Bug#1054819: ezdxf: FTBFS: make[2]: *** [Makefile:44: html] Error 2

[Santiago Vila]

El 28/10/23 a las 17:44, Bdale Garbee escribió:

Lucas Nussbaum  writes:


During a rebuild of all packages in sid, your package failed to build
on amd64.


I am unable to reproduce this problem building in a fresh, minimal sid
chroot environment.  Is this a repeatable failure?  If so, any thoughts
on what might cause it to fail in your build environment but not in my
cowbuilder chroot environment?


This one seems to be a Makefile bug, where not all dependencies are
correctly specified.

Try using make 4.4.x to "amplify" the probability of failure.
You can download it from this URL:

https://ftp.gnu.org/gnu/make/make-4.4.1.tar.gz

and build it with the usual "./configure; make".
Only the "make" executable is required. Just put
it inside your chroot replacing /usr/bin/make.

(For the record, I can reproduce the bug very easily that way).

Alternatively, if you prefer, I can create a virtual
machine for you to reproduce this failure in the same
framework used by Lucas to build packages (i.e. same machine,
with same CPU speed, same number of CPUs, etc). Please contact
me privately for details.

Thanks.

Bug#1054918: RFS: python-disptrans/0.0.1-1 [ITP] -- Dispersion-Compensated Algorithm

[Yogeswaran Umasankar]

Package: sponsorship-requests
Severity: wishlist
X-Debbugs-Cc: kd8...@gmail.com

Package: sponsorship-requests
Severity: wishlist

Dear mentors,

I am looking for a sponsor for my package "python-disptrans":

 * Package name : python-disptrans
   Version  : 0.0.1-1
   Upstream contact : John Garrett 
 * URL  : https://github.com/garrettj403/DispersionTransform
 * License  : MIT
 * Vcs  : https://salsa.debian.org/yogu/python-disptrans
   Section  : python

The source builds the following binary packages:

  python3-disptrans - Dispersion-Compensated Algorithm

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/python-disptrans/

Alternatively, you can download the package with 'dget' using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/p/python-disptrans/python-disptrans_0.0.1-1.dsc

Changes for the initial release:

 python-disptrans (0.0.1-1) unstable; urgency=medium
 .
   * Initial release. (Closes: #1054916)

Regards,
-- 
  Yogeswaran Umasankar

Bug#1054917: evolution-ews: Importing ics calendar to Exchange server gets TZ wrong

[Jeremy Bícha]

On Sat, Oct 28, 2023 at 12:21 PM Andrew Perrin
 wrote:
> Importing .ics calendar files downloaded from elsewhere, for example
> sports schedules
> from GoHeels.com, that have DTSTART and DTEND fields demarcated in UTC
> with Z at the end to
> identify

Could you report this issue to the upstream developers and reply here
with the link to the issue?

https://gitlab.gnome.org/GNOME/evolution-ews/-/issues

Thank you,
Jeremy Bícha

Bug#1054917: evolution-ews: Importing ics calendar to Exchange server gets TZ wrong

[Andrew Perrin]

Package: evolution-ews
Version: 3.50.0-1
Severity: normal

Dear Maintainer,

   * What led up to the situation?
Importing .ics calendar files downloaded from elsewhere, for example
sports schedules
from GoHeels.com, that have DTSTART and DTEND fields demarcated in UTC
with Z at the end to 
identify

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
Importing to an Exchange calendar connected to Evolution results in the
event's time being
set to the UTC time in the local time zone - for example, an event with
DTSTART:20230909T211500Z
DTEND:20230910T001500Z

is imported as starting at 9:15 pm Eastern (my local time zone) and
ending the following
day at 12:15 am Eastern. The correct time would be 5:15 pm - 8:15 pm
Eastern.

Importing the same .ics file to a local calendar via Evolution sets the
time zone as
expected, and importing the same .ics file to the Exchange calendar via
Office 365 
(web interface) sets the time zone as expected, so I believe the
problem is with 
Evolution's interface with the Exchange calendar.

Thank you for your work!

-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-9-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages evolution-ews depends on:
ii  evolution3.50.0-1
ii  evolution-data-server3.50.0-1
ii  libc62.37-12
ii  libcamel-1.2-64  3.50.0-1
ii  libebackend-1.2-11   3.50.0-1
ii  libebook-1.2-21  3.50.0-1
ii  libebook-contacts-1.2-4  3.50.0-1
ii  libecal-2.0-23.50.0-1
ii  libedata-book-1.2-27 3.50.0-1
ii  libedata-cal-2.0-2   3.50.0-1
ii  libedataserver-1.2-273.50.0-1
ii  libedataserverui-1.2-4   3.50.0-1
ii  libevolution 3.50.0-1
ii  libglib2.0-0 2.78.0-2
ii  libgtk-3-0   3.24.38-5
ii  libical3 3.0.16-1+b1
ii  libjson-glib-1.0-0   1.8.0-1
ii  libmspack0   0.11-1
ii  libpango-1.0-0   1.51.0+ds-2
ii  libsoup-3.0-03.4.3-1
ii  libxml2  2.9.14+dfsg-1.3

evolution-ews recommends no packages.

evolution-ews suggests no packages.

-- no debconf information

Bug#1054916: ITP: python-disptrans -- Dispersion-Compensated Algorithm

[Yogeswaran Umasankar]

Package: wnpp
Severity: wishlist
Owner: Yogeswaran Umasankar 
X-Debbugs-Cc: debian-de...@lists.debian.org, kd8...@gmail.com

* Package name: python-disptrans
  Version : 0.0.1
  Upstream Contact: John Garrett 
* URL : https://github.com/garrettj403/DispersionTransform
* License : MIT
  Programming Lang: Python
  Description : Dispersion-Compensated Algorithm

It is an algorithm for the analysis for electromagnetic
waveguides. It allows one to map dispersive waveguide data
from the frequency-domain to distance-domain, and vice versa.

The benefit of this approach, compared to a standard
Fourier transform, is that this algorithm compensates for
dispersion. It is useful in physics and astrophysics.

Bug#1054425: Magic number in kernel debug log?

[peter]

P.s. 
The kernel debug log begins with this line.
-- Boot 720069fc22b3471f99ed70cb082b8a7b --

I haven't found a UUID matching "7200 ... b".  Where is that magic 
number obtained?

Regards, ... P.

- 
VoIP:   +1 604 670 0140
work: https://en.wikibooks.org/wiki/User:PeterEasthope

Bug#1054915: bookworm-pu: package freerdp2/2.11.2+dfsg1-1~deb12u1

[Tobias Frost]

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: freer...@packages.debian.org, t...@security.debian.org
Control: affects -1 + src:freerdp2

I'm asking for pre-approval to update freerdp2 from 2.10.0 to 
2.11.2.

The changes from 2.10.0 to 2.11.2 are mainly targeting security
fixes (12 CVE's, see security tracker [1] for details),

[1] https://security-tracker.debian.org/tracker/source-package/freerdp2

upstream changelog is at
https://github.com/FreeRDP/FreeRDP/blob/stable-2.0/ChangeLog
all commits are:
https://github.com/FreeRDP/FreeRDP/compare/2.10.0...2.11.2

When working on the LTS updates, I've been in contact in contact with the
maintainer and one of the upstream maintainer and checked with them
about feasbility and e.g confirmed that the new upstream version is ABI
compatible. I've tested reverse dependencies (remmina, vinagre,
gnome-connections) against a Windows 10 RDP host and confirmed packages
are still working. 

Backporting the fixes is of course possible, but bears a significant
risk for regression, therefor I would prefer to use the new upstream
version, given also that upstream changes are only a few and fixing
also a few bugs that would be nice to be fixed.

As far as I understood it, the maintainers would also prefer the new
version over patching the one in stable. (They are in CC, so can
intervene if I got that wrong…)

If this is a viable route, please let me know and I will prepare a
debdiff for a the real approval.

-- 
Cheers,
tobi

Bug#1054889: linux-image-6.5.0-2-amd64: Kernel 6.5 amdgpu, with refreshrate above 120Hz, black screen appears when certain graphical element appear

[Diederik de Haas]

Please, always keep the bug address in To/CC so everyone can track progress.

On zaterdag 28 oktober 2023 14:17:29 CEST you wrote:
> I'm sorry. I don't know how to install the rc kernel. I have downloaded it
> and tried both apt and dpkg but it does not install. Am I missing som
> packages to be able to install?

https://snapshot.debian.org/package/linux-signed-amd64/6.5~rc4%2B1~exp1/#linux-image-rt-amd64_6.5:7e:rc4-1:7e:exp1
would be the .deb file you'd need to install.

Without the actual commands you tried and/or an error message and/or
console log output, I don't know what or if something is missing.

signature.asc
Description: This is a digitally signed message part.

Bug#1054819: ezdxf: FTBFS: make[2]: *** [Makefile:44: html] Error 2

[Bdale Garbee]

Lucas Nussbaum  writes:

> During a rebuild of all packages in sid, your package failed to build
> on amd64.

I am unable to reproduce this problem building in a fresh, minimal sid
chroot environment.  Is this a repeatable failure?  If so, any thoughts
on what might cause it to fail in your build environment but not in my
cowbuilder chroot environment?

Bdale


signature.asc
Description: PGP signature

Bug#1000003: (no subject)

[Fredrik Roubert]

An update to switch pdfgrep to use PCRE2 is pending in review upstream:

https://gitlab.com/pdfgrep/pdfgrep/-/merge_requests/17

Bug#1025708: bullseye-pu: package debootstrap/1.0.123+deb11u2

[Cyril Brulebois]

Simon McVittie  (2023-10-28):
> I believe dpkg-source defaults to the equivalent of `dpkg-source -I`
> for 3.0 (native) format packages, which ignores some files that would
> normally appear in git, notably .gitignore.
> 
> I normally use
> DEBUILD_DPKG_BUILDPACKAGE_OPTS="-us -uc -I.*.sw? -I.sw? -I.git" which
> disables the default `-I` and instead excludes .git but not .gitignore,
> making the uploaded source package exactly equivalent to what's in git
> (and as a result, more dgit-friendly).

Alright, that explains it then.

> If you would prefer any subsequent uploads of d-i-related components
> to always exclude the .gitignore, I'll try to remember that for the
> future.

Until 3.0 (git) was used everywhere, it was very customary to have some
differences in successive uploads, depending on who was uploading, and
whether -i/-I was used; it's not a huge deal, and only means a little
noise when reviewing diffs.

