Bug#920386: build_user configuration crashes with "uninitialized value $chroot_arch in scalar chomp"

[Blair Noctis]

Hi,

I met this problem too when trying to build under the sbuild user, since it's
rather strange that sbuild runs as my host user inside the schroot. Is there any
update? What should I do if I want to fix this? Thanks.

-- 
Sdrager,
Blair Noctis


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1032221: [pkg-cryptsetup-devel] Bug#1032221: cryptsetup: libgcc_s.so.1 must be installed for pthread_exit to work

[Milan Broz]

Just FYI - I think that the whole problem can be avoided by merging this patch
https://github.com/P-H-C/phc-winner-argon2/pull/331

(we have the patch applied in cryptsetup for embedded libargon already).

Just upstream is no longer responding here...

Milan

Bug#1031192: toil: FTBFS (The job JobClass is requesting 2.0 cores)

[Nilesh Patra]

Hi Santiago,

Can you please send the complete log as requested? (Michael probably forgot to 
Cc you)

Thanks
Nilesh

Quoting Michael Crusoe:
Thank you for the report. Please send me the entire log (as an 
attachment or link) so I can fix all the single-core test issues.


--

Michael R. Crusoe

Bug#1032496: ITP: kylin-status-manager -- System status D-Bus service for UKUI

[MouseZhang]

Package: wnpp
Severity: wishlist
Owner: MouseZhang 
X-Debbugs-Cc: debian-de...@lists.debian.org, sendbypyt...@foxmail.com

* Package name: kylin-status-manager
  Version : 3.22.0.0-1
  Upstream Contact: Kylin Team 
* URL : https://gitee.com/openkylin/kylin-status-manager
* License : GPL-3.0
  Programming Lang: C++
  Description : System status D-Bus service for UKUI

 This component monitors the changes of rotation,
 system mode and keyboard status in the system. When the changes occur,
 it sends the corresponding change signals globally,
 updates the attributes, and does not make substantive changes.
 It only sends the signals and provides the change interface.

Bug#1032431: installation-reports: Bullseye installation on Fujitsu LIFEBOOK U9312

[Cyril Brulebois]

Hi Dennis,

Dennis van Dok  (2023-03-07):
> Can confirm that works; the alpha2 installer
> https://cdimage.debian.org/cdimage/bookworm_di_alpha2/amd64/iso-cd/debian-bookworm-DI-alpha2-amd64-netinst.iso
> 
> Did see the wireless card and was able to get on my home wireless
> network.

Thanks for confirming!

> It's currently sitting in /etc/modules, I could remove it to see if it
> is still needed. I think it is, I'm running the latest kernel:

Testing a boot without it in /etc/modules would be awesome, yes.

> > The Bullseye installer ships i2c-hid.ko, but no i2c-hid-acpi.ko.
> 
> Even so, the bookworm alpha did *not* let me use the touchpad even
> after a manual load of i2c-hid-acpi. Not sure what else is needed (yet
> more firmware?)

I think it might need some other modules to be loaded so that the i2c
bus is visible, and those might not be documented through a dependency.

These modules might or might not be available in the installer, and
that's why I'm suggesting checking what happens in the non-tweaked
installed system, as a starting point.

If I were a betting man, I'd put a coin on some LPSS-related module,
which is an hypothesis already being tested in another bug report
(intel-lpss-pci to be precise).

> Would be worth chasing this further, I think; it might catch out other
> prospective users. I was able to get by with just the keyboard for the
> installation and initial setup, but not having a mouse pointer is a
> serious usability issue. I'm willing to devote a little time towards
> this (as long as I don't have to reinstall the entire machine).
> 
> If this is not for the installer, then for the rest of the system;
> against which components should I file a bug report?

Great. We can keep this bug report for that purpose. Reinstalling is not
going to be needed:
 - We want to check what happens in the installed system, with or
   without tweaks like /etc/modules; nothing that will require a
   reinstall.
 - We might want to check what happens in a tweaked installer. Since
   touchpad support can be tested from the very beginning, there's no
   need to go through any installation steps. It's an ever lighter test
   than what you already did above (testing wireless support), which was
   awesome already!

> I didn't try the speech synth part; again, I think it is worth chasing
> this further if you could help me figure out against which component
> this should be filed (kernel?). A working microphone on a laptop is
> relatively important for video meetings.

Sure, I just meant this is definitely not going to be something that's a
concern for the installer team.

I'd suggest filing a bug report against src:linux indeed. Worst case,
they can reassign it to a more suitable component.

> Incidentally I tried but could not mount the crypted partition; is
> cryptsetup not part of the installer? I saved the logs to /boot
> instead.

You might need to load it explicitly to make it accessible, it's
definitely there and loaded automatically if you go for e.g. an
encrypted LVM setup.

Thanks again for the detailed report, feedback, and extra tests!


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1032420: libtpms: diff for NMU version 0.9.2-3.1

[Salvatore Bonaccorso]

Hi Seunghun,

On Wed, Mar 08, 2023 at 10:39:07AM +0900, Seunghun Han wrote:
> Dear Salvatore,
> 
> I appreciate your work. Please don't delay it and go through the
> process. I'm currently on an urgent project, so I have to do it for a
> while.

Thank you for the quick response and the quick followup! I just have
rescheduled the upload to 0 delay.


Good luck with your project!

Regards,
Salvatore

Bug#1032320: yt-dlp: Please include built manpage into package

[Unit 193]

Howdy,

On Sat, 4 Mar 2023, debian.fab@erine.email wrote:


Hmm,

my bad, this only appears on the backported package:

% dpkg -c yt-dlp_2023.02.17-1_all.deb | grep -F yt-dlp.1
-rw-r--r-- root/root     39545 2023-02-18 00:37 
/usr/share/man/man1/yt-dlp.1.gz


% dpkg -c yt-dlp_2023.02.17-1\~bpo11+1_all.deb | grep -F yt-dlp.1
-rw-r--r-- root/root    133597 2023-02-28 06:30 
/usr/lib/python3/dist-packages/share/man/man1/yt-dlp.1


Maybe the build tools are behaving differently on Bullseye.

The patch I suggested makes the man available on the backported deb file 
built on Bullseye.


Do you think applying it would make the man available in both cases?


Ah interesting!  I didn't see that.  Interestingly, the current 
release that's in unstable doesn't appear to have this problem when 
rebuilt for stable:


drwxr-xr-x root/root 0 2023-03-08 04:50 
./usr/lib/python3/dist-packages/yt_dlp-2023.3.4.dist-info/

drwxr-xr-x root/root 0 2023-03-08 04:50 ./usr/share/fish/
drwxr-xr-x root/root 0 2023-03-08 04:50 
./usr/share/fish/vendor_completions.d/
-rw-r--r-- root/root 49319 2023-03-08 04:50 
./usr/share/fish/vendor_completions.d/yt-dlp.fish
drwxr-xr-x root/root 0 2023-03-08 04:50 ./usr/share/man/
drwxr-xr-x root/root 0 2023-03-08 04:50 ./usr/share/man/man1/
-rw-r--r-- root/root 40205 2023-03-08 04:50 ./usr/share/man/man1/yt-dlp.1.gz
drwxr-xr-x root/root 0 2023-03-08 04:50 ./usr/share/zsh/
drwxr-xr-x root/root 0 2023-03-08 04:50 ./usr/share/zsh/site-functions/
-rw-r--r-- root/root  6170 2023-03-08 04:50 
./usr/share/zsh/site-functions/_yt-dlp

So unless something differs in my stable chroot (or pbuilder), this 
appears to be something that's now fixed!


At this point, with bookworm right around the corner, yt-dlp backports are 
soon to stop for bullseye anyway.



Regards,

~Unit 193
Unit193 @ Libera
Unit193 @ OFTC



Thanks,
Fab

On 04/03/2023 01:00, Unit 193 - unit...@unit193.net wrote:

Howdy,

On Fri, 3 Mar 2023, Fab wrote:


Package: yt-dlp
Version: 2023.02.17-1
Severity: normal
Tags: patch
X-Debbugs-Cc: debian.fab@erine.email

Hello,

provided patch just adds the debian/yt-dlp.manpages

The file only contains "yt-dlp.1" (built in the root dir).

This allows one to use `man yt-dlp`.


Umm.  Did you try that now?  Perhaps you should.

unit193@Loki:~$ dpkg -L yt-dlp | grep man1/yt-dlp
/usr/share/man/man1/yt-dlp.1.gz
unit193@Loki:~$ man yt-dlp | wc -l
2462
unit193@Loki:~$ apt-cache policy yt-dlp
yt-dlp:
  Installed: 2023.02.17-1
  Candidate: 2023.02.17-1
  Version table:
 *** 2023.02.17-1 500
        100 http://deb.debian.org/debian unstable/main amd64 
Packages

        100 /var/lib/dpkg/status


As you can see here, the package already ships a manpage.  Perhaps you 
installed from somewhere else?


You can also view it online: 
https://manpages.debian.org/testing/yt-dlp/yt-dlp.1.en.html



~Unit 193
Unit193 @ Libera
Unit193 @ OFTC

Bug#1032495: kea-dhcp4-server: apparmor profile prohibit start

[Benedikt Spranger]

Package: kea-dhcp4-server
Version: 2.2.0-5
Severity: important
X-Debbugs-Cc: none, Benedikt Spranger 

Dear maintainer,

after an update kea-dhcp4 refuses to start due to an apparmor
missconfiguration. To track down the problem I started the server
manualy. No luck. Same error(s) - Therefore further step backs.
Here to reproduce the problem:

1) Install kea-dhcp4-server
2) Start the server manualy:

# kea-dhcp4 -c /etc/kea/kea-dhcp4.conf
Unable to use interprocess sync lockfile (Permission denied): 
/var/run/kea/logger_lockfile
Unable to use interprocess sync lockfile (Permission denied): 
/var/run/kea/logger_lockfile
Unable to use interprocess sync lockfile (Permission denied): 
/var/run/kea/logger_lockfile
Unable to use interprocess sync lockfile (Permission denied): 
/var/run/kea/logger_lockfile
Unable to use interprocess sync lockfile (Permission denied): 
/var/run/kea/logger_lockfile
Unable to use interprocess sync lockfile (Permission denied): 
/var/run/kea/logger_lockfile
Unable to use interprocess sync lockfile (Permission denied): 
/var/run/kea/logger_lockfile
Unable to use interprocess sync lockfile (Permission denied): 
/var/run/kea/logger_lockfile
Unable to use interprocess sync lockfile (Permission denied): 
/var/run/kea/logger_lockfile
Unable to use interprocess sync lockfile (Permission denied): 
/var/run/kea/logger_lockfile
Unable to use interprocess sync lockfile (Permission denied): 
/var/run/kea/logger_lockfile

After adopting /etc/apparmor.d/usr.sbin.kea-dhcp4 by adding
"owner /run/kea/logger_lockfile rwk,":

# kea-dhcp4 -c /etc/kea/kea-dhcp4.conf
2023-03-08 04:49:34.880 INFO  [kea-dhcp4.dhcp4/26720.140090514692544] 
DHCP4_STARTING Kea DHCPv4 server version 2.2.0 (stable) starting
2023-03-08 04:49:34.881 WARN  [kea-dhcp4.dhcp4/26720.140090514692544] 
DHCP4_CONFIG_SYNTAX_WARNING configuration syntax warning: 
/etc/kea/kea-dhcp4.conf:436.39: Extraneous comma. A piece of configuration may 
have been omitted.
INFO  HOSTS_BACKENDS_REGISTERED the following host backend types are available: 
mysql postgresql
INFO  DHCPSRV_CFGMGR_SOCKET_TYPE_DEFAULT "dhcp-socket-type" not specified , 
using default socket type raw
INFO  DHCPSRV_CFGMGR_NEW_SUBNET4 a new subnet has been added to configuration: 
192.0.2.0/24 with params: t1=900, t2=1800, valid-lifetime=3600
INFO  COMMAND_ACCEPTOR_START Starting to accept connections via unix domain 
socket bound to /run/kea/kea4-ctrl-socket
INFO  DHCP4_CONFIG_COMPLETE DHCPv4 server has completed configuration: added 
IPv4 subnets: 1; DDNS: disabled
INFO  DHCPSRV_MEMFILE_DB opening memory file lease database: lfc-interval=3600 
type=memfile universe=4
INFO  DHCPSRV_MEMFILE_LEASE_FILE_LOAD loading leases from file 
/var/lib/kea/kea-leases4.csv
2023-03-08 04:49:34.884 ERROR [kea-dhcp4.dhcp4/26720.140090514692544] 
DHCP4_CONFIG_LOAD_FAIL configuration error using file: /etc/kea/kea-dhcp4.conf, 
reason: Unable to open database: unable to open '/var/lib/kea/kea-leases4.csv'
2023-03-08 04:49:34.885 ERROR [kea-dhcp4.dhcp4/26720.140090514692544]
DHCP4_INIT_FAIL failed to initialize Kea server: configuration error
using file '/etc/kea/kea-dhcp4.conf': Unable to open database: unable to
open '/var/lib/kea/kea-leases4.csv'

I was unable to fix that issue exept by removing the entiere apparmor
profile.

Regards
Benedikt Spranger

Bug#1032221: [pkg-cryptsetup-devel] Bug#1032221: cryptsetup: libgcc_s.so.1 must be installed for pthread_exit to work

[Christoph Anton Mitterer]

Hey Guilhem.

Is it possible that your fix doesn't work on not-yet-usr-merged
systems?

I get here:
$ env --unset=LD_PRELOAD ldd /sbin/cryptsetup | sed -nr 
'/.*=>\s*(\S+)\/libargon2\.so\..*/ {s//\1/p;q}'
/usr/lib/x86_64-linux-gnu


but:
$ dpkg -L libgcc-s1 
/lib/x86_64-linux-gnu
/lib/x86_64-linux-gnu/libgcc_s.so.1


On non-usr-merged systems, copy_libgcc doesn't seem to include it then.

Please don't solve this by depending on usr-merge (not that I'd have
anything against it, but I'd like to migrate my systems only when this
becomes the next stable).


Cheers,
Chris.

Bug#1032493: Acknowledgement (linux-image-6.1.0-5-amd64: Kernel freezes computer on CPU soft lockup - CPU thread getting stuck)

[Dario Andres Susman]

I'm very sorry.

Please merge 1032494 with this bug. It has the screenshots with the 
details I missed.


Best regards,
Dario Susman

On 07/03/2023 23:06, Debian Bug Tracking System wrote:

Thank you for filing a new Bug report with Debian.

You can follow progress on this Bug here: 1032493: 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032493.

This is an automatically generated reply to let you know your message
has been received.

Your message is being forwarded to the package maintainers and other
interested parties for their attention; they will reply in due course.

Your message has been sent to the package maintainer(s):
  Debian Kernel Team 

If you wish to submit further information on this problem, please
send it to 1032...@bugs.debian.org.

Please do not send mail to ow...@bugs.debian.org unless you wish
to report a problem with the Bug-tracking system.





OpenPGP_signature
Description: OpenPGP digital signature

Bug#1032493: linux-image-6.1.0-5-amd64: Kernel freezes computer on CPU soft lockup - CPU thread getting stuck

[Dario Susman]

Package: src:linux
Version: 6.1.12-1
Severity: important
Tags: upstream

Dear Maintainer,

After just a few days of uptime, the computer throws "BUG: soft lockup -
CPU## stuck for nnn!"
The only thing I can do is reboot.
I've replaced motherboard, checked the RAM stick with memtest (which
resulted in no errors). However, the problem keeps there.
I can't remember well, but I don't believe this happened with kernel 5.x
and it started happening ever since 6.x came out in Debian/testing.

The CPU is an AMD Ryzen 7 1700X, 8GB of RAM. 

This CPU hasn't have given me any grief for quite some time, but reading
over some articles it would appear to be a kernel bug? 

I'd like to be sure before I replace the CPU, which is not quite a cheap
thing in Argentina.

Thank you very much for your help.

