Bug#1051862: (Debian) Bug#1051862: server flooded with xen_mc_flush warnings with xen 4.17 + linux 6.1

2023-09-13 Thread Juergen Gross 

Hi Hans,

On 13.09.23 23:38, Hans van Kranenburg wrote:

Hi Radoslav,

Thanks for your report...

Hi Juergen, Boris and xen-devel,

At Debian, we got the report below. (Also at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051862)

This hardware, with only Xen and Dom0 running is hitting the failed
multicall warning and logging in arch/x86/xen/multicalls.c. Can you help
advise what we can do to further debug this issue?

Since this looks like pretty low level Xen/hardware stuff, I'd rather
ask upstream for directions first. If needed the Debian Xen Team can
assist the end user with the debugging process.

Thanks,

More reply inline...

On 9/13/23 20:12, Radoslav Bodó wrote:

Package: xen-system-amd64
Version: 4.17.1+2-gb773c48e36-1
Severity: important

Hello,

after upgrade from Bullseye to Bookworm one of our dom0's
became unusable due to logs/system being continuously flooded
with warnings from arch/x86/xen/multicalls.c:102 xen_mc_flush, and the
system become unusable.

The issue starts at some point where system services starts to come up,
but nothing very special is on that box (dom0, nftables, fail2ban,
prometheus-node-exporter, 3x domU). We have tried to disable all domU's
and fail2ban as the name of the process would suggest, but issue is
still present. We have tried also some other elaboration but none of
them have helped so far:

* the issue arise when xen 4.17 + linux >= 6.1 is booted
* xen + bookworm-backports linux-image-6.4.0-0.deb12.2-amd64 have same isuue
* without xen hypervisor, linux 6.1 runs just fine
* systemrescue cd boot and xfs_repair rootfs did not helped
* memtest seem to be fine running for hours


Thanks for already trying out all these combinations.


As a workaround we have booted xen 4.17 + linux 5.10.0-25 (5.10.191-1)
and the system is running fine as for last few months.

Hardware:
* Dell PowerEdge R750xs
* 2x Intel Xeon Silver 4310 2.1G
* 256GB RAM
* PERC H755 Adapter, 12x 18TB HDDs


I have a few quick additional questions already:

1. For clarification.. From your text, I understand that only this one
single server is showing the problem after the Debian version upgrade.
Does this mean that this is the only server you have running with
exactly this combination of hardware (and BIOS version, CPU microcode
etc etc)? Or, is there another one with same hardware which does not
show the problem?

2. Can you reply with the output of 'xl dmesg' when the problem happens?
Or, if the system gets unusable too quick, do you have a serial console
connection to capture the output?

3. To confirm... I understand that there are many of these messages.
Since you pasted only one, does that mean that all of them look exactly
the same, with "1 of 1 multicall(s) failed: cpu 10" "call  1: op=1
arg=[a1a9eb10] result=-22"? Or are there variations? If so, can
you reply with a few different ones?

Since this very much looks like an issue of Xen related code where the
Xen hypervisor, dom0 kernel and hardware has to work together correctly,
(and not a Debian packaging problem) I'm already asking upstream for
advice about what we should/could do next, instead of trying to make a
guess myself.

