Bug#949630: CVE-2019-19601

[Moritz Muehlenhoff]

On Thu, Jan 23, 2020 at 11:42:44AM +0900, Norbert Preining wrote:
> On Wed, 22 Jan 2020, Moritz Muehlenhoff wrote:
> > This was assigned CVE-2019-19601 and appears to be shipped as part of 
> > texlive-bin:
> > https://github.com/pkubowicz/opendetex/issues/60
> 
> Only happens in the non-kpathsea code path, which Debian is not using.
> The sprintf are the
>   #ifndef KPATHSEA
> 
> Closing this bug, but suggesting a fix on the github issue for the
> non-kpathsea case.

Thanks! I'll update the Debian Security Tracker.

Cheers,
Moritz

Bug#949647: firefox: Unable to lounch

[Jérôme Fix]

Hi,

Exactly the same issue here since lasts updates.
It's the same thing with Thunderbird.

➜  ~ thunderbird 
ExceptionHandler::GenerateDump cloned child 46082
ExceptionHandler::WaitForContinueSignal waiting for continue signal...
ExceptionHandler::SendContinueSignalToChild sent continue signal to child


➜  ~ /usr/bin/firefox   
ExceptionHandler::GenerateDump cloned child 46533
ExceptionHandler::SendContinueSignalToChild sent continue signal to child
ExceptionHandler::WaitForContinueSignal waiting for continue signal...

Regards,

Jérôme.

On Thu, 23 Jan 2020 08:03:43 +0100 Michael Rasmussen  wrote:
> Package: firefox
> Version: 72.0.2-1
> Severity: grave
> Justification: renders package unusable
> 
> Dear Maintainer,
> 
> Starting firefox produces the error below and firefox informs me that it has 
crashed and cannot start:
> 
> ExceptionHandler::GenerateDump cloned child 
ExceptionHandler::WaitForContinueSignal waiting for continue signal...
> 13819
> ExceptionHandler::SendContinueSignalToChild sent continue signal to child
> 
> I see exactly the same whether I am starting firefox with or without the 
option --safe-mode.
> 
> 
> -- Package-specific info:
> 
> 
> -- Addons package information
> 
> -- System Information:
> Debian Release: bullseye/sid
>   APT prefers unstable
>   APT policy: (990, 'unstable'), (500, 'unstable-debug')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 5.4.0-3-amd64 (SMP w/16 CPU cores)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
> Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_DK.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
> 
> Versions of packages firefox depends on:
> ii  debianutils   4.9.1
> ii  fontconfig2.13.1-2+b1
> ii  libatk1.0-0   2.34.1-1
> ii  libc6 2.29-9
> ii  libcairo-gobject2 1.16.0-4
> ii  libcairo2 1.16.0-4
> ii  libdbus-1-3   1.12.16-2
> ii  libdbus-glib-1-2  0.110-5
> ii  libevent-2.1-72.1.11-stable-1
> ii  libffi7   3.3-3
> ii  libfontconfig12.13.1-2+b1
> ii  libfreetype6  2.10.1-2
> ii  libgcc1   1:9.2.1-24
> ii  libgdk-pixbuf2.0-02.40.0+dfsg-2
> ii  libglib2.0-0  2.62.4-1+b1
> ii  libgtk-3-03.24.13-1
> ii  libnspr4  2:4.24-1
> ii  libnss3   2:3.49.1-1
> ii  libpango-1.0-01.42.4-8
> ii  libsqlite3-0  3.31.0-1
> ii  libstartup-notification0  0.12-6
> ii  libstdc++69.2.1-24
> ii  libx11-6  2:1.6.8-1
> ii  libx11-xcb1   2:1.6.8-1

Bug#949647: Problem induced by sqlite3 3.31.0-1

[Benjamin Eikel]

Dear all,

I have the same problem. First, I tried to downgrade firefox from 72.0.2-1 to 
72.0.1-1+b1, but the problem persisted. Then, I downgraded libsqlite3-0 from 
3.31.0-1 to 3.30.1-1. Now, firefox starts again. I upgraded firefox back to 
the latest version and it is still working.

Kind regards
Benjamin

P. S.: A big thanks to the people providing snapshot.debian.org!

Bug#949267: transition: netcdf

[Sebastiaan Couwenberg]

netcdf (1:4.7.3-1) is built & installed on all release architectures,
please schedule the binNMUs except netcdf-fortan which is currently
building on the buildds.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1

Bug#949648: firefox-esr: New version crash immediately at start

[Eric Valette]

Package: firefox-esr
Version: 68.4.2esr-1
Severity: grave
Justification: renders package unusable

Crash at startup sice yesterday upgrade.

-- Package-specific info:


-- Addons package information

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.4.13 (SMP w/8 CPU cores; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=fr_FR.UTF8, LC_CTYPE=fr_FR.UTF8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages firefox-esr depends on:
ii  debianutils   4.9.1
ii  fontconfig2.13.1-2+b1
ii  libasound21.2.1.2-2
ii  libatk1.0-0   2.35.1-1
ii  libc6 2.30-0experimental1
ii  libcairo-gobject2 1.16.0-4
ii  libcairo2 1.16.0-4
ii  libdbus-1-3   1.13.12-2
ii  libdbus-glib-1-2  0.110-5
ii  libevent-2.1-72.1.11-stable-1
ii  libffi7   3.3-3
ii  libfontconfig12.13.1-2+b1
ii  libfreetype6  2.10.1-2
ii  libgcc1   1:9.2.1-24
ii  libgdk-pixbuf2.0-02.40.0+dfsg-2
ii  libglib2.0-0  2.63.3-3
ii  libgtk-3-03.24.13-1
ii  libjsoncpp1   1.7.4-3+b1
ii  libnspr4  2:4.24-1
ii  libnss3   2:3.49.1-1
ii  libpango-1.0-01.44.7-1
ii  libsqlite3-0  3.31.0-1
ii  libstartup-notification0  0.12-6
ii  libstdc++69.2.1-24
ii  libx11-6  2:1.6.8-1
ii  libx11-xcb1   2:1.6.8-1
ii  libxcb-shm0   1.13.1-3
ii  libxcb1   1.13.1-3
ii  libxcomposite11:0.4.4-2
ii  libxdamage1   1:1.1.5-1
ii  libxext6  2:1.3.3-1+b2
ii  libxfixes31:5.0.3-1
ii  libxrender1   1:0.9.10-1
ii  libxt61:1.1.5-1+b3
ii  procps2:3.3.15-2+b1
ii  zlib1g1:1.2.11.dfsg-1+b1

Versions of packages firefox-esr recommends:
ii  libavcodec58  10:4.2.2-dmo1

Versions of packages firefox-esr suggests:
ii  fonts-lmodern  2.004.5-6
ii  fonts-stix [otf-stix]  1.1.1-4
ii  libcanberra0   0.30-7
ii  libgssapi-krb5-2   1.17-6
ii  libgtk2.0-02.24.32-4
ii  pulseaudio 13.0-3

-- no debconf information

Bug#935814: still actual for lyx (version 2.3.3-3) in debian unstable

[A L]

Dear Maintainer,
this bug is still actual in lyx (version 2.3.3-3) in debian unstable

--
WBR,
A. L.

Bug#949274: pyresample autopkg tests regressed in unstable

[Antonio Valentino]

Dear Bas,

On Wed, 22 Jan 2020 08:39:28 +0100 Bas Couwenberg 
wrote:
> On 2020-01-22 08:12, Antonio Valentino wrote:
> > On Sun, 19 Jan 2020 08:44:48 +0100 Matthias Klose  
> > wrote:
> >> - WGS_1984_Web_Mercator_Auxiliary_Sphere
> >> + WGS 84 / Pseudo-Mercator
> > 
> > I gave a very quick look to the issue and it seems that the problem has
> > be triggered bu the update to gdal 3.0.3.
> > 
> > -gdal-data 3.0.2+dfsg-1
> > +gdal-data 3.0.3+dfsg-1
> > -libgdal26 3.0.2+dfsg-1
> > +libgdal26 3.0.3+dfsg-1
> > 
> > rasterio could be also involved since the specific test uses rasterio 
> > to
> > retrieve the information about the geographic projection
> > 
> > I don't see any change in gdal data at a first look so probably the
> > problem is related behavior change in gdal that is not correctly 
> > handled
> > by pyresample or rasterio.
> > 
> > I need to make some additional investigation.
> 
> GDAL 3 is the first to fully support PROJ 6, it now relies on PROJ and 
> its database for CRS data instead the data files included in gdal-data.
> 
> The test should either expect the new name or expect both.

OK, clear. I will fix the test then.


cheers

-- 
Antonio Valentino

Bug#949645: firefox: Firefox crashes immediate upon startup. safe-mode/disabling plugins has no effect.

[Felicia P]

This is actually a bug with sqlite3.  Please see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949644 and
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949646+


0xCEC1B8C7E51FC983.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature

Bug#949647: firefox: Unable to lounch

[Michael Rasmussen]

Package: firefox
Version: 72.0.2-1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

Starting firefox produces the error below and firefox informs me that it has 
crashed and cannot start:

ExceptionHandler::GenerateDump cloned child 
ExceptionHandler::WaitForContinueSignal waiting for continue signal...
13819
ExceptionHandler::SendContinueSignalToChild sent continue signal to child

I see exactly the same whether I am starting firefox with or without the option 
--safe-mode.


-- Package-specific info:


-- Addons package information

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'unstable-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-3-amd64 (SMP w/16 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages firefox depends on:
ii  debianutils   4.9.1
ii  fontconfig2.13.1-2+b1
ii  libatk1.0-0   2.34.1-1
ii  libc6 2.29-9
ii  libcairo-gobject2 1.16.0-4
ii  libcairo2 1.16.0-4
ii  libdbus-1-3   1.12.16-2
ii  libdbus-glib-1-2  0.110-5
ii  libevent-2.1-72.1.11-stable-1
ii  libffi7   3.3-3
ii  libfontconfig12.13.1-2+b1
ii  libfreetype6  2.10.1-2
ii  libgcc1   1:9.2.1-24
ii  libgdk-pixbuf2.0-02.40.0+dfsg-2
ii  libglib2.0-0  2.62.4-1+b1
ii  libgtk-3-03.24.13-1
ii  libnspr4  2:4.24-1
ii  libnss3   2:3.49.1-1
ii  libpango-1.0-01.42.4-8
ii  libsqlite3-0  3.31.0-1
ii  libstartup-notification0  0.12-6
ii  libstdc++69.2.1-24
ii  libx11-6  2:1.6.8-1
ii  libx11-xcb1   2:1.6.8-1
ii  libxcb-shm0   1.13.1-3
ii  libxcb1   1.13.1-3
ii  libxcomposite11:0.4.4-2
ii  libxdamage1   1:1.1.5-1
ii  libxext6  2:1.3.3-1+b2
ii  libxfixes31:5.0.3-1
ii  libxrender1   1:0.9.10-1
ii  libxt61:1.1.5-1+b3
ii  procps2:3.3.15-2+b1
ii  zlib1g1:1.2.11.dfsg-1+b1

Versions of packages firefox recommends:
ii  libavcodec-extra57  7:3.4.3-1
ii  libavcodec587:4.2.1-2+b1

Versions of packages firefox suggests:
ii  fonts-lmodern  2.004.5-6
pn  fonts-stix | otf-stix  
ii  libcanberra0   0.30-7
ii  libgssapi-krb5-2   1.17-6
ii  libgtk2.0-02.24.32-4
ii  pulseaudio 13.0-3

-- no debconf information



This mail was virus scanned and spam checked before delivery.
This mail is also DKIM signed. See header dkim-signature.

Bug#949644: libsqlite3-0: Firefox immediately crashes at start with latest libsqlite3-0

[Felicia P]

I can confirm this bug.  Downloading and installing the previous sqlite3
and libsqlite3 packages fixes the issue

https://snapshot.debian.org/package/sqlite3/ look for versions
3.30.1+fossil191229-1

# dpkg -i libsqlite3-0_3.30.1+fossil191229-1_amd64.deb 
sqlite3_3.30.1+fossil191229-1_amd64.deb
libsqlite3-0_3.30.1+fossil191229-1_i386.deb



0xCEC1B8C7E51FC983.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature

Bug#949646: libsqlite3-0: Firefox immediately crashes at start with latest libsqlite3-0

[Lukas Helebrandt]

Package: libsqlite3-0
Version: 3.30.1+fossil191229-1
Severity: critical
Justification: breaks unrelated software

Dear Maintainer,

With the update of libsqlite3-0 to version libsqlite3-0_3.30.1, Firefox 
(latest in Sid: 72.0.2) crashes immediately at start, even in safe mode 
and with a clean profile, and shows the "Sorry, Firefox has closed 
unexpectedly" dialog. Downgrading to libsqlite3-0_3.3>


Firefox doesn't give any clear sign that it is a problem with 
libsqlite3-0. Terminal output:


```
ExceptionHandler::GenerateDump cloned child 10973
ExceptionHandler::WaitForContinueSignal waiting for continue signal...
ExceptionHandler::SendContinueSignalToChild sent continue signal to child
Exiting due to channel error.
```

Best regards,

Lukas


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)

Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libsqlite3-0 depends on:
ii  libc6  2.29-9

libsqlite3-0 recommends no packages.

libsqlite3-0 suggests no packages.

-- no debconf information

Bug#949626: busybox-static: Please include less and ftpput in busybox-udeb

[Nicholas D Steeves]

Witold Baryluk  writes:

> On Wed, 22 Jan 2020 at 22:03, Philipp Kern  wrote:
>> > Please include functional less, just like in busybox-static with the same
>> > build options.
>>
>> There is nano though. (I'd still second less. I think we can spare the
>> space.)
>
> ~17kB from my estimates and looking at build logs.
>
>> > ftpput to transfer files out would good option too.
>>
>> The age of FTP has long passed.
>
> You think you can fit the scp or ssh then? :D I doubt so.
>
> In the lack of ftpput, one would still use netcat / nc,
> which is actually available in busybox-nc to accomplish
> the same task, just in more convoluted way.
>

+1.

Also, could dropbear-initramfs solve this?

Cheers,
Nicholas


signature.asc
Description: PGP signature

Bug#949645: firefox: Firefox crashes immediate upon startup. safe-mode/disabling plugins has no effect.

[Felicia]

Package: firefox
Version: 72.0.2-1
Severity: important

Dear Maintainer,

As of upgrade to 72.0.2-1 firefox crashes immediately upon starting.
Disabling safe mode by executing 'firefox -safe-mode' or by
'MOZILLA_DISABLE_PLUGINS=1 firefox' has no effect.

Downgraded to 72.0.1-1+b1 and upon startup was forced by Firefox to create a new
profile, but then it also crashed immediately.  Subsequent attempts to
launch it with plugins disabled also result in immediate crashes.

-- Package-specific info:


-- Addons package information

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages firefox depends on:
ii  debianutils   4.9.1
ii  fontconfig2.13.1-2+b1
ii  libatk1.0-0   2.34.1-1
ii  libc6 2.29-9
ii  libcairo-gobject2 1.16.0-4
ii  libcairo2 1.16.0-4
ii  libdbus-1-3   1.12.16-2
ii  libdbus-glib-1-2  0.110-5
ii  libevent-2.1-72.1.11-stable-1
ii  libffi7   3.3-3
ii  libfontconfig12.13.1-2+b1
ii  libfreetype6  2.10.1-2
ii  libgcc1   1:9.2.1-24
ii  libgdk-pixbuf2.0-02.40.0+dfsg-2
ii  libglib2.0-0  2.62.4-1+b1
ii  libgtk-3-03.24.13-1
ii  libnspr4  2:4.24-1
ii  libnss3   2:3.49.1-1
ii  libpango-1.0-01.42.4-8
ii  libsqlite3-0  3.31.0-1
ii  libstartup-notification0  0.12-6
ii  libstdc++69.2.1-24
ii  libx11-6  2:1.6.8-1
ii  libx11-xcb1   2:1.6.8-1
ii  libxcb-shm0   1.13.1-3
ii  libxcb1   1.13.1-3
ii  libxcomposite11:0.4.4-2
ii  libxdamage1   1:1.1.5-1
ii  libxext6  2:1.3.3-1+b2
ii  libxfixes31:5.0.3-1
ii  libxrender1   1:0.9.10-1
ii  libxt61:1.1.5-1+b3
ii  procps2:3.3.15-2+b1
ii  zlib1g1:1.2.11.dfsg-1+b1

Versions of packages firefox recommends:
ii  libavcodec58  7:4.2.1-2+b1

Versions of packages firefox suggests:
ii  fonts-lmodern  2.004.5-6
pn  fonts-stix | otf-stix  
ii  libcanberra0   0.30-7
ii  libgssapi-krb5-2   1.17-6
ii  libgtk2.0-02.24.32-4
ii  pulseaudio 13.0-3

-- no debconf information

Bug#949644: libsqlite3-0: Firefox immediately crashes at start with latest libsqlite3-0

[Lukas Helebrandt]

Package: libsqlite3-0
Version: 3.30.1+fossil191229-1
Severity: critical
Justification: breaks unrelated software

Dear Maintainer,

With the update of libsqlite3-0 to version libsqlite3-0_3.30.1, Firefox (latest 
in Sid: 72.0.2) crashes immediately at start, even in safe mode and with a 
clean profile, and shows the "Sorry, Firefox has closed unexpectedly" dialog. 
Downgrading to libsqlite3-0_3.30.1 fixes the problem.