Best regards,
Dario Susman



-- Package-specific info:
** Version:
Linux version 6.1.0-5-amd64 (debian-ker...@lists.debian.org) (gcc-12 (Debian 
12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP 
PREEMPT_DYNAMIC Debian 6.1.12-1 (2023-02-15)

** Command line:
BOOT_IMAGE=/boot/vmlinuz-6.1.0-5-amd64 
root=UUID=16e84623-5d05-4f7b-b741-ad28bcc81a9f ro initrd=/install/initrd.gz 
text fbcon=scrollback:8192k net.ifnames=0 apparmor=0 crashkernel=384M-:128M

** Not tainted

** Kernel log:
[4.340192] radeon :07:00.0: vgaarb: deactivate vga console
[4.340845] Console: switching to colour dummy device 80x25
[4.341093] [drm] initializing kernel modesetting (CEDAR 0x1002:0x68F9 
0x174B:0xE164 0x00).
[4.341152] ATOM BIOS: C09302
[4.341206] radeon :07:00.0: VRAM: 1024M 0x - 
0x3FFF (1024M used)
[4.341210] radeon :07:00.0: GTT: 1024M 0x4000 - 
0x7FFF
[4.341215] [drm] Detected VRAM RAM=1024M, BAR=256M
[4.341217] [drm] RAM width 64bits DDR
[4.341236] [drm] radeon: 1024M of VRAM memory ready
[4.341239] [drm] radeon: 1024M of GTT memory ready.
[4.341246] [drm] Loading CEDAR Microcode
[4.350349] radeon :07:00.0: firmware: direct-loading firmware 
radeon/CEDAR_pfp.bin
[4.351936] radeon :07:00.0: firmware: direct-loading firmware 
radeon/CEDAR_me.bin
[4.352744] radeon :07:00.0: firmware: direct-loading firmware 
radeon/CEDAR_rlc.bin
[4.353875] radeon :07:00.0: firmware: direct-loading firmware 
radeon/CEDAR_smc.bin
[4.353881] [drm] Internal thermal controller with fan control
[4.374730] [drm] radeon: dpm initialized
[4.375557] radeon :07:00.0: firmware: direct-loading firmware 
radeon/CYPRESS_uvd.bin
[4.375594] [drm] GART: num cpu pages 262144, num gpu pages 262144
[4.376388] [drm] enabling PCIE gen 2 link speeds, disable with 
radeon.pcie_gen2=0
[4.393450] [drm] PCIE GART of 1024M enabled (table at 0x0014C000).
[4.393554] radeon :07:00.0: WB enabled
[4.393558] radeon :07:00.0: fence driver on ring 0 use gpu addr 
0x4c00
[4.393564] radeon :07:00.0: fence driver on ring 3 use gpu addr 
0x4c0c
[4.393953] radeon :07:00.0: fence driver on ring 5 use gpu addr 
0x0005c418
[4.399688] radeon :07:00.0: radeon: MSI limited to 32-bit
[4.399831] radeon :07:00.0: radeon: using MSI.
[4.399888] [drm] radeon: irq initialized.
[4.416091] SVM: TSC scaling supported
[4.416096] kvm: Nested Virtualization enabled
[4.416098] SVM: kvm: Nested Paging enabled
[4.416101] SEV supported: 16 ASIDs
[4.416117] SVM: Virtual VMLOAD VMSAVE supported
[4.416119] SVM: Virtual GIF supported
[4.416120] SVM: LBR virtualization supported
[4.417632] [drm] ring test on 0 succeeded in 1 usecs
[4.417641] [drm] ring test on 3 succeeded in 2 usecs
[4.431587] MCE: In-kernel MCE decoding enabled.
[4.437445] intel_rapl_common: Found RAPL domain package
[4.437452] intel_rapl_common: Found RAPL domain core
[4.593464] [drm] ring test on 5 succeeded in 1 usecs
[4.593476] [drm] UVD initialized successfully.
[4.593683] [drm] ib test on ring 0 succeeded in 0 usecs
[4.593735] [drm] ib test on ring 3 succeeded in 0 usecs
[5.262048] [drm] ib test on ring 5 succeeded
[5.262375] [drm] Radeon Display Connectors
[5.262378] [drm] Connector 0:
[5.262380] [drm]   HDMI-A-1
[5.262382] [drm]   HPD2
[5.262384] [drm]   DDC: 0x6440 0x6440 0x6444 0x6444 0x6448 0x6448 0x644c 
0x644c
[5.262388] [drm]   Encoders:
[5.262389] [drm] DFP1: INTERNAL_UNIPHY1
[5.262391] [drm] Connector 1:
[5.262393] [drm]   DVI-I-1
[5.262394] [drm]   HPD4
[5.262396] [drm]   DDC: 0x6460 0x6460 0x6464 0x6464 0x6468 0x6468 0x646c 
0x646c
[5.262399] [drm]   Encoders:
[5.262401] [drm] DFP2: INTERNAL_UNIPHY
[5.262403] [drm] CRT1: INTERNAL_KLDSCP_DAC1
[5.262405] [drm] Connector 2:
[5.262406] [drm]   VGA-1
[5.262408] [drm]   DDC: 0x6430 0x6430 0x6434 0x6434 0x6438 0x6438 0x643c 
0x643c
[5.262411] [drm]   Encoders:
[5.262413] [drm]  

Bug#1032492: xfce4-goodies: Please consider adding xfce4-docklike-plugin

[Andrew Chadwick]

Package: xfce4-goodies
Version: 4.18.0
Severity: wishlist
X-Debbugs-Cc: a.t.chadw...@gmail.com

Dear Maintainers,

Would it be possible to package the new(-ish) “Docklike Taskbar” plugin for 
Xfce? A proper dock-ish launcher on the panel is something Xfce could 
really do with.

- https://docs.xfce.org/panel-plugins/start
- https://docs.xfce.org/panel-plugins/xfce4-docklike-plugin/start
- https://gitlab.xfce.org/panel-plugins/xfce4-docklike-plugin

This plugin was languishing for about a year, but it seems to be getting 
some code love again upstream from a new maintainer.


regards,
Andrew Chadwick

Bug#1016183: RFH: crun -- lightweight OCI runtime for running containers

[Faidon Liambotis]

On Thu, Jul 28, 2022 at 06:39:21PM +0200, Bastian Germann wrote:
> Package: wnpp
> 
> The crun maintainer has requested help in #1014306.

I've done a few uploads since (1.5+dfsg-1, 1.8-1 and 1.8.1-1), as well
as prepared an upload for a bullseye-pu (#1031109). Reinhard also worked
on the package a fair bit, and was added as a comaintainer with 1.8-1.

We could always use more hands, but as far as wnpp goes, I think the
maintainer got some help :)

Faidon

Bug#1032482: LXD - issue with btrfs backend loop file

[Mathias Gibbens]

Control: tags -1 + confirmed pending

Hi Sylvain,

  Thanks for reporting this issue and the sleuthing to find the
upstream fix. Shortly I'll be uploading a new version of lxd to
unstable with that commit cherry-picked back into Debian's packaging.

Mathias


signature.asc
Description: This is a digitally signed message part

Bug#1032491: ITP - node-openpgp - OpenPGP implementation for JavaScript

[Sandra Uwah]

Package: wnpp

X-Debbugs-Cc:debian-de...@lists.debian.org

Owner: Sandra Uwah >

X-Debbugs-Cc:sandrauwa...@gmail.com 

Severity: wishlist



* Package name: node-openpgp

  Version : 5.7.0

  Upstream Author : Atsushi Oka

* URL :  https://github.com/openpgpjs/openpgpjs

* License : LGPL-3.0+

  Programming Lang: Javascript

 Description :  OpenPGP implementation for JavaScript

Bug#1032420: libtpms: diff for NMU version 0.9.2-3.1

[Seunghun Han]

Dear Salvatore,

I appreciate your work. Please don't delay it and go through the
process. I'm currently on an urgent project, so I have to do it for a
while.

Best regards,

Seunghun

On Wed, Mar 8, 2023 at 6:45 AM Salvatore Bonaccorso  wrote:
>
> Control: tags 1032420 + patch
> Control: tags 1032420 + pending
>
>
> Dear maintainer,
>
> I've prepared an NMU for libtpms (versioned as 0.9.2-3.1) and
> uploaded it to DELAYED/2. Please feel free to tell me if I
> should delay it longer.
>
> Additionally the changes can be fetches as MR on salsa:
> https://salsa.debian.org/debian/libtpms/-/merge_requests/5
>
> Regards,
> Salvatore

Bug#1028547: MT7921e firmware blob exists but is not found

[Jamie Wilkinson]

Thankyou for this part of your reply:


> That's expected: no firmware is deployed at first, the kernel complains,
> d-i notices, and deploys stuff if relevant firmware packages are found,
> and reload the relevant modules. This reloading is what breaks the
> kernel. See upstream bug report:
>
> https://bugzilla.kernel.org/show_bug.cgi?id=216844


as that was an actually useful response, and explains why
check-missing-firmware never got invoked.

Bug#1032490: python3-pip: Add config option to use --break-system-packages system-wide

[Witold Baryluk]

Package: python3-pip
Version: 23.0.1+dfsg-1
Severity: important
X-Debbugs-Cc: witold.bary...@gmail.com

I do understand PEP-668, and majority of reasons behind it.

But please let me allow to disable this per-user (config and/or env variable)
and/or system-wide (via config), without passing --break-system-packages on 
every
invocation of pip3. (shell alias is not good either).

Using virtualenv, venv, pyenv, pipx, is not an option or preference for me.

I believe one of the options is to remove /usr/lib/python3.11/EXTERNALLY-MANAGED
(via diversion?). If this is so, please document this in Chapter 5, section 
5.2.2
of the bookworm release notes. And possibly in
/usr/share/doc/python3.11/README.venv or somewhere there.

Regards,
Witold

-- System Information:
Debian Release: 12.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.2.0-rc5 (SMP w/32 CPU threads; PREEMPT)
Kernel taint flags: TAINT_UNSIGNED_MODULE, TAINT_SOFTLOCKUP
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python3-pip depends on:
ii  ca-certificates 20211016
ii  python3 3.11.2-1
ii  python3-distutils   3.11.2-2
ii  python3-setuptools  66.1.1-1
ii  python3-wheel   0.38.4-1

Versions of packages python3-pip recommends:
ii  build-essential  12.9
ii  python3-dev  3.11.2-1

python3-pip suggests no packages.

-- no debconf information

Bug#1032317: libc++-15-dev: after installing libc++-15-dev, wasi-wasm32 stddef.h stops declaring size_t

[Faidon Liambotis]

On Fri, Mar 03, 2023 at 05:31:41PM +, Simon McVittie wrote:
> # clang++-15 -c --target=wasi-wasm32 -ostddef-cpp.o stddef.cpp
> # apt-get install --no-install-recommends libc++-15-dev
> # clang++-15 -c --target=wasi-wasm32 -ostddef-cpp.o stddef.cpp
> 
> Expected result: both clang++-15 calls succeed (stddef.h declares size_t)
> 
> Actual result: the second clang++-15 call fails:

(Super helpful bug report, thanks!)

As I mentioned in #1029010 just now, this is a regression from 14->15.
Retracing the same steps with clang-14 & libc++-14-dev-wasm32, there are
no errors and everything works as intended.

Looking at the differences of the include paths between the two by
passing -v to clang, one can see:
  /usr/include/wasm32-wasi/c++/v1
- /usr/lib/llvm-14/lib/clang/14.0.6/include
+ /usr/include/c++/v1
+ /usr/lib/llvm-15/lib/clang/15.0.7/include
  /usr/local/include
  /usr/include/wasm32-wasi
  /usr/include
i.e. /usr/include/c++/v1 (i.e. libc++-15-dev) is included in the include
path only with clang-15. It shouldn't be.

Looking at the interdiff of d/patches/wasm/wasm-sysroot-usr.diff[1]
patch between llvm-toolchain 1:14.0.6-12 and 1:15.0.7-1, it looks line
there are a few hunks that are missing.

Specifically, it looks like the entire patching of the method
WebAssembly::AddClangCXXStdlibIncludeArgs isn't happening anymore. One
of these differences was exactly about this -- the comment says:
  // don't include the host architecture's headers in the search path

Sylvestre, I think you did the 14->15 porting, right? Do you
know/remember what happened there?

Regards,
Faidon

1: Note that the git tree also has d/patches/wasm-sysroot-usr.diff (and
d/patches/wasm-compiler-rt-default.diff) which are earlier versions of
this patch, now unused (not in d/patches/series). I think what happened
was that the files were copied, instead of moved, to d/patches/wasm/.
Here I am talking exclusively about the versions in d/patches/wasm/.
It'd be good to cleanup this cruft to avoid further confusion.

Bug#1029010: llvm-toolchain-15: autopkgtest regression

[Faidon Liambotis]

On Fri, Mar 03, 2023 at 05:46:15PM +, Simon McVittie wrote:
> I've cut down what I think is the root cause of this compile failure to
> a more minimal bug report: see #1032317.

That's super helpful, thanks :) Spoiler alert: I have a suspicion on the
root cause, I'll follow up there.

> I don't think this is *really* a regression, because in the version in
> bookworm, the autopkgtest didn't exercise compilation of C++ into
> WebAssembly at all.

This statement strictly speaking is true, but applies only if you look
at LLVM 15 in isolation. It *is* a regression, in the sense that this
works with llvm-toolchain-14, where the WebAssembly work was first
pushed, today, in both bookworm and sid. For example, retracing your
steps in #1032317 with s/15/14/ does not result into a failure.

> If I understand correctly, when compared with bookworm, the version in
> sid adds a new feature (the necessary -dev packages for compiling C++ into
> WebAssembly) and also adds a smoke-test for that feature, but the feature
> doesn't yet work as intended. Is that accurate?

Kind of -- again, strictly speaking, true for libc++-15-dev-wasm32.
However, there is a metapackage, libc++-dev-wasm32, which Depends on the
default implementation, which is libc++-14-dev-wasm32 right now. That
metapackage has at least one notable reverse B-D, firefox, using it to
build certain security/sandboxing features (RLBox[1], AIUI). That is to
say, this feature works (w/ 14) and does very useful things today. it
(seemingly) broke when it was ported to llvm-toolchain-15, which
src:firefox does not depend on directly.

1: https://rlbox.dev/

Regards,
Faidon

Bug#1028547: Firmware is not udpkg -i before hardware detection

[Jamie Wilkinson]

With respect, you didn't read the first entry in the bug.  There is a
syslog attached, and my syslog is not adding new information.

The mt7912e driver panics on rmmod and the firmware is never loaded.  The
first part of the bug describes this.  I attempted this workaround in order
to get the firmware available to the module before it performed hardware
detection, because otherwise the installer hangs.

Perhaps that information is useful to you to understand the problem?
Perhaps it is useful to other users who encounter this bug.

I'm not trying to tell you what the fix is, I'm trying to give you
additional information to assist in understanding the bug that (so far) two
users with a Mediatek MT9721e have encountered.  I am not a d-i expert, I
only know what I know, and this is the best I could do to work around the
driver crash and thus installer hang.

I would appreciate you not replying with snide remarks in response to every
paragraph in the bug report.   You don't need to repeat yourself either; I
saw your previous update.  This is not a competition, I am only trying to
offer you assistance.

Bug#1028454: nsscache: diff for NMU version 0.42-2.1

[Jamie Wilkinson]

No go for it, thanks.

On Fri, 3 Mar 2023 at 07:27, Adrian Bunk  wrote:

> Control: tags 1028454 + patch
> Control: tags 1028454 + pending
>
> Dear maintainer,
>
> I've prepared an NMU for nsscache (versioned as 0.42-2.1) and uploaded
> it to DELAYED/7. Please feel free to tell me if I should cancel it.
>
> cu
> Adrian
>

Bug#1032487: MR filed

[Christian Kastner]

Control: tags -1 + patch

An MR has been filed under

https://salsa.debian.org/ci-team/autopkgtest/-/merge_requests/219

Bug#1032489: mmdebstrap without root: newuidmap: write to uid_map failed: Operation not permitted

[Dima Kogan]

Package: mmdebstrap
Version: 1.3.1-2
Severity: normal
X-Debbugs-Cc: none, Dima Kogan 

Hi. This is almost certainly not a bug, but I don't understand the
problem, and would like ask here. For a little while now I've been using
mmdebstrap to create bookworm tarballs. This works very nicely. As a
non-root user I would do this:

  mmdebstrap   \   
bookworm   \
image.tar.gz \
http://deb.debian.org/debian

Today I tried this on a different machine. It's also running Debian, but
something is different about it, because this happens:

  mmdebstrap   \   
bookworm   \
image.tar.gz \
http://deb.debian.org/debian

  I: automatically chosen mode: unshare
  I: chroot architecture amd64 is equal to the host's architecture
  I: finding correct signed-by value...
  done
  I: automatically chosen format: tar
  I: using /tmp/mmdebstrap.hu5TsS_2_C as tempdir
  newuidmap: write to uid_map failed: Operation not permitted
  E: newuidmap 1474581  0 60017 1 1 1476256 1 failed: 
  E: child had a non-zero exit status: 1
  E: chown failed

I'm reading the "newuidmap" manpage, but the issue isn't clear to me. In
an attempt to debug, I did this on the working machine:

  strace -f -o /tmp/stlog mmdebstrap 

Doing that makes it fail with that error! So adding strace to a working
mmdebstrap invocation causes this error too.

If I just run the failing "newuidmap" command all by itself in the
shell, it consistently produces that error. This makes me think that
when mmdebstrap is working for me, it's somehow not actually running
newuidmap. I don't know why.

In all cases I see this:

  I: automatically chosen mode: unshare

The mmdebstrap manpage talks about this option, but it's still not clear
to me. Can you please comment? Is the above supposed to work? If so, any
idea why it would fail on some machines and not others? Does it make
sense that strace breaks it?

Thanks!

Bug#1032488: opendrop: arkode (sundials) error prevents interfacial tension analysis

[Drew Parsons]

Package: opendrop
Version: 3.3.1-4
Severity: grave
Tags: patch upstream
Justification: renders package unusable

debian patch sundials_nvector_API6.patch enabled opendrop to build
against sundials 6. 

Nevertheless it still fails when attempting to analysis interfacial
tension measurements:

[ARKODE::ERKStep ERROR]  erkStep_FullRHS
  At t = inf, the right-hand side routine failed in an unrecoverable manner.


[ARKODE ERROR]  ARKODE
  At t = 0, the right-hand side routine failed in an unrecoverable manner.