Thanks,
Hans


Any help, advice or bug confirmation would be appreciated

Best regards
bodik


(log also in attachment)

```
kernel: [   99.762402] WARNING: CPU: 10 PID: 1301 at
arch/x86/xen/multicalls.c:102 xen_mc_flush+0x196/0x220
kernel: [   99.762598] Modules linked in: nvme_fabrics nvme_core bridge
xen_acpi_processor xen_gntdev stp llc xen_evtchn xenfs xen_privcmd
binfmt_misc intel_rapl_msr ext4 intel_rapl_common crc16
intel_uncore_frequency_common mbcache ipmi_ssif jbd2 nfit libnvdimm
ghash_clmulni_intel sha512_ssse3 sha512_generic aesni_intel acpi_ipmi
nft_ct crypto_simd cryptd mei_me mgag200 ipmi_si iTCO_wdt intel_pmc_bxt
ipmi_devintf drm_shmem_helper dell_smbios nft_masq iTCO_vendor_support
isst_if_mbox_pci drm_kms_helper isst_if_mmio dcdbas mei intel_vsec
isst_if_common dell_wmi_descriptor wmi_bmof watchdog pcspkr
intel_pch_thermal ipmi_msghandler i2c_algo_bit acpi_power_meter button
nft_nat joydev evdev sg nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6
nf_defrag_ipv4 nf_tables nfnetlink drm fuse loop efi_pstore configfs
ip_tables x_tables autofs4 xfs libcrc32c crc32c_generic hid_generic
usbhid hid dm_mod sd_mod t10_pi crc64_rocksoft crc64 crc_t10dif
crct10dif_generic ahci libahci xhci_pci libata xhci_hcd
kernel: [   99.762633]  megaraid_sas tg3 crct10dif_pclmul
crct10dif_common crc32_pclmul crc32c_intel bnxt_en usbcore scsi_mod
i2c_i801 libphy i2c_smbus usb_common scsi_common wmi
kernel: [   99.764765] CPU: 10 PID: 1301 Comm: python3 Tainted: G
W  6.1.0-12-amd64 #1  Debian 6.1.52-1
kernel: [   99.764989] Hardware name: Dell Inc. PowerEdge R750xs/0441XG,
BIOS 1.8.2 09/14/2022
kernel: [   99.765214] RIP: e030:xen_mc_flush+0x196/0x220
kernel: [   99.765436] Code: e2 06 48 01 da 85 c0 0f 84 23 ff ff ff 48
8b 43 18 48 83 c3 40 48 c1 e8 3f 41 01 c5 48 39 d3 75 ec 45 85 ed 0f 84
06

Bug#1050639: bookworm-pu: package clamav/1.0.2+dfsg-1~deb12u1

2023-09-13 Thread Adam D. Barratt 
On Wed, 2023-09-13 at 22:01 +0200, Sebastian Andrzej Siewior wrote:
> On 2023-09-13 17:26:46 [+0100], Adam D. Barratt wrote:
> > How does this sound for an SUA?
[...]
> This sounds entirely fine to me. I don't think that it is needed to
> point out that bullseye is not affected by the second issue.
> 

Great, thanks.

> There is also this thing regarding libclamunrar and the update to
> v6.2.10 of the bundled libbrary. I *think* it is related to
> CVE-2023-40477. Since unrar itself is only in -pu I think it is okay
> for libclamunar to follow the same fate.
> 

Just to be completely sure, "follow the same fate" here means leaving
libclamunrar in (o-)p-u until the point releases?

I assume the bundled library isn't used as-is in the Debian packaging,
that being why libclamunrar exists.

Regards,

Adam

Bug#1051910: mirror submission for ossmirror.mycloud.services

2023-09-13 Thread OSSMirror@OnboardCloud 
Package: mirrors
Severity: wishlist
User: mirr...@packages.debian.org
Usertags: mirror-submission

Submission-Type: new
Site: ossmirror.mycloud.services
Archive-architecture: ALL amd64 arm64 armel armhf hurd-i386 hurd-amd64 i386 
mips mips64el mipsel powerpc ppc64el riscv64 s390x
Archive-http: /debian/
Archive-rsync: debian/
Maintainer: OSSMirror@OnboardCloud 
Country: SG Singapore
Location: Singapore
Sponsor: OnboardCloud https://onboard.cloud




Trace Url: http://ossmirror.mycloud.services/debian/project/trace/
Trace Url: 
http://ossmirror.mycloud.services/debian/project/trace/ftp-master.debian.org
Trace Url: 
http://ossmirror.mycloud.services/debian/project/trace/ossmirror.mycloud.services

Bug#1051819: fluidsynth: Consider building with pipewire support

2023-09-13 Thread Gianfranco Costamagna 

control: reopen -1
control: notfixed -1 2.3.1-2
control: severity -1 serious
control: tags -1 patch

And also a -dev dependency on the library package, as shown by autopkgtests now 
being regressed (and vlc build broken).

trivial patch follows:

diff -Nru fluidsynth-2.3.3/debian/changelog fluidsynth-2.3.3/debian/changelog
--- fluidsynth-2.3.3/debian/changelog   2023-09-13 02:52:50.0 +0200
+++ fluidsynth-2.3.3/debian/changelog   2023-09-14 07:22:04.0 +0200
@@ -1,3 +1,10 @@
+fluidsynth (2.3.3-2.1) unstable; urgency=medium
+
+  * Fixup previous upload, also runtime depend on libpipewire-0.3-dev,
+on libfluidsynth-dev (Closes: #1051819)
+
+ -- Gianfranco Costamagna   Thu, 14 Sep 2023 
07:22:04 +0200
+
 fluidsynth (2.3.3-2) unstable; urgency=medium

   * Team upload.
diff -Nru fluidsynth-2.3.3/debian/control fluidsynth-2.3.3/debian/control
--- fluidsynth-2.3.3/debian/control 2023-09-13 02:52:50.0 +0200
+++ fluidsynth-2.3.3/debian/control 2023-09-14 07:22:02.0 +0200
@@ -82,6 +82,7 @@
  libdbus-1-dev [linux-any],
  libinstpatch-dev (>= 1.1.0),
  libjack-dev | libjack-jackd2-dev,
+ libpipewire-0.3-dev,
  libpulse-dev,
  libreadline-dev,
  libsdl2-dev,


 97s Removing autopkgtest-satdep (0) ...
 97s autopkgtest [09:40:45]: test libsdl2-mixer-dev: [---
 98s Silencing output: run with TEST_REALLY_PLAY_AUDIO=yes to hear audio
 98s + [ -n /tmp/autopkgtest-lxc.rib8c5t5/downtmp/libsdl2-mixer-dev-artifacts ]
 98s + WORKDIR=/tmp/autopkgtest-lxc.rib8c5t5/downtmp/libsdl2-mixer-dev-artifacts
 98s + [ -n  ]
 98s + CROSS_COMPILE=
 98s + [ -z  ]
 98s + set +x
 98s + export SDL_AUDIODRIVER=dummy
 98s + cp playmus.c 
/tmp/autopkgtest-lxc.rib8c5t5/downtmp/libsdl2-mixer-dev-artifacts
 98s + cp playwave.c 
/tmp/autopkgtest-lxc.rib8c5t5/downtmp/libsdl2-mixer-dev-artifacts
 98s + mkdir 
/tmp/autopkgtest-lxc.rib8c5t5/downtmp/libsdl2-mixer-dev-artifacts/cmake
 98s + cp ./cmake/test/CMakeLists.txt 
/tmp/autopkgtest-lxc.rib8c5t5/downtmp/libsdl2-mixer-dev-artifacts/cmake
 98s + cp ./cmake/test/main.c 
/tmp/autopkgtest-lxc.rib8c5t5/downtmp/libsdl2-mixer-dev-artifacts/cmake
 98s + mkdir 
/tmp/autopkgtest-lxc.rib8c5t5/downtmp/libsdl2-mixer-dev-artifacts/cmake-pkg-config
 98s + cp cmake/test/main.c 
/tmp/autopkgtest-lxc.rib8c5t5/downtmp/libsdl2-mixer-dev-artifacts/cmake-pkg-config
 98s + cp debian/tests/cmake-pkg-config/CMakeLists.txt 
/tmp/autopkgtest-lxc.rib8c5t5/downtmp/libsdl2-mixer-dev-artifacts/cmake-pkg-config
 98s + cd /tmp/autopkgtest-lxc.rib8c5t5/downtmp/libsdl2-mixer-dev-artifacts
 98s + pkg-config --cflags --libs SDL2_mixer >= 2.6.0
 98s Package libpipewire-0.3 was not found in the pkg-config search path.
 98s Perhaps you should add the directory containing `libpipewire-0.3.pc'
 98s to the PKG_CONFIG_PATH environment variable
 98s Package 'libpipewire-0.3', required by 'fluidsynth', not found
 98s + gcc -oplaymus playmus.c
 98s playmus.c:25:10: fatal error: SDL_stdinc.h: No such file or directory
 98s25 | #include "SDL_stdinc.h"
 98s   |  ^~
 98s compilation terminated.
 98s autopkgtest [09:40:46]: test libsdl2-mixer-dev: ---]

On Tue, 12 Sep 2023 20:21:15 -0400 Kevin Otte  wrote:

Package: fluidsynth
Version: 2.3.1-2
Severity: wishlist

Dear Maintainer,

Please consider building fluidsynth with pipewire support.
While it is working adequately via the pulseaudio compatibility layer,
it would be nice to utilize the native support added in 2.3.0 as it is
the default sound server in Debian 12.

It looks like all that is needed is a Build-Depends on libpipewire-0.3-dev
to have cmake pick up on it.

-- System Information:
Debian Release: 12.1
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-11-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages fluidsynth depends on:
ii  init-system-helpers  1.65.2
ii  libc62.36-9+deb12u1
ii  libfluidsynth3   2.3.1-2
ii  libglib2.0-0 2.74.6-2
ii  libsdl2-2.0-02.26.5+dfsg-1
ii  libsystemd0  252.12-1~deb12u1

Versions of packages fluidsynth recommends:
ii  qsynth  0.9.9-1

fluidsynth suggests no packages.

-- no debconf information




OpenPGP_signature
Description: OpenPGP digital signature

Bug#1051909: ring: FTBFS: error: using typedef-name ‘using dht::Logger = struct dht::log::Logger’ after ‘struct’

2023-09-13 Thread Aurelien Jarno 
Source: ring
Version: 20230206.0~ds2-1.3
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)

Dear maintainer,

ring fails to build from source. From my build log on amd64:

| /bin/bash ../libtool  --tag=CXX   --mode=compile g++ -std=gnu++17 
-DHAVE_CONFIG_H -I. -I..  -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 
-fvisibility=hidden -DLIBJAMI_BUILD -DASIO_STANDALONE 
-I/<>/daemon/contrib/x86_64-linux-gnu/include  -DPJ_AUTOCONF=1 
-I/usr/include/jsoncpp  -I/<>/daemon/src 
-I/<>/daemon/src/config -I/<>/daemon/src/media 
-I/<>/daemon/test -I/<>/daemon/src/jami  
-DPREFIX=\"/usr\" -DJAMI_DATADIR=\"/usr/share/jami\" -DENABLE_TRACE 
-DJAMI_REVISION=\"\" -DJAMI_DIRTY_REPO=\"dirty\" -DPJSIP_MAX_PKT_LEN=8000 
-DPJ_AUTOCONF=1 -I../src/jamidht/eth -Wdate-time -D_FORTIFY_SOURCE=2 -DNDEBUG=1 
-O3 -Wno-deprecated -g -O2 -ffile-prefix-map=/<>=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -D_LARGEFILE_SOURCE 
-D_FILE_OFFSET_BITS=64 -MT client/conversation_interface.lo -MD -MP -MF 
$depbase.Tpo -c -o client/conversation_interface.lo 
client/conversation_interface.cpp &&\
| mv -f $depbase.Tpo $depbase.Plo
| make[4]: *** [Makefile:2669: account_factory.lo] Error 1
| make[4]: *** Waiting for unfinished jobs
| libtool: compile:  g++ -std=gnu++17 -DHAVE_CONFIG_H -I. -I.. 
-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fvisibility=hidden -DLIBJAMI_BUILD 
-DASIO_STANDALONE "-I/<>/daemon/contrib/x86_64-linux-gnu/include" 
-DPJ_AUTOCONF=1 -I/usr/include/jsoncpp "-I/<>/daemon/src" 
"-I/<>/daemon/src/config" "-I/<>/daemon/src/media" 
"-I/<>/daemon/test" "-I/<>/daemon/src/jami" 
-DPREFIX=\"/usr\" -DJAMI_DATADIR=\"/usr/share/jami\" -DENABLE_TRACE 
-DJAMI_REVISION=\"\" -DJAMI_DIRTY_REPO=\"dirty\" -DPJSIP_MAX_PKT_LEN=8000 
-DPJ_AUTOCONF=1 -I../src/jamidht/eth -Wdate-time -D_FORTIFY_SOURCE=2 -DNDEBUG=1 
-O3 -Wno-deprecated -g -O2 "-ffile-prefix-map=/<>=." 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -D_LARGEFILE_SOURCE 
-D_FILE_OFFSET_BITS=64 -MT client/conversation_interface.lo -MD -MP -MF 
client/.deps/conversation_interface.Tpo -c client/conversation_interface.cpp -o 
client/conversation_interface.o
| make[4]: *** [Makefile:2669: call.lo] Error 1
| make[4]: *** [Makefile:2669: manager.lo] Error 1
| make[4]: *** [Makefile:2669: conference.lo] Error 1
| In file included from ./jamidht/account_manager.h:28,
|  from ./jamidht/conversation_module.h:25,
|  from ./jamidht/jamiaccount.h:49,
|  from client/datatransfer.cpp:26:
| ./jamidht/namedirectory.h:43:8: error: using typedef-name ‘using dht::Logger 
= struct dht::log::Logger’ after ‘struct’
|43 | struct Logger;
|   |^~
| In file included from /usr/include/opendht/dhtrunner.h:28,
|  from ./connectivity/connectionmanager.h:24,
|  from ./jamidht/jamiaccount.h:46:
| /usr/include/opendht/logger.h:117:7: note: ‘using dht::Logger = struct 
dht::log::Logger’ has a previous declaration here
|   117 | using Logger = log::Logger;
|   |   ^~
| In file included from ./jamidht/account_manager.h:28,
|  from ./jamidht/conversation_module.h:25,
|  from ./jamidht/jamiaccount.h:49,
|  from client/configurationmanager.cpp:39:
| ./jamidht/namedirectory.h:43:8: error: using typedef-name ‘using dht::Logger 
= struct dht::log::Logger’ after ‘struct’
|43 | struct Logger;
|   |^~
| In file included from /usr/include/opendht/dhtrunner.h:28,
|  from ./connectivity/connectionmanager.h:24,
|  from ./jamidht/jamiaccount.h:46:
| /usr/include/opendht/logger.h:117:7: note: ‘using dht::Logger = struct 
dht::log::Logger’ has a previous declaration here
|   117 | using Logger = log::Logger;
|   |   ^~
| In file included from ./jamidht/account_manager.h:28,
|  from ./jamidht/conversation_module.h:25,
|  from ./jamidht/jamiaccount.h:49,
|  from client/callmanager.cpp:38:
| ./jamidht/namedirectory.h:43:8: error: using typedef-name ‘using dht::Logger 
= struct dht::log::Logger’ after ‘struct’
|43 | struct Logger;
|   |^~
| In file included from /usr/include/opendht/dhtrunner.h:28,
|  from ./connectivity/connectionmanager.h:24,
|  from ./jamidht/jamiaccount.h:46:
| /usr/include/opendht/logger.h:117:7: note: ‘using dht::Logger = struct 
dht::log::Logger’ has a previous declaration here
|   117 | using Logger = log::Logger;
|   |   ^~
| In file included from ./jamidht/account_manager.h:28,
|  from ./jamidht/conversation_module.h:25,
|  from ./jamidht/jamiaccount.h:49,
|  from client/conversation_interface.cpp:33:
| ./jamidht/namedirectory.h:43:8: error: using typedef-name ‘using

Bug#960489: Fixed with 2.0.17-3

2023-09-13 Thread Gianfranco Costamagna 

control: fixed -1 2.0.17-1
thanks
On Thu, 14 Sep 2023 06:04:38 +0200 Joachim Zobel  wrote:


--
   Papier ist gebundenes CO2. Bitte drucken Sie diese EMail aus und
archivieren Sie sie.





OpenPGP_signature
Description: OpenPGP digital signature

Bug#1051908: rasdaemon: ras-mc-ctl --layout: tabulated incorrectly

2023-09-13 Thread наб 
Package: rasdaemon
Version: 0.6.8-1.1
Severity: normal

Dear Maintainer,

$ ras-mc-ctl --layout
   +---+
   |mc0|mc1|
   | channel0  | channel1  | channel2  | channel0  | channel1  | channel2  |
---+---+
slot2: | 0 MB  | 0 MB  | 0 MB  | 0 MB  | 0 MB  | 0 MB  |
slot1: | 0 MB  | 0 MB  | 0 MB  | 0 MB  | 0 MB  | 0 MB  |
slot0: |  16384 MB  |  16384 MB  |  16384 MB  |  16384 MB  |  16384 MB  |  
16384 MB  |
---+-+

наб

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-9-amd64 (SMP w/24 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, 
TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages rasdaemon depends on:
ii  init-system-helpers  1.65.2
ii  libc62.36-9+deb12u1
ii  libdbd-sqlite3-perl  1.72-1
ii  libsqlite3-0 3.40.1-2
ii  perl 5.36.0-7
ii  sqlite3  3.40.1-2

rasdaemon recommends no packages.

rasdaemon suggests no packages.

-- no debconf information


signature.asc
Description: PGP signature

Bug#1043033: Accepted ghostscript 10.02.0~dfsg-1 (source) into unstable

2023-09-13 Thread Salvatore Bonaccorso 
Source: ghostscript
Source-Version: 10.02.0~dfsg-1

On Wed, Sep 13, 2023 at 09:21:09PM +, Debian FTP Masters wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
> 
> Format: 1.8
> Date: Wed, 13 Sep 2023 20:18:16 +0200
> Source: ghostscript
> Architecture: source
> Version: 10.02.0~dfsg-1
> Distribution: unstable
> Urgency: medium
> Maintainer: Debian QA Group 
> Changed-By: Jonas Smedegaard 
> Changes:
>  ghostscript (10.02.0~dfsg-1) unstable; urgency=medium
>  .
>* QA upload
>  .
>[ upstream ]
>* new release(s)

This should address as well CVE-2023-38559 / #1043033 . 

Closing with the fixed version accordingly.

Regards,
Salvatore

Bug#1051875: aged experimental package (freedict-swa-eng)

2023-09-13 Thread Sebastian Humenda 
Hi

Thanks for being watchful. The dictionary is actually shipped ever since, it's
swh-eng. The name swa-eng was actually a mistake in naming. The renaming took
place before I took over the packaging.
Would you please be so kind to remove the package?

Thanks
Sebastian


signature.asc
Description: PGP signature

Bug#1051896: rkhunter: CVE-2023-4413

2023-09-13 Thread Francois Marier 
On 2023-09-13 at 14:15:53, Moritz Mühlenhoff (j...@inutil.org) wrote:
> https://gist.github.com/MatheuZSecurity/16ef0219db8f85f49f945a25d5eb42d7

My summary of this is: it's possible to figure out what files/ports/etc.
rkhunter is looking for by looking at the log file.

That log file is:

  -rw-r-  1 root  adm 502K 13 sep 07:41 rkhunter.log

and on my machine that means only root and logcheck can see it:

  $ grep adm /etc/group
  adm:x:4:logcheck

Of course, it's also possible to find out what files/ports/etc. rkhunter is
looking for by looking in /usr/share/rkhunter/scripts/ or looking at the
source code
(https://sourceforge.net/p/rkhunter/rkh_code/ci/develop/tree/files/).

So am I missing something here or is this simply not relevant given the
rkhunter threat model of being an Open Source tool with a public database?

Francois

Bug#1051822: installed chrony package post-installation script subprocess returned error exit status 1

2023-09-13 Thread Anibal Monsalve Salazar 
On Wed, 2023-09-13 15:15:10 +0200, Vincent Blut wrote:
> Control: tags -1 + moreinfo
> 
> Hi Anibal,
> 
> Le 2023-09-13 13:52, Anibal Monsalve Salazar a écrit :
>> Package: chrony
>> Version: 4.2-2
>> Severity: critical
>> 
>> # dpkg -i /mnt/apt/archives/chrony_4.4-1_i386.deb
>> (Reading database ... 34682 files and directories currently installed.)
>> Preparing to unpack .../archives/chrony_4.4-1_i386.deb ...
>> Failed to stop chronyd-restricted.service: Unit chronyd-restricted.service 
>> not loaded.
>> Unpacking chrony (4.4-1) over (4.3-4) ...
>> Setting up chrony (4.4-1) ...
>> Unknown option: comment
>> adduser [--home DIR] [--shell SHELL] [--no-create-home] [--uid ID]
>> [--firstuid ID] [--lastuid ID] [--gecos GECOS] [--ingroup GROUP | --gid ID]
>> [--disabled-password] [--disabled-login] [--add_extra_groups] USER
>>Add a normal user
>> 
>> adduser --system [--home DIR] [--shell SHELL] [--no-create-home] [--uid ID]
>> [--gecos GECOS] [--group | --ingroup GROUP | --gid ID] [--disabled-password]
>> [--disabled-login] [--add_extra_groups] USER
>>Add a system user
>> 
>> adduser --group [--gid ID] GROUP
>> addgroup [--gid ID] GROUP
>>Add a user group
>> 
>> addgroup --system [--gid ID] GROUP
>>Add a system group
>> 
>> adduser USER GROUP
>>Add an existing user to an existing group
>> 
>> general options:
>>   --quiet | -q  don't give process information to stdout
>>   --force-badname   allow usernames which do not match the
>> NAME_REGEX configuration variable
>>   --help | -h   usage message
>>   --version | -vversion number and copyright
>>   --conf | -c FILE  use FILE as configuration file
>> 
>> dpkg: error processing package chrony (--install):
>>  installed chrony package post-installation script subprocess returned error 
>> exit status 1
>> Processing triggers for man-db (2.11.2-3) ...
>> Errors were encountered while processing:
>>  chrony
> 
> I don't seem to be able to reproduce this issue. Could you please give me more
> information on the system on which you were upgrading chrony? It seems you 
> were
> upgrading from chrony 4.3-4, so I guess this system is running 
> testing/unstable‽
> 
> Cheers,
> Vincent

Dear Vincent,

I tried again to upgrade chrony on another machine and it failed.


Setting up chrony (4.4-1) ...
Unknown option: comment
adduser [--home DIR] [--shell SHELL] [--no-create-home] [--uid ID]
[--firstuid ID] [--lastuid ID] [--gecos GECOS] [--ingroup GROUP | --gid ID]
[--disabled-password] [--disabled-login] [--add_extra_groups] USER
   Add a normal user

adduser --system [--home DIR] [--shell SHELL] [--no-create-home] [--uid ID]
[--gecos GECOS] [--group | --ingroup GROUP | --gid ID] [--disabled-password]
[--disabled-login] [--add_extra_groups] USER
   Add a system user

adduser --group [--gid ID] GROUP
addgroup [--gid ID] GROUP
   Add a user group

addgroup --system [--gid ID] GROUP
   Add a system group

adduser USER GROUP
   Add an existing user to an existing group

general options:
  --quiet | -q  don't give process information to stdout
  --force-badname   allow usernames which do not match the
NAME_REGEX configuration variable
  --help | -h   usage message
  --version | -vversion number and copyright
  --conf | -c FILE  use FILE as configuration file

dpkg: error processing package chrony (--configure):
 installed chrony package post-installation script subprocess returned error 
exit status 1
...
Errors were encountered while processing:
 chrony
E: Sub-process /usr/bin/dpkg returned an error code (1)


$ dpkg -l adduser chrony
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name   Version  Architecture Description
+++-==---=
ri  adduser3.118all  add and remove users and groups
iF  chrony 4.4-1i386 Versatile implementation of the 
Network Time Protocol


I know updating adduser from 3.118 to 3.137 will fix this bug.

I tried dpkg -i chrony_4.4-1_i386.deb with the same messages above. I
did not upgrade adduser this time.

I suggest to replace line 28 in debian/control as follows:

--- control 2023-09-14 13:52:34.323543535 +1000
+++ control 2023-09-14 13:55:18.960189965 +1000
@@ -25,7 +25,7 @@ Rules-Requires-Root: no
 Package: chrony
 Architecture: linux-any
 Pre-Depends: ${misc:Pre-Depends}
-Depends: adduser,
+Depends: adduser (>= 3.137),
  iproute2 [linux-any],
  tzdata-legacy,
  ucf,

I will not touch the machine and will install any test package from you.

Please let me know what would you like me to do.

Thank you for your time and for helping me with this bug.

Kind regards,

Aníbal

Bug#1051907: aranym: Please update the outdated config.guess and config.sub to recognize the LoongArch

2023-09-13 Thread zhangdandan 

Source: aranym
Version: 1.1.0-2
Severity: wishlist
Tags: patch
User: debian-de...@lists.debian.org
Usertags: loongarch64

Dear maintainers,

When compiling the package aranym for loong64 in the Debian Package 
Auto-Building environment [1], The error message is as follows:

..Omit
(./configure --build=loongarch64-linux-gnu --host=loongarch64-linux-gnu 
--prefix=/usr --enable-usbhost && /usr/bin/make)
checking build system type... Invalid configuration 
`loongarch64-linux-gnu': machine `loongarch64' not recognized

configure: error: /bin/bash ./config.sub loongarch64-linux-gnu failed
..Omit

The full compilation log can be found at [2].
The version of autosetup/config.{sub,guess} in the aranym source package 
are too old for the LoongArch architecture.
The LoongArch architecture has been supported in config upstream [3] and 
autotools-dev source package [4].


Please consider update the outdated config.guess and config.sub to 
recognize the LoongArch.

Optionally, consider the patch (modify debian/rules) I have attached.
If you have any questions, you can contact me at any time.


[1]:https://buildd.debian.org/status/package.php?p=aranym=sid
[2]:https://buildd.debian.org/status/fetch.php?pkg=aranym=loong64=1.1.0-2=1693873761=0
[3]:https://git.savannah.gnu.org/cgit/config.git/commit/?id=20403c5701973a4cbd7e0b4bbeb627fcd424a0f1
[4]:https://packages.debian.org/bookworm/autotools-dev


thanks,
Dandan Zhang

diff -Nru aranym-1.1.0/debian/rules aranym-1.1.0/debian/rules
--- aranym-1.1.0/debian/rules   2021-01-31 11:52:49.0 +
+++ aranym-1.1.0/debian/rules   2021-01-31 14:27:46.0 +
@@ -53,6 +53,7 @@
dh_testdir
 
([ ! -f Makefile ] || $(MAKE) distclean)
+   dh_update_autotools_config
(./configure --build=$(DEB_BUILD_GNU_TYPE) --host=$(DEB_HOST_GNU_TYPE) 
--prefix=/usr ${CF_USB} && $(MAKE))
($(MAKE) install DESTDIR=`pwd`/debian/tmp )

Bug#1051906: openjdk-17 adds zero build for loong64

2023-09-13 Thread panxuefeng 

Package: openjdk-17

Version: 17.0.9~4ea-1

Severity: wishlist

Tags: patch

User: debian-de...@lists.debian.org

Usertags: loongarch64


Dear Maintainers,


I hope this email finds you well. We would like to add openjdk-17 zero 
build support for loong64.



The attached patch includes three parts of changes:


(1) Add the loong64 variable to debian/rules and debian/control.


(2) Synchronization with code in JDK-8315020. This part of the code has 
not been backported to jdk17u, so we need to handle it additionally.



(3 patches/add-basic_machine-in-autoconf-config.patch adds loongarch info.


Thank you for your time and consideration of this request.


Thanks,

Xuefeng Pan



commit c36214ebd3d6e0b2652fcafa95706dc4da4cf7ce
Author: panxuefeng 
Date:   Thu Sep 14 01:50:48 2023 +

Support zero build for loong64

diff --git a/changelog b/changelog
index 7541fd7..1ba8363 100644
--- a/changelog
+++ b/changelog
@@ -1,3 +1,9 @@
+openjdk-17 (17.0.9~4ea-1+loong64) unreleased; urgency=medium
+
+  * Add openjdk-17 zero support for loong64
+
+ -- Xuefeng Pan   Wed, 13 Sep 2023 16:36:56 +0800
+
 openjdk-17 (17.0.9~4ea-1) unstable; urgency=medium
 
   * OpenJDK 17.0.9 early access, build 4.
diff --git a/control b/control
index 2172a5d..3513955 100644
--- a/control
+++ b/control
@@ -24,7 +24,7 @@ Vcs-Browser: https://salsa.debian.org/openjdk-team/openjdk/tree/openjdk-17
 Vcs-Git: https://salsa.debian.org/openjdk-team/openjdk.git -b openjdk-17
 
 Package: openjdk-17-jdk-headless
-Architecture: alpha amd64 armel armhf arm64 i386 ia64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
+Architecture: alpha amd64 armel armhf arm64 i386 ia64 loong64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
 Multi-Arch: same
 Pre-Depends: ${dpkg:Depends}
 Depends: openjdk-17-jre-headless (= ${binary:Version}),
@@ -45,7 +45,7 @@ Description: OpenJDK Development Kit (JDK) (headless)
  applets, and components using the Java programming language.
 
 Package: openjdk-17-jre-headless
-Architecture: alpha amd64 armel armhf arm64 i386 ia64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
+Architecture: alpha amd64 armel armhf arm64 i386 ia64 loong64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
 Multi-Arch: same
 Pre-Depends: ${dpkg:Depends}
 Depends: ${jredefault:Depends}, ${cacert:Depends},
@@ -72,7 +72,7 @@ Description: OpenJDK Java runtime, using ${vm:Name} (headless)
  using ${vm:Name}.
 
 Package: openjdk-17-jdk
-Architecture: alpha amd64 armel armhf arm64 i386 ia64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
+Architecture: alpha amd64 armel armhf arm64 i386 ia64 loong64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
 Multi-Arch: same
 Pre-Depends: ${dpkg:Depends}
 Depends: openjdk-17-jre (= ${binary:Version}),
@@ -89,7 +89,7 @@ Description: OpenJDK Development Kit (JDK)
  applets, and components using the Java programming language.
 
 Package: openjdk-17-jre
-Architecture: alpha amd64 armel armhf arm64 i386 ia64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
+Architecture: alpha amd64 armel armhf arm64 i386 ia64 loong64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
 Multi-Arch: same
 Pre-Depends: ${dpkg:Depends}
 Depends: openjdk-17-jre-headless (= ${binary:Version}),
@@ -110,7 +110,7 @@ Description: OpenJDK Java runtime, using ${vm:Name}
  programs, using ${vm:Name}.
 
 Package: openjdk-17-demo
-Architecture: alpha amd64 armel armhf arm64 i386 ia64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
+Architecture: alpha amd64 armel armhf arm64 i386 ia64 loong64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
 Priority: optional
 Pre-Depends: ${dpkg:Depends}
 Depends: openjdk-17-jre (= ${binary:Version}),
@@ -150,7 +150,7 @@ Description: OpenJDK Development Kit (JDK) documentation
  This package contains the API documentation.
 
 Package: openjdk-17-dbg
-Architecture: alpha amd64 armel armhf arm64 i386 ia64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
+Architecture: alpha amd64 armel armhf arm64 i386 ia64 loong64 mips mipsel mips64 mips64el powerpc ppc64 ppc64el m68k riscv64 sh4 sparc sparc64 s390x x32
 Multi-Arch: same
 Priority: optional
 Section: debug
diff --git a/patches/add-basic_machine-in-autoconf-config.patch b/patches/add-basic_machine-in-autoconf-config.patch
new file mode 100644
index 000..1044de3
--- /dev/null
+++ b/patches/add-basic_machine-in-autoconf-config.patch
@@ -0,0 +1,12 @@
+diff --git a/make/autoconf/build-aux/autoconf-config.sub b/make/autoconf/build-aux/autoconf-config.sub
+index 1aab2b303e3..df7cfd4034a 100644
+---

Bug#1051905: jpeg-xl: Please add support for Loongarch

2023-09-13 Thread yalingfang 

Package: jpeg-xl

Version: 0.7.0-10
Severity: normal
Tags: patch
User: debian-de...@lists.debian.org
Usertags: loongarch64

Dear maintainers,

  When I compiled jpeg-xl for loongarch architecture, it reported case 
fail for lack for depency app.


We have added loongarch architecture support for jpeg-xl , the patch
can be found in the attachment.

 If you have any questions, you can contact me at any time.
diff --git a/debian/control b/debian/control
index ca93aea..b3683cd 100644
--- a/debian/control
+++ b/debian/control
@@ -7,7 +7,7 @@ Standards-Version: 4.6.2
 Build-Depends: asciidoc-base,
cmake (>= 3.10),
debhelper (>= 11),
-   default-jdk [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el s390x alpha ia64 m68k powerpc ppc64 riscv64 sh4 sparc64 x32],
+   default-jdk [amd64 arm64 armel armhf i386 loong64 mips64el mipsel ppc64el s390x alpha ia64 m68k powerpc ppc64 riscv64 sh4 sparc64 x32],
docbook-xml,
help2man,
libavif-dev (>= 0.10.1),
@@ -15,7 +15,7 @@ Build-Depends: asciidoc-base,
libgflags-dev,
libgif-dev (>= 5.1),
libgmock-dev ,
-   libgoogle-perftools-dev [amd64 arm64 armel armhf i386 mips64el mipsel ppc64el s390x kfreebsd-amd64 kfreebsd-i386 powerpc ppc64 riscv64],
+   libgoogle-perftools-dev [amd64 arm64 armel armhf i386 loong64 mips64el mipsel ppc64el s390x kfreebsd-amd64 kfreebsd-i386 powerpc ppc64 riscv64],
libgtest-dev ,
libhwy-dev (>= 1.0.2),
libjpeg-dev,
@@ -108,7 +108,7 @@ Description: JPEG XL Image Coding System - "JXL" (dev command line utility)
  This package installs the devtools command line utilities.
 
 Package: libjpegxl-java
-Architecture: amd64 arm64 armel armhf i386 mips64el mipsel ppc64el s390x alpha ia64 m68k powerpc ppc64 riscv64 sh4 sparc64 x32
+Architecture: amd64 arm64 armel armhf i386 loong64 mips64el mipsel ppc64el s390x alpha ia64 m68k powerpc ppc64 riscv64 sh4 sparc64 x32
 Section: java
 Depends: ${java:Depends}, ${misc:Depends}, ${shlibs:Depends}
 Suggests: java-virtual-machine
diff --git a/debian/rules b/debian/rules
index e364ac1..89456c2 100755
--- a/debian/rules
+++ b/debian/rules
@@ -3,14 +3,14 @@
 include /usr/share/dpkg/default.mk
 
 # keep same order as https://buildd.debian.org/status/package.php?p=google-perftools=sid
-TCMALLOC_ARCHS=amd64 arm64 armel armhf i386 mips64el mipsel ppc64el s390x kfreebsd-amd64 kfreebsd-i386 powerpc ppc64 riscv64
+TCMALLOC_ARCHS=amd64 arm64 armel armhf i386 loong64 mips64el mipsel ppc64el s390x kfreebsd-amd64 kfreebsd-i386 powerpc ppc64 riscv64
 ifeq ($(DEB_HOST_ARCH),$(filter $(DEB_HOST_ARCH),$(TCMALLOC_ARCHS)))
   ENABLE_TCMALLOC=ON
 else
   ENABLE_TCMALLOC=OFF
 endif
 
-JAVA_ARCHS=amd64 arm64 armel armhf i386 mips64el mipsel ppc64el s390x alpha ia64 m68k powerpc ppc64 riscv64 sh4 sparc64 x32
+JAVA_ARCHS=amd64 arm64 armel armhf i386 loong64 mips64el mipsel ppc64el s390x alpha ia64 m68k powerpc ppc64 riscv64 sh4 sparc64 x32
 ifeq ($(DEB_HOST_ARCH),$(filter $(DEB_HOST_ARCH),$(JAVA_ARCHS)))
   ENABLE_JNI=ON
 else

Bug#1051901: 1.2.10 breaks ability to play audio using i386 binaries on amd64 host

2023-09-13 Thread Antoine Le Gonidec 

I ran more tests, and could reproduce what I think is the same bug without 
relying on WINE.

Trying to play an audio file using mpv:i386 [1] on an amd64 host causes a 
segfault. While mpv:amd64 has no issue.

[1]: https://packages.debian.org/sid/mpv

I think the problem might actually be related to trying to play sounds using 
any i386 binary (so the i386 libasound.so.2) on an amd64 host.


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1050929: telegram-desktop: System window decorations disabled on Wayland after 4.9.3

2023-09-13 Thread z411 

Hi, thanks again for your reply.

On Tue, 12 Sep 2023 14:25:21 +0300 Nicholas Guriev  
wrote:

Since version 4.8.3 Telegram Desktop needs Qt6 for complete Wayland
integration.  Although, our package is build against Qt5 yet. Some plugins that
tdesktop relies on were not built against the latest Qt, and migration was
postponed.


I see, so it has to do with Qt6 after all. I spoke with one of the 
upstream maintainers and he was suspicious of the Qt5 dependency.



You are right but this protocol is an optional part of Wayland. KWin in KDE
Plasma implements the protocol, Mutter in GNOME does not.


Yes, I am aware. I've been using Kwin/KDE for a full year on Wayland 
with almost no issues (its implementation of the protocol is great) so I 
was surprised this became an issue suddenly - but now that you mention 
Qt6, it all makes sense.



Of course, you always can force native Wayland but at your own risk. I will
also add a patch restoring the checkbox in all modes.


That would be great. I didn't experience any issues with Wayland so far 
even in its current state so it'd be great if you could restore the 
checkbox for now until the transition to Qt6 is complete.


As this is not really a bug but a side effect of an ongoing transition 
please feel free to close this report. Thank you for the explanation.

Bug#1051903: gparted: Warning symbol when formatting in FAT32 in all removable disks

2023-09-13 Thread jpedro 
Package: gparted
Version: 1.2.0-1
Severity: important
X-Debbugs-Cc: jpncano...@gmail.com

Dear Maintainer,


   * What led up to the situation?
Creating or formating fat32 partitions in any removable disk (usb disks
and SD  cards) shows a warning symbol. At the information menu appears
to be a possible bad disk. Also the disk is not properly formatted or
the partition not properly created.
If I format the disks in another different operating system, the drives
are okayand works properly

   * What exactly did you do (or not do) that was effective (or ineffective)?
Avoid Fat32 and formatting or creating partitions in any other
filesystem.
Ext4 or NTFS works fine.
Also tried fdisk tool with exactly same result.
I have 3 machines with debian 10, 11 and 12 respectively with same
issue.

   * What was the outcome of this action?
Fat32 shows warning symbol and drive is unusable.
NTFS/Ext or any other works fine.
Also, I had to force reloading systemctl daemon because once this issue
happens, I  can't see any drive inserted.

   * What outcome did you expect instead?
Format drives in Fat32


-- System Information:
Debian Release: 11.7
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500,
'oldstable-proposed-updates'), (500, 'oldstable')
Architecture: i386 (i686)

Kernel: Linux 5.10.0-25-686-pae (SMP w/1 CPU thread)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8), LANGUAGE not
set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gparted depends on:
ii  gparted-common1.2.0-1
ii  libatkmm-1.6-1v5  2.28.0-3
ii  libc6 2.31-13+deb11u6
ii  libcairomm-1.0-1v51.12.2-4
ii  libgcc-s1 10.2.1-6
ii  libglib2.0-0  2.66.8-1
ii  libglibmm-2.4-1v5 2.64.2-2
ii  libgtk-3-03.24.24-4+deb11u3
ii  libgtkmm-3.0-1v5  3.24.2-2
ii  libpangomm-1.4-1v52.42.1-1
ii  libparted-fs-resize0  3.4-1
ii  libparted23.4-1
ii  libsigc++-2.0-0v5 2.10.4-2
ii  libstdc++610.2.1-6
ii  libuuid1  2.36.1-8+deb11u1
ii  policykit-1   0.105-31+deb11u1

gparted recommends no packages.

Versions of packages gparted suggests:
pn  dmraid 
ii  dmsetup2:1.02.175-2.1
ii  dosfstools 4.2-1
ii  e2fsprogs  1.46.2-2
ii  gpart  1:0.3-8
pn  jfsutils   
pn  kpartx 
pn  mtools 
ii  ntfs-3g1:2017.3.23AR.3-4+deb11u3
pn  reiser4progs   
pn  reiserfsprogs  
pn  udftools   
pn  xfsprogs   
ii  yelp   3.38.3-1

Bug#1051902: bullseye-pu: package dpkg/1.20.13

2023-09-13 Thread Guillem Jover 
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: d...@packages.debian.org
Control: affects -1 + src:dpkg

Hi!

[ Reason ]

This update backports the loong64 arch support as requested in #1051763
because some of the Debian infra is still using bullseye. There's also
a fix for a segfault on virtual field formatting which is rather easy
to trigger for packages that are known to dpkg, but are not installed,
such as virtual packages or references from Recommends or Suggests,
which was also included in the 1.21.22 pre-approval request included
in bookworm. And finally a fix for a memory leak, included in 1.22.0
in unstable.

[ Impact ]

- If the loong64 arch is not supported in oldstable, packages and
  infra will not be able to add support for it.
- Easy to trigger segfault.
- Memory leak.

[ Tests ]

The arch addition and the segfault fix have tests. The memory leak
was detected by gcc ASAN, but it is trivial to verify. These pass
all dpkg unit test and functional tests, which are part of its release
process.

[ Risks ]

As part of the segfault backport, I also cherry-picked a minor
refactoring change that was required by another commit adding unit
tests for the module involved (which is required by the first
cherry-pick), but that should give better test coverage.

The two other changes seem rather low risk.

[ Checklist ]

  [√] *all* changes are documented in the d/changelog
  [√] I reviewed all changes and I approve them
  [√] attach debdiff against the package in (old)stable
  [√] the issue is verified as fixed in unstable

[ Changes ]

The git log is included in the debdiff, which I'm attaching in its full
compressed form with no filtering applied, but you might want to
filterdiff with:

  xzcat dpkg-1.20.12-1.20.13.debdiff.xz |
filterdiff --exclude '*.po' --exclude '*.pot' \
   --exclude '*/man/*/*.pod' \
   --exclude '*/testsuite' --exclude '*/t-func/*.m4' \
   --exclude '*/Makefile.in' \
   --exclude '*/configure'

Thanks,
Guillem


dpkg-1.20.12-1.20.13.debdiff.xz
Description: application/xz

Bug#1051523: Doxygen changes breaks krb5 documentation build

2023-09-13 Thread Greg Hudson 

On 9/12/23 03:01, Paolo Greppi wrote:

This may well be a doxygen bug, can anybody tell if there is any pattern?


I believe this is a deliberate behavior change in Doxygen 1.9.7, made to 
address a problem affecting a different doxygen-to-RST converter:


  https://github.com/doxygen/doxygen/pull/9797
  https://github.com/doxygen/doxygen/issues/8790

(doxyrest doesn't appear to be packaged by Debian, or I'd investigate 
whether we could use it instead of the current homegrown bridge.  But 
that would be a longer-term change anyway.)


Although it might be difficult to modify the current scripts to handle 
this change, the deduplication only arises because of @group 
declarations in krb5.hin, which don't have any effect on the generated 
RST files.  I have filed a PR to remove these and the associated @ref 
declarations:


  https://github.com/krb5/krb5/pull/1316

Bug#1051901: libasound2: 1.2.10 breaks ability to run i386 WINE on an amd64 host

2023-09-13 Thread Antoine Le Gonidec 
Package: libasound2
Version: 1.2.10-1
Severity: important

Since the alsa-lib 1.2.9-2 → 1.2.10 upgrade, trying to run an i386 game
through WINE results in a game crash. This is not specific to some game,
it happened with all games I tried with this release of alsa-lib.

amd64 WINE does not seem to be affected, during my tests the breakages
were specifif to i386 WINE.

As an extra symptom, if at the moment I try to start a game I have some
music playing in the background, using mpd [1], the playback will stop
and mpd will start using 100% of a CPU core until it is killed.

[1]: https://packages.debian.org/sid/mpd

Downgrading libasound2:amd64, libasound2:i386 and libasound2-data to
1.2.9-2 seems to get rid of these unexpected crashes. The other packages
built from the alsa-lib source can stay in the 1.2.10-1 version with no
noticeable breakage.

PS: I wanted to report this bug with severity "serious" due to the
breakage of other software, but reportbug would not let me do that
without quoting some part of the Debian Policy Manual, and I could not
find anything in this manual about not breaking unrelated software.

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 
'stable-debug'), (500, 'oldstable-debug'), (500, 'unstable'), (500, 'testing'), 
(500, 'stable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.4.0-4-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libasound2 depends on:
ii  libasound2-data  1.2.10-1
ii  libc62.37-8

libasound2 recommends no packages.

Versions of packages libasound2 suggests:
ii  libasound2-plugins  1.2.7.1-1+b1

-- no debconf information

Bug#1051900: ohcount: aborts with segfaul or bus error 90% of the time on arm64

2023-09-13 Thread Antonio Terceiro 
Package: ohcount
Version: 4.0.0-3
