Bug#1034015: exim4: exim paniclog on lenovo has non-zero size

2023-04-08 Thread Andreas Metzler 
Control: tags -1 moreinfo
Control: severity -1 normal

On 2023-04-06 Wensheng Xie  wrote:
> Package: exim4
> Severity: important
> X-Debbugs-Cc: none, Wensheng Xie 

[...]
>* What exactly did you do (or not do) that was effective (or
>  ineffective)?
>  Sending/receiving emails to local users is ok;
>  LAN users receiving emails from server PC is ok, but cannot send
>  emails.
>* What was the outcome of this action?
>  exim paniclog /var/log/exim4/paniclog on lenovo has non-zero size, mail 
> system might be broken. Up to 10 lines are quoted below.

> 2023-03-17 23:26:36 daemon_notifier_socket bind: Address already in use
  ^
[...]

Actually that does seem to be relevant at all, the message is from March
17.

What do the configuration files look like (especially
/etc/exim4/update-exim4.conf.conf)? What doi the log files show for
which mail?

cu Andreas

Bug#1034107: RFP: xmpppy -- XMPP implementation in Python

2023-04-08 Thread Ahmed El-Mahmoudy 
Package: wnpp
Severity: wishlist

* Package name: xmpppy
  Version : 0.7.1
  Upstream Author : Alexey Nezhdanov 
* URL : https://github.com/xmpppy/xmpppy
* License : GPL-3
  Programming Lang: Python
  Description : XMPP implementation in Python
Python 2/3 implementation of XMPP (RFC3920, RFC3921).
This is a set of modules providing functionality for writing
XMPP-compliant clients or server components in Python.
This library was initially designed as "rework" of jabberpy library but 
lately become a separate product.
Unlike jabberpy it is distributed under the terms of GPL.

This was previously removed from Debian (formerly python-xmpp) because 
it was no longer updated by upstream. Yet Alexey has continued 
maintaining it on GitHub, and has added Python3 support.

At least the jabber weechat plugin (provided by weechat-scripts) uses 
it.

-- 
‎أحمد المحمودي (Ahmed El-Mahmoudy)
 Digital design engineer
GPG KeyIDs: 4096R/A7EF5671 2048R/EDDDA1B7
GPG Fingerprints:
 6E2E E4BB 72E2 F417 D066  6ABF 7B30 B496 A7EF 5761
 8206 A196 2084 7E6D 0DF8  B176 BC19 6A94 EDDD A1B7


signature.asc
Description: PGP signature

Bug#1034106: System trying to remove mail files after adding the i386 architecture and installing certain packages.

2023-04-08 Thread Md Adil 
Package: Raspios
Version: Debian 11 bullseye arm64

After adding the i386 architecture then try to install packages it
autoremoving the main required packages.

which apt-get
/usr/bin/apt-get

type apt-get
apt-get is /usr/bin/apt-get

dpkg --search /usr/bin/apt-get
apt: /usr/bin/apt-get

dpkg --list apt
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend

|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==---=

ii apt 2.2.4 arm64 commandline package manager

dpkg --status apt
Package: apt
Status: install ok installed
Priority: required
Section: admin
Installed-Size: 4181
Maintainer: APT Development Team 
Architecture: arm64
Version: 2.2.4
Replaces: apt-transport-https (<< 1.5~alpha4~), apt-utils (<< 1.3~exp2~)
Provides: apt-transport-https (= 2.2.4)
Depends: adduser, gpgv | gpgv2 | gpgv1, libapt-pkg6.0 (>= 2.2.4),
debian-archive-keyring, libc6 (>= 2.17), libgcc-s1 (>= 3.0), libgnutls30
(>= 3.7.0), libseccomp2 (>= 2.4.2), libstdc++6 (>= 9), libsystemd0
Recommends: ca-certificates
Suggests: apt-doc, aptitude | synaptic | wajig, dpkg-dev (>= 1.17.2), gnupg
| gnupg2 | gnupg1, powermgmt-base
Breaks: apt-transport-https (<< 1.5~alpha4~), apt-utils (<< 1.3~exp2~),
aptitude (<< 0.8.10)
Conffiles:
 /etc/apt/apt.conf.d/01autoremove ab6540f7278a05a4b7f9e58afcaa5f46
 /etc/cron.daily/apt-compat 49e9b2cfa17849700d4db735d04244f3
 /etc/kernel/postinst.d/apt-auto-removal 6486b24d4c496e7d6a443178869a019b
 /etc/logrotate.d/apt 179f2ed4f85cbaca12fa3d69c2a4a1c3
Description: commandline package manager
 This package provides commandline tools for searching and
 managing as well as querying information about packages
 as a low-level access to all features of the libapt-pkg library.
 .
 These include:
  * apt-get for retrieval of packages and information about them
from authenticated sources and for installation, upgrade and
removal of packages together with their dependencies
  * apt-cache for querying available information about installed
as well as installable packages
  * apt-cdrom to use removable media as a source for packages
  * apt-config as an interface to the configuration settings
  * apt-key as an interface to manage authentication keys

lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 11 (bullseye)
Release: 11
Codename: bullseye

cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/;
SUPPORT_URL="https://www.debian.org/support;
BUG_REPORT_URL="https://bugs.debian.org/;

hostnamectl
Static hostname: raspberrypi
 Icon name: computer
Machine ID: 6bed9a922dc84fcfb9b02f5403468ce1
   Boot ID: ebfe7cff77d341fa9cca50e0aa20bf74
  Operating System: Debian GNU/Linux 11 (bullseye)
Kernel: Linux 6.1.21-v8+
  Architecture: arm64

The architecture I added and update success:
sudo dpkg --add-architecture i386

Packages that I tried to install and the output:

sudo apt install libc6:i386 libncurses5:i386 libstdc++6:i386 libbz2-1.0:i386

Output file:


output.log
Description: Binary data

Bug#1034105: unblock: node-ua-parser-js/0.8.1+ds+~0.7.36-3

2023-04-08 Thread Yadd 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: node-ua-parser...@packages.debian.org
Control: affects -1 + src:node-ua-parser-js

Please unblock package node-ua-parser-js

[ Reason ]
node-ua-parser-js is vulnerable to a Regex DoS (CVE-2022-25927)

[ Impact ]
Low security issue

[ Tests ]
No new test, current still pass

[ Risks ]
No risk, patch is trivial

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

Cheers,
Yadd

unblock node-ua-parser-js/0.8.1+ds+~0.7.36-3
diff --git a/debian/changelog b/debian/changelog
index 97dc70f..fe75bc4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+node-ua-parser-js (0.8.1+ds+~0.7.36-3) unstable; urgency=medium
+
+  * Team upload
+  * Update standards version to 4.6.2, no changes needed.
+  * Remove unsafe and ueless regex (Closes: CVE-2022-25927)
+
+ -- Yadd   Sun, 09 Apr 2023 07:47:39 +0400
+
 node-ua-parser-js (0.8.1+ds+~0.7.36-2) unstable; urgency=medium
 
   [ Debian Janitor ]
diff --git a/debian/control b/debian/control
index a65ee3c..5156727 100644
--- a/debian/control
+++ b/debian/control
@@ -10,7 +10,7 @@ Build-Depends: debhelper-compat (= 13)
  , node-requirejs 
  , node-safe-regex 
  , terser
-Standards-Version: 4.6.1
+Standards-Version: 4.6.2
 Vcs-Browser: https://salsa.debian.org/js-team/node-ua-parser-js
 Vcs-Git: https://salsa.debian.org/js-team/node-ua-parser-js.git
 Homepage: https://github.com/faisalman/ua-parser-js
diff --git a/debian/patches/CVE-2022-25927.patch 
b/debian/patches/CVE-2022-25927.patch
new file mode 100644
index 000..23e19bd
--- /dev/null
+++ b/debian/patches/CVE-2022-25927.patch
@@ -0,0 +1,22 @@
+Description: Remove unsafe regex in trim() function
+ `trim()` function contains a regular expression that is vulnerable to
+ ReDoS but was uncaught by `safe-regex` module
+Author: Faisal Salman 
+Origin: upstream, https://github.com/faisalman/ua-parser-js/commit/a6140a17
+Bug: https://security.snyk.io/vuln/SNYK-JS-UAPARSERJS-3244450
+Forwarded: not-needed
+Applied-Upstream: 1.0.33, commit:a6140a17
+Reviewed-By: Yadd 
+Last-Update: 2023-04-09
+
+--- a/src/ua-parser.js
 b/src/ua-parser.js
+@@ -92,7 +92,7 @@
+ },
+ trim = function (str, len) {
+ if (typeof(str) === STR_TYPE) {
+-str = str.replace(/^\s\s*/, EMPTY).replace(/\s\s*$/, EMPTY);
++str = str.replace(/^\s\s*/, EMPTY);
+ return typeof(len) === UNDEF_TYPE ? str : str.substring(0, 
UA_MAX_LENGTH);
+ }
+ };
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 000..8115996
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+CVE-2022-25927.patch

Bug#1034104: RFS: ms-sys/2.8.0-1 [RFP] -- Program used to write Microsoft-compatible boot records

2023-04-08 Thread Ben Westover 
Package: sponsorship-requests
Severity: normal
Control: block 808414 by -1

Dear mentors,

I am looking for a sponsor for my package "ms-sys":

  * Package name : ms-sys
Version  : 2.8.0-1
Upstream contact : Henrik Carlqvist 
  * URL  : https://ms-sys.sourceforge.net
  * License  : GPL-3+, GPL-2+
  * Vcs  : https://salsa.debian.org/BenTheTechGuy/ms-sys
Section  : non-free/utils

The source builds the following binary packages:

   ms-sys - Program used to write Microsoft-compatible boot records

To access further information about this package, please visit the
following URL:

   https://mentors.debian.net/package/ms-sys/

Alternatively, you can download the package with 'dget' using this command:

   dget -x
https://mentors.debian.net/debian/pool/non-free/m/ms-sys/ms-sys_2.8.0-1.dsc

Changes since the last upload:

  ms-sys (2.8.0-1) unstable; urgency=medium
  .
* Initial Package (Closes: #808414)

Regards,
--
   Ben Westover


OpenPGP_signature
Description: PGP signature

Bug#808414: RFP -> ITP

2023-04-08 Thread Ben Westover 
Control: retitle -1 ITP: ms-sys -- Program used to write Microsoft-compatible 
boot records
Control: owner -1 !

Hello,

 From a quick skimming of mbr's manpage, it looks like you need to supply
your own MBR for it to flash, which highly decreases the convenience
factor since you need to track down the exact MBR that you need to use
for the job, at which point you may as well just use dd. ms-sys has a
good selection of MBRs and PBRs built in that you can use to build or
repair many different operating system images. ms-sys-free also has a
similar problem because most of the MBRs that make ms-sys useful are
non-free, coming from proprietary Microsoft products. With ms-sys-free,
all that's left is Rufus, FreeDOS, and a couple other free options.

I've packaged ms-sys at https://salsa.debian.org/benthetechguy/ms-sys.

Thanks,
--
Ben Westover


OpenPGP_signature
Description: PGP signature

Bug#1031863: libqt5sql5-mysql: incompatible change in libmariadb3 breaks kontact, needs upstream fix in libqt5sql5-mysql

2023-04-08 Thread Otto Kekäläinen 
Hi!

I updated today
https://salsa.debian.org/mariadb-team/mariadb-10.3/-/merge_requests/36.

I would appreciate some eyes to review it and thumbs up if you want me
to proceed with this.

- Otto

Related for context:
- https://salsa.debian.org/mariadb-team/mariadb-10.3/-/merge_requests/36
- upstream PR of above
https://github.com/mariadb-corporation/mariadb-connector-c/pull/219
- bug reports in Debian for MariaDB 10.3:
  - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031773
  - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031863
  - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031770
- Also for 10.5: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033654
  - and MR 
https://salsa.debian.org/mariadb-team/mariadb-10.5/-/merge_requests/13
(will be updated and merged after the 10.3 one)
- mariadb-config vs libmariadb.pc version oddity:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024241
- mariadb-config lib path oddity:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001843
- upstream PR to simplify mariadb.pc vs libmariadb.pc:
https://github.com/MariaDB/server/pull/1800

Bug#1026945: bullseye-pu: package guix/1.2.0-4+deb11u1

2023-04-08 Thread Vagrant Cascadian 
Control: retitle 1026945 bullseye-pu: package guix/1.2.0-4+deb11u1

On 2023-03-15, Jonathan Wiltshire wrote:
> On Sat, Dec 24, 2022 at 07:33:38AM -0800, Vagrant Cascadian wrote:
>> This fixes a FTBFS of due several test suites using expired OpenPGP
>> keys. At the time the current packages in Debian were built, the keys
>> had not yet expired, but was later fixed upstream:
>
> Please go ahead.

Finally managed to carve out time for the upload:

guix (1.2.0-4+deb11u1) bullseye; urgency=medium

  [ Santiago Vila ]
  * debian/patches: Remove expiration dates on openpgp keys used in test
suite. (Closes: #1011863).

 -- Vagrant Cascadian   Sat, 08 Apr 2023 18:35:36 -0700

Should land in the FTP queues shortly.

live well,
  vagrant


signature.asc
Description: PGP signature

Bug#1034103: bullseye-pu: package nvidia-graphics-drivers-tesla-470/470.182.03-1~deb11u1

2023-04-08 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu

Hi,

I'd like to update nvidia-graphics-drivers-tesla-470 to a new upstream
version fixing a few CVEs.
This is a rebuild of the package from sid with no further changes.
As usual it comes with some packaging updates to keep the different
driver series in sync.

+nvidia-graphics-drivers-tesla-470 (470.182.03-1~deb11u1) bullseye; 
urgency=medium
+
+  * Rebuild for bullseye.
+
+ -- Andreas Beckmann   Sun, 09 Apr 2023 04:08:50 +0200
+
+nvidia-graphics-drivers-tesla-470 (470.182.03-1) unstable; urgency=medium
+
+  * New upstream production branch release 470.182.03 (2023-03-30).
+* Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
+  CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
+  CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
+  https://nvidia.custhelp.com/app/answers/detail/a_id/5452
+  (Closes: #1033780)
+* Improved compatibility with recent Linux kernels.
+
+  [ Andreas Beckmann ]
+  * Refresh patches.
+  * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
+Lima Santana.  (Closes: #1028261)
+  * Updated Turkish (tr) debconf translations by Atila KOÇ. (Closes: #1033543)
+
+ -- Andreas Beckmann   Sun, 09 Apr 2023 03:30:18 +0200
+
+nvidia-graphics-drivers (470.182.03-1) bullseye; urgency=medium
+
+  * New upstream production branch release 470.182.03 (2023-03-30).
+* Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
+  CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
+  CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
+  https://nvidia.custhelp.com/app/answers/detail/a_id/5452
+  (Closes: #1033774)
+* Improved compatibility with recent Linux kernels.
+
+  [ Andreas Beckmann ]
+  * Refresh patches.
+  * nvidia-detect: Drop support for stretch(-lts) (EoL).
+  * Drop support for building modules for non-native kernel architectures.
+  * nvidia-alternative: Access kmod config files over a versioned
+symlink (510.108.03-3).
+  * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
+  * Fix nvngx.dll install location (525.89.02-1).  (Closes: #1031185)
+  * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
+Lima Santana.
+  * Updated Turkish (tr) debconf translations by Atila KOÇ.
+  * Bump Standards-Version to 4.6.2. No changes needed.
+  * Upload to bullseye.
+
+ -- Andreas Beckmann   Sat, 08 Apr 2023 20:16:20 +0200
+
+nvidia-graphics-drivers-tesla-470 (470.161.03-2) unstable; urgency=medium
+
+  * Backport acpi_op_remove changes from 470.182.03 to fix kernel module build
+for Linux 6.2.
+  * Backport drm_connector_has_override_edid changes from 525.78.01 to fix
+kernel module build for Linux 6.2.
+  * Drop support for building modules for non-native kernel architectures.
+  * nvidia-tesla-470-alternative: Access kmod config files over a versioned
+symlink (510.108.03-3).
+  * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
+  * Fix nvngx.dll install location (525.89.02-1).  (Closes: #1031185)
+  * Bump Standards-Version to 4.6.2. No changes needed.
+
+ -- Andreas Beckmann   Tue, 28 Feb 2023 01:58:15 +0100


Andreas


ngd-tesla-470-470.182.03-1~deb11u1.diff.gz
Description: application/gzip

Bug#1032104: linux: ppc64el iouring corrupted read

2023-04-08 Thread Otto Kekäläinen 
> > On Sat, Mar 18, 2023 at 11:19:29PM -0700, Otto Kekäläinen wrote:
> > > Any updates on this one?
> > >
> > > I am still seeing the main.index_merge_innodb failure in
> > > https://buildd.debian.org/status/fetch.php?pkg=mariadb=ppc64el=1%3A10.11.2-2%7Eexp1=1678728871=0
> > > and rebuild 
> > > https://buildd.debian.org/status/fetch.php?pkg=mariadb=ppc64el=1%3A10.11.2-2%7Eexp1=1679174850=0.
> > >
> > > Logs show: Kernel: Linux 5.10.0-21-powerpc64le #1 SMP Debian
> > > 5.10.162-1 (2023-01-21) ppc64el (ppc64le)
> >
> > Remember that with the 5.10.162 upstream version the io_uring code was
> > rebased to the 5.15-stable one. So it is likely, and it maches the
> > verison ranges, that the regression was introduced with this
> > particular changes. Ideally someone with access to the given
> > architecture, can verify that the issue is gone with the current
> > 5.10.175 upstream (where there were several followup fixes, in
> > particular e.g. a similar one for s390x), and if not, reports the
> > problem to upstream.
> >
> > Paul Gevers asked if the issues are gone as well with 6.1.12-1
> > (or later 6.1.y series versions, which will land in bookworm). That
> > would be valuable information to know as well to exclude we do not
> > have the issue as well in bookworm.
>
> Were you able to verify this?

No, not yet.

I have not done new uploads to experimental after the one I mentioned
and linked above from March 18th.