Whatever is fine with SRMs is fine with me. (It just happened to
surprise me a little when I compared a local source build with what was
uploaded and is available on coccia, since I built from my local repo
as usual instead of thinking about downloading your source packages from
the get-go.)


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1050868: bookworm-pu: package debootstrap/1.0.128+nmu2+deb12u1

[Cyril Brulebois]

Cyril Brulebois  (2023-10-15):
> Simon McVittie  (2023-10-15):
> > I have attempted to test the proposed version in d-i. I am not an
> > expert on d-i, but I hope what I have done here is approximately
> > correct:
> […]
> > I hope this is helpful information.
> 
> That's decent testing, yes, thanks.
> 
> The pu/opu review on my side should be happening in a couple of days
> anyway.

Test results look good to me too, feel free to go ahead.

(With the same unimportant proviso about debian/.gitignore)


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1054898: piuparts.d.o: overhaul merged-/usr configuration to match the majority of installed systems (was: piuparts: drop unmerged-usr sid configuration for debci)

[Luca Boccassi]

On Sat, 28 Oct 2023 at 16:11, Nicolas Dandrimont  wrote:
>
> Bcc:
> Reply-To:
> Control: retitle -1 piuparts.d.o: overhaul merged-/usr configuration to match 
> the majority of installed systems
> Control: tags -1 - patch
>
> Cc'ing Helmut & the release team as a heads-up.
>
> Hi Luca,
>
> Thanks for submitting this bug and proposing a patch. To recap, piuparts tests
> in sid are currently broken because the usr-is-merged package fails to upgrade
> since it's removed support for the exemption flag (as piuparts uses
> unmerged-/usr chroots with the flag file, which is not supported anymore).
>
> Before rushing to fix this with one more hack, I'd like to have a look at what
> we want piuparts to be testing from first principles again.
>
> In short, I think we've made a mistake by having piuparts use unmerged-/usr
> chroots during the bookworm development cycle, and I'd like to fix that now.
>
> As far as I understand, this is our "support matrix"
>
> | distro | build chroots | installed system support  | layout for 
> new installs |
> | -- | - | - | 
> --- |
> | sid () | merged-/usr   | merged-/usr only  | merged 
>  |
> | trixie | merged-/usr   | merged-/usr only  | merged 
>  |
> | bookworm   | unmerged-/usr | merged-/usr only  | merged 
>  |
> | bullseye   | unmerged-/usr | merged or unmerged| merged 
>  |
> | buster | unmerged-/usr | merged or unmerged| merged 
>  |
> | stretch| unmerged-/usr | unmerged or merged (experimental) | unmerged   
>  |
> | jessie | unmerged-/usr | unmerged-/usr only| unmerged   
>  |
>
> In practice, as piuparts has been running almost exclusively on unmerged-/usr
> chroots, and only running a narrow set of sid tests on merged-/usr chroots, it
> has been running its (package install and upgrade) tests mostly against a
> non-default setup, catching issues that would have been most relevant for 
> build
> chroots.
>
> I believe that we should be doing the following now:
>
>  - Update the piuparts config to default to generating and using merged-/usr
>chroots for all suites. Upload piuparts to sid.
>  - Replace all base chroots from buster and up on piuparts.debian.org with
>merged-/usr chroots
>  - (maybe) add unmerged variants of the bullseye-pu and bookworm-pu tests to 
> make
>sure we can still use these packages in buildd chroots
>
> There is the question of what to do for piuparts.d.o tests that involve
> upgrading the base chroot across the unmerged-/usr support boundary, but
> switching over to only using merged-/usr base chroots for buster and up will
> alleviate that (I don't think we have any archaeological tests starting from
> stretch running anymore).
>
> Alternatively, I've poked a little bit at running the usrmerge script in a
> pre_distupgrade piuparts hook, which is a bit awkward as these hooks are run
> after the sources.list is updated for the target suite. It's just a matter of
> adding a new class of hooks (pre_sourceslistupdate or something) and
> implementing usrmerge in that. I'm not sure it's worth the hassle compared to
> the efforts already put into dumat.
>
> As far as I can tell, to guard testing migration, the release team is
> comparing the results of piuparts running on the package in trixie, with
> the results of piuparts running on the package in sid. I'm not sure that
> upgrades (that is, testing2sid) are involved, so, as long as the chroots
> are consistent between the trixie tests and the sid tests, these exports
> should keep making sense for the release team.
>
> Does my reasoning make sense?

Your reasoning makes sense to me, thanks.

At this point we are already past the upgrade-across-boundary phase,
so I wouldn't spend extra time on that.

Bug#1054697: [3dprinter-general] Bug#1054697: slic3r-prusa: FTBFS: test_arrange.cpp:1:10: fatal error: catch2/catch.hpp: No such file or directory

[Christoph Berg]

Re: Gregor Riepl
> > fatal error: catch2/catch.hpp: No such file or directory
> 
> This is caused by significant changes in catch2 3.4.0.
> Some other packages are affected by the same problem, which currently blocks
> migration: https://qa.debian.org/excuses.php?package=catch2
> 
> I think this bug should be:
> 
> reassign -1 catch2
> affects -1 slic3r-prusa
> 
> Are there any objections if I do this?

If that's an intentional upstream change, reassigning to catch2 won't
help as it's not a bug in that package.

Christoph

Bug#1054898: piuparts.d.o: overhaul merged-/usr configuration to match the majority of installed systems (was: piuparts: drop unmerged-usr sid configuration for debci)

[Nicolas Dandrimont]

Bcc:
Reply-To:
Control: retitle -1 piuparts.d.o: overhaul merged-/usr configuration to match 
the majority of installed systems
Control: tags -1 - patch

Cc'ing Helmut & the release team as a heads-up.

Hi Luca,

Thanks for submitting this bug and proposing a patch. To recap, piuparts tests
in sid are currently broken because the usr-is-merged package fails to upgrade
since it's removed support for the exemption flag (as piuparts uses
unmerged-/usr chroots with the flag file, which is not supported anymore).

Before rushing to fix this with one more hack, I'd like to have a look at what
we want piuparts to be testing from first principles again.

In short, I think we've made a mistake by having piuparts use unmerged-/usr
chroots during the bookworm development cycle, and I'd like to fix that now.

As far as I understand, this is our "support matrix"

| distro | build chroots | installed system support  | layout for 
new installs |
| -- | - | - | 
--- |
| sid () | merged-/usr   | merged-/usr only  | merged   
   |
| trixie | merged-/usr   | merged-/usr only  | merged   
   |
| bookworm   | unmerged-/usr | merged-/usr only  | merged   
   |
| bullseye   | unmerged-/usr | merged or unmerged| merged   
   |
| buster | unmerged-/usr | merged or unmerged| merged   
   |
| stretch| unmerged-/usr | unmerged or merged (experimental) | unmerged 
   |
| jessie | unmerged-/usr | unmerged-/usr only| unmerged 
   |

In practice, as piuparts has been running almost exclusively on unmerged-/usr
chroots, and only running a narrow set of sid tests on merged-/usr chroots, it
has been running its (package install and upgrade) tests mostly against a
non-default setup, catching issues that would have been most relevant for build
chroots.

I believe that we should be doing the following now:

 - Update the piuparts config to default to generating and using merged-/usr
   chroots for all suites. Upload piuparts to sid.
 - Replace all base chroots from buster and up on piuparts.debian.org with
   merged-/usr chroots
 - (maybe) add unmerged variants of the bullseye-pu and bookworm-pu tests to 
make
   sure we can still use these packages in buildd chroots

There is the question of what to do for piuparts.d.o tests that involve
upgrading the base chroot across the unmerged-/usr support boundary, but
switching over to only using merged-/usr base chroots for buster and up will
alleviate that (I don't think we have any archaeological tests starting from
stretch running anymore).

Alternatively, I've poked a little bit at running the usrmerge script in a
pre_distupgrade piuparts hook, which is a bit awkward as these hooks are run
after the sources.list is updated for the target suite. It's just a matter of
adding a new class of hooks (pre_sourceslistupdate or something) and
implementing usrmerge in that. I'm not sure it's worth the hassle compared to
the efforts already put into dumat.

As far as I can tell, to guard testing migration, the release team is
comparing the results of piuparts running on the package in trixie, with
the results of piuparts running on the package in sid. I'm not sure that
upgrades (that is, testing2sid) are involved, so, as long as the chroots
are consistent between the trixie tests and the sid tests, these exports
should keep making sense for the release team.

Does my reasoning make sense?

Thanks,
--
Nicolas Dandrimont
Date: Sat, 28 Oct 2023 17:10:24 +0200
Message-ID: <87v8aqzstb@dandrimont.eu>


signature.asc
Description: PGP signature

Bug#1031291: uchardet: New upstream release (0.0.8, 2022-12-08)

[Florian Ernst]

Hello James,

On Sun, Jul 09, 2023 at 03:54:18PM +0200, Florian Ernst wrote:
> [...]
> However, I was wondering what your plans with respect to this package
> are, for I didn't notice much Debian activity from your side recently.
> Maybe I simply failed to look at the correct places, and if so I
> apologize for the notion. But maybe you are indeed busy with other
> things, and if so, I'd like to offer to help out and/or take over,
> depending on your preferences. Please just let me know.

Could you please comment on this. Thank you.

Cheers,
Flo


signature.asc
Description: PGP signature

Bug#1054914: orthanc-dicomweb: An unknown command in CMakeLists.txt encountered while attempting to build the orthanc-dicomweb_1.15 package.

[Komolehin Israel Timilehin]

Package: orthanc-dicomweb
Version: 1.15+dfsg-1
Severity: normal
X-Debbugs-Cc: komolehinisr...@gmail.com

Dear Maintainer,

During the build process, I encountered the following error:

CMake Error at CMakeLists.txt:208 (DefineSourceBasenameForTarget):
  Unknown CMake command "DefineSourceBasenameForTarget".
This error seems to be related to an unknown CMake command used in the 
CMakeLists.txt file.