Firefox doesn't give any clear sign that it is a problem with libsqlite3-0. 
Terminal output:

```
ExceptionHandler::GenerateDump cloned child 10973
ExceptionHandler::WaitForContinueSignal waiting for continue signal...
ExceptionHandler::SendContinueSignalToChild sent continue signal to child
Exiting due to channel error.
```

Best regards,

Lukas


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libsqlite3-0 depends on:
ii  libc6  2.29-9

libsqlite3-0 recommends no packages.

libsqlite3-0 suggests no packages.

-- no debconf information

Bug#933739: Better link for the upstream report

[Julien Puydt]

Hi,

my report was in fact a duplicate of:

https://github.com/pypa/setuptools_scm/issues/246

So upstream is aware of the matter, has some kind of plan, but doesn't
really move forward on it.

JP

Bug#949643: haproxyctl: Ability to deal with nbproc > 1

[Brent Clark]

Package: haproxyctl
Version: Ability to deal with nbproc > 1
Severity: important

Dear Maintainer,

   * What led up to the situation?
Currently running Haproxy 1.7.5-2.
I added the following to my config.
nbproc 4

Received:
~ # haproxyctl nagios
sh: line 1: 28055: command not found
sh: line 2: 28056: command not found
sh: line 3: 28058: command not found
CRITICAL: HAProxy is not running!

If you look at:

https://github.com/flores/haproxyctl/commit/3380ba9d2cd13eb7a225f0c4e2dd4378c5a3900e
You will see the following work was done to add this issue.

Please consider patching haproxyctl.

Regards
Brent Clark


-- System Information:
Debian Release: 10.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.2.0-0.bpo.3-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_ZA.UTF-8, LC_CTYPE=en_ZA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_ZA:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#949642: RFP: libjs-foundationjs -- advanced responsive front-end framework

[Lev Lamberov]

Package: wnpp
Severity: wishlist

* Package name: libjs-foundationjs
  Version : 6.5.1
  Upstream Author : ZURB, Inc.
* URL : https://foundation.zurb.com/
* License : MIT
  Programming Lang: HTML, CSS, JavaScript
  Description : advanced responsive front-end framework

It is a family of responsive front-end frameworks that make it easy to
design beautiful responsive websites, apps and emails that look
amazing on any device. Foundation is semantic, readable, flexible, and
completely customizable.

I suppose that this package may be considered interesting to Debian
JavaScript Maintainers, so CCing them.

This package is a dependency for elfeed, see #949537.

Bug#891410:

[Guilhem Moulin]

On Wed, 22 Jan 2020 at 14:37:54 -0600, Mario Limonciello wrote:
> Would you mind suggesting something upstream with the relevant changes
> that make sense?

As written earlier in this bug our public interface for this kind of
things is to use keyscripts.  See crypttab(5) for the few environment
variables are exported to the script, and we're also discussing
documenting a some helper functions in #901795.

Unfortunately, that means users who have a working crypttab now will
have to change it to use our interface.

-- 
Guilhem.


signature.asc
Description: PGP signature

Bug#946996: wireguard-tools: 'wg-quick down' segfaults

[Celejar]

On Wed, 22 Jan 2020 16:47:17 -0500
Daniel Kahn Gillmor  wrote:

> Control: tags 946996 + moreinfo
> 
> On Tue 2020-01-21 22:18:45 -0500, Celejar wrote:
> > Sorry, I'm still getting it:
> >
> > ~# apt-cache policy wireguard-tools 
> > wireguard-tools:
> >   Installed: 1.0.20200102-1
> >   Candidate: 1.0.20200102-1
> >   Version table:
> >  *** 1.0.20200102-1 500
> > 500 http://deb.debian.org/debian sid/main amd64 Packages
> > 100 /var/lib/dpkg/status
> >
> > ~# ifdown wg0
> > [#] ip -4 rule delete table 51820
> > [#] ip -4 rule delete table main suppress_prefixlength 0
> > [#] ip link delete dev wg0
> > [#] resolvconf -d tun.wg0 -f
> > [#] iptables-restore -n
> > /usr/bin/wg-quick: line 29: 186243 Segmentation fault  "$@"
> 
> Interesting.  Can you modify wg-quick locally to expose what is being
> piped into iptables-restore -n in this instance?
> 
> For example, a change like this:
> 
> 
> --- wg-quick.orig 2020-01-22 16:05:42.456100207 -0500
> +++ wg-quick  2020-01-22 16:45:35.936536027 -0500
> @@ -198,6 +198,7 @@
>   [[ $line == "-A"* ]] && found=1
>   printf -v restore '%s%s\n' "$restore" 
> "${line/#-A/-D}"
>   done < <($iptables-save 2>/dev/null)
> +[[ $found -ne 1 ]] || echo -n "RESTORING: $restore" 
> >&2
>   [[ $found -ne 1 ]] || echo -n "$restore" | cmd 
> $iptables-restore -n
>   done
>   fi
> 
> 
> Then report back what is printed there, and see whether feeding it into
> "iptables-restore -n" on its own is sufficient to cause a segfault.

So right after my last email, I upgraded to 1.0.20200121-1, and now I
no longer get a segfault. Is there anything further I should do? Should
I do a downgrade and try your modification?

> thanks for taking the time to report and debug!

Celejar

Bug#949135: transition: netcdf-fortran

[Sebastiaan Couwenberg]

On 1/22/20 9:40 PM, Paul Gevers wrote:
> On 17-01-2020 11:22, Bas Couwenberg wrote:
>> netcdf-fortran bumped its SONAME requiring a transition.
> 
> Please go ahead.

Thanks.

> Am I correct in saying that it makes a lot of sense to take this
> transition together with the netcdf transition? If so, please combine
> that transition and go ahead with that one as well.

All affected packages are also part of the netcdf transition, these
would only have to be rebuilt once when combining the transitions.

I'll upload netcdf to unstable first, once that's built everywhere
netcdf-fortan will follow.

Kind Regards,

Bas

-- 
 GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146  50D1 6750 F10A E88D 4AF1



signature.asc
Description: OpenPGP digital signature

Bug#949641: Got SyntaxWarnings while upgrading python3-translate

[shirish शिरीष]

Package: python3-translate
Version: 2.5.0-1
Severity: normal

Dear Maintainer,

Got the following warnings while upgrading -

Setting up python3-translate (2.5.0-1) ...
/usr/lib/python3/dist-packages/translate/convert/prop2po.py:73:
SyntaxWarning: "is" with a literal. Did you mean "=="?
  if pounit is "discard":
/usr/lib/python3/dist-packages/translate/convert/prop2po.py:119:
SyntaxWarning: "is" with a literal. Did you mean "=="?
  if origpo is "discard":
/usr/lib/python3/dist-packages/translate/convert/prop2po.py:137:
SyntaxWarning: "is" with a literal. Did you mean "=="?
  if translatedpo is "discard":

Please fix the same.

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'testing-debug'), (100,
'unstable-debug'), (100, 'experimental'), (100, 'unstable'), (50,
'experimental-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 5.4.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IN, LC_CTYPE=en_IN (charmap=UTF-8), LANGUAGE=en_IN:en
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages python3-translate depends on:
ii  gettext 0.19.8.1-10
ii  libexttextcat-data  3.4.5-1
ii  python3 3.7.5-3
ii  python3-six 1.13.0-1

Versions of packages python3-translate recommends:
ii  python3-aeidon1.7-1
ii  python3-bs4   4.8.2-1
ii  python3-chardet   3.0.4-4
ii  python3-diff-match-patch  2018-2
ii  python3-enchant   2.0.0-2
ii  python3-iniparse  0.4-3
ii  python3-l20n  4.0.0~a1-4
ii  python3-levenshtein   0.12.0-3+b2
ii  python3-lxml  4.4.2-1
ii  python3-phply 1.2.5-4
ii  python3-pycountry 19.8.18+ds1-2
ii  python3-ruamel.yaml   0.15.89-3+b1
ii  python3-simplejson3.16.0-2+b1
ii  python3-vobject   0.9.6.1-0.2
ii  python3-xapian1.4.12-2+b1

Versions of packages python3-translate suggests:
pn  python3-cheroot
pn  python3-subversion 
pn  translate-toolkit-doc  

-- no debconf information



-- 
  Regards,
  Shirish Agarwal  शिरीष अग्रवाल
  My quotes in this email licensed under CC 3.0
http://creativecommons.org/licenses/by-nc/3.0/
http://flossexperiences.wordpress.com

E493 D466 6D67 59F5 1FD0 930F 870E 9A5B 5869 609C

Bug#949640: mirror submission for mirror.edgeuno.net

[Fernando Castro]

Package: mirrors
Severity: wishlist
User: mirr...@packages.debian.org
Usertags: mirror-submission

Submission-Type: new
Site: mirror.edgeuno.net
Type: leaf
Archive-architecture: amd64 arm64 armel i386
Archive-http: /debian/
Archive-rsync: debian/
Maintainer: Fernando Castro 
Country: CO Colombia
Location: Bogota
Sponsor: EdgeUno https://www.edgeuno.com




Trace Url: http://mirror.edgeuno.net/debian/project/trace/
Trace Url: http://mirror.edgeuno.net/debian/project/trace/ftp-master.debian.org
Trace Url: http://mirror.edgeuno.net/debian/project/trace/mirror.edgeuno.net

Bug#949639: RFS: ibus-bamboo/0.6.4-1 -- A Vietnamese IME for IBus using Bamboo Engine.

[Lâm]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "ibus-bamboo"

 * Package name: ibus-bamboo
   Version : 0.6.4-1
   Upstream Author : Lương Thanh Lâm 
 * URL : https://github.com/BambooEngine/ibus-bamboo
 * License : GPLv3

 * Vcs : None
   Section : utils

It builds those binary packages:

  ibus-bamboo - A Vietnamese IME for IBus using Bamboo Engine.

To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/ibus-bamboo

Alternatively, one can download the package with dget using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/i/ibus-bamboo/ibus-bamboo_0.6.4-1.dsc

Regards,

--
  Lam

Bug#949257: xserver-xorg-core: Segmentation fault w/ 1.20.7

[Jamie Heilman]

Vincent Lefevre wrote:
> On 2020-01-19 00:09:13 +, Jamie Heilman wrote:
> > Package: xserver-xorg-core
> > Version: 2:1.20.7-2
> > Severity: grave
> > 
> > Setup is a NVIDIA GF108GL [Quadro 600] driving two monitors in
> > portrait orientation.  Kernel 5.4.0-2-amd64 #1 SMP Debian 5.4.8-1 
> > (2020-01-05)
> > 
> > xorg.conf is:
> > Section "Device"
> >  Identifier "GF108GL"
> >  Driver "nouveau"
> [...]
> > Crash is consistent, and goes away once downgraded to 1.20.6, other
> > relevant package versions:
> > 
> > libdrm-nouveau2:amd64   2.4.100-4
> > xdm 1:1.1.11-3+b1
> > xserver-xorg-video-nouveau  1:1.0.16-1
> > 
> > Crash:
> > 
> > [   590.914] (II) NOUVEAU(0): NVEnterVT is called.
> > [   590.914] (EE) 
> > [   590.914] (EE) Backtrace:
> [...]
> 
> I wonder whether the problem could be related to the nouveau driver.
> I've had lots a problems (crashes...) with it, on a machine I do not
> use very much. The last one a few weeks ago:
> 
>   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946524
>   (trapped write in the nouveau driver)
> 
> Try to look at the system logs too...

Wasn't anything else in the system logs, I did look, but this happens
entirely in userspace.  It does not happen on my system that uses a
NVIDIA G86 Quadro NVS 290, but that also only drives a single monitor
with no rotation.

-- 
Jamie Heilman http://audible.transient.net/~jamie/

Bug#949638: tesseract: uses -march=native

[peter green]

Package: tesseract
Version: 4.1.0-1
Severity: serious
Tags: patch

I recently discovered that tesseract 4.1.1-1 failed the armv7 contamination 
check we run in raspbian.

Investigating shows that since version 4.1.0-1 tesseract started using 
-march=native. This compiler option is totally inappropriate for a binary 
distribution like Debian or Raspbian, because it means that the minimum CPU 
requirements of the resulting binaries will depend on what CPU the buildbox 
happens to have.

4.1.0-1 was never built in raspbian, I am not sure why 4.1.0-2 passed the 
contamination check in raspbian. My best guess is that -march=native on arm is 
poorly implemented and does not recognise the CPUs on some of our buildboxes.

Anyway I whipped up a fix and uploaded it to raspbian. A debdiff should appear 
soon at https://debdiffs.raspbian.org/main/t/tessarect/

Bug#936455: dumb-init: Python2 removal in sid/bullseye

[Shengjing Zhu]

Package: src:dumb-init
Followup-For: Bug #936455

Dear Maintainer,

I uploaded fix to delay/10, full debdiff is attached.

diff -Nru dumb-init-1.2.2/debian/changelog dumb-init-1.2.2/debian/changelog
--- dumb-init-1.2.2/debian/changelog2019-02-16 02:46:54.0 +0800
+++ dumb-init-1.2.2/debian/changelog2020-01-23 10:36:55.0 +0800
@@ -1,3 +1,10 @@
+dumb-init (1.2.2-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Run test with python3. (Closes: #936455)
+
+ -- Shengjing Zhu   Thu, 23 Jan 2020 10:36:55 +0800
+
 dumb-init (1.2.2-1.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru dumb-init-1.2.2/debian/control dumb-init-1.2.2/debian/control
--- dumb-init-1.2.2/debian/control  2019-02-16 02:46:54.0 +0800
+++ dumb-init-1.2.2/debian/control  2020-01-23 10:28:48.0 +0800
@@ -7,9 +7,9 @@
 Build-Depends: debhelper (>= 10)
 ,help2man
 ## Tests:
-,python
-,python-mock
-,python-pytest
+,python3
+,python3-mock
+,python3-pytest
 Homepage: https://github.com/Yelp/dumb-init/
 Vcs-Browser: https://salsa.debian.org/debian/dumb-init
 Vcs-Git: https://salsa.debian.org/debian/dumb-init.git
diff -Nru dumb-init-1.2.2/debian/rules dumb-init-1.2.2/debian/rules
--- dumb-init-1.2.2/debian/rules2019-02-16 02:46:54.0 +0800
+++ dumb-init-1.2.2/debian/rules2020-01-23 10:28:35.0 +0800
@@ -28,5 +28,5 @@
 
 override_dh_auto_test:
 ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
-   PATH=.:$$PATH py.test tests/
+   PATH=.:$$PATH py.test-3 tests/
 endif

Bug#948824: opensmtpd: Installation fails with "post-installation script subprocess returned error exit status 1"

[Jernej Jakob]

On Sun, 19 Jan 2020 10:54:06 -0500
Ryan Kavanagh  wrote:

> Thanks, this helps a lot! I can reproduce the issue now. I've tested the
> attached configuration script and it fixes the issue on my end. Could
> you please let me know if it fixes the issue on your end? You can test
> it by copying it to /var/lib/dpkg/info/opensmtpd.config (with the same
> permissions as the existing file) and then trying to configure the
> package again.
> 
> Thanks,
> Ryan
> 

Thanks, the attached script fixed the issue.

Bug#949637: hub: New upstream release

[Matthew Gabeler-Lee]

A quick followup: I was able to use gpb and a bit of editing to get a 
package built locally that seems to work.


I have a guest account on salsa, and I'd be happy to submit that work 
there, but given that work touches 3 branches (master, upstream, 
pristine-tar), I'm not quite sure on the mechanics of that.


--
-- Matt
"Reality is that which, when you stop believing in it, doesn't go away".
-- Philip K. Dick
GPG fingerprint: 0061 15DF D282 D4A9 57CE  77C5 16AF 1460 4A3C C4E9

Bug#940461: [PATCH v2] Add imap-dl, a simple imap downloader

[Sean Whitton]

Hello,

On Wed 22 Jan 2020 at 05:01PM -08, Jameson Graef Rollins wrote:

>> Signed-off-by: Jameson Graef Rollins 
>> Signed-off-by: Daniel Kahn Gillmor 
>
> I confirm that I truly do sign off on this code, and fully support it's
> inclusion in mailscripts.

Could you confirm that you certify the contents of DEVELOPER-CERTIFICATE
(in mailscripts.git, not just that you think the code is good?

Thanks.

-- 
Sean Whitton


signature.asc
Description: PGP signature

Bug#949637: hub: New upstream release

[Matthew Gabeler-Lee]

Package: hub
Version: 2.7.0~ds1-1+b10
Severity: wishlist

The upstream package now has released up to 2.14.0.

Of particular note is the new `hub api` command, which is very useful for
scripting, introduced in version 2.8.3.

-- System Information:
Debian Release: 10.2
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'testing'), (490, 
'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-2-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages hub depends on:
ii  git1:2.20.1-2+deb10u1
ii  libc6  2.29-9

Versions of packages hub recommends:
ii  xclip  0.13-1
ii  xsel   1.2.0+git9bfc13d.20180109-1

hub suggests no packages.