Exception in callback PendantAnalysisJob._ylfit_done()
handle: )>
concurrent.futures.process._RemoteTraceback: 
"""
Traceback (most recent call last):
  File "/usr/lib/python3.11/concurrent/futures/process.py", line 256, in 
_process_worker
r = call_item.fn(*call_item.args, **call_item.kwargs)
^
  File "/usr/lib/python3/dist-packages/opendrop/fit/younglaplace/__init__.py", 
line 51, in young_laplace_fit
model.set_params(initial_params)
  File "/usr/lib/python3/dist-packages/opendrop/fit/younglaplace/model.py", 
line 86, in set_params
dr_dBo, dz_dBo = radius * shape.DBo(s)
  
  File "opendrop/fit/younglaplace/shape.pyx", line 71, in 
opendrop.fit.younglaplace.shape.YoungLaplaceShape.DBo
  File "opendrop/fit/younglaplace/shape.pyx", line 89, in 
opendrop.fit.younglaplace.shape.YoungLaplaceShape.DBo_array
RuntimeError: ERKStepEvolve() failed.
"""

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/opendrop/vendor/aioglib/_loop.py", line 
463, in __call__
self._context.run(self._callback, *self._args)
  File "/usr/lib/python3/dist-packages/opendrop/app/ift/services/analysis.py", 
line 219, in _ylfit_done
raise e
  File "/usr/lib/python3/dist-packages/opendrop/app/ift/services/analysis.py", 
line 217, in _ylfit_done
result = fut.result()
 
RuntimeError: ERKStepEvolve() failed.



Upstream has prepared a patch to update properly for sundials 6 in
commit cf9d5aa (development branch),
https://github.com/jdber1/opendrop/commit/cf9d5aa2f06d625f306114d001a99934cb913ff0


-- System Information:
Debian Release: 12.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
merged-usr: no
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-5-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_AU:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages opendrop depends on:
ii  gir1.2-gdkpixbuf-2.0  2.42.10+dfsg-1+b1
ii  gir1.2-gtk-3.03.24.36-4
ii  libc6 2.36-8
ii  libgcc-s1 12.2.0-14
ii  libpython3.11 3.11.2-5
ii  libstdc++612.2.0-14
ii  libsundials-arkode5   6.4.1+dfsg1-3
ii  python3   3.11.2-1
ii  python3-cairo 1.20.1-5+b1
ii  python3-gi3.42.2-3+b1
ii  python3-injector  0.20.1-1
ii  python3-matplotlib3.6.3-1+b1
ii  python3-numpy 1:1.24.2-1
ii  python3-opencv4.6.0+dfsg-11
ii  python3-scipy 1.10.1-2

opendrop recommends no packages.

Versions of packages opendrop suggests:
ii  opendrop-doc  3.3.1-4.1

-- no debconf information

Bug#1032487: autopkgtest-virt-podman: fails early with umask 0027

[Christian Kastner]

Package: autopkgtest
Version: 5.28
Severity: normal

When supplying autopkgtest with built binaries (-B) and using the
autopkgtest-virt-podman server, a umask of 0027 will lead to an early
failure, aborting the test.

I'll file an MR fixing this shortly.

Steps to reproduce:

  # Assuming .debs and .dscs from a recently built package
  $ autopkgtest -B *.dsc *.deb -- podman autopkgtest/debian:unstable

  | [...]
  | autopkgtest [23:41:08]: test executables: preparing testbed
  | Reading package lists...
  | Building dependency tree...
  | Reading state information...
  | The following NEW packages will be installed:
  |   apt-utils
  | 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
  | Need to get 309 kB of archives.
  | After this operation, 1062 kB of additional disk space will be used.
  | Get:1 http://deb.debian.org/debian unstable/main amd64 apt-utils amd64 
2.6.0 [309 kB]
  | debconf: delaying package configuration, since apt-utils is not installed
  | Fetched 309 kB in 0s (1692 kB/s)
  | Selecting previously unselected package apt-utils.
  | (Reading database ... 9523 files and directories currently installed.)
  | Preparing to unpack .../apt-utils_2.6.0_amd64.deb ...
  | Unpacking apt-utils (2.6.0) ...
  | Setting up apt-utils (2.6.0) ...
  | Get:1 file:/tmp/autopkgtest-virt-docker.shared.bt1yg15k/downtmp/binaries  
InRelease
  | Ign:1 file:/tmp/autopkgtest-virt-docker.shared.bt1yg15k/downtmp/binaries  
InRelease
  | Get:2 file:/tmp/autopkgtest-virt-docker.shared.bt1yg15k/downtmp/binaries  
Release [816 B]
  | Get:2 file:/tmp/autopkgtest-virt-docker.shared.bt1yg15k/downtmp/binaries  
Release [816 B]
  | Get:3 file:/tmp/autopkgtest-virt-docker.shared.bt1yg15k/downtmp/binaries  
Release.gpg
  | Ign:3 file:/tmp/autopkgtest-virt-docker.shared.bt1yg15k/downtmp/binaries  
Release.gpg
  | Get:4 file:/tmp/autopkgtest-virt-docker.shared.bt1yg15k/downtmp/binaries  
Packages [2210 B]
  | Err:4 file:/tmp/autopkgtest-virt-docker.shared.bt1yg15k/downtmp/binaries  
Packages
  |   Could not open file 
/var/lib/apt/lists/partial/_tmp_autopkgtest-virt-docker.shared.bt1yg15k_downtmp_binaries_Packages
 - open (13: Permission denied)
  | Reading package lists...
  | E: Failed to fetch 
store:/var/lib/apt/lists/partial/_tmp_autopkgtest-virt-docker.shared.bt1yg15k_downtmp_binaries_Packages
  Could not open file 
/var/lib/apt/lists/partial/_tmp_autopkgtest-virt-docker.shared.bt1yg15k_downtmp_binaries_Packages
 - open (13: Permission denied)
  | E: Some index files failed to download. They have been ignored, or old ones 
used instead.
  | [...]

Bug#1032486: goverlay: Please add libglu1-mesa as a runtime dependency.

[Safir Secerovic]

Package: goverlay
Version: 0.9.1-1
Severity: important
X-Debbugs-Cc: stephanlach...@debian.org

Dear Debian Developer,

Could You please add libglu1-mesa as a runtime dependency for goverlay?

I am unsure if it is indeed needed at build time.

Kind regards,
Safir Secerovic



-- System Information:
Debian Release: 12.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
merged-usr: no
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-6-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages goverlay depends on:
ii  libc6 2.36-8
ii  libgl11.6.0-1
ii  libqt5pas12.6+2.2.0+dfsg1-3
ii  libx11-6  2:1.8.4-2
ii  mangohud  0.6.8-2
ii  mesa-utils8.5.0-1
ii  vulkan-tools  1.3.239.0+dfsg1-1

Versions of packages goverlay recommends:
ii  gamescope  3.11.49-1
ii  git1:2.39.2-1.1
ii  vkbasalt   0.3.2.9-1

goverlay suggests no packages.

-- no debconf information

Bug#1031716: Generating stricter dependencies on python3-protobuf rdeps

[Stefano Rivera]

Hi Adrian (2023.03.07_10:09:35_+)
> Creating an own debhelper addon similar to dh_numpy3 would work for 
> automatically creating such dependencies, but is there any way for
> python3-protobuf to inject such versioned runtime dependencies into
> python3:Depends that does not require every rdep to manually add
> addon usage?

Yes, via pydist files, see /usr/share/doc/dh-python/README.PyDist
They are consulted when translating Python .dist-info/.egg-info requires
into Debian dependencies.

You can see a (more complex) example in cffi:
https://salsa.debian.org/python-team/packages/python-cffi/-/blob/master/debian/gen-backend-versions.py

SR

-- 
Stefano Rivera
  http://tumbleweed.org.za/
  +1 415 683 3272

Bug#1032485: ruby-fcgi: Incompatible version with ruby >3.0

[Petr Jurasek]

Package: ruby-fcgi
Version: 0.9.2.1-3+b2
Severity: important

Dear Maintainer,

there's new version 0.9.2.2 on github (https://github.com/alphallc/ruby-fcgi-ng)
with compatibility changes. I compared debian source package with new github 
version and
among other things new construct in ext/fcgi/fcgi.c:
#if !defined(RUBY_API_VERSION_MAJOR) || (RUBY_API_VERSION_MAJOR < 3)
  rb_secure(4);
#endif

rb_secure was removed from ruby3.0. In case of this is impossible to include .so
file. If I use irb on bookworm:
irb(main):001:0> require 'fcgi.so'
:85:in 
`require': /usr/lib/i386-linux-gnu/ruby/vendor_ruby/3.1.0/fcgi.so: undefined 
symbol: rb_secure - /usr/lib/i386-linux-gnu/ruby/vendor_ruby/3.1.0/fcgi.so 
(LoadError)



-- System Information:
Debian Release: bookworm/sid
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'testing'), (500, 'oldstable')
Architecture: i386 (i686)

Kernel: Linux 6.1.0-3-686-pae (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ruby-fcgi depends on:
ii  libc6   2.36-8
ii  libfcgi0ldbl2.4.2-2
ii  libruby 1:3.1
ii  libruby3.1  3.1.2-6
ii  ruby1:3.1
ii  ruby2.1 [ruby-interpreter]  2.1.5-2+deb8u3

ruby-fcgi recommends no packages.

ruby-fcgi suggests no packages.

-- no debconf information

-- debsums errors found:
debsums: changed file /usr/lib/ruby/vendor_ruby/fcgi.rb (from ruby-fcgi:i386 
package)

Bug#1032484: django-macaddress: Please package new upstream releases for compatibility with recent Django versions

[Lars Kruse]

Source: django-macaddress
Version: 1.5.0-3
Severity: wishlist

Dear Maintainer,

a few minor releases were published for django-macaddress during the
last years.
Mostly they deal with issues regarding compatibility with more recent
Django versions.
See [1] for details.

I would really appreciate, if you could package the latest upstream
version of django-macaddress.
Maybe even in time for Bookworm? That would be fabulous!

Thank you for maintaining this package!

Cheers,
Lars

[1] https://github.com/django-macaddress/django-macaddress/releases

Bug#1007926: Crash backtrace

[Rob Leslie]

Version 1.4.0~beta1+dfsg-6+deb11u1 from stable crashes consistently given 
messages from the new (migrated) postfix-users mailing list. There is something 
perhaps about the Arc-* headers it does not like.

Backtrace:

#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x7f043c551537 in __GI_abort () at abort.c:79
#2  0x7f043c55140f in __assert_fail_base (
fmt=0x7f043c6c96a8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", 
assertion=0x55dce6abd1a7 "string != NULL", 
file=0x55dce6abd16b "opendmarc-arcares.c", line=104, 
function=) at assert.c:92
#3  0x7f043c560662 in __GI___assert_fail (
assertion=0x55dce6abd1a7 "string != NULL", 
file=0x55dce6abd16b "opendmarc-arcares.c", line=104, 
function=0x55dce6abd260 "opendmarc_arcares_strip_whitespace")
at assert.c:101
#4  0x55dce6ab7a44 in ?? ()
#5  0x55dce6ab313f in ?? ()
#6  0x7f043c7435ec in mi_engine ()
   from /lib/x86_64-linux-gnu/libmilter.so.1.0.1
#7  0x7f043c745f6e in ?? () from /lib/x86_64-linux-gnu/libmilter.so.1.0.1
#8  0x7f043c70bea7 in start_thread (arg=)
at pthread_create.c:477
#9  0x7f043c62ba2f in clone ()
at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Version 1.4.2-2+b1 from testing does not have this problem.

-- 
Rob Leslie
r...@mars.org

Bug#1032482:

[Sylvain Tgz]

I found a related issue on upstream git.
https://github.com/lxc/lxd/pull/11333
Following date of 5.0.2 and issue creation. This fix is not present on 5.0.2.

Bug#1032393: [Pkg-shadow-devel] Bug#1032393: [PATCH v2 1/2] debian/control: Sort alphabetically package lists

[Bálint Réczey]

Hi Alejandro,

Alejandro Colomar  ezt írta (időpont: 2023.
márc. 5., V, 20:44):
>
> Package: passwd
> Source: shadow
> Tags: patch
> X-Debbugs-CC: Bálint Réczey 
> X-Debbugs-CC: Iker Pedrosa 
> X-Debbugs-CC: Serge Hallyn 
>
> Signed-off-by: Alejandro Colomar 
> Cc: Iker Pedrosa 
> Cc: Serge Hallyn 
> ---
>  debian/control | 24 
>  1 file changed, 12 insertions(+), 12 deletions(-)
>
> diff --git a/debian/control b/debian/control
> index 88198468..3cc66f8d 100644
> --- a/debian/control
> +++ b/debian/control
> @@ -4,20 +4,20 @@ Uploaders: Balint Reczey ,
> Serge Hallyn 
>  Section: admin
>  Priority: required
> -Build-Depends: debhelper-compat (= 13),
> -   gettext,
> -   libcrypt-dev,
> -   libpam0g-dev,
> -   quilt,
> -   xsltproc,
> +Build-Depends: bison,
> +   debhelper-compat (= 13),
> docbook-xsl,
> docbook-xml,

I guess this sorting was done manually, because docbook-xsl and
docbook-xml are not sorted alphabetically.
There is a handy tool wrap-and-sort(1) if you would like to tidy up
Debian package control files.

Cheers,
Balint

Bug#1032483: unblock: drawtiming/0.7.1-8

[Ahmed El-Mahmoudy]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package drawtiming

[ Reason ]
Fixes RC bug #984038

[Tests]
autopkgtest & Piuparts testsed OK: 
https://piuparts.debian.org/sid/source/d/drawtiming.html
https://salsa.debian.org/electronics-team/drawtiming/-/pipelines/508918

[ Checklist ]
  [*] all changes are documented in the d/changelog
  [*] I reviewed all changes and I approve them
  [*] attach debdiff against the package in testing

unblock drawtiming/0.7.1-8

-- 
‎أحمد المحمودي (Ahmed El-Mahmoudy)
 Digital design engineer
GPG KeyIDs: 4096R/A7EF5671 2048R/EDDDA1B7
GPG Fingerprints:
 6E2E E4BB 72E2 F417 D066  6ABF 7B30 B496 A7EF 5761
 8206 A196 2084 7E6D 0DF8  B176 BC19 6A94 EDDD A1B7
diff --git a/debian/changelog b/debian/changelog
index 72d0df3..335b42e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,20 @@
+drawtiming (0.7.1-8) unstable; urgency=medium
+
+  [ Aymeric Agon-Rambosson ]
+  * Add repair-build-c++-17.patch (Closes: #984038).
+  * d/control:
+- Add bison to Build-Depends (needed by upstream Makefile).
+- Replace graphicsmagick with imagemagick to avoid segfault during
+  tests.
+- Replace gsfonts with fonts-urw-base35 (transition), and add
+  fonts-urw-base35 as explicit runtime dependency to prevent segfault.
+
+  [ أحمد المحمودي (Ahmed El-Mahmoudy) ]
+  * Add gitlab-ci.yml
+  * d/gbp.conf: switch to bullseye branch
+
+ -- أحمد المحمودي (Ahmed El-Mahmoudy)   
Sat, 04 Mar 2023 03:07:13 +0100
+
 drawtiming (0.7.1-7) unstable; urgency=medium
 
   [ Dima Kogan ]
diff --git a/debian/control b/debian/control
index ac4079c..5448bb6 100644
--- a/debian/control
+++ b/debian/control
@@ -3,7 +3,12 @@ Section: electronics
 Priority: optional
 Maintainer: Debian Electronics Team 

 Uploaders: أحمد المحمودي (Ahmed El-Mahmoudy) 

-Build-Depends: debhelper (>= 10), graphicsmagick-libmagick-dev-compat, 
pkg-config, gsfonts
+Build-Depends:
+ debhelper (>= 10),
+ libmagick++-6.q16-dev,
+ fonts-urw-base35,
+ pkg-config,
+ bison
 Standards-Version: 4.1.5
 Homepage: http://drawtiming.sourceforge.net/
 Vcs-Git: https://salsa.debian.org/electronics-team/drawtiming.git
@@ -11,7 +16,7 @@ Vcs-Browser: 
https://salsa.debian.org/electronics-team/drawtiming
 
 Package: drawtiming
 Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends}, fonts-urw-base35
 Description: tool for documenting hardware designs through timing diagrams
  Drawtiming is a command-line tool for documenting hardware designs through
  timing diagrams. In inputs textual signal descriptions and outputs image
diff --git a/debian/gbp.conf b/debian/gbp.conf
index f9636dc..c3d8c22 100644
--- a/debian/gbp.conf
+++ b/debian/gbp.conf
@@ -1,3 +1,3 @@
 [DEFAULT]
 pristine-tar = False
-debian-branch = pkg-debian
+debian-branch = bullseye
diff --git a/debian/gitlab-ci.yml b/debian/gitlab-ci.yml
new file mode 100644
index 000..5c575a1
--- /dev/null
+++ b/debian/gitlab-ci.yml
@@ -0,0 +1,6 @@
+include:
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml
+
+variables:
+ RELEASE: 'unstable'
diff --git a/debian/patches/repair-build-c++-17.patch 
b/debian/patches/repair-build-c++-17.patch
new file mode 100644
index 000..8c48ae4
--- /dev/null
+++ b/debian/patches/repair-build-c++-17.patch
@@ -0,0 +1,208 @@
+Description: Fix compile failures for newer g++ release
+Author: Thomas Sailer 
+Forwarded: yes
+Comment: Found on https://sourceforge.net/p/drawtiming/patches/12/
+--- a/src/parser.yy
 b/src/parser.yy
+@@ -42,13 +42,13 @@ statements:
+ statement { $$ = $1; deps.push_back ($1); }
+ | statements ',' statement { $$ = $3; deps.push_back ($3); }
+ | statements ';' statement { $$ = $3; deps.clear (); deps.push_back ($3); }
+-| statements CAUSE statement { $$ = $3; data.add_dependencies ($3, deps); 
++| statements CAUSE statement { $$ = $3; data_.add_dependencies ($3, deps); 
+ deps.clear (); deps.push_back ($3); }
+-| statements DELAY statement { $$ = $3; data.add_delay ($3, $1, $2); }
++| statements DELAY statement { $$ = $3; data_.add_delay ($3, $1, $2); }
+ 
+ statement:
+-SYMBOL '=' SYMBOL { $$ = $1; data.set_value ($1, n, timing::sigvalue ($3)); }
+-| SYMBOL '=' STRING { $$ = $1; data.set_value ($1, n, timing::sigvalue ($3, 
timing::STATE)); }
++SYMBOL '=' SYMBOL { $$ = $1; data_.set_value ($1, n, timing::sigvalue ($3)); }
++| SYMBOL '=' STRING { $$ = $1; data_.set_value ($1, n, timing::sigvalue ($3, 
timing::STATE)); }
+ | SYMBOL { $$ = $1; };
+ 
+ %%
+--- a/src/globals.h
 b/src/globals.h
+@@ -22,7 +22,7 @@
+ #define YYSTYPE std::string
+ 
+ extern unsigned n;
+-extern timing::data data;
++extern timing::data data_;
+ extern timing::signal_sequence deps;
+ 
+ #endif
+--- a/src/timing.cc
 b/src/timing.cc
+@@ -113,16 +113,16 @@ sigdata ::operator= (const sigda
+ 
+ // 

Bug#919234: ttls fails with tls 1.3, enabled by default

[Bernhard Schmidt]

Control: tags -1 + pending

Hi Fabio,

Am 07.03.23 um 17:00 schrieb Fabio PEDRETTI:

Hi, 3.2.1 currently in testing fixed most issues, however there is
still an issue preventing freeradius working with TLS 1.3.

