Bug#929511: qtcreator: Segfault on start

[subhuman]

I tried with a new user and got the same result.

Reverse Depends:
  Depends: libgl1-mesa-dri
  Depends: libxatracker2

Home of the bug! They were both completely outdated. After the update I could 
safely remove the old llvm library, and now qtcreator works.

Thx 2 u both, and sorry for bothering you on this channel (should have used a 
forum instead.)
Martin

P.S. However, dpkg shouldn't have installed qtcreator in the first place, with 
that outdated lib still in place. So, maybe there's some little thing to do for 
the package maintainers after all.

Bug#929663: unblock: node-unicode-property-value-aliases/3.4.0+ds-1

[Xavier]

We should also amend Debian policy to ban the Emperor of Japan from
abdicating during a freeze ;-)

Bug#929283: zookeeper: CVE-2019-0201: information disclosure vulnerability

[tony mancill]

On Sun, May 26, 2019 at 08:58:29PM +0200, Moritz Mühlenhoff wrote:
> On Fri, May 24, 2019 at 09:19:00AM +0100, Chris Lamb wrote:
> > tags 929283 + patch
> > thanks
> > 
> > Hi Moritz,
> > 
> > > > > zookeeper: CVE-2019-0201: information disclosure vulnerability
> > > > 
> > > > Happy to prepare an update for stretch; I plan to do one for jessie
> > > > LTS (which, helpfully, has the same version...)
> > > 
> > > Sounds good, we should fix that in Stretch. I've just added the reference
> > > to the upstream commit in the 3.4 branch to the Security Tracker.
> > 
> > Thanks. Here is my diff:
> 
> Looks fine, but can you please also include the test case upstream added?
> Given that it's quite complex to reconstruct the specific affected ZK setup,
> we should at least ship/run the test case.

I will prepare an upload for 3.4.13 in testing/unstable soon - should be
in the next day or so.


signature.asc
Description: PGP signature

Bug#929654: [Pkg-javascript-devel] Bug#929654: Outdated node-unicode-property-value-aliases results in incomplete package rebuild

[Xavier]

Control: severity -1 important

Le 28/05/2019 à 00:11, Daniel Drake a écrit :
> Package: node-unicode-12.0.0
> Version: 0~20190414+gitbf518e99-2
> 
> node-unicode-data 0~20190414+gitbf518e99-2 was originally built
> successfully and correctly under sid, and then the binaries were
> imported to buster.
> 
> However, if you now try to rebuild node-unicode-data under pure
> buster, you will get this error during the build process:
> 
> node scripts/generate-data.js
> [16:03:24] Worker 2 is done!
> [16:03:24] Worker 1 is done!
> [16:03:24] Worker 4 → Unicode v12.0.0
> Generating data for Unicode v12.0.0…
> Parsing Unicode v12.0.0 categories…
> [16:03:24] Worker 3 is done!
> Parsing Unicode v12.0.0 `Script`…
> Parsing Unicode v12.0.0 `Script_Extensions`…
> Assertion failed: canonical name for Nand = undefined not present in
> `scriptsMap`
> /root/node-unicode-data-0~20190414+gitbf518e99/scripts/parse-script-extensions.js:62
> scriptsMap[canonicalName].add(codePoint);
>   ^
> TypeError: Cannot read property 'add' of undefined
> at 
> /root/node-unicode-data-0~20190414+gitbf518e99/scripts/parse-script-extensions.js:62:31
> at Array.forEach ()
> at 
> /root/node-unicode-data-0~20190414+gitbf518e99/scripts/parse-script-extensions.js:52:12
> at Array.forEach ()
> at Object.parseScriptExtensions
> (/root/node-unicode-data-0~20190414+gitbf518e99/scripts/parse-script-extensions.js:26:8)
> at generateData
> (/root/node-unicode-data-0~20190414+gitbf518e99/index.js:61:18)
> at complicatedWorkThatTakesTime
> (/root/node-unicode-data-0~20190414+gitbf518e99/scripts/generate-data.js:31:3)
> at process.on
> (/root/node-unicode-data-0~20190414+gitbf518e99/scripts/generate-data.js:74:3)
> at process.emit (events.js:194:15)
> at emit (internal/child_process.js:820:12)
> 
> 
> The error is ignored, the build continues anyway and goes on to
> produce a node-unicode-12.0.0 binary packages that is missing many
> files.
> 
> If you then try and use this binary, the missing files will cause
> other packages will fail to build such as acorn:
>Error: Cannot find module
> 'unicode-12.0.0/Binary_Property/ID_Start/code-points.js
> 
> This issue can be avoided by bringing
> node-unicode-property-value-aliases version 3.4.0+ds-1 from sid into
> buster too. This new version includes the missing mapping of the
> 'Nand' script that is mentioned in the error message.

unblock asked (#929663), thanks for this report !

Bug#929663: unblock: node-unicode-property-value-aliases/3.4.0+ds-1

[Xavier Guimard]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package node-unicode-property-value-aliases

Hi all,

due to unicode changes, node-unicode-property-value-aliases should be
updated in Buster or at least rebuilt using unicode-12. Else, someone
who wanted to rebuild node-unicode-data under a pure Buster will have
an inconsistency package (see #929654).

The proposed debdiff is not big and has no qa error reported (in
unstable for 43 days), so I think it is not risky to unblock this
package. Else, I don't know how to force a rebuilt of it in Buster.

node-unicode-data should also build-depends on
node-unicode-property-value-aliases >=3.4.0+ds-1.

Cheers,
Xavier

unblock node-unicode-property-value-aliases/3.4.0+ds-1

-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'testing-proposed-updates'), (500, 
'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff --git a/debian/changelog b/debian/changelog
index b4b06aa..490bfe6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+node-unicode-property-value-aliases (3.4.0+ds-1) unstable; urgency=medium
+
+  * New upstream release.
+  * Bump std-ver to 4.3.0.
+  * Mark the package M-A: foreign following hinter.
+
+ -- Julien Puydt   Mon, 15 Apr 2019 14:11:16 +0200
+
 node-unicode-property-value-aliases (3.3.0+ds-1) unstable; urgency=medium
 
   * New upstream release.
diff --git a/debian/control b/debian/control
index 848c29c..789e5c9 100644
--- a/debian/control
+++ b/debian/control
@@ -6,15 +6,16 @@ Uploaders: Julien Puydt 
 Build-Depends: debhelper (>= 11),
node-jsesc (>= 2.5.1),
node-unicode-property-aliases (>= 1.2.0),
-   nodejs,
-   unicode-data (>= 11.0.0)
-Standards-Version: 4.1.5
+   nodejs (>= 6.11~),
+   unicode-data (>= 12.0.0)
+Standards-Version: 4.3.0
 Homepage: https://github.com/mathiasbynens/unicode-property-value-aliases
 Vcs-Git: 
https://salsa.debian.org/js-team/node-unicode-property-value-aliases.git
 Vcs-Browser: 
https://salsa.debian.org/js-team/node-unicode-property-value-aliases
 
 Package: node-unicode-property-value-aliases
 Architecture: all
+Multi-Arch: foreign
 Depends: nodejs, ${misc:Depends}
 Description: Unicode property value alias mappings for Node.js
  This package provides a map object giving alias mappings for Unicode
diff --git a/index.js b/index.js
index d0cce51..1ab5864 100755
--- a/index.js
+++ b/index.js
@@ -53,6 +53,7 @@ module.exports = new Map([
['9.0', 'V9_0'],
['10.0', 'V10_0'],
['11.0', 'V11_0'],
+   ['12.0', 'V12_0'],
['NA', 'Unassigned']
])],
['Alphabetic', new Map([
@@ -195,8 +196,10 @@ module.exports = new Map([
['Domino', 'Domino_Tiles'],
['Duployan', 'Duployan'],
['Early_Dynastic_Cuneiform', 'Early_Dynastic_Cuneiform'],
+   ['Egyptian_Hieroglyph_Format_Controls', 
'Egyptian_Hieroglyph_Format_Controls'],
['Egyptian_Hieroglyphs', 'Egyptian_Hieroglyphs'],
['Elbasan', 'Elbasan'],
+   ['Elymaic', 'Elymaic'],
['Emoticons', 'Emoticons'],
['Enclosed_Alphanum', 'Enclosed_Alphanumerics'],
['Enclosed_Alphanum_Sup', 'Enclosed_Alphanumeric_Supplement'],
@@ -311,12 +314,14 @@ module.exports = new Map([
['Myanmar_Ext_A', 'Myanmar_Extended_A'],
['Myanmar_Ext_B', 'Myanmar_Extended_B'],
['Nabataean', 'Nabataean'],
+   ['Nandinagari', 'Nandinagari'],
['NB', 'No_Block'],
['New_Tai_Lue', 'New_Tai_Lue'],
['Newa', 'Newa'],
['NKo', 'NKo'],
['Number_Forms', 'Number_Forms'],
['Nushu', 'Nushu'],
+   ['Nyiakeng_Puachue_Hmong', 'Nyiakeng_Puachue_Hmong'],
['OCR', 'Optical_Character_Recognition'],
['Ogham', 'Ogham'],
['Ol_Chiki', 'Ol_Chiki'],
@@ -332,6 +337,7 @@ module.exports = new Map([
['Ornamental_Dingbats', 'Ornamental_Dingbats'],
['Osage', 'Osage'],
['Osmanya', 'Osmanya'],
+   ['Ottoman_Siyaq_Numbers', 'Ottoman_Siyaq_Numbers'],
['Pahawh_Hmong', 'Pahawh_Hmong'],
['Palmyrene', 'Palmyrene'],
['Pau_Cin_Hau', 'Pau_Cin_Hau'],
@@ -357,6 +363,7 @@ module.exports = new Map([
['Sinhala', 'Sinhala'],
['Sinhala_Archaic_Numbers', 'Sinhala_Archaic_Numbers'],
['Small_Forms', 

Bug#929662: docker.io: CVE-2018-15664

[Salvatore Bonaccorso]

Source: docker.io
Version: 18.09.1+dfsg1-7
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://github.com/docker/docker/pull/39252
Control: found -1 18.09.1+dfsg1-7~deb10u1
Control: found -1 18.09.5+dfsg1-1

Hi,

The following vulnerability was published for docker.io.

CVE-2018-15664[0]:
| In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker
| cp' command are vulnerable to a symlink-exchange attack with Directory
| Traversal, giving attackers arbitrary read-write access to the host
| filesystem with root privileges, because daemon/archive.go does not do
| archive operations on a frozen filesystem (or from within a chroot).


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-15664
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15664
[1] https://github.com/docker/docker/pull/39252
[2] https://www.openwall.com/lists/oss-security/2019/05/28/1

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#929661: git-daemon-run: missing sentinel file causes fake service start

[Christopher Howard]

Package: git-daemon-run
Version: 1:2.11.0-3+deb9u4
Severity: important

Dear Maintainer,

I installed git-daemon-run recently for the first time. It took me several 
hours to figure out why the service appeared to be started but I could not make 
a connection to the daemon. "systemctl status git-daemon-run" would show that 
the service was in status "Active (exited)" but there was no git daemon running 
on the system, and therefore my git clone connections were all refused. After 
some investigation I found this mysterious line in /etc/init.d/git-daemon:

# Exit if the package is not installed
[ -e /usr/share/git-core/sysvinit/sentinel ] || exit 0  
  

The file does not exist on the system. After failing to find any information 
about the "sentinel" file, I simply commented out this line, and then the 
daemon started correctly after reloading the systemd configs and doing a 
'systemctl restart git-daemon-run'. Then I able to make git protocol 
connections and (after another hour of figuring out how to tweak the config 
file) was able to clone my repository.

-- System Information:
Debian Release: 9.9
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 4.9.0-9-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages git-daemon-run depends on:
ii  adduser  3.115
ii  git  1:2.11.0-3+deb9u4
ii  runit2.1.2-9.2

git-daemon-run recommends no packages.

git-daemon-run suggests no packages.

-- no debconf information

Bug#924554: Bug#928108: Bug#924554: Bug#928108: unblock: unattended-upgrades/1.12 ?

[Paul Gevers]

Hi Bálint,

On 27-05-2019 22:53, Bálint Réczey wrote:
> The funny thing is that when Buster becomes stable and security
> updates start flowing the autopkgtest will pass again.

Would the test start failing again around the bullseye release period?

> I can upload them if you would like to see them in Buster, but they
> are not absolutely necessary, IMO.

Yes, please. We value working autopkgtests quite a bit.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#907178: gimp-plugin-registry: resynthesizer not appearing in menu Filters/Enhance

[Ryan Lue]

Package: gimp-plugin-registry
Version: 9.20180625
Followup-For: Bug #907178

Dear Maintainer,

I experienced this issue yesterday. Posted on reddit about it, where
someone suggested that installing gimp-python would fix the issue:

https://www.reddit.com/r/debian/comments/bto0q0/gimp_heal_selection_filter_doesnt_show_even/ep1m53t/

Tried it, and it worked! Please add gimp-python as a dependency of
gimp-plugin-registry.

-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gimp-plugin-registry depends on:
ii  gimp 2.10.8-2
ii  libatk1.0-0  2.30.0-2
ii  libbabl-0.1-00.1.62-1
ii  libc62.28-10
ii  libcairo21.16.0-4
ii  libfontconfig1   2.13.1-2
ii  libfreetype6 2.9.1-3
ii  libfribidi0  1.0.5-3.1
ii  libgcc1  1:8.3.0-6
ii  libgdk-pixbuf2.0-0   2.38.1+dfsg-1
ii  libgegl-0.4-00.4.12-2
ii  libgimp2.0   2.10.8-2
ii  libglib2.0-0 2.58.3-1
ii  libgtk2.0-0  2.24.32-3
ii  libjpeg62-turbo  1:1.5.2-2+b1
ii  libjson-glib-1.0-0   1.4.4-2
ii  liblcms2-2   2.9-3
ii  liblqr-1-0   0.4.2-2.1
ii  libpango-1.0-0   1.42.4-6
ii  libpangocairo-1.0-0  1.42.4-6
ii  libpangoft2-1.0-01.42.4-6
ii  libstdc++6   8.3.0-6
ii  libtiff-tools4.0.10-4
ii  libtiff5 4.0.10-4
ii  python   2.7.16-1
ii  xdg-utils1.1.3-1

Versions of packages gimp-plugin-registry recommends:
ii  gimp-gmic  2.4.5-1

Versions of packages gimp-plugin-registry suggests:
pn  icc-profiles  

-- no debconf information

Bug#929521: Conflicts in upgrade to 418.74-1 with optimus setup

[ghisvail]

> On Sun, 26 May 2019 23:16:48 +0100 Luca Boccassi 
> wrote:
> > On Sun, 26 May 2019 at 22:45,  wrote:
> > >
> > > Le dimanche 26 mai 2019 à 19:44 +0100, Luca Boccassi a écrit :
> > >
> > >  Yes the 390xx series gets
> > > installed if recommends are enabled, but that was intentional,
> and
> > > it's
> > > sufficient to use --no-install-recommends and the existing series
> was
> > > upgrade just fine.
> > >
> >
> > I wonder why the 390xx legacy drivers are being pulled now. It
> > definitely was not the case when I initially setup my machine with
> an
> > older version of nvidia current.
> >
> > Indeed, `apt install --no-install-recommends bumblebee-nvidia
> primus`
> > does not pull the 390xx series.
> 
> As the changelog says, it's to have a smooth update for i386 as the
> mainline doesn't support it anymore.

I wonder whether the upgrade path really is that smooth though.

Afterall, both Stefan and I experienced conflicts in the upgrade
process on the very same packages (nvidia-nonglvnd-vulkan-common and
primus). Less experienced users may not feel confident performing the
upgrade as a result, either by `synaptic` or `apt full-upgrade` 

Maybe displaying an explanation for this particular upgrade via
NEWS.Debian could help? AFAIC, I was not aware that NVIDIA had indeed
dropped support for 32-bit after release 390 of the drivers.

Cheers,
Ghis

Bug#924895: Updating metadata

[Diederik de Haas]

Control: retitle -1 Freezes and spontaneous reboot on first/early editions of 
AMD Ryzen CPUs (was: APIC e microcode 8001137) 
Control: tags -1 patch
Control: notfound -1 3.20181128.1



signature.asc
Description: This is a digitally signed message part.

Bug#929193: Bug#928703: marked as pending in simple-cdd

[Vagrant Cascadian]

Control: merge 928703 929193

On 2019-05-28, Vagrant Cascadian wrote:
> Control: tag -1 pending
>
> Hello,
>
> Bug #928703 in simple-cdd reported by you has been fixed in the
> Git repository and is awaiting an upload. You can see the commit
> message below and you can check the diff of the fix at:
>
> https://salsa.debian.org/debian/simple-cdd/commit/808f97f68acd3dff7c640eb237437559c4e4cc61
>
> 
> Do not fail when expired keys are present in the keyring.
> (Closes: #928703, 929193). Thanks to Sebastien Delafond and Pradeep
> Nambiar.
>
> Signatures from expired keys still require additional configuration to
> be treated as valid.
> 
>
> (this message was generated automatically)
> -- 
> Greetings
>
> https://bugs.debian.org/928703


signature.asc
Description: PGP signature

Bug#918102: simple-cdd: build of custom iso failes in docker container with not tty and openssl 1.1.0j-1~deb9u1 installed

[Vagrant Cascadian]

