Bug#939989: transition: gdal

[Sebastiaan Couwenberg]

On 11/23/19 10:15 PM, Paul Gevers wrote:
> On 08-11-2019 06:43, Sebastiaan Couwenberg wrote:
>> python-networkx is finally fixed, please remove the block to let gdal
>> migrate to testing, and let's move on with this transition.
> 
> python-networkx doesn't want to migrate, probably due to networkx not
> migrating. That in turn may (or may not) be due to the python 3.8
> transition that is currently ongoing.

Looks like the update to 2.4 broke some of the networkx rdeps, bugs filed:

 #945390: androguard: autopkgtest failures
 #945392: hyperkitty: autopkgtest failures
 #945393: skimage: autopkgtest failures

These three all have exceptions like:

 AttributeError: '' object has no attribute 'node'

There is also a python3.8 issue:

 #945389: skimage: FTBFS with python3.8 (test failures)

> Once both networkx packages have migrated to testing we're good to go
> with the gdal transition.

Let's see what happens first: this, or the QGIS 3.10.4 release which
makes use of GDAL 3 features.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1



signature.asc
Description: OpenPGP digital signature

Bug#945392: hyperkitty: autopkgtest failures

[Bas Couwenberg]

Source: hyperkitty
Version: 1.3.0-1
Severity: serious
Justification: makes the package in question unusable or mostly so

Dear Maintainer,

The autopkgtest for your package are failing, which prevent the testing 
migration of networkx.

The logging shows many exceptions like this:

 AttributeError: 'DiGraph' object has no attribute 'node'

See:

 
https://ci.debian.net/data/autopkgtest/testing/amd64/h/hyperkitty/3494471/log.gz

Kind Regards,

Bas

Bug#945393: skimage: autopkgtest failures

[Bas Couwenberg]

Source: skimage
Version: 0.14.2-3
Severity: serious
Justification: makes the package in question unusable or mostly so

Dear Maintainer,

The autopkgtest for your package are failing, which prevent the testing 
migration of networkx.

The logging shows many exceptions like this:

 AttributeError: 'RAG' object has no attribute 'node'

See:

 https://ci.debian.net/data/autopkgtest/testing/amd64/s/skimage/3494472/log.gz

Kind Regards,

Bas

Bug#945390: androguard: autopkgtest failures

[Bas Couwenberg]

Source: androguard
Version: 3.3.5-1
Severity: serious
Justification: makes the package in question unusable or mostly so

Dear Maintainer,

The autopkgtest for your package are failing, which prevent the testing 
migration of networkx.

The logging shows many exceptions like this:

 AttributeError: 'DiGraph' object has no attribute 'node'

See:

 
https://ci.debian.net/data/autopkgtest/testing/amd64/a/androguard/3495118/log.gz

Kind Regards,

Bas

Bug#945391: asciidocapi: fails with AttributeError: 'NoneType' object has no attribute 'loader'

[Simon Ruderich]

Package: asciidoc
Version: 8.6.10+git20190307.51d7c14-1
Severity: normal
Tags: patch

Hello,

using asciidocapi with the following small script (also attached)

#!/usr/bin/python3

import io
import sys

sys.path.append('/usr/share/asciidoc')
import asciidocapi


infile = io.StringIO('Test')
outfile = io.StringIO()

adoc = asciidocapi.AsciiDocAPI()
adoc.execute(infile, outfile)

results in an exception:

Traceback (most recent call last):
File "./test", line 13, in 
adoc = asciidocapi.AsciiDocAPI()
File "/usr/share/asciidoc/asciidocapi.py", line 209, in __init__
self.__import_asciidoc()
File "/usr/share/asciidoc/asciidocapi.py", line 244, in __import_asciidoc
module = importlib.util.module_from_spec(spec)
File "", line 580, in module_from_spec
AttributeError: 'NoneType' object has no attribute 'loader'

The attached patch fixes this issue (tested with python3.7 and
python3.8).

Regards
Simon
-- 
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9
#!/usr/bin/python3

import io
import sys

sys.path.append('/usr/share/asciidoc')
import asciidocapi


infile = io.StringIO('Test')
outfile = io.StringIO()

adoc = asciidocapi.AsciiDocAPI()
adoc.execute(infile, outfile)
--- /usr/share/asciidoc/asciidocapi.py.orig	2019-11-19 08:27:07.987333977 +0100
+++ /usr/share/asciidoc/asciidocapi.py	2019-11-24 08:23:19.141730508 +0100
@@ -239,9 +239,13 @@
 import imp
 module = imp.load_source('asciidoc', self.cmd)
 else:
-import importlib.util
-spec = importlib.util.spec_from_file_location('asciidoc', self.cmd)
-module = importlib.util.module_from_spec(spec)
+# Thanks to Mad Physicist for this solution, read on 2019-11-19
+# https://stackoverflow.com/questions/2601047/import-a-python-module-without-the-py-extension/43602645#43602645
+from importlib.util import spec_from_loader, module_from_spec
+from importlib.machinery import SourceFileLoader
+loader = SourceFileLoader('asciidoc', self.cmd)
+spec = spec_from_loader('asciidoc', loader)
+module = module_from_spec(spec)
 spec.loader.exec_module(module)
 self.asciidoc = module
 except ImportError:


signature.asc
Description: PGP signature

Bug#945389: skimage: FTBFS with python3.8 (test failures)

[Bas Couwenberg]

Source: skimage
Version: 0.14.2-3
Severity: serious
Justification: makes the package in question unusable or mostly so

Dear Maintainer,

Your package FTBFS as part of the python3.8 transition, see:

 
https://buildd.debian.org/status/fetch.php?pkg=skimage=amd64=0.14.2-3%2Bb1=1574494998=0
 https://buildd.debian.org/status/package.php?p=skimage

Kind Regards,

Bas

Bug#895462: Please keep asciidoc in Debian

[Simon Ruderich]

Hello,

please keep asciidoc in Debian. With the current python3 port it
will continue to work even when Python 2 is removed.

I'm using asciidoc for a few (private) projects which depend on
some features not yet provided by asciidoctor (e.g. proper
localization with support for multiple languages and flexibility
through additional config files).

Regards
Simon
-- 
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9


signature.asc
Description: PGP signature

Bug#945388: progress-linux: [INTL:de] updated German debconf translation

[Helge Kreutzmann]

Package: progress-linux
Version: 20190101-9
Severity: wishlist
Tags: patch l10n

Please find the updated German debconf translation for progress-linux
attached.

Please place this file in debian/po/ as de.po for your next upload.

If you update your template, please use 
'msgfmt --statistics '
to check the po-files for fuzzy or untranslated strings.

If there are such strings, please contact me so I can update the 
German translation.

Greetings
Helge
# German debconf translation of progress-linux
# Copyright (C) 2019 Helge Kreutzmann 
# This file is distributed under the same license as the progress-linux package.
msgid ""
msgstr ""
"Project-Id-Version: progress-linux 20181201-3\n"
"Report-Msgid-Bugs-To: progress-li...@packages.debian.org\n"
"POT-Creation-Date: 2019-11-18 17:31+0100\n"
"PO-Revision-Date: 2019-11-24 06:48+0100\n"
"Last-Translator: Helge Kreutzmann \n"
"Language-Team: German \n"
"Language: de\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"

#. Type: title
#. Description
#: ../progress-linux.templates:1001
msgid "Progress Linux: Setup"
msgstr "Progress Linux: Einrichtung"

#. Type: multiselect
#. Description
#: ../progress-linux.templates:2001
msgid "setup apt archives:"
msgstr "Apt-Archive einrichten:"

#. Type: multiselect
#. Description
#: ../progress-linux.templates:2001
msgid "Please select the apt archives to setup."
msgstr "Bitte wählen Sie die einzurichtenden Apt-Archive aus."

#. Type: multiselect
#. Description
#: ../progress-linux.templates:3001
msgid "setup apt archive areas:"
msgstr "Apt-Archivbereiche einrichten:"

#. Type: multiselect
#. Description
#: ../progress-linux.templates:3001
msgid "Please select the apt archive areas to setup."
msgstr "Bitte wählen Sie die einzurichtenden Apt-Archivbereiche aus."

#. Type: string
#. Description
#: ../progress-linux.templates:4001
msgid "enter apt mirror:"
msgstr "Eingabe APT-Spiegel-Server:"

#. Type: string
#. Description
#: ../progress-linux.templates:4001
msgid "Please specify the mirror to download packages from."
msgstr "Bitte legen Sie den Spiegel-Server zum Herunterladen von Paketen fest."

#. Type: string
#. Description
#: ../progress-linux.templates:4001
msgid ""
"If unsure, leave empty which will use the default mirror (https://cdn.deb.;
"progress-linux.org/packages)."
msgstr ""
"Falls Sie sich nicht sicher sind, lassen Sie die Eingabe leer und verwenden "
"den Vorgabe-Spiegel-Server (https://cdn.deb.progress-linux.org/packages)."

Bug#945387: plinth: [INTL:de] updated German debconf translation

[Helge Kreutzmann]

Package: plinth
Version: 19.21
Severity: wishlist
Tags: patch l10n

Please find the updated German debconf translation for plinth
attached.

Please place this file in debian/po/ as de.po for your next upload.

If you update your template, please use 
'msgfmt --statistics '
to check the po-files for fuzzy or untranslated strings.

If there are such strings, please contact me so I can update the 
German translation.

Greetings
Helge
# Translation of plinth debconf templates to German
# Copyright (C) 2019 FreedomBox packaging team 

# This file is distributed under the same license as the plinth package.
# Helge Kreutzmann , 2018, 2019.
#
msgid ""
msgstr ""
"Project-Id-Version: plinth 19.21\n"
"Report-Msgid-Bugs-To: pli...@packages.debian.org\n"
"POT-Creation-Date: 2019-11-18 18:11-0500\n"
"PO-Revision-Date: 2019-11-24 06:46+0100\n"
"Last-Translator: Helge Kreutzmann \n"
"Language-Team: german \n"
"Language: de\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"

#. Type: note
#. Description
#: ../templates:1001
msgid "FreedomBox first wizard secret - ${secret}"
msgstr "Passphrase des Ersteinrichtungsprogramms der FreedomBox - ${secret}"

#. Type: note
#. Description
#: ../templates:1001
msgid ""
"Please note down the above secret. You will be asked to enter this in the "
"first screen after you launch the FreedomBox web interface. In case you lose "
"it, you can retrieve it by running the following command:"
msgstr ""
"Bitte schreiben Sie diese geheime Zeichenkette auf. Sie werden auf dem "
"ersten Bildschirm nach dem Start der FreedomBox-Schnittstelle nach dieser "
"Zeichenkette gefragt werden. Falls Sie sie verlieren, können Sie sie durch "
"Ausführung des folgenden Befehls wiedererlangen:"

Bug#945386: open-font-design-toolkit: Python2 removal in sid/bullseye

[Steve Langasek]

Source: open-font-design-toolkit
Version: 1.7
Severity: serious
Tags: sid bullseye
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu focal

Dear maintainers,

The open-font-design-toolkit package is now uninstallable in unstable
because it depends on python-fontforge, a python2 module which has been
removed from the latest version of fontforge and is now only available in
unstable as an uninstallable cruft package:

$ sudo apt install open-font-design-toolkit 
Reading package lists... Done
Building dependency tree   
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 open-font-design-toolkit : Depends: python-fontforge but it is not going to be 
installed
Depends: xgridfit but it is not going to be 
installed
E: Unable to correct problems, you have held broken packages.
$

I don't know why this package was overlooked in the general mass bug filing
for python2 removals, but your package is currently unreleasable due to this
bug.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#945373: ITP: cf -- cf colorizes piped filenames w/Truecolor sRGB

[Don Armstrong]

On Sat, 23 Nov 2019, Adam Danischewski wrote:
> cf can be used in with find/ls commands in pipelines.
> 
> If you get used to using cf you will likely find it very difficult to
> imagine not using cf!!

cf is already in use by cloud foundry. Granted, it's not packaged in
Debian, but large numbers of people use it.

-- 
Don Armstrong  https://www.donarmstrong.com

This isn't life in the fast lane, it's life in the oncoming traffic
 -- Terry Pratchett

Bug#945385: xsane fails to start with two errors; scanimage does the same with or without sudo

[scott092707]

Package: xsane
Version: 0.999-7
Severity: important

Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Scott Jacobs 
To: Debian Bug Tracking System 
Subject: xsane fails to start with two errors; scanimage does the same with or 
without sudo
Bcc: Scott Jacobs 
Message-ID: 
<157456975091.3610.17500353917015447827.reportbug@ASUS-PRIME-B350M-A-CSM>
X-Mailer: reportbug 7.5.3
Date: Sat, 23 Nov 2019 23:29:10 -0500
X-Debbugs-Cc: scott092...@aol.com


Dear Maintainer,

Debian Testing LXQt.

Xsane from the menu puts up the "scanning for devices" window for awhile; it
then disappears.

