disable-v2v-test-harness.patch
 0013-Fix-up-perl-path-in-installed-scripts.patch
 0014-Fix-.depend-generation-for-out-of-tree-build.patch
+0015-Change-cryptsetop-cryptsetup-bin-in-appliance.patch

Bug#925911: RFS: lopsub-1.0.2 [ITP]

2019-04-21 Thread Adam Borowski 
On Sun, Apr 21, 2019 at 05:11:05PM +0200, Andre Noll wrote:
> That's just because I misread section 8.1 of the Debian Policy Manual.
> I've renamed the -dev package to liblopsub-dev.

Not sure if you'd want the _source_ package to have a simple soname-less
name as well; I would but that's up to you -- that'd be nicer and make
having only-one-version transitions easier; on the other hand a
soname-encoded source name is better when there's a need for multiple
coinstallable versions.

Your choice; current state is ok.

> If there are further issues, just let me know.

Just cosmetic stuff:

* installation instructions don't really belong in the man page -- if you
  can read it, you've already managed to install the package.

* please copy the description for liblopsub1 to liblopsub-dev; it currently
  says just "This package contains the development environment for the
  lopsub library."  It's pointless to require the user to check the other
  package -- other libraries alter merely the last part.  Also, it's -dev
  what users pull by hand.

* is there a reason for shipping the static library?  Static linking is
  frowned upon in a distribution -- whenever the library gets updated,
  every reverse dependency has to be recompiled; this is especially nasty
  for security updates.

* (bonus) The nicely documented process for building the example looks
  like something that could be turned into an autopkgtest.  Unlike
  build-time tests, autopkgtests are run against installed packages,
  the way an user would.  That's of course extra effort, by no means
  required -- but, extra testing is always good.

But in general, the package already seems to be in a releasable state. 
Could you please change "UNRELEASED" to "unstable" so it can be uploaded?


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Did ya know that typing "test -j8" instead of "ctest -j8"
⢿⡄⠘⠷⠚⠋⠀ will make your testsuite pass much faster, and fix bugs?
⠈⠳⣄

Bug#927711: CVE-2019-10044

2019-04-21 Thread Moritz Muehlenhoff 
Package: telegram-desktop
Severity: grave
Tags: security

This was assigned CVE-2019-10044 and is claimed to be fixed in 1.5.12:
https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt

Cheers,
Moritz

Bug#927709: libetpan: GnuTLS timeouts are 1000 times shorter than configured

2019-04-21 Thread Chris Boot 
Control: severity -1 serious
Control: tags -1 patch

Dear Maintainer,

I think this bug should be RC given that it appears to make some
important (to some people at least) software potentially unusable on
Buster. Please feel free to downgrade if you particularly disagree, though.

Cheers,
Chris

-- 
Chris Boot
bo...@debian.org

Bug#921447: Please confirm subscription to 921...@bugs.debian.org (etckeeper: Unnecessary dependency on python2)

2019-04-21 Thread Varac 
Hey,

I wanted to remove python2 from my Laptop for a very long time now,
and one package standing in the way is etckeeper.
I'd be happy if the py2 dep could be removed, given it's such an easy "fix".
Thanks !


signature.asc
Description: signature

Bug#926895: libxslt: CVE-2019-11068

2019-04-21 Thread Moritz Mühlenhoff 
On Thu, Apr 11, 2019 at 10:46:05PM +0200, Salvatore Bonaccorso wrote:
> Source: libxslt
> Version: 1.1.32-2
> Severity: important
> Tags: security upstream
> Forwarded: https://gitlab.gnome.org/GNOME/libxslt/issues/12
> 
> Hi,
> 
> The following vulnerability was published for libxslt.
> 
> CVE-2019-11068[0]:
> | libxslt through 1.1.33 allows bypass of a protection mechanism because
> | callers of xsltCheckRead and xsltCheckWrite permit access even upon
> | receiving a -1 error code. xsltCheckRead can return -1 for a crafted
> | URL that is not actually invalid and is subsequently loaded.

I submitted an MR at salsa.

Cheers,
Moritz

Bug#927710: ath10k locks to regulatory domain US on ACPI platforms

2019-04-21 Thread Rene 'Renne' Bartsch, B.Sc. Informatics 

Package: linux-image
Version: 4.19.28-2

The ath10k 802.11 driver reads the country code for the radio regulatory domain 
from the ACPI table.
If it can't get a valid value it locks to US regulatory domain which is wrong 
for most countries.
This makes Atheros devices in master mode unusable on ACPI devices in most 
countries.

Sven Gottschall suggested on ath10k mailing-list to return -EOPNOTSUPP in 
function
ath10k_mac_get_wrdd_regulatory(struct ath10k *ar, u16 *rd) in file 
drivers/net/wireless/ath/ath10k/mac.c to solve this.


static int ath10k_mac_get_wrdd_regulatory(struct ath10k *ar, u16 *rd)
{
return -EOPNOTSUPP;
}


Regards,

Renne


Kernel version: Linux cloud 4.19.0-4-amd64 #1 SMP Debian 4.19.28-2 (2019-03-15) 
x86_64 GNU/Linux

Bug#927709: libetpan: GnuTLS timeouts are 1000 times shorter than configured

2019-04-21 Thread Nick Thomas 
Source: libetpan
Severity: important
Tags: upstream

Dear Maintainer,

Testing https://delta.chat/ on Debian Buster, I noticed IMAP connection
failures. After some debugging, I have tracked it down to a problem in upstream
libetpan when built against a new-enough GnuTLS. PR for that here:

https://github.com/dinhviethoa/libetpan/pull/330

The outcome of this bug is that SSL negotiation timeouts are 1,000 times less
than they should be - Delta's 10 second timeout becomes 10ms. The default 30
second timeout becomes 30ms, which might *just* be long enough in some cases,
but certainly not all.

I'm opening a Debian bug report as I'd like the fix to be included in Debian
Buster. Otherwise, all software that uses libetpan (including Claws email, I
believe) will fail to negotiate TLS in seemingly-random circumstances. It's a
one-line fix, the consequences of which are very easy to understand.

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-0.bpo.2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=C.UTF-8 (charmap=locale: Cannot set 
LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
UTF-8), LANGUAGE=en_GB.UTF-8 (charmap=locale: Cannot set LC_MESSAGES to default 
locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect

Bug#923928: [Debichem-devel] Bug#924843: msxpertsuite: FTBFS: MassSpectrum.cpp:50:10: fatal error: pwiz/data/msdata/MSDataFile.hpp: No such file or directory

2019-04-21 Thread Graham Inggs 
Control: reopen 923928

Hi Release Team

The following mail was sent to bug #924843, but I think it should have
been sent to #923928 as well, so here it is.

On Mon, 18 Mar 2019 at 16:03, Filippo Rusconi  wrote:
>
> found 924843 5.7.3-1
> fixed 924843 5.8.6-2
> block 924843 by 923928
>
> thanks
>
> The fix in version 5.8.6-2 (currently in unstable) is needed because libpwiz
> changed recently the location of the header files. msxpertsuite was uploaded
> after libpwiz exactly as a result of this. However msxpertsuite unfortunately 
> is
> blocked in unstable because the documentation building system (daps) cannot 
> yet
> enter testing. The un-blocking of daps does not seem be happening anytime 
> soon,
> sadly (the un-block bug report was closed last Sun, 17 Mar, see #923928).
>
> So, if the release managers would reconsider not un-blocking daps, then this 
> bug
> would be easily fixable by letting msxpertsuite 5.8.6-2 migrate to testing.
>
> daps is an all-arch project that has no other reverse-dependencies than
> msxpertsuite.  The fact that msxpertsuite's documentation (fairly large and
> complex) can build using daps is a testimony of the robustness of its debian
> packaging.
>
> Thank you for your work on the release of Buster !
> Cheers,
> Filippo

Regards
Graham

Bug#923791: marked as done (synaptic and most screen recording apps don't work on Wayland)

2019-04-21 Thread Justin B Rye 
> I committed a first version:
> https://salsa.debian.org/ddp-team/release-notes/commit/5496e24

Tentative patch attached.

> 
>   Some applications don't work in GNOME on Wayland
>   
> In contrast to Debian releases before buster, Wayland 
> is
> now the default display manager that is used by

This sounds as if we're drawing a contrast between Wayland and Stretch.

"Display manager" is things like gdm and xdm; Xorg's a display *server*.

(Should we in fact be talking about this as "Wayland vs Xorg" or is it
"Wayland vs the X Window System"?  "Xorg" is just the metapackage to
install the X.Org implementation of an X11 server... but then again if
GNOME calls the option "Xorg" we presumably need to follow their lead,
even if $XDG_SESSION_TYPE does classify it as "X11".)

> GNOME. GNOME used to default to
> Xorg in the past. Some applications, including the

We don't usually put  tags around things that are "upstream
software brand names" (and if we did we'd presumably want to do it in
the title line too).

We could boil all this down to
GNOME in buster has changed its default display server from Xorg to 
Wayland.

> popular package manager synaptic

Is gparted also a problem case that's worth mentioning?

> and most screen recording applications, have not been updated to work
> properly under Wayland. In order to use these packages,
> one needs to login with GNOME on Xorg.

The verb is two words, "log in".  Maybe this should be "log in with a
GNOME on Xorg session"?

(Unless the option in fact says "Gnome on Xorg", as some docs claim?
I can't find any similar string in the sources...)
-- 
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
diff --git a/en/issues.dbk b/en/issues.dbk
index a21c4949..8f572579 100644
--- a/en/issues.dbk
+++ b/en/issues.dbk
@@ -471,14 +471,12 @@ $ sudo update-initramfs -u
 
   Some applications don't work in GNOME on Wayland
   
-In contrast to Debian releases before buster, Wayland is
-now the default display manager that is used by
-GNOME. GNOME used to default to
-Xorg in the past. Some applications, including the
+GNOME in buster has changed its default display server from Xorg to
+Wayland. Some applications, including the
 popular package manager synaptic
 and most screen recording applications, have not been updated to work
-properly under Wayland. In order to use these packages,
-one needs to login with GNOME on Xorg.
+properly under Wayland. In order to use these packages,
+one needs to log in with a GNOME on Xorg session.

Bug#927708: Recursive moving of folders is prohibited in some cases

2019-04-21 Thread Alf Gaida 
Package: libfm-qt6
Version: 0.14.2~36-g06d8d31-2
Severity: important
Tags: patch

Introduced by new glib, should be worked around - no need to do anything here,
it's an upstream thing.

Cheers Alf

-- System Information:
Debian Release: 10.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 
'buildd-unstable'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.0.7-towo.4-siduction-amd64 (SMP w/8 CPU cores; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libfm-qt6 depends on:
ii  libc6 2.28-8
ii  libexif12 0.6.21-5.1
ii  libglib2.0-0  2.60.0-1.1
ii  libglib2.0-bin2.60.0-1.1
ii  libmenu-cache31.1.1~2-g583c190-1
ii  libqt5core5a [qtbase-abi-5-11-3]  5.11.3+dfsg1-1
ii  libqt5gui55.11.3+dfsg1-1
ii  libqt5widgets55.11.3+dfsg1-1
ii  libqt5x11extras5  5.11.3-2
ii  libstdc++68.3.0-6
ii  libxcb1   1.13.1-2
ii  shared-mime-info  1.10-1

Versions of packages libfm-qt6 recommends:
ii  libfm-qt-l10n  0.14.2~36-g06d8d31-2

libfm-qt6 suggests no packages.

-- no debconf information

Bug#927685: Downgrading to normal

2019-04-21 Thread Jelmer Vernooij 
severity 927685 normal
thanks

Downgrading this to normal, since it only affects the 'contrib' scripts shipped
with klaus. Klaus itself works well without distutils.

Bug#927707: libfm-qt ignores creation-deletion sequences

2019-04-21 Thread Alf Gaida 
Package: libfm-qt6
Version: 0.14.2~36-g06d8d31-2
Severity: important
Tags: patch

Dear Maintainer,

in some rare cases libfm-qt ignore creation/deletion sequences resulting in 
displaying non-existing files.

Upstream-Bug: https://github.com/lxqt/pcmanfm-qt/issues/944
Upstream-Fix: https://github.com/lxqt/libfm-qt/pull/408

Thanks to Walter Lapchynski (w...@polka.bike) for spotting this.

Cheers Alf


Patch:

>From 7e79e591eb536603da92ee537bf949490b1259fc Mon Sep 17 00:00:00 2001
From: Tsu Jan 
Date: Sun, 21 Apr 2019 14:11:14 +0430
Subject: [PATCH] Don't ignore creation-deletion sequences

Fixes https://github.com/lxqt/pcmanfm-qt/issues/944

Previously, if a file was in addition queue and then it came into the deletion 
queue, its addition and deletion were both ignored. That was wrong and could 
result in showing nonexistent files because addition can also happen in 
directory list job before being processed by file info job.