Control: merge 918102 920334

On 2019-01-03, Mayer, Dirk wrote:
> Package: simple-cdd
> Version: 0.6.6
>
> Hello Debian community,
> when I try to build a custom Debian installer ISO with simple-cdd and the 
> latest openssl libs installed, the following (truncated) error occurs:
>
> $ build-simple-cdd --conf detox.conf --logfile detox_mirror.log --verbose 
> --debug --mirror-only
> ...
> ...
> 2019-01-03 10:21:52,957 INFO detox.conf: new var keyboard=en_US
> 2019-01-03 10:21:52,957 INFO detox.conf: new var locale=en_US.UTF-8
> gpg: directory '/home/bob/.gnupg' created
> gpg: /home/bob/.gnupg/trustdb.gpg: trustdb created
> 2019-01-03 10:21:53,048 DEBUG Checking configuration...
> 2019-01-03 10:21:53,185 DEBUG Creating build environment in 
> /builds/pd-de/systec/detox/CI/make_iso/simple_cdd...
> 2019-01-03 10:21:53,195 ERROR GPG standard error: gpg: cannot open 
> '/dev/tty': No such device or address
> 2019-01-03 10:21:53,196 ERROR GPG standard error: 
> 2019-01-03 10:21:53,196 ERROR Importing 
> /usr/share/keyrings/debian-archive-keyring.gpg into 
> /builds/pd-de/systec/detox/CI/make_iso/simple_cdd/tmp/gpg-keyring failed, gpg 
> error code 2
>
> The build environment is a NON-interactive Debian stretch container with NO 
> tty available.
> The container has the latest ssl related packages installed: 
> $ apt list libssl1.1 openssl gnupg2
> gnupg2/now 2.1.18-8~deb9u3 all [installed,local]
> libssl1.1/now 1.1.0j-1~deb9u1 amd64 [installed,local]
> openssl/now 1.1.0j-1~deb9u1 amd64 [installed,local]
>
> $ uname -a
> Linux 21be976d7d1f 4.9.0-7-amd64 #1 SMP Debian 4.9.110-1 (2018-07-05) x86_64 
> GNU/Linux
> $ cat /etc/debian_version
> 9.6
>
> Before the upgrade from openssl 1.1.0f-3+deb9u2 to the current version this 
> was not an issue.
>
> The following (attached) patch adds a '--batch' parameter to the gpg calls in 
> the file simple_cdd/gnupg.py
> This prevents the error message complaining about no tty available. With this 
> change I am able to build Debian ISOs inside a Docker container again.
> However, it makes sense to use the batch parameter in non-interactive 
> environments anyway.
>
> $ git format-patch master
>
> From e0ee289a03835dd563c13df7fe555fd15c3a04a8 Mon Sep 17 00:00:00 2001
> From: Dirk Mayer 
> Date: Thu, 3 Jan 2019 10:14:41 +0100
> Subject: [PATCH] added --batch param to gpg calls
>
> Signed-off-by: Dirk Mayer 
> ---
>  simple_cdd/gnupg.py | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/simple_cdd/gnupg.py b/simple_cdd/gnupg.py
> index 78ffe7e..628b924 100644
> --- a/simple_cdd/gnupg.py
> +++ b/simple_cdd/gnupg.py
> @@ -30,7 +30,7 @@ class Gnupg:
>
>
>  def common_gpg_args(self):
> -args = ["gpg", "--no-default-keyring"]
> +args = ["gpg", "--batch", "--no-default-keyring"]
>  for k in self.env.get("keyring"):
>  args.extend(("--keyring", k))
>  return args
> @@ -66,7 +66,7 @@ class Gnupg:
>  """
>  env = dict(os.environ)
>  env["GNUPGHOME"] = self.env.get("GNUPGHOME")
> -proc = subprocess.Popen(["gpg", "--import", keyring_file], 
> stdout=subprocess.PIPE, stderr=subprocess.PIPE, env=env)
> +proc = subprocess.Popen(["gpg", "--batch", "--import", 
> keyring_file], stdout=subprocess.PIPE, stderr=subprocess.PIPE, env=env)
>  stdout, stderr = proc.communicate()
>  retval = proc.wait()
>  if retval != 0:
> @@ -80,6 +80,7 @@ class Gnupg:
>  keyring file
>  """
>  keys_raw = subprocess.check_output(["gpg",
> +"--batch",
>  "--no-default-keyring",
>  "--keyring", keyring_file,
>  "--list-keys",
> --
> 2.17.1
>
>
> From e0ee289a03835dd563c13df7fe555fd15c3a04a8 Mon Sep 17 00:00:00 2001
> From: Dirk Mayer 
> Date: Thu, 3 Jan 2019 10:14:41 +0100
> Subject: [PATCH] added --batch param to gpg calls
>
> Signed-off-by: Dirk Mayer 
> ---
>  simple_cdd/gnupg.py | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/simple_cdd/gnupg.py b/simple_cdd/gnupg.py
> index 78ffe7e..628b924 100644
> --- a/simple_cdd/gnupg.py
> +++ b/simple_cdd/gnupg.py
> @@ -30,7 +30,7 @@ class Gnupg:
>  
>  
>  def common_gpg_args(self):
> -args = ["gpg", "--no-default-keyring"]
> +args = ["gpg", "--batch", "--no-default-keyring"]
>  for k in self.env.get("keyring"):
>  args.extend(("--keyring", k))
>  return args
> @@ -66,7 +66,7 @@ class Gnupg:
>  """
>  env = dict(os.environ)
>  env["GNUPGHOME"] = self.env.get("GNUPGHOME")
> -proc = subprocess.Popen(["gpg", "--import", keyring_file], 
> stdout=subprocess.PIPE, stderr=subprocess.PIPE, env=env)
> +proc = subprocess.Popen(["gpg", "--batch", "--import", 
> keyring_file], stdout=subprocess.PIPE, stderr=subprocess.PIPE, env=env)
>  

Bug#929636: simple-cdd: qemu options are not implemented

[Vagrant Cascadian]

Control: clone 929636 -1
Control: retitle -1 simple-cdd: qemu options are not supported since rewrite

On 2019-05-27, Marc Fargas wrote:
> At the very end of the detailed example (simple-cdd.conf.detailed.gz)
> the following appears:
>
>   # memory available within qemu, in MB
>   #mem=96
>
>   # additional options that get passed to qemu
>   #qemu_opts="-std-vga"
>
> But these options have no effect at all.
>
> Looking at the run_qemu() function in build-simple-cdd it appears that
> this is not implemented. qemu_opts is a blank list, while 'mem' there's
> a comment that looks like it comes from a previous shell script base
> version, but never got implemented.
>
> While it remains not implemented, the sample file should state so.
> Though I'm not sure why it's not implemented, from a quick grasp of the
> code, it looks like the commented section should read:
>
>   if self.env.get('mem'):
>   qemu_opts.append('-m')
>   qemu_opts.append(self.env['mem'])

Will apply at least this fix, but qemu isn't all that well supported
since the transition to python...

The "test" profile, which uses the simple-cdd's qemu-specific support,
appears to be largely broken, thus cloning this bug.

If you could propose more patches to fix it, it'd be great!


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#909299: simple-cdd: should not fail when "extrafiles" doesn't exist

[Vagrant Cascadian]

On 2018-09-21, Raphaël Hertzog wrote:
> Version 0.6.5 introduced a checksum check based on the data from
> the "extrafiles" file at the root of the mirror. Now when that
> file doesn't exist, simple-cdd fails with a stacktrace and is
> unable to build any image.
>
> Arguably, the lack of this file is not a showstopper, it should
> just generate a warning... and effectively there are many custom
> Debian repositories without this file and you still want to be able
> to run simple-cdd on them.

Before simple-cdd used extrafiles, it would blindly download
debian-installer files from the mirror with no verification, and
recursively get entire directory trees...

Using extrafiles enables a signed trust path to checksums of various
non-package files, and conveniently lists the files available to
download on the archive as an added bonus.

So it's non-trivial to add support for arbitrary files in arbitrary
directories in a secure manner...


> In my specific case, the Debian mirror is created with "debmirror"
> and this tool doesn't include that file. But I could also mention the
> case of many derivatives that just use reprepro.

Maybe these other tools could add support for extrafiles?

It's unfortunate that it may not work in all environments, though
simple-cdd has always targeted building images with files from
debian.org, and not arbitrary locations.

A patch to enable support without extrafiles would, of course, be
considered if it didn't risk degrading the trust path by default.


> Also it would be nice if simple-cdd documented somewhere its requirements for
> the mirror and repositories that it can use.

That's surely doable.


> FTR here's the stacktrace:
> 2018-09-18 14:36:26,005 DEBUG Building local Debian mirror for debian-cd...
> 2018-09-18 14:36:26,007 DEBUG downloading: .../tmp/mirror/extrafiles
> Traceback (most recent call last):
>   File "/usr/bin/build-simple-cdd", line 658, in 
> scdd.build_mirror()
>   File "/usr/bin/build-simple-cdd", line 270, in build_mirror
> self.run_tool("mirror", tool)
>   File "/usr/bin/build-simple-cdd", line 367, in run_tool
> tool.run()
>   File "/usr/lib/python3/dist-packages/simple_cdd/tools/mirror_wget.py", line 
> 64, in
> run
> _download(download_extrafiles_file, extrafiles_file_inlinesig)
>   File "/usr/lib/python3/dist-packages/simple_cdd/tools/mirror_wget.py", line 
> 55, in
> _download
> request.urlretrieve(url, filename=output)
>   File "/usr/lib/python3.5/urllib/request.py", line 188, in urlretrieve
> with contextlib.closing(urlopen(url, data)) as fp:
>   File "/usr/lib/python3.5/urllib/request.py", line 163, in urlopen
> return opener.open(url, data, timeout)
>   File "/usr/lib/python3.5/urllib/request.py", line 472, in open
> response = meth(req, response)
>   File "/usr/lib/python3.5/urllib/request.py", line 582, in http_response
> 'http', request, response, code, msg, hdrs)
>   File "/usr/lib/python3.5/urllib/request.py", line 510, in error
> return self._call_chain(*args)
>   File "/usr/lib/python3.5/urllib/request.py", line 444, in _call_chain
> result = func(*args)
>   File "/usr/lib/python3.5/urllib/request.py", line 590, in http_error_default
> raise HTTPError(req.full_url, code, msg, hdrs, fp)
> urllib.error.HTTPError: HTTP Error 404: Not Found

Yeah, simple-cdd should at least handle this rather than spitting out a
backtrace.


Thanks for the report, sorry I don't have better news for this issue!


live well,
  vagrant


signature.asc
Description: PGP signature

Bug#929659: bugs.debian.org: Please change the email address for the pseudo package rtc.debian.org

[gustavo panizzo]

Package: bugs.debian.org
Severity: normal

Hello

Recently we've changed our admin list from
debian-rtc-ad...@lists.alioth.debian.org to 
debian-rtc-t...@alioth-lists.debian.net
could you change the owner of the package to match?

thanks!

Bug#929658: RFA: colorclass -- ANSI color text library for Python

[Carl Suster]

Package: wnpp
Severity: normal

I am no longer interested in maintaining colorclass in Debian. I initially
packaged it as a dependency for a now-abandoned ITP (FlexGet).

The package is currently team-maintained in DPMT, however I have not yet had
a response for my request for new uploaders there
(https://lists.debian.org/debian-python/2019/04/msg00015.html).
The package is currently in good shape and is up-to-date with upstream, which
has not seen a new release in a while.

Since colorclass is a leaf package with no reverse dependencies, I'll file an
RM bug eventually if this RFA doesn't attract a new maintainer.

Bug#929655: Obscure "Failed to set invocation ID for unit: File exists" error

[Michael Biebl]

Control: forcemerge 921267 -1

Am 28.05.19 um 00:59 schrieb Kathryn Tolsen:
> Package: systemd
> Version: 241-3
> Severity: Serious
> 
> All systemd services are failing to start, best guess is, this is
> related to:
> 
> https://github.com/systemd/systemd/issues/11810

This is already fixed in 241-4 and a duplicate of #921267

Merging accordingly.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#928666: Want dgit FAQ

[Sean Whitton]

Hello,

On Sun 19 May 2019 at 10:52PM +01, Ian Jackson wrote:

> Sean Whitton writes ("Bug#928666: Want dgit FAQ"):
>> control: retitle -1 want more entries in dgit faq & add links to it
>> in existing docs
>
> I really like what you have done so far.
>
>
> Maybe we want to take some of my answers in that mail thread:
>
> Re: Preferred git branch structure when upstream moves from tarballs to 
> git
>
> In particular maybe answers to these:
>
>   why is Vcs-Git not enough for users
>
>   where does dgit fit into things
>   (answer: my diagrams of Tue, 7 May 2019 19:25:39 +0100)
>
>   should I use this git-debrebase thing too
>   (ansser: no, basically)
>
>   OK then, I want to try it out, what should I do
>
> What do you think ?

These all seem like good candidates, but I think we could probably
simplify at least some of the answers down from what you wrote in that
thread.

> I wonder if we want a survey of git workflow practices.  I frequently
> find I am not communicating properly because I don't know what
> someone's workflow is and they don't have the terminology or the
> knowledge of the problem space to understand what a "git workflow"
> even is.

Yeah, this could well be useful.  For example, I didn't realise that gbp
includes explicit support for the debian/-only workflows until the
recent thread.

Perhaps just an e-mail thread saying "here is all the workflows we think
there are, please pipe up if you know of another" ?

> Also this FAQ is aimed at Debian maintainers.  Do we need a separate
> section for users ?  For NMUers ?  Eg
>
>   I am a downstream of Debian; how should I use dgit ?
>
> (which comes up a fair amount).  But we have less of a need for a PR
> offensive there...

I think that would be a separate FAQ if anything, and it's much less
important for the time being, so let's put that aside (unless someone
really wants to write one, of course).

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#929657: ghdl: VHDL-2008 numeric_std libraries are not installed

[Graeme Smecher]

Package: ghdl
Version: 0.35+git20181129+dfsg-3
Severity: normal

Dear Maintainer,

With GHDL from Debian, I can't use VHDL-2008:

$ ghdl -a --std=08 bar.vhd && echo success
/usr/bin/ghdl-llvm:warning: library ieee does not exists for v08
bar.vhd:1:9:error: cannot find resource library "ieee"
bar.vhd:2:10:error: unit "std_logic_1164" not found in library "ieee"
/usr/bin/ghdl-llvm:error: compilation error

With a stock build of GHDL from git sources, I can:

$ /path/to/ghdl/ghdl_mcode -a --std=08 bar.vhd && echo success
success

In this case, bar.vhd contains the following:

library ieee;
use ieee.std_logic_1164.all;

entity bar is
end bar;

architecture behavioural of bar is
begin
end behavioural;

Although I'm comparing a build from upstream's master against Debian's
ghdl-0.35 release, the necessary files have been in the git repository
for a long time and I don't think it's an upstream problem.

Thanks!

-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (990, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ghdl depends on:
ii  ghdl-llvm  0.35+git20181129+dfsg-3

ghdl recommends no packages.

Versions of packages ghdl suggests:
ii  gtkwave  3.3.98-1

-- no debconf information

Bug#929656: ghdl: VHDL-2008 numeric_std libraries are not installed

[Graeme Smecher]

Package: ghdl
Version: 0.35+git20181129+dfsg-3
Severity: normal

Dear Maintainer,

With GHDL from Debian, I can't use VHDL-2008:

$ ghdl -a --std=08 bar.vhd && echo success
/usr/bin/ghdl-llvm:warning: library ieee does not exists for v08
bar.vhd:1:9:error: cannot find resource library "ieee"
bar.vhd:2:10:error: unit "std_logic_1164" not found in library "ieee"
/usr/bin/ghdl-llvm:error: compilation error

With a stock build of GHDL from git sources, I can:

$ /path/to/ghdl/ghdl_mcode -a --std=08 bar.vhd && echo success
success

In this case, bar.vhd contains the following:

library ieee;
use ieee.std_logic_1164.all;

entity bar is
end bar;

architecture behavioural of bar is
begin
end behavioural;

Although I'm comparing a build from upstream's master against Debian's
ghdl-0.35 release, the necessary files have been in the git repository
for a long time and I don't think it's an upstream problem.

Thanks!

-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (990, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ghdl depends on:
ii  ghdl-llvm  0.35+git20181129+dfsg-3

ghdl recommends no packages.

Versions of packages ghdl suggests:
ii  gtkwave  3.3.98-1

-- no debconf information

Bug#929655: Obscure "Failed to set invocation ID for unit: File exists" error

[Kathryn Tolsen]

Package: systemd
Version: 241-3
Severity: Serious

All systemd services are failing to start, best guess is, this is related
to:

https://github.com/systemd/systemd/issues/11810

https://github.com/poettering/systemd/commit/1c53d4a070edbec8ad2d384ba0014d0eb6bae077#diff-445fb9f3aa0c047d97ba6544e8a4575dR69

all logs on this issue are available here: http://kbt.ddns.net/

I will be leaving this site up until the issue is resolved. I am unable to
start any services and get errors spewed from systemd on any and all apt
operations, my mosh logins are especially laggy, and I'm afraid to even try
rebooting to possibly straighten this out, as if it can't start services it
may not even boot.

If this issue is the above related upstream issue, it effects a large
subset of users with AMD cpus, and renders systemd unusable, so I have
marked this as serious. This should be considered a release-critical bug.

The error message is not only vague but is misleading, as if I am right
about the source of this problem, it has nothing to do with some mysterious
"file" existing.

Other ideas tossed around were some kind of OOM condition, I have less than
250MB of 4GB ram in use, and over 3GB free on the rootfs which is on the
8GB m.2 SSD, so thats definitely not the issue here.

Bug#929252: unblock: qpdf/8.4.2-1

[Jay Berkenbilt]

On Mon, May 27, 2019 at 4:14 PM Paul Gevers  wrote:

> Control: tags -1 moreinfo
>
> On Sun, 19 May 2019 20:43:29 -0400 Jay Berkenbilt  wrote:
> > The changes between qpdf 8.4.0 and 8.4.2 are bug fixes, but I am
> > asking for consideration because this update includes fixes to a
> > serious performance bug (CLI), a CLI non-compatibility bug, and a
> > library fix that could cause data loss in rare cases. These bugs are
> > all in the part of the code concerned with splitting and merging
> > documents, which is one of the main things people use the qpdf CLI
> > for. While these changes are not critical, it would be disappointing
> > if the version of qpdf in the next debian stable has these
> > already-fixed bugs.
>
> How would a targeted fix look like? I don't think we'll unblock the new
> upstream version.
>

I could extract the changes between 8.4.0 and 8.4.2 and apply them as a
patch to 8.4.0, but I don't think I'll do it. It will be confusing if the
debian stable version is called 8.4.0 but actually includes most of the
fixes from 8.4.2. If it's too late to accept this unblock request, that's
fine; we'll just leave things as they are. I plan on releasing a version 9
this summer, and I can just do a backport. If the unblock request is
rejected, please feel free to close the request. Thanks!

--Jay

Bug#929629: mergechanges drops the binary packages from the Binary field when merging source and binary changes

[Simon McVittie]

On Mon, 27 May 2019 at 16:29:57 +0200, Matthias Klose wrote:
> mergechanges drops the binary packages from the Binary field when merging 
> source
> and binary changes.  Seen when trying to re-upload the binary openjdk-8 
> packages
> which were removed from unstable (all files at coccia.d.o:~doko/8).

The output ends up with a Binary field in at least some cases
(demonstrated by test/test_mergechanges and in particular the "Simple
merge" test-case) so presumably there is something different about either
the openjdk-8 .changes files, the way you invoked mergechanges or the
system where it was run that triggers this.

What were the inputs to mergechanges, what arguments and configuration
did you use for mergechanges, what value did you expect for the Binary
field, and what value did you actually get? Was it run on coccia or on
some other system?

(A failing test-case as a patch to test/test_mergechanges would be
particularly useful.)

On Mon, 27 May 2019 at 17:48:51 +0200, Mattia Rizzolo wrote:
> I think this is regression after your changes, would you happen to have
> the time to look at this and see if you can come up with a fix?

I'll try, but I can't guarantee anything right now.

smcv

Bug#929654: Outdated node-unicode-property-value-aliases results in incomplete package rebuild

[Daniel Drake]

Package: node-unicode-12.0.0
Version: 0~20190414+gitbf518e99-2

node-unicode-data 0~20190414+gitbf518e99-2 was originally built
successfully and correctly under sid, and then the binaries were
imported to buster.

However, if you now try to rebuild node-unicode-data under pure
buster, you will get this error during the build process:

node scripts/generate-data.js
[16:03:24] Worker 2 is done!
[16:03:24] Worker 1 is done!
[16:03:24] Worker 4 → Unicode v12.0.0
Generating data for Unicode v12.0.0…
Parsing Unicode v12.0.0 categories…
[16:03:24] Worker 3 is done!
Parsing Unicode v12.0.0 `Script`…
Parsing Unicode v12.0.0 `Script_Extensions`…
Assertion failed: canonical name for Nand = undefined not present in
`scriptsMap`
/root/node-unicode-data-0~20190414+gitbf518e99/scripts/parse-script-extensions.js:62
scriptsMap[canonicalName].add(codePoint);
  ^
TypeError: Cannot read property 'add' of undefined
at 
/root/node-unicode-data-0~20190414+gitbf518e99/scripts/parse-script-extensions.js:62:31
at Array.forEach ()
at 
/root/node-unicode-data-0~20190414+gitbf518e99/scripts/parse-script-extensions.js:52:12
at Array.forEach ()
at Object.parseScriptExtensions
(/root/node-unicode-data-0~20190414+gitbf518e99/scripts/parse-script-extensions.js:26:8)
at generateData
(/root/node-unicode-data-0~20190414+gitbf518e99/index.js:61:18)
at complicatedWorkThatTakesTime
(/root/node-unicode-data-0~20190414+gitbf518e99/scripts/generate-data.js:31:3)
at process.on
(/root/node-unicode-data-0~20190414+gitbf518e99/scripts/generate-data.js:74:3)
at process.emit (events.js:194:15)
at emit (internal/child_process.js:820:12)


The error is ignored, the build continues anyway and goes on to
produce a node-unicode-12.0.0 binary packages that is missing many
files.

If you then try and use this binary, the missing files will cause
other packages will fail to build such as acorn:
   Error: Cannot find module
'unicode-12.0.0/Binary_Property/ID_Start/code-points.js

This issue can be avoided by bringing
node-unicode-property-value-aliases version 3.4.0+ds-1 from sid into
buster too. This new version includes the missing mapping of the
'Nand' script that is mentioned in the error message.