-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-21-amd64 (SMP w/4 CPU threads)
Locale: LANG=en_NG, LC_CTYPE=en_NG (charmap=UTF-8), LANGUAGE=en_NG:en
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect

Versions of packages orthanc-dicomweb depends on:
ii  libboost-filesystem1.74.0  1.74.0+ds1-23
ii  libboost-iostreams1.74.0   1.74.0+ds1-23
ii  libboost-locale1.74.0  1.74.0+ds1-23
ii  libboost-regex1.74.0 [libboost-regex1.74.0-icu72]  1.74.0+ds1-23
ii  libboost-thread1.74.0  1.74.0+ds1-23
ii  libc6  2.37-12
ii  libdcmtk17 3.6.7-9
ii  libgcc-s1  13.2.0-5
ii  libjsoncpp25   1.9.5-6
ii  libpugixml1v5  1.14-0.1
ii  libstdc++6 13.2.0-5
ii  libuuid1   2.39.2-4
ii  orthanc1.12.1+dfsg-4

orthanc-dicomweb recommends no packages.

orthanc-dicomweb suggests no packages.

-- no debconf information

Bug#1054913: twisted: CVE-2023-46137: Disordered HTTP pipeline response in twisted.web

[Salvatore Bonaccorso]

Source: twisted
Version: 22.4.0-4
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for twisted.

CVE-2023-46137[0]:
| Twisted is an event-based framework for internet applications. Prior
| to version 23.10.0rc1, when sending multiple HTTP requests in one
| TCP packet, twisted.web will process the requests asynchronously
| without guaranteeing the response order. If one of the endpoints is
| controlled by an attacker, the attacker can delay the response on
| purpose to manipulate the response of the second request when a
| victim launched two requests using HTTP pipeline. Version 23.10.0rc1
| contains a patch for this issue.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-46137
https://www.cve.org/CVERecord?id=CVE-2023-46137
[1] https://github.com/twisted/twisted/security/advisories/GHSA-xc8x-vp79-p3wm

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1054912: opensearch: CVE-2023-45807 CVE-2023-31141 CVE-2023-23613 CVE-2023-23612

[Moritz Mühlenhoff]

Source: opensearch
X-Debbugs-CC: t...@security.debian.org
Severity: important
Tags: security

Hi,

The following vulnerabilities were published for opensearch.

It's not fully clear to me which affect the bits packaged in Debian
and which not.

CVE-2023-45807[0]:
| OpenSearch is a community-driven, open source fork of Elasticsearch
| and Kibana following the license change in early 2021. There is an
| issue with the implementation of tenant permissions in OpenSearch
| Dashboards where authenticated users with read-only access to a
| tenant can perform create, edit and delete operations on index
| metadata of dashboards and visualizations in that tenant,
| potentially rendering them unavailable. This issue does not affect
| index data, only metadata. Dashboards correctly enforces read-only
| permissions when indexing and updating documents. This issue does
| not provide additional read access to data users don’t already have.
| This issue can be mitigated by disabling the tenants functionality
| for the cluster. Versions 1.3.14 and 2.11.0 contain a fix for this
| issue.

https://github.com/opensearch-project/security/security/advisories/GHSA-72q2-gwwf-6hrv

CVE-2023-31141[1]:
| OpenSearch is open-source software suite for search, analytics, and
| observability applications. Prior to versions 1.3.10 and 2.7.0,
| there is an issue with the implementation of fine-grained access
| control rules (document-level security, field-level security and
| field masking) where they are not correctly applied to the queries
| during extremely rare race conditions potentially leading to
| incorrect access authorization. For this issue to be triggered, two
| concurrent requests need to land on the same instance exactly when
| query cache eviction happens, once every four hours. OpenSearch
| 1.3.10 and 2.7.0 contain a fix for this issue.

https://github.com/opensearch-project/security/security/advisories/GHSA-g8xc-6mf7-h28h

CVE-2023-23613[2]:
| OpenSearch is an open source distributed and RESTful search engine.
| In affected versions there is an issue in the implementation of
| field-level security (FLS) and field masking where rules written to
| explicitly exclude fields are not correctly applied for certain
| queries that rely on their auto-generated .keyword fields. This
| issue is only present for authenticated users with read access to
| the indexes containing the restricted fields. This may expose data
| which may otherwise not be accessible to the user. OpenSearch
| 1.0.0-1.3.7 and 2.0.0-2.4.1 are affected. Users are advised to
| upgrade to OpenSearch 1.3.8 or 2.5.0. Users unable to upgrade may
| write explicit exclusion rules as a workaround. Policies authored in
| this way are not subject to this issue.

https://github.com/opensearch-project/security/security/advisories/GHSA-v3cg-7r9h-r2g6

CVE-2023-23612[3]:
| OpenSearch is an open source distributed and RESTful search engine.
| OpenSearch uses JWTs to store role claims obtained from the Identity
| Provider (IdP) when the authentication backend is SAML or OpenID
| Connect. There is an issue in how those claims are processed from
| the JWTs where the leading and trailing whitespace is trimmed,
| allowing users to potentially claim roles they are not assigned to
| if any role matches the whitespace-stripped version of the roles
| they are a member of. This issue is only present for authenticated
| users, and it requires either the existence of roles that match, not
| considering leading/trailing whitespace, or the ability for users to
| create said matching roles. In addition, the Identity Provider must
| allow leading and trailing spaces in role names. OpenSearch
| 1.0.0-1.3.7 and 2.0.0-2.4.1 are affected. Users are advised to
| upgrade to OpenSearch 1.3.8 or 2.5.0. There are no known workarounds
| for this issue.

https://github.com/opensearch-project/security/security/advisories/GHSA-864v-6qj7-62qj

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-45807
https://www.cve.org/CVERecord?id=CVE-2023-45807
[1] https://security-tracker.debian.org/tracker/CVE-2023-31141
https://www.cve.org/CVERecord?id=CVE-2023-31141
[2] https://security-tracker.debian.org/tracker/CVE-2023-23613
https://www.cve.org/CVERecord?id=CVE-2023-23613
[3] https://security-tracker.debian.org/tracker/CVE-2023-23612
https://www.cve.org/CVERecord?id=CVE-2023-23612

Please adjust the affected versions in the BTS as needed.

Bug#1054338: debian-edu-artwork: fails to remove, update-debian-edu-artwork-emerald: not found

[Mike Gabriel]

Hi,

On  Mo 23 Okt 2023 09:01:00 CEST, Guido Berhoerster wrote:


update-debian-edu-artwork is provided by debian-edu-artwork, however
there is only a weak Recommends dependency of the subpackages
debian-edu-artwork-emerald on the main package whereas the main package
has a strong dependency on any of the subpackages.

Adding a Requires on the main package creates a dependency loop which
would as far as I understand the policy manual be broken arbitrarily, so
it doesn't seem to be a good solution.

The most simple fix I can think of would be to copy the script into each
subpackage instead of symlinking it, that way we don't have to maintain
multiple copies.


I like this approach for the d-e-a version that we want to bring to  
bookworm as it does not require changing the bin:pkg arrangement.



However I'm wondering why the package is set up the way it is, couldn't
we rename debian-edu-artwork to debian-edu-artwork-common, make the
theme subpackages require that and turn debian-edu-artwork into a
virtual package provided by each theme subpackage?


This we should revisit for d-e-a in Debian Edu trixie. Please file an  
extra bug for this.


Mike
--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de



pgpOtA6Xsq7Ov.pgp
Description: Digitale PGP-Signatur

Bug#1054911: important: CVE-2023-45661 CVE-2023-45662 CVE-2023-45663 CVE-2023-45664 CVE-2023-45666 CVE-2023-45667 CVE-2023-45675 CVE-2023-45676 CVE-2023-45677 CVE-2023-45678 CVE-2023-45679 CVE-2023-45

[Moritz Mühlenhoff]

Source: important
X-Debbugs-CC: t...@security.debian.org
Severity: libstb
Tags: security

Hi,

The following vulnerabilities were published for important.

CVE-2023-45661[0]:
| stb_image is a single file MIT licensed library for processing
| images. A crafted image file may trigger out of bounds memcpy read
| in `stbi__gif_load_next`. This happens because two_back points to a
| memory address lower than the start of the buffer out. This issue
| may be used to leak internal memory allocation information.

https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
 (issue 1)
https://github.com/nothings/stb/issues/1538
https://github.com/nothings/stb/pull/1539

CVE-2023-45662[1]:
| stb_image is a single file MIT licensed library for processing
| images. When `stbi_set_flip_vertically_on_load` is set to `TRUE` and
| `req_comp` is set to a number that doesn’t match the real number of
| components per pixel, the library attempts to flip the image
| vertically. A crafted image file can trigger `memcpy` out-of-bounds
| read because `bytes_per_pixel` used to calculate `bytes_per_row`
| doesn’t match the real image array dimensions.

https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
 (issue 2)
https://github.com/nothings/stb/issues/1540
https://github.com/nothings/stb/pull/1541

CVE-2023-45663[2]:
| stb_image is a single file MIT licensed library for processing
| images. The stbi__getn function reads a specified number of bytes
| from context (typically a file) into the specified buffer. In case
| the file stream points to the end, it returns zero. There are two
| places where its return value is not checked: In the
| `stbi__hdr_load` function and in the `stbi__tga_load` function. The
| latter of the two is likely more exploitable as an attacker may also
| control the size of an uninitialized buffer.

https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
 (issue 3)
https://github.com/nothings/stb/issues/1542
https://github.com/nothings/stb/pull/1543

CVE-2023-45664[3]:
| stb_image is a single file MIT licensed library for processing
| images. A crafted image file can trigger
| `stbi__load_gif_main_outofmem` attempt to double-free the out
| variable. This happens in `stbi__load_gif_main` because when the
| `layers * stride` value is zero the behavior is implementation
| defined, but common that realloc frees the old memory and returns
| null pointer. Since it attempts to double-free the memory a few
| lines below the first “free”, the issue can be potentially exploited
| only in a multi-threaded environment. In the worst case this may
| lead to code execution.

https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
 (issue 4)
https://github.com/nothings/stb/issues/1542
https://github.com/nothings/stb/pull/1545

CVE-2023-45666[4]:
| stb_image is a single file MIT licensed library for processing
| images.  It may look like `stbi__load_gif_main` doesn’t give
| guarantees about the content of output value `*delays` upon failure.
| Although it sets `*delays` to zero at the beginning, it doesn’t do
| it in case the image is not recognized as GIF and a call to
| `stbi__load_gif_main_outofmem` only frees possibly allocated memory
| in `*delays` without resetting it to zero. Thus it would be fair to
| say the caller of `stbi__load_gif_main` is responsible to free the
| allocated memory in `*delays` only if `stbi__load_gif_main` returns
| a non null value. However at the same time the function may return
| null value, but fail to free the memory in `*delays` if internally
| `stbi__convert_format` is called and fails. Thus the issue may lead
| to a memory leak if the caller chooses to free `delays` only when
| `stbi__load_gif_main` didn’t fail or to a double-free if the
| `delays` is always freed

https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
 (issue 6)
https://github.com/nothings/stb/issues/1548
https://github.com/nothings/stb/pull/1549

CVE-2023-45667[5]:
| stb_image is a single file MIT licensed library for processing
| images.  If `stbi__load_gif_main` in `stbi_load_gif_from_memory`
| fails it returns a null pointer and may keep the `z` variable
| uninitialized. In case the caller also sets the flip vertically
| flag, it continues and calls `stbi__vertical_flip_slices` with the
| null pointer result value and the uninitialized `z` value. This may
| result in a program crash.

https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
 (issue 7)
https://github.com/nothings/stb/issues/1550
https://github.com/nothings/stb/pull/1551

CVE-2023-45675[6]:
| stb_vorbis is a single file MIT licensed library for processing ogg
| vorbis files. A crafted file may trigger out of bounds write in
| `f->vendor[len] = (char)'\0';`. The root cause is that if the len
| read in `start_decoder` is `-1` and `len + 1` becomes 0 when passed
| to `setup_malloc`. The 

Bug#1054910: important: CVE-2020-18770

[Moritz Mühlenhoff]

Source: important
X-Debbugs-CC: t...@security.debian.org
Severity: zziplib
Tags: security

Hi,

The following vulnerability was published for important.