The builds for unstable are passing because I forced the tests to run
with regular fsync instead of native I/O in
https://salsa.debian.org/mariadb-team/mariadb-server/-/commit/fc1358087b39ac6520420c7bbae2e536bc86748d.
I will test this again later but right now I don't want to do any
extra uploads as the package is pending unblock and inclusion in
Bullseye (Bug#1033811) and I don't want one single minor issue to
jeopardize getting fixes for multiple major issues forward.

Bug#1034101: installation-reports: bookworm rc1 successful install to Levono T470

2023-04-08 Thread Steve McIntyre 
On Sun, Apr 09, 2023 at 01:53:11AM +0200, Cyril Brulebois wrote:
>Hi Jeremy,
>
>and thanks for your report.
>
>Jeremy Davis  (2023-04-09):
>> Machine: Lenovo T470 (20HD)
>> 
>> Had to disable secure boot to get USB to boot, but otherwise,
>> everything "just worked".
>
>Why is that? We've been supporting Secure Boot for a very long while.

And one of my standard test machines here is my old T470. Jeremy: what
problem are you seeing please?

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
We don't need no education.
We don't need no thought control.

Bug#1034090: ibus: FTBFS twice in a row: src/ibusenumtypes.h is regenerated too late

2023-04-08 Thread Gunnar Hjalmarsson 

Control: tags -1 upstream
Control: forwarded -1 https://github.com/ibus/ibus/issues/2501

Thanks for your report!

We use a pre-compiled, kind of, tarball as the upstream source:

https://github.com/ibus/ibus/releases/download/1.5.28/ibus-1.5.28.tar.gz

ibusenumtypes.h has already been generated in that tarball, which 
explains why it works the first time. The file is not present in the 
upstream git source (only the 8 years old src/ibusenumtypes.h.template 
file is).


As an experiment I tried to build with the true source tarball, and then 
it failed already at the first attempt for the same reason.


The behavior has been reported upstream, so let's await the outcome of 
the upstream issue.


Btw, is "serious" an appropriate severity level for this bug?

--
Rgds,
Gunnar

Bug#782007: criu: Split up binary packages

2023-04-08 Thread Faidon Liambotis 
Control: tags -1 patch

On Mon, Apr 06, 2015 at 02:00:46PM +0200, Salvatore Bonaccorso wrote:
> I think it would make sense in meanwhile to split up the criu binary
> package (although still small) into multiple binary packages: E.g.
> criu, criu-dbg, libcriuX, libcriu-dev, python-criu.

I submitted an MR implementing this:
https://salsa.debian.org/debian/criu/-/merge_requests/3

Looking forward to your review!

Thanks,
Faidon

Bug#1034095: steps to duplicate

2023-04-08 Thread James Abernathy 
These instructions work on Debian 11 with firmware-11.6.0-amd64-netinst.iso.
But they fail to produce a working image
using debian-bookworm-DI-rc1-amd64-netinst.iso

- boot iso and select advanced and then expert install.
- follow the process as normal until Partitioning disk.
- create new gpt partition table
- create 500MB EFI System Partition
- create the rest of the drive as BTRFS mounted as /
- I didn't create a swap since I use zramswap later.
- write to disk all changes.

Before proceeding with the next step of Installing base system do the
following:
- CTRL F2 to bring up console

df -h  to check drive device names and mount points.
umount /target/boot/efi
umount /target
mount /dev/nvme0n1p2 /mnt
mv @rootfs @
btrfs su cr @home
mount -o noatime,compress=zstd,space_cache,ssd,discard=async,subvol=@
/dev/nvme0n1p2 /target
mkdir -p /target/boot/efi
mkdir /target/home
mount -o noatime,compress=zstd,space_cache,ssd,discard=async,subvol=@home
/dev/nvme0n1p2 /target/home
mount /dev/nvme0n1p1 /target/boot/efi


Now edit /target/etc/fstab and line for / to include:
noatime,compress=zstd,space_cache,ssd,discard=async,subvol=@
instead of default and subvol=@rootfs

add similar line with same UUID for /home with options as above except use
@home.

save and exit out of fstab edits.
Crtl-d to exit console and CRTL-F1 to get back to install and proceed with
installing base system.

All of this works correctly from appearance except on Debian 12 the boot
console is full of systemd-timesync type messages that all fail.  In
Cinnamon, it never makes it to a login window but you get a login prompt on
the console but it's slow and not much works.

Bug#1034102: UDD patches: incorrect handling of Forwarded?

2023-04-08 Thread Ross Vandegrift 
Package: qa.debian.org
Severity: normal
X-Debbugs-Cc: rvandegr...@debian.org

Hello,

I think there are some issues with the Forwarded handling here:
  https://udd.debian.org/patches.cgi?src=e17=0.25.4-2

DEP3 has this description for Forwarded:

> Any value other than "no" or "not-needed" means that the patch has been
> forwarded upstream. Ideally the value is an URL proving that it has been
> forwarded and where one can find more information about its inclusion status.
> 
> If the field is missing, its implicit value is "yes" if the "Bug" field is
> present, otherwise it's "no". The field is really required only if the patch
> is vendor specific, in that case its value should be "not-needed" to indicate
> that the patch must not be forwarded upstream (whereas "no" simply means that
> it has not yet been done).

The patch linked above is tagged Forwarded=yes - which is not ideal, but not
invalid.  Looking for more info, I found that the html source has:

> invalid

This doesn't show up in firefox - was this was meant to go into the content
of the span?

And as far that error - to my reading, DEP3 doesn't require a Bug when
Forwarded=yes.  Bug's presence or absence only changes the implicit value.

A note that Forwarded=yes without a Bug is not informative would be helpful. :)

Thanks,
Ross

Bug#1034101: installation-reports: bookworm rc1 successful install to Levono T470

2023-04-08 Thread Cyril Brulebois 
Hi Jeremy,

and thanks for your report.

Jeremy Davis  (2023-04-09):
> Machine: Lenovo T470 (20HD)
> 
> Had to disable secure boot to get USB to boot, but otherwise,
> everything "just worked".

Why is that? We've been supporting Secure Boot for a very long while.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1034091: RFP: whisper -- Robust Speech Recognition via Large-Scale Weak Supervision

2023-04-08 Thread Petter Reinholdtsen 


I created a draft build setup for tiktoken in
https://salsa.debian.org/pere/tiktoken >.  It currently build but
I am not convinced it is working.

-- 
Happy hacking
Petter Reinholdtsen

Bug#1034101: installation-reports: bookworm rc1 successful install to Levono T470

2023-04-08 Thread Jeremy Davis 
Package: installation-reports
Severity: normal
Tags: d-i
X-Debbugs-Cc: jer...@turnkeylinux.org


Boot method: usb
Image version: 
https://cdimage.debian.org/cdimage/bookworm_di_rc1/amd64/iso-cd/debian-bookworm-DI-rc1-amd64-netinst.iso
 2023-04-02
Date: 2023-04-08

Machine: Lenovo T470 (20HD)
Partitions:

root@tp-deb:~# df -Tl
Filesystem   Type 1K-blocksUsed Available Use% Mounted 
on
udev devtmpfs  16273852   0  16273852   0% /dev
tmpfstmpfs  32621921772   3260420   1% /run
/dev/mapper/tp--deb--vg-root ext4 218500152 5219756 202108352   3% /
tmpfstmpfs 16310940   0  16310940   0% /dev/shm
tmpfstmpfs 5120   8  5112   1% /run/lock
/dev/nvme0n1p2   ext2466026   86675354366  20% /boot
/dev/nvme0n1p1   vfat5232485948517300   2% /boot/efi
tmpfstmpfs  32621882584   3259604   1% 
/run/user/1000

root@tp-deb:~# lsblk
NAME MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
sdb8:16   1 0B  0 disk  
nvme0n1  259:00 238.5G  0 disk  
├─nvme0n1p1  259:10   512M  0 part  /boot/efi
├─nvme0n1p2  259:20   488M  0 part  /boot
└─nvme0n1p3  259:30 237.5G  0 part  
  └─nvme0n1p3_crypt  254:00 237.5G  0 crypt 
├─tp--deb--vg-root   254:10 212.8G  0 lvm   /
└─tp--deb--vg-swap_1 254:20   976M  0 lvm   [SWAP]


Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it

Initial boot:   [O]
Detect network card:[O]
Configure network:  [O]
Detect media:   [O]
Load installer modules: [O]
Clock/timezone setup:   [O]
User/password setup:[O]
Detect hard drives: [O]
Partition hard drives:  [O]
Install base system:[O]
Install tasks:  [O]
Install boot loader:[O]
Overall install:[O]

Comments/Problems:

Had to disable secure boot to get USB to boot, but otherwise, everything "just 
worked".

Used full disk with encrypted LVM and no problems at all. Everything appears to 
be working
as expected although I haven't done extensive testing.

If there is anything of particular interest that you would like more info on, 
please ask.

-- Package-specific info:

==
Installer lsb-release:
==
DISTRIB_ID=Debian
DISTRIB_DESCRIPTION="Debian GNU/Linux installer"
DISTRIB_RELEASE="12 (bookworm) - installer build 20230401"
X_INSTALLATION_MEDIUM=cdrom

==
Installer hardware-summary:
==
uname -a: Linux tp-deb 6.1.0-7-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.20-1 
(2023-03-19) x86_64 GNU/Linux
lspci -knn: 00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v6/7th 
Gen Core Processor Host Bridge/DRAM Registers [8086:5904] (rev 02)
lspci -knn: Subsystem: Lenovo Device [17aa:2245]
lspci -knn: 00:02.0 VGA compatible controller [0300]: Intel Corporation HD 
Graphics 620 [8086:5916] (rev 02)
lspci -knn: Subsystem: Lenovo Device [17aa:2245]
lspci -knn: 00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-LP 
USB 3.0 xHCI Controller [8086:9d2f] (rev 21)
lspci -knn: Subsystem: Lenovo Device [17aa:2245]
lspci -knn: Kernel driver in use: xhci_hcd
lspci -knn: Kernel modules: xhci_pci
lspci -knn: 00:14.2 Signal processing controller [1180]: Intel Corporation 
Sunrise Point-LP Thermal subsystem [8086:9d31] (rev 21)
lspci -knn: Subsystem: Lenovo Device [17aa:2245]
lspci -knn: 00:16.0 Communication controller [0780]: Intel Corporation Sunrise 
Point-LP CSME HECI #1 [8086:9d3a] (rev 21)
lspci -knn: Subsystem: Lenovo Device [17aa:2245]
lspci -knn: 00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI 
Express Root Port #1 [8086:9d10] (rev f1)
lspci -knn: Subsystem: Lenovo Device [17aa:2245]
lspci -knn: Kernel driver in use: pcieport
lspci -knn: 00:1c.6 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI 
Express Root Port #7 [8086:9d16] (rev f1)
lspci -knn: Subsystem: Lenovo Device [17aa:2245]
lspci -knn: Kernel driver in use: pcieport
lspci -knn: 00:1d.0 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI 
Express Root Port #9 [8086:9d18] (rev f1)
lspci -knn: Subsystem: Lenovo Device [17aa:2245]
lspci -knn: Kernel driver in use: pcieport
lspci -knn: 00:1d.2 PCI bridge [0604]: Intel Corporation Sunrise Point-LP PCI 
Express Root Port #11 [8086:9d1a] (rev f1)
lspci -knn: Subsystem: Lenovo Device [17aa:2245]
lspci -knn: Kernel driver in use: pcieport
lspci -knn: 00:1f.0 ISA bridge [0601]: Intel Corporation Sunrise Point-LP LPC 
Controller [8086:9d58] (rev 21)
lspci -knn: Subsystem: Lenovo Device [17aa:2245]
lspci -knn: 00:1f.2 Memory controller

Bug#299088: Concurrent sounds on system with Xscavenger

2023-04-08 Thread Stephane Ascoet 



Hi, it's seems that, more generaly, when a sound is already playing on the 
system, Xscavenger stays quiet(e.g. when the following is running in the 
background: mplayer -afm ffmpeg -ao alsa -cache 599 -cache-min 99 -framedrop 
-lavdopts fast:skiploopfilter=all -msgcolor -msglevel all=6 -noconfig user 
-noar -nolirc -softvol https://radios.rtbf.be/classic21-128.mp3)


--
Sincerely, Stephane Ascoet

Bug#1031643: Bug#1034062: netcfg prompts for hostname even though preseeded, preventing unattended installation

2023-04-08 Thread Cyril Brulebois 
Oliver Freyermuth  (2023-04-09):
> Likely, that's indeed since stuff has already happened at that point.
> It seems that the newly added "if" worked as expected, so it must have
> been "(none)" at the time of checking, and only changed to "?"
> afterwards.

I've just verified that part, and I'm now quite convinced that checking
for “(none)” is fine:

 - right at the beginning, on the language selection screen, one can “go
   back” and get a shell. There, `uname -a` returns:

   Linux (none) 6.1.0-3-amd64 […]

 - once network discovery has happened, including DHCP, and once the
   hostname prompt is presented, `uname -a` returns:

   Linux 6.1.0-3-amd64 […]

So there was definitely some hostname set at the very beginning, on the
kernel side, and that can be used by env2debconf via hostname without
passing any options, which leverages busybox's safe_gethostname() which
taps into UTS information, which is set an contains “(none)”.

While I'm not sure *what* happens, later on it seems the hostname part
is unset, which leads safe_gethostname() to fail and extract the
hostname, and which ends up returning “?” instead.


If there was any doubt regarding stability, include/linux/uts.h
(linux.git) is almost all dating back all the way to the mother git
commit (2005), with UTS_NODENAME being an exception (2011):

bd5dc17be87b3 (Josh Triplett  2011-06-15 15:08:28 -0700 13) #define 
UTS_NODENAME CONFIG_DEFAULT_HOSTNAME /* set by sethostname() */

See 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bd5dc17be87b3a3073d50b23802647db3ae3fa8e

And the kernel packaging started setting this option back in 2015:

commit 8f0f730e419302af8dc8a6c043363ba300e9fac1
Author: Ben Hutchings 
Date:   Wed Jul 29 02:29:09 2015 +

Explicitly set various config symbols to defaults

svn path=/dists/trunk/linux/; revision=22870

Seeing how the issue was brought up to my attention by one of the kernel
maintainer in Debian, I hope this default value won't change or we'll be
told if that happens (hint hint wink wink)!


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1033159: terminology: When using vim with Terminology the underline atribute gets turned on when scrolling.

2023-04-08 Thread Ross Vandegrift 
Control: tags - 1 pending

On Sat, Mar 18, 2023 at 03:16:14PM +, Jon Westgate wrote:
> How to produce:
> open vim inside terminology enit a file that is larger than the
> terminal and requires scrolling (it shows best with a 2 page document
> with a reasonable coverage of text) simply scroll up of down past the
> current view point and you will note that new text has the underline
> atribute set. Scrolling back up will result in off screen text being
> rendered with underline attribute set as it comes back down into view.

I wasn't able to reproduce this, but the upstream developer knew of the issue.
It's been fixed upstream, and is waiting for the next debian upload.  Due to
the release freeze, I won't be able to upload this until after the bookworm
release.

Ross

Bug#1034100: Acknowledgement (unblock: texlive-base/2022.20230122-3)

2023-04-08 Thread Hilmar Preuße 

On 4/9/23 00:24, Debian Bug Tracking System wrote:

Hi,


You can follow progress on this Bug here: 1034100:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034100.


Attached is the promised debdiff.