>From the terminal, it is much the same, except that it eventually puts up a
window stating:
"Failed to open device 'hpaio:/usb/Deskjet_F300_series?serial=CN647B623804KH':
 Invalid argument."

scanimage -L fails with the first invocation, but then succeeds with the
second:
===
$ scanimage -L
scanimage: hp-option.c:3714: hp_optset_fix_geometry_options: Assertion `tl_x &&
tl_y && br_x && br_y' failed.
Aborted

$ scanimage -L
device `hpaio:/usb/Deskjet_F300_series?serial=CN647B623804KH' is a Hewlett-
Packard Deskjet_F300_series all-in-one
===

Attempting an actual scan twice yields two different errors:
===
$ scanimage -p -B -vvv --format=jpeg  >Desktop/scanimage.jpg
scanimage: hp-option.c:3714: hp_optset_fix_geometry_options: Assertion `tl_x &&
tl_y && br_x && br_y' failed.
Aborted

$ scanimage -p -B -vvv --format=jpeg  >Desktop/scanimage.jpg
scanimage: open of device hpaio:/usb/Deskjet_F300_series?serial=CN647B623804KH
failed: Invalid argument
Calling sane_exit
scanimage: finished
===

using sudo yields the same two errors
===
sudo -HE scanimage -p -B -vvv --format=jpeg  >Desktop/scanimage.jpg
[sudo] password for scott:
scanimage: hp-option.c:3714: hp_optset_fix_geometry_options: Assertion `tl_x &&
tl_y && br_x && br_y' failed.
Aborted

$ sudo -HE scanimage -p -B -vvv --format=jpeg  >Desktop/scanimage.jpg
scanimage: open of device hpaio:/usb/Deskjet_F300_series?serial=CN647B623804KH
failed: Invalid argument
Calling sane_exit
scanimage: finished

$ sudo scanimage -p -B -vvv --format=jpeg  >Desktop/scanimage.jpg
scanimage: open of device hpaio:/usb/Deskjet_F300_series?serial=CN647B623804KH
failed: Invalid argument
Calling sane_exit
scanimage: finished
===

Various terminal commands:
===
$ lsusb
...
Bus 001 Device 006: ID 03f0:5511 HP, Inc DeskJet F300 series
...

$ ls -l /dev/bus/usb/001
...
crw-rw-r--+ 1 root lp   189, 5 Nov 22 21:02 006
...

$ getfacl /dev/bus/usb/001/006
getfacl: Removing leading '/' from absolute path names
# file: dev/bus/usb/001/006
# owner: root
# group: lp
user::rw-
user:scott:rw-
group::rw-
mask::rw-
other::r--
===


Using the same computer and printer/scanner, I have no problem scanning with
xsane or scanimage from my Lubuntu Next 17.10 LXQt install:
===
$ scanimage -L
device `hpaio:/usb/Deskjet_F300_series?serial=CN647B623804KH' is a Hewlett-
Packard Deskjet_F300_series all-in-one

$ scanimage -p -B -vvv --format=jpeg  >Desktop/scanimage_2.jpg
scanimage: scanning image of size 638x877 pixels at 24 bits/pixel
scanimage: acquiring RGB frame
scanimage: min/max graylevel value = 0/255
scanimage: read 1678578 bytes in total
Closing device
Calling sane_exit
scanimage: finished

$ lsusb
...
Bus 001 Device 006: ID 03f0:5511 Hewlett-Packard DeskJet F300 series
...

$ ls -l /dev/bus/usb/001
...
crw-rw-r--+ 1 root lp   189, 5 Nov 22 22:29 006
...

$ getfacl /dev/bus/usb/001/006
getfacl: Removing leading '/' from absolute path names
# file: dev/bus/usb/001/006
# owner: root
# group: lp
user::rw-
user:scott:rw-
group::rw-
mask::rw-
other::r--
===





-- System Information:
Debian Release: bullseye/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_CRAP
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages xsane depends on:
ii  libc62.29-2
ii  libgimp2.0   2.10.12-1
ii  libglib2.0-0 2.62.2-2
ii  libgtk2.0-0  2.24.32-4
ii  libjpeg62-turbo  1:1.5.2-2+b1
ii  liblcms2-2   2.9-3+b1
ii  libpng16-16  1.6.37-1
ii  libsane  1.0.27-3.2
ii  libtiff5 

Bug#945384: visp: autopkgtest regression

[Steve Langasek]

Source: visp
Version: 3.2.0-1
Severity: serious
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu focal

Dear maintainers,

The autopkgtests for visp 3.2.0-1 have regressed vs prior versions of this
package, which means it will not migrate to testing.

The test failure happens to be different in Debian vs. Ubuntu.  In Debian
it appears to be failing due to uninstallability.  This uninstallability
doesn't affect Ubuntu (libvisp-detection-dev is installable in Ubuntu), but
once past this failure the test fails due to what looks like a missing
dependency of the -dev package:

autopkgtest [00:17:15]: test build: [---
g++: error: /usr/lib/x86_64-linux-gnu/libOpenGL.so: No such file or directory
g++: error: /usr/lib/x86_64-linux-gnu/libGLX.so: No such file or directory
g++: error: /usr/lib/x86_64-linux-gnu/libGLU.so: No such file or directory
g++: error: /usr/lib/x86_64-linux-gnu/libCoin.so: No such file or directory
g++: error: /usr/lib/x86_64-linux-gnu/libXi.so: No such file or directory
autopkgtest [00:17:16]: test build: ---]
[...]

  (http://autopkgtest.ubuntu.com/packages/v/visp/focal/amd64)

Looking at the autopkgtest in question, it appears that pkg-config for visp
is emitting libraries in its Libs: field that are provided by packages which
it does not depend on.  So this points to an actual bug in visp that needs
fixing. 

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#945383: RM: notify-python -- RoQA; Python2 pkg replaced by python3-notify2

[Jeremy Bicha]

Oh, it's not an arch-all package.

Thanks,
Jeremy Bicha

Bug#898478: Please upgrade package to kpcli 3.2

[Kevin Otte]

kpcli 3.3 was released on 2019-08-16

On Sat, 12 May 2018 12:55:33 +0200 Hannes von Haugwitz
 wrote:

> Package: kpcli
> Version: 3.1-3
> Severity: wishlist
>
> Hi,
>
> kpcli 3.2 was released in Dec 2017. Please consider to upgrade the
> package.
>
> Thanks.
>
> Best regards
>
> Hannes
>
>

Bug#945383: RM: notify-python -- RoQA; Python2 pkg replaced by python3-notify2

[Jeremy Bicha]

Package: ftp.debian.org
X-Debbugs-Cc: notify-pyt...@packages.debian.org
Affects: src:notify-python

notify-python has no remaining reverse dependencies. It is blocking
the removal of pygtk and Python 2.

Its replacement is python3-notify2 or gir1.2-notify-0.7 (for GTK apps
using Python).

Please remove notify-python from Debian. It is an arch-all package so
it may need special handling.

Thanks,
Jeremy Bicha

Bug#945345: therion: Missing build-dep on python; build-depend on python3 instead

[Olly Betts]

On Fri, Nov 22, 2019 at 11:30:00PM -0800, Steve Langasek wrote:
> Rather than adding a build-dependency on python, which is deprecated, I have
> attached a patch which moves the invocation to python3 instead and added a
> build-dependency on python3.

I do wish upstream would pick a scripting language.  There are scripts
in python, perl and tcl.

Feel free to NMU your fix.

Cheers,
Olly

Bug#945382: ITP: sourcetrail -- interactive source explorer and visualization tool

[Anuradha Weeraman]

Package: wnpp
Severity: wishlist
Owner: Anuradha Weeraman 

* Package name: sourcetrail
  Version : 2019.4.61
  Upstream Author : Eberhard Gräther 
* URL : https://github.com/CoatiSoftware/Sourcetrail
* License : GPL-3
  Programming Lang: C++
  Description : interactive source explorer and visualization tool

Sourcetrail is an interactive source explorer that simplifies navigation
and visualization of source code. Sourcetrail first indexes a given
code base and gathers data about its structure and then provides a
simple interface consisting of three interactive views for navigation
and visualization:

 - Search: to quickly find and select indexed symbols in the source code.

 - Graph: displays the structure of the source code. It focuses on the
 currently selected symbol and directly shows all incoming and outgoing
 dependencies to other symbols.

 - Code: displays all source locations of the currently selected symbol
 in a list of code snippets. Clicking on a different source location
 allows you to change the selection and dig deeper.

Sourcetrail currently supports the languages C/C++ and Java.

-- 
Regards
Anuradha

Bug#943705:

[joh bud]

Bug#945055: intel-microcode: CPU runs at considerably higher temperatures

[Henrique de Moraes Holschuh]

On Thu, Nov 21, 2019, at 22:34, Christoph Anton Mitterer wrote:
> After some further tests I think it could be actually independent of
> the microcode and rather be kernel 5.3's fault.

To make sure of that, we need to ensure the mitigations are enabled in the 5.2 
kernel you are using.

Please send the output of the grep line:
grep . /sys/devices/system/cpu/vulnerabilities/*

With the 5.2 kernel in the new microcode (20191115).

Thank you!

-- 
  Henrique de Moraes Holschuh 

Bug#936745: re: ipywidgets: Python2 removal in sid/bullseye

[Scott Kitterman]

On Tue, 19 Nov 2019 06:59:36 + peter green  wrote:
> unblock 936745 by 936995
> severity 936745 serious
> thanks
> 
> matplotlib2 no longer has any dependencies or build-dependencies on packages 
built from the ipywidgets source.
> 
> According to https://ftp-master.debian.org/users/dktrkranz/NBS ipywidgets 
has dependencies or build-depdencies on several packages that are no longer 
built by their corresponding source packages.
> 
> ipywidgets build-depends on python-coverage.
> python-widgetsnbextension depends on python-notebook
> 
> It seems like it is time to drop python2 support from this package.

Sagemath still build-depends on it, but it's already not in testing for many 
reasons, so I agree it makes sense to go ahead with the removal.  

Scott K

signature.asc
Description: This is a digitally signed message part.

Bug#945348: python3-joblib: Missing new dependency python3-pkg-resources

[Yaroslav Halchenko]

On Sat, 23 Nov 2019, Andreas Tille wrote:

> Package: python3-joblib
> Version: 0.14.0-0.2
> Severity: critical
> Tags: patch
> Justification: breaks unrelated software


> Hi,

> as per latest debci log of spades[1] joblib needs python3--pkg-resources.

> I will add this to the dependencies but I will also take over joblib
> packaging to Debian Science team to make the package watched by a
> greater audience.  I've got confirmation from Yaroslav for similar
> cases in the past so I assume its OK.

Yes, thank you Andreas!  If you could also keep it at debcompat 10, all
backport gods would favor you ;)

-- 
Yaroslav O. Halchenko
Center for Open Neuroscience http://centerforopenneuroscience.org
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834   Fax: +1 (603) 646-1419
WWW:   http://www.linkedin.com/in/yarik

Bug#932582: anbox: ignores mouse input

[Ivan Vucica]

Package: anbox
Version: 0.0~git20191115-1
Followup-For: Bug #932582

This still occurs when using Debian buster's kernel plus current unstable's
anbox on Nvidia.

Per update on 2019-07-22, I understand that this is unlikely to be fixable
downstream, but I'd like to provide this additional information for future
reporters.

Unlike Phil, I have not attempted to run the Snap version at this time.

After resizing windows, there is some animation happening (scrollbars
appearing in builtin Settings app), so I think it's genuinely an input
and not a rendering issue.

-- System Information:
Debian Release: 10.0
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-5-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_CRAP, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages anbox depends on:
ii  init-system-helpers 1.56+nmu1
ii  iptables1.8.2-4
ii  libboost-filesystem1.67.0   1.67.0-13
ii  libboost-iostreams1.67.01.67.0-13
ii  libboost-log1.67.0  1.67.0-13
ii  libboost-program-options1.67.0  1.67.0-13
ii  libboost-system1.67.0   1.67.0-13
ii  libboost-thread1.67.0   1.67.0-13
ii  libc6   2.29-3
ii  libegl1 1.1.0-1
ii  libgcc1 1:8.3.0-6
ii  libgles21.1.0-1
ii  liblxc1 1:3.1.0+really3.0.3-8
ii  libprotobuf-lite17  3.6.1.3-2
ii  libsdl2-2.0-0   2.0.10+dfsg1-1
ii  libsdl2-image-2.0-0 2.0.4+dfsg1-1+deb10u1
ii  libstdc++6  8.3.0-6
ii  libsystemd0 243-8
ii  lxc 1:3.1.0+really3.0.3-8

Versions of packages anbox recommends:
ii  dbus-user-session  1.12.16-1

anbox suggests no packages.

