date:20230425

Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22

2023-04-25 Thread Thomas Dorner

Hello Hannes,

thanks for the quick response.

> How many files are in the AIDE database on a successful run? Does this
> number significantly differ when the aide check fails?

You mean the /var/lib/aide/aide.db?
# zcat /var/lib/aide/aide.db | wc
 755240 21146627 442199792

The /var/lib/aide/aide.db after a failed one is always size 0.

> Is 0.18.2-1 the only version you experience this behaviour or does
> this error also occur with an older version?

I've never encountered this before, but I did not work with the
specific directory tree parallel to the AIDE run for at least 3 weeks
before the this one.

> Independently of the issue above, it might make sense to exclude this
> directory.

That's the work-around I'll put in place till you try something
different.

Best regards, Thomas
-- 
퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻

Bug#1034479: [pre-approval] unblock: rocprim/5.3.3-4

2023-04-25 Thread Paul Gevers


Control: tags -1 moreinfo

Hi Christian,

On 16-04-2023 14:05, Christian Kastner wrote:

This version in itself isn't controversial, but unfortunately the
previous version 5.3.3-3 did not yet migrate to testing, so I'm asking
for pre-approval to to 5.3.3-4 and allow it to eventually migrate, and
otherwise guidance for an alternative solution.


Ack. I'm uncomfortable with the changes in -3, in particular the 
arch:any -> arch:all and associated lib -> shared move. I propose you 
upload a version -4 which reverts -3 for now and only adds the missing 
dependency. experimental and later trixie is there to take the current 
changes.


Please remove the moreinfo tag once the package is in unstable.

Paul


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1034763: unblock: grub2/2.06-12

2023-04-25 Thread Paul Gevers


Hi Steve,

Thanks a lot for the upload.

On 23-04-2023 21:43, Steve McIntyre wrote:

We've pulled in some really important fixes for GRUB, that I think are
important and should definitely be part of the bookworm release:


Ack.


unblock grub2/2.06-12
unblock grub-efi-amd64-signed/1+2.06+12
unblock grub-efi-arm64-signed/1+2.06+12
unblock grub-efi-ia32-signed/1+2.06+12


unblocked.

Paul
PS: I'll leave the appropriate aging to kibi; whenever he's fine it can 
migrate


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1034863: unblock: guix/1.4.0-3

2023-04-25 Thread Vagrant Cascadian

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: g...@packages.debian.org, vagr...@debian.org
Control: affects -1 + src:guix

Please unblock package guix

[ Reason ]

In Guix 1.4.0 upstream configured an additional substitute server by
default, but I neglected to properly add the signing key for it to
properly work out of the box in the Debian package.

[ Impact ]

The behavior of Debian's guix package will not break assumptions of
the guix community, documentation, etc. which assume both substitute
servers will be enabled by default. If the other substitute server is
down for any reason, the end user will end up rebuilding many
substitutes instead of downloading them from the other server.

[ Tests ]

Performing "guix pull --substitute-urls=https://bordeaux.guix.gnu.org;
successfully downloads substitutes from bordeaux instead of
https://ci.guix.gnu.org. Normally ci.guix.gnu.org is preferred, so
without explicitly specifying substitute-urls you might not notice the
other substitute server is not fully enabled.

[ Risks ]

People upgrading from older versions will need to ACK the conffile
change to fully enable the new substitute server, or add it manually.

[ Checklist ]
  [X] all changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in testing

[ Other info ]

Nothing springs to mind!

Thanks for considering!

unblock guix/1.4.0-3

live well,
  vagrant

diff -Nru guix-1.4.0/debian/changelog guix-1.4.0/debian/changelog
--- guix-1.4.0/debian/changelog 2022-12-18 16:22:23.0 -0800
+++ guix-1.4.0/debian/changelog 2023-04-21 18:35:03.0 -0700
@@ -1,3 +1,15 @@
+guix (1.4.0-3) unstable; urgency=medium
+
+  * debian/rules: Fix syntax of /etc/guix/acl file.
+
+ -- Vagrant Cascadian   Fri, 21 Apr 2023 18:35:03 -0700
+
+guix (1.4.0-2) unstable; urgency=medium
+
+  * debian/rules: Add "bordeaux" substitute server to /etc/guix/acl.
+
+ -- Vagrant Cascadian   Thu, 20 Apr 2023 22:15:09 -0700
+
 guix (1.4.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru guix-1.4.0/debian/rules guix-1.4.0/debian/rules
--- guix-1.4.0/debian/rules 2022-12-18 16:22:13.0 -0800
+++ guix-1.4.0/debian/rules 2023-04-21 18:06:27.0 -0700
@@ -54,11 +54,13 @@
debian/guix/lib/systemd/system/gnu-store.mount
# guix-gc is installed via examples
rm -f debian/guix/usr/lib/*/systemd/system/guix-gc.*
-   # Add /etc/default/acl with the default substitute server,
+   # Add /etc/default/acl with the default substitute servers,
# with identical output as "guix archive --authorize"
mkdir -p debian/guix/etc/guix/
printf '(acl\n (entry\n' > debian/guix/etc/guix/acl
sed -e 's,^,  ,g' -e 's, $$,,g' etc/substitutes/ci.guix.gnu.org.pub >> 
debian/guix/etc/guix/acl
+   printf '  (tag\n   (guix import)\n   )\n  )\n (entry\n' >> 
debian/guix/etc/guix/acl
+   sed -e 's,^,  ,g' -e 's, $$,,g' 
etc/substitutes/bordeaux.guix.gnu.org.pub >> debian/guix/etc/guix/acl
printf '  (tag\n   (guix import)\n   )\n  )\n )\n' >> 
debian/guix/etc/guix/acl
rmdir debian/guix/usr/lib/*/systemd/system/
rmdir debian/guix/usr/lib/*/systemd/



signature.asc
Description: PGP signature

Bug#1034828:

2023-04-25 Thread Aron Xu

As discussed, this issue could be in the dnf package which didn't have
the PLUGINPATH updated to Debian's path, which could be verified in
/usr/lib/python3/dist-packages/dnf/const.py.

Can be worked around by adding the following line in [main] section of
/etc/dnf/dnf.conf:
pluginpath=/usr/lib/python3/dist-packages/dnf-plugins

Regards,
Aron

Bug#1034733: unblock: irony-mode/1.5.0-5

2023-04-25 Thread Paul Gevers


Hi Nicholas,

On 23-04-2023 00:06, Nicholas D Steeves wrote:

unblock irony-mode/1.5.0-5


llvm-toolchain-15 isn't expected to change and migration in it's current 
for is not accepted. Please upload your changes to tpu, with only a new 
changelog entry targeting 'bookworm', preferably with version 
1.5.0-5+deb12u1.


Paul


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1034733: unblock: irony-mode/1.5.0-5

2023-04-25 Thread Paul Gevers


Control: tags -1 moreinfo confirmed

Hi,

On 26-04-2023 06:39, Paul Gevers wrote:
Please upload your changes to tpu, with only a new 
changelog entry targeting 'bookworm', preferably with version 
1.5.0-5+deb12u1.


Forgot to say, please remove the moreinfo tag when the package is in the 
archive.