Also process accumulated changes only after finishing the current info job and 
don't clear all deletion paths after processing them (because, logically, only 
those paths that can be deleted should be removed).
---
 src/core/folder.cpp | 60 +++--
 1 file changed, 31 insertions(+), 29 deletions(-)

diff --git a/src/core/folder.cpp b/src/core/folder.cpp
index 6c2b27d..2385a8b 100644
--- a/src/core/folder.cpp
+++ b/src/core/folder.cpp
@@ -228,16 +228,6 @@ void Folder::onFileInfoFinished() {
 return;
 }
 
-// process the changes accumulated during this info job
-if(filesystem_info_pending // means a pending change; see 
"onFileSystemInfoFinished()"
-   || !paths_to_update.empty() || !paths_to_add.empty() || 
!paths_to_del.empty()) {
-QTimer::singleShot(0, this, ::processPendingChanges);
-}
-// there's no pending change at the moment; let the next one be processed
-else {
-has_idle_update_handler = false;
-}
-
 FileInfoList files_to_add;
 FileInfoList files_to_delete;
 std::vector files_to_update;
@@ -271,6 +261,16 @@ void Folder::onFileInfoFinished() {
 Q_EMIT filesChanged(files_to_update);
 }
 Q_EMIT contentChanged();
+
+// process the changes accumulated during this info job
+if(filesystem_info_pending // means a pending change; see 
"onFileSystemInfoFinished()"
+   || !paths_to_update.empty() || !paths_to_add.empty() || 
!paths_to_del.empty()) {
+QTimer::singleShot(0, this, ::processPendingChanges);
+}
+// there's no pending change at the moment; let the next one be processed
+else {
+has_idle_update_handler = false;
+}
 }
 
 void Folder::processPendingChanges() {
@@ -314,21 +314,24 @@ void Folder::processPendingChanges() {
 }
 
 // process deletion
-if(!paths_to_del.empty()) {
-FileInfoList deleted_files;
-for(const auto : paths_to_del) {
-auto name = path.baseName();
-auto it = files_.find(name.get());
-if(it != files_.end()) {
-deleted_files.push_back(it->second);
-files_.erase(it);
-}
+FileInfoList deleted_files;
+auto path_it = paths_to_del.begin();
+while(path_it != paths_to_del.end()) {
+const auto& path = *path_it;
+auto name = path.baseName();
+auto it = files_.find(name.get());
+if(it != files_.end()) {
+deleted_files.push_back(it->second);
+files_.erase(it);
+path_it = paths_to_del.erase(path_it);
 }
-if(!deleted_files.empty()) {
-Q_EMIT filesRemoved(deleted_files);
-Q_EMIT contentChanged();
+else {
+++path_it;
 }
-paths_to_del.clear();
+}
+if(!deleted_files.empty()) {
+Q_EMIT filesRemoved(deleted_files);
+Q_EMIT contentChanged();
 }
 
 if(pending_change_notify) {
@@ -404,13 +407,12 @@ void Folder::eventFileDeleted(const FilePath& path) {
 bool deleted = true;
 // qDebug() << "delete " << path.baseName().get();
 // G_LOCK(lists);
-if(std::find(paths_to_add.cbegin(), paths_to_add.cend(), path) != 
paths_to_add.cend()) {
-// if the file was going to be added, just remove it from the addition 
queue
-paths_to_add.erase(std::remove(paths_to_add.begin(), 
paths_to_add.end(), path), paths_to_add.cend());
-}
-else if(std::find(paths_to_del.cbegin(), paths_to_del.cend(), path) == 
paths_to_del.cend()) {
+/* WARNING: If the file is in the addition queue, we shouldn not remove it 
from that queue
+   and ignore its deletion because it may have been added by the directory 
list job, in
+   which case, ignoring an addition-deletion sequence would result in a 
nonexistent file. */
+if(std::find(paths_to_del.cbegin(), paths_to_del.cend(), path) == 
paths_to_del.cend()) {
 paths_to_del.push_back(path);
-// the update queue should be cancelled for a file that

Bug#925401: psk31lx 2.1-1+deb9u1 flagged for acceptance

2019-04-21 Thread Adam D Barratt 
Control: tags -1 + pending

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian stretch.

Thanks for your contribution!

Upload details
==

Package: psk31lx
Version: 2.1-1+deb9u1

Explanation: make version sort correctly to avoid potential upgrade issues

Bug#853750: hdfview not usable

2019-04-21 Thread Chris Billington 
If anyone is interested in resolving this bug, they might be interested in
the Arch Linux AUR package:

https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=hdfview

as an example of how to build HDFview 3 from source. I'm using HDFview 3 on
Arch via this package and all is well.

-Chris

On Tue, May 8, 2018 at 8:48 PM Chris Billington 
wrote:

> The HDF group now have binary builds of HDFVIEW version 3 available for
> download (requires login):
>
> https://www.hdfgroup.org/downloads/hdfview/
>
> I have confirmed it works on Ubuntu 18.04, though it needs a java path
> changed as mentioned here:
>
> https://askubuntu.com/questions/907159/hdfview-working-in-ubuntu-17-04
>
> -Chris
>

Bug#925971: release-notes: should mention secure boot in d-i

2019-04-21 Thread Holger Wansing 
Hi,

Paul Gevers  wrote:
> Hi Debian-boot,
> 
> Friendly ping.
> 
> On Sat, 30 Mar 2019 07:44:30 + Steve McIntyre  wrote:
> > On Fri, Mar 29, 2019 at 04:45:20PM +0100, Paul Gevers wrote:
> > >As now discussion on the RT sprint, the release notes should probably
> > >say something about the work on secure boot.
> > >
> > >I wouldn't know what to put in, so proposals are welcome. Until that
> > >time, I file this bug to not forget.
> > 
> > ACK. We'll have some text to add. :-)

4 weeks ago, I sent a proposal to debian-boot:

https://lists.debian.org/debian-boot/2019/03/msg00265.html

Maybe...



Holger

-- 
Holger Wansing 
PGP-Fingerprint: 496A C6E8 1442 4B34 8508  3529 59F1 87CA 156E B076

Bug#926723: fcitx may not working with Wayland in buster

2019-04-21 Thread Paul Gevers 
Control: tags -1 moreinfo

Hi Shengjing,

On Wed, 10 Apr 2019 00:16:18 +0800 Shengjing Zhu  wrote:
> Follow up my post on -devel. Fcitx, the default input method in
> task-chinese-s-desktop(for Simplified Chinese user), may not work on
> Wayland. Since Wayland is the default choice of GNOME, the default
> desktop, some notes should be added.
> 
> However I'm not quite sure about the situation, I Cced Boyuan here.
> He probably can have more comments. We talked yesterday, but he is
> busy recently. So I just opened this bug, to make sure we'll not forget
> before release.

I added the text copied below to fix bug 923791. Do you think it is
sufficient to close this bug? Would it help and be enough if I just add
fcitx to the list?

Paul

https://salsa.debian.org/ddp-team/release-notes/commit/5496e24


Some applications don't work in GNOME on Wayland

 In contrast to Debian releases before buster, Wayland is
 now the default display manager that is used by
 GNOME. GNOME used to default to
 Xorg in the past. Some applications, including the
 popular package manager synaptic
 and most screen recording applications, have not been updated to work
 properly under Wayland. In order to use these packages,
 one needs to login with GNOME on Xorg.





signature.asc
Description: OpenPGP digital signature

Bug#925971: release-notes: should mention secure boot in d-i

2019-04-21 Thread Paul Gevers 
Hi Debian-boot,

Friendly ping.

On Sat, 30 Mar 2019 07:44:30 + Steve McIntyre  wrote:
> On Fri, Mar 29, 2019 at 04:45:20PM +0100, Paul Gevers wrote:
> >As now discussion on the RT sprint, the release notes should probably
> >say something about the work on secure boot.
> >
> >I wouldn't know what to put in, so proposals are welcome. Until that
> >time, I file this bug to not forget.
> 
> ACK. We'll have some text to add. :-)

Paul



signature.asc
Description: OpenPGP digital signature

Bug#926952: sa-exim: Unbuildable/uninstallable in sid

2019-04-21 Thread Magnus Holmgren 
söndag 21 april 2019 kl. 07:34:15 CEST skrev  Andreas Metzler:
> On 2019-04-20 Magnus Holmgren  wrote:
> > tisdag 16 april 2019 kl. 18:46:56 CEST skrev du:
> [...]
> 
> > > I have just uploaded exim 4.92-6 to exoerimental which /should/
> > > work with sa-exim, allowing you to debug properly.
> > 
> > Thanks. So far I haven't managed to reproduce the problem of the malformed
> > body file, though.
> 
> That is kind of good news, it suggests some temporary bakage in exim
> that was fixed since.

Or I need to test with more binary data. After all, IIUC, the point of BDAT is 
that you can send chunks of binary data of given sizes instead of the 
reveiving server having to look for ..

> > However, I produced a segfault in local_scan() when I fed
> > exim a spam message using BDAT with report_safe = 1 in local.cf,
> > SARewriteBody: 1 in sa-exim.conf and spool_wireformat = true in
> > exim4.conf(.template).
> 
> Is this reproducible?

I got it multiple times, but then I built and installed a slightly modified 
sa-exim, and now I can't reproduce it anymore, even after I reinstalled sa-
exim from testing. I'm pretty sure that I've been using the same spam mail the 
entire time too.

But I'm thinking that if the problem actually persists, I can at least work 
around it by checking if body_linecount == 0, which should mean that 
spool_wireformat = true (or that there's no body to rewrite anyway) and 
disable body rewriting then.

But now that I look closer, it looks like the "spool format error" message is 
only triggered by malformed header files, and Thomas in https://
lists.exim.org/lurker/message/20180726.174108.0620f3c0.en.html had narrowed it 
down to multiple messages being received over the same connection. I still 
haven't been able to reproduce it though. It might be stochastic.

-- 
Magnus Holmgrenholmg...@debian.org
Debian Developer 

signature.asc
Description: This is a digitally signed message part.

Bug#927242: linphone unable to register account

2019-04-21 Thread Thomas Glanzmann 
Hello,
I have the same problem. After trying for two hours, I found a way to
register an account:

- Run linphonec
- Run proxy add

Than the account also shows up in linphone.

Example:
linphonec> proxy add
Adding new proxy setup. Hit ^D to abort.
Enter proxy sip address: [2003:...::1]:5060
Your identity for this proxy: sip:614720-4@[2003:...::1]
Do you want to register on this proxy (yes/no): yes
Specify register expiration time in seconds (default is 600):
Expiration: 600 seconds
Specify route if needed:
No route specified.

sip address: sip:[2003:...::1]:5060
route:
identity: sip:614720-4@[2003:...::1]
register: yes
expires: 600
registered: no

Accept the above proxy configuration (yes/no) ?: yes
Proxy added.
linphonec> Registration on sip:[2003:...::1]:5060 failed: Unauthorized
linphonec>
Password for 614720-4 on my.host.nane: password
Refreshing on sip:614720-4@[2003:...::1]...
linphonec> Registration on sip:[2003:...::1]:5060 successful.

Cheers,
Thomas

Bug#927304: unblock: aptly/1.3.0+ds1-2.2

2019-04-21 Thread Shengjing Zhu 
Control: retitle -1 testing-pu: aptly/1.3.0+ds1-2.1+deb10u1
Control: tags -1 buster
Control: usertag -1 = pu

Since the build-depends golang-github-mattn-go-isatty and
golang-golang-x-sys are updated with new version in unstable, aptly
needs to be built in testing now.

The debdiff is almost same, only the version should be changed
to1.3.0+ds1-2.1+deb10u1

Thanks

On Thu, Apr 18, 2019 at 1:39 AM Shengjing Zhu  wrote:
>
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
>
> Please unblock package aptly
>
> * It fixes #911924(support database migration from <= 1.3.0-6)
>
>   As I said in #911924, this should be grave. My justification is that
>   users should be able to upgrade from stretch, without losting data.
>
> * Previous NMU includes a patch which has a mistake, which may cause
>   lost one DB field info.
>
> unblock aptly/1.3.0+ds1-2.2
>
> The debdiff is:
>
>
> diff -Nru aptly-1.3.0+ds1/debian/changelog aptly-1.3.0+ds1/debian/changelog
> --- aptly-1.3.0+ds1/debian/changelog2019-04-05 23:19:14.0 +0800
> +++ aptly-1.3.0+ds1/debian/changelog2019-04-16 00:18:23.0 +0800
> @@ -1,3 +1,12 @@
> +aptly (1.3.0+ds1-2.2) unstable; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * Add patch to fix DB backwards compatibility (Closes: #911924)
> +  * Fix struct field tag typo
> +  * Update debian/NEWS about DB compatibility
> +
> + -- Shengjing Zhu   Tue, 16 Apr 2019 00:18:23 +0800
> +
>  aptly (1.3.0+ds1-2.1) unstable; urgency=medium
>
>[ Shengjing Zhu ]
> diff -Nru aptly-1.3.0+ds1/debian/NEWS aptly-1.3.0+ds1/debian/NEWS
> --- aptly-1.3.0+ds1/debian/NEWS 2019-04-05 22:38:08.0 +0800
> +++ aptly-1.3.0+ds1/debian/NEWS 2019-04-16 00:18:23.0 +0800
> @@ -1,3 +1,13 @@
> +aptly (1.3.0+ds1-2.2) unstable; urgency=medium
> +
> +  This version tries to fix the database backwards compatibility,
> +  so you don't need to rebuild the database if you upgrade from
> +  aptly <= 1.3.0-6.
> +
> +  However some fields are missing, like created time of a snapshot.
> +
> + -- Shengjing Zhu   Sat, 13 Apr 2019 23:26:39 +0800
> +
>  aptly (1.3.0+ds1-2) unstable; urgency=medium
>
>* The database created by aptly <= 1.3.0-6 is not compatible
> diff -Nru 
> aptly-1.3.0+ds1/debian/patches/Fix-time.Time-msgpack-decoding-backwards-compatibili.patch
>  
> aptly-1.3.0+ds1/debian/patches/Fix-time.Time-msgpack-decoding-backwards-compatibili.patch
> --- 
> aptly-1.3.0+ds1/debian/patches/Fix-time.Time-msgpack-decoding-backwards-compatibili.patch
>1970-01-01 08:00:00.0 +0800
> +++ 
> aptly-1.3.0+ds1/debian/patches/Fix-time.Time-msgpack-decoding-backwards-compatibili.patch
>2019-04-16 00:18:23.0 +0800
> @@ -0,0 +1,40 @@
> +From: Shengjing Zhu 
> +Date: Sat, 13 Apr 2019 22:57:46 +0800
> +Subject: Fix time.Time msgpack decoding backwards compatibility
> +
> +This allows aptly to decode DB created by old codec library.
> +
> +Forwarded: https://github.com/aptly-dev/aptly/pull/830
> +---
> + deb/remote.go   | 3 ++-
> + deb/snapshot.go | 3 ++-
> + 2 files changed, 4 insertions(+), 2 deletions(-)
> +
> +diff --git a/deb/remote.go b/deb/remote.go
> +index 167d45f..71eb984 100644
> +--- a/deb/remote.go
>  b/deb/remote.go
> +@@ -600,7 +600,8 @@ func (repo *RemoteRepo) Decode(input []byte) error {
> +   decoder := codec.NewDecoderBytes(input, {})
> +   err := decoder.Decode(repo)
> +   if err != nil {
> +-  if strings.HasPrefix(err.Error(), "codec.decoder: 
> readContainerLen: Unrecognized descriptor byte: hex: 80") {
> ++  if strings.HasPrefix(err.Error(), "codec.decoder: 
> readContainerLen: Unrecognized descriptor byte: hex: 80") ||
> ++  strings.Contains(err.Error(), "invalid length of 
> bytes for decoding time") {
> +   // probably it is broken DB from go < 1.2, try 
> decoding w/o time.Time
> +   var repo11 struct { // nolint: maligned
> +   UUID string
> +diff --git a/deb/snapshot.go b/deb/snapshot.go
> +index fc7689c..feef44a 100644
> +--- a/deb/snapshot.go
>  b/deb/snapshot.go
> +@@ -140,7 +140,8 @@ func (s *Snapshot) Decode(input []byte) error {
> +   decoder := codec.NewDecoderBytes(input, {})
> +   err := decoder.Decode(s)
> +   if err != nil {
> +-  if strings.HasPrefix(err.Error(), "codec.decoder: 
> readContainerLen: Unrecognized descriptor byte: hex: 80") {
> ++  if strings.HasPrefix(err.Error(), "codec.decoder: 
> readContainerLen: Unrecognized descriptor byte: hex: 80") ||
> ++  strings.Contains(err.Error(), "invalid length of 
> bytes for decoding time") {
> +   // probably it is broken DB from go < 1.2, try 
> decoding w/o time.Time
> +   var snapshot11 struct {
> +   UUID  string
> diff -Nru 
>