Hilmar
--
Testmail
diff -Nru texlive-base-2022.20230122/debian/changelog texlive-base-2022.20230122/debian/changelog
--- texlive-base-2022.20230122/debian/changelog	2023-02-15 14:35:08.0 +0100
+++ texlive-base-2022.20230122/debian/changelog	2023-04-01 12:57:29.0 +0200
@@ -1,3 +1,12 @@
+texlive-base (2022.20230122-3) UNRELEASED; urgency=medium
+
+  * Add Romanian debconf translation by Remus-Gabriel Chelu
+ (Closes: #1033738).
+  * Add patch to fix hyphenation penalties in german language
+(Closes: #1034038).
+
+ -- Hilmar Preusse   Sat, 01 Apr 2023 12:57:29 +0200
+
 texlive-base (2022.20230122-2) unstable; urgency=medium
 
   [ Jelmer Vernooij ]
diff -Nru texlive-base-2022.20230122/debian/patches/1034038 texlive-base-2022.20230122/debian/patches/1034038
--- texlive-base-2022.20230122/debian/patches/1034038	1970-01-01 01:00:00.0 +0100
+++ texlive-base-2022.20230122/debian/patches/1034038	2023-04-01 12:57:29.0 +0200
@@ -0,0 +1,11 @@
+--- texlive-base-2022.20230122.orig/texmf-dist/tex/generic/babel/babel-transforms.lua
 texlive-base-2022.20230122/texmf-dist/tex/generic/babel/babel-transforms.lua
+@@ -364,7 +364,7 @@
+ goto next
+ 
+   elseif mode == 1 and crep and (crep.pre or crep.no or crep.post) then
+-d = node.new(7, 0)   -- (disc, discretionary)
++d = node.new(7, 3)   -- (disc, regular)
+ d.pre = Babel.str_to_nodes(crep.pre, matches, item_base)
+ d.post= Babel.str_to_nodes(crep.post, matches, item_base)
+ d.replace = Babel.str_to_nodes(crep.no, matches, item_base)
diff -Nru texlive-base-2022.20230122/debian/patches/series texlive-base-2022.20230122/debian/patches/series
--- texlive-base-2022.20230122/debian/patches/series	2023-02-15 14:16:01.0 +0100
+++ texlive-base-2022.20230122/debian/patches/series	2023-04-01 12:57:29.0 +0200
@@ -25,3 +25,4 @@
 python3-shebang
 debian-fix-quote-in-quote
 update_epspdf_luascript
+1034038
diff -Nru texlive-base-2022.20230122/debian/po/ro.po texlive-base-2022.20230122/debian/po/ro.po
--- texlive-base-2022.20230122/debian/po/ro.po	1970-01-01 01:00:00.0 +0100
+++ texlive-base-2022.20230122/debian/po/ro.po	2023-04-01 12:55:00.0 +0200
@@ -0,0 +1,77 @@
+# Mesajele în limba română pentru pachetul texlive-base.
+# Romanian translation of texlive-base.
+# Copyright © 2023 THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the texlive-base package.
+#
+# Remus-Gabriel Chelu , 2023.
+#
+# Cronologia traducerii fișierului „texlive-base”:
+# Traducerea inițială, făcută de R-GC, pentru versiunea texlive-base 2022.20230122-2(2012-04-24).
+# Actualizare a traducerii pentru versiunea Y, făcută de X, Y(anul).
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: texlive-base 2022.20230122-2\n"
+"Report-Msgid-Bugs-To: texlive-b...@packages.debian.org\n"
+"POT-Creation-Date: 2012-04-24 14:30+0900\n"
+"PO-Revision-Date: 2023-03-26 17:57+0200\n"
+"Last-Translator: Remus-Gabriel Chelu \n"
+"Language-Team: Romanian \n"
+"Language: ro\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n==0 || (n!=1 && n%100>=1 && "
+"n%100<=19) ? 1 : 2);\n"
+"X-Bugs: Report translation errors to the Language-Team address.\n"
+"X-Generator: Poedit 3.2.2\n"
+
+#. Type: error
+#. Description
+#: ../texlive-base.templates:2001
+msgid "Unmanageable system paper size (${libpaperPaper})"
+msgstr "Dimensiune de hârtie de sistem imposibil de gestionat (${libpaperPaper})"
+
+#. Type: error
+#. Description
+#: ../texlive-base.templates:2001
+msgid ""
+"The currently defined system-wide paper size is ${libpaperPaper}. However, the "
+"TeX configuration system cannot handle this paper size for ${binary}."
+msgstr ""
+"Dimensiunea de hârtie definită în prezent pentru întregul sistem este "
+"${libpaperPaper}. Cu toate acestea, sistemul de configurare TeX nu poate "
+"gestiona această dimensiune de hârtie pentru ${binary}."
+
+#. Type: error
+#. Description
+#: ../texlive-base.templates:2001
+msgid "The setting will remain unchanged."
+msgstr "Configurarea va rămâne neschimbată."
+
+#. Type: error
+#. Description
+#: ../texlive-base.templates:2001
+msgid ""
+"The following command can show the list of known paper sizes for ${binary}:"
+msgstr ""
+"Următoarea comandă poate afișa lista cu dimensiunile de hârtie cunoscute pentru "
+"${binary}:"
+
+#. Type: multiselect
+#. Description
+#: ../texlive-base.templates:3001
+msgid "TeX binaries that should use the system paper size:"
+msgstr "Binarele TeX care ar trebui să utilizeze dimensiunea hârtiei de sistem:"
+
+#. Type: multiselect
+#. Description
+#: ../texlive-base.templates:3001
+msgid

Bug#1034100: unblock: texlive-base/2022.20230122-3

2023-04-08 Thread Hilmar Preusse 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: texlive-b...@packages.debian.org
Control: affects -1 + src:texlive-base

Please unblock package src:texlive-base. I did not upload the
package to unstable, I'd like to hear your decision beforehand.
The package contains two changes:
- fix hyphenation for language German.
- Contains Romanian debconf translation of texlive-base.

[ Reason ]
Mainly we'd like to have the hyphenations for language german,
when using luatex, fixed.

[ Impact ]
People writing in German /could/ experience no/wrong hyphenation when
using luatex.

[ Tests ]
There were no automated tests. We only apply the patch for the issue
described here [1]. The submitter confirmed that the patch solved
the specific issue.

[ Risks ]
Code change is rather trivial and should not affect source packages.
The human end users already confirmed that the change is useful.
The code change is meanwhile part of the official TeX Babel package.

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

unblock texlive-base/2022.20230122-3

[1] https://tex.stackexchange.com/questions/680690

-- 
sigmentation fault


signature.asc
Description: PGP signature

Bug#1031643: some tests …

2023-04-08 Thread Oliver Freyermuth 

Hi Andi,

On Sat, 8 Apr 2023 17:38:10 +0200 "Andreas B. Mundt"  wrote:

 • However, I also ran an installation with the original, unpatched
   initrd and the boot parameters:
   'auto=true priority=critical hostname=somename url=tftp://192.168.122.1 
playbook=minimal.yml ---'
   That works fine too.  The pressed file is [1] with minor, unrelated
   changes.  So that's kind of confusing to me right now.   


FWIW, I've never used "priority=critical" on the kernel commandline. Maybe that 
is making the difference here?

The full commandline I used is:

initrd=boot/debian-initrd.gz interface=auto 
url=http://foreman.example.com/unattended/provision ramdisk_size=10800 
root=/dev/rd/0 rw auto auto=true locale=en_US.UTF-8 netcfg/disable_dhcp=false 
ethdetect/prompt_missing_firmware=false hw-detect/load_firmware=false 
locale=en_US.UTF-8 hostname=laptop.example.com domain=example.com

This commandline does not show any questions in Buster / Bullseye, but raises 
the hostname question in Bookworm alpha2 and rc1,
and it's gone again in the patched version (while the preseed file in my case 
always specifies d-i netcfg/get_hostname and d-i netcfg/get_domain, but that's 
parsed too late in the game).

Cheers,
Oliver

Bug#1031643: Bug#1034062: netcfg prompts for hostname even though preseeded, preventing unattended installation

2023-04-08 Thread Oliver Freyermuth 

Hello Cyril,

Am 08.04.23 um 23:50 schrieb Cyril Brulebois:

Oliver Freyermuth  (2023-04-08):

Interestingky, without the "hostname=" parameter, running hostname on
a tty (while the question is shown) echoes:

   ~ # hostname
   ?


I found that part slightly strange. From earlier on IRC:

  fun how we get '(none)' by default and '?' instead with -s.
  ('?' comes from safe_gethostname depending on uts.nodename[0])

so I'm not exactly sure why you're getting '?' by default instead of
'(none)'. Maybe that's once you've reached the network step and stuff
has happened? My observations were right after setting a keymap,
switching to a VT.

For context, I was initially wondering which options were supported by
busybox's hostname, hence my looking into this. (Wasn't entirely sure
how safe / future-proof hardcoding “(none)” would be; still unclear at
this point, but I haven't spent much time on this.)


Likely, that's indeed since stuff has already happened at that point. It seems that the 
newly added "if" worked as expected,
so it must have been "(none)" at the time of checking, and only changed to "?" 
afterwards.


However, that "question mark hostname" is also shown when doing this
with Bullseye, so that seems to be expected behaviour.


That part's reassuring.


Indeed :-).

Cheers,
Oliver

Bug#1031643: some tests …

2023-04-08 Thread Cyril Brulebois 
Andreas B. Mundt  (2023-04-08):
> after trying some installs with the provided initrd from
> pu/bug-1031643, I observed the following:
> 
>  • The patch seems to work fine with 'hostname=somename' or
>'hostname?=somename' added to the boot parameters: The question is
>not asked respectively by default set to 'somename'.

Thanks!

>  • However, I also ran an installation with the original, unpatched
>initrd and the boot parameters:
>'auto=true priority=critical hostname=somename url=tftp://192.168.122.1 
> playbook=minimal.yml ---'
>That works fine too.  The pressed file is [1] with minor, unrelated
>changes.  So that's kind of confusing to me right now.

See first sentence of the red herring part of the initial bug report? If
that's accurate (I might have fumbled a little going down that rabbit
hole), that might explain why you're not seeing this issue with that
particular command line.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1031643: Bug#1034062: netcfg prompts for hostname even though preseeded, preventing unattended installation

2023-04-08 Thread Cyril Brulebois 
Oliver Freyermuth  (2023-04-08):
> I can confirm that the question is not shown anymore, and installation
> proceeds unattendedly, so the patched versions test fine on my end
> :-).
> 
> During installation, when switching to a tty and running "hostname
> -f", I see the FQDN assigned via the hostname parameter, as expected.

Great, thanks.

> Then of course we also need to test what happens without the
> "hostname=" paraemter on the kernel commandline. I removed it,
> re-tried, and the question was shown again, so that also seems to work
> as expected.
> 
> Interestingky, without the "hostname=" parameter, running hostname on
> a tty (while the question is shown) echoes:
> 
>   ~ # hostname
>   ?

I found that part slightly strange. From earlier on IRC:

 fun how we get '(none)' by default and '?' instead with -s.
 ('?' comes from safe_gethostname depending on uts.nodename[0])

so I'm not exactly sure why you're getting '?' by default instead of
'(none)'. Maybe that's once you've reached the network step and stuff
has happened? My observations were right after setting a keymap,
switching to a VT.

For context, I was initially wondering which options were supported by
busybox's hostname, hence my looking into this. (Wasn't entirely sure
how safe / future-proof hardcoding “(none)” would be; still unclear at
this point, but I haven't spent much time on this.)

> However, that "question mark hostname" is also shown when doing this
> with Bullseye, so that seems to be expected behaviour.

That part's reassuring.

> Seeing the unintrusiveness of the patch, and taking into account that
> adapting existing deployment software can be avoided (there's
> certainly much more affected tooling out there), that feels like a
> good approach to me, too.

Clearly! Initially I was worried about stashing a special case into the
labyrinth (that the parsing code is) that's below, I didn't think of
actually checking the effects of the linux's having consumed that
parameter would have…


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1034095: Bookworm-rc1 bug report against the installation-reports

2023-04-08 Thread Cyril Brulebois 
Hi James,

James Abernathy  (2023-04-08):
> Note, I use expert install so I could switch to shell after
> partitioning to create proper @ and @home subvolumes for timeshift
> usage.
[…]
> The install went as expected for a BTRFS install as you do on Debian.
> After partitioning, CTRL-f2 to get to the console to rename @rootfs to
> @, and create @home subvolumes. The install completed, but on first
> reboot almost every console log statement about systemd failed.  I
> tried KDE and Cinnamon. Same results. If I do the same method on
> Debian 11, it works great.

It would be helpful to know what kind of systemd failure you're getting.
You can start from `systemctl --failed` and gather logs from the failing
unit(s).

Also, not everyone is familiar with btrfs, so if you want people to have
a chance of reproducing your problem and/or working on a solution, it
would make sense to include those commands you run in the console, and
at each exact point they are run.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1034099: unblock: zstd-jni-java/1.5.2-5+ds-3

2023-04-08 Thread Markus Koschany 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: a...@debian.org

Please unblock package zstd-jni-java

[ Reason ]

zstd-jni-java FTBFS on buildd when built as binary-arch only. #1034059

[ Impact ]

FTBFS during binary-arch build

[ Tests ]

Manually tested. Works as expected now.

[ Risks ]

None.

[ Checklist ]
  [*] all changes are documented in the d/changelog
  [*] I reviewed all changes and I approve them
  [*] attach debdiff against the package in testing


unblock zstd-jni-java/1.5.2-5+ds-3
diff -Nru zstd-jni-java-1.5.2-5+ds/debian/changelog 
zstd-jni-java-1.5.2-5+ds/debian/changelog
--- zstd-jni-java-1.5.2-5+ds/debian/changelog   2022-11-12 21:54:22.0 
+0100
+++ zstd-jni-java-1.5.2-5+ds/debian/changelog   2023-04-08 22:46:57.0 
+0200
@@ -1,3 +1,12 @@
+zstd-jni-java (1.5.2-5+ds-3) unstable; urgency=medium
+
+  * Team upload.
+  * Depend on maven-resources-plugin 3.3.0 and maven-compiler-plugin 3.10.1.
+Fixes FTBFS when building zstd-jni-java for binary-arch only.
+Thanks to Andreas Beckmann for the report. (Closes: #1034059)
+
+ -- Markus Koschany   Sat, 08 Apr 2023 22:46:57 +0200
+
 zstd-jni-java (1.5.2-5+ds-2) unstable; urgency=high
 
   * Prevent duplicate Java files install into arch-dependent package
diff -Nru zstd-jni-java-1.5.2-5+ds/debian/patches/modify_pom.patch 
zstd-jni-java-1.5.2-5+ds/debian/patches/modify_pom.patch
--- zstd-jni-java-1.5.2-5+ds/debian/patches/modify_pom.patch2022-10-26 
03:47:40.0 +0200
+++ zstd-jni-java-1.5.2-5+ds/debian/patches/modify_pom.patch2023-04-08 
22:46:57.0 +0200
@@ -28,7 +28,7 @@
 +
 +  org.apache.maven.plugins
 +  maven-compiler-plugin
-+  3.8.1
++  3.10.1
 +  
 +1.8
 +1.8
@@ -46,7 +46,7 @@
 +
 +  org.apache.maven.plugins
 +  maven-resources-plugin
-+  3.1.0
++  3.3.0
 +
 +
 +  org.apache.maven.plugins

Bug#1033972: unblock: src:gajim/1.7.3-2

2023-04-08 Thread Martin 
Control: close -1

On 2023-04-08 22:06, Paul Gevers wrote:
> Same as with python-nbxmpp, I don't see the package being blocked were
> you to upload now.

OK, thanks! Uploaded to unstable.

Bug#1033970: unblock: src:python-nbxmpp/4.2.2-2

2023-04-08 Thread Martin 
Control: close -1

On 2023-04-08 22:03, Paul Gevers wrote:
> python-nbxmpp is not a key package, so with a passing autopkgtest [0],
> your package won't be blocked, see our policy [1]. Why are you asking
> for clearance?

OK, thanks for confirming! Uploaded to unstable.

Bug#1034098: reportbug: gamemode needs policykit-1 as a dependency

2023-04-08 Thread Safir Secerovic 
Package: gamemode
Version: 1.7-2+b1
Severity: normal
X-Debbugs-Cc: stephanlach...@debian.org

gamemode needs policykit-1 package installed in order to work properly.
It cannot set the cpu governor nor apply gpu optimisations, since it used 
pkexec binary to 
intermediate on behalf of the user.

Please add policykit-1 package as a binary dependency for gamemode package.

Kind regards,
Safir Secerovic


-- System Information:
Debian Release: 12.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
merged-usr: no
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.2.10-x64v3-xanmod1 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gamemode depends on:
ii  gamemode-daemon   1.7-2+b1
ii  libc6 2.36-8
ii  libgamemode0  1.7-2+b1
ii  libgamemodeauto0  1.7-2+b1

Versions of packages gamemode recommends:
ii  libgamemode0  1.7-2+b1
ii  libgamemodeauto0  1.7-2+b1

Versions of packages gamemode suggests:
pn  gnome-shell-extension-gamemode  

-- no debconf information

Bug#1033972: unblock: src:gajim/1.7.3-2

2023-04-08 Thread Paul Gevers 

Control: tags -1 moreinfo

Hi Martin,

On 05-04-2023 10:52, Martin wrote:

I like to get clearance for uploading gajim 1.7.3-2 to unstable, to get
it into bookworm. 1.7.3-1 is already uploaded to experimental. The
package has extensive autopkgtests. debdiff attached.


Same as with python-nbxmpp, I don't see the package being blocked were 
you to upload now.


Paul


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1033970: unblock: src:python-nbxmpp/4.2.2-2

2023-04-08 Thread Paul Gevers 

Control: tags -1 moreinfo

Hi Martin,

On 05-04-2023 10:26, Martin wrote:

I like to get clearance for uploading python-nbxmpp 4.2.2-2 to unstable, to get
it into bookworm. 4.2.2-1 is already uploaded to experimental. The
package has extensive autopkgtests. debdiff attached.


python-nbxmpp is not a key package, so with a passing autopkgtest [0], 
your package won't be blocked, see our policy [1]. Why are you asking 
for clearance?


Paul

[0] https://qa.debian.org/excuses.php?experimental=1=python-nbxmpp
[1] https://release.debian.org/testing/freeze_policy.html


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1033953: unblock: gimp-help/2.10.34-1

2023-04-08 Thread Paul Gevers 

Control: tags -1 moreinfo

On 04-04-2023 23:58, Jordi Mallach wrote:

I'm asking for a pre-approval of this documentation-only source package.
If approved, I would update this bug with the relevant parts of the
diff, seek a final ack, and upload within the next week.


In principle that's OK, but I'll only really approve when I have a 
debdiff. Please e.g. don't change debhelper compat levels and the like. 
Check the freeze policy [1]. Please remove the moreinfo tag when you are 
ready.


Paul

[1] https://release.debian.org/testing/freeze_policy.html


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1033844: unblock: emacs/1:28.2+1-13

2023-04-08 Thread Paul Gevers 

Control: tags -1 confirmed moreinfo

Hi Rob,

On 02-04-2023 20:07, Sebastian Ramacher wrote:

(Package hasn't been uploaded yet; this is a preapproval request.)


Please go ahead


Please remove the moreinfo tag once the upload has happened.

Paul


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1034086: tcpdump: CVE-2023-1801

2023-04-08 Thread Romain Francoise 
Hi Salvatore,

On Sat, Apr 8, 2023 at 1:51 PM Salvatore Bonaccorso  wrote:
> The following vulnerability was published for tcpdump.
>
> CVE-2023-1801[0]:
> | The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-
> | of-bounds write when decoding a crafted network packet.

Thanks. Just in case, I will mention that the SMB printer code is
*not* enabled in Debian anymore. None of the supported distributions
(oldstable, stable, testing/sid) are affected.

-- 
Romain Francoise 
https://people.debian.org/~rfrancoise/

Bug#1034097: unblock: tar/1.34+dfsg-1.2

2023-04-08 Thread Paul Gevers 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: t...@packages.debian.org
Control: affects -1 + src:tar

Please unblock package tar

[ Reason ]
tar fails to build from source on 32 bits architectures (bug 1026204)
since the latest glibc version, because the test suite fails on files
with access dates outside of the 32-bit timestamps reach. This was
noticed because there was an NMU to fix the d/copyright. After quite
some discussion it was deemed best to enable lfs and -D_TIME_BITS=64
on 32 bits archs, which will be the default in the next tar upstream
version too.

[ Impact ]
Users on 32 bits systems wouldn't be able to rebuild tar. If there
would be a security update, it would fail to build too.