-- no debconf information

Bug#940461: [PATCH v2] Add imap-dl, a simple imap downloader

[Jameson Graef Rollins]

On Wed, Jan 22 2020, Daniel Kahn Gillmor  wrote:
> Hi Sean--
>
> On Fri 2020-01-17 09:26:38 -0700, Sean Whitton wrote:
>> I think the easiest thing to do would be for one of you to prepare a
>> single patch, signed off, and for the other to write an e-mail signing
>> it off.  I'll then do a code review of the latest version of the script.
>
> The attached git-formatted patch is also present on the imap-dl-squashed
> branch on https://salsa.debian.org/dkg/mailscripts.  jrollins confirmed
> that it was OK, which is why it bears both of our signoffs.
>
> Thanks for considering imap-dl for inclusion within mailscripts!
>
>  --dkg
>
> From 9e5c1a893c17343102b042de23bdaa0f91b37d66 Mon Sep 17 00:00:00 2001
> From: Daniel Kahn Gillmor 
> Date: Sun, 15 Sep 2019 19:55:07 -0400
> Subject: [PATCH] Add imap-dl, a simple imap downloader
>
> getmail upstream appears to have no plans to convert to python3 in the
> near future.
>
> Some of us use only a minimal subset of features of getmail, and it
> would be nice to have something simpler, with the main complexity
> offloaded to the modern python3 stdlib.
>
> This patch represents a squashed series of changes from both Jameson
> Graef Rollins and Daniel Kahn Gillmor (dkg), though dkg is primarily
> responsible for any remaining bugs.
>
> Signed-off-by: Jameson Graef Rollins 
> Signed-off-by: Daniel Kahn Gillmor 

I confirm that I truly do sign off on this code, and fully support it's
inclusion in mailscripts.

jamie.


> ---
>  Makefile   |   4 +-
>  debian/control |   2 +
>  debian/mailscripts.bash-completion |   1 +
>  debian/mailscripts.install |   1 +
>  debian/mailscripts.manpages|   1 +
>  imap-dl| 254 +
>  imap-dl.1.pod  |  88 ++
>  7 files changed, 350 insertions(+), 1 deletion(-)
>  create mode 100755 imap-dl
>  create mode 100644 imap-dl.1.pod
>
> diff --git a/Makefile b/Makefile
> index af30616..ec3d851 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -1,15 +1,17 @@
>  MANPAGES=mdmv.1 mbox2maildir.1 \
>   notmuch-slurp-debbug.1 notmuch-extract-patch.1 maildir-import-patch.1 \
> + imap-dl.1 \
>   email-extract-openpgp-certs.1 \
>   email-print-mime-structure.1 \
>   notmuch-import-patch.1
> -COMPLETIONS=completions/bash/email-print-mime-structure
> +COMPLETIONS=completions/bash/email-print-mime-structure 
> completions/bash/imap-dl
>  
>  all: $(MANPAGES) $(COMPLETIONS)
>  
>  check:
>   ./tests/email-print-mime-structure.sh
>   mypy --strict ./email-print-mime-structure
> + mypy --strict ./imap-dl
>  
>  clean:
>   rm -f $(MANPAGES)
> diff --git a/debian/control b/debian/control
> index bc8268a..21afa45 100644
> --- a/debian/control
> +++ b/debian/control
> @@ -77,3 +77,5 @@ Description: collection of scripts for manipulating e-mail 
> on Debian
>   email-print-mime-structure -- tree view of a message's MIME structure
>   .
>   email-extract-openpgp-certs -- extract OpenPGP certificates from a message
> + .
> + imap-dl -- download messages from an IMAP mailbox to a maildir
> diff --git a/debian/mailscripts.bash-completion 
> b/debian/mailscripts.bash-completion
> index 435576f..657de01 100644
> --- a/debian/mailscripts.bash-completion
> +++ b/debian/mailscripts.bash-completion
> @@ -1 +1,2 @@
>  completions/bash/email-print-mime-structure
> +completions/bash/imap-dl
> diff --git a/debian/mailscripts.install b/debian/mailscripts.install
> index 2c060df..3739c49 100644
> --- a/debian/mailscripts.install
> +++ b/debian/mailscripts.install
> @@ -1,5 +1,6 @@
>  email-extract-openpgp-certs /usr/bin
>  email-print-mime-structure /usr/bin
> +imap-dl /usr/bin
>  maildir-import-patch /usr/bin
>  mbox2maildir /usr/bin
>  mdmv /usr/bin
> diff --git a/debian/mailscripts.manpages b/debian/mailscripts.manpages
> index 1de088f..a915617 100644
> --- a/debian/mailscripts.manpages
> +++ b/debian/mailscripts.manpages
> @@ -1,5 +1,6 @@
>  email-extract-openpgp-certs.1
>  email-print-mime-structure.1
> +imap-dl.1
>  maildir-import-patch.1
>  mbox2maildir.1
>  mdmv.1
> diff --git a/imap-dl b/imap-dl
> new file mode 100755
> index 000..f5d7a85
> --- /dev/null
> +++ b/imap-dl
> @@ -0,0 +1,254 @@
> +#!/usr/bin/python3
> +# PYTHON_ARGCOMPLETE_OK
> +# -*- coding: utf-8 -*-
> +
> +# Copyright (C) 2019 Daniel Kahn Gillmor
> +#
> +# This program is free software: you can redistribute it and/or modify
> +# it under the terms of the GNU General Public License as published by
> +# the Free Software Foundation, either version 3 of the License, or (at
> +# your option) any later version.
> +#
> +# This program is distributed in the hope that it will be useful, but
> +# WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +# General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public 

Bug#949257: xserver-xorg-core: Segmentation fault w/ 1.20.7

[Marek Vasut]

On Wed, 22 Jan 2020 18:44:56 +0100 Vincent Lefevre 
wrote:
> On 2020-01-19 00:09:13 +, Jamie Heilman wrote:
> > Package: xserver-xorg-core
> > Version: 2:1.20.7-2
> > Severity: grave
> > 
> > Setup is a NVIDIA GF108GL [Quadro 600] driving two monitors in
> > portrait orientation.  Kernel 5.4.0-2-amd64 #1 SMP Debian 5.4.8-1 
> > (2020-01-05)
> > 
> > xorg.conf is:
> > Section "Device"
> >  Identifier "GF108GL"
> >  Driver "nouveau"
> [...]
> > Crash is consistent, and goes away once downgraded to 1.20.6, other
> > relevant package versions:
> > 
> > libdrm-nouveau2:amd64   2.4.100-4
> > xdm 1:1.1.11-3+b1
> > xserver-xorg-video-nouveau  1:1.0.16-1
> > 
> > Crash:
> > 
> > [   590.914] (II) NOUVEAU(0): NVEnterVT is called.
> > [   590.914] (EE) 
> > [   590.914] (EE) Backtrace:
> [...]
> 
> I wonder whether the problem could be related to the nouveau driver.
> I've had lots a problems (crashes...) with it, on a machine I do not
> use very much. The last one a few weeks ago:
> 
>   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946524
>   (trapped write in the nouveau driver)
> 
> Try to look at the system logs too...

I ran into this too. Worked with 1.20.6, fails with 1.20.7.
It is likely related to nouveau.

Bug#949597: bash-completion: diff for NMU version 1:2.9-1.1

[Sergio Durigan Junior]

On Wednesday, January 22 2020, Boyuan Yang wrote:

> Dear maintainer,
>
> I've prepared an NMU for bash-completion (versioned as 1:2.9-1.1) and
> uploaded it to DELAYED/7. Please feel free to tell me if I
> should delay it longer.

I understand that it is sometimes annoying to wait for a maintainer to
react, and I also understand that this was probably a mistake on your
part, but your upload went straight to unstable (i.e., not to DELAYED/7,
as promised) only *13 minutes* after you filed the bug.

Please, try to be more considerate and careful next time.

Thanks,

-- 
Sergio
GPG key ID: 237A 54B1 0287 28BF 00EF  31F4 D0EB 7628 65FC 5E36
Please send encrypted e-mail if possible
http://sergiodj.net/


signature.asc
Description: PGP signature

Bug#949636: Please provide MuJS in extra source package

[Bastian Germann]

Package: mupdf
Version: 1.15.0+ds1-1
Severity: normal

MuJS is included in the mupdf sources in a thirdparty directory.
It should be provided in a new package because it has a different
upstream source.

Bug#944625: Merge request: Package next PyMuPDF compatible version

[Bastian Germann]

I made all necessary changes to mupdf to build the current version:
https://salsa.debian.org/koster/mupdf/merge_requests/2

Bug#949635: dh: missing option to select no buildsystem

[Thorsten Glaser]

Package: debhelper
Version: 12.8
Severity: important

I’ve been forced to convert my packages to dh7-style due to the new
Debian Policy and find one option missing.

Namely, I can manually select e.g. the “makefile” buildsystem, but
I cannot manually select no buildsystem, except by removing the
upstream-provided file named “Makefile” (which may not even work
with GNU make).

Without the file I get:

tglase@tglase:~/mbsd/DEB/mksh $ dh_auto_clean -l
autoconf GNU Autoconf (configure)
perl_build   Perl Module::Build (Build.PL)
perl_makemaker   Perl ExtUtils::MakeMaker (Makefile.PL)
makefile simple Makefile
python_distutils Python Distutils (setup.py) [DEPRECATED]
cmake+makefile   CMake (CMakeLists.txt) combined with simple Makefile
cmake+ninja  CMake (CMakeLists.txt) combined with Ninja (build.ninja)
ant  Ant (build.xml)
qmakeqmake (*.pro)
qmake_qt4qmake for QT 4 (*.pro)
meson+ninja  Meson (meson.build) combined with Ninja (build.ninja)
ninjaNinja (build.ninja)
mavenMaven (pom.xml) [3rd party]
bmakebmake [3rd party]
phppear  PHP PEAR (package.xml) [3rd party]

No system auto-selected or specified


I need to be able to foce this state even in the presence of Makefile.

-- System Information:
Debian Release: bullseye/sid
  APT prefers buildd-unstable
  APT policy: (500, 'buildd-unstable'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

Versions of packages debhelper depends on:
ii  autotools-dev20180224.1
ii  dh-autoreconf19
ii  dh-strip-nondeterminism  1.6.3-2
ii  dpkg 1.19.7
ii  dpkg-dev 1.19.7
ii  dwz  0.13-5
ii  file 1:5.38-4
ii  libdebhelper-perl12.8
ii  libdpkg-perl 1.19.7
ii  man-db   2.9.0-2
ii  perl 5.30.0-9
ii  po-debconf   1.0.21

debhelper recommends no packages.

Versions of packages debhelper suggests:
pn  dh-make  

-- no debconf information

Bug#949130: refind-install fails to determine the ESP partition

[Tianon Gravi]

On Sun, 19 Jan 2020 at 09:40, Pelzi  wrote:
> I found the cure for the problem: the ESP partition was listed as fs type 
> „msdos“ in fstab. Changing this to „vfat" made refind-install work for me.

Ah nice catch!  So it sounds like at most, this should be an upstream
feature request to have refind-install warn if fstab includes
"/boot/efi" but it's not vfat or something like that?

(Closing this issue accordingly as it was a system configuration
issue, not an issue with the refind package.)

♥,
- Tianon
  4096R / B42F 6819 007F 00F8 8E36  4FD4 036A 9C25 BF35 7DD4

Bug#947207: chromium: Video is garbled on twitch.tv, most other video sites

[Witold Baryluk]

Package: chromium
Version: 79.0.3945.130-2
Followup-For: Bug #947207

Actually, YouTube is also affected when it plays avc1 content.

vp9 works, probably because my hardware doesn't support VP9 decode via
vaapi so it falls back to using software maybe. Not sure because some
other webm files do fail to render properly. But GPU does support VC1
decode and it shows as broken.

$ vainfo
libva info: VA-API version 1.6.0
libva info: Trying to open /usr/lib/x86_64-linux-gnu/dri/radeonsi_drv_video.so
libva info: Found init function __vaDriverInit_1_6
libva info: va_openDriver() returns 0
vainfo: VA-API version: 1.6 (libva 2.6.0)
vainfo: Driver version: Mesa Gallium driver 19.3.2 for AMD Radeon (TM) R9 Fury 
Series (FIJI, DRM 3.32.0, 5.2.0-3-amd64, LLVM 9.0.1)
vainfo: Supported profile and entrypoints
  VAProfileMPEG2Simple: VAEntrypointVLD
  VAProfileMPEG2Main  : VAEntrypointVLD
  VAProfileVC1Simple  : VAEntrypointVLD
  VAProfileVC1Main: VAEntrypointVLD
  VAProfileVC1Advanced: VAEntrypointVLD
  VAProfileH264ConstrainedBaseline: VAEntrypointVLD
  VAProfileH264ConstrainedBaseline: VAEntrypointEncSlice
  VAProfileH264Main   : VAEntrypointVLD
  VAProfileH264Main   : VAEntrypointEncSlice
  VAProfileH264High   : VAEntrypointVLD
  VAProfileH264High   : VAEntrypointEncSlice
  VAProfileHEVCMain   : VAEntrypointVLD
  VAProfileJPEGBaseline   : VAEntrypointVLD
  VAProfileNone   : VAEntrypointVideoProc
$

vdpauinfo shows similar results:
$
Information string: G3DVL VDPAU Driver Shared Library version 1.0

Video surface:

name   width height types
---
42016384 16384  NV12 YV12 
42216384 16384  UYVY YUYV 
44416384 16384  Y8U8V8A8 V8U8Y8A8 

Decoder capabilities:

namelevel macbs width height

MPEG2_SIMPLE3 65536  4096  4096
MPEG2_MAIN  3 65536  4096  4096
H264_BASELINE  52 65536  4096  4096
H264_MAIN  52 65536  4096  4096
H264_HIGH  52 65536  4096  4096
VC1_SIMPLE  1 65536  4096  4096
VC1_MAIN2 65536  4096  4096
VC1_ADVANCED4 65536  4096  4096
MPEG4_PART2_SP  3 65536  4096  4096
MPEG4_PART2_ASP 5 65536  4096  4096
H264_CONSTRAINED_BASELINE   0 65536  4096  4096
HEVC_MAIN  186 65536  4096  4096

(removed unsupported codecs).
$


Anyhow, I also noticed that AUR patch is a bit different:

https://aur.archlinux.org/cgit/aur.git/tree/vaapi-fix.patch?h=chromium-vaapi

But I would say it executes the same logic.

>From looks of it, and looking at my vendor strings, the if cases, should
NOT trigger on my hardware, and the patch shouldn't do anything on my
setup of libraries and hardware. But it apprently does.

Weird.

Bug#942504: acmetool new version?

[Matija Nalis]

I can confirm that this is important issue. 
For freshly installed package it no longer works. 

If acmetool Debian package was installed (and account created) before
Nov/2019, it still works, but will start failing beginning Jun/2020
(as described in ACMEv1 EoL plan), and if not fixed by then this bug
should have its Severity upgraded to "grave" (due to package being
unusable or mostly so).

Upstream git master works fine for ACMEv2, but needs to be packaged
for Debian.

Is there specific event Debian maintainers wait for; so interested
parties should go bug upstream about? 

Or is there anything non-maintainers can do to help resolving this
soon and keeping acmetool in Debian?


-- 
Opinions above are GNU-copylefted.

Bug#949634: Consider linking against archive version of libstb

[Moritz Muehlenhoff]

Package: love
Severity: important

src/libraries/stb contains stb_image.h

It are also available in src:libstb, so please consider switching towards the 
in-archive copy.

Cheers,
Moritz

Bug#949633: Consider linking against archive version of libstb

[Moritz Muehlenhoff]

Package: renderdoc
Severity: important

renderdoc/3rdparty/stb contains stb_image.h, stb_image_resize.h, 
stb_image_write.h,
stb_impl.c, stb_truetype.h

These are also available in src:libstb, so please consider linking against the 
in-archive copy.

Cheers,
Moritz

Bug#949618: webkit2gtk: Please disable Gold linker on powerpc

[Alberto Garcia]

Control: tags -1 pending

On Wed, Jan 22, 2020 at 09:40:08PM +0100, John Paul Adrian Glaubitz wrote:
> Please disable Gold on powerpc with:
> 
> ifneq (,$(filter $(DEB_HOST_ARCH),powerpc))
> EXTRA_CMAKE_ARGUMENTS += -DUSE_LD_GOLD=OFF
> endif

Looks good to me, this will be in the next upload. Thanks!

Berto

Bug#949621: webkit2gtk: Please pass "--reduce-memory-overheads" on non-Gold targets

[Alberto Garcia]

On Wed, Jan 22, 2020 at 10:00:07PM +0100, John Paul Adrian Glaubitz wrote:

> ifneq (,$(filter $(DEB_HOST_ARCH),hppa m68k powerpc sh4))
> LDFLAGS += -Wl,--reduce-memory-overheads
> endif

Rather than listing the architectures, perhaps it's easier to have
cmake take care of that automatically (I haven't tried this yet):

if (NOT USE_LD_GOLD)
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} 
-Wl,--reduce-memory-overheads")
set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} 
-Wl,--reduce-memory-overheads")
endif ()

Do you have an idea of how much slower this is in practice? The manual
says the algorithm goes from O(n) to O(n^2), which is no joke.

Berto

Bug#949632: RM: socks4-server -- RoQA; dead upstream, orphaned, obsolete, open security issue

[Moritz Muehlenhoff]

Package: ftp.debian.org
Severity: normal

Please remove socks4-server. It's obsolete, dead upstream, orphaned for almost 
12 years
and there's an open security issue.