CVE-2020-18770[0]:
| An issue was discovered in function zzip_disk_entry_to_file_header
| in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-
| service.

https://github.com/gdraheim/zziplib/issues/69
 

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-18770
https://www.cve.org/CVERecord?id=CVE-2020-18770

Please adjust the affected versions in the BTS as needed.

Bug#1054054: shorewall-init: Please provide native NetworkManager hook scripts

[Jeremy Sowden]

On 2023-10-28, at 15:11:15 +0200, Michael Biebl wrote:
> On Sat, 21 Oct 2023 11:44:25 +0100 Jeremy Sowden  wrote:
> > On 2023-10-21, at 11:53:54 +0300, Vincas Dargis wrote:
> > > I've noticed NEWS after NetworkManager upgrade about no longer supporting
> > > if-* scripts, and now `shorewall status` says `Shorewall is stopped` :/ .
> > > > Any ideas how to "workaround" it?
> > 
> > I am working on a fix atm.  My plan is to add a dispatcher script for
> > Shorwall that calls the ifupdown script to the shorewall-init package.
> > The script installed by the package will go into:
> > 
> >   /usr/lib/NetworkManager/dispatcher.d
> > 
> > If you choose to install one manually it goes into:
> > 
> >   /etc/NetworkManager/dispatcher.d
> > 
> > The script will look something like the attached (currently untested).
> 
> Please consider adding a native hook script and not simply calling the
> if-up.d script from the NM hook script. This is no
> 
> If there is shared functionality, this should be placed into a script in
> /usr/lib/$pkg and be called from both if-up.d and the NM-dispatcher hook.

As it happens, upstream installs the same ifupdown script in
/usr/share/shorewall-init/ as well as /etc/network/if-*.d/.  The Fedora
and SUSE versions, which have been extended to allow them to be used as
NM dispatcher scripts, are additionally installed in
/etc/NetworkManger/dispatcher.d/.  Lots of duplication.  The refactoring
you suggest would certainly be an improvement.  The current solution,
which does at least get the functionality working again, was uploaded
this morning, but, as I say, your proposal makes sense, so I will come
back to this when I get a moment.

J.


signature.asc
Description: PGP signature

Bug#1054909: grave: CVE-2023-46604

[Moritz Mühlenhoff]

Source: grave
X-Debbugs-CC: t...@security.debian.org
Severity: activemq
Tags: security

Hi,

The following vulnerability was published for grave.

CVE-2023-46604[0]:
| Apache ActiveMQ is vulnerable to Remote Code Execution.The
| vulnerability may allow a remote attacker with network access to a
| broker to run arbitrary shell commands by manipulating serialized
| class types in the OpenWire protocol to cause the broker to
| instantiate any class on the classpath.   Users are recommended to
| upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes
| this issue.

https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
http://www.openwall.com/lists/oss-security/2023/10/27/5


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-46604
https://www.cve.org/CVERecord?id=CVE-2023-46604

Please adjust the affected versions in the BTS as needed.

Bug#1054908: important: CVE-2023-46570 CVE-2023-46569

[Moritz Mühlenhoff]

Source: important
X-Debbugs-CC: t...@security.debian.org
Severity: radare2
Tags: security

Hi,

The following vulnerabilities were published for important.

CVE-2023-46570[0]:
| An out-of-bounds read in radare2 v.5.8.9 and before exists in the
| print_insn32 function of libr/arch/p/nds32/nds32-dis.h.

https://github.com/radareorg/radare2/issues/22333
Fixed by: 
https://github.com/radareorg/radare2/commit/3e406459f163eba7672b3421c8a84b2c0e4ac0f8

CVE-2023-46569[1]:
| An out-of-bounds read in radare2 v.5.8.9 and before exists in the
| print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.

https://github.com/radareorg/radare2/issues/22334
Fixed by: 
https://github.com/radareorg/radare2/commit/2e2f2a9b1800d09be09461e7536ac03a301f97f2

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-46570
https://www.cve.org/CVERecord?id=CVE-2023-46570
[1] https://security-tracker.debian.org/tracker/CVE-2023-46569
https://www.cve.org/CVERecord?id=CVE-2023-46569

Please adjust the affected versions in the BTS as needed.

Bug#1052045: Additional dalek crates

[Jonas Smedegaard]

Hi Matthias,

Quoting Matthias Geiger (2023-10-09 18:22:36)
> I saw you filing this ITP for ed25519-dalek. The main source repo 
> contains also curve25519-dalek (+derive).
> 
> Do you also intend to package those two crates ? I'd need them for 
> noise-rust-crypto which in turn is needed by magic-wormhole-rs which I ITP.
> 
> I don't mind if you package all those from the same source; I just 
> wanted to know whether I should hold off my ITP for curve25519-dalek.

Sorry for the late response.

Yes, it makes good sense for me to maintain the other crates in same
monorepo as one Debian source package.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

signature.asc
Description: signature

Bug#1054907: linux-image-6.1.0-12-amd64: i801_smbus stops boot sometimes

[Mauro]

Package: src:linux
Version: 6.1.52-1
Severity: important
X-Debbugs-Cc: mauro.dar...@posta.istruzione.it

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
Sometimes boot stops indefinitely. The following messages appear:
i801_smbus transaction timeout
i801_smbus failed terminating the transaction
i801_smbus SMBUS is busy, can't use it
 
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
I have tried blacklisting the i2c kernel module. It was ineffective.



-- Package-specific info:
** Version:
Linux version 6.1.0-12-amd64 (debian-ker...@lists.debian.org) (gcc-12 (Debian 
12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP 
PREEMPT_DYNAMIC Debian 6.1.52-1 (2023-09-07)

** Command line:
BOOT_IMAGE=/boot/vmlinuz-6.1.0-12-amd64 
root=UUID=5ee2e893-2c97-4109-b228-55ffce9d2c85 ro ro quiet splash 
i915.enable_psr=0

** Tainted: U (64)
 * taint requested by userspace application

** Kernel log:
[3.992854] usb 3-6: Found UVC 1.50 device HD Webcam (04f2:b71a)
[3.995523] snd_hda_intel :00:1f.3: enabling device ( -> 0002)
[3.996219] snd_hda_intel :00:1f.3: bound :00:02.0 (ops 
i915_audio_component_bind_ops [i915])
[4.058131] snd_hda_codec_realtek hdaudioC0D0: autoconfig for ALC256: 
line_outs=1 (0x14/0x0/0x0/0x0/0x0) type:speaker
[4.058136] snd_hda_codec_realtek hdaudioC0D0:speaker_outs=0 
(0x0/0x0/0x0/0x0/0x0)
[4.058138] snd_hda_codec_realtek hdaudioC0D0:hp_outs=1 
(0x21/0x0/0x0/0x0/0x0)
[4.058139] snd_hda_codec_realtek hdaudioC0D0:mono: mono_out=0x0
[4.058140] snd_hda_codec_realtek hdaudioC0D0:inputs:
[4.058141] snd_hda_codec_realtek hdaudioC0D0:  Mic=0x19
[4.058142] snd_hda_codec_realtek hdaudioC0D0:  Internal Mic=0x12
[4.090831] input: HD Webcam: HD Webcam as 
/devices/pci:00/:00:14.0/usb3/3-6/3-6:1.0/input/input11
[4.093177] iwlwifi :00:14.3: Detected Intel(R) Wi-Fi 6 AX201 160MHz, 
REV=0x351
[4.093306] thermal thermal_zone2: failed to read out thermal zone (-61)
[4.094946] usb 3-6: Found UVC 1.50 device HD Webcam (04f2:b71a)
[4.113625] input: HD Webcam: IR Camera as 
/devices/pci:00/:00:14.0/usb3/3-6/3-6:1.2/input/input12
[4.113673] usbcore: registered new interface driver uvcvideo
[4.130871] Bluetooth: Core ver 2.22
[4.130897] NET: Registered PF_BLUETOOTH protocol family
[4.130899] Bluetooth: HCI device and connection manager initialized
[4.130904] Bluetooth: HCI socket layer initialized
[4.130907] Bluetooth: L2CAP socket layer initialized
[4.130912] Bluetooth: SCO socket layer initialized
[4.154224] usbcore: registered new interface driver btusb
[4.155225] Bluetooth: hci0: Bootloader revision 0.4 build 0 week 30 2018
[4.156233] Bluetooth: hci0: Device revision is 2
[4.156236] Bluetooth: hci0: Secure boot is enabled
[4.156238] Bluetooth: hci0: OTP lock is enabled
[4.156239] Bluetooth: hci0: API lock is enabled
[4.156240] Bluetooth: hci0: Debug lock is disabled
[4.156241] Bluetooth: hci0: Minimum firmware build 1 week 10 2014
[4.157678] bluetooth hci0: firmware: direct-loading firmware 
intel/ibt-19-0-4.sfi
[4.157683] Bluetooth: hci0: Found device firmware: intel/ibt-19-0-4.sfi
[4.157727] Bluetooth: hci0: Boot Address: 0x24800
[4.157728] Bluetooth: hci0: Firmware Version: 15-45.22
[4.170941] intel_rapl_msr: PL4 support detected.
[4.172617] intel_rapl_common: Found RAPL domain package
[4.172619] intel_rapl_common: Found RAPL domain core
[4.172620] intel_rapl_common: Found RAPL domain uncore
[4.172622] intel_rapl_common: Found RAPL domain psys
[4.181381] input: HDA Intel PCH Mic as 
/devices/pci:00/:00:1f.3/sound/card0/input13
[4.181412] input: HDA Intel PCH Headphone as 
/devices/pci:00/:00:1f.3/sound/card0/input14
[4.181433] input: HDA Intel PCH HDMI/DP,pcm=3 as 
/devices/pci:00/:00:1f.3/sound/card0/input15
[4.181453] input: HDA Intel PCH HDMI/DP,pcm=7 as 
/devices/pci:00/:00:1f.3/sound/card0/input16
[4.181474] input: HDA Intel PCH HDMI/DP,pcm=8 as 
/devices/pci:00/:00:1f.3/sound/card0/input17
[4.181499] input: HDA Intel PCH HDMI/DP,pcm=9 as 
/devices/pci:00/:00:1f.3/sound/card0/input18
[4.224974] iwlwifi :00:14.3: Detected RF HR B3, rfid=0x10a100
[4.291188] iwlwifi :00:14.3: base HW address: 40:1c:83:93:26:eb
[4.308208] iwlwifi :00:14.3 wlo1: renamed from wlan0
[4.742313] audit: type=1400 audit(1689025476.224:2): apparmor="STATUS" 
operation="profile_load" profile="unconfined" name="lsb_release" pid=609 
comm="apparmor_parser"
[4.742578] audit: type=1400 audit(1689025476.224:3): apparmor="STATUS" 
operation="profile_load" profile="unconfined" name="/usr/bin/man" pid=616 
comm="apparmor_parser"
[4.742581] audit: type=1400 audit(1689025476.224:4): apparmor="STATUS" 