Bug#855092: beets: FTBFS randomly (failing tests)

2019-04-21 Thread Santiago Vila 
tags 855092 + patch
thanks

Dear Stefano:

I did a "grep FAIL:" on the build logs and found that only three tests
are to blame for the build failures I'm experiencing.

If the package works ok "as is" and the failing tests do not mean that
the package is broken, please consider applying the patch below for
buster.

If you want to debug the failing tests and see why they fail, please
contact me privately and I will gladly offer ssh access to a machine
where it happens very easily.

Thanks.

diff -Nru beets-1.4.7/debian/changelog beets-1.4.7/debian/changelog
--- beets-1.4.7/debian/changelog2018-08-20 17:55:31.0 +0200
+++ beets-1.4.7/debian/changelog2019-04-21 18:30:42.0 +0200
@@ -1,3 +1,11 @@
+beets (1.4.7-3) unstable; urgency=medium
+
+  [ Santiago Vila ]
+  * Add patch skip-more-unreliable-tests to fix a FTBFS problem which
+happens randomly in some build environments. (Closes: #855092)
+
+ -- Stefano Rivera   Sun, 21 Apr 2019 18:30:42 +0200
+
 beets (1.4.7-2) unstable; urgency=medium
 
   * Use py3versions -s in autopkgtests, now that X-Python3-Version is dropped.
diff -Nru beets-1.4.7/debian/patches/series beets-1.4.7/debian/patches/series
--- beets-1.4.7/debian/patches/series   2018-08-20 17:55:31.0 +0200
+++ beets-1.4.7/debian/patches/series   2019-04-21 18:26:16.0 +0200
@@ -3,3 +3,4 @@
 skip-broken-test
 py37-compat
 skip-unreliable-tests
+skip-more-unreliable-tests
diff -Nru beets-1.4.7/debian/patches/skip-more-unreliable-tests 
beets-1.4.7/debian/patches/skip-more-unreliable-tests
--- beets-1.4.7/debian/patches/skip-more-unreliable-tests   1970-01-01 
01:00:00.0 +0100
+++ beets-1.4.7/debian/patches/skip-more-unreliable-tests   2019-04-21 
18:30:42.0 +0200
@@ -0,0 +1,37 @@
+From: Santiago Vila 
+Date: Sun, 21 Apr 2019 18:25:00 +0200
+Subject: skip more unreliable tests
+
+---
+ test/test_plugins.py| 2 ++
+ test/test_thumbnails.py | 1 +
+ 2 files changed, 3 insertions(+)
+
+--- a/test/test_plugins.py
 b/test/test_plugins.py
+@@ -211,6 +211,7 @@
+ self.__copy_file(dest_path, metadata)
+ self.file_paths.append(dest_path)
+ 
++@unittest.skip('unreliable')
+ def test_import_task_created(self):
+ import_files = [self.import_dir]
+ self._setup_import_session(singletons=False)
+@@ -233,6 +234,7 @@
+ u'  {0}'.format(displayable_path(self.file_paths[1])),
+ ])
+ 
++@unittest.skip('unreliable')
+ def test_import_task_created_with_plugin(self):
+ class ToSingletonPlugin(plugins.BeetsPlugin):
+ def __init__(self):
+--- a/test/test_thumbnails.py
 b/test/test_thumbnails.py
+@@ -49,6 +49,7 @@
+ 
+ @patch('beetsplug.thumbnails.ThumbnailsPlugin._check_local_ok')
+ @patch('beetsplug.thumbnails.os.stat')
++@unittest.skip('unreliable')
+ def test_add_tags(self, mock_stat, _):
+ plugin = ThumbnailsPlugin()
+ plugin.write_metadata = Mock()

Bug#926500: freecad: FreeCad crashes when attemting to edit a existing sketch

2019-04-21 Thread Bernhard Übelacker 
Hello Pere Nubiola Radigales,
I just saw this report without being involved in packaging freecad.
And tried to reproduce the issue but failed.

Is it possible to save it into a file just before it crashes?
Can the crash be reproduced by starting from that file?

Otherwise you could install the package gdb and run freecad with
following command line and forward the created file to this bug?

script -c "gdb -q -ex 'set width 0' -ex 'set pagination off' -ex 'run' -ex 
'display/i $pc' -ex 'bt' -ex 'info reg' -ex 'bt full' -ex 'detach' -ex 'quit' 
--args freecad" -a gdb_freecad_$(date +%Y-%m-%d_%H-%M-%S).txt

Kind regards,
Bernhard

Bug#927706: Significant performance

2019-04-21 Thread Rob Browning 


Package: clojure
Version: 1.10.0-1
Severity: important

It looks like clojure has had another significant increase in startup
time, this time likely due to a known upstream issue with an (according
to the upstream) self-contained patch -- see Alex Miller's comments
here:

  
https://alioth-lists.debian.net/pipermail/pkg-clojure-maintainers/2019-April/001219.html

It'd be really nice to have this in buster if it ends up being
feasible.  (And I'm not certain this qualifies as important.)

Thanks
-- 
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4

Bug#927705: autoconf: configure does not find builtin functions when -Werror is in CFLAGS

2019-04-21 Thread Asher Gordon 
Package: autoconf
Version: 2.69-11
Severity: normal
Tags: upstream

Dear Maintainer,

When AC_CHECK_FUNC or AC_CHECK_FUNCS is called on a builtin function
in gcc, the compiler emits a warning. For example, using memset() as
an example builtin:

  warning: conflicting types for built-in function 'memset' 
[-Wbuiltin-declaration-mismatch]

When -Werror is in CFLAGS, this is promoted to an error, causing
configure to believe memset() was not found.

See this very simple example configure.ac file:

  AC_INIT([test], [0.0])
  AC_PROG_CC
  AC_CHECK_FUNC([memset])
  AC_OUTPUT

When the resulting configure script is run, you will find the line

  checking for memset... yes

in the output. This is expected, since memset() is available. However,
when the configure script is run as "./configure CFLAGS=-Werror", you
will find this line in the output:

  checking for memset... no

This is not the expected behavior because, as we have seen above,
memset() is indeed available.

Here is the relevant part of config.log:

  configure:2614: checking for memset
  configure:2614: gcc -o conftest -Werror   conftest.c  >&5
  conftest.c:32:6: error: conflicting types for built-in function 'memset' 
[-Werror=builtin-declaration-mismatch]
   char memset ();
^~
  cc1: all warnings being treated as errors
  configure:2614: $? = 1
  configure: failed program was:
  | /* confdefs.h */
  | #define PACKAGE_NAME "test"
  | #define PACKAGE_TARNAME "test"
  | #define PACKAGE_VERSION "0.0"
  | #define PACKAGE_STRING "test 0.0"
  | #define PACKAGE_BUGREPORT ""
  | #define PACKAGE_URL ""
  | /* end confdefs.h.  */
  | /* Define memset to an innocuous variant, in case  declares 
memset.
  |For example, HP-UX 11i  declares gettimeofday.  */
  | #define memset innocuous_memset
  | 
  | /* System header to define __stub macros and hopefully few prototypes,
  | which can conflict with char memset (); below.
  | Prefer  to  if __STDC__ is defined, since
  |  exists even on freestanding compilers.  */
  | 
  | #ifdef __STDC__
  | # include 
  | #else
  | # include 
  | #endif
  | 
  | #undef memset
  | 
  | /* Override any GCC internal prototype to avoid an error.
  |Use char because int might match the return type of a GCC
  |builtin and then its argument prototype would still apply.  */
  | #ifdef __cplusplus
  | extern "C"
  | #endif
  | char memset ();
  | /* The GNU C library defines this for functions which it implements
  | to always fail with ENOSYS.  Some functions are actually named
  | something starting with __ and the normal name is an alias.  */
  | #if defined __stub_memset || defined __stub___memset
  | choke me
  | #endif
  | 
  | int
  | main ()
  | {
  | return memset ();
  |   ;
  |   return 0;
  | }
  configure:2614: result: no

When the configure script is run with
CFLAGS='-Werror -Wno-builtin-declaration-mismatch', however, it *does*
find memset(). That is because, with the warning disabled, it is not
promoted to an error and therefore compiles successfully. My
suggestion is to always append '-Wno-builtin-declaration-mismatch' to
CFLAGS when checking for functions with AC_CHECK_FUNC and
AC_CHECK_FUNCS. That way, those macros would find both library
functions and builtins even when -Werror is in CFLAGS.


Thanks,
Asher


P.S. A real world example of this bug is my "c2py" program at
sv.nongnu.org/p/c2py. If you checkout the latest sources with cvs and
configure with "./configure --enable-Werror", it will fail since some
of the functions it requires are builtin.

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/2 CPU cores)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages autoconf depends on:
ii  debianutils  4.8.6.1
ii  m4   1.4.18-2
ii  perl 5.28.1-6

Versions of packages autoconf recommends:
ii  automake [automaken]  1:1.16.1-4

Versions of packages autoconf suggests:
ii  autoconf-archive  20180313-1
ii  autoconf-doc  2.69-11
ii  gettext   0.19.8.1-9
ii  gnu-standards 2010.03.11-1
ii  libtool   2.4.6-9

-- no debconf information

Bug#927328: Update KiCad from 5.0.2 to 5.1.1

2019-04-21 Thread Carsten Schoenert 
Hello Brain,

Am 21.04.19 um 17:37 schrieb Brian Holaday:
> Hi Carsten,
> 
> No problem: I will add the new library packages I worked on in manually.
> They are actually listed here:
> (https://github.com/KiCad/kicad-footprints/tree/master/Symbol.pretty)

if you are more talking about the additional packages
kicad-{footprints,packages3d,symbols,templates} in general than these
packages are more easy to use, even from the unstable repository. They
are architecture independent and will probably be always compatible to
the KiCad version in backports, at least until 6.0 will get released and
due file format changes aren't backwards compatible.

The update of KiCad in unstable will take some more time. But I should
get it managed to update the additional packages before.

> Thank you: Feel free to close and/or update this bug given time.

No problem. I prefer to keep this report open until I can prepare a
version for Stretch and Buster backports later.

-- 
Regards
Carsten Schoenert

Bug#922484: nmu: paw_1:2.14.04.dfsg.2-9.1, mclibs_20061220+dfsg3-3.1, geant321_1:3.21.14.dfsg-11

2019-04-21 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Fri, 2019-02-22 at 10:08 +0100, Emilio Pozuelo Monfort wrote:
> Control: tags -1 stretch
> 
> On 21/02/2019 23:55, Andreas Beckmann wrote:
> > On Sat, 16 Feb 2019 22:09:11 +0100 Gilles Filippini  > g> wrote:
> > > Now that #922453 is fixed, paw, mclibs and geant321 have to be
> > > rebuilt
> > > against this fixed cernlib release.
[...]
> > For future reference, the corresponding binNMUs for stretch would
> > be:
> > 
> > nmu 3 paw_1:2.14.04.dfsg.2-9.1 . ANY . stretch . -m "rebuild
> > against fixed cernlib regarding #922453"
> > dw paw_1:2.14.04.dfsg.2-9.1 . ANY . stretch . -m "cernlib-base-dev
> > (>= 20061220+dfsg3-4.4~deb9u1)
> > nmu 3 mclibs_20061220+dfsg3-3.1 . ANY . stretch . -m "rebuild
> > against fixed cernlib regarding #922453"
> > dw mclibs_20061220+dfsg3-3.1 . ANY . stretch . -m "cernlib-base-dev 
> > (>= 20061220+dfsg3-4.4~deb9u1)
> > nmu 5 geant321_1:3.21.14.dfsg-11 . ANY . stretch . -m "rebuild
> > against fixed cernlib regarding #922453"
> > dw geant321_1:3.21.14.dfsg-11 . ANY . stretch . -m "cernlib-base-
> > dev (>= 20061220+dfsg3-4.4~deb9u1)
> 
> I'll leave those to a SRM. I'm keeping this bug open and tagging it
> as stretch so the bug appears on their radar.