Cheers,
Moritz

Bug#949630: CVE-2019-19601

[Moritz Muehlenhoff]

Source: texlive-bin
Severity: important
Tags: security

This was assigned CVE-2019-19601 and appears to be shipped as part of 
texlive-bin:
https://github.com/pkubowicz/opendetex/issues/60

Cheers,
Moritz

Bug#949629: CVE-2019-15237

[Moritz Muehlenhoff]

Source: roundcube
Severity: important
Tags: security

This was assigned CVE-2019-15237:
https://github.com/roundcube/roundcubemail/issues/6891

Cheers,
Moritz

Bug#949626: busybox-static: Please include less and ftpput in busybox-udeb

[Witold Baryluk]

On Wed, 22 Jan 2020 at 22:03, Philipp Kern  wrote:
> > Please include functional less, just like in busybox-static with the same
> > build options.
>
> There is nano though. (I'd still second less. I think we can spare the
> space.)

~17kB from my estimates and looking at build logs.

> > ftpput to transfer files out would good option too.
>
> The age of FTP has long passed.

You think you can fit the scp or ssh then? :D I doubt so.

In the lack of ftpput, one would still use netcat / nc,
which is actually available in busybox-nc to accomplish
the same task, just in more convoluted way.

Regards,
Witold

Bug#949623: [pkg-cryptsetup-devel] Bug#949623: cryptsetup: cryptdisks_stop/start bash completion broken

[Guilhem Moulin]

Control: found -1 2:1.7.0-1

On Wed, 22 Jan 2020 at 23:28:37 +0100, Guilhem Moulin wrote:
> If that's a regression it's older than 2:2.0.3-1, AFAICT stretch has
> the same problem.

Before 2:1.7.0-1 the completion file was copied into
/etc/bash_completion.d, which AFAICT bash traverses and sources at
startup.

-- 
Guilhem.


signature.asc
Description: PGP signature

Bug#949354: deb822 format (/etc/apt/sources.list.d/foo.sources) documented but not working

[Johannes Schauer]

Hi,

Quoting Trent W. Buck (2020-01-20 06:52:51)
> As at this version:
> 
> root@not-omega:/tmp/bootstrap# dpkg-query -W mmdebstrap apt
> apt 1.8.2
> mmdebstrap  0.5.1-4
> 
> The manpage says I can use deb822 format:
> 
> root@not-omega:/tmp/bootstrap# man mmdebstrap | grep -2 -F deb822
>(defaults to "main"). If a MIRROR option happens to be an existing
>file, then its contents are pasted into the chroot's sources.list.
>This can be used to supply a deb822 style sources.list. If MIRROR 
> is
>"-" then standard input is pasted into the chroot's sources.list.  
> More
>than one mirror can be specified and are appended to the chroot's
> 
> But I can't convince it to work:

the issue is fixed in the latest git HEAD. If you don't mind downloading the
mmdebstrap script from git, then feel free to give it try:

https://gitlab.mister-muffin.de/josch/mmdebstrap/blob/master/mmdebstrap

Thanks!

cheers, josch


signature.asc
Description: signature

Bug#885994: documentation missing for execute_{before,after}_X ?

[Thorsten Glaser]

Hi,

I find nothing about it in dh(1) or debhelper(7), the only
documentation appears to be this feature request and commit
0f60cfa510f3300c136d04aa1a6f46130131c9ee in the repo…

bye,
//mirabilos
-- 
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-235
HRB 5168 (AG Bonn) • USt-ID (VAT): DE122264941
Geschäftsführer: Dr. Stefan Barth, Kai Ebenrett, Boris Esser, Alexander Steeg

Bug#949623: [pkg-cryptsetup-devel] Bug#949623: cryptsetup: cryptdisks_stop/start bash completion broken

[Guilhem Moulin]

Control: tag -1 moreinfo
Control: severity -1 minor

On Wed, 22 Jan 2020 at 23:08:32 +0100, Christoph Anton Mitterer wrote:
> in .bashrc, and that's enough for all other completions... e.g. the one
> for cryptsetup work (more or less).

~$ foo looks for /usr/share/bash-completion/completions/foo (and
also with a ‘.bash’ extension and a ‘_’ prefix.  We therefore need to
ship /usr/share/bash-completion/completions/cryptdisks_start (plus a
symlink to cryptdisks_stop, or just split it) if we want autocompletion
to work out of the box.  If that's a regression it's older than
2:2.0.3-1, AFAICT stretch has the same problem.

-- 
Guilhem.


signature.asc
Description: PGP signature

Bug#949623: [pkg-cryptsetup-devel] Bug#949623: cryptsetup: cryptdisks_stop/start bash completion broken

[Christoph Anton Mitterer]

On Wed, 2020-01-22 at 22:53 +0100, Guilhem Moulin wrote:
> Did you source /usr/share/bash-completion/completions/cryptdisks?

Well not manually... I do have
if ! shopt -oq posix; then
  if [ -f /usr/share/bash-completion/bash_completion ]; then
. /usr/share/bash-completion/bash_completion
  elif [ -f /etc/bash_completion ]; then
. /etc/bash_completion
  fi
fi

in .bashrc, and that's enough for all other completions... e.g. the one
for cryptsetup work (more or less).


> Is
> the TABFILE environment variable set to something else than your
> normal
> crypttab(5)?

It's unset.


Thanks,
Chris.

Bug#949628: ITP: python-configspace -- module to manage configuration spaces

[Christian Kastner]

Package: wnpp
Severity: wishlist
Owner: Christian Kastner 

* Package name: python-configspace
  Version : 0.4.12
  Upstream Author : ConfigSpace developers
* URL : https://github.com/automl/ConfigSpace
* License : BSD-3-Clause
  Programming Lang: Python
  Description : module to manage configuration spaces

ConfigSpace is a simple Python module to manage configuration spaces for 
algorithm configuration and hyperparameter optimization tasks.
Includes various scripts to translate between different text formats for 
configuration space description.

ConfigSpace is often used in AutoML tools such as SMAC3, BOHB or auto-sklearn.

I plan on packaging auto-sklearn, and this is a dependency of it. But the
solution it provides is generally useful for algorithm configuration tasks.

I intend to maintain this within the Debian Science Team.

Bug#949572: debian-installer: Do not install Python2 by default.

[Samuel Thibault]

Control: clone -1 -2
Control: reassign -1 python-defaults
Control: retitle -1 please set python and python-minimal's priority to optional 
so it's not installed in the standard task
Control: reassign -2 python2.7
Control: retitle -2 please set python2.7's priority to optional so it's not 
installed in the standard task

Hello,

Witold Baryluk, le mer. 22 janv. 2020 20:21:17 +0100, a ecrit:
> I was thinking maybe it is being installed because of the
> Priority: important or Priority: essential, but no I checked
> python{,2}{,-minimal} and they are either Priority: standard

Priority: standard is exactly what defines what will be installed when
you select the "standard" task in tasksel. All of python-minimal,
python2.7, and python have Priority: standard.

So this is to be changed in the python-defaults and python2.7 packages.
(and possibly set the python3 equivalents' priority to standard
instead).

Samuel

Bug#949626: busybox-static: Please include less and ftpput in busybox-udeb

[Philipp Kern]

On 1/22/2020 10:56 PM, Witold Baryluk wrote:
> it is really hard to debug issues and read long log files (like syslog),
> especially in debian-installer failures.
> 
> There is more, but it is really equivalent to cat. It doesn't actually do
> paging.
>
> Please include functional less, just like in busybox-static with the same
> build options.

There is nano though. (I'd still second less. I think we can spare the
space.)

> ftpput to transfer files out would good option too.

The age of FTP has long passed.

Kind regards
Philipp Kern

Bug#945948: [Pkg-phototools-devel] Bug#945948: libexif: diff for NMU version 0.6.21-5.2

[Hugh McMaster]

Hi Salvatore,

On Thu, 23 Jan 2020 at 02:18, Salvatore Bonaccorso wrote:

> I've prepared an NMU for libexif (versioned as 0.6.21-5.2) based on
> the upstream commit and uploaded it to DELAYED/5. Please feel free to
> tell me if I should delay it longer.


Thank you for preparing another NMU. I have already prepared 0.6.21-6 with
that upstream patch and some other changes.

Unfortunately, I mistyped the CVE ID in the changelog, so will fix that and
re-upload to d-mentors when I get home.

Hugh

>

Bug#949622: proftpd-basic: SSH authentication fails for many clients due to receiving of SSH_MSG_IGNORE packet

[Hilmar Preuße]

Control: found -1 1.3.6-4+deb10u3
Control: found -1 1.3.5b-4+deb9u2

Am 22.01.2020 um 22:15 teilte Hilmar Preusse mit:

> the issue is already known in upstream and a patch is available:> 
> http://bugs.proftpd.org/show_bug.cgi?id=4385> Hits stable and
oldstable too.

H.
-- 
sigfault
#206401 http://counter.li.org



signature.asc
Description: OpenPGP digital signature

Bug#949626: busybox-static: Please include less and ftpput in busybox-udeb

[Witold Baryluk]

Package: busybox-static
Version: 1:1.30.1-4
Severity: normal

Dear Maintainer,

it is really hard to debug issues and read long log files (like syslog),
especially in debian-installer failures.

There is more, but it is really equivalent to cat. It doesn't actually do
paging.

Please include functional less, just like in busybox-static with the same
build options.

ftpput to transfer files out would good option too.

Thanks.



-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.2.0-3-amd64 (SMP w/32 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- no debconf information

Bug#940461: [PATCH v2] Add imap-dl, a simple imap downloader

[Daniel Kahn Gillmor]

Hi Sean--

On Fri 2020-01-17 09:26:38 -0700, Sean Whitton wrote:
> I think the easiest thing to do would be for one of you to prepare a
> single patch, signed off, and for the other to write an e-mail signing
> it off.  I'll then do a code review of the latest version of the script.

The attached git-formatted patch is also present on the imap-dl-squashed
branch on https://salsa.debian.org/dkg/mailscripts.  jrollins confirmed
that it was OK, which is why it bears both of our signoffs.

Thanks for considering imap-dl for inclusion within mailscripts!

 --dkg

From 9e5c1a893c17343102b042de23bdaa0f91b37d66 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor 
Date: Sun, 15 Sep 2019 19:55:07 -0400
Subject: [PATCH] Add imap-dl, a simple imap downloader

getmail upstream appears to have no plans to convert to python3 in the
near future.

Some of us use only a minimal subset of features of getmail, and it
would be nice to have something simpler, with the main complexity
offloaded to the modern python3 stdlib.

This patch represents a squashed series of changes from both Jameson
Graef Rollins and Daniel Kahn Gillmor (dkg), though dkg is primarily
responsible for any remaining bugs.

Signed-off-by: Jameson Graef Rollins 
Signed-off-by: Daniel Kahn Gillmor 
---
 Makefile   |   4 +-
 debian/control |   2 +
 debian/mailscripts.bash-completion |   1 +
 debian/mailscripts.install |   1 +
 debian/mailscripts.manpages|   1 +
 imap-dl| 254 +
 imap-dl.1.pod  |  88 ++
 7 files changed, 350 insertions(+), 1 deletion(-)
 create mode 100755 imap-dl
 create mode 100644 imap-dl.1.pod

diff --git a/Makefile b/Makefile
index af30616..ec3d851 100644
--- a/Makefile
+++ b/Makefile
@@ -1,15 +1,17 @@
 MANPAGES=mdmv.1 mbox2maildir.1 \
 	notmuch-slurp-debbug.1 notmuch-extract-patch.1 maildir-import-patch.1 \
+	imap-dl.1 \
 	email-extract-openpgp-certs.1 \
 	email-print-mime-structure.1 \
 	notmuch-import-patch.1
-COMPLETIONS=completions/bash/email-print-mime-structure
+COMPLETIONS=completions/bash/email-print-mime-structure completions/bash/imap-dl
 
 all: $(MANPAGES) $(COMPLETIONS)
 
 check:
 	./tests/email-print-mime-structure.sh
 	mypy --strict ./email-print-mime-structure
+	mypy --strict ./imap-dl
 
 clean:
 	rm -f $(MANPAGES)
diff --git a/debian/control b/debian/control
index bc8268a..21afa45 100644
--- a/debian/control
+++ b/debian/control
@@ -77,3 +77,5 @@ Description: collection of scripts for manipulating e-mail on Debian
  email-print-mime-structure -- tree view of a message's MIME structure
  .
  email-extract-openpgp-certs -- extract OpenPGP certificates from a message
+ .
+ imap-dl -- download messages from an IMAP mailbox to a maildir
diff --git a/debian/mailscripts.bash-completion b/debian/mailscripts.bash-completion
index 435576f..657de01 100644
--- a/debian/mailscripts.bash-completion
+++ b/debian/mailscripts.bash-completion
@@ -1 +1,2 @@
 completions/bash/email-print-mime-structure
+completions/bash/imap-dl
diff --git a/debian/mailscripts.install b/debian/mailscripts.install
index 2c060df..3739c49 100644
--- a/debian/mailscripts.install
+++ b/debian/mailscripts.install
@@ -1,5 +1,6 @@
 email-extract-openpgp-certs /usr/bin
 email-print-mime-structure /usr/bin
+imap-dl /usr/bin
 maildir-import-patch /usr/bin
 mbox2maildir /usr/bin
 mdmv /usr/bin
diff --git a/debian/mailscripts.manpages b/debian/mailscripts.manpages
index 1de088f..a915617 100644
--- a/debian/mailscripts.manpages
+++ b/debian/mailscripts.manpages
@@ -1,5 +1,6 @@
 email-extract-openpgp-certs.1
 email-print-mime-structure.1
+imap-dl.1
 maildir-import-patch.1
 mbox2maildir.1
 mdmv.1
diff --git a/imap-dl b/imap-dl
new file mode 100755
index 000..f5d7a85
--- /dev/null
+++ b/imap-dl
@@ -0,0 +1,254 @@
+#!/usr/bin/python3
+# PYTHON_ARGCOMPLETE_OK
+# -*- coding: utf-8 -*-
+
+# Copyright (C) 2019 Daniel Kahn Gillmor
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or (at
+# your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see .
+
+DESCRIPTION = '''A simple replacement for a minimalist use of getmail.
+
+In particular, if you use getmail to reach an IMAP server as though it
+were POP (retrieving from the server and optionally deleting), you can
+point this script to the getmail config and it should do the same
+thing.
+
+It tries to ensure that the configuration file is of the expected
+type, 

Bug#949623: [pkg-cryptsetup-devel] Bug#949623: cryptsetup: cryptdisks_stop/start bash completion broken

[Guilhem Moulin]

Control: tag -1 moreinfo

On Wed, 22 Jan 2020 at 22:31:49 +0100, Christoph Anton Mitterer wrote:
> Instead of possible device target names it just completes to
> the files of the local directories.

Works fine here, also as non-root.  In a sid chroot:

~$ dd if=/dev/zero of=/tmp/disk.img bs=1M count=64 status=none
~$ /sbin/cryptsetup luksFormat /tmp/disk.img --pbkdf-force-iterations 4 
--pbkdf-memory 32 <<>"$TABFILE"
~$ . /usr/share/bash-completion/completions/cryptdisks
~$ /usr/sbin/cryptdisks_start 
--  --readonly  -r  test_crypt
~$ /usr/sbin/cryptdisks_stop 

Did you source /usr/share/bash-completion/completions/cryptdisks?  Is
the TABFILE environment variable set to something else than your normal
crypttab(5)?

-- 
Guilhem.


signature.asc
Description: PGP signature

Bug#946996: wireguard-tools: 'wg-quick down' segfaults

[Daniel Kahn Gillmor]

Control: tags 946996 + moreinfo

On Tue 2020-01-21 22:18:45 -0500, Celejar wrote:
> Sorry, I'm still getting it:
>
> ~# apt-cache policy wireguard-tools 
> wireguard-tools:
>   Installed: 1.0.20200102-1
>   Candidate: 1.0.20200102-1
>   Version table:
>  *** 1.0.20200102-1 500
> 500 http://deb.debian.org/debian sid/main amd64 Packages
> 100 /var/lib/dpkg/status
>
> ~# ifdown wg0
> [#] ip -4 rule delete table 51820
> [#] ip -4 rule delete table main suppress_prefixlength 0
> [#] ip link delete dev wg0
> [#] resolvconf -d tun.wg0 -f
> [#] iptables-restore -n
> /usr/bin/wg-quick: line 29: 186243 Segmentation fault  "$@"

Interesting.  Can you modify wg-quick locally to expose what is being
piped into iptables-restore -n in this instance?

For example, a change like this:


--- wg-quick.orig   2020-01-22 16:05:42.456100207 -0500
+++ wg-quick2020-01-22 16:45:35.936536027 -0500
@@ -198,6 +198,7 @@
[[ $line == "-A"* ]] && found=1
printf -v restore '%s%s\n' "$restore" 
"${line/#-A/-D}"
done < <($iptables-save 2>/dev/null)
+[[ $found -ne 1 ]] || echo -n "RESTORING: $restore" >&2
[[ $found -ne 1 ]] || echo -n "$restore" | cmd 
$iptables-restore -n
done
fi


Then report back what is printed there, and see whether feeding it into
"iptables-restore -n" on its own is sufficient to cause a segfault.

thanks for taking the time to report and debug!

--dkg


signature.asc
Description: PGP signature

Bug#949625: echoping: EchoPingHttps doesn't connect to some hosts

[Maciej Olędzki]

Package: echoping
Version: 6.0.2-10
Severity: normal

Dear Maintainer,

I've noticed that one of my smokeping slaves was unable to measure response 
time from https://facebook.com.
Short investigation showed that there is a problem with echoping command:

root@raspberrypizero:~#  /usr/bin/echoping -t 10 -C -h / -R -n 20 -v -4 
facebook.com:443

This is /usr/bin/echoping, version 6.0.2.