Bug#929652: systemd: sshd processes are not put into the correct slice/scope

[Michael Biebl]

Control: tags -1 + moreinfo

Am 27.05.19 um 23:03 schrieb Simon Beirnaert:
> Package: systemd
> Version: 232-25+deb9u11
> Severity: normal
> 
> Dear Maintainer,
> 
> 
> Systemd does not seem to consistently put sshd processes under the
> relevant user's slice. I have a user with 10925 sshd processes related
> to its sessions. 7552 of those are put under session scopes in the
> user's slice. 3372 are put under system.slice (ssh.service). The ones
> under the user slice are neatly grouped into session scopes whereas
> the ones under the system slice are not.
> 
> This is making it impossible to put accurate limits to the sshd
> processes, or the user's processes. I can set TasksMax, but that only
> has a value if the tasks are counted correctly.
> 
> If there's any more information needed to debug this, please let me
> know.

You need to have libpam-systemd enabled and PAM support in sshd as well
for processes spawned from an SSH session to be put in the user slice.

~11000 sshd processes for one user seems unusual. What kind of setup is
this? Are you sure all those sshd processes were going through the PAM
stack?
You might add the "debug" flag to the pam_systemd.so config to get more
information.
What do you get from pam_systemd.so for an exemplary sshd process which
is not put into the user slice? Do you get anything in the journal from
systemd-logind for this process?
You can increase what's being logged by systemd-logind with
"systemd-analyze log-level"

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#927808:

[Kurt Kremitzki]

On 5/27/19 2:45 AM, Nico Schlömer wrote:
>> I was going to go ahead and do a +really upload with this fix either today 
>> or this weekend.
> 
> This is getting rather urgent now. Do you need any help?
> 

No, I just was waiting for the response on #929108. I'm traveling with
poor connection now but will be back to do an upload tomorrow evening.

Bug#782336: Okular 4:17.12.2-2.2 not printing

[Felicia P]

Trying to print selected pages from a document with Okular with
customized print settings


Steps to reproduce:

Ctrl-P -> select Pages From, Pages, or Current Page radio button, input
desired page(s)
Properties -> Advanced -> Color Model -> select Greyscale
OK -> Print

Nothing happens.  No print job shows up in print queue

But if I do:

Ctrl-P -> Options -> Current Page -> Print

it will print


System info:

Okular 4:17.12.2-2.2 amd64

felicia@life:~$ uname -a
Linux life 4.19.0-5-amd64 #1 SMP Debian 4.19.37-3 (2019-05-15) x86_64
GNU/Linux
felicia@life:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:    10
Codename:   buster





0xCEC1B8C7E51FC983.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature

Bug#925555: linux-image-4.19.0-4-amd64: [regression] No graphics on some

[Hideki Yamane]

 IvyBridge / Haswell systems
Message-Id: <20190528065209.ab9aed4d6eabe80a6b398...@iijmio-mail.jp>
In-Reply-To: <20190528064028.dec9969527111b97d555d...@iijmio-mail.jp>
X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

On Tue, 28 May 2019 06:40:28 +0900 Hideki Yamane  wrote:
>  It seems that fixed in 4.9.38 as below.

 4."19".38.


-- 
Hideki Yamane 

Bug#549190: Not exactly what is requested. Can't one set a server at a different 127.ip instead of at a different port?

[ronvarburg]

Although not exactly what is requested, can't one set a server at a different 
127.ip instead of at a different port? I mean, if one wants to set a server at 
port 55, he would set it at, say, 127.0.0.55?

Bug#925555: linux-image-4.19.0-4-amd64: [regression] No graphics on some IvyBridge / Haswell systems

[Hideki Yamane]

control: tags -1 +fixed-upstream

Hi,

 It seems that fixed in 4.9.38 as below.

> commit 2bc7ce32eb21b094b3ae3e489017fabfe72b4dda
> Author: Dave Airlie 
> Date:   Wed Apr 24 10:47:56 2019 +1000
> 
> Revert "drm/i915/fbdev: Actually configure untiled displays"
> 
> commit 9fa246256e09dc30820524401cdbeeaadee94025 upstream.
> 
> This reverts commit d179b88deb3bf6fed4991a31fd6f0f2cad21fab5.
> 
> This commit is documented to break userspace X.org modesetting driver in 
> certain configurations.
> 
> The X.org modesetting userspace driver is broken. No fixes are available 
> yet. In order for this patch to be applied it either needs a config option or 
> a workaround developed.
> 
> This has been reported a few times, saying it's a userspace problem is 
> clearly against the regression rules.
> 
> Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=109806
> Signed-off-by: Dave Airlie 
> Cc:  # v3.19+
> Signed-off-by: Greg Kroah-Hartman 

-- 
Hideki Yamane 

Bug#911352: shim-signed: missing Microsoft-signed version for UEFI 32bit

[Steve McIntyre]

On Sat, Mar 23, 2019 at 06:45:09PM +, Steve McIntyre wrote:
>control: forwarded -1 https://github.com/rhboot/shim-review/issues/57
>
>On Fri, Oct 19, 2018 at 12:11:56AM +0200, beta-tester wrote:
>>Package: shim-signed
>>Severity: normal
>>
>>Dear Maintainer,
>>
>>it looks like there is a 32 bit (i386) version of shim-signed
>>missing, that is Microsoft-signed and able to boot UEFI 32bit version
>>with enabled SecureBoot.
>
>This is in progress - see
>
>  https://github.com/rhboot/shim-review/issues/57
>
>We've submitted a new version of shim for signing for all of amd64,
>i386 and arm64.

And it came back and was added to the Debian archive about a month
ago. Closing this bug now.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Google-bait:   http://www.debian.org/CD/free-linux-cd
  Debian does NOT ship free CDs. Please do NOT contact the mailing
  lists asking us to send them to you.

Bug#928949: unblock: s3ql/3.1+dfsg-2

[Nikolaus Rath]

On May 27, 2019 8:55:53 PM GMT+01:00, Paul Gevers  wrote:
>Control: tags -1 moreinfo
>
>Hi David,
>
>On Mon, 13 May 2019 15:52:56 -0400 David Gilman 
>wrote:
>> Users who want to use s3ql with Google's cloud storage API need to
>> obtain an OAuth credential with the appropriate permissions. s3ql
>> ships a helper binary s3ql_oauth_client that makes the appropriate
>API
>> calls to obtain a token with the correct permissions. Google made
>> breaking changes to the token's structure and s3ql_oauth_client is no
>> longer able to create these tokens.
>> 
>> s3ql shipped a fix to s3ql_oauth_client in version 3.1. Please
>> consider shipping version 3.1 in debian buster so users of s3ql and
>> Google's cloud storage can obtain valid credentials. If the fix is
>not
>> in buster users will be forced to figure out the OAuth flow by
>> themselves (very painful) or grab a copy of s3ql 3.1 from its
>upstream
>> just so they can run s3ql_oauth_client to get a token.
>
>A new upstream release is not really what we want at this stage of the
>release. How much of the package is actually broken right now? There
>are
>quite a bit of changes, lots of it in documentation, but also new
>functionality. How feasible would it be to do a targeted fix of the
>issue at hand?
>
>By the way, you could have mentioned you're not the maintainer.

Hi,

David contacted me first and I told him that I'm fine with an exception but 
that driving this isn't high on my priority list.

IIRC the necessary changes are isolated and easy to backport. However, the new 
release is already in testing which IIRC makes things more complicated.


Best,
Nikolaus

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Bug#929652: systemd: sshd processes are not put into the correct slice/scope

[Simon Beirnaert]

Package: systemd
Version: 232-25+deb9u11
Severity: normal

Dear Maintainer,


Systemd does not seem to consistently put sshd processes under the
relevant user's slice. I have a user with 10925 sshd processes related
to its sessions. 7552 of those are put under session scopes in the
user's slice. 3372 are put under system.slice (ssh.service). The ones
under the user slice are neatly grouped into session scopes whereas
the ones under the system slice are not.

This is making it impossible to put accurate limits to the sshd
processes, or the user's processes. I can set TasksMax, but that only
has a value if the tasks are counted correctly.

If there's any more information needed to debug this, please let me
know.


Thanks
Simon

-- Package-specific info:

-- System Information:
Debian Release: 9.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-8-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=UTF-8 (charmap=locale: Cannot set LC_CTYPE 
to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
ANSI_X3.4-1968), LANGUAGE=en_US.UTF-8 (charmap=locale: Cannot set LC_CTYPE to 
default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages systemd depends on:
ii  adduser 3.115
ii  libacl1 2.2.52-3+b1
ii  libapparmor12.11.0-3+deb9u2
ii  libaudit1   1:2.6.7-2
ii  libblkid1   2.29.2-1+deb9u1
ii  libc6   2.24-11+deb9u3
ii  libcap2 1:2.25-1
ii  libcryptsetup4  2:1.7.3-4
ii  libgcrypt20 1.7.6-2+deb9u3
ii  libgpg-error0   1.26-2
ii  libidn111.33-1
ii  libip4tc0   1.6.0+snapshot20161117-6
ii  libkmod223-2
ii  liblz4-10.0~r131-2+b1
ii  liblzma55.2.2-1.2+b1
ii  libmount1   2.29.2-1+deb9u1
ii  libpam0g1.1.8-3.6
ii  libseccomp2 2.3.1-2.1
ii  libselinux1 2.6-3+b3
ii  libsystemd0 232-25+deb9u11
ii  mount   2.29.2-1+deb9u1
ii  procps  2:3.3.12-3+deb9u1
ii  util-linux  2.29.2-1+deb9u1

Versions of packages systemd recommends:
ii  dbus1.10.26-0+deb9u1
ii  libpam-systemd  232-25+deb9u11

Versions of packages systemd suggests:
pn  policykit-1
pn  systemd-container  
pn  systemd-ui 

Versions of packages systemd is related to:
pn  dracut   
ii  initramfs-tools  0.130
ii  udev 232-25+deb9u11

-- debconf information excluded

Bug#929597: CVE-2019-12211 CVE-2019-12212 CVE-2019-12213 CVE-2019-12214

[Anton Gladky]

CVE-2019-12214 does not affect buster and stretch.
Jessie should be double checked because an older
version is used there.

Anton

Am So., 26. Mai 2019 um 22:01 Uhr schrieb Anton Gladky :
>
> Hi Moritz,
>
> thanks for the reporting. As far as I see, there is still
> no available fix from upstream.
>
> Cheers
>
> Anton
>
> Am So., 26. Mai 2019 um 21:27 Uhr schrieb Moritz Muehlenhoff 
> :
> >
> > Source: freeimage
> > Severity: grave
> > Tags: security
> >
> > Please see
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12211
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12212
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12213
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12214
> >
> > Cheers,
> > Moritz
> >
> > --
> > debian-science-maintainers mailing list
> > debian-science-maintain...@alioth-lists.debian.net
> > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-science-maintainers

Bug#924554: Bug#928108: unblock: unattended-upgrades/1.12 ?

[Bálint Réczey]

Hi Paul,

Paul Gevers  ezt írta (időpont: 2019. máj. 23., Cs, 8:59):
>
> Hi Bálint,
>
> On 22-05-2019 17:07, Bálint Réczey wrote:
> >> Please remove the moreinfo tag when the package built successfully.
> >
> > Done, with the version number adjusted. The failing autopkgtest is not
> > related to this change.
>
> Unblocked, thanks. However, can you explain why the autopkgtests started
> failing and do you expect it to keep failing? If the fix is obvious and
> easily and only in the debian/tests/ directory, I'd like to have it,
> such that the unattended-upgrades autopkgtest remains working during the
> stable release time.

The funny thing is that when Buster becomes stable and security
updates start flowing the autopkgtest will pass again.
I've prepared the fixes in
https://github.com/mvo5/unattended-upgrades/pull/201 for the release
process related corner cases.

I can upload them if you would like to see them in Buster, but they
are not absolutely necessary, IMO.

Cheers,
Balint


>
> Paul
>

Bug#929579: [PATCH 1/2] configure: apply ${cross_prefix} to pkg-config calls

[Jens Axboe]

On 5/27/19 1:32 PM, Helmut Grohne wrote:
> Otherwise, we're searching for build architecture libraries which is not
> what we want.

Applied 1-2, thanks.

-- 
Jens Axboe

Bug#929651: simple-cdd: NameError exception on gpg verify failure

[Marc Fargas]

Package: simple-cdd
Version: 0.6.6
Severity: normal

Dear Maintainer,

If verify_gpg_sig fails on gnupg.py, the raise call asks for a variable
that is not defined, full traceback:

Traceback (most recent call last):
  File "/usr/bin/build-simple-cdd", line 678, in 
scdd.build_mirror()
  File "/usr/bin/build-simple-cdd", line 290, in build_mirror
self.run_tool("mirror", tool)
  File "/usr/bin/build-simple-cdd", line 387, in run_tool
tool.run()
  File 
"/usr/lib/python3/dist-packages/simple_cdd/tools/mirror_download.py", line 107, 
in run
self.gnupg.verify_detached_sig(release_file, release_file + ".gpg")
  File "/usr/lib/python3/dist-packages/simple_cdd/gnupg.py", line 58, 
in verify_detached_sig
return self.verify_gpg_sig("--verify", sigpathname, pathname)
  File "/usr/lib/python3/dist-packages/simple_cdd/gnupg.py", line 55, 
in verify_gpg_sig
raise Fail("Signature verification failed on %s", pathname)
NameError: name 'pathname' is not defined

Looking at the code, it looks that the variable is not defined.

Marc

-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages simple-cdd depends on:
ii  dctrl-tools 2.24-3
ii  debian-cd   3.1.23
ii  lsb-release 10.2019031300
ii  python3 3.7.2-1
ii  python3-simple-cdd  0.6.6
ii  reprepro5.3.0-1
ii  rsync   3.1.3-6
ii  wget1.20.1-1.1

Versions of packages simple-cdd recommends:
ii  dose-distcheck  5.0.1-12

Versions of packages simple-cdd suggests:
ii  qemu-kvm  1:3.1+dfsg-7

-- no debconf information

Bug#929650: openjdk-8 is staying in unstable

[Matthias Klose]

Package: src:openjdk-8
Version: 8u212-b01-1
Severity: serious

openjdk-8 is staying in unstable.  It is used to prepare updates for
stable-security, and to bootstrap kotlin.

Bug#929649: kiconthemes FTCBFS: missing Build-Depends: qttools5-dev

[Helmut Grohne]

Source: kiconthemes
Version: 5.54.0-1
Tags: pending

kiconthemes fails to cross build from source. This is fixed in git:
https://salsa.debian.org/qt-kde-team/kde/kiconthemes/commit/f2a496ee33f6c62b62e7fd5049404b5ac5ef5bb9
Please close this bug with the next upload to trigger a qa rebuild.

Helmut

Bug#929647: hunt FTCBFS: does not pass cross tools to make

[Helmut Grohne]

Source: hunt
Version: 1.5-6.1
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

hunt fails to cross build from source, because it does not pass cross
tools to make. The easiest way of fixing that - using dh_auto_build -
makes hunt cross buildable. Please consider applying the attached patch.

Helmut
diff -u hunt-1.5/debian/changelog hunt-1.5/debian/changelog
--- hunt-1.5/debian/changelog
+++ hunt-1.5/debian/changelog
@@ -1,3 +1,10 @@
+hunt (1.5-6.2) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTCBFS: Let dh_auto_build pass cross tools to make. (Closes: #-1)
+
+ -- Helmut Grohne   Mon, 27 May 2019 21:40:41 +0200
+
 hunt (1.5-6.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -u hunt-1.5/debian/control hunt-1.5/debian/control
--- hunt-1.5/debian/control
+++ hunt-1.5/debian/control
@@ -2,7 +2,7 @@
 Section: net
 Priority: optional
 Maintainer: Angel Ramos 
-Build-Depends: debhelper (>= 5.0.0)
+Build-Depends: debhelper (>= 7)
 Standards-Version: 3.8.0
 
 Package: hunt
diff -u hunt-1.5/debian/rules hunt-1.5/debian/rules
--- hunt-1.5/debian/rules
+++ hunt-1.5/debian/rules
@@ -9,8 +9,8 @@
 build-stamp:
dh_testdir
# build package here
-   $(MAKE)
-   cd tpserv && make
+   dh_auto_build
+   dh_auto_build --sourcedirectory=tpserv
touch build-stamp
 
 clean:

Bug#929644: libstorj FTCBFS: does not pass --host to ./configure

[Helmut Grohne]

Source: libstorj
Version: 1.0.3-1
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

libstorj fails to cross build from source, because it does not pass
--host to ./configure. The easiest way of doing so - using
dh_auto_configure - makes libstorj cross buildable. Please consider
applying the attached patch.

Helmut
diff --minimal -Nru libstorj-1.0.3/debian/changelog 
libstorj-1.0.3/debian/changelog
--- libstorj-1.0.3/debian/changelog 2018-12-30 18:48:58.0 +0100
+++ libstorj-1.0.3/debian/changelog 2019-05-27 21:45:38.0 +0200
@@ -1,3 +1,10 @@
+libstorj (1.0.3-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTCBFS: Let dh_auto_configure pass --host to ./configure. (Closes: #-1)
+
+ -- Helmut Grohne   Mon, 27 May 2019 21:45:38 +0200
+
 libstorj (1.0.3-1) unstable; urgency=medium
 
   * New upstream release (1.0.3).
diff --minimal -Nru libstorj-1.0.3/debian/rules libstorj-1.0.3/debian/rules
--- libstorj-1.0.3/debian/rules 2018-12-30 18:48:58.0 +0100
+++ libstorj-1.0.3/debian/rules 2019-05-27 21:45:38.0 +0200
@@ -10,8 +10,7 @@
 
 override_dh_auto_configure:
$(CURDIR)/autogen.sh
-   ./configure --prefix=/usr
-   #dh_auto_configure
+   dh_auto_configure -- --libdir='$${prefix}/lib'
 
 override_dh_auto_clean:
dh_auto_clean

Bug#929639: ethereal-chess FTCBFS: does not pass cross tools to make

[Helmut Grohne]

Source: ethereal-chess
Version: 11.25+ds1-1
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

ethereal-chess fails to cross build from source, because it does not
pass cross tools to make. The easiest way of doing so - using
dh_auto_build - makes ethereal-chess cross buildable. Please consider
applying the attached patch.

Helmut
diff --minimal -Nru ethereal-chess-11.25+ds1/debian/changelog 
ethereal-chess-11.25+ds1/debian/changelog
--- ethereal-chess-11.25+ds1/debian/changelog   2019-01-29 19:22:19.0 
+0100
+++ ethereal-chess-11.25+ds1/debian/changelog   2019-05-27 21:59:14.0 
+0200
@@ -1,3 +1,10 @@
+ethereal-chess (11.25+ds1-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTCBFS: Let dh_auto_build pass cross tools to make. (Closes: #-1)
+
+ -- Helmut Grohne   Mon, 27 May 2019 21:59:14 +0200
+
 ethereal-chess (11.25+ds1-1) unstable; urgency=medium
 
   * Initial release (Closes: #914598)
diff --minimal -Nru ethereal-chess-11.25+ds1/debian/rules 
ethereal-chess-11.25+ds1/debian/rules
--- ethereal-chess-11.25+ds1/debian/rules   2019-01-29 19:22:19.0 
+0100
+++ ethereal-chess-11.25+ds1/debian/rules   2019-05-27 21:59:13.0 
+0200
@@ -9,7 +9,7 @@
dh $@
 
 override_dh_auto_build:
-   make -f src/makefile -- nopopcnt \
+   dh_auto_build --buildsystem=makefile -- -f src/makefile -- nopopcnt \
SRC="src/*.c" LIBS="-lpthread -lm -lfathom" EXE="ethereal-chess" \
CFLAGS="$(WFLAGS) -flto \
$(CFLAGS) $(CPPFLAGS) $(LDFLAGS)"

Bug#929591: unblock: golang-github-seccomp-libseccomp-golang/0.9.0-2

[Salvatore Bonaccorso]

Hi,

On Mon, May 27, 2019 at 02:24:07AM +0800, Shengjing Zhu wrote:
> +  [ Michael Vogt ]
> +  * debian/patches/06e7a2-fix-multi-args.patch:
> +- Cherry pick 06e7a29 to fix incorrect argument filtering when
> +  using multiple arguments

FTR, this is CVE-2017-18367.