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: debian-...@lists.debian.org

Dear Maintainer,

ohcount segfaults (and sometimes aborts with a Bus error) on arm64,
almost 90% of the time. I tried this on an up to date arm64 Debian
testing against the hexchat source code, but it's also reproducible on
the ohcount source code itself. The same test, when performced on an up
to date amd64 Debian testing, finishes successfully 100% of the time.

For example this is a sample session with 10 runs against the source of
ohcount itself:

$ ohcount
Examining 1192 file(s)
Segmentation fault
$ ohcount
Examining 1192 file(s)
Bus error
$ ohcount
Examining 1192 file(s)
Bus error
$ ohcount
Examining 1192 file(s)
Bus error
$ ohcount
Examining 1192 file(s)
Bus error
$ ohcount
Examining 1192 file(s)
Segmentation fault
$ ohcount
Examining 1192 file(s)
Segmentation fault
$ ohcount
Examining 1192 file(s)
Segmentation fault
$ ohcount
Examining 1192 file(s)
Segmentation fault
$ ohcount
Examining 1192 file(s)
Bus error

-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: arm64 (aarch64)

Kernel: Linux 6.4.0-3-arm64 (SMP w/32 CPU threads)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ohcount depends on:
ii  file   1:5.45-2
ii  libc6  2.37-7
ii  libmagic1  1:5.45-2
ii  libpcre3   2:8.39-15
ii  ruby   1:3.1
ii  ruby-diff-lcs  1.5.0-1

ohcount recommends no packages.

Versions of packages ohcount suggests:
pn  ohcount-doc  

-- no debconf information


signature.asc
Description: PGP signature

Bug#1051862: (Debian) Bug#1051862: server flooded with xen_mc_flush warnings with xen 4.17 + linux 6.1

2023-09-13 Thread Hans van Kranenburg 
Hi Radoslav,

Thanks for your report...

Hi Juergen, Boris and xen-devel,

At Debian, we got the report below. (Also at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051862)

This hardware, with only Xen and Dom0 running is hitting the failed
multicall warning and logging in arch/x86/xen/multicalls.c. Can you help
advise what we can do to further debug this issue?

Since this looks like pretty low level Xen/hardware stuff, I'd rather
ask upstream for directions first. If needed the Debian Xen Team can
assist the end user with the debugging process.

Thanks,

More reply inline...

On 9/13/23 20:12, Radoslav Bodó wrote:
> Package: xen-system-amd64
> Version: 4.17.1+2-gb773c48e36-1
> Severity: important
> 
> Hello,
> 
> after upgrade from Bullseye to Bookworm one of our dom0's
> became unusable due to logs/system being continuously flooded
> with warnings from arch/x86/xen/multicalls.c:102 xen_mc_flush, and the 
> system become unusable.
> 
> The issue starts at some point where system services starts to come up, 
> but nothing very special is on that box (dom0, nftables, fail2ban, 
> prometheus-node-exporter, 3x domU). We have tried to disable all domU's 
> and fail2ban as the name of the process would suggest, but issue is 
> still present. We have tried also some other elaboration but none of 
> them have helped so far:
> 
> * the issue arise when xen 4.17 + linux >= 6.1 is booted
> * xen + bookworm-backports linux-image-6.4.0-0.deb12.2-amd64 have same isuue
> * without xen hypervisor, linux 6.1 runs just fine
> * systemrescue cd boot and xfs_repair rootfs did not helped
> * memtest seem to be fine running for hours

Thanks for already trying out all these combinations.

> As a workaround we have booted xen 4.17 + linux 5.10.0-25 (5.10.191-1)
> and the system is running fine as for last few months.
> 
> Hardware:
> * Dell PowerEdge R750xs
> * 2x Intel Xeon Silver 4310 2.1G
> * 256GB RAM
> * PERC H755 Adapter, 12x 18TB HDDs

I have a few quick additional questions already:

1. For clarification.. From your text, I understand that only this one
single server is showing the problem after the Debian version upgrade.
Does this mean that this is the only server you have running with
exactly this combination of hardware (and BIOS version, CPU microcode
etc etc)? Or, is there another one with same hardware which does not
show the problem?

2. Can you reply with the output of 'xl dmesg' when the problem happens?
Or, if the system gets unusable too quick, do you have a serial console
connection to capture the output?

3. To confirm... I understand that there are many of these messages.
Since you pasted only one, does that mean that all of them look exactly
the same, with "1 of 1 multicall(s) failed: cpu 10" "call  1: op=1
arg=[a1a9eb10] result=-22"? Or are there variations? If so, can
you reply with a few different ones?

Since this very much looks like an issue of Xen related code where the
Xen hypervisor, dom0 kernel and hardware has to work together correctly,
(and not a Debian packaging problem) I'm already asking upstream for
advice about what we should/could do next, instead of trying to make a
guess myself.

Thanks,
Hans

> Any help, advice or bug confirmation would be appreciated
> 
> Best regards
> bodik
> 
> 
> (log also in attachment)
> 
> ```
> kernel: [   99.762402] WARNING: CPU: 10 PID: 1301 at 
> arch/x86/xen/multicalls.c:102 xen_mc_flush+0x196/0x220
> kernel: [   99.762598] Modules linked in: nvme_fabrics nvme_core bridge 
> xen_acpi_processor xen_gntdev stp llc xen_evtchn xenfs xen_privcmd 
> binfmt_misc intel_rapl_msr ext4 intel_rapl_common crc16 
> intel_uncore_frequency_common mbcache ipmi_ssif jbd2 nfit libnvdimm 
> ghash_clmulni_intel sha512_ssse3 sha512_generic aesni_intel acpi_ipmi 
> nft_ct crypto_simd cryptd mei_me mgag200 ipmi_si iTCO_wdt intel_pmc_bxt 
> ipmi_devintf drm_shmem_helper dell_smbios nft_masq iTCO_vendor_support 
> isst_if_mbox_pci drm_kms_helper isst_if_mmio dcdbas mei intel_vsec 
> isst_if_common dell_wmi_descriptor wmi_bmof watchdog pcspkr 
> intel_pch_thermal ipmi_msghandler i2c_algo_bit acpi_power_meter button 
> nft_nat joydev evdev sg nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 
> nf_defrag_ipv4 nf_tables nfnetlink drm fuse loop efi_pstore configfs 
> ip_tables x_tables autofs4 xfs libcrc32c crc32c_generic hid_generic 
> usbhid hid dm_mod sd_mod t10_pi crc64_rocksoft crc64 crc_t10dif 
> crct10dif_generic ahci libahci xhci_pci libata xhci_hcd
> kernel: [   99.762633]  megaraid_sas tg3 crct10dif_pclmul 
> crct10dif_common crc32_pclmul crc32c_intel bnxt_en usbcore scsi_mod 
> i2c_i801 libphy i2c_smbus usb_common scsi_common wmi
> kernel: [   99.764765] CPU: 10 PID: 1301 Comm: python3 Tainted: G 
> W  6.1.0-12-amd64 #1  Debian 6.1.52-1
> kernel: [   99.764989] Hardware name: Dell Inc. PowerEdge R750xs/0441XG, 
> BIOS 1.8.2 09/14/2022
> kernel: [   99.765214] RIP: e030:xen_mc_flush+0x196/0x220
> kernel: [   99.765436] Code: e2 06 48 01 da 85 c0 0f

Bug#1051856: game-data-packager: SyntaxError: invalid syntax: match self.game.shortname

2023-09-13 Thread Patrice Duroux 
Only python 3.11 is there but yes pypy3 is also installed:

Thanks,
Patrice

In details:
#apt --installed list | grep ^py

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

pyhoca-cli/unstable,unstable,now 0.6.1.2-2 all  [installé, automatique]
pypy3-lib/unstable,now 7.3.12+dfsg-1 amd64  [installé, automatique]
pypy3/unstable,now 7.3.12+dfsg-1 amd64  [installé]
python-apt-common/unstable,unstable,now 2.6.0 all  [installé, automatique]
python-babel-localedata/unstable,unstable,now 2.10.3-1 all  [installé,
automatique]
python-biopython-doc/unstable,unstable,now 1.81+dfsg-1 all  [installé]
python3-adal/unstable,unstable,now 1.2.7-2 all  [installé, automatique]
python3-aiohttp/unstable,now 3.8.5-1 amd64  [installé, automatique]
python3-aiosignal/unstable,unstable,now 1.3.1-1 all  [installé, automatique]
python3-anyio/unstable,unstable,now 3.7.0-1 all  [installé, automatique]
python3-appdirs/unstable,unstable,now 1.4.4-4 all  [installé, automatique]
python3-apt/unstable,now 2.6.0 amd64  [installé, automatique]
python3-arcp/unstable,unstable,now 0.2.1-6 all  [installé, automatique]
python3-argcomplete/unstable,unstable,now 2.0.0-1 all  [installé, automatique]
python3-asgiref/unstable,unstable,now 3.7.2-1 all  [installé, automatique]
python3-async-timeout/unstable,unstable,now 4.0.3-1 all  [installé, automatique]
python3-attr/unstable,unstable,now 23.1.0-2 all  [installé, automatique]
python3-avahi/unstable,now 0.8-11 amd64  [installé, automatique]
python3-avro/unstable,unstable,now 1.11.1+dfsg-2 all  [installé, automatique]
python3-azure-storage/unstable,unstable,now 20230705+git-1 all  [installé]
python3-azure/unstable,unstable,now 20230705+git-1 all  [installé]
python3-babel/unstable,unstable,now 2.10.3-1 all  [installé, automatique]
python3-bcrypt/unstable,now 3.2.2-1 amd64  [installé, automatique]
python3-biopython/unstable,now 1.81+dfsg-1 amd64  [installé, automatique]
python3-blinker/unstable,unstable,now 1.6.2-1 all  [installé, automatique]
python3-boto3/unstable,unstable,now 1.26.155+dfsg-1 all  [installé, automatique]
python3-botocore/unstable,unstable,now 1.29.155+repack-1 all
[installé, automatique]
python3-breezy/unstable,now 3.3.4-1 amd64  [installé]
python3-brlapi/unstable,now 6.6-4 amd64  [installé, automatique]
python3-brotli/unstable,now 1.0.9-2+b6 amd64  [installé, automatique]
python3-bs4/unstable,unstable,now 4.12.2-2 all  [installé]
python3-build/unstable,unstable,now 0.10.0-1 all  [installé, automatique]
python3-buildlog-consultant/unstable,unstable,now 0.0.34-1 all
[installé, automatique]
python3-cachecontrol/unstable,unstable,now 0.13.1-1 all  [installé, automatique]
python3-cachetools/unstable,unstable,now 5.3.0-2 all  [installé, automatique]
python3-cairo/unstable,now 1.24.0-2 amd64  [installé, automatique]
python3-certifi/unstable,unstable,now 2022.9.24-1 all  [installé, automatique]
python3-cffi-backend/unstable,now 1.15.1-5+b1 amd64  [installé]
python3-chardet/unstable,unstable,now 5.2.0+dfsg-1 all  [installé]
python3-charset-normalizer/unstable,unstable,now 3.2.0-1 all
[installé, automatique]
python3-click/unstable,unstable,now 8.1.6-1 all  [installé, automatique]
python3-colorama/unstable,unstable,now 0.4.6-4 all  [installé, automatique]
python3-coloredlogs/unstable,unstable,now 15.0.1-1 all  [installé, automatique]
python3-configargparse/unstable,unstable,now 1.5.3-1 all  [installé,
automatique]
python3-configobj/unstable,unstable,now 5.0.8-2 all  [installé, automatique]
python3-connection-pool/unstable,unstable,now 0.0.3-2 all  [installé,
automatique]
python3-contextlib2/unstable,unstable,now 0.6.0.post1-3 all
[installé, automatique]
python3-cryptography/unstable,now 38.0.4-4 amd64  [installé, automatique]
python3-cssselect/unstable,unstable,now 1.2.0-2 all  [installé, automatique]
python3-cups/unstable,now 2.0.1-5+b4 amd64  [installé, automatique]
python3-cupshelpers/unstable,unstable,now 1.5.18-1 all  [installé, automatique]
python3-cwl-utils/unstable,unstable,now 0.29-1 all  [installé, automatique]
python3-dateutil/unstable,unstable,now 2.8.2-3 all  [installé, automatique]
python3-datrie/unstable,now 0.8.2-4+b1 amd64  [installé, automatique]
python3-dbus/unstable,now 1.3.2-5 amd64  [installé, automatique]
python3-debian/unstable,unstable,now 0.1.49 all  [installé, automatique]
python3-debianbts/unstable,unstable,now 4.0.1 all  [installé, automatique]
python3-debmutate/unstable,unstable,now 0.67 all  [installé]
python3-decorator/unstable,unstable,now 5.1.1-4 all  [installé, automatique]
python3-defusedxml/unstable,unstable,now 0.7.1-2 all  [installé, automatique]
python3-dev/unstable,now 3.11.4-5+b1 amd64  [installé, automatique]
python3-distro-info/unstable,unstable,now 1.5 all  [installé, automatique]
python3-distro/unstable,unstable,now 1.8.0-1 all  [installé, automatique]
python3-distutils/unstable,unstable,now 3.11.5-1 all  [installé, automatique]
python3-dnspython/unstable,unstable,now 2.4.2-1 all  [installé]

Bug#842335: ITP: mint-themes -- A collection of Mint themes

2023-09-13 Thread Fabio Fantoni 

Il 13/09/2023 23:05, Arturo Ingenito ha scritto:
Thank you for adding mint-themes but I think we need another package 
to fit full mint theme.
I noticed mint-themes doesn't cutomize the cursor which is specified 
by mint-cursor-themes.

Could you add this?
https://github.com/linuxmint/mint-cursor-themes


Hi, the main cursor theme (bibata) was already packages in debian (not 
by cinnamon team) and conflict with this package, as specified in 
https://github.com/linuxmint/mint-cursor-themes/issues/2


at the moment I don't see any particular interest in bringing the mint 
cursor package to Debian (modified by removing the already present and 
conflicting half)


I would like to complete the mint-theme but unfortunately it is blocked 
by mint-x-icons on which I have licensing doubts and icon problems with 
trademarks 
(https://github.com/linuxmint/mint-x-icons/issues/198#issuecomment-1598702838)


there was no news and I no longer invested time in it

the license probably can be acceptable the GPL-3, same of from was 
forked but about check and doing a patch that remove all icons with 
trademarks issue may require big time (I'm not sure is ok only the list 
from faenza theme)


but any help to proceed would be welcome if anyone wanted



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1032647: Keeping 525.105.17-1 for bookworm?

2023-09-13 Thread Andreas Beckmann 

On 14/08/2023 10.24, attilio giuseppe carolillo wrote:

when do you think 535 drivers will be available in Sid/experimental?


I expect new upstream releases for the 470/525 series end of September 
which I'd like to get into the next Debian (old)stable point releases in 
October. Thereafter I'll look into 535 for sid.


Andreas

Bug#1051899: qemu: CVE-2023-42467

2023-09-13 Thread Moritz Mühlenhoff 
Source: qemu
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for qemu.

CVE-2023-42467[0]:
| QEMU through 8.0.0 could trigger a division by zero in
| scsi_disk_reset in hw/scsi/scsi-disk.c because
| scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize
| from being 256. This stops QEMU and the guest immediately.

https://gitlab.com/qemu-project/qemu/-/issues/1813


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-42467
https://www.cve.org/CVERecord?id=CVE-2023-42467

Please adjust the affected versions in the BTS as needed.

Bug#1051898: radare2: CVE-2023-4322

2023-09-13 Thread Moritz Mühlenhoff 
Source: radare2
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for radare2.

CVE-2023-4322[0]:
| Heap-based Buffer Overflow in GitHub repository radareorg/radare2
| prior to 5.9.0.

https://github.com/radareorg/radare2/commit/ba919adb74ac368bf76b150a00347ded78b572dd
https://huntr.dev/bounties/06e2484c-d6f1-4497-af67-26549be9fffd

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-4322
https://www.cve.org/CVERecord?id=CVE-2023-4322

Please adjust the affected versions in the BTS as needed.

Bug#1051897: ansible: CVE-2023-4380

2023-09-13 Thread Moritz Mühlenhoff 
Source: ansible
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for ansible.

CVE-2023-4380[0]:
https://bugzilla.redhat.com/show_bug.cgi?id=2232324 is the only
reference so far

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-4380
https://www.cve.org/CVERecord?id=CVE-2023-4380

Please adjust the affected versions in the BTS as needed.

Bug#1051896: rkhunter: CVE-2023-4413

2023-09-13 Thread Moritz Mühlenhoff 
Source: rkhunter
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for rkhunter.

CVE-2023-4413[0]:
| A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6. It
| has been classified as problematic. Affected is an unknown function
| of the file /var/log/rkhunter.log. The manipulation leads to
| sensitive information in log files. An attack has to be approached
| locally. The complexity of an attack is rather high. The
| exploitability is told to be difficult. The exploit has been
| disclosed to the public and may be used. The identifier of this
| vulnerability is VDB-237516.

https://gist.github.com/MatheuZSecurity/16ef0219db8f85f49f945a25d5eb42d7


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-4413
https://www.cve.org/CVERecord?id=CVE-2023-4413

Please adjust the affected versions in the BTS as needed.

Bug#1051895: libsass: CVE-2022-43358

2023-09-13 Thread Moritz Mühlenhoff 
Source: libsass
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for libsass.

CVE-2022-43358[0]:
| Stack overflow vulnerability in ast_selectors.cpp: in function
| Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218,
| which can be exploited by attackers to cause a denial of service
| (DoS).

https://github.com/sass/libsass/issues/3178

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-43358
https://www.cve.org/CVERecord?id=CVE-2022-43358

Please adjust the affected versions in the BTS as needed.

Bug#1051894: libsass: CVE-2022-26592

2023-09-13 Thread Moritz Mühlenhoff 
Source: libsass
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for libsass.

CVE-2022-26592[0]:
| Stack Overflow vulnerability in libsass 3.6.5 via the
| CompoundSelector::has_real_parent_ref function.

https://github.com/sass/libsass/issues/3174

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-26592
https://www.cve.org/CVERecord?id=CVE-2022-26592

Please adjust the affected versions in the BTS as needed.

Bug#1051893: libsass: CVE-2022-43357

2023-09-13 Thread Moritz Mühlenhoff 
Source: libsass
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for libsass.

CVE-2022-43357[0]:
| Stack overflow vulnerability in ast_selectors.cpp in function
| Sass::CompoundSelector::has_real_parent_ref in
| libsass:3.6.5-8-g210218, which can be exploited by attackers to
| causea denial of service (DoS). Also affects the command line driver
| for libsass, sassc 3.6.2.

https://github.com/sass/libsass/issues/3177

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-43357
https://www.cve.org/CVERecord?id=CVE-2022-43357

Please adjust the affected versions in the BTS as needed.

Bug#1051892: firmware-nonfree: CVE-2022-27635 CVE-2022-36351 CVE-2022-38076 CVE-2022-40964 CVE-2022-46329

2023-09-13 Thread Moritz Mühlenhoff 
Source: firmware-nonfree
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerabilities were published for firmware-nonfree, all
fixed in linux-firmware/20230804 :

CVE-2022-27635[0]:
| Improper access control for some Intel(R) PROSet/Wireless WiFi and
| Killer(TM) WiFi software may allow a privileged user to potentially
| enable escalation of privilege via local access.

CVE-2022-36351[1]:
| Improper input validation in some Intel(R) PROSet/Wireless WiFi and
| Killer(TM) WiFi software may allow an unauthenticated user to
| potentially enable denial of service via adjacent access.

CVE-2022-38076[2]:
| Improper input validation in some Intel(R) PROSet/Wireless WiFi and
| Killer(TM) WiFi software may allow an authenticated user to
| potentially enable escalation of privilege via local access.

CVE-2022-40964[3]:
| Improper access control for some Intel(R) PROSet/Wireless WiFi and
| Killer(TM) WiFi software may allow a privileged user to potentially
| enable escalation of privilege via local access.

CVE-2022-46329[4]:
| Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi
| software may allow a privileged user to potentially enable
| escalation of privilege via local access.

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-27635
https://www.cve.org/CVERecord?id=CVE-2022-27635
[1] https://security-tracker.debian.org/tracker/CVE-2022-36351
https://www.cve.org/CVERecord?id=CVE-2022-36351
[2] https://security-tracker.debian.org/tracker/CVE-2022-38076
https://www.cve.org/CVERecord?id=CVE-2022-38076
[3] https://security-tracker.debian.org/tracker/CVE-2022-40964
https://www.cve.org/CVERecord?id=CVE-2022-40964
[4] https://security-tracker.debian.org/tracker/CVE-2022-46329
https://www.cve.org/CVERecord?id=CVE-2022-46329

Please adjust the affected versions in the BTS as needed.

Bug#1051891: libsndfile: CVE-2022-33065

2023-09-13 Thread Moritz Mühlenhoff 
Source: libsndfile
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for libsndfile.

CVE-2022-33065[0]:
| Multiple signed integers overflow in function au_read_header in
| src/au.c and in functions mat4_open and mat4_read_header in
| src/mat4.c in Libsndfile, allows an attacker to cause Denial of
| Service or other unspecified impacts.

https://github.com/libsndfile/libsndfile/issues/833
https://github.com/libsndfile/libsndfile/issues/789

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-33065
https://www.cve.org/CVERecord?id=CVE-2022-33065

Please adjust the affected versions in the BTS as needed.

Bug#1051890: libsndfile: CVE-2022-33064

2023-09-13 Thread Moritz Mühlenhoff 
Source: libsndfile
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerability was published for libsndfile.

CVE-2022-33064[0]:
| An off-by-one error in function wav_read_header in src/wav.c in
| Libsndfile 1.1.0, results in a write out of bound, which allows an
| attacker to execute arbitrary code, Denial of Service or other
| unspecified impacts.

https://github.com/libsndfile/libsndfile/issues/832

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-33064
https://www.cve.org/CVERecord?id=CVE-2022-33064

Please adjust the affected versions in the BTS as needed.

Bug#1051889: freeimage: CVE-2020-22524

2023-09-13 Thread Moritz Mühlenhoff 
Source: freeimage
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for freeimage.

CVE-2020-22524[0]:
| Buffer Overflow vulnerability in FreeImage_Load function in
| FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial
| of service via crafted PFM file.

https://sourceforge.net/p/freeimage/bugs/319/
Fixed with r1848 from http://svn.code.sf.net/p/freeimage/svn/FreeImage/


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-22524
https://www.cve.org/CVERecord?id=CVE-2020-22524

Please adjust the affected versions in the BTS as needed.

Bug#842335:

2023-09-13 Thread Arturo Ingenito 
Thank you for adding mint-themes but I think we need another package to fit 
full mint theme.
I noticed mint-themes doesn't cutomize the cursor which is specified by 
mint-cursor-themes.
Could you add this?
https://github.com/linuxmint/mint-cursor-themes
[https://opengraph.githubassets.com/e6a57b8e69bd139e5a97a2ec697b16574827a4055540b64ab2bf49b8f5fe4b2c/linuxmint/mint-cursor-themes]
GitHub - linuxmint/mint-cursor-themes: Mouse cursor 
themes
Mouse cursor themes. Contribute to linuxmint/mint-cursor-themes development by 
creating an account on GitHub.
github.com

Bug#1051888: Should Kino be removed?

2023-09-13 Thread Moritz Muehlenhoff 
Source: kino
Version: 1.3.4+dfsg0-1.1
Severity: serious

Your package came up as a candidate for removal from Debian:
- Dead upstream for a decade
- FTBFS with ffmpeg 5 since 1.5 years (Debian is at ffmpeg 6 by now)
- Depends on various legacy libs (GTK2, Glade)

If you disagree and want to continue to maintain this package,
please just close this bug (and fix the open issues).

If you agree with the removal, please reassign to ftp.debian.org
by sending the following commands to cont...@bugs.debian.org:

--
severity $BUGNUM normal
reassign $BUGNUM ftp.debian.org
retitle $BUGNUM RM:  -- RoM; 
thx
--

Otherwise I'll move forward and request it's removal in a month.

Cheers,
Moritz

Bug#1051887: ecryptfs-utils: Permission denied for wrapped-passphrase

2023-09-13 Thread Olivier Cailloux 
Package: ecryptfs-utils
Version: 111-6
Severity: normal
X-Debbugs-Cc: olivier.caill...@gmail.com

Dear Maintainer,

On my system, the command ecryptfs-migrate-home fails to create a working 
setup, despite following instructions at 
https://wiki.debian.org/TransparentEncryptionForHomeFolder .
When login as the encrypted user, it refuses to mount the encrypted folder, and 
syslog logs: “gdm-password]: Failed to detect wrapped passphrase version: 
Permission denied”.
The command had created a folder /home/.ecryptfs that was only readable by 
root. I added “all” permissions to read and traverse, and the problem was 
solved. I suspect that the command ecryptfs-migrate-home should make sure that 
the folder /home/.ecryptfs/ has the right permissions.

-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ecryptfs-utils depends on:
ii  gettext-base0.21-12
ii  keyutils1.6.3-2
ii  libc6   2.36-9+deb12u1
ii  libecryptfs1111-6
ii  libgpgme11  1.18.0-3+b1
ii  libkeyutils11.6.3-2
ii  libpam-runtime  1.5.2-6
ii  libpam0g1.5.2-6
ii  libtspi10.3.15-0.3

ecryptfs-utils recommends no packages.

Versions of packages ecryptfs-utils suggests:
pn  cryptsetup  
ii  rsync   3.2.7-1

-- no debconf information

Bug#1051886: pyside2: FTBFS with llvm-toolchain-16 as default

2023-09-13 Thread Sebastian Ramacher 
Source: pyside2
Version: 5.15.10-3
Severity: serious
Tags: ftbfs sid trixie
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=pyside2=amd64=5.15.10-3%2Bb1=1694633885=0

In file included from 
/<>/pyside3_build/py3.11-qt5.15.10-64bit-relwithdebinfo/pyside2/PySide2/QtGui/PySide2/QtGui/qdragmoveevent_wrapper.cpp:63:
/<>/pyside3_build/py3.11-qt5.15.10-64bit-relwithdebinfo/pyside2/PySide2/QtGui/PySide2/QtGui/qdragmoveevent_wrapper.h:55:235:
 error: ‘DragMove’ is not a member of ‘QOpenGLShader’
   55 | QDragMoveEventWrapper(const QPoint & pos, QFlags 
actions, const QMimeData * data, QFlags buttons, 
QFlags modifiers, QFlags 
type = QOpenGLShader::DragMove);
  | 


  ^~~~
/<>/pyside3_build/py3.11-qt5.15.10-64bit-relwithdebinfo/pyside2/PySide2/QtGui/PySide2/QtGui/qdragmoveevent_wrapper.cpp:
 In constructor ‘QDragMoveEventWrapper::QDragMoveEventWrapper(const QPoint&, 
QFlags, const QMimeData*, QFlags, 
QFlags, QFlags)’:
/<>/pyside3_build/py3.11-qt5.15.10-64bit-relwithdebinfo/pyside2/PySide2/QtGui/PySide2/QtGui/qdragmoveevent_wrapper.cpp:103:295:
 error: invalid user-defined conversion from 
‘QFlags’ to ‘QEvent::Type’ [-fpermissive]
  103 | QDragMoveEventWrapper::QDragMoveEventWrapper(const QPoint & pos, 
QFlags actions, const QMimeData * data, QFlags 
buttons, QFlags modifiers, 
QFlags type) : QDragMoveEvent(pos, actions, data, 
buttons, modifiers, type)
  | 


  ^~~~
In file included from /usr/include/x86_64-linux-gnu/qt5/QtCore/qglobal.h:1305,
 from /usr/include/x86_64-linux-gnu/qt5/QtCore/qalgorithms.h:43,
 from /usr/include/x86_64-linux-gnu/qt5/QtCore/qdebug.h:44,
 from /usr/include/x86_64-linux-gnu/qt5/QtCore/QDebug:1,
 from 
/<>/pyside3_build/py3.11-qt5.15.10-64bit-relwithdebinfo/pyside2/PySide2/QtGui/PySide2/QtGui/qdragmoveevent_wrapper.cpp:48:
/usr/include/x86_64-linux-gnu/qt5/QtCore/qflags.h:138:29: note: candidate is: 
‘constexpr QFlags::operator Int() const [with Enum = 
QOpenGLShader::ShaderTypeBit; Int = unsigned int]’ (near match)
  138 | Q_DECL_CONSTEXPR inline operator Int() const noexcept { return i; }
  | ^~~~
/usr/include/x86_64-linux-gnu/qt5/QtCore/qflags.h:138:29: note:   no known 
conversion from ‘QFlags::Int’ {aka ‘unsigned 
int’} to ‘QEvent::Type’
In file included from /usr/include/x86_64-linux-gnu/qt5/QtGui/qtextlayout.h:49,
 from /usr/include/x86_64-linux-gnu/qt5/QtGui/qtextobject.h:46,
 from /usr/include/x86_64-linux-gnu/qt5/QtGui/QTextBlock:1,
 from 
/<>/pyside3_build/py3.11-qt5.15.10-64bit-relwithdebinfo/pyside2/PySide2/QtGui/PySide2/QtGui/pyside2_qtgui_python.h:60,
 from 
/<>/pyside3_build/py3.11-qt5.15.10-64bit-relwithdebinfo/pyside2/PySide2/QtGui/PySide2/QtGui/qdragmoveevent_wrapper.cpp:60:
/usr/include/x86_64-linux-gnu/qt5/QtGui/qevent.h:685:84: note:   initializing 
argument 6 of ‘QDragMoveEvent::QDragMoveEvent(const QPoint&, Qt::DropActions, 
const QMimeData*, Qt::MouseButtons, Qt::KeyboardModifiers, QEvent::Type)’
  685 |Qt::MouseButtons buttons, Qt::KeyboardModifiers 
modifiers, Type type = DragMove);
  | 
  ~^~~
/<>/pyside3_build/py3.11-qt5.15.10-64bit-relwithdebinfo/pyside2/PySide2/QtGui/PySide2/QtGui/qdragmoveevent_wrapper.cpp:
 In function ‘int Sbk_QDragMoveEvent_Init(PyObject*, PyObject*, PyObject*)’:
/<>/pyside3_build/py3.11-qt5.15.10-64bit-relwithdebinfo/pyside2/PySide2/QtGui/PySide2/QtGui/qdragmoveevent_wrapper.cpp:218:73:
 error: ‘DragMove’ is not a member of ‘QOpenGLShader’
  218 | ::QFlags cppArg5 = 
QOpenGLShader::DragMove;
  | 
^~~~
make[3]: *** [PySide2/QtGui/CMakeFiles/QtGui.dir/build.make:559: 
PySide2/QtGui/CMakeFiles/QtGui.dir/PySide2/QtGui/qdragmoveevent_wrapper.cpp.o] 
Error 1
make[3]: *** Waiting for unfinished jobs

Cheers
-- 
Sebastian Ramacher

Bug#1042993: dkms: DKMS fails to build amd64 kernel module in i386 userland

2023-09-13 Thread Andreas Beckmann 

Control: reassign -1 src:linux
Control: affects -1 + src:dkms

On Thu, 03 Aug 2023 19:13:42 -0400 Stefan Monnier  
wrote:

My machine is running Debian testing i386 but with an amd64 kernel
(to make better use of my 8GB of RAM).  I also have `dkms` and `tp-smapi-dkms`
installed.

Until recently this worked fine and built the `tp-smapi` kernel module
for my `amd64` kernel.  But now installation of the
`linux-image-6.4.0-1-amd64:amd64` kernel encounters problems when dkms
tries to build the dkms package.

...> and `/var/lib/dkms/tp_smapi/0.43/build/make.log` says:


DKMS make.log for tp_smapi-0.43 for kernel 6.4.0-1-amd64 (x86_64)
jeu 03 aoû 2023 18:35:09 EDT
make : on entre dans le répertoire « /usr/src/linux-headers-6.4.0-1-amd64 »
  CC [M]  /var/lib/dkms/tp_smapi/0.43/build/thinkpad_ec.o
/bin/bash: ligne 1: x86_64-linux-gnu-gcc-13 : commande introuvable
make[1]: *** [/usr/src/linux-
headers-6.4.0-1-common/scripts/Makefile.build:257 :
/var/lib/dkms/tp_smapi/0.43/build/thinkpad_ec.o] Erreur 127
make[1]: *** Attente des tâches non terminées
  CC [M]  /var/lib/dkms/tp_smapi/0.43/build/tp_smapi.o
/bin/bash: ligne 1: x86_64-linux-gnu-gcc-13 : commande introuvable
make[1]: *** [/usr/src/linux-
headers-6.4.0-1-common/scripts/Makefile.build:257 :
/var/lib/dkms/tp_smapi/0.43/build/tp_smapi.o] Erreur 127
make: *** [/usr/src/linux-headers-6.4.0-1-common/Makefile:2051 :
/var/lib/dkms/tp_smapi/0.43/build] Erreur 2
make : on quitte le répertoire « /usr/src/linux-headers-6.4.0-1-amd64 »


I can reproduce that in a minimal i386 chroot with dkms installed by
running this command:

dpkg --add-architecture amd64 && apt-get update && apt-get install -yf 
linux-headers-amd64 && /usr/lib/dkms/dkms-autopkgtest dkms-test-dkms

This causes the installation if these (foreign) header packages and friends:

Get:1 http://ftp.de.debian.org/debian unstable/main i386 libelf1 i386 0.189-4 
[180 kB]
Get:2 http://ftp.de.debian.org/debian unstable/main i386 
linux-compiler-gcc-13-x86 i386 6.4.13-1 [676 kB]
Get:3 http://ftp.de.debian.org/debian unstable/main i386 
linux-headers-6.4.0-4-common all 6.4.13-1 [9997 kB]
Get:4 http://ftp.de.debian.org/debian unstable/main i386 linux-kbuild-6.4.0-4 
i386 6.4.13-1 [967 kB]
Get:5 http://ftp.de.debian.org/debian unstable/main amd64 
linux-headers-6.4.0-4-amd64 amd64 6.4.13-1 [1214 kB]
Get:6 http://ftp.de.debian.org/debian unstable/main amd64 linux-headers-amd64 
amd64 6.4.13-1 [1416 B]

and dkms fails with

DKMS make.log for dkms_test-1.0 for kernel 6.4.0-4-amd64 (x86_64)
Wed Sep 13 20:27:19 UTC 2023
make: Entering directory '/usr/src/linux-headers-6.4.0-4-amd64'
  CC [M]  /var/lib/dkms/dkms_test/1.0/build/dkms_test.o
/bin/sh: 1: x86_64-linux-gnu-gcc-13: not found
make[1]: *** [/usr/src/linux-headers-6.4.0-4-common/scripts/Makefile.build:257: 
/var/lib/dkms/dkms_test/1.0/build/dkms_test.o] Error 127
make[1]: *** Waiting for unfinished jobs
make: *** [/usr/src/linux-headers-6.4.0-4-common/Makefile:2057: 
/var/lib/dkms/dkms_test/1.0/build] Error 2
make: Leaving directory '/usr/src/linux-headers-6.4.0-4-amd64'

since the wrong package: linux-compiler-gcc-13-x86
is isntalled.


Andreas

PS: I'll add this foreign arch module build to the dkms autopkgtest

Bug#1051885: kdevelop: FTBFS with llvm-toolchain-16 as default

2023-09-13 Thread Sebastian Ramacher 
Source: kdevelop
Version: 4:22.12.2-2
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=kdevelop=amd64=4%3A22.12.2-2%2Bb1=1694630976=0

Typical components:
  all   All LLVM libraries (default).
  engineEither a native JIT or a bitcode interpreter.
CMake Error at cmake/modules/FindClang.cmake:113 (message):
  Could not find Clang builtin directory
Call Stack (most recent call first):
  plugins/CMakeLists.txt:39 (find_package)


-- Configuring incomplete, errors occurred!
cd obj-x86_64-linux-gnu && tail -v -n \+0 CMakeCache.txt

Cheers
-- 
Sebastian Ramacher

Bug#1051884: bullseye-pu: package openssl/1.1.1w-0~deb11u1

2023-09-13 Thread Sebastian Andrzej Siewior 
Package: release.debian.org
Control: affects -1 + src:openssl
User: release.debian@packages.debian.org
Usertags: pu
Tags: bullseye
Severity: normal

OpenSSL upstream released 1.1.1w which the last stable update to the
1.1.1 series because it is EOL since last Monday.
The update is fairly small and contains a few fixes for memory leaks.
The mentioned CVE affects only Windows.

Sebastian
diff -Nru openssl-1.1.1v/appveyor.yml openssl-1.1.1w/appveyor.yml
--- openssl-1.1.1v/appveyor.yml	2023-08-01 15:51:35.0 +0200
+++ openssl-1.1.1w/appveyor.yml	1970-01-01 01:00:00.0 +0100
@@ -1,78 +0,0 @@
-image:
-  - Visual Studio 2017
-
-platform:
-- x64
-- x86
-
-environment:
-fast_finish: true
-matrix:
-- VSVER: 15
-
-configuration:
-- shared
-- plain
-- minimal
-
-before_build:
-- ps: >-
-Install-Module VSSetup -Scope CurrentUser
-- ps: >-
-Get-VSSetupInstance -All
-- ps: >-
-gci env:* | sort-object name
-- ps: >-
-If ($env:Platform -Match "x86") {
-$env:VCVARS_PLATFORM="x86"
-$env:TARGET="VC-WIN32 no-asm --strict-warnings"
-} Else {
-$env:VCVARS_PLATFORM="amd64"
-$env:TARGET="VC-WIN64A-masm"
-}
-- ps: >-
-If ($env:Configuration -Match "shared") {
-$env:SHARED="no-makedepend"
-} ElseIf ($env:Configuration -Match "minimal") {
-$env:SHARED="no-shared no-dso no-makedepend no-aria no-async no-autoload-config no-blake2 no-bf no-camellia no-cast no-chacha no-cmac no-cms no-comp no-ct no-des no-dgram no-dh no-dsa no-dtls no-ec2m no-engine no-filenames no-gost no-idea no-mdc2 no-md4 no-multiblock no-nextprotoneg no-ocsp no-ocb no-poly1305 no-psk no-rc2 no-rc4 no-rmd160 no-seed no-siphash no-sm2 no-sm3 no-sm4 no-srp no-srtp no-ssl3 no-ssl3-method no-ts no-ui-console no-whirlpool no-asm -DOPENSSL_SMALL_FOOTPRINT"
-} Else {
-$env:SHARED="no-shared no-makedepend"
-}
-- call "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvarsall.bat" %VCVARS_PLATFORM%
-- mkdir _build
-- cd _build
-- perl ..\Configure %TARGET% %SHARED%
-- perl configdata.pm --dump
-- cd ..
-- ps: >-
-if (-not $env:APPVEYOR_PULL_REQUEST_NUMBER`
--or ( log -1 $env:APPVEYOR_PULL_REQUEST_HEAD_COMMIT |
- Select-String "\[extended tests\]") ) {
-$env:EXTENDED_TESTS="yes"
-}
-
-build_script:
-- cd _build
-- ps: >-
-If ($env:Configuration -Match "shared" -or $env:EXTENDED_TESTS) {
-cmd /c "nmake build_all_generated 2>&1"
-cmd /c "nmake PERL=no-perl 2>&1"
-}
-- cd ..
-
-test_script:
-- cd _build
-- ps: >-
-If ($env:Configuration -Match "shared" -or $env:EXTENDED_TESTS) {
-if ($env:EXTENDED_TESTS) {
-cmd /c "nmake test V=1 2>&1"
-} Else {
-cmd /c "nmake test V=1 TESTS=-test_fuzz 2>&1"
-}
-}
-- ps: >-
-if ($env:EXTENDED_TESTS) {
-mkdir ..\_install
-cmd /c "nmake install DESTDIR=..\_install 2>&1"
-}
-- cd ..
diff -Nru openssl-1.1.1v/CHANGES openssl-1.1.1w/CHANGES
--- openssl-1.1.1v/CHANGES	2023-08-01 15:51:35.0 +0200
+++ openssl-1.1.1w/CHANGES	2023-09-11 16:08:11.0 +0200
@@ -7,6 +7,30 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1v and 1.1.1w [11 Sep 2023]
+
+ *) Fix POLY1305 MAC implementation corrupting XMM registers on Windows.
+
+The POLY1305 MAC (message authentication code) implementation in OpenSSL
+does not save the contents of non-volatile XMM registers on Windows 64
+platform when calculating the MAC of data larger than 64 bytes. Before
+returning to the caller all the XMM registers are set to zero rather than
+restoring their previous content. The vulnerable code is used only on newer
+x86_64 processors supporting the AVX512-IFMA instructions.
+
+The consequences of this kind of internal application state corruption can
+be various - from no consequences, if the calling application does not
+depend on the contents of non-volatile XMM registers at all, to the worst
+consequences, where the attacker could get complete control of the
+application process. However given the contents of the registers are just
+zeroized so the attacker cannot put arbitrary values inside, the most likely
+consequence, if any, would be an incorrect result of some application
+dependent calculations or a crash leading to a denial of service.
+
+(CVE-2023-4807)
+[Bernd Edlinger]
+
+
  Changes between 1.1.1u and 1.1.1v [1 Aug 2023]
 
  *) Fix excessive time spent checking DH q parameter value.
diff -Nru openssl-1.1.1v/crypto/asn1/ameth_lib.c openssl-1.1.1w/crypto/asn1/ameth_lib.c
---

Bug#1051883: qttools-opensource-src: FTBFS with llvm-toolchain-16 as default

2023-09-13 Thread Sebastian Ramacher 
Source: qttools-opensource-src
Version: 5.15.10-3
Severity: serious
Tags: ftbfs sid trixie
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=qttools-opensource-src=amd64=5.15.10-3%2Bb1=1694632815=0

* Start testing of tst_QtDiag *
Config: Using QtTest library 5.15.10, Qt 5.15.10 (x86_64-little_endian-lp64 
shared (dynamic) release build; by GCC 13.1.0), debian unknown
PASS   : tst_QtDiag::initTestCase()
QDEBUG : tst_QtDiag::run() Launching  "/<>/bin/qtdiag"
QDEBUG : tst_QtDiag::run() 
Qt 5.15.10 (x86_64-little_endian-lp64 shared (dynamic) release build; by GCC 
13.1.0) on "minimal" 
OS: Debian GNU/Linux trixie/sid [linux version 5.10.0-25-amd64]

Architecture: x86_64; features: SSE2 SSE3 SSSE3 SSE4.1 SSE4.2 AVX AVX2

Environment:
  QMAKE="/usr/lib/qt5/bin/qmake"
  QT_PLUGIN_PATH="/usr/lib/x86_64-linux-gnu/qt5/plugins"
  QT_QPA_PLATFORM="minimal"
  QT_QTESTLIB_RUNNING="1"
  QT_SELECT="qt5"

Features: QT_NO_EXCEPTIONS

Library info:
  PrefixPath: /usr
  DocumentationPath: /usr/share/qt5/doc
  HeadersPath: /usr/include/x86_64-linux-gnu/qt5
  LibrariesPath: /usr/lib/x86_64-linux-gnu
  LibraryExecutablesPath: /usr/lib/x86_64-linux-gnu/qt5/libexec
  BinariesPath: /usr/lib/qt5/bin
  PluginsPath: /usr/lib/x86_64-linux-gnu/qt5/plugins
  ImportsPath: /usr/lib/x86_64-linux-gnu/qt5/imports
  Qml2ImportsPath: /usr/lib/x86_64-linux-gnu/qt5/qml
  ArchDataPath: /usr/lib/x86_64-linux-gnu/qt5
  DataPath: /usr/share/qt5
  TranslationsPath: /usr/share/qt5/translations
  ExamplesPath: /usr/lib/x86_64-linux-gnu/qt5/examples
  TestsPath: /usr/tests
  SettingsPath: /etc/xdg

Standard paths [*...* denote writable entry]:
  DesktopLocation: "Desktop" 
*/<>/debian/.debhelper/generated/_source/home/Desktop*
  DocumentsLocation: "Documents" 
*/<>/debian/.debhelper/generated/_source/home/Documents*
  FontsLocation: "Fonts" 
*/<>/debian/.debhelper/generated/_source/home/.local/share/fonts* 
/<>/debian/.debhelper/generated/_source/home/.fonts 
/usr/local/share/fonts /usr/share/fonts
  ApplicationsLocation: "Applications" 
*/<>/debian/.debhelper/generated/_source/home/.local/share/applications*
 /usr/local/share/applications /usr/share/applications
  MusicLocation: "Music" 
*/<>/debian/.debhelper/generated/_source/home/Music*
  MoviesLocation: "Movies" 
*/<>/debian/.debhelper/generated/_source/home/Videos*
  PicturesLocation: "Pictures" 
*/<>/debian/.debhelper/generated/_source/home/Pictures*
  TempLocation: "Temporary Directory" */tmp*
  HomeLocation: "Home" 
*/<>/debian/.debhelper/generated/_source/home*
  AppLocalDataLocation: "Application Data" 
*/<>/debian/.debhelper/generated/_source/home/.local/share/QtProject/qtdiag*
 /usr/local/share/QtProject/qtdiag /usr/share/QtProject/qtdiag
  CacheLocation: "Cache" 