The issue was reported upstream at:
https://github.com/FreeRADIUS/freeradius-server/issues/4878
and the commit fixing it is:
https://github.com/FreeRADIUS/freeradius-server/commit/0812bc1768cedc420adc03e86893d798fa19e872

That commit is already included in upstream 3.2.2.

So please consider upgrading to 3.2.2 (suggested, given this release
also fixes some other bugs), or apply the mentioned commit.

I updated the severity and forwarded bug reflecting this.


Thanks a lot for the investigation.

I have just uploaded 3.2.1-2 to the archive, could you please test this 
version? Importing the new 3.2.2 upstream version at this stage of the 
release freeze is not possible, see 
https://release.debian.org/testing/freeze_policy.html .


Bernhard

Bug#1032482: LXD - issue with btrfs backend loop file

[Sylvain Tgz]

Package: lxd
Severity: important

Hello,

I had an issue when using a btrfs backend loop file.
To confirm the issue, I bootstrapped a fresh Deb12 install. This is
the method to reproduce the issue.

After installed lxd,btrfs-progs and done the init wizard :

lxc storage create pool_btrfs_1 btrfs size=50GiB
lxc profile device add default root disk path=/ pool=pool_btrfs_1
lxc profile device add default ethlan nic name=ethlan nictype=bridged
parent=brlan
lxc init images:debian/12 Deb12test -v

All seems to be fine, trying to limit storage for this container

lxc config device override Deb12test root size=20GiB
Error: Failed to update device "root": Failed to run: btrfs qgroup
create 0/257 /var/lib/lxd/storage-pools/pool_btrfs_1/containers/Deb12test:
exit status 1 (ERROR: unable to create quota group: File exists)

I've the issue
Try to create a new container

lxc init images:debian/12 Deb12test2 -v
Creating Deb12test2
Error: Failed instance creation: Failed creating instance from image:
Failed to run: btrfs qgroup create 0/256
/var/lib/lxd/storage-pools/pool_btrfs_1/images/3971d4f65afc45437f1a688151487848e966088de60e995d9a6e638e292bae71:
exit status 1 (ERROR: unable to create quota group: File exists)

Issue again, no more action possible :(

After some previous tests I discovered this issue is related to btrfs 6.
Downgrade it :

wget 
http://snapshot.debian.org/archive/debian/20220922T121957Z/pool/main/b/btrfs-progs/btrfs-progs_5.19.1-1_amd64.deb
dpkg -i btrfs-progs_5.19.1-1_amd64.deb

(no reboot performed)

lxc init images:debian/12 Deb12test2 -v
Creating Deb12test2
lxc config device override Deb12test root size=20GiB
Device root overridden for Deb12test

All works fine !

I found this issue on LXD tracker https://github.com/lxc/lxd/issues/11210
Therefore, changelog of 5.0.2 seems have the fix :
https://linuxcontainers.org/lxd/news/#lxd-502-lts-has-been-released
"lxd/storage/drivers/driver/btrfs/utils: Fix getQGroup to suport BTRFS >= 6.0.1"

I will also try to inform upstream devs. I will keep you if I have
news from them.

Sylvain

Bug#1032481: rlottie: FTBS on ppc64el

[Vladimir Petko]

Package: rlottie
Severity: wishlist
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu lunar ubuntu-patch
X-Debbugs-Cc: vladimir.pe...@canonical.com

Dear Maintainer,

rlottie package failed to build from source on ppcl64el with the following
error:

/<>/src/vector/vcowptr.h:52:46: error: ‘operator delete(void*,
unsigned long)’ called on unallocated object
‘vcow_ptr::vcow_ptr()::default_s’ [-Werror=free-nonheap-object]
   52 | if (mModel && (--mModel->mRef == 0)) delete mModel;
  | ^

[1]

In Ubuntu, the attached patch was applied to achieve the following:

 - use default constructor implementation
 - initialise mModel member variable
 - provide the "default" static object value for read() method instead

Thanks for considering the patch.

[1] https://launchpadlibrarian.net/648312166/buildlog_ubuntu-lunar-
ppc64el.rlottie_0.1+dfsg-4_BUILDING.txt.gz


rlottie_0.1+dfsg-4ubuntu1.debdiff
Description: Binary data

Bug#1032420: libtpms: diff for NMU version 0.9.2-3.1

[Salvatore Bonaccorso]

Control: tags 1032420 + patch
Control: tags 1032420 + pending


Dear maintainer,

I've prepared an NMU for libtpms (versioned as 0.9.2-3.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Additionally the changes can be fetches as MR on salsa:
https://salsa.debian.org/debian/libtpms/-/merge_requests/5

Regards,
Salvatore
diff -Nru libtpms-0.9.2/debian/changelog libtpms-0.9.2/debian/changelog
--- libtpms-0.9.2/debian/changelog	2022-03-08 09:34:16.0 +0100
+++ libtpms-0.9.2/debian/changelog	2023-03-07 22:32:00.0 +0100
@@ -1,3 +1,11 @@
+libtpms (0.9.2-3.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * tpm2: Check size of buffer before accessing it (CVE-2023-1017,
+CVE-2023-1018) (Closes: #1032420)
+
+ -- Salvatore Bonaccorso   Tue, 07 Mar 2023 22:32:00 +0100
+
 libtpms (0.9.2-3) unstable; urgency=medium
 
   * Fix ppc64el build errors (Closes: #997969)
diff -Nru libtpms-0.9.2/debian/patches/series libtpms-0.9.2/debian/patches/series
--- libtpms-0.9.2/debian/patches/series	2022-03-08 09:33:30.0 +0100
+++ libtpms-0.9.2/debian/patches/series	2023-03-07 22:32:00.0 +0100
@@ -2,3 +2,4 @@
 0004-fix-ftbfs-bug.patch
 do_not_inline_makeiv.patch
 no_local_check.patch
+tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch
diff -Nru libtpms-0.9.2/debian/patches/tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch libtpms-0.9.2/debian/patches/tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch
--- libtpms-0.9.2/debian/patches/tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch	1970-01-01 01:00:00.0 +0100
+++ libtpms-0.9.2/debian/patches/tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch	2023-03-07 22:32:00.0 +0100
@@ -0,0 +1,55 @@
+From: Stefan Berger 
+Date: Mon, 20 Feb 2023 14:41:10 -0500
+Subject: tpm2: Check size of buffer before accessing it (CVE-2023-1017 &
+ -1018)
+Origin: https://github.com/stefanberger/libtpms/commit/324dbb4c27ae789c73b69dbf4611242267919dd4
+Bug-Debian: https://bugs.debian.org/1032420
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-1018
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-1017
+
+Check that there are sufficient bytes in the buffer before reading the
+cipherSize from it. Also, reduce the bufferSize variable by the number
+of bytes that make up the cipherSize to avoid reading and writing bytes
+beyond the buffer in subsequent steps that do in-place decryption.
+
+This fixes CVE-2023-1017 & CVE-2023-1018.
+
+Signed-off-by: Stefan Berger 
+---
+ src/tpm2/CryptUtil.c | 6 ++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/tpm2/CryptUtil.c b/src/tpm2/CryptUtil.c
+index 002fde0987a9..8fae5b6903ca 100644
+--- a/src/tpm2/CryptUtil.c
 b/src/tpm2/CryptUtil.c
+@@ -830,6 +830,10 @@ CryptParameterDecryption(
+ 			  + sizeof(session->sessionKey.t.buffer)));
+ TPM2B_HMAC_KEY  key;// decryption key
+ UINT32  cipherSize = 0; // size of cipher text
++
++if (leadingSizeInByte > bufferSize)
++	return TPM_RC_INSUFFICIENT;
++
+ // Retrieve encrypted data size.
+ if(leadingSizeInByte == 2)
+ 	{
+@@ -837,6 +841,7 @@ CryptParameterDecryption(
+ 	// data to be decrypted
+ 	cipherSize = (UINT32)BYTE_ARRAY_TO_UINT16(buffer);
+ 	buffer = [2];   // advance the buffer
++	bufferSize -= 2;
+ 	}
+ #ifdef  TPM4B
+ else if(leadingSizeInByte == 4)
+@@ -844,6 +849,7 @@ CryptParameterDecryption(
+ 	// the leading size is four bytes so get the four byte size field
+ 	cipherSize = BYTE_ARRAY_TO_UINT32(buffer);
+ 	buffer = [4];   //advance pointer
++	bufferSize -= 4;
+ 	}
+ #endif
+ else
+-- 
+2.39.2
+

Bug#1032480: xen: Important cherry-picks for bookworm/updates

[Elliott Mitchell]

Package: src:xen
Version: 4.17.0+46-gaaf74a532c-1
Severity: important

Two major bugs have shown with the release of new hardware from AMD.
Since the new hardware is likely to become common during the life of
Debian/bookworm, you may wish to grab them early:

ad15a0a8ca2515d8ac58edfc0bc1d3719219cb77
x86/time: prevent overflow with high frequency TSCs

Turns out the latest generation is fast enough to cause overflows.



I haven't found a patch for the other one yet.  There is some issue with
the latest generation which needs "x2apic=false" on Xen's command-line
in order to get interrupts to domain 0.  I'm guessing the latest from AMD
broke the PIC emulation.

If this isn't actually patched yet, I suspect it soon will be.  I haven't
observed anything on xen-devel, so perhaps the workaround was found too
quickly to get noticed as urgent.


Now to continuing the work on figuring out the consequences from
upgrading hardware a bit too early...


-- 
(\___(\___(\__  --=> 8-) EHM <=--  __/)___/)___/)
 \BS (| ehem+sig...@m5p.com  PGP 87145445 |)   /
  \_CS\   |  _  -O #include  O-   _  |   /  _/
8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445

Bug#1032479: libmemcached: CVE-2023-27478

[Salvatore Bonaccorso]

Source: libmemcached
Version: 1.1.3-3
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: fixed -1 1.1.4-1

Hi,

The following vulnerability was published for libmemcached. It is
fixed with the recent upload 1.1.4-1 to unstable already. But the fix
should land in bookworm as well before bookworm release ideally.

CVE-2023-27478[0]:
| libmemcached-awesome is an open source C/C++ client library and tools
| for the memcached server. `libmemcached` could return data for a
| previously requested key, if that previous request timed out due to a
| low `POLL_TIMEOUT`. This issue has been addressed in version 1.1.4.
| Users are advised to upgrade. There are several ways to workaround or
| lower the probability of this bug affecting a given deployment. 1: use
| a reasonably high `POLL_TIMEOUT` setting, like the default. 2: use
| separate libmemcached connections for unrelated data. 3: do not re-use
| libmemcached connections in an unknown state.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-27478
https://www.cve.org/CVERecord?id=CVE-2023-27478

Regards,
Salvatore

Bug#1030464: aiomysql: FTBFS: pkg_resources.extern.packaging.version.InvalidVersion: Invalid version: 'unknown'

[Étienne Mollier]

Hi s3v,

On Fri, 17 Feb 2023 18:27:11 +0100 s3v  wrote:
> After adding python3-setuptools-scm to build depends, I was able to
> build your package in a sid chroot environment.

Thank you for the hint, I'm looking at implementing your
suggestion in the package.

> dpkg-source: info: local changes detected, the modified files are:
>  aiomysql-0.1.1/aiomysql/_scm_version.py
> dpkg-source: info: Hint: make sure the version in debian/changelog matches 
> the unpacked source tree
> dpkg-source: info: you can integrate the local changes with dpkg-source 
> --commit
> dpkg-source: error: aborting due to unexpected upstream changes, see 
> /tmp/aiomysql_0.1.1-3.diff.1zsVoB
> dpkg-buildpackage: error: dpkg-source -b . subprocess returned exit status 2
> 
> 
> To avoid this, I think the removal needs to be added to the other cleanups in 
> debian/rules.

This is not a blocker for the package to make it in buildable
conditions, but this won't hurt neither.  Thanks for pointing
that out!

Have a nice day,  :)
-- 
Étienne Mollier 
Fingerprint:  8f91 b227 c7d6 f2b1 948c  8236 793c f67e 8f0d 11da
Sent from /dev/pts/5, please excuse my verbosity.
On air: Seventh Wonder - Temple In The Storm


signature.asc
Description: PGP signature

Bug#1031284: RFS: wl-mirror/0.12.2-1 [ITP] -- output-mirroring tool for wlroots-based Wayland desktops

[Antoine Beaupré]

On 2023-02-20 07:48:32, Johannes Schauer Marin Rodrigues wrote:
> Hi Ferdinand,
>
> in #1012684 Antoine Beaupré said they'd be happy to sponsor you. Did They
> already contact you about that?

We did talk! :)

> Quoting Ferdinand Bachmann (2023-02-14 16:41:49)
>> Alternatively, you can download the package with 'dget' using this command:
>> 
>>dget -x 
>> https://mentors.debian.net/debian/pool/main/w/wl-mirror/wl-mirror_0.12.2-1.dsc
>> 
>> Additionally, my current development tree for the Debian source package, 
>> including scripts/Dockerfiles (since I am developing this on a 
>> non-Debian system) is the following URL:
>> 
>>https://github.com/Ferdi265/wl-mirror-debian
>
> I tried out your package and it works great on my ARM Cortex A57 platform. How
> does it manage to not consume any CPU even when recursively mirroring itself?

That sounds great!

josch, are you interested in actually sponsoring this? i don't have many
free cycles for this right now, but might be able to look at it again at
some point.

part of the problem for me is i only have a theoritical need for this
right now, so incentives are low. :)

-- 
Programming is a social activity in which communication is a vital
skill. The code you leave behind speaks.
- Kate Gregory

Bug#1032478: qemu-user-static: Python intermittently segfaults when emulating amd64 from arm64

[Dima Kogan]

Package: qemu-user-static
Version: 1:7.2+dfsg-4
Severity: normal
X-Debbugs-Cc: none, Dima Kogan 

Hi. I'm running bookworm on an arm64 machine. I have an amd64 foreign
arch enabled, and running python3:amd64 in a loop sometimes segfaults.
I'm doing this:

  for i in {1..400}; do echo $i; python3 -c "exit()"; done

I see 1-2 crashes usually. The symptoms look exactly like:

  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988174

But this is emulating arm64->amd64, not the other way, like in that bug.
And the issue in that bug was /proc not being mounted, while it doesn't
appear to make a difference here.

I cannot debug deeper right now, but it appears to be very reproducible.
If nobody beats me to it in the next few weeks, I'll try to dig into it.

Thanks!

Bug#1032477: filters man page: lowercase "lolcat"

[Jakub Wilk]

Package: filters
Version: 2.55-3
Severity: minor

$ man filters.6 | grep -w lolcat
   lolcat As seen in internet gifs everywhere.

But "lolcat" was renamed to "LOLCAT" in 2.52 (bug #760910).

--
Jakub Wilk

Bug#994278: Chromium freezes (rarely) and partially locks up my WM (xfce4)

[Andres Salomon]

On Sun, 16 Jan 2022 02:49:01 +1100 Craig Sanders  wrote:
> On Tue, Jan 11, 2022 at 03:33:21PM -0500, Andres Salomon wrote:
> > On Wed, 15 Sep 2021 11:29:48 +1000 Craig Sanders wrote:
> > > Package: chromium
> > > Version: 90.0.4430.212-1
>
> > Can you please tell me if you see this with chromium 97 or above? 
This
> > sounds like a bug related to X11 API usage (ie, grabbing window 
focus and
> > not letting go). We switched backends to ozone (which should be 
better

> > supported), and I'm curious if it still occurs with ozone-x11.
>
> 97?  Is that in experimental?  Latest in sid is 93.0.4577.82-1
>
> According to my /var/log/dpkg.log files, I upgraded to that on Sep 
22 last

> year, about a week after my bug report.
>
> I haven't seen it with this version yet, which is a good sign. It 
happened
> infrequently anyway but I would have expected to see it at least 
once since

> then.
>


It's been over a year, with a lot of new chromium releases (we're 
currently up to 110). I'm planning to close this, unless you've 
continued to see this bug with newer versions.