Regards,
Salvatore

Bug#929648: konclude runs tests in the presence of DEB_BUILD_OPTIONS=nocheck

[Helmut Grohne]

Source: konclude
Version: 0.6.2~dfsg-5
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

konclude fails to cross build from source, because it fails running
tests in the presence of DEB_BUILD_OPTIONS=nocheck. The attached patch
makes the tests optional, but konclude still fails to cross build due to
its use of help2man. Please consider applying the attached patch anyway
and close this bug when doing so.

Helmut
diff --minimal -Nru konclude-0.6.2~dfsg/debian/changelog 
konclude-0.6.2~dfsg/debian/changelog
--- konclude-0.6.2~dfsg/debian/changelog2018-11-29 17:00:28.0 
+0100
+++ konclude-0.6.2~dfsg/debian/changelog2019-05-26 21:01:48.0 
+0200
@@ -1,3 +1,10 @@
+konclude (0.6.2~dfsg-5.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Support DEB_BUILD_OPTIONS=nocheck. (Closes: #-1)
+
+ -- Helmut Grohne   Sun, 26 May 2019 21:01:48 +0200
+
 konclude (0.6.2~dfsg-5) unstable; urgency=medium
 
   * Run examples as minimal testsuite.
diff --minimal -Nru konclude-0.6.2~dfsg/debian/rules 
konclude-0.6.2~dfsg/debian/rules
--- konclude-0.6.2~dfsg/debian/rules2018-11-29 16:59:52.0 +0100
+++ konclude-0.6.2~dfsg/debian/rules2019-05-26 21:01:12.0 +0200
@@ -13,7 +13,9 @@
QT_SELECT=5 CXXFLAGS="$(CXXFLAGS) -fpermissive" dh_auto_configure
 
 override_dh_auto_test:
+ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
KONCLUDE=Release/Konclude debian/tests/examples
+endif
 
 $(manpages): debian/%.1 : debian/% Release/%
chmod +x $<

Bug#929646: apwal FTCBFS: multiple issues

[Helmut Grohne]

Source: apwal
Version: 0.4.5-1.1
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

apwal fails to cross build from source. It does not pass cross tools to
make. The easiest way of fixing that is using dh_auto_build. Then the
upstream build system fails to pick up those tools. The attached patch
makes them substitutable. And then it strips using the wrong strip. It
is best to disable stripping during build, because dh_strip does the
right thing and doing it earlier breaks DEB_BUILD_OPTIONS=nostrip
(#436940) and generation of -dbgsym packages. The attached patch fixes
all of that. Please consider applying it.

Helmut
diff -u apwal-0.4.5/debian/changelog apwal-0.4.5/debian/changelog
--- apwal-0.4.5/debian/changelog
+++ apwal-0.4.5/debian/changelog
@@ -1,3 +1,13 @@
+apwal (0.4.5-1.2) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTCBFS: (Closes: #-1)
++ Let dh_auto_build pass cross tools to make.
++ cross.patch: Make tools substitutable.
++ Don't strip during build.
+
+ -- Helmut Grohne   Mon, 27 May 2019 21:57:26 +0200
+
 apwal (0.4.5-1.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -u apwal-0.4.5/debian/rules apwal-0.4.5/debian/rules
--- apwal-0.4.5/debian/rules
+++ apwal-0.4.5/debian/rules
@@ -10,7 +10,7 @@
dh_testdir
 
# Add here commands to compile the package.
-   $(MAKE)
+   dh_auto_build -- STRIP=true
 
touch build-stamp
 
only in patch2:
unchanged:
--- apwal-0.4.5.orig/src/Makefile
+++ apwal-0.4.5/src/Makefile
@@ -1,12 +1,15 @@
 
 include ../Makefile.inc
 
+PKG_CONFIG ?= pkg-config
+STRIP ?= strip
+
 ifdef APWAL_DEBUG
-CFLAGS=-g -Wall -Werror `pkg-config --cflags gtk+-2.0 gthread-2.0` 
-DGTK_DISABLE_DEPRECATED -DAPWAL_DEBUG
-LDFLAGS=`pkg-config --libs gtk+-2.0 gthread-2.0` `xml2-config --libs`
+CFLAGS=-g -Wall -Werror `$(PKG_CONFIG) --cflags gtk+-2.0 gthread-2.0` 
-DGTK_DISABLE_DEPRECATED -DAPWAL_DEBUG
+LDFLAGS=`$(PKG_CONFIG) --libs gtk+-2.0 gthread-2.0` `xml2-config --libs`
 else
-CFLAGS=-O2 `pkg-config --cflags gtk+-2.0 gthread-2.0`
-LDFLAGS=-O2 `pkg-config --libs gtk+-2.0 gthread-2.0` `xml2-config --libs`
+CFLAGS=-O2 `$(PKG_CONFIG) --cflags gtk+-2.0 gthread-2.0`
+LDFLAGS=-O2 `$(PKG_CONFIG) --libs gtk+-2.0 gthread-2.0` `xml2-config --libs`
 endif
 
 OBJS=main.o app.o launcher.o editor.o property.o \
@@ -24,12 +27,12 @@
 ifdef APWAL_DEBUG
 all: checktraceformat apwal tags
 apwal: $(OBJS)
-   gcc -o $@ $^ $(LDFLAGS)
+   $(CC) -o $@ $^ $(LDFLAGS)
 else
 all: apwal
 apwal: $(OBJS)
-   gcc -o $@ $^ $(LDFLAGS)
-   strip $@
+   $(CC) -o $@ $^ $(LDFLAGS)
+   $(STRIP) $@
 endif
 
 install: all
@@ -37,12 +40,12 @@
ln -sf /usr/local/bin/apwal /usr/local/bin/apwal-editor
 
 .c.o: $(INCS)
-   gcc -c $< -o $*.o $(CFLAGS)
+   $(CC) -c $< -o $*.o $(CFLAGS)
 
 xmlrc.o: xmlrc.c $(INCS)
-   gcc -c $< -o $*.o $(CFLAGS) `xml2-config --cflags`
+   $(CC) -c $< -o $*.o $(CFLAGS) `xml2-config --cflags`
 about.o: about.c $(INCS) ../Makefile.inc
-   gcc -c $< -o $*.o $(CFLAGS) -DAPWAL_VERSION=\"$(VERS)\"
+   $(CC) -c $< -o $*.o $(CFLAGS) -DAPWAL_VERSION=\"$(VERS)\"
 
 gtkstuff.o: pixbufinline.inc
 xmlrc.o: xmlrcinline.inc

Bug#929642: pd-flext FTCBFS: abuses AC_CHECK_FILE

[Helmut Grohne]

Source: pd-flext
Version: 0.6.0+git20161101.1.01318a94-3
Tags: patch upstream
User: helm...@debian.org
Usertags: rebootstrap

pd-flext fails to cross build from source, because it abuses
AC_CHECK_FILE for finding development files such as headers. The macro
is meant to locate files on the host system, but here it is being used
to search the build system. For that use, a simple "test -f" is better
suited. The attached patch makes pd-flext cross buildable. Please
consider applying it.

Helmut
--- pd-flext-0.6.0+git20161101.1.01318a94.orig/configure.ac
+++ pd-flext-0.6.0+git20161101.1.01318a94/configure.ac
@@ -33,7 +33,7 @@
 	[
 		if test $win; then
 # LATER: shouldn't we use AC_CHECK_LIB([pd]) ?
-		 AC_CHECK_FILE([$withval/pd.dll],,AC_MSG_ERROR([Cannot find $withval/pd.dll]))	
+		 AS_IF([test -f "$withval/pd.dll"],,AC_MSG_ERROR([Cannot find $withval/pd.dll]))	
 		fi
 		LIBDIRS="$LIBDIRS $withval"
 	],
@@ -47,8 +47,8 @@
 if test $SYSTEM == max; then
 	AC_DEFINE(FLEXT_SYS,1)
 # check for MaxAPI.h in pd folder
-	AC_CHECK_FILE([$sdkdir/max-includes/MaxAPI.h],,AC_MSG_ERROR([Cannot find $sdkdir/max-includes/MaxAPI.h]))
-	AC_CHECK_FILE([$sdkdir/max-includes/MaxAudioAPI.h],,AC_MSG_ERROR([Cannot find $sdkdir/max-includes/MaxAudioAPI.h]))
+	AS_IF([test -f "$sdkdir/max-includes/MaxAPI.h"],,AC_MSG_ERROR([Cannot find $sdkdir/max-includes/MaxAPI.h]))
+	AS_IF([test -f "$sdkdir/max-includes/MaxAudioAPI.h"],,AC_MSG_ERROR([Cannot find $sdkdir/max-includes/MaxAudioAPI.h]))
 	INCLUDEDIRS="$INCLUDEDIRS $sdkdir/max-includes $sdkdir/msp-includes"
 
 elif test $SYSTEM == pd; then
@@ -57,7 +57,7 @@
 
 	AC_DEFINE(FLEXT_SYS,2)
 # check for g_canvas.h in pd folder
-	AC_CHECK_FILE([$sdkdir/g_canvas.h],,AC_MSG_ERROR([Cannot find $sdkdir/g_canvas.h]))
+	AS_IF([test -f "$sdkdir/g_canvas.h"],,AC_MSG_ERROR([Cannot find $sdkdir/g_canvas.h]))
 	INCLUDEDIRS="$INCLUDEDIRS $sdkdir"
 
 	if test $win; then
@@ -71,7 +71,7 @@
 AC_ARG_WITH(atomic_ops,
 	AC_HELP_STRING(--with-atomic_ops,[path to atomic_ops library (needed for gcc version < 4.1 on non-i386 cpus)]),
 	[
-	AC_CHECK_FILE([$withval/atomic_ops.h],,AC_MSG_ERROR([Cannot find $withval/atomic_ops.h]))	
+	AS_IF([test -f "$withval/atomic_ops.h"],,AC_MSG_ERROR([Cannot find $withval/atomic_ops.h]))	
 		INCLUDEDIRS="$INCLUDEDIRS $withval"
 AC_DEFINE(USE_ATOMIC_OPS)
 	]
@@ -80,7 +80,7 @@
 AC_ARG_WITH(stkdir,
 	AC_HELP_STRING(--with-stkdir,[path to STK headers]),
 	[
-	AC_CHECK_FILE([$withval/Stk.h],,AC_MSG_ERROR([Cannot find $withval/Stk.h]))	
+	AS_IF([test -f "$withval/Stk.h"],,AC_MSG_ERROR([Cannot find $withval/Stk.h]))	
 		stkdir=$withval
 		INCLUDEDIRS="$INCLUDEDIRS $withval"
 	]
@@ -91,7 +91,7 @@
 AC_ARG_WITH(sndobjdir,
 	AC_HELP_STRING(--with-sndobjdir,[path to SndObj headers]),
 	[
-		AC_CHECK_FILE([$withval/SndObj.h],,AC_MSG_ERROR([Cannot find $withval/SndObj.h]))
+		AS_IF([test -f "$withval/SndObj.h"],,AC_MSG_ERROR([Cannot find $withval/SndObj.h]))
 		sndobjdir=$withval
 		INCLUDEDIRS="$INCLUDEDIRS $withval"
 	]

Bug#929643: dumpasn1 FTCBFS: uses the build architecture compiler

[Helmut Grohne]

Source: dumpasn1
Version: 20170309-1
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

dumpasn1 fails to cross build from source, because it uses the build
architecture compiler as a make default in debian/rules. The easiest way
of fixing that - seeing CC from dpkg's buildtools.mk - makes dumpasn1
cross buildable. Please consider applying the attached patch.

Helmut
diff --minimal -Nru dumpasn1-20170309/debian/changelog 
dumpasn1-20170309/debian/changelog
--- dumpasn1-20170309/debian/changelog  2017-09-20 20:41:48.0 +0200
+++ dumpasn1-20170309/debian/changelog  2019-05-27 21:41:36.0 +0200
@@ -1,3 +1,10 @@
+dumpasn1 (20170309-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTCBFS: Seed CC from dpkg's buildtools.mk. (Closes: #-1)
+
+ -- Helmut Grohne   Mon, 27 May 2019 21:41:36 +0200
+
 dumpasn1 (20170309-1) unstable; urgency=medium
 
   * New upstream release. Closes: #855569
diff --minimal -Nru dumpasn1-20170309/debian/rules 
dumpasn1-20170309/debian/rules
--- dumpasn1-20170309/debian/rules  2016-03-03 21:52:34.0 +0100
+++ dumpasn1-20170309/debian/rules  2019-05-27 21:41:35.0 +0200
@@ -1,6 +1,8 @@
 #!/usr/bin/make -f
 #export DH_VERBOSE=1
 
+-include /usr/share/dpkg/buildtools.mk
+
 %:
dh $@ --parallel
 

Bug#929645: hdup FTCBFS: does not pass --host to ./configure

[Helmut Grohne]

Source: hdup
Version: 2.0.14-4
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

hdup fails to cross build from source, because it does not pass --host
to ./configure. The easiest way of fixing that is using
dh_auto_configure. Then it fails, because hdup uses a broken, outdated,
embedded copy of AM_PATH_GLIB_2_0. Please remove that copy or update and
register it. Please consider applying the attached patch to fix the
--host part.

Helmut
diff -u hdup-2.0.14/debian/rules hdup-2.0.14/debian/rules
--- hdup-2.0.14/debian/rules
+++ hdup-2.0.14/debian/rules
@@ -12,7 +12,7 @@
 
 config.status: configure
dh_testdir
-   ./configure --sysconfdir=/etc --prefix=/usr --exec-prefix=/usr 
+   dh_auto_configure -- --exec-prefix=/usr
 
 build: build-stamp
 
diff -u hdup-2.0.14/debian/changelog hdup-2.0.14/debian/changelog
--- hdup-2.0.14/debian/changelog
+++ hdup-2.0.14/debian/changelog
@@ -1,3 +1,11 @@
+hdup (2.0.14-4.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Improve cross building: Let dh_auto_configure pass --host to ./configure.
+(Closes: #-1)
+
+ -- Helmut Grohne   Mon, 27 May 2019 22:11:10 +0200
+
 hdup (2.0.14-4) unstable; urgency=low
 
   * Now explicitly uses bash in examples/.

Bug#929641: xdesktopwaves FTCBFS: does not pass cross tools to make

[Helmut Grohne]

Source: xdesktopwaves
Version: 1.3-4
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

xdesktopwaves fails to cross build from source, because it does not pass
cross tools to make. The easiest way of doing so - using dh_auto_build -
is insufficient here. The build system also needs the C compiler in the
LINK variable. It also strips during make install with the wrong strip.
The latter also breaks DEB_BUILD_OPTIONS=nostrip as well as generation
of -dbgsym packages and is best avoides. The attached patch fixes all of
that. Please consider applying it.

Helmut
diff --minimal -Nru xdesktopwaves-1.3/debian/changelog 
xdesktopwaves-1.3/debian/changelog
--- xdesktopwaves-1.3/debian/changelog  2012-11-27 09:50:31.0 +0100
+++ xdesktopwaves-1.3/debian/changelog  2019-05-27 22:07:46.0 +0200
@@ -1,3 +1,13 @@
+xdesktopwaves (1.3-4.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTCBFS: (Closes: #-1)
++ Let dh_auto_build pass cross tools to make.
++ Also pass C compiler as LINK.
++ Don't strip during make install.
+
+ -- Helmut Grohne   Mon, 27 May 2019 22:07:46 +0200
+
 xdesktopwaves (1.3-4) unstable; urgency=low
 
   * Using source package format "3.0 (quilt)"
diff --minimal -Nru xdesktopwaves-1.3/debian/rules 
xdesktopwaves-1.3/debian/rules
--- xdesktopwaves-1.3/debian/rules  2012-11-26 13:53:52.0 +0100
+++ xdesktopwaves-1.3/debian/rules  2019-05-27 22:07:46.0 +0200
@@ -17,7 +17,7 @@
 
 build-stamp: configure-stamp
dh_testdir
-   $(MAKE) CFLAGS="$(CFLAGS) $(CPPFLAGS)" LFLAGS="$(LDFLAGS) $(LDFLAGS2)"
+   dh_auto_build -- CFLAGS="$(CFLAGS) $(CPPFLAGS)" LFLAGS="$(LDFLAGS) 
$(LDFLAGS2)" LINK='$$(CC)'
touch $@
 
 build-indep: configure-stamp
@@ -40,7 +40,7 @@
dh_testroot
dh_prep
dh_installdirs
-   $(MAKE) DESTDIR=$(CURDIR)/debian/xdesktopwaves install
+   $(MAKE) DESTDIR=$(CURDIR)/debian/xdesktopwaves install INSTALL='install 
--strip-program=true'
 
 # Build architecture-independent files here.
 binary-indep: build install

Bug#929640: scalc FTCBFS: fails running tests despite DEB_BUILD_OPTIONS=nocheck

[Helmut Grohne]

Source: scalc
Version: 0.2.4-5
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

scalc fails to cross build from source, because it fails running tests
in the presence of DEB_BUILD_OPTIONS=nocheck. In its absence, it
actually runs the tests twice: Once via override_dh_auto_build and once
via dh_auto_test. We can safely remove the former invocation and thus
make scalc cross buildable. Please consider applying the attached patch.

Helmut
diff --minimal -Nru scalc-0.2.4/debian/changelog scalc-0.2.4/debian/changelog
--- scalc-0.2.4/debian/changelog2017-08-16 20:36:18.0 +0200
+++ scalc-0.2.4/debian/changelog2019-05-27 22:05:29.0 +0200
@@ -1,3 +1,10 @@
+scalc (0.2.4-5.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTCBFS: Run test suite once via dh_auto_test. (Closes: #-1)
+
+ -- Helmut Grohne   Mon, 27 May 2019 22:05:29 +0200
+
 scalc (0.2.4-5) unstable; urgency=low
 
   * Gratefully acknowledge Julien Cristau's NMU
diff --minimal -Nru scalc-0.2.4/debian/rules scalc-0.2.4/debian/rules
--- scalc-0.2.4/debian/rules2017-08-16 20:17:50.0 +0200
+++ scalc-0.2.4/debian/rules2019-05-27 22:05:28.0 +0200
@@ -17,5 +17,4 @@
 
 override_dh_auto_build:
dh_auto_build
-   make check
doxygen

Bug#929252: unblock: qpdf/8.4.2-1

[Paul Gevers]

Control: tags -1 moreinfo

On Sun, 19 May 2019 20:43:29 -0400 Jay Berkenbilt  wrote:
> The changes between qpdf 8.4.0 and 8.4.2 are bug fixes, but I am
> asking for consideration because this update includes fixes to a
> serious performance bug (CLI), a CLI non-compatibility bug, and a
> library fix that could cause data loss in rare cases. These bugs are
> all in the part of the code concerned with splitting and merging
> documents, which is one of the main things people use the qpdf CLI
> for. While these changes are not critical, it would be disappointing
> if the version of qpdf in the next debian stable has these
> already-fixed bugs.

How would a targeted fix look like? I don't think we'll unblock the new
upstream version.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#924132: runit: Add support for runit in init-system-helpers

[Felipe Sateler]

On Sat, May 25, 2019 at 3:01 PM Lorenz  wrote:

> Sure, here is the link
>
> https://salsa.debian.org/debian/init-system-helpers/merge_requests/10
>
>
Thanks!

I'll take a look as soon as possible.