Paul


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1034733: unblock: irony-mode/1.5.0-5

2023-04-25 Thread Cyril Brulebois

Nicholas D Steeves  (2023-04-25):
> I had added this block in error.  Llvm-15-toolchain/1:15.0.6-4, which is
> in bookworm, fulfills the requirements for irony-mode/1.5.0-5.

Not really, with such dependency:

libclang1-15 (>= 1:15.0.7-1)

vs.

llvm-toolchain-15 | 1:15.0.6-4| testing| source


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1034310: [digikam] [Bug 466170] Digikam 7.9.0 (and 7.8.0) crashes on startup

2023-04-25 Thread Steven Robbins

On Tuesday, April 25, 2023 12:50:39 P.M. CDT Rainer Dorsch wrote:
> Am Dienstag, 25. April 2023, 03:51:44 CEST schrieben Sie:
> > I'd be interested to know if the issue persists on your system after
> > upgrading.
> 
> Yes, it repros always.

OK.

> -- System Information:
> Debian Release: 12.0
>   APT prefers testing-security
>   APT policy: (500, 'testing-security'), (500, 'testing-debug'), (105,
> 'testing')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 6.1.0-7-amd64 (SMP w/6 CPU threads; PREEMPT)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
> LANGUAGE=de:en_US

I'm still not able to reproduce the issue.  Today I was trying with the same 
locale as you (de_DE.UTF-8).   I have seen issues in the past with certain 
locales -- typically in software that isn't careful enough and gets into 
trouble when a locale switches the period and comma in number formats.  

Even though I wasn't able to reproduce the problem here, it would be 
interesting if you can try with locale set to en_US for example:

I have no idea where else to look.  Given that no-one else has reported this, 
I'm leaning towards downgrading the severity to keep digikam in the upcoming 
release.

-Steve

signature.asc
Description: This is a digitally signed message part.

Bug#1034810: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u1

2023-04-25 Thread Cyril Brulebois

Control: tag -1 confirmed

Guilhem Moulin  (2023-04-25):
> It was discovered that the upstream patch mitigating #1028250 was
> incomplete: `cryptsetup luksFormat` still caused OOM on some memory
> constrained systems.  This was fixed upstream in a new MR, which is
> backported in sid in 2:2.6.1-4.
> 
> Unfortunately the version (like -3) is barred from entering testing due
> to a dependency on libargon2-1-udeb ≥0~20190702+dfsg, hence the request
> to go via t-p-u instead.  See https://bugs.debian.org/1032235#107 .
> 
> [ Impact ]
> 
> Running `cryptsetup luksFormat` might OOM on systems with ≤1G RAM when
> the memory pressure exceeds 50%.  Concretely, that means one might not
> be able to relying use the “encrypted LVM” partitioning scheme from the
> graphical installer on such systems.
> 
> [ Tests ]
> 
>  * DEP-8 tests, incl. full upstream test suite and cryptroot tests.
>  * Comparison of memory costs between releases from d-i depending on the
>amount of RAM: https://bugs.debian.org/1028250#78 .
> 
> [ Risks ]
> 
> The change only affets systems with <2G RAM, and among those only the
> ones without swap area.  That includes low-memory rescue systems and
> d-i, but not “normal systems”.

The backporting from unstable looks sane to me, please go ahead.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1034809: bookworm-pu: package argon2/0~20171227-0.3+deb12u1

2023-04-25 Thread Cyril Brulebois

Control: tag -1 confirmed

Salut Guilhem,

Guilhem Moulin  (2023-04-25):
> diffstat for argon2-0~20171227 argon2-0~20171227
> 
>  changelog|   18 ++
>  control  |1 +
>  gbp.conf |2 +-
>  libargon2-1-udeb.install |2 ++

People wanting to toy around with the debdiff must remember to set the
.install +x otherwise there's a nice FTBFS right around the corner! :D

>  rules|   11 ---
>  5 files changed, 22 insertions(+), 12 deletions(-)
> 
> diff -Nru argon2-0~20171227/debian/changelog 
> argon2-0~20171227/debian/changelog
> --- argon2-0~20171227/debian/changelog2022-02-13 10:41:34.0 
> +0100
> +++ argon2-0~20171227/debian/changelog2023-04-21 21:29:33.0 
> +0200
> @@ -1,3 +1,21 @@
> +argon2 (0~20171227-0.3+deb12u1) bookworm; urgency=medium

Since there was no 0~20171227-0.4 upload ever, this slightly shorter
version number could be used instead, but both are fine with me.

> +  * Non-maintainer upload.
> +
> +  [ Bastian Germann ]
> +  * Add Breaks on cryptsetup-initramfs (see #1032235)

This could have been a little more verbose, but I've followed parts of
the backstory in that bug report anyway…

> +  [ Guilhem Moulin ]
> +  * d/gbp.conf: Set 'debian-branch = debian/bookworm'.
> +  * d/rules: Restore threading support to libargon2-1-udeb (closes: 
> #1034696).
> +This is beneficial for cryptsetup-udeb, see #1028250.  Removing threading
> +support in libargon2-1-udeb was done for historical reasons no longer
> +relevant since Debian Bookworm.  This also restores threading support to
> +argon2 which was inadvertently dropped in 0~20171227-0.1 (closes:
> +#1032234).
> +
> + -- Guilhem Moulin   Fri, 21 Apr 2023 21:29:33 +0200

Since I didn't want to wait much more, and since I didn't trust myself
to be entirely objective, I've done the following: apply this debdiff,
keep the timestamp from the previous entry to limit timestamp-related
differences, and use diffoscope between builds without and with that
debdiff.

I can confirm thread-related additions in the udeb, as desired.

I could also confirm their popping up for the argon2 executable, inside
the argon2 binary, but also in libargon2.a, inside the libargon2-1
binary.

I'm also seeing an old changelog entry going away, but that seems
consistent with this in dh_installchangelogs:

use constant CUTOFF_DATE_STR => "2019-07-06"; # oldstable = Debian 10 Buster

since that's the first argon2 build with that cutoff (last argon2 build
was early 2022, cutoff got added late 2022).

> --- argon2-0~20171227/debian/control  2022-02-13 10:41:34.0 +0100
> +++ argon2-0~20171227/debian/control  2023-04-21 21:29:33.0 +0200
> @@ -60,6 +60,7 @@
>  Architecture: any
>  Pre-Depends: ${misc:Pre-Depends}
>  Depends: ${shlibs:Depends}, ${misc:Depends}
> +Breaks: cryptsetup-initramfs (<<2:2.6.1-2)

FWIW: A space is customary after '<<' but it appears in the end (via
dh_gencontrol I suppose but I didn't check the exact inner workings).