[ Tests ]
tar has a test suite that failed before the upload, now it passes.

[ Risks ]
In bug 1026204, wookey warned against implications of enabling 64-bit
time and large file system support, however the other people involved
in the bug and on IRC were convinced this was the right solution.
Because of this, I recommend to *not* age the package when unblocked,
but give it some time in unstable.

[ Checklist ]
  [no] all changes are documented in the d/changelog

I only noticed when I started to request this unblock that there are
two new files in the previous NMU that were not mentioned:
debian/upstream/metadata and debian/salsa-ci.yml, but I consider both
harmless enough to not do a new upload for that.

  [yes] I reviewed all changes and I approve them
  [yes] attach debdiff against the package in testing

[ Other info ]
helmut promised on IRC to care for fallout if it would occur.

unblock tar/1.34+dfsg-1.2
diff -Nru tar-1.34+dfsg/debian/changelog tar-1.34+dfsg/debian/changelog
--- tar-1.34+dfsg/debian/changelog  2021-02-17 10:55:26.0 +0100
+++ tar-1.34+dfsg/debian/changelog  2023-04-06 16:25:47.0 +0200
@@ -1,3 +1,21 @@
+tar (1.34+dfsg-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Build with lfs and -D_TIME_BITS=64 on 32 bits archs (Closes: #1026204)
+Thanks to Andreas Henriksson and Helge Deller
+
+ -- Paul Gevers   Thu, 06 Apr 2023 16:25:47 +0200
+
+tar (1.34+dfsg-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload
+
+  [ Mechtilde ]
+  * [730f266] Improved d/copyright with patch 
+from Bastian Germann  (Closes:  #1024084)
+
+ -- Mechtilde Stehmann   Sun, 20 Nov 2022 15:52:41 +0100
+
 tar (1.34+dfsg-1) unstable; urgency=medium
 
   * New upstream version
diff -Nru tar-1.34+dfsg/debian/copyright tar-1.34+dfsg/debian/copyright
--- tar-1.34+dfsg/debian/copyright  2021-02-17 10:53:49.0 +0100
+++ tar-1.34+dfsg/debian/copyright  2023-04-06 16:25:47.0 +0200
@@ -1,38 +1,87 @@
-This is the Debian GNU/Linux prepackaged version of GNU tar.  GNU
-tar, heavily based on John Gilmore's public domain version of tar,
-was originally written by Graham Todd.  It is now maintained by
-Paul Eggert .
-
-This package is maintained for Debian by Janos Lenart , and
-was built from the sources found at:
-
-   ftp://ftp.gnu.org/gnu/tar/
-
-More recently, I'm directly using the upstream source repository at 
-
-   http://git.savannah.gnu.org/cgit/tar.git
-
-GNU tar is 
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Comment:
+  This is the Debian GNU/Linux prepackaged version of GNU tar.
+  GNU tar, heavily based on John Gilmore's public domain version of tar,
+  was originally written by Graham Todd.
+  It is now maintained by Sergey Poznyakoff.
+ .
+  This package is maintained for Debian by Janos Lenart .
+Upstream-Contact: bug-...@gnu.org
+Source:
+  ftp://ftp.gnu.org/gnu/tar/
+  http://git.savannah.gnu.org/cgit/tar.git
 
+Files: *
+Copyright:
Copyright (C) 1988, 1992, 1993, 1994, 1995, 1996, 1997, 1999, 2000,
2001, 2003, 2004, 2005, 2006, 2007 Free Software Foundation, Inc.
-
+License: GPL-3+
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 3, or (at your option) any later
version.
-
-On Debian GNU/Linux systems, the complete text of the GNU General Public 
-License version 3 can be found in /usr/share/common-licenses/GPL-3.
-
-The Debian packaging is 
-
+Comment:
+ On Debian GNU/Linux systems, the complete text of the GNU General Public 
+ License version 3 can be found in /usr/share/common-licenses/GPL-3.
+
+Files:
+   gnu/parse-datetime-gen.h
+   gnu/parse-datetime.c
+Copyright:
+   Copyright (C) 1984, 1989-1990, 2000-2015 Free Software Foundation, Inc.
+License: GPL-3+ with Bison exception
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation, either version 3 of the License, or
+   (at your option) any later version.
+ .
+   This program is distributed in

Bug#1032553: magic-wormhole: FTBFS in testing: dh_auto_test: error: pybuild --test -i python{version} -p 3.11 returned exit code 13

2023-04-08 Thread Sascha Steinbiss 

Hi Martin,


[...]

This is mentioned in
https://github.com/magic-wormhole/magic-wormhole/issues/458 as likely
a "timing issue". Not sure if it's fixed upstream. >


Could it make sense to also patch the tests to include the delay that is
mentioned in the GitHub issue comments?


I've tried adding a 2 second delay in the failing test and that yields a
package that builds reliably for me. I just rebuild the package with the
patch 250 times successfully in a row.


Excellent, thanks a lot! I will take a look and upload if needed. The 
maintainer supports LowNMU so that should not be a problem I guess.

Otherwise please speak up now, Antoine :)


[...]

I'm not a DD, so i can't upload any fixes, but i would really appreciate
if we can get this fixed before the auto removal strikes.


Even with the 20 days transition delay we have now, this should still be 
in time for May 07.


Thanks again and have nice holidays
Sascha


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1034095: Also fails on VM

2023-04-08 Thread James Abernathy 
I forgot to mention that the same problem exist when installing on
libvirt/qemu KVM. VM.

Bug#1034096: bullseye-pu: package nvidia-graphics-drivers/470.182.03-1

2023-04-08 Thread Andreas Beckmann 
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu

Hi,

I'd like to update nvidia-graphics-drivers in bullseye to a new upstream
release fixing a bunch of CVEs.

As the tesla-470 driver will be part of bookworm, I've finally removed
some cruft packaging code for features not being used for several
releases already.
A usual, I want to keep the packaging of all the driver series in sync
and therefore this is now part of the bullseye-pu request, too.
All these changes have been part of the driver packages in sid/bookworm
for some time.

This package is functionally equivalent to the (soon to be uploaded)
src:nvidia-graphics-drivers-tesla-470 package in sid, which will see its
own pu request.

+nvidia-graphics-drivers (470.182.03-1) bullseye; urgency=medium
+
+  * New upstream production branch release 470.182.03 (2023-03-30).
+* Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
+  CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
+  CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
+  https://nvidia.custhelp.com/app/answers/detail/a_id/5452
+  (Closes: #1033774)
+* Improved compatibility with recent Linux kernels.
+
+  [ Andreas Beckmann ]
+  * Refresh patches.
+  * nvidia-detect: Drop support for stretch(-lts) (EoL).
+  * Drop support for building modules for non-native kernel architectures.
+  * nvidia-alternative: Access kmod config files over a versioned
+symlink (510.108.03-3).
+  * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
+  * Fix nvngx.dll install location (525.89.02-1).  (Closes: #1031185)
+  * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
+Lima Santana.
+  * Updated Turkish (tr) debconf translations by Atila KOÇ.
+  * Bump Standards-Version to 4.6.2. No changes needed.
+  * Upload to bullseye.
+
+ -- Andreas Beckmann   Sat, 08 Apr 2023 20:16:20 +0200


Andreas


ngd-470.182.03-1.diff.gz
Description: application/gzip

Bug#1033999: webkit2gtk: FTBFS on hurd-i386 (disable GBM support)

2023-04-08 Thread Alberto Garcia 
On Thu, Apr 06, 2023 at 10:04:34AM +0200, Laurent Bigonville wrote:

> It seems that webkit FTBFS again on hurd-i386
> 
> The issue seems to be the fact that libgbm is missing:
> 
> -- Could NOT find GBM (missing: GBM_LIBRARIES GBM_INCLUDE_DIR)

I don't have an easy way to verify if that's enough to fix the
build... I guess I can try on a VM first.

Berto

Bug#1034095: Bookworm-rc1 bug report against the installation-reports

2023-04-08 Thread James Abernathy 
Package: installation-reports

Boot method: 
Image version: 
Date: <4/8/2023>

Machine: 
Processor:Intel 1165G7
Memory: 16GB
Partitions: <2 partitions /dev/nvme0n1p1 500MB EFI System Partition,
/dev/nvme0n1p2 ~900GB btrfs
Note, I use expert install so I could switch to shell after partitioning to
create proper @ and @home subvolumes for timeshift usage.
Same method as used on Debian 11 Bullseye >

Output of lspci -knn (or lspci -nn):

Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it

Initial boot:   [O ]
Detect network card:[ ]O
Configure network:  [ O]
Detect media:   [O ]
Load installer modules: [ O]
Detect hard drives: [O ]
Partition hard drives:  [O ]
Install base system:[ O]
Clock/timezone setup:   [ O]
User/password setup:[ O]
Install tasks:  [O ]
Install boot loader:[O ]
Overall install:[O ]

Comments/Problems:

The install went as expected for a BTRFS install as you do on Debian. After
partitioning, CTRL-f2 to get to the console to rename @rootfs to @, and
create @home subvolumes. The install completed, but on first reboot almost
every console log statement about systemd failed.  I tried KDE and
Cinnamon. Same results. If I do the same method on Debian 11, it works
great.

Bug#1028104: libboost-dev: Boost with C++20 uses unavailable std functions

2023-04-08 Thread Paul Gevers 

Control: tags -1 bookworm-ignore

Hi Anton,

On 08-04-2023 10:07, Anton Gladky wrote:

I think there is a risk that something needs to be fixed, as there are
no RC bugs against libboost-dev.


You mean, no *other* RC bugs.


It seems like boost1.81 is not affected by this problem. So, if
somebody needs a newer library, they can
take libboost1.81-dev, which is available for bookworm.


I didn't realize we ship multiple boost versions. Which such a simple 
work around, I'll mark this bug as bookworm-ignore.



I would not
fix anything in boost shortly before release.


Indeed,


Paul, if you have some use cases where a small fix is really
necessary, we can discuss it. Otherwise, I would leave it as it is.


I don't, I'm not the bug submitter. I am wearing the Release Team hat here.

By the way, I guess this bug is basically a duplicate of bug 1006309.

Paul


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1034094: [INTL:ro] Romanian debconf templates translation of tzdata

2023-04-08 Thread Remus-Gabriel Chelu 
Package: tzdata
Version: N/A
Severity: wishlist
Tags: l10n, patch

Dear Maintainer,

Please find attached the Romanian translation of the «tzdata» file.

Thanks,
Remus-Gabriel

tzdata_debconf_ro.po
Description: Binary data

Bug#1034093: rust-bstr: Please upload newer upstream version (at least 1.0.1)

2023-04-08 Thread Petter Reinholdtsen 


Package: librust-bstr-dev
Version: 0.2.17-1
Severity: wishlist

The tiktoken package used by Whisper, WNPP request #1034091, depend on
rust-bstr version 1.0.1.  To make it possible to pack it in Debian,
please update librust-bstr-dev to a newer version.

-- 
Happy hacking
Petter Reinholdtsen

Bug#977849: RFP: wire-desktop -- open source secure messenger / collaboration tool

2023-04-08 Thread Bastian Germann 

Control: block -1 by 842420

This is an electron app and should only be packaged with a packaged 
electron in place.

Bug#1034092: [INTL:ro] Romanian debconf templates translation of tripwire

2023-04-08 Thread Remus-Gabriel Chelu 
Package: tripwire
Version: N/A
Severity: wishlist
Tags: l10n, patch

Dear Maintainer,

Please find attached the Romanian translation of the «tripwire» file.

Thanks,
Remus-Gabriel

tripwire_debconf_ro.po
Description: Binary data

Bug#1017180: FTBFS

2023-04-08 Thread matthias . geiger1024 
Hi,

I did a rebuild of 5.8-arduino11-2 in a sid sbuild chroot. Buildlog is 
attached. the watchfile is broken,
but it built fine apart from that.

Regards,

---
Matthias Geiger (werdahias)


arduino-ctags_5.8-arduino11-2_amd64.build
Description: Binary data
-BEGIN PGP PUBLIC KEY BLOCK-

mQINBGJGNsQBEADCVylaCtYtBQW4NmDrZOIizSrVlv5ZJ5WJ128MAblWk3fRFPya
Cs/klkTT58ehBSr61sXVP+NpkF7MWOBu2CNg66U40a/Eb+v4poxNaIjXKvQtf51S
y5yGwmTc7IJg8HuohT7K3/pcsEt0jvYSwvvDFUIz5WdOR5RmB7WkDRGh8Zaior3z
tzx6AKhx/aXmAc/i4BDavDxZeFC0d79H3S1+TvFsvhyIZXIFTB0sTzWreZZxSOjk
Mz6xxgWGdc27lsbZbKU7N+c+GnWrRlTjimU1AfPLJQgehIejR9pSyZ2Y5BAqB7Qr
f8Tvc8jc1kDx473sUUla6ELEuJMIISK1qam/B7buxZ1r/ngWRiQsqAHznm7OYk69
ttXBeHxS1b+HrcJMWfROkzsTuG6G//axMCb6x0MuyOgLXk87aDnDx1fPn62R+tq7
T4JvW51TSnlNNh75zA+8w3UzDHy2By0H6NSfiLerNnF7LGCXk7AiwQsaplrEjo/1
/4NraAqy1eO69SyozSiRuuA5KemlyPwJokpp2HMJX3cry2J7lV0+wnaaorQzz5Fi
7gRRlqXrOGwEcEG6i62VbIv2VW3Zy+qjaD3HRWXfKXXjpXske41Trv2qPI2/kGtJ
TRWSWdTQ42oYOaEg/KUh0GnEoZerj50JC1qGmwElKYgd+2XQ8qR7uIB5qQARAQAB
tDFNYXR0aGlhcyBHZWlnZXIgPG1hdHRoaWFzLmdlaWdlcjEwMjRAdHV0YW5vdGEu
ZGU+iQJUBBMBCgA+FiEEwuGmy/3s5RGopBdtGL0QaztsVHUFAmJGNsQCGwMFCQPC
ZwAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQGL0QaztsVHVMxQ/+M5JEQ5wk
DDblHGUlK8IBnPM5peuDrMdQAsOQ5nSv90gl4z4HkRgomS70xMpvoS+g/8hPym4G
PXpSFJsZWjFevACWMzZO84pqJhPaFnmjh3utkkiblNf8Wi350K+luAlRvT1FVD6i
HM6kOxU0P9t9+PU38FH299oRw2qEqDw5Wx+Hrnp4gaGv1mssvAMiXeaaPGx4KSz8
sNXADHJDo78U6RGJM/rSng/8M7zd3c6E8MIH958mlWjUb8T10AZ/otH3nFSRIfds
5MdnnrsKAK3DMW4RanRWHPvTsICDDkuRvigd32waQRdZeA3dNbPxM6tKDL9GEH8Q
AnkShJ7VmTXP9CV20vj15mleoeDMgqhX5KEOsc3DMnKcVqdb9CzHj6jNSFUverk1
bBNaJpIiWwtwjueR4Hgdof80AAgRin4YnWaOaPTSusrKyN8dCRVcRIbauVooWLil
q2OrWftDVmmNciwoHr5/WDPNgkv9DAgY+DX8Y8LMWAkXgpB0KniiQaLzrW34zjnP
ALTLTIvNid6YX8KOY6KhAVWfVdMC5j6GEGfbfyMLz63YPxA9Q1Af6oXS8MbdHyBw
JV8ns2xm5fD2vZVw6JI1e8AMMDjH2fAqmH23MG0fN0zd2NUToHmvhX9APSzJIbET
doFPn/mI/az4Oh24WHf3Ozr+XEDyWcyy1y+5Ag0EYkY2xAEQANL26Ixtq1QMUM+5
MHl2FK4foRODoKHe4ZzdOAumUBPJE/pxGVlVxCqzC+LUeFvA8LTYCt1B60yRveYR
4mmPTA7nAerG2m4aQPeIfzz6HXWkiu9mzgxqjhPxitiMR5f1du1rAWGPZxSkhdW6
fDWT4PkHoY78jbQXWYEnV85rwtZIZIduHGKWzyxln3qjrefmB04QkPJ2BDOsRTtD
YeNddHAvcgZtyepqZka9lpowQTY6TXwM8uYArEa7Hll/4r9rcvkVQUxf8jqYpZ3v
PLSzvvaDouH7WAg5nUaTeWAQdSq108rNRSTgScLZWjwmhFBA46RneRpij2OJ0lW4
QqFTlldjWXzgGj6u4nbXrSERGaPwyLGIkHoKbnTAm7791d/Y5UQImuPb1tIg5Pf7
OhtyWw3bstVDa5MvIUuGpi5yKPirhrtAfdZ3H2/HR814JuL2BYdjyCuR/Sj/lZTx
+gJ0bm+Llr0KZDhjKMeWaqVqsD4bybgEe4d3zE4sj9GZ0tNUvXfPaRGY6tgh9sgT
Iy28vnyYpFX+oSIZXRreDpfzyjDhvNbB+AFsPN5OXqaBpmu/378T5nRpUj/qbqEZ
EsloCbAmgHfvIysQWYdJ+63S3ZqpbEQRa4Y7DeybaLi8xTMfdWa19T7vQY3mVWn5
ZooycK4fkbedu19+5l8zfhR7oWyBABEBAAGJAjwEGAEKACYWIQTC4abL/ezlEaik
F20YvRBrO2xUdQUCYkY2xAIbDAUJA8JnAAAKCRAYvRBrO2xUdRuPD/4tdAf8nxsA
upo5O99E4AS59OTXPQuVgt1U2Z7ssDvZ3O6qbZvIBWQ0NqnCsprCt71M6cWC2dkq
WUs3oRRu4IzuB4LErcTr597k+iltJ60rhDL/hxSumToH6FSX1w8EWJVg3xgP4U39
HSx6QOlZ3bTgd9dS5S46jOptIYzX5wYkNzyMj1hbmTg0lVyMtWjqfCLNmF3EzGGC
BLR3tMOxZURrxx8tL48iJlFyxJG3XahoyxDSNepo5HZ+AUnNq2TJPoPJQfb1/GB/
/LycKSXWgblyWuGRlgoCE1JcdwuRM5hI2xugZQrhgZaPUBch1MSoiIqwgR1A8NPL
iypUPnwG4vEaVbMtem7OUghsx+fYwuGq0T7/ezjyVRv86U2gU1bmbxojct1AXSCT
FCCR3Y8QAHV9o8U/eZ1XzcEZsXFd6siO5nEBl9HaTHh5gWDrk/molP85S7Y9JIBP
wZygBjWOPCCkFlIuiPQlXsJezVu93ydz7uCNIJfHv30oVedcYHN1Wr7B/1j8wXMy
wqW4Nw54yZ8zaJIo01Khym6cFFVXoAUZa+5QRvSmjnm1Go+ZwZA9i7zo/6LLSpeR
04+4a1Daysk0fTf+DscrxQbUBZX17e1n/EtLS8/pp+Xb/k1JK1iiNcdpfLJ7RNik
GX00szhWs5riRMzIibFDsE/FyYVNX2VHQg==
=onWA
-END PGP PUBLIC KEY BLOCK-

Bug#1034091: RFP: whisper -- Robust Speech Recognition via Large-Scale Weak Supervision

2023-04-08 Thread Petter Reinholdtsen 


Package: wnpp
Severity: wishlist

  Package name: whisper
  Version : v20230314
  Upstream Author : OpenAI
  URL : https://github.com/openai/whisper
  License : MIT
  Programming Lang: Python
  Description : Robust Speech Recognition via Large-Scale Weak Supervision

Whisper provide speech to text conversion using a neural network model
created by OpenAI.  The required packages are today available using pip,
and as far as I can see from the dependencies, tiktoken[1] and
ffmpeg-python[2] are currently missing from Debian.