Bug#1031860: libmariadb3 seems to be the culprit

[Andreas v. Heydwolff]

A solution suggested here when the problem appeared fixed the problem 
for me:


  https://codereview.qt-project.org/c/qt/qtbase/+/363880

--- quote ---
MySQL: remove the version number checks in favor of actual functionality

MariaDB library version 3.2 no longer returns the server version in the
10.x range but the library version itself, which is lower than 4.x. That
meant we concluded the server did not support prepared statements.

And because of the lack of prepared statements, all QDateTime
conversions failed, because of the timezone. I don't know if this was
intended or what, but it's a side issue.

[ChangeLog][QtSql][MySQL] Fixed the detection of whether the client and
server support prepared statements. This was caused by the mariadb
connector library reporting its own version numbers (starting in version
3.2) instead of the server version.
--- quote ---

I replaced

  libmariadb3_1%3a10.3.38-0+deb10u1_amd64.deb

with

  libmariadb3_1%3a10.3.36-0+deb10u2_amd64.deb

and now everything is functional again although the mariadb client and 
server packages are all at 10.3..38.


I'm not a programmer and have no ide where to fix this, but for now 
pinning libmariadb3 at v10.3.36 does the job.


Best,
Andreas

Bug#1032476: apache2: CVE-2023-25690 CVE-2023-27522

[Salvatore Bonaccorso]

Source: apache2
Version: 2.4.55-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerabilities were published for apache2.

CVE-2023-25690[0]:
| Some mod_proxy configurations on Apache HTTP Server versions 2.4.0
| through 2.4.55 allow a HTTP Request Smuggling attack. Configurations
| are affected when mod_proxy is enabled along with some form of
| RewriteRule or ProxyPassMatch in which a non-specific pattern matches
| some portion of the user-supplied request-target (URL) data and is
| then re-inserted into the proxied request-target using variable
| substitution. For example, something like: RewriteEngine on
| RewriteRule "^/here/(.*)" "http://example.com:8080/elsewhere?$1;; [P]
| ProxyPassReverse /here/ http://example.com:8080/ Request
| splitting/smuggling could result in bypass of access controls in the
| proxy server, proxying unintended URLs to existing origin servers, and
| cache poisoning. Users are recommended to update to at least version
| 2.4.56 of Apache HTTP Server.


CVE-2023-27522[1]:
| HTTP Response Smuggling vulnerability in Apache HTTP Server via
| mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30
| through 2.4.55. Special characters in the origin response header can
| truncate/split the response forwarded to the client.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-25690
https://www.cve.org/CVERecord?id=CVE-2023-25690
[1] https://security-tracker.debian.org/tracker/CVE-2023-27522
https://www.cve.org/CVERecord?id=CVE-2023-27522

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1032446: rust-brotli-decompressor: rust-brotli-decompressor:@ autopackage test fails due to the compile error

[Vladimir Petko]

Hi,

 Thank you very much 

Best Regards,
 Vladimir.

On Tue, Mar 7, 2023 at 5:57 PM Peter Green  wrote:
>
> retitle 1032446 rust-brotli fails to build with std and unsafe features 
> enabled together
> thanks
>
> >
> > Would it be possible to consider addressing the compilation errors or
> > the package removal?
>
> The compile errors only happen when both the "std" (enabled by default)
> and "unsafe" (disabled by default) features are enabled. As such I
> think removal would be highly disproportionate.
>
> I've marked the "all-features" (aka "@") tests as "broken" for
> now and filed a bug upstream.
>
> https://github.com/dropbox/rust-brotli-decompressor/issues/23

Bug#1026062: kded5: kded crashes with signal 11

[Ronald Púpala]

Package: kded5
Version: 5.103.0-1
Followup-For: Bug #1026062

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-5-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=sk_SK.UTF-8, LC_CTYPE=sk_SK.UTF-8 (charmap=UTF-8), 
LANGUAGE=sk:en_US
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages kded5 depends on:
ii  libc6  2.36-8
ii  libkf5configcore5  5.103.0-1
ii  libkf5coreaddons5  5.103.0-1
ii  libkf5crash5   5.103.0-1
ii  libkf5dbusaddons5  5.103.0-1
ii  libkf5service-bin  5.103.0-1
ii  libkf5service5 5.103.0-1
ii  libqt5core5a   5.15.8+dfsg-2
ii  libqt5dbus55.15.8+dfsg-2
ii  libqt5gui5 5.15.8+dfsg-2
ii  libqt5widgets5 5.15.8+dfsg-2
ii  libstdc++6 12.2.0-14

kded5 recommends no packages.

kded5 suggests no packages.

-- no debconf information

The bug also appears in kded5 version 5.103.0-1 . After kded5 restart, starting 
discover permanently crashes kded.

Bug#1032368: bug#745: dbus-x11: Several processes in Plasma session including krunner have / as current working directory

[Martin Steigerwald]

Mark Hindley - 06.03.23, 17:22:12 CET:
> On Mon, Mar 06, 2023 at 03:25:18PM +, Simon McVittie wrote:
> > What I absolutely don't want is to make the change, and then 2 years
> > later get hate mail from someone telling me that I've broken their
> > system by making dbus-launch prevent /home from being unmounted and
> > "why can't you just" add an option to use daemon(3).
> 
> I think that is a very good point.

I have thought about this some more and the following question came up: 
Why would dbus-launch with $HOME as current working directory prevent 
from unmounting /home any more than any other process that runs with a 
user session? At least with desktop environments like Plasma and GNOME 
there is a ton of other processes blocking unmounting /home. It could be 
with a very limited environment like with a tiling window manager that 
nothing else would be using $HOME as working directory, but that must be 
a very limited environment then, I'd say. Anyway: There will be no hate 
mail from me. Promised.

I did some more testing which in the end is just a confirmation of what I 
could have known already from the previous discussion. While I did not 
confirm the PID of the dbus-launch process started by the "75dbus_dbus-
launch" script it also pretty much confirms that the session DBUS is 
started by that script.

I added

date >/tmp/dbus-launch-started
echo $HOME >/tmp/dbus-launch-home
pwd >/tmp/dbus-launch-pwd

to "/etc/X11/Xsession.d/75dbus_dbus-launch" and

date >/tmp/dbus-update-env-started
echo $HOME >/tmp/dbus-update-env-home
pwd >/tmp/dbus-update-env-pwd

to "/etc/X11/Xsession.d/95dbus_update-activation-env".

And got this:

% grep . /tmp/dbus-launch-*
/tmp/dbus-launch-home:/home/martin
/tmp/dbus-launch-pwd:/home/martin
/tmp/dbus-launch-started:Di 7. Mär 18:02:12 CET 2023

% grep . /tmp/dbus-update-env-*
/tmp/dbus-update-env-home:/home/martin
/tmp/dbus-update-env-pwd:/home/martin
/tmp/dbus-update-env-started:Di 7. Mär 18:02:12 CET 2023

So both are started and both have the right working directory and $HOME 
set to the user starting the X session.

So it is really that chdir("/") in dbus-launch¹ that causes the issue at 
hand and thus there is no way to globally work-around the issue I 
reported, at least not short of recompiling dbus-launch without that 
chdir in place. Actually that is the result that was to be expected. But 
now I confirmed it. I'd wonder that anyone who would really like to have 
the option to have "dbus-launch" as started by "75dbus_dbus-launch" 
having "/" as current working directory could just change the script, 
given the chdir("/") would be patched out of dbus-launch.

[1] https://gitlab.freedesktop.org/dbus/dbus/-/issues/214

Interestingly in "/etc/X11/Xsession.d/95dbus_update-activation-env" 
there is:

  # Note that anything that is D-Bus-activated between here and
  # 95dbus_update-activation-env will not have the complete environment
  # set up by Xsession.d, unless the Xsession.d snippet that sets the
  # environment variable also calls dbus-update-activation-environment.
  # See 

but there are only "90gpg-agent" and "90x11-common_ssh-agent" between 
it. So it seems to be whatever "95dbus_update-activation-env" is doing 
does not including telling dbus-launch to switch working directory to 
$HOME. But at least with anything started through krunner $HOME is set 
correctly to the users home directory.

> KDE is the only area where I have heard of this causing problems and I
> am not aware of any other reports that seem to have the same
> underlying cause. I am not convinced there *is* a consensus for
> change and the risk of changing the default for all users of legacy
> DBus activation seems high.
> 
> Martin, I still think this is for KDE to address if it is important to
> them. I don't think I would push to change the behaviour of DBus in
> either Debian or Devuan at the moment.

So I really hope that KDE developers are willing to make a change. Of 
course they could argue, that it worked before…

Until then I have a workaround for KRunner (a desktop file in Autostart) 
and also one for XDG KDE portal.

It appears to me that in

% cat /usr/share/dbus-1/services/
org.freedesktop.impl.portal.desktop.kde.service
[D-BUS Service]
Name=org.freedesktop.impl.portal.desktop.kde
Exec=/usr/lib/x86_64-linux-gnu/libexec/xdg-desktop-portal-kde
SystemdService=plasma-xdg-desktop-portal-kde.service

as well as

% cat /usr/share/dbus-1/services/org.kde.krunner.service
[D-BUS Service]
Name=org.kde.krunner
Exec=/usr/bin/krunner
SystemdService=plasma-krunner.service

there is no provision to change the working directory for the started 
DBUS service. At least I found no documentation of the specification of 
those DBUS service files.

Something like

sh -c "cd $HOME; /usr/bin/krunner"

resulted in not starting the program at all.

I still found a work-around for the desktop portal, but it is not really 
nice. I added the 

Bug#961884: adding to this

[Tim McConnell]

I used ClamTK to schedule a scan every night at 23:00. 
I would have thought it would be no problem. I also get those messages
from clamonacc. Which leaves me with 2 questions, 1. Shouldn't ClamTK
auto-exclude the needed directories? 2. How long is normal for scanning
a 91GB Home dir? To test if I could run the scan from Clamtk at all I
started a scan at 20:30 and left it to run. I came back at 11:30 AM and
it was still going. Just how long can I expect these to take? And is
there a way to exclude directories? 
Thanks! 
-- 
Tim McConnell 

Bug#1031782: Please don’t enforce --allow-dist-rename

[Stefano Rivera]

Control: found -1 debmirror/1:2.37

> Trying to mirror several suites from extended-lts currently fails with
> the following output.

I can reproduce that with:
$ debmirror --method=http -h deb.freexian.com -r extended-lts -d \
  stretch,stretch-lts --keyring=/root/archive-key.gpg \
  --rsync-extra=none freexian-mirror --exclude='.*' --include='apache2' \
  --omit-suite-symlinks -v

It works if I *only* mirror stretch or stretch-lts, but not the pair of
them into the same archive.

stretch has this in InRelease:

Origin: Freexian
Label: Freexian-Extended-LTS
Suite: stretch
Codename: stretch
Version: 9
Date: Mon, 06 Mar 2023 14:55:10 UTC
Architectures: amd64 i386 armhf
Components: main contrib non-free
Description: Debian 9 Stretch

stretch-lts has this in InRelease:

Origin: Freexian
Label: Freexian-Extended-LTS
Suite: stretch
Codename: stretch-lts
Version: 9
Date: Mon, 06 Mar 2023 14:55:34 UTC
Architectures: amd64 i386 armhf
Components: main contrib non-free
Description: Extended LTS Updates for Debian 9 Stretch

I repeat these in the bug, because Freexian is considering changing this
metadata to avoid breaking tools like debmirror here. So it may not be
reproducible with Freexian Extended LTS for much longer.

SR

-- 
Stefano Rivera
  http://tumbleweed.org.za/
  +1 415 683 3272

Bug#1032475: RFP: python3-aiologger -- Asynchronous non-blocking logging for python and asyncio

[Jeffrey Cliff]

Package: wnpp
Severity: wishlist
* Package name:  python3-aiologger
  Upstream Author :
* URL : https://git.freecumextremist.com/themusicgod1/aiologger
* License : MIT
  Programming Lang: python
  Description :  synchronous non-blocking logging for python and
asyncio

Note this version ( git.freecumextremist.com/themusicgod1 ) has some
changes from the version on pypi which is upstream of it

it is a dependency of aspublic

Bug#1030854: kded5: It keeps on crashing everytime I boot into the system

[Bernhard Übelacker]

Stack trace of thread 67345:
#0  0x7f8daa6a9ccc n/a (libc.so.6 + 0x8accc)
#1  0x7f8daa65aef2 raise (libc.so.6 + 0x3bef2)
#2  0x7f8dabf4c83d _ZN6KCrash19defaultCrashHandlerEi 
(libKF5Crash.so.5 + 0x583d)
#3  0x7f8daa65af90 n/a (libc.so.6 + 0x3bf90)
#4  0x7f8d5553b740 _ZNK10PackageKit11Transaction3tidEv 
(libpackagekitqt5.so.1 + 0x1a740)
#5  0x7f8d555f16f3 n/a (kded_apperd.so + 0xf6f3)
#6  0x7f8d555f1df6 n/a (kded_apperd.so + 0xfdf6)
#7  0x7f8daaae8f4f n/a (libQt5Core.so.5 + 0x2e8f4f)
#8  0x7f8d5552f095 
_ZN10PackageKit6Daemon22transactionListChangedERK11QStringList 
(libpackagekitqt5.so.1 + 0xe095)
#9  0x7f8daaae8f7c n/a (libQt5Core.so.5 + 0x2e8f7c)
#10 0x7f8d55547b38 n/a (libpackagekitqt5.so.1 + 0x26b38)
#11 0x7f8d55548d73 n/a (libpackagekitqt5.so.1 + 0x27d73)
#12 0x7f8dab6c861b n/a (libQt5DBus.so.5 + 0x2361b)
#13 0x7f8daaadd6f0 _ZN7QObject5eventEP6QEvent 
(libQt5Core.so.5 + 0x2dd6f0)
#14 0x7f8dab962fae 
_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent (libQt5Widgets.so.5 + 
0x162fae)



Hello,
this seems similar to the backtrace in bug #1026062.

Kind regards,
Bernhard


https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026062

Bug#1032163: sudo: CVE-2023-27320

[Leandro Cunha]

Control: tags -1 fixed-upstream
X-Debbugs-Cc: s...@packages.debian.org

It has already been resolved by upstream.
Sudo before 1.9.13p2 has a double free in the per-command chroot feature.
This issue does not affect bullseye (see
https://security-tracker.debian.org/tracker/CVE-2023-27320). Just
testing/sid.

References
https://nvd.nist.gov/vuln/detail/CVE-2023-27320
https://www.openwall.com/lists/oss-security/2023/02/28/1
https://www.sudo.ws/releases/stable/#1.9.13p2
http://www.openwall.com/lists/oss-security/2023/03/01/8
https://lists.fedoraproject.org/archives/list/package-annou...@lists.fedoraproject.org/message/FPLXMRAMXC3BYL4DNKVTK3V6JDMUXZ7B/
https://github.com/balabit-deps/balabit-os-9-sudo/commit/9f3e3c41c96aab9e688cb11ced1d07f115ea8b4f.diff
https://github.com/sudo-project/sudo/commit/87ce69246869d9b9d69be278e29e0fc6a3cabdb9.diff
https://security-tracker.debian.org/tracker/CVE-2023-27320

Thanks!

-- 
Cheers,
Leandro Cunha

Bug#1032474: Package: gprename needs updated

[Michael Cowell]

Package: gprename

The version of gprename is quite old in the repository and the latest
version from August has needed updates and bug fixes.

https://sourceforge.net/projects/gprename/

Thanks
Michael

Bug#1032351: wireplumber.service: fails to start, reporting 'Failed to connect to session bus'

[James Addison]

Followup-For: Bug #1032351
X-Debbugs-Cc: bi...@debian.org

On Tue, 7 Mar 2023 14:43:16 +0100, Michael Biebl wrote:
>
> Am 06.03.23 um 13:31 schrieb James Addison:
> > Various other user-context systemd files appear to be missing; I don't think
> > those were removed from the system manually, but nor can I confirm yet what
> > the cause was (if I can, and if there is a bug, then I'll open a separate 
> > bug
> > for that).

> I would suggest to run "debsums" to find missing files.

That was very helpful advice and allowed me to find the remaining packaged
files that were missing from the system; thank you.

Bug#1032473: debian-installer: Put the Show Password in Clear prompt above the Password prompt

[Charles Curley]

Package: debian-installer
Severity: normal
Tags: d-i
X-Debbugs-Cc: charlescur...@charlescurley.com

Dear Maintainer,

In a normal installation, one is prompted for information that is highly 
confidential, such as passwords and encrypted partitions. In the regular 
(non-GUI) installer one moves from field to field with the tab key, tab to go 
forward, shift tab to go backward. Similarly in the GUI, except that one can 
also use the mouse.

In the current password prompt, to show the password in clear, one must tab to 
that prompt, hit the space bar to activate showing the password in clear, then 
shift tab back to enter the password itself.

If the Show Password in Clear prompt were above the password prompt, it would 
be faster: space bar to show the password in clear, then tab to enter the 
password. The downside is for those users who do not want to show the password 
in clear: it adds an extra tab keystroke for them. How often does one really 
need that obfuscation?

Request: put the Show Password in Clear prompt above the password prompt.