With or without the version number tweaked (shortened), looks good to
me, please go ahead.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1034664: unblock: node-xml2js/0.4.23+~cs15.4.0+dfsg-5

2023-04-25 Thread Yadd


On 4/22/23 13:14, Sebastian Ramacher wrote:

Control: tags -1 moreinfo

On 2023-04-21 11:16:32 +0400, Yadd wrote:

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: node-xml...@packages.debian.org
Control: affects -1 + src:node-xml2js

Please unblock package node-xml2js


This upload is causing autopkgtest regressions:

node-xml2js (0.4.23+~cs15.4.0+dfsg-4 to 0.4.23+~cs15.4.0+dfsg-5)
 Maintainer: Debian Javascript Maintainers
 Migration status for node-xml2js (0.4.23+~cs15.4.0+dfsg-4 to 
0.4.23+~cs15.4.0+dfsg-5): BLOCKED: Rejected/violates migration 
policy/introduces a regression
 Issues preventing migration:
 ∙ ∙ autopkgtest for node-node-rest-client/3.1.1-2: amd64: Regression ♻  
(reference ♻), arm64: Regression ♻  (reference ♻), armel: Regression ♻  
(reference ♻), armhf: Regression ♻  (reference ♻), i386: Regression ♻  
(reference ♻), ppc64el: Regression ♻  (reference ♻), s390x: Regression ♻  
(reference ♻)
 ∙ ∙ autopkgtest for node-xml2js/0.4.23+~cs15.4.0+dfsg-5: amd64: Pass, 
arm64: Pass, armel: Pass, armhf: Pass, i386: Pass, ppc64el: Pass, s390x: Pass
 ∙ ∙ blocked by freeze: is a key package (Follow the freeze policy when 
applying for an unblock)
 ∙ ∙ Too young, only 1 of 20 days old
 Additional info:
 ∙ ∙ Piuparts tested OK - 
https://piuparts.debian.org/sid/source/n/node-xml2js.html

Please let us know once htey have been fixed.


Hi,

I just pushed node-xml2js 0.4.23+~cs15.4.0+dfsg-8.
In this new debdiff, instead of replacing `{}` by `Object.create(null)`, 
I filter the forbidden __proto__ key.
A new autopkgtest proves that CVE is fixed and node-node-rest-client 
test pass now


The explanation of this change is here: 
https://github.com/Leonidas-from-XIV/node-xml2js/issues/672


Cheers,
Yadd
diff --git a/debian/changelog b/debian/changelog
index 98492d7..be97d0c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,33 @@
+node-xml2js (0.4.23+~cs15.4.0+dfsg-8) unstable; urgency=medium
+
+  * Team upload
+  * Fix regression in node-node-rest-client tests
+
+ -- Yadd   Tue, 25 Apr 2023 17:53:28 +0400
+
+node-xml2js (0.4.23+~cs15.4.0+dfsg-7) unstable; urgency=medium
+
+  * Team upload
+  * Better fix for CVE-2023-0842
+
+ -- Yadd   Tue, 25 Apr 2023 15:48:55 +0400
+
+node-xml2js (0.4.23+~cs15.4.0+dfsg-6) unstable; urgency=medium
+
+  * Team upload
+  * Fix regression in node-node-rest-client tests
+
+ -- Yadd   Tue, 25 Apr 2023 13:51:05 +0400
+
+node-xml2js (0.4.23+~cs15.4.0+dfsg-5) unstable; urgency=medium
+
+  * Team upload
+  * Update standards version to 4.6.2, no changes needed.
+  * Update nodejs dependency to nodejs:any
+  * Add patch to prevent prototype pollution (Closes: #1034148, CVE-2023-0842)
+
+ -- Yadd   Fri, 21 Apr 2023 11:11:13 +0400
+
 node-xml2js (0.4.23+~cs15.4.0+dfsg-4) unstable; urgency=medium
 
   * Team upload
diff --git a/debian/control b/debian/control
index dc4d6d0..406a88d 100644
--- a/debian/control
+++ b/debian/control
@@ -10,7 +10,7 @@ Build-Depends:
  , node-sax 
  , dh-sequence-nodejs
  , node-diff
-Standards-Version: 4.6.1
+Standards-Version: 4.6.2
 Vcs-Browser: https://salsa.debian.org/js-team/node-xml2js
 Vcs-Git: https://salsa.debian.org/js-team/node-xml2js.git
 Homepage: https://github.com/Leonidas-from-XIV/node-xml2js
@@ -21,8 +21,8 @@ Architecture: all
 Depends:
  ${misc:Depends}
  , node-sax
- , nodejs
  , node-diff
+ , nodejs:any
 Provides: ${nodejs:Provides}
 Description: simple XML to JavaScript object converter - Node.js module
  xml2js parses XML using node-sax and converts it to a plain JavaScript
diff --git a/debian/patches/CVE-2023-0842.patch 
b/debian/patches/CVE-2023-0842.patch
new file mode 100644
index 000..6af0bd7
--- /dev/null
+++ b/debian/patches/CVE-2023-0842.patch
@@ -0,0 +1,114 @@
+Description: use Object.create(null) to create all parsed objects
+ (prevent prototype replacement)
+Author: James Crosby 
+Origin: upstream, commit:581b19a6
+Bug: https://github.com/advisories/GHSA-776f-qx25-q3cc
+Bug-Debian: https://bugs.debian.org/1034148
+Forwarded: not-needed
+Applied-Upstream: 0.5.0, commit:581b19a6
+Reviewed-By: Yadd 
+Last-Update: 2023-04-21
+
+--- a/src/parser.coffee
 b/src/parser.coffee
+@@ -107,14 +107,15 @@
+   obj[charkey] = ""
+   unless @options.ignoreAttrs
+ for own key of node.attributes
+-  if attrkey not of obj and not @options.mergeAttrs
+-obj[attrkey] = {}
++  if attrkey not of obj and attrkey != '__proto__' and not 
@options.mergeAttrs
++obj[attrkey] = Object.create(null)
+   newValue = if @options.attrValueProcessors then 
processItem(@options.attrValueProcessors, node.attributes[key], key) else 
node.attributes[key]
+   processedKey = if @options.attrNameProcessors then 
processItem(@options.attrNameProcessors, key) else key
+-  if @options.mergeAttrs
+-@assignOrPush obj, processedKey, newValue
+-

Bug#1026060: Bug: #1026060 -- mpv: dvb playback does not work anymore

2023-04-25 Thread Nicholas D Steeves

Hi Alf,

Alf  writes:

> On Sun, 23 Apr 2023 12:49:19 +0200 Alf  wrote:
> Further investigating the configuration also led to a solution for the higher 
> CPU load:
>
> SMPlayer seems not to evaluate my $HOME/.config/mpv/mpv.conf where I have 
> hardware accelleration enabled.
> I now have set it additionally in SMPlayers configuration under
[snip]
>
> Sorry for using this bug report to describe configuration hints for SMPlayer,
> but such informnation is hardly available in the web.

Thank you for confirming there wasn't a regression, as well as that it
was a config issue, and congrats on finding a fix!  Yes, I agree that
it's better to share hints like these rather than sit on them; however,
I worry that many people won't be able to find this info once this bug
is archived.  Would you please consider adding your findings to the
following article:

  https://wiki.debian.org/HardwareVideoAcceleration

It's an opportunity for us to do better than the Arch wiki ;)  I don't
remember if there's an application process for editor permissions these
days, but if there is feel free to link to this bug and mention me.

