Bug#1026100: Some more details on 1026100

[jadhav vishwanath]

Hi Please find the details

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
 Ans:
services wasn't able to access web-UI with following errors:

/var/log/apache2 have huge log files having errors like :
-Fatal Python Error : Could not allocate TSS entry.
-AH00052 : child pid 4677* exit signal Aborted

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
 Ans:
1. No speccial steps to trigger the issue. It eventually fills the 
apache logs
   with the error messages.

2. Once we restart the apache it goes away but it reoccurs after 2-3
hours later.

   * What was the outcome of this action?
 Ans:
1. It resulted in service denial for Web-UI.

   * What outcome did you expect instead?
 Ans:
1. Web UI should be accesible


Please check error logs:

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

[Wed Oct 19 14:52:21.075114 2022] [core:notice] [pid 7554] AH00052:
child pid 42179 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075157 2022] [core:notice] [pid 7554] AH00052:
child pid 42180 exit signal Aborted (6)

Best Regards

-- 
--Regards
Vishwanath

Bug#1025024: python-boto: diff for NMU version 2.49.0-4.1

[Jochen Sprickerhof]

Control: tags 1025024 + patch
Control: tags 1025024 + pending

Dear maintainer,

I've prepared an NMU for python-boto (versioned as 2.49.0-4.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards.

diff -Nru python-boto-2.49.0/debian/changelog python-boto-2.49.0/debian/changelog
--- python-boto-2.49.0/debian/changelog	2021-12-19 16:45:16.0 +0100
+++ python-boto-2.49.0/debian/changelog	2022-12-15 07:50:01.0 +0100
@@ -1,3 +1,10 @@
+python-boto (2.49.0-4.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add patch to fix autopkgtests (Closes: #1025024)
+
+ -- Jochen Sprickerhof   Thu, 15 Dec 2022 07:50:01 +0100
+
 python-boto (2.49.0-4) unstable; urgency=medium
 
   * Add patch to fix importing from collections (Closes: #1001395).
diff -Nru python-boto-2.49.0/debian/patches/0005-Don-t-mock-list-subclass.patch python-boto-2.49.0/debian/patches/0005-Don-t-mock-list-subclass.patch
--- python-boto-2.49.0/debian/patches/0005-Don-t-mock-list-subclass.patch	1970-01-01 01:00:00.0 +0100
+++ python-boto-2.49.0/debian/patches/0005-Don-t-mock-list-subclass.patch	2022-12-15 07:45:17.0 +0100
@@ -0,0 +1,21 @@
+From: Jochen Sprickerhof 
+Date: Thu, 15 Dec 2022 07:44:54 +0100
+Subject: Don't mock list subclass
+
+---
+ tests/unit/ec2/test_volume.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tests/unit/ec2/test_volume.py b/tests/unit/ec2/test_volume.py
+index 81d7f55..d4d8e4f 100644
+--- a/tests/unit/ec2/test_volume.py
 b/tests/unit/ec2/test_volume.py
+@@ -55,7 +55,7 @@ class VolumeTests(unittest.TestCase):
+ @mock.patch("boto.resultset.ResultSet")
+ def test_startElement_with_name_tagSet_calls_ResultSet(self, ResultSet, startElement):
+ startElement.return_value = None
+-result_set = mock.Mock(ResultSet([("item", Tag)]))
++result_set = ResultSet([("item", Tag)])
+ volume = Volume()
+ volume.tags = result_set
+ retval = volume.startElement("tagSet", None, None)
diff -Nru python-boto-2.49.0/debian/patches/series python-boto-2.49.0/debian/patches/series
--- python-boto-2.49.0/debian/patches/series	2021-12-19 16:45:16.0 +0100
+++ python-boto-2.49.0/debian/patches/series	2022-12-15 07:45:17.0 +0100
@@ -2,3 +2,4 @@
 Use-python-six-from-Debian-instead-of-vendored-copy.patch
 bug-953970_python3.8-compat.patch
 fix-importing-from-collections.patch
+0005-Don-t-mock-list-subclass.patch


signature.asc
Description: PGP signature

Bug#1026125: debhelper: makes packages fail with Operation not permitted

[Helmut Grohne]

Package: debhelper
Version: 13.11.2
Severity: grave
Tags: ftbfs
User: helm...@debian.org
Usertags: rebootstrap
Control: affects -1 + src:desmume src:libpappsomspp src:libstatgrab src:libzstd 
src:minitube src:netgen-lvs src:psmisc src:quvi src:rinetd src:tor src:xz-utils 
src:wdiff

Hi Niels,

I'm pretty sure this upload is bad now although I cannot yet pin why.
Affected packages started FTBFSing and the symptom looks like this:

|dh_auto_configure
| install -m0755 -o 0 -g 0 -d 
/<>/libzstd-1.5.2\+dfsg/debian/.debhelper/generated/_source/home
| install: cannot change owner and permissions of 
‘/<>/debian/.debhelper/generated/_source/home’: Operation not 
permitted
| dh_auto_configure: error: install -m0755 -o 0 -g 0 -d 
/<>/libzstd-1.5.2\+dfsg/debian/.debhelper/generated/_source/home 
returned exit code 1
| make: *** [debian/rules:16: build] Error 25
| dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2

Helmut

Bug#1026124: haskell-githash ftbfs

[Steve Langasek]

Source: haskell-githash
Version: 0.1.6.2-1
Severity: serious
Justification: FTBFS
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu lunar

Hi Clint,

The haskell-githash package fails to build from source in unstable with
testsuite failures:

[...]
Failures:

  test/RepoWithASubmoduleSpec.hs:21:13: 
  1) RepoWithASubmodule.getGitInfo it makes sensible git info for a both the 
parent and the child module
   uncaught exception: IOException of type OtherError
   readCreateProcess: git "submodule" "add" "/tmp/with-submodule1520181/2" 
"2" (exit 128): failed

  To rerun use: --match "/RepoWithASubmodule/getGitInfo/it makes sensible git 
info for a both the parent and the child module/"

  test/RepoWithASubmoduleSpec.hs:38:13: 
  2) RepoWithASubmodule.getGitRoot it gets the expected git root for a both the 
parent and the child module
   uncaught exception: IOException of type OtherError
   readCreateProcess: git "submodule" "add" "/tmp/with-submodule1520181/2" 
"2" (exit 128): failed

  To rerun use: --match "/RepoWithASubmodule/getGitRoot/it gets the expected 
git root for a both the parent and the child module/"

Randomized with seed 773553922

Finished in 0.2952 seconds
7 examples, 2 failures
[...]

This was noticed in Ubuntu when rebuilding for the ghc 9.0.2 transition, but
it is also reproducible in unstable.

  
https://launchpad.net/ubuntu/+source/haskell-githash/0.1.6.2-1build2/+build/24927578


Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1026123: ITP: golang-github-mdlayher-packet -- Go library for Linux packet sockets (AF_PACKET)

[Daniel Swarbrick]

Package: wnpp
Severity: wishlist
Owner: Daniel Swarbrick 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: golang-github-mdlayher-packet
  Version : 1.1.0-1
  Upstream Contact: Matt Layher 
* URL : https://github.com/mdlayher/packet
* License : Expat
  Programming Lang: Go
  Description : Go library for Linux packet sockets (AF_PACKET)

 github.com/mdlayer/packet is a successor to github.com/mdlayher/raw,
 but exclusively focused on Linux and AF_PACKET sockets. The APIs are
 nearly identical, but with a few changes which take into account some
 of the lessons learned while working on raw.

This package is a dependency of the one and only tagged release of
github.com/mdlayher/raw, which has been deprecated. Users of raw are
encouraged to migrate to packet.

I will co-maintain this package as a member of the Debian Go Packaging
Team.

Bug#1026121: mark patchelf Multi-Arch: foreign

[Helmut Grohne]

Package: patchelf
Version: 0.14.3-1
Tags: patch
User: debian-cr...@lists.debian.org
Usertags: ftcbfs
Control: affects -1 + src:linphone-desktop src:resvg

The affected packages fail to cross build from source, because they fail
running patchelf. The usual fix is marking patchelf Multi-Arch: foreign.
This is a non-trivial thing for patchelf, because it deals with an
architecture-dependent file format. However, I think that most aspects
exposed in a way that puts the reponsibility to the user. Also note that
a patchelf that cannot be run is rarely useful. As such, I think it
should be marked.

Helmut
diff --minimal -Nru patchelf-0.14.3/debian/changelog 
patchelf-0.14.3/debian/changelog
--- patchelf-0.14.3/debian/changelog2021-12-12 17:30:06.0 +0100
+++ patchelf-0.14.3/debian/changelog2022-12-14 08:25:41.0 +0100
@@ -1,3 +1,10 @@
+patchelf (0.14.3-1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Mark patchelf Multi-Arch: foreign. (Closes: #-1)
+
+ -- Helmut Grohne   Wed, 14 Dec 2022 08:25:41 +0100
+
 patchelf (0.14.3-1) unstable; urgency=medium
 
   [ Felipe Sateler ]
diff --minimal -Nru patchelf-0.14.3/debian/control 
patchelf-0.14.3/debian/control
--- patchelf-0.14.3/debian/control  2021-12-12 17:30:06.0 +0100
+++ patchelf-0.14.3/debian/control  2022-12-14 08:25:05.0 +0100
@@ -10,6 +10,7 @@
 
 Package: patchelf
 Architecture: any
+Multi-Arch: foreign
 Depends: ${shlibs:Depends}, ${misc:Depends}
 Description: modify properties of ELF executables
  PatchELF is a simple utility for modifying existing ELF executables and

Bug#1026122: linphone-desktop FTCBFS: libapp-plugin.so install location has multiarch tuple twice

[Helmut Grohne]

Source: linphone-desktop
Version: 4.4.10-2
Tags: patch
User: debian-cr...@lists.debian.org
Usertags: ftcbfs

linphone-desktop fails to cross build from source. It installs the
libapp-plugin.so to a path that contains the multiarch tuple twice:

| -- Installing: 
/<>/debian/tmp/<>/build/../../../../usr/lib/arm-linux-gnueabihf/arm-linux-gnueabihf/linphone-desktop/libapp-plugin.so

Later dh_install fails finding it in the expected location. Ultimately,
the cause is a difference in CMAKE_INSTALL_LIBDIR. Usually, this
evaluates to lib/ automatically. During cross builds it does
not do this reliably, which is why debhelper passes it explicitly. In
the case of linphone-desktop, this is reversed. It actually becomes
plain lib during native builds and the CMakeLists.txt explicitly append
the tuple. When the cross build passes the one with multiarch, the tuple
ends up twice. My proposed solution is explicitly passing the lib value.
I'm attaching a patch for your convenience.

Beyond this, it fails running patchelf. This is a separate issue that
needs to be fixed in patchelf. I'm filing a separate bug about that.

Helmut
diff --minimal -Nru linphone-desktop-4.4.10/debian/changelog 
linphone-desktop-4.4.10/debian/changelog
--- linphone-desktop-4.4.10/debian/changelog2022-11-27 18:02:24.0 
+0100
+++ linphone-desktop-4.4.10/debian/changelog2022-12-14 07:12:58.0 
+0100
@@ -1,3 +1,10 @@
+linphone-desktop (4.4.10-2.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTCBFS: Force a non-multiarch CMAKE_INSTALL_LIBDIR. (Closes: #-1)
+
+ -- Helmut Grohne   Wed, 14 Dec 2022 07:12:58 +0100
+
 linphone-desktop (4.4.10-2) unstable; urgency=medium
 
   * Release to unstable.
diff --minimal -Nru linphone-desktop-4.4.10/debian/rules 
linphone-desktop-4.4.10/debian/rules
--- linphone-desktop-4.4.10/debian/rules2022-11-27 18:02:24.0 
+0100
+++ linphone-desktop-4.4.10/debian/rules2022-12-14 07:12:58.0 
+0100
@@ -17,7 +17,8 @@

-DGIT_EXECUTABLE=/usr/share/bctoolbox/upstream-version-from-changelog \
-DLINPHONE_QT_ONLY=ON \
-DENABLE_BUILD_VERBOSE=ON \
-   -DENABLE_UPDATE_CHECK=NO
+   -DENABLE_UPDATE_CHECK=NO \
+   -DCMAKE_INSTALL_LIBDIR=lib
 
 execute_after_dh_auto_build-arch:
 #  patchelf --set-rpath '$$ORIGIN' build/linphone-app/linphone 
 # breaks dh_dwz

Bug#1012286: RFS: zig/0.9.1-1 [ITP] -- Programming language

[Nick Hastings]

Hi Bastian,

* Bastian Germann  [221215 08:57]:
>
> Thanks for draft package.

No problem, thanks for looking at it.

> Let's go for 0.9 and when that is in we'll see what version can be
> packaged next.

Great.

I've filed an issue about the problems I have building 0.10.0 on the Zig
github but no response yet. I've also tried raising it twice in Zig IRC
but no luck there either.

> I have reopened Thr RFS bug. Please have that in copy during the discussion
> so other sponsors can pick up if I am not repsonsive.

Ok.

> In general it is a good idea to put your package in a repo on Debian's salsa
> git service because that has a CI system with a working setup to build
> Debian packages. You would then have to put the files that are in your
> repository's root into a debian directory. With the CI in place you will get
> an idea of the quality of your package before posting it for review.

I'd be more than happy to move it to salsa, but thought it was only
available for DDs/DMs. I see now that that is incorrect. I registered an
account and it seems to be pending approval.

In the mean time I've made a debian directory in the repo and moved
everything into it.

> d/rules
> ===
> You should leave the CMAKE_BUILD_TYPE default because this will build the
> debug info that will then be extracted and stripped by default.

Ok done.

> Your package fails to build from scratch on amd64 with a test fail 
> (maybecaused by wrong pwd?):
>
> [100%] Built target zig
> make[2]: Leaving directory '/home/bage/zig-0.9.1/obj-x86_64-linux-gnu'
> /usr/bin/cmake -E cmake_progress_start 
> /home/bage/zig-0.9.1/obj-x86_64-linux-gnu/CMakeFiles 0
> make[1]: Leaving directory '/home/bage/zig-0.9.1/obj-x86_64-linux-gnu'
>debian/rules override_dh_auto_test
> make[1]: Entering directory '/home/bage/zig-0.9.1'
> ./debian/zig/usr/bin/zig build test-fmt || exit 1; ./debian/zig/usr/bin/zig
> build test-behavior || exit 1; ./debian/zig/usr/bin/zig build
> test-compiler-rt || exit 1; ./debian/zig/usr/bin/zig build test-minilibc ||
> exit 1; ./debian/zig/usr/bin/zig build test-compare-output || exit 1;
> ./debian/zig/usr/bin/zig build test-standalone || exit 1;
> ./debian/zig/usr/bin/zig build test-stack-traces || exit 1;
> ./debian/zig/usr/bin/zig build test-cli || exit 1; ./debian/zig/usr/bin/zig
> build test-asm-link || exit 1; ./debian/zig/usr/bin/zig build
> test-runtime-safety || exit 1; ./debian/zig/usr/bin/zig build
> test-translate-c || exit 1; ./debian/zig/usr/bin/zig build
> test-run-translated-c || exit 1; ./debian/zig/usr/bin/zig build test-std ||
> exit 1;
> /bin/sh: 1: ./debian/zig/usr/bin/zig: not found
> make[1]: *** [debian/rules:16: override_dh_auto_test] Error 1
> make[1]: Leaving directory '/home/bage/zig-0.9.1'
> make: *** [debian/rules:8: binary] Error 2

I don't know why that is. It works for me on amd64 on unstable
(bullseye with backports). I do recall that someone on #mentors had
issues building it using sbuild at some point. But at least 3 or 4
others did not: success was reported with both pbuilder and sbuild.

> d/watch
> ===
> The watch file in your upload differs from the one in git. Please keep
> them in sync.

Hmm, at least in the main branch I think it is the same. Anyway I will
be more careful to try to keep them in sync. Unfortunately I've not yet
found a workflow for easily doing so, although I'm sure one (probably
many) exists.

> d/changelog
> ===
> As long as the package is not sponsored, please only keep one version
> (0.9.1-1) with the ITP closing entry. Your latest upload has 3
> versions.

Ok.

> d/copyright
> ===
> Please use more wildcards so you do not have to list so many files.

This is where it gets tricky for me. As I understand it the last match
in d/copyright file is the one that applies. So for example, the block
starting at line 253 specifies a LGPL-2.1+ license for a bunch of files
under lib/libc/include/. Lines 253-270 explicitly list header files
under lib/libc/include/aarch64-linux-gnu/bits/. So first thought is to
just list them all as a glob lib/libc/include/aarch64-linux-gnu/bits/*
However on closer inspection I see that there is a file in that
directory that is not listed. Specifically
lib/libc/include/aarch64-linux-gnu/bits/fcntl/endianness.h
Inspecting this file and the others in the directory I see that
explicitly listed files contain the LGPL-2.1+ text, but that
endianness.h contains no license text. Thus endianness.h is actually
Expat license and is covered in the block starting on line 10 "Files:
lib/*".

So if I change the explicit list of files under
lib/libc/include/aarch64-linux-gnu/bits/ to a glob, I'll need to and
anther block later to explicitly list endianness.h as Expat.
Or is possible to not use a glob but instead use a regex that includes
everything other than endianness.h?

This is the sort of thing that I've been battling with the whole time
with that d/copyright.

> Your comment:
> "COPYRIGHT file has a lont list of 

Bug#1023383: git-buildpackage: gbp pull shows empty error message on failure

[Arnaud Rebillout]

For what it's worth, I rebased my branch so that the CI now passes.

The new commit with the patch is: 
https://salsa.debian.org/arnaudr/git-buildpackage/-/commit/8f10840587e05b27ee43fbff10480ef2734805bb


BTW, please tell me if there's a better workflow than having a fork on 
Salsa, in order to contribute to gbp.


Thanks!

--
Arnaud Rebillout / Offensive Security / Kali Linux Developer

Bug#1026120: git-buildpackage: issues with upstreams LFS files

[Arnaud Rebillout]

Package: git-buildpackage
Version: 0.9.30
Severity: normal
User: de...@kali.org
Usertags: origin-kali

Dear Maintainer,

In Kali Linux, we package an upstream that uses Git LFS to store a big
file (a GeoIP database). The upstream is at:
https://github.com/rsmusllp/king-phisher

In a previous version, upstream used to version the database "as is", it
was a regular file in the Git repo. Then in a subsequent version, they
switched to use Git LFS to store this file.