>

-- 

Saludos,
Felipe Sateler

Bug#929636: Acknowledgement (simple-cdd: qemu options are not implemented)

[Marc Fargas]

Attached a simple patch that works. Though my knowledge of how this
works is very limited so it might break something...

marc

--- /usr/bin/build-simple-cdd	2018-04-23 05:36:26.0 +0200
+++ ./build-simple-cdd	2019-05-27 18:47:26.177595431 +0200
@@ -532,8 +532,9 @@
 if self.env.get("use_serial_console"):
 qemu_opts.append("-nographic")
 
-# if [ -n "$mem" ]; then
-# qemu_opts="$qemu_opts -m $mem"
+if self.env.get("mem"):
+qemu_opts.append("-m")
+qemu_opts.append(self.env.get('mem'))
 
 # Hard disk image
 hd_img = os.path.join(self.env.get("simple_cdd_dir"), "qemu-test.hd.img")

Bug#928949: unblock: s3ql/3.1+dfsg-2

[Paul Gevers]

Control: tags -1 moreinfo

Hi David,

On Mon, 13 May 2019 15:52:56 -0400 David Gilman 
wrote:
> Users who want to use s3ql with Google's cloud storage API need to
> obtain an OAuth credential with the appropriate permissions. s3ql
> ships a helper binary s3ql_oauth_client that makes the appropriate API
> calls to obtain a token with the correct permissions. Google made
> breaking changes to the token's structure and s3ql_oauth_client is no
> longer able to create these tokens.
> 
> s3ql shipped a fix to s3ql_oauth_client in version 3.1. Please
> consider shipping version 3.1 in debian buster so users of s3ql and
> Google's cloud storage can obtain valid credentials. If the fix is not
> in buster users will be forced to figure out the OAuth flow by
> themselves (very painful) or grab a copy of s3ql 3.1 from its upstream
> just so they can run s3ql_oauth_client to get a token.

A new upstream release is not really what we want at this stage of the
release. How much of the package is actually broken right now? There are
quite a bit of changes, lots of it in documentation, but also new
functionality. How feasible would it be to do a targeted fix of the
issue at hand?

By the way, you could have mentioned you're not the maintainer.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#929600: slurm-llnl: FTBFS on 32-bit architectures

[Gennaro Oliva]

Hi Andreas,

On Mon, May 27, 2019 at 03:23:45PM +0200, Andreas Beckmann wrote:
> On 2019-05-27 11:23, Gennaro Oliva wrote:
> > I have prepared an updated version of the package available here:
> > 
> > https://people.debian.org/~oliva/slurm-llnl-16.05.9-1+deb9u4/
> 
> I can confirm that it builds locally in a pbuilder stretch/i386
> environment :-)

thank you very much for testing it!

It also builds locally under armel, armhf, mips and mipsel using sbuild.

Best regards,
-- 
Gennaro Oliva

Bug#928913: unblock: elpy/1.28.0-2

[Paul Gevers]

Control: tags -1 confirmed moreinfo

On Sun, 12 May 2019 19:33:57 -0400 Nicholas D Steeves
 wrote:
> Please unblock package elpy
> 
> I'm filing this unblock request before uploading to unstable.

Please go ahead and remove the moreinfo tag when there is something to
unblock.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#929579: [PATCH 1/2] configure: apply ${cross_prefix} to pkg-config calls

[Helmut Grohne]

Otherwise, we're searching for build architecture libraries which is not
what we want.

Signed-off-by: Helmut Grohne 
---
 configure | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index b0052dc1..82bd432e 100755
--- a/configure
+++ b/configure
@@ -1344,14 +1344,14 @@ int main(void)
   return GTK_CHECK_VERSION(2, 18, 0) ? 0 : 1; /* 0 on success */
 }
 EOF
-GTK_CFLAGS=$(pkg-config --cflags gtk+-2.0 gthread-2.0)
+GTK_CFLAGS=$(${cross_prefix}pkg-config --cflags gtk+-2.0 gthread-2.0)
 ORG_LDFLAGS=$LDFLAGS
 LDFLAGS=$(echo $LDFLAGS | sed s/"-static"//g)
 if test "$?" != "0" ; then
   echo "configure: gtk and gthread not found"
   exit 1
 fi
-GTK_LIBS=$(pkg-config --libs gtk+-2.0 gthread-2.0)
+GTK_LIBS=$(${cross_prefix}pkg-config --libs gtk+-2.0 gthread-2.0)
 if test "$?" != "0" ; then
   echo "configure: gtk and gthread not found"
   exit 1
-- 
2.20.1

Bug#929579: [PATCH 2/2] configure: check for gtk version using pkg-config

[Helmut Grohne]

The previous way of running a program was incompatible with cross
compilation. The program is still being compiled as a sanity check, but
no longer run.

Signed-off-by: Helmut Grohne 
---
 configure | 13 ++---
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/configure b/configure
index 82bd432e..383175ae 100755
--- a/configure
+++ b/configure
@@ -1356,19 +1356,18 @@ if test "$?" != "0" ; then
   echo "configure: gtk and gthread not found"
   exit 1
 fi
-if compile_prog "$GTK_CFLAGS" "$GTK_LIBS" "gfio" ; then
-  $TMPE
-  if test "$?" = "0" ; then
+if ! ${cross_prefix}pkg-config --atleast-version 2.18.0 gtk+-2.0; then
+  echo "GTK found, but need version 2.18 or higher"
+  gfio="no"
+else
+  if compile_prog "$GTK_CFLAGS" "$GTK_LIBS" "gfio" ; then
 gfio="yes"
 GFIO_LIBS="$LIBS $GTK_LIBS"
 CFLAGS="$CFLAGS $GTK_CFLAGS"
   else
-echo "GTK found, but need version 2.18 or higher"
+echo "Please install gtk and gdk libraries"
 gfio="no"
   fi
-else
-  echo "Please install gtk and gdk libraries"
-  gfio="no"
 fi
 LDFLAGS=$ORG_LDFLAGS
 fi
-- 
2.20.1

Bug#929446: marked as done (wireshark: CVE-2019-12295)

[Dr. Tobias Quathamer]

Am 27.05.19 um 19:04 schrieb Balint Reczey:
> Hi Tobias,
> 
> Thank you for taking care of packages with open security issues, but
> I'm wondering why you chose to do an immediate NMU.
> I planed uploading 2.6.9-1 today following the usual process we agreed
> on with the Security Team and I believe fixing this bug after 4 days
> it was opened is not an excessive amount of delay especially since two
> days were on a weekend.
> 
> Thanks,
> Balint

Hi Balint,

you're right, four days is really not a long time. I took this bug from
the RC bug list on udd.d.o and somehow saw a date from beginning of
April, so I assumed wrongly that this bug is nearly two months old
without any reaction from you. Probably I've mixed up a line on the UDD
page, I don't know where I got the wrong bug report date.

Shortly after I did the upload, I noticed that the bug is in fact only
four days old -- so I'm sorry about the upload, but I hope that it won't
interfere too much with your work.

Regards,
Tobias



signature.asc
Description: OpenPGP digital signature

Bug#929638: Single pixel lines of background shown in applications like kate and konsole

[Heinrich Schuchardt]

Package: plasma-desktop
Version: 4:5.14.5.1-1
Severity: normal

In different applications like kate and konsole single pixel lines of
windows behind the application shine through.

I have observed this both for Nvidia (GT710) and for AMD graphics cards,
both with Debian kernel and with a vanilla 5.1.5 kernel, both on arm64
and on amd64.

I am using a 4k monitor with screen scaling set to 160 % in the system
settings.

See appendix.

Best regards

Heinrich

-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: arm64 (aarch64)

Kernel: Linux 5.1.5-arm64-R001-arm64 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE= (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages plasma-desktop depends on:
ii  breeze   4:5.14.5-1
ii  kactivitymanagerd5.14.5-1
ii  kde-cli-tools4:5.14.5-1
ii  kded55.54.0-1
ii  kio  5.54.1-1
ii  kpackagetool55.54.0-1
ii  libappstreamqt2  0.12.5-1
ii  libc62.28-10
ii  libfontconfig1   2.13.1-2
ii  libfreetype6 2.9.1-3
ii  libgcc1  1:8.3.0-6
ii  libkf5activities55.54.0-1
ii  libkf5activitiesstats1   5.54.0-1
ii  libkf5archive5   5.54.0-1
ii  libkf5auth5  5.54.0-2
ii  libkf5baloo5 5.54.0-1
ii  libkf5codecs55.54.0-1
ii  libkf5completion55.54.0-1
ii  libkf5configcore55.54.0-1
ii  libkf5configgui5 5.54.0-1
ii  libkf5configwidgets5 5.54.0-1
ii  libkf5coreaddons55.54.0-1
ii  libkf5dbusaddons55.54.0-1
ii  libkf5declarative5   5.54.0-1
ii  libkf5emoticons-bin  5.54.0-1
ii  libkf5emoticons5 5.54.0-1
ii  libkf5globalaccel-bin5.54.0-1
ii  libkf5globalaccel5   5.54.0-1
ii  libkf5guiaddons5 5.54.0-1
ii  libkf5i18n5  5.54.0-1
ii  libkf5iconthemes55.54.0-1
ii  libkf5itemmodels55.54.0-1
ii  libkf5itemviews5 5.54.0-1
ii  libkf5jobwidgets55.54.0-1
ii  libkf5kcmutils5  5.54.0-1
ii  libkf5kdelibs4support5   5.54.0-1
ii  libkf5kiocore5   5.54.1-1
ii  libkf5kiofilewidgets55.54.1-1
ii  libkf5kiowidgets55.54.1-1
ii  libkf5newstuff5  5.54.0-2
ii  libkf5notifications5 5.54.0-1
ii  libkf5notifyconfig5  5.54.0-1
ii  libkf5package5   5.54.0-1
ii  libkf5parts5 5.54.0-1
ii  libkf5people55.54.0-1
ii  libkf5peoplewidgets5 5.54.0-1
ii  libkf5plasma55.54.0-1
ii  libkf5plasmaquick5   5.54.0-1
ii  libkf5quickaddons5   5.54.0-1
ii  libkf5runner55.54.0-1
ii  libkf5service-bin5.54.0-1
ii  libkf5service5   5.54.0-1
ii  libkf5solid5 5.54.0-1
ii  libkf5sonnetui5  5.54.0-1
ii  libkf5wallet-bin 5.54.0-1
ii  libkf5wallet55.54.0-1
ii  libkf5widgetsaddons5 5.54.0-1
ii  libkf5windowsystem5  5.54.0-1
ii  libkf5xmlgui55.54.0-1
ii  libkfontinst54:5.14.5.1-1
ii  libkfontinstui5  4:5.14.5.1-1
ii  libkworkspace5-5 4:5.14.5.1-1
ii  libphonon4qt5-4  4:4.10.2-1
ii  libqt5concurrent55.11.3+dfsg1-1
ii  libqt5core5a 5.11.3+dfsg1-1
ii  libqt5dbus5  5.11.3+dfsg1-1
ii  libqt5gui5   5.11.3+dfsg1-1
ii  libqt5network5   5.11.3+dfsg1-1
ii  libqt5printsupport5  5.11.3+dfsg1-1
ii  libqt5qml5   5.11.3-4
ii  libqt5quick5 5.11.3-4
ii  libqt5quickwidgets5  5.11.3-4
ii  libqt5sql5   5.11.3+dfsg1-1
ii  libqt5svg5   5.11.3-2
ii  libqt5widgets5   5.11.3+dfsg1-1
ii  

Bug#929637: unblock: cross-toolchain-base{,-ports,-mipsen} - rebuilt using glibc 2.28-10

[Matthias Klose]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

please unblock the three cross-toolchain-base* packages, rebuilt using glibc
2.28-10, which was already accepted for testing.

cross-toolchain-base 35
cross-toolchain-base-ports 29
cross-toolchain-base-mipsen 4

Bug#622836: Do not omit "write" in perlform examples

[積丹尼 Dan Jacobson]

retitle 622836 Do not omit "write" in perlform examples
found 622836 5.28.1-6
thanks

  Example:
 format STDOUT =
 @<<   @||   @>>
 "left",   "middle", "right"
 .
  Output:
 left  middleright

No. Output is nothing.

You need to say:

  Example:
 format STDOUT =
 @<<   @||   @>>
 "left",   "middle", "right"
 .
 write;

  Output:
 left  middleright

To have an actual working example.

Bug#929495: libpam-tmpdir: too strict permissions on /tmp/user may lead to errors in other programs

[Tollef Fog Heen]

]] Andrey Bondarenko 

Hi,

> By default both / and /tmp are world readable. Many programs was not
> tested with unreadable $TMP parent. Some of them may have bugs that may
> be triggered by pam_tmpfs installation. Find and fix all such bugs will
> be very time consuming task. Also pam_tmpdir may be installed by package
> dependencies, so user may not even notice change that caused the bug.

Given that this is the first time I've heard of such a bug in another
package (since I wrote pam-tmpdir back in 2001), I don't think they are
particularly common.

> Changing permissions of /tmp/user in pam_tmpdir package, to 755 will not
> reduce security mutch, but will stop triggering bugs in other packages
> by default.

While this is true, I disagree about the tradeoff.

> > If you precreate the directory before pam_tmpdir is invoked, the
> > permissions aren't changed.
> 
> Pre-creating /tmp/user by local admin is a possible workaround. Local
> admin may create rc.d script or systemd unit that creates /tmp/user with
> desired permissions, but would not providing such a script by the
> package itself be a better solution?

echo "d /tmp/user 0755 root root -" > /etc/tmpfiles.d/pam-tmpfiles.conf

I guess I could ship that in the default configuration, but with 0711
permissions, that'll make it pretty easy to find and change for
interested users.

-- 
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are

Bug#928185: unblock: openjdk-11/11.0.3+7-4

[Moritz Muehlenhoff]

On Mon, May 27, 2019 at 03:46:44PM +0200, Matthias Klose wrote:
> Control: tag -1 - moreinfo
> 
> On 02.05.19 10:30, Julien Cristau wrote:
> > Control: tag -1 moreinfo
> > 
> > Hi Matthias,
> > 
> > On Mon, Apr 29, 2019 at 06:12:36PM +0200, Matthias Klose wrote:
> >> Package: release.debian.org
> >> Severity: normal
> >> User: release.debian@packages.debian.org
> >> Usertags: unblock
> >>
> >> Please unblock openjdk-11/11.0.3+7-4. That's the quarterly security update 
> >> and
> >> should be released with buster.  No more updates planned until the next 
> >> security
> >> update in July.
> > 
> > From what I understand bug#926009 is a regression in that version.
> > There's no explanation that I can see for that change, no associated
> > bug, and it doesn't look appropriate.  Please revert it.
> 
> No.  With the change of ownership of the upstream jdk11-updates project, you 
> see
> that the patches applied to the Oracle builds and to the OpenJDK builds 
> differ,
> and the OpenJDK maintainers need to track issues based on tags in the issue
> tracker and backport these changes themself.  The LibreOffice packages are
> fixed, the gradle tests are not used.  Other vendors also ship OpenJDK with
> other vendor settings.
> 
> This is a minor change, and we had far more disruptive updates in OpenJDK 11
> itself like many late changes for documentation building.
> 
> I will continue to update the packages to the next security release which is
> expected in July.  If that's too late for the release, these will most likely 
> be
> handled by the security team.

Indeed, there's no point in not unblocking this now for buster; buster-security
updates will be based on following the openjdk-11 upstream releases as already
done for openjdk-7/8 in jessie/stretch.

Cheers,
Moritz

Bug#929513: marsshooter: Segfaults a few seconds after starting

[Markus Koschany]

Hi,

Am 25.05.19 um 10:34 schrieb Jacob Nevins:
> Package: marsshooter
> Version: 0.7.6-3
> Severity: important
> 
> When I start marsshooter, either from the desktop menu or command line,
> it runs for a few seconds (13-18s in my tests), and then segfaults.

I can't reproduce the segfault at the moment. I can play the game just
fine. You could try to install the -dbgsym package which might help us
to get a proper backtrace.

https://wiki.debian.org/HowToGetABacktrace

Regards,

Markus



signature.asc
Description: OpenPGP digital signature

Bug#929636: simple-cdd: qemu options are not implemented

[Marc Fargas]

Package: simple-cdd
Version: 0.6.6
Severity: normal

Dear Maintainer,

At the very end of the detailed example (simple-cdd.conf.detailed.gz)
the following appears:

# memory available within qemu, in MB
#mem=96

# additional options that get passed to qemu
#qemu_opts="-std-vga"

But these options have no effect at all.

Looking at the run_qemu() function in build-simple-cdd it appears that
this is not implemented. qemu_opts is a blank list, while 'mem' there's
a comment that looks like it comes from a previous shell script base
version, but never got implemented.

While it remains not implemented, the sample file should state so.
Though I'm not sure why it's not implemented, from a quick grasp of the
code, it looks like the commented section should read:

if self.env.get('mem'):
qemu_opts.append('-m')
qemu_opts.append(self.env['mem'])

I'm filing 'Severity: normal' but beware that the qemu defaults (atleast on my
system) imply so little memory that when the image launches the first
you get is a d-i warning about not enough memory. So it might be major.

Best,
marc


-- System Information:
Debian Release: 10.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages simple-cdd depends on:
ii  dctrl-tools 2.24-3
ii  debian-cd   3.1.23
ii  lsb-release 10.2019031300
ii  python3 3.7.2-1
ii  python3-simple-cdd  0.6.6
ii  reprepro5.3.0-1
ii  rsync   3.1.3-6
ii  wget1.20.1-1.1

Versions of packages simple-cdd recommends:
ii  dose-distcheck  5.0.1-12

Versions of packages simple-cdd suggests:
ii  qemu-kvm  1:3.1+dfsg-7

-- no debconf information

Bug#929446: marked as done (wireshark: CVE-2019-12295)

[Balint Reczey]

Hi Tobias,

Thank you for taking care of packages with open security issues, but
I'm wondering why you chose to do an immediate NMU.
I planed uploading 2.6.9-1 today following the usual process we agreed
on with the Security Team and I believe fixing this bug after 4 days
it was opened is not an excessive amount of delay especially since two
days were on a weekend.