-- no debconf information

Bug#945381: python3-bcolz: missing Breaks+Replaces: python-bcolz

[Andreas Beckmann]

Package: python3-bcolz
Version: 1.2.1+ds2-4
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'testing'.
It installed fine in 'testing', then the upgrade to 'sid' fails
because it tries to overwrite other packages files without declaring a
Breaks+Replaces relation.

See policy 7.6 at
https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces

>From the attached log (scroll to the bottom...):

  Preparing to unpack .../python3-bcolz_1.2.1+ds2-4_amd64.deb ...
  Unpacking python3-bcolz (1.2.1+ds2-4) ...
  dpkg: error processing archive 
/var/cache/apt/archives/python3-bcolz_1.2.1+ds2-4_amd64.deb (--unpack):
   trying to overwrite 
'/usr/share/doc/python3-bcolz/tutorials/tutorial_carray.ipynb', which is also 
in package python-bcolz 1.2.1+ds2-2+b1
  Errors were encountered while processing:
   /var/cache/apt/archives/python3-bcolz_1.2.1+ds2-4_amd64.deb


cheers,

Andreas


python-bcolz=1.2.1+ds2-2+b1_python3-bcolz=1.2.1+ds2-4.log.gz
Description: application/gzip

Bug#945380: RM: mopidy-dirble -- ROM; The dirble.com service is no longer operational

[Stein Magnus Jodal]

Package: ftp.debian.org
Severity: normal

Hi,

As the maintainer of mopidy-dirble, I request the removal of the package
from unstable as the dirble.com radio channel directory service that
mopidy-dirble depends upon is no longer operational.

Thanks,

-- 
Stein Magnus Jodal
jo...@debian.org


signature.asc
Description: PGP signature

Bug#945379: archive.debian.org: sarge/non-US missing

[Thorsten Glaser]

Package: ftp.debian.org
Severity: wishlist


There’s currently no sarge/non-US on archive.debian.org ☹
Some mirrors still have it, though.

Bug#765854: Umount ecryptfs on logout

[Sudip Mukherjee]

Hi All,

Is anything happening with this? 

Will it be a problem anywhere if the session is removed from
common-session-noninteractive like Michael suggested?

Or another way I was testing today is to get the name of the parent
process from mount.ecryptfs_private.c and skip incrementing the counter
if the parent process is 'systemd'.


--
Regards
Sudip

Bug#945378: ITP: fence-virt -- Pluggable fencing framework for virtual machines

[Valentin Vidic]

Package: wnpp
Severity: wishlist
Owner: Valentin Vidic 

* Package name: fence-virt
  Version : 0.9.0
  Upstream Author : Red Hat, Inc.
* URL : https://github.com/ClusterLabs/fence-virt
* License : GPLv2
  Programming Lang: C
  Description : Pluggable fencing framework for virtual machines

The fencing framework consists of the agent (fence_virt) and
the host daemon (fence_virtd). The fence_virtd host daemon is
responsible for processing fencing requests from fence_virt agents
running in virtual machines and routing the requests to the
appropriate physical machine for action.

This package is useful for Corosync/Pacemaker clusters running
inside virtual machines. The package will be maintained by the
Debian HA Team .

Bug#945377: jami: Received message is not displayed

[Bruno Kleinert]

Package: jami
Version: 20190215.1.f152c98~ds1-1+b1
Severity: normal

Hi,

when Jami receives a text message with emoticons they are sometimes displayed
as empty messages. Please see attached screenshot, the empty box on the left.

To reveal a message select it, and copy and paste it to, e.g., gedit. The
message in the screenshot ended with the emoticon ''. Text messages without
emoticons are not affected.

Cheers - Bruno



-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.3.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages jami depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.34.0-1
ii  jami-daemon  20190215.1.f152c98~ds1-1+b1
ii  libayatana-appindicator3-1   0.5.4-1
ii  libc62.29-3
ii  libcairo21.16.0-4
ii  libcanberra-gtk3-0   0.30-7
ii  libcanberra0 0.30-7
ii  libclutter-1.0-0 1.26.2+dfsg-12
ii  libclutter-gtk-1.0-0 1.8.4-4
ii  libgcc1  1:9.2.1-19
ii  libgdk-pixbuf2.0-0   2.40.0+dfsg-1
ii  libglib2.0-0 2.62.2-3
ii  libgtk-3-0   3.24.12-1
ii  libnm0   1.20.6-1
ii  libnotify4   0.7.8-1
ii  libpango-1.0-0   1.42.4-7
ii  libqrencode4 4.0.2-2
ii  libqt5core5a 5.12.5+dfsg-2
ii  libqt5dbus5  5.12.5+dfsg-2
ii  libqt5gui5   5.12.5+dfsg-2
ii  libqt5sql5   5.12.5+dfsg-2
ii  libqt5sql5-sqlite5.12.5+dfsg-2
ii  libstdc++6   9.2.1-19
ii  libwebkit2gtk-4.0-37 2.26.2-1
ii  libx11-6 2:1.6.8-1

jami recommends no packages.

jami suggests no packages.

Bug#945376: Debian Bug Tracking System

[Mateusz Skowroński]

Package: shiboken2
Version: 5.13.2-2
Severity: normal

Dear Maintainer,
it seems that shiboken2 is unusable with Python 3.8.
I'm getting this error: "TypeError: 'Shiboken.ObjectType' object is not
iterable on Python 3.8"

Please see this:
https://bugreports.qt.io/projects/PYSIDE/issues/PYSIDE-1140?filter=allissues
and this: https://bugreports.qt.io/browse/PYSIDE-939

Could you please consider downgrading to 3.7?

Cheers,
Mateusz



-- System Information:
Debian Release: bullseye/sid
 APT prefers unstable
 APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.3.0-2-amd64 (SMP w/16 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8),
LANGUAGE= (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages shiboken2 depends on:
ii  libc6 2.29-3
ii  libclang1-8   1:8.0.1-4
ii  libgcc1   1:9.2.1-19
ii  libqt5core5a  5.12.5+dfsg-2
ii  libstdc++69.2.1-19
ii  libxml2   2.9.4+dfsg1-8
ii  libxslt1.11.1.32-2.2

shiboken2 recommends no packages.

shiboken2 suggests no packages.

-- no debconf information


-- 
AKA f3nix AKA metyl AKA skowri ;)

Bug#945374: php-imagick: Lost changelog for 3.4.3-4.1

[Salvatore Bonaccorso]

Source: php-imagick
Version: 3.4.4-1
Severity: minor

Hi

The 3.4.4-1 upload to unstable did not include the 3.4.3-4.1 changelog
from the NMU from Dominik fixing CVE-2019-11037. Would it be possible
to merge those changes? (The BTS for instance would get slightly
confused, I have already added an additional fixed version for the
3.4.4-1 upload).

Regards,
Salvatore

Bug#945375: gnome-control-center: Segmentation fault when selecting display on secondary GPU.

[Mladen Mijatov]

Package: gnome-control-center
Version: 1:3.34.1-1
Severity: important

As explained in the subject, upon selecting display which is connected to the
secondary GPU whole application crashes with "segmentation fault".

Bellow is the output from terminal with `--verbose` flag:

~ $ gnome-control-center --verbose
22:41:03.0357 cc-object-storage:DEBUG: Finished creating D-Bus
proxy for CcObjectStorage::dbus-
proxy(org.gnome.SettingsDaemon.Color,/org/gnome/SettingsDaemon/Color,org.gnome.SettingsDaemon.Color)
22:41:03.0358 cc-object-storage:DEBUG: Adding object GDBusProxy
(CcObjectStorage::dbus-
proxy(org.gnome.SettingsDaemon.Color,/org/gnome/SettingsDaemon/Color,org.gnome.SettingsDaemon.Color)
→ 0x5589b8b01480) to the storage
22:41:03.0358  display-cc-panel:DEBUG: setting adjustment -1.000 to
-1:-0
22:41:03.0358  display-cc-panel:DEBUG: setting adjustment -1.000 to
-1:-0
22:41:03.0359 cc-object-storage:DEBUG: Finished creating D-Bus
proxy for CcObjectStorage::dbus-
proxy(org.gnome.SettingsDaemon.Color,/org/gnome/SettingsDaemon/Color,org.freedesktop.DBus.Properties)
22:41:03.0359 cc-object-storage:DEBUG: Adding object GDBusProxy
(CcObjectStorage::dbus-
proxy(org.gnome.SettingsDaemon.Color,/org/gnome/SettingsDaemon/Color,org.freedesktop.DBus.Properties)
→ 0x5589b80a5630) to the storage
22:41:03.0359 cc-object-storage:DEBUG: Finished creating D-Bus
proxy for CcObjectStorage::dbus-
proxy(org.gnome.Shell,/org/gnome/Shell,org.gnome.Shell)
22:41:03.0359 cc-object-storage:DEBUG: Adding object GDBusProxy
(CcObjectStorage::dbus-proxy(org.gnome.Shell,/org/gnome/Shell,org.gnome.Shell)
→ 0x5589b80a56c0) to the storage
22:41:03.0360  display-cc-panel:DEBUG: SensorProxy vanished
22:41:03.0360  display-cc-panel:DEBUG: Has no accelerometer
22:41:03.0377  display-cc-panel:DEBUG: Resetting current config!
Segmentation fault



-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.2.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnome-control-center depends on:
ii  accountsservice0.6.55-1
ii  apg2.2.3.dfsg.1-5+b1
ii  colord 1.4.3-4
ii  desktop-base   10.0.3
ii  desktop-file-utils 0.24-1
ii  gnome-control-center-data  1:3.34.1-1
ii  gnome-desktop3-data3.34.1-1
ii  gnome-settings-daemon  3.34.1-1+b1
ii  gsettings-desktop-schemas  3.34.0-2
ii  libaccountsservice00.6.55-1
ii  libatk1.0-02.34.1-1
ii  libc6  2.29-3
ii  libcairo2  1.16.0-4
ii  libcheese-gtk253.34.0-1+b1
ii  libcheese8 3.34.0-1+b1
ii  libcolord-gtk1 0.1.26-2
ii  libcolord2 1.4.3-4
ii  libcups2   2.3.0-6
ii  libfontconfig1 2.13.1-2+b1
ii  libgdk-pixbuf2.0-0 2.40.0+dfsg-1
ii  libglib2.0-0   2.62.2-3
ii  libgnome-bluetooth13   3.34.0-1
ii  libgnome-desktop-3-18  3.34.1-1
ii  libgoa-1.0-0b  3.34.1-1
ii  libgoa-backend-1.0-1   3.34.1-1
ii  libgsound0 1.0.2-4
ii  libgtk-3-0 3.24.12-1
ii  libgtop-2.0-11 2.40.0-2
ii  libgudev-1.0-0 233-1
ii  libibus-1.0-5  1.5.19-4+deb10u1
ii  libkrb5-3  1.17-6
ii  libmm-glib01.10.4-0.1
ii  libnm0 1.20.6-1
ii  libnma01.8.24-1
ii  libpango-1.0-0 1.42.4-7
ii  libpangocairo-1.0-01.42.4-7
ii  libpolkit-gobject-1-0  0.105-26
ii  libpulse-mainloop-glib013.0-3
ii  libpulse0  13.0-3
ii  libpwquality1  1.4.2-1
ii  libsecret-1-0  0.19.1-1
ii  libsmbclient   2:4.11.1+dfsg-3
ii  libsoup2.4-1   2.68.2-1
ii  libudisks2-0   2.8.4-1
ii  libupower-glib30.99.11-1
ii  libwacom2  1.1-1
ii  libwayland-server0 1.17.0-1
ii  libx11-6   2:1.6.8-1
ii  libxi6 2:1.7.9-1
ii  libxml22.9.4+dfsg1-8

Versions of packages gnome-control-center recommends:
ii  cracklib-runtime  2.9.6-3
ii  cups-pk-helper0.2.6-1+b1
ii  gkbd-capplet  3.26.1-1
ii  gnome-online-accounts 3.34.1-1
ii  gnome-user-docs   3.34.0-2
ii  gnome-user-share  3.34.0-2
ii  iso-codes 4.4-1
ii  libcanberra-pulse 0.30-7
ii  libnss-myhostname 243-8
ii  mousetweaks 

Bug#945365: v4l-utils: [INTL:de] Updated German translation

[Gregor Jasny]

Hello,

thank you for translating. I committed your translation upstream:
https://git.linuxtv.org/v4l-utils.git/commit/?id=9a1155dbaa1ce1b3d1610b223fe58fc65a734a10

And also addressed the fixme.

Thanks,
Gregor

Bug#909439: version mismatch, the other way

[Paul Gevers]

Hi Rebecca,

On 23-11-2019 21:45, Rebecca N. Palmer wrote:
> The autopkgtest is timestamped 15:22, the amd64 build finish 15:47.
> Maybe this test was triggered by something other than
> python-feather-format itself?