Gbp doesn't handle this transition well, apparently this is due to the
combination of:
* "gbp clone" disabling Git attributes (hence git lfs)
* however "gbp import-orig" does no such thing

I'm the person who updated this package, so my local copy of
king-phisher doesn't have the git attributes disabled, and everything
works fine with me. However other folks who clone the repo complain, as
it leads to an unclean git checkout, and I don't know what's the way
forward.

For a longer (and hopefully crystal-clear) explanation of the issue, I
prepared a Git repo and a walkthrough to reproduce the issue. There we
go :)

Let's first clone the king-phisher package *before* upstream switched to
Git LFS:

  $ gbp clone https://gitlab.com/arnaudr/king-phisher.git
  $ cd king-phisher
  $ cat .gitattributes
  cat: .gitattributes: No such file or directory
  $ ls -l data/server/king_phisher/GeoLite2-City.mmdb 
  -rw-r--r-- 1 arno arno 61615395 Dec 15 11:53 
data/server/king_phisher/GeoLite2-City.mmdb

So at this point, the file GeoLite2-City.mmdb is versioned "as is", it
is a regular file.

Now let's update the package to latest Git snapshot:

  $ gbp import-orig --uscan
  gbp:info: Launching uscan...
  Downloading data/server/king_phisher/GeoLite2-City.mmdb (62 MB)
  gbp:info: Using uscan downloaded tarball 
../king-phisher_1.15.0+git20221107.orig.tar.xz
  What is the upstream version? [1.15.0+git20221107] 
  gbp:info: Importing '../king-phisher_1.15.0+git20221107.orig.tar.xz' to 
branch 'upstream'...
  gbp:info: Source package is king-phisher
  gbp:info: Upstream version is 1.15.0+git20221107
  gbp:info: Replacing upstream source on 'kali/master'
  gbp:info: Successfully imported version 1.15.0+git20221107 of 
../king-phisher_1.15.0+git20221107.orig.tar.xz

The line "Downloading data/server/king_phisher/GeoLite2-City.mmdb (62
MB" comes from git lfs, which is downloading the file. And here's the
situation now:

  $ cat .gitattributes 
  *.mmdb filter=lfs diff=lfs merge=lfs -text
  $ cat .git/info/attributes
  cat: .git/info/attributes: No such file or directory
  $ ls -l data/server/king_phisher/GeoLite2-City.mmdb
  -rw-r--r-- 1 arno arno 61615395 Dec 15 11:56 
data/server/king_phisher/GeoLite2-City.mmdb

So we can see the git lfs thinggy, and we can see that
.git/info/attributes' doesn't exist (more on that below).

Let's push that work (I prepared a fork to push changes):

 $ git remote add arnaudr2 g...@gitlab.com:arnaudr/king-phisher2.git
 $ git push arnaudr2 : --follow-tags
  Locking support detected on remote "arnaudr2". Consider enabling it with:
$ git config 
lfs.https://gitlab.com/arnaudr/king-phisher2.git/info/lfs.locksverify true
  Locking support detected on remote "arnaudr2". Consider enabling it with:
$ git config 
lfs.https://gitlab.com/arnaudr/king-phisher2.git/info/lfs.locksverify true
  Locking support detected on remote "arnaudr2". Consider enabling it with:
$ git config 
lfs.https://gitlab.com/arnaudr/king-phisher2.git/info/lfs.locksverify true
  Locking support detected on remote "arnaudr2". Consider enabling it with:
$ git config 
lfs.https://gitlab.com/arnaudr/king-phisher2.git/info/lfs.locksverify true
  Uploading LFS objects: 100% (1/1), 62 MB | 3.4 MB/s, done.
  Enumerating objects: 112, done.
  Counting objects: 100% (82/82), done.
  Delta compression using up to 8 threads
  Compressing objects: 100% (46/46), done.
  Writing objects: 100% (49/49), 19.06 KiB | 19.06 MiB/s, done.
  Total 49 (delta 29), reused 5 (delta 0), pack-reused 0
  remote:
  remote: To create a merge request for pristine-tar, visit:
  remote:   
https://gitlab.com/arnaudr/king-phisher2/-/merge_requests/new?merge_request%5Bsource_branch%5D=pristine-tar
  remote:
  remote:
  remote: To create a merge request for upstream, visit:
  remote:   
https://gitlab.com/arnaudr/king-phisher2/-/merge_requests/new?merge_request%5Bsource_branch%5D=upstream
  remote:
  To gitlab.com:arnaudr/king-phisher2.git
 c5db68b..dbf4ce7  kali/master -> kali/master
 d9ec6a5..e4e9390  pristine-tar -> pristine-tar
 be63910..f4f0fae  upstream -> upstream
   * [new tag] upstream/1.15.0+git20221107 -> 
upstream/1.15.0+git20221107

And now, the issue: when we clone this repo with gbp, the resulting repo
is not clean. Let's try:

  $ gbp clone -v g...@gitlab.com:arnaudr/king-phisher2.git
  gbp:debug: ['git', 'rev-parse', '--show-cdup']
  gbp:info: Cloning from 'g...@gitlab.com:arnaudr/king-phisher2.git'
  gbp:debug: ['git', 'clone', '--quiet', 

Bug#1026119: transition: matplotlib

[Sandro Tosi]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
X-Debbugs-Cc: matplot...@packages.debian.org, mo...@debian.org
Control: affects -1 + src:matplotlib

Hello,
as suggested in #1025788, i'm filing this report to mark my intention to update
matplotlib from 3.5.2 (currently in unstable) to 3.6.2 (latest upstream
release).

I havent done any of the work needed for this task, so i'm not even sure if it's
feasable to achieve before the freeze (biggest unknown are possible NEW packages
either in mpl directly or in its b-d), but i'll give it a try.

I'll update this report when i've uploaded a new release in experimental and
with the results of some autopkgtests.

Regards,
Sandro

Bug#1026117: golang-gogoprotobuf: FTBFS on all and ppc64el: test failures

[Cyril Brulebois]

Source: golang-gogoprotobuf
Version: 1.3.2-2
Severity: serious
Justification: FTBFS
X-Debbugs-Cc: Jelmer Vernooij 

Hi Jelmer,

Your golang-gogoprotobuf upload FTBFSes on both all and ppc64el:
  https://buildd.debian.org/status/package.php?p=golang-gogoprotobuf


As usual, all is built on amd64 (x86-csail-02.debian.org this time), and
the failure looks like this:

=== RUN   TestStdTypesGoString
stdtypespb_test.go:611: 1:39: expected operand, found '<' (and 1 more 
errors)
--- FAIL: TestStdTypesGoString (0.00s)

Full build log:
  
https://buildd.debian.org/status/fetch.php?pkg=golang-gogoprotobuf=all=1.3.2-2=1671022557=0


The ppc6el failure looks similar:

=== RUN   TestStdTypesGoString
stdtypespb_test.go:611: 1:39: expected operand, found '<' (and 1 more 
errors)
--- FAIL: TestStdTypesGoString (0.00s)

Full build log:
  
https://buildd.debian.org/status/fetch.php?pkg=golang-gogoprotobuf=ppc64el=1.3.2-2=1671025321=0


I've spotted this regression while working on crowdsec (#1011665), since
golang-github-docker-docker-dev couldn't be installed in cowbuilder.

I suppose at least all of its reverse build dependencies are broken at
the moment, but I didn't perform any extra checks:

crowdsec
gitlab-ci-multi-runner
golang-github-containerd-stargz-snapshotter
golang-github-containers-buildah
golang-github-containers-common
golang-github-containers-image
golang-github-containers-psgo
golang-github-containers-storage
golang-github-fsouza-go-dockerclient
golang-github-openshift-imagebuilder
golang-github-optiopay-kafka
golang-github-samalba-dockerclient
golang-github-tonistiigi-fsutil
golang-oras-oras-go
libpod
nomad
nomad-driver-lxc
nomad-driver-podman
oci-seccomp-bpf-hook
prometheus
prometheus-postfix-exporter
singularity-container
skeema
skopeo


Cheers,
-- 
Cyril Brulebois -- Debian Consultant @ DEBAMAX -- https://debamax.com/

Bug#989456: RFP: geckodriver - Proxy for using W3C WebDriver compatible clients to interact with Gecko-based browsers

[Paul Wise]

Control: unblock 989456 by 874207 989455

On Fri, 04 Jun 2021 15:03:19 +0800 Paul Wise wrote:

> Since geckodriver is part of the Firefox source code, it would be
> better to build it from the firefox and firefox-esr source packages,
> and there are already two bugs about including geckodriver this way:
> 
> https://bugs.debian.org/874207
> https://bugs.debian.org/989455

The Firefox maintainer said on these two bugs that it should instead
be packaged separately, since it is available on crates.io now:

> It would be better to package it standalone.
> Nowadays, it is available on crates.io.

Here are the pages about the crate (second one needs no JS):

https://crates.io/crates/geckodriver
https://lib.rs/crates/geckodriver

Here is a link to the upstream git repository:

https://hg.mozilla.org/mozilla-central/file/tip/testing/geckodriver

Here is an example of how to package Rust programs:

https://blog.hackeriet.no/packaging-a-rust-project-for-debian/

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#558607: dash: jobs builtin is missing in manpage

[наб]

Control: tags -1 + upstream patch
Control: forwarded -1 
https://lore.kernel.org/dash/90e2b94e6e75aab4d591affa3eb0c63446eb404d.1671063677.git.nabijaczlew...@nabijaczleweli.xyz/t/

I've posted the first patchset to dash@ in May, archived at:
  
https://lore.kernel.org/dash/a54b9dea2b316ef9f5749cbde95417a2bad7a4d1.1651788702.git.nabijaczlew...@nabijaczleweli.xyz/t/
and have just re-sent it alongside some new patches,
archived at forwarded-to.

наб


signature.asc
Description: PGP signature

Bug#1026116: Patches not applied in security release deb10u6, FTBFS

[Mihai Moldovan]

Package: xorg-server-source
Version: 2:1.20.4-1+deb10u6
Severity: normal

Hi


It looks like the content of debian/patches/ has not been applied when packaging
xorg-server-source.

This at least one patch contains a FTBFS fix, it's impossible to build
xorg-server out of the box.

This is a regression - older versions of the same package (also in buster) had
the patches applied just fine. The Debian Security release, however, does not.

I'm aware that buster is LTS-only now and desktop packages are probably no
priority. Feel free to close the bug report if I'm too late to the party. In
that case, I'll just copy the patches and apply them myself while building a
custom DDX.


Best regards,



Mihai


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1012286: RFS: zig/0.9.1-1 [ITP] -- Programming language

[Bastian Germann]

Hi Nick,

Thanks for draft package. Let's go for 0.9 and when that is in we'll see what 
version can be packaged next.
I have reopened Thr RFS bug. Please have that in copy during the discussion so other sponsors can pick up if I am not 
repsonsive.


In general it is a good idea to put your package in a repo on Debian's salsa git service because that has a CI system 
with a working setup to build Debian packages. You would then have to put the files that are in your repository's root 
into a debian directory. With the CI in place you will get an idea of the quality of your package before posting it for 
review.


d/rules
===
You should leave the CMAKE_BUILD_TYPE default because this will build the debug info that will then be extracted and 
stripped by default.


Your package fails to build from scratch on amd64 with a test fail (maybecaused 
by wrong pwd?):

[100%] Built target zig
make[2]: Leaving directory '/home/bage/zig-0.9.1/obj-x86_64-linux-gnu'
/usr/bin/cmake -E cmake_progress_start 
/home/bage/zig-0.9.1/obj-x86_64-linux-gnu/CMakeFiles 0
make[1]: Leaving directory '/home/bage/zig-0.9.1/obj-x86_64-linux-gnu'
   debian/rules override_dh_auto_test
make[1]: Entering directory '/home/bage/zig-0.9.1'
./debian/zig/usr/bin/zig build test-fmt || exit 1; ./debian/zig/usr/bin/zig build test-behavior || exit 1; 
./debian/zig/usr/bin/zig build test-compiler-rt || exit 1; ./debian/zig/usr/bin/zig build test-minilibc || exit 1; 
./debian/zig/usr/bin/zig build test-compare-output || exit 1; ./debian/zig/usr/bin/zig build test-standalone || exit 1; 
./debian/zig/usr/bin/zig build test-stack-traces || exit 1; ./debian/zig/usr/bin/zig build test-cli || exit 1; 
./debian/zig/usr/bin/zig build test-asm-link || exit 1; ./debian/zig/usr/bin/zig build test-runtime-safety || exit 1; 
./debian/zig/usr/bin/zig build test-translate-c || exit 1; ./debian/zig/usr/bin/zig build test-run-translated-c || exit 
1; ./debian/zig/usr/bin/zig build test-std || exit 1;

/bin/sh: 1: ./debian/zig/usr/bin/zig: not found
make[1]: *** [debian/rules:16: override_dh_auto_test] Error 1
make[1]: Leaving directory '/home/bage/zig-0.9.1'
make: *** [debian/rules:8: binary] Error 2

d/watch
===
The watch file in your upload differs from the one in git. Please keep them in 
sync.

d/changelog
===
As long as the package is not sponsored, please only keep one version (0.9.1-1) with the ITP closing entry. Your latest 
upload has 3 versions.


d/copyright
===
Please use more wildcards so you do not have to list so many files.

Your comment:
"COPYRIGHT file has a lont list of "Authors/contributors include". Should these be 
added here in some way?"
You should first think if the whole musl dir can be replaced with the musl-dev 
package.
If so, you can repack the tarball, else you stick to the Copyright line, as 
required by the Expat license.
The long list of authors does not claim they are copyright holders but 
"Authors/contributors".

The repackaging comment does not only go for musl but also the other 3rd party 
components.

BSD-4-clause is not correctly represented. You replaced the 3rd clause's acknowlegement with "This product includes 
software developed by this project." However, this mentions the University of California in the referencing files.
For BSD-4-clause by UC California specifically you can just remove the whole 3rd clause because the Regents allowed to 
do so once upon a time. If there is a file with different acknowlegement please keep it as-is.


CC0 is in Debian's common-licenses. Please replace the whole text with a 
reference like in the GPL variants.

BSD-2-clause-NetBSD is not the right license. You copied the ISC from lib/libc/mingw/misc/getopt.c, not the 
BSD-2-clause-NetBSD.


There is more to come; I have only reviewed the overall appearance of the file.

What is the debian.decopy file about?

d/patches
==
Please do not include if you do not have at least one patch.

Bug#1025104: krita: segfault on exit

[Bernhard Übelacker]

Control: forwarded -1 https://bugs.kde.org/show_bug.cgi?id=463052


Dear Maintainer,
I tried to have a look if I can find some more information,
and opened an issue upstream here:

  https://bugs.kde.org/show_bug.cgi?id=463052

It looks like a double free because a pointer is hold in two lists.
And it can be reproduced quite easily in i386 and amd64 by really
just open and close Krita.

Kind regards,
Bernhard

Bug#966156: dash -n: stack overflow on long sequence of backticks

[наб]

Control: tags -1 + upstream patch
Control: forwarded -1 
https://lore.kernel.org/dash/20221214233921.m6hpt5a6kb3wg...@tarta.nabijaczleweli.xyz/t/

Valgrind is right. I don't think you're likely to run into this on
non-pathological input, but it's a relatively simple fix.

Patch posted to dash@, archived at forwarded-to.

наб


signature.asc
Description: PGP signature

Bug#1020595: Tests FTBFS on arm64

[Ben Westover]

It seems to be fixed if `-DTOML_ENABLE_FLOAT16=0` is added in the
configure step; this is what Prism Launcher, the application I was
originally interested in packaging this for, does to work around it.

On 11/21/22 11:08 PM, Ben Westover wrote:
> Hello,
>
> All of the tests fail when building on arm64. Here is an example:
>
> In file included from ../tests/conformance_burntsushi_invalid.cpp:8:
> ../tests/tests.h:15:2: error: #error TOML_FP16 was not deduced correctly
>  15 | #error TOML_FP16 was not deduced correctly
> |  ^
>
> A full log is attached. Build with nocheck profile is fine.
>
> Thanks,
> --
> Ben Westover


OpenPGP_signature
Description: PGP signature

Bug#1026115: ITP: qcom-phone-utils -- Utilities for Qualcomm-based phones running Linux

[Arnaud Ferraris]

Package: wnpp
Severity: wishlist
Owner: Arnaud Ferraris 
X-Debbugs-Cc: debian-de...@lists.debian.org, aferra...@debian.org

* Package name: qcom-phone-utils
  Version : 0.1
  Upstream Author : Arnaud Ferraris 
* URL : https://salsa.debian.org/DebianOnMobile-team/qcom-phone-
utils
* License : GPL
  Programming Lang: Shell
  Description : Utilities for Qualcomm-based phones running Linux

This package provides scripts and services improving the behaviour of Qualcomm-
based mobile phones running Debian GNU/Linux.

It includes:
 * Kernel postinst hook for automatic update of boot images
 * Modem/SIM card boot-time configuration service
 * initramfs-tools hook for including the needed firmware
 * initramfs-tools script for proper root device detection

This package will be maintained within the DebianOnMobile team.

Bug#1014171: O: gnuit -- GNU Interactive Tools, a file browser/viewer and process viewer/killer

[Bastian Germann]

Control: retitle -1 ITA: gnuit -- GNU Interactive Tools, a file browser/viewer 
and process viewer/killer
Control: owner -1 Josef Schneider 

On Tue, 13 Dec 2022 16:17:22 +0100 Josef Schneider  wrote:

I intend to adopt the orphaned package gnuit.


You signal that by making this an ITA of yours.
I just did that four you.

Bug#1026114: ITP: ruby-mdl -- A gem that offers a syntax check for markdown files

[Norwid Behrnd]

package: ruby-mdl
Severity: wishlist
Owner: 'Norwid Behrnd' 

*Package Name : ruby-mdl
 Version : 0.12.0
 Upstream Author :  Phil Dibowitz (Author name/s of the Gem, p...@ipom.com).
*URL :  https://github.com/markdownlint/markdownlint (Link to the git
repo of the Gem)
*License : MIT
*Description :  A syntax checker for markdown files, implemented in Ruby

Bug#1026113: packagekit automatically upgraded debian sid

[Jean-Marc]

Package: packagekit
Version: 1.2.6-1
Severity: normal
X-Debbugs-Cc: jean-m...@6jf.be

Dear Maintainer,

Today, packagekit automatically upgraded my system during boot/startup.