I think a clone + close would have been cleaner, but never mind.

Scheduled, with the correct version in the dep-waits (it's 4.3+, not
4.4~).

Regards,

Adam

Bug#927434: unblock: network-manager-applet/1.8.20-1.1 (pre-approval)

2019-04-21 Thread Boyuan Yang 
Control: tags -1 - moreinfo

Niels Thykier  于2019年4月20日周六 上午2:22写道:
>
> Control: tags -1 confirmed moreinfo
>
> Boyuan Yang:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: unblock
> > X-Debbugs-CC: bi...@debian.org 
> > pkg-utopia-maintain...@lists.alioth.debian.org
> >
> > This is a pre-approval for NMU that would fix 
> > https://bugs.debian.org/926328 .
> >
> > The one-liner patch is taken from commits in upstream git trunk.
> >
> > I haven't make any upload yet. Michael, please let me know if this
> > patch looks okay for you. I can open a Merge Request for this NMU on
> > Salsa if necessary.
> >
> > The full debdiff is pasted here.
> Hi,
>
> From a release team PoV, the change looks fine.
>
> Please remove the moreinfo tag when the upload is in sid and ready to be
> unblocked.

Thanks. I have made the upload and believe that this upload is ready
to be unblocked.

--
Regards,
Boyuan Yang

Bug#923606: beancount: FTBFS randomly (gpg-related race condition)

2019-04-21 Thread Santiago Vila 
tags 923606 + patch
thanks

On Tue, 9 Apr 2019, Stefano Zacchiroli wrote:

> On Tue, Apr 09, 2019 at 10:38:10AM +0200, Santiago Vila wrote:
> > I obviously have interest to fix this before the release, because I
> > can build 99.99% of packages in my setup and this is an inconvenient
> > exception for me. I don't like NMUs. Should I join the Python
> > Applications Packaging Team? Please tell me how I would proceed.
> 
> either way is fine, and also just submitting a merge request would do
> (although please let this bug log know if you do so, to make sure it
> doesn't get overlooked).

Well, could we do it the old-fashioned way for this time?

In other words: My "merge request" is below.

Thanks.

diff -Nru beancount-2.2.0/debian/changelog beancount-2.2.0/debian/changelog
--- beancount-2.2.0/debian/changelog2019-01-14 09:01:37.0 +
+++ beancount-2.2.0/debian/changelog2019-04-21 15:00:36.0 +
@@ -1,3 +1,11 @@
+beancount (2.2.0-3) unstable; urgency=medium
+
+  [ Santiago Vila ]
+  * patches/0003: Ignore FileNotFoundError from self.tmpdir.cleanup().
+Fixes a FTBFS problem which happens randomly (Closes: #923606)
+
+ -- Stefano Zacchiroli   Sun, 21 Apr 2019 17:00:36 +0200
+
 beancount (2.2.0-2) unstable; urgency=medium
 
   * rules: do not ship *.picklecache files with Python examples (fixes
diff -Nru 
beancount-2.2.0/debian/patches/0003-Ignore-FileNotFoundError-from-self.tmpdir.cleanup.patch
 
beancount-2.2.0/debian/patches/0003-Ignore-FileNotFoundError-from-self.tmpdir.cleanup.patch
--- 
beancount-2.2.0/debian/patches/0003-Ignore-FileNotFoundError-from-self.tmpdir.cleanup.patch
 1970-01-01 00:00:00.0 +
+++ 
beancount-2.2.0/debian/patches/0003-Ignore-FileNotFoundError-from-self.tmpdir.cleanup.patch
 2019-04-21 15:00:36.0 +
@@ -0,0 +1,18 @@
+From: Santiago Vila 
+Date: Sun, 21 Apr 2019 16:48:40 +0200
+Subject: Ignore FileNotFoundError from self.tmpdir.cleanup()
+
+--- a/beancount/utils/encryption_test.py
 b/beancount/utils/encryption_test.py
+@@ -98,7 +98,10 @@
+ self.run_gpg('--import', stdin=TEST_SECRET_KEY.encode('ascii'))
+ 
+ def tearDown(self):
+-self.tmpdir.cleanup()
++try:
++self.tmpdir.cleanup()
++except FileNotFoundError:
++pass
+ 
+ def run_gpg(self, *args, **kw):
+ command = ('gpg',
diff -Nru beancount-2.2.0/debian/patches/series 
beancount-2.2.0/debian/patches/series
--- beancount-2.2.0/debian/patches/series   2019-01-14 09:01:37.0 
+
+++ beancount-2.2.0/debian/patches/series   2019-04-21 15:00:36.0 
+
@@ -1,2 +1,3 @@
 0001-Remove-fonts.googleapis.com-links-for-the-bean-web-t.patch
 0002-make-test_version-more-lax-to-accept-non-git-hg-vers.patch
+0003-Ignore-FileNotFoundError-from-self.tmpdir.cleanup.patch

Bug#804272: fails to synchronize caldav to OpenXChange without notice

2019-04-21 Thread Lukas Winkler 
This bugs sounds a lot like this KDE bug report:
https://bugs.kde.org/show_bug.cgi?id=386985

I can reproduce it on Debian Testing when syncing with mailbox.org

Lukas Winkler

Bug#926872: evolution: Spaces in mail view disappeared with recent updates

2019-04-21 Thread nozzy123nozzy 
Hi,

 I also confirmed same problem in my debian box (latest debian sid.)
In my case, evolution was invoked with "LANG=ja_JP.UTF-8".

 When I tryed invoking evolution with "LC_ALL=C", spaces were apeared.

 I'm afraid that I think this problem are as grave for CJK users.

 I really hope this problem will be fixed.

 Thank you in advance,

--
Takahide Nojima


On Thu, 18 Apr 2019 08:13:22 +0200 Dominique Dumont 
wrote:
> 
> What locale are you using ?
> 
> Could you try with "LC_ALL=C evolution" ?
>

Bug#927328: Update KiCad from 5.0.2 to 5.1.1

2019-04-21 Thread Brian Holaday 
Hi Carsten,

No problem: I will add the new library packages I worked on in manually.
They are actually listed here: (
https://github.com/KiCad/kicad-footprints/tree/master/Symbol.pretty)

Thank you: Feel free to close and/or update this bug given time.

On Wed, Apr 17, 2019 at 11:58 PM Carsten Schoenert 
wrote:

> Hello Brian,
>
> Am 18.04.19 um 06:25 schrieb Brian Holaday:
> > Is there a way we can get an update into backports from 5.0.2 to 5.1.1
> > in Stretch?
>
> currently not.
> The rule for backports is simple, the same version needs to be available
> in testing. This can't be fulfilled now as testing is completely frozen
> and a request for updating the version in testing/buster was rejected.
> Buster will get released with 5.0.2.
>
> And before I've not finalized any work on the recent version 5.1.1 for
> unstable I won't spent time on a backports version. I need first to
> figure out if there is more work to do in stretch due the differences of
> wxpython and libwxgtk.
>
> --
> Regards
> Carsten Schoenert
>

Bug#925911: RFS: lopsub-1.0.2 [ITP]

2019-04-21 Thread Andre Noll 
On Sun, Apr 14, 15:41, Adam Borowski wrote

> On Sat, Apr 06, 2019 at 09:52:53PM +0200, Andre Noll wrote:
> > > > I see a static library installed by the package.  Those shouldn't 
> > > > generally
> > > > be used unless you're doing something special -- static linking makes
> > > > security and bugfix updates extremely tedious.  Libraries should also be
> > > > split into separate binary packages, with lib${name}dev providing
> > > > development files while lib${name}${so} the runtime lib.
> 
> I'm afraid that the shared library doesn't work: liblopsub1 in /usr/lib
> has nothing but an infinite symlink loop from liblopsub.so.unnamed_version
> back to itself.

It worked when compiling from git, but the generated source tarball
was broken because the version.gen.sh script relied on git. This has
been fixed now.

> Besides a proper soname, the file should also go to a multiarch dir (ie,
> /usr/lib/x86_64-linux-gnu on amd64, /usr/lib/aarch64-linux-gnu on arm64,
> etc -- most build systems get it right without your action).

Done.

> Also, I wonder why you include the soname in the -dev package's name. 
> That's allowed but usually not what you want -- an ABI break will also
> require changing every depending package instead of a simple recompile.
> Unless you change the API every time there's a soname bump, it'd be
> better to have the -dev package be unversioned.  But this is up to you.

That's just because I misread section 8.1 of the Debian Policy Manual.
I've renamed the -dev package to liblopsub-dev.

Please find the updated repository at the usual location. As before,
you have to check out the "pu" branch:

git clone git://git.tuebingen.mpg.de/lopsub.git
cd lopsub
git checkout origin/pu
git archive --prefix liblopsub1-1.0.2/ @ | xz > 
../liblopsub1_1.0.2.orig.tar.xz
dpkg-buildpackage

If there are further issues, just let me know.

Thanks
Andre
-- 
Max Planck Institute for Developmental Biology
Max-Planck-Ring 5, 72076 Tübingen, Germany. Phone: (+49) 7071 601 829
http://people.tuebingen.mpg.de/maan/


signature.asc
Description: PGP signature

Bug#927704: unblock: libpodofo/0.9.6+dfsg-5

2019-04-21 Thread Mattia Rizzolo 
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock

I uploaded a new libpodofo cherry-picking two security patches from
upstream.

I was waiting to see if more CVEs were going to be fixed, but I guess
the rest will have to wait.

debdiff attached.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-
diffstat for libpodofo-0.9.6+dfsg libpodofo-0.9.6+dfsg

 changelog   |8 +
 patches/CVE-2019-9199.patch |   23 
 patches/CVE-2019-9687.patch |   61 
 patches/series  |2 +
 4 files changed, 94 insertions(+)

diff -Nru libpodofo-0.9.6+dfsg/debian/changelog 
libpodofo-0.9.6+dfsg/debian/changelog
--- libpodofo-0.9.6+dfsg/debian/changelog   2019-02-11 18:49:43.0 
+0100
+++ libpodofo-0.9.6+dfsg/debian/changelog   2019-04-21 17:13:10.0 
+0200
@@ -1,3 +1,11 @@
+libpodofo (0.9.6+dfsg-5) unstable; urgency=medium
+
+  * Add upstream patches for security issues:
+CVE-2019-9199 Closes: #923469
+CVE-2019-9687 Closes: #924430
+
+ -- Mattia Rizzolo   Sun, 21 Apr 2019 17:13:10 +0200
+
 libpodofo (0.9.6+dfsg-4) unstable; urgency=medium
 
   * Add upstream patches for security issues:
diff -Nru libpodofo-0.9.6+dfsg/debian/patches/CVE-2019-9199.patch 
libpodofo-0.9.6+dfsg/debian/patches/CVE-2019-9199.patch
--- libpodofo-0.9.6+dfsg/debian/patches/CVE-2019-9199.patch 1970-01-01 
01:00:00.0 +0100
+++ libpodofo-0.9.6+dfsg/debian/patches/CVE-2019-9199.patch 2019-03-27 
15:48:28.0 +0100
@@ -0,0 +1,23 @@
+Description: CVE-2019-9199 - NULL pointer dereference
+Author: Matthew Brincke
+Origin: upstream, https://sourceforge.net/p/podofo/code/1971/
+Bug: https://sourceforge.net/p/podofo/tickets/40/
+Bug-Debian: https://bugs.debian.org/923469
+Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2019-9199
+
+--- a/tools/podofoimpose/pdftranslator.cpp
 b/tools/podofoimpose/pdftranslator.cpp
+@@ -148,7 +148,12 @@
+ //std::cerr << "Document has "<< pcount << " page(s) " << endl;
+   if ( pcount > 0 ) // only here to avoid possible 
segfault, but PDF without page is not conform IIRC
+   {
+-  PoDoFo::PdfRect rect ( sourceDoc->GetPage ( 0 
)->GetMediaBox() );
++PoDoFo::PdfPage* pFirstPage = sourceDoc->GetPage ( 0 );
++if ( NULL == pFirstPage ) // Fixes CVE-2019-9199 (issue #40)
++{
++PODOFO_RAISE_ERROR_INFO( ePdfError_PageNotFound, "First 
page (0) of source document not found" );
++}
++PoDoFo::PdfRect rect ( pFirstPage->GetMediaBox() );
+   // keep in mind it’s just a hint since PDF can 
have different page sizes in a same doc
+   sourceWidth =  rect.GetWidth() - rect.GetLeft();
+   sourceHeight =  rect.GetHeight() - 
rect.GetBottom() ;
diff -Nru libpodofo-0.9.6+dfsg/debian/patches/CVE-2019-9687.patch 
libpodofo-0.9.6+dfsg/debian/patches/CVE-2019-9687.patch
--- libpodofo-0.9.6+dfsg/debian/patches/CVE-2019-9687.patch 1970-01-01 
01:00:00.0 +0100
+++ libpodofo-0.9.6+dfsg/debian/patches/CVE-2019-9687.patch 2019-03-27 
15:56:25.0 +0100
@@ -0,0 +1,61 @@
+Description: CVE-2019-9687 - heap-based buffer overflow in 
PdfString::ConvertUTF16toUTF8
+Origin: upstream, https://sourceforge.net/p/podofo/code/1969
+Bug-Debian: https://bugs.debian.org/924430
+Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2019-9687
+
+--- a/src/base/PdfString.cpp
 b/src/base/PdfString.cpp
+@@ -626,8 +626,19 @@
+ pdf_long lUtf8 = PdfString::ConvertUTF16toUTF8( 
reinterpret_cast(m_buffer.GetBuffer()), 
+ this->GetUnicodeLength(), 
+ 
reinterpret_cast(pBuffer), lBufferLen, ePdfStringConversion_Lenient 
);
++if (lUtf8 + 1 > lBufferLen) // + 1 to account for 2 bytes termination 
here vs. 1 byte there
++{
++pBuffer = static_cast(podofo_realloc( pBuffer, lUtf8 + 1 ) 
);
++if( !pBuffer )
++{
++PODOFO_RAISE_ERROR( ePdfError_OutOfMemory );
++}
++if (lUtf8 - 1 > lBufferLen)
++lUtf8 = PdfString::ConvertUTF16toUTF8( reinterpret_cast(m_buffer.GetBuffer()),
++   
this->GetUnicodeLength(), reinterpret_cast(pBuffer), lUtf8 + 1);
++}
+ 
+-pBuffer[lUtf8-1] = '\0';
++pBuffer[lUtf8 - 1] = '\0';
+ pBuffer[lUtf8] = '\0';
+

Bug#927387: invesalius: crashes after splash screen

2019-04-21 Thread Thiago Franco Moraes 
Thanks for the bug report.