*/<>/debian/.debhelper/generated/_source/home/.cache/QtProject/qtdiag*
  GenericDataLocation: "Shared Data" 
*/<>/debian/.debhelper/generated/_source/home/.local/share* 
/usr/local/share /usr/share
  RuntimeLocation: "Runtime" */tmp/dh-xdg-rundir-ueoJZ1G6*
  ConfigLocation: "Configuration" 
*/<>/debian/.debhelper/generated/_source/home/.config* /etc/xdg
  DownloadLocation: "Download" 
*/<>/debian/.debhelper/generated/_source/home/Downloads*
  GenericCacheLocation: "Shared Cache" 
*/<>/debian/.debhelper/generated/_source/home/.cache*
  GenericConfigLocation: "Shared Configuration" 
*/<>/debian/.debhelper/generated/_source/home/.config* /etc/xdg
  AppDataLocation: "Application Data" 
*/<>/debian/.debhelper/generated/_source/home/.local/share/QtProject/qtdiag*
 /usr/local/share/QtProject/qtdiag /usr/share/QtProject/qtdiag
  AppConfigLocation: "Application Configuration" 
*/<>/debian/.debhelper/generated/_source/home/.config/QtProject/qtdiag*
 /etc/xdg/QtProject/qtdiag

File selectors (increasing order of precedence):
  C unix linux debian

Network:
  Using "OpenSSL 3.0.10 1 Aug 2023", version: 0x30a0

Platform capabilities: ThreadedPixmaps MultipleWindows NonFullScreenWindows 
NativeWidgets WindowManagement

Style hints:
  mouseDoubleClickInterval: 400
  mousePressAndHoldInterval: 800
  startDragDistance: 10
  startDragTime: 500
  startDragVelocity: 0
  keyboardInputInterval: 400
  keyboardAutoRepeatRate: 30
  cursorFlashTime: 1000
  showIsFullScreen: 0
  showIsMaximized: 0
  passwordMaskDelay: 0
  passwordMaskCharacter: U+25CF
  fontSmoothingGamma: 1.7
  useRtlExtensions: 0
  setFocusOnTouchRelease: 0
  tabFocusBehavior: Qt::TabFocusAllControls 
  singleClickActivation: 0

Additional style hints (QPlatformIntegration):
  ReplayMousePressOutsidePopup: 1

Theme:
  Platforms requested : 
available : 
  Styles requested: 
 available: Windows,Fusion
Fonts:
  General font : "Helvetica" 12
  Fixed font   : "Helvetica" 12
  Title font   : "Helvetica" 12
  Smallest font: "Helvetica" 12

Palette:
  QPalette::WindowText: #ff00
  QPalette::Button: #ffefefef
  QPalette::Light:

Bug#1051881: postgresql-15: FTBFS with llvm-toolchain-16 as default

2023-09-13 Thread Sebastian Ramacher 
Source: postgresql-15
Version: 15.4-2
Severity: serious
Tags: ftbfs sid trixie
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=postgresql-15=amd64=15.4-2%2Bb1=1694632271=0

2023-09-13 19:10:56.959 UTC checkpointer[931151] LOG:  checkpoint complete: 
wrote 857 buffers (5.2%); 0 WAL file(s) added, 0 removed, 0 recycled; 
write=0.013 s, sync=0.001 s, total=0.020 s; sync files=0, longest=0.000 s, 
average=0.000 s; distance=9001 kB, estimate=132962 kB
2023-09-13 19:10:57.025 UTC postmaster[931148] LOG:  database system is shut 
down
 build/src/test/regress/regression.out 
test test_setup   ... FAILED  357 ms
test tablespace   ... FAILED  399 ms
parallel group (20 tests):  int8 oid name varchar bit char regproc boolean 
pg_lsn text int4 txid int2 money float8 enum uuid float4 rangetypes numeric
 boolean  ... FAILED  225 ms
 char ... FAILED  214 ms
 name ... FAILED  198 ms
 varchar  ... FAILED  205 ms
 text ... FAILED  239 ms
 int2 ... FAILED  252 ms
 int4 ... FAILED  246 ms
 int8 ... FAILED  182 ms
 oid  ... FAILED  188 ms
 float4   ... FAILED  278 ms
 float8   ... FAILED  260 ms
 bit  ... FAILED  205 ms
 numeric  ... FAILED  604 ms
 txid ... FAILED  244 ms
 uuid ... FAILED  267 ms
 enum ... FAILED  265 ms
 money... FAILED  250 ms
 rangetypes   ... FAILED  601 ms
 pg_lsn   ... FAILED  230 ms
 regproc  ... FAILED  211 ms
parallel group (19 tests):  circle time lseg line numerology point macaddr path 
timetz date macaddr8 inet interval strings polygon multirangetypes box 
timestamp timestamptz
 strings  ... FAILED  307 ms
 numerology   ... FAILED  172 ms
 point... FAILED  183 ms
 lseg ... FAILED  150 ms
 line ... FAILED  167 ms
 box  ... FAILED  436 ms
 path ... FAILED  195 ms
 polygon  ... FAILED  412 ms
 circle   ... FAILED  130 ms
 date ... FAILED  219 ms
 time ... FAILED  136 ms
 timetz   ... FAILED  207 ms
 timestamp... FAILED  535 ms
 timestamptz  ... FAILED  572 ms
 interval ... FAILED  253 ms
 inet ... FAILED  244 ms
 macaddr  ... FAILED  190 ms
 macaddr8 ... FAILED  218 ms
 multirangetypes  ... FAILED  417 ms
parallel group (12 tests):  comments unicode mvcc misc_sanity expressions 
tstypes xid horology geometry type_sanity opr_sanity regex
 geometry ... FAILED  195 ms
 horology ... FAILED  190 ms
 tstypes  ... FAILED  159 ms
 regex... FAILED  608 ms
 type_sanity  ... FAILED  210 ms
 opr_sanity   ... FAILED  462 ms
 misc_sanity  ... FAILED  124 ms
 comments ... FAILED  110 ms
 expressions  ... FAILED  156 ms
 unicode  ... FAILED  118 ms
 xid  ... FAILED  159 ms
 mvcc ... FAILED  118 ms
parallel group (5 tests):  copydml copyselect copy insert_conflict insert
 copy ... FAILED  109 ms
 copyselect   ... FAILED   80 ms
 copydml  ... FAILED   78 ms
 insert   ... FAILED  319 ms
 insert_conflict  ... FAILED  193 ms
parallel group (7 tests):  create_function_c create_type create_schema 
create_operator create_procedure create_misc create_table
 create_function_c... FAILED   65 ms
 create_misc  ... FAILED  121 ms
 create_operator  ... FAILED   98 ms
 create_procedure ... FAILED  100 ms
 create_table ... FAILED  418 ms
 create_type  ...

Bug#1051879: RFS: ncdu/1.19-0.1 [NMU] -- ncurses disk usage viewer

2023-09-13 Thread Christian Göttsche 
Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "ncdu":

 * Package name : ncdu
   Version  : 1.19-0.1
   Upstream contact : Yoran Heling 
 * URL  : https://dev.yorhel.nl/ncdu/
 * License  : Zlib, Expat
   Section  : admin

The source builds the following binary packages:

  ncdu - ncurses disk usage viewer

To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/ncdu/

Alternatively, you can download the package with 'dget' using this command:

  dget -x https://mentors.debian.net/debian/pool/main/n/ncdu/ncdu_1.19-0.1.dsc

Changes since the last upload:

 ncdu (1.19-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * New upstream version 1.19
   * d/patches: drop upstream applied ones

Regards,
-- 
   Christian Göttsche

Bug#1051880: faust: FTBFS with llvm-toolchain-16 as default

2023-09-13 Thread Sebastian Ramacher 
Source: faust
Version: 2.60.3+ds2-1
Severity: serious
Tags: ftbfs sid trixie
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=faust=amd64=2.60.3%2Bds2-1%2Bb1=1694632020=0

mkdir -p __tmp_llvm_lib__/libLLVMCFGuard.dir && cd 
__tmp_llvm_lib__/libLLVMCFGuard.dir && ar -x 
/usr/lib/llvm-16/lib/libLLVMCFGuard.a
make[7]: [Make.llvm.static:56: __tmp_llvm_lib__/libLLVMFrontendOpenACC.dir] 
Error 1 (ignored)
mkdir -p __tmp_llvm_lib__/libLLVMFrontendOpenACC.dir && cd 
__tmp_llvm_lib__/libLLVMFrontendOpenACC.dir && ar -x 
/usr/lib/llvm-16/lib/libLLVMFrontendOpenACC.a
make[7]: [Make.llvm.static:56: __tmp_llvm_lib__/libLLVMFrontendHLSL.dir] Error 
1 (ignored)
mkdir -p __tmp_llvm_lib__/libLLVMFrontendHLSL.dir && cd 
__tmp_llvm_lib__/libLLVMFrontendHLSL.dir && ar -x 
/usr/lib/llvm-16/lib/libLLVMFrontendHLSL.a
make[7]: [Make.llvm.static:56: __tmp_llvm_lib__/libLLVMExtensions.dir] Error 1 
(ignored)
mkdir -p __tmp_llvm_lib__/libLLVMExtensions.dir && cd 
__tmp_llvm_lib__/libLLVMExtensions.dir && ar -x 
/usr/lib/llvm-16/lib/libLLVMExtensions.a
make[7]: *** No rule to make target '__tmp_llvm_lib__/libPolly.dir', needed by 
'lib/libfaustwithllvm.a'.  Stop.
make[7]: Leaving directory '/<>/build'
gmake[6]: *** [CMakeFiles/staticlib.dir/build.make:3284: 
/<>/build/lib/libfaust.a] Error 2
gmake[6]: *** Deleting file '/<>/build/lib/libfaust.a'
gmake[6]: Leaving directory '/<>/build/faustdir'

Cheers
-- 
Sebastian Ramacher

Bug#1051877: rust-libgit2-sys: please prepare for libgit2 transition

2023-09-13 Thread Timo Röhling 
Source: rust-libgit2-sys
Version: 0.14.1-1
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear maintainer,

I have uploaded libgit2 1.7.1 to experimental and want to start the
transition for unstable soon. Like many other language bindings for
libgit2, the rust-libgit2-sys package needs to be upgraded in lock-step.

I suggest you upload version 0.16.1+1.7.1 to experimental first, so we can
check for potential regressions, but we can skip that step if you think
it is not necessary. I will start the transition once all language
bindings are ready.


Cheers
Timo


-BEGIN PGP SIGNATURE-

iQGzBAEBCgAdFiEEJvtDgpxjkjCIVtam+C8H+466LVkFAmUCG+4ACgkQ+C8H+466
LVmf+AwA0iNOBlUtNTVlSQXsnqfo1WnluQcI/RPJT0kPhtC4Zf3s6xncUSDnEmZc
1RTS6kalw64my9iq6usa9hnJxgl8NcZ3jPUQq1AOGgTnh6YmRBhlRIeci/7Z8Ivf
fL6iWeCrHevXBPL/lu9nLcSrUhJDkgmpqfjYMnXAVkvkSrfTJ0H3l6GF5EE2GbE9
SLq92UhqhHeqGLuozPJYMSHx4ySPDIa/p0IHYpBk9X1QONhMtTT07YQZ2JZKN2bo
OJg6MyQH7A/TOgKHJlk7lLcIzmQemim7badOBpbTe5a1157eRaBKIUC36cSx35fS
YZJbrx/7DdQO2CaT7urbaQtzF8tfRKH8JdpNfDAm5PmTFDZUzQcreVqW9BYlp/YR
svl9YZqnjhHzK0TpiXVdqBOLtwFwL4pZF5JvrmqQuI4uLxVCB4ZtR27uLmZMSERv
0FptK2JS5flvfI1j0kxzu1bzXzNTQdBohNYLUN6pbONvuOjrNVFQvDZ5KvCSKXv6
XB4xvEjK
=hYqx
-END PGP SIGNATURE-

Bug#1051878: maint-guide: quilt configuration in bashrc fail if quilt is uninstalled

2023-09-13 Thread Guillermo Reisch 
Package: maint-guide
Version: 1.2.53
Severity: normal
Tags: patch

in 3.1 Setting up quilt
if quilt is not installed bash init whit error!

The code:

'''
. /usr/share/bash-completion/completions/quilt
complete -F _quilt_completion -o filenames dquilt
'''

Shoud be change for:

'''
if [ -f /usr/share/bash-completion/completions/quilt ]; then
. /usr/share/bash-completion/completions/quilt
complete -F _quilt_completion -o filenames dquilt
if
'''

Greetings
Guillermo Reisch


-- System Information:
Debian Release: trixie/sid
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'oldstable-security'), (500, 
'oldoldstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armel

Kernel: Linux 6.4.0-2-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=es_UY.UTF-8, LC_CTYPE=es_UY.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

maint-guide depends on no packages.

maint-guide recommends no packages.

Versions of packages maint-guide suggests:
ii  debian-policy 4.6.2.0
pn  developers-reference  
ii  devscripts2.23.6
pn  dh-make   
pn  doc-base  
pn  dupload | dput
ii  fakeroot  1.32.1-1
ii  lintian   2.116.3
pn  pbuilder  
pn  quilt 

-- no debconf information
>From 395c6eca54356603a29fd323358df04010534287 Mon Sep 17 00:00:00 2001
From: Guillermo Reisch 
Date: Wed, 13 Sep 2023 16:53:52 -0300
Subject: [PATCH] fix bash error if quilt is uninstalled

---
 doc/03_modify.xml | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/doc/03_modify.xml b/doc/03_modify.xml
index 8903727..2251cac 100644
--- a/doc/03_modify.xml
+++ b/doc/03_modify.xml
@@ -19,8 +19,10 @@ shell completion feature of the quilt 
command to the
 
 
 alias dquilt="quilt --quiltrc=${HOME}/.quiltrc-dpkg"
-. /usr/share/bash-completion/completions/quilt
-complete -F _quilt_completion -o filenames dquilt
+if [ -f /usr/share/bash-completion/completions/quilt ]; then
+. /usr/share/bash-completion/completions/quilt
+complete -F _quilt_completion -o filenames dquilt
+fi
 
 
 Then let's create ~/.quiltrc-dpkg as follows:
-- 
2.40.1

Bug#1051875: aged experimental package (freedict-swa-eng)

2023-09-13 Thread Ben Tris 
Package: freedict-swa-eng
Severity: minor
X-Debbugs-Cc: benatt...@gezapig.nl, shume...@gmx.de, m...@qa.debian.org

Dear Maintainer,

Last news 2007
aug 2016 mia bug to remove Kęstutis Biliūnas from the uploaders list #835570
I think this package can be removed


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1051876: ruby-rugged: please prepare for libgit2 transition

2023-09-13 Thread Timo Röhling 
Source: ruby-rugged
Version: 1.5.1+ds-1
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear maintainer,

I have uploaded libgit2 1.7.1 to experimental and want to start the
transition for unstable soon. Like many other language bindings for
libgit2, the ruby-rugged package needs to be upgraded in lock-step.

I suggest you upload ruby-rugged 1.7.1 to experimental first, so we can
check for potential regressions. I will start the transition once all
language bindings are ready.


Cheers
Timo


-BEGIN PGP SIGNATURE-

iQGzBAEBCgAdFiEEJvtDgpxjkjCIVtam+C8H+466LVkFAmUCGrQACgkQ+C8H+466
LVlrkQv/QkrLfOBf8LwlJP27aLFLgPcY2XNaA2F7puXrVQJ1XGD0PlG1+KZojSRj
aAchkdpet9AXiVSuwAf0V0mj4+B9CGHOtQ1uVdd9ApBpHf9WyVOyVgPSOj/X+h79
bOaOeJlad7gT0julK5Cmr0Ipw59PseVQYw3AkZyuIx1+OqIQIQzHZXSgIHVLQsTr
AIEL6+gN2ljyxj+aRRShpmnuHm2tV2H0XY3mXecz1xLcJ1MPqKcwkpO3mUYYTXep
5z+ipj9C9d/ysbAEM5JBIcr/0fYjrhMxe25iIKbwi5dn8IdtKRSG4l05BVquQQFu
iHsXQrAldwnV5b6x8pPBhVQSD9jYZj5WPWPPbHN2zcj0SfRUQHI53jUVQKvxVE0w
rl/xUP2BNgGQzW464BknZAWOWy3hJoLrZZ8PaGxnXJO0wETZufBYJQz1xbEVqi4U
NBSiut8aTRvBBcAuAxf5wcZFXmO5CQpmw2PVaBCPr2+5k3O3rq5d5luqwBlYTW3W
oE+F/26r
=PEtp
-END PGP SIGNATURE-

Bug#1051873: libcpucycles: Library was not compiled with architecture-specific options in some architectures like riscv64 or arm64

2023-09-13 Thread Miguel Landaeta 
Source: libcpucycles
Version: 0~20230115-1
Severity: normal

After uploading 0~20230115-1 I inspected buildd logs and I noticed that on
several architectures like riscv64, arm64, ppc64el and a few others, the
package build failed to detect and use architecture-specific timer features
and ended using the default common OS-level mechanisms.

More details at: 
https://buildd.debian.org/status/package.php?p=libcpucycles=sid

riscv64 example:


[...]
riscv32-rdcycle.c:15:2: error: #error this code is only for riscv32 platforms
   15 | #error this code is only for riscv32 platforms
  |  ^
compilation terminated.
skipping option that did not compile
[...]

See more examples with full logs below:

https://buildd.debian.org/status/fetch.php?pkg=libcpucycles=arm64=0%7E20230115-1=1694543693=0

https://buildd.debian.org/status/fetch.php?pkg=libcpucycles=ppc64el=0%7E20230115-1=1694543637=0

https://buildd.debian.org/status/fetch.php?pkg=libcpucycles=riscv64=0%7E20230115-1=1694545286=0



-- System Information:
Debian Release: 11.7
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500, 
'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-24-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- 
Miguel Landaeta, nomadium at debian.org
secure email with PGP 0x6E608B637D8967E9 available at http://miguel.cc/key.
"Faith means not wanting to know what is true." -- Nietzsche

Bug#1051872: bluemindo: aged experimental package

2023-09-13 Thread Ben Tris 
Package: bluemindo
Severity: minor
X-Debbugs-Cc: benatt...@gezapig.nl, t...@sitedethib.com, 
thibaut.gi...@gmail.com, m...@qa.debian.org

Dear Maintainer,

bluemindo is added to experimental in 2016.
There is no vcs or website to be found.
I think this package should be removed from experimental also.

Thibaut GIRKA is listed as uploader for the following source packages.

libfakekey
matchbox-keyboard
matchbox-window-manager


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-12-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1050639: bookworm-pu: package clamav/1.0.2+dfsg-1~deb12u1

2023-09-13 Thread Sebastian Andrzej Siewior 
On 2023-09-13 17:26:46 [+0100], Adam D. Barratt wrote:
> How does this sound for an SUA?
> 
> ===
> Package  : clamav
> Version  : 1.0.3+dfsg-1~deb12u1 [bookworm]
>0.103.10+dfsg-0+deb11u1 [bullseye]
> Importance   : medium
> 
> ClamAV is an AntiVirus toolkit for Unix.
> 
> Upstream published versions 1.0.3 and 0.103.10.
> 
> This is a bug-fix release and an upstream LTS release. The changes are not
> currently required for operation, but upstream strongly recommends that users
> update.
> 
> Changes since 1.0.1 and 0.103.8 currently in bookworm and bullseye include
> fixes for a security issue:
> 
> CVE-2023-20197: Possible denial of service vulnerability in the HFS+
> file parser.
> 
> The update for bookworm also includes a fix for a second security issue:
> 
> CVE-2023-20212: Possible denial of service vulnerability in the AutoIt
> module.
> 
> If you use clamav, we recommend that you install this update.
> ===
> 
> I'm not entirely happy with the CVE section, but not sure how else to
> present it, given that both updates fix one issue but aiui the second
> only applies to bookworm.

This sounds entirely fine to me. I don't think that it is needed to
point out that bullseye is not affected by the second issue.

There is also this thing regarding libclamunrar and the update to
v6.2.10 of the bundled libbrary. I *think* it is related to
CVE-2023-40477. Since unrar itself is only in -pu I think it is okay for
libclamunar to follow the same fate.

> Regards,
> 
> Adam

Sebastian

Bug#1051849: linux-image-6.1.0-12-amd64: Failure to upgrade to linux-image-6.1.0-12-amd64 from linux-image-6.1.0-10-amd64

2023-09-13 Thread Andreas Beckmann 

Control: tag -1 wontfix
Control: close -1

On Wed, 13 Sep 2023 11:40:28 -0400 Michael Cuffaro 
 wrote:



  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/os_dep/linux/wifi_regd.o
/var/lib/dkms/rtl88x2bu/5.13.1/build/os_dep/linux/wifi_regd.c: In function 
‘rtw_regd_init’:
/var/lib/dkms/rtl88x2bu/5.13.1/build/os_dep/linux/wifi_regd.c:409:36: error: 
‘REGULATORY_IGNORE_STALE_KICKOFF’ undeclared (first use in this function)
  409 | wiphy->regulatory_flags |= REGULATORY_IGNORE_STALE_KICKOFF;
  |^~~
/var/lib/dkms/rtl88x2bu/5.13.1/build/os_dep/linux/wifi_regd.c:409:36: note: 
each undeclared identifier is reported only once for each function it appears in
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/os_dep/linux/rtw_rhashtable.o
make[2]: *** 
[/usr/src/linux-headers-6.1.0-12-common/scripts/Makefile.build:255: 
/var/lib/dkms/rtl88x2bu/5.13.1/build/os_dep/linux/wifi_regd.o] Error 1


This error (and fixing it) is in the realm of the rtl88x2bu dkms kernel 
module which is not packaged in Debian, but provided by some third 
party. Please report the bug there.


It was probably caused by some changes getting backported (by Linux 
upstream to the stable 6.1 tree, not by the Debian kernel maintainers) 
that cause some out-of-tree modules to fail building. That happens all 
the time. There is no general CI for out-of-tree modules ... but at 
least we have some for the *-dkms packages in Debian, so breakage can be 
noticed early for *packaged* out-of-tree modules in Debian.


There is nothing the dkms (or any other) Debian package can do about it, 
therefore I'm closing this bug as "wontfix".


Andreas

Bug#1051871: UDD: Switch DMD to DataTables

2023-09-13 Thread Lucas Nussbaum 
Package: qa.debian.org
User: qa.debian@packages.debian.org
Usertags: udd

Hi,

I've been pondering about switching DMD to jquery datatables
(https://datatables.net/). That would allow to use a single big table,
and do stuff like hiding/showing columns on demand.

It could still work without javascript enabled, even if I'm not sure
this is important in 2023.

Of course I would only use free (as in software) javascript libs.

Lucas

Bug#756456: [Pkg-fonts-devel] Bug#756456: Please split the fonts

2023-09-13 Thread Jonas Smedegaard 
Quoting Amr Ibrahim (2021-12-26 14:35:27)
> I also support the split. Please split the fonts into their own
> packages.
> 
> There is a duplicate bug about this:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983291

No, bug#983291 is about font *selection* being painful, whereas this is
about font *installation* being painful.

For the record, my plan is to provide binary script-specific *-core and
*-extra packages corresponding with each upstream source package, and
let binary metapackages fonts-noto and fonts-noto-core depend on those
to effectively behave same as now.

Therefore, do *not* expect fonts-noto-core to be any lighter.  After
all, the very main purpose of the Noto font is to have "no tofu", not to
please only e.g. latin-script-users.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1051870: libpmix2: broken library symlink

2023-09-13 Thread Aurelien Jarno 
Package: libpmix2
Version: 5.0.1-1
Severity: grave
Justification: renders package unusable

Dear maintainer,

Starting with version 5.0.1-1, the libpmix2 package ships a dead symlink
for /usr/lib//libpmix.so.2. For instance:

$ dpkg -c libpmix2_5.0.1-1_amd64.deb  | grep libpmix.so
-rw-r--r-- root/root   2184040 2023-08-08 10:50 
./usr/lib/x86_64-linux-gnu/pmix2/lib/libpmix.so.2.13.1
lrwxrwxrwx root/root 0 2023-08-08 10:50 
./usr/lib/x86_64-linux-gnu/libpmix.so.2 -> pmix2/lib/libpmix.so.2.13.0
lrwxrwxrwx root/root 0 2023-08-08 10:50 
./usr/lib/x86_64-linux-gnu/libpmix.so.2.13.0 -> pmix2/lib/libpmix.so.2.13.0
lrwxrwxrwx root/root 0 2023-08-08 10:50 
./usr/lib/x86_64-linux-gnu/pmix2/lib/libpmix.so.2 -> libpmix.so.2.13.1

This breaks libraries depending on it and causes packages to FTBFS.

Regards
Aurelien

Bug#1051869: ITP: php-di -- A dependency injection container meant to be practical, powerful, and framework-agnostic

2023-09-13 Thread William Desportes 

Package: wnpp
Owner: William Desportes 
Severity: wishlist

* Package name : php-di
* Version : 7.0.5
* Upstream Author : Matthieu Napoli 
* URL : https://github.com/PHP-DI/PHP-DI
* License : MIT
* Programming Lang: PHP
* Description : PHP-DI is a dependency injection container meant to be 
practical, powerful, and framework-agnostic

VCS-Git: https://salsa.debian.org/php-team/pear/php-di

Bug#587553: Any progress packaging?

2023-09-13 Thread Andreas B. Mundt 
Hi Tassia,

I would like to ask if there is any progress with this ITP.  A friend 
of mine is using bluej teaching java in his school, that's how I found
this report and got interested in the current status.  It would be
nice to have this packaged in Debian.

Thanks and best regards,

  Andi

Bug#1051604: libime FTCBFS: fails to run built tools

2023-09-13 Thread Boyuan Yang 
Control: tags -1 +wontfix
Control: close -1

On Sun, 10 Sep 2023 13:47:57 +0200 Helmut Grohne  wrote:
> Source: libime
> Version: 1.1.1-1
> Tags: patch
> User: debian-cr...@lists.debian.org
> Usertags: ftcbfs
> 
> libime fails to cross build from source, because it fails running built
> tools such as LibIME::pinyindict. Actually, CMake is clever here in that
> it recognizes that it cannot run those things and fails with "not
> found". When looking into this, I noticed that all of the affected tools
> are packaged in libime-bin, so in principle a very simple solution is
> adding a build dependency on that and just running the installed tools.
> That is ok if all of tools that are used have architecture-independent
> output. I'm really not sure whether that's right and unfortunately
> libime-bin entirely lacks documentation that would assist in figuring
> this out. Can you help here? Do you understand what the tools in
> libime-bin do and whether their output depends on the architecture used
> to run them? If their output artifacts are textual, the answer probably
> is that they are architecture-independent. If their output is binary,
> more inspection is needed. Does the output depend on the number of bits
> a pointer has? Does the output depend on the endianess? If we determine
> that libime-bin really has tools that are not architecture-independent,
> please do *not* apply the attached patch. Rather explicitly mark
> libime-bin as "Multi-Arch: no" instead and close this bug.
> 
> So now we assume that libime-bin only has tools that are
> architecture-independent. Then it should be marked "Multi-Arch: foreign"
> instead. Then my patch can be used to use the installed libime-bin and
> that makes the cross build succeed. It is not clear to me whether the
> result actually is working or how I could test for that.
> 
> Note that the patch adds a dependency on libime-bin:native. This is
> necessary, because currently libime-bin is not Multi-Arch: foreign. Once
> you add that, the :native annotation must be deleted.

Upstream developer indicates that tools that handle files under
/usr/lib/*/libime/* will result in architecture-dependent outputs. As a
result, binary package libime-bin cannot be used in cross-compilation
by design.

Thanks,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Bug#1051866: gpac: CVE-2023-0770 CVE-2023-0760 CVE-2023-0358 CVE-2023-23145 CVE-2023-23144 CVE-2023-23143 CVE-2022-4202 CVE-2022-45343 CVE-2022-45283 CVE-2022-45202 CVE-2022-43045 CVE-2022-43044 CVE-

2023-09-13 Thread Salvatore Bonaccorso 
Source: gpac
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi

Some of the CVEs in #1033116 seems to not have been addressed (and in
part were addressed in a DSA already). Here a fresh bug for the
remaining ones.

Hi,

The following vulnerabilities were published for gpac.

CVE-2023-0770[0]:
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to
| 2.2.


CVE-2023-0760[1]:
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to
| V2.1.0-DEV.


CVE-2023-0358[2]:
| Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV.


CVE-2023-23145[3]:
| GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a
| memory leak in lsr_read_rare_full function.


CVE-2023-23144[4]:
| Integer overflow vulnerability in function Q_DecCoordOnUnitSphere
| file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master.


CVE-2023-23143[5]:
| Buffer overflow vulnerability in function avc_parse_slice in file
| media_tools/av_parsers.c. GPAC version 2.3-DEV-
| rev1-g4669ba229-master.


CVE-2022-4202[6]:
| A vulnerability, which was classified as problematic, was found in
| GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function
| lsr_translate_coords of the file laser/lsr_dec.c. The manipulation
| leads to integer overflow. It is possible to launch the attack
| remotely. The exploit has been disclosed to the public and may be
| used. The name of the patch is
| b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply
| a patch to fix this issue. VDB-214518 is the identifier assigned to
| this vulnerability.


CVE-2022-45343[7]:
| GPAC v2.1-DEV-rev478-g696e6f868-master was discovered to contain a
| heap use-after-free via the Q_IsTypeOn function at
| /gpac/src/bifs/unquantize.c.


CVE-2022-45283[8]:
| GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the
| smil_parse_time_list parameter at /scenegraph/svg_attributes.c.


CVE-2022-45202[9]:
| GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a
| stack overflow via the function dimC_box_read at
| isomedia/box_code_3gpp.c.


CVE-2022-43045[10]:
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a
| segmentation violation via the function gf_dump_vrml_sffield at
| /scene_manager/scene_dump.c.


CVE-2022-43044[11]:
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a
| segmentation violation via the function gf_isom_get_meta_item_info
| at /isomedia/meta.c.


CVE-2022-43043[12]:
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a
| segmentation violation via the function BD_CheckSFTimeOffset at
| /bifs/field_decode.c.


CVE-2022-43042[13]:
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a
| heap buffer overflow via the function FixSDTPInTRAF at
| isomedia/isom_intern.c.


CVE-2022-43040[14]:
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a
| heap buffer overflow via the function gf_isom_box_dump_start_ex at
| /isomedia/box_funcs.c.


CVE-2022-43039[15]:
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a
| segmentation violation via the function
| gf_isom_meta_restore_items_ref at /isomedia/meta.c.


CVE-2022-3222[16]:
| Uncontrolled Recursion in GitHub repository gpac/gpac prior to
| 2.1.0-DEV.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-0770
https://www.cve.org/CVERecord?id=CVE-2023-0770
[1] https://security-tracker.debian.org/tracker/CVE-2023-0760
https://www.cve.org/CVERecord?id=CVE-2023-0760
[2] https://security-tracker.debian.org/tracker/CVE-2023-0358
https://www.cve.org/CVERecord?id=CVE-2023-0358
[3] https://security-tracker.debian.org/tracker/CVE-2023-23145
https://www.cve.org/CVERecord?id=CVE-2023-23145
[4] https://security-tracker.debian.org/tracker/CVE-2023-23144
https://www.cve.org/CVERecord?id=CVE-2023-23144
[5] https://security-tracker.debian.org/tracker/CVE-2023-23143
https://www.cve.org/CVERecord?id=CVE-2023-23143
[6] https://security-tracker.debian.org/tracker/CVE-2022-4202
https://www.cve.org/CVERecord?id=CVE-2022-4202
[7] https://security-tracker.debian.org/tracker/CVE-2022-45343
https://www.cve.org/CVERecord?id=CVE-2022-45343
[8] https://security-tracker.debian.org/tracker/CVE-2022-45283
https://www.cve.org/CVERecord?id=CVE-2022-45283
[9] https://security-tracker.debian.org/tracker/CVE-2022-45202
https://www.cve.org/CVERecord?id=CVE-2022-45202
[10] https://security-tracker.debian.org/tracker/CVE-2022-43045
https://www.cve.org/CVERecord?id=CVE-2022-43045
[11] https://security-tracker.debian.org/tracker/CVE-2022-43044
https://www.cve.org/CVERecord?id=CVE-2022-43044
[12] https://security-tracker.debian.org/tracker/CVE-2022-43043

Bug#1051865: override: python3-fswrap:python/optional

2023-09-13 Thread Boyuan Yang 
Package: ftp.debian.org
Control: affects -1 + src:python-fswrap
X-Debbugs-Cc: python-fsw...@packages.debian.org
User: ftp.debian@packages.debian.org
Usertags: override
Severity: normal

Dear Debian FTP Masters,

Currently, binary package python3-fswrap is of Priority: extra.

==
-> % apt-cache show python3-fswrap
Package: python3-fswrap
Source: python-fswrap
Version: 1.0.1-3
Installed-Size: 40
Maintainer: Debian QA Group 
Architecture: all
Depends: python3:any, python3-distutils
Description-en: unified object oriented interface to file system objects 
(Python 3)
 File system operations in Python are distributed across modules: os,
 os.path, fnmatch, shutil and distutils. This module attempts to make the
 right choices for common operations to provide a single interface.
 .
 This package is for Python 3.
Description-md5: 0c8e04b86160f0dcf956bcc6e269c9ae
Homepage: https://github.com/hyde/fswrap
Section: python
Priority: extra
Filename: pool/main/p/python-fswrap/python3-fswrap_1.0.1-3_all.deb
Size: 8636
MD5sum: 8ccc2076919b8c091a211283568f3c2b
SHA256: 9b2f19e80ae1af9641ea56072f8a9cbfa6dad6d6b6dffd5620ee6b2770d8d225


As in https://www.debian.org/doc/debian-policy/ch-archive.html#priorities ,
Priority: extra is now deprecated. Such priority is also not explicitly
specified in its debian/control file. As a result, please revert such
deprecated priority back to python/optional.

Since this package is orphaned, I believe no confirmation from the package
maintainer will be needed.

Thanks,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Bug#1051840: licensecheck: file parsing: extract metadata from appstream

2023-09-13 Thread Jonas Smedegaard 
Quoting Peter B (2023-09-13 20:37:29)
> Apart from the appstream metadata issue, I'm seeing license shortnames such as
> 
> GPL-3.0+
> GPLv3+
> GPL-3+
> 
> in file headers are all shown as GPL-3  instead of GPL-3+
> 
> Example
> https://salsa.debian.org/debian/strawberry/-/blob/master/dist/unix/strawberry.spec.in
> 
> 
> Should I raise this as a separate bug report?

Yes, that's a separate issue - please report as a separate bugreport,
and please provide more examples (as it is helpful to examine if they
are all failing the same way).

Thanks!

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1051840: licensecheck: file parsing: extract metadata from appstream

2023-09-13 Thread Peter B 

Hi Jonas,

Apart from the appstream metadata issue, I'm seeing license shortnames such as

GPL-3.0+
GPLv3+
GPL-3+

in file headers are all shown as GPL-3  instead of GPL-3+

Example
https://salsa.debian.org/debian/strawberry/-/blob/master/dist/unix/strawberry.spec.in


Should I raise this as a separate bug report?



Cheers,
Peter

Bug#1051856: game-data-packager: SyntaxError: invalid syntax: match self.game.shortname

2023-09-13 Thread Simon McVittie 
Control: retitle -1 game-data-packager: SyntaxError: invalid syntax: match 
self.game.shortname

On Wed, 13 Sep 2023 at 19:36:59 +0200, Patrice Duroux wrote:
> Paramétrage de game-data-packager (76) ...
> Failed to byte-compile /usr/share/games/game-data-
> packager/game_data_packager/games/gog_icon.py:   File "/usr/share/games/game-
> data-packager/game_data_packager/games/gog_icon.py"
> , line 43
> match self.game.shortname:
> ^
> SyntaxError: invalid syntax. Perhaps you forgot a comma?

What version(s) of Python 3 do you have installed? For example, do you
have python3.9-minimal installed, or something like that?

This is new syntax in Python 3.10, but Debian >= 12 only supports Python
3.11 or newer, so that syntax shouldn't be a problem...

Looking at the generated game-data-packager.postinst, I see it invokes
pypy3compile. Could that be the problem here? Do you have pypy3 installed?

smcv

Bug#857115: dconf update does not change defaults

2023-09-13 Thread Boyuan Yang 
Control: tags -1 -fixed-upstream
Control: tags -1 +wontfix

On Wed, 08 Mar 2017 14:51:27 +0800 =?utf-8?B?56mN5Li55bC8?= Dan Jacobson 
 wrote:
> Package: ibus
> Version: 1.5.14-2
> File: /etc/dconf/db/ibus.d/00-upstream-settings
> 
> # ls -l /etc/dconf/db/ibus.d/
> -rw-r--r-- 1 root root 90 03-08 14:28 10-jidanni
> # cat /etc/dconf/db/ibus.d/10-jidanni
> [desktop/ibus/panel]
> custom-font='Sans 20'
> use-custom-font=true
> # dconf update
> # su - nobody -c 'HOME=/tmp/xxx ibus-setup'
> Here we see the above two settings are ignored.
> 
> OK maybe
> # Instead create your own file next to it with a higher numbered prefix,
> means
> /etc/dconf/db/ibus.d/10-upstream-settings
> result: nope.
> 
> Conclusion: all settings are hardwired in and dconf stuff is totally ignored.

In https://github.com/ibus/ibus/issues/2150 , the ibus upstream made it clear
that everything related to DConf is deprecated and should not be expected to
work. End users and ibus engines are expected to use GSettings instead. As a
result, marking this bug as wontfix.

Thanks,
Boyuan Yang


signature.asc
Description: This is a digitally signed message part

Bug#1051864: sparce: FTBFS with llvm-toolchain-16 as default

2023-09-13 Thread Sebastian Ramacher 
Source: sparse
Version: 0.6.4-3
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=sparse=amd64=0.6.4-3%2Bb1=1694628480=0

g++ -L/usr/lib/llvm-16/lib  -Wl,-z,relro -Wl,-z,now -Wl,--as-needed 
sparse-llvm.o libsparse.a -lLLVM-16   -o sparse-llvm
/usr/bin/ld: sparse-llvm.o: in function `get_sym_value':
././sparse-llvm.c:305:(.text+0x7b2): undefined reference to `LLVMConstGEP'
/usr/bin/ld: sparse-llvm.o: in function `calc_gep':
././sparse-llvm.c:488:(.text+0xe37): undefined reference to 
`LLVMBuildInBoundsGEP'
/usr/bin/ld: sparse-llvm.o: in function `output_op_load':
././sparse-llvm.c:714:(.text+0x24a9): undefined reference to `LLVMBuildLoad'
/usr/bin/ld: sparse-llvm.o: in function `output_op_call':
././sparse-llvm.c:822:(.text+0x262e): undefined reference to `LLVMBuildCall'
collect2: error: ld returned 1 exit status

Cheers
-- 
Sebastian Ramacher

Bug#1051863: ldc: FRBFS with llvm-toolchain-16 as default

2023-09-13 Thread Sebastian Ramacher 
Source: ldc
Version: 1:1.30.0-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=ldc=amd64=1%3A1.30.0-1%2Bb2=1694629363=0

[ 14%] Building CXX object CMakeFiles/LDCShared.dir/gen/asm-gcc.cpp.o
/usr/bin/c++ -DLDC_ENABLE_PLUGINS -DLDC_LLVM_SUPPORTED_TARGET_AArch64=1 
-DLDC_LLVM_SUPPORTED_TARGET_AMDGPU=1 -DLDC_LLVM_SUPPORTED_TARGET_ARM=1 
-DLDC_LLVM_SUPPORTED_TARGET_AVR=1 -DLDC_LLVM_SUPPORTED_TARGET_BPF=1 
-DLDC_LLVM_SUPPORTED_TARGET_Hexagon=1 -DLDC_LLVM_SUPPORTED_TARGET_Lanai=1 
-DLDC_LLVM_SUPPORTED_TARGET_LoongArch=1 -DLDC_LLVM_SUPPORTED_TARGET_M68k=1 
-DLDC_LLVM_SUPPORTED_TARGET_MSP430=1 -DLDC_LLVM_SUPPORTED_TARGET_Mips=1 
-DLDC_LLVM_SUPPORTED_TARGET_NVPTX=1 -DLDC_LLVM_SUPPORTED_TARGET_PowerPC=1 
-DLDC_LLVM_SUPPORTED_TARGET_RISCV=1 -DLDC_LLVM_SUPPORTED_TARGET_Sparc=1 
-DLDC_LLVM_SUPPORTED_TARGET_SystemZ=1 -DLDC_LLVM_SUPPORTED_TARGET_VE=1 
-DLDC_LLVM_SUPPORTED_TARGET_WebAssembly=1 -DLDC_LLVM_SUPPORTED_TARGET_X86=1 
-DLDC_LLVM_SUPPORTED_TARGET_XCore=1 -DLDC_LLVM_SUPPORTED_TARGET_Xtensa=1 
-I/<>/. -I/<>/dmd -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong 
-fstack-clash-protection -Wformat -Werror=format-security -fcf-protection 
-Wdate-time -D_FORTIFY_SOURCE=2 -Wdate-time -D_FORTIFY_SOURCE=2 -DDMDV2 
-I/usr/lib/llvm-16/include -std=c++17   -fno-exceptions -D_GNU_SOURCE 
-D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS -D__STDC_LIMIT_MACROS -fno-rtti 
 -Wall -Wextra -Wno-unused-parameter -Wno-comment 
-Wno-missing-field-initializers -Wno-non-virtual-dtor -Wno-pedantic 
-fvisibility-inlines-hidden -DLDC_POSIX  -DIN_LLVM -DOPAQUE_VTBLS 
"-DLDC_INSTALL_PREFIX=R\"(/usr)\"" -DLDC_LLVM_VER=1600 
"-DLDC_LIBDIR_SUFFIX=R\"()\"" -DLDC_HOST_GDMD=1 -DLDC_HOST_FE_VER=2103 
"-DLDC_LLVM_LIBDIR=R\"(/usr/lib/llvm-16/lib)\""  -DNDEBUG -MD -MT 
CMakeFiles/LDCShared.dir/gen/asm-gcc.cpp.o -MF 
CMakeFiles/LDCShared.dir/gen/asm-gcc.cpp.o.d -o 
CMakeFiles/LDCShared.dir/gen/asm-gcc.cpp.o -c /<>/gen/asm-gcc.cpp
In file included from /<>/gen/abi-x86.cpp:12:
/<>/./gen/abi-generic.h: In member function ‘virtual llvm::Value* 
BaseBitcastABIRewrite::put(DValue*, bool, bool)’:
/<>/./gen/abi-generic.h:142:68: warning: ‘llvm::Type* 
llvm::Type::getPointerElementType() const’ is deprecated: Deprecated without 
replacement, see https://llvm.org/docs/OpaquePointers.html for context and 
migration instructions [-Wdeprecated-declarations]
  142 | LLType *pointeeType = address->getType()->getPointerElementType();
  |   ~^~
In file included from /<>/./gen/llvm.h:20,
 from /<>/./gen/attributes.h:12,
 from /<>/./gen/tollvm.h:22,
 from /<>/./gen/dibuilder.h:12,
 from /<>/./gen/irstate.h:18,
 from /<>/./gen/abi-generic.h:17:
/usr/lib/llvm-16/include/llvm/IR/Type.h:409:9: note: declared here
  409 |   Type *getPointerElementType() const {
  | ^
/<>/gen/abi-x86.cpp: In member function ‘void 
X86TargetABI::workaroundIssue1356(std::vector&) const’:
/<>/gen/abi-x86.cpp:270:41: error: ‘struct llvm::MaybeAlign’ has 
no member named ‘getValueOr’
  270 |   if (arg->attrs.getAlignment().getValueOr(align4) > align4)
  | ^~
make[4]: *** [CMakeFiles/LDCShared.dir/build.make:219: 
CMakeFiles/LDCShared.dir/gen/abi-x86.cpp.o] Error 1
make[4]: *** Waiting for unfinished jobs

Cheers
-- 
Sebastian Ramacher

Bug#1051862: server flooded with xen_mc_flush warnings with xen 4.17 + linux 6.1

2023-09-13 Thread Radoslav Bodó 

Package: xen-system-amd64
Version: 4.17.1+2-gb773c48e36-1
Severity: important

Hello,

after upgrade from Bullseye to Bookworm one of our dom0's
became unusable due to logs/system being continuously flooded
with warnings from arch/x86/xen/multicalls.c:102 xen_mc_flush, and the 
system become unusable.


The issue starts at some point where system services starts to come up, 
but nothing very special is on that box (dom0, nftables, fail2ban, 
prometheus-node-exporter, 3x domU). We have tried to disable all domU's 
and fail2ban as the name of the process would suggest, but issue is 
still present. We have tried also some other elaboration but none of 
them have helped so far:


* the issue arise when xen 4.17 + linux >= 6.1 is booted
* xen + bookworm-backports linux-image-6.4.0-0.deb12.2-amd64 have same isuue
* without xen hypervisor, linux 6.1 runs just fine
* systemrescue cd boot and xfs_repair rootfs did not helped
* memtest seem to be fine running for hours

As a workaround we have booted xen 4.17 + linux 5.10.0-25 (5.10.191-1)
and the system is running fine as for last few months.

Hardware:
* Dell PowerEdge R750xs
* 2x Intel Xeon Silver 4310 2.1G
* 256GB RAM
* PERC H755 Adapter, 12x 18TB HDDs


Any help, advice or bug confirmation would be appreciated

Best regards
bodik


(log also in attachment)