 [1] https://pypi.org/project/tiktoken/ > and
 https://github.com/openai/tiktoken >
 [2] https://pypi.org/project/ffmpeg-python/ > and
 https://github.com/kkroening/ffmpeg-python >

-- 
Happy hacking
Petter Reinholdtsen

Bug#1034039: libpod 3.0.1+dfsg1-3+deb11u2 flagged for acceptance

2023-04-08 Thread Adam D Barratt 
package release.debian.org
tags 1034039 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: libpod
Version: 3.0.1+dfsg1-3+deb11u2

Explanation: fix privilege escalation issue [CVE-2022-1227]; fix capability 
escalation issue due to containers being incorrectly started with non-empty 
default permissions [CVE-2022-27649]

Bug#1034039: libpod 3.0.1+dfsg1-3+deb11u3 flagged for acceptance

2023-04-08 Thread Adam D Barratt 
package release.debian.org
tags 1034039 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: libpod
Version: 3.0.1+dfsg1-3+deb11u3

Explanation: fix privilege escalation issue [CVE-2022-1227]; fix capability 
escalation issue due to containers being incorrectly started with non-empty 
default permissions [CVE-2022-27649]

Bug#1033770: apache2 2.4.56-1~deb11u2 flagged for acceptance

2023-04-08 Thread Adam D Barratt 
package release.debian.org
tags 1033770 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: apache2
Version: 2.4.56-1~deb11u2

Explanation: don't automatically enable apache2-doc.conf; fix regressions in 
http2 and mod_rewrite introduced in 2.4.56

Bug#1025654: x4d-icons 1.2-2+deb11u1 flagged for acceptance

2023-04-08 Thread Adam D Barratt 
package release.debian.org
tags 1025654 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: x4d-icons
Version: 1.2-2+deb11u1

Explanation: fix build failure with newer imagemagick versions

Bug#1034062: netcfg prompts for hostname even though preseeded, preventing unattended installation

2023-04-08 Thread Oliver Freyermuth 

Hallo Cyril,

Am 08.04.23 um 14:53 schrieb Cyril Brulebois:

Oliver Freyermuth  (2023-04-08):

I concur that the question is where to go from here — my real-world
use case is using Foreman [0] for machine deployment, which currently
passes "hostname" exclusively in its preseed/PXE templates. If the
decision is to drop support for the hostname alias, deployment
software like this one will of course need to be adapted (considering
the alternatives, that is certainly a viable option).


Thanks for bringing this topic up. I'm not sure whether that triggered
Andi's looking into it, but there's a patch available in #1031643, and
netboot(-gtk) build artifacts with patched preseed binaries available
for a limited time at:
   https://people.debian.org/~kibi/bug-1031643/

That's entirely untested (by me), Salvatore might test that later on.

I can build an amd64 netinst image if that's easier for you to test and
confirm with.


thanks!

The patched preseed binaries are in fact ideal for testing on my end: Foreman 
usually downloads kernel and initrd from the upstream source,
and takes care of all the parts which may be different for the local 
environment (PXE/bootloader/Preseed/Kickstart/Autoyast...) itself.
So I just replaced the linux and initrd.gz which Foreman downloaded with the 
linux and initrd.gz from the patched source,
and re-tried, with no other changes to Foreman, i.e. it was still using the 
hostname alias only on the kernel command line.

I can confirm that the question is not shown anymore, and installation proceeds 
unattendedly, so the patched versions test fine on my end :-).
During installation, when switching to a tty and running "hostname -f", I see 
the FQDN assigned via the hostname parameter, as expected.

Then of course we also need to test what happens without the "hostname=" 
paraemter on the kernel commandline.
I removed it, re-tried, and the question was shown again, so that also seems to 
work as expected.

Interestingky, without the "hostname=" parameter, running hostname on a tty 
(while the question is shown) echoes:

  ~ # hostname
  ?

However, that "question mark hostname" is also shown when doing this with 
Bullseye, so that seems to be expected behaviour.


I'll hold back on upstreaming this change to Foreman until a decision
on how to proceed with #1031643 is made.


Thanks again for mentioning it, that definitely shifted the balance (at
least for me) in the “let's try and restore the feature” direction.


Seeing the unintrusiveness of the patch, and taking into account that adapting 
existing deployment software can be avoided (there's certainly much more 
affected tooling out there),
that feels like a good approach to me, too.

Cheers,
Oliver

Bug#1031643: some tests …

2023-04-08 Thread Andreas B. Mundt 
Hi,

after trying some installs with the provided initrd from
pu/bug-1031643, I observed the following:

 • The patch seems to work fine with 'hostname=somename' or
   'hostname?=somename' added to the boot parameters: The question is
   not asked respectively by default set to 'somename'.
 • However, I also ran an installation with the original, unpatched
   initrd and the boot parameters:
   'auto=true priority=critical hostname=somename url=tftp://192.168.122.1 
playbook=minimal.yml ---'
   That works fine too.  The pressed file is [1] with minor, unrelated
   changes.  So that's kind of confusing to me right now.   

Best regards,

  Andi


[1] 
https://salsa.debian.org/installer-team/netboot-assistant/-/blob/master/examples/preseed.cfg

Bug#1034077: debian-security-support: Lots of noise about DEBIAN_VERSION 12 being invalid when upgrading bullseye→bookworm

2023-04-08 Thread Stuart Prescott 

Following up the conversation in #d-release...

Looking at some released versions of /usr/bin/check-support-status:

- buster (10.13, 1:10+2022.08.23) has DEB_NEXT_VER_ID=11

- bullseye (11.6, 1:11+2022.08.23) has DEB_NEXT_VER_ID=11=11

- bookworm (to be 12.0, 1:12+2023.03.17) has DEB_NEXT_VER_ID=12

Looking at older releases (prior to the change in versioning scheme) is 
a bit harder; the value of DEB_NEXT_VER_ID also seems to increment 
several times during the life of a release, which perhaps muddies the 
analysis. Backporting the entire package and incrementing that number 
during the life of the release would also be why this has not been seen 
in the past, I guess.


Based on the comment "# Version ID for next Debian stable", my 
assumption is that this should be the version number of the release that 
follows the stable release in which d-s-s is found. That is to say, the 
comment and code makes it look like DEB_NEXT_VER_ID=12 would have been 
right for bullseye and DEB_NEXT_VER_ID=13 would be right for bookworm.


Incrementing to DEB_NEXT_VER_ID=12 in the next bullseye point release 
seems reasonable to me; also incrementing in bookworm to 
DEB_NEXT_VER_ID=13 would be logical.


Rather than having base-files predepend on d-s-s, I suspect apt could be 
convinced to upgrade them in the right order by having base-files 
conflict (or perhaps break?) the 1:11+2022.08.23 version of d-s-s, with 
a fixed version in bullseye or the upgraded version in bookworm both 
being OK.


I haven't looked at the code paths to check if this warning is 'only' 
cosmetic or if it also causes d-s-s to stop working.


regards
Stuart



--
Stuart Prescott   http://www.nanonanonano.net/ stu...@nanonanonano.net
Debian Developer  http://www.debian.org/   stu...@debian.org
GPG fingerprint   90E2 D2C1 AD14 6A1B 7EBB 891D BBC1 7EBB 1396 F2F7

Bug#1034090: ibus: FTBFS twice in a row: src/ibusenumtypes.h is regenerated too late

2023-04-08 Thread Andreas Beckmann 
Source: ibus
Version: 1.5.28-3
Severity: serious
Justification: fails to build twice in a row

Hi,

ibus/experimental fails to build twice in a row. (I haven't verified
whether the version in sid is also affected by this bug.)

The first build succeeds and a subsequent debian/rules clean removes
src/ibusenumtypes.h (and maybe other required files):

 debian/rules clean
dh clean --with gir,python3
   dh_auto_clean
make -j3 distclean
make[1]: Entering directory '/build/ibus-1.5.28'
Making distclean in src
make[2]: Entering directory '/build/ibus-1.5.28/src'
Making distclean in .
make[3]: Entering directory '/build/ibus-1.5.28/src'
test -z "IBus-1.0.gir IBus-1.0.typelib ibusmarshalers.c ibusmarshalers.h  
ibusenumtypes.c ibusenumtypes.h  ibusresources.c ibusresources.h   
ibus.gresources.xml stamp-ibusmarshalers.h stamp-ibusenumtypes.h " || rm -f 
IBus-1.0.gir IBus-1.0.typelib ibusmarshal
ers.c ibusmarshalers.h  ibusenumtypes.c ibusenumtypes.h  ibusresources.c 
ibusresources.h   ibus.gresources.xml stamp-ibusmarshalers.h 
stamp-ibusenumtypes.h
...

That file doesn't get regenerated before it is used during the second build, 
resulting in:

...
( top_builddir=`cd .. && pwd`; \
cd . && /usr/bin/glib-mkenums --template ibusenumtypes.c.template ibus.h 
ibusaccelgroup.h ibusattribute.h ibusattrlist.h ibusbus.h ibuscomponent.h 
ibusconfig.h ibusconfigservice.h ibusdebug.h ibusemoji.h ibusengine.h 
ibusenginedesc.h ibusenginesimple.h ibuse
rror.h ibusfactory.h ibushotkey.h ibusinputcontext.h ibuskeymap.h ibuskeys.h 
ibuskeysyms-compat.h ibuskeysyms.h ibuslookuptable.h ibusobject.h 
ibusobservedpath.h ibuspanelservice.h ibusproperty.h ibusproplist.h ibusproxy.h 
ibusregistry.h ibusserializable.h i
busservice.h ibusshare.h ibustext.h ibustypes.h ibusunicode.h ibusutil.h 
ibusxevent.h ibusxml.h  | \
sed 's/i_bus_/ibus_/g' | \
sed 's/I_TYPE_BUS_/IBUS_TYPE_/g') > \
ibusenumtypes.c.tmp && mv ibusenumtypes.c.tmp ibusenumtypes.c
( top_builddir=`cd .. && pwd`; \
cd . && /usr/bin/glib-mkenums --template ibusenumtypes.h.template ibus.h 
ibusaccelgroup.h ibusattribute.h ibusattrlist.h ibusbus.h ibuscomponent.h 
ibusconfig.h ibusconfigservice.h ibusdebug.h ibusemoji.h ibusengine.h 
ibusenginedesc.h ibusenginesimple.h ibuse
rror.h ibusfactory.h ibushotkey.h ibusinputcontext.h ibuskeymap.h ibuskeys.h 
ibuskeysyms-compat.h ibuskeysyms.h ibuslookuptable.h ibusobject.h 
ibusobservedpath.h ibuspanelservice.h ibusproperty.h ibusproplist.h ibusproxy.h 
ibusregistry.h ibusserializable.h i
busservice.h ibusshare.h ibustext.h ibustypes.h ibusunicode.h ibusutil.h 
ibusxevent.h ibusxml.h  | \
sed 's/i_bus_/ibus_/g' | \
sed 's/I_TYPE_BUS_/IBUS_TYPE_/g') > \
ibusenumtypes.h.tmp && mv ibusenumtypes.h.tmp ibusenumtypes.h
INFO: Reading ./ibusmarshalers.list...
sed -e "s|\@ENDIAN\@|little|g" \
ibus.gresources.xml.in > ibus.gresources.xml.tmp && \
mv ibus.gresources.xml.tmp ibus.gresources.xml
gcc -DHAVE_CONFIG_H -I. -I..  -DG_LOG_DOMAIN=\"IBUS\" -I/usr/include/glib-2.0 
-I/usr/lib/x86_64-linux-gnu/glib-2.0/include  -I/usr/include/glib-2.0 
-I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/include/glib-2.0 
-I/usr/lib/x86_64-linux-gnu/glib-2.0/incl
ude -I/usr/include/libmount -I/usr/include/blkid -I/usr/include/gio-unix-2.0 
-pthread -DIBUS_CACHE_DIR=\""/var/cache/ibus"\" 
-DIBUS_DATA_DIR=\"/usr/share/ibus\" -DIBUS_DISABLE_DEPRECATION_WARNINGS 
-DIBUS_COMPILATION -DISOCODES_PREFIX=\"/usr\" -DX11_DATA_PREF
IX=\"/usr\"  -DENABLE_EMOJI_DICT -Wdate-time -D_FORTIFY_SOURCE=2  -g -O2 
-ffile-prefix-map=/build/ibus-1.5.28=. -fstack-protector-strong -Wformat 
-Werror=format-security -Wall -pedantic -c -o 
gen_internal_compose_table-gencomposetable.o `test -f 'gencomposet
able.c' || echo './'`gencomposetable.c
In file included from ./ibusobject.h:41,
 from ./ibus.h:31,
 from gencomposetable.c:23:
./ibusdebug.h:49:31: warning: ISO C does not permit named variadic macros 
[-Wvariadic-macros]
   49 | #define ibus_warning(msg, args...) \
  |   ^~~
gcc -DHAVE_CONFIG_H -I. -I..  -DG_LOG_DOMAIN=\"IBUS\" -I/usr/include/glib-2.0 
-I/usr/lib/x86_64-linux-gnu/glib-2.0/include  -I/usr/include/glib-2.0 
-I/usr/lib/x86_64-linux-gnu/glib-2.0/include -I/usr/include/glib-2.0 
-I/usr/lib/x86_64-linux-gnu/glib-2.0/incl
ude -I/usr/include/libmount -I/usr/include/blkid -I/usr/include/gio-unix-2.0 
-pthread -DIBUS_CACHE_DIR=\""/var/cache/ibus"\" 
-DIBUS_DATA_DIR=\"/usr/share/ibus\" -DIBUS_DISABLE_DEPRECATION_WARNINGS 
-DIBUS_COMPILATION -DISOCODES_PREFIX=\"/usr\" -DX11_DATA_PREF
IX=\"/usr\"  -DENABLE_EMOJI_DICT -Wdate-time -D_FORTIFY_SOURCE=2  -g -O2 
-ffile-prefix-map=/build/ibus-1.5.28=. -fstack-protector-strong -Wformat 
-Werror=format-security -Wall -pedantic -c -o 
gen_internal_compose_table-ibuscomposetable.o `test -f 'ibuscompos
etable.c' || echo './'`ibuscomposetable.c
./ibus.h:49:10: fatal error: ibusenumtypes.h: No such file or directory
   49 | #include 
  |

Bug#1034089: calibre: TypeError on opening Preferences

2023-04-08 Thread Bernd Sokolowsky 
Package: calibre
Version: 6.15.0-1
Severity: important

Dear Maintainer,

When I click on "Preferences", an error dialog is displayed, with the following 
content:

calibre 6.15  embedded-python: False
Linux-6.2.10-1-siduction-amd64-x86_64-with-glibc2.36 Linux ('64bit', 'ELF')
('Linux', '6.2.10-1-siduction-amd64', '#1 SMP PREEMPT_DYNAMIC siduction 6.2-10 
(2023-04-06)')
Python 3.11.2
Interface language: en_GB
Successfully initialized third party plugins: Count Pages (1, 11, 2) && Modify 
ePub (1, 7, 3) && Quality Check (1, 12, 0)
Traceback (most recent call last):
  File "/usr/lib/calibre/calibre/gui2/preferences/main.py", line 308, in 
show_plugin
self.showing_widget = plugin.create_widget(self.scroll_area)
  ^^
  File "/usr/lib/calibre/calibre/customize/__init__.py", line 709, in 
create_widget
return widget(parent)
   ^^
  File "/usr/lib/calibre/calibre/gui2/preferences/__init__.py", line 267, in 
__init__
self.setupUi(self)
  File "/usr/lib/calibre/calibre/gui2/preferences/saving_ui.py", line 46, in 
setupUi
self.save_template = SaveTemplate(parent=Form)
 ^
TypeError: SaveTemplate.__init__() got an unexpected keyword argument 'parent'

(the Preferences dialog does not open)

-- System Information:
Debian Release: 12.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.2.10-1-siduction-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages calibre depends on:
ii  ca-certificates20230311
ii  calibre-bin6.15.0-1
ii  fonts-liberation2  2.1.5-1
ii  libjpeg-turbo-progs1:2.1.5-2
ii  libjxr-tools   1.2~git20170615.f752187-5
ii  libqt6webenginecore6-bin   6.4.2-final+dfsg-1
ii  optipng0.7.7-2+b1
ii  poppler-utils  22.12.0-2+b1
ii  pyqt6-dev-tools6.4.2-1
ii  python33.11.2-1
ii  python3-apsw   3.40.0.0-2+b1
ii  python3-bs44.11.2-2
ii  python3-chm0.8.6-3+b4
ii  python3-css-parser 1.0.8-1
ii  python3-cssselect  1.2.0-2
ii  python3-dateutil   2.8.2-2
ii  python3-feedparser 6.0.10-1
ii  python3-html2text  2020.1.16-2
ii  python3-html5-parser   0.4.10-8+b1
ii  python3-html5lib   1.1-3
ii  python3-jeepney0.8.0-3
ii  python3-lxml   4.9.2-1+b1
ii  python3-markdown   3.4.1-2
ii  python3-mechanize  1:0.4.8+pypi-5
ii  python3-msgpack1.0.3-2+b1
ii  python3-netifaces  0.11.0-2+b1
ii  python3-pil9.4.0-1.1+b1
ii  python3-pkg-resources  66.1.1-1
ii  python3-py7zr  0.11.3+dfsg-5
ii  python3-pycryptodome   3.11.0+dfsg1-4
ii  python3-pygments   2.14.0+dfsg-1
ii  python3-pyparsing  3.0.9-1
ii  python3-pyqt6  6.4.2-1
ii  python3-pyqt6.qtquick  6.4.2-1
ii  python3-pyqt6.qtsvg6.4.2-1
ii  python3-pyqt6.qtwebengine  6.4.0-1
ii  python3-pyqt6.sip  13.4.1-1
ii  python3-regex  0.1.20221031-1+b1
ii  python3-routes 2.5.1-3
ii  python3-speechd0.11.4-2
ii  python3-zeroconf   0.54.0-1
ii  python3.11 3.11.2-6
ii  xdg-utils  1.1.3-4.1

Versions of packages calibre recommends:
ii  python3-dnspython  2.3.0-1
ii  python3-ipython8.5.0-4
ii  qt6-wayland6.4.2-1
ii  udisks22.9.4-4

Versions of packages calibre suggests:
pn  python3-unrardll  

-- no debconf information

Bug#1034088: cyrus-imapd: fails to clean after successful build: No rule to make target 'Makefile.PL', needed by 'Makefile'.