Cheers,
Nicholas

signature.asc
Description: PGP signature

Bug#1026060: mpv: dvb playback does not work anymore

2023-04-25 Thread Nicholas D Steeves

James Addison  writes:

> On Sun, 23 Apr 2023 at 00:28, Nicholas D Steeves  wrote:
>> The way always screen for this type of thing is using the
>> "elpa-git-timemachine" Emacs package
>
> That sounds like a nice feature integration.  I worry that I might be
> too many years into my vim usage to change course and learn emacs
> effectively.. but I'll consider it :)
>

Oh, vim.  Hmm.  In that case, the following seems to provide equivalent
functionality (I haven't tried it):

http://vimcasts.org/episodes/fugitive-vim-exploring-the-history-of-a-git-repository/

>> 'just saying, this was something you could have fixed, had you
>> needed/wanted to ;)
>
> In hindsight: yes, I think I probably should have attempted a fix
> alongside the report.  I've been trying not to jump onto bugthreads
> too quickly before having findings to share - as the release freeze
> continues though, I may have been starting to (over)react more
> quickly.

That's understandable, because Debian stable could end up having to live
with these bugs for two years.  As you know, there's also the freeze
policy, and associated risk/benefit analysis.

  https://release.debian.org/bullseye/freeze_policy.html

> So: next time!

Brilliant!  My availability is spotty, but feel free to CC me for
review, sponsorship, and related questions (ie: is this changes a
candidate for an unblock?)

Thank you for confirming mpv 0.35.1-4 didn't introduce a new regression.

> However: I do have problems playing an MP4 video file with the
> 'default' video output driver selected.  Maybe that is the same issue
> with VAAPI.. or maybe something else.  I'll spend some time to check,
> I think that either/both of those should be reported/followed in
> separate bug(s).

Yup, you're right.  There may also be documentation-related issues
related to VAAPI (ie there is now i965-va-driver, intel-media-va-driver,
and intel-media-va-driver-non-free), or maybe "default" is for mplayer
and not mpv.  'not sure if that's an autodetection bug or a
documentation bug.

Take care,
Nicholas

signature.asc
Description: PGP signature

Bug#1034862: radare2: New upstream version (5.8.4) with stable ABI

2023-04-25 Thread Elliot Speck


Package: radare2
Severity: wishlist

Hi all,

Radare2 was dropped due to its development model being incompatible
with Debian Stable, and hasn't been updated in quite some time. I
noticed that recent versions now advertise a stable ABI[1] to reduce
the amount of time and effort required for updates. Is it possible
to maybe bring radare2 (and iaito) back into the fold?

Warm regards,

Arcayr


1. https://github.com/radareorg/radare2/blob/master/doc/abi.md


-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.2.9-200.fc37.x86_64 (SMP w/24 CPU threads; PREEMPT)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash

Bug#1034861: ITP: libanyevent-riperedis-perl -- Flexible non-blocking Redis client

2023-04-25 Thread Alexander Zangerl

Package: wnpp
Severity: wishlist
Owner: Alexander Zangerl 
X-Debbugs-Cc: debian-de...@lists.debian.org

* Package name: libanyevent-riperedis-perl
  Version : 0.48
  Upstream Author : Eugene Ponizovsky, 
* URL : https://metacpan.org/release/AnyEvent-RipeRedis
* License : Artistic or GPL-1+
  Programming Lang: (pure) Perl
  Description : Flexible non-blocking Redis client
   This module provides a flexible non-blocking Redis client which
   supports subscriptions, transactions and automatic reconnection.


i'm packaging this because the sole alternative package in
debian (libanyevent-redis-perl) has fewer features, is buggier
and has an inactive upstream with a near-zero chance of fixes
(e.g. open issues and pull requests going back to 2013).

Bug#1034763: unblock: grub2/2.06-12

2023-04-25 Thread Cyril Brulebois

Hi release team fellows,

Steve McIntyre  (2023-04-23):
> I'm asking for an unblock *now* for these changes, so that people can
> review them. The os-prober update includes a new debconf template that
> we'll want translations for (and hence another/more grub upload(s)
> before release), but of course they should be ~zero-risk at that point.

It'd be lovely if someone had some spare cycles to look at this request
in the upcoming hours, or short number of days, as this is something
we'll want to get into the next D-I RC.

If that's not possible, I'll probably take responsibility for the review
and the possible unblock. I have a few more things to prepare anyway,
and I'm on no fixed schedule yet.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1034860: console-setup: building the source package is a mess

2023-04-25 Thread Cyril Brulebois

Source: console-setup
Severity: important

Hi,

`dpkg-buildpackage -S` is usually sufficient to build a source package,
and having all build dependencies might not even be needed. But for
console-setup, bdfresize and friends are needed because they are called
during clean?!

A source build log is attached.

It also means that build artifacts are included in the source package,
that are nowhere to be found in the git repository, which doesn't make
any sense. And if one dares trying to use `-nc` to dodge the clean
target, the following source debdiff appears:

 Fonts/bdf/legacy14a-double.bdf   |13560 -
 Fonts/bdf/legacy14b-double.bdf   |10235 
 Fonts/bdf/legacy14c-double.bdf   |10235 
 Fonts/bdf/legacy14d-double.bdf   |10165 
 Fonts/bdf/legacy14e-double.bdf   |11355 -
 Fonts/bdf/legacy14f-double.bdf   | 6420 
 Fonts/bdf/legacy14g-double.bdf   | 7750 
 Fonts/bdf/legacy14h-double.bdf   | 6630 
 Fonts/bdf/legacy14i-double.bdf   | 9710 
 Fonts/bdf/legacy14j-double.bdf   | 9710 
 Fonts/bdf/legacy14k-double.bdf   | 9710 
 Fonts/bdf/legacy14l-double.bdf   |10235 
 Fonts/bdf/legacy16a-double.bdf   |17994 -
 Fonts/bdf/legacy16b-double.bdf   |13002 -
 Fonts/bdf/legacy16c-double.bdf   |14679 -
 Fonts/bdf/legacy16d-double.bdf   |  
 Fonts/bdf/legacy16e-double.bdf   |15771 -
 Fonts/bdf/legacy16f-double.bdf   | 7152 
 Fonts/bdf/legacy16g-double.bdf   | 7386 
 Fonts/bdf/legacy16h-double.bdf   | 8751 
 Fonts/bdf/legacy16i-double.bdf   |10818 
 Fonts/bdf/legacy16j-double.bdf   |10623 
 Fonts/bdf/legacy16k-double.bdf   |11403 -
 Fonts/bdf/legacy16l-double.bdf   |10818 
 Fonts/bdf/legacy16m-double.bdf   |11403 -
 Fonts/bdf/u_vga16-double.bdf |113095 --
 Fonts/bdf/u_vga16_fix-double.bdf | 7173 
 Fonts/bdf/unifont.bdf|1313010 
-
 Keyboard/KeyboardNames.pl|  933 
 debian/po/templates.pot  |2 
 man/bdf2psf.1.txt|  147 
 man/ckbcomp.1.txt|  122 
 man/console-setup.5.txt  |  331 
 man/keyboard.5.txt   |  152 
 man/setupcon.1.txt   |  127 
 38 files changed, 54 insertions(+), 1700653 deletions(-)