So it is, one can see that in the second line of the log:
--pin-packages=unstable=src:pandas,src:python-feather-format,src:python-skbio,src:statsmodels

The first package listed there is the triggering package. The rest come
from (versioned) Depends/Breaks/Conflicts relations.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#939989: transition: gdal

[Paul Gevers]

Hi

On 08-11-2019 06:43, Sebastiaan Couwenberg wrote:
> python-networkx is finally fixed, please remove the block to let gdal
> migrate to testing, and let's move on with this transition.

python-networkx doesn't want to migrate, probably due to networkx not
migrating. That in turn may (or may not) be due to the python 3.8
transition that is currently ongoing.

Once both networkx packages have migrated to testing we're good to go
with the gdal transition.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#945107: Fix some more crashes

[Markus Koschany]

Hi,

On Tue, 19 Nov 2019 16:07:47 -0500 Asher Gordon  wrote:
> Dear Maintainer,
> 
> I have written a patch to fix some more crashes. This has not been fixed
> upstream (although it is the same issue; storing a pointer in an integer
> type too small to store a pointer).
> 
> Here is the patch:

Thanks for the report and patch. I have packaged a Git snapshot of
berusky2 now and applied your patch on top of it.

Regards,

Markus

Bug#945373: ITP: cf -- cf colorizes piped filenames w/Truecolor sRGB

[Adam Danischewski]

Package: wnpp
Severity: wishlist
Owner: Adam Danischewski 

* Package name: cf
  Version : 1.0
  Upstream Author : Adam Danischewski 
* URL : https://github.com/AdamDanischewski/cf 
* License : Creative Commons, CC BY-SA 4.0
  Programming Lang: AWK 
  Description : cf colorizes piped filenames w/Truecolor sRGB

cf improves the commandline user experience by adding extensive filename
coloring capabilities via pipelines. cf colorizes mapped file extensions
to a Truecolor sRGB triplet.

cf colors piped file names by file extension according to their respective
colormap["ext"] entry in the system-wide or user defined cf config file.

cf can be used in with find/ls commands in pipelines.

If you get used to using cf you will likely find it very difficult to
imagine not using cf!!

Why not just use ls --color via LS_COLORS? First ls --color doesn't 
color piped filename data. cf is better documented and easier to 
configure than LS_COLORS (and dircolors) and allows the user to hit 
the ground running with sensible defaults. 

Another improvement that cf has other than working with pipes, being 
well documented and having an extensive default color mappings already 
set up - cf also has fallback logic that allows files to be colored only 
if they don't match on other defined file extensions. 

For instance, suppose you set up hidden files to be colored rouge and 
jpg files to be colored green. A hidden jpg would be colored rouge 
normally because you have configured hidden files to be rouge. With 
fallback logic you can unset hidden mappings from rouge to the empty 
string ("") and set fb_hidden to rouge. Now when you pipe the hidden 
jpg through cf it will be colored green as you wished for jpg's but any 
other hidden files that don't have a color mapping for their file 
extension (if they have one) will be colored rouge. 

cf is very easy to use and try out effectively, after installing simply 
run cf -? for usage. You can use the cf -ls to test piping the current 
directory through cf. Use the cf -A to add an ls alias to your {.bashrc,
.zshrc} file that colors cf and you are all set. 

The default system wide configuration file is located at: 
/etc/cf/cf_default.conf

User defined config file is located at (not installed by default): 
~/.config/cf/cf_user.conf

To customize filename colors you can change the system wide default 
settings or generate a user config file with cf -C to customize your 
user coloring settings as you wish. 

Also, cf is awk based and very fast! 

I plan on maintaining cf myself, although I plan to keep it simple, it
is really good at what it does and I don't expect to add much to it. 
I have utilized cf for a while personally yet now have made it available 
if anyone does find a bug I will quickly fix it. 

Sponsorship offers are welcome. 

Bug#909439: version mismatch, the other way

[Rebecca N. Palmer]

On 23/11/2019 20:35, Paul Gevers wrote:

Hi Rebecca,

On 23-11-2019 15:33, Rebecca N. Palmer wrote:

https://ci.debian.net/data/autopkgtest/testing/amd64/p/python-feather-format/3483361/log.gz
appears to have the opposite problem: it finds the new source (-3), but
as this had not yet been built, it used the old binary (-2).


The root cause here should be a mirror that is out-of-date, as britney
only schedules the tests when the build is done (so your statement isn't
correct).


The autopkgtest is timestamped 15:22, the amd64 build finish 15:47. 
Maybe this test was triggered by something other than 
python-feather-format itself?



It will be retried after one day and all should be fine.


It now is.

Bug#945372: unicycler: please add skip-not-installable restriction to autopkgtest

[Paul Gevers]

Source: unicycler
Version: 0.4.8+dfsg-1
X-Debbugs-CC: debian...@lists.debian.org
User: debian...@lists.debian.org
Usertags: issue

Dear maintainers, Andreas,

The release team has recently added arm64 to the list of architectures
where autopkgtests are run. I noticed that unicycle reported a
regression there, which on inspection boiled down to the fact that the
arch specific package is not build there. However, probably because the
source also builds an arch:all package, the migration software will
trigger an autopkgtest run on arm64 which fails due to
non-installability of the test dependencies (@ and @builddeps@). The
proper way around this is to add the skip-not-installable restriction
[1] to your test declaration in d/t/control.

I have added a hint to ignore the issue for this time. But in due time,
we will consider all autopkgtest failures in testing a serious bug (RC).

Thanks.

Paul

[1]
https://salsa.debian.org/ci-team/autopkgtest/raw/master/doc/README.package-tests.rst

skip-not-installable
This test might have test dependencies that can't be fulfilled on
all architectures. Therefore, when apt-get installs the
dependencies, it will fail. Don't treat this as a test failure, but
instead treat it as if the test was skipped.



signature.asc
Description: OpenPGP digital signature

Bug#870314: Does not properly clean up /usr/share/meson/mesonbuild/ on purge

[Jussi Pakkanen]

On Thu, Nov 21, 2019 at 7:15 AM  wrote:

> Attached is a patch that seems to fix the problem in this bug.

I tested this and it seems to work. This will be in the next release
upload. Thanks.

Bug#945371: python3-eyed3: pylast API change prevents import of eyed3.plugins.lastfm

[Jan Medlock]

Package: python3-eyed3
Version: 0.8.10-1
Severity: normal

Dear Maintainer,
This pylast commit removed the COVER_* constants, so importing
eyed3.plugins.lastfm no longer works:
https://github.com/pylast/pylast/commit/d1d17314b2280b20fc4a825e68987b77ac989c53

References to COVER_* in eyed3.plugins.lastfm should simply be changed
to the equivalent SMALL_*, e.g. COVER_LARGE should be replaced with
SIZE_LARGE.

Thanks!
Jan

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.3.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages python3-eyed3 depends on:
ii  python33.7.5-3
ii  python3-magic  2:0.4.15-2
ii  python3-six1.13.0-1

python3-eyed3 recommends no packages.

Versions of packages python3-eyed3 suggests:
ii  python3-pil   6.2.1-2+b1
ii  python3-pylast3.1.0-1
ii  python3-requests  2.21.0-1

-- no debconf information

Bug#909439: version mismatch, the other way

[Paul Gevers]

Hi Rebecca,

On 23-11-2019 15:33, Rebecca N. Palmer wrote:
> https://ci.debian.net/data/autopkgtest/testing/amd64/p/python-feather-format/3483361/log.gz
> appears to have the opposite problem: it finds the new source (-3), but
> as this had not yet been built, it used the old binary (-2).

The root cause here should be a mirror that is out-of-date, as britney
only schedules the tests when the build is done (so your statement isn't
correct). It's annoying that it can happen.

Further, this is not a huge issue (albeit confusing for people looking
into). It will be retried after one day and all should be fine.

It's the opposite that I worry about, a version X which passes while if
it would have correctly run with X+1 it would show a fail. So, a
regression that goes unnoticed due the issue you mention above.

> The testing excuses pages for both pandas and python-feather-format
> currently list this as a test of -3, which it is not.  The debci summary
> page doesn't appear to list it at all - is that intended to fix this bug?

No, we changed debci a bit to only show "pure" runs in the overview
page, i.e. runs without pinned packages. Follow the link under "britney"
and you'll go to the page with all the runs scheduled by the migration
software.

> (It failed because -2 is uninstallable due to the Breaks: for #943925,
> which is fixed in -3.  A test of actual -3 has since been run, which
> passed.)

Paul



signature.asc
Description: OpenPGP digital signature

Bug#945370: Support conditionals in Makefiles

[Jelmer Vernooij]

Package: lintian-brush

When attempting to parse makefiles, don't consider a rule ended when
encountering conditionals
(https://www.gnu.org/software/make/manual/html_node/Conditional-Example.html#Conditional-Example).

See e.g. 
https://salsa.debian.org/printing-team/c2050/blob/debian/master/debian/rules#L18

-- 
Jelmer Vernooij 
PGP Key: https://www.jelmer.uk/D729A457.asc


signature.asc
Description: PGP signature

Bug#945369: yard: CVE-2019-1020001

[Salvatore Bonaccorso]

Source: yard
Version: 0.9.16-1
Severity: grave
Tags: security upstream
Justification: user security hole

Hi,

The following vulnerability was published for yard.

CVE-2019-1020001[0]:
| yard before 0.9.20 allows path traversal.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-1020001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1020001
[1] https://github.com/lsegal/yard/security/advisories/GHSA-xfhh-rx56-rxcr

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore



-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.3.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#944249: [Pkg-emacsen-addons] Bug#944249: gnuplot-mode does not work with emacs26

[Nicholas D Steeves]

Hi Dima,

On Sat, Nov 23, 2019 at 02:08:30AM -0800, Dima Kogan wrote:
> Nicholas D Steeves  writes:
> 
> > Is that an official NACK for Augustin's patch for the autoloads?  I
> > included it in the patch series I just sent...
> 
> Hi. I tried out Augustin's update to the autoloads, and it works for me
> (thanks, Augustin!) Nicholas: you wanted to review and to improve
> things. Are your patches somewhere we can see them?

I've confirmed this bug has my patch series (with Augustin's work
integrated).  Maybe those emails are in your spam folder?  You should
be able to use bts to grab the mbox for importation vs git am.

Cheers,
Nicholas


signature.asc
Description: PGP signature

Bug#945316: polymake: FTBFS with perl 5.30

[Andreas Beckmann]

Control: affects 941933 + src:polymake
Control: retitle -1 polymake: FTBFS with normaliz 3.8.1: segfaults during tests

On 23/11/2019 10.45, Benjamin Lorenz wrote:
> On 22/11/2019 22.06, Andreas Beckmann wrote:
>> polymake FTBFS against perl 5.30:

> This was already reported and should be fixed with
> https://bugs.debian.org/941933
> but it seems that the builds need to be triggered again as the logs are
> older than the normaliz 3.8.1+ds-1 upload.

OK, tried my first self-served give-backs ...

... some architectures succeeed (arm64, s390x), some had tests failing
with segmentation faults (amd64, i386, armhf, ppc64el), mips*el is
still building.

https://buildd.debian.org/status/package.php?p=polymake=unstable

Andreas

Bug#945357: apt-listbugs: [INTL:nl] Dutch po file for the apt-listbugs package

[Francesco Poli]

On Sat, 23 Nov 2019 15:07:54 +0100 Frans Spiesschaert wrote:

[...]
> Please find attached the updated Dutch po file for the apt-listbugs
> package. 

Hi Frans!
I am happy you decided to send a translation update, without even
waiting for a call from my side!   :-)

I will probably add it to the package very soon.

Bye and thank you so much for your contribution!


-- 
 http://www.inventati.org/frx/
 There's not a second to spare! To the laboratory!
. Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE


pgp6v8WD8ZMgc.pgp
Description: PGP signature

Bug#945368: RFS: libio-pty-perl/1:1.12-0.1 [NMU] -- Perl module for pseudo tty IO

[Felix Lechner]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "libio-pty-perl". This is an NMU.

On Mentors, you will find a source upload. The binary upload builds with
sbuild in unstable. It is Lintian-clean.

Besides closing a wishlist bug for the new upstream version, this also
brings the package up to modern standards, including source format 3.0, dh
in rules, DEP-5 copyright, debhelper-compat (=12), watch file, hardening
and some more. It also fixes a C compiler warning (for XS).

There are two noteworthy items: First, I did not transfer the package to
the Perl team, where it probably belongs. I did not contact the maintainer
of record before packaging, but his last upload was in 2010. The most
recent upload was from a Perl team member in 2015.  Second, I used GitHub
as the upstream source for copyright and watch file purposes. The homepage
I set to CPAN.