What is the content of the folder /usr/lib/invesalius/invesalius_cy/ ?
Em 18 de abr de 2019 17:03 -0300, David Paul  escreveu:
> Package: invesalius
> Version: 3.1.2-2
> Severity: grave
>
> Dear Maintainer,
>
> When attempting to run InVesalius for the first time, I am presented
> with the first-run language selector followed by the splash screen,
> but no window ever appears and the invesalius3 process remains active
> until manually terminated. Subsequent run attempts differ only in that
> the language selector is not presented and the invesalius3 process
> terminates on its own.
>
> The following is the console output:
> ```
> $ invesalius3 -d
> /usr/lib/python3/dist-packages/wx/lib/pubsub/__init__.py:25: 
> wxPyDeprecationWarning: wx.lib.pubsub has been deprecated, plese migrate your 
> code to use pypubsub, available on PyPI.
> wx.wxPyDeprecationWarning)
> app.py:234: DeprecationWarning: Yield() is deprecated
> wx.Yield()
> Could not import dl
> /usr/share/invesalius/invesalius/data/transformations.py:1899: UserWarning: 
> failed to import module _transformations
> warnings.warn("failed to import module %s" % name)
> Traceback (most recent call last):
> File "/usr/lib/python3/dist-packages/wx/core.py", line 2228, in Notify
> self.notify()
> File "/usr/lib/python3/dist-packages/wx/core.py", line 3384, in Notify
> self.result = self.callable(*self.args, **self.kwargs)
> File "app.py", line 240, in Startup
> from invesalius.gui.frame import Frame
> File "/usr/share/invesalius/invesalius/gui/frame.py", line 41, in 
> import invesalius.gui.default_tasks as tasks
> File "/usr/share/invesalius/invesalius/gui/default_tasks.py", line 28, in 
> 
> import invesalius.gui.data_notebook as nb
> File "/usr/share/invesalius/invesalius/gui/data_notebook.py", line 40, in 
> 
> import invesalius.data.slice_ as slice_
> File "/usr/share/invesalius/invesalius/data/slice_.py", line 34, in 
> from invesalius.data.mask import Mask
> File "/usr/share/invesalius/invesalius/data/mask.py", line 33, in 
> from invesalius_cy import floodfill
> ImportError: cannot import name 'floodfill' from 'invesalius_cy' 
> (/usr/lib/invesalius/invesalius_cy/__init__.py)
> Traceback (most recent call last):
> File "/usr/lib/python3/dist-packages/wx/core.py", line 2228, in Notify
> self.notify()
> File "/usr/lib/python3/dist-packages/wx/core.py", line 3384, in Notify
> self.result = self.callable(*self.args, **self.kwargs)
> File "app.py", line 123, in Startup2
> self.control = self.splash.control
> AttributeError: 'Inv3SplashScreen' object has no attribute 'control'
> Traceback (most recent call last):
> File "app.py", line 264, in OnClose
> if self.fc.IsRunning():
> AttributeError: 'Inv3SplashScreen' object has no attribute 'fc'
> ```
>
> -- System Information:
> Distributor ID: Devuan
> Description: Devuan GNU/Linux 3.0 (Beowulf)
> Release: 3.0
> Codename: beowulf
> Architecture: x86_64
>
> Kernel: Linux 4.19.29-gnu (SMP w/16 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
> LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: sysvinit (via /sbin/init)
>
> Versions of packages invesalius depends on:
> ii invesalius-bin 3.1.2-2
> ii python3 3.7.2-1
> ii python3-gdcm 2.8.8-6
> ii python3-nibabel 2.3.2-1
> ii python3-numpy 1:1.16.2-1
> ii python3-pil 5.4.1-2
> ii python3-psutil 5.5.1-1
> ii python3-scipy 1.1.0-3
> ii python3-serial 3.4-4
> ii python3-skimage 0.14.2-2
> ii python3-vtk7 7.1.1+dfsg1-12+b1
> ii python3-vtkgdcm 2.8.8-6
> ii python3-wxgtk4.0 4.0.4+dfsg-2
>
> invesalius recommends no packages.
>
> invesalius suggests no packages.
>
> -- no debconf information
>

Bug#927461: release-notes: Document how to handle openssls new defaults

2019-04-21 Thread Paul Gevers 
Hi Kurt, Christoph, Sebastian, others,

On Sat, 20 Apr 2019 06:07:00 + Niels Thykier  wrote:
> clone 927435 -1
> reassign -1 release-notes
> retitle -1 release-notes: Document how to handle openssls new defaults

> > After upgrading to buster, unbound-control would fail to run with this 
> > error..
> > 
> > error: Error setting up SSL_CTX client cert
> > 139765110753216:error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key 
> > too small:../ssl/ssl_rsa.c:310:
> > 
> > To fix this I had to regenerate the certs and keys by removing the old ones 
> > and
> > running unbound-control-setup, then restarting unbound. This fixed the 
> > issue.
> > 
> > $ cd /etc/unbound/
> > $ sudo rm *.key *.pem
> > $ sudo unbound-control-setup
> > $ sudo systemctl restart unbound
> > 
> > Note that with unbound-control broken, that broke `systemctl reload 
> > unbound` as
> > it depends on unbound-control.
> > 
> > [...]
> > 

> I have split it into two bugs:

>  * One for the release-notes because the stricter defaults in OpenSSL
>affects multiple programs (I have seen similar issues from e.g.
>wpa_supplicant). At this point, we should probably document the
>knobs involved[1].

> [1] I believe the alternative is to update /etc/ssl/openssl.cnf, finding
> """
> [system_default_sect]
> ...
> CipherString = DEFAULT@SECLEVEL=2
> """
> 
> And change that SECLEVEL=2 to SECLEVEL=1.  Obviously, this has
> system-wide effects and reduces the minimum key size for all things that
> do not set their own CipherString (e.g. webservers have configuration to
> do that and wpa_supplicant overrides the new default as well as most
> WiFi have small keys).

Could somebody of the openssl team propose a text that can be added to
the release-notes about the new defaults? I am not asking for package
specific text (although that is welcome of course), but rather a generic
description of the change, what it means, how it can be circumvented and
what the drawbacks of that are.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#927703: knot: autopkgtest depends on python3-lmdb which is not in buster

2019-04-21 Thread Paul Gevers 
Source: knot
Version: 2.7.6-2
Severity: important
User: debian...@lists.debian.org
Usertags: fails-always

Dear maintainers,

I was looking into the failure of your package on the ci.debian.org
infrastructure when run in testing. One of your autopkgtests depends on
python3-lmdb, which isn't supported anymore in testing/buster. Could you
please have a look and fix your autopkgtest? If fixing the test itself
is too difficult for now, can you please add the skip-not-installable
restriction to the authoritative-server test, to enable proper
unstable-to-testing migration testing?

Thanks for considering. And please note that fixing this issue is
eligible for an unblock if this happens not too long from now.

Paul

https://ci.debian.net/data/autopkgtest/testing/amd64/k/knot/2278660/log.gz

autopkgtest: WARNING: package knot is not installed though it should be
autopkgtest: WARNING: package knot-dnsutils is not installed though it
should be
autopkgtest: WARNING: Test dependencies are unsatisfiable - calling apt
install on test deps directly for further data about failing
dependencies in test logs
Reading package lists...
Building dependency tree...
Reading state information...
Package python3-lmdb is not available, but is referred to by another
package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source

E: Package 'python3-lmdb' has no installation candidate
authoritative-server FAIL badpkg





signature.asc
Description: OpenPGP digital signature

Bug#927702: RFS: python-aiosqlite/0.10.0-1 [ITP] -- sqlite library for Python 3 using asyncio

2019-04-21 Thread Benjamin Hof 
Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for my package "python-aiosqlite":

 * Package name: python-aiosqlite
   Version : 0.10.0-1
   Upstream Author : John Reese 
 * URL : https://github.com/jreese/aiosqlite
 * License : Expat
   Section : python

It builds those binary packages:

python3-aiosqlite -- sqlite library for Python 3 using asyncio

To access further information about this package, please visit the
following URL:

https://mentors.debian.net/package/python-aiosqlite


Alternatively, one can download the package with dget using this
command:

dget -x 
https://mentors.debian.net/debian/pool/main/p/python-aiosqlite/python-aiosqlite_0.10.0-1.dsc


I have provided the packaging repository at
https://salsa.debian.org/benjamin-guest/aiosqlite

The Vcs-Browser and Vcs-Git fields point to salsa.debian.org/debian,
where I suggest the repository could live.


Kind regards,
Benjamin

Bug#785065: powerpc: vdso: Make vdso32 installation conditional in vdso_install

2019-04-21 Thread Michael Ellerman 
On Fri, 2019-03-22 at 04:24:37 UTC, Ben Hutchings wrote:
> The 32-bit vDSO is not needed and not normally built for 64-bit
> little-endian configurations.  However, the vdso_install target still
> builds and installs it.  Add the same config condition as is normally
> used for the build.
> 
> Fixes: e0d005916994 ("powerpc/vdso: Disable building the 32-bit VDSO ...")
> Signed-off-by: Ben Hutchings 

Applied to powerpc next, thanks.

https://git.kernel.org/powerpc/c/ff6d27823f619892ab96f7461764840e

cheers

Bug#880659: [stunnel4] still random segfaults - gdb backtrace

2019-04-21 Thread Florian Lohoff 

Hi,
after installing corekeeper i got a coredump of the crashing stunnel.
Installing some dbgsym packages i got this backtrace.

It seems the bug could be reassigned to glibc as it creashes
in thread unlocking.

Its pretty interesting. It crashes in the "xend" instruction with
is an opcode of the transactional memory feature. From the CPU type
it should be supported but concerning the Intel errata it might
be disabled by microcode. Its not advertised as available in
the cpuinfo - Should be flag "hle"

root@pax:/var/crash/0# lscpu
Architecture:  x86_64
CPU op-mode(s):32-bit, 64-bit
Byte Order:Little Endian
CPU(s):8
On-line CPU(s) list:   0-7
Thread(s) per core:2
Core(s) per socket:4
Socket(s): 1
NUMA node(s):  1
Vendor ID: GenuineIntel
CPU family:6
Model: 60
Model name:Intel(R) Xeon(R) CPU E3-1270 v3 @ 3.50GHz
Stepping:  3
CPU MHz:   3699.951
CPU max MHz:   3900.
CPU min MHz:   800.
BogoMIPS:  6983.94
Virtualization:VT-x
L1d cache: 32K
L1i cache: 32K
L2 cache:  256K
L3 cache:  8192K
NUMA node0 CPU(s): 0-7
Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca 
cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx 
pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology 
nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 
ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt 
tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm epb invpcid_single 
ssbd ibrs ibpb stibp kaiser tpr_shadow vnmi flexpriority ept vpid fsgsbase 
tsc_adjust bmi1 avx2 smep bmi2 erms invpcid xsaveopt dtherm ida arat pln pts 
flush_l1d

I have installed latest microcode:

root@pax:/var/crash/0# dmesg | grep micro
[0.00] microcode: microcode updated early to revision 0x25, date = 
2018-04-02
[1.593723] microcode: sig=0x306c3, pf=0x2, revision=0x25

root@pax:/var/crash/0# dpkg -l intel-microcode
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name  Version   Architecture
  Description
+++-=-=-=-
ii  intel-microcode   3.20180807a.2~deb9u1  amd64   
  Processor microcode firmware for Intel CPUs

root@pax:/var/crash/0# gdb -c 15*core /usr/bin/stunnel4
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/stunnel4...Reading symbols from 
/usr/lib/debug/.build-id/bb/b0710645254c912da337f32e7a2d40cd849ec3.debug...done.
done.
[New LWP 15247]
[New LWP 15244]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/usr/bin/stunnel4 /etc/stunnel/stunnel-suucp.conf'.
Program terminated with signal SIGILL, Illegal instruction.
#0  0x7f51f7858c43 in _xend () at pthread_rwlock_unlock.c:38
38  pthread_rwlock_unlock.c: No such file or directory.
[Current thread is 1 (Thread 0x7f51f64ad700 (LWP 15247))]
(gdb) info thread
  Id   Target Id Frame 
* 1Thread 0x7f51f64ad700 (LWP 15247) 0x7f51f7858c43 in _xend () at 
pthread_rwlock_unlock.c:38
  2Thread 0x7f51f8b13880 (LWP 15244) 0x7f51f785856f in 
__GI___pthread_rwlock_wrlock (rwlock=0x5607e3c25070) at 
pthread_rwlock_wrlock.c:107
(gdb) bt
#0  0x7f51f7858c43 in _xend () at pthread_rwlock_unlock.c:38
#1  __GI___pthread_rwlock_unlock (rwlock=0x5607e3c68ce0) at 
pthread_rwlock_unlock.c:38
#2  0x7f51f8453f09 in CRYPTO_THREAD_unlock (lock=) at 
../crypto/threads_pthread.c:79
#3  0x7f51f8422c9d in rand_bytes (buf=0x7f51f0006ec0 
"\031e\342\244\035O2\226\235p", num=0, pseudo=0) at ../crypto/rand/md_rand.c:498
#4  0x7f51f835b551 in bnrand (pseudorand=0, rnd=0x7f51f0002a10, bits=2047, 
top=, bottom=) at ../crypto/bn/bn_rand.c:46
#5  0x7f51f835a533 in probable_prime_dh_safe

Bug#927678: elpa-beginend installs but is not accessible in emacs

2019-04-21 Thread Rémi Vanicat 
Le 20 avril 2019, Damon Thomas a écrit:

Hello,

[...]