Bug#1054906: fftw3: Please enable avx2

[Klaus Kudielka]

Source: fftw3
Severity: wishlist
Tags: patch
X-Debbugs-Cc: klaus.kudie...@gmail.com

Dear Maintainer,

please enable avx2 on Intel architectures, as it is probably available on most
Intel CPUs in the field today.

In my use cases (2D single-precision image transforms) this saves 20% execution
time on an i5-4570.

It should be as simple as:

diff --git a/debian/rules b/debian/rules
index 2467ec70..10c7ef9f 100755
--- a/debian/rules
+++ b/debian/rules
@@ -37,8 +37,8 @@ endif

 ifeq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
 ifneq (,$(filter $(DEB_HOST_ARCH), i386 amd64 x32))
-   archconfflags_single := --enable-sse --enable-avx
-   archconfflags_double := --enable-sse2 --enable-avx
+   archconfflags_single := --enable-sse --enable-avx --enable-avx2
+   archconfflags_double := --enable-sse2 --enable-avx --enable-avx2
 endif
 # no avx support in debian yet see #674760
 ifneq (,$(filter $(DEB_HOST_ARCH), kfreebsd-i386 kfreebsd-amd64))


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-2-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#1054905: linuxcnc: binary-any FTBFS

[Adrian Bunk]

Source: linuxcnc
Version: 2.9.1-1
Severity: serious
Tags: ftbfs

https://buildd.debian.org/status/logs.php?pkg=linuxcnc=2.9.1-1

...
   dh_install -a
install -m0755 -d debian/linuxcnc-uspace-dev//usr/bin
cp --reflink=auto -a debian/tmp/usr/bin/halcompile 
debian/tmp/usr/bin/modcompile debian/linuxcnc-uspace-dev//usr/bin/
install -m0755 -d debian/linuxcnc-uspace-dev//usr/include
cp --reflink=auto -a debian/tmp/usr/include/linuxcnc 
debian/linuxcnc-uspace-dev//usr/include/
install -m0755 -d debian/linuxcnc-uspace-dev//usr/lib
cp --reflink=auto -a debian/tmp/usr/lib/liblinuxcnc.a 
debian/tmp/usr/lib/liblinuxcnchal.so debian/tmp/usr/lib/liblinuxcncini.so 
debian/tmp/usr/lib/libnml.so debian/tmp/usr/lib/libposemath.so 
debian/tmp/usr/lib/libpyplugin.so debian/tmp/usr/lib/librs274.so 
debian/tmp/usr/lib/libtooldata.so debian/linuxcnc-uspace-dev//usr/lib/
install -m0755 -d debian/linuxcnc-uspace-dev//usr/share/linuxcnc
cp --reflink=auto -a debian/tmp/usr/share/linuxcnc/Makefile.modinc 
debian/tmp/usr/share/linuxcnc/mesa_modbus.c.tmpl 
debian/linuxcnc-uspace-dev//usr/share/linuxcnc/
install -m0755 -d debian/linuxcnc-uspace-dev//usr/share/man
cp --reflink=auto -a debian/tmp/usr/share/man/man3 
debian/linuxcnc-uspace-dev//usr/share/man/
install -m0755 -d debian/linuxcnc-uspace-dev//usr/share/man/man1
cp --reflink=auto -a debian/tmp/usr/share/man/man1/halcompile.1 
debian/linuxcnc-uspace-dev//usr/share/man/man1/
dh_install: warning: Cannot find (any matches for) "usr/share/glade3" (tried in 
., debian/tmp)

dh_install: warning: linuxcnc-uspace missing files: usr/share/glade3
dh_install: warning: Cannot find (any matches for) 
"usr/share/man/man1/hal_parport.1" (tried in ., debian/tmp)

dh_install: warning: linuxcnc-uspace missing files: 
usr/share/man/man1/hal_parport.1
install -m0755 -d debian/linuxcnc-uspace/
cp --reflink=auto -a debian/tmp/etc debian/linuxcnc-uspace//
install -m0755 -d debian/linuxcnc-uspace//usr/bin
cp --reflink=auto -a debian/tmp/usr/bin/5axisgui 
debian/tmp/usr/bin/axis debian/tmp/usr/bin/axis-remote 
debian/tmp/usr/bin/classicladder debian/tmp/usr/bin/debuglevel 
debian/tmp/usr/bin/elbpcom debian/tmp/usr/bin/genserkins 
debian/tmp/usr/bin/gladevcp debian/tmp/usr/bin/gladevcp_demo 
debian/tmp/usr/bin/gmoccapy debian/tmp/usr/bin/gremlin_view 
debian/tmp/usr/bin/gs2_vfd debian/tmp/usr/bin/gscreen 
debian/tmp/usr/bin/hal-histogram debian/tmp/usr/bin/hal_input 
debian/tmp/usr/bin/hal_manualtoolchange debian/tmp/usr/bin/halcmd 
debian/tmp/usr/bin/halcmd_twopass debian/tmp/usr/bin/halmeter 
debian/tmp/usr/bin/halreport debian/tmp/usr/bin/halrmt 
debian/tmp/usr/bin/halrun debian/tmp/usr/bin/halsampler 
debian/tmp/usr/bin/halscope debian/tmp/usr/bin/halshow 
debian/tmp/usr/bin/halstreamer debian/tmp/usr/bin/haltcl 
debian/tmp/usr/bin/halui debian/tmp/usr/bin/hbmgui debian/tmp/usr/bin/hexagui 
debian/tmp/usr/bin/hy_gt_vfd debian/tmp/usr/bin/hy_vfd 
debian/tmp/usr/bin/image-to-gcode debian/tmp/usr/bin/inivar 
debian/tmp/usr/bin/io debian/tmp/usr/bin/iov2 
debian/tmp/usr/bin/latency-histogram debian/tmp/usr/bin/latency-plot 
debian/tmp/usr/bin/latency-test debian/tmp/usr/bin/lineardelta 
debian/tmp/usr/bin/linuxcnc debian/tmp/usr/bin/linuxcnc_info 
debian/tmp/usr/bin/linuxcnc_module_helper debian/tmp/usr/bin/linuxcnc_var 
debian/tmp/usr/bin/linuxcnclcd debian/tmp/usr/bin/linuxcncmkdesktop 
debian/tmp/usr/bin/linuxcncrsh debian/tmp/usr/bin/linuxcncsvr 
debian/tmp/usr/bin/linuxcnctop debian/tmp/usr/bin/maho600gui 
debian/tmp/usr/bin/max5gui debian/tmp/usr/bin/mb2hal debian/tmp/usr/bin/mdi 
debian/tmp/usr/bin/melfagui debian/tmp/usr/bin/milltask 
debian/tmp/usr/bin/millturngui debian/tmp/usr/bin/mitsub_vfd 
debian/tmp/usr/bin/monitor-xhc-hb04 debian/tmp/usr/bin/motion-logger 
debian/tmp/usr/bin/moveoff_gui debian/tmp/usr/bin/mqtt-publisher 
debian/tmp/usr/bin/ngcgui debian/tmp/usr/bin/panelui 
debian/tmp/usr/bin/pi500_vfd debian/tmp/usr/bin/pmx485 
debian/tmp/usr/bin/pmx485-test debian/tmp/usr/bin/pncconf 
debian/tmp/usr/bin/puma560gui debian/tmp/usr/bin/pumagui 
debian/tmp/usr/bin/pyngcgui debian/tmp/usr/bin/pyui debian/tmp/usr/bin/pyvcp 
debian/tmp/usr/bin/pyvcp_demo debian/tmp/usr/bin/qtplasmac-cfg2prefs 
debian/tmp/usr/bin/qtplasmac-materials debian/tmp/usr/bin/qtplasmac-plasmac2qt 
debian/tmp/usr/bin/qtplasmac_gcode debian/tmp/usr/bin/qtvcp 
debian/tmp/usr/bin/rotarydelta debian/tmp/usr/bin/rs274 
debian/tmp/usr/bin/rtapi_app debian/tmp/usr/bin/scaragui 
debian/tmp/usr/bin/schedrmt debian/tmp/usr/bin/scorbot-er-3 
debian/tmp/usr/bin/sendkeys debian/tmp/usr/bin/setup_designer 
debian/tmp/usr/bin/shuttle debian/tmp/usr/bin/sim-torch 
debian/tmp/usr/bin/sim_pin debian/tmp/usr/bin/simulate_probe 
debian/tmp/usr/bin/stepconf debian/tmp/usr/bin/svd-ps_vfd 
debian/tmp/usr/bin/teach-in debian/tmp/usr/bin/thermistor 
debian/tmp/usr/bin/tool_mmap_read debian/tmp/usr/bin/tool_watch 

Bug#1025708: bullseye-pu: package debootstrap/1.0.123+deb11u2

[Simon McVittie]

On Sat, 28 Oct 2023 at 14:54:45 +0200, Cyril Brulebois wrote:
> Compared to what I get from a `dpkg-buildpackage -S` run locally (using
> the bullseye branch at tag debian/1.0.123+deb11u2), the source package
> available on coccia adds the debian/.gitignore file

I believe dpkg-source defaults to the equivalent of `dpkg-source -I`
for 3.0 (native) format packages, which ignores some files that would
normally appear in git, notably .gitignore.