2023-04-08 Thread Andreas Beckmann 
Source: cyrus-imapd
Version: 3.8.0~beta2-1
Severity: serious
Justification: fails to build from source twice in a row

Hi,

cyrus-imapd/experimental fails to clean after a successful build.
(I didn't verify whether the package in sid has the same problem.)

...
Making distclean in perl/annotator
make[2]: Entering directory '/build/cyrus-imapd-3.8.0~beta2/perl/annotator'
make[2]: *** No rule to make target 'Makefile.PL', needed by 'Makefile'.  Stop.
make[2]: Leaving directory '/build/cyrus-imapd-3.8.0~beta2/perl/annotator'
make[1]: *** [Makefile:7537: distclean-recursive] Error 1
make[1]: Leaving directory '/build/cyrus-imapd-3.8.0~beta2'
dh_auto_clean: error: make -j3 distclean returned exit code 2
make: *** [debian/rules:57: clean] Error 25


Andreas


cyrus-imapd_3.8.0~beta2-1_twice.log.gz
Description: application/gzip

Bug#930094:

2023-04-08 Thread Chea Channimol 
Ok

Bug#1034062: netcfg prompts for hostname even though preseeded, preventing unattended installation

2023-04-08 Thread Cyril Brulebois 
Hallo wieder,

Oliver Freyermuth  (2023-04-08):
> indeed, that seems to be the case — I can confirm using the full
> netcfg/get_hostname name on the kernel command line prevents the
> question from being shown, and preseeding proceeds unattendedly again.
> :-)

Thanks for confirming.

> That easily explains why I did not find any code changes in netcfg
> which could explain this change in behaviour, since the reason is due
> to a kernel behavipur change.

The behavorial change was fun to track down, yes…

> So this can probably be closed as a duplicate of #1031643.
> 
> I concur that the question is where to go from here — my real-world
> use case is using Foreman [0] for machine deployment, which currently
> passes "hostname" exclusively in its preseed/PXE templates. If the
> decision is to drop support for the hostname alias, deployment
> software like this one will of course need to be adapted (considering
> the alternatives, that is certainly a viable option).

Thanks for bringing this topic up. I'm not sure whether that triggered
Andi's looking into it, but there's a patch available in #1031643, and
netboot(-gtk) build artifacts with patched preseed binaries available
for a limited time at:
  https://people.debian.org/~kibi/bug-1031643/

That's entirely untested (by me), Salvatore might test that later on.

I can build an amd64 netinst image if that's easier for you to test and
confirm with.

> I'll hold back on upstreaming this change to Foreman until a decision
> on how to proceed with #1031643 is made.

Thanks again for mentioning it, that definitely shifted the balance (at
least for me) in the “let's try and restore the feature” direction.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1024790: ortools: FTBFS everywhere

2023-04-08 Thread Agathe Porte 
Control: tags -1 - bookworm

This package currently has no rdeps and I do not intent to fix it
for bookworm. Removing bookworm tag.

Bug#1034050: fonts-creep2: generated font is TrueType, not OpenType

2023-04-08 Thread Jonas Smedegaard 
Quoting Nathan Willis (2023-04-08 11:22:07)
> On Fri, Apr 7, 2023 at 8:28 PM Agathe Porte  wrote:
> > > Similarly, if the intent is to make some sort of distinction based on the
> > > contents of the tables (e.g., GSUB and GPOS), then the filename extension
> > > still isn't adequate, because .ttf files can and do include those tables
> > > (see Noto and many many others).
> >
> > I do not know how to inspect the tables, but the `file` tool indicates
> > that creep2.ttf (provided by upstream) and creep2.otb (built by the
> > package) are reported as TrueType fonts with BDF tables:
> >
> >
> There are a couple of passable options. FontForge *can* show you all the
> contents, but the drawback is that it doesn't have a good concept of
> "general overview" and instead it's all split up into different panes of
> different editable info-windows.
> 
> The much easier option (IMO) is probably the "TTX" tool, which is a
> round-trip-through XML tool, but it has several convenience switches, too,
> letting you just look at stuff.

The tool otfinfo part of Debian package lcdf-tools can list the tables:

$ otfinfo -t /usr/share/fonts/opentype/cantarell/Cantarell-Bold.otf
  77805 CFF
498 GDEF
  15980 GPOS
   2818 GSUB
 96 OS/2
   3308 cmap
 54 head
 36 hhea
   5288 hmtx
  6 maxp
   1112 name
 32 post
$ otfinfo -t /usr/share/fonts/opentype/creep2/creep2.otb
   1184 BDF
   3581 EBDT
156 EBLC
 28 FFTM
 28 GDEF
 96 OS/2
   1184 cmap
  0 glyf
 54 head
 36 hhea
   1030 hmtx
  2 loca
 32 maxp
495 name
   3329 post


Hope that's of some help.


 - Jonas


-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

Bug#829696: xfce4-panel: Panel displayed in wrong position on startup

2023-04-08 Thread Paul "LeoNerd" Evans 
On Thu, 10 Nov 2022 09:20:23 +0500
Akbarkhon Variskhanov  wrote:

> Do you still face this problem? 

Yup, still happening.

> Sounds like a saved session issue.
> Check if autosave is disabled:
> 
> $ xfconf-query --channel xfce4-session --property /general/AutoSave

$ xfconf-query --channel xfce4-session --property /general/AutoSave
Property "/general/AutoSave" does not exist on channel "xfce4-session".

> and make sure the checkbox to save that appears on logout dialog is
> also unticked. Then, clear out ~/.cache/sessions
> 
> Wouldn't also hurt to see your
> ~/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml

Here:




  

  
  
  
  







  
  
  
  
  
  
  


  
  
  
  

  
  
  
  
  
  
  
  
  


  
  

  


  
  
  
  
  
  
  
  
  
  
  


  
  


  

















  
  






  
  






  
  

  


  


  


  





  
  
  
  


  
  
  

  
  



-- 
Paul "LeoNerd" Evans

leon...@leonerd.org.uk  |  https://metacpan.org/author/PEVANS
http://www.leonerd.org.uk/  |  https://www.tindie.com/stores/leonerd/

Bug#1034087: afl++: Include afl-clang-lto(++) in package

2023-04-08 Thread Jonathan Neuschäfer 
Package: afl++
Version: 4.04c-3
Severity: wishlist

Hello,

the AFL++ documentation recommends using afl-clang-lto(++) if possible[1].

Based on local tests, "PREFIX=/usr make" will produce an afl-clang-lto
binary, if lld-14 is also installed (which should be the case, according
to debian/rules). Not sure what's missing from the Debian package in
order to get afl-clang-lto.

Best regards,
jn


[1]: 
https://github.com/AFLplusplus/AFLplusplus/blob/stable/docs/fuzzing_in_depth.md#1-instrumenting-the-target


-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-7-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages afl++ depends on:
ii  build-essential  12.9
ii  clang1:14.0-55.6
ii  clang-14 1:14.0.6-12
ii  libc62.36-8
ii  libgcc-s112.2.0-14
ii  libpython3.113.11.2-6
ii  libstdc++6   12.2.0-14
ii  procps   2:4.0.2-3

Versions of packages afl++ recommends:
ii  afl++-doc  4.04c-3

Versions of packages afl++ suggests:
pn  gnuplot  

-- no debconf information

Bug#1034086: tcpdump: CVE-2023-1801

2023-04-08 Thread Salvatore Bonaccorso 
Source: tcpdump
Version: 4.99.3-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for tcpdump.

CVE-2023-1801[0]:
| The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-
| of-bounds write when decoding a crafted network packet.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-1801
https://www.cve.org/CVERecord?id=CVE-2023-1801
[1] 
https://github.com/the-tcpdump-group/tcpdump/commit/03c037bbd75588beba3ee09f26d17783d21e30bc

Regards,
Salvatore

Bug#1033755: heimdal: CVE-2022-3116

2023-04-08 Thread Salvatore Bonaccorso 
Hi Brian,

On Sat, Apr 08, 2023 at 07:56:55PM +1000, Brian May wrote:
> Salvatore Bonaccorso  writes:
> 
> > Version: 7.8.git20221117.28daf24+dfsg-1.1
> 
> Are you sure this applies to the unstable version?
> 
> I can only find one out of two chunks in the patch. Maybe it was already
> fixed in the stable branch which we use for unstable?

I *was* almost sure this was only fixed in the master branch of
Heimdal and was not in 7.7.0 as well, and 7.8 does not seem to have
the change applied as well. 

But I will double-check again.

https://www.kb.cert.org/vuls/id/730793 contains some more information
and some distributions like Ubuntu did cherry pick the fix as well in
their respective 7.7.0 and 7.5.0 based versions.

Regards,
Salvatore

Bug#1034080: sdop: fails to clean after successful build: No rule to make target 'distclean'.

2023-04-08 Thread Andreas Metzler 
Control: tags -1 - ftbfs

On 2023-04-08 Andreas Beckmann  wrote:
> Source: sdop
> Version: 1.00-1
> Severity: serious
> Tags: ftbfs
> Justification: fails to build from source twice in a row

> Hi,

> sdop/experimental fails to build twice in a row. (I haven't checked
> whether the package in sid has the same problem.)
> The first build succeeds, but the subsequent clean fails:

Hello Andreas,

thanks, I will fix it. FWIW I think "does not build twice" is something
completely different than FTBFS and does not match the tag description.

cu Andreas

Bug#1034085: spyder: Cursor jumps somewhere else after right-clicking → selecting Format with Black or Autopep8

2023-04-08 Thread Amr Ibrahim 
Package: spyder
Version: 5.4.2+ds-5
Severity: normal

Hello,

Steps to reproduce the bug:
0. Enable a formatter: Black or Autopep8
1. Make sure that there is something to be formatted in the code
2. Right-click somewhere in the editor and select Format with Black or Autopep8

What happens:
After formatting the file, the cursor jumps somewhere else in the editor,
usually up, changing the editor view.

What should happen:
The cursor stays where it is after formatting is done.


Best,
Amr


-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing'), (100, 'unstable'), 
(50, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-7-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages spyder depends on:
ii  python3 3.11.2-1
ii  python3-spyder  5.4.2+ds-5

spyder recommends no packages.

Versions of packages spyder suggests:
pn  python3-spyder-unittest  

Versions of packages python3-spyder depends on:
ii  ipython3   8.5.0-4
ii  libjs-jquery   3.6.1+dfsg+~3.5.14-1
ii  libjs-mathjax  2.7.9+dfsg-1
ii  pyflakes3  2.5.0-1
ii  pylint 2.16.2-2
ii  python33.11.2-1
ii  python3-atomicwrites   1.4.1-1
ii  python3-autopep8   2.0.1-1
ii  python3-chardet5.1.0+dfsg-2
ii  python3-cloudpickle2.2.0-1
ii  python3-cookiecutter   1.7.3-3
ii  python3-diff-match-patch   20200713-2
ii  python3-docutils   0.19+dfsg-6
ii  python3-flake8 5.0.4-4
ii  python3-intervaltree   3.0.2-1.1
ii  python3-ipython8.5.0-4
ii  python3-jedi   0.18.2-1
ii  python3-jellyfish  0.8.9-1+b4
ii  python3-jsonschema 4.10.3-1
ii  python3-keyring23.9.3-2
ii  python3-mccabe 0.7.0-1
ii  python3-nbconvert  6.5.3-3
ii  python3-numpydoc   1.5.0-1
ii  python3-parso  0.8.3-1
ii  python3-pexpect4.8.0-4
ii  python3-pickleshare0.7.5-5
ii  python3-pkg-resources  66.1.1-1
ii  python3-psutil 5.9.4-1+b1
ii  python3-pycodestyle2.10.0-1
ii  python3-pydocstyle 6.2.3-3
ii  python3-pygments   2.14.0+dfsg-1
ii  python3-pylint-venv2.3.0-2
ii  python3-pyls-spyder0.4.0-2
ii  python3-pylsp  1.7.1-1
ii  python3-pylsp-black1.2.1-2
ii  python3-pyqt5  5.15.9+dfsg-1
ii  python3-pyqt5.qtwebengine  5.15.6-1
ii  python3-qdarkstyle 3.1+ds1-1
ii  python3-qstylizer  0.2.2-1
ii  python3-qtawesome  1.2.2+dfsg-1
ii  python3-qtconsole  5.4.0-1
ii  python3-qtpy   2.3.0-1
ii  python3-rope   1.7.0-1
ii  python3-rtree  1.0.1-1
ii  python3-setuptools 66.1.1-1
ii  python3-sphinx 5.3.0-4
ii  python3-spyder-kernels 2.4.2-1
ii  python3-textdistance   4.5.0-1
ii  python3-three-merge0.1.1-4
ii  python3-watchdog   2.2.1-1
ii  python3-xdg0.28-2
ii  python3-zmq24.0.1-4+b1
ii  spyder-common  5.4.2+ds-5
ii  yapf3  0.32.0-1

python3-spyder recommends no packages.

Versions of packages python3-spyder suggests:
pn  cython3 
ii  python3-matplotlib  3.6.3-1+b1
ii  python3-numpy   1:1.24.2-1
pn  python3-pandas  
ii  python3-pil 9.4.0-1.1+b1
pn  python3-scipy   
ii  python3-sympy   1.11.1-1

Versions of packages python3-pyqt5 depends on:
ii  libc6 2.36-8
ii  libgcc-s1 12.2.0-14
ii  libpython3.11 3.11.2-6
ii  libqt5core5a [qtbase-abi-5-15-8]  5.15.8+dfsg-3
ii  libqt5dbus5   5.15.8+dfsg-3
ii  libqt5designer5   5.15.8-2
ii  libqt5gui55.15.8+dfsg-3
ii  libqt5help5   5.15.8-2
ii  libqt5network55.15.8+dfsg-3
ii  libqt5printsupport5   5.15.8+dfsg-3
ii  libqt5test5   5.15.8+dfsg-3
ii  libqt5widgets55.15.8+dfsg-3
ii  libqt5xml55.15.8+dfsg-3
ii  libstdc++612.2.0-14
ii  python3   3.11.2-1
ii  python3-pyqt5.sip 12.11.1-1

-- no debconf information

Bug#1034084: RFS: d11amp/0.61-1 -- Oldskool MP3 player

2023-04-08 Thread Thomas Dettbarn 

Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for my package "d11amp":

* Package name : d11amp
Version : 0.61-1
Upstream contact : Thomas Dettbarn 
* URL : https://www.dettus.net/d11amp/
* License : CC0, BSD-2-Clause
* Vcs : https://github.com/dettus/d11amp/
Section : sound

The source builds the following binary packages:

d11amp - Oldskool MP3 player

To access further information about this package, please visit the 
following URL:


https://mentors.debian.net/package/d11amp/

Alternatively, you can download the package with 'dget' using this command:

dget -x 
https://mentors.debian.net/debian/pool/main/d/d11amp/d11amp_0.61-1.dsc


Changes for the initial release:

d11amp (0.61-1) unstable; urgency=low
.
* Improved playlist
* Improved keyboard control
* Improved output options

Regards,

Bug#630538: Vixie cron PID confusion

2023-04-08 Thread Teal Bauer 
I've stumbled onto this bug a little while ago, went through the full 
debugging cycle and when I wanted to report it, I found this existing 
bug report. I shelved it and just today came back to it and I would like 
to add a remark in reply to message #29:


You're correct that there is a bug in the logging function, in that the 
assumptions of UNIXes have changed underneath vixie cron -- namely, 
syslog does not allow callers to specify a PID at all. The relevant 
lines from the package source (misc.c):



    #if defined(SYSLOG)
    # ifdef LOG_CRON
        openlog(ProgramName, LOG_PID, LOG_CRON);
    # else
        openlog(ProgramName, LOG_PID);
    # endif

        syslog(LOG_INFO, "(%s) %s (%s)", username, event, detail);


So when logging to syslog, the PID passed to the log function is never 
used, due to a limitation of syslog.