> After install of elpa-beginend (and restart of Emacs) the package does
> not seem to be present in Emacs.  Using '(beginend-global-mode)' in
> the init gives an error that the command is not available and M-x
> shows no signs of elpa-beginend being installed. This has persisted
> through several Emacs restarts.

Try

  M-x package-initialize
  M-x beginend-global-mode

If this work, you probably need to add '(package-initialize)' somewhere
in your init file (probably first thing in the init file). Recent Debian
package use the Emacs package service, and it need initializing.


-- 
Rémi Vanicat

Bug#926970: profanity: Profanity tries to use libcurl3 which isn't included in the repository.

2019-04-21 Thread ror 
Turns out the issue wasn't a bug, but a leftover file on my machine.
Sorry for the inconvenience, and please close this report.


On Fri, 12 Apr 2019 18:45:44 -0400 roranicus  wrote:

> Package: profanity
> Version: 0.6.0-1
> Severity: important
>
> Dear Maintainer,
>
> *** Reporter, please consider answering these questions, where
appropriate ***
>
> * What led up to the situation?
> I tried to start profanity
> * What exactly did you do (or not do) that was effective (or
> ineffective)?
> I tried to uninstall and reinstall the package, same thing with libcurl.
> * What was the outcome of this action?
> Nothing changed.
> * What outcome did you expect instead?
> I wanted Profanity to start
>
> *** End of the template - remove these template lines ***
>
>
>
> -- System Information:
> Debian Release: buster/sid
> APT prefers testing
> APT policy: (500, 'testing'), (500, 'stable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 4.9.0-8-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_CA.utf8, LC_CTYPE=en_CA.utf8 (charmap=UTF-8),
LANGUAGE=en_CA:en (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages profanity depends on:
> ii libassuan0 2.5.2-1
> ii libatk1.0-0 2.30.0-2
> ii libc6 2.28-8
> ii libcairo2 1.16.0-4
> ii libcurl3-gnutls 7.64.0-2
> ii libfontconfig1 2.13.1-2
> ii libfreetype6 2.9.1-3
> ii libgdk-pixbuf2.0-0 2.38.1+dfsg-1
> ii libglib2.0-0 2.58.3-1
> ii libgpg-error0 1.35-1
> ii libgpgme11 1.12.0-6
> ii libgtk2.0-0 2.24.32-3
> ii libncursesw6 6.1+20181013-2
> ii libnotify4 0.7.7-4
> ii libotr5 4.1.1-3
> ii libpango-1.0-0 1.42.4-6
> ii libpangocairo-1.0-0 1.42.4-6
> ii libpangoft2-1.0-0 1.42.4-6
> ii libpython3.7 3.7.3~rc1-1
> ii libreadline7 7.0-5
> ii libstrophe0 0.9.2-2
> ii libtinfo6 6.1+20181013-2
> ii libx11-6 2:1.6.7-1
> ii libxss1 1:1.2.3-1
>



0x9A84C39E7DDC5A4F.asc
Description: application/pgp-keys

Bug#927467: dput-ng: FTBFS (failing tests)

2019-04-21 Thread Mattia Rizzolo 
On Sat, Apr 20, 2019 at 11:46:26PM +0200, Santiago Vila wrote:
> On Sat, Apr 20, 2019 at 11:40:07PM +0200, Mattia Rizzolo wrote:
> > This is because ubuntu released disco, and now there is no development
> > release.
> 
> Hmm, but why the building of a package should be affected by whatever
> happens in the outside world? Is dput-ng using Internet during the build?

It doesn't use internet, it uses the static data contained in
distro-info-data.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#927701: ITP: python-aiosqlite -- sqlite library for Python 3 using asyncio

2019-04-21 Thread Benjamin Hof 
Package: wnpp
Severity: wishlist
Owner: Benjamin Hof 

* Package name: python-aiosqlite
  Version : 0.10.0-1
  Upstream Author : John Reese 
* URL : https://github.com/jreese/aiosqlite
* License : Expat
  Programming Lang: Python
  Description : sqlite library for Python 3 using asyncio

A Python 3 module for using sqlite with asyncio.  It allows
interaction with SQLite databases on the main asyncio event loop
without blocking execution of other coroutines while waiting for
queries or data fetches.

This package is a dependency of postfix-mta-sts-resolver (ITP:
#917366).

Bug#927700: flash-kernel: Please add the Librem5 Dev kit support

2019-04-21 Thread Dorota Czaplejewicz 
Package: flash-kernel
Version: 3.98
Severity: wishlist
Tags: patch

Dear Maintainer,

please add the changes leading to the Librem5 dev kit support to flash-kernel. 
They have been filed here:

https://salsa.debian.org/installer-team/flash-kernel/merge_requests/4

Thank you,
Dorota Czaplejewicz

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: arm64 (aarch64)

Kernel: Linux 4.18.11-gee84b30c (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=C.UTF-8 (charmap=locale: Cannot set LC_ALL 
to default locale: No such file or directory
UTF-8), LANGUAGE=en_US.UTF-8 (charmap=locale: Cannot set LC_ALL to default 
locale: No such file or directory
UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages flash-kernel depends on:
ii  debconf [debconf-2.0]  1.5.71
ii  devio  1.2-1.2+b1
ii  initramfs-tools0.133
ii  linux-base 4.5
ii  mtd-utils  1:2.0.1-1
ii  ucf3.0038+nmu1

Versions of packages flash-kernel recommends:
ii  u-boot-tools  2019.01+dfsg-3

flash-kernel suggests no packages.

-- debconf information excluded

Bug#927699: unblock: node-mixin-deep/1.1.3-3

2019-04-21 Thread Xavier Guimard 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package node-mixin-deep

Hi all,

node-mixin-deep is vulnerable to a prototype pollution[1]. I fixed this
using upstream commit. Full changes:
  * Add upstream/metadata
  * Declare compliance with policy 4.3.0
  * Change section to javascript
  * Fix prototype pollution (Closes: #898315, CVE-2018-3719)
  * Switch tests to pkg-js-tools
  * Fix VCS fields
  * Fix debian/copyright

Main reverse-dependencies:
 - webpack
 - gulp
 - rollup & rollup plugins

Change on installed files is just a control to avoid prototype pollution
(see debian/patches/CVE-2018-3719.diff). So I think it is low risky to
upgrade node-mixin-deep.

Cheers,
Xavier

[1]: https://security-tracker.debian.org/tracker/CVE-2018-3719
 https://bugs.debian.org/898315

unblock node-mixin-deep/1.1.3-3

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'testing-proposed-updates'), (500, 
'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff --git a/debian/changelog b/debian/changelog
index 2e47d2e..17cb287 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,23 @@
+node-mixin-deep (1.1.3-3) unstable; urgency=medium
+
+  * Team upload
+  * Back to debhelper 9 (Buster freeze)
+
+ -- Xavier Guimard   Sun, 21 Apr 2019 14:34:56 +0200
+
+node-mixin-deep (1.1.3-2) unstable; urgency=medium
+
+  * Team upload
+  * Add upstream/metadata
+  * Declare compliance with policy 4.3.0
+  * Change section to javascript
+  * Fix prototype pollution (Closes: #898315, CVE-2018-3719)
+  * Switch tests to pkg-js-tools
+  * Fix VCS fields
+  * Fix debian/copyright
+
+ -- Xavier Guimard   Sun, 21 Apr 2019 14:24:15 +0200
+
 node-mixin-deep (1.1.3-1) unstable; urgency=low
 
   * Initial release (Closes: #842329)
diff --git a/debian/control b/debian/control
index bf5ce1c..a305397 100644
--- a/debian/control
+++ b/debian/control
@@ -1,8 +1,9 @@
 Source: node-mixin-deep
-Section: web
+Section: javascript
 Priority: optional
 Maintainer: Debian Javascript Maintainers 

 Uploaders: Sruthi Chandran 
+Testsuite: autopkgtest-pkg-nodejs
 Build-Depends:
  debhelper (>= 9)
  , dh-buildinfo
@@ -11,10 +12,11 @@ Build-Depends:
  , node-should
  , node-is-extendable (>= 0.1.1)
  , node-for-in (>= 0.1.4)
-Standards-Version: 3.9.8
+ , pkg-js-tools
+Standards-Version: 4.3.0
 Homepage: https://github.com/jonschlinkert/mixin-deep
-Vcs-Git: https://anonscm.debian.org/git/pkg-javascript/node-mixin-deep.git
-Vcs-Browser: https://anonscm.debian.org/cgit/pkg-javascript/node-mixin-deep.git
+Vcs-Browser: https://salsa.debian.org/js-team/node-mixin-deep
+Vcs-Git: https://salsa.debian.org/js-team/node-mixin-deep.git
 
 Package: node-mixin-deep
 Architecture: all
diff --git a/debian/copyright b/debian/copyright
index 1e90e8f..42f57f3 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -1,10 +1,10 @@
-Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Upstream-Name: mixin-deep
 Upstream-Contact: https://github.com/jonschlinkert/mixin-deep/issues
 Source: https://github.com/jonschlinkert/mixin-deep
 
 Files: *
-Copyright: 2016 Jon Schlinkert (https://github.com/jonschlinkert)
+Copyright: 2014-2015 Jon Schlinkert (https://github.com/jonschlinkert)
 License: Expat
 
 Files: debian/*
@@ -31,4 +31,3 @@ License: Expat
  ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
  CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  SOFTWARE.
-
diff --git a/debian/patches/CVE-2018-3719.diff 
b/debian/patches/CVE-2018-3719.diff
new file mode 100644
index 000..868f5bb
--- /dev/null
+++ b/debian/patches/CVE-2018-3719.diff
@@ -0,0 +1,22 @@
+Description: Fix prototype pollution (CVE-2018-3719)
+Author: Jon Schlinkert 
+Origin: upstream, 
https://github.com/jonschlinkert/mixin-deep/commit/578b0bc5e74e14de9ef4975f504dc698796bdf9c
+Bug: https://www.npmjs.com/advisories/578
+Bug-Debian: https://bugs.debian.org/898315
+Forwarded: not-needed
+Reviewed-By: Xavier Guimard 
+Last-Update: 2019-04-21
+
+--- a/index.js
 b/index.js
+@@ -23,6 +23,10 @@
+  */
+ 
+ function copy(val, key) {
++  if (key === '__proto__') {
++return;
++  }
++
+   var obj = this[key];
+   if (isObject(val) && isObject(obj)) {
+ mixinDeep(obj, val);
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 000..9b10403
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+CVE-2018-3719.diff
diff --git a/debian/rules b/debian/rules
index 9eb6b18..20809a4 100755
---

Bug#900912: fixed in openjdk-11 11.0.3+7-2

2019-04-21 Thread Paul Gevers 
Hi doko,

On Thu, 18 Apr 2019 03:22:30 + Matthias Klose  wrote:
>* Support using the Java ATK wrapper (Samuel Thibault). Closes: #900912.
>  - patches/jaw-classpath.diff: Fix finding the Java ATK wrapper.
>  - patches/jaw-optional.diff: Make failing to load the Java ATK wrapper
>non-fatal.

Just to confirm, you do consider openjdk-11/11.0.3+7-2 suitable for
buster, right? I haven't seen an unblock request, but would not be
surprised if you are expecting that I'll just unblock it.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#927324: Additional reports; GNOME session is, with blank screen ON, without suspend, unstable.

2019-04-21 Thread hoxp18 

Dear maintainers,

I first reported GNOME display resume problem,
and thought it has something around power management;

I thought, it would be a minor problem, since,

* My testing amd64 machine is DIY, though there had no
  hardware issues, freeze, BSOD, etc, about a year,
  with multiple operating systems.

* I setup the box with relatively abnormal settings,
  say LVM, LUKS, separated and restricted mount points,
  PAM restrictions, etc.