-- System Information:
Debian Release: bookworm/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 6.1.0-5-686 (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1031738: installation-guide: documentation about limits to kernel boot parameters is outdated

[James Addison]

Source: installation-guide
Followup-For: Bug #1031738

I'm attempting to rephrase the documentation related to this bug in a merge
request on Salsa:

https://salsa.debian.org/installer-team/installation-guide/-/merge_requests/24/

If anyone would like to review the suggested changes there (or even better,
test their behaviour (I've potentially made a fool of myself on lkml after
misunderstanding the difference between kernel parameters and init arguments)),
then I'd be grateful for your help.

Bug#1032472: fonts-oxygen: out of date package description?

[Jakub Wilk]

Package: fonts-oxygen
Version: 4:5.4.3-4

The package description reads: "a bold weight, plus regular and bold 
italics, and a monospace version will be made". But bold and monospace 
versions are already shipped by this package.


--
Jakub Wilk

Bug#1026062: Upstream bugs

[Vincas Dargis]

Maybe we could raise severity to avoid this bug entering Stable? That would be 
rather regression...

Bug#987008: grub2: diff for NMU version 2.06-8.1

[Antoine Beaupré]

On 2023-03-07 15:59:40, Steve McIntyre wrote:
> On Tue, Mar 07, 2023 at 10:39:04AM -0500, Antoine Beaupré wrote:
>>On 2023-02-26 19:15:39, anar...@debian.org wrote:
>>> Control: tags 987008 + pending
>>>
>>> Dear maintainer,
>>>
>>> I've prepared an NMU for grub2 (versioned as 2.06-8.1) and
>>> uploaded it to DELAYED/2. Please feel free to tell me if I
>>> should delay it longer.
>>>
>>> Note that the package was uploaded to *experimental*, not unstable, as
>>> an extra precaution. Let me know if you will followup with an unstable
>>> update or I should.
>>
>>Timing out.
>>
>>I have now uploaded this package to unstable, DELAYED/2.
>
> Argh, no. I've taken your changes already, but I'm in the middle of
> some other grub work. Let's not waste time and effort on an NMU going
> through the system, complete with signing etc.

Okay, so I'll cancel the NMU.

Bug#1032471: [gxemul] Fix tap device support

[Jan-Benedict Glaw]

Package: gxemul
Version: 0.7.0+dfsg-1+b1

Hi!

I couldn't get tap networking to work at all. Looking at the source
(net_tap_init()), my impression is that this is using the BSD
interface. Googling around, there are forks on eg. Github that
added/fixed tap networking so that it works with Linux. That would be
a great thing to have!

Thanks,
  Jan-Benedict
-- 


signature.asc
Description: PGP signature

Bug#1032470: effect plugins tab missing in kdenlive 22.12.2-1

[Robin]

Package: kdenlive
Version: 22.12.2-1
 

Issue:
  Instead of the expected effects tab there is an empty white area displayed.
  Same for transitions tab.
  This behaviour doesn't change when a project is loaded.
  Everything else in kdenlive seems to work properly.

  See:
  https://i.imgur.com/qigLEyB.jpg
  https://i.imgur.com/2utEH4q.jpg


Expected behaviour:
  The tab "transitions" and the tab "effects" should show not a blank white 
area but the effect- and transition-tools as described in the manual: 
https://docs.kdenlive.org/en/_images/Kdenlive_Effects_tab_22_08.png


Console output:
  $ kdenlive
  Could not detect package type, probably default? App dir is "/usr/bin"
  profilePath from KdenliveSetting::mltPath:  "/usr/share/mlt-7/profiles"
  meltPath from KdenliveSetting::rendererPath:  "/usr/bin/melt-7"
  Empty metadata for  "deinterlace"
  Empty metadata for  "telecide"
  Empty metadata for  "glsl.manager"
  Empty metadata for  "movit.convert"
  Empty metadata for  "movit.crop"
  Empty metadata for  "movit.resample"
  Empty metadata for  "movit.resize"
  Empty metadata for  "audiochannels"
  Empty metadata for  "audioconvert"
  Empty metadata for  "imageconvert"
  Empty metadata for  "avcolour_space"
  Empty metadata for  "avcolor_space"
  Empty metadata for  "avdeinterlace"
  Empty metadata for  "swscale"
  Empty metadata for  "swresample"
  plugin not available: "avfilter.acompressor"
  plugin not available: "avfilter.aecho"
  plugin not available: "avfilter.agate"
  plugin not available: "avfilter.atadenoise"
  plugin not available: "avfilter.bwdif"
  plugin not available: "avfilter.deblock"
  plugin not available: "avfilter.dedot"
  plugin not available: "avfilter.deflate"
  plugin not available: "avfilter.derain"
  plugin not available: "avfilter.doubleweave"
  plugin not available: "avfilter.field"
  plugin not available: "avfilter.framestep"
  plugin not available: "avfilter.fspp"
  plugin not available: "avfilter.graphmonitor"
  plugin not available: "avfilter.hqdn3d"
  plugin not available: "avfilter.inflate"
  plugin not available: "avfilter.lagfun"
  plugin not available: "avfilter.loudnorm"
  plugin not available: "avfilter.mcdeint"
  plugin not available: "avfilter.random"
  plugin not available: "avfilter.removegrain"
  plugin not available: "avfilter.separatefields"
  plugin not available: "avfilter.shuffleplanes"
  plugin not available: "avfilter.sr"
  plugin not available: "avfilter.tmix"
  plugin not available: "avfilter.w3fdif"
  plugin not available: "avfilter.weave"
  plugin not available: "avfilter.yadif"
  plugin not available: "frei0r.baltan"
  plugin not available: "frei0r.bgsubtract0r"
  plugin not available: "frei0r.bigsh0t_eq_mask"
  plugin not available: "frei0r.bigsh0t_eq_to_rect"
  plugin not available: "frei0r.bigsh0t_eq_to_stereo"
  plugin not available: "frei0r.bigsh0t_hemi_to_eq"
  plugin not available: "frei0r.bigsh0t_rect_to_eq"
  plugin not available: "frei0r.bigsh0t_stabilize_360"
  plugin not available: "frei0r.bigsh0t_transform_360"
  plugin not available: "frei0r.delay0r"
  plugin not available: "frei0r.delaygrab"
  plugin not available: "frei0r.lightgraffiti"
  plugin not available: "frei0r.lightgraffiti"
  plugin not available: "frei0r.tehRoxx0r"
  plugin not available: "ladspa"
  plugin not available: "ladspa"
  plugin not available: "ladspa"
  plugin not available: "ladspa.9354877"
  plugin not available: "ladspa"
  plugin not available: "ladspa"
  plugin not available: "ladspa"
  plugin not available: "ladspa"
  plugin not available: "ladspa"
  plugin not available: "ladspa"
  plugin not available: "ladspa"
  plugin not available: "ladspa"
  plugin not available: "movit.unsharp_mask"
  plugin not available: "timewarp"
  plugin not available: "region"

  qrc:/qml/assetList.qml:14:1: module "org.kde.newstuff" is not installed 
   import org.kde.newstuff 1.86 as NewStuff 
   ^
  qrc:/qml/assetList.qml:14:1: module "org.kde.newstuff" is not installed 
   import org.kde.newstuff 1.86 as NewStuff 
   ^
  qml: item not found
  qml: item not found
  qml: item not found
  qml: item not found


Installed packages: (http://ftp.de.debian.org/debian bookworm/main amd64 
Packages)
  kdenlive 22.12.2-1
  kdenlive-data 22.12.2-1
  breeze-icon-theme 4:5.102.0-1
  frei0r-plugins 1.8.0-1+b1
  swh-plugins 0.4.17-2

  No errors were reported by apt during installation.


What did I try already:
  installed additional package  qml-module-org-kde-newstuff
  
  No errors were reported by apt during installation.

Result: No change. Still only blank areas instead of the expected tools in 
these two tabs.


System:
  Running bookworm, kernel 6.1.10-antix.1-amd64-smp
  desktop: icewm 3.3.1-1
  init: runit 2.1.2

Bug#1032469: smartmontools: startup takes too long for systemd

[Matthew Vernon]

Package: smartmontools
Version: 7.2-1
Severity: normal

Hi,

On some of our production servers with a lot of JBOD disks, smartd
takes so long to start up that systemd's default 90s timeout kicks in
and smartd gets killed. Example log extract:

Mar 07 14:15:10 ms-be2070 systemd[1]: Starting Self Monitoring and 
Reporting Technology (SMART) Daemon...

[smartd starts monitoring disks]
Mar 07 14:16:40 ms-be2070 systemd[1]: smartmontools.service: start 
operation timed out. Terminating.
Mar 07 14:16:40 ms-be2070 systemd[1]: smartmontools.service: Failed with 
result 'timeout'.
Mar 07 14:16:40 ms-be2070 systemd[1]: Failed to start Self Monitoring 
and Reporting Technology (SMART) Daemon.


I fixed this by adding a systemd override:
[Service]
TimeoutSec=300

And now all is good:

Mar 07 14:31:53 ms-be2070 systemd[1]: Starting Self Monitoring and 
Reporting Technology (SMART) Daemon...
Mar 07 14:34:06 ms-be2070 systemd[1]: Started Self Monitoring and 
Reporting Technology (SMART) Daemon.


Note the ~2 minute start time.

It seems to me that the default startup timeout ought to be long
enough to work "out of the box", so could the unit file we ship be
adjusted to set a sensible TimeoutSec value, please? 300s seems likely
to be enough.

Thanks,

Matthew

-- System Information:
Debian Release: 11.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable-debug'), (500, 'stable')

Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-21-amd64 (SMP w/48 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE 
not set

Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages smartmontools depends on:
ii  debianutils  4.11.2
ii  libc62.31-13+deb11u5
ii  libcap-ng0   0.7.9-2.2+b1
ii  libgcc-s110.2.1-6
ii  libselinux1  3.1-3
ii  libstdc++6   10.2.1-6
ii  libsystemd0  247.3-7+deb11u1
ii  lsb-base 11.1.0

smartmontools recommends no packages.

Versions of packages smartmontools suggests:
ii  bsd-mailx [mailx]  8.1.2-0.20180807cvs-2
ii  curl   7.74.0-1.3+deb11u7
ii  gpg2.2.27-2+deb11u2
pn  gsmartcontrol  
pn  smart-notifier 
ii  wget   1.21-1+deb11u1

-- Configuration Files:
/etc/smartmontools/run.d/10mail [Errno 2] No such file or directory: 
'/etc/smartmontools/run.d/10mail'


-- no debconf information

Bug#919234: ttls fails with tls 1.3, enabled by default

[Fabio PEDRETTI]

Hi, 3.2.1 currently in testing fixed most issues, however there is
still an issue preventing freeradius working with TLS 1.3.

The issue was reported upstream at:
https://github.com/FreeRADIUS/freeradius-server/issues/4878
and the commit fixing it is:
https://github.com/FreeRADIUS/freeradius-server/commit/0812bc1768cedc420adc03e86893d798fa19e872

That commit is already included in upstream 3.2.2.

So please consider upgrading to 3.2.2 (suggested, given this release
also fixes some other bugs), or apply the mentioned commit.

I updated the severity and forwarded bug reflecting this.

Thanks!

-- 


Informativa sulla Privacy: https://www.unibs.it/it/node/1452 

Bug#987008: grub2: diff for NMU version 2.06-8.1

[Steve McIntyre]

On Tue, Mar 07, 2023 at 10:39:04AM -0500, Antoine Beaupré wrote:
>On 2023-02-26 19:15:39, anar...@debian.org wrote:
>> Control: tags 987008 + pending
>>
>> Dear maintainer,
>>
>> I've prepared an NMU for grub2 (versioned as 2.06-8.1) and
>> uploaded it to DELAYED/2. Please feel free to tell me if I
>> should delay it longer.
>>
>> Note that the package was uploaded to *experimental*, not unstable, as
>> an extra precaution. Let me know if you will followup with an unstable
>> update or I should.
>
>Timing out.
>
>I have now uploaded this package to unstable, DELAYED/2.

Argh, no. I've taken your changes already, but I'm in the middle of
some other grub work. Let's not waste time and effort on an NMU going
through the system, complete with signing etc.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
The two hard things in computing:
 * naming things
 * cache invalidation
 * off-by-one errors  -- Stig Sandbeck Mathisen

Bug#1032468: file-roller: does not work - no error messages except on stderr (org.freedesktop.DBus.Error.ServiceUnknown)

[Vincent Lefevre]

Package: file-roller
Version: 43.0-1
Severity: grave
Justification: renders package unusable

On some machine where file-roller is installed, when I want to open
https://cpan.metacpan.org/authors/id/S/SI/SISYPHUS/Math-MPFR-4.25.tar.gz
from Firefox, Firefox proposes to open the file with "Archive Manager"
as the recommended application. If I choose to do this, nothing happens!

I suppose that this corresponds to file-roller, as
/usr/share/applications/org.gnome.FileRoller.desktop contains
"Name=Archive Manager".

If I look at stderr (which is not visible by default), I can see the
following message that appears when I click OK to open the file:

Failed to register: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: 
org.freedesktop.DBus.Error.ServiceUnknown

First, any recommended application is expected to work without
any issue. Moreover, when something is wrong for an X application,
the application should display an error message in a dialog box,
so that the user can know what's going on; stderr is not sufficient
as it is not visible by default.

-- System Information:
Debian Release: 12.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'stable-security'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
merged-usr: no
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-5-amd64 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=POSIX, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages file-roller depends on:
ii  bzip21.0.8-5+b1
ii  dconf-gsettings-backend [gsettings-backend]  0.40.0-4
ii  libarchive13 3.6.2-1
ii  libc62.36-8
ii  libcairo21.16.0-7
ii  libgdk-pixbuf-2.0-0  2.42.10+dfsg-1+b1
ii  libglib2.0-0 2.74.6-1
ii  libgtk-3-0   3.24.36-4
ii  libhandy-1-0 1.8.1-1
ii  libjson-glib-1.0-0   1.6.6-1
ii  libnautilus-extension4   43.2-1
ii  libpango-1.0-0   1.50.12+ds-1
ii  p7zip-full   16.02+dfsg-8

Versions of packages file-roller recommends:
ii  gvfs  1.50.3-1
ii  yelp  42.2-1

Versions of packages file-roller suggests:
pn  arj  
pn  lha  
ii  lzip 1.23-5
ii  lzop 1.04-2
pn  ncompress
pn  rpm2cpio 
pn  rzip 
ii  sharutils1:4.15.2-9
pn  squashfs-tools   
pn  unace
pn  unalz
pn  unar 
ii  unzip6.0-28
ii  xz-utils [lzma]  5.4.1-0.2
ii  zip  3.0-13
pn  zoo  

-- no debconf information

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#1032467: linux: Enable ACPI_APEI_EINJ and EDAC_IGEN6 for rasdaemon

[Miguel Bernal Marin]

Source: linux
Version: 6.1.12-1
Severity: wishlist
Tags: patch, sid
X-Debbugs-Cc: miguel.bernal.ma...@linux.intel.com, 
jair.de.jesus.gonzalez.plascen...@linux.intel.com

Dear Maintainer,

Please enable the APEI Error INJection (EINJ) (ACPI_APEI_EINJ) and
the Intel client SoC Integrated Memory Controller (EDAC_IGEN6). Both,
are used by the rasdaemon tool for the Intel platforms.

# Intel client SoC Integrated MC (EDAC_IGEN6)

  Support for error detection and correction on the Intel   

  client SoC Integrated Memory Controller using In-Band ECC IP. 

  This In-Band ECC is first used on the Elkhart Lake SoC but

  may appear on others in the future as Alder Lake SoC and Tiger
  Lake SoC.

# APEI Error INJection (EINJ) (ACPI_APEI_EINJ)

  EINJ provides a hardware error injection mechanism, it is 
  mainly used for debugging and testing the other parts of  
  APEI and some other RAS features.

  This one was added as commented out feature at f7d4f56521df
  ("x86 enable new acpi features").

A MR was created at:

https://salsa.debian.org/kernel-team/linux/-/merge_requests/672

Thanks,
Miguel

Bug#987008: grub2: diff for NMU version 2.06-8.1

[Antoine Beaupré]

On 2023-02-26 19:15:39, anar...@debian.org wrote:
> Control: tags 987008 + pending
>
> Dear maintainer,
>
> I've prepared an NMU for grub2 (versioned as 2.06-8.1) and
> uploaded it to DELAYED/2. Please feel free to tell me if I
> should delay it longer.
>
> Note that the package was uploaded to *experimental*, not unstable, as
> an extra precaution. Let me know if you will followup with an unstable
> update or I should.

Timing out.

I have now uploaded this package to unstable, DELAYED/2.

a.