```
kernel: [   99.762402] WARNING: CPU: 10 PID: 1301 at 
arch/x86/xen/multicalls.c:102 xen_mc_flush+0x196/0x220
kernel: [   99.762598] Modules linked in: nvme_fabrics nvme_core bridge 
xen_acpi_processor xen_gntdev stp llc xen_evtchn xenfs xen_privcmd 
binfmt_misc intel_rapl_msr ext4 intel_rapl_common crc16 
intel_uncore_frequency_common mbcache ipmi_ssif jbd2 nfit libnvdimm 
ghash_clmulni_intel sha512_ssse3 sha512_generic aesni_intel acpi_ipmi 
nft_ct crypto_simd cryptd mei_me mgag200 ipmi_si iTCO_wdt intel_pmc_bxt 
ipmi_devintf drm_shmem_helper dell_smbios nft_masq iTCO_vendor_support 
isst_if_mbox_pci drm_kms_helper isst_if_mmio dcdbas mei intel_vsec 
isst_if_common dell_wmi_descriptor wmi_bmof watchdog pcspkr 
intel_pch_thermal ipmi_msghandler i2c_algo_bit acpi_power_meter button 
nft_nat joydev evdev sg nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 
nf_defrag_ipv4 nf_tables nfnetlink drm fuse loop efi_pstore configfs 
ip_tables x_tables autofs4 xfs libcrc32c crc32c_generic hid_generic 
usbhid hid dm_mod sd_mod t10_pi crc64_rocksoft crc64 crc_t10dif 
crct10dif_generic ahci libahci xhci_pci libata xhci_hcd
kernel: [   99.762633]  megaraid_sas tg3 crct10dif_pclmul 
crct10dif_common crc32_pclmul crc32c_intel bnxt_en usbcore scsi_mod 
i2c_i801 libphy i2c_smbus usb_common scsi_common wmi
kernel: [   99.764765] CPU: 10 PID: 1301 Comm: python3 Tainted: G 
W  6.1.0-12-amd64 #1  Debian 6.1.52-1
kernel: [   99.764989] Hardware name: Dell Inc. PowerEdge R750xs/0441XG, 
BIOS 1.8.2 09/14/2022