Additionally, clean modifies debian/po/templates.pot which leaves a
modified file in the git tree if the l10n tooling shows a different
behaviour compared to the l10n infrastructure (l10n robot), e.g.
changing line-wrapping in addition to bumping the timestamp:

diff --git a/debian/po/templates.pot b/debian/po/templates.pot
index fb1879d..b371406 100644
--- a/debian/po/templates.pot
+++ b/debian/po/templates.pot
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: console-setup\n"
 "Report-Msgid-Bugs-To: console-se...@packages.debian.org\n"
-"POT-Creation-Date: 2020-10-28 20:01+\n"
+"POT-Creation-Date: 2023-04-25 23:14+\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME \n"
 "Language-Team: LANGUAGE \n"
@@ -445,9 +445,9 @@ msgstr ""
 #. :sl3:
 #: ../keyboard-configuration.templates:10001
 msgid ""
-"The default value for the options of the keyboard layout is XKBOPTIONS="
-"\"${XKBOPTIONS}\".  It is based on the currently defined language/region 
and "
-"the settings in /etc/X11/xorg.conf."
+"The default value for the options of the keyboard layout is "
+"XKBOPTIONS=\"${XKBOPTIONS}\".  It is based on the currently defined 
language/"
+"region and the settings in /etc/X11/xorg.conf."
 msgstr ""
 
 #. Type: boolean
@@ -664,8 +664,8 @@ msgstr ""
 #: ../keyboard-configuration.templates:11002
 msgid ""
 "Right Alt or Caps Lock keys are often chosen for ergonomic reasons (in 
the "
-"latter case, use the combination Shift+Caps Lock for normal Caps toggle). 
Alt"
-"+Shift is also a popular combination; it will however lose its usual "
+"latter case, use the combination Shift+Caps Lock for normal Caps toggle). 
"
+"Alt+Shift is also a popular combination; it will however lose its usual "
 "behavior in Emacs and other programs that use it for specific needs."
 msgstr ""


Looks to me a major Makefile overhaul is overdue!
 

Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant
 dpkg-buildpackage -us -uc -ui -S -i -I
dpkg-buildpackage: info: source package console-setup
dpkg-buildpackage: info: source version 1.219
dpkg-buildpackage: info: source distribution unstable
dpkg-buildpackage: info: source changed by Cyril Brulebois 
 dpkg-source -i -I --before-build .
 fakeroot debian/rules clean
rm -rf  
/home/kibi/debian-installer/packages/console-setup/Keyboard/linux-keymaps

Bug#1034854: [pkg-php-pear] Bug#1034854: symfony: autopkgtest regression: "error:10800075:PKCS7 routines::certificate verify error".

2023-04-25 Thread David Prévot



Hi Paul,

Thanks for the report.

Le 25/04/2023 à 21:43, Paul Gevers a écrit :

Source: symfony

[…]
Your package has an autopkgtest, great. However, it fails since April 
2023.


Meh, between 3 and 19 on Sid and between 11 and 21 on Bookworm.

[…]

Targeted fixes are still welcome.

[…]
7) 
Symfony\Component\Mime\Tests\Crypto\SMimeSignerTest::testSignedMessageExtraCerts
Verification of the message /tmp/phpe95PWJ failed. Internal error 
"error:10800075:PKCS7 routines::certificate verify error".

Failed asserting that false is true.

/tmp/autopkgtest-lxc.oubjjog1/downtmp/build.dE0/src/src/Symfony/Component/Mime/Tests/Crypto/SMimeSignerTest.php:160
/tmp/autopkgtest-lxc.oubjjog1/downtmp/build.dE0/src/src/Symfony/Component/Mime/Tests/Crypto/SMimeSignerTest.php:150


Thanks, hope to find time to look at it (this issue in the Symfony Mime 
Coponent testsuite) really soon.


Regards

taffit


OpenPGP_signature
Description: OpenPGP digital signature

Bug#969944: debian-installer: Screen is corrupted (Legacy mode Boot)

2023-04-25 Thread Cyril Brulebois

Hi ng,

ng  (2023-04-25):
> This statement is totally wrong!  I am sorry.
> 
> Correction:  In order to reproduce this screen corruption, I have to set
> Legacy mode boot in the BIOS,  as you can see in the video (it clearly
> states BIOS mode), so:
> 
> BIOS set to:
> 
> Legacy mode:  Screen corruption.
> UEFI:  Works correctly.
> UEFI and Secure Boot: Works correctly.
> 
> Excuse my mistake.

No worries! Thanks for letting us know.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1034733: unblock: irony-mode/1.5.0-5

2023-04-25 Thread Nicholas D Steeves

Control: unblock 1034733 by 1032887

I had added this block in error.  Llvm-15-toolchain/1:15.0.6-4, which is
in bookworm, fulfills the requirements for irony-mode/1.5.0-5.

Thanks,
Nicholas


signature.asc
Description: PGP signature

Bug#1034688: [Pkg-privacy-maintainers] Bug#1034688: onionshare: flaky autopkgtest

2023-04-25 Thread Hefee

Hey,

I have no real idea why we see only a problem in the chat_server test. It is a 
problem in the shutdown... I can mark it as superficial so the failing test 
does not block the CI. But is only a workaround. Can you enable the verbose 
flag by hand, so we can see what function triggers this segmentation fault? 

Test-Command: XDG_CONFIG_HOME="$AUTOPKGTEST_TMP" onionshare-cli -v --local-
only --chat --auto-stop-timer 2

Or can you give me the the back trace of the segmentation fault?
On my system, I don't see the segmentation fault, so hard to taggle down.

Properly it is
https://github.com/onionshare/onionshare/issues/1408#issuecomment-908150292
and it is harmless. But without verbose log I cannot be sure. 

> The autopkgtests from onionshare are flaky and have been failing roughly
> half the time over the last couple of weeks.

Does that mean, that it run successfully before?

Regards,

hefee

--

On Freitag, 21. April 2023 20:53:03 CEST Sebastian Ramacher wrote:
> Source: onionshare
> Version: 2.6-1
> Severity: serious
> 

> 
> https://ci.debian.net/data/autopkgtest/testing/amd64/o/onionshare/32901091/l
> og.gz
> 
> Give this address and private key to the recipient:
> http://127.0.0.1:17632
> Private key: E2GOT5LTUTP3OAMRCRXO4GSH6VKJEUOXZQUC336SRKAHTTT5OVSA
> 
> Press Ctrl+C to stop the server
> Stopped because auto-stop timer ran out
> Segmentation fault
> autopkgtest [22:20:10]: test chat_server: ---]
> autopkgtest [22:20:10]: test chat_server:  - - - - - - - - - - results - - -
> - - - - - - - chat_server  FAIL non-zero exit status 139

signature.asc
Description: This is a digitally signed message part.

Bug#1034859: coreutils: pr: -s disables truncation in columnated output w/o -w, must be equivalent to -w512

2023-04-25 Thread наб

Package: coreutils
Version: 8.32-4+b1
Version: 9.1-1
Severity: normal

Dear Maintainer,

POSIX says:
-- >8 --
-s[char]
Separate text columns by the single character char instead of by
the appropriate number of  characters (default for char shall
be ).
-w  width
Set the width of the line to width column positions for multiple
text-column output only. If the -w option is not specified and the
-s option is not specified, the default width shall be 72. If the -w
option is not specified and the -s option is specified, the default
width shall be 512.