Thus, the fix needs to be made in a different place, and - funnily and 
frustratingly enough - the fix has already been made (probably in 
3.0pl1-117), except it is not used by default!


do_command.c is responsible for executing the actual cron command. In 
the original vixie cron source,


    log_it(usernm, getpid(), "CMD", x);

is called from the child process after fork(). However, the "END" 
logging (which is not in vixie-cron originally but added by the 
Selective logging patch) is done by the parent process, thus the logged 
PIDs will differ when used with Syslog.


The same Selective logging patch added a version of the logging in the 
default branch of the fork() switch, so if the -L log levels for "log 
job start" and "log job pid" are set, the starting PID is not logged by 
the child but the parent process instead.


So basically there is now what seems to me to be a "do things right" 
flag - if log level includes 8 (log PIDs) then both CMD and END messages 
are sent by the same process and contain the same correct PIDs:


    Apr  8 10:17:56 e02fc37faf65 CRON[27]: (root) CMD ([28] 
/tmp/runner.sh >>/tmp/runner.log)
    Apr  8 10:19:12 e02fc37faf65 CRON[27]: (root) END ([28] 
/tmp/runner.sh >>/tmp/runner.log)


(PID 27 is the cron parent, PID 28 is the command child, PID 29 is the 
PID of the actual command).
If the log level includes only e.g. "log start" and "log end", then the 
PIDs will differ:


    Apr  8 10:14:06 2d9c73749325 CRON[28]: (root) CMD (/tmp/runner.sh 
>>/tmp/runner.log)
    Apr  8 10:15:27 2d9c73749325 CRON[27]: (root) END (/tmp/runner.sh 
>>/tmp/runner.log)


(PID 28 is the command child which sends the CMD message, PID 27 is the 
cron parent which sends the END message, the actual command is PID 29)


I would like to propose (and intend on submitting a patch soon) to 
always log in the same place.
Ideally, that would be the child process, so that the PID that openlog() 
uses and the PID that cron would log are the same, but I'm not sure 
that's possible in a reliable way. Doing it in the parent is just as 
well for me, though - my original intent was trying to match CMDs to 
ENDs in the logs of a wildly active system.


Curious to hear your thoughts!


Best
Teal

Bug#1033755: heimdal: CVE-2022-3116

2023-04-08 Thread Brian May 
Salvatore Bonaccorso  writes:

> Version: 7.8.git20221117.28daf24+dfsg-1.1

Are you sure this applies to the unstable version?

I can only find one out of two chunks in the patch. Maybe it was already
fixed in the stable branch which we use for unstable?
-- 
Brian May @ Debian

Bug#1034071: u-boot-menu: Does not show a menu due to 'prompt 0'

2023-04-08 Thread Diederik de Haas 
On Saturday, 8 April 2023 04:24:10 CEST Vagrant Cascadian wrote:
> On 2023-04-08, Diederik de Haas wrote:
> > As the subject says, u-boot-menu doesn't show a (boot) menu as the
> > 'prompt' setting has a hardcoded value of '0'. If you'd change that to
> > say '5' then you do see a menu from which you can choose.
> > But the next time you'd run 'u-boot-update' that value gets overwritten.
> 
> Old versions of u-boot basically ignore this value in my experience, but
> that bug was fixed in upstream u-boot 2023.04:
> https://source.denx.de/u-boot/u-boot/-/commit/739e8361f3fe78038251216df6096
> a32bc2d5839

We do indeed use (an) u-boot version 2023.04-rc1-gbe645fef.

> > It would be great if this could still make it into Bookworm and I do
> > believe this is a targeted fix. I set 'Severity: normal', but a case can
> > be made for a higher severity as 'u-boot-menu' doesn't show a menu.
> > I'd be also fine with a default value of '0', so that the only change
> > would be to make 'prompt' configurable.
> 
> The version of u-boot in bookworm (2023.01) should not be affected, so
> it is somewhat less urgent... or are you experiencing this issue with
> u-boot as shipped in bookworm?

Plebian is (for now at least) pure Debian, but with mainline-ish u-boot 
version which *does* support Pine64 Quartz64 devices.
So we don't use u-boot as shipped in Bookworm, but we do use u-boot-menu as 
shipped in Bookworm, which provides customization options for most items.
 
> Before changing the default behavior, I was thinking of proposing a
> patch for bookworm that kept the current behavior but allowed overriding
> it... that would at least be reasonably cautious.

Yep, I agree. That's what we actually need.

In my MR you made the following comment:
> Last I tried, it should also work with "1" as the default (essentially a
> boolean)... "5" seems a bit arbitrary, even if the u-boot code is
> technically checking for zero or non-zero. Or is there a behavioral
> difference with different values?

And it looks like you are right. The value '5' worked as it's !=0, but it was 
indeed arbitrary.

Based on your comment, I tried a few more values and they all had the exact
same effect: 1, 5 or 10
So it does appear to be a boolean.

It looks like the upstream code still has a bug in it as I (then) expected it 
would wait until U_BOOT_TIMEOUT had passed, but it seems ~3 seconds, 
regardless of the value I set for 'prompt' or U_BOOT_TIMEOUT.
If I press a key during the menu, then it waits ... not till U_BOOT_TIMEOUT 
has passed, but indefinitely?

> I had intended to test a few different versions to see how they were
> affected before moving forward with that... but I did not get around to
> it and we are now very late in the freeze.
> 
> If it proves harmless on the version of u-boot in bookworm (2023.01*)
> and bullseye (2021.01*), and if we are being really careful, buster
> (2019.01*) ... then I think it would be good to consider for bookworm,
> or maybe the first bookworm point release?

Anyway, the goal is to make it configurable in u-boot-menu and it would be 
better to keep the default behavior as it was.
A new/better default could be considered for Trixie.

I've updated the MR and attached the updated patch which only makes the 
'prompt' value a variable (with a default of '0').

Cheers,
  Diederik>From 4f2e1b49562205a01865bd37f3cbd7bd245b08e1 Mon Sep 17 00:00:00 2001
From: Diederik de Haas 
Date: Thu, 6 Apr 2023 18:10:12 +0200
Subject: [PATCH] u-boot-update: Make 'prompt' configurable

The 'prompt' value was hard-coded to '0', which means the menu isn't
actually shown and there was no non-hacky way to change that.
So replace the hard-coded '0' with an `U_BOOT_PROMPT` variable to make
it configurable.

Closes: #1034071
---
 debian/changelog | 6 ++
 default  | 1 +
 u-boot-update| 3 ++-
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index 5192c3a..b2b8fc0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+u-boot-menu (4.2.2) UNRELEASED; urgency=medium
+
+  * u-boot-update: Make 'prompt' configurable (Closes: #1034071)
+
+ -- Diederik de Haas   Thu, 06 Apr 2023 18:08:55 +0200
+
 u-boot-menu (4.2.1) unstable; urgency=medium
 
   * Revert "add kalsrseed support" (Closes: #1025954)
diff --git a/default b/default
index 2e29c83..782453b 100644
--- a/default
+++ b/default
@@ -4,6 +4,7 @@
 
 #U_BOOT_ALTERNATIVES="default recovery"
 #U_BOOT_DEFAULT="l0"
+#U_BOOT_PROMPT="0"
 #U_BOOT_ENTRIES="all"
 #U_BOOT_MENU_LABEL="Debian GNU/Linux"
 #U_BOOT_PARAMETERS="ro quiet"
diff --git a/u-boot-update b/u-boot-update
index 90c4087..f887560 100755
--- a/u-boot-update
+++ b/u-boot-update
@@ -96,6 +96,7 @@ fi
 
 U_BOOT_ALTERNATIVES="${U_BOOT_ALTERNATIVES:-default recovery}"
 U_BOOT_DEFAULT="${U_BOOT_DEFAULT:-l0}"
+U_BOOT_PROMPT="${U_BOOT_PROMPT:-0}"
 U_BOOT_ENTRIES="${U_BOOT_ENTRIES:-all}"
 U_BOOT_TIMEOUT="${U_BOOT_TIMEOUT:-50}"

Bug#1034083: apt-cacher-ng cron job exits sometimes with error code 134

2023-04-08 Thread Helge Deller 

Package: apt-cacher-ng
Version: 3.7.4-1

Since quite many months I see occasionally (~ once a month) this cron job 
warning:
/etc/cron.daily/apt-cacher-ng:
Aborted
run-parts: /etc/cron.daily/apt-cacher-ng exited with return code 134

I originally assumed it was because of missing large-file-support (see bug 
#1020909),
but it turns out to be some kind of time-out.

To find the cause of this error I modified /etc/cron.daily/apt-cacher-ng like 
this
and had to wait some weeks until the error occured:
--
echo "Debug info added to /etc/cron.daily/apt-cacher-ng"
echo "Helge added debug info to /etc/cron.daily/apt-cacher-ng to find cause for 
this: /etc/cron.daily/apt-cacher-ng exited with return code 134"

if [ -d /var/log/apt-cacher-ng ]; then
echo "clean dir:  /var/log/apt-cacher-ng/"
ls -la /var/log/apt-cacher-ng/
echo "INODES"
ls -li /var/log/apt-cacher-ng/
echo "FIND 1:"
# rm older than 10 days
find /var/log/apt-cacher-ng -maxdepth 1 -name 
'maint_*.log.html.xz' -or -name 'maint_*.log.html' -type f -user apt-cacher-ng 
-mtime +10 -delete
echo "XZ 1:"
# compress older than 5 days
find /var/log/apt-cacher-ng -maxdepth 1 -name 
'maint_*.log.html' -type f -user apt-cacher-ng -mtime +5 -print0 | xargs -r0 xz
echo "clean dir done"
fi

rpage=$(/usr/lib/apt-cacher-ng/acngtool -c /etc/apt-cacher-ng 2>/dev/null 
printvar ReportPage)
echo "rpage is:   $rpage"
if test 0 = $(echo "$rpage" | wc -w)
then
echo Warning: ReportPage setting of apt-cacher-ng was disabled by 
administrator. >&2
echo See /usr/share/doc/apt-cacher-ng/README.Debian for details. >&2
exit 42
fi

echo "Now start scngtool maint:"
strace -f /usr/lib/apt-cacher-ng/acngtool maint -c /etc/apt-cacher-ng 
SocketPath=/var/run/apt-cacher-ng/socket  2>&1
echo "done."


The important part is the added "strace" at the end to see what 
"/usr/lib/apt-cacher-ng/acngtool maint" is doing.
I've added the full output of this faulty run to this bug report.
I think the interesting part is this strace output:
...
[pid  4533] read(9, "Bringing index files up to da"..., 3) = 46
[pid  4533] pselect6(10, [7 9], [], NULL, {tv_sec=17, tv_nsec=23000}, NULL) = 1 
(in [9], left {tv_sec=17, tv_nsec=23000})
[pid  4533] read(9, "\r\n", 3)  = 2
[pid  4533] pselect6(10, [7 9], [], NULL, {tv_sec=17, tv_nsec=23000}, NULL) = 0 
(Timeout)
[pid  4533] shutdown(9, SHUT_RDWR)  = 0
[pid  4533] close(9)= 0
...
It seems acngtool receives "Bringing index files up to date" (?) and then it
times out ofter ~17 seconds and kills the connection and afterwards is killed
with SIGABRT:
...
[pid  4554] tgkill(4526, 4554, SIGABRT) = 0
[pid  4554] --- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=4526, 
si_uid=0} ---
[pid  4526] <... futex resumed>)= ?
[pid  4554] +++ killed by SIGABRT +++
+++ killed by SIGABRT +++
...

My assumption is, that the ~ 17 seconds wait time is too short.
This machine is a debian buildd server for the hppa architecture.
It's much slower than x86 machines and sometimes has a high CPU load
when building packages. This can lead to slowly running cron jobs which then
probably triggers this kind of errors.

I briefly looked at the source code of apt-cacher-ng, and it seems many timeouts
can be configured in /etc/apt-cacher-ng/acng.conf.
Do you have a suggestion which of those is relevant for this cron job?
Could it be the nettimeout(17) as from src/acfg_defaults.cc, which can
be configured with the "NetworkTimeout" parameter?
If so, does it make sense to increase that value by default?

Another question would be:
If it really turns out to be a time-out issue, would it be possible to print
some better warning or error message instead of just SIGABRT ?

Thanks,
Helge

apt-cacher-ng-trace.log.gz
Description: application/gzip

Bug#1034050: fonts-creep2: generated font is TrueType, not OpenType

2023-04-08 Thread Nathan Willis 
On Fri, Apr 7, 2023 at 8:28 PM Agathe Porte  wrote:

>
> > Similarly, if the intent is to make some sort of distinction based on the
> > contents of the tables (e.g., GSUB and GPOS), then the filename extension
> > still isn't adequate, because .ttf files can and do include those tables
> > (see Noto and many many others).
>
> I do not know how to inspect the tables, but the `file` tool indicates
> that creep2.ttf (provided by upstream) and creep2.otb (built by the
> package) are reported as TrueType fonts with BDF tables:
>
>
There are a couple of passable options. FontForge *can* show you all the
contents, but the drawback is that it doesn't have a good concept of
"general overview" and instead it's all split up into different panes of
different editable info-windows.

The much easier option (IMO) is probably the "TTX" tool, which is a
round-trip-through XML tool, but it has several convenience switches, too,
letting you just look at stuff.

So you can run `ttx -l somefilename.ttf` (or whatever it is) and it will
just list the tables by name.


> $ file creep2.{ttf,otb}
> $ creep2.ttf: TrueType Font data, 16 tables, 1st "BDF ", 14 names,
> Macintosh
> $ creep2.otb: TrueType Font data, 15 tables, 1st "BDF ", 14 names,
> Macintosh
>
> If I take an other font in the opentype directory, the `file` tool
> report the file as OpenType:
>
> $ file /usr/share/fonts/opentype/cantarell/Cantarell-Bold.otf
> /usr/share/fonts/opentype/cantarell/Cantarell-Bold.otf: OpenType font
> data
>

I suspect that it's seeing the filename extension first, then doing
as-efficient-of-a-test-as-it-can ... so kind of "file says .ttf, are the
first few bytes a valid TrueType file? If yes say TrueType". And if you
rename the file it'd be "file says .otf, are the first few bytes a valid
OpenType file? If yes say OpenType"

But when it doesn't recognize .otb it probably tests for TrueType first.

I did glance at the source for the `file` utility, but I can't parse it;
not easy stuff if you're not familiar with that codebase I guess.


> > > nice to be fixed. This bug is reported by Lintian under the tag
> > > `truetype-font-wrong-filename`.
> >
> > Well, if that's so, then this indicates that Lintian is likely overdue
> for a
> > refresh on how it determines these things. That might be a big
> undertaking;
> > I don't know at the moment.
>
> I have looked at the source code of Lintian, and the current checks [1]
> are quite simple. Quoting:
>
> return
>   unless $file->file_type =~ /^TrueType Font data/;
>
> $self->pointed_hint('truetype-font-wrong-filename', $file->pointer)
>   unless $file->name =~ /\.ttf$/i;
>
> So the check is "if the file type is TrueType and extension != .ttf,
> report warning".
>
> [1]
> https://salsa.debian.org/lintian/lintian/-/blob/ea05801918ed0e87824d89bf16a6ee166450b977/lib/Lintian/Check/Fonts/Truetype.pm
>
>
Yeah, I looked at that too... It seems like it's reliant on an external
TrueType library for the "TrueType Font data" token, but I really don't
know Perl; that may be clearer to trace for someone who does. I wouldn't
know valid Perl if it rode up on a camel in a Hawaiian shirt, sorry to say.

It's definitely testing those things in sequential order though;
understandable but if you reversed the order of the tests it might report
different conclusions on the same input.


> > However, with this particular font:
> > >
> > > The problem is that the font is located in /usr/share/fonts/opentype
> > > instead of /usr/share/fonts/truetype, and that its name is creep2.otb
> > > instead of creep2.ttf.
> >
> > The .otb extension (as well as the .bdf in the package) indicates that
> this
> > is a bitmap font re-wrapped in an OpenType table structure (see
> > https://github.com/fonttools/fonttools/issues/684 for the history, and
> code
> > at https://github.com/freedesktop/fonttosfnt or possibly
> > https://github.com/ctrlcctrlv/bitmapfont2otb for the internal details);
> that
> > definitely makes it an OpenType font and not a TrueType font, because the
> > older TrueType spec did not allow that sort of skullduggery: it required
> > vector outlines.
>
> I really have the impression that the generated file has a TrueType
> table structure instead of an OpenType table structure according to the
> `file` command (and the check done by lintian on the file_type). I
> really need to find a way to be sure that the creep2.otb file is really
> an Opentype file and not "just" a TrueType file.
>

They are the same structure. The tables use the same format; some recent
tables in the OpenType spec were not around when TrueType was
replaced/upcycled by OpenType; that's the only distinction. "OpenType" as a
name was basically rebranding so that Adobe would not have to admit it was
also using Apple's TrueType format. Well, and there is certainly value in
having it be an open specification that others can add to (as has happened
over the years).

Unfortunately there is quite a bit of ambiguity

Bug#1031643: bring hostname variable back

2023-04-08 Thread Andreas B. Mundt 
Hi,

perhaps something like the following in [1] could be a fix:

diff --git a/env2debconf b/env2debconf
index 3032235..80394a4 100755
--- a/env2debconf
+++ b/env2debconf
@@ -3,6 +3,12 @@
 set -e
 export DEBIAN_FRONTEND=none
 . /usr/share/debconf/confmodule
+
+if [ "$(hostname)" != '(none)' ]; then
+   # the hostname has been set as boot param, bring it back here
+   hostname="$(hostname)"
+fi
+

I am not familiar with the code, but from checking the installer
console right at the beginning of the installation, this could
work.

Best regards,

  Andi


[1] https://salsa.debian.org/installer-team/preseed/-/blob/master/env2debconf

Bug#1034082: w3m: Typo in German README.func

2023-04-08 Thread Markus Hiereth 
Package: w3m
Version: 0.5.3-37
Severity: minor

Dear Tatsuya,

Rene Kita found a spelling mistake in the German description for the 
functions SELECT and SELECT_MENU. Is is present in the stable and the 
most recent versions. There, the third f in the word "Puffferstapel" 
needs to be removed. His patch is attached.