kernel: [   99.765214] RIP: e030:xen_mc_flush+0x196/0x220
kernel: [   99.765436] Code: e2 06 48 01 da 85 c0 0f 84 23 ff ff ff 48 
8b 43 18 48 83 c3 40 48 c1 e8 3f 41 01 c5 48 39 d3 75 ec 45 85 ed 0f 84 
06 ff ff ff <0f> 0b e8 e3 6e a0 00 41 8b 14 24 44 89 ee 48 c7 c7 c0 ea 
33 82 89

kernel: [   99.765910] RSP: e02b:c900412ffc60 EFLAGS: 00010082
kernel: [   99.766152] RAX: ffea RBX: a1a9e300 RCX: 

kernel: [   99.766403] RDX:  RSI: 0001 RDI: 
a1a9eb10
kernel: [   99.766653] RBP: 8002 R08:  R09: 
00744f8b
kernel: [   99.766902] R10: 7ff0 R11: 0018 R12: 
a1a9e300
kernel: [   99.767153] R13: 0001 R14: ea000513 R15: 
ea000513
kernel: [   99.767409] FS:  7f59b5ba62c0() 
GS:a1a8() knlGS:
kernel: [   99.767664] CS:  1e030 DS:  ES:  CR0: 
80050033
kernel: [   99.767918] CR2: 7f59b220 CR3: 000141bd CR4: 
00050660

kernel: [   99.768181] Call Trace:
kernel: [   99.768436]  
kernel: [   99.768691]  ? __warn+0x7d/0xc0
kernel: [   99.768947]  ? xen_mc_flush+0x196/0x220
kernel: [   99.769204]  ? report_bug+0xe6/0x170
kernel: [   99.769460]  ? handle_bug+0x41/0x70
kernel: [   99.769713]  ? exc_invalid_op+0x13/0x60
kernel: [   99.769967]  ? asm_exc_invalid_op+0x16/0x20
kernel: [   99.770223]  ? xen_mc_flush+0x196/0x220
kernel: [   99.770478]  xen_mc_issue+0x6d/0x70
kernel: [   99.770726]  xen_set_pmd_hyper+0x54/0x90
kernel: [   99.770965]  do_set_pmd+0x188/0x2a0
kernel: [   99.771200]  filemap_map_pages+0x1a9/0x6e0
kernel: [   99.771434]  xfs_filemap_map_pages+0x41/0x60 [xfs]
kernel: [   99.771714]  do_fault+0x1a4/0x410
kernel: [   99.771947]  __handle_mm_fault+0x660/0xfa0
kernel: [   99.772182]  handle_mm_fault+0xdb/0x2d0
kernel: [   99.772414]  do_user_addr_fault+0x19c/0x570
kernel: [   99.772643]  exc_page_fault+0x70/0x170
kernel: [   99.772873]  asm_exc_page_fault+0x22/0x30
kernel: [   99.773102] RIP: 0033:0x7f59b502cbe2
kernel: [   99.773329] Code: 4d 8d 87 80 01 00 00 48

Bug#1051861: gzip-win32 is no longer needed

2023-09-13 Thread Gioele Barabucci 

Package: gzip-win32
Version: 1.12-1
Tags: patch

Dear gzip maintainers,

could you please stop building the package gzip-win32?

`debian-installer` stopped depending on gzip-win32 in 2020. It has since 
been removed from the list of build dependencies. See commit

https://salsa.debian.org/installer-team/win32-loader/-/commit/650f33f6 .

A nice side effect of not building gzip-win32 as part of gzip will be to 
greatly simplify the bootstrap of the essential set, as it would remove 
mingw-w64 from the list of required dependencies.


A patch to fix this issue can be found as the last commit of the branch

https://salsa.debian.org/gioele/gzip/-/tree/win32-remove

Regards,

--
Gioele Barabucci

Bug#1051860: ccls: FTBFS with llvm-toolchain-16 das default

2023-09-13 Thread Sebastian Ramacher 
Source: ccls
Version: 0.20220729-2
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=ccls=arm64=0.20220729-2%2Bb1=1694628056=0

/usr/bin/c++  -I/<>/src -isystem /<>/third_party 
-isystem /usr/lib/llvm-16/include -g -O2 -ffile-prefix-map=/<>=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -mbranch-protection=standard -Wdate-time 
-D_FORTIFY_SOURCE=2 -std=c++17 -Wall -Wno-sign-compare -Wno-return-type 
-Wno-unused-result -MD -MT CMakeFiles/ccls.dir/src/pipeline.cc.o -MF 
CMakeFiles/ccls.dir/src/pipeline.cc.o.d -o 
CMakeFiles/ccls.dir/src/pipeline.cc.o -c /<>/src/pipeline.cc
/<>/src/indexer.cc:1097:8: error: ‘void 
ccls::{anonymous}::IndexPPCallbacks::InclusionDirective(clang::SourceLocation, 
const clang::Token&, llvm::StringRef, bool, clang::CharSourceRange, 
llvm::Optional, llvm::StringRef, llvm::StringRef, const 
clang::Module*, clang::SrcMgr::CharacteristicKind)’ marked ‘override’, but does 
not override
 1097 |   void InclusionDirective(SourceLocation hashLoc, const Token ,
  |^~

Cheers
-- 
Sebastian Ramacher

Bug#1051770: move services and binaries for AD DC setup to package samba-ad-dc

2023-09-13 Thread Lee Garrett 

On Tue, 12 Sep 2023 14:24:09 +0300 Michael Tokarev  wrote:

Control: tag -1 + moreinfo

12.09.2023 14:14, Lee Garrett wrote:
> Source: samba
> Severity: minor
> X-Debbugs-Cc: deb...@rocketjump.eu
> 
> Hi,
> 
> I believe it would be a good idea to move the binaries and services required for

> AD DC operation to the package samba-ad-dc. Currently it's possible to run 
such
> a setup without installing the package, as it's just a metapackage.

Sure it is a meta-package, and it is described as such.

> Moving the binaries/services over would have the benefit of being able to drop
> the support of this package separately from the samba server, as it currently 
is
> for oldstable and older.

Which binaries/services do you mean, specially?  I for one know just one: it is
samba.service (and the init script) which starts samba-ad-dc, that's just two 
files.