For single column output, input lines shall not be truncated.
-- >8 --

Why, then:
-- >8 --
$ printf '%*s\n' 1024 a | tr ' ' q | pr -2fs


2023-04-25 23:54  Page 1


qqqa

$ printf '%*s\n' 1024 a | tr ' ' q | pr -2fs -w512


2023-04-25 23:54



  Page 1




-- >8 --

Best,
наб

-- System Information:
Debian Release: 12.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: x32 (x86_64)
Foreign Architectures: amd64, i386

Kernel: Linux 6.1.0-2-amd64 (SMP w/2 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages coreutils depends on:
ii  libacl1  2.3.1-3
ii  libattr1 1:2.5.1-4
ii  libc62.36-9
ii  libgmp10 2:6.2.1+dfsg1-1.1
ii  libselinux1  3.4-1+b5

coreutils recommends no packages.

coreutils suggests no packages.

-- no debconf information


signature.asc
Description: PGP signature

Bug#1034829: 2.0 broke handling of reused keys

2023-04-25 Thread Harlan Lieberman-Berg

tag 1034829 +moreinfo
thanks

On Tue, Apr 25, 2023 at 3:42 PM Harald Dunkel  wrote:
> Would it be possible to provide new certbot 2.5.0 on experimental
> while Bookworm is frozen? 2.0 broke handling of reused keys. This
> has been fixed for 2.5, see

Hello Harri,

We actually backported the patches that fixed reused keys in 2.1.0-3.
Have you experienced this reversion behavior yourself, or is this just
based off of the changelog notes?

Sincerely,

-- 
Harlan Lieberman-Berg
~hlieberman

Bug#1034858: coreutils: pr: date format is %F %R always, must be %b %e %H:%M %Y if LC_TIME=C

2023-04-25 Thread наб

Package: coreutils
Version: 8.32-4+b1
Version: 9.1-1
Severity: normal

Dear Maintainer,

Quoth Issue 8 Draft 2.1 (unchanged for a long time),
XCU, pr, STDOUT:
-- >8 --
104141  In the POSIX locale, the  field, representing the date 
and time of last modification
104142  of the input file (or the current date and time if the input file is 
standard input), shall be
104143  equivalent to the output of the following command as it would appear if 
executed at the given
104144  time:
104145  date "+%b %e %H:%M %Y"
104146  without the trailing , if the page being written is from 
standard input. If the page
104147  being written is not from standard input, in the POSIX locale, the same 
format shall be used, but
104148  the time used shall be the modification time of the file corresponding 
to file instead of the current
104149  time. When the LC_TIME locale category is not set to the POSIX locale, 
a different format and
104150  order of presentation of this field may be used.
-- >8 --
RATIONALE:
-- >8 --
104203  The  field in the −l format is specified only for the 
POSIX locale. As noted, the
104204  format can be different in other locales. No mechanism for defining 
this is present in this volume
104205  of POSIX.1-202x, as the appropriate vehicle is a message catalog; that 
is, the format should be
104206  specified as a ``message’’.
-- >8 --
(the -l thing appears to be an error).

Why, then:
-- >8 --
$ echo  | pr -f


2023-04-25 23:16  Page 1




$ echo  | LC_ALL=C pr -f


2023-04-25 23:16  Page 1




$ echo  | LC_ALL=POSIX pr -f


2023-04-25 23:16  Page 1




-- >8 --

This is just like who, except this works in coreutils who.

Best,
наб

-- System Information:
Debian Release: 12.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: x32 (x86_64)
Foreign Architectures: amd64, i386

Kernel: Linux 6.1.0-2-amd64 (SMP w/2 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages coreutils depends on:
ii  libacl1  2.3.1-3
ii  libattr1 1:2.5.1-4
ii  libc62.36-9
ii  libgmp10 2:6.2.1+dfsg1-1.1
ii  libselinux1  3.4-1+b5

coreutils recommends no packages.

coreutils suggests no packages.

-- no debconf information


signature.asc
Description: PGP signature

Bug#1034857: coreutils: pr: -p missing

2023-04-25 Thread наб

Package: coreutils
Version: 8.32-4+b1
Version: 9.1-1
Severity: normal

Dear Maintainer,

  $ pr -p
  pr: invalid option -- 'p'
  Try 'pr --help' for more information.

-p has been standard since XPG2 as
  -p  Pause before beginning each page if the output is directed to a terminal 
(pr will
  ring the bell at the terminal and wait for a carriage return).
and Issue 8 Draft 2.1 describes it as
104089  −p  Pause before beginning each page if the standard output is directed 
to a terminal;
104090  pr shall write an  to standard error and wait for a 
 to be read on
104091  /dev/tty.

Best,
наб

-- System Information:
Debian Release: 12.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: x32 (x86_64)
Foreign Architectures: amd64, i386

Kernel: Linux 6.1.0-2-amd64 (SMP w/2 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages coreutils depends on:
ii  libacl1  2.3.1-3
ii  libattr1 1:2.5.1-4
ii  libc62.36-9
ii  libgmp10 2:6.2.1+dfsg1-1.1
ii  libselinux1  3.4-1+b5

coreutils recommends no packages.

coreutils suggests no packages.

-- no debconf information


signature.asc
Description: PGP signature

Bug#1034830: qtbase5-private-dev ships header that requires cbor.h without dependency

2023-04-25 Thread Dmitry Shachnev

Hi all!

On Tue, Apr 25, 2023 at 05:21:45PM -0300, Lisandro Damián Nicanor Pérez Meyer 
wrote:
> To the best of my knowledge Qt installs lots of really not-required headers 
> in 
> it's private stuff. If you ask them it's for the sake of simplicity, as you 
> are 
> not supposed to use private headers...
>
> The reason we export those private headers is because we build Qt by 
> submodules instead of a big huuuge build including webengine et all, and Qt 
> submodules do have internal private dependencies.
>
> So yes, it is a valid bug, but I am afraid that it will be too hard to get 
> that right. Non the less I really appreciate you filing this bug report, it 
> is 
> a good thing to have it around.
>
> @Dmitry: I would mark this as wontfix, what do you think?

Well, if adding just one small dependency will make Steve's script happy,
then I don't mind doing it. But if we are talking about a dozen of extra
dependencies, I would rather not do it. Or maybe they should be Recommends or
Suggests.

--
Dmitry Shachnev


signature.asc
Description: PGP signature

Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22

2023-04-25 Thread Hannes von Haugwitz

Hi Thomas,

On Tue, Apr 25, 2023 at 10:54:39AM +0200, Thomas Dorner wrote:
> The last two daily aide runs on my desktop machine failed with an error
> 22.

How many files are in the AIDE database on a successful run? Does this
number significantly differ when the aide check fails?

> Version 0.18.2-1 had been installed on 2023-04-21, so it did run OK at
> least two times.  It also run OK after a manual "systemctl start
> dailyaidecheck" in a terminal window yesterday.  This did not work today
> though.

Is 0.18.2-1 the only version you experience this behaviour or does this
error also occur with an older version?

> The last warnings like the 4 last ones above all come from a test
> directory used by my current project.  The files and directories there
> have been deleted and recreated several times during the aide run.

Independently of the issue above, it might make sense to exclude this
directory.