 * Package name: libio-pty-perl
   Version : 1:1.12-0.1
   Upstream Author : Todd Rinaldo 
 * URL : https://metacpan.org/pod/IO::Tty
 * License : Artistic
 * Vcs : None
   Section : perl

It builds those binary packages:

  libio-pty-perl - Perl module for pseudo tty IO

To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/libio-pty-perl

Alternatively, one can download the package with dget using this command:

  dget -x
https://mentors.debian.net/debian/pool/main/libi/libio-pty-perl/libio-pty-perl_1.12-0.1.dsc

Changes since the last upload:

   * Non-maintainer upload.
   * New upstream version. (Closes: #914821)
   * Set source format to 3.0 (quilt).
   * Converted debian.diff.gz to quilt patches; added authors and bugs
   * Set Standards-Version to 4.4.1.
   * Bumped debhelper compat to 12.
   * Switched to debhelper-compat from d/compat.
   * Fixed compiler warnings about print format; thanks to Paul LeoNerd
Evans.
   * Expanded extended description for libio-pty-perl.
   * Added Homepage to d/control.
   * Added Testsuite to d/control.
   * Converted d/rules to dh.
   * Added Rules-Requires-Root: no to d/control.
   * Added DEB_BUILD_MAINT_OPTIONS = hardening=+all to d/rules.
   * Converted d/copyright to DEP-5
   * Pointed d/watch to upstream on CPAN.
   * Added @debian.org to invalid address buildd_i386-nisei in d/changelog.
   * Removed trailing whitespaces in d/changelog.

Regards,

--
  Felix Lechner

Bug#945367: please update mpv to 0.30.0

[shirish शिरीष]

Package: mpv
Version: 0.29.1-1
Severity: wishlist

Dear Maintainer,
I was playing a video file where I got the following message -

[mkv] Discarding potentially broken or useless index.

While playing the media file in vlc seemed to work much better. I
wanted to report it upstream but then came to know that a new release
of mpv had been released in the meanwhile [1]. Could you please upload
the new release so I can figure out if the issue is in the media file
itself or it's just mpv at fault. Looking forward to an update.

1. https://github.com/mpv-player/mpv/releases/tag/v0.30.0

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'testing-debug'), (100,
'unstable-debug'), (100, 'experimental'), (100, 'unstable'), (50,
'experimental-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 5.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IN, LC_CTYPE=en_IN (charmap=UTF-8), LANGUAGE=en_IN:en
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages mpv depends on:
ii  libarchive13  3.4.0-1+b1
ii  libasound21.1.9-1
ii  libass9   1:0.14.0-2
ii  libavcodec58  7:4.2.1-2
ii  libavdevice58 7:4.2.1-2
ii  libavfilter7  7:4.2.1-2
ii  libavformat58 7:4.2.1-2
ii  libavutil56   7:4.2.1-2
ii  libbluray21:1.1.2-2
ii  libc6 2.29-3
ii  libcaca0  0.99.beta19-2.1
ii  libcdio-cdda2 10.2+2.0.0-1+b1
ii  libcdio-paranoia2 10.2+2.0.0-1+b1
ii  libcdio18 2.0.0-2
ii  libdrm2   2.4.99-1
ii  libdvdnav46.0.1-1
ii  libdvdread4   6.0.1-1
ii  libegl1   1.1.0-1+b1
ii  libgbm1   19.2.4-1
ii  libgl11.1.0-1+b1
ii  libjack-jackd2-0 [libjack-0.125]  1.9.12~dfsg-2+b1
ii  libjpeg62-turbo   1:1.5.2-2+b1
ii  liblcms2-22.9-3+b1
ii  liblua5.2-0   5.2.4-1.1+b3
ii  libpulse0 13.0-3
ii  librubberband21.8.2-1
ii  libsdl2-2.0-0 2.0.10+dfsg1-1
ii  libsmbclient  2:4.11.1+dfsg-3
ii  libsndio7.0   1.5.0-3
ii  libswresample37:4.2.1-2
ii  libswscale5   7:4.2.1-2
ii  libuchardet0  0.0.6-3
ii  libva-drm22.5.0-1
ii  libva-wayland22.5.0-1
ii  libva-x11-2   2.5.0-1
ii  libva22.5.0-1
ii  libvdpau1 1.2-1
ii  libvulkan11.1.121.0-2
ii  libwayland-client01.17.0-1
ii  libwayland-cursor01.17.0-1
ii  libwayland-egl1   1.17.0-1
ii  libx11-6  2:1.6.8-1
ii  libxext6  2:1.3.3-1+b2
ii  libxinerama1  2:1.1.4-2
ii  libxkbcommon0 0.9.1-1
ii  libxrandr22:1.5.1-1
ii  libxss1   1:1.2.3-1
ii  libxv12:1.0.11-1
ii  zlib1g1:1.2.11.dfsg-1+b1

Versions of packages mpv recommends:
ii  xdg-utils   1.1.3-1
ii  youtube-dl  2019.09.28-1

mpv suggests no packages.

-- no debconf information

-- 
  Regards,
  Shirish Agarwal  शिरीष अग्रवाल
  My quotes in this email licensed under CC 3.0
http://creativecommons.org/licenses/by-nc/3.0/
http://flossexperiences.wordpress.com

E493 D466 6D67 59F5 1FD0 930F 870E 9A5B 5869 609C

Bug#813041: icedtea-netx should not depend on default-jre

[tony mancill]

On Sat, Nov 23, 2019 at 12:58:52AM +0100, Marco Gamberoni wrote:
> icedtea-netx can be used with any JRE.
> Java Network Launch Programs (jnlp) declare a specific version of JRE in the 
> jnlp file, and often misbehave if another version is used.
> javaws prints a warning on stdout if the chosen JRE is not the one declared 
> in the jnlp file, but it easy to miss it.
> 
> In my case, I use a jnlp application once a year for tax filings, supplied by 
> Italian tax authority Agenzia delle Entrate, via jnlp technology. It works 
> correctly only with openjdk-8-jre, and being provisioned via jnlp, needs 
> javaws from icedtea-netx.
> So, due to icedtea-netx dependency on default-jre I end up with 2 JRE 
> installed: 8 and (currently) 11.
> The default JRE ends up being 11, so I have to configure icedea-netx to use 
> the 8, and cannot remove 11.
> This is too much hassle and bloat to pay taxes :o)
> 
> I would like to see this wishlist bug closed this way:
>  -  icedtea-web should depend on java-runtime, and suggest default-jre
>  -  openjdk-8-jre should provide java-runtime (it provides only versioned 
> ones: java2-runtime, java5-runtime, java6-runtime, java7-runtime, 
> java8-runtime)
> This would make it easy to have only openjdk-8-jre and icedtea-netx 
> installed, without defaul-jre and its dependencies.
> As things stand, one must resort to other more complex options, like equivs 
> to circumvent package dependencies, or simply tolerate the bloat.
> 
> Regards
> 
> Marco Gamberoni

Hello Marco,

I agree about the hard dependency on default-jre.  That's the reason
that the javaX-runtime virtual dependencies were created.  However, I'm
not sure about creating a new java-runtime dependency, since I think
that we're going to continue to have situations where we have to
differentiate between JRE runtimes.

Since the default-jre going back to oldstable provides java8-runtime,
would it be okay to have icedtea-web depend on java8-runtime, which can
be satisfied by default-jre for stretch and anything later?  This should
simplify your use case and continue to work until there is a default-jre
that is for some reason unable to run older byte code.

Cheers,
tony


signature.asc
Description: PGP signature

Bug#945366: sudoers permits arguments beyond what is normally expected

[Edward Neville]

Package: sudo
Version: 1.8.27-1+deb10u1
Severity: important
Tags: patch upstream

Dear Maintainer,

Entries in sudoers files that include * do not behave like shell globs.
When mistakenly used in the argument list it can expand to protected
content, such as /etc/shadow. Most users do not expect this.

This patch adds regex style matching to sudoers to improve security and
tighten the available input.

Patch available here:

  



-- System Information:
Debian Release: 10.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-8-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Permissive - Policy name: default

Versions of packages sudo depends on:
ii  libaudit1   1:2.8.4-3
ii  libc6   2.28-10
ii  libpam-modules  1.3.1-5
ii  libpam0g1.3.1-5
ii  libselinux1 2.8-1+b1
ii  lsb-base10.2019051400

sudo recommends no packages.

sudo suggests no packages.

-- Configuration Files:
/etc/sudoers [Errno 13] Permission denied: '/etc/sudoers'
/etc/sudoers.d/README [Errno 13] Permission denied: '/etc/sudoers.d/README'

-- no debconf information

Bug#945274: ca-certificates: Deal with multiple certificates per .crt file

[Sam Morris]

Control: tag -1 + patch

Here's a first draft at implementing this:

https://salsa.debian.org/debian/ca-certificates/merge_requests/3


-- 
Sam Morris 

Bug#945365: v4l-utils: [INTL:de] Updated German translation

[Chris Leick]

Package: v4l-utils
Version: 1.18.0-1
Severity: wishlist
Tags: l10n patch



Hi,

please find attached the newest German translation. I've marked a typo
in the original text with FIXME.

Kind regards,
Chris


de.po.gz
Description: application/gzip

Bug#944865: buster-pu: package limnoria/2019.02.23-1+deb10u1

[Julien Cristau]

Control: tag -1 moreinfo

On Sat, Nov 16, 2019 at 05:36:13PM +0100, Mattia Rizzolo wrote:
> Limnoria is affected by a security issue the security team deemed not
> DSA-worthy.  See https://security-tracker.debian.org/tracker/CVE-2019-19010
> 
What's the test coverage like for this code, and what's the regression
risk?

Thanks,
Julien

Bug#944856: buster-pu: package qtbase-opensource-src/5.11.3+dfsg1-1+deb10u2

[Julien Cristau]

Control: tag -1 confirmed

On Sat, Nov 16, 2019 at 04:06:59PM +0300, Dmitry Shachnev wrote:
> I would like to update qtbase-opensource-src in Buster, to fix the following
> bugs:
> 
> #911702 — okular does not print to network printer
> #911844 — okular prints to the wrong printer
> #935909 — segfault when removing rich content (like tables) from QLabel
> #935627 — graphics tablet hover events (tooltips/mouse-over) broken
> 
> The fix for the first two bugs has already been ACKed during the freeze in
> #930669, but the fix did not reach bullseye because it was built against gcc-8
> from sid.
> 
> All these bugs are already fixed in sid/bullseye.
> 
> The debdiff against the current version in buster (which was a security
> upload) is attached.
> 
Looks OK to me, thanks.

Cheers,
Julien

Bug#944594: buster-pu: package heat/1:11.0.0-6

[Julien Cristau]

Control: tag -1 moreinfo

On Tue, Nov 12, 2019 at 11:12:17AM +0100, Thomas Goirand wrote:
> I'd like to update heat in Buster to permit safe upgrades, as the current
> version may remove the heat domain password. Attached is the proposed
> debdiff for this fix.
> 
I don't understand why this requires a new template.  That seems wrong
to me.

Cheers,
Julien

Bug#944998: Update to sane-backends-1.0.28 for Canon Pixma TS8260 suport

[Manolo Díaz]

Package: libsane
Version: 1.0.27-3.2
Followup-For: Bug #944998

It seems Canon LiDE 300 also needs the new version. In fact developers
claim it supports 40+ new scanner models [1].

[1] http://www.sane-project.org/

Best Regards,
Manolo Díaz

-- System Information:
Debian Release: 10.2
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.3.12+ (SMP w/2 CPU cores)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=es_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libsane depends on:
ii  acl2.2.53-4
ii  adduser3.118
ii  libavahi-client3   0.7-4+b1
ii  libavahi-common3   0.7-4+b1
ii  libc6  2.28-10
ii  libgphoto2-6   2.5.22-3
ii  libgphoto2-port12  2.5.22-3
ii  libieee1284-3  0.2.11-13
ii  libjpeg62-turbo1:1.5.2-2+b1
ii  libsane-common 1.0.27-3.2
ii  libsnmp30  5.7.3+dfsg-5
ii  libssl1.1  1.1.1d-0+deb10u2
ii  libtiff5   4.0.10-4
ii  libusb-1.0-0   2:1.0.22-2
ii  udev   241-7~deb10u2

Versions of packages libsane recommends:
pn  sane-utils  

Versions of packages libsane suggests:
pn  avahi-daemon  
pn  hplip 

-- no debconf information

Bug#944538: buster-pu: package ganeti-instance-debootstrap/0.16-6.1

[Julien Cristau]

On Mon, Nov 11, 2019 at 10:40:58AM -0500, Antoine Beaupre wrote:
> diff -Nru ganeti-instance-debootstrap-0.16/debian/changelog 
> ganeti-instance-debootstrap-0.16/debian/changelog
> --- ganeti-instance-debootstrap-0.16/debian/changelog 2018-06-20 
> 06:57:18.0 -0400
> +++ ganeti-instance-debootstrap-0.16/debian/changelog 2019-11-01 
> 19:01:50.0 -0400
> @@ -1,3 +1,10 @@
> +ganeti-instance-debootstrap (0.16-6.1) unstable; urgency=medium

Version number and distribution don't look right.