-- Boot 5df5ad4016c2467181758c46374040a1 --
dec 14 20:17:13 g systemd[1]: Starting PackageKit Daemon...
dec 14 20:17:13 g PackageKit[792]: daemon start
dec 14 20:17:13 g systemd[1]: Started PackageKit Daemon.
dec 14 20:17:13 g PackageKit[792]: uid 0 is trying to obtain 
org.freedesktop.packagekit.package-install-untrusted auth (only_trusted:0)
dec 14 20:17:13 g PackageKit[792]: new update-packages transaction 
/224745_eaabcdba scheduled from uid 0
dec 14 20:17:13 g PackageKit[792]: uid 0 obtained auth for 
org.freedesktop.packagekit.package-install-untrusted
[...]
dec 14 20:19:51 g PackageKit[792]: in /224745_eaabcdba for update-packages 
package endeavour-common;43.0-1;all;debian-unstable-main was installing for uid 0
dec 14 20:19:51 g PackageKit[792]: in /224745_eaabcdba for update-packages 
package endeavour;43.0-1;amd64;debian-unstable-main was installing for uid 0
dec 14 20:19:51 g PackageKit[792]: in /224745_eaabcdba for update-packages 
package firefox-l10n-fr;108.0-1;all;debian-unstable-main was installing for uid 0
dec 14 20:19:51 g PackageKit[792]: in /224745_eaabcdba for update-packages 
package firefox;108.0-1;amd64;debian-unstable-main was installing for uid 0
[...]


It caused an upgrade of firefox to 108 version, version affected by bugs.

I guess as it works in a non-interactive mode, it does not use apt-listbugs.

As I am using a Debian sid Gnome 43 system, I though I can prevent this using 
gnome-software options but the one to upgrade automatically was already set to 
off.

I tried to find some doc without success to understand how to prevent this.

To avoid such action in future, I masked the packagekit.service.

In my humble opinion, no auto upgrade should happen in a sid/unstable system.

And I open this bugreport to notify this hoping you can explain what triggerred 
such upgrades and fix the problem in disabling auto-upgrades.

Regards,

Jean-Marc




-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.0.0-6-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_BE:fr
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages packagekit depends on:
ii  init-system-helpers 1.65.2
ii  libappstream4   0.15.5-1
ii  libapt-pkg6.0   2.5.4
ii  libc6   2.36-6
ii  libgcc-s1   12.2.0-10
ii  libglib2.0-02.74.3-1
ii  libglib2.0-bin  2.74.3-1
ii  libgstreamer1.0-0   1.20.4-1
ii  libpackagekit-glib2-18  1.2.6-1
ii  libpolkit-gobject-1-0   122-1
ii  libsqlite3-03.40.0-1
ii  libstdc++6  12.2.0-10
ii  libsystemd0 252.3-2
ii  polkitd 122-1

Versions of packages packagekit recommends:
ii  packagekit-tools  1.2.6-1
ii  systemd   252.3-2

Versions of packages packagekit suggests:
ii  appstream  0.15.5-1

-- no debconf information

Bug#1026112: ITP: nrepl-incomplete-clojure -- simple Clojure library providing code completion

[Louis-Philippe Véronneau]

Package: wnpp
Severity: wishlist
Owner: Louis-Philippe Véronneau 

Package name: nrepl-incomplete-clojure
Version : 0.1.0
URL : https://github.com/nrepl/incomplete
License : EPL-1
Programming Lang: Clojure
Description : simple Clojure library providing code completion

nrepl-incomplete-clojure is a simple Clojure library providing code 
completion. The library was extracted from nREPL's codebase and aims to 
replace clojure-complete.


It is needed to update leiningen, one of the main clojure build tool, to 
the latest upstream version.


I'm planning to maintain this package in the Clojure Team.

--
  ⢀⣴⠾⠻⢶⣦⠀
  ⣾⠁⢠⠒⠀⣿⡁  Louis-Philippe Véronneau
  ⢿⡄⠘⠷⠚⠋   po...@debian.org / veronneau.org
  ⠈⠳⣄

Bug#1026111: Failed to start due to missing /usr/lib/firefox/libnssutil3.so

[Klaus Ethgen]

Package: firefox
Version: 108.0-1
Severity: grave

When I try to start the most current firefox, I get the following error:
~> firefox
XPCOMGlueLoad error for file /usr/lib/firefox/libnssutil3.so:
/usr/lib/firefox/libnssutil3.so: cannot open shared object file: No such file 
or directory
Couldn't load XPCOM.

libnss3 is installed and has libnssutil3.so in
/usr/lib/x86_64-linux-gnu/libnssutil3.so.

When I try to symlink that so file, I get the same error for libnss3.so,
libsmime3.so, libssl3.so (where I stopped, trying)


-- Package-specific info:


-- Addons package information

-- System Information:
Debian Release: bookworm/sid
merged-usr: no
Architecture: amd64 (x86_64)

Kernel: Linux 6.0.0-6-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages firefox depends on:
ii  debianutils  5.7-0.4
ii  fontconfig   2.13.1-4.5
ii  libasound2   1.2.8-1
ii  libatk1.0-0  2.46.0-4
ii  libc62.36-6
ii  libcairo-gobject21.16.0-7
ii  libcairo21.16.0-7
ii  libdbus-1-3  1.14.4-1devuan1
ii  libdbus-glib-1-2 0.112-3
ii  libevent-2.1-7   2.1.12-stable-5+b1
ii  libffi8  3.4.4-1
ii  libfontconfig1   2.13.1-4.5
ii  libfreetype6 2.12.1+dfsg-3
ii  libgcc-s112.2.0-10
ii  libgdk-pixbuf-2.0-0  2.42.10+dfsg-1
ii  libglib2.0-0 2.74.3-1
ii  libgtk-3-0   3.24.35-3
ii  libnspr4 2:4.35-1
ii  libnss3  2:3.85-1
ii  libpango-1.0-0   1.50.10+ds-1
ii  libstdc++6   12.2.0-10
ii  libvpx7  1.12.0-1
ii  libx11-6 2:1.8.1-2
ii  libx11-xcb1  2:1.8.1-2
ii  libxcb-shm0  1.15-1
ii  libxcb1  1.15-1
ii  libxcomposite1   1:0.4.5-1
ii  libxdamage1  1:1.1.5-2
ii  libxext6 2:1.3.4-1+b1
ii  libxfixes3   1:6.0.0-2
ii  libxrandr2   2:1.5.2-2+b1
ii  libxtst6 2:1.2.3-1.1
ii  procps   2:4.0.2-2devuan1
ii  zlib1g   1:1.2.13.dfsg-1

Versions of packages firefox recommends:
ii  libavcodec59  10:5.1.2-dmo2

Versions of packages firefox suggests:
ii  fonts-lmodern  2.005-1
pn  fonts-stix | otf-stix  
ii  libcanberra0   0.30-10
ii  libgssapi-krb5-2   1.20.1-1
pn  pulseaudio 

-- Configuration Files:
/etc/firefox/firefox.js changed [not included]

-- no debconf information

-- 
Klaus Ethgen   http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16Klaus Ethgen 
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C


signature.asc
Description: PGP signature

Bug#1026110: xournal: FTBFS: Makefile:263: *** missing separator. Stop.

[Aurelien Jarno]

Package: xournal
Version: 1:0.4.8.2016-7+b1
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)

Dear maintainer(s),

Your package fails to build with:

|dh_auto_build
|   make -j8
| make[1]: Entering directory '/build/1st/xournal-0.4.8.2016'
| Makefile:263: *** missing separator.  Stop.
| make[1]: Leaving directory '/build/1st/xournal-0.4.8.2016'
| dh_auto_build: error: make -j8 returned exit code 2
| make: *** [debian/rules:6: binary] Error 25
| dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 
2

The full build log is available from:
  
https://buildd.debian.org/status/fetch.php?pkg=xournal=riscv64=1%3A0.4.8.2016-7%2Bb2=1671008048=0
  
https://tests.reproducible-builds.org/debian/rbuild/unstable/i386/xournal_0.4.8.2016-7.rbuild.log.gz

Regards
Aurelien

Bug#1025943: dolphin: copy/move files: only the first item is copied to the clipboard

[Aurélien COUDERC]

Le lundi 12 décembre 2022 12:01:16 CET, vous avez écrit :
> Control: severity -1 serious
> 
> Le lundi 12 décembre 2022, 11:45:56 CET antonio a écrit :
> > Dear Maintainer,
> 
> Dear Antonio,
> 
> > there is a kde bug that makes it problematic to copy/move files, see link
> > https://bugs.kde.org/show_bug.cgi?id=462928
> > 
> > I went back to the previous version 4:22.08.1-1
> 
> thank you for your bug report.
> 
> I’m keeping 22.12.0 in unstable, but raising the severity of this bug report 
> so the new version doesn’t migrate to testing.

FYI I just uploaded 4:22.12.0-2 including the upstream-revert of the commit 
that broke this.


Happy hacking,
--
Aurélien

Bug#1026109: firejail: “Error fbuilder: invalid program” when pairing --build & --env options together

[debbug . firejail]

Package: firejail
Version: 0.9.64.4-2
Severity: normal
X-Debbugs-Cc: debbug.firej...@sideload.33mail.com

Ran this:

  ===8<--
  $ LC_ALL=C firejail --build=kalium.profile --net=vnet0 --dns=$mydns 
--env=XDG_CONFIG_HOME="${myconfig_dir}" /usr/local/src/kalium/gradlew jvmTest
  ===8<--

Output:

  ===8<--
  Error fbuilder: invalid program
  Firejail profile builder
  Usage: firejail [--debug] --build[=profile-file] program-and-arguments
  ===8<--

Omitting “--build=kalium.profile” is syntactically accepted, but it
craps out with lots of other errors. Omitting “--env=…” is also
syntactically accepted. Apparently “--build=kalium.profile” &
“--env=…” options cannot be used together.

-- System Information:
Debian Release: 11.5
  APT prefers stable-updates
  APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 
'testing'), (990, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-19-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages firejail depends on:
ii  libapparmor1  2.13.6-10
ii  libc6 2.31-13+deb11u5
ii  libselinux1   3.1-3

Versions of packages firejail recommends:
ii  firejail-profiles  0.9.64.4-2+deb11u1
ii  iproute2   5.10.0-4
ii  iptables   1.8.7-1
ii  xauth  1:1.1-1
ii  xdg-dbus-proxy 0.1.2-2
ii  xpra   3.0.13+dfsg1-1
ii  xvfb   2:1.20.11-1+deb11u3

firejail suggests no packages.

-- Configuration Files:
/etc/firejail/firejail.config changed:
cgroup no

-- no debconf information

Bug#1026072: Fix for the bug

[Vincent Lefevre]

On 2022-12-14 19:57:38 +0100, Richard B. Kreckel wrote:
> I am having it too and downgrading to 107.0.1-1 fixes the problem.
> 
> It seems like someone was seeing something similar before and reported it
> here  but the bug
> got closed?

Because it was reported against firefox 107.0-1, which has no issues.
This one was apparently due to an issue introduced by the user, who
added a /usr/lib/firefox/libssl3.so file (not provided by the firefox
package). BTW, all those who added symbolic links to make FF 108 work
should remove them before upgrading the firefox package, otherwise
there is a risk to have the same kind of issue.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1026086: closed by Julian Andres Klode (Re: Bug#1026086: Wrong output of apt-cache depends)

[Orangey]

Thanks for the help!

> --installed not filtering out libelogind, that's
> well it is what is. It actually filters installed dependencies, not
> installed packages, and hence libelogind0 is shown

> You're likely better of asking your questions using patterns, e.g.:
> $ apt list '?reverse-depends(?name(libdbus-1-3))'

It still shows uninstalled libelogind0 in case of --recourse for

apt-cache depends --recurse --no-recommends --no-suggests --no-conflicts
--no-breaks --no-replaces --no-enhances --installed
"?reverse-depends(?name(libpcap0.8))"

How can I avoid this in a such case?
I see no ability to rewrite this command using patterns.

On Wed, 14 Dec 2022 at 12:21, Debian Bug Tracking System <
ow...@bugs.debian.org> wrote:

> This is an automatic notification regarding your Bug report
> which was filed against the apt package:
>
> #1026086: Wrong output of apt-cache depends
>
> It has been closed by Julian Andres Klode .
>
> Their explanation is attached below along with your original report.
> If this explanation is unsatisfactory and you have not received a
> better one in a separate message then please contact Julian Andres Klode <
> j...@debian.org> by
> replying to this email.
>
>
> --
> 1026086: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026086
> Debian Bug Tracking System
> Contact ow...@bugs.debian.org with problems
>
>
>
> -- Forwarded message --
> From: Julian Andres Klode 
> To: 1026086-cl...@bugs.debian.org
> Cc:
> Bcc:
> Date: Wed, 14 Dec 2022 16:18:14 +0100
> Subject: Re: Bug#1026086: Wrong output of apt-cache depends
> On Wed, Dec 14, 2022 at 11:18:37AM -0300, Orangey wrote:
> > Package: apt
> > Version: 2.2.4
> >
> > Linux 5.19.0-0.deb11.2-amd64 #1 SMP PREEMPT_DYNAMIC Debian
> > 5.19.11-1~bpo11+1 (2022-10-03) x86_64 GNU/Linux
> > Description: Debian GNU/Linux 11 (bullseye)
> >
> > # apt show libdbus-1-3
> > Package: libdbus-1-3
> > Version: 1.12.20-2
> > Priority: optional
> > Section: libs
> > Source: dbus
> > Maintainer: Utopia Maintenance Team <
> > pkg-utopia-maintain...@lists.alioth.debian.org>
> > Installed-Size: 496 kB
> > *Depends: libc6 (>= 2.17), libsystemd0*
> > Recommends: dbus
> > Breaks: dbus (<< 1.9.16-1~)
> > Homepage: https://dbus.freedesktop.org/
> > Tag: role::shared-lib
> > Download-Size: 219 kB
> > APT-Manual-Installed: no
> > APT-Sources: http://mirror.insacom.cl/debian bullseye/main amd64
> Packages
> > Description: simple interprocess messaging system (library)
> >
> > # apt depends libdbus-1-3
> > libdbus-1-3
> > *  Depends: libc6 (>= 2.17)*
> >
> > *  Depends: libsystemd0libelogind0*
> >   Breaks: dbus (<< 1.9.16-1~)
> >   Recommends: dbus
> >
> > *libelogind0 must not be in the command output.*
>
> No you're wrong. Please read the manual page:
>
> depends shows a listing of each dependency a package has and all the
> possible other packages that can fulfill that dependency
>
> and if you check libelogind you see:
>
> Provides: libsystemd0 (= 246.9.1)
>
>
> WRT your followup on --installed not filtering out libelogind, that's
> well it is what is. It actually filters installed dependencies, not
> installed packages, and hence libelogind0 is shown.
>
> They're legacy commands provided for backward compatibility for users
> who know what they're doing. You're likely better of asking your
> questions using patterns, e.g.:
>
> $ apt list '?reverse-depends(?name(libdbus-1-3))'
> libc6/stable-updates,now 2.31-13+deb11u5 amd64 [installed,automatic]
> libsystemd0/stable,now 247.3-7+deb11u1 amd64 [installed,automatic]
>
> or using apt-cache show with the pattern if you need a machine-readable
> output. See apt-patterns(7) for more information.
>
> --
> debian developer - deb.li/jak | jak-linux.org - free software dev
> ubuntu core developer  i speak de, en
>
>
> -- Forwarded message --
> From: Orangey 
> To: sub...@bugs.debian.org
> Cc:
> Bcc:
> Date: Wed, 14 Dec 2022 11:18:37 -0300
> Subject: Wrong output of apt-cache depends
> Package: apt
> Version: 2.2.4
>
> Linux 5.19.0-0.deb11.2-amd64 #1 SMP PREEMPT_DYNAMIC Debian
> 5.19.11-1~bpo11+1 (2022-10-03) x86_64 GNU/Linux
> Description: Debian GNU/Linux 11 (bullseye)
>
> # apt show libdbus-1-3
> Package: libdbus-1-3
> Version: 1.12.20-2
> Priority: optional
> Section: libs
> Source: dbus
> Maintainer: Utopia Maintenance Team <
> pkg-utopia-maintain...@lists.alioth.debian.org>
> Installed-Size: 496 kB
> *Depends: libc6 (>= 2.17), libsystemd0*
> Recommends: dbus
> Breaks: dbus (<< 1.9.16-1~)
> Homepage: https://dbus.freedesktop.org/
> Tag: role::shared-lib
> Download-Size: 219 kB
> APT-Manual-Installed: no
> APT-Sources: http://mirror.insacom.cl/debian bullseye/main amd64 Packages
> Description: simple interprocess messaging system (library)
>
> # apt depends libdbus-1-3
> libdbus-1-3
> *  Depends: libc6 (>= 2.17)*
>
> *  Depends: libsystemd0libelogind0*
>   Breaks: dbus (<< 1.9.16-1~)
>   Recommends: dbus
>
> *libelogind0 must not be in 

Bug#1026108: vue.min.js contains incorrect contents

[Wouter Verhelst]

Package: libjs-vue
Version: 2.6.14+dfsg-4
Severity: important

Hi,

wouter@pc220518:~$ cat /usr/share/javascript/vue/vue.min.js; echo

/*!
 * Vue.js v2.6.14
 * (c) 2014-2022 Evan You
 * Released under the MIT License.
 */
undefined
wouter@pc220518:~$

Something went horribly wrong with the minimization here...

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.0.0-6-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=nl_BE.UTF-8, LC_CTYPE=nl_BE.UTF-8 (charmap=UTF-8), 
LANGUAGE=nl_BE:nl
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

libjs-vue depends on no packages.

Versions of packages libjs-vue recommends:
ii  javascript-common  11+nmu1

libjs-vue suggests no packages.

-- no debconf information

Bug#617296: debian packages of RStudio

[Neal Fultz]

>
> > 2. I was only trying to build rstudio server, it looks like salsa is
> trying
> > to build rstudio desktop - should I keep my server work separate? Do I
> need
> > to figure out how to write a second pipeline file without all the Qt
> stuff?
>
> Please maintain the full list of receivers, specifically the ITP bug report
> and the mailing list.  I can't answer this question alone.  IMHO we should
> build all targets that can be build from the existing source.
>

I think this is fine in principle, but since I don't use the desktop
version someone
else will have to champion it / test / etc. For now I will just try to
replicate the
server package from mentors.debian.net using the different tools that salsa
uses - will work on a different branch and can merge it in later if it
works.

Neal

Bug#1026005: cumin FTBFS: Tries to use $HOME

[Antoine Beaupré]

Hi all,

So cumin is failing to build in Debian because it does some nasty things
during build (namely using $HOME, because of that setup.py develop --user).