However, I want to report (claim?) two things.

1. GNOME, blank screen, i2c, xwayland
==

Today I found a GNOME session broken during
automatic screen blank. No suspend, no resume.

syslog says, around the screen trouble time,

* kernel: i2c i2c-1: sendbytes: NAK bailout.

/sys/class/i2c-adapter/i2c-1/name is "i915 gmbus dpc".

To be honest, I have no idea if that matters on this case.

By the way, in debian-devel, I saw something about wayland.

My screen report almost has some wayland error log,
such as

* gnome-shell: connection to xwayland lost

2. Wayland itself and the next Debian "stable"
==

I am not familiar with wayland.

IMHO, if that is good (and it seems so,)
AND stable, then Debian "stable" GNOME/Wayland makes sense.

I'm using Stretch with almost same amd64 box,
Kaby Lake, iGPU, NVMe, HDMI, LVM, LUKS, etc., about a year.

It's solid stable.

If it is about whether X11 or Wayland,
I vote for X11, since Buster is becoming "stable" release.

More simply: Wayland itself is so stable?

Anyway, I will keep testing with my H110 Skylake box and
Z270 Kaby Lake box, clean install for the former,
upgrade from Stretch for the latter.

Regards.

Bug#926774: unblock: binutils/2.31.1/16

2019-04-21 Thread Paul Gevers 
Control: tags -1 moreinfo

Hi doko,

On Wed, 10 Apr 2019 10:15:40 +0200 Matthias Klose  wrote:
>  binutils (2.31.1-16) unstable; urgency=medium
>  .
>* Snapshot, taken from the 2.31 branch (20190321).
>  - Fix PR ld/24355, segfault in function called from ppc_finish_symbols.
>* Fix VCS attributes in the control file. Closes: #915982.
>* Demote binutils- from Multi-Arch: foreign to Multi-Arch: allowed
>  (Helmut Grohne). Closes: #920286.

I am not fluent in multi-arch, so I can't sanely judge this, but the bug
closed here is against gcc-8 and message #15 mentioned a required change
in src:gcc-8-cross (which at least hasn't closed this bug yet). So, can
this change in binutils go into buster on its own, or does it require
more coordination and does it need to go together with other packages?

I didn't fully understand Ben's reply in message #20 (probably I need to
think harder). Does it mean there are no changes required in src:linux?

>* Let binutils-for-host Depends: binutils-:any.
> 
> fixes a ppc specific segfault, and disallows installing an amd64 gcc with a 
> i386
> binutils.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#927677: Can not attach to server 2.4.3; TypeError: '>' not supported between instances of 'str' and 'int'

2019-04-21 Thread أحمد المحمودي 
On Sun, Apr 21, 2019 at 10:20:21AM +1000, Dmitry Smirnov wrote:
>   File "/usr/lib/python3/dist-packages/xpra/version_util.py", line 30, in 
> full_version_str
> s += "-r%s%s" % (REVISION, "M" if LOCAL_MODIFICATIONS>0 else "")
> TypeError: '>' not supported between instances of 'str' and 'int'
---end quoted text---

Dmitry, please look at: #927474
I notice that you ve this diff in build_info.patch:

-props["LOCAL_MODIFICATIONS"] = changes
+props["LOCAL_MODIFICATIONS"] = subprocess.Popen("dpkg-parsechangelog 
-SVersion", stdin=None, stdout=subprocess.PIPE, stderr=ssubprocess.STDOUT, 
shell=True).stdout.read()[:-1]

what is the reason for this diff ?  It seems to be the cause of this 
bug.

-- 
‎أحمد المحمودي (Ahmed El-Mahmoudy)
 Digital design engineer
GPG KeyIDs: 4096R/A7EF5671 2048R/EDDDA1B7
GPG Fingerprints:
 6E2E E4BB 72E2 F417 D066  6ABF 7B30 B496 A7EF 5761
 8206 A196 2084 7E6D 0DF8  B176 BC19 6A94 EDDD A1B7


signature.asc
Description: PGP signature

Bug#926753: fonts-noto-cjk: New version available upstream

2019-04-21 Thread Mitsuya Shibata 
FYI, merge request by Nakamura-san.

https://salsa.debian.org/fonts-team/fonts-noto-cjk/merge_requests/2
https://salsa.debian.org/fonts-team/fonts-noto-cjk/merge_requests/3
https://salsa.debian.org/fonts-team/fonts-noto-cjk/merge_requests/4

Bug#926888: unblock: wget/1.20.1-1.1

2019-04-21 Thread Niels Thykier 
On Fri, 12 Apr 2019 07:54:00 + Niels Thykier  wrote:
> Control: tags -1 d-i confirmed
> 
> Salvatore Bonaccorso:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: unblock
> > 
> > Hi,
> > 
> > Please unblock package wget
> > 
> > It fixes CVE-2019-5953, #926389 a buffer overflow vulnerability in the
> > handling of Internationalized Resource Identifiers (IRI), it was
> > adressed as well in DSA-4425-1 for stretch.
> > 
> > Attached is the debdiff between 1.20.1-1 and 1.20.1-1.1.
> > 
> > unblock wget/1.20.1-1.1
> > 
> > Regards,
> > Salvatore
> > 
> 
> Hi,
> 
> OK from here; Cc'ing KiBi for a d-i ack.
> 
> Thanks,
> ~Niels
> 
> 

Gentle ping on this unblock request for a CVE fix in wget.

Thanks,
~Niels

Bug#927417: ITP: golang-github-remyoudompheng-go-liblzma -- Go bindings for XZ Utils/liblzma

2019-04-21 Thread Andreas Henriksson 
The packaging is ready and available at:

https://salsa.debian.org/go-team/packages/golang-github-remyoudompheng-go-liblzma


I've reviewed it and it looks good to me, except one detail:

The debian/copyright says year 2011 while the upstream files
declares 2011-2012.

Since I'm not sure the ftp-masters will overlook this detail I've
asked Lluis to fix that before I upload his package. (If anyone else
wants to go ahead and sponsor him, please feel free.)

Regards,
Andreas Henriksson

Bug#927696: kaffeine: Can't use DVB-T adapter ("Device not connected") after upgrading libdvbv5-0

2019-04-21 Thread Carlos Garcia Pazos 
Package: kaffeine
Version: 2.0.15-2
Severity: important

Dear Maintainer,

Since operating system install (Sid) a year ago, I was using a DVB-T
USB adapter (RTL2838) and Kaffeine to watch DVB-T streams, but after
upgrading libdvbv5-0 package Kaffeine television functionality stopped
working (details below). It seems the adapter and the V4L system are
OK because I can use VLC or MPV to watch TV and they both work good.

The packages upgraded the night before the problem appeared were:

2019-04-16 00:50:58 status installed ir-keytable:amd64 1.16.3-2
2019-04-16 00:50:58 status installed libgrantlee-textdocument5:amd64 5.1.0-2.1
2019-04-16 00:50:58 status installed libdvbv5-0:amd64 1.16.3-2
2019-04-16 00:50:58 status installed grub-common:amd64 2.02+dfsg1-17
2019-04-16 00:50:58 status installed libparted2:amd64 3.2-25
2019-04-16 00:50:58 status installed libparted-fs-resize0:amd64 3.2-25
2019-04-16 00:50:58 status installed libgrantlee-templates5:amd64 5.1.0-2.1
2019-04-16 00:50:58 status installed libv4lconvert0:amd64 1.16.3-2
2019-04-16 00:50:58 status installed publicsuffix:all 20190415.1030-1
2019-04-16 00:50:58 status installed grub2-common:amd64 2.02+dfsg1-17
2019-04-16 00:50:58 status installed parted:amd64 3.2-25
2019-04-16 00:50:58 status installed grub-pc-bin:amd64 2.02+dfsg1-17
2019-04-16 00:51:12 status installed grub-pc:amd64 2.02+dfsg1-17
2019-04-16 00:51:12 status installed libv4l-0:amd64 1.16.3-2
2019-04-16 00:51:12 status installed libc-bin:amd64 2.28-8
2019-04-16 00:51:13 status installed man-db:amd64 2.8.5-2
2019-04-16 00:51:14 status installed install-info:amd64 6.5.0.dfsg.1-5

Of those, libdvbv5-0 is the one on which Kaffeine depends.

Kaffeine behaviour:

- On clicking on '5 Digital TV' button or 'Television' tab an
information dialog appears saying:
  "Didn't find a device with valid settings or access permissions are
wrong. Please check the Configure Television window."

- On 'Television -> Configure Television -> Device 1' tab it says:
  "Name: Realtek RTL2832 (DVB-T)"
  "Device not connected".

- Launching Kaffeine from command line:

$ kaffeine -d
21-04-19 13:21:37.121 [Debug   ] kaffeine.vlc: Using libVLC with args:
--no-video-title-show
21-04-19 13:21:37.291 [Debug   ] kaffeine.mediawidget: video resized to 0.0
21-04-19 13:21:37.533 [Info] kaffeine.dvb: Using built-in dvb device manager
21-04-19 13:21:38.073 [Debug   ] kaffeine.dev: New device detected:
/org/kde/solid/udev/sys/devices/pci:00/:00:14.0/usb1/1-4/1-4.1/1-4.1.3/dvb/dvb0.demux0
21-04-19 13:21:38.073 [Debug   ] kaffeine.dev: New device detected:
/org/kde/solid/udev/sys/devices/pci:00/:00:14.0/usb1/1-4/1-4.1/1-4.1.3/dvb/dvb0.dvr0
21-04-19 13:21:38.073 [Debug   ] kaffeine.dev: New device detected:
/org/kde/solid/udev/sys/devices/pci:00/:00:14.0/usb1/1-4/1-4.1/1-4.1.3/dvb/dvb0.frontend0
21-04-19 13:21:38.079 [Critical] kaffeine.dev: No such file or
directory while opening �a"PV
21-04-19 13:21:38.079 [Warning ] kaffeine.dev: Cannot open frontend
/dev/dvb/adapter0/frontend0
21-04-19 13:21:38.079 [Debug   ] kaffeine.dev: New device detected:
/org/kde/solid/udev/sys/devices/pci:00/:00:14.0/usb1/1-4/1-4.1/1-4.1.3/dvb/dvb0.net0
21-04-19 13:21:38.093 [Warning ] QObject::connect: No such slot
DvbTab::hideCursor()
21-04-19 13:21:38.139 [Debug   ] kaffeine.mediawidget: video resized to 0.0

I tried reinstalling Kaffeine and using it with a freshly created
user, and the result is the same.

Thanks

-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-1-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages kaffeine depends on:
ii  iso-codes4.2-1
ii  kinit5.54.0-1
ii  kio  5.54.1-1
ii  libc62.28-8
ii  libdvbv5-0   1.16.3-2
ii  libkf5configcore55.54.0-1
ii  libkf5configwidgets5 5.54.0-1
ii  libkf5coreaddons55.54.0-1
ii  libkf5dbusaddons55.54.0-1
ii  libkf5i18n5  5.54.0-1
ii  libkf5kiocore5   5.54.1-1
ii  libkf5kiofilewidgets55.54.1-1
ii  libkf5solid5 5.54.0-1
ii  libkf5widgetsaddons5 5.54.0-1
ii  libkf5windowsystem5  5.54.0-1
ii  libkf5xmlgui55.54.0-1
ii  libqt5core5a 5.11.3+dfsg1-1
ii  libqt5dbus5  5.11.3+dfsg1-1
ii  libqt5gui5   5.11.3+dfsg1-1
ii  libqt5sql5   5.11.3+dfsg1-1
ii  libqt5sql5-sqlite5.11.3+dfsg1-1
ii  libqt5widgets5   5.11.3+dfsg1-1
ii  libqt5x11extras5 5.11.3-2
ii  libqt5xml5   5.11.3+dfsg1-1
ii  libstdc++6   8.3.0-6
ii  libvlc5  1:3.0.6-dmo5
ii  libxss1

Bug#926554: xbindkeys-config: segfault upon "Get key"

2019-04-21 Thread Adam Borowski 
On Sat, Apr 20, 2019 at 01:48:08AM +0200, Bernhard Übelacker wrote:
> The line information from your backtrace and that in 268630
> looks quite equal, so it might still be the same cause.
> In this bug and in 268630 xbindkeys-config might crash
> because xbindkeys gives no or unexpected output to stdout.
> And probably just an error message to stderr.

Possibly -- I still did not manage to get xbindkeys-config to produce
an usable result, but I did not try very hard.

> So might your manually created .xbindkeysrc contain an
> error that makes "xbindkeys -k" to fail?

Alas, I don't know what is valid and what is not -- I tried the GUI
specifically to avoid having to research that.

> In 268630 I have attached a patch that tries to avoid
> the crash at least.

Indeed, it fixes my crash as well.

On the other hand, I wonder how much effort would be appropriate to put
into the package -- it has a pretty dead smell.


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Did ya know that typing "test -j8" instead of "ctest -j8"
⢿⡄⠘⠷⠚⠋⠀ will make your testsuite pass much faster, and fix bugs?
⠈⠳⣄

Bug#927695: network-manager-applet: "Advanced Network Configuration" appears under the category "X-GNOME...", please carry upstream patch to put under "Utilities"

2019-04-21 Thread Andrew Hayzen 
package: network-manager-applet
version: 1.8.20-1

"Advanced Network Configuration" appears under "X-GNOME..." with a
default install. This appears to be out of place and looks strange to
the user.

In the recent new upstream release [0] "NotShowIn=KDE;GNOME;" has been
removed from the desktop file, which has resulted in the issue.