Trying to connect to internet address 31.13.81.36 443 to transmit 89 bytes...
Trying to send 256 bytes to internet address 31.13.81.36...
Connected...
TCP Latency: 0.008739 seconds
Cannot start the TLS session: Resource temporarily unavailable, try again.

It's not problem with internet connectivity, because wget and curl are able to 
connect to facebook.com


If I change target host to debian.org, it's slighty better:

root@raspberrypizero:~#  /usr/bin/echoping -t 10 -C -h / -R -n 1 -v -4 
debian.org:443

This is /usr/bin/echoping, version 6.0.2.

Trying to connect to internet address 149.20.4.15 443 to transmit 87 bytes...
Trying to send 256 bytes to internet address 149.20.4.15...
Connected...
TCP Latency: 0.175395 seconds
TLS connection using "AES-256-GCM"
Sent (87 bytes)...
Application Latency: 0.334708 seconds
TLS_readline error: Resource temporarily unavailable, try again.
Error reading HTTP reply
-1 bytes read from server.
Estimated TCP RTT: 0.1788 seconds (std. deviation 0.046)
Elapsed time: 0.783782 seconds

This bug is probably related to armv6l architecture, because I was unable to 
reproduce it on my other arm hosts.


-- System Information:
Distributor ID: Raspbian
Description:Raspbian GNU/Linux 10 (buster)
Release:10
Codename:   buster
Architecture: armv6l

Kernel: Linux 4.19.93+
Kernel taint flags: TAINT_CRAP
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages echoping depends on:
ii  libc62.28-10+rpi1
ii  libgnutls30  3.6.7-4
ii  libidn11 1.33-2.2
ii  libpopt0 1.16-12

echoping recommends no packages.

echoping suggests no packages.

-- no debconf information

Bug#949624: ITP: minipro -- Utility for Minipro TL866 memory chip programmers

[Lubomir Rintel]

Package: wnpp
Severity: wishlist
Owner: Lubomir Rintel 

* Package name: minipro
  Version : 0.4
  Upstream Author : David Griffith 
* URL : https://gitlab.com/DavidGriffith/minipro/
* License : GPLv3+
  Programming Lang: C
  Description : Utility for Minipro TL866 memory chip programmers

Programming utility compatible with Minipro TL866CS and Minipro TL866A
programmers. Supports more than 13000 target devices (including AVRs, PICs,
various BIOSes and EEPROMs).

I'm looking for a sponsor who'd upload the package for me.
I'd be happy if someone is willing to co-maintain the package.

Bug#949623: cryptsetup: cryptdisks_stop/start bash completion broken

[Christoph Anton Mitterer]

Source: cryptsetup
Version: 2:2.2.2-2
Severity: normal


Hi.

I think since "fixing" #827200 in 2:2.0.3-1 bash completion for
cryptdisks_stop/start doesn't seem to work anymore at all.

Instead of possible device target names it just completes to
the files of the local directories.

Cheers,
Chris

Bug#949574: RFS: tl-expected/1.0.0~dfsg-1 [ITP] -- std::expected with functional-style extensions

[Nicholas Guriev]

2020-01-22 16:00:00-0500, Boyuan Yang wrote:
> Done and uploaded. Please check https://salsa.debian.org/debian/tl-expected
> and make sure you can edit this repo. Feel free to delete your own repo 
> afterwards.

Thank you! I have renamed the default branch to `debian/master` for
compliance with git-buildpackage configuration in the d/gbp.conf file.

Bug#948786: buster-pu: package apt-cacher-ng/3.2.1-1 pre-approval

[Eduard Bloch]

Control: tag -1 -moreinfo

Hallo Everyone,

so here comes the additional info:

the CVE-2020-5202 fix was applied to Sid/Bullseye and reached Testing
without any bugreports. I had to reupload once in the meantime due to a
glitch in the Debian package (yeas, I f*ed it up, right in the great
git-based process and I am sorry, but it should all be fine now).

Now I am planning to make an upstream release, which consolidates:

- backport of CVE-2020-5202 fix from Bullseye (mostly identical, adapted
  for different function signatures, omits refactoring which comes handy
  here but hey, let's change as less possible for Stable)
- minor extension (.zst as additional compression format alongside of
  .gz,.bz2,.lzma,.xz). NO extra processing code, just passing through
  that data instead of rejecting them.
- the fix of #942634 which affects the operation with current mirrors
  and which was the original motivation for this ticket

I would like to have some kind of confirmation from the release team
that this mail does not go straight to /dev/null and that a new upstream
(minor) version is an acceptable candidate for a Stable update. I can,
of course, convert all that into debian/patches/XXX but honestly, that
would really feel like greenwashing.

The changes reported here can be reviewed at
https://salsa.debian.org/blade/apt-cacher-ng/commits/temp/debian-merge ,
starting with the commit from 2019-12-20. I am testing this version in
my daily operations now. That test base is small, of course, if anyone
has a better idea, please let me know.

In case you encounter something not understandable in those changes,
feel free to ping me via comments in Salsa git review, and I will
explain what this is about.

Best regards,
Eduard.


signature.asc
Description: PGP signature

Bug#943994: python3-zeitgeist not compatible with python3

[Boyuan Yang]

X-Debbugs-CC: bi...@debian.org

Hi Laurent,

On Sat, 2 Nov 2019 10:40:39 +0100 Laurent Bigonville  wrote:
> On Sat, 02 Nov 2019 10:31:36 +0100 Laurent Bigonville  
> wrote:
> [...]
>  >
>  > Looks like it's not compatible with python3.
>  >
> 
> Looking at the debian changelog, I personally removed that package back 
> in March 2018 because it was not compatible, not sure why it was 
> reintroduced:
> 
> zeitgeist (1.0.1-0.2) unstable; urgency=medium
> 
>* Non-maintainer upload.
>* Drop python3-zeitgeist package as the binding is not compatible with
>  python3, for python3, GIR binding should be used instead. Reintroduce
the
>  python2 binding for now as we still have one rdependency (Closes:
#891615)
>* Avoid installing files in /usr/lib/zeitgeist/zeitgeist/, move them one
>  level up to /usr/lib/zeitgeist/ instead
>* Do not make the metapackge pull python-zeitgeist, this is not needed
for
>  normal operations
> 
>   -- Laurent Bigonville   Sun, 11 Mar 2018 19:54:01 +0100
> 
> An idea?

No idea why. Looks like we need to have python3-zeitgeist removed eventually.

However before that, I'm going for a workaround: Upload an experimental
version with higher version string, e.g., 1.0.2+py3-0. After that, upload
1.0.2-3 onto Sid with python3-zeitgeist removed. This would keep binary
package python3-zeitgeist in development repositories so that we do not need
to go through NEW queue for another time if we really need that in the future.

-- 
Regards,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Bug#949440: chromium: Blank window when used over ssh tunnel

[Paul Szabo]

It now seems to me that the issue is with MIT-SHM, that the code to
detect whether MIT-SHM is working (so whether to enable) is "broken".
Using the workaround below, fudging MIT-SHM to report as not present:

  cc -shared -o XlibNoSHM.so XlibNoSHM.c
  LD_PRELOAD='libdl.so ./XlibNoSHM.so' chromium

solves the issue for me. (That code is "ancient", with comments about
some old Firefox; the Firefox issue was fixed some time ago.)

Cheers, Paul
-- 
Paul Szabo   p...@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of SydneyAustralia

I support NTEU members taking a stand for workplace rights in the face of
poorly-run change management. Visit www.nteu.org.au/sydney to learn more.
/*
 * Firefox47 and above has a "bug":
 *   https://bugzilla.mozilla.org/show_bug.cgi?id=1271100
 * Firefox attempts to use the X (X11, X-windows) extension MIT-SHM.
 * It is "known" that MIT-SHM can only work on "local" displays. However:
 *  - some X servers report supporting MIT-SHM even on remote (e.g.
 *TCP-connected) displays. (Maybe "right" so not a bug: the client
 *might have access to the X server machine.)
 *  - the ssh "port forwarding" feature makes both the X server and client
 *appear to be "local" (somewhat: using TCP localhost, not Unix domain
 *sockets); and ssh makes no attempt to intercept or disable MIT-SHM.
 * To work around this confusion, when we know MIT-SHM should not be used,
 * (in the client application) we fudge the returns of the
 *   XQueryExtension
 *   XListExtensions
 *   XShmQueryExtension
 *   XShmQueryVersion
 * to "hide" the MIT-SHM extension.
 * (Firefox48 only uses XQueryExtension, others for future robustness.)
 *
 * Firefox already has code to detect when MIT-SHM is not working, but that
 * does not seem reliable enough. Maybe in future (from FF50 or 51) it will
 * use XCB instead of Xlib and then its detection will work better; if not,
 * a similar workaround will be needed.
 *
 * May need to explicitly mention /usr/lib/libdl.so in LD_PRELOAD
 * (or could or should it be /lib/libdl-2.11.3.so ?), otherwise ...?
 *
 * Compile and build library:
	cc -shared -o XlibNoSHM.so XlibNoSHM.c
 * to be used with
 *   LD_PRELOAD='libdl.so ./XlibNoSHM.so' firefox
 */

#include 
#include 
#include 
#include 
#define LIBXLIB "libXext.so"

Bool XQueryExtension(Display* dpl, _Xconst char* name, int* major, int* event, int* error)
{
  static Bool (*original_XQueryExtension)(Display*, _Xconst char*, int*, int*, int*) = NULL;

  /* printf("Got XQueryExtension %s\n",name); */
  if (!strcmp(name,"MIT-SHM")) {
/* printf("Returning False for XQueryExtension %s\n",name); */
*major = 0;
return False;
  }
  if (!original_XQueryExtension) {
void *handle = dlopen(LIBXLIB, RTLD_LAZY);
if (!handle) return False;
original_XQueryExtension = dlsym(handle, "XQueryExtension");
if (!original_XQueryExtension) return False;
  }
  /* printf("Doing original_XQueryExtension ...\n"); */
  return original_XQueryExtension(dpl, name, major, event, error);
}

char** XListExtensions(Display* dpl, int* nexts)
{
  static char** (*original_XListExtensions)(Display*, int*) = NULL;
  char** extNames;
  int i;

  /* printf("Got XListExtensions\n"); */
  if (!original_XListExtensions) {
*nexts = 0;
void *handle = dlopen(LIBXLIB, RTLD_LAZY);
if (!handle) return NULL;
original_XListExtensions = dlsym(handle, "XListExtensions");
if (!original_XListExtensions) return NULL;
  }
  /* printf("Doing original_XListExtensions ...\n"); */
  extNames = original_XListExtensions(dpl, nexts);

  if (extNames && *nexts > 0) {
for (i = 0; i < *nexts; ++i) {
  if (extNames[i] && !strcmp(extNames[i],"MIT-SHM")) {
/* printf("Replacing MIT-SHM by No-... in XListExtensions output\n"); */
(void)strncpy(extNames[i],"No-",3);
  }
}
  }

  return extNames;
}

Bool XShmQueryExtension(Display* display)
{
  /* printf("Returning False for XShmQueryExtension\n",); */
  return False;
}

Bool XShmQueryVersion(Display *display, int *major, int *minor, Bool *pixmaps)
{
  /* printf("Returning False for XShmQueryVersion\n",); */
  return False;
}

Bug#949622: proftpd-basic: SSH authentication fails for many clients due to receiving of SSH_MSG_IGNORE packet

[Hilmar Preusse]

Package: proftpd-basic
Version: 1.3.6b-2
Severity: important
Tags: patch upstream

Dear Maintainer,

the issue is already known in upstream and a patch is available:
http://bugs.proftpd.org/show_bug.cgi?id=4385

All my users that use the filezilla client 3.46.1+ fail to connect to my
proftpd server.  I tested the problem exist on debian jessie and debian etch
proftpd and filezilla 3.46.2 and 3.46.3 .

filezilla send SSH_MSG_IGNORE in the middle of the auth and it seems to
broke proftpd sftp module that do not seems to ignore them.

Hilmar

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 5.4.0-3-686-pae (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_GB.UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set 
to en_GB.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages proftpd-basic depends on:
ii  adduser3.118
ii  debianutils4.9.1
ii  libacl12.2.53-5
ii  libc6  2.29-9
ii  libcap21:2.27-1
ii  libhiredis0.14 0.14.0-4
ii  libmemcached11 1.0.18-4.2
ii  libmemcachedutil2  1.0.18-4.2
ii  libncursesw6   6.1+20191019-1
ii  libpam-runtime 1.3.1-5
ii  libpam0g   1.3.1-5
ii  libpcre3   2:8.39-12+b1
ii  libssl1.1  1.1.1d-2
ii  libtinfo6  6.1+20191019-1
ii  libwrap0   7.6.q-30
ii  lsb-base   11.1.0
ii  netbase6.0
ii  sed4.7-1
ii  ucf3.0038+nmu1
ii  zlib1g 1:1.2.11.dfsg-1+b1

Versions of packages proftpd-basic recommends:
pn  proftpd-doc  

Versions of packages proftpd-basic suggests:
ii  openbsd-inetd [inet-superserver]  0.20160825-4+b1
ii  openssl   1.1.1d-2
pn  proftpd-mod-geoip 
pn  proftpd-mod-ldap  
pn  proftpd-mod-mysql 
pn  proftpd-mod-odbc  
pn  proftpd-mod-pgsql 
pn  proftpd-mod-snmp  
pn  proftpd-mod-sqlite

-- debconf information excluded

Bug#949621: webkit2gtk: Please pass "--reduce-memory-overheads" on non-Gold targets

[John Paul Adrian Glaubitz]

Source: webkit2gtk
Version: 2.26.3-1
Severity: normal
User: debian-...@lists.debian.org
Usertags: m68k

Hi!

In order to avoid memory exhaustation on 32-bit targets not using Gold,
please pass "--reduce-memory-overheads" to the linker:

ifneq (,$(filter $(DEB_HOST_ARCH),hppa m68k powerpc sh4))
LDFLAGS += -Wl,--reduce-memory-overheads
endif

I copied that flag from openSUSE where it is used on every target not
enabling the Gold linker [1] (line 300).

Thanks,
Adrian

> [1] 
> https://build.opensuse.org/package/view_file/openSUSE:Factory:ARM/webkit2gtk3/webkit2gtk3.spec?expand=1

--
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaub...@debian.org
`. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Bug#949619: chromium: Chromium crashes when running WebGL offscreencanvas-timer-query test.

[Witold Baryluk]

Package: chromium
Version: 79.0.3945.130-2
Followup-For: Bug #949619

BTW. My GPU does support relevant extensions:

user@debian:~$ glxinfo | grep timer_query
GL_ARB_timer_query, GL_EXT_timer_query, GL_EXT_timer_query, 
GL_EXT_disjoint_timer_query,
user@debian:~$

I tested this also in Firefox-esr 68.4.2, but it doesn't fully test it, and 
says:
PASS No OffscreenCanvas support
TEST COMPLETE

So, it basically skips the test. The OffscreenCanvas support in Firefox was
added around Firefox 44 with some not full support, and is behind the flag.
I enabled the proper flag in the about:config, and it did do a bit more:

Firefox-esr 68.4.2 with gfx.offscreencanvas.enabled=true:
PASS PASSED - no EXT_disjoint_timer_query extension - this is legal
TEST COMPLETE

So again, that basically skipps the test.


Actually, now digging deeper it looks it was disabled on purpose in
Firefox (it was supported in verions 51 to 63).