I normally use
DEBUILD_DPKG_BUILDPACKAGE_OPTS="-us -uc -I.*.sw? -I.sw? -I.git" which
disables the default `-I` and instead excludes .git but not .gitignore,
making the uploaded source package exactly equivalent to what's in git
(and as a result, more dgit-friendly). If you would prefer any subsequent
uploads of d-i-related components to always exclude the .gitignore,
I'll try to remember that for the future.

smcv

Bug#830371: librevisa: FTBFS: dh_auto_test: make -j1 check VERBOSE=1 returned exit code 2

[Adrian Bunk]

On Wed, Jul 24, 2019 at 02:09:35PM -0400, Boyuan Yang wrote:
> 在 2019-07-24三的 19:44 +0200，Simon Richter写道：
>...
> > This is an error caused by network environment. The "find" test runs both
> > an Avahi lookup and an USB scan (but largely ignores the results, as none
> > of the devices found during that scan matches the "DUMMY" filter),
> > depending on the autobuilder configuration that triggers a security policy,
> > which makes the test fail.
> >
> > I have no really good idea how to keep the test meaningful and stop it from
> > failing in more restricted environments.

At least in Debian it shouldn't be run.

>...
> In this case I guess we could make tests optional so that the whole build will
> not fail even if there's some test failures. In this way at lease we could
> have some usable libraries in the archive.
>...

That's bad for two reasons:

1. Ignoring all test results makes the whole tests rather useless since 
noone will notice when other tests regress.

2. It still keeps a release critical bug, policy says[1]:
  For packages in the main archive, required targets **must not attempt** 
  network access, except, via the loopback interface, to services on the 
  build host that have been started by the build.

I noticed right now due to the maintainer upload missing the NMUs,
but this should really be fixed properly by disabling this specific test.

> Thanks,
> Boyuan Yang

cu
Adrian

[1] 
https://www.debian.org/doc/debian-policy/ch-source.html#main-building-script-debian-rules

Bug#1054904: angband: Upgrade deletes user data in /var/games/angband

[Doug Larrick]

Package: angband
Version: 1:4.2.5+dfsg1-1
Severity: important

Dear Maintainer,

Upon upgrade from Angband 1:3.5.1-2.5, user data in /var/games/angband appears
to have been deleted, including character history and the saved game in
progress.


-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing'), (450, 'unstable'), (400, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages angband depends on:
ii  angband-data 1:4.2.5+dfsg1-1
ii  libc62.37-12
ii  libncursesw6 6.4+20231016-1
ii  libsdl2-2.0-02.28.4+dfsg-1
ii  libsdl2-image-2.0-0  2.6.3+dfsg-2
ii  libsdl2-mixer-2.0-0  2.6.3+dfsg-1
ii  libsdl2-ttf-2.0-02.20.2+dfsg-1
ii  libtinfo66.4+20231016-1
ii  libx11-6 2:1.8.7-1

angband recommends no packages.

Versions of packages angband suggests:
pn  angband-extra  

-- no debconf information

Bug#1054903: libreoffice-texmaths: dependencies not installed

[Michal Was]

Package: libreoffice-texmaths
Version: 0.49-1
Severity: important
X-Debbugs-Cc: michal@ceti.pl

Dear Maintainer,

   I had installed libreoffice-texmaths via aptitude. Opened "Writer",
   and clicked on "pi" icon.
   I expected TexMaths editor window opening, but got an error pop-up:
   "Can't find at least one of the external programs dvipng or dvisvgm
   Please check the file paths in your TexMaths system configuration..."
   
   Installing dvipng by hand fixed the problem immediately, and TexMaths
   extension works as intended.

   (Hint for solution)
   TexMaths' developer(s) mention dvisvg/dvipng as software dependency 
   (see extensions' homepage -> install.html). But these are not marked 
   as dependencies in Debian repo. Setting them to be so may fix the
   problem. 

-- System Information:
Debian Release: 12.2
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-13-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libreoffice-texmaths depends on:
ii  libreoffice-draw  4:7.4.7-1
ii  texlive   2022.20230122-3

libreoffice-texmaths recommends no packages.

libreoffice-texmaths suggests no packages.

-- no debconf information

Bug#1054054: shorewall-init: Please provide native NetworkManager hook scripts

[Michael Biebl]

Hi Jeremy

On Sat, 21 Oct 2023 11:44:25 +0100 Jeremy Sowden  wrote:

On 2023-10-21, at 11:53:54 +0300, Vincas Dargis wrote:
> I've noticed NEWS after NetworkManager upgrade about no longer supporting
> if-* scripts, and now `shorewall status` says `Shorewall is stopped` :/ .
> 
> Any ideas how to "workaround" it?


I am working on a fix atm.  My plan is to add a dispatcher script for
Shorwall that calls the ifupdown script to the shorewall-init package.
The script installed by the package will go into:

  /usr/lib/NetworkManager/dispatcher.d

If you choose to install one manually it goes into:

  /etc/NetworkManager/dispatcher.d

The script will look something like the attached (currently untested).


Please consider adding a native hook script and not simply calling the 
if-up.d script from the NM hook script. This is no


If there is shared functionality, this should be placed into a script in 
/usr/lib/$pkg and be called from both if-up.d and the NM-dispatcher hook.


Regards,
Michael


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1025708: bullseye-pu: package debootstrap/1.0.123+deb11u2

[Cyril Brulebois]

Hi,

Simon McVittie  (2023-08-31):
> [ Reason ]
> The same changes proposed for bookworm in #1050868, but for bullseye.
> Because official buildds that build trixie/sid are not yet all running
> bookworm, we'll need this change in bullseye too.
> 
> I also included the changes that Luca previously proposed on this bug,
> which are backports from bookworm's debootstrap:
> 
> - no longer including usrmerge and its dependencies in the installed
>   system if usr-is-merged would be sufficient, saving ~ 50MB on a minbase
>   image and effectively fixing a regression caused by making
>   usrmerge|usr-is-merged transitively Essential in bookworm (#1025657)
> - enabling merged-/usr on Hurd
> 
> These are technically a behaviour change for bullseye, but we're making
> a larger behaviour change here already, and it aligns the behaviour
> with what we have in bookworm. We could revert those if required, but
> they're really small changes and seem desirable to me: in particular,
> they make the whole merged-/usr code path into the same tested code
> that's in trixie and proposed for bookworm.

Test results look good to me too, feel free to go ahead.

Compared to what I get from a `dpkg-buildpackage -S` run locally (using
the bullseye branch at tag debian/1.0.123+deb11u2), the source package
available on coccia adds the debian/.gitignore file; this is merely
intriguing and not something that should block processing this upload,
possibly linked to dgit's having been used at some point?


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1007475: nrg2iso: please consider upgrading to 3.0 source format

[Bastian Germann]

I am uploading a NMU to DELAYED/10 in order to fix this.
Please find the debdiff attached.diff -Nru nrg2iso-0.4/debian/changelog nrg2iso-0.4/debian/changelog
--- nrg2iso-0.4/debian/changelog2023-10-28 14:52:17.0 +0200
+++ nrg2iso-0.4/debian/changelog2023-10-28 14:44:34.0 +0200
@@ -1,3 +1,11 @@
+nrg2iso (0.4-4.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Convert to source format 3.0. (Closes: #1007475)
+  * Fix Vcs URLs.
+
+ -- Bastian Germann   Sat, 28 Oct 2023 14:44:34 +0200
+
 nrg2iso (0.4-4.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru nrg2iso-0.4/debian/control nrg2iso-0.4/debian/control
--- nrg2iso-0.4/debian/control  2023-10-28 14:52:17.0 +0200
+++ nrg2iso-0.4/debian/control  2023-10-28 14:44:34.0 +0200
@@ -2,11 +2,11 @@
 Section: otherosfs
 Priority: optional
 Maintainer: Xavier Lüthi 
-Build-Depends: debhelper (>= 7), quilt
+Build-Depends: debhelper (>= 7)
 Standards-Version: 3.8.1
 Homepage: http://gregory.kokanosky.free.fr/v4/linux/nrg2iso.en.html
-Vcs-Browser: http://git.debian.org/?p=collab-maint/nrg2iso.git
-Vcs-Git: git://git.debian.org/git/collab-maint/nrg2iso.git
+Vcs-Browser: https://salsa.debian.org/debian/nrg2iso
+Vcs-Git: https://salsa.debian.org/debian/nrg2iso.git
 
 Package: nrg2iso
 Architecture: any
diff -Nru nrg2iso-0.4/debian/README.source nrg2iso-0.4/debian/README.source
--- nrg2iso-0.4/debian/README.source2023-10-28 14:52:17.0 +0200
+++ nrg2iso-0.4/debian/README.source1970-01-01 01:00:00.0 +0100
@@ -1,57 +0,0 @@
-This package uses quilt to manage all modifications to the upstream
-source.  Changes are stored in the source package as diffs in
-debian/patches and applied during the build.
-
-To configure quilt to use debian/patches instead of patches, you want
-either to export QUILT_PATCHES=debian/patches in your environment
-or use this snippet in your ~/.quiltrc:
-
-for where in ./ ../ ../../ ../../../ ../../../../ ../../../../../; do
-if [ -e ${where}debian/rules -a -d ${where}debian/patches ]; then
-export QUILT_PATCHES=debian/patches
-fi
-done
-
-To get the fully patched source after unpacking the source package, cd to
-the root level of the source package and run:
-
-quilt push -a
-
-The last patch listed in debian/patches/series will become the current
-patch.
-
-To add a new set of changes, first run quilt push -a, and then run:
-
-quilt new 
-
-where  is a descriptive name for the patch, used as the filename in
-debian/patches.  Then, for every file that will be modified by this patch,
-run:
-
-quilt add 
-
-before editing those files.  You must tell quilt with quilt add what files
-will be part of the patch before making changes or quilt will not work
-properly.  After editing the files, run:
-
-quilt refresh
-
-to save the results as a patch.
-
-Alternately, if you already have an external patch and you just want to
-add it to the build system, run quilt push -a and then:
-
-quilt import -P  /path/to/patch
-quilt push -a
-
-(add -p 0 to quilt import if needed).  as above is the filename to
-use in debian/patches.  The last quilt push -a will apply the patch to
-make sure it works properly.
-
-To remove an existing patch from the list of patches that will be applied,
-run:
-
-quilt delete 
-
-You may need to run quilt pop -a to unapply patches first before running
-this command.
diff -Nru nrg2iso-0.4/debian/rules nrg2iso-0.4/debian/rules
--- nrg2iso-0.4/debian/rules2023-10-28 14:52:17.0 +0200
+++ nrg2iso-0.4/debian/rules2023-10-28 14:44:34.0 +0200
@@ -4,8 +4,6 @@
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
-# source quilt for patch management
-include /usr/share/quilt/quilt.make
 -include /usr/share/dpkg/buildtools.mk
 