I have a beginning of a fix for this in the bugfix-1026005 branch on
salsa. The problem now is that it fails on *other* parts of the test
suite, which wasn't failing before. I suspect it might be because the
code layout is different, but I can't figure out how or why...

Riccardo, Moritz, any ideas on how this could be fixed?

Here's the failing build log:

anarcat@angela:cumin$ dpkg-buildpackage 
dpkg-buildpackage: info: source package cumin
dpkg-buildpackage: info: source version 4.1.1-3
dpkg-buildpackage: info: source distribution unstable
dpkg-buildpackage: info: source changed by Antoine Beaupré 
dpkg-buildpackage: info: host architecture amd64
 dpkg-source --before-build .
dpkg-source: info: using patch list from debian/patches/series
dpkg-source: info: applying 0001-import-version-number-from-setuptools_scm.patch
 fakeroot debian/rules clean
dh clean --with python3 --buildsystem=pybuild
   dh_auto_clean -O--buildsystem=pybuild
I: pybuild base:240: python3.10 setup.py clean 
running clean
removing '/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build' (and 
everything under it)
'build/bdist.linux-x86_64' does not exist -- can't clean it
'build/scripts-3.10' does not exist -- can't clean it
   dh_autoreconf_clean -O--buildsystem=pybuild
   dh_clean -O--buildsystem=pybuild
 dpkg-source -b .
dpkg-source: info: using source format '3.0 (quilt)'
dpkg-source: warning: upstream signing key but no upstream tarball signature
dpkg-source: info: building cumin using existing ./cumin_4.1.1.orig.tar.gz
dpkg-source: info: using patch list from debian/patches/series
dpkg-source: info: building cumin in cumin_4.1.1-3.debian.tar.xz
dpkg-source: info: building cumin in cumin_4.1.1-3.dsc
 debian/rules build
dh build --with python3 --buildsystem=pybuild
   dh_update_autotools_config -O--buildsystem=pybuild
   dh_autoreconf -O--buildsystem=pybuild
   dh_auto_configure -O--buildsystem=pybuild
I: pybuild base:240: python3.10 setup.py config 
running config
   dh_auto_build -O--buildsystem=pybuild
I: pybuild base:240: /usr/bin/python3 setup.py build 
running build
running build_py
creating /home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin
copying cumin/transport.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin
copying cumin/color.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin
copying cumin/cli.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin
copying cumin/__init__.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin
copying cumin/grammar.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin
copying cumin/query.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin
creating 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin/backends
copying cumin/backends/direct.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin/backends
copying cumin/backends/openstack.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin/backends
copying cumin/backends/puppetdb.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin/backends
copying cumin/backends/knownhosts.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin/backends
copying cumin/backends/__init__.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin/backends
creating 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin/transports
copying cumin/transports/clustershell.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin/transports
copying cumin/transports/__init__.py -> 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build/cumin/transports
   dh_auto_test -O--buildsystem=pybuild
I: pybuild base:240: cd 
/home/anarcat/dist/cumin/.pybuild/cpython3_3.10_cumin/build; python3.10 -m 
pytest /home/anarcat/dist/cumin/cumin/tests/unit
 test 
session starts 

platform linux -- Python 3.10.8, pytest-7.1.2, pluggy-1.0.0+repack
rootdir: /home/anarcat/dist/cumin, configfile: pytest.ini
plugins: arraydiff-0.5.0, betamax-0.8.1, astropy-header-0.2.2, 
remotedata-0.3.3, requests-mock-1.9.3, hypothesis-6.36.0, openfiles-0.5.0, 
mock-3.8.2, astropy-0.10.0, cov-4.0.0, doctestplus-0.12.1, 
filter-subpackage-0.1.1
collected 416 items 


../../../cumin/tests/unit/test_backends.py .
  [  0%]
../../../cumin/tests/unit/test_cli.py ..
 

Bug#1026107: ruby-asciidoctor-pdf: depends on deprecated ruby-safe-yaml

[Antonio Terceiro]

Package: ruby-asciidoctor-pdf
Version: 1.6.2-1
Severity: serious
Tags: upstream
User: debian-r...@lists.debian.org
Usertags: ruby3.1

Dear Maintainer,

Working to get ruby3.1 as the default Ruby version it was noticed that
ruby-safe-yaml is incompatible with ruby3.1 and thus deprecated. Most
upstreams have dropped their dependencies on it; I checked and that is
also the case for asciidoctor-pdf: v2.3.4 no longer depends on
safe_yaml.

ruby-safe-yaml will soon be removed from testing due to this,
ruby-asciidoctor-pdf needs to drop its dependency on it.

-- System Information:
Debian Release: bookworm/sid
  APT prefers testing-debug
  APT policy: (900, 'testing-debug'), (900, 'testing'), (500, 
'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.0.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), 
LANGUAGE=pt_BR:pt:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ruby-asciidoctor-pdf depends on:
ii  ruby  1:3.1~1
ii  ruby-asciidoctor  2.0.17-1
ii  ruby-concurrent   1.1.6+dfsg-5
pn  ruby-prawn
pn  ruby-prawn-icon   
pn  ruby-prawn-svg
pn  ruby-prawn-table  
ii  ruby-safe-yaml1.0.5-2
pn  ruby-treetop  

ruby-asciidoctor-pdf recommends no packages.

Versions of packages ruby-asciidoctor-pdf suggests:
ii  ruby-rouge  3.30.0-2


signature.asc
Description: PGP signature

Bug#617296: debian packages of RStudio

[Andreas Tille]

Hi Neal,

Am Wed, Dec 14, 2022 at 09:22:42AM -0800 schrieb Neal Fultz:
> OK I have a salsa account now, it looks a bit different than what I was
> doing.  Before, I used an upstream tarball and the debuild command based
> off some old debian packaging tutorials. Two questions:
> 
> 1. Now, after I cloned the salsa rstudio repo, it looks like it contains
> all of the rstudio code plus the debian packaging files, so debuild can't
> find an upstream tarball. Is there a different way / different command to
> build a package with salsa?

We are using `gbp buildpackage` as described for instance in the Debian Med
policy:

https://med-team.pages.debian.net/policy/#gbp-buildpackage

> 2. I was only trying to build rstudio server, it looks like salsa is trying
> to build rstudio desktop - should I keep my server work separate? Do I need
> to figure out how to write a second pipeline file without all the Qt stuff?

Please maintain the full list of receivers, specifically the ITP bug report
and the mailing list.  I can't answer this question alone.  IMHO we should
build all targets that can be build from the existing source.

Kind regards
 Andreas.

-- 
http://fam-tille.de

Bug#1026032: bump severity of poppler build-depends

[Jeremy Bicha]

Control: severity -1 important

We would like to finish the poppler 22.12 transition before the Debian
Transition Freeze in one month. Therefore, I'm bumping the severity of
this bug.

Thank you,
Jeremy Bicha

Bug#1026106: pacparser: CVE-2019-25078: memory overwrite issue for pacparser_find_proxy function

[Salvatore Bonaccorso]

Source: pacparser
Version: 1.3.6-1.1
Severity: important
Tags: security upstream
Forwarded: https://github.com/manugarg/pacparser/issues/99
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for pacparser.

CVE-2019-25078[0]:
| A vulnerability classified as problematic was found in pacparser up to
| 1.3.x. Affected by this vulnerability is the function
| pacparser_find_proxy of the file src/pacparser.c. The manipulation of
| the argument url leads to buffer overflow. Attacking locally is a
| requirement. Upgrading to version 1.4.0 is able to address this issue.
| The name of the patch is 853e8f45607cb07b877ffd270c63dbcdd5201ad9. It
| is recommended to upgrade the affected component. The associated
| identifier of this vulnerability is VDB-215443.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-25078
https://www.cve.org/CVERecord?id=CVE-2019-25078
[1] https://github.com/manugarg/pacparser/issues/99
[2] 
https://github.com/manugarg/pacparser/commit/853e8f45607cb07b877ffd270c63dbcdd5201ad9

Regards,
Salvatore

Bug#1026105: firefox: XPCOMGlueLoad error for file /usr/lib/firefox/libnssutil3.so

[Mohsen Pahlevanzadeh]

Package: firefox
Version: 108.0-1
Severity: important

Dear Maintainer,

I upgraded firefox to 108.0-1 and when I run firefox I get the following error 
in cmd:

##
mohsen@debian:~$ firefox
XPCOMGlueLoad error for file /usr/lib/firefox/libnssutil3.so:
/usr/lib/firefox/libnssutil3.so: cannot open shared object file: No such file 
or directory
Couldn't load XPCOM.
#

-- Package-specific info:


-- Addons package information

-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.0.0-6-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages firefox depends on:
ii  debianutils  5.7-0.4
ii  fontconfig   2.13.1-4.5
ii  libasound2   1.2.8-1
ii  libatk1.0-0  2.46.0-4
ii  libc62.36-6
ii  libcairo-gobject21.16.0-7
ii  libcairo21.16.0-7
ii  libdbus-1-3  1.14.4-1
ii  libdbus-glib-1-2 0.112-3
ii  libevent-2.1-7   2.1.12-stable-5+b1
ii  libffi8  3.4.4-1
ii  libfontconfig1   2.13.1-4.5
ii  libfreetype6 2.12.1+dfsg-3
ii  libgcc-s112.2.0-10
ii  libgdk-pixbuf-2.0-0  2.42.10+dfsg-1
ii  libglib2.0-0 2.74.3-1
ii  libgtk-3-0   3.24.35-3
ii  libnspr4 2:4.35-1
ii  libnss3  2:3.85-1
ii  libpango-1.0-0   1.50.10+ds-1
ii  libstdc++6   12.2.0-10
ii  libvpx7  1.12.0-1
ii  libx11-6 2:1.8.1-2
ii  libx11-xcb1  2:1.8.1-2
ii  libxcb-shm0  1.15-1
ii  libxcb1  1.15-1
ii  libxcomposite1   1:0.4.5-1
ii  libxdamage1  1:1.1.5-2
ii  libxext6 2:1.3.4-1+b1
ii  libxfixes3   1:6.0.0-2
ii  libxrandr2   2:1.5.2-2+b1
ii  libxtst6 2:1.2.3-1.1
ii  procps   2:4.0.2-2
ii  zlib1g   1:1.2.13.dfsg-1

Versions of packages firefox recommends:
ii  libavcodec58  7:4.4.2-1+b3
ii  libavcodec59  7:5.1.2-1

Versions of packages firefox suggests:
ii  fonts-lmodern  2.005-1
pn  fonts-stix | otf-stix  
ii  libcanberra0   0.30-10
ii  libgssapi-krb5-2   1.20.1-1
ii  pulseaudio 16.1+dfsg1-2+b1

-- no debconf information

Bug#1026104: longstanding problem with dependencies of python3-numpy in testing

[Joachim Wuttke]

Package: tech-ctte

Estimated volunteers of the Debian Technical Committee:

At times, python3-numpy in testing depends on two python3
minor versions in parallel. This is unusual, annoying for
many users, and breaking dependent software for some.
Complaints have been filed at

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800620
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878281
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903663
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945824
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003805
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025169

Explanations have been given in particular in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945824
According to these, the simultaneous dependency on old and
new Python subversions is a deliberate choice as part of
a multi-step migration strategy.

My request to you, estimated committee members, would be
to review this migration strategy. The best possible
outcome would be an advise to the package maintainer
how to continue his otherwise excellent work without
publishing intermediate versions of python3-numpy that
cause difficulties downstream.

With best regards, Joachim Wuttke

Bug#1026103: aflplusplus: FTBFS on s390x

[Kurt Roeckx]

Source: aflplusplus
Version: 4.04c-2
Severity: serious

Hi,

Your package is failing to build on s390x:
[*] Compiling afl++ for OS Linux on ARCH s390x
./test/unittests/unit_maybe_alloc
[==] Running 6 test(s).
[ RUN  ] test_pow2
[   OK ] test_pow2
[ RUN  ] test_null_allocs
[   OK ] test_null_allocs
[ RUN  ] test_nonpow2_size
[   OK ] test_nonpow2_size
[ RUN  ] test_zero_size
[   OK ] test_zero_size
[ RUN  ] test_unchanged_size
[   OK ] test_unchanged_size
[ RUN  ] test_grow_multiple
[   OK ] test_grow_multiple
[==] 6 test(s) run.
[  PASSED  ] 6 test(s).
./test/unittests/unit_preallocable
[==] Running 2 test(s).
[ RUN  ] test_alloc_free
[   OK ] test_alloc_free
[ RUN  ] test_prealloc_overflow
[   OK ] test_prealloc_overflow
[==] 2 test(s) run.
[  PASSED  ] 2 test(s).
./test/unittests/unit_list
[==] Running 3 test(s).
[ RUN  ] test_contains
[   OK ] test_contains
[ RUN  ] test_foreach
[   OK ] test_foreach
[ RUN  ] test_long_list
[   OK ] test_long_list
[==] 3 test(s) run.
[  PASSED  ] 3 test(s).
./test/unittests/unit_rand
[==] Running 2 test(s).
[ RUN  ] test_rand_0
[   OK ] test_rand_0
[ RUN  ] test_rand_below
[   OK ] test_rand_below
[==] 2 test(s) run.
[  PASSED  ] 2 test(s).
./test/unittests/unit_hash
[==] Running 1 test(s).
[ RUN  ] test_hash
[   OK ] test_hash
[==] 1 test(s) run.
[  PASSED  ] 1 test(s).
make[3]: Leaving directory '/<>'
␛[1;90m[*] 10 test cases completed.␛[0m
␛[1;93m[-] not all test cases were executed
␛[0;31m[!] failure in tests :-(␛[0m
make[2]: *** [GNUmakefile:343: tests] Error 1

It's not at all clear why it says: "failure in tests". All the test seem
to pass. Other architectures also have the "not all test cases were
executed" message.

I've tried to build it again on the buildds, but it failed the same way.


Kurt

Bug#1004784: aiscm: FTBFS with ffmpeg 5.0

[Bastian Germann]

Am 14.12.22 um 16:51 schrieb Jan Wedekind:

No, I didn't manage to fix it. Is it possible to remove the package?


Yes. But if you do not want to maintain it anymore, orphaning would usually the 
step that maintainers take.

Bug#1025025: ImportError: cannot import name 'Application' from 'cleo'

[George Shuklin]

close 1025025

I've used debian:bookworm Docker image.

I rechecked it now, and problem seems to be solved:

docker run  --rm -ti debian:bookworm

# apt update && apt install -y python3-poetry
# /usr/bin/poetry config virtualenvs.create false
#

Thank you very much for help.

On 12/14/22 19:49, Emmanuel Arias wrote:


Hi George,

Thanks for the report.

I assume that you are in testing. Please can you try again? 
python-cleo was migrated to testing

yesterday [0]

[0] 
https://tracker.debian.org/news/1398131/python-cleo-100a5-3-migrated-to-testing/


Please, let me know.

Cheers,
Emmanuel

On Fri, Dec 9, 2022 at 2:21 PM George Shuklin 
 wrote:


Unfortunately, 1.2.2+dfsg-1didn't fixed the problem:

dpkg -l|grep poetr
ii  python3-poetry  1.2.2+dfsg-1

/usr/bin/poetry config virtualenvs.create false
Traceback (most recent call last):
   File "/usr/bin/poetry", line 5, in 
 from poetry.console.application import main
   File
"/usr/lib/python3/dist-packages/poetry/console/application.py",
line 13, in 
 from cleo.events.console_events import COMMAND
ModuleNotFoundError: No module named 'cleo.events'

Bug#1026072: Fix for the bug

[Richard B. Kreckel]

I am having it too and downgrading to 107.0.1-1 fixes the problem.

It seems like someone was seeing something similar before and reported 
it here  but 
the bug got closed?


  -richy.
--
Richard B. Kreckel

Bug#1026102: RFS: logrotate/3.21.0-1 -- Log rotation utility

[Christian Göttsche]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "logrotate":

 * Package name : logrotate
   Version  : 3.21.0-1
   Upstream contact : https://github.com/logrotate/logrotate/issues
 * URL  : https://github.com/logrotate/logrotate
 * License  : BSD-3-Clause, GPL-2, GPL-3+
 * Vcs  : https://salsa.debian.org/debian/logrotate
   Section  : admin

The source builds the following binary packages:

  logrotate - Log rotation utility

To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/logrotate/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/l/logrotate/logrotate_3.21.0-1.dsc

Changes since the last upload:

 logrotate (3.21.0-1) unstable; urgency=medium
 .
   * New upstream version 3.21.0 (Closes: #1015964)
 .
   [ Marc Deslauriers ]
   * d/rules: fix sed syntax to not end up with a backup file (Closes: #1011771)
 .
   [ Christian Göttsche ]
   * d/watch: rework after GitHub API change
   * d/s/lintian-overrides: update format

Regards,
-- 
  Christian Göttsche

Bug#1024805: bullseye-pu: package libvirt/7.0.0-3+deb11u1

[Guido Günther]

Hi,
On Mon, Dec 12, 2022 at 06:39:42PM +, Adam D. Barratt wrote:
> On Sun, 2022-12-11 at 16:24 +0100, Guido Günther wrote:
> > Hi Adam,
> > On Wed, Dec 07, 2022 at 08:22:41PM +, Adam D. Barratt wrote:
> > > Control: tags -1 + confirmed
> > > 
> > > On Fri, 2022-11-25 at 15:19 +0100, Guido Günther wrote:
> > > > Fix lxc container reboots and shutdown (#983871, #991773).
> > > > 
> > > 
> > > Please go ahead.
> > 
> > Uploaded now, thanks!
> 
> Unfortunately the build fails on both arm64 and armhf while running the
> test suite. Each has been tried a couple of times, for a total of four
> different buildds across three hosters between them.

Thanks for letting me know! I'll have a look (I assume that the current
version in stable will fail the same way).