EXT_disjoint_timer_query is able to give pretty precise timeing
information, and if the GPU is actually using system memory via CPU
caches (i.e. AMD APU, or ARM CPU with GPU sharing memory subsystem) it
can be used for rowhammer style attacks and other side channel attacks
possibly via GPU.

see:
https://www.vusec.net/projects/glitch/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10229


However, Chromium should still not crash :)





-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.2.0-3-amd64 (SMP w/32 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages chromium depends on:
ii  chromium-common  79.0.3945.130-2
ii  libasound2   1.2.1.2-2
ii  libatk-bridge2.0-0   2.34.1-2
ii  libatk1.0-0  2.34.1-1
ii  libatomic1   9.2.1-24
ii  libatspi2.0-02.34.0-3
ii  libavcodec58 7:4.2.1-2+b1
ii  libavformat587:4.2.1-2+b1
ii  libavutil56  7:4.2.1-2+b1
ii  libc62.29-9
ii  libcairo-gobject21.16.0-4
ii  libcairo21.16.0-4
ii  libcups2 2.3.1-1
ii  libdbus-1-3  1.12.16-2
ii  libdrm2  2.4.100-4
ii  libevent-2.1-7   2.1.11-stable-1
ii  libexpat12.2.9-1
ii  libflac8 1.3.3-1
ii  libfontconfig1   2.13.1-2+b1
ii  libfreetype6 2.10.1-2
ii  libgcc1  1:9.2.1-24
ii  libgdk-pixbuf2.0-0   2.40.0+dfsg-2
ii  libglib2.0-0 2.62.4-1+b1
ii  libgtk-3-0   3.24.13-1
ii  libharfbuzz0b2.6.4-1
ii  libicu63 63.2-2
ii  libjpeg62-turbo  1:1.5.2-2+b1
ii  libjsoncpp1  1.7.4-3+b1
ii  liblcms2-2   2.9-4
ii  libminizip1  1.1-8+b1
ii  libnspr4 2:4.24-1
ii  libnss3  2:3.49.1-1
ii  libopenjp2-7 2.3.1-1
ii  libopus0 1.3-1+b1
ii  libpango-1.0-0   1.42.4-8
ii  libpangocairo-1.0-0  1.42.4-8
ii  libpci3  1:3.6.2-6
ii  libpng16-16  1.6.37-1
ii  libpulse013.0-3
ii  libre2-5 20200101+dfsg-1
ii  libsnappy1v5 1.1.7-2
ii  libstdc++6   9.2.1-24
ii  libva2   2.6.1-1
ii  libvpx6  1.8.2-1
ii  libwebp6 0.6.1-2+b1
ii  libwebpdemux20.6.1-2+b1
ii  libwebpmux3  0.6.1-2+b1
ii  libx11-6 2:1.6.8-1
ii  libx11-xcb1  2:1.6.8-1
ii  libxcb1  1.13.1-3
ii  libxcomposite1   1:0.4.4-2
ii  libxcursor1  1:1.2.0-2
ii  libxdamage1  1:1.1.5-1
ii  libxext6 2:1.3.3-1+b2
ii  libxfixes3   1:5.0.3-1
ii  libxi6   2:1.7.9-1
ii  libxml2  2.9.4+dfsg1-8
ii  libxrandr2   2:1.5.1-1
ii  libxrender1  1:0.9.10-1
ii  libxslt1.1   1.1.32-2.2
ii  libxss1  1:1.2.3-1
ii  libxtst6 2:1.2.3-1
ii  zlib1g   1:1.2.11.dfsg-1+b1

Versions of packages chromium recommends:
ii  chromium-sandbox  79.0.3945.130-2

Versions of packages chromium suggests:
pn  chromium-driver  
ii  chromium-l10n79.0.3945.130-2
pn  chromium-shell   

Versions of packages chromium-common depends on:
ii  x11-utils  7.7+4
ii  xdg-utils  1.1.3-1

Versions of packages chromium-common recommends:
ii  chromium-sandbox79.0.3945.130-2
ii  fonts-liberation1:1.07.4-10
ii  libgl1-mesa-dri 19.3.2-1
ii  libu2f-udev 1.1.10-1
ii  mate-notification-daemon [notification-daemon]  1.22.1-1
ii  notification-daemon 3.20.0-4
ii  system-config-printer   1.5.12-1
ii  upower  

Bug#949620: BUG: kernel NULL pointer dereference, address: 0000000000000040

[user]

Package: src:linux
Version: 5.4.8-1
Severity: grave
Tags: a11y
Justification: renders package unusable

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

* What led up to the situation?

boot a computer, log in (xfce), watch netflix on firefox for few minutes



* What exactly did you do (or not do) that was effective (or ineffective)?

the screen freezes but the sound of the video still playing normally, keyboard 
mouse, do not work.
computer is still accessible over the network (ssh) but fails to 
restart/poweroff in reasonable time

Kernel 5.3 seems to work though.

the last message on dmesg:

[  316.891752] BUG: kernel NULL pointer dereference, address: 0040
[  316.891759] #PF: supervisor read access in kernel mode
[  316.891761] #PF: error_code(0x) - not-present page
[  316.891762] PGD 0 P4D 0 
[  316.891765] Oops:  [#1] SMP PTI
[  316.891769] CPU: 5 PID: 2600 Comm: xfwm4 Not tainted 5.4.0-2-amd64 #1 Debian 
5.4.8-1
[  316.891770] Hardware name: Dell Inc. Inspiron 7472/03N1RF, BIOS 1.2.1 
05/31/2019
[  316.891861] RIP: 0010:i915_active_acquire+0x9/0x70 [i915]
[  316.891864] Code: 00 00 00 48 c7 46 58 00 00 00 00 c7 46 38 00 00 00 00 48 
c7 c6 0a a0 8b c0 e9 c3 77 70 d2 0f 1f 00 0f 1f 44 00 00 41 54 55 53 <8b> 47 38 
48 89 fb 85 c0 74 15 8d 50 01 f0 0f b1 53 38 75 f2 45 31
[  316.891865] RSP: 0018:ba0802a3ba40 EFLAGS: 00010286
[  316.891867] RAX:  RBX: 9ae5ea9f5000 RCX: 
[  316.891869] RDX: 9ae5ed6bf600 RSI: 9ae5ea9f5000 RDI: 0008
[  316.891870] RBP: 9ae5ed6bf600 R08: 9ae5f92cc388 R09: 9ae5f92cc388
[  316.891871] R10: a000 R11:  R12: 0008
[  316.891872] R13: 0004 R14: 9ae5ed6bf600 R15: 401c
[  316.891874] FS:  7f8afe17df00() GS:9ae5ff54() 
knlGS:
[  316.891875] CS:  0010 DS:  ES:  CR0: 80050033
[  316.891876] CR2: 0040 CR3: 00023e410001 CR4: 003606e0
[  316.891878] Call Trace:
[  316.891915]  i915_active_ref+0x21/0x210 [i915]
[  316.891949]  ? intel_fbc_deactivate+0x19/0x60 [i915]
[  316.891984]  i915_vma_move_to_active+0x6e/0xf0 [i915]
[  316.892019]  i915_gem_do_execbuffer+0xc62/0x1520 [i915]
[  316.892028]  ? _cond_resched+0x15/0x30
[  316.892030]  ? mutex_lock+0xe/0x30
[  316.892038]  ? unix_stream_read_generic+0x1f7/0x8f0
[  316.892044]  ? __kmalloc_node+0x1f5/0x300
[  316.892073]  i915_gem_execbuffer2_ioctl+0x1df/0x3d0 [i915]
[  316.892102]  ? i915_gem_madvise_ioctl+0x13a/0x290 [i915]
[  316.892131]  ? i915_gem_execbuffer_ioctl+0x2e0/0x2e0 [i915]
[  316.892179]  drm_ioctl_kernel+0xaa/0xf0 [drm]
[  316.892190]  drm_ioctl+0x208/0x390 [drm]
[  316.892243]  ? i915_gem_execbuffer_ioctl+0x2e0/0x2e0 [i915]
[  316.892249]  do_vfs_ioctl+0x40e/0x670
[  316.892253]  ksys_ioctl+0x5e/0x90
[  316.892256]  __x64_sys_ioctl+0x16/0x20
[  316.892260]  do_syscall_64+0x52/0x160
[  316.892264]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  316.892267] RIP: 0033:0x7f8aff6535b7
[  316.892269] Code: 00 00 90 48 8b 05 d9 78 0c 00 64 c7 00 26 00 00 00 48 c7 
c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 
f0 ff ff 73 01 c3 48 8b 0d a9 78 0c 00 f7 d8 64 89 01 48
[  316.892271] RSP: 002b:7ffcbe665b38 EFLAGS: 0246 ORIG_RAX: 
0010
[  316.892272] RAX: ffda RBX: 7ffcbe665b80 RCX: 7f8aff6535b7
[  316.892274] RDX: 7ffcbe665b80 RSI: 40406469 RDI: 000a
[  316.892275] RBP: 40406469 R08: 55a46f1fc000 R09: 
[  316.892276] R10:  R11: 0246 R12: 55a46f574a80
[  316.892277] R13: 000a R14:  R15: 7f8af7f346a8
[  316.892279] Modules linked in: nf_tables nfnetlink ctr ccm fuse cmac bnep 
x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass 
crct10dif_pclmul crc32_pclmul snd_hda_codec_hdmi intel_rapl_msr 
ghash_clmulni_intel snd_soc_skl snd_soc_hdac_hda snd_hda_ext_core 
snd_soc_sst_ipc snd_soc_sst_dsp snd_soc_acpi_intel_match snd_soc_acpi 
snd_hda_codec_realtek snd_soc_core ath10k_pci snd_hda_codec_generic ath10k_core 
snd_compress aesni_intel dell_laptop btusb ath ledtrig_audio crypto_simd btrtl 
snd_hda_intel snd_intel_nhlt nls_ascii cryptd btbcm dell_smm_hwmon glue_helper 
btintel mac80211 snd_hda_codec intel_cstate nls_cp437 bluetooth intel_uncore 
vfat rtsx_usb_ms fat memstick intel_rapl_perf uvcvideo snd_hda_core cfg80211 
videobuf2_vmalloc snd_hwdep efi_pstore videobuf2_memops videobuf2_v4l2 drbg 
snd_pcm videobuf2_common dell_wmi snd_timer dell_smbios ansi_cprng videodev 
dcdbas iTCO_wdt snd pcspkr ecdh_generic dell_wmi_descriptor iTCO_vendor_support 
ecc wmi_bmof serio_raw efivars
[  316.892324]  soundcore watchdog libarc4 joydev mc tpm_crb tpm_tis rfkill 
tpm_tis_core mei_me processor_thermal_device mei hid_multitouch sg tpm 
intel_rapl_common 

Bug#949619: chromium: Chromium crashes when running WebGL offscreencanvas-timer-query test.

[Witold Baryluk]

Package: chromium
Version: 79.0.3945.130-2
Severity: normal

Dear Maintainer,

When visiting this URL:

https://www.khronos.org/registry/webgl/sdk/tests/conformance/offscreencanvas/offscreencanvas-timer-query.html?webglVersion=1=0=1

Chromium 79 crashes:


Thread 136 "DedicatedWorker" hit Temporary breakpoint 1, 0x5d2049d7 in 
blink::WebGLTimerQueryEXT::WebGLTimerQueryEXT(blink::WebGLRenderingContextBase*)
 ()
(gdb) bt
#0  0x5d2049d7 in 
blink::WebGLTimerQueryEXT::WebGLTimerQueryEXT(blink::WebGLRenderingContextBase*)
 ()
#1  0x5d20534c in 
blink::WebGLTimerQueryEXT::Create(blink::WebGLRenderingContextBase*) ()
#2  0x5d20c1bc in blink::EXTDisjointTimerQuery::createQueryEXT() ()
#3  0x5d2bbe7e in 
blink::V8EXTDisjointTimerQuery::CreateQueryEXTMethodCallback(v8::FunctionCallbackInfo
 const&) ()
#4  0x580a48f2 in 
v8::internal::FunctionCallbackArguments::Call(v8::internal::CallHandlerInfo) ()
#5  0x580a4c90 in v8::internal::MaybeHandle 
v8::internal::(anonymous 
namespace)::HandleApiCallHelper(v8::internal::Isolate*, 
v8::internal::Handle, 
v8::internal::Handle, 
v8::internal::Handle, 
v8::internal::Handle, v8::internal::BuiltinArguments) ()
#6  0x580a5562 in 
v8::internal::Builtin_Impl_HandleApiCall(v8::internal::BuiltinArguments, 
v8::internal::Isolate*) ()
#7  0x580a5dc9 in v8::internal::Builtin_HandleApiCall(int, unsigned 
long*, v8::internal::Isolate*) ()
#8  0x5892c539 in 
Builtins_CEntry_Return1_DontSaveFPRegs_ArgvOnStack_BuiltinExit () at 
../../v8/src/builtins/base.tq:3629
#9  0x588b859b in Builtins_InterpreterEntryTrampoline () at 
../../v8/src/builtins/base.tq:412
#10 0x3205841c04b9 in  ()
#11 0x30e0ba2c3671 in  ()
#12 0x0005 in  ()
#13 0x3205841c0599 in  ()
#14 0x3025fb9e1549 in  ()
#15 0x3205841c04b9 in  ()
#16 0x3205841c04b9 in  ()
#17 0x3205841c04b9 in  ()
#18 0x3578d70e5921 in  ()
#19 0x3025fb9e1549 in  ()
#20 0x30e0ba2c3671 in  ()
#21 0x3578d70c42e9 in  ()
#22 0x1f86301d82b9 in  ()
#23 0x00a8 in  ()
#24 0x3578d70e5bd9 in  ()
#25 0x3578d70e38b9 in  ()
#26 0x1f86301d7a99 in  ()
#27 0x7ffdebffd278 in  ()
#28 0x588b619a in Builtins_JSEntryTrampoline () at 
../../v8/src/builtins/base.tq:412
#29 0x1f86301d7a39 in  ()
#30 0x1f86301c35e1 in  ()
#31 0x3578d70e38b9 in  ()
#32 0x0022 in  ()
#33 0x7ffdebffd2e0 in  ()
#34 0x588b5f78 in Builtins_JSEntry () at 
../../v8/src/builtins/base.tq:412


Mesa 19.3.2 with AMD Fury Radeon X GPU. Under X11 and MATA DE/WM.



-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.2.0-3-amd64 (SMP w/32 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages chromium depends on:
ii  chromium-common  79.0.3945.130-2
ii  libasound2   1.2.1.2-2
ii  libatk-bridge2.0-0   2.34.1-2
ii  libatk1.0-0  2.34.1-1
ii  libatomic1   9.2.1-24
ii  libatspi2.0-02.34.0-3
ii  libavcodec58 7:4.2.1-2+b1
ii  libavformat587:4.2.1-2+b1
ii  libavutil56  7:4.2.1-2+b1
ii  libc62.29-9
ii  libcairo-gobject21.16.0-4
ii  libcairo21.16.0-4
ii  libcups2 2.3.1-1
ii  libdbus-1-3  1.12.16-2
ii  libdrm2  2.4.100-4
ii  libevent-2.1-7   2.1.11-stable-1
ii  libexpat12.2.9-1
ii  libflac8 1.3.3-1
ii  libfontconfig1   2.13.1-2+b1
ii  libfreetype6 2.10.1-2
ii  libgcc1  1:9.2.1-24
ii  libgdk-pixbuf2.0-0   2.40.0+dfsg-2
ii  libglib2.0-0 2.62.4-1+b1
ii  libgtk-3-0   3.24.13-1
ii  libharfbuzz0b2.6.4-1
ii  libicu63 63.2-2
ii  libjpeg62-turbo  1:1.5.2-2+b1
ii  libjsoncpp1  1.7.4-3+b1
ii  liblcms2-2   2.9-4
ii  libminizip1  1.1-8+b1
ii  libnspr4 2:4.24-1
ii  libnss3  2:3.49.1-1
ii  libopenjp2-7 2.3.1-1
ii  libopus0 1.3-1+b1
ii  libpango-1.0-0   1.42.4-8
ii  libpangocairo-1.0-0  1.42.4-8
ii  libpci3  1:3.6.2-6
ii  libpng16-16  1.6.37-1
ii  libpulse013.0-3
ii  libre2-5 20200101+dfsg-1
ii  libsnappy1v5 1.1.7-2
ii  libstdc++6   9.2.1-24
ii  libva2   2.6.1-1
ii  libvpx6  1.8.2-1
ii  libwebp6 0.6.1-2+b1
ii  libwebpdemux20.6.1-2+b1
ii  libwebpmux3  0.6.1-2+b1
ii  libx11-6 2:1.6.8-1
ii  libx11-xcb1  2:1.6.8-1
ii  libxcb1  1.13.1-3
ii  libxcomposite1   1:0.4.4-2
ii  

Bug#949567: lookng at log files

[Thomas Lange]

These are the tasks called in the first and second run:

first run:

Calling task_action
Calling task_dirinstall

second run:

Calling task_confdir
Calling task_setup
Calling task_defclass
Calling task_defvar
Calling task_action
Calling task_dirinstall

I wonder why the tasks before task_action are not called. are they
only missing in the logs?

-- 
regards Thomas

Bug#949618: webkit2gtk: Please disable Gold linker on powerpc

[John Paul Adrian Glaubitz]

Source: webkit2gtk
Version: 2.26.3-1
Severity: normal
User: debian-powe...@lists.debian.org
Usertags: powerpc

Hi!

The Gold linker is causing issues on powerpc which can be fixed by simply
linking webkit2gtk with the standard BFD linker instead.

Please disable Gold on powerpc with:

ifneq (,$(filter $(DEB_HOST_ARCH),powerpc))
EXTRA_CMAKE_ARGUMENTS += -DUSE_LD_GOLD=OFF
endif

Gold is disabled on openSUSE as well where webkit2gtk builds fine and I have
verified that this is the case on Debian as well.

Adrian

> [1] 
> https://build.opensuse.org/package/view_file/openSUSE:Factory:ARM/webkit2gtk3/webkit2gtk3.spec?expand=1

--
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaub...@debian.org
`. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Bug#949135: transition: netcdf-fortran

[Paul Gevers]

Control: tags -1 confirmed

Hi Bas,

On 17-01-2020 11:22, Bas Couwenberg wrote:
> netcdf-fortran bumped its SONAME requiring a transition.

Please go ahead.

Am I correct in saying that it makes a lot of sense to take this
transition together with the netcdf transition? If so, please combine
that transition and go ahead with that one as well.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#949584: mmdebstrap fails to create temp file if TMPDIR is set to directory with mode 0755

[Johannes Schauer]

Hi,

Quoting Benjamin Drung (2020-01-22 13:23:36)
> Am Mittwoch, den 22.01.2020, 13:13 +0100 schrieb Johannes Schauer:
> > Quoting Benjamin Drung (2020-01-22 12:58:38)
> > > when I set TMPDIR to a directory that has mode 0755, mmdebstrap
> > > will fail:
> > > 
> > > ```
> > > $ ls -ld .
> > > drwxr-xr-x 3 bdrung bdrung 80 Jan 22 12:43 .
> > > $ TMPDIR=$(pwd) mmdebstrap buster buster.tar.xz
> > > I: automatically chosen mode: unshare
> > 
> > you are using the unshare mode. This means that your temporary
> > directory needs
> > to be accessible by the unshared user. Evidently it is not. I don't
> > think there
> > is anything that mmdebstrap can do about it.
> 
> mmdebstrap could create a temporary directory, change the mode to 1777 and
> let unshare use that, couldn't it?

but that's not where the error comes from. From the output you posted in your
report it seems like mmdebstrap is not able to create the temporary directory
at all. Obviously it cannot change permissions of something that doesn't exist.
I don't think mmdebstrap should attempt touching the permissions of the $TMPDIR
directory.