> +
> +  * Non-maintainer upload
> +  * add patch to respect linux caps (Closes: #942114)
> +
> + -- Antoine Beaupré   Fri, 01 Nov 2019 19:01:50 -0400
> +
>  ganeti-instance-debootstrap (0.16-6) unstable; urgency=medium
>  
>* Bump Standards-Version to 4.1.4; no changes needed
> diff -Nru 
> ganeti-instance-debootstrap-0.16/debian/patches/respect-Linux-capabilities-7-in-cache.patch
>  
> ganeti-instance-debootstrap-0.16/debian/patches/respect-Linux-capabilities-7-in-cache.patch
> --- 
> ganeti-instance-debootstrap-0.16/debian/patches/respect-Linux-capabilities-7-in-cache.patch
>1969-12-31 19:00:00.0 -0500
> +++ 
> ganeti-instance-debootstrap-0.16/debian/patches/respect-Linux-capabilities-7-in-cache.patch
>2019-11-01 19:01:50.0 -0400
> @@ -0,0 +1,48 @@
> +From cd34bcc48a2af92f484535b81fba2d46dad1dbb6 Mon Sep 17 00:00:00 2001
> +From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= 
> +Date: Thu, 10 Oct 2019 11:07:51 -0400
> +Subject: [PATCH] respect Linux capabilities(7) in cache
> +
> +The default GNU tar configuration does not carry fancy extended
> +attributes and that is where, among other things, stuff like Linux
> +capabilities(7) are stored. This is kind of important because that's
> +how ping(8) works for regular users.
> +
> +We shove --selinux and --acls in there while we're at it, because why
> +not. We never know what the future might bring, and it seems
> +silly *not* to create a complete archive.
> +
> +Note that --xattrs-include='*' is important because, by default, GNU
> +tar will not include capabilities /even/ if --xattrs is specified on
> +the commandline, see this bug report for details:
> +

I'm a bit uneasy about a blanket "include all", to be honest.  It's
probably harmless since it's all coming straight out of debootstrap, but
I'd have been happier with something like "include security.*" if that's
what we expect to see.

Cheers,
Julien

Bug#945351: [Python-modules-team] Bug#945351: python-aiomysql-doc: Package short description truncated

[Emmanuel Arias]

Hi,

I've just push to salsa the fix.

I will need sponsorship to upload :)

thanks!

Cheers,
Arias Emmanuel
@eamanu
http://eamanu.com

El sáb., 23 de nov. de 2019 a la(s) 10:27, Beatrice Torracca
(beatri...@libero.it) escribió:
>
> On sabato 23 novembre 2019, at 09:24 -0300, Emmanuel Arias wrote:
> > Hi Beatrice
> >
> > I can fix it.. The upstream short description is
> > "aiomysql is a library for accessing a MySQL database from the asyncio "
> >
> > What about that?
>
> Hi Emmanuel,
>
> I think "library for accessing a MySQL database from the asyncio"
> should be perfect then. (If I am not mistaken Debian policy about
> descriptions frowns about starting the short description (synopsis)
> with " is".
>
> Thanks a lot for the quick answer and the fix,
>
> beatrice

Bug#945316: polymake: FTBFS with perl 5.30

[David Bremner]

Benjamin Lorenz  writes:

> On 22/11/2019 22.06, Andreas Beckmann wrote:
>> polymake FTBFS against perl 5.30:
>> https://buildd.debian.org/status/package.php?p=polymake=unstable
>> 
>> *** Summary ***
>> 
>> *** Failed tests ***
>> 
>> /<>/apps/polytope/src/gc_closure.cc:173: testcase 1
>> expected: regular return
>>  got: EXCEPTION: no more rules available to compute 
>> 'HILBERT_BASIS_GENERATORS'
>> 
>> make[1]: *** [debian/rules:41: override_dh_auto_test] Error 1
>
> This was already reported and should be fixed with
> https://bugs.debian.org/941933
> but it seems that the builds need to be triggered again as the logs are
> older than the normaliz 3.8.1+ds-1 upload.
>
> Benjamin

Hello Benjamin;

That's true, however with normaliz 3.8.1 I also get test failures.

[ /functions/Producing a polytope from polytopes/stack ] 1
verifying: 1 OK
 [ /functions/Triangulations, subdivisions and volume/staircase_weight ] 1
verifying: 1 OK
 [ /functions/Producing a polytope from polytopes/tensor ] 1
verifying: 1 OK
 [ /functions/Optimization/totally_dual_integral ] 1Segmentation fault

Full log is attached.



polymake_3.2r4-4_amd64-2019-11-23T16:47:22Z.build.gz
Description: application/gzip

Bug#944348: buster-pu: package schleuder/3.4.0-2+deb10u1

[Julien Cristau]

Control: tag -1 confirmed

On Fri, Nov 08, 2019 at 10:57:51AM +, Georg Faerber wrote:
> Schleuder in buster is affected by various problems, which I would like to fix
> with this proposed update:
> 
>   - Schleuder fails to recognize keywords in mails with "protected headers" 
> and
> empty subject. 
> (Ref: #940524)
> 
>   - Schleuder is vulnerable to signature-flooded keys. GPG does not cope well
> with these keys. It will either refuse to import them, or during and after
> the import become so slow to be effectively unusable (while hogging CPUs).
> By default keys are regularly updated from the keyservers (in order to
> receive extended expiry dates, or key revocations). Any list with an
> attacked key in its keyring will become practically unusable and strain 
> the
> server. This is a rather severe problem.
> (Ref: #940526)
> 
>   - Schleuder doesn't report an error, if the argument provided to
> `refresh_keys` is not an existing list, as if the job ran successfully.
> (Ref: #940527)
> 
> All of them are already fixed in unstable. The proposed version is in
> use and was tested in production for the last two weeks.
> 
That looks fine to me.  Go ahead.

Cheers,
Julien

Bug#944099: CVE-2019-14433 / OSSA-2019-003: buster-pu: package nova/2:18.1.0-6 -> 18.1.0-6+deb10u1

[Julien Cristau]

Control: tag -1 moreinfo

On Mon, Nov 04, 2019 at 11:53:52AM +0100, Thomas Goirand wrote:
> We would like to update Nova in Buster for 2 reasons. First, there's
> OSSA-2019-003 / CVE-2019-14433 which we would like to fix. Second,
> in non-interactive mode, upgrading Nova can lead to some configuration
> changes, which is an RC bug.
> 
This doesn't sound like it should require new debconf templates.  What's
the logic there?  Why does upgrading touch the configuration at all?

Cheers,
Julien

Bug#945280: configurable config file name

[Ryan Kavanagh]

Control: tags -1 + moreinfo

On Fri, Nov 22, 2019 at 12:12:04PM +0100, Harald Dunkel wrote:
> Would it be possible to make the opensmtpd config file configurable?

Sure, I can apply the patch, though the defaults file will be
/etc/default/opensmtpd to match the init script name (see §5.10 of the
maintainer's guide and the suggestion in policy §9.3.2).

> That would allow me to run a private "/etc/smarthost.smtpd.conf" (just
> as an example) without conflict to the default config file provided in
> the package.

I'm trying to understand the rationale for having a separate smtpd.conf.
/etc/smtpd.conf is listed in conffiles, so package upgrades will never
clobber the changes you have made to it. During upgrades, if a package
has a new version of /etc/smtpd.conf and you have local changes, then
dpkg will prompt you to figure out how to handle the differences.

If you want to always keep the old/local version (and have dpkg not
prompt you during upgrades), you can pass --force-confold and
--force-confdef to dpkg. See this writeup[0] by Raphaël Hertzog for more
details.

Does this solve the issues you've been encountering? If not, I'll apply
the patch. Please let me know.

Best,
Ryan

[0] 
https://raphaelhertzog.com/2010/09/21/debian-conffile-configuration-file-managed-by-dpkg/
-- 
|)|/  Ryan Kavanagh  | GPG: 4E46 9519 ED67 7734 268F
|\|\  https://rak.ac |  BD95 8F7B F8FC 4A11 C97A


signature.asc
Description: PGP signature

Bug#942688: NMU for elixir-lang

[Santiago Vila]

> >> As elixir-lang is going to be AUTORM if nobody takes care of it, I
> >> already added a bit of code in debian/rules to make it retry unit tests
> >> if they fail. It will retry 3 times, meaning that if it used to fail 10%
> >> of the time, making it retry 3 times makes the unit tests fail 0.01% of
> >> the times, which is IMO acceptable. The recent failures on some arch
> >> shows that my debian/rules hack works well! :)
> > 
> > Please don't do that sort of thing. It makes things gratuitously painful
> > for people like me doing QA.
> > 
> > Either a unit test is to be trusted or it's not (by "trusted" I mean
> > here that a failure in the test means the package is unsuitable for
> > release).
> > 
> > If the test is trusted but it fails, accept that it fails and do not
> > let the package to propagate to testing.
> > 
> > If it's not trusted, there is no point in making it to fail with any
> > probability. Not 10%, and not 0.01%. Just disable the test.
> > 
> > Thanks.
> 
> I don't agree with this view. Yes, this makes your work harder. But
> running tests improve the quality of the package. Removing them is in no
> way an improvement.

My complain here is specifically about artificially reducing the
probability of a random test to fail.

Remember that tests only improve the quality of the package when you
actually do something when they fail.

If you artificially reduce the probability and do nothing about
failing tests, there is no increase of quality at all.

[ Please Cc me on any replies, I'm not monitoring this bug ]

Thanks.

Bug#942201: buster-pu: package samba/2:4.9.11+dfsg-1~deb10u1

[Julien Cristau]

Control: tag -1 moreinfo

On Mon, Jul 08, 2019 at 10:23:49AM +0200, Mathieu Parent wrote:
> samba (2:4.9.11+dfsg-1~deb10u1) unstable; urgency=medium

"unstable" seems like the wrong target.

> 
>   [ Mathieu Parent ]
>   * New upstream release
> - Bump ldb Build-Depends to 2:1.5.1+really1.4.7
> - Fixes printing via smbspool backend with kerberos auth (Closes: #931481)
> - Drop security patches, merged upstream
> - libsamba-passdb.so bumped to 0.27.2
>   * Enable vfs_nfs4acl_xattr (Closes: #930540)
> 
>   [ Rafael David Tinoco ]
>   * debian/rules: Make DEB_HOST_ARCH_CPU initialized through dpkg-architecture
> (Closes: #931138)
>   * CTDB NFS fixes (Closes: #929931, LP: #722201):
> - d/p/fix-nfs-service-name-to-nfs-kernel-server.patch: change nfs service
>   name from nfs to nfs-kernel-server
> - ctdb-config: depend on /etc/ctdb/nodes file
> - d/ctdb.install, d/rules: create ctdb run directory into tmpfiles.d to
>   allow pid file to exist
> - added /var/lib/ctdb/* directories
> - d/ctdb.postrm: remove leftovers from /var/lib/ctdb/*
> - Add examples of NFS HA CTDB config files + helper script
> 
>  -- Mathieu Parent   Mon, 08 Jul 2019 09:56:36 +0200
> 
> samba is the latest 4.9.x upstream release (4.9 is in maint mode until
> mid-september, see [1]). It includes a lot of stability fixes, including
> crashes, memory leaks and #931481. The included security fixes were already in
> Debian.
> 
> I added an useful vfs module (vfs_nfs4acl_xattr). No regression risk here 
> (#930540).
> 
On its face this doesn't sound suitable for stable.

> I also added the CTDB NFS improvements from Ubuntu. CTDB NFS was broken 
> before,
> so no regression expected ;-).
> 
Neither does this, unless the brokenness is a regression from stretch.

> I only attach the diff of the debian directory.
> 
We'd need to see the full set of changes, please.

Also, before taking on a big set of changes, a description of what QA,
automated or otherwise, is happening or has happened with these changes,
would be useful.  Both upstream and Debian-side.

Cheers,
Julien

Bug#931607: buster-pu: package samba/2:4.9.11+dfsg-1~deb10u1

[Julien Cristau]

Control: tag -1 moreinfo

On Mon, Jul 08, 2019 at 10:23:49AM +0200, Mathieu Parent wrote:
> ldb (2:1.5.1+really1.4.7-1~deb10u1) unstable; urgency=medium
> 
>   [ Salsa Pipeline ]
>   * Update salsa CI pipeline
> 
>   [ Mathieu Parent ]
>   * New upstream version 1.4.7
> - Update symbols (no change)
> 
>  -- Mathieu Parent   Sun, 07 Jul 2019 10:06:38 +0200
> 
> ldb is actually a one line change, see attachements.
> 
It seems to me this could easily be handled entirely on the samba side.
I don't understand why a ldb bump is the thing to do here.

Cheers,
Julien

Bug#945364: Patches available for CVE-2019-8287, CVE-2019-15678, CVE-2019-15679, CVE-2019-15680

[Robert Scott]

Source: tightvnc
Version: 1:1.3.9-9

Just letting you know I've ported fixes for the above CVEs from (the actively 
maintained) libvnc for NixOS: https://github.com/NixOS/nixpkgs/pull/73970/
files


robert.