Cheers,
 -- Guido

> 
> In each case the failure looks the same:
> 
> 
>  94/167 libxlxml2domconfigtest  FAIL   0.17s (exit
> status 1)
> 
> --- command ---
> 21:04:12 abs_top_srcdir='/<>' LC_ALL='C'
> abs_srcdir='/<>/tests' LIBVIRT_AUTOSTART='0'
> G_DEBUG='fatal-warnings'
> abs_top_builddir='/<>/debian/build'
> abs_builddir='/<>/debian/build/tests'
> VIR_TEST_EXPENSIVE='1'
> /<>/debian/build/tests/libxlxml2domconfigtest
> --- stderr ---
> TEST: libxlxml2domconfigtest
>  1) LibXL XML-2-JSON basic-
> pv ... 
> Offset 349
> Expect [8192]
> Actual [6144]
>   .
> .. FAILED
>  2) LibXL XML-2-JSON basic-
> hvm... 
> Offset 382
> Expect [12288]
> Actual [8192]
>   .
> .. FAILED
>  3) LibXL XML-2-JSON basic-
> pvh... 
> Offset 351
> Expect [8192]
> Actual [6144]
>   .
> .. FAILED
>  4) LibXL XML-2-JSON cpu-shares-
> hvm   ... 
> Offset 382
> Expect [12288]
> Actual [8192]
>   .
> .. FAILED
>  5) LibXL XML-2-JSON variable-clock-
> hvm   ... 
> Offset 382
> Expect [12288]
> Actual [8192]
>   .
> .. FAILED
>  6) LibXL XML-2-JSON moredevs-
> hvm ... 
> Offset 435
> Expect [12288]
> Actual [8192]
>   .
> .. FAILED
>  7) LibXL XML-2-JSON multiple-
> ip  ... 
> Offset 349
> Expect [8192]
> Actual [6144]
>   .
> .. FAILED
>  8) LibXL XML-2-JSON vnuma-
> hvm... 
> Offset 413
> Expect [4336]
> Actual [0240]
>   .
> .. FAILED
>  9) LibXL XML-2-JSON fullvirt-
> cpuid   ... 
> Offset 307
> Expect [5656]
> Actual [3340]
>   .
> .. FAILED
> 10) LibXL XML-2-JSON fullvirt-acpi-
> slic   ... 
> Offset 307
> Expect [5656]
> Actual [3340]
>   .
> .. FAILED
> 11) LibXL XML-2-JSON max-gntframes-
> hvm... 
> Offset 382
> Expect [12288]
> Actual [8192]
>   .
> .. FAILED
> 12) LibXL XML-2-JSON max-eventchannels-
> hvm... 
> Offset 382
> Expect [12288]
> Actual [8192]
>   .
> .. FAILED
> Some tests failed. Run them using:
> VIR_TEST_DEBUG=1 VIR_TEST_RANGE=1-12
> /<>/debian/build/tests/libxlxml2domconfigtest
> ---
> 
> Regards,
> 
> Adam
> 

Bug#1026062: kded5: kded crashes with signal 11

[Vincas Dargis]

I noticed it crashing too, but also systray icons disappear, even though 
applications themselves are running.

Please see screenshots attached.

Bug#1026101: xfce4-session: xfce4 logout dialog disables shutdown when polkit demands auth

[Avner Shapiro]

Package: xfce4-session
Version: 4.16.0-1
Severity: normal
X-Debbugs-Cc: avfor...@gmail.com

Dear Maintainer,

I have this pkla in my polkit directories:

[multiuser stop auth]
Identity=unix-user:*
Action=org.freedesktop.login1.power-off-multiple-sessions
ResultActive=auth_self_keep

the idea is, that when trying to shutdown while another account is open, the 
user will be prompted. she IS authorized to shutdown, only need to confirm that 
the implications are clear. showing a password dialog serves this perfectly.
(note: even if setting auth_admin, this bug is still an issue.)

now, when I select "log out" from xfce menu, the shutdown option is greyed out 
and disabled.
the expected behavior (which worked on 4.12.1-6) is that the option will be 
enabled, and an authorization agent will run (e.g. password dialog will open) 
if selected.

please review the following patch, which fixes the problem in my system:

--- xfce4-session-4.16.0.orig/xfce4-session/xfsm-shutdown.c
+++ xfce4-session-4.16.0/xfce4-session/xfsm-shutdown.c
@@ -234,10 +234,7 @@ xfsm_shutdown_try_restart (XfsmShutdown
 
   if (shutdown->systemd != NULL)
 {
-  if (xfsm_systemd_try_restart (shutdown->systemd, NULL))
-{
-  return TRUE;
-}
+  return (xfsm_systemd_try_restart (shutdown->systemd, NULL));
 }
   else if (shutdown->consolekit != NULL)
 {
@@ -263,10 +260,7 @@ xfsm_shutdown_try_shutdown (XfsmShutdown
 
   if (shutdown->systemd != NULL)
 {
-  if (xfsm_systemd_try_shutdown (shutdown->systemd, NULL))
-{
-  return TRUE;
-}
+  return (xfsm_systemd_try_shutdown (shutdown->systemd, NULL));
 }
   else if (shutdown->consolekit != NULL)
 {
@@ -417,8 +411,7 @@ xfsm_shutdown_can_restart (XfsmShutdown
 
   if (shutdown->systemd != NULL)
 {
-  if (xfsm_systemd_can_restart (shutdown->systemd, can_restart, error))
-return TRUE;
+  return (xfsm_systemd_can_restart (shutdown->systemd, can_restart, 
error));
 }
   else if (shutdown->consolekit != NULL)
 {
@@ -447,8 +440,7 @@ xfsm_shutdown_can_shutdown (XfsmShutdown
 
   if (shutdown->systemd != NULL)
 {
-  if (xfsm_systemd_can_shutdown (shutdown->systemd, can_shutdown, error))
-return TRUE;
+  return (xfsm_systemd_can_shutdown (shutdown->systemd, can_shutdown, 
error));
 }
   else if (shutdown->consolekit != NULL)
 {
@@ -478,10 +470,7 @@ xfsm_shutdown_can_suspend (XfsmShutdown
 
   if (shutdown->systemd != NULL)
 {
-  if (xfsm_systemd_can_suspend (shutdown->systemd, can_suspend, 
auth_suspend, NULL))
-{
-  return TRUE;
-}
+  return (xfsm_systemd_can_suspend (shutdown->systemd, can_suspend, 
auth_suspend, NULL));
 }
   else if (shutdown->consolekit != NULL)
 {
@@ -514,10 +503,7 @@ xfsm_shutdown_can_hibernate (XfsmShutdow
 
   if (shutdown->systemd != NULL)
 {
-  if (xfsm_systemd_can_hibernate (shutdown->systemd, can_hibernate, 
auth_hibernate, NULL))
-{
-  return TRUE;
-}
+  return (xfsm_systemd_can_hibernate (shutdown->systemd, can_hibernate, 
auth_hibernate, NULL));
 }
   else if (shutdown->consolekit != NULL)
 {
@@ -550,10 +536,7 @@ xfsm_shutdown_can_hybrid_sleep (XfsmShut
 
   if (shutdown->systemd != NULL)
 {
-  if (xfsm_systemd_can_hybrid_sleep (shutdown->systemd, can_hybrid_sleep, 
auth_hybrid_sleep, NULL))
-{
-  return TRUE;
-}
+  return (xfsm_systemd_can_hybrid_sleep (shutdown->systemd, 
can_hybrid_sleep, auth_hybrid_sleep, NULL));
 }
   else if (shutdown->consolekit != NULL)
 {
--- xfce4-session-4.16.0.orig/xfce4-session/xfsm-systemd.c
+++ xfce4-session-4.16.0/xfce4-session/xfsm-systemd.c
@@ -157,7 +157,7 @@ xfsm_systemd_can_method (XfsmSystemd  *s
   if (dbus_ret != NULL)
 {
   g_variant_get (dbus_ret, "()", );
-  if (!strcmp (str, "yes"))
+  if (strcmp (str, "no")) // might be "yes" or "challenge"
 *can_method = TRUE;
 }

note: this patch solves another related problem too. without it, if I directly 
run "xfce4-session-logout -h", I am prompted for a password, but the shutdown 
is then carried out even if I fail to authorize! this is fixed in the above 
patch too, as the first available policy method is the only one that is used, 
even if it disallows the action. I assume that's the idea of a system that is 
configured to prevent unauthroized power action.



-- System Information:
Debian Release: 11.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 
'stable'), (100, 'bullseye-fasttrack'), (100, 'bullseye-backports-staging')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-16-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_IL, LC_CTYPE=en_IL (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via 

Bug#1011079: kitty: New upstream release

[Vincent Blut]

Hi James,

Le 2022-08-03 20:19, James McCoy a écrit :
> On Wed, Aug 03, 2022 at 11:59:55PM +0200, Vincent Blut wrote:
> > Hi James,
> > 
> > Le 2022-05-16 18:11, James McCoy a écrit :
> > > That's because it has new dependencies which aren't packaged yet.  I've
> > > blocked this bug with those, for proper tracking.
> > 
> > We could override upstream choice to make "furo" the default theme for HTML
> > help pages by replacing "html_theme = 'furo'" with "html_theme = 'classic'" 
> > in
> > docs/conf.py.
> 
> Possibly.

furo has been package so the aforementioned override is no longer needed.

> > That would prevent us from depending on "furo" and would leave us
> > with just packaging "sphinx-inline-tabs" to update kitty in Debian.
> 
> Sure, if someone does that, I'll see how overriding the theme works.

And thanks to you we also have sphinx-inline-tabs.
 
> Cheers,
> -- 
> James
> GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7  2D23 DFE6 91AE 331B A3DB

Cheers,
Vincent


signature.asc
Description: PGP signature

Bug#1026100: libapache2-mod-wsgi: Repeated "Fatal Python error: Could not allocate TSS entry" error logged by libapache2-mod-wsgi-py3

[Vishwanath Jadhav]

Package: libapache2-mod-wsgi
Version: 4.6.5-1+deb10u1
Severity: normal

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 10.12
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-19-amd64 (SMP w/16 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_IN, LC_CTYPE=en_IN (charmap=UTF-8), LANGUAGE=en_IN:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libapache2-mod-wsgi depends on:
ii  apache2-bin [apache2-api-20120211]  2.4.38-3+deb10u7
ii  libc6   2.28-10+deb10u1
ii  libpython2.72.7.16-2+deb10u1
ii  python  2.7.16-1

libapache2-mod-wsgi recommends no packages.

libapache2-mod-wsgi suggests no packages.

-- no debconf information
-- error logs:
Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

Fatal Python error: Could not allocate TSS entry

[Wed Oct 19 14:52:21.075114 2022] [core:notice] [pid 7554] AH00052: child pid 
42179 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075157 2022] [core:notice] [pid 7554] AH00052: child pid 
42180 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075164 2022] [core:notice] [pid 7554] AH00052: child pid 
42181 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075171 2022] [core:notice] [pid 7554] AH00052: child pid 
42182 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075178 2022] [core:notice] [pid 7554] AH00052: child pid 
42183 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075185 2022] [core:notice] [pid 7554] AH00052: child pid 
42185 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075191 2022] [core:notice] [pid 7554] AH00052: child pid 
42186 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075198 2022] [core:notice] [pid 7554] AH00052: child pid 
42187 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075205 2022] [core:notice] [pid 7554] AH00052: child pid 
42188 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075212 2022] [core:notice] [pid 7554] AH00052: child pid 
42189 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075218 2022] [core:notice] [pid 7554] AH00052: child pid 
42190 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075225 2022] [core:notice] [pid 7554] AH00052: child pid 
42191 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075232 2022] [core:notice] [pid 7554] AH00052: child pid 
42192 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075239 2022] [core:notice] [pid 7554] AH00052: child pid 
42193 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075245 2022] [core:notice] [pid 7554] AH00052: child pid 
42194 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075252 2022] [core:notice] [pid 7554] AH00052: child pid 
42195 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075259 2022] [core:notice] [pid 7554] AH00052: child pid 
42196 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075266 2022] [core:notice] [pid 7554] AH00052: child pid 
42197 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075273 2022] [core:notice] [pid 7554] AH00052: child pid 
42198 exit signal Aborted (6)
[Wed Oct 19 14:52:21.075279 

Bug#1026099: wireplumber: consider adding the NEWS(.rst) file?

[Patrice Duroux]

Package: wireplumber
Version: 0.4.13-1
Severity: wishlist

Dear Maintainer,

It would be very nice.
I am not sure about another file (README.rst) regarding its content.

Regards,
Patrice


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-0-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages wireplumber depends on:
ii  init-system-helpers   1.65.2
ii  libc6 2.36-6
ii  libglib2.0-0  2.74.3-1
ii  libpipewire-0.3-0 0.3.62-1
ii  libwireplumber-0.4-0  0.4.13-1
ii  pipewire  0.3.62-1

Versions of packages wireplumber recommends:
ii  pipewire-pulse  0.3.62-1

Versions of packages wireplumber suggests:
ii  libspa-0.2-bluetooth  0.3.62-1
pn  wireplumber-doc   

-- no debconf information

Bug#1026098: libreoffice: Patch for building with Poppler 22.09

[Nathan Pratta Teodosio]

Package: libreoffice
Version: Patch for building with Poppler 22.09
Severity: normal
Tags: patch
X-Debbugs-Cc: nathan.teodo...@canonical.com

Dear maintainers,

With the goal of getting the Poppler 22.12 transition done next month,
could you please pick "Fix build with Poppler 22.09.0" from upstream[1]?

I am also attaching it.

[1]: 
https://cgit.freedesktop.org/libreoffice/core/commit/?id=b7d63694985bbb1cf86eb71769feadb28ce68c17
>From b7d63694985bbb1cf86eb71769feadb28ce68c17 Mon Sep 17 00:00:00 2001
From: Sam James 
Date: Fri, 2 Sep 2022 04:31:18 +0100
Subject: Fix build with Poppler 22.09.0

With Poppler 22.09.0, LO fails to build with:
```
/var/tmp/portage/app-office/libreoffice-7.3.5.2/work/libreoffice-7.3.5.2/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx:682:36:
 error: too many arguments to function call, expected single argument 'start', 
have 3 arguments
state->getLineDash(, , );
~~ ^~~
/usr/include/poppler/GfxState.h:1506:32: note: 'getLineDash' declared here
const std::vector (double *start)
   ^
1 error generated.
```

Poppler changed the getLineDash interface:
```
-void getLineDash(double **dash, int *length, double *start)
+const std::vector (double *start)
```

Signed-off-by: Sam James 
Change-Id: I29e18f20d7650a7fcac1bc8ab4aaa04aaa2ab8fb
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139249
Tested-by: Jenkins
Reviewed-by: Michael Stahl 
---
 sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx | 9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx 
b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
index f12478cb2f4d..3ad139b65fa3 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
@@ -678,8 +678,15 @@ void PDFOutDev::updateLineDash(GfxState *state)
 return;
 assert(state);
 
-double* dashArray; int arrayLen; double startOffset;
+int arrayLen; double startOffset;
+#if POPPLER_CHECK_VERSION(22, 9, 0)
+const std::vector  = state->getLineDash();
+const double* dashArray = dash.data();
+arrayLen = dash.size();
+#else
+double* dashArray;
 state->getLineDash(, , );
+#endif
 
 printf( "updateLineDash" );
 if( arrayLen && dashArray )
-- 
cgit v1.2.1

Bug#1026097: lua-curl: there are no OPT_* constants in the module

[Aleksey]

Package: lua-curl
Version: 0.3.0-10
Severity: grave
Justification: renders package unusable

Dear Maintainer,

After I updated from version 0.3.0-9.2, any call to the setopt function
began to fail with the error "Expecting a CURLoption value, got nil".
A little investigation showed that the module is missing any OPT_*
constants. Perhaps, not only these. For instance, in this code:

print(require("curl").OPT_URL)

I expect to get 10002, but get nil. Replacing the constants with their
numeric values doen't solve the problem either. Rollback to version
0.3.0-9.2 solves the problem.

I dug a little deeper into the package sources and I think that the
package was built with an empty curopt.h, which is mentioned here:
https://sources.debian.org/src/lua-curl/0.3.0-10/lua-curl.c/#L148

Regards, Aleksey A.

-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.0.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages lua-curl depends on:
ii  libc62.36-6
ii  libcurl3-gnutls  7.86.0-2

lua-curl recommends no packages.

lua-curl suggests no packages.

-- no debconf information

Bug#1025025: ImportError: cannot import name 'Application' from 'cleo'

[Emmanuel Arias]

Hi George,

Thanks for the report.

I assume that you are in testing. Please can you try again? python-cleo was
migrated to testing
yesterday [0]

[0]
https://tracker.debian.org/news/1398131/python-cleo-100a5-3-migrated-to-testing/

Please, let me know.

Cheers,
Emmanuel

On Fri, Dec 9, 2022 at 2:21 PM George Shuklin 
wrote:

> Unfortunately, 1.2.2+dfsg-1didn't fixed the problem:
>
> dpkg -l|grep poetr
> ii  python3-poetry  1.2.2+dfsg-1
>
> /usr/bin/poetry config virtualenvs.create false
> Traceback (most recent call last):
>File "/usr/bin/poetry", line 5, in 
>  from poetry.console.application import main
>File "/usr/lib/python3/dist-packages/poetry/console/application.py",
> line 13, in 
>  from cleo.events.console_events import COMMAND
> ModuleNotFoundError: No module named 'cleo.events'
>
>

Bug#1025010: jtreg6 6.1+2-1~deb11u1 flagged for acceptance

[Adam D Barratt]

package release.debian.org
tags 1025010 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: jtreg6
Version: 6.1+2-1~deb11u1

Explanation: new package, required to build newer openjdk-11 versions

Bug#1025959: Feedback regarding RFS: davmail/6.0.1.3390-2

[Alexandre Rossi]

Hi,

> > >  * Review / improve the  `prepare-service`
> > 
> > This history behind this script is detailed in:
> > 
> > startup script that copies keystoreFile to StateDirectory (Closes: #968236)
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968236
> 
> Seen the "adduser  _davmail" advice.
> And seeing that "adduser _davmail" in  debian/davmail-server.postinst
> (I didn't see that post install script yesterday)
>  
> > The point is to make available private keys to the daemon. Do you think I 
> > need
> > to add comments to the script to explain the purpose?
> 
> Yes please, elaborate purpose  AND  elaborate the
> 
> if keystore is a file then create keystore file

https://salsa.debian.org/debian/davmail/-/commit/be580785dbd6a4232a2fe408c144ccfc80f93017

> What about doing this development in a git branch?

https://salsa.debian.org/debian/davmail/-/tree/unstable-wip

Many thanks for your review,

Alexandre

Bug#1026085: O: cdbs -- common build system for Debian packages

[Jonas Smedegaard]

Quoting Bastian Germann (2022-12-14 17:29:25)
> Am 14.12.22 um 17:19 schrieb Marc Dequènes (duck):
> >> The gnulib and licensecheck packages already have new git homes.
> > 
> > I archives their repo.
> 
> I am sorry that I mentioned them. Jonas asked to leave licensecheck alone.