Upstream there was an issue describing the problem [1], which has since
been fixed by declaring the category of the desktop file to be
utilities.  Can Debian carry the patch [2] which declares the category
as this would improve the out of the box UX.

Reading the issue upstream, it appears that two further changes would
also need to be carried for gnome-menus [3] and gnome-software [4] for
a complete fix.  It looks like the gnome-menus fix is stuck in unstable
and gnome-software would also need a patch.


0 - 
https://salsa.debian.org/utopia-team/network-manager-applet/commit/469254c6492f1dec3fa842bb0b5f0182544b6c97#26c563bf5f72f22af1ed25d45b581b4c244b3093
1 - https://gitlab.gnome.org/GNOME/network-manager-applet/issues/42
2 - 
https://gitlab.gnome.org/GNOME/network-manager-applet/commit/f1b006dd092d5e4323f887f9dc1a1c3a40b5ba2d
3 - 
https://gitlab.gnome.org/GNOME/gnome-menus/commit/b4600621efefd75b58486729e806a81a1014ee4b
4 - 
https://gitlab.gnome.org/GNOME/gnome-software/commit/f82457c079ab887de448dd0f01bfb0a3daaff70e

Bug#927694: ITP: golang-gopkg-src-d-go-git-fixtures.v3 -- several git fixtures to run go-git tests

2019-04-21 Thread Jongmin Kim 
Package: wnpp
Severity: wishlist
Owner: Jongmin Kim 
X-Debbugs-CC: debian-de...@lists.debian.org, debian...@lists.debian.org

* Package name: golang-gopkg-src-d-go-git-fixtures.v3
  Version : 3.1.1-1
  Upstream Author : source{d}
* URL : https://github.com/src-d/go-git-fixtures
* License : Apache-2.0
  Programming Lang: Go
  Description : several git fixtures to run go-git tests

 This package provides some several git fixtures to run go-git tests.

This package is a prerequisite for upcoming package
"golang-gopkg-src-d-go-git.v4" (#927687).


-- 
Jongmin Kim

OpenPGP key located at https://jongmin.dev/pgp
OpenPGP fingerprint: 012E 4A06 79E1 4EFC DAAE  9472 D39D 8D29 BAF3 6DF8


signature.asc
Description: PGP signature

Bug#927485: Updating the choose-mirror Uploaders list

2019-04-21 Thread Holger Wansing 
Control: tags -1 + pending

Cyril Brulebois  wrote:
> Hi Tobias & MIA team,
> 
> Tobias Frost  (2019-04-20):
> > Source: choose-mirror
> > Version: 2.85 2.96 2.98 2.99
> > Severity: minor
> > User: m...@qa.debian.org
> > Usertags: mia-teammaint
> > 
> > Christian Perrier  has retired, so can't work on
> > the choose-mirror package anymore (at least with this address).
> > 
> > We are tracking their status in the MIA team and would like to ask you
> > to remove them from the Uploaders list of the package so we can close
> > that part of the file.
> > 
> > (If the person is listed as Maintainer, what we are asking is to please
> > step in as a new maintainer.)
> 
> You could have considered pinging debian-boot@; a general sed would have
> taken less than 2 minutes and we wouldn't have to copy-paste the
> different bug numbers to close them all…

So, I wasted my time for this :-))
and added the bugnumbers to changelogs.

Tagging all as pending


Holger

-- 
Holger Wansing 
PGP-Fingerprint: 496A C6E8 1442 4B34 8508  3529 59F1 87CA 156E B076

Bug#922987: cernlib 20061220+dfsg3-4.3+deb9u2 flagged for acceptance

2019-04-21 Thread Adam D Barratt 
Control: tags -1 + pending

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian stretch.

Thanks for your contribution!

Upload details
==

Package: cernlib
Version: 20061220+dfsg3-4.3+deb9u2

Explanation: fix FTBFS on arm64 by disabling PIE for Fortran executables

Bug#927422: jquery 3.1.1-2+deb9u1 flagged for acceptance

2019-04-21 Thread Adam D Barratt 
Control: tags -1 + pending

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian stretch.

Thanks for your contribution!

Upload details
==

Package: jquery
Version: 3.1.1-2+deb9u1

Explanation: prevent Object.prototype pollution [CVE-2019-11358]

Bug#927378: node-superagent 0.20.0+dfsg-1+deb9u1 flagged for acceptance

2019-04-21 Thread Adam D Barratt 
Control: tags -1 + pending

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian stretch.

Thanks for your contribution!

Upload details
==

Package: node-superagent
Version: 0.20.0+dfsg-1+deb9u1

Explanation: fix ZIP bomb attacks [CVE-2017-16129]

Bug#927693: unblock: apr-util/1.6.1-4

2019-04-21 Thread Stefan Fritsch 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package apr-util

It fixes an RC bug which broke mariadb support.

Changelog/debdiff is included below.

unblock apr-util/1.6.1-4


Cheers,
Stefan

diff -Nru apr-util-1.6.1/debian/changelog apr-util-1.6.1/debian/changelog
--- apr-util-1.6.1/debian/changelog 2018-09-18 21:14:24.0 +0200
+++ apr-util-1.6.1/debian/changelog 2019-04-21 09:39:02.0 +0200
@@ -1,3 +1,9 @@
+apr-util (1.6.1-4) unstable; urgency=medium
+
+  * Fix libaprutil1-dbd-mysql with mariadb 10.3. Closes: #926400
+
+ -- Stefan Fritsch   Sun, 21 Apr 2019 09:39:02 +0200
+
 apr-util (1.6.1-3) unstable; urgency=medium
 
   [ Stefan Fritsch ]
diff -Nru apr-util-1.6.1/debian/patches/support_mariadb.patch 
apr-util-1.6.1/debian/patches/support_mariadb.patch
--- apr-util-1.6.1/debian/patches/support_mariadb.patch 2018-02-25 
10:59:52.0 +0100
+++ apr-util-1.6.1/debian/patches/support_mariadb.patch 2019-04-21 
08:56:45.0 +0200
@@ -1,46 +1,125 @@
+# patch by Kris Karas fom
+# https://bz.apache.org/bugzilla/attachment.cgi?id=35326=diff
 --- apr-util.orig/build/dbd.m4
 +++ apr-util/build/dbd.m4
-@@ -176,10 +176,15 @@ AC_DEFUN([APU_CHECK_DBD_MYSQL], [
+@@ -163,10 +163,15 @@ AC_DEFUN([APU_CHECK_DBD_MYSQL], [
+   old_cppflags="$CPPFLAGS"
+   old_ldflags="$LDFLAGS"
+ 
++  my_library="mysqlclient"
++
+   AC_ARG_WITH([mysql], APR_HELP_STRING([--with-mysql=DIR], [enable MySQL DBD 
driver]),
+   [
+ if test "$withval" = "yes"; then
+   AC_PATH_PROG([MYSQL_CONFIG],[mysql_config])
++  if test "x$MYSQL_CONFIG" = "x"; then
++AC_PATH_PROG([MYSQL_CONFIG],[mariadb_config])
++  fi
+   if test "x$MYSQL_CONFIG" != 'x'; then
+ mysql_CPPFLAGS="`$MYSQL_CONFIG --include`"
+ mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`"
+@@ -174,32 +179,40 @@ AC_DEFUN([APU_CHECK_DBD_MYSQL], [
+ 
+ APR_ADDTO(CPPFLAGS, [$mysql_CPPFLAGS])
  APR_ADDTO(LIBS, [$mysql_LIBS])
++
++  if $MYSQL_CONFIG --libs_r | grep -q mariadb; then
++my_library="mariadb"
++  fi
fi
  
-+  AC_LINK_IFELSE([#include 
-+  int main(int a, char **b) { mysql_init(); return 0; }],
-+ [apu_have_mysql=1], [apu_have_mysql=0])
-+  if test "$apu_have_mysql" = "0"; then
-   AC_CHECK_HEADERS([mysql.h my_global.h my_sys.h],
-AC_CHECK_LIB(mysqlclient, mysql_init, 
[apu_have_mysql=1]),
-[apu_have_mysql=0; break],
-[#include ])
+-  AC_CHECK_HEADERS([mysql.h my_global.h my_sys.h],
+-   AC_CHECK_LIB(mysqlclient, mysql_init, 
[apu_have_mysql=1]),
+-   [apu_have_mysql=0; break],
+-   [#include ])
+-  if test "$apu_have_mysql" = "0"; then
+-AC_CHECK_HEADERS([mysql/mysql.h mysql/my_global.h mysql/my_sys.h],
+- AC_CHECK_LIB(mysqlclient, mysql_init, 
[apu_have_mysql=1]),
+- [apu_have_mysql=0; break],
+- [#include ])
++  AC_CHECK_HEADERS([mysql.h errmsg.h], [apu_have_mysql=1], 
[apu_have_mysql=0; break])
++  if test "$apr_have_mysql" = "0"; then
++  AC_CHECK_HEADERS([mysql/mysql.h mysql/errmsg.h], [apu_have_mysql=1], 
[apu_have_mysql=0; break])
+   fi
+-  if test "$apu_have_mysql" != "0" && test "x$MYSQL_CONFIG" != 'x'; then
+-APR_ADDTO(APRUTIL_PRIV_INCLUDES, [$mysql_CPPFLAGS])
++  if test "$apr_have_mysql" = "1"; then
++  AC_CHECK_HEADERS([my_global.h my_sys.h mysql/my_global.h 
mysql/my_sys.h])
++  AC_CHECK_LIB($my_library, mysql_init,, [apu_have_mysql=0])
++  fi
++  if test "$apu_have_mysql" = "1" && test "x$MYSQL_CONFIG" != 'x'; then
++  APR_ADDTO(APRUTIL_PRIV_INCLUDES, [$mysql_CPPFLAGS])
+   fi
+ elif test "$withval" = "no"; then
+   :
+ else
+   AC_PATH_PROG([MYSQL_CONFIG],[mysql_config],,[$withval/bin])
++  if test "x$MYSQL_CONFIG" = "x"; then
++  AC_PATH_PROG([MYSQL_CONFIG],[mariadb_config],,[$withval/bin])
 +  fi
-   if test "$apu_have_mysql" = "0"; then
- AC_CHECK_HEADERS([mysql/mysql.h mysql/my_global.h mysql/my_sys.h],
-  AC_CHECK_LIB(mysqlclient, mysql_init, 
[apu_have_mysql=1]),
-@@ -207,11 +212,17 @@ AC_DEFUN([APU_CHECK_DBD_MYSQL], [
+   if test "x$MYSQL_CONFIG" != 'x'; then
+-mysql_CPPFLAGS="`$MYSQL_CONFIG --include`"
+-mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`"
+-mysql_LIBS="`$MYSQL_CONFIG --libs_r`"
++  mysql_CPPFLAGS="`$MYSQL_CONFIG --include`"
++  mysql_LDFLAGS="`$MYSQL_CONFIG --libs_r | sed -e 's/-l[[^ ]]\+//g'`"
++  mysql_LIBS="`$MYSQL_CONFIG --libs_r`"
++  if $MYSQL_CONFIG --libs_r | grep -q mariadb; then
++my_library="mariadb"
++  fi
+   else
+-mysql_CPPFLAGS="-I$withval/include"
+-

Bug#927692: munin: Allow /var/cache to be a tmpfs

2019-04-21 Thread Marvin Gülker 
Package: munin
Version: 2.0.47-1
Severity: normal

Dear Maintainer,

munin-html requires that /var/cache/munin/www exists, otherwise
munin-html breaks. If /var/cache is mounted as a tmpfs (e.g., due to
space constraints on embedded devices with flash disks) this
assumption does not hold true, because the entire tree is wiped on
shutdown. § 5.5.1 of the Filesystem Hierarchy Standard 3.0 says:

> The application must be able to regenerate or restore the
> data. Unlike /var/spool, the cached files can be deleted without
> data loss. [...] The application must always be able to recover
> from manual deletion of these files (generally because of a disk
> space shortage).

munin-cron should take care of this.

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: armhf (armv7l)

Kernel: Linux 4.19.34-v7+ (SMP w/4 CPU cores)
Kernel taint flags: TAINT_CRAP
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages munin depends on:
ii  cron [cron-daemon]   3.0pl1-133
ii  fonts-dejavu-core2.37-1
ii  libdate-manip-perl   6.76-1
pn  libdigest-md5-perl   
ii  libfile-copy-recursive-perl  0.44-1
ii  libhtml-template-perl2.97-1
ii  libio-socket-inet6-perl  2.72-2
ii  liblog-log4perl-perl 1.49-1
ii  librrds-perl 1.7.1-1
pn  libstorable-perl 
pn  libtime-hires-perl   
ii  liburi-perl  1.76-1
ii  lsb-base 10.2019031300
ii  munin-common 2.0.47-1
ii  netbase  5.6
ii  perl 5.28.1-6
ii  rrdtool  1.7.1-1
ii  systemd-sysv 241-3

Versions of packages munin recommends:
ii  libcgi-fast-perl  1:2.13-1
ii  munin-doc 2.0.47-1
ii  munin-node2.0.47-1

Versions of packages munin suggests:
pn  libapache2-mod-fcgid  
ii  libnet-ssleay-perl1.85-2+b1
ii  lighttpd [httpd]  1.4.53-4
pn  www-browser   

-- Configuration Files:
/etc/munin/munin.conf changed:
includedir /etc/munin/munin-conf.d
graph_period minute
graph_strategy cron
html_strategy cron
max_processes 8
contact.email.command mail -s "Munin notification" redac...@example.com
[zugspitze.guelker.eu]
address 127.0.0.1
use_node_name yes


-- no debconf information

-- 
Blog: https://mg.guelker.eu

  1   2   >