 CFLAGS = -Wall -g
@@ -33,7 +31,7 @@
$(CC) $(CFLAGS) nrg2iso.c -o nrg2iso
touch build-stamp
 
-clean: unpatch
+clean:
dh_testdir
dh_testroot
rm -f build-stamp
diff -Nru nrg2iso-0.4/debian/source/format nrg2iso-0.4/debian/source/format
--- nrg2iso-0.4/debian/source/format1970-01-01 01:00:00.0 +0100
+++ nrg2iso-0.4/debian/source/format2023-10-28 14:44:25.0 +0200
@@ -0,0 +1 @@
+3.0 (quilt)

Bug#1040138: changelog-file-missing-explicit-entry needs exception for bookworm

[Cyril Brulebois]

Marc Haber  (2023-10-09):
> On Mon, Oct 09, 2023 at 02:06:58AM +0200, Cyril Brulebois wrote:
> > That exception only hides the root of the bug, which includes (at
> > least) a messed up version sorting.
> 
> What is the recommended way to get rid of this? Re-sorting
> changelog entries? Adding an override?

On the lintian user side: Ignoring silly results works for me.

On the lintian developer side: Fixing whatever produces the weird and of
course incorrect ordering that's then expected and complained about.

> > Adding another exception for bookworm will only lead to more
> > whack-a-mole down the line (see #1051140).
> 
> I don't see the connection here.

Adding an exception hides the bug. Then it's going to appear again when
the next suite is around the corner, until an exception is added again,
etc. That doesn't seem like a good idea to me.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#1054902: netdiag: please consider upgrading to 3.0 source format

[Bastian Germann]

Source: netdiag
Version: 1.2-1.2
Severity: wishlist

This package is among the few that still use source format 1.0.
Please upgrade it to source format 3.0:
https://wiki.debian.org/Projects/DebSrc3.0

Bug#1040062: Build failure for pydevd on alpha: gp-relative relocation against dynamic symbol

[Adrian Bunk]

On Fri, Oct 20, 2023 at 07:03:41AM +0100, Julian Gilbey wrote:
> Hi!
> 
> I'm completely out of my depth on this one, and I wonder whether
> anyone might be able to help.
> 
> I have just updated pydevd from 2.9.6+ds-1, uploaded 2023-06-23, to
> version 2.10.0+ds-1.  But the build of the cython extension now fails
> on alpha: near the end of the build log
> 
> https://buildd.debian.org/status/fetch.php?pkg=pydevd=alpha=2.10.0%2Bds-1=1697725269=0
> 
> is the failed build:
> 
> I: pybuild pybuild:340: cd 
> /<>/.pybuild/cpython3_3.11_pydevd/build; python3.11 
> setup_pydevd_cython.py build_ext --inplace --force-cython
> /usr/lib/python3/dist-packages/Cython/Compiler/Main.py:369: FutureWarning: 
> Cython directive 'language_level' not set, using 2 for now (Py2). This will 
> change in a later release! File: 
> /<>/.pybuild/cpython3_3.11_pydevd/build/_pydevd_bundle/pydevd_cython.pxd
>   tree = Parsing.p_module(s, pxd, full_module_name)
> Compiling _pydevd_bundle/pydevd_cython.pyx because it changed.
> [1/1] Cythonizing _pydevd_bundle/pydevd_cython.pyx
> running build_ext
> building '_pydevd_bundle.pydevd_cython' extension
> creating build
> creating build/temp.linux-alpha-cpython-311
> creating build/temp.linux-alpha-cpython-311/_pydevd_bundle
> alpha-linux-gnu-gcc -Wsign-compare -mieee -DNDEBUG -g -fwrapv -O2 -Wall -g 
> -Wformat -Werror=format-security -g -O2 -ffile-prefix-map=/<>=. 
> -specs=/usr/share/dpkg/pie-compile.specs -Wformat -Werror=format-security 
> -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -DPy_BUILD_CORE_MODULE=1 
> -I/usr/include/python3.11 -c _pydevd_bundle/pydevd_cython.c -o 
> build/temp.linux-alpha-cpython-311/_pydevd_bundle/pydevd_cython.o -flto
> creating build/lib.linux-alpha-cpython-311
> creating build/lib.linux-alpha-cpython-311/_pydevd_bundle
> alpha-linux-gnu-gcc -shared -Wl,-O1 -Wl,-Bsymbolic-functions 
> -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro -Wl,-z,now -g -O2 
> -ffile-prefix-map=/<>=. -specs=/usr/share/dpkg/pie-compile.specs 
> -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 
> build/temp.linux-alpha-cpython-311/_pydevd_bundle/pydevd_cython.o 
> -L/usr/lib/alpha-linux-gnu -o 
> build/lib.linux-alpha-cpython-311/_pydevd_bundle/pydevd_cython.cpython-311-alpha-linux-gnu.so
>  -flto
> lto-wrapper: warning: using serial compilation of 7 LTRANS jobs
> lto-wrapper: note: see the ‘-flto’ option documentation for more information
> /usr/bin/ld: /tmp/ccR4bmTq.ltrans5.ltrans.o: gp-relative relocation against 
> dynamic symbol __pyx_module_is_main__pydevd_bundle__pydevd_cython
> /usr/bin/ld: /tmp/ccR4bmTq.ltrans5.ltrans.o: gp-relative relocation against 
> dynamic symbol __pyx_module_is_main__pydevd_bundle__pydevd_cython
> /usr/bin/ld: /tmp/ccR4bmTq.ltrans5.ltrans.o: gp-relative relocation against 
> dynamic symbol 
> __pyx_wrapperbase_14_pydevd_bundle_13pydevd_cython_12ThreadTracer_2__call__
> /usr/bin/ld: /tmp/ccR4bmTq.ltrans5.ltrans.o: gp-relative relocation against 
> dynamic symbol 
> __pyx_wrapperbase_14_pydevd_bundle_13pydevd_cython_12ThreadTracer_2__call__
> /usr/bin/ld: /tmp/ccR4bmTq.ltrans5.ltrans.o: gp-relative relocation against 
> dynamic symbol 
> __pyx_wrapperbase_14_pydevd_bundle_13pydevd_cython_12ThreadTracer_2__call__
> collect2: error: ld returned 1 exit status
> error: command '/usr/bin/alpha-linux-gnu-gcc' failed with exit code 1
> E: pybuild pybuild:395: build: plugin distutils failed with: exit code=1: cd 
> /<>/.pybuild/cpython3_3.11_pydevd/build; python3.11 
> setup_pydevd_cython.py build_ext --inplace --force-cython
> 
> 
> I have no idea what caused these errors.
>...

That's related to #1040062, the best fix that does not involve touching dpkg is:

--- pydevd-2.10.0+ds/debian/rules.old   2023-10-28 12:12:23.060259727 +
+++ pydevd-2.10.0+ds/debian/rules   2023-10-28 12:14:34.343882684 +
@@ -4,7 +4,11 @@
 include /usr/share/dpkg/pkg-info.mk
 export PYBUILD_NAME=pydevd
 
+ifneq (,$(filter $(DEB_HOST_ARCH), alpha ia64 x32))
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all,-pie
+else
 export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+endif
 
 CXXFLAGS:=$(shell dpkg-buildflags --get CXXFLAGS)
 CPPFLAGS:=$(shell dpkg-buildflags --get CPPFLAGS)


> Best wishes,
> 
>Julian

cu
Adrian

Bug#1054901: icingaweb2: [L10,DE] icingaweb2-module-toplevelview: german translation

[Christoph Brinkhaus]

Source: icingaweb2
Version: 2.11.4-2+deb12u1
Severity: wishlist

Dear Maintainer,

please find attached the po file with the german translation.
Please consider to apply it to the package.

Thank you very much!

Kind regards,
Christoph Brinkhaus

-- System Information:
Debian Release: 12.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-13-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
# German translation of manpages
# This file is distributed under the same license as the 
icingaweb2-module-toplevelview package.
# Copyright © of this file:
# Christoph Brinkhaus , 2023.
#
msgid ""
msgstr ""
"Project-Id-Version: icingaweb2-module-toplevelview\n"
"Report-Msgid-Bugs-To: icingaweb2-module-toplevelv...@packages.debian.org\n"
"POT-Creation-Date: 2023-10-23 10:20+0200\n"
"PO-Revision-Date: 2023-10-28 13:50+0200\n"
"Last-Translator: Christoph Brinkhaus \n"
"Language-Team: German \n"
"Language: de\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"

#. Type: title
#. Description
#: ../icingaweb2-module-toplevelview.templates:1001
msgid "icingaweb2-module-toplevelview: Setup"
msgstr "icingaweb2-module-toplevelview: Einrichtung"

#. Type: boolean
#. Description
#: ../icingaweb2-module-toplevelview.templates:2001
msgid "Should this module be enabled?"
msgstr "Soll dieses Modul aktiviert werden?"

#. Type: boolean
#. Description
#: ../icingaweb2-module-toplevelview.templates:2001
msgid "This module can be enabled or disabled."
msgstr "Dieses Modul kann aktiviert oder deaktiviert werden."