Best regards

Hannes

Bug#1034849: coreutils: pr: -ien don't accept characters for tab override, only bytes

2023-04-25 Thread наб

Control: retitle -1 coreutils: pr: -ien don't accept characters for tab 
override, only bytes

Same applies to -n, of course.
-- >8 --
$ printf '%s\n' a b c | pr -fna


2023-04-25 22:26  Page 1


1aa
2ab
3ac

$ printf '%s\n' a b c | pr -fną
pr: '-n' extra characters or invalid number in the argument: ‘\205’
Try 'pr --help' for more information.
-- >8 --

Funnily enough, -s is fine since, as an extension, it uses the entire
option-argument instead of the first character.

Taking everything before the first digit in -ien as the [char]
would match the -s extension and is much simpler than mbrtowc()ing
optarg. It's also probably correct for most encodings? So that's a plus.

Best,
наб


signature.asc
Description: PGP signature

Bug#1034830: qtbase5-private-dev ships header that requires cbor.h without dependency

2023-04-25 Thread Lisandro Damián Nicanor Pérez Meyer

Hi Steve!

El martes, 25 de abril de 2023 12:56:36 -03 Steve Langasek escribió:
> Package: qtbase5-private-dev
> Version: 5.15.8+dfsg-3
> Severity: minor
> User: ubuntu-de...@lists.ubuntu.com
> Usertags: origin-ubuntu lunar
> 
> Dear maintainers,
> 
> As part of an investigation to establish the feasibility of moving 32-bit
> archs to 64-bit time_t, I am running an analysis of all header files in the
> archive to determine which libraries' ABIs are affected.  This requires the
> headers in question to be compilable.
> 
> qtbase5-private-dev ships header files which have includes that are not
> satisfied by its dependencies.  For my purposes, I've worked around these
> unusable headers by adding quirks to my scripts, but it seems worth
> reporting as a bug that headers are being shipped that aren't usable.

To the best of my knowledge Qt installs lots of really not-required headers in 
it's private stuff. If you ask them it's for the sake of simplicity, as you are 
not supposed to use private headers...

The reason we export those private headers is because we build Qt by 
submodules instead of a big huuuge build including webengine et all, and Qt 
submodules do have internal private dependencies.

So yes, it is a valid bug, but I am afraid that it will be too hard to get 
that right. Non the less I really appreciate you filing this bug report, it is 
a good thing to have it around.

@Dmitry: I would mark this as wontfix, what do you think?

signature.asc
Description: This is a digitally signed message part.

Bug#1034856: dstat: autopkgtest regression on multiple archs: TypeError: '<' not supported between instances of 'dict' and 'int'

2023-04-25 Thread Paul Gevers


Hi,

On Tue, 25 Apr 2023 22:03:43 +0200 Paul Gevers  wrote:
Your package has an autopkgtest, great. However, it fails since April 
2023 on arm64, i386, ppc64el and s390x.


Sorry, I forgot to spot what I should have spotted: those are the 
architectures that I upgraded on ci.debian.net to a bookworm kernel. 
Even the tests in stable started to fail. We run lxc, so the kernel is 
determined by the host.


Also, bug #1032615 has the same stack trace.

Paul


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1034856: dstat: autopkgtest regression on multiple archs: TypeError: '<' not supported between instances of 'dict' and 'int'

2023-04-25 Thread Paul Gevers


Source: dstat
Version: 0.7.4-6.1
Severity: serious
Control: tags -1 bookworm-ignore
User: debian...@lists.debian.org
Usertags: regression

Dear maintainer(s),

Your package has an autopkgtest, great. However, it fails since April 
2023 on arm64, i386, ppc64el and s390x. Can you please investigate the 
situation and fix it? I copied some of the output at the bottom of this 
report.


The release team has announced [1] that failing autopkgtest on amd64 and 
arm64 are considered RC in testing. [Release Team member hat on] Because 
we're currently in the hard freeze for bookworm, I have marked this bug 
as bookworm-ignore. Targeted fixes are still welcome.


More information about this bug and the reason for filing it can be 
found on 
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation


Paul

[1] https://lists.debian.org/debian-devel-announce/2019/07/msg2.html

https://ci.debian.net/data/autopkgtest/testing/arm64/d/dstat/33156935/log.gz

* Exception in plugin ['loop0', 'loop1', 'loop2', 'loop3', 'loop4', 
'loop5', 'loop6', 'loop7', 'vda']

'rq_ticks'
main()
  File "/usr/bin/dstat", line 2687, in main
scheduler.run()
  File "/usr/lib/python3.11/sched.py", line 151, in run
action(*argument, **kwargs)
  File "/usr/bin/dstat", line 2804, in perform
line = line + o.show() + o.showend(totlist, vislist)
  
  File "/usr/bin/dstat", line 526, in show
line = line + cprint(self.val[name], ctype, self.width, scale)
  
  File "/usr/bin/dstat", line 2105, in cprint
if ctype != 's' and var < 0:
^^^
TypeError: '<' not supported between instances of 'dict' and 'int'


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1030779: Acknowledgement (python3-fastapi has a metadata dependency on starlette=0.22.0, while Debian bookworm ships 0.23.1)

2023-04-25 Thread Cesar Enrique Garcia Dabo

I have just realized that there are new fastapi and starlette packages. 
However the problem still persists, although now the version 
requirements have changed:


Collecting starlette<0.26.0,>=0.25.0
  Using cached starlette-0.25.0-py3-none-any.whl (66 kB)

The current version delivered of starlette is python3-starlette    0.26.1-1

Bug#1034605: closed by Debian FTP Masters (reply to Mike Gabriel ) (Bug#1034605: fixed in marco 1.26.1-2)

2023-04-25 Thread Mike Gabriel


Hi Mladen,

On  Di 25 Apr 2023 18:40:24 UTC, Mladen Petrović wrote:

I think this commit is causing an issue with Marco compositor not  
working as it should. (Screen tearing)


https://salsa.debian.org/debian-mate-team/marco/-/commit/4f7894fee3a9e02b2c37b7f76659a21e7fe23474 Here is why it was applied, and it should be reverted back. (Xpresent needs to be re-enabled in  
Marco)


https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/1959995


I noticed that in Linux mint 21(Ubuntu 22.04) libmarco-private2  
depends on libxpresent1.


While the one in Debian Bookworm does not.


Best regards,



I agree with your analysis. However, I need to check how marco checks  
for the presence of the present extension in the Xserver. We have to  
make sure, marco runs in X2Go as well as on physical hardware.


Mike

--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de

Bug#1034855: trapperkeeper-webserver-jetty9-clojure: autopkgtest regression: Cannot invoke "Object.toString()" because "s" is null

2023-04-25 Thread Paul Gevers


Source: trapperkeeper-webserver-jetty9-clojure
Version: 4.4.1-5
Severity: serious
Control: tags -1 bookworm-ignore
User: debian...@lists.debian.org
Usertags: regression

Dear maintainer(s),

Your package has an autopkgtest, great. However, it fails since April 
2023. Can you please investigate the situation and fix it? I copied some 
of the output at the bottom of this report.