Also: the sticky bit probably has no influence on whether or not you get the
"permission denied" error, right?

Thanks!

cheers, josch


signature.asc
Description: signature

Bug#891410:

[Mario Limonciello]

I think that upstream would be happy to switch to a "public" interface in
the future.  Would you mind suggesting something upstream with the relevant
changes that make sense?

On Mon, Jan 20, 2020 at 7:52 AM Guilhem Moulin  wrote:

> On Mon, 20 Jan 2020 at 07:12:37 -0600, Mario Limonciello wrote:
> > FYI, the newly released version 12 has initramfs support.
>
> Hmm.  I guess I'm part of the problem since I haven't found time to help
> with this unfortunately, but on a quick look it appears that my comments
> from msg#27 and msg#32 still hold.
>
> cryptsetup's initramfs integration isn't part of cryptsetup upstream,
> but is development and maintained by the Debian packaging team, which
> I'm part of.  AFAICT clevis upstream seem to have taken shell scripts
> from src:cryptsetup and adapted them to their needs.  Might work right
> now, but these file use *internal* / *undocumented* interfaces which are
> subject to change without notice.  I fear clevis initramfs users have a
> real risk of ending up with an unbootable system when we do update these
> interfaces.
>
> --
> Guilhem.
>


-- 
Mario Limonciello
supe...@gmail.com

Bug#576829: xdg-settings: cannot set default-web-browser

[Witold Baryluk]

Package: xdg-utils
Followup-For: Bug #576829

FYI. Works for me:

user@debian:/tmp$ xdg-settings get default-web-browser
firefox-esr.desktop
user@debian:/tmp$ xdg-settings set default-web-browser chromium.desktop
user@debian:/tmp$ xdg-settings get default-web-browser
chromium.desktop
user@debian:/tmp$ 


-- Package-specific info:
Desktop environment: XDG_CURRENT_DESKTOP=MATE

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.2.0-3-amd64 (SMP w/32 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

xdg-utils depends on no packages.

Versions of packages xdg-utils recommends:
ii  libfile-mimeinfo-perl  0.29-1
ii  libnet-dbus-perl   1.2.0-1
ii  libx11-protocol-perl   0.56-7
ii  x11-utils  7.7+4
ii  x11-xserver-utils  7.7+8

xdg-utils suggests no packages.

-- no debconf information

Bug#949617: modemmanager: please create a stable backport

[Martin]

Package: modemmanager
Version: 1.10.4-0.1
Severity: wishlist

Some newer modems are supported, which is helpful to users
of Debian 10/buster. This backport probably requires backports
of libmbim and libqmi, too.

If you don't have the time to do the backport or similar, I
would do that backport myself, if there are no objections.

Bug#943563: chromium crash when trying to check error status after invalidateing framebuffer in WebGL

[Witold Baryluk]

Package: chromium
Followup-For: Bug #943563

Looks to be fixed in chromium 79.

I can't reproduce it now on the same hardware, but with Mesa 19.3.2 (I
was testing with Mesa 19.2.1 previously).

In fact the framebuffer invalidation tests all pass now, and no crashes
either.


There are some other issues with WebGL conformance test, including some
serious regressions, but that should be filled as a separate bug.




-- System Information:
Debian Release: bullseye/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.2.0-3-amd64 (SMP w/32 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages chromium depends on:
ii  chromium-common  79.0.3945.130-2
ii  libasound2   1.2.1.2-2
ii  libatk-bridge2.0-0   2.34.1-2
ii  libatk1.0-0  2.34.1-1
ii  libatomic1   9.2.1-24
ii  libatspi2.0-02.34.0-3
ii  libavcodec58 7:4.2.1-2+b1
ii  libavformat587:4.2.1-2+b1
ii  libavutil56  7:4.2.1-2+b1
ii  libc62.29-9
ii  libcairo-gobject21.16.0-4
ii  libcairo21.16.0-4
ii  libcups2 2.3.1-1
ii  libdbus-1-3  1.12.16-2
ii  libdrm2  2.4.100-4
ii  libevent-2.1-7   2.1.11-stable-1
ii  libexpat12.2.9-1
ii  libflac8 1.3.3-1
ii  libfontconfig1   2.13.1-2+b1
ii  libfreetype6 2.10.1-2
ii  libgcc1  1:9.2.1-24
ii  libgdk-pixbuf2.0-0   2.40.0+dfsg-2
ii  libglib2.0-0 2.62.4-1+b1
ii  libgtk-3-0   3.24.13-1
ii  libharfbuzz0b2.6.4-1
ii  libicu63 63.2-2
ii  libjpeg62-turbo  1:1.5.2-2+b1
ii  libjsoncpp1  1.7.4-3+b1
ii  liblcms2-2   2.9-4
ii  libminizip1  1.1-8+b1
ii  libnspr4 2:4.24-1
ii  libnss3  2:3.49-1
ii  libopenjp2-7 2.3.1-1
ii  libopus0 1.3-1+b1
ii  libpango-1.0-0   1.42.4-8
ii  libpangocairo-1.0-0  1.42.4-8
ii  libpci3  1:3.6.2-6
ii  libpng16-16  1.6.37-1
ii  libpulse013.0-3
ii  libre2-5 20200101+dfsg-1
ii  libsnappy1v5 1.1.7-2
ii  libstdc++6   9.2.1-24
ii  libva2   2.6.1-1
ii  libvpx6  1.8.2-1
ii  libwebp6 0.6.1-2+b1
ii  libwebpdemux20.6.1-2+b1
ii  libwebpmux3  0.6.1-2+b1
ii  libx11-6 2:1.6.8-1
ii  libx11-xcb1  2:1.6.8-1
ii  libxcb1  1.13.1-3
ii  libxcomposite1   1:0.4.4-2
ii  libxcursor1  1:1.2.0-2
ii  libxdamage1  1:1.1.5-1
ii  libxext6 2:1.3.3-1+b2
ii  libxfixes3   1:5.0.3-1
ii  libxi6   2:1.7.9-1
ii  libxml2  2.9.4+dfsg1-8
ii  libxrandr2   2:1.5.1-1
ii  libxrender1  1:0.9.10-1
ii  libxslt1.1   1.1.32-2.2
ii  libxss1  1:1.2.3-1
ii  libxtst6 2:1.2.3-1
ii  zlib1g   1:1.2.11.dfsg-1+b1

Versions of packages chromium recommends:
ii  chromium-sandbox  79.0.3945.130-2

Versions of packages chromium suggests:
pn  chromium-driver  
ii  chromium-l10n79.0.3945.130-2
pn  chromium-shell   

Versions of packages chromium-common depends on:
ii  x11-utils  7.7+4
ii  xdg-utils  1.1.3-1

Versions of packages chromium-common recommends:
ii  chromium-sandbox79.0.3945.130-2
ii  fonts-liberation1:1.07.4-10
ii  libgl1-mesa-dri 19.3.2-1
ii  libu2f-udev 1.1.10-1
ii  mate-notification-daemon [notification-daemon]  1.22.1-1
ii  notification-daemon 3.20.0-4
ii  system-config-printer   1.5.12-1
ii  upower  0.99.11-1

Versions of packages chromium-sandbox depends on:
ii  libatomic1  9.2.1-24
ii  libc6   2.29-9
ii  libgcc1 1:9.2.1-24
ii  libstdc++6  9.2.1-24

-- no debconf information

Bug#949615: [Pkg-javascript-devel] Bug#949615: node-lodash: lodash does not export runInContext()

[Xavier]

Le 22/01/2020 à 21:16, Xavier Guimard a écrit :
> Package: node-lodash
> Version: 4.17.15+dfsg-1
> Severity: important
> 
> Hi,
> 
> our lodash does not export while npm registry one export it. This
> affects node-grunt-legacy-util upgrade. To reproduce this, try
> node-grunt-legacy-util test from salsa:
> 
> $ dh_quilt_patch
> $ sh debian/tests/pkg-js/test
> (node:1971963) [DEP0016] DeprecationWarning: 'root' is deprecated, use 
> 'global'
> Running "nodeunit:util" (nodeunit) task
> Fatal error: require(...).runInContext is not a function
> 
> Then install lodash from np registry in node_modules and relauch test,
> it works.
> 
> Cheers,
> Xavier

Of course same version

Bug#947930: transition: gspell

[Paul Gevers]

Control: tags -1 confirmed

Hi Laurent,

On 02-01-2020 10:20, Laurent Bigonville wrote:
> The soname of the gspell library has bumped its soname from
> libgspell-1-1 to libgspell-1-2
> 
> I rebuilt all the rdeps and they all build fine with the new library.
> BUT ATM there is an issue with gnome-software (and sysprof) on ppc64el
> that should be fixed first before we can start the transition.
> 
> The following packages needs a source upload as they also need to be
> updated to use enchant-2 to avoid having both enchant(1) and enchant-2
> linked inside the same binary:
> 
> geary
> gnome-builder
> evolution

Please go ahead in unstable.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#949615: node-lodash: lodash does not export runInContext()

[Xavier Guimard]

Package: node-lodash
Version: 4.17.15+dfsg-1
Severity: important

Hi,

our lodash does not export while npm registry one export it. This
affects node-grunt-legacy-util upgrade. To reproduce this, try
node-grunt-legacy-util test from salsa:

$ dh_quilt_patch
$ sh debian/tests/pkg-js/test
(node:1971963) [DEP0016] DeprecationWarning: 'root' is deprecated, use 'global'
Running "nodeunit:util" (nodeunit) task
Fatal error: require(...).runInContext is not a function

Then install lodash from np registry in node_modules and relauch test,
it works.

Cheers,
Xavier

Bug#947207: chromium: Video is garbled on twitch.tv, most other video sites

[Witold Baryluk]

Package: chromium
Version: 79.0.3945.130-2
Followup-For: Bug #947207

Dear Maintainer,

I can reproduce this issue on my Linux Debian sid, amd64, Mesa 19.3.2 and
AMD Radeon Fury X GPU.

It happens on twitch, gfycat embeded videos, v.reddit.com embeded videos,
and few more.

It creates this red / yellow high saturated videos with clipped values,
but even before the start of the video, the poster is displayed
incorrectly.

Youtube (VP9 codec) works.

It did work in Chromium 76. It also works by disabling hardware
acceleration in Chromium, at the cost of performance.


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.2.0-3-amd64 (SMP w/32 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages chromium depends on:
ii  chromium-common  79.0.3945.130-2
ii  libasound2   1.2.1.2-2
ii  libatk-bridge2.0-0   2.34.1-2
ii  libatk1.0-0  2.34.1-1
ii  libatomic1   9.2.1-24
ii  libatspi2.0-02.34.0-3
ii  libavcodec58 7:4.2.1-2+b1
ii  libavformat587:4.2.1-2+b1
ii  libavutil56  7:4.2.1-2+b1
ii  libc62.29-9
ii  libcairo-gobject21.16.0-4
ii  libcairo21.16.0-4
ii  libcups2 2.3.1-1
ii  libdbus-1-3  1.12.16-2
ii  libdrm2  2.4.100-4
ii  libevent-2.1-7   2.1.11-stable-1
ii  libexpat12.2.9-1
ii  libflac8 1.3.3-1
ii  libfontconfig1   2.13.1-2+b1
ii  libfreetype6 2.10.1-2
ii  libgcc1  1:9.2.1-24
ii  libgdk-pixbuf2.0-0   2.40.0+dfsg-2
ii  libglib2.0-0 2.62.4-1+b1
ii  libgtk-3-0   3.24.13-1
ii  libharfbuzz0b2.6.4-1
ii  libicu63 63.2-2
ii  libjpeg62-turbo  1:1.5.2-2+b1
ii  libjsoncpp1  1.7.4-3+b1
ii  liblcms2-2   2.9-4
ii  libminizip1  1.1-8+b1
ii  libnspr4 2:4.24-1
ii  libnss3  2:3.49-1
ii  libopenjp2-7 2.3.1-1
ii  libopus0 1.3-1+b1
ii  libpango-1.0-0   1.42.4-8
ii  libpangocairo-1.0-0  1.42.4-8
ii  libpci3  1:3.6.2-6
ii  libpng16-16  1.6.37-1
ii  libpulse013.0-3
ii  libre2-5 20200101+dfsg-1
ii  libsnappy1v5 1.1.7-2
ii  libstdc++6   9.2.1-24
ii  libva2   2.6.1-1
ii  libvpx6  1.8.2-1
ii  libwebp6 0.6.1-2+b1
ii  libwebpdemux20.6.1-2+b1
ii  libwebpmux3  0.6.1-2+b1
ii  libx11-6 2:1.6.8-1
ii  libx11-xcb1  2:1.6.8-1
ii  libxcb1  1.13.1-3
ii  libxcomposite1   1:0.4.4-2
ii  libxcursor1  1:1.2.0-2
ii  libxdamage1  1:1.1.5-1
ii  libxext6 2:1.3.3-1+b2
ii  libxfixes3   1:5.0.3-1
ii  libxi6   2:1.7.9-1
ii  libxml2  2.9.4+dfsg1-8
ii  libxrandr2   2:1.5.1-1
ii  libxrender1  1:0.9.10-1
ii  libxslt1.1   1.1.32-2.2
ii  libxss1  1:1.2.3-1
ii  libxtst6 2:1.2.3-1
ii  zlib1g   1:1.2.11.dfsg-1+b1

Versions of packages chromium recommends:
ii  chromium-sandbox  79.0.3945.130-2

Versions of packages chromium suggests:
pn  chromium-driver  
ii  chromium-l10n79.0.3945.130-2
pn  chromium-shell   

Versions of packages chromium-common depends on:
ii  x11-utils  7.7+4
ii  xdg-utils  1.1.3-1

Versions of packages chromium-common recommends:
ii  chromium-sandbox79.0.3945.130-2
ii  fonts-liberation1:1.07.4-10
ii  libgl1-mesa-dri 19.3.2-1
ii  libu2f-udev 1.1.10-1
ii  mate-notification-daemon [notification-daemon]  1.22.1-1
ii  notification-daemon 3.20.0-4
ii  system-config-printer   1.5.12-1
ii  upower  0.99.11-1

Versions of packages chromium-sandbox depends on:
ii  libatomic1  9.2.1-24
ii  libc6   2.29-9
ii  libgcc1 1:9.2.1-24
ii  libstdc++6  9.2.1-24

-- no debconf information

Bug#949614: modemmanager: increase qmi_device_open retries

[Martin]

Package: modemmanager
Version: 1.10.0-1
Tags: patch

Upstream fixed an issue, that prevents certain modem to connect.
For the users of such modems, it would be very useful to have
that fixed in buster, too.

Here is the (very small) diff:

commit 301bdcfef7e3407a675b37b99d2c57ddb249baa8
Author: Daniele Palmas 
Date:   Fri Feb 22 13:44:29 2019 +0100

port-qmi: increase qmi_device_open retries

Telit modems LM940/960 need more time for becoming responsive
to qmi requests after device appearance.

diff --git a/src/mm-port-qmi.c b/src/mm-port-qmi.c
index 129700c9..af981350 100644
--- a/src/mm-port-qmi.c
+++ b/src/mm-port-qmi.c
@@ -405,7 +405,7 @@ port_open_step (GTask *task)
 qmi_device_open (ctx->device,
  (QMI_DEVICE_OPEN_FLAGS_VERSION_INFO |
   QMI_DEVICE_OPEN_FLAGS_PROXY),
- 10,
+ 20,
  g_task_get_cancellable (task),
  (GAsyncReadyCallback) qmi_device_open_first_ready,
  task);

See
https://gitlab.freedesktop.org/aleksm/ModemManager/commit/301bdcfef7e3407a675b37b99d2c57ddb249baa8

Bug#949612: PendingDeprecationWarning: isAlive() is deprecated, use is_alive() instead

[dann frazier]

Package: apt-offline
Version: 1.8.1
Severity: normal

apt-offline reports a PendingDeprecationWarning as shown below:

$ apt-offline get apt-offline.sig --bundle update.zip

Fetching APT Data

Downloading flash-kernel - 30 KiB   
  
flash-kernel done 
Traceback (most recent call last):
  File "/usr/bin/apt-offline", line 28, in 
main()
  File "/usr/lib/python3/dist-packages/apt_offline_core/AptOfflineCoreLib.py", 
line 2211, in main
args.func(args)
  File "/usr/lib/python3/dist-packages/apt_offline_core/AptOfflineCoreLib.py", 
line 1360, in fetcher
ConnectThread.stopQueue(0.2)
  File "/usr/lib/python3/dist-packages/apt_offline_core/AptOfflineLib.py", line 
674, in stopQueue
if not thread.isAlive():
  File "/usr/lib/python3.7/threading.py", line 1113, in isAlive
PendingDeprecationWarning, stacklevel=2)
PendingDeprecationWarning: isAlive() is deprecated, use is_alive() instead
Downloading base-files - 58 KiB 

base-files done 
Downloading bash - 533 KiB

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.5.0-rc5-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apt-offline depends on:
ii  apt1.8.4
ii  less   551-1
ii  python33.7.5-3
ii  python3-magic  2:0.4.15-3

Versions of packages apt-offline recommends:
ii  debian-archive-keyring  2019.1
ii  python-lzma 0.5.3-4
ii  python-soappy   0.12.22-1
ii  python3-debianbts   3.0.2

apt-offline suggests no packages.