No problem - I moved licensecheck back again now.

- Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1026096: parallel: Please revert the Suggests: ash stanza

[наб]

Package: parallel
Version: 20221122+ds-1
Severity: wishlist
Tags: patch

Dear Maintainer,

ash is an empty compat package, and has been for a very long time ‒
it contains exclusively /bin/ash -> dash, and dash is essential ‒
the package description notes it as slated for deletion as soon
as all users are eradicated:
  Description: compatibility package for dash
   This package allows upgrading ash to its replacement,
   dash. It includes the /bin/ash symlink.
   It can be removed as soon as /bin/ash is no longer used.

parallel is the only thing that pops up in apt-cache rdepends ash,
and this appears to have been added recently with no comment
(6b67dfb1b7b0d32e7f537d1d39b78c3ecc55f0ba).

Patch that removes the Suggests:, based on current Salsa, below.
Cf. #920644.

Best,
наб

-- System Information:
Debian Release: 11.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-19-amd64 (SMP w/24 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, 
TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages parallel depends on:
ii  perl 5.32.1-4+deb11u2
ii  procps   2:3.3.17-5
ii  sysstat  12.5.2-2

parallel recommends no packages.

parallel suggests no packages.

-- no debconf information
From f0552a32b95c6d0575fe746cdae810eb29820a0a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=BD=D0=B0=D0=B1?= 
Date: Wed, 14 Dec 2022 18:14:44 +0100
Subject: [PATCH] Revert "Suggests: ash"
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Mutt-PGP: OS

ash ‒ which contains /bin/ash -> dash, the latter is essential ‒
has been an empty compat package for a long time,
explicitly noted as slated for deletion as soon as there are no longer
any users; parallel is the only active dependent, cf. #920644.

This partially reverts commit 6b67dfb1b7b0d32e7f537d1d39b78c3ecc55f0ba.
---
 debian/changelog | 6 ++
 debian/control   | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index 61ddb19..fcefa9a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+parallel (20221122+ds-2) UNRELEASED; urgency=medium
+
+  * Revert "Suggests: ash"
+
+ -- наб   Wed, 14 Dec 2022 18:18:47 +0100
+
 parallel (20221122+ds-1) unstable; urgency=medium
 
   * New upstream version
diff --git a/debian/control b/debian/control
index 8530cd4..6461567 100644
--- a/debian/control
+++ b/debian/control
@@ -25,7 +25,7 @@ Depends:
  sysstat,
  ${misc:Depends},
  ${perl:Depends}
-Suggests: ash, csh, fish, ksh, tcsh, zsh
+Suggests: csh, fish, ksh, tcsh, zsh
 Description: build and execute command lines from standard input in parallel
  GNU Parallel is a shell tool for executing jobs in parallel using one
  or more machines. A job is typically a single command or a small
-- 
2.30.2



signature.asc
Description: PGP signature

Bug#1026095: ITP: ruby-mdl -- A gem that offers a syntax check for markdown files

[Norwid Behrnd]

package: ruby-mdl
Severity: wishlist
Owner: 'Mark Harrison' 

*Package Name : ruby-mdl
 Version : 0.12.0
 Upstream Author :  Phil Dibowitz (Author name/s of the Gem, p...@ipom.com).
*URL :  https://github.com/markdownlint/markdownlint (Link to the git
repo of the Gem)
*License : MIT
*Description :  A syntax checker for markdown files, implemented in Ruby

Bug#920644: ash: consider the removal of the ash package

[наб]

A re-examination of the #!/bin/ash reveals one source package ‒ frr ‒
in a file which is not installed on Debian and which upstream has since
changed to #!/bin/bash:
  
https://github.com/FRRouting/frr/blob/3728cc8e12c7504b0508ccd4008516e839a2bf18/docker/alpine/docker-start

The DCS search for bare /bin/ash returns 15 pages of results,
but the first page (since it doesn't appear to paginate),
is all comments and magick recognition.

The only package that depends on ash is
  $ apt-cache rdepends ash
  ash
  Reverse Depends:
parallel

And that is
  $ apt info parallel
  Package: parallel
  Version: 20221122+ds-1
  Priority: optional
  Section: utils
  Maintainer: Debian Med Packaging Team 

  Installed-Size: 2,979 kB
  Depends: procps, sysstat, perl:any
  Suggests: ash, csh, fish, ksh, tcsh, zsh
  Homepage: https://www.gnu.org/software/parallel/
  Download-Size: 1,873 kB
  APT-Sources: http://deb.debian.org/debian-ports sid/main x32 Packages

So the Suggests: on ash can just be dropped there, I'll post a patch.
May it make sense to get rid of the ash package for bullseye+2?

Best,
наб


signature.asc
Description: PGP signature

Bug#1026094: prometheus-ipmi-exporter: autopkgtest/build fails due to API change in prometheus exporter-toolkit

[Nick Rosbrook]

Package: prometheus-ipmi-exporter
Severity: serious
Tags: patch ftbfs
Justification: fails to build from source (but built successfully in the past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu lunar ubuntu-patch

Dear Maintainer,

Recent API changes in the github.com/prometheus/exporter-toolkit/web
package, which are included in golang-github-prometheus-exporter-toolkit
0.8.2-1, cause the autopkgtest (and re-build) to fail.

This can be fixed by an upstream commit that adapts to the new API.

Thanks,
Nick
diff -Nru 
prometheus-ipmi-exporter-1.6.1/debian/patches/02-fix-build-with-new-exporter-toolkit.patch
 
prometheus-ipmi-exporter-1.6.1/debian/patches/02-fix-build-with-new-exporter-toolkit.patch
--- 
prometheus-ipmi-exporter-1.6.1/debian/patches/02-fix-build-with-new-exporter-toolkit.patch
  1969-12-31 19:00:00.0 -0500
+++ 
prometheus-ipmi-exporter-1.6.1/debian/patches/02-fix-build-with-new-exporter-toolkit.patch
  2022-12-13 15:51:36.0 -0500
@@ -0,0 +1,33 @@
+Description: Fix build with golang-github-prometheus-exporter-toolkit 0.8.2
+Origin: upstream, 
https://github.com/prometheus-community/ipmi_exporter/commit/e8989cfdf79bebb2e3d84e43f65a7fc027ee7bba.patch
+Bug-Ubuntu: https://launchpad.net/bugs/1999574
+Last-Update: 2022-12-13
+---
+--- a/main.go
 b/main.go
+@@ -41,11 +41,7 @@
+   "freeipmi.path",
+   "Path to FreeIPMI executables.",
+   ).Default("/usr/sbin").String()
+-  listenAddress = kingpin.Flag(
+-  "web.listen-address",
+-  "Address to listen on for web interface and telemetry.",
+-  ).Default(":9290").String()
+-  webConfig = webflag.AddFlags(kingpin.CommandLine)
++  webConfig = webflag.AddFlags(kingpin.CommandLine, ":9290")
+ 
+   sc = {
+   C: {},
+@@ -169,10 +165,8 @@
+ `))
+   })
+ 
+-  level.Info(logger).Log("msg", "Listening on", "address", *listenAddress)
+-
+-  srv := {Addr: *listenAddress}
+-  if err := web.ListenAndServe(srv, *webConfig, logger); err != nil {
++  srv := {}
++  if err := web.ListenAndServe(srv, webConfig, logger); err != nil {
+   level.Error(logger).Log("msg", "HTTP listener stopped", 
"error", err)
+   os.Exit(1)
+   }
diff -Nru prometheus-ipmi-exporter-1.6.1/debian/patches/series 
prometheus-ipmi-exporter-1.6.1/debian/patches/series
--- prometheus-ipmi-exporter-1.6.1/debian/patches/series2022-06-22 
07:19:56.0 -0400
+++ prometheus-ipmi-exporter-1.6.1/debian/patches/series2022-12-13 
15:23:10.0 -0500
@@ -1 +1,2 @@
 01-debian-defaults.patch
+02-fix-build-with-new-exporter-toolkit.patch

Bug#1026025: pyspf-milter seems to ignore configured parameters

[Scott Kitterman]

On Wednesday, December 14, 2022 11:53:04 AM EST Scott Kitterman wrote:

> The architectural issue is that the milter does the SPF check right after
> rcpt to in the SMTP session, so the receiver is unknown.  As a result, the
> receiver will be unknown regardless of the Hide_Receiver setting.  This
> should be addressed in the documentation so it's clear.

^^^ should be after mail from

> InternalHosts is not working correctly, so that's an actual bug.
> 
> Scott K



signature.asc
Description: This is a digitally signed message part.

Bug#1026025: pyspf-milter seems to ignore configured parameters

[Scott Kitterman]

On Tue, 13 Dec 2022 23:54:17 -0500 Scott Kitterman  
wrote:
> On Tue, 13 Dec 2022 13:36:29 +0100 Pascal Volk  
> wrote:
> > Package: pyspf-milter
> > Version: 3.0.1-1
> > Severity: important
> > X-Debbugs-Cc: v...@demos-deutschland.de
> > 
> > 
> > 
> > Hi Scott,
> > 
> > my `pyspf-milter.conf` has the following three lines:
> > 
> >  skip_addresses = 127.0.0.0/8,:::127.0.0.0/104,::1
> >  InternalHosts = 127.0.0.1,::1
> >  Hide_Receiver = No
> > 
> > It looks looks like as pyspf-milter would ignore at least the
> > parameters `InternalHosts' and `Hide_Receiver'. Thus the log
> > contains lines like:
> > 
> >  pyspf-milter[43325]: connect from localhost at ('::1', 39792, 0, 
0) 
> EXTERNAL
> >  pyspf-milter[43325]: prepend Authentication-Results: $HOST; none 
> (SPF check N/A for local connections - client-ip=::1; helo=localhost; 
> envelope-from=root@$HOST.example.com; receiver=
> > 
> > Please let me know if you need further details.
> 
> Thanks.  That should be enough for me to investigate.
> 
> So far it looks like a combination of things.

There are two problems.  One is architectural and the other is a bug.

I have confirmed that the configuration file is being read correctly.

The architectural issue is that the milter does the SPF check right after rcpt 
to in the SMTP session, so the receiver is unknown.  As a result, the receiver 
will be unknown regardless of the Hide_Receiver setting.  This should be 
addressed in the documentation so it's clear.

InternalHosts is not working correctly, so that's an actual bug.

Scott K

signature.asc
Description: This is a digitally signed message part.

Bug#1026093: dia: Fix build with Poppler 22.09

[Nathan Pratta Teodosio]

Package: dia
Version: 0.97.3+git20220525-4
Severity: wishlist
Tags: patch
X-Debbugs-Cc: nathan.teodo...@canonical.com

Dear Maintainer,

I'm attaching a patch to fix the build with Poppler 22.09 and 22.12.

A build log[1] is available.

[1]: https://launchpad.net/~nteodosio/+archive/ubuntu/poppler/+build/24938080
Subject: Fix build with Poppler 22.09.
From: Nathan Pratta Teodosio 
Date: 14 Dec 2022 16:40:37 -

--- a/plug-ins/pdf/pdf-import.cpp.orig  2022-12-14 13:35:18.247693775 -0300
+++ b/plug-ins/pdf/pdf-import.cpp   2022-12-14 13:33:28.649959935 -0300
@@ -152,11 +152,11 @@
   void
   updateLineDash (GfxState *state)
   {
-double *dashPattern;
 int dashLength;
 double dashStart;
 
-state->getLineDash (, , );
+std::vector dashPattern = state->getLineDash();
+dashLength = dashPattern.size();
 this->dash_length = dashLength ? dashPattern[0] * scale : 1.0;
 
 if (dashLength == 0)

Bug#1026092: grub-efi-arm64: grub2 needs a backport to support EFI zboot

[Ard Biesheuvel]

Package: grub-efi-arm64
Version: 2.06-5
Severity: wishlist
X-Debbugs-Cc: a...@kernel.org

Dear Maintainer,

Linux 6.1 and later implement a EFI bootable compressed format called zboot,
which does not carry the 'arm64 bare metal boot' magic number because it is
EFI-only and cannot be booted in bare metal mode unless the bare metal
loader knows how to decode the header and perform the decompression itself.

None of this is relevant to GRUB, as it is pure EFI based on arm64. However,
it used to check the magic number nonetheless, rejecting these EFI zboot images
for no good reason.

This is fixed in GRUB upstream by
https://git.savannah.gnu.org/cgit/grub.git/commit/?id=69edb31205602c29293a8c6e67363bba2a4a1e66

Please consider this change for backporting to Debian's GRUB so arm64 builds
can boot the EFI zboot images.

Kind regards and merry christmas,

Bug#1026091: grub-pc unable to boot from btrfs compressed partition on 32-bit systems

[axet]

Package: grub-pc
Version: 2.06-7
Severity: normal

Dear Maintainer,

grub-pc unable to boot from btrfs compressed /boot directory. Removing
compressing flag using 'chattr -c -R /boot' allows system to boot.
Problem does not present on 64-bit systems.

Boot order:

1) Loading Grub...
2) Welcome to GRUB
3) never appear: loading grub.cfg

Full logs:

https://linux-hardware.org/?probe=4e9f8e4c01

-- Package-specific info:

*** BEGIN /proc/mounts
/dev/sda2 / btrfs rw,relatime,space_cache,subvolid=5,subvol=/ 0 0
*** END /proc/mounts

*** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_cutmem ###
insmod echo
echo loading grub.cfg
insmod mmap
cutmem 0x 0x0fff
cutmem 0x000a 0x000f
cutmem 0x7e40 0x7fff
### END /etc/grub.d/00_cutmem ###

### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
  set have_grubenv=true
  load_env
fi
if [ "${next_entry}" ] ; then
   set default="${next_entry}"
   set next_entry=
   save_env next_entry
   set boot_once=true
else
   set default="0"
fi

if [ x"${feature_menuentry_id}" = xy ]; then
  menuentry_id_option="--id"
else
  menuentry_id_option=""
fi

export menuentry_id_option

if [ "${prev_saved_entry}" ]; then
  set saved_entry="${prev_saved_entry}"
  save_env saved_entry
  set prev_saved_entry=
  save_env prev_saved_entry
  set boot_once=true
fi

function savedefault {
  if [ -z "${boot_once}" ]; then
saved_entry="${chosen}"
save_env saved_entry
  fi
}
function load_video {
  if [ x$feature_all_video_module = xy ]; then
insmod all_video
  else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
  fi
}

terminal_input console
terminal_output console
if [ "${recordfail}" = 1 ] ; then
  set timeout=30
else
  if [ x$feature_timeout_style = xy ] ; then
set timeout_style=menu
set timeout=5
  # Fallback normal timeout code in case the timeout_style feature is
  # unavailable.
  else
set timeout=5
  fi
fi
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/05_debian_theme ###
set menu_color_normal=cyan/blue
set menu_color_highlight=white/blue
### END /etc/grub.d/05_debian_theme ###

### BEGIN /etc/grub.d/10_linux ###
function gfxmode {
set gfxpayload="${1}"
}
set linux_gfx_mode=
export linux_gfx_mode
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu 
--class os $menuentry_id_option 
'gnulinux-simple-8bb11a0a-67b6-45a9-b1ea-bac37a17533b' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod btrfs
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root 
--hint-ieee1275='ieee1275//disk@0,gpt2' --hint-bios=hd0,gpt2 
--hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2  
8bb11a0a-67b6-45a9-b1ea-bac37a17533b
else
  search --no-floppy --fs-uuid --set=root 
8bb11a0a-67b6-45a9-b1ea-bac37a17533b
fi
echo'Loading Linux 6.0.0-5-686 ...'
linux   /boot/vmlinuz-6.0.0-5-686 
root=UUID=8bb11a0a-67b6-45a9-b1ea-bac37a17533b ro  mem=2020M
echo'Loading initial ramdisk ...'
initrd  /boot/initrd.img-6.0.0-5-686
}
submenu 'Advanced options for Debian GNU/Linux' $menuentry_id_option 
'gnulinux-advanced-8bb11a0a-67b6-45a9-b1ea-bac37a17533b' {
menuentry 'Debian GNU/Linux, with Linux 6.0.0-5-686' --class debian 
--class gnu-linux --class gnu --class os $menuentry_id_option 
'gnulinux-6.0.0-5-686-advanced-8bb11a0a-67b6-45a9-b1ea-bac37a17533b' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; 
fi
insmod part_gpt
insmod btrfs
set root='hd0,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root 
--hint-ieee1275='ieee1275//disk@0,gpt2' --hint-bios=hd0,gpt2 
--hint-efi=hd0,gpt2 --hint-baremetal=ahci0,gpt2  
8bb11a0a-67b6-45a9-b1ea-bac37a17533b
else
  search --no-floppy --fs-uuid --set=root 
8bb11a0a-67b6-45a9-b1ea-bac37a17533b
fi
echo'Loading Linux 6.0.0-5-686 ...'
linux   /boot/vmlinuz-6.0.0-5-686 
root=UUID=8bb11a0a-67b6-45a9-b1ea-bac37a17533b ro  mem=2020M
echo'Loading initial ramdisk ...'
initrd  /boot/initrd.img-6.0.0-5-686
}
menuentry 'Debian GNU/Linux, with Linux 6.0.0-5-686 (recovery mode)' 
--class debian --class gnu-linux --class gnu --class os $menuentry_id_option 
'gnulinux-6.0.0-5-686-recovery-8bb11a0a-67b6-45a9-b1ea-bac37a17533b' {
 

Bug#1026085: O: cdbs -- common build system for Debian packages

[Bastian Germann]

Am 14.12.22 um 17:19 schrieb Marc Dequènes (duck):

The gnulib and licensecheck packages already have new git homes.


I archives their repo.


I am sorry that I mentioned them. Jonas asked to leave licensecheck alone.

Bug#1004784: aiscm: FTBFS with ffmpeg 5.0

[Jan Wedekind]

No, I didn't manage to fix it. Is it possible to remove the package?

On 13 December 2022 23:48:42 GMT, Bastian Germann  wrote:
>Is this fixed with 0.24.2? If so, please update the package.
>
>

-- 
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.

Bug#1026085: O: cdbs -- common build system for Debian packages

[duck]

Quack,

On 2022-12-14 23:00, Bastian Germann wrote:


I am orphaning cdbs. @foka @js @duck Would you please move the cdbs
repository to salsa's debian namespace?


DH made so much progress that we all left :-).
Jonas needed it for some packages and maintained it as long as he could.
We did discuss the situation a few years back but no real 
plan/announcement followed unfortunately.


I moved the repo to the Debian namespace.
I also archived the cdbs-doc repo; the package is not build anymore 
anyway.