The release team has announced [1] that failing autopkgtest on amd64 and 
arm64 are considered RC in testing. [Release Team member hat on] Because 
we're currently in the hard freeze for bookworm, I have marked this bug 
as bookworm-ignore. Targeted fixes are still welcome.


More information about this bug and the reason for filing it can be 
found on 
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation


Paul

[1] https://lists.debian.org/debian-devel-announce/2019/07/msg2.html

https://ci.debian.net/data/autopkgtest/testing/amd64/t/trapperkeeper-webserver-jetty9-clojure/33156934/log.gz

ERROR in (request-logging-test) (Matcher.java:1769)
request logging occurs when :access-log-config is configured
expected: (re-find #"\"GET /hi_world/ HTTP/1.1\" 200 8" (first list))
  actual: java.lang.NullPointerException: Cannot invoke 
"java.lang.CharSequence.length()" because "this.text" is null

 at java.util.regex.Matcher.getTextLength (Matcher.java:1769)
java.util.regex.Matcher.reset (Matcher.java:415)
java.util.regex.Matcher. (Matcher.java:252)
java.util.regex.Pattern.matcher (Pattern.java:1134)
clojure.core$re_matcher.invokeStatic (core.clj:4881)
clojure.core$re_find.invokeStatic (core.clj:4923)
clojure.core$re_find.invoke (core.clj:4923)
clojure.lang.AFn.applyToHelper (AFn.java:156)
clojure.lang.AFn.applyTo (AFn.java:144)
clojure.core$apply.invokeStatic (core.clj:667)
clojure.core$apply.invoke (core.clj:662)

puppetlabs.trapperkeeper.services.webserver.jetty9_service_test$fn__29186$fn__29189$fn__29190.invoke 
(jetty9_service_test.clj:740)


puppetlabs.trapperkeeper.services.webserver.jetty9_service_test$fn__29186$fn__29189.invoke 
(jetty9_service_test.clj:733)

clojure.core$with_redefs_fn.invokeStatic (core.clj:7582)
clojure.core$with_redefs_fn.invoke (core.clj:7566)

puppetlabs.trapperkeeper.services.webserver.jetty9_service_test$fn__29186.invokeStatic 
(jetty9_service_test.clj:722)
puppetlabs.trapperkeeper.services.webserver.jetty9_service_test/fn 
(jetty9_service_test.clj:721)

clojure.test$test_var$fn__9856.invoke (test.clj:717)
clojure.test$test_var.invokeStatic (test.clj:717)
clojure.test$test_var.invoke (test.clj:708)
clojure.test$test_vars$fn__9882$fn__9887.invoke (test.clj:735)
clojure.test$default_fixture.invokeStatic (test.clj:687)
clojure.test$default_fixture.invoke (test.clj:683)
clojure.test$test_vars$fn__9882.invoke (test.clj:735)

puppetlabs.trapperkeeper.services.webserver.jetty9_service_test$eval28533$fn__28534.invoke 
(jetty9_service_test.clj:43)

clojure.test$compose_fixtures$fn__9850$fn__9851.invoke (test.clj:694)

puppetlabs.trapperkeeper.testutils.webserver$assert_clean_shutdown.invokeStatic 
(webserver.clj:75)


puppetlabs.trapperkeeper.testutils.webserver$assert_clean_shutdown.invoke 
(webserver.clj:71)

clojure.test$compose_fixtures$fn__9850$fn__9851.invoke (test.clj:694)
schema.test$validate_schemas$fn25482__25491$fn__25492.invoke 
(test.cljc:12)

schema.test$validate_schemas$fn25482__25491.invoke (test.cljc:12)
clojure.lang.AFn.applyToHelper (AFn.java:152)
clojure.lang.AFn.applyTo (AFn.java:144)
clojure.lang.AFunction$1.doInvoke (AFunction.java:31)
clojure.lang.RestFn.invoke (RestFn.java:397)
schema.test$validate_schemas.invokeStatic (test.cljc:12)
schema.test$validate_schemas.invoke (test.cljc:7)
clojure.test$compose_fixtures$fn__9850$fn__9851.invoke (test.clj:694)

puppetlabs.kitchensink.testutils.fixtures$with_no_jvm_shutdown_hooks$fn__28235.invoke 
(fixtures.clj:10)

clojure.core$with_redefs_fn.invokeStatic (core.clj:7582)
clojure.core$with_redefs_fn.invoke (core.clj:7566)

puppetlabs.kitchensink.testutils.fixtures$with_no_jvm_shutdown_hooks.invokeStatic 
(fixtures.clj:9)


puppetlabs.kitchensink.testutils.fixtures$with_no_jvm_shutdown_hooks.invoke 
(fixtures.clj:4)

clojure.test$compose_fixtures$fn__9850$fn__9851.invoke (test.clj:694)
clojure.test$default_fixture.invokeStatic (test.clj:687)
clojure.test$default_fixture.invoke (test.clj:683)
clojure.test$compose_fixtures$fn__9850.invoke (test.clj:694)
clojure.test$compose_fixtures$fn__9850.invoke (test.clj:694)
clojure.test$compose_fixtures$fn__9850.invoke (test.clj:694)
clojure.test$compose_fixtures$fn__9850.invoke (test.clj:694)
clojure.test$test_vars.invokeStatic (test.clj:731)
clojure.test$test_all_vars.invokeStatic (test.clj:737)
clojure.test$test_ns.invokeStatic (test.clj:758)
clojure.test$test_ns.invoke (test.clj:743)

Bug#797969: No longer relevant

2023-04-25 Thread أحمد المحمودي

elinks now uses configure.ac, so this issue is no longer relevant. 

-- 
‎أحمد المحمودي (Ahmed El-Mahmoudy)
 Digital design engineer
GPG KeyIDs: 4096R/A7EF5671 2048R/EDDDA1B7
GPG Fingerprints:
 6E2E E4BB 72E2 F417 D066  6ABF 7B30 B496 A7EF 5761
 8206 A196 2084 7E6D 0DF8  B176 BC19 6A94 EDDD A1B7


signature.asc
Description: PGP signature

Bug#1034854: symfony: autopkgtest regression: "error:10800075:PKCS7 routines::certificate verify error".

2023-04-25 Thread Paul Gevers

Source: symfony
Version: 5.4.22+dfsg-2
Severity: serious
Control: tags -1 bookworm-ignore
User: debian...@lists.debian.org
Usertags: regression

Dear maintainer(s),

Your package has an autopkgtest, great. However, it fails since April
2023. Can you please investigate the situation and fix it? I copied some
of the output at the bottom of this report.

The release team has announced [1] that failing autopkgtest on amd64 and
arm64 are considered RC in testing. [Release Team member hat on] Because
we're currently in the hard freeze for bookworm, I have marked this bug
as bookworm-ignore. Targeted fixes are still welcome.

More information about this bug and the reason for filing it can be
found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[1] https://lists.debian.org/debian-devel-announce/2019/07/msg2.html

https://ci.debian.net/data/autopkgtest/testing/amd64/s/symfony/33122795/log.gz

There were 7 failures:

1) Symfony\Component\Mime\Tests\Crypto\SMimeSignerTest::testSignedMessage
Verification of the message /tmp/phpxnGzwx failed. Internal error
"error:10800075:PKCS7 routines::certificate verify error".