Thanks,
Balint

On Mon, May 27, 2019 at 4:45 PM Debian Bug Tracking System
 wrote:
>
> Your message dated Mon, 27 May 2019 14:42:22 +
> with message-id 
> and subject line Bug#929446: fixed in wireshark 2.6.8-1.1
> has caused the Debian Bug report #929446,
> regarding wireshark: CVE-2019-12295
> to be marked as done.
>
> This means that you claim that the problem has been dealt with.
> If this is not the case it is now your responsibility to reopen the
> Bug report if necessary, and/or fix the problem forthwith.
>
> (NB: If you are a system administrator and have no idea what this
> message is talking about, this may indicate a serious mail system
> misconfiguration somewhere. Please contact ow...@bugs.debian.org
> immediately.)
>
>
> --
> 929446: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929446
> Debian Bug Tracking System
> Contact ow...@bugs.debian.org with problems
>
>
>
> -- Forwarded message --
> From: Salvatore Bonaccorso 
> To: Debian Bug Tracking System 
> Cc:
> Bcc:
> Date: Thu, 23 May 2019 19:56:24 +0200
> Subject: wireshark: CVE-2019-12295
> Source: wireshark
> Version: 2.6.8-1
> Severity: grave
> Tags: security upstream
> Forwarded: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778
> Control: found -1 2.6.7-1~deb9u1
>
> Hi,
>
> The following vulnerability was published for wireshark.
>
> CVE-2019-12295[0]:
> | In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the
> | dissection engine could crash. This was addressed in epan/packet.c by
> | restricting the number of layers and consequently limiting recursion.
>
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2019-12295
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12295
> [1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778
> [2] https://www.wireshark.org/security/wnpa-sec-2019-19.html
>
> Regards,
> Salvatore
>
>
>
> -- Forwarded message --
> From: "Dr. Tobias Quathamer" 
> To: 929446-cl...@bugs.debian.org
> Cc:
> Bcc:
> Date: Mon, 27 May 2019 14:42:22 +
> Subject: Bug#929446: fixed in wireshark 2.6.8-1.1
> Source: wireshark
> Source-Version: 2.6.8-1.1
>
> We believe that the bug you reported is fixed in the latest version of
> wireshark, which is due to be installed in the Debian FTP archive.
>
> A summary of the changes between this version and the previous one is
> attached.
>
> Thank you for reporting the bug, which will now be closed.  If you
> have further comments please address them to 929...@bugs.debian.org,
> and the maintainer will reopen the bug report if appropriate.
>
> Debian distribution maintenance software
> pp.
> Dr. Tobias Quathamer  (supplier of updated wireshark 
> package)
>
> (This message was generated automatically at their request; if you
> believe that there is a problem with it please contact the archive
> administrators by mailing ftpmas...@ftp-master.debian.org)
>
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Format: 1.8
> Date: Mon, 27 May 2019 16:08:44 +0200
> Source: wireshark
> Architecture: source
> Version: 2.6.8-1.1
> Distribution: unstable
> Urgency: medium
> Maintainer: Balint Reczey 
> Changed-By: Dr. Tobias Quathamer 
> Closes: 929446
> Changes:
>  wireshark (2.6.8-1.1) unstable; urgency=medium
>  .
>* Non-maintainer upload.
>* CVE-2019-12295
>  In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14,
>  the dissection engine could crash. This was addressed in
>  epan/packet.c by restricting the number of layers and
>  consequently limiting recursion. (Closes: #929446)
> Checksums-Sha1:
>  638a99183f0251eae3adcddc57e683e3b925ec84 3531 wireshark_2.6.8-1.1.dsc
>  55c82bbb3e02077378a512f69f6ff8e0f4dcc5cf 71716 
> wireshark_2.6.8-1.1.debian.tar.xz
>  e4ea88d8c0ddfbc1e510b9c76d088d2229e2eebc 25763 
> wireshark_2.6.8-1.1_amd64.buildinfo
> Checksums-Sha256:
>  71f0a3be5a1360c0b2e60eda3f71fc9d771254099e2296ed0839679c61f41b5a 3531 
> wireshark_2.6.8-1.1.dsc
>  4161d9c12abceb7ffce74e581b5762f4ee49f947b06fb690b408a95be1c8bd2c 71716 
> wireshark_2.6.8-1.1.debian.tar.xz
>  8f16585bc19d4455fcd4ae73c811e8494d7211a1dada520252db807480b54941 25763 
> wireshark_2.6.8-1.1_amd64.buildinfo
> Files:
>  00b410721d6db832f99b54d345fe28ae 3531 net optional wireshark_2.6.8-1.1.dsc
>  6c5f09f829283d29f4d3211f40839c5d 71716 net optional 
> wireshark_2.6.8-1.1.debian.tar.xz
>  821834ae84ee480417346744f29fe2aa 25763 net optional 
> 

Bug#929607: unblock: qemu/1:3.1+dfsg-8 (pre-upload)

[Niels Thykier]

Control: tags -1 moreinfo confirmed

Michael Tokarev:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Hi!
> I've prepared next release of the qemu debian package, with
> a few bugfixes, and am asking if it's okay to upload these
> changes to unstable (targetting buster). The change includes
> 3 security fixes which should go anyway, and 2 "other" fixes
> which are questionable, hence the pre-approval bugreport/question.
> 
> All changes are "easy" ones, and are mostly one-liners and are
> easy for review. All bugfixes has been appied upstream too.
> 
> Is it okay for the changes to go to buster?
> 
> Thanks,
> 
> /mjt
> 
> [...]
> +
> unblock qemu/1:3.1+dfsg-8
> 
> [...]
> 

Please go ahead with the upload and remove the moreinfo tag once it is
ready to be unblocked.

Thanks,
~Niels

Bug#928185: Bug#926009: openjdk-11 breaks libreoffice autopkgtests

[Thorsten Glaser]

On Tue, 2 Apr 2019, Rene Engelhard wrote:

> We as distros can patch it for LibreOffice, but this change breaks 
> LibreOffice out there unless
> patched, and I doubt they will (or will be happy) to add extra stanzas for 
> "Debian", "Ubuntu" or
> whatever else.
> 
> I really believe this should be reverted.

Yes, this is really weird, and…

> > On Mon, 1 Apr 2019, Matthias Klose wrote:

> > > > IMHO correctly so, some of the changes are so far away from the
> > > > freeze policy..
> > > 
> > > pointy comments won't help, because you will see these changes at least 
> > > in the
> > > first buster security update, so maybe some backports for libreoffice are

… I fail to see how this qualifies for a security update.

Perhaps you’ll wish to revert this change when building for
anything older than bullseye/sid. Sometimes, lies need to
be introduced when backporting (for either stable-security
or bpo) to keep the stability guarantee.

bye,
//mirabilos
-- 
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-235
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

**

Mit der tarent Academy bieten wir auch Trainings und Schulungen in den
Bereichen Softwareentwicklung, Agiles Arbeiten und Zukunftstechnologien an.

Besuchen Sie uns auf www.tarent.de/academy. Wir freuen uns auf Ihren Kontakt.

**

Bug#927808: gmsh: FTBFS in buster (/usr/include/occt/Standard_Version.hxx cannot be read)

[Ansgar]

Hi,

Kurt Kremitzki writes:
> On 5/17/19 4:14 AM, Ansgar wrote:
>> I tried and with this line removed gmsh builds again.  I'll ask the
>> release team about t-p-u or reverting in unstable.
[...]
> Sorry for not addressing this sooner such that you needed to spend time
> looking at it.  I was going to go ahead and do a +really upload with
> this fix either today or this weekend, so it shouldn't be necessary for
> you to spend any more time on it, unless you'd advise a different course
> of action. (This is my first Debian release, BTW.)

The release team said they prefer a +really upload[1].

  [1] https://bugs.debian.org/929108#10

Ansgar

Bug#929635: unblock: munin/2.0.49-1

[Holger Levsen]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package munin, it fixes three important bugs (and a bunch
of normal bugs). munin is a leaf package and 2.0.49 is just another bugfix
release and has been in sid since 11 days without any new issues reported.

munin (2.0.49-1) unstable; urgency=medium

  [ Lars Kruse ]
  * New upstream version 2.0.49, fixing the upstream issue #1187
(https://github.com/munin-monitoring/munin/issues/1187) which breaks the
visualization of comparison pages and the "problems" overview for munin's
default settings ("html_strategy" and "graph_strategy" being "cron").
  * New upstream version 2.0.48, fixing various issues, including bugs in:
- Accept DNS names in "allow" (Closes: #483617)
- Natural sort output on cpuspeed plugin (Closes: #924366)
- postgres_connections_ "Query failed!" (Closes: #924424)
- diskstat_ plugin fails with 4.19 kernels (Closes: #926146)
- open_files max is 18 quintillion, obscuring graph (Closes: #928211)
- upstream issues:
  * https://github.com/munin-monitoring/munin/issues/579:
A connection issue with a node leads to the premature removal of all
its graphs from the master visualization, if any plugin (from any
node) returned an invalid output.
  * https://github.com/munin-monitoring/munin/issues/951:
munin-async failed to handle plugins with names containing special
characters. Such valid plugins worked only locally, but not via
munin-async.
  * https://github.com/munin-monitoring/munin/issues/460:
In an fcgid-based setup (recommended when using nginx) every but the
first request for a "comparison" page returned invalid graphs due to
a mistaken permanent internal state change. This long-standing issue
plagued munin since wheezy.
  * Re-export upstream signing key without extra signatures.
  * Ensure that /var/cache/munin/www exists.
Thanks to Marvin Gülker (Closes: #927692)
  * Keep permission of /run/munin in sync for systemd and sysvinit

 -- Holger Levsen   Thu, 16 May 2019 01:21:08 +0200

$ debdiff munin_2.0.47-1.dsc  munin_2.0.49-1.dsc | diffstat
 ChangeLog   |   56 
 RELEASE |2 
 debian/changelog|   57 ++--
 debian/examples/systemd-fastcgi/munin-graph.service |   11 ++
 debian/examples/systemd-fastcgi/munin-graph.socket  |8 +
 debian/examples/systemd-fastcgi/munin-html.service  |   11 ++
 debian/examples/systemd-fastcgi/munin-html.socket   |8 +
 debian/munin-common.tmpfile |2 
 debian/munin-node.tmpfile   |2 
 debian/munin.examples   |1 
 debian/munin.init   |   10 +-
 debian/tests/munin-node/02.plugins.t|4 
 debian/upstream/signing-key.asc |   39 
 master/lib/Munin/Master/Config.pm   |   21 +++-
 master/lib/Munin/Master/HTMLOld.pm  |   92 ++--
 master/lib/Munin/Master/Node.pm |   32 --
 master/lib/Munin/Master/Update.pm   |3 
 master/lib/Munin/Master/UpdateWorker.pm |   26 -
 node/_bin/munin-asyncd.in   |5 -
 node/lib/Munin/Node/Config.pm   |1 
 node/lib/Munin/Node/SpoolWriter.pm  |9 +
 node/t/munin_node_spoolreader.t |   40 
 node/t/munin_node_spoolwriter.t |4 
 plugins/node.d.linux/acpi.in|2 
 plugins/node.d.linux/cpuspeed.in|2 
 plugins/node.d.linux/diskstat_.in   |4 
 plugins/node.d.linux/open_files.in  |6 -
 plugins/node.d/nutups_.in   |   16 ++-
 plugins/node.d/postgres_connections_.in |2 
 plugins/node.d/snmp__if_.in |4 
 30 files changed, 348 insertions(+), 132 deletions(-)

The full debdiff is attached.

unblock munin/2.0.49-1


-- 
tschau,
Holger

---
   holger@(debian|reproducible-builds|layer-acht).org
   PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C

Dance like no one's watching. Encrypt like everyone is.
diff -Nru munin-2.0.47/ChangeLog munin-2.0.49/ChangeLog
--- munin-2.0.47/ChangeLog	2019-02-28 15:43:36.0 +0100
+++ munin-2.0.49/ChangeLog	2019-05-09 05:45:43.0 +0200
@@ -1,5 +1,60 @@
 -*- text -*-
 
+munin-2.0.49, 2019-05-09
+
+---
+Summary
+---
+
+Bugfix release.
+
+--
+Detailed Changelog
+--
+
+Lars Kruse (2):
+  Fix the reversal of path manipulation

Bug#929634: easy-rsa: Program name mismatch in manpage

[Christoph Biedl]

Package: easy-rsa
Version: 3.0.6-1
Severity: minor

Dear Maintainer,

quoting the make-cadir(1) manpage:

| NAME
+make-cadir - create certificates dir
|
| SYNOPSIS
+ca-dir DIR

Please adjust the program name in the second place when convenient.

Regards,

Christoph

-- System Information:
Debian Release: 10.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.46 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: unable to detect

Versions of packages easy-rsa depends on:
ii  openssl  1.1.1b-2

Versions of packages easy-rsa recommends:
pn  opensc  

easy-rsa suggests no packages.



signature.asc
Description: PGP signature

Bug#929633: mobile-broadband-provider-info: version 20190116 is available

[Graham Inggs]

Source: mobile-broadband-provider-info
Version: 20170903-1
Severity: wishlist

Dear maintainer

A new upstream version, 20190116, has been tagged [1].

Regards
Graham


[1] https://gitlab.gnome.org/GNOME/mobile-broadband-provider-info/tags

Bug#922776: ppc64el fix

[Frédéric Bonnard]

Hi guys,
I just sent a merge request to fix this :
https://salsa.debian.org/med-team/libhmsbeagle/merge_requests/1
I included explanations in the patch.
Regards,

F.


pgpKxcj0oT0iY.pgp
Description: PGP signature

Bug#929629: mergechanges drops the binary packages from the Binary field when merging source and binary changes

[Mattia Rizzolo]

Hi Simon,

On Mon, May 27, 2019 at 04:29:57PM +0200, Matthias Klose wrote:
> mergechanges drops the binary packages from the Binary field when merging 
> source
> and binary changes.  Seen when trying to re-upload the binary openjdk-8 
> packages
> which were removed from unstable (all files at coccia.d.o:~doko/8).

I think this is regression after your changes, would you happen to have
the time to look at this and see if you can come up with a fix?

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#929495: Re[2]: Bug#929495: libpam-tmpdir: too strict permissions on /tmp/user may lead to errors in other programs

[Andrey Bondarenko]

Hi,

> That sounds like a bug in gwenview; why would it try to walk the tree?

I aggree, that there is a bug in gwenview, but I beleive it is also
pam_tmpdir bug (maybe not very important but still a bug).

By default both / and /tmp are world readable. Many programs was not
tested with unreadable $TMP parent. Some of them may have bugs that may
be triggered by pam_tmpfs installation. Find and fix all such bugs will
be very time consuming task. Also pam_tmpdir may be installed by package
dependencies, so user may not even notice change that caused the bug.

Changing permissions of /tmp/user in pam_tmpdir package, to 755 will not
reduce security mutch, but will stop triggering bugs in other packages
by default.

> If you precreate the directory before pam_tmpdir is invoked, the
> permissions aren't changed.

Pre-creating /tmp/user by local admin is a possible workaround. Local
admin may create rc.d script or systemd unit that creates /tmp/user with
desired permissions, but would not providing such a script by the
package itself be a better solution?


-- 
Andrey Bondarenko

Bug#929632: Unintentional removal of many packages

[Frank Rademakers]

Package: aptitude
System: Linux Mint 64-bit Cinnamon 19.1

After a fresh install, update and upgrade, I mistakenly entered: "sudo
aptitude install " in a terminal (trailing space, no package name), which
promptly started to uninstall many packages. The system became unresponsive
afterwards and started crashing.

Bug#929631: Could session.gc_probability being non-default be documented better ?

[Christian Ehrhardt]

Source: php7.3
Version: 7.3.4-2
Severity: minor

Hi,
I found the a somewhat lingering bug in Ubuntu which just as much
applies to Debian.
Hence I thought the best would be to forward that to you so that we
can go the same route on handling it.

The behavior is quite old since
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595706
I have found quite some refs, but not one directly asking for that yet
that would be solved.
I mean https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831752 is the
same bug, but closed for 7.0 being removed.

I didn't want to revive old bugs on my own, but obviously feel free to
close this and reassing the old one if you prefer that. Just let me
know so I can follow.

## From here on I'm quoting the original bug that Ubuntu got ##

The Ubuntu distribution of PHP doesn't use the usual PHP mechanism of
session garbage collection. It sets "session.gc_probability" to zero
in the php.ini file, thus making it seem like garbage collection is
disabled. In fact it still occurs but with a cron job.

In my Docker image, the PHP "sessionclean" program is being executed
and it seems that this uses the "session.gc_maxlifetime" setting from
the apache2 version of the php.ini file. However this is non-obvious
and not documented in the php.ini file. Thus when recently rebuilding
my Docker image for my web service, I started getting what seemed to
be premature session timeouts and I couldn't figure out why and I
ended up raising a bug on the PHP team
(https://bugs.php.net/bug.php?id=76368).

If the Ubuntu team is going to modify the PHP package so it differs in
behaviour from the description in the PHP provided documentation, then
they need to provide updated documentation.

I would suggest that the simplest solution is to update the php.ini
file so that where "session.gc_probability" is set to zero there is a
short paragraph saying why (because it is handled by the cron job) and
also make it clear somewhere in that file that the
"session.gc_maxlifetime" setting is still relevant even though
"session.gc_probability" is zero.

Bug#929630: unblock: wireshark/2.6.8-1.1

[Dr. Tobias Quathamer]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package wireshark. The NMU fixes CVE-2019-12295, reported
as Debian bug #929446.

unblock wireshark/2.6.8-1.1

Regards,
Tobias
diff --git a/debian/changelog b/debian/changelog
index 4699904b15..dbdda67912 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,14 @@
+wireshark (2.6.8-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2019-12295
+In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14,
+the dissection engine could crash. This was addressed in
+epan/packet.c by restricting the number of layers and
+consequently limiting recursion. (Closes: #929446)
+
+ -- Dr. Tobias Quathamer   Mon, 27 May 2019 16:08:44 +0200
+
 wireshark (2.6.8-1) unstable; urgency=medium
 
   * New upstream version 2.6.8
diff --git a/debian/patches/CVE-2019-12295.patch b/debian/patches/CVE-2019-12295.patch
new file mode 100644
index 00..494c09ee44
--- /dev/null
+++ b/debian/patches/CVE-2019-12295.patch
@@ -0,0 +1,42 @@
+Description: CVE-2019-12295
+ In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14,
+ the dissection engine could crash. This was addressed in
+ epan/packet.c by restricting the number of layers and
+ consequently limiting recursion.
+Origin: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7b6e197da4c497e229ed3ebf6952bae5c426a820
+Bug-Debian: https://bugs.debian.org/929446
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/epan/packet.c
 b/epan/packet.c
+@@ -725,6 +725,13 @@
+ call_dissector_work_error(dissector_handle_t handle, tvbuff_t *tvb,
+ 			  packet_info *pinfo_arg, proto_tree *tree, void *);
+ 
++/*
++ * XXX packet_info.curr_layer_num is a guint8 and *_MAX_RECURSION_DEPTH is
++ * 100 elsewhere in the code. We should arguably use the same value here,
++ * but using that makes suite_wslua.case_wslua.test_wslua_dissector_fpm fail.
++ */
++#define PINFO_LAYER_MAX_RECURSION_DEPTH 500
++
+ static int
+ call_dissector_work(dissector_handle_t handle, tvbuff_t *tvb, packet_info *pinfo_arg,
+ 		proto_tree *tree, gboolean add_proto_name, void *data)
+@@ -747,6 +754,7 @@
+ 	saved_proto = pinfo->current_proto;
+ 	saved_can_desegment = pinfo->can_desegment;
+ 	saved_layers_len = wmem_list_count(pinfo->layers);
++	DISSECTOR_ASSERT(saved_layers_len < PINFO_LAYER_MAX_RECURSION_DEPTH);
+ 
+ 	/*
+ 	 * can_desegment is set to 2 by anyone which offers the
+@@ -2675,6 +2683,8 @@
+ 	saved_layers_len = wmem_list_count(pinfo->layers);
+ 	*heur_dtbl_entry = NULL;
+ 
++	DISSECTOR_ASSERT(saved_layers_len < PINFO_LAYER_MAX_RECURSION_DEPTH);
++
+ 	for (entry = sub_dissectors->dissectors; entry != NULL;
+ 	entry = g_slist_next(entry)) {
+ 		/* XXX - why set this now and above? */
diff --git a/debian/patches/series b/debian/patches/series
index c3ea6754c4..1e3c412166 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,4 @@
 09_idl2wrs.patch
 16_licence_about_location.patch
 17_libdir_location.patch
+CVE-2019-12295.patch


signature.asc
Description: OpenPGP digital signature

Bug#929628: ITP: vectorgraphics2d -- library for adding vector export to Java Graphics2D

[merkys]

Package: wnpp
Owner: Andrius Merkys 
Severity: wishlist

* Package name    : vectorgraphics2d
  Version : 0.13
  Upstream Author : Erich Seifert 
* URL : https://github.com/eseifert/vectorgraphics2d
* License : LGPL-3+
  Programming Lang: Java
  Description : library for adding vector export to Java Graphics2D
 VectorGraphics2D provides implementations of Java's Graphics2D
interface and
 exports the graphics in various vector file formats. Currently, there is
 support for the following vector file formats:
 .
  * Encapsulated PostScript (EPS)
  * Scalable Vector Graphics (SVG)
  * Portable Document Format (PDF)
 .
 Additional formats can be easily added.

Remark: This package is to be maintained with Debian Java Maintainers at
   https://salsa.debian.org/java-team/vectorgraphics2d

This package is required by deepboof, which I intend to package.