I'm thinking

/etc/init.d/samba-ad-dc
/lib/systemd/system/samba-ad-dc.service
/usr/sbin/samba



/mjt

Bug#1051859: ghdl: BD-Uninstallable

2023-09-13 Thread Sebastian Ramacher 
Source: ghdl
Version: 2.0.0+dfsg-6.2
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/package.php?p=ghdl

Dependency installability problem for ghdl on amd64:

ghdl build-depends on missing:
- llvm-dev:amd64 (< 1:15~)

Cheers
-- 
Sebastian Ramacher

Bug#1051858: clazy: FTBFS with llvm-toochain-16 as default

2023-09-13 Thread Sebastian Ramacher 
Source: clazy
Version: 1.11-4
Severity: serious
Tags: ftbfs sid trixie
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=clazy=armhf=1.11-4%2Bb1=1694627460=0

[  1%] Building CXX object CMakeFiles/ClazyPlugin.dir/cmake_pch.hxx.gch
/usr/bin/c++ -DClazyPlugin_EXPORTS -DHAS_STD_FILESYSTEM -DHAVE_CLANG_CONFIG_H 
-D_GNU_SOURCE -D__STDC_CONSTANT_MACROS -D__STDC_LIMIT_MACROS 
-I/<>/obj-arm-linux-gnueabihf -I/usr/lib/llvm-16/include 
-I/usr/lib/llvm-16/tools/clang/include -I/tools/clang/include 
-I/<> -I/<>/src -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat 
-Werror=format-security -Wno-class-memaccess -Wdate-time -D_FORTIFY_SOURCE=2 
-fno-common -Woverloaded-virtual -Wcast-qual -fno-strict-aliasing -pedantic 
-Wno-long-long -Wall -W -Wno-unused-parameter -Wwrite-strings -fno-exceptions 
-fno-rtti -fPIC -std=gnu++17 -fPIC -Winvalid-pch -x c++-header -include 
/<>/obj-arm-linux-gnueabihf/CMakeFiles/ClazyPlugin.dir/cmake_pch.hxx
 -MD -MT CMakeFiles/ClazyPlugin.dir/cmake_pch.hxx.gch -MF 
CMakeFiles/ClazyPlugin.dir/cmake_pch.hxx.gch.d -o 
CMakeFiles/ClazyPlugin.dir/cmake_pch.hxx.gch -c 
/<>/obj-arm-linux-gnueabihf/CMakeFiles/ClazyPlugin.dir/cmake_pch.hxx.cxx
make[3]: Leaving directory '/<>/obj-arm-linux-gnueabihf'
[  1%] Built target man
In file included from /<>/src/checkbase.h:29,
 from 
/<>/obj-arm-linux-gnueabihf/CMakeFiles/ClazyPlugin.dir/cmake_pch.hxx:5,
 from :
/<>/src/SourceCompatibilityHelpers.h: In function ‘auto 
clazy::getBuffer(const clang::SourceManager&, clang::FileID, bool*)’:
/<>/src/SourceCompatibilityHelpers.h:112:24: error: ‘class 
std::optional’ has no member named ‘hasValue’; did you 
mean ‘has_value’?
  112 | *invalid = !buffer.hasValue();
  |^~~~
  |has_value
/<>/src/checkbase.h: At global scope:
/<>/src/checkbase.h:93:10: error: ‘void 
ClazyPreprocessorCallbacks::InclusionDirective(clang::SourceLocation, const 
clang::Token&, llvm::StringRef, bool, clang::CharSourceRange, 
clazy::OptionalFileEntryRef, llvm::StringRef, llvm::StringRef, const 
clang::Module*, clang::SrcMgr::CharacteristicKind)’ marked ‘override’, but does 
not override
   93 | void InclusionDirective(clang::SourceLocation HashLoc, const 
clang::Token , clang::StringRef FileName, bool IsAngled,
  |  ^~
make[3]: *** [CMakeFiles/ClazyPlugin.dir/build.make:80: 
CMakeFiles/ClazyPlugin.dir/cmake_pch.hxx.gch] Error 1
-- 
Sebastian Ramacher

Bug#1051857: python3-pyasn1-modules: new upstream version 0.3.0 available (from a new upstream location)

2023-09-13 Thread Daniel Kahn Gillmor 
Package: src:python-pyasn1-modules
Version: 0.2.8-1
Severity: wishlist

It looks like @etingof has sadly passed away:
https://github.com/etingof/pyasn1-modules/issues/154 and the maintenance
of pyasn1 has moved locations:
https://github.com/etingof/pyasn1-modules/issues/150

The new upstream (https://github.com/pyasn1/pyasn1-modules) has released
version 0.3.0.  it would be great to have that newer version in debian,
with the appropriate upstream metadata updated.

Thanks for maintaining pyasn1-modules in debian!

   --dkg


signature.asc
Description: PGP signature

Bug#1004256: https-github.com-EntrustCorporation-cagw-vault-plugin-tree-masterseed.git

2023-09-13 Thread Renee Brutcher 
https://github.com/cloudflare/cloudflare-docs/pull/10527




Sent via the Samsung Galaxy Note9, an AT 5G Evolution capable smartphone

Bug#1051840: licensecheck: Incorrect license reported for appstream metadata

2023-09-13 Thread Jonas Smedegaard 
Control: retitle -1 licensecheck: file parsing: extract metadata from appstream

Hi Peter,

Quoting Peter B (2023-09-13 12:54:15)
> Appstream metadata files have two license fields;
> 1) 
> 2) 
> 
> The license for the file itself is the metadata license,
> but licensecheck reports using the project license.
> 
> Example here
> https://salsa.debian.org/debian/strawberry/-/blob/master/dist/unix/org.strawberrymusicplayer.strawberry.appdata.xml
> 
> File license is CC0-1.0, but licensecheck reports GPL.
> 
> 
> Note, also the project license is GPL-3+, not just GPL.

Thanks for reporting this!

Licensecheck does not even report "using the project license": It
recognizes neither of those license fields, as revealed by this command:

  TRACE=1 licensecheck dist/unix/*.appdata.xml

..which hints of a discovery at lines 946-964, which is "released under GPL" at
lines 946-964.

Rephrasing bugreport title accordingly.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1051856: game-data-packager: python error message during install

2023-09-13 Thread Patrice Duroux 
Package: game-data-packager
Version: 76
Severity: minor

Dear Maintainer,

Here what I got during the last system upgrade:

Paramétrage de game-data-packager (76) ...
Failed to byte-compile /usr/share/games/game-data-
packager/game_data_packager/games/gog_icon.py:   File "/usr/share/games/game-
data-packager/game_data_packager/games/gog_icon.py"
, line 43
match self.game.shortname:
^
SyntaxError: invalid syntax. Perhaps you forgot a comma?



Regards,
Patrice


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-0-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages game-data-packager depends on:
ii  python3 3.11.4-5+b1
ii  python3-debian  0.1.49
ii  python3-yaml6.0.1-1

Versions of packages game-data-packager recommends:
ii  game-data-packager-runtime  76

Versions of packages game-data-packager suggests:
pn  arj
ii  binutils   2.41-5
ii  cabextract 1.11-1
pn  cdparanoia 
pn  dynamite   
ii  gcc4:13.2.0-1
pn  gdebi | gdebi-kde  
ii  gir1.2-gdkpixbuf-2.0   2.42.10+dfsg-1+b1
pn  innoextract
pn  lgc-pg 
pn  lgogdownloader 
pn  lhasa | jlha-utils | lzh-archiver  
ii  make   4.3-4.1
ii  p7zip-full 16.02+dfsg-8
ii  pkexec 123-1
ii  python3-gi 3.46.0-1
pn  python3-omg
ii  python3-pil10.0.0-1
pn  steam  
pn  steamcmd   
pn  unace-nonfree  
pn  unar   
pn  unrar  
pn  unshield   
ii  unzip  6.0-28
pn  vorbis-tools   
ii  xdelta 1.1.3-10.4
ii  xdelta33.0.11-dfsg-1.2
pn  xorriso

-- no debconf information

Bug#1051799: Please remove the homepage and vcs field. Or remove this package completely!!!

2023-09-13 Thread Tobias Frost 
Control: severity -1 minor
Control: retitle -1 mhddfs: d/control Vcs-Broswse broken

This is not an "severity important" bug

There is no requirement that a homepage field must point to a site in
English, and if upstreams homepage "English" link is broken, this should
be reported upstream, but is not a bug in the packaging.

The VCS field not working is unfortunate, but this is not a severity
important bug either, as the sources are available through the Debian
archives.

Cheers,
tobi

Bug#1048485: libnatpmp: diff for NMU version 20230423-1.1

2023-09-13 Thread Boyuan Yang 
Control: tags -1  +patch  +pending
X-Debbugs-CC: mmyan...@gmail.com  z...@debian.org

Dear maintainer,

I've prepared an NMU for libnatpmp (versioned as 20230423-1.1) and
uploaded it to DELAYED/7. Please feel free to tell me if I
should delay it longer.

Regards.

diff -Nru libnatpmp-20230423/debian/changelog 
libnatpmp-20230423/debian/changelog
--- libnatpmp-20230423/debian/changelog 2023-08-05 22:55:08.0 -0400
+++ libnatpmp-20230423/debian/changelog 2023-09-13 13:23:52.0 -0400
@@ -1,3 +1,21 @@
+libnatpmp (20230423-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+
+  [ Sebastien Bacher ]
+  * debian/patches/install-extra-header.patch:
+- install an extra header which is included by natpmp.h since the new
+  version but not added to the list of files to install.
+  (Closes: #1051692)
+
+  [ Boyuan Yang ]
+  * debian/clean: Explicitly add ".pybuild/" as file to be cleaned
+to avoid build failure after a successful build. (Closes: #1048485)
+  * debian/source/options: Use extend-diff-ignore to filter out influence
+of egg-info files.
+
+ -- Boyuan Yang   Wed, 13 Sep 2023 13:23:52 -0400
+
 libnatpmp (20230423-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru libnatpmp-20230423/debian/clean libnatpmp-20230423/debian/clean
--- libnatpmp-20230423/debian/clean 1969-12-31 19:00:00.0 -0500
+++ libnatpmp-20230423/debian/clean 2023-09-13 13:16:52.0 -0400
@@ -0,0 +1 @@
+.pybuild/
diff -Nru libnatpmp-20230423/debian/patches/install-extra-header.patch 
libnatpmp-20230423/debian/patches/install-extra-header.patch
--- libnatpmp-20230423/debian/patches/install-extra-header.patch
1969-12-31 19:00:00.0 -0500
+++ libnatpmp-20230423/debian/patches/install-extra-header.patch
2023-09-13 13:16:52.0 -0400
@@ -0,0 +1,13 @@
+Index: libnatpmp-20230423/Makefile
+===
+--- libnatpmp-20230423.orig/Makefile   2023-09-11 13:11:03.0 +0200
 libnatpmp-20230423/Makefile2023-09-11 13:11:48.025966300 +0200
+@@ -56,7 +56,7 @@
+ endif
+ endif
+ 
+-HEADERS = natpmp.h
++HEADERS = natpmp.h natpmp_declspec.h
+ 
+ EXECUTABLES = testgetgateway natpmpc-shared natpmpc-static
+ 
diff -Nru libnatpmp-20230423/debian/patches/series 
libnatpmp-20230423/debian/patches/series
--- libnatpmp-20230423/debian/patches/series2023-08-05 22:55:08.0 
-0400
+++ libnatpmp-20230423/debian/patches/series2023-09-13 13:16:52.0 
-0400
@@ -1,3 +1,4 @@
 makefile-fix-os-detect-and-ldflags.patch
 python-module-3.patch
 python-module-use-shared-lib.patch
+install-extra-header.patch
diff -Nru libnatpmp-20230423/debian/source/options 
libnatpmp-20230423/debian/source/options
--- libnatpmp-20230423/debian/source/options1969-12-31 19:00:00.0 
-0500
+++ libnatpmp-20230423/debian/source/options2023-09-13 13:23:49.0 
-0400
@@ -0,0 +1 @@
+extend-diff-ignore = "^[^/]+\.egg-info/"


signature.asc
Description: This is a digitally signed message part

Bug#1010604: Support commonly used providers like github.com and gitlab.com within watch file

2023-09-13 Thread Dominique Dumont 
On Tue, 13 Sep 2022 18:05:23 +0200 Bastian Germann  wrote:
> Now the release pages of both Gitlab and GitHub generate their hrefs via 
> JavaScript which kills uscan for them.
> See #1019696. They should both have an API to handle this.

Github has such an API.

For instance, here's a call that retrieve the URLs of the last assets of 
libtommath on Github:

$ curl -q https://api.github.com/repos/libtom/libtommath/releases | jq 
'.[0].assets[] | select( .name | test("xz")) | .browser_download_url'
  % Total% Received % Xferd  Average Speed   TimeTime Time  Current
 Dload  Upload   Total   SpentLeft  Speed
100  180k  100  180k0 0  1019k  0 --:--:-- --:--:-- --:--:-- 1021k
"https://github.com/libtom/libtommath/releases/download/v1.2.1/ltm-1.2.1.tar.xz;
"https://github.com/libtom/libtommath/releases/download/v1.2.1/ltm-1.2.1.tar.xz.asc;

Bug#1051855: plasma-workspace-wallpapers: Other similar packages are named with "background"

2023-09-13 Thread Xavier Brochard 
Package: plasma-workspace-wallpapers
Version: 4:5.27.5-2
Severity: wishlist
X-Debbugs-Cc: xav...@alternatif.org

Dear Maintainer,

This package name is hard to guess because its name is different than other 
similar packages (gnome-backgrounds, sway-backgrounds, mate-backgrounds  and so 
on). 
The package is also hard to find, because the only package depending on it is 
kde-full.

May be a fake or meta package named "kde-background" could help ?


-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-10-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- no debconf information

Bug#1042336: moment-timezone.js: FTBFS: cp: cannot stat '/usr/share/zoneinfo/posix/*': No such file or directory

2023-09-13 Thread Martina Ferrari 

Hi,

Thanks Daniel for spotting this, somehow I had missed all notifications 
and did not even realise Prometheus was about to be removed from testing :(


I have just ported the patch from Benjamin and after I finish building 
the package I will upload it.


On 10/09/2023 06:50, Daniel Swarbrick wrote:

On Wed, 26 Jul 2023 22:08:15 +0200 Lucas Nussbaum  wrote:
 > Relevant part (hopefully):
 > > mkdir -p temp/zic/2023c temp/zdump/2023c
 > > cp -RL /usr/share/zoneinfo/posix/* temp/zic/2023c/
 > > cp: cannot stat '/usr/share/zoneinfo/posix/*': No such file or 
directory

 > > make[1]: *** [debian/rules:51: data/unpacked/2023c.json] Error 1

This appears to have broken due to a change in the tzdata package which 
landed in both Debian and Ubuntu[1].


The Ubuntu moment-timezone.js package was adapted[2] to accommodate this 
change, but the Debian package was not.


[1]: https://bugs.launchpad.net/ubuntu/+source/tzdata/+bug/2008076
[2]: 
https://git.launchpad.net/ubuntu/+source/moment-timezone.js/commit/debian?h=applied/ubuntu/lunar




--
Martina Ferrari (Tina)

Bug#1051854: sudo chroot green linux/chroot/ chroot: failed to execute command "/usr/bin/fish": No such file or directory

2023-09-13 Thread Nikolay Sabelnikov 
Package: fish

Version: 3.6.0-3.1 
in ubuntu, this command works

Bug#1040494: RFS: cevomapgen/27-1 [ITP] -- External Map Generator for C-Evo

2023-09-13 Thread Peter B 

Package: sponsorship-requests

Dear mentors,

I am looking for a sponsor for my package "cevomapgen":

 * Package name : cevomapgen
   Version  : 27-1
   Upstream contact : Peter Blackman 
 * URL  : https://sourceforge.net/projects/cevomapgen/
 * License  : CC-BY-3.0, GPL-3+
   Programming Lang : FPC/Lazarus
 * Vcs  : https://salsa.debian.org/PeterB/cevomapgen
   Section  : games

The source builds the following binary packages:

  cevomapgen - External Map Generator for c-evo-dh

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/cevomapgen/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/c/cevomapgen/cevomapgen_27-1.dsc

Changes for the initial release:

 cevomapgen (27-1) unstable; urgency=medium
 .
   * Initial release (Closes: #1035747)

Regards,
--
  Peter Blackman

Bug#1051842: gensio: FTBFS: error: some symbols or patterns disappeared in the symbols file

2023-09-13 Thread Marc Haber 
Hi Dandan Zhang,

thanks for your bug report. I have manually applied the patch (the file
had developed further in git).

I don't quite understand your hints about riscvi, which might be
connected to my current personal stress level which makes it hard to
concentrate for me at the moment. I apologize for that.

I would also like to suggest that you use wdiff for symbols files
differences, wdiff can mark changes inside long lines which makes it
easier to detect a change as "just add loong64 in the list of arches in
this line without doing additional changes".

Greetings
Marc

On Wed, Sep 13, 2023 at 07:08:48PM +0800, zhangdandan wrote:
> Package: gensio
> Version: 2.6.6-6
> Severity: normal
> Tags: patch ftbfs
> User: debian-de...@lists.debian.org
> Usertags: loongarch64
> 
> Dear maintainers,
> 
> When compiling the package gensio for loong64 in the Debian Package
> Auto-Building environment [1], the dh_makeshlibs stage reports an error.
> The full compilation log can be found at [2].
> I have updated libgensio4.symbols file for loongarch64.
> Please consider the patch I have attached.
> 
> BTW, I would like to remind that "riscvi" in libgensio4.symbols file may be
> written incorrectly.
> Meanwhile, refer to link [1], other architectures such as ppc64 should also
> need to update the symbols file in build.
> 
> 
> [1]:https://buildd.debian.org/status/package.php?p=gensio=sid
> [2]:https://buildd.debian.org/status/fetch.php?pkg=gensio=loong64=2.6.6-6=1693582913=0
> 
> thanks,
> Dandan Zhang
> 

> diff -Nru gensio-2.6.6/debian/changelog gensio-2.6.6/debian/changelog
> --- gensio-2.6.6/debian/changelog 2023-07-03 05:15:11.0 +
> +++ gensio-2.6.6/debian/changelog 2023-09-13 08:42:41.0 +
> @@ -1,3 +1,9 @@
> +gensio (2.6.6-6+loong64) unreleased; urgency=medium
> +
> +  * update symbols file for loongarch64
> +
> + -- Dandan Zhang  Wed, 13 Sep 2023 16:42:41 +0800
> +
>  gensio (2.6.6-6) unstable; urgency=medium
>  
>* hopefully final version of symbols file
> diff -Nru gensio-2.6.6/debian/libgensio4.symbols 
> gensio-2.6.6/debian/libgensio4.symbols
> --- gensio-2.6.6/debian/libgensio4.symbols2023-07-03 05:15:11.0 
> +
> +++ gensio-2.6.6/debian/libgensio4.symbols2023-09-13 08:41:26.0 
> +
> @@ -1029,11 +1029,11 @@
>   (c++)"gensios::set_log_mask(int)@Base" 2.6.2
>   (c++)"gensios::err_to_string[abi:cxx11](int)@Base" 2.6.2
>   
> (c++)"gensios::log_level_to_str[abi:cxx11](gensios::gensio_log_levels)@Base" 
> 2.6.2
> - (arch=mips64el mipsel hppa ia64 m68k ppc64 riscv64i 
> sparc64|c++)"gensios::gensio_cpp_vlog_handler(gensios::gensio_os_funcs*, 
> gensios::gensio_log_levels, char const*, void*)@Base" 2.6.2
> + (arch=mips64el mipsel hppa ia64 loong64 m68k ppc64 riscv64i 
> sparc64|c++)"gensios::gensio_cpp_vlog_handler(gensios::gensio_os_funcs*, 
> gensios::gensio_log_levels, char const*, void*)@Base" 2.6.2
>   (arch=i386 
> ppc64el|c++)"gensios::gensio_cpp_vlog_handler(gensios::gensio_os_funcs*, 
> gensios::gensio_log_levels, char const*, char*)@Base" 2.6.2
>   (arch=sh4|c++)"gensios::gensio_cpp_vlog_handler(gensios::gensio_os_funcs*, 
> gensios::gensio_log_levels, char const*, __va_list_tag)@Base" 2.6.2
>   (arch=arm64 armel 
> armhf|c++)"gensios::gensio_cpp_vlog_handler(gensios::gensio_os_funcs*, 
> gensios::gensio_log_levels, char const*, std::__va_list)@Base" 2.6.2
> - (arch=!arm64 !armel !armhf !i386 !mips64el !mipsel !ppc64el !hppa !ia64 
> !m68k !ppc64 !riscv64 !sh4 
> !sparc64|c++)"gensios::gensio_cpp_vlog_handler(gensios::gensio_os_funcs*, 
> gensios::gensio_log_levels, char const*, __va_list_tag*)@Base" 2.6.2
> + (arch=!arm64 !armel !armhf !i386 !loong64 !mips64el !mipsel !ppc64el !hppa 
> !ia64 !m68k !ppc64 !riscv64 !sh4 
> !sparc64|c++)"gensios::gensio_cpp_vlog_handler(gensios::gensio_os_funcs*, 
> gensios::gensio_log_levels, char const*, __va_list_tag*)@Base" 2.6.2
>   (c++)"gensios::Addr::Addr(gensios::Os_Funcs&, 
> std::__cxx11::basic_string, std::allocator 
> >, bool, int*, int*, char const***)@Base" 2.6.2
>   (c++)"gensios::Addr::Addr(gensios::Os_Funcs&, 
> std::__cxx11::basic_string, std::allocator 
> >, bool, int)@Base" 2.6.2
>   (c++)"gensios::Addr::Addr(gensios::Os_Funcs&, int, void const*, unsigned 
> long, unsigned int)@Base" 2.6.2


-- 
-
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany|  lose things."Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421

Bug#1051853: mirror submission for mirror.marwan.ma

2023-09-13 Thread MARWAN NOC 
Package: mirrors
Severity: wishlist
User: mirr...@packages.debian.org
Usertags: mirror-submission

Submission-Type: new
Site: mirror.marwan.ma
Archive-architecture: ALL amd64 arm64 armel armhf hurd-i386 hurd-amd64 i386 
mips mips64el mipsel powerpc ppc64el riscv64 s390x
Archive-http: /debian/
Archive-rsync: debian/
Maintainer: MARWAN NOC 
Country: MA Morocco
Location: Rabat
Sponsor: MARWAN https://marwan.ma




Trace Url: http://mirror.marwan.ma/debian/project/trace/
Trace Url: http://mirror.marwan.ma/debian/project/trace/ftp-master.debian.org
Trace Url: http://mirror.marwan.ma/debian/project/trace/mirror.marwan.ma

Bug#1051713: exim4-daemon-heavy 4.96-22: misbehavior in string expansion function reduce combined with inlisti function

2023-09-13 Thread Andreas Metzler 
On 2023-09-11 debian...@sgt.at wrote:
> Package: exim4-daemon-heavy
[...]
>exim -be '${reduce {<\n 
> 1.1.1.1\n2.2.2.2\n3.3.3.3\n4.4.4.4\n4.4.4.4\n}{}{${if !inlisti{$item}{<\n 
> $value}{$value$item\n}{$value'

>output is :

>  4.4.4.4  ->  last 4.4.4.4 not matched in list and last value is the 
> output

> Counter check with exim4 4.94.2 :
[...]
>exim -be '${reduce {<\n 
> 1.1.1.1\n2.2.2.2\n3.3.3.3\n4.4.4.4\n4.4.4.4\n}{}{${if !inlisti{$item}{<\n 
> $value}{$value$item\n}{$value'

>output is :

>1.1.1.1
>2.2.2.2
>3.3.3.3
>4.4.4.4  -> last 4.4.4.4 matches in list and the reduced list is the 
> output  (double 4.4.4.4 removed)


Hello,

I had forwarded this upstream to
https://bugs.exim.org/show_bug.cgi?id=3024 and received diagnosis/help
there.


Short summary follows, but please read the original response there.

This seems to be not directly fixable since inlisti changed and now
modifies $value for more sorts of matching elements than it used to.
Workarounds can be used and perhaps new features be added to provide the
same result with extended expansion syntax.

cu Andreas

Bug#1051852: python-apt does not recognise 'signed-by' parameter

2023-09-13 Thread zzaimeche 

Package: python3-apt
Version: all

The current code does not handle sources which include the 'signed-by' 
option.
These are interpreted as invalid, although signed-by is listed as a 
valid

option for ubuntu source lists here:
https://manpages.ubuntu.com/manpages/focal/en/man5/sources.list.5.html .

I'm not sure whether it's supported for debian or not,
but I couldn't find a better place to report the issue,
so hopefully this is the right place! :)

When 'signed-by' is not recognised, it causes knock-on effects,
for example when using salt to add repos to /etc/apt/sources.list,
there will be duplicate entries.