The gnulib and licensecheck packages already have new git homes.


I archives their repo.


I suggest to create a lintian warning tag for cdbs-using packages so
that they know that their build system is no longer developed.


That's a good idea. I'll try to work on this.

\_o<

--
Marc Dequènes

Bug#1025791: fsck.f2fs is unable to check mounted FS

[Theodore Ts'o]

OK, I've done some final fixups (there was something weird with the
spelling patch that caused dgit to have heartburt) and have done a
"dgit push-source" and pushed git tree to salsa.  Thanks again for
your help.

Since you are investigating using f2fs, I thought I would let you know
that there are the following test failures of the file system:

KERNEL:kernel 6.1.0-xfstests #2 SMP PREEMPT_DYNAMIC Mon Dec 12 16:09:40 EST 
2022 x86_64
CMDLINE:   -c f2fs/default -g auto
CPUS:  2
MEM:   7680

f2fs/default: 676 tests, 5 failures, 224 skipped, 4923 seconds
  Failures: generic/050 generic/064 generic/252 generic/506 generic/563

The same test failures happen with f2fs-tools 1.14 and 1.15, so these
are not f2fs-tools regressions.  These are actually fewer test
failures than I am seeing with btrfs:

btrfs/4k: 953 tests, 21 failures, 176 skipped, 12135 seconds 
  Failures: btrfs/006 btrfs/012 btrfs/049 btrfs/100 btrfs/162 btrfs/163 
btrfs/184 btrfs/192 btrfs/196 btrfs/197 btrfs/218 btrfs/219 btrfs/235
btrfs/254 btrfs/277 btrfs/291 generic/455 generic/457
  Flaky: btrfs/028: 40% (2/5)   generic/475: 60% (3/5)
shared/298: 20% (1/5)

 although it's worse than the ext4/4k and xfs/4k test results
(which tests 100% green).  

If you are curious about exactly what the test failures are, just
checkout the xfstests-dev repo, and then look at the first few lines
of the test script, for example:

 {/usr/projects/xfstests-bld/build-64}   (master)
1079% head fstests-bld/xfstests-dev/tests/generic/050
#! /bin/bash
# SPDX-License-Identifier: GPL-2.0
# Copyright (c) 2009 Christoph Hellwig.
#
# FS QA Test No. 050
#
# Check out various mount/remount/unmount scenarious on a read-only blockdev.
#
seqfull=$0
. ./common/preamble

(Which is a bit relevant to this original bug report, which was purely
accidental, and perhaps a bit of synchronicity.)


On Tue, Dec 13, 2022 at 11:53:53PM +0300, Michael Tokarev wrote:
> 
> (and now this has absolutely nothing to do with #1025791 anyway.. ;))

Heh.

Going back to this bug, I'm pretty sure it's not going to be an easy
fix, unless you want to take over upstream f2fs-tools.  Which if you
ask the f2fs-tools maintainers, they might actually be willing to
delegate; you never know until you ask.  (As an aside, that's how I
got involved with ext2/ext3/ext4.  Originally ext2 userspace tools
were a modified version of the minix userspace tools, and I decided I
could do better.  So after rewriting it from scratch, creating a real
library interface that could actually have a stable shared library
ABI, and using test driven development, I was able to speed up e2fsck
by a factor of 10 or so.  So if you're interested in getting involved
with file system development  :-)

Failing that, probably the best approach is a quick patch, which could
either be maintained in the Debian packaging, or perhaps we can get it
upstream, might be to teach fsck.f2fs check to see if the open of the
block device is failing with EBUSY, and if the -a or -p option was
passed to fsck.f2fs, to print a warning message that running fsck on
boot is not supported, and then exit with a status code of 0.

This is a moral equivalent of what xfs and btrfs is doing.  (See the
shell script found in /sbin/fsck.xfs and /sbin/fsck.btrfs.)  It won't
allow f2fs to check a mounted file system, but at least it will clean
up the boot failures.

Cheers,

- Ted

Bug#1026039: lyx: LyX is listed as proprietary software in Gnome-software

[Dr. Tobias Quathamer]

Am 14.12.22 um 12:55 schrieb Pavel Sanda:

Tobias, 2.3.7 should be out within two weeks and I leave it to you
whether manually fix it for bookworm's 2.3.7 or leave it for 2.4
which won't make it for the upcoming debian release.


Hi Pavel,

thanks for the heads-up. If LyX 2.3.7 is available in about two weeks, I 
think it should still make it into bookworm. I'll probably can can fix 
the appdata installation manually for the Debian package.


Regards,
Tobias



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1025872: installing greetd immediately reboots and prevents any logins

[duck]

Quack,

On 2022-12-11 09:20, Johannes Schauer Marin Rodrigues wrote:


 1. do not start the greetd service by default installing a package
should not result into logging out the currently active user


I only tested greetd in the console after having started my previous 
login manager and did not hit this problem but that's indeed an 
unpleasant behavior.
I had a quick look at lightdm and gdm3 and I don't see anything 
preventing them from doing the same thing.
Not starting is an option but I'd like to look around a little bit more 
before making a decision.



 2. provide a sensible default. Using $SHELL makes no sense when the
default shell of the user running greetd is /usr/sbin/nologin. 
Maybe

replace $SHELL with /bin/bash?


I tested agreety but did not check it again before the upload.
I'll try it with dash first, maybe we do not need a dependency on bash.

Thanks for the report, I hope to have this sorted out soon.
Regards.
\_o<

--
Marc Dequènes

Bug#1026072: Fix for the bug

[Michael Rasmussen]

Running the commands below solves the problem until a new package is
available for install:

sudo ln -s /usr/lib/x86_64-linux-gnu/libnssutil3.so /usr/lib/firefox/
sudo ln -s /usr/lib/x86_64-linux-gnu/libnss3.so /usr/lib/firefox/
sudo ln -s /usr/lib/x86_64-linux-gnu/libsmime3.so /usr/lib/firefox/
sudo ln -s /usr/lib/x86_64-linux-gnu/libssl3.so /usr/lib/firefox/


-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael  rasmussen  cc
https://pgp.key-server.io/pks/lookup?search=0xD3C9A00E
mir  datanom  net
https://pgp.key-server.io/pks/lookup?search=0xE501F51C
mir  miras  org
https://pgp.key-server.io/pks/lookup?search=0xE3E80917
--

'During times of universal deceit, telling the truth becomes a
revolutionary act.' -George Orwell

/usr/games/fortune -es says:
I just had my entire INTESTINAL TRACT coated with TEFLON!


pgpH3zYdX_ve3.pgp
Description: OpenPGP digital signature

Bug#1025744: greetd - FTBFS with new version of rust-nix.

[duck]

Control: tags -1 + pending


Quack,

On 2022-12-08 22:21, Peter Green wrote:
I have updated rust-nix in experimental, and intend to do so in 
unstable

soon, the code in your package builds fine with the new version, but
the Cargo dependencies don't allow it to be used. The attached patch
updates the Debian and Cargo dependencies in your package to be 
consistent

with each other.


Thanks for the report and patch. I have never tested with 0.24 so I 
chose to enforce 0.25 instead.
I pushed the changes on Salsa and I intend to upload soon but I have 
other fixes pending that should land soon.


Regards.
\_o<

--
Marc Dequènes

Bug#1017504: Please build doxygen with large file support

[Helge Deller]

Please urgently install this patch.
Since doxygen isn't built with large file support, the doxygen
binaries trigger build errors in many other packages which use doxygen.
Example:
https://buildd.debian.org/status/fetch.php?pkg=wireplumber=hppa=0.4.13-1=1671031175=0
Thanks,
Helge

Bug#1026088: rdma-core: add mips64* to COHERENT_DMA_ARCHS

[YunQiang Su]

Yunqiang Su  于2022年12月14日周三 23:24写道：
>
> On Wed, 14 Dec 2022 22:47:53 +0800 YunQiang Su  wrote:
> > Source: rdma-core
> > Version: 33.2-1
> > Severity: serious
> > Tags: ftbfs
> >
> > Can you help to add the fellow 4 ports
> > mips64 mips64el mips64r6 mips64r6el
>
> mips mipsel mipsr6 mipsr6el
> are also needed.
>
> > to the list of
> > COHERENT_DMA_ARCHS
> > in debian/rules ?
> >
>
> Backport this patch can fix FTBFS on mipsel.
>
https://github.com/linux-rdma/rdma-core/commit/90a5793ec9a6b9462712d36d466042fa979249a9

> > --
> > YunQiang Su
> >
> >



-- 
YunQiang Su

Bug#1026088: rdma-core: add mips64* to COHERENT_DMA_ARCHS

[Yunqiang Su]

On Wed, 14 Dec 2022 22:47:53 +0800 YunQiang Su  wrote:
> Source: rdma-core
> Version: 33.2-1
> Severity: serious
> Tags: ftbfs
> 
> Can you help to add the fellow 4 ports
> mips64 mips64el mips64r6 mips64r6el

mips mipsel mipsr6 mipsr6el
are also needed.

> to the list of
> COHERENT_DMA_ARCHS
> in debian/rules ?
> 

Backport this patch can fix FTBFS on mipsel.

> -- 
> YunQiang Su
> 
> 

Bug#1026090: Incorrect counting of void dns lookups regarding IPv6

[Stefan Anders]

Package: libmail-spf-perl
Version: 2.9.0-5

In case of clients with IPv6 addresses, Mail::SPF counts non existing
-Records as void dns lookups, although valid A-Records does exist.
Correct behaviour would be to count only as void lookups, if neither
A- nor -Record exists.

Example:

spftest.dfn.de  TXT "v=spf1 a a:one.spftest.dfn.de 
a:two.spftest.dfn.de -all"
spftest.dfn.de  A   194.94.252.247
one.spftest.dfn.de  A   194.94.252.253
two.spftest.dfn.de  A   194.94.252.254

Test 1:

$ echo "192.107.51.3 t...@spftest.dfn.de mail.enea.it" | spfquery -f - -s mfrom
fail
Rejected by SPF record
spftest.dfn.de: Sender is not authorized by default to use 
't...@spftest.dfn.de' in 'mfrom' identity (mechanism '-all' matched)
Received-SPF: fail (spftest.dfn.de: Sender is not authorized by default to use 
't...@spftest.dfn.de' in 'mfrom' identity (mechanism '-all' matched)) 
receiver=mgw6-han.srv.dfn.de; identity=mailfrom; 
envelope-from="t...@spftest.dfn.de"; helo=mail.enea.it; client-ip=192.107.51.3
$

Test 2:

$ echo "2a00:1450:4864:20::34a t...@spftest.dfn.de mail-wm1-x34a.google.com" | 
spfquery -f - -s mfrom
permerror
spftest.dfn.de: Maximum void DNS look-ups limit (2) exceeded
spftest.dfn.de: Maximum void DNS look-ups limit (2) exceeded
Received-SPF: permerror (spftest.dfn.de: Maximum void DNS look-ups limit (2) 
exceeded) receiver=mgw6-han.srv.dfn.de; identity=mailfrom; 
envelope-from="t...@spftest.dfn.de"; helo=mail-wm1-x34a.google.com; 
client-ip="2a00:1450:4864:20::34a"
$

Expectation: test 2 should give the same result as test 1.

Thanks
Stefan


smime.p7s
Description: S/MIME cryptographic signature

Bug#1026076: gnome-software: Download size is unknown for apps from Debian archive

[Matthias Klumpp]

Hi!

Am Mi., 14. Dez. 2022 um 11:51 Uhr schrieb Danial Behzadi
:
> [...] It couldn't be so hard to fix this as we already
> have download size for packages in apt lists and it could be even port
> to upstream. [...]

It's actually not that easy, because a package has a bunch of
dependencies that would be needed to be included in the total download
size, so we would need to resolve the dependency graph for the
to-be-installed package first, and then calculate the total, which
isn't that fast.
That being said, it can be done (as a background task if it may take
longer), or we could display only the size of the currently referenced
package. At least the latter should already be the case, and
PackageKit has that information, so it's a bit odd that it isn't
shown.

Cheers,
Matthias

-- 
I welcome VSRE emails. See http://vsre.info/

Bug#1026089: network-manager: nmtui-edit does not support VPN connections while nmtui-connect does

[Sven Geuer]

Package: network-manager
Version: 1.40.6-1
Severity: normal

Dear Maintainer,

nmtui-edit does not list any of the VPNs configured on my system while they are
displayed in nmtui-connect and also in nm-connection-editor.

So, I cannot edit or delete any VPN via nmtui-edit.

Also, nmtui-edit does not offer VPN as a type of connection in the 'New
Connection' dialog box which opens up with clicking the add button.


-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.0.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages network-manager depends on:
ii  adduser 3.129
ii  dbus [default-dbus-system-bus]  1.14.4-1
ii  libaudit1   1:3.0.7-1.1+b2
ii  libbluetooth3   5.66-1
ii  libc6   2.36-6
ii  libcurl3-gnutls 7.86.0-2
ii  libglib2.0-02.74.2-1
ii  libgnutls30 3.7.8-4
ii  libjansson4 2.14-2
ii  libmm-glib0 1.20.0-1
ii  libndp0 1.8-1
ii  libnewt0.52 0.52.23-1
ii  libnm0  1.40.6-1
ii  libpsl5 0.21.0-1.2
ii  libreadline88.2-1.2
ii  libselinux1 3.4-1+b3
ii  libsystemd0 252.2-2
ii  libteamdctl01.31-1
ii  libudev1252.2-2
ii  policykit-1 122-1
ii  polkitd 122-1
ii  udev252.2-2

Versions of packages network-manager recommends:
ii  dnsmasq-base [dnsmasq-base]  2.87-1.1
ii  libpam-systemd   252.2-2
ii  modemmanager 1.20.0-1
ii  ppp  2.4.9-1+1.1+b1
ii  wireless-regdb   2022.06.06-1
ii  wpasupplicant2:2.10-9+b2

Versions of packages network-manager suggests:
ii  iptables   1.8.8-1
pn  libteam-utils  

Versions of packages network-manager is related to:
ii  isc-dhcp-client  4.4.3-P1-1

-- no debconf information

Bug#1026088: rdma-core: add mips64* to COHERENT_DMA_ARCHS

[YunQiang Su]

Source: rdma-core
Version: 33.2-1
Severity: serious
Tags: ftbfs

Can you help to add the fellow 4 ports
mips64 mips64el mips64r6 mips64r6el
to the list of
COHERENT_DMA_ARCHS
in debian/rules ?

-- 
YunQiang Su

Bug#538433: Hii

[nasiru salisu]

Have you received it?

Bug#1020527:

[Andreas Hasenack]

Hi,

any particular reason for not adopting the upstream patch, which fixes
the problem properly? Disabling the compiler/build flags that tripped
the error could have other consequences.

Bug#1026087: ITP: distribution-gpg-keys -- GPG keys by various Linux distributions

[Juri Grabowski]

Package: wnpp
Version: 1.79
Severity: wishlist
Owner: Juri Grabowski 
X-Debbugs-Cc: debian-de...@lists.debian.org, deb...@jugra.de

* Package name: distribution-gpg-keys
  Version : 1.7.9
  Upstream Author : Miroslav Suchý 
* URL : https://github.com/xsuchy/distribution-gpg-keys/
* License : CC0-1.0
  Programming Lang: data
  Description : GPG keys by various Linux distributions

used by various Linux distributions to sign packages.

needed by mock/3.5 and I need a sponsor for this package. See current packaging 
in
https://salsa.debian.org/pkg-rpm-team/distribution-gpg-keys
After I know ITP bug number I upload this source package to
https://mentors.debian.net/package/distribution-gpg-keys/

Best Regards,
Juri Grabowski

Bug#1026086: -installed

[Alexey Sitnikov]

Also there is no reaction for "--installed":

# apt-cache depends --installed libdbus-1-3
libdbus-1-3
  Depends: libc6
  Depends: libsystemd0
*libelogind0*

# apt-cache policy  libelogind0
libelogind0:
*  Installed: (none)*
  Candidate: 246.9.1-1+debian1
  Version table:
 246.9.1-1+debian1 990
990 http://mirror.insacom.cl/debian bullseye/main amd64 Packages

Bug#1026085: O: cdbs -- common build system for Debian packages

[Jonas Smedegaard]

Quoting Bastian Germann (2022-12-14 15:00:02)
> Package: wnpp
> X-Debbugs-Cc: d...@jones.dk, f...@debian.org, d...@duckcorp.org, 
> remi.theba...@gmail.com, kamathvasu...@gmail.com
> 
> A year ago, the last active cdbs maintainer Jonas decided to cease further 
> cdbs development.
> The other Uploaders have been quiet for years but I have copied them on this 
> email.
> I am orphaning cdbs. @foka @js @duck Would you please move the cdbs 
> repository to salsa's debian namespace?
> The gnulib and licensecheck packages already have new git homes.
> 
> I suggest to create a lintian warning tag for cdbs-using packages so that 
> they know that their build system is no longer 
> developed.

I welcome both this orphaning and the suggestion for a lintian warning
to discourage the continued use of CDBS.

Formally I have stepped down as maintainer of CDBS, so will leave it to
the existing maintainers to formally move the git repo (or not, if for
some reason they choose another way forward).

Just one detail: Other packages are mentioned, and I guess that's
because they reside(d) in same salsa section as cdbs.  I agree that
gnulib has moved on (and is now orphaned as well, as I recall), but
licensecheck still has a home (for *upstream* development) at
https://salsa.debian.org/build-common-team/licensecheck.git - regardless
of also having another home (for *packaging* maintenance) at
https://salsa.debian.org/perl-team/modules/packages/licensecheck.git

So please do *not* mess with licensecheck - or other git repos in the
salsa section "build-common-team".