Bug#945362: tpm-udev: Fails to install in systemd-nspawn container

[Daniel Schepler]

Package: tpm-udev
Version: 0.2
Severity: normal
X-Debbugs-Cc: tpm2-...@packages.debian.org

While trying to build packages in a systemd-nspawn container, I ran
into a failure of tpm-udev to install:

...
Preparing to unpack .../tpm-udev/tpm-udev_0.2_all.deb ...
Unpacking tpm-udev (0.2) ...
Selecting previously unselected package libtss2-esys0.
Preparing to unpack .../libtss2-esys0_2.3.1-2_amd64.deb ...
Unpacking libtss2-esys0 (2.3.1-2) ...
Selecting previously unselected package libtss2-dev.
Preparing to unpack .../libtss2-dev_2.3.1-2_amd64.deb ...
Unpacking libtss2-dev (2.3.1-2) ...
Setting up tpm-udev (0.2) ...
Adding group `tss' (GID 170) ...
Done.
Adding system user `tss' (UID 153) ...
Adding new user `tss' (UID 153) with group `tss' ...
Not creating home directory `/var/lib/tpm'.
Failed to send reload request: No such file or directory
Failed to write 'change' to
'/sys/devices/LNXSYSTM:00/LNXSYBUS:00/MSFT0101:00/tpm/tpm0/uevent':
Read-only file system
Failed to write 'add' to
'/sys/devices/LNXSYSTM:00/LNXSYBUS:00/MSFT0101:00/tpm/tpm0/uevent':
Read-only file system
dpkg: error processing package tpm-udev (--configure):
 installed tpm-udev package post-installation script subprocess
returned error exit status 1
dpkg: dependency problems prevent configuration of libtss2-esys0:
 libtss2-esys0 depends on tpm-udev; however:
  Package tpm-udev is not configured yet.

dpkg: error processing package libtss2-esys0 (--configure):
 dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of libtss2-dev:
 libtss2-dev depends on libtss2-esys0 (= 2.3.1-2); however:
  Package libtss2-esys0 is not configured yet.

dpkg: error processing package libtss2-dev (--configure):
 dependency problems - leaving unconfigured
Processing triggers for man-db (2.9.0-1) ...
Processing triggers for libc-bin (2.29-3) ...
Errors were encountered while processing:
 tpm-udev
 libtss2-esys0
 libtss2-dev
E: Sub-process /usr/bin/dpkg returned an error code (1)
E: Failed to process build dependencies

That, in turn, means that I cannot build such packages as src:fwupd,
src:openconnect, src:tpm2-abrmd in this container (this last one is
the one that first came up on my radar).
-- 
Daniel Schepler

Bug#945361: ros-ros-comm: CVE-2019-13566

[Salvatore Bonaccorso]

Source: ros-ros-comm
Version: 1.14.3+ds1-9
Severity: important
Tags: security upstream
Forwarded: https://github.com/ros/ros_comm/issues/1735
Control: found -1 1.14.3+ds1-5

Hi,

The following vulnerability was published for ros-ros-comm.

CVE-2019-13566[0]:
| An issue was discovered in the ROS communications-related packages
| (aka ros_comm or ros-melodic-ros-comm) through 1.14.3. A buffer
| overflow allows attackers to cause a denial of service and possibly
| execute arbitrary code via an IP address with a long hostname.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-13566
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13566
[1] https://github.com/ros/ros_comm/issues/1735
[2] https://github.com/ros/ros_comm/pull/1771

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#939414: fp-docs-3.0.4: All fcl docs are missing from binary package

[Abou Al Montacir]

Control: forwarded -1 https://bugs.freepascal.org/view.php?id=36347
Control: forwarded -1 https://bugs.freepascal.org/view.php?id=36349

First issue about fpdco crashing silently was fixed by upstream.
Created a second issue for the crash itself.
-- 
Cheers,
Abou Al Montacir


signature.asc
Description: This is a digitally signed message part

Bug#945131: dpkg: implement a way to wait to detect whether dpkg is running

[Raphael Hertzog]

On Fri, 22 Nov 2019, Guillem Jover wrote:
> That still does not explain why this needs to be done outside the dpkg's
> execution context, though?

I don't know any point in dpkg's execution context where we are sure that
we will not install/remove other packages later on.

> Triggers right now should get batched more aggressively than in the
> past. And I'm not quite sure why they would not be preferable to a
> hook which gets executed unconditionally every time, regardless of
> any package unpacking on the interested paths. This is the kind of
> thing triggers were designed to cover. The current way this is
> deployed seems rather iffy to me TBH.

I'm not opposed to use a trigger based solution but how do you expect it
to work? Watching /usr/share/applications doesn't work as there are
packages that don't provide a .desktop files and where we want to
install our own desktop file when the package gets installed.

And I don't want to have to modify all packages for which we are shipping
a .desktop file to install.

We could add hundreds of path-based triggers, one for each binary that we
reference in our desktop files but we would likely miss any path
change... and it would be a bit tedious to maintain.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/

Bug#945349: (no subject)

[Salvatore Bonaccorso]

Hi William,

On Sat, Nov 23, 2019 at 10:42:16AM +0100, William Desportes wrote:
> Hello Salvatore,
> 
> I investigated while reporting the vulnerability, 4.6.6
> (https://packages.debian.org/source/oldstable/phpmyadmin) is not
> affected since the table name you need to reproduce the vulnerability is
> not supported.

Thanks for checking that and reporting back!

Regards,
Salvatore

Bug#909439: version mismatch, the other way

[Rebecca N. Palmer]

https://ci.debian.net/data/autopkgtest/testing/amd64/p/python-feather-format/3483361/log.gz 
appears to have the opposite problem: it finds the new source (-3), but 
as this had not yet been built, it used the old binary (-2).


The testing excuses pages for both pandas and python-feather-format 
currently list this as a test of -3, which it is not.  The debci summary 
page doesn't appear to list it at all - is that intended to fix this bug?


(It failed because -2 is uninstallable due to the Breaks: for #943925, 
which is fixed in -3.  A test of actual -3 has since been run, which 
passed.)

Bug#945360: byobu: [INTL:nl] Dutch translation of debconf messages

[Frans Spiesschaert]

 
 
Package: byobu 
Severity: wishlist 
Tags: l10n patch 
 
 
 
Dear Maintainer, 
 
 
Please find attached the updated Dutch translation of byobu debconf
messages. 
It has been submitted for review to the debian-l10n-dutch mailing
list. 
Please add it to your next package revision. 
It should be put as debian/po/nl.po in your package build tree. 
 

-- 
Kind regards,
Frans Spiesschaert



nl.po.gz
Description: application/gzip

Bug#945359: munin: [INTL:nl] Dutch translation of debconf messages

[Frans Spiesschaert]

 
 
Package: munin 
Severity: wishlist 
Tags: l10n patch 
 
 
 
Dear Maintainer, 
 
 
Please find attached the Dutch translation of munin debconf
messages. 
It has been submitted for review to the debian-l10n-dutch mailing
list. 
Please add it to your next package revision. 
It should be put as debian/po/nl.po in your package build tree. 
 

-- 
Met vriendelijke groet,
Frans Spiesschaert



nl.po.gz
Description: application/gzip

Bug#929597: [PATCH] CVE-2019-12211: heap buffer overflow via memcpy

[Anton Gladky]

Hello Hugo,

thanks for update!

> Anton, you know this package better than me, would you be available to test 
> the update?
I am also not an expert in the package, but sure, I will try to do it.

Regards

Anton

Am Sa., 23. Nov. 2019 um 10:25 Uhr schrieb Hugo Lefeuvre :
>
> Hi,
>
> Upstream seems to have merged my patch along with some more changes
> regarding CVE-2019-12213[0].
>
> I am planning to take a look at this patch and release a DLA for jessie.
>
> The security team is also planning to release a DSA for stretch and buster.
> I am already working on a jessie upload, so I should also be able to handle
> stretch and buster.  Anton, you know this package better than me, would you
> be available to test the update?
>
> thanks!
>
> regards,
> Hugo
>
> [0] https://sourceforge.net/p/freeimage/svn/1825/
>
> --
> Hugo Lefeuvre (hle)|www.owl.eu.com
> RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
> ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C

Bug#945358: phonon: [INTL:nl] Dutch translation of debconf messages

[Frans Spiesschaert]

 
 
Package: phonon 
Severity: wishlist 
Tags: l10n patch 
 
 
 
Dear Maintainer, 
 
 
Please find attached the updated Dutch translation of phonon debconf
messages. 
It has been submitted for review to the debian-l10n-dutch mailing
list. 
Please add it to your next package revision. 
It should be put as debian/po/nl.po in your package build tree. 
 

-- 
Kind regards,
Frans Spiesschaert



nl.po.gz
Description: application/gzip

Bug#945357: apt-listbugs: [INTL:nl] Dutch po file for the apt-listbugs package

[Frans Spiesschaert]

 
 
Package: apt-listbugs 
Severity: wishlist 
Tags: l10n patch 
 
 
 
Dear Maintainer, 
 
 
Please find attached the updated Dutch po file for the apt-listbugs
package. 
It has been submitted for review to the debian-l10n-dutch mailing
list. 
Please add it to your next package revision. 
It should be put as "po/nl.po" in your package build tree. 
 

-- 
Kind regards,
Frans Spiesschaert



nl.po.gz
Description: application/gzip

Bug#945356: dgit: [INTL:nl] Dutch po file for the dgit package

[Frans Spiesschaert]

 
 
Package: dgit 
Severity: wishlist 
Tags: l10n patch 
 
 
 
Dear Maintainer, 
 
 
Please find attached the updated Dutch po file for the dgit package. 
It has been submitted for review to the debian-l10n-dutch mailing
list. 
Please add it to your next package revision. 
It should be put as "po/nl.po" in your package build tree. 
 

-- 
Kind regards,
Frans Spiesschaert



nl.po.gz
Description: application/gzip

Bug#945355: apt-listchanges: [INTL:nl] Dutch po file for the apt-listchanges package

[Frans Spiesschaert]

 
 
Package: apt-listchanges 
Severity: wishlist 
Tags: l10n patch 
 
 
 
Dear Maintainer, 
 
 
Please find attached the updated Dutch po file for the apt-listchanges
package. 
It has been submitted for review to the debian-l10n-dutch mailing
list. 
Please add it to your next package revision. 
It should be put as "po/nl.po" in your package build tree. 
 

-- 
Kind regards,
Frans Spiesschaert



nl.po.gz
Description: application/gzip

Bug#945351: [Python-modules-team] Bug#945351: python-aiomysql-doc: Package short description truncated

[Beatrice Torracca]

On sabato 23 novembre 2019, at 09:24 -0300, Emmanuel Arias wrote:
> Hi Beatrice
> 
> I can fix it.. The upstream short description is
> "aiomysql is a library for accessing a MySQL database from the asyncio "
> 
> What about that?

Hi Emmanuel,

I think "library for accessing a MySQL database from the asyncio"
should be perfect then. (If I am not mistaken Debian policy about
descriptions frowns about starting the short description (synopsis)
with " is".

Thanks a lot for the quick answer and the fix,

beatrice

Bug#945354: RM: jack-mixer -- ROM; dead upstream, RC-buggy

[Sebastian Ramacher]

Package: ftp.debian.org
Severity: normal

Please remove jack-mixer from the archive. Upstream has vanished, it
depends on pygtk (#885309) and no portto Python 3 is in sight (#936758).

Cheers
-- 
Sebastian Ramacher


signature.asc
Description: PGP signature

Bug#945353: Vagrant libvirt and virtualbox providers missing for buster64 10.1.0

[Jonas Meurer]

Package: cloud.debian.org
Severity: important

Hello,

for some reason, boxes for providers 'libvirt' and 'virtualbox' are missing for
buster64 tag 'v10.1.0' from https://app.vagrantup.com/debian/boxes/buster64.

Unfortunately, this breaks inital setup of debian/buster64 boxes with those
providers, as many packages from the 10.0.0 apt sources list caches don't exist
in the archives any longer.

Cheers
 jonas

Bug#773869: freehep-graphicsio update

[Philipp Huebner]

Hi,

I have lost all interest in maintaining the freehep packages (I never
did much anyway).

Kind regards
Philipp



signature.asc
Description: OpenPGP digital signature

Bug#933523:

[ZHENGYUAN]

Hi Steve,

I'm encountering the same problem here as Leah. In my case, my attempt was
manual installation of Debian Buster (10.2) amd64 on my Supermicro X9DRL-3F
running UEFI mode. My situation also followed the exact circumstances of OP
in this StackExchange thread

(including
same X9 motherboard family).

Do let me know how I can help to provide more information to identify the
cause of this issue.

Best Regards,
ZY

Bug#945352: reptyr: missing arm64 build

[Antoine Amarilli]

Package: reptyr
Severity: wishlist

Dear Maintainer,

Would it be possible to have an arm64 build of reptyr?