-- 
Andrius Merkys
Vilnius University Institute of Biotechnology, Saulėtekio al. 7, room V325
LT-10257 Vilnius, Lithuania

Bug#929629: mergechanges drops the binary packages from the Binary field when merging source and binary changes

[Matthias Klose]

Package: devscripts
Version: 2.19.5

mergechanges drops the binary packages from the Binary field when merging source
and binary changes.  Seen when trying to re-upload the binary openjdk-8 packages
which were removed from unstable (all files at coccia.d.o:~doko/8).

Bug#926778: unblock: python3.7 3.7.3 packages

[Matthias Klose]

On 11.05.19 18:56, Paul Gevers wrote:
> Control: tags -1 moreinfo
> 
> Hi doko,
> 
> On Wed, 10 Apr 2019 10:23:15 +0200 Matthias Klose  wrote:
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usertags: unblock
>>
>> Please unblock python3.7, python3-stdlib-extensions and python3-defaults,
>> bumping the version to the final 3.7.3 release, and fixing a bus error on 
>> armhf,
>> and avoiding unaligned memory accesses on arm64.
> 
> This looks mostly OK (albeit a new upstream release, which we try to
> avoid unblocking),

The update beyond 3.7.2 with the goal of 3.7.3 was communicated and approved by
Emilio (pochu) even before doing the first upload from the 3.7 branch to
unstable.  Please let me know if there is anything I can do to avoid confusion
for future uploads.

> except you didn't document nor mentioned the g++-8

g++-8 is the default g++, so this really is a no-change.

> B-D change the locales change. Can you explain why that was done?

to be able to cross-build. That is a no-change for the native-build.

> These
> kind of changes are not in line with the freeze policy unless they fix
> serious issues. On top of that, (my python skills aren't that great), is
> the change in platform-lsbrelease.diff really required, or just more robust?

it silences a warning at runtime.

> Please make sure that during the release, you document *all* packaging
> changes in the changelog and if needed, elaborate in the unblock request.

will do for future uploads.

Matthias

Bug#928185: unblock: openjdk-11/11.0.3+7-4

[Emmanuel Bourg]

Le 27/05/2019 à 15:46, Matthias Klose a écrit :

> I will continue to update the packages to the next security release which is
> expected in July.  If that's too late for the release, these will most likely 
> be
> handled by the security team.

If openjdk-11 gets unblocked for Buster, it would be preferable to allow
11.0.3+7-4 to migrate (the actual 11.0.3 GA release we need in Buster)
and not 11.0.4+2-1 which is an intermediary release that won't be
finalized until July.

I guess this requires an upload to testing-proposed-updates, right?

Emmanuel Bourg

Bug#928185: unblock: openjdk-11/11.0.3+7-4

[Emmanuel Bourg]

Le 27/05/2019 à 15:46, Matthias Klose a écrit :

> No.  With the change of ownership of the upstream jdk11-updates project, you 
> see
> that the patches applied to the Oracle builds and to the OpenJDK builds 
> differ,
> and the OpenJDK maintainers need to track issues based on tags in the issue
> tracker and backport these changes themself.  The LibreOffice packages are
> fixed, the gradle tests are not used.  Other vendors also ship OpenJDK with
> other vendor settings.
> 
> This is a minor change, and we had far more disruptive updates in OpenJDK 11
> itself like many late changes for documentation building.

I've reviewed the use of the java.vendor property in Debian and the
occurrences I've found are either not used (in disabled tests for
example), without consequences (checking the IBM JVM only) or already
broken (still checking "Sun" instead of "Oracle", such as
apache-directory-server).

It still has the potential to break applications outside of the set of
packages we ship in Buster, but considering the insane amount of
breaking changes between OpenJDK 8 and OpenJDK 11 that's really a minor
detail, and developers are certainly ready to cope with that.

Emmanuel Bourg

Bug#929627: perlform: mention variables are not allowed for Filehandle

[積丹尼 Dan Jacobson]

Package: perl-doc
Version: 5.28.1-6
Severity: wishlist
File: /usr/share/man/man1/perlform.1.gz

Mention one cannot use
format $fh =
else get
syntax error near "format $fh "
Array found where operator expected near "@# @<"
(Missing operator before @

Bug#907034: e2fsprogs: mkfs.ext4 asks for "y/N" but requires a different char in some locales

[Theodore Ts'o]

Control: reopen -1

On Mon, May 27, 2019 at 01:22:43PM +0200, Matteo wrote:
> Package: e2fsprogs
> Version: 1.44.5-1~bpo9+1
> Followup-For: Bug #907034
> 
> in the stretch-backport version (and also in the strech one) of e2fsprogs, 
> with italian locale, mke2fs still asks for y/N, but expects "y" in order to 
> proceed.

My bad.  I fixed it for e2fsck, but not for mke2fs.  Thanks for
retesting and pointing out my mistake.  I'll fix it for the next
release, the same way I fixed it for e2fsck.  (We can still get in
trouble if there is some language where the word for yes beginsr with
a 'n', but Translations Are Hard --- it's just in this case, if the
translator doesn't keep up, and the language is wierd, it can result
in data loss.

I suppose could test for missing critical translations, and simply
abort and tell the user to "try again in English".  Hmm I may want
to do that...

- Ted

Bug#929626: "Paniclog has non-zero size" notification line count wrong

[積丹尼 Dan Jacobson]

Package: exim4-base
Version: 4.92-7
Severity: minor

User panics when he sees warning say "10 lines" but there are less than
10 lines.

> "r" == root   writes:

r> exim paniclog /var/log/exim4/paniclog on 8..org has non-zero size, 
mail system might be broken. The last 10 lines are quoted below.

r> 2019-05-26 07:27:32 1hUg4a-0003PP-IH 1hUg4a-0003PP-IH no recipients found in 
headers

(Yes, even if it is just using tail(1).)

Bug#928185: unblock: openjdk-11/11.0.3+7-4

[Matthias Klose]

Control: tag -1 - moreinfo

On 02.05.19 10:30, Julien Cristau wrote:
> Control: tag -1 moreinfo
> 
> Hi Matthias,
> 
> On Mon, Apr 29, 2019 at 06:12:36PM +0200, Matthias Klose wrote:
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usertags: unblock
>>
>> Please unblock openjdk-11/11.0.3+7-4. That's the quarterly security update 
>> and
>> should be released with buster.  No more updates planned until the next 
>> security
>> update in July.
> 
> From what I understand bug#926009 is a regression in that version.
> There's no explanation that I can see for that change, no associated
> bug, and it doesn't look appropriate.  Please revert it.

No.  With the change of ownership of the upstream jdk11-updates project, you see
that the patches applied to the Oracle builds and to the OpenJDK builds differ,
and the OpenJDK maintainers need to track issues based on tags in the issue
tracker and backport these changes themself.  The LibreOffice packages are
fixed, the gradle tests are not used.  Other vendors also ship OpenJDK with
other vendor settings.

This is a minor change, and we had far more disruptive updates in OpenJDK 11
itself like many late changes for documentation building.

I will continue to update the packages to the next security release which is
expected in July.  If that's too late for the release, these will most likely be
handled by the security team.

Matthias

Bug#929625: unblock: bird/1.6.6-1

[Marco d'Itri]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock the bird package because the version in testing has some 
serious bugs about routes propagation, better explained in the attached 
diff.

This was discussed in #928141, where one of the upstream maintainers 
recommended that 1.6.6 should get into testing.

The version currently in unstable has been in unstable for three months 
without any issues, and is the one that I am using in production (while 
the one currently in testing was toxic in my environment).

I am not the bird maintainer, but Ondřej looks busy and I am sure that 
he will not mind me requesting this.

I am attaching a debdiff from which I removed the generated files and 
some documentation/example changes not relevant for the Debian package.

unblock bird/1.6.6-1

-- 
ciao,
Marco
diff -Nru bird-1.6.5/ChangeLog bird-1.6.6/ChangeLog
--- bird-1.6.5/ChangeLog	2019-01-07 16:29:04.0 +0100
+++ bird-1.6.6/ChangeLog	2019-03-01 00:13:32.0 +0100
@@ -1,3 +1,86 @@
+commit b5d1903bf6ce454716e97828e6e4062bf17ac000
+Author: Ondrej Zajicek (work) 
+Date:   Tue Feb 26 18:10:04 2019 +0100
+
+NEWS and version update
+
+commit 2e7ee1c9d3158603c3b01bbef8559092ae46ae84
+Author: Ondrej Zajicek (work) 
+Date:   Fri Feb 22 02:33:01 2019 +0100
+
+Nest: Do not compare rte.flags during rte_update()
+
+Route flags are mosty internal state of rtable, they are not significant
+to whether a route has changed. With the old code, all routes received as
+a part of enhanced route refresh are always re-announced to other peers
+due to change in REF_STALE.
+
+commit 797969983d38149f4a0ea1f960becfac88fc2b8e
+Author: Ondrej Zajicek (work) 
+Date:   Tue Feb 19 18:32:45 2019 +0100
+
+Doc: Detect SP/OpenSP automatically
+
+commit b3fceeba30bd6a685de0aa17dbe6bcfd77d1ca29
+Author: Ondrej Zajicek (work) 
+Date:   Tue Feb 19 16:21:52 2019 +0100
+
+Nest: Prevent withdraws from propagation back to source protocol (for accepted mode)
+
+Update for one of previous patches, handles the the issue for
+first-accepted mode of route propagation.
+
+commit 2dd9800ab51a309add1c56aa9659c41f30481299
+Author: Ondrej Zajicek (work) 
+Date:   Tue Feb 19 16:00:30 2019 +0100
+
+Nest: Improve export counter handling
+
+One of previous workarounds for phantom route avoidance breaks export
+counters by expanding sending of spurious withdraws, which are send when
+we are not sure whether we have advertised that routes in the past.
+If not, then export counter is decreased, but it was not increased
+before, so it overflows under zero.
+
+The patch fixes that by sending spurious withdraws, but not counting them
+on export counter. That may lead to error in the other direction, but
+that happens only as a race condition (i.e., in normal operation filters
+return proper values about old route export state).
+
+commit b4438e40efa498325f38f0bf4681ecb2bbba4da7
+Author: Ondrej Zajicek (work) 
+Date:   Wed Jan 30 17:03:30 2019 +0100
+
+Nest: Prevent withdraws from propagation back to source protocol
+
+The earlier fix loosen conditions for not running filters on old
+route when deciding about route propagation to a protocol to avoid
+issues with ghost routes in some race conditions.
+
+Unfortunately, the fix also caused back-propagation of withdraws. For
+regular updates, back-propagation is prevented in import_control hooks,
+but these are not called on withdraws. For them, import_control hooks
+are called on old routes instead, changing (old, NULL) notification
+to (NULL, NULL), which is ignored. By not calling export processing
+in some cases, the withdraw is not ignored and is back-propagated.
+
+This patch fixes that by contract conditions so the earlier fix is not
+applied to back-propagated updates.
+
+commit ccb37330d062712935b3f3b9c236322d20c177f6
+Author: Ondrej Zajicek (work) 
+Date:   Sat Jan 26 21:03:36 2019 +0100
+
+Doc: Add documentation for OSPF retransmit delay option
+
+Thanks to Igor Podlesny for notification.
+
+commit e99e7d1c2de3a9b1a737735be2936dadf6ed1ab4
+Author: Ondrej Filip 
+Date:   Mon Jan 7 12:26:21 2019 +0100
+
+Added documentation for 'disable after cease'
+
 commit ef8974b7ca7595bc2685b222aa4822c13349a2e1
 Author: Ondrej Zajicek (work) 
 Date:   Sat Jan 5 00:37:31 2019 +0100
diff -Nru bird-1.6.5/debian/changelog bird-1.6.6/debian/changelog
--- bird-1.6.5/debian/changelog	2019-01-15 09:56:09.0 +0100
+++ bird-1.6.6/debian/changelog	2019-03-03 08:56:10.0 +0100
@@ -1,3 +1,9 @@
+bird (1.6.6-1) unstable; urgency=medium
+
+  * New upstream version 1.6.6
+
+ -- Ondřej Surý   Sun, 03 Mar 2019 07:56:10 +
+
 bird (1.6.5-1) unstable; urgency=medium
 
   * New upstream version 1.6.5
@@ -187,7 +193,7 @@
 bird (1.4.2-1) unstable; urgency=medium
 
   * New upstream version 

Bug#928756: debian-edu-config | Hand out all subdomains configured by default to all LTSP clients. (ca3b521f)

[Wolfgang Schweer]

On Sat, May 25, 2019 at 02:26:22PM +0200, Wolfgang Schweer wrote:
> The search-domain entry is missing in the LTSP client's /etc/resolv.conf 
> in this case (dedicated LTSP client network), because LTSP uses 
> 'ipappend 3' in its PXE configuration.
> 
> Debian Edu uses 'ipappend 2' for the main network.
> 
> So if out of site specific wishes LTSP clients in their dedicated subnet 
> should be added via GOsa with also DNS enabled, 'ipappend 2' should be 
> used instead of 'ipappend 3'.
> 
> This can be set permanently by editing the default file 
> /opt/ltsp//boot/pxelinux.cfg/ltsp-NBD and adjusting 
> /opt/ltsp//etc/ltsp/update-kernels.conf (last line) and finally 
> running 'ltsp-update-kernels'.

Some more information:

LTSP switched to 'ipappend 3' as failsafe default during the Buster 
development cycle, see this commit:
https://git.launchpad.net/ltsp/commit/?id=d4bd9546c05365c52bf210bfe715640df19ee95a
  

For Debian Edu, the former 'ipappend 2' is more useful because a proper 
DHCP service is available.

To get back to the previous behaviour, the setting needs to be adjusted 
at LTSP chroot installation time. This change would do it:

diff --git 
a/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings 
b/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings
index 81946b3d..039ef6ac 100644
--- a/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings
+++ b/share/ltsp/plugins/ltsp-build-client/Debian-custom/001-ltsp-settings
@@ -18,4 +18,8 @@ case $MODE in
 echo 'APT::Cmdline::ignore-trust-violations "true";'
 ) >> $ROOT/etc/apt/apt.conf.d/90ltsp-build-client
   ;;
+after-install)
+mkdir -p $ROOT/etc/ltsp/update-kernels.conf.d
+echo 'IPAPPEND="2"' > $ROOT/etc/ltsp/update-kernels.conf.d/pxe
+;;
 esac

Please check.

Wolfgang


signature.asc
Description: PGP signature

Bug#929623: wpasupplicant: fails to bring up wlan interface on Rasberry PI 3B

[Ben Mesman]

Subject: wpasupplicant: fails to bring up wlan interface on Rasberry PI 3B
Package: wpasupplicant
Version: 2:2.7+git20190128+0c1e29f-5
Severity: normal

Dear Maintainer,

At some point my testing install failed to bring up the wlan interface
on my Raspberry PI 3B. After a lot of trial and error, I narrowed it
down to either a bug in wpasupplicant 2.7 (or newer) or a bug in the
raspberry kernel, which is triggered by something new in the newer
versions of wpasupplicant.

I did a lot of investigation, and came to the following conclusions:

1. This only happens with the built-in wireless card of the PI 3B (even
the PI 3B+ works fine)

2. This bug happens independant of the used kernel version

3. Every version up to 2:2.6-21 (the last 2.6 version I could find in
Debian) works and every version from 2:2.7~git20180504+60a5737-1 (the
first 2.7 release I could find) exhibits the bug.

When connecting with a WPA-EAP network I get this in the syslog:

May 24 09:24:57 localhost wpa_supplicant[13331]: Successfully initialized 
wpa_supplicant
May 24 09:24:58 localhost dhclient[13339]: Internet Systems Consortium DHCP 
Client 4.4.1
May 24 09:24:58 localhost dhclient[13339]: Copyright 2004-2018 Internet Systems 
Consortium.
May 24 09:24:58 localhost dhclient[13339]: All rights reserved.
May 24 09:24:58 localhost dhclient[13339]: For info, please visit 
https://www.isc.org/software/dhcp/
May 24 09:24:58 localhost dhclient[13339]:
May 24 09:24:58 localhost dhclient[13339]: Listening on 
LPF/wlan0/b8:27:eb:23:12:6c
May 24 09:24:58 localhost dhclient[13339]: Sending on   
LPF/wlan0/b8:27:eb:23:12:6c
May 24 09:24:58 localhost dhclient[13339]: Sending on   Socket/fallback
May 24 09:24:58 localhost dhclient[13339]: DHCPDISCOVER on wlan0 to 
255.255.255.255 port 67 interval 4
May 24 09:24:58 localhost wpa_supplicant[13334]: wlan0: Trying to associate 
with SSID 'COMPANY'
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: Associated with 
e0:cb:bc:8b:54:e4
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-EAP-STARTED 
EAP authentication started
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: 
CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: 
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-EAP-METHOD 
EAP vendor 0 method 25 (PEAP) selected
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: 
CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/CN=VMCOMPANYAD02.company.local' 
hash=475dfb6460faafe5c41c2ab06386a7563ac8b3365df535005d462879fa784b9a
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-EAP-PEER-ALT 
depth=0 DNS:VMCOMPANYAD02.company.local
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: 
CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/CN=VMCOMPANYAD02.company.local' 
hash=475dfb6460faafe5c41c2ab06386a7563ac8b3365df535005d462879fa784b9a
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-EAP-PEER-ALT 
depth=0 DNS:VMCOMPANYAD02.company.local
May 24 09:24:59 localhost wpa_supplicant[13334]: EAP-MSCHAPV2: Authentication 
succeeded
May 24 09:24:59 localhost wpa_supplicant[13334]: EAP-TLV: TLV Result - Success 
- EAP-TLV/Phase2 Completed
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-EAP-SUCCESS 
EAP authentication completed successfully
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-CONNECTED - 
Connection to e0:cb:bc:8b:54:e4 completed [id=0 id_str=]
May 24 09:24:59 localhost kernel: [ 1714.764692] [ cut here 
]
May 24 09:24:59 localhost kernel: [ 1714.764909] WARNING: CPU: 3 PID: 13334 at 
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c:5124 
brcmf_cfg80211_set_pmk+0x6c/0x80 [brcmfmac]
May 24 09:24:59 localhost kernel: [ 1714.764916] Modules linked in: ipv6 
brcmfmac brcmutil sha256_generic cfg80211 joydev evdev rfkill bcm2835_v4l2(C) 
v4l2_common bcm2835_codec(C) v4l2_mem2mem videobuf2_vmalloc 
bcm2835_mmal_vchiq(C) videobuf2_dma_contig videobuf2_memops videobuf2_v4l2 
videobuf2_common videodev raspberrypi_hwmon hwmon media vc_sm_cma(C) 
uio_pdrv_genirq uio squashfs overlay fixed
May 24 09:24:59 localhost kernel: [ 1714.765082] CPU: 3 PID: 13334 Comm: 
wpa_supplicant Tainted: GWC4.19.42-v7+ #1219
May 24 09:24:59 localhost kernel: [ 1714.765088] Hardware name: BCM2835
May 24 09:24:59 localhost kernel: [ 1714.765122] [<80111eac>] 
(unwind_backtrace) from [<8010d430>] (show_stack+0x20/0x24)
May 24 09:24:59 localhost kernel: [ 1714.765144] [<8010d430>] (show_stack) from 
[<8080ec80>] (dump_stack+0xd4/0x118)
May 24 09:24:59 localhost kernel: [ 1714.765165] [<8080ec80>] (dump_stack) from 
[<80120904>] (__warn+0x104/0x11c)
May 24 09:24:59 localhost kernel: [ 1714.765182] [<80120904>] (__warn) from 
[<80120a54>] (warn_slowpath_null+0x50/0x58)
May 24 09:24:59 localhost kernel: [ 1714.765353] [<80120a54>] 
(warn_slowpath_null) from [<7f3e7ae0>] 

Bug#929624: wpasupplicant: fails to bring up wlan interface on Rasberry PI 3B

[Ben Mesman]

Subject: wpasupplicant: fails to bring up wlan interface on Rasberry PI 3B
Package: wpasupplicant
Version: 2:2.7+git20190128+0c1e29f-5
Severity: normal

Dear Maintainer,

At some point my testing install failed to bring up the wlan interface
on my Raspberry PI 3B. After a lot of trial and error, I narrowed it
down to either a bug in wpasupplicant 2.7 (or newer) or a bug in the
raspberry kernel, which is triggered by something new in the newer
versions of wpasupplicant.