Thanks for introducing his corrections. Best regards
Markus

-- System Information:
Debian Release: 11.5
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 5.10.0-9-686-pae (SMP w/1 CPU thread)
Locale: LANG=de_DE.ISO-8859-1, LC_CTYPE=de_DE.ISO-8859-1 (charmap=ISO-8859-1), 
LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages w3m depends on:
ii  libc6  2.32-4
ii  libgc1c2   1:7.6.4-0.4
ii  libgpm21.20.7-8
ii  libssl1.1  1.1.1n-0+deb11u3
ii  libtinfo6  6.2+20201114-2
ii  zlib1g 1:1.2.11.dfsg-2+deb11u2

Versions of packages w3m recommends:
ii  ca-certificates  20210119

Versions of packages w3m suggests:
pn  cmigemo 
ii  curl7.74.0-1.3+deb11u3
pn  dict
pn  dict-wn 
pn  dictd   
pn  libsixel-bin
ii  man-db  2.9.4-2
ii  mime-support3.66
pn  mpv 
ii  sensible-utils  0.0.14
pn  w3m-el  
pn  w3m-img 
ii  wget1.21-1+deb11u1
ii  xdg-utils   1.1.3-4.1
pn  xsel

-- no debconf information
 doc-de/README.func | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc-de/README.func b/doc-de/README.func
index cb175db4..c59cbdfc 100644
--- a/doc-de/README.func
+++ b/doc-de/README.func
@@ -122,8 +122,8 @@ SEARCH_BACK Suche rückwärts
 SEARCH_FORESuche vorwärts
 SEARCH_NEXTSetze Suche vorwärts fort
 SEARCH_PREVSetze Suche rückwärts fort
-SELECT Zeige Puffferstapel-Übersicht
-SELECT_MENUÖffne Puffferstapel-Menü
+SELECT Zeige Pufferstapel-Übersicht
+SELECT_MENUÖffne Pufferstapel-Menü
 SETENV Setze Umgebungsvariable
 SET_OPTION Setze Option
 SHELL  Führe Shell-Befehl aus und zeige Ausgabe an
-- 
2.39.2.702.g61fb29f123

diff --git a/doc-de/README.func b/doc-de/README.func
index cb175db4..c59cbdfc 100644
--- a/doc-de/README.func
+++ b/doc-de/README.func
@@ -122,8 +122,8 @@ SEARCH_BACK Suche rückwärts
 SEARCH_FORESuche vorwärts
 SEARCH_NEXTSetze Suche vorwärts fort
 SEARCH_PREVSetze Suche rückwärts fort
-SELECT Zeige Puffferstapel-Übersicht
-SELECT_MENUÖffne Puffferstapel-Menü
+SELECT Zeige Pufferstapel-Übersicht
+SELECT_MENUÖffne Pufferstapel-Menü
 SETENV Setze Umgebungsvariable
 SET_OPTION Setze Option
 SHELL  Führe Shell-Befehl aus und zeige Ausgabe an

Bug#1028104: libboost-dev: Boost with C++20 uses unavailable std functions

2023-04-08 Thread Anton Gladky 
Hi,

I think there is a risk that something needs to be fixed, as there are
no RC bugs against libboost-dev.

It seems like boost1.81 is not affected by this problem. So, if
somebody needs a newer library, they can
take libboost1.81-dev, which is available for bookworm. I would not
fix anything in boost shortly before release.

Paul, if you have some use cases where a small fix is really
necessary, we can discuss it. Otherwise, I would leave it as it is.

Best regards,

Anton


Anton


Am Di., 21. März 2023 um 22:03 Uhr schrieb Paul Gevers :
>
> Hi,
>
> On Sun, 08 Jan 2023 00:26:39 +0100 Andreas Beckmann  wrote:
> > This happens with g++-12 but not with g++-11.
> > It is fixed in the boost version in experimental.
>
> Any chance for a *targeted* fix in bookworm?
>
> Paul

Bug#1034081: openbgpd: FTBFS twice in a row: src/bgpd/parse.c cannot be regenerated

2023-04-08 Thread Andreas Beckmann 
Source: openbgpd
Version: 7.9-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source twice in a row

Hi,

openbgpd/experimental fails to build twice in a row. (I haven't checked
whether the version in sid has the same problem.)

The first build succeeds, a subsequent make distclean deletes
src/bgpd/parse.c:

...
Making distclean in src/bgpd
make[2]: Entering directory '/build/openbgpd-7.9/src/bgpd'
test -z "bgpd.8 bgpd.conf.5 parse.c" || rm -f bgpd.8 bgpd.conf.5 parse.c
...

the following dpkg-source reports the file as missing :

 dpkg-source -b .
dpkg-source: info: using source format '3.0 (quilt)'
dpkg-source: info: verifying ./openbgpd_7.9.orig.tar.gz.asc
dpkg-source: info: building openbgpd using existing ./openbgpd_7.9.orig.tar.gz
dpkg-source: info: building openbgpd using existing 
./openbgpd_7.9.orig.tar.gz.asc
dpkg-source: info: using patch list from debian/patches/series
dpkg-source: warning: ignoring deletion of file ltmain.sh, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file Makefile.in, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file aclocal.m4, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file configure, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file src/bgplgd/Makefile.in, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file src/bgpctl/Makefile.in, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file src/bgpd/parse.c, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file src/bgpd/Makefile.in, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file compat/Makefile.in, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file include/Makefile.in, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file m4/lt~obsolete.m4, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file m4/ltversion.m4, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file m4/ltsugar.m4, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file m4/ltoptions.m4, use 
--include-removal to override
dpkg-source: warning: ignoring deletion of file m4/libtool.m4, use 
--include-removal to override
dpkg-source: info: building openbgpd in openbgpd_7.9-1.debian.tar.xz
dpkg-source: info: building openbgpd in openbgpd_7.9-1.dsc

but the second build fails:

...
/bin/bash ../../ylwrap parse.y y.tab.c parse.c y.tab.h `echo parse.c | sed -e 
s/cc$/hh/ -e s/cpp$/hpp/ -e s/cxx$/hxx/ -e s/c++$/h++/ -e s/c$/h/` y.output 
parse.output -- yacc
../../ylwrap: line 175: yacc: command not found
make[2]: *** [Makefile:1148: parse.c] Error 127
make[2]: *** Waiting for unfinished jobs
make[2]: Leaving directory '/build/openbgpd-7.9/src/bgpd'
make[1]: *** [Makefile:401: all-recursive] Error 1
make[1]: Leaving directory '/build/openbgpd-7.9'
dh_auto_build: error: make -j3 returned exit code 2


Shouldn't that file be deleted and regenerated during a regular build,
too?


Andreas


openbgpd_7.9-1_twice.log.gz
Description: application/gzip

Bug#1034080: sdop: fails to clean after successful build: No rule to make target 'distclean'.

2023-04-08 Thread Andreas Beckmann 
Source: sdop
Version: 1.00-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source twice in a row

Hi,

sdop/experimental fails to build twice in a row. (I haven't checked
whether the package in sid has the same problem.)
The first build succeeds, but the subsequent clean fails:

 debian/rules clean
dh clean
   dh_auto_clean
make -j3 distclean
make[1]: Entering directory '/build/sdop-1.00'
make[1]: *** No rule to make target 'distclean'.  Stop.
make[1]: Leaving directory '/build/sdop-1.00'
dh_auto_clean: error: make -j3 distclean returned exit code 2
make: *** [debian/rules:17: clean] Error 25


Andreas


sdop_1.00-1_twice.log.gz
Description: application/gzip

Bug#1034079: wheel: fails to clean after successful build: rm: cannot remove './docs/_build': Is a directory

2023-04-08 Thread Andreas Beckmann 
Source: wheel
Version: 0.40.0-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source

Hi,

wheel/experimental fails to build twice in a row. Cleaning after a
successful build fails:

   dh_clean -O--buildsystem=pybuild
rm -f debian/debhelper-build-stamp
rm -rf debian/.debhelper/
rm -f debian/python3-wheel-whl.debhelper.log 
debian/python3-wheel.debhelper.log
rm -f -- debian/python3-wheel.substvars 
debian/python3-wheel.postinst.debhelper debian/python3-wheel.prerm.debhelper 
debian/python-wheel-common.substvars debian/python3-wheel-whl.substvars 
./docs/_build debian/files
rm: cannot remove './docs/_build': Is a directory
dh_clean: error: rm -f -- debian/python3-wheel.substvars 
debian/python3-wheel.postinst.debhelper debian/python3-wheel.prerm.debhelper 
debian/python-wheel-common.substvars debian/python3-wheel-whl.substvars 
./docs/_build debian/files returned exit code 1
make: *** [debian/rules:12: clean] Error 25

I haven't checked the source, but this looks like debian/clean is
missing a trailing / on the ./docs/_build entry.

This might affect the package in sid, too, but I havent checked that.


Andreas


wheel_0.40.0-1_twice.log.gz
Description: application/gzip

Bug#1034078: lua-readline: regression in how EOF is reported

2023-04-08 Thread Kim Alvefur 
Package: lua-readline
Version: 3.2-1+b1
Severity: important
Tags: upstream

Dear Maintainer,

The lua-readline package changed how end-of-file is reported back,
which may cause Ctrl-D to no longer behave as expected in programs that
use lua-readline.

Noticed while testing Prosody on Debian testing, reproducible by
attempting to exit from `prosodyctl shell` by pressing Ctrl-D to send
EOF.

affects prosody

I have reported this to the upstream author via email as I did not find
any public bug tracker.

-- 
Regards,
Kim "Zash" Alvefur
Prosody developer

-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-7-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages lua-readline depends on:
ii  libc6 2.36-8
ii  libreadline8  8.2-1.3
ii  lua-posix 33.4.0-3+b1

lua-readline recommends no packages.

lua-readline suggests no packages.

-- no debconf information

Bug#1034060: unblock: aide/0.18.2-1

2023-04-08 Thread Marc Haber 
On Fri, Apr 07, 2023 at 07:34:54PM +0200, Marc Haber wrote:
> I am attaching the upstream diff between 0.18.1 and 0.18.2, pulled apart
> to the respective commits, 273 lines length including commit messages,
> comments and the noise caused by the release.

Forgot trhe attachment.

-- 
-
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany|  lose things."Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421
commit 3d5b18b9e5e1c51533ac01d8acd3499b2f9fcc2e
Author: Hannes von Haugwitz 
Date:   Fri Apr 7 16:06:18 2023 +0200

Release aide 0.18.2

commit adc07f01042f327b78e4e787bb0afbbae73d566a
Author: Hannes von Haugwitz 
Date:   Mon Apr 3 21:15:05 2023 +0200

Add another missing lock for tree operations

commit d3376eb6523bbae5ee8b8ea32c14355045524e12
Author: Hannes von Haugwitz 
Date:   Sat Apr 1 11:21:54 2023 +0200

Add missing lock for tree operations during file system scan

commit 5d46267c5d72bc2263aba76496707490acdb2a28
Author: Hannes von Haugwitz 
Date:   Wed Mar 8 20:50:58 2023 +0100

Add warning if rules contain not compiled-in attributes
commit 5d46267c5d72bc2263aba76496707490acdb2a28
Author: Hannes von Haugwitz 
Date:   Wed Mar 8 20:50:58 2023 +0100

Add warning if rules contain not compiled-in attributes

diff --git a/ChangeLog b/ChangeLog
index 31ff00c..b6435bf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+2023-03-08 Hannes von Haugwitz 
+   * Add warning if rules contain not compiled-in attributes (closes: #153)
+
 2023-03-04 Hannes von Haugwitz 
* Release aide 0.18.1
 
diff --git a/NEWS b/NEWS
index 88ae5af..97db895 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,6 @@
+Version 0.18.2 (UNRELEASED)
+* Add warning if rules contain not compiled-in attributes
+
 Version 0.18.1 (2023-03-04)
 * Fix handling of empty growing files
 * Fix segfault when using --dry-init
diff --git a/src/commandconf.c b/src/commandconf.c
index 1fcfbaa..e5ef8b9 100644
--- a/src/commandconf.c
+++ b/src/commandconf.c
@@ -338,14 +338,40 @@ bool add_rx_rule_to_tree(char* rx, char* rule_prefix, 
RESTRICTION_TYPE restricti
 r->config_line = checked_strdup(linebuf);
 r->prefix = rule_prefix;
 
+char *str;
+
 DB_ATTR_TYPE unsupported_hashes = 
attr&(get_hashes(true)&~get_hashes(false));
 if (unsupported_hashes) {
-char *str;
 LOG_CONFIG_FORMAT_LINE(LOG_LEVEL_WARNING, "ignoring unsupported 
hash algorithm(s): %s", str = diff_attributes(0, unsupported_hashes));
 free(str);
 attr &= ~unsupported_hashes;
 }
 
+DB_ATTR_TYPE unsupported_attrs = attr&
+(0
+#ifndef WITH_ACL
+ |ATTR(attr_acl)
+#endif
+#ifndef WITH_SELINUX
+ |ATTR(attr_selinux)
+#endif
+#ifndef WITH_XATTR
+ |ATTR(attr_xattrs)
+#endif
+#ifndef WITH_E2FSATTRS
+ |ATTR(attr_e2fsattrs)
+#endif
+#ifndef WITH_CAPABILITIES
+ |ATTR(attr_capabilities)
+#endif
+)
+;
+if (unsupported_attrs) {
+LOG_CONFIG_FORMAT_LINE(LOG_LEVEL_WARNING, "ignoring not 
compiiled-in attribute(s): %s", str = diff_attributes(0, unsupported_attrs));
+free(str);
+attr &= ~unsupported_attrs;
+}
+
 r->attr=attr;
 if (attr(attr_sizeg)) {
 log_msg(LOG_LEVEL_NOTICE, "%s:%d: Using 'S' attribute is 
DEPRECATED and will be removed in the release after next. Update your config 
and use 'growing+s' instead (line: '%s')", filename, linenumber, linebuf);
commit d3376eb6523bbae5ee8b8ea32c14355045524e12
Author: Hannes von Haugwitz 
Date:   Sat Apr 1 11:21:54 2023 +0200

Add missing lock for tree operations during file system scan

diff --git a/ChangeLog b/ChangeLog
index b6435bf..80d0366 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+2023-04-01 Hannes von Haugwitz 
+   * Add missing lock for tree operations during file system scan
+
 2023-03-08 Hannes von Haugwitz 
* Add warning if rules contain not compiled-in attributes (closes: #153)
 
diff --git a/NEWS b/NEWS
index 97db895..5904559 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,6 @@
 Version 0.18.2 (UNRELEASED)
 * Add warning if rules contain not compiled-in attributes
+* Add missing lock for tree operations during file system scan
 
 Version 0.18.1 (2023-03-04)
 * Fix handling of empty growing files
diff --git a/src/db_disk.c b/src/db_disk.c
index a1f1606..1bc91bb 100644
--- a/src/db_disk.c
+++ b/src/db_disk.c
@@ -46,6 +46,10 @@
 #include 
 #endif
 
+#ifdef WITH_PTHREAD
+pthread_mutex_t seltree_mutex = PTHREAD_MUTEX_INITIALIZER;
+#endif
+
 static int get_file_status(char *filename, struct stat *fs) {
 int sres = 0;
 sres = lstat(filename,fs);
@@ -121,7 +125,13 @@ void scan_dir(char *root_path, bool dry_run) {

Bug#988068: Another case where the current apparmor profile causes problems

2023-04-08 Thread Nathan Collins 
On Mon, 25 Apr 2022 15:12:17 +0200 Henrik Christian Grove 
wrote:
>
> Instead of wasting time configuring and running a location service, I
> just had a number of slightly different configuration files for redshift
> (with different manual locations specified) and would just let
> `.config/redshift.conf` be a symlink to the one corresponding to my
> current location. (And do some extra work in new locations)
>
> That didn't work with the discussed restriction (but I could easily put
> all the different configs in `.config/redshift/`.
>
> For now my workaround was simply to replace the symlink with a copy.
>

I'm having a similar problem, because my redshift config file is in version
control, and ~/.config/redshift.conf is a symlink to the version controlled
file. I changed it to a hardlink, which allows redshift to read the config
file, but this is not a robust solution.

I don't know anything about apparmor, but is there some hope that the
config could be changed to follow symlinks? Or perhaps that "defeats the
purpose" of apparmor?

Bug#1033625: closed by Brian Potkin (Re: Bug#1033625:)

2023-04-08 Thread Johan Kröckel 
So this is a bug in cups-browsed?

Am Do., 30. März 2023 um 19:23 Uhr schrieb Brian Potkin <
claremont...@gmail.com>:

> On Thu 30 Mar 2023 at 15:54:09 +0200, Johan Kröckel wrote:
>
> > Hi Brian,
> >
> > thanks for your help. But isn't it still a bug that cups is creating a
> > printer(-queue) that not only does not work, but also when using it opens
> > connections to the printer for hours? I think about the situation, that
> you
> > have many bookworm clients in the network, this could amount to a denial
> of
> > service.
> >
> > I deleted the not working Kyocera_ECOSYS_M5526cdw but cups keeps
> recreating
> > it when I connect to the corresponding network.
>
> The auto-creation of the queue (the one shown by 'lpstat -t' and that keeps
> coming back after deletion) is done by cups-browsed, not by CUPS. Let's try
> this:
>
> Purge cups-browsed with
>
>  apt purge cups-browsed
>
> Then do
>
>  rm  rm /var/cache/cups/*
>
> (the files will be regenerated) and restart cups.
>
>  systemctl restart cups
>
> 'lstsat -l -e' should show a printer name. Can it be used to print?
> 'lpstat -t'
> should not have implicitclass and should show the manually set up printer,
>
> Cheers,
>
> Brian.
>

Bug#580152: Still an issue in current apt

2023-04-08 Thread Josh Triplett 
I ran into this recently.

For .d directories like /etc/apt/preferences.d, it'd be nice if apt were
silent about the directory not existing, and if it just treated that the
same as an empty directory.