I have checked that it works fine to clone the upstream source
https://github.com/nelhage/reptyr
compile with make, and that the resulting binary indeed works as intended.

Many thanks!

-- System Information:
Debian Release: 10.1
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: arm64 (aarch64)

Kernel: Linux 4.19.0-5-arm64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_CRAP
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#945351: [Python-modules-team] Bug#945351: python-aiomysql-doc: Package short description truncated

[Emmanuel Arias]

Hi Beatrice

I can fix it.. The upstream short description is
"aiomysql is a library for accessing a MySQL database from the asyncio "

What about that?


Cheers,
Arias Emmanuel
@eamanu
http://eamanu.com

El sáb., 23 de nov. de 2019 a la(s) 08:15, Beatrice Torracca
(beatri...@libero.it) escribió:
>
> Package: python-aiomysql-doc
> Severity: minor
>
>  Hi!
>
> the package short description now reads
> "library for accessing a MySQL using (common documentation)"
>
> I think it is missing the word "asyncio" like in the similar binary
> package(s) fom the same source. As in "library for accessing a MySQL
> using asyncio".
>
> Note the English is however not correct and both packages
> (python3-aiomysql and python3-aiomysql-doc) should either remove the
> "a" before MySQL ("library for accessing MySQL using asyncio" or add
> the word "database" ("library for accessing a MySQL database using
> asyncio").
>
> thanks,
>
> beatrice
>
> ___
> Python-modules-team mailing list
> python-modules-t...@alioth-lists.debian.net
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/python-modules-team

Bug#939414: fp-docs-3.0.4: All fcl docs are missing from binary package

[Abou Al Montacir]

Control: forward -1 https://bugs.freepascal.org/view.php?id=36347

Hi Paul,

It looks like we have here multiple issues:
   1. fpdoc does not retrun correctly: raised upstream issue 
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939414
   2. fpdoc doe not find .xct file, missing:
  1. ${RTLOPTS} in rule to create rtl.chk
  2. ${FCLOPTS} in rule to create fcl.chk
   3. Even when applying above fixes still an unresolved crash
  Exception at 004B4971: EInOutError:
  [example] File not found.
-- 
Cheers,
Abou Al Montacir


signature.asc
Description: This is a digitally signed message part

Bug#944022: Make Firehol Read The File

[Toni Mueller]

Hi Jerome,

On Sat, Nov 23, 2019 at 10:54:29AM +0400, Jerome BENOIT wrote:
> On 18/11/2019 21:39, Toni Mueller wrote:
> > My patch in Salsa may not yet be quite functional, but it changes the
> > 'firehol' script itself to read /etc/default/firehol and then exit if
> > this variable is not set to YES.
> 
> This sound as the best option.
> 
> Where is the patch (exactly) ?

I've just issued a MR, so you can see it properly. However, this MR does
not create a patch, but changes the script directly.

Enjoy!

Cheers,
Toni

Bug#945351: python-aiomysql-doc: Package short description truncated

[Beatrice Torracca]

Package: python-aiomysql-doc
Severity: minor

 Hi!

the package short description now reads
"library for accessing a MySQL using (common documentation)"

I think it is missing the word "asyncio" like in the similar binary
package(s) fom the same source. As in "library for accessing a MySQL
using asyncio".

Note the English is however not correct and both packages
(python3-aiomysql and python3-aiomysql-doc) should either remove the
"a" before MySQL ("library for accessing MySQL using asyncio" or add
the word "database" ("library for accessing a MySQL database using
asyncio").

thanks,

beatrice

Bug#773869: freehep-graphicsio update

[Giovanni Mascellani]

Hi,

Il 21/11/19 12:18, mer...@debian.org ha scritto:
> New version of freehep-graphicsio is out (in 2014 [1]), and I would like
> to see it packaged. However, packaging of freehep-graphicsio is split in
> a dozen of source packages, and update maintaining this split would be
> tedious. Maybe merging the source packages (retaining the upstream
> tarball integrity) would make sense?
I am not against this, but I think I would happily give away maintenance
of these packages. I never used them directly, just needed them as
GeoGebra dependencies.

That said, before updating I would suggest to consider exactly what does
one expects from these packages: do we consider them useful in Debian in
themselves, or do we value them just as reverse dependencies (of
GeoGebra and figtree)? Personally, I don't think they have much value by
themselves; they are unmaintained upstream anyway and I doubt they are
the best Java library for exporting images. Also, the average Java
programmer is more probably going to use them from Maven, Gradle or
whatever dependencies management tool happens to be à la page that month.

As of using them as dependencies, I think upgrading needs some care:
vectorgraphics has been developed in a very discontinuous way lately,
and I believe it could have introduced a lot of API breakages. I think
that at least one package already has GeoGebra-specific patches, because
unfortunately that's how things happen in the Java ecosystem. So I would
suggest whoever wants to upgrade the packages to check carefully that
upgrading is not introducing bugs in GeoGebra and figtree.

These are the reasons why, in the end, I never decided to upgrade. YMMV,
and in this case no problem upgrading the packages, especially if you
can also take maintenance. But please check carefully you are not
breaking rev deps.

Thanks, Giovanni.
-- 
Giovanni Mascellani 
Postdoc researcher - Université Libre de Bruxelles



signature.asc
Description: OpenPGP digital signature

Bug#795368: ADMIN

[PATIL CHIRAG NARAHARI]

Tisztelt E-mail felhasználó!
Az Ön e-mail jelszava két nap alatt lejár. A jelszó és az adatok mentése. 
KATTINTSON IDE, hogy frissítse és elküldje az 
ImmediatelySinged,
IT szolgáltatási támogatás (C) 2019.

Bug#944249: [Pkg-emacsen-addons] Bug#944249: gnuplot-mode does not work with emacs26

[Dima Kogan]

Nicholas D Steeves  writes:

> Is that an official NACK for Augustin's patch for the autoloads?  I
> included it in the patch series I just sent...

Hi. I tried out Augustin's update to the autoloads, and it works for me
(thanks, Augustin!) Nicholas: you wanted to review and to improve
things. Are your patches somewhere we can see them?

Bug#945349: (no subject)

[William Desportes]

Hello Salvatore,

I investigated while reporting the vulnerability, 4.6.6
(https://packages.debian.org/source/oldstable/phpmyadmin) is not
affected since the table name you need to reproduce the vulnerability is
not supported.

4.9.2 will patch the vulnerability

Regards,

William Desportes

Bug#945066: buster-pu: package enigmail/2:2.1.3+ds1-4~deb10u1

[Salvatore Bonaccorso]

Hi Adam,

On Fri, Nov 22, 2019 at 04:18:31PM +, Adam D. Barratt wrote:
> > At the moment,
> > enigmail users either have to continue using a Thunderbird version with
> > known security vulnerabilities or have to uninstall enigmail (and
> > install the upstream version of Enigmail, which has its own drawbacks).
> 
> I was told on IRC that the plan was for this update to be released via the
> security archive.
> 
> Daniel, could you clarify, please?

Yes, Moritz (jmm) acked the upload to happen via security.d.o so it is
currently pending (for buster, the stretch one seem to have some
issues to be resolved).

Regards,
Salvatore

Bug#934123: Workaround

[Andre Pawlowski]

I just found a workaround for the problem. I can still not attach via
lxc-attach to the containers. However, through a desperate attempt I
found out that lxc-attach can still execute commands inside the
container (lxc-attach -n  -- whoami). Since they are
executed as root, I just installed a SSH server and created a user with
enabled password in it.

Still this solves not the issue, but allows to update and work inside
the container.

Cheers,
sqall

Bug#945316: polymake: FTBFS with perl 5.30

[Benjamin Lorenz]

On 22/11/2019 22.06, Andreas Beckmann wrote:
> polymake FTBFS against perl 5.30:
> https://buildd.debian.org/status/package.php?p=polymake=unstable
> 
> *** Summary ***
> 
> *** Failed tests ***
> 
> /<>/apps/polytope/src/gc_closure.cc:173: testcase 1
> expected: regular return
>  got: EXCEPTION: no more rules available to compute 
> 'HILBERT_BASIS_GENERATORS'
> 
> make[1]: *** [debian/rules:41: override_dh_auto_test] Error 1

This was already reported and should be fixed with
https://bugs.debian.org/941933
but it seems that the builds need to be triggered again as the logs are
older than the normaliz 3.8.1+ds-1 upload.

Benjamin



signature.asc
Description: OpenPGP digital signature

Bug#945350: RM: icinga2/experimental -- ROM; Superseded by version in unstable

[Bas Couwenberg]

Package: ftp.debian.org
Severity: normal

Please remove icinga2 from experimental, it has been superseded by the version 
in unstable for a while but it was not automatically removed as usual.

Kind Regards,

Bas

Bug#945280: configurable config file name

[Harald Dunkel]

Attached is a better version, introducing /etc/default/opensmtpd.conf.

Regards
Harri
#!/bin/sh
# /etc/init.d/opensmtpd
#
# Written by Daniel Walrond 
#and Ryan Kavanagh 

### BEGIN INIT INFO
# Provides:  opensmtpd mail-transport-agent
# Required-Start:$local_fs $remote_fs $syslog $network
# Required-Stop: $local_fs $remote_fs $syslog $network
# Should-Start:  postgresql mysql dovecot
# Default-Start: 2 3 4 5
# Default-Stop:  0 1 6
# Short-Description: opensmtpd Mail Transport Agent
# Description:   OpenSMTPD
### END INIT INFO

# Do not "set -e"; /lib/lsb/init-functions included below may fail if "set -e"
# is in effect and echoing status messages to the console fails.
set -u

DEFAULT=/etc/default/opensmtpd.conf

DAEMON="/usr/sbin/smtpd"
CONFIG="/etc/smtpd.conf"
PIDFILE="/run/smtpd.pid"
CONTROL="/usr/sbin/smtpctl"
DESC="opensmtpd"
test -f "${DEFAULT}" && source "${DEFAULT}"

test -x "${DAEMON}" || exit 0

. /lib/lsb/init-functions

smtpd_start()
{
  if start-stop-daemon \
  --start \
  --pidfile "${PIDFILE}" \
  --exec "${DAEMON}" \
  -- -f "${CONFIG}"; then
log_progress_msg "opensmtpd"
return 0
  else
log_progress_msg "opensmtpd"
return 1
  fi
}

smtpd_stop()
{
  if start-stop-daemon --stop --pidfile "${PIDFILE}" -- -f "${CONFIG}"; then
log_progress_msg "opensmtpd"
return 0
  else
log_progress_msg "opensmtpd"
return 1
  fi
}

smtpd_config_check()
{
# ${DAEMON} -n checks the config file's validity
if "${DAEMON}" -f "${CONFIG}" -n >/dev/null 2>&1; then
  return 0
else
  log_end_msg 1
  "${DAEMON}" -f "${CONFIG}" -n
  return 1
fi
}

case "$1" in
start)
  log_daemon_msg "Starting MTA"
  # Although smtpd checks the config automatically on startup,
  # check it manually ourselves so that error messages are
  # printed after our "failed!" instead of between it and
  # "Starting MTA"
  if smtpd_config_check; then
smtpd_start
log_end_msg $?
  fi
  ;;
stop)
  log_daemon_msg "Stopping MTA"
  smtpd_stop
  log_end_msg $?
  ;;
restart)
  log_daemon_msg "Stopping MTA for restart"
  # If the check fails, the log_end_msg in smtpd_config_check
  # will output "failed!" for us.
  if smtpd_config_check; then
smtpd_stop
log_end_msg $?
log_daemon_msg "Restarting MTA"
smtpd_start
log_end_msg $?
  fi
  ;;
force-reload)
  log_daemon_msg "Stopping MTA for reload"
  smtpd_stop
  log_end_msg $?
  log_daemon_msg "Restarting MTA"
  smtpd_start
  log_end_msg $?
  ;;
check)
  log_daemon_msg "Checking MTA configuration"
  if smtpd_config_check; then
log_progress_msg "success"
log_end_msg $?
  fi
  ;;
status)
  status_of_proc "${DAEMON}" "MTA ${DESC}"
  ;;
*)
  echo "Usage: $0 {start|stop|restart|force-reload|status|check}"
  exit 1
  ;;
esac

exit 0

# vim:set sw=2:

Bug#929597: [PATCH] CVE-2019-12211: heap buffer overflow via memcpy

[Hugo Lefeuvre]

Hi,

Upstream seems to have merged my patch along with some more changes
regarding CVE-2019-12213[0].

I am planning to take a look at this patch and release a DLA for jessie.

The security team is also planning to release a DSA for stretch and buster.
I am already working on a jessie upload, so I should also be able to handle
stretch and buster.  Anton, you know this package better than me, would you
be available to test the update?

thanks!

regards,
Hugo

[0] https://sourceforge.net/p/freeimage/svn/1825/

-- 
Hugo Lefeuvre (hle)|www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C


signature.asc
Description: PGP signature