-- 
The ideal situation occurs when the things that we regard as beautiful
are also regarded by other people as useful.
- Donald Knuth

Bug#919234:

[Fabio PEDRETTI]

-- 
ing. Fabio Pedretti
Responsabile U.O.C. "Reti e Sicurezza Informatica"
Università degli Studi di Brescia
Via Valotti, 9 - 25121 Brescia
E-mail: fabio.pedre...@unibs.it

-- 


Informativa sulla Privacy: https://www.unibs.it/it/node/1452 

Bug#1032464: Acknowledgement (ca-certificates-java post-install script requires bash)

[Brian de Alwis]

I see that the debian/ca-certificates-java.postinst script has already been
fixed to be based on /bin/sh.

https://salsa.debian.org/java-team/ca-certificates-java/-/commit/62313abf3dfc0e760fe0af6edf44b8b958e9a89f

On Tue, Mar 7, 2023 at 9:48 AM Debian Bug Tracking System <
ow...@bugs.debian.org> wrote:

> Thank you for filing a new Bug report with Debian.
>
> You can follow progress on this Bug here: 1032464:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032464.
>
> This is an automatically generated reply to let you know your message
> has been received.
>
> Your message is being forwarded to the package maintainers and other
> interested parties for their attention; they will reply in due course.
>
> Your message has been sent to the package maintainer(s):
>  Debian Java Maintainers 
>
> If you wish to submit further information on this problem, please
> send it to 1032...@bugs.debian.org.
>
> Please do not send mail to ow...@bugs.debian.org unless you wish
> to report a problem with the Bug-tracking system.
>
> --
> 1032464: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032464
> Debian Bug Tracking System
> Contact ow...@bugs.debian.org with problems
>

Bug#1032465:

[Mezgani Ali]

The mail address of the maintenance of this interesting package must be
robust well designed.


As it will be printed and burnt into Debian files.

Kind regards,


Mezgani Ali
VP of Engineering
https://www.nativelabs.ma/
+212 644 179 451

On Tue, 7 Mar 2023, 15:51 Renato Gallo,  wrote:

> Package: sponsorship-requests
> Severity: normal
>
> Dear mentors,
>
> I am looking for a sponsor for my package "git":
>
>  * Package name : git
>    Version  : 1:2.40~rc1+next.20230307-1
>Upstream contact : g...@vger.kernel.org
>  * URL  : https://git-scm.com/
>  * License  : Boost, mingw-runtime, dlmalloc, Apache-2.0, Expat, 
> EDL-1.0, BSD-3-clause, ISC, Zlib, GPL-2, GPL-1+ or Artistic-1, LGPL-2.1+, 
> GPL-2+
>  * Vcs  : https://repo.or.cz/w/git/debian.git/
>Section  : vcs
>
> The source builds the following binary packages:
>
>   git - fast, scalable, distributed revision control system
>   git-man - fast, scalable, distributed revision control system (manual pages)
>   git-doc - fast, scalable, distributed revision control system 
> (documentation)
>   git-cvs - fast, scalable, distributed revision control system (cvs 
> interoperability)
>   git-svn - fast, scalable, distributed revision control system (svn 
> interoperability)
>   git-mediawiki - fast, scalable, distributed revision control system 
> (MediaWiki remote helper)
>   git-email - fast, scalable, distributed revision control system (email 
> add-on)
>   git-daemon-run - fast, scalable, distributed revision control system 
> (git-daemon service)
>   git-daemon-sysvinit - fast, scalable, distributed revision control system 
> (git-daemon service)
>   git-gui - fast, scalable, distributed revision control system (GUI)
>   gitk - fast, scalable, distributed revision control system (revision tree 
> visualizer)
>   gitweb - fast, scalable, distributed revision control system (web interface)
>   git-all - fast, scalable, distributed revision control system (all 
> subpackages)
>
> To access further information about this package, please visit the following 
> URL:
>
>   https://mentors.debian.net/package/git/
>
> Alternatively, you can download the package with 'dget' using this command:
>
>   dget -x 
> https://mentors.debian.net/debian/pool/main/g/git/git_2.40~rc1+next.20230307-1.dsc
>
> Changes since the last upload:
>
>  git (1:2.40~rc1+next.20230307-1) experimental; urgency=low
>  .
>* new snapshot, taken from upstream d15644f.
>
>
> p.s.
>
> I was trying to test bleeding edge git but got blocked by the fact that git 
> and git-man deps were
> fighting against each other. As a result everytime apt was trying to 
> uninstall both.
>
> I have decided to take matter in my own hands and I have packaged and tested 
> the latest source from
> git git repository.
>
> Everything works perfectly now.
>
> I have uploaded my packages to mentors because I wanted to share my findings 
> with you.
>
> https://mentors.debian.net/debian/pool/main/g/git/git_2.40~rc1+next.20230307-1.dsc
>
> I'd love to see those packages uploaded to experimental.
>
> Regards,
> --
>   Renato Gallo
>
>

Bug#1032466: Performance problems with nvidia-driver version 525.89.02-1

[Jannick Loch]

Package: nvidia-driver
Version: 525.89.02-1

The first Problem is, when i enable Vsync at any game, the framerate wont sync 
to my monitor refreshrate, it stuck at 60hz.
And the other Problem is, when i install the Extension Dash to Dock, all games 
say that they has more than 60hz, but i can see with my eyes and with a tool, 
that my monitor shows only 60 hz.


I am using Debian GNU/Linux SID with X11 and the Kernel 6.1.12-1.

Bug#1024690: libnss-unknown: should install NSS service via dh_installnss

[Gioele Barabucci]

Dear Ritesh,

a friendly reminder about this bug and the associated patch.

libnss-unknown is the last package in Debian that does not use the 
dh_installnss and modifies /etc/nsswitch.conf via maintscripts.


The patch at 
https://salsa.debian.org/debian/libnss-unknown/-/merge_requests/4 
(refreshed for 0.0.2-3) fixes this issue.


Could you please merge this and upload a new package, so that the 
transition to dh_installnss will be completed in time for Bookworm?


Regards,

--
Gioele Barabucci

Bug#1032407: Cannot start mariadb-server unless manually mkdir -p /var/lib/mysql

[MichaIng]

The Puppet module requires an update: 
https://github.com/search?q=repo%3Apuppetlabs%2Fpuppetlabs-mysql%20%2Fvar%2Flog=code


One option would be to make it create and chown the directory by itself, 
if plain text logs are for some reason needed/wanted.


The probably cleaner option would be if it did not touch the log file 
option at all (same for PID file) to use the package/server defaults, 
which are to log to STDOUT => systemd journal since Bullseye.


Best regards,

Micha

Bug#1032465:

[Renato Gallo]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "git":

 * Package name : git
   Version  : 1:2.40~rc1+next.20230307-1
   Upstream contact : g...@vger.kernel.org
 * URL  : https://git-scm.com/
 * License  : Boost, mingw-runtime, dlmalloc, Apache-2.0,
Expat, EDL-1.0, BSD-3-clause, ISC, Zlib, GPL-2, GPL-1+ or Artistic-1,
LGPL-2.1+, GPL-2+
 * Vcs  : https://repo.or.cz/w/git/debian.git/
   Section  : vcs

The source builds the following binary packages:

  git - fast, scalable, distributed revision control system
  git-man - fast, scalable, distributed revision control system (manual pages)
  git-doc - fast, scalable, distributed revision control system (documentation)
  git-cvs - fast, scalable, distributed revision control system (cvs
interoperability)
  git-svn - fast, scalable, distributed revision control system (svn
interoperability)
  git-mediawiki - fast, scalable, distributed revision control system
(MediaWiki remote helper)
  git-email - fast, scalable, distributed revision control system (email add-on)
  git-daemon-run - fast, scalable, distributed revision control system
(git-daemon service)
  git-daemon-sysvinit - fast, scalable, distributed revision control
system (git-daemon service)
  git-gui - fast, scalable, distributed revision control system (GUI)
  gitk - fast, scalable, distributed revision control system (revision
tree visualizer)
  gitweb - fast, scalable, distributed revision control system (web interface)
  git-all - fast, scalable, distributed revision control system (all
subpackages)

To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/git/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/g/git/git_2.40~rc1+next.20230307-1.dsc

Changes since the last upload:

 git (1:2.40~rc1+next.20230307-1) experimental; urgency=low
 .
   * new snapshot, taken from upstream d15644f.


p.s.

I was trying to test bleeding edge git but got blocked by the fact
that git and git-man deps were
fighting against each other. As a result everytime apt was trying to
uninstall both.

I have decided to take matter in my own hands and I have packaged and
tested the latest source from
git git repository.

Everything works perfectly now.

I have uploaded my packages to mentors because I wanted to share my
findings with you.

https://mentors.debian.net/debian/pool/main/g/git/git_2.40~rc1+next.20230307-1.dsc

I'd love to see those packages uploaded to experimental.

Regards,
-- 
  Renato Gallo

Bug#1032464: ca-certificates-java post-install script requires bash

[Brian de Alwis]

Package: ca-certificates-java
Version: 20190909

ca-certificates-java has an undeclared dependency on bash which leads to
installation failure on systems without bash.

`openjdk-17-jre-headless` fails to install on minimal debian base, such as
gcr.io/gke-release/debian-base:bullseye-v1.4.2-gke.3, due to a failure in
`ca-certificates-java`'s post-install script:

```
# apt-get install --no-install-recommends -y openjdk-17-jre-headless
...
Setting up ca-certificates-java (20190909) ...
dpkg (subprocess): unable to execute installed ca-certificates-java package
post-installation script
(/var/lib/dpkg/info/ca-certificates-java.postinst): No such file or
directory
dpkg: error processing package ca-certificates-java (--configure):
 installed ca-certificates-java package post-installation script subprocess
returned error exit status 2
dpkg: dependency problems prevent configuration of
openjdk-17-jre-headless:amd64:
 openjdk-17-jre-headless:amd64 depends on ca-certificates-java (>=
20190405~); however:
  Package ca-certificates-java is not configured yet.
...
```

The root cause is that
/var/lib/dpkg/info/ca-certificates-java.postinst's shebang specifies
`#!/bin/bash`, but bash is not a declared dependency of the
ca-certificates-java package.

Either the ca-certificates-java package should have a dependency on bash,
or the scripts should be rewritten to not require bash.

Workaround: `apt-get install --no-install-recommends -y bash
openjdk-17-jre-headless`

Bug#1032461: ITS: gtk-gnutella

[Bastian Germann]

Control: retitle -1 RM: gtk-gnutella -- ROM; RC-buggy; gtk2-based package 
missed several releases
Control: reassign -1 ftp.debian.org

Bug#1032351: [Pkg-utopia-maintainers] Bug#1032351: wireplumber.service: fails to start, reporting 'Failed to connect to session bus'

[Michael Biebl]

Am 06.03.23 um 13:31 schrieb James Addison:

Package: wireplumber
Followup-For: Bug #1032351
Control: close -1

After rebooting the system, sound is available again.

Various other user-context systemd files appear to be missing; I don't think
those were removed from the system manually, but nor can I confirm yet what
the cause was (if I can, and if there is a bug, then I'll open a separate bug
for that).


I would suggest to run "debsums" to find missing files.



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1019701: RFP: rpi-imager -- Raspberry Pi Imaging Utility

[Dave Jones]

Hi Francois, Lin,

I'm the maintainer for the current Ubuntu packaging of rpi-imager [1]. 
If Debian's interested in adding this, there's a few changes in the 
Ubuntu packaging that *might* interest Debian (in particular the bits 
that include the JSON schema documentation, and patch out the privacy 
violations that lintian then warns about, and possibly the d/watch file 
as well).


I'm currently prepping the packaging for 1.7.4 but it's a little 
complicated by the new "no-big-endian" check [2] which obviously breaks 
the s390x build. I should probably just disable that build but a part of 
me is tempted to "just fix it"!


Oh, and 1.7.4 also includes the man-page that I previously patched into 
1.7.3 [3].


Anyway, do feel free to grab anything from there if it's wanted!

[1]: https://launchpad.net/ubuntu/+source/rpi-imager/1.7.3+noembed-0ubuntu1

[2]: 
https://github.com/raspberrypi/rpi-imager/commit/142ddfc0370e75a2f49e8c119e5b467f38e6f839

[3]: https://github.com/raspberrypi/rpi-imager/pull/491

Best regards,

Dave Jones.

Bug#1032461: ITS: gtk-gnutella

[Luca BRUNO]

On Tue, 7 Mar 2023 12:05:39 +0100
Bastian Germann  wrote:

> Source: gtk-gnutella
> Version: 1.1.15-1
> 
> I am filing this ITS in order to remove the package after three weeks.
> The last maintainer upload was in 2015, two NMUs since then.

Ack. I think nowadays the userbase for this package is quite limited,
and I'm personally not closely following its development anymore.
That said, upstream is still active on GitHub in case people want to
follow along: https://github.com/gtk-gnutella/gtk-gnutella/

Ciao, Luca

Bug#1032462: ITS: argon2

[Luca BRUNO]

On Tue, 7 Mar 2023 12:11:14 +0100
Bastian Germann  wrote:

> Source: argon2
> Version: 0~20190702-0.1
> 
> There have been 4 NMUs since the last maintainer upload.
> I am filing this ITS in order to orphan the package after three weeks.

Ack, I'm still around but I haven't had much time for Debian packaging
lately. If somebody wants to take over argon2, feel free to
directly take it through salsa.d.o; I can be happily moved as a
last-ditch Uploader there.

Ciao, Luca

Bug#1032463: RFS: socklog/2.1.0+repack-5 [RC] -- system and kernel logging services

[Mathieu Mirmont]

Package: sponsorship-requests
Severity: important

Dear mentors,

I am looking for a sponsor for my package "socklog":

 * Package name : socklog
   Version  : 2.1.0+repack-5
   Upstream contact : Gerrit Pape 
 * URL  : http://smarden.org/socklog
 * License  : BSD-3-clause
 * Vcs  : https://salsa.debian.org/debian/socklog
   Section  : admin

The source builds the following binary packages:

  socklog - system and kernel logging services - binaries
  socklog-run - system and kernel logging services - runit services

To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/socklog/

Alternatively, you can download the package with 'dget' using this
command:

  dget -x
  
https://mentors.debian.net/debian/pool/main/s/socklog/socklog_2.1.0+repack-5.dsc

Changes since the last upload:

 socklog (2.1.0+repack-5) unstable; urgency=medium
 .
   * Various uninteresting changes
   * watch, repack.sh: append +repack to tarball filename
   * Refresh lintian overrides
   * service/socklog-unix: remove supervise symlink (Closes: #1031794)
   * control: bump debian policy to 4.6.2, no change required
   * gitlab-ci.yml: disable unnecessary jobs
   * gbp.conf: add configuration file

Regards,

-- 
Mathieu Mirmont 


signature.asc
Description: Digital signature

Bug#697821: Emirates National Oil Company (ENOC)

[Emirates National Oil Company (ENOC)]

Hello we are inviting your estimated company for vendor registration
and intending partners for Emirates National Oil Company 2023/2024
projects. This projects are open for all companies around the world,
if you have intention to participate in the process, please confirm
your interest by contacting us through our official email address
project...@enocvendor-ea.com

Bug#841891: brickos: Patch used in NMU 0.9.0.dfsg-12.1

[Petter Reinholdtsen]

I got no response in 7 years, so I suspect this package should be
salvaged and moved to the LEGO team.

-- 
Happy hacking
Petter Reinholdtsen

Bug#1032319: gnome-shell: Accessibility Regression: ctrl-alt-tab doesn't stay on top bar

[Simon McVittie]

On Tue, 07 Mar 2023 at 10:33:33 +, Simon McVittie wrote:
> Would it be helpful for your use pattern if GNOME Shell had a specific
> keyboard shortcut to open the system menu, bypassing the need to navigate
> to the top bar first? I'm honestly surprised that it doesn't already: that
> seems like an omission.

I've opened 
for this.

> > I'd like to push back on the idea that sloppy focus is required.

Upstream issues that could be related, all of which seem to be regressions
somewhere around version 42:

* https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/5146
* https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/5270
* https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/5377

5270 and 5377 seem like maybe closer (or at least more specific) matches
for your experience than 5146, but it wouldn't surprise me if there's a
common root cause for all of these.

Unfortunately, nobody who is in a position to fix these has been able to
reproduce any of them.

smcv

Bug#1032462: ITS: argon2

[Bastian Germann]

Source: argon2
Version: 0~20190702-0.1

There have been 4 NMUs since the last maintainer upload.
I am filing this ITS in order to orphan the package after three weeks.

Bug#1032461: ITS: gtk-gnutella

[Bastian Germann]

Source: gtk-gnutella
Version: 1.1.15-1

I am filing this ITS in order to remove the package after three weeks.
The last maintainer upload was in 2015, two NMUs since then.