This is where the 'signed-by' parameter would need to be added:
https://salsa.debian.org/apt-team/python-apt/-/blob/main/aptsources/sourceslist.py#L240

And below is a patch that has fixed the issue for us
(it's a little old so we may need to adjust the line numbers, but the
rest should be the same).
Best Wishes,
Zara

@@ -, +, @@
---
 aptsources/sourceslist.py | 27 ---
 1 file changed, 20 insertions(+), 7 deletions(-)
--- a/aptsources/sourceslist.py
+++ a/aptsources/sourceslist.py
@@ -92,6 +92,7 @@ class SourceEntry(object):
 self.type = ""   # what type (deb, deb-src)
 self.architectures = []  # architectures
 self.trusted = None  # Trusted
+self.signed_by = ""  # gpg
 self.uri = ""# base-uri
 self.dist = ""   # distribution (dapper, edgy, etc)
 self.comps = []  # list of available componetns 
(may empty)

@@ -198,6 +199,8 @@ class SourceEntry(object):
 self.architectures = value.split(",")
 elif key == "trusted":
 self.trusted = apt_pkg.string_to_bool(value)
+elif key == "signed-by":
+self.signed_by = value
 else:
 self.invalid = True
@@ -239,13 +242,23 @@ class SourceEntry(object):
 line += self.type
-if self.architectures and self.trusted is not None:
-line += " [arch=%s trusted=%s]" % (
-",".join(self.architectures), "yes" if self.trusted 
else "no")

-elif self.trusted is not None:
-line += " [trusted=%s]" % ("yes" if self.trusted else "no")
-elif self.architectures:
-line += " [arch=%s]" % ",".join(self.architectures)
+repo_opts = {}
+
+if self.architectures:
+repo_opts["arch"] = ",".join(self.architectures)
+
+if self.trusted is not None:
+repo_opts["trusted"] = "yes" if self.trusted else "no"
+
+if self.signed_by:
+repo_opts["signed-by"] = self.signed_by
+
+if repo_opts:
+_opts_str = ""
+for key in repo_opts:
+_opts_str += "%s=%s " % (key, repo_opts[key])
+line += " [%s]" % _opts_str.strip()
+
 line += " %s %s" % (self.uri, self.dist)
 if len(self.comps) > 0:
 line += " " + " ".join(self.comps)
--

Bug#1050639: bookworm-pu: package clamav/1.0.2+dfsg-1~deb12u1

2023-09-13 Thread Adam D. Barratt 
On Sat, 2023-09-09 at 23:22 +0200, Sebastian Andrzej Siewior wrote:
> 
> This is a quick update that I updated to 1.0.3+dfsg-1~deb12u1 as of
> today. The diff mostly a version update. I additionally removed a log
> line from freshclam which logged harmless 304 "not modified"
> requests.
> This line was added in 1.0.0 and people complained, it got in as of
> 1.0.0 and is already removed in 1.1.x and later.
> 
> The main reason for 1.0.3 was the unrar update and I updated so
> clamav
> does not complain about the lower version.
> 
> It would be nice if this could be made available via d/updates.

How does this sound for an SUA?

===
Package  : clamav
Version  : 1.0.3+dfsg-1~deb12u1 [bookworm]
   0.103.10+dfsg-0+deb11u1 [bullseye]
Importance   : medium

ClamAV is an AntiVirus toolkit for Unix.

Upstream published versions 1.0.3 and 0.103.10.

This is a bug-fix release and an upstream LTS release. The changes are not
currently required for operation, but upstream strongly recommends that users
update.

Changes since 1.0.1 and 0.103.8 currently in bookworm and bullseye include
fixes for a security issue:

CVE-2023-20197: Possible denial of service vulnerability in the HFS+
file parser.

The update for bookworm also includes a fix for a second security issue:

CVE-2023-20212: Possible denial of service vulnerability in the AutoIt
module.

If you use clamav, we recommend that you install this update.
===

I'm not entirely happy with the CVE section, but not sure how else to
present it, given that both updates fix one issue but aiui the second
only applies to bookworm.

Regards,

Adam

Bug#1051849: linux-image-6.1.0-12-amd64: Failure to upgrade to linux-image-6.1.0-12-amd64 from linux-image-6.1.0-10-amd64

2023-09-13 Thread Diederik de Haas 
Control: reassign -1 dkms
Control: tag -1 -ftbfs

On Wednesday, 13 September 2023 17:40:28 CEST Michael Cuffaro wrote:
> Error! Bad return status for module build on kernel: 6.1.0-12-amd64 (x86_64)
> Consult /var/lib/dkms/rtl88x2bu/5.13.1/build/make.log for more information.

No idea where you got that from, but it's a dkms 'package' responsibility to 
adjust for kernel changes.

signature.asc
Description: This is a digitally signed message part.

Bug#1051290: fonts-sil-gentiumplus: gentium plus v6.200 has been released

2023-09-13 Thread Bobby de Vos 

On 2023-09-05 14:09, Nick Black wrote:

Gentium Plus v6.200 was released 2023-02-01.

I'd really like to be able to use U+2227/U+2228 from this great font, among
other recent changes.

Please package the new version when you find time. Thank you!


Thank for for mentioning this. I am trying to update this font and other 
fonts from SIL, but I am encountering difficulties


https://lists.debian.org/debian-fonts/2023/09/msg00031.html

--
Bobby de Vos
/bobby_de...@sil.org/

Bug#963151: version mismatch - this is what happened

2023-09-13 Thread Nicolai Lissner 
I've looked a bit deeper and this is what happened:

the package tor-0.4.7.13 has been built 2023-01-12
at this point bookworm still was testing and in January
bookworm/testing had libzstd-1.5.2

but then libzstd-1.5.4 entered bookworm/testing 2023-02-23
so tor would have needed a rebuild as there is a runtime test 
to avoid version mismatch. 

Hiding a test result that checks for version mismatch
is NOT a solution in case of version mismatch.

Rebuilding and by that linking with libzstd-1.5.4 is.

I'v seen meanwhile you've built 0.4.8.5 but put it 
into testing and backports only.

for bookworm/stable the problem  still exists.

Plus there was a bug fix release, 0.4.7.14 in july
"This version fixes several minor bugfixes and one major bugfix"
https://forum.torproject.org/t/stable-release-0-4-7-14/8493

but for bookworm/stable the problem still exists.

Even in case 0.4.8.5 doesn't fit into debian rules for stable repository,
the upstream 0.4.7.14 is a pure bug fix

3305 out of 7846 tor nodes still use 0.4.7.13 - I guess most of these 
just because they trust in debian stable is well maintained.

Please do :)

Bug#1051851: network-manager-openconnect-gnome: Undefined symbol, seems like linked against old GST

2023-09-13 Thread Mateusz Kaduk 
Package: network-manager-openconnect-gnome
Version: 1.2.10-1
Severity: important
X-Debbugs-Cc: mateusz.ka...@gmail.com

Dear Maintainer,

I think on sid openconnect dialog is broken

/usr/lib/NetworkManager/nm-openconnect-auth-dialog: symbol lookup error: 
/lib/x86_64-linux-gnu/libwebkit2gtk-4.0.so.37: undefined symbol: 
gst_transcoder_get_sync_signal_adapter

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.4.0-2-amd64 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages network-manager-openconnect-gnome depends on:
ii  libc62.37-8
ii  libgcr-base-3-1  3.41.1-3
ii  libgcr-ui-3-13.41.1-3
ii  libglib2.0-0 2.78.0-1
ii  libgtk-3-0   3.24.38-5
ii  libgtk-4-1   4.12.1+ds-3
ii  libnm0   1.44.0-1
ii  libnma-gtk4-01.10.6-1
ii  libnma0  1.10.6-1
ii  libopenconnect5  9.12-1
ii  libsecret-1-00.21.0-1
ii  libsoup2.4-1 2.74.3-1
ii  libwebkit2gtk-4.0-37 2.40.5-1
ii  libxml2  2.9.14+dfsg-1.3
ii  network-manager-openconnect  1.2.10-1

network-manager-openconnect-gnome recommends no packages.

network-manager-openconnect-gnome suggests no packages.

-- no debconf information

Bug#1051229: objection

2023-09-13 Thread Thomas Koch 

Hi Sebastien,

objection: as upstream I discourage very clearly co-installation of TLP
with power-profiles-daemon.

A co-installation with power-profiles-daemon degrades TLP's
functionality significantly by disabling
CPU_ENERGY_PERF_POLICY_ON_AC/BAT, CPU_BOOST_ON_AC/BAT and
PLATFORM_PROFILE_ON_AC/BAT.

This is not transparent to most users of TLP.

I am aware that in Ubuntu due to constraints (guess: OEM requirements)
the co-installation became necessary. This is why I integrated the
possibility of co-installation. However, it remains a concession at the
expense of TLP.

In Debian such constraints do not exist afaik.

Btw, TLP's dev docs [1] consciously still state:

> power-profiles-daemon - conflicts
> [...]
> Conclusion: this can only be reliably prevented by not installing
power-profiles-daemon and tlp at the same time.


[1] https://linrunner.de/tlp/developers/dependencies.html

--
Freundliche Grüße / Kind regards,
Thomas Koch

Mail : linrun...@gmx.net
Web  : https://linrunner.de/tlp

Bug#1051850: pastescript: FTBFS due to new dh-python clean behaviour

2023-09-13 Thread Simon Chopin 
Package: pastescript
Severity: serious
Tags: patch ftbfs
Justification: fails to build from source (but built successfully in the past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu mantic ubuntu-patch
X-Debbugs-Cc: scho...@ubuntu.com

Hi,

In Ubuntu, the attached patch was applied to work around dh-python
removing the test FakePlugin.egg-info directory in the clean step, which
is needed for some tests. This is fairly ugly, since Ubuntu has a fairly
tight schedule and release is looming, but I'm hoping we'll come up with
a better solve in bug 1051837

-- System Information:
Debian Release: trixie/sid
  APT prefers mantic
  APT policy: (500, 'mantic')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.3.0-7-generic (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_USER, TAINT_OOT_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru pastescript-3.2.1/debian/rules pastescript-3.2.1/debian/rules
--- pastescript-3.2.1/debian/rules  2022-11-20 12:38:22.0 +0100
+++ pastescript-3.2.1/debian/rules  2023-09-13 12:18:46.0 +0200
@@ -27,3 +27,9 @@
 
 override_dh_installchangelogs:
dh_installchangelogs docs/news.txt
+
+override_dh_auto_clean:
+   # Work around LP: #2035337
+   mv tests/fake_packages/FakePlugin.egg/FakePlugin.egg-info/ 
fakeplugin.back
+   dh_auto_clean
+   mv fakeplugin.back 
tests/fake_packages/FakePlugin.egg/FakePlugin.egg-info/

Bug#1051849: linux-image-6.1.0-12-amd64: Failure to upgrade to linux-image-6.1.0-12-amd64 from linux-image-6.1.0-10-amd64

2023-09-13 Thread Michael Cuffaro 
Package: src:linux
Version: 6.1.52-1
Severity: grave
Tags: ftbfs
Justification: renders package unusable

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?

I ran apt full-upgrade as I usually do

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

After getting the error I tried apt -f install

   * What was the outcome of this action?

$ sudo apt -f install
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
  linux-headers-6.1.0-10-amd64 linux-headers-6.1.0-10-common 
linux-image-6.1.0-10-amd64
Use 'sudo apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
4 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Setting up linux-image-6.1.0-12-amd64 (6.1.52-1) ...
/etc/kernel/postinst.d/dkms:
dkms: running auto installation service for kernel 6.1.0-12-amd64.
Sign command: /usr/lib/linux-kbuild-6.1/scripts/sign-file
Signing key: /var/lib/dkms/mok.key
Public certificate (MOK): /var/lib/dkms/mok.pub

Building module:
Cleaning build area...
'./driverctl' make all(bad exit status: 2)
Error! Bad return status for module build on kernel: 6.1.0-12-amd64 (x86_64)
Consult /var/lib/dkms/rtl88x2bu/5.13.1/build/make.log for more information.
Error! One or more modules failed to install during autoinstall.
Refer to previous errors for more information.
dkms: autoinstall for kernel: 6.1.0-12-amd64 failed!
run-parts: /etc/kernel/postinst.d/dkms exited with return code 11
dpkg: error processing package linux-image-6.1.0-12-amd64 (--configure):
 installed linux-image-6.1.0-12-amd64 package post-installation script 
subprocess returned error exit status 1
Setting up linux-headers-6.1.0-12-amd64 (6.1.52-1) ...
/etc/kernel/header_postinst.d/dkms:
dkms: running auto installation service for kernel 6.1.0-12-amd64.
Sign command: /usr/lib/linux-kbuild-6.1/scripts/sign-file
Signing key: /var/lib/dkms/mok.key
Public certificate (MOK): /var/lib/dkms/mok.pub

Building module:
Cleaning build area...
'./driverctl' make all...(bad exit status: 2)
Error! Bad return status for module build on kernel: 6.1.0-12-amd64 (x86_64)
Consult /var/lib/dkms/rtl88x2bu/5.13.1/build/make.log for more information.
Error! One or more modules failed to install during autoinstall.
Refer to previous errors for more information.
dkms: autoinstall for kernel: 6.1.0-12-amd64 failed!
run-parts: /etc/kernel/header_postinst.d/dkms exited with return code 11
Failed to process /etc/kernel/header_postinst.d at 
/var/lib/dpkg/info/linux-headers-6.1.0-12-amd64.postinst line 11.
dpkg: error processing package linux-headers-6.1.0-12-amd64 (--configure):
 installed linux-headers-6.1.0-12-amd64 package post-installation script 
subprocess returned error exit status 1
dpkg: dependency problems prevent configuration of linux-headers-amd64:
 linux-headers-amd64 depends on linux-headers-6.1.0-12-amd64 (= 6.1.52-1); 
however:
  Package linux-headers-6.1.0-12-amd64 is not configured yet.

dpkg: error processing package linux-headers-amd64 (--configure):
 dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of linux-image-amd64:
 linux-image-amd64 depends on linux-image-6.1.0-12-amd64 (= 6.1.52-1); however:
  Package linux-image-6.1.0-12-amd64 is not configured yet.

dpkg: error processing package linux-image-amd64 (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 linux-image-6.1.0-12-amd64
 linux-headers-6.1.0-12-amd64
 linux-headers-amd64
 linux-image-amd64
E: Sub-process /usr/bin/dpkg returned an error code (1)

Here are the contents of /var/lib/dkms/rtl88x2bu/5.13.1/build/make.log:

$ cat /var/lib/dkms/rtl88x2bu/5.13.1/build/make.log
DKMS make.log for rtl88x2bu-5.13.1 for kernel 6.1.0-12-amd64 (x86_64)
Wed 13 Sep 2023 11:09:22 AM EDT
make ARCH=x86_64 CROSS_COMPILE= -C /lib/modules/6.1.0-12-amd64/build 
M=/var/lib/dkms/rtl88x2bu/5.13.1/build  modules
make[1]: Entering directory '/usr/src/linux-headers-6.1.0-12-amd64'
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/core/rtw_cmd.o
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/core/rtw_security.o
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/core/rtw_debug.o
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/core/rtw_io.o
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/core/rtw_ioctl_query.o
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/core/rtw_ioctl_set.o
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/core/rtw_ieee80211.o
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/core/rtw_mlme.o
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/core/rtw_mlme_ext.o
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/core/rtw_mi.o
  CC [M]  /var/lib/dkms/rtl88x2bu/5.13.1/build/core/rtw_wlan_util.o
  CC [M]

Bug#1042342: yarl: fix pushed to repo, permission to release?

2023-09-13 Thread Michael R . Crusoe 
Control: tags 1042342 + patch
Control: tags 1042342 + pending

Dear maintainer,

I've pushed a commit using a patch cherry-picked from upstream[0] to fix this 
issue.

If you don't object, I'll make a team upload of yarl (versioned as 1.8.2-2) with
this fix.

Regards,

[0] https://github.com/aio-libs/yarl/pull/882

diff -Nru yarl-1.8.2/debian/changelog yarl-1.8.2/debian/changelog
--- yarl-1.8.2/debian/changelog 2023-01-17 20:02:27.0 +0100
+++ yarl-1.8.2/debian/changelog 2023-09-13 17:23:01.0 +0200
@@ -1,3 +1,11 @@
+yarl (1.8.2-2) UNRELEASED; urgency=medium
+
+  * Team upload.
+  * d/patches/square_bracket_handling.patch: cherry-picked from upstream.
+Fixes FTBFS. Closes: #1042342
+
+ -- Michael R. Crusoe   Wed, 13 Sep 2023 17:23:01 +0200
+
 yarl (1.8.2-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru yarl-1.8.2/debian/patches/series yarl-1.8.2/debian/patches/series
--- yarl-1.8.2/debian/patches/series2023-01-17 20:02:27.0 +0100
+++ yarl-1.8.2/debian/patches/series2023-09-13 17:21:57.0 +0200
@@ -1,3 +1,4 @@
+square_bracket_handling.patch
 0001-do-not-add-changelog-to-long-description.patch
 0002-docs-disable-intersphinx.patch
 0003-docs-disable-sidebar_collapse-option.patch
diff -Nru yarl-1.8.2/debian/patches/square_bracket_handling.patch 
yarl-1.8.2/debian/patches/square_bracket_handling.patch
--- yarl-1.8.2/debian/patches/square_bracket_handling.patch 1970-01-01 
01:00:00.0 +0100
+++ yarl-1.8.2/debian/patches/square_bracket_handling.patch 2023-09-13 
17:22:02.0 +0200
@@ -0,0 +1,125 @@
+From 5c977b52a33bf58f016e5968934c3fcb8b49b239 Mon Sep 17 00:00:00 2001
+From: Martijn Pieters 
+Date: Tue, 6 Jun 2023 17:38:47 +0100
+Subject: [PATCH] Correct square bracket handling in URL netloc
+
+- The human representation of usernames and passwords should percent-
+  encode square brackets.
+- Clean up the test suite to remove tests that use invalid hostnames
+  (square brackets in a host name must only be used for IPv6 addresses).
+- Rename the remaining test using IPvFuture address syntax to make this
+  explicit.
+- Drop a test for IPv6 addresses with a zone id; zone id support is
+  controversial and expilictly excluded from the WHATWG URL standard.
+  Zone ids *without percent characters in their name* continue to work
+  as long as urllib.parse.urlsplit() accepts them but this is not
+  something that yarl.URL() needs to support explicitly.
+---
+ CHANGES/876.bugfix.rst|  1 +
+ tests/test_url.py | 10 ++
+ tests/test_url_parsing.py | 28 ++--
+ yarl/_url.py  |  4 ++--
+ 4 files changed, 7 insertions(+), 36 deletions(-)
+ create mode 100644 CHANGES/876.bugfix.rst
+
+--- /dev/null
 yarl/CHANGES/876.bugfix.rst
+@@ -0,0 +1 @@
++Fixed the human representation of URLs with square brackets in usernames and 
passwords.
+--- yarl.orig/tests/test_url.py
 yarl/tests/test_url.py
+@@ -235,12 +235,6 @@
+ assert url.host == url.raw_host
+ 
+ 
+-def test_ipv6_zone():
+-url = URL("http://[fe80::822a:a8ff:fe49:470c%тест%42]:123;)
+-assert url.raw_host == "fe80::822a:a8ff:fe49:470c%тест%42"
+-assert url.host == url.raw_host
+-
+-
+ def test_ipv4_zone():
+ # I'm unsure if it is correct.
+ url = URL("http://1.2.3.4%тест%42:123;)
+@@ -1514,8 +1508,8 @@
+ s = url.human_repr()
+ assert URL(s) == url
+ assert (
+-s == "http:// !\"%23$%25&'()*+,-.%2F%3A;<=>%3F%40[\\]^_`{|}~"
+-": !\"%23$%25&'()*+,-.%2F%3A;<=>%3F%40[\\]^_`{|}~"
++s == "http:// !\"%23$%25&'()*+,-.%2F%3A;<=>%3F%40%5B\\%5D^_`{|}~"
++": !\"%23$%25&'()*+,-.%2F%3A;<=>%3F%40%5B\\%5D^_`{|}~"
+ "@хост.домен:8080"
+ "/ !\"%23$%25&'()*+,-./:;<=>%3F@[\\]^_`{|}~"
+ "? !\"%23$%25%26'()*%2B,-./:%3B<%3D>?@[\\]^_`{|}~"
+--- yarl.orig/tests/test_url_parsing.py
 yarl/tests/test_url_parsing.py
+@@ -178,14 +178,6 @@
+ assert u.query_string == ""
+ assert u.fragment == ""
+ 
+-def test_masked_ipv4(self):
+-u = URL("//[127.0.0.1]/")
+-assert u.scheme == ""
+-assert u.host == "127.0.0.1"
+-assert u.path == "/"
+-assert u.query_string == ""
+-assert u.fragment == ""
+-
+ def test_ipv6(self):
+ u = URL("//[::1]/")
+ assert u.scheme == ""
+@@ -194,15 +186,7 @@
+ assert u.query_string == ""
+ assert u.fragment == ""
+ 
+-def test_strange_ip(self):
+-u = URL("//[-1]/")
+-assert u.scheme == ""
+-assert u.host == "-1"
+-assert u.path == "/"
+-assert u.query_string == ""
+-assert u.fragment == ""
+-
+-def test_strange_ip_2(self):
++def test_ipvfuture_address(self):
+ u = URL("//[v1.-1]/")
+ assert u.scheme == ""
+ assert u.host == "v1.-1"
+@@ -210,14 +194,6 @@
+ assert u.query_string == ""
+ assert u.fragment == ""
+ 
+-def

Bug#1051774: PySNMP asyncio backend unusable in Debian 12 (needs stable update?)

2023-09-13 Thread Thomas Goirand 

On 9/13/23 13:43, Adam Cecile wrote:

On 9/13/23 12:55, Thomas Goirand wrote:

On 9/12/23 18:16, Adam Cecile wrote:

Hello,

No hurry, I think we might want to wait for upstream to respond to my 
PR regarding double awaitable fix.
It is indeed lextudio upstream that took over the PySNMP package and 
all patches are coming from us (except mine ofc).


Regards, Adam.


Because it messes up the order in which people normally read text.
Why is top-posting such a bad thing?
Top-posting.
What is the most annoying thing in e-mail?

Hello, you started first !


LOL ! :)

Well, I was on my phone, sorry for that ... :P


Thanks! :)

I tried applying your patch at 
https://salsa.debian.org/acecile-guest/python-pysnmp4/-/commit/88d40f1225de8f7b42413b56206b41a6155fcf09


Unfortunately, it doesn't apply on top of 4.4.12-2, which is the 
current version of the package (in Bookworm, Unstable and Testing).


Would you be able to rebase your patch on top of 4.4.12-2? Then I'll 
do the work to get this into Bookworm (and Unstable/Testing).


Cheers,

Thomas Goirand (zigo)


Yes that's expected.


Well, how can I then apply it to the version in Bookworm?

This commit is only to fix double awaitable "new" 
upstream bug. It depends on a large amount of backported commits to fix 
asyncio / Python 3.11 support.


Could you backport it to 4.4.12-2 as in Bookworm and Unstable?

As I wrote already, I already packaged python-pysnmp-lextudio, which is 
currently in the NEW queue. I will be happy to apply your patch in 
there, but IMO, we should treat pysnmp-lextudio as a different source 
and binary package (my binary conflicts with python3-pysnmp4), because 
the dependency chain is very different.


You can see here a branch created from upstream 4.4.12 tag with asyncio 
patches cherry-pick from new upstream master:


https://salsa.debian.org/acecile-guest/python-pysnmp4/-/commits/4.4.12+cherry-pick-asyncio-lextudio-fixes/

It has then been squashed into a single debian/patch:

https://salsa.debian.org/acecile-guest/python-pysnmp4/-/commit/a5f17d27c7813dbdb64cdf674d1855a77c3eb0f0


Ah, super cool! It's too late for today (have to go back home), so I'll 
work on this tomorrow. Thanks a lot for your contrib.


BTW, we've been using your MegaCli repo (we mirror it), and I also would 
like to thank you for this. :)


I made my own forked repository because I'm unsure how we should 
proceed, but I can easily push the debian/4.4.12-3 tag to the regular 
Python module repository on Salsa.


4.4.12-3 will be for Unstable. For Stable, it's going to be something 
like 4.4.12-2+deb12u1, as per the normal process, and it will have to be 
(pre-)approved by the Debian Stable release team by filling a bug 
against release.debian.org. No worries, I do understand that Debian 
procedures are not easy to understand, though I'm happy to explain if 
you need.


Cheers,

Thomas Goirand (zigo)

  1   2   >