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1026086: Wrong output of apt-cache depends

[Orangey]

Package: apt
Version: 2.2.4

Linux 5.19.0-0.deb11.2-amd64 #1 SMP PREEMPT_DYNAMIC Debian
5.19.11-1~bpo11+1 (2022-10-03) x86_64 GNU/Linux
Description: Debian GNU/Linux 11 (bullseye)

# apt show libdbus-1-3
Package: libdbus-1-3
Version: 1.12.20-2
Priority: optional
Section: libs
Source: dbus
Maintainer: Utopia Maintenance Team <
pkg-utopia-maintain...@lists.alioth.debian.org>
Installed-Size: 496 kB
*Depends: libc6 (>= 2.17), libsystemd0*
Recommends: dbus
Breaks: dbus (<< 1.9.16-1~)
Homepage: https://dbus.freedesktop.org/
Tag: role::shared-lib
Download-Size: 219 kB
APT-Manual-Installed: no
APT-Sources: http://mirror.insacom.cl/debian bullseye/main amd64 Packages
Description: simple interprocess messaging system (library)

# apt depends libdbus-1-3
libdbus-1-3
*  Depends: libc6 (>= 2.17)*

*  Depends: libsystemd0libelogind0*
  Breaks: dbus (<< 1.9.16-1~)
  Recommends: dbus

*libelogind0 must not be in the command output.*

Bug#1025869: Acknowledgement (tigervnc-scraping-server: Under bookworm server fails to start. Gives error in Wrapper.pm)

[Mark]

Additional info:

TigerVNC says that this is an issue with Debian script, not an upstream issue 
with them.

https://github.com/TigerVNC/tigervnc/issues/1560#issuecomment-1351443752

Bug#1026085: O: cdbs -- common build system for Debian packages

[Bastian Germann]

Package: wnpp
X-Debbugs-Cc: d...@jones.dk, f...@debian.org, d...@duckcorp.org, 
remi.theba...@gmail.com, kamathvasu...@gmail.com

A year ago, the last active cdbs maintainer Jonas decided to cease further cdbs 
development.
The other Uploaders have been quiet for years but I have copied them on this 
email.
I am orphaning cdbs. @foka @js @duck Would you please move the cdbs repository 
to salsa's debian namespace?
The gnulib and licensecheck packages already have new git homes.

I suggest to create a lintian warning tag for cdbs-using packages so that they know that their build system is no longer 
developed.


If you do not agree with orphaning, please pick up development again.

Bug#1026078: bullseye-pu: package ceph/14.2.21-1 CVE-2022-3650

[Salvatore Bonaccorso]

Hi Thomas,

On Wed, Dec 14, 2022 at 11:52:16AM +0100, Thomas Goirand wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bullseye
> User: release.debian@packages.debian.org
> Usertags: pu
> 
> Hi,
> 
> I have prepared an update for Ceph in Bullseye to address
> CVE-2022-3650 (ie: ceph to root privilege escalation).
> The security team already told me that there will be no DSA.
> 
> [ Reason ]
> (Explain what the reason for the (old-)stable update is. I.e.
> what is the bug, when was it introduced, is this a regression
> with respect to the previous (old-)stable.)
> 
> [ Impact ]
> Anyone logged as Ceph can become root whenever there's a disk
> event without the attached patch.
> 
> [ Tests ]
> Upstream runs functional test suite, and I trust it.
> 
> [ Risks ]
> The code is quite trivial and easy to backport (python code).
> 
> [ Checklist ]
>   [x] *all* changes are documented in the d/changelog
>   [x] I reviewed all changes and I approve them
>   [x] attach debdiff against the package in (old)stable
>   [x] the issue is verified as fixed in unstable
> 
> [ Changes ]
> The Python code checks input better and avoid privilege escalation.
> See attached debdiff, it's quite readable.
> 
> Cheers,
> 
> Thomas Goirand (zigo)

> diff -Nru ceph-14.2.21/debian/changelog ceph-14.2.21/debian/changelog
> --- ceph-14.2.21/debian/changelog 2021-05-27 12:04:21.0 +0200
> +++ ceph-14.2.21/debian/changelog 2022-11-30 14:20:19.0 +0100
> @@ -1,3 +1,10 @@
> +ceph (14.2.21-1+deb11u1) bullseye-security; urgency=medium
> +
> +  * CVE-2022-3650: privilege escalation from the ceph user to root. Applied
> +upstream patches (Closes: #1024932).

For the upload via bullseye-pu the target distribution needs to be
changed as well to 'bullseye'.

Regards,
Salvatore

Bug#1026071: xorg-server: CVE-2022-4283 CVE-2022-46340 CVE-2022-46341 CVE-2022-46342 CVE-2022-46343 CVE-2022-46344

[Salvatore Bonaccorso]

Hi Timo,

On Wed, Dec 14, 2022 at 12:01:53PM +0200, Timo Aaltonen wrote:
> Salvatore Bonaccorso kirjoitti 14.12.2022 klo 11.42:
> > > 
> > > btw, there's a typo in one of the CVE's, it's -46283 not -4283:
> > > 
> > > https://lists.x.org/archives/xorg-announce/2022-December/003302.html
> > > 
> > > the typo is also on the git commit but I fixed it on d/changelog
> > 
> > Should already be correct in above listing and security-tracker. But
> > right the final advisory upstream still has the typo.
> 
> Hmm so the announce mail was wrong and it's actually -4283?? These aren't
> public so I wasn't able to check, my bad..

Yes the 4-digit one is the correct one. Unfortunately the typo
apparently did still propagated to the official announce even it was
noticied before.

Regards,
Salvatore

Bug#1025485: Bug#1025508: onionprobe: config and examples installed to unusual locations

[rhatto]

Thanks for reporting.

I haven't had time to check this, but I wonder if there's a suggested
way to fix.

Bug#1026070: kde-plasma-desktop: Right click on desktop and taskbar has no effect

[Max Görner]

Hi Aurélien,

thank you for your quick reply.


There are many people running testing and/or unstable, me included, for whom 
this bug doesn't happen. So we'll need a bit more analysis if we want to get it 
fixed.

Could you try creating a new user (without an existing $HOME directory) on one 
of the machines where you see the bug and report back if the new user still has 
the issue ?

I created a new user via `adduser` and the problem persisted for it.
Interestingly, that user had a black background and not some default
background image. The .xsession-errors contains some complaints about missing
/home/kdetest.config/kdedefaults, but I did not try to resolve this.


Also can you find anything meaningful in the system log at the time where you 
right click or during the load of the user session ?


The section of my .xsession-erros for today:

Xsession: X session started for mgoerner at Mi 14. Dez 09:18:06 CET 2022
dbus-update-activation-environment: setting
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
dbus-update-activation-environment: setting DISPLAY=:0
dbus-update-activation-environment: setting
XAUTHORITY=/home/mgoerner/.Xauthority
localuser:mgoerner being added to access control list
dbus-update-activation-environment: setting GTK_MODULES=gail:atk-bridge
dbus-update-activation-environment: setting QT_ACCESSIBILITY=1

The .xsession-errors for the new created user:


Xsession: X session started for kdetest at Mi 14. Dez 11:58:00 CET 2022
dbus-update-activation-environment: setting 
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1002/bus
dbus-update-activation-environment: setting DISPLAY=:1
dbus-update-activation-environment: setting 
XAUTHORITY=/home/kdetest/.Xauthority
localuser:kdetest being added to access control list
dbus-update-activation-environment: setting GTK_MODULES=gail:atk-bridge
dbus-update-activation-environment: setting QT_ACCESSIBILITY=1
QIODevice::read (QFile, "/home/kdetest/.config/kdedefaults/package"): 
device not open
QDBusConnection: error: could not send signal to service "" path 
"//home/kdetest/.config/kdedefaults/kdeglobals" interface "org.kde.kconfig.notify" member 
"ConfigChanged": Invalid object path: //home/kdetest/.config/kdedefaults/kdeglobals
QDBusConnection: error: could not send signal to service "" path 
"//home/kdetest/.config/kdedefaults/kdeglobals" interface "org.kde.kconfig.notify" member 
"ConfigChanged": Invalid object path: //home/kdetest/.config/kdedefaults/kdeglobals
QDBusConnection: error: could not send signal to service "" path 
"//home/kdetest/.config/kdedefaults/kdeglobals" interface "org.kde.kconfig.notify" member 
"ConfigChanged": Invalid object path: //home/kdetest/.config/kdedefaults/kdeglobals
QDBusConnection: error: could not send signal to service "" path 
"//home/kdetest/.config/kdedefaults/kcminputrc" interface "org.kde.kconfig.notify" member 
"ConfigChanged": Invalid object path: //home/kdetest/.config/kdedefaults/kcminputrc
QDBusConnection: error: could not send signal to service "" path 
"//home/kdetest/.config/kdedefaults/kwinrc" interface "org.kde.kconfig.notify" member 
"ConfigChanged": Invalid object path: //home/kdetest/.config/kdedefaults/kwinrc
QDBusConnection: error: could not send signal to service "" path 
"//home/kdetest/.config/kdedefaults/kwinrc" interface "org.kde.kconfig.notify" member 
"ConfigChanged": Invalid object path: //home/kdetest/.config/kdedefaults/kwinrc
QPixmap: QGuiApplication must be created before calling defaultDepth().
QPixmap: QGuiApplication must be created before calling defaultDepth().

Neither `journalctl` nor `sudo journalctl` show anything of interest after
right clicking somewhere. Are there other logs I should have a look at?



Lastly if you could have a look at the upstream bugs.kde.org platform and
look for a similar bug report that would be useful. I'll have a look too when
I can.

I will do so and report if I find something.


Best
Max Görner

Bug#997972: haskell-pandoc-citeproc has been deprecated upstream

[Bastian Germann]

Control: tags -1 - moreinfo

Am 14.12.22 um 01:06 schrieb Scott Kitterman:

Checking reverse dependencies...
# Broken Build-Depends:
haskell-blogliterately: libghc-pandoc-citeproc-dev (< 0.18)


Handed in a RM bug for that as well.

Bug#1025010: jtreg 6.1+2-1~deb11u1 flagged for acceptance

[Adam D Barratt]

package release.debian.org
tags 1025010 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: jtreg
Version: 6.1+2-1~deb11u1

Explanation: 

Bug#1026084: iraf: IRAF package creates wrong application menu

[Peter Weilbacher]

Package: iraf
Version: 2.17-3
Severity: minor

Dear Maintainer,

After installing the IRAF package I see a new menu "Other" under the 
applications menu in XFCE4 which only contains IRAF.


I guess that this happens because /usr/share/applications/iraf.desktop 
contains


Categories=Science;Astronomy;Application;

Other programs like Stellarium or saods9 have "Education" as one of the 
entries and end up in the "Education" menu, i.e.


   Categories=Education;Science;Astronomy;
or

   Categories=Astronomy;Education;Science;



-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.0.0-6-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en

Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages iraf depends on:
ii libc6 2.36-6
ii libcfitsio9 4.1.0-1
ii libcurl4 7.86.0-2
ii libexpat1 2.5.0-1
ii libreadline8 8.2-1.2

Versions of packages iraf recommends:
ii iraf-noao 2.17-3
ii python3-pyraf 2.2.1-1+b2
ii saods9 8.3+repack-1
ii xgterm 2.1+dfsg-1
ii ximtool 2.1+dfsg-1
ii xterm 377-1

Versions of packages iraf suggests:
ii iraf-dev 2.17-3

-- no debconf information

Bug#1026083: Security: XSS bug in Loofah

[Hans-Christoph Steiner]

Package: ruby-loofah
Version: 2.19.0-1
Severity: serious

control: affects -1 ruby-loofah/2.1.0
control: affects -1 ruby-loofah/2.7.0+dfsg-1
control: tags -1 fixed-upstream security help

An XSS issue has been discovered in Loofah:
https://github.com/flavorjones/loofah/security/advisories/GHSA-228g-948r-83gx

It is fixed in the upstream release v2.19.1.

Bug#1026082: network-manager-gnome: Existing or new vpnc connection cannot be saved

[Sven Geuer]

Package: network-manager-gnome
Version: 1.30.0-2
Severity: normal

Dear Maintainer,

   * What led up to the situation?
Tried to edit an existing vpnc connection.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
Ran nm-connection-editor from terminal.
Selected the existing vpnc connection and clicked the edit icon.

   * What was the outcome of this action?
When the editing window opened nm-connection-editor printed this error messages
to stderr:

** Message: 12:46:45.028: Cannot save connection due to error: Invalid setting
General: connection.interface-name: '': interface name must not be empty

In the editing window the save button was displayed grayed out.

Even after changing some of the connection's configuration values the save
button stayed inaccessible.

   * What outcome did you expect instead?
One should be able to save the possibly changed configuration.


I also tried to create a new vpnc connection what failed in a similar way.
After
having set the IPSec gateway and the IPSec ID these to message showed up
immediately

** Message: 13:10:50.586: Connection validates and can be saved
** Message: 13:10:50.588: Cannot save connection due to error: Invalid setting
General: connection.interface-name: '': interface name must not be empty

Again the save button stayed inaccessible regardless of any further action.



-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.0.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages network-manager-gnome depends on:
ii  dbus-user-session [default-dbus-session-bus]  1.14.4-1
ii  dbus-x11 [dbus-session-bus]   1.14.4-1
ii  dconf-gsettings-backend [gsettings-backend]   0.40.0-3
ii  gnome-shell [polkit-1-auth-agent] 43.1-2
ii  libatk1.0-0   2.46.0-4
ii  libayatana-appindicator3-10.5.91-1
ii  libc6 2.36-6
ii  libcairo2 1.16.0-6
ii  libgdk-pixbuf-2.0-0   2.42.10+dfsg-1
ii  libglib2.0-0  2.74.2-1
ii  libgtk-3-03.24.35-3
ii  libjansson4   2.14-2
ii  libmm-glib0   1.20.0-1
ii  libnm01.40.6-1
ii  libnma0   1.10.4-2
ii  libpango-1.0-01.50.10+ds-1
ii  libpangocairo-1.0-0   1.50.10+ds-1
ii  libsecret-1-0 0.20.5-3
ii  libselinux1   3.4-1+b3
ii  network-manager   1.40.6-1

Versions of packages network-manager-gnome recommends:
ii  gnome-icon-theme   3.12.0-5
ii  gnome-keyring  42.1-1+b1
ii  gnome-shell [notification-daemon]  43.1-2
ii  iso-codes  4.12.0-1
ii  mobile-broadband-provider-info 20221107-1
ii  notification-daemon3.20.0-4+b1

Versions of packages network-manager-gnome suggests:
ii  network-manager-openconnect-gnome  1.2.8-3
pn  network-manager-openvpn-gnome  
pn  network-manager-pptp-gnome 
ii  network-manager-vpnc-gnome 1.2.8-3

-- no debconf information

Bug#1025827: slic3r-prusa: FTBFS on armel mipsel powerpc riscv64 sh4 m68k

[Mathieu Malaterre]

Control: severity -1 serious

release arches (mipsel/armel) are affected

Bug#1026039: lyx: LyX is listed as proprietary software in Gnome-software

[Pavel Sanda]

On Tue, Dec 13, 2022 at 04:23:21PM -0500, Jeremy Bicha wrote:
> On Tue, Dec 13, 2022 at 4:19 PM Pavel Sanda  wrote:
> >
> > On Tue, 13 Dec 2022 17:50:03 +0100 Lorenzo Bertini 
> >  wrote:
> > > LyX is listed on my system as proprietary software in gnome-software. 
> > > Looking online I found several people having this issue with other 
> > > programs, and the cause was always that the license couldn't be read by 
> > > gnome-software properly.
> > >
> > > Please ensure that gnome-software can properly read the license. If the 
> > > bug is not on our end, let me know and I will contact gnome-software 
> > > developers.
> >
> > Well, LyX installs it's licences where it should, i.e. into
> > /usr/share/doc/lyx/copyright.
> > If there is something specific WRT gnome, we can do it but we need
> > gnome maintainers input... I don't use gnome personally so can't
> > even test it.
> >
> > I CC maintainer of gnome-software if he has some hints for us.
> 
> The GNOME Software app prefers to use AppStream metadata.
> 
> https://wiki.debian.org/AppStream/Guidelines
> https://www.freedesktop.org/software/appstream/docs/chap-Metadata.html

I see, thanks for your input.

Ok, then this should be fixed in 2.4 series (cd5d1be8f8925) as 
org.lyx.LyX.metainfo.xml
will be installed in /usr/share/metainfo/.

For 2.3.x series appdata.xml is inside tarball but not installed.

Tobias, 2.3.7 should be out within two weeks and I leave it to you
whether manually fix it for bookworm's 2.3.7 or leave it for 2.4
which won't make it for the upcoming debian release.

Pavel

Bug#1026081: hello-transitional: Please support building without using (fake)root

[Niels Thykier]

Package: hello-transitional
Version: 2.10-5
Severity: wishlist
Tags: patch
X-Debbugs-Cc: ni...@thykier.net

Hi,

Please apply the following patch to enable building hello-traditional 
without using (fake)root during build.


It leverages dpkg-deb's --root-owner-group feature that is available in 
dpkg from Debian oldstable (since dpkg/1.19.0 according to dpkg-deb's 
manpage).


Thanks,
~Nielsdiff -Nru hello-traditional-2.10/debian/changelog 
hello-traditional-2.10/debian/changelog
--- hello-traditional-2.10/debian/changelog 2019-05-15 12:49:00.0 
+0200
+++ hello-traditional-2.10/debian/changelog 2022-12-14 12:06:18.0 
+0100
@@ -1,3 +1,10 @@
+hello-traditional (2.10-5.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Support building hello-traditional without using (fake)root.
+
+ -- Niels Thykier   Wed, 14 Dec 2022 11:06:18 +
+
 hello-traditional (2.10-5) unstable; urgency=medium
 
   * Use "Rules-Requires-Root: binary-targets" instead.
diff -Nru hello-traditional-2.10/debian/control 
hello-traditional-2.10/debian/control
--- hello-traditional-2.10/debian/control   2019-05-15 12:00:00.0 
+0200
+++ hello-traditional-2.10/debian/control   2022-12-14 12:04:12.0 
+0100
@@ -4,7 +4,7 @@
 Maintainer: Santiago Vila 
 Standards-Version: 4.3.0
 Homepage: http://www.gnu.org/software/hello/
-Rules-Requires-Root: binary-targets
+Rules-Requires-Root: no
 
 Package: hello-traditional
 Architecture: any
diff -Nru hello-traditional-2.10/debian/rules 
hello-traditional-2.10/debian/rules
--- hello-traditional-2.10/debian/rules 2019-05-15 12:00:00.0 +0200
+++ hello-traditional-2.10/debian/rules 2022-12-14 12:04:32.0 +0100
@@ -68,11 +68,10 @@
cd debian/tmp && \
find * -type f ! -regex "DEBIAN/.*" -print0 |\
LC_ALL=C sort -z | xargs -0r md5sum > DEBIAN/md5sums
-   chown -R 0:0 debian/tmp
chmod -R u+w,go=rX debian/tmp
find debian/tmp -newermt '$(BUILD_DATE)' -print0 |\
 xargs -0r touch -h --date='$(BUILD_DATE)'
-   dpkg --build debian/tmp ..
+   dpkg-deb --root-owner-group --build debian/tmp ..
 
 binary: binary-indep binary-arch