Bug#1025480: libopenblas0-pthread: octave inv function gives wrong results apparently in newer processors

[Sébastien Villemot]

Control: retitle -1 libopenblas0-pthread: gives wrong results with AVX-512 
kernel
Control: fixed -1 0.3.21+ds-4

Dear Enzo,

Le lundi 05 décembre 2022 à 10:37 -0300, Enzo Alberto Dari a écrit :
> Package: libopenblas0-pthread
> Version: 0.3.13+ds-3
> Severity: important
> Tags: upstream
> X-Debbugs-Cc: da...@ib.edu.ar
> 
> While upgrading my debian OS from 10.x to 11.x (octave 4.4.5 to 6.2.0),
> one of my scripts started failing. I managed to create the following test
> that reproduces the problem:
> 
> % non-singular matrix
> b=[7110.327, -2592.219, 631.419, -288.541, 169.250, -113.431, 82.646, 
> -63.812, 51.448, -42.914;
>  -1218.551, 1508.124, -720.486, 169.250, -74.433, 42.572, -28.131, 20.364, 
> -15.701, 12.683;
>  169.250, -482.641, 674.499, -350.244, 82.646, -36.010, 20.364, -13.333, 
> 9.592, -7.371;
>  -49.544, 82.646, -268.958, 399.001, -215.550, 51.448, -22.463, 12.683, 
> -8.285, 5.950;
>  20.364, -27.810, 51.448, -178.696, 275.664, -152.325, 36.804, -16.173, 
> 9.164, -6.000;
>  -10.260, 12.683, -18.791, 36.804, -132.946, 211.205, -118.438, 28.958, 
> -12.831, 7.317;
>  5.950, -6.944, 9.164, -14.257, 28.958, -107.451, 174.780, -99.104, 24.511, 
> -10.963;
>  -3.839, 4.320, -5.318, 7.317, -11.762, 24.511, -92.803, 153.928, -88.144, 
> 22.050;
>  2.702, -2.966, 3.488, -4.451, 6.304, -10.377, 22.050, -84.854, 143.052, 
> -82.752;
>  -2.050, 2.211, -2.519, 3.056, -4.000, 5.789, -9.704, 20.944, -81.727, 
> 139.664];
> sizeb=n=size(b,1)
> rankb=rank(b)
> % Builds blocked matrix
> B=[eye(n) zeros(n); zeros(n) b];
> % Computes inverse
> inv1=inv(B);
> % Computes inverse by blocks: non-trivial block:
> invb=inv(b);
> % Build inverse by blocks
> inv2=[eye(n) zeros(n); zeros(n) invb];
> % Both inverse matrices should be equal
> diffinvs=norm(inv1-inv2)
> % All these condition numbers should be 1
> cond(inv1*B)
> cond(B*inv1)
> cond(inv2*B)
> cond(B*inv2)
> 
> The computation of "inv1" gives wrong results in:
> -Intel Core i9-9900X
> -Intel Core i9-7900X
> -Intel Core i5-1035G1
> and correct results in:
> -Intel Core i5-750
> -Intel Core i7-4930K
> What pointed me in the direction of a trheads problem was the fact that
> setting OMP_NUM_THREADS to 1 modify the output of the computation, (given
> correct results in some cases).
> The last tests I performed were running octave preloading the pthreads
> and the openmp openblas libraries:
> LD_PRELOAD=/usr/lib/x86_64-linux-gnu/openblas-pthread/libopenblas.so.0 
> octave-cli test.m
> gives incorrect results, while
> LD_PRELOAD=/usr/lib/x86_64-linux-gnu/openblas-openmp/libopenblas.so.0 
> octave-cli test.m
> works ok.
> 
> (by "works ok" I mean the inverse computed by both methods differ only in the
> floating point precision:~2e-17 and all the condition numbers are 1, In the
> case of "failure", the inverses differ by ~0.035 and the condition numbers of
> inv1*B and B*inv1 are about 4.7-4.9)

I can reproduce the problem. It appears when the AVX-512 kernel is used
by OpenBLAS (that kernel is internally called “SKYLAKEX”, you can see
the current kernel by running “version -blas” from Octave). The three
processors on which you experience the problem have AVX-512 support.

Also note that the problem is fixed in the version currently in Debian
testing/unstable.

The challenge now is to find the upstream commit that fixed the bug
(somewhere between versions 0.3.13 and 0.3.21), and then to possibly
backport it to Debian stable.

-- 
⢀⣴⠾⠻⢶⣦⠀  Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁  Debian Developer
⢿⡄⠘⠷⠚⠋⠀  https://sebastien.villemot.name
⠈⠳⣄  https://www.debian.org

Bug#1032319: gnome-shell: Accessibility Regression: ctrl-alt-tab doesn't stay on top bar

[Simon McVittie]

Would it be helpful for your use pattern if GNOME Shell had a specific
keyboard shortcut to open the system menu, bypassing the need to navigate
to the top bar first? I'm honestly surprised that it doesn't already: that
seems like an omission.

One thing that might be helpful is that Super+V will open the notifications
panel (notifications and calendar), and from there you can navigate towards
the System menu with the right arrow key. Unfortunately the number of right
arrow key presses depends whether there are notifications in the panel.

Also, if there is at least one application window open, you can press
Super+F10 to open the application menu, and then the right arrow will
navigate towards the system menu; but that shortcut isn't available if
there are no windows open, making it less useful.

On Sun, 05 Mar 2023 at 08:40:32 -0700, Sam Hartman wrote:
> * Install task-gnome-desktop on top of  effectively debian:bookworm out
>   of docker (roughly debootstrap --varient=minbase)

GNOME isn't really designed to run in a Docker container, and Docker isn't
really designed to run desktop environments, so you might be making things
harder for yourself than they need to be.

> I'd like to push back on the idea that sloppy focus is required.

Are you using Wayland or Xorg?

I tried installing gnome-session, gdm3 and gnome-terminal plus
their Recommends into a virtual machine (to get a smaller version of
task-gnome-desktop without big applications), and couldn't reproduce this
in that environment without enabling sloppy focus: Ctrl+Alt+Tab to the
top bar stayed in the top bar. I also tried installing task-gnome-desktop
and couldn't reproduce this that way either.

As before, I can reproduce this in Wayland mode by enabling sloppy focus.

If I log in to "GNOME on Xorg" instead of the default GNOME session
(which is Wayland), I can't reproduce this at all, even with sloppy focus.

I think there might be some sort of strange focus behaviour for the
Activities button on the top bar: when I switch on sloppy focus and then
press Super+V, I can navigate left and right to all the other items on
the top bar, but when focus reaches the Activities button it gets stuck
and will not move away with further presses of the arrow keys. However,
I tried installing a Shell extension that removes the Activities button,
and that didn't help with the behaviour of gaining and then immediately
losing focus under Wayland with sloppy focus.

> * alt-f2 run gnome-terminal
> * Confirm I'm in the terminal

Current versions of GNOME are initially in Overview mode after login,
and Alt+F2, gnome-terminal will run the terminal but stay in Overview
mode until you press Super. Just to check, are you taking that into
account, and going from Overview mode into normal window-management mode
before testing?

smcv

Bug#930421: My permissions for /etc/courier/shared

[Markus Blatt]

Hi,

I had the same error on my system (Debian 11.6). It seems like the imapd 
process runs as the normal user after login. Hence the shared directory 
needs to be readable and listable for those:


$ chmod o+xr /etc/courier/shared

did the trick and then on my system working permissions are:
$ ls -ld /etc/courier/shared/
drwxr-xr-x 2 root courier 4096 May 17  2016 /etc/courier/shared/

Best,

Markus

Bug#1031716: Generating stricter dependencies on python3-protobuf rdeps

[Adrian Bunk]

Hi,

the problem in #1031716/#1028371 is as follows:

1. python3-protobuf and protobuf-compiler are both built from
   src:protobuf

2. packages using python3-protobuf (e.g. python3-bernhard) ship files 
   that were generated with protobuf-compiler during their build
   (e.g. /usr/lib/python3/dist-packages/bernhard/pb.py )

3. The generated files in python3-protobuf rdeps like python3-bernhard
   might not work with python3-protobuf from a different major release
   of src:protobuf

The manual solution for packages like python3-bernhard would be
Build-Depends: protobuf-compiler (>= 3.21), protobuf-compiler (<< 3.22),
   python3-protobuf (>= 3.21), python3-protobuf (<< 3.22),
Depends: python3-protobuf (>= 3.21), python3-protobuf (<< 3.22),

Creating an own debhelper addon similar to dh_numpy3 would work for 
automatically creating such dependencies, but is there any way for
python3-protobuf to inject such versioned runtime dependencies into
python3:Depends that does not require every rdep to manually add
addon usage?

Thanks
Adrian

Bug#1032460: unblock: thinkfan/1.3.1-4

[Lee Garrett]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: think...@packages.debian.org, deb...@rocketjump.eu
Control: affects -1 + src:thinkfan

Hello release team,

Please unblock package thinkfan. It is a tool to control the fans of Thinkpad
laptops. zcfan is a similar tool that also handles fan control on Thinkpads. To
prevent hardware damage, only one should be installed at the same time
(#1032310).

[ Reason ]
It fixes an RC bug (#1032310).
 
[ Impact ]
Users could accidentally install both zcfan and thinkfan at the same time during
triage, causing unpredictable fan speed, and at worst cause hardware damage.

[ Tests ]
I have manually tested that the added "Conflicts: zcfan" works as intended.

[ Risks ]
Both thinkfan and zcfan are leaf packages. There is no risk as this change just
adds a "Conflicts" between those packages.
(Discussion of the risks involved. E.g. code is trivial or
complex, key package vs leaf package, alternatives available.)

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

$ debdiff thinkfan_1.3.1-3_amd64.deb thinkfan_1.3.1-4_amd64.deb
File lists identical (after any substitutions)

Control files: lines which differ (wdiff format)

{+Conflicts: zcfan+}
Depends: libatasmart4 (>= 0.13), libc6 (>= [-2.30),-] {+2.34),+} libgcc-s1 (>= 
3.0), libstdc++6 (>= [-5.2), libyaml-cpp0.6-] {+11), libyaml-cpp0.7+} (>= 
[-0.6.2)-] {+0.7.0)+}
Installed-Size: [-464-] {+472+}
Version: [-1.3.1-3-] {+1.3.1-4+}

[ Other info ]
(Anything else the release team should know.)

unblock thinkfan/1.3.1-4

Bug#1032435: installation-reports: Fails to install GRUB bootloader

[Pascal Hambourg]

On 07/03/2023 at 09:01, John Talbut wrote:


Install in /dev/sda was just an example, it is the one that the 
installer suggests.


Ok.

I have tried /dev/nvme1n1, /dev/nvme1n1p1 (the ESP 
partition) and /dev/nvme1n1p2 (the boot partition) all with the same 
result: The rescue operation 'grub-reinstall' failed with exit code 1


Weird, installing in /dev/nvme1n1 should be possible even without a BIOS 
boot partition if you have a plain /boot partition. You can check the 
full grub-install error message in the installer log (tty4 or 
/var/log/syslog from tty2 or tty3).


However it is strongly recommended to have a BIOS boot partition when 
installing GRUB for legacy boot on GPT. 1MB is plenty enough.

Bug#1032459: postfix: [INTL:tr] turkish debconf translation update

[Atila KOÇ]

Package: postfix
Version: N/A
Severity: wishlist
Tags: l10n patch

Hello,

Find attached the updated Turkish translation of the postfix debconf 
template.

It has been submitted for review to the debian-l10n-turkish mailing list.
Please include it in your next upload.

Regards,
Atila KOÇ

--- YASAL UYARI ---

# Turkish debconf translation of postfix package
# This file is distributed under the same license as the postfix package.
# Atila KOÇ , 2012, 2014, 2016-2018, 2023.
#
msgid ""
msgstr ""
"Project-Id-Version: postfix\n"
"Report-Msgid-Bugs-To: LaMont Jones \n"
"POT-Creation-Date: 2023-03-06 20:37+\n"
"PO-Revision-Date: 2023-02-14 21:24+0300\n"
"Last-Translator: Atila KOÇ \n"
"Language-Team: Debian L10n Turkish \n"
"Language: tr\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Poedit 2.4.2\n"

#. Type: boolean
#. Description
#: ../templates:1001
msgid "Ignore incorrect hostname entry?"
msgstr "Hatalı 'hostname' girdisi görmezden gelinsin mi?"

#. Type: boolean
#. Description
#: ../templates:1001
msgid ""
"The string '${enteredstring}' does not follow RFC 1035 and does not appear "
"to be a valid IP address."
msgstr ""
"'${enteredstring}' dizgesi RFC 1035 yönergelerine uymuyor ve geçerli bir IP "
"adresi gibi görünmüyor."

#. Type: boolean
#. Description
#: ../templates:1001
msgid ""
"RFC 1035 states that 'each component must start with an alphanum, end with "
"an alphanum and contain only alphanums and hyphens. Components must be "
"separated by full stops.'"
msgstr ""
"RFC 1035'e göre \"her bileşen bir alfanumerik karakter ile başlamalı ve "
"bitmeli, aradaki karakterler ise yalnızca alfanumerik karakterler ile tire "
"imlerinden oluşmalı, bileşenler nokta işareti ile ayrılmalıdırlar\"."

#. Type: boolean
#. Description
#: ../templates:1001
msgid "Please check and confirm if you want to keep your entry."
msgstr "Girdinizi gözden geçirin ve saklayıp saklamayacağınızı belirtin."

#. Type: select
#. Choices
#. Translators beware! the following six strings form a single
#. Choices menu. - Every one of these strings has to fit in a standard
#. 80 characters console, as the fancy screen setup takes up some space
#. try to keep below ~71 characters.
#. DO NOT USE commas (,) in Choices translations otherwise
#. this will break the choices shown to users
#: ../templates:2001
msgid "No configuration"
msgstr "Yapılandırma yok"

#. Type: select
#. Choices
#. Translators beware! the following six strings form a single
#. Choices menu. - Every one of these strings has to fit in a standard
#. 80 characters console, as the fancy screen setup takes up some space
#. try to keep below ~71 characters.
#. DO NOT USE commas (,) in Choices translations otherwise
#. this will break the choices shown to users
#: ../templates:2001
msgid "Internet Site"
msgstr "Internet sitesi"

#. Type: select
#. Choices
#. Translators beware! the following six strings form a single
#. Choices menu. - Every one of these strings has to fit in a standard
#. 80 characters console, as the fancy screen setup takes up some space
#. try to keep below ~71 characters.
#. DO NOT USE commas (,) in Choices translations otherwise
#. this will break the choices shown to users
#: ../templates:2001
msgid "Internet with smarthost"
msgstr "Akıllı makine ile Internet"

#. Type: select
#. Choices
#. Translators beware! the following six strings form a single
#. Choices menu. - Every one of these strings has to fit in a standard
#. 80 characters console, as the fancy screen setup takes up some space
#. try to keep below ~71 characters.
#. DO NOT USE commas (,) in Choices translations otherwise
#. this will break the choices shown to users
#: ../templates:2001
msgid "Satellite system"
msgstr "Uydu sistem"

#. Type: select
#. Choices
#. Translators beware! the following six strings form a single
#. Choices menu. - Every one of these strings has to fit in a standard
#. 80 characters console, as the fancy screen setup takes up some space
#. try to keep below ~71 characters.
#. DO NOT USE commas (,) in Choices translations otherwise
#. this will break the choices shown to users
#: ../templates:2001
msgid "Local only"
msgstr "Yalnızca yerel dağıtım"

#. Type: select
#. Description
#: ../templates:2002
msgid "General mail configuration type:"
msgstr "Posta yapılandırması genel tipi:"

#. Type: select
#. Description
#: ../templates:2002
msgid ""
"Please select the mail server configuration type that best meets your needs."
msgstr "Kullanım amacınıza en uygun posta sunucu yapılandırmasını seçin."

#. Type: select
#. Description
#: ../templates:2002
msgid ""
" No configuration:\n"
"  Should be chosen to leave the current configuration unchanged.\n"
" Internet site:\n"
"  Mail is sent and received directly using SMTP.\n"
" Internet with smarthost:\n"
"  Mail is received directly using SMTP or by running a utility such\n"
"  as fetchmail. Outgoing mail is 

Bug#1032435: installation-reports: Fails to install GRUB bootloader

[John Talbut]

Thanks, Pascal.

Install in /dev/sda was just an example, it is the one that the 
installer suggests.  I have tried /dev/nvme1n1, /dev/nvme1n1p1 (the ESP 
partition) and /dev/nvme1n1p2 (the boot partition) all with the same 
result: The rescue operation 'grub-reinstall' failed with exit code 1


I gave up trying to get the legacy system to work after it failed 
following updating from bullseye to bookworm by changing sources.list 
and I am attempting to do a fresh install for an EFI boot.


On 06/03/2023 19:57, Pascal Hambourg wrote:

Hello John,

On 06/03/2023 at 18:19, John Talbut wrote:


It is not clear where to install it but wherever I try I come up with 
a message "Unable to install GRUB in /dev/sda" (or the equivalent in 
other partitions).


/dev/sda is the USB stick which contains the installer. You cannot 
install GRUB there.


Does the installer boot in EFI or legacy mode ?
grub-installer prompts in which device to install GRUB when installing 
for legacy/BIOS boot. It means either the installer booted in legacy 
mode or booted in EFI mode but you chose to revert to legacy boot after 
being warned (maybe wrongly) about an existing system set up for legacy 
boot. When installing GRUB for EFI boot, it automatically chooses one of 
the selected EFI partitions.


The partition layout on /dev/nvme1n1 is set up for EFI boot. GRUB could 
be installed for legacy boot in /dev/nvme1n1, but it would not be best 
because there is not "BIOS boot" (bios_grub) partition.

Bug#1031862: AdGuardHome packaging (Js and Go)

[Nilesh Patra]

Hi Vit,

I'm member of both the teams, stating my opinion -

On 3/1/23 15:12, Vít Kabele wrote:

I recently started packaging the AdGuardHome DNS server [1]. I published the
ITP to the go-team, as the backend is written in Go, yet now I realised that
the frontend is written in javascript and the packages are installed via npm.


Which packages are you specifically talking about?


1/ To which team should the package belong?


It is upto you. I may suggest going with the golang team as on skimming through 
it,
it mainly looks like having a server-side usage, most of which is implemented 
in golang.


Are there some similar projects?
Where to get inspired with the solution?


Not that I know of, sorry.



2/ Question to the JS team. The frontend comprises of circa 200 npm modules,
out of which only about 50 is already present in Debian repository. Is
it really necessary (I read the manual, yet I want to make sure) to package
all of these separately? [...]


The more, the merrier. However, JS team has provision for embedding smaller JS 
modules, so
you can go ahead with embedding the smaller ones, here's how to do it[2].
Decent-sized node-mdoules, however would need to be separately packaged.

[1]: https://github.com/AdguardTeam/AdGuardHome

[2]: https://wiki.debian.org/Javascript/GroupSourcesTutorial

--
Best,
Nilesh