I did a lot of investigation, and came to the following conclusions:

1. This only happens with the built-in wireless card of the PI 3B (even
the PI 3B+ works fine)

2. This bug happens independant of the used kernel version

3. Every version up to 2:2.6-21 (the last 2.6 version I could find in
Debian) works and every version from 2:2.7~git20180504+60a5737-1 (the
first 2.7 release I could find) exhibits the bug.

When connecting with a WPA-EAP network I get this in the syslog:

May 24 09:24:57 localhost wpa_supplicant[13331]: Successfully initialized 
wpa_supplicant
May 24 09:24:58 localhost dhclient[13339]: Internet Systems Consortium DHCP 
Client 4.4.1
May 24 09:24:58 localhost dhclient[13339]: Copyright 2004-2018 Internet Systems 
Consortium.
May 24 09:24:58 localhost dhclient[13339]: All rights reserved.
May 24 09:24:58 localhost dhclient[13339]: For info, please visit 
https://www.isc.org/software/dhcp/
May 24 09:24:58 localhost dhclient[13339]:
May 24 09:24:58 localhost dhclient[13339]: Listening on 
LPF/wlan0/b8:27:eb:23:12:6c
May 24 09:24:58 localhost dhclient[13339]: Sending on   
LPF/wlan0/b8:27:eb:23:12:6c
May 24 09:24:58 localhost dhclient[13339]: Sending on   Socket/fallback
May 24 09:24:58 localhost dhclient[13339]: DHCPDISCOVER on wlan0 to 
255.255.255.255 port 67 interval 4
May 24 09:24:58 localhost wpa_supplicant[13334]: wlan0: Trying to associate 
with SSID 'COMPANY'
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: Associated with 
e0:cb:bc:8b:54:e4
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-EAP-STARTED 
EAP authentication started
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: 
CTRL-EVENT-SUBNET-STATUS-UPDATE status=0
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: 
CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-EAP-METHOD 
EAP vendor 0 method 25 (PEAP) selected
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: 
CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/CN=VMCOMPANYAD02.company.local' 
hash=475dfb6460faafe5c41c2ab06386a7563ac8b3365df535005d462879fa784b9a
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-EAP-PEER-ALT 
depth=0 DNS:VMCOMPANYAD02.company.local
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: 
CTRL-EVENT-EAP-PEER-CERT depth=0 subject='/CN=VMCOMPANYAD02.company.local' 
hash=475dfb6460faafe5c41c2ab06386a7563ac8b3365df535005d462879fa784b9a
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-EAP-PEER-ALT 
depth=0 DNS:VMCOMPANYAD02.company.local
May 24 09:24:59 localhost wpa_supplicant[13334]: EAP-MSCHAPV2: Authentication 
succeeded
May 24 09:24:59 localhost wpa_supplicant[13334]: EAP-TLV: TLV Result - Success 
- EAP-TLV/Phase2 Completed
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-EAP-SUCCESS 
EAP authentication completed successfully
May 24 09:24:59 localhost wpa_supplicant[13334]: wlan0: CTRL-EVENT-CONNECTED - 
Connection to e0:cb:bc:8b:54:e4 completed [id=0 id_str=]
May 24 09:24:59 localhost kernel: [ 1714.764692] [ cut here 
]
May 24 09:24:59 localhost kernel: [ 1714.764909] WARNING: CPU: 3 PID: 13334 at 
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c:5124 
brcmf_cfg80211_set_pmk+0x6c/0x80 [brcmfmac]
May 24 09:24:59 localhost kernel: [ 1714.764916] Modules linked in: ipv6 
brcmfmac brcmutil sha256_generic cfg80211 joydev evdev rfkill bcm2835_v4l2(C) 
v4l2_common bcm2835_codec(C) v4l2_mem2mem videobuf2_vmalloc 
bcm2835_mmal_vchiq(C) videobuf2_dma_contig videobuf2_memops videobuf2_v4l2 
videobuf2_common videodev raspberrypi_hwmon hwmon media vc_sm_cma(C) 
uio_pdrv_genirq uio squashfs overlay fixed
May 24 09:24:59 localhost kernel: [ 1714.765082] CPU: 3 PID: 13334 Comm: 
wpa_supplicant Tainted: GWC4.19.42-v7+ #1219
May 24 09:24:59 localhost kernel: [ 1714.765088] Hardware name: BCM2835
May 24 09:24:59 localhost kernel: [ 1714.765122] [<80111eac>] 
(unwind_backtrace) from [<8010d430>] (show_stack+0x20/0x24)
May 24 09:24:59 localhost kernel: [ 1714.765144] [<8010d430>] (show_stack) from 
[<8080ec80>] (dump_stack+0xd4/0x118)
May 24 09:24:59 localhost kernel: [ 1714.765165] [<8080ec80>] (dump_stack) from 
[<80120904>] (__warn+0x104/0x11c)
May 24 09:24:59 localhost kernel: [ 1714.765182] [<80120904>] (__warn) from 
[<80120a54>] (warn_slowpath_null+0x50/0x58)
May 24 09:24:59 localhost kernel: [ 1714.765353] [<80120a54>] 
(warn_slowpath_null) from [<7f3e7ae0>] 

Bug#929600: slurm-llnl: FTBFS on 32-bit architectures

[Andreas Beckmann]

On 2019-05-27 11:23, Gennaro Oliva wrote:
> I have prepared an updated version of the package available here:
> 
> https://people.debian.org/~oliva/slurm-llnl-16.05.9-1+deb9u4/

I can confirm that it builds locally in a pbuilder stretch/i386
environment :-)


Andreas

Bug#929622: linux-image-4.19.0-0.bpo.4-amd64: Interface names are changing with Kernelupgrade to 4.19-bpo

[Stefan K]

Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Package: src:linux
Version: 4.19.28-2~bpo9+1
Severity: important

Dear Maintainer,

I recently upgraded from 4.9 to the 4.19 backport kernel. I thought that
we've predictable network interface names[1], but we don't.

With kernel 4.9 my network device is eno113, if I use kernel 4.19 its
eno113np0. The OS is running on a Dell PowerEdge R840.


[1]https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/

best regards
Stefan

-- Package-specific info:
** Version:
Linux version 4.19.0-0.bpo.4-amd64 (debian-ker...@lists.debian.org) (gcc 
version 6.3.0 20170516 (Debian 6.3.0-18+deb9u1)) #1 SMP Debian 4.19.28-2~bpo9+1 
(2019-03-27)

** Command line:
BOOT_IMAGE=/boot/vmlinuz-4.19.0-0.bpo.4-amd64 
root=UUID=90afa7e9-5fee-4bba-ba0d-9a689c0c0cb6 ro quiet

** Not tainted

** Kernel log:
[6.470984] iTCO_wdt: Intel TCO WatchDog Timer Driver v1.11
[6.471100] EFI Variables Facility v0.08 2004-May-17
[6.472995] iTCO_wdt: Found a Intel PCH TCO device (Version=4, 
TCOBASE=0x0400)
[6.473104] version 39.2
[6.475075] sd 0:0:0:0: Attached scsi generic sg0 type 0
[6.476824] hidraw: raw HID events driver (C) Jiri Kosina
[6.482365] iTCO_wdt: initialized. heartbeat=30 sec (nowayout=0)
[6.597748] wmi_bus wmi_bus-PNP0C14:00: WQBC data block query control method 
not found
[6.608745] RAPL PMU: API unit is 2^-32 Joules, 3 fixed counters, 655360 ms 
ovfl timer
[6.608747] RAPL PMU: hw unit of domain pp0-core 2^-14 Joules
[6.608747] RAPL PMU: hw unit of domain package 2^-14 Joules
[6.608748] RAPL PMU: hw unit of domain dram 2^-16 Joules
[6.646169] ipmi device interface
[6.655760] dcdbas dcdbas: Dell Systems Management Base Driver (version 
5.6.0-3.2)
[6.659323] IPMI System Interface driver.
[6.659365] ipmi_si dmi-ipmi-si.0: ipmi_platform: probing via SMBIOS
[6.659367] ipmi_si: SMBIOS: io 0xca8 regsize 1 spacing 4 irq 10
[6.659368] ipmi_si: Adding SMBIOS-specified kcs state machine
[6.659413] ipmi_si IPI0001:00: ipmi_platform: probing via ACPI
[6.659436] ipmi_si IPI0001:00: [io  0x0ca8] regsize 1 spacing 4 irq 10
[6.659438] ipmi_si dmi-ipmi-si.0: Removing SMBIOS-specified kcs state 
machine in favor of ACPI
[6.659439] ipmi_si: Adding ACPI-specified kcs state machine
[6.659741] ipmi_si: Trying ACPI-specified kcs state machine at i/o address 
0xca8, slave address 0x20, irq 10
[6.663248] systemd-journald[1362]: Received request to flush runtime 
journal from PID 1
[6.664471] usbcore: registered new interface driver usbhid
[6.664472] usbhid: USB HID core driver
[6.665286] pstore: ignoring unexpected backend 'efi'
[6.690291] checking generic (9100 30) vs hw (9100 100)
[6.690292] fb: switching to mgag200drmfb from EFI VGA
[6.690336] Console: switching to colour dummy device 80x25
[6.697042] [TTM] Zone  kernel: Available graphics memory: 98258468 kiB
[6.697044] [TTM] Zone   dma32: Available graphics memory: 2097152 kiB
[6.697045] [TTM] Initializing pool allocator
[6.697052] [TTM] Initializing DMA pool allocator
[6.701972] input: Avocent Keyboard/Mouse Function as 
/devices/pci:00/:00:14.0/usb1/1-14/1-14.1/1-14.1.1/1-14.1.1:1.0/0003:0624:0249.0001/input/input2
[6.719955] Adding 199822332k swap on /dev/sda3.  Priority:-2 extents:1 
across:199822332k SSFS
[6.726790] fbcon: mgadrmfb (fb0) is primary device
[6.726874] Console: switching to colour frame buffer device 128x48
[6.763372] hid-generic 0003:0624:0249.0001: input,hidraw0: USB HID v1.00 
Keyboard [Avocent Keyboard/Mouse Function] on usb-:00:14.0-14.1.1/input0
[6.763613] input: Avocent Keyboard/Mouse Function as 
/devices/pci:00/:00:14.0/usb1/1-14/1-14.1/1-14.1.1/1-14.1.1:1.1/0003:0624:0249.0002/input/input3
[6.763831] hid-generic 0003:0624:0249.0002: input,hidraw1: USB HID v1.00 
Mouse [Avocent Keyboard/Mouse Function] on usb-:00:14.0-14.1.1/input1
[6.818620] mgag200 :03:00.0: fb0: mgadrmfb frame buffer device
[6.823037] EDAC MC0: Giving out device to module skx_edac controller 
Skylake Socket#0 IMC#0: DEV :24:0a.0 (INTERRUPT)
[6.823101] EDAC MC1: Giving out device to module skx_edac controller 
Skylake Socket#0 IMC#1: DEV :24:0c.0 (INTERRUPT)
[6.823166] EDAC MC2: Giving out device to module skx_edac controller 
Skylake Socket#1 IMC#0: DEV :5a:0a.0 (INTERRUPT)
[6.823235] EDAC MC3: Giving out device to module skx_edac controller 
Skylake Socket#1 IMC#1: DEV :5a:0c.0 (INTERRUPT)
[6.823303] EDAC MC4: Giving out device to module skx_edac controller 
Skylake Socket#2 IMC#0: DEV :9a:0a.0 (INTERRUPT)
[6.823398] EDAC MC5: Giving out device to module skx_edac controller 
Skylake Socket#2 IMC#1: DEV :9a:0c.0 (INTERRUPT)
[6.823660] EDAC MC6: Giving out device to module skx_edac controller 
Skylake Socket#3 IMC#0: DEV :da:0a.0 (INTERRUPT)
[6.823885] 

Bug#926042: drawbacks of not having tbl in testing..

[Holger Levsen]

On Mon, May 27, 2019 at 02:18:54PM +0200, Ulrike Uhlig wrote:
> It would be useful to know with which statements or assumptions you do
> not agree with and why - so that the discussion may become more
> productive & helpful.
 
"cannot be maintained in stable". I think this can at least be tried.
And IMO its better to have tbl in stable until the 5th or 7th
pointrelease and then have it removed (if it has to be done), than not
having tbl at all, never.

> > anyway, i just want to point out that 'maintaining tbl in stretch via
> > stretch-backports' doesnt work because tbl is not in buster and thus, if
> > this bug gets retitled to 'tbl should not be part of bullseye',
> > maintaining tbl in buster via bullseye-backports will also not work.
> Do you have any suggestion on how to handle this?

maintain tbl in stable.


-- 
tschau,
Holger

---
   holger@(debian|reproducible-builds|layer-acht).org
   PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C

Our civilization is being sacrificed for the opportunity of a very small number
of people to continue making enormous amounts of money...  It is the sufferings
of the many  which pay  for the luxuries  of the few...  You say  you love your
children  above all else,  and yet  you are stealing  their future  in front of 
their very eyes...


signature.asc
Description: PGP signature

Bug#754513: Paper Submission - CFP International Conference @ University of Westminster, London, UK

[Stefania Wilson]

Dear Friends,


We would like to invite you to submit research article in the 9th Joint 
International Conference organised by Institute of Research Engineers and 
Doctors at University of Westminster, London, UK. The theme for the 2019 UK 
conference is to bring together innovative academics and industrial experts to 
a common forum. We would be delighted to have you present at this conference to 
hear what the technology experts and researchers have to share about the 
technology advancements and their impact on our daily lives.


Joint International Conference Consists of following tracks:




Track 1: 9th International Conference on Advances in Computing, Control and 
Networking - ACCN


Official Webiste: www.accn.theired.org




Track 2: 9th International Conference On Advances in Civil, Structural and 
Mechanical Engineering - ACSM


Official Webiste: www.acsm.theired.org




Track 3: 9th International Conference On Advances in Applied Science and 
Environmental Technology - ASET


Official Webiste: www.aset.theired.org




Track 4: 9th International Conference On Advances in Economics, Social Science 
and Human Behaviour Study - ESSHBS​




Official Webiste: www.esshbs.theired.org​




Conference Venue: University of Westminster, London, UK


Conference Date: 20 - 21 July 2019


Abstract/ Full Paper Submission For Review: 10 June 2019





About University of Westminster (Conference Venue):
--The University of Westminster is a public university in London, United 
Kingdom. Its antecedent institution, the Royal Polytechnic Institution, was 
founded in 1838 and was the first polytechnic institution in the UK. 
Westminster was awarded university status in 1992 meaning it could award its 
own degrees.


--Its headquarters and original campus are in Regent Street in the City of 
Westminster area of central London, with additional campuses in Fitzrovia, 
Marylebone and Harrow. It operates the Westminster International University in 
Tashkent in Uzbekistan.


--Westminster's academic activities are organised into seven faculties and 
schools, within which there are around 45 departments. The University has 
numerous centres of research excellence across all the faculties, including the 
Communication and Media Research Institute, whose research is ranked in the 
Global Top 40 by the QS World University Rankings. Westminster had an income of 
£170.4 million in 2012/13, of which £4.5 million was from research grants and 
contracts.


--Westminster is a member of the Association of Commonwealth Universities, the 
Association of MBAs, EFMD, the European University Association and Universities 
UK.


About Publication:​

All the registered papers will proudly be published by IRED-CPS and stored in 
the SEEK digital Library 

(www.seekdl.org). Each Paper will be assigned DOI (Digital Object Identifier) 
from CROSSREF. The Proc. will be submitted to ISI Thomson for Review and 
Indexing. Proc. will also be published in International Journals with ISSN 
Numbers.


Remote Presentation via Skype can also be arranged.


We would also like to share some conference photographs of previous held 
International conference that has been worldwide.


Kindly refer to the below 

Bug#929621: isc-dhcp-server: wrong URL to manufactor list

[Stefan K]

Package: isc-dhcp-server
Version: 4.3.5-3+deb9u1
Severity: normal

Dear Maintainer,

it looks like that the script shows the wrong URL[1] for the Manufactor
list. Please fix the URL to [2]

[1]https://standards.ieee.org/regauth/oui/oui.txt
[2]http://standards-oui.ieee.org/oui.txt

best regards
Stefan


-- System Information:
Debian Release: 9.9
 APT prefers stable-updates
 APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages isc-dhcp-server depends on:
ii  debconf [debconf-2.0]  1.5.61
ii  debianutils4.8.1.1
ii  libc6  2.24-11+deb9u4
ii  libdns-export162   1:9.10.3.dfsg.P4-12.3+deb9u5
ii  libirs-export141   1:9.10.3.dfsg.P4-12.3+deb9u5
ii  libisc-export160   1:9.10.3.dfsg.P4-12.3+deb9u5
ii  lsb-base   9.20161125

Versions of packages isc-dhcp-server recommends:
ii  isc-dhcp-common  4.3.5-3+deb9u1
ii  policycoreutils  2.6-3

Versions of packages isc-dhcp-server suggests:
pn  isc-dhcp-server-ldap  
pn  policykit-1   

-- Configuration Files:
/etc/dhcp/dhcpd.conf changed [not included]

-- debconf information excluded

Bug#926042: drawbacks of not having tbl in testing..

[Ulrike Uhlig]

Hi Holger,

On 27.05.19 11:56, Holger Levsen wrote:
> i'm not sure I agree with the assumptions from this bug report but

It would be useful to know with which statements or assumptions you do
not agree with and why - so that the discussion may become more
productive & helpful.

> anyway, i just want to point out that 'maintaining tbl in stretch via
> stretch-backports' doesnt work because tbl is not in buster and thus, if
> this bug gets retitled to 'tbl should not be part of bullseye',
> maintaining tbl in buster via bullseye-backports will also not work.

Do you have any suggestion on how to handle this?

Cheers,
Ulrike

Bug#929620: ITP: python-django-storages -- storage backends in Django

[Michael Fladischer]

Package: wnpp
Severity: wishlist
Owner: Michael Fladischer 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: python-django-storages
  Version : 1.7.1
  Upstream Author : Josh Schneier 
* URL : https://github.com/jschneier/django-storages/
* License : BSD-3-Clause, Expat
  Programming Lang: Python
  Description : storage backends in Django


 django-storages is a collection of custom storage backends for Django. Each
 storage backend has its own unique settings you will need to add to your
 settings.py file. Read the documentation for your storage engine(s) of choice
 to determine what you need to add.

I intend to maintain this package as part of DPMT.

-BEGIN PGP SIGNATURE-

iQFFBAEBCgAvFiEEqVSlRXW87UkkCnJc/9PIi5l90WoFAlzr1xoRHGZsYWRpQGRl
Ymlhbi5vcmcACgkQ/9PIi5l90WpZwgf/bY/LnCwGA+ODJGMC/5plSLKd0DhllDkA
LOQi9GTVMD+SuUN+HIPprHsgzs0smbVhGyAfbMVEUIkqZB6Iz7RfSHPoPm5aPU3A
viJ5rooUa0xldeOVzGE5q8lXRRmoXDjt0qKhxZJG6NfnQiLfAo69swzYDpaU7A3/
EaMD3rnkkLibmRZBXCXOP00jtPW7sFwprJI6ihpLsSgIYDLGOHol1Hv3xkbL3lYG
pu7ox/+iOU4IDR+tpa4QInTr2DcsYW64xKYwTULiW2cbLIZDpEHGnxsBp41aZwAN
qThSrD7kQSYl4jXS9cFZCvY8xSaQumZVJPvQ0uYozasM1Mz8pC/nNA==
=VEj8
-END PGP SIGNATURE-