-- no debconf information

Bug#949613: python-uncertainties-doc: missing Breaks+Replaces: python-uncertainties

[Andreas Beckmann]

Package: python-uncertainties-doc
Version: 3.1.2-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'stable'.
It installed fine in 'stable', then the upgrade to 'sid' fails
because it tries to overwrite other packages files without declaring a
Breaks+Replaces relation.

See policy 7.6 at
https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces

This test intentionally skipped 'testing' to find file overwrite
problems before packages migrate from 'unstable' to 'testing'.

>From the attached log (scroll to the bottom...):

  Preparing to unpack .../python-uncertainties-doc_3.1.2-1_all.deb ...
  Unpacking python-uncertainties-doc (3.1.2-1) ...
  dpkg: error processing archive 
/var/cache/apt/archives/python-uncertainties-doc_3.1.2-1_all.deb (--unpack):
   trying to overwrite '/usr/share/doc-base/python-uncertainties', which is 
also in package python-uncertainties 3.0.2.github-2
  Errors were encountered while processing:
   /var/cache/apt/archives/python-uncertainties-doc_3.1.2-1_all.deb

Since python-uncertainties is gone from sid, the Breaks+Replaces
should be unversioned.


cheers,

Andreas


python-uncertainties=3.0.2.github-2_python-uncertainties-doc=3.1.2-1.log.gz
Description: application/gzip

Bug#949172: iptables: -A INPUT -i lo -j ACCEPT opens all ports

[Alberto Molina Coballes]

Hi Anzulo,

I can't reproduce the output you show using this basic rule.

iptables -A INPUT -i lo -j ACCEPT
iptables -L -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target prot opt in out source   destination 

0 0 ACCEPT all  --  lo *   0.0.0.0/00.0.0.0/0 
...

ip6tables -A INPUT -i lo -j ACCEPT
ip6tables -L -nv
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target prot opt in out source   destination 

0 0 ACCEPT all  lo *   ::/0 ::/0   
...

Default source and destination addresses (not ports) are defined using
both iptables and ip6tables instead you set a specific one in the rule
and AFAIK this is the expected behaviour in iptables.

Can you please provide more information or try to reproduce this issue
in another machine?

Regards,

Alberto

Bug#949611: libsolv: CVE-2019-20387

[Salvatore Bonaccorso]

Source: libsolv
Version: 0.6.36-1
Severity: important
Tags: security upstream

Hi,

The following vulnerability was published for libsolv.

CVE-2019-20387[0]:
| repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-
| based buffer over-read via a last schema whose length is less than the
| length of the input schema.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-20387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20387
[1] 
https://github.com/openSUSE/libsolv/commit/fdb9c9c03508990e4583046b590c30d958f272da

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#937254: C++ help needed for pbdagcon

[Andreas Tille]

Control: tags -1 help

I have fixed Python2->Python3 migration as well as the FTBFS with
pbseqlib 5.3.3+dfsg-1 issue in Git[1].  Unfortunately there is another
build issue in the C++ code which I have no idea how to fix:


...
g++ -g -O2 -fdebug-prefix-map=/build/pbdagcon-0.3+git20180411.c14c422+ds=. 
-fstack-protector-strong -Wformat -Werror=format-security -O3 -std=c++14 -Wall 
-Wuninitialized -pedantic -Wdate-time -D_FORTIFY_SOURCE=2 -MMD -MP 
-I/build/pbdagcon-0.3+git20180411.c14c422+ds/DAZZ_DB 
-I/build/pbdagcon-0.3+git20180411.c14c422+ds/DALIGNER 
-I/usr/include/pbseq/alignment -I/usr/include/pbseq/pbdata 
-I/usr/include/pbseq/hdf -I/usr/include/pbseq -isystem.//third-party   -c -o 
DazAlnProvider.o DazAlnProvider.cpp
In file included from DazAlnProvider.cpp:10:
DazAlnProvider.hpp:97:19: error: expected ')' before '&' token
   97 | Target(DAZZ_DB& db, int tspace, int small);
  |   ~   ^
  |   )
DazAlnProvider.hpp:122:5: error: 'DAZZ_DB' does not name a type
  122 | DAZZ_DB db_;
  | ^~~
DazAlnProvider.hpp:161:5: error: 'DAZZ_DB' does not name a type
  161 | DAZZ_DB db_;
  | ^~~
DazAlnProvider.cpp: In constructor 'DazAlnProvider::DazAlnProvider(const 
ProgramOpts&)':
DazAlnProvider.cpp:34:33: error: 'db_' was not declared in this scope
   34 | int status = Open_DB(path, _);
  | ^~~
DazAlnProvider.cpp: In destructor 'virtual DazAlnProvider::~DazAlnProvider()':
DazAlnProvider.cpp:74:15: error: 'db_' was not declared in this scope
   74 | Close_DB(_);
  |   ^~~
DazAlnProvider.cpp: In member function 'virtual bool 
DazAlnProvider::nextTarget(std::string&, std::vector&)':
DazAlnProvider.cpp:125:25: error: 'db_' was not declared in this scope
  125 | seq = Load_Subread(_, trg_->id, 0, trg_->length, targSeqBuf_, 0);
  | ^~~
DazAlnProvider.cpp: At global scope:
DazAlnProvider.cpp:225:15: error: expected constructor, destructor, or type 
conversion before '(' token
  225 | Target::Target(DAZZ_DB& db, int tspace, int small) :
  |   ^
DazAlnProvider.cpp: In member function 'void Target::firstRecord(Record&, 
bool)':
DazAlnProvider.cpp:246:14: error: 'db_' was not declared in this scope
  246 | length = db_.reads[id].rlen;
  |  ^~~


Any help would be welcome

   Andreas.

[1] https://salsa.debian.org/med-team/pbdagcon

-- 
http://fam-tille.de

Bug#949610: add a RAID+LUKS+LVM configuration example

[Antoine Beaupre]

Package: fai-setup-storage
Version: 5.8.4
Severity: wishlist
File: /usr/sbin/setup-storage

I am trying to setup a fairly classic "RAID + LUKS + LVM"
configuration. The idea is to do the following steps:

 1. format two disks identically, with a grub part, /boot and the rest
for the RAID/LUKS/LVM array
 2. pick the third partition and create a RAID-1 array on it
 3. luksFormat that RAID array
 4. load that LUKS partition as a PV of a VG
 5. create LVs in that VG

>From the manpage, it's not immediately obvious how this can be
done. There's a small note in the cryptsetup example about:

With a working RAID+LVM configuration, an encryption  layer  can
be  added  between  the RAID and LVM device layers by adding the
following cryptsetup configuration. In this case, the  encrypted
device will be called 'crypt_format_md1' and will be used as the
underlying physical device (PV) in LVM.

disk_config cryptsetup
luks-/dev/md1   -   -

Reading this, I thought I should use this configuration:

disk_config cryptsetup
luks-   /dev/md1-   -
luks-   /dev/md2-   -

disk_config lvm fstabkey:uuid
vg  vg_nvme crypt_format_md1
vg_nvme-root/   30G ext4rw
vg_nvme-swapswap1G  swapsw

On IRC, MrFai correctly pointed out (thanks!) that the device name
should not be used in the vg directive there, it should instead read
like:

vg vg_nvme md1

But that was far from obvious to me. I would suggest adding the
following example in the manual page to work around that ambiguity:

disk_config disk1
primary -   0-  -   -

disk_config disk2
primary -   0-  -   -

disk_config raid fstabkey:uuid
raid1   -   disk1,disk2 -   -

disk_config cryptsetup
luks-   /dev/md0-   -

disk_config lvm fstabkey:uuid
vg  vg_nvme md0
vg_nvme-root/   30G ext4rw
vg_nvme-swapswap1G  swapsw

That way users have a clear, unambiguous example of how to setup the
full stack.

Note that I haven't tested the above configuration, I distilled it
down from another configuration that I know works, but that's more
specific to our situation:

# open questions
# --align=optimal?
# leave keys in /tmp/fai or specify passphrase?
# use sameas: to set all disk names earlier?
# bios_grub flag?

disk_config nvme0n1 disklabel:gpt bootable:2
# bios grub second stage
primary -   8MiB-   -
# /boot
primary -   512MiB  -   -
# rest is RAID+LUKS+LVM
primary -   0-  -   -

disk_config nvme1n1 disklabel:gpt bootable:2
# same as above
primary -   8MiB-   -
primary -   512MiB  -   -
primary -   0-  -   -

disk_config sda disklabel:gpt
primary -   0-  -   -

disk_config sdb disklabel:gpt
primary -   0-  -   -

disk_config raid fstabkey:uuid
raid1   /boot   nvme0n1p2,nvme1n1p2 ext4rw,noatime,errors=remount-ro
raid1   -   nvme0n1p3,nvme1n1p3 -   -
raid1   -   sda1,sdb1   -   -

# FAI defaults to -c aes-xts-plain64 -s 256
disk_config cryptsetup
luks-   /dev/md1-   -
luks-   /dev/md2-   -

disk_config lvm fstabkey:uuid
# previous convention was "vg_$hostname"
vg  vg_nvme md1
vg_nvme-root/   30G ext4rw
vg_nvme-swapswap1G  swapsw

vg  vg_hdd  md2

# HDD disks config intentionally left blank

I'll finally note that the device created by cryptsetup is actually
*not* called "crypt_format_md1" as documented in the manpage, but
rather "crypt_dev_md1". This should probably be fixed as well,
although it's unclear if that device name can be used anywhere in the
configuration. That fact could also be made clearer.

Thanks for this tool, it's pretty neat!

-- System Information:
Debian Release: 10.2
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'stable'), (1, 'experimental'), (1, 
'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages fai-setup-storage depends on:
ii  e2fsprogs 1.44.5-1+deb10u2
ii  liblinux-lvm-perl 0.17-2
ii  libparse-recdescent-perl  1.967015+dfsg-2
ii  parted3.2-25
ii  perl  5.28.1-6

Versions of packages fai-setup-storage recommends:
ii  lvm2   2.03.02-3
ii  mdadm  4.1-1

Versions of packages fai-setup-storage suggests:
pn  cryptsetup 
ii  dmsetup   

Bug#949547: find a nicer way than `tail -c +0 -f` to autoscroll build logs

[Holger Levsen]

On Wed, Jan 22, 2020 at 08:29:12PM +0100, Mattia Rizzolo wrote:
> It hasn't caused issues nor has it been abused in years, so I don't see
> a reason to jump the gun right this instant.
> I just wanted to document my sightings :)

ack! :)


-- 
cheers,
Holger

---
   holger@(debian|reproducible-builds|layer-acht).org
   PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C



signature.asc
Description: PGP signature

Bug#949609: disorderfs FTCBFS: uses the build architecture pkg-config

[Helmut Grohne]

Source: disorderfs
Version: 0.5.6-2
Tags: patch upstream
User: debian-cr...@lists.debian.org
Usertags: ftcbfs

disorderfs fails to cross build from source, because the upstream
Makefile hard codes the build architecture pkg-config. The attached
patch makes pkg-config substitutable. Please consider applying it.

Helmut
--- disorderfs-0.5.6.orig/Makefile
+++ disorderfs-0.5.6/Makefile
@@ -30,8 +30,9 @@
 HAS_A2X ?= $(shell command -v a2x >/dev/null && echo yes || echo no)
 
 # FUSE
-FUSE_CFLAGS ?= $(shell pkg-config --cflags fuse) -DFUSE_USE_VERSION=26
-FUSE_LIBS ?= $(shell pkg-config --libs fuse) -lulockmgr
+PKG_CONFIG ?= pkg-config
+FUSE_CFLAGS ?= $(shell $(PKG_CONFIG) --cflags fuse) -DFUSE_USE_VERSION=26
+FUSE_LIBS ?= $(shell $(PKG_CONFIG) --libs fuse) -lulockmgr
 
 # CXXFLAGS
 CXXFLAGS += -std=c++11 -Wno-unused-parameter

Bug#949547: find a nicer way than `tail -c +0 -f` to autoscroll build logs

[Mattia Rizzolo]

On Wed, Jan 22, 2020 at 07:17:52PM +, Holger Levsen wrote:
> > We should find a better way to do it…
> 
> disable it for now (or for good?)? I've used it once in the last half year...

It hasn't caused issues nor has it been abused in years, so I don't see
a reason to jump the gun right this instant.
I just wanted to document my sightings :)

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#949572: debian-installer: Do not install Python2 by default.

[Witold Baryluk]

Package: debian-installer
Followup-For: Bug #949572

I was thinking maybe it is being installed because of the
Priority: important or Priority: essential, but no I checked
python{,2}{,-minimal} and they are either Priority: standard
and Priority: optional.

So I a not exactly sure what decides to install it.

I checked the debootstrap sources and a profile for 'sid',
I do not see the python mentioned there explicitly.

I even done a test with `debootstrap sid ` and it doesn't
install Python at all. There is no python in base or required
packages.

So the fact that debian-installer is installing Python2 must be
coming from somewhere else. Python3 makes sense as it is dependency
of reportbug, popcon and apt-listchanges for example.

Cheers,
Witold

Bug#949547: find a nicer way than `tail -c +0 -f` to autoscroll build logs

[Holger Levsen]

On Tue, Jan 21, 2020 at 09:42:35PM +0100, Mattia Rizzolo wrote:
[...]
> I.e., it's highly inefficient and causes us to be subject to DoS if
> anybody wanted it.
> For example, right now there are 6 such proceses running.  It really
> means 6 busy vCPUs that can't do anything else.

eeeks.

> We should find a better way to do it…

disable it for now (or for good?)? I've used it once in the last half year...


-- 
cheers,
Holger

---
   holger@(debian|reproducible-builds|layer-acht).org
   PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C



signature.asc
Description: PGP signature

Bug#949608: usbguard: bring back some GUI frontend to Debian

[Christoph Anton Mitterer]

Package: usbguard
Version: 0.7.6+ds-1
Severity: wishlist


Hi.

Since upstream dropped the frontend applet (and Debian followed)
the probable major use case for usbguard (desktop systems) is pretty
much crippled.

Would it be possible to bring back a frontend do Debian?

An upstream bug:
https://github.com/USBGuard/usbguard/issues/334

mentions e.g.:
https://github.com/6E006B/usbguard-gnome
and
https://github.com/Cropi/usbguard-notifier

but for the later I'm not sure whether it supports
allowing/blocking/rejecting devices or just sends notifications via
libnotify.

Cheers,
Chris.

Bug#949607: cpu-x: FTBFS on all architectures other than amd64/i386

[Boyuan Yang]

Source: cpu-x
Severity: minor
Version: 3.2.4-2
X-Debbugs-CC: sunwea...@debian.org martin.wimpr...@ubuntu.com

Dear cpu-x maintainers in Debian,

I noticed that cpu-x fails to build from source on all architectures other
than amd64 and i386. https://buildd.debian.org/status/package.php?p=cpu-x

I'm not familiar with this software but it looks like cpu-x is not meant for
every architecture. If that is the case, please consider adjusting the
architecture list so that buildd will not attempt to build it on unsupported
architectures.

-- 
Regards,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Bug#949606: conky-all: cmus_* variables not recognized

[Stephen Paul Weber]

Package: conky-all
Version: 1.10.8-1+b1
Severity: normal

Dear Maintainer,

After installing conky-all, I read the manpage.  It clearly lists many
variables beginning "cmus_" as a way to report music playback
information for package cmus.  I have package cmus installed as well.
However, when using these variables in my conky config (or on command
line as "conky -t '${cmus_aaa}'" etc) I get an error message "unknown
variable '$cmus_aaa'" for any $cmus_* that I try.

Perhaps the package is not built with cmus support?  If not, I would
prefer that be added (since this is the *-all package) but in worst case
at least the manpage would hopefully not list unsupported variables.

Thanks so much for your time.

-- System Information:
Debian Release: 10.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-6-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages conky-all depends on:
ii  libaudclient2 3.5~rc2-1+b1
ii  libc6 2.28-10
ii  libcairo2 1.16.0-4
ii  libcurl3-gnutls   7.64.0-4
ii  libdbus-glib-1-2  0.110-4
ii  libgcc1   1:8.3.0-6
ii  libglib2.0-0  2.58.3-2+deb10u2
ii  libimlib2 1.5.1-1
ii  libiw30   30~pre9-13
ii  liblua5.1-0   5.1.5-8.1+b2
ii  libncurses6   6.1+20181013-2+deb10u2
ii  libpulse0 12.2-4+deb10u1
ii  librsvg2-22.44.10-2.1
ii  libstdc++68.3.0-6
ii  libtinfo6 6.1+20181013-2+deb10u2
ii  libx11-6  2:1.6.7-1
ii  libxdamage1   1:1.1.4-3+b3
ii  libxext6  2:1.3.3-1+b2
ii  libxfixes31:5.0.3-1
ii  libxft2   2.3.2-2
ii  libxinerama1  2:1.1.4-2
ii  libxml2   2.9.4+dfsg1-7+b3
ii  libxmmsclient60.8+dfsg-18.2
ii  libxnvctrl0   418.74-1

conky-all recommends no packages.

Versions of packages conky-all suggests:
pn  apcupsd
pn  audacious  
pn  moc
pn  mpd
pn  xmms2  

-- no debconf information