Bug#1054899: mirror submission for mirror.ibcp.fr

[Michon Alexis]

Package: mirrors
Severity: wishlist
User: mirr...@packages.debian.org
Usertags: mirror-submission

Submission-Type: new
Site: mirror.ibcp.fr
Archive-architecture: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el 
riscv64 s390x
Archive-http: /debian/
Maintainer: Michon Alexis 
Country: FR France
Location: France, Lyon, 69
Sponsor: CNRS IBCP https://www.ibcp.fr
Comment: Mirror is accessible with http and https. Rsync is not configured.
 
 Alexis




Trace Url: http://mirror.ibcp.fr/debian/project/trace/
Trace Url: http://mirror.ibcp.fr/debian/project/trace/ftp-master.debian.org
Trace Url: http://mirror.ibcp.fr/debian/project/trace/mirror.ibcp.fr

Bug#1054900: libunity: please consider upgrading to 3.0 source format

[Bastian Germann]

Source: libunity
Version: 7.1.4+19.04.20190319-5
Severity: wishlist

This package is among the few that still use source format 1.0.
Please upgrade it to source format 3.0:
https://wiki.debian.org/Projects/DebSrc3.0

Bug#1054891: gcc-12: sizeof() error in called function

[Bastian Blank]

Hi

On Sat, Oct 28, 2023 at 07:57:54PM +1300, rhys wrote:
> char myBuf[] = { '\x01', '\x04', '\x31', '\x00', '\x00', '\x1D', '\x7E', 
> '\xF7' };
> printf ("sizeof (myBuf) = %d\n", sizeof (myBuf));

This is an array, so sizeof() shows the length of that array.  Making it
longer would have showed you your mistake directly.

> void process_buffer (char *bufPtr) {
> printf ("sizeof (bufPtr) = %d\n", sizeof (bufPtr));

This is a pointer.  A pointer points to somethine else.  The size of a
pointer is unrelated to your array.

> produces following output:
> sizeof (myBuf) = 8
> sizeof (bufPtr) = 4

You run on a 32 bit system, so pointers are 4*sizeof(char), aka 4 byte.

> expected output (confirmed on Oracle Linux 8.4):
> sizeof (myBuf) = 8
> sizeof (bufPtr) = 8

Oracle Linux 8 does not support 32 bit systems, so you run on a 64 bit
system.  Pointers are 8*sizeof(char), aka 8 bytes.

Arrays and pointers in C are sometimes interchangeable, but with great
precision you found one of the exceptions.

Bastian

-- 
You!  What PLANET is this!
-- McCoy, "The City on the Edge of Forever", stardate 3134.0

Bug#1007044: liblog-dispatch-filerotate-perl: please consider upgrading to 3.0 source format

[Bastian Germann]

I am uploading a NMU to DELAYED/10 in order to fix this.
The debdiff is attached.diff -Nru liblog-dispatch-filerotate-perl-1.19/debian/changelog 
liblog-dispatch-filerotate-perl-1.19/debian/changelog
--- liblog-dispatch-filerotate-perl-1.19/debian/changelog   2023-10-28 
14:16:25.0 +0200
+++ liblog-dispatch-filerotate-perl-1.19/debian/changelog   2023-10-28 
14:12:53.0 +0200
@@ -1,3 +1,10 @@
+liblog-dispatch-filerotate-perl (1.19-1.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Convert to source format 3.0. (Closes: #1007044)
+
+ -- Bastian Germann   Sat, 28 Oct 2023 14:12:53 +0200
+
 liblog-dispatch-filerotate-perl (1.19-1.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru liblog-dispatch-filerotate-perl-1.19/debian/control 
liblog-dispatch-filerotate-perl-1.19/debian/control
--- liblog-dispatch-filerotate-perl-1.19/debian/control 2023-10-28 
14:16:25.0 +0200
+++ liblog-dispatch-filerotate-perl-1.19/debian/control 2023-10-28 
14:12:27.0 +0200
@@ -1,7 +1,7 @@
 Source: liblog-dispatch-filerotate-perl
 Section: perl
 Priority: optional
-Build-Depends: debhelper (>= 7), quilt
+Build-Depends: debhelper (>= 7)
 Build-Depends-Indep: perl (>= 5.6.10-12), liblog-log4perl-perl, 
libdate-manip-perl, liblog-dispatch-perl, libparams-validate-perl
 Maintainer: Matthias Schmitz 
 Standards-Version: 3.8.1
diff -Nru liblog-dispatch-filerotate-perl-1.19/debian/rules 
liblog-dispatch-filerotate-perl-1.19/debian/rules
--- liblog-dispatch-filerotate-perl-1.19/debian/rules   2023-10-28 
14:16:25.0 +0200
+++ liblog-dispatch-filerotate-perl-1.19/debian/rules   2023-10-28 
14:12:53.0 +0200
@@ -15,12 +15,10 @@
 PACKAGE = $(shell dh_listpackages)
 TMP = $(CURDIR)/debian/$(PACKAGE)
 
-include /usr/share/quilt/quilt.make
-
 build: build-arch build-indep
 build-arch: build-stamp
 build-indep: build-stamp
-build-stamp: patch
+build-stamp:
dh_testdir
# Add commands to compile the package here
$(PERL) Makefile.PL INSTALLDIRS=vendor
@@ -28,7 +26,7 @@
$(MAKE) test
touch $@
 
-clean:  unpatch
+clean:
dh_testdir
dh_testroot
dh_clean build-stamp install-stamp
diff -Nru liblog-dispatch-filerotate-perl-1.19/debian/source/format 
liblog-dispatch-filerotate-perl-1.19/debian/source/format
--- liblog-dispatch-filerotate-perl-1.19/debian/source/format   1970-01-01 
01:00:00.0 +0100
+++ liblog-dispatch-filerotate-perl-1.19/debian/source/format   2023-10-28 
14:12:19.0 +0200
@@ -0,0 +1 @@
+3.0 (quilt)

Bug#1007474: libhtml-popuptreeselect-perl: please consider upgrading to 3.0 source format

[Bastian Germann]

I am uploading a NMU to DELAYED/10 in order to fix this.
The debdiff is attached.diff -Nru libhtml-popuptreeselect-perl-1.6/debian/changelog 
libhtml-popuptreeselect-perl-1.6/debian/changelog
--- libhtml-popuptreeselect-perl-1.6/debian/changelog   2023-10-28 
14:08:24.0 +0200
+++ libhtml-popuptreeselect-perl-1.6/debian/changelog   2023-10-28 
14:05:34.0 +0200
@@ -1,3 +1,10 @@
+libhtml-popuptreeselect-perl (1.6-7.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Convert to source format 3.0. (Closes: #1007474)
+
+ -- Bastian Germann   Sat, 28 Oct 2023 14:05:34 +0200
+
 libhtml-popuptreeselect-perl (1.6-7.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru libhtml-popuptreeselect-perl-1.6/debian/control 
libhtml-popuptreeselect-perl-1.6/debian/control
--- libhtml-popuptreeselect-perl-1.6/debian/control 2023-10-28 
14:08:24.0 +0200
+++ libhtml-popuptreeselect-perl-1.6/debian/control 2023-10-28 
14:04:54.0 +0200
@@ -1,7 +1,7 @@
 Source: libhtml-popuptreeselect-perl
 Section: perl
 Priority: optional
-Build-Depends: debhelper (>= 7.0.0), cdbs, quilt
+Build-Depends: debhelper (>= 7.0.0), cdbs
 Build-Depends-Indep: perl (>= 5.8.0-7), libhtml-template-perl (>= 2.6)
 Maintainer: Taku YASUI 
 HomePage: http://search.cpan.org/dist/HTML-PopupTreeSelect/
diff -Nru libhtml-popuptreeselect-perl-1.6/debian/rules 
libhtml-popuptreeselect-perl-1.6/debian/rules
--- libhtml-popuptreeselect-perl-1.6/debian/rules   2023-10-28 
14:08:24.0 +0200
+++ libhtml-popuptreeselect-perl-1.6/debian/rules   2023-10-28 
14:05:08.0 +0200
@@ -2,7 +2,6 @@
 
 include /usr/share/cdbs/1/rules/debhelper.mk
 include /usr/share/cdbs/1/class/perl-makemaker.mk
-include /usr/share/cdbs/1/rules/patchsys-quilt.mk
 
 binary-install/libhtml-popuptreeselect-perl::
cp -r images $(DEB_DESTDIR)/usr/share/doc/$(cdbs_curpkg)
diff -Nru libhtml-popuptreeselect-perl-1.6/debian/source/format 
libhtml-popuptreeselect-perl-1.6/debian/source/format
--- libhtml-popuptreeselect-perl-1.6/debian/source/format   1970-01-01 
01:00:00.0 +0100
+++ libhtml-popuptreeselect-perl-1.6/debian/source/format   2023-10-28 
14:05:29.0 +0200
@@ -0,0 +1 @@
+3.0 (quilt)

Bug#1007057: judy: please consider upgrading to 3.0 source format

[Bastian Germann]

I am uploading a NMU to DELAYED/10 in order to fix this.
The debdiff is attached.diff -Nru judy-1.0.5/debian/changelog judy-1.0.5/debian/changelog
--- judy-1.0.5/debian/changelog 2023-10-28 14:01:19.0 +0200
+++ judy-1.0.5/debian/changelog 2023-10-28 13:58:33.0 +0200
@@ -1,3 +1,10 @@
+judy (1.0.5-5.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Convert to source format 3.0. (Closes: #1007057)
+
+ -- Bastian Germann   Sat, 28 Oct 2023 13:58:33 +0200
+
 judy (1.0.5-5) unstable; urgency=medium
 
   * Patch from Andrey Gursky , Remove
diff -Nru judy-1.0.5/debian/control judy-1.0.5/debian/control
--- judy-1.0.5/debian/control   2023-10-28 14:01:19.0 +0200
+++ judy-1.0.5/debian/control   2023-10-28 13:57:43.0 +0200
@@ -3,7 +3,7 @@
 Priority: optional
 Maintainer: Troy Heber 
 Uploaders:
-Build-Depends: debhelper (>=9), dh-autoreconf, quilt
+Build-Depends: debhelper (>=9), dh-autoreconf
 Standards-Version: 3.9.6
 
 Package: libjudy-dev
diff -Nru judy-1.0.5/debian/rules judy-1.0.5/debian/rules
--- judy-1.0.5/debian/rules 2023-10-28 14:01:19.0 +0200
+++ judy-1.0.5/debian/rules 2023-10-28 13:58:07.0 +0200
@@ -8,7 +8,7 @@
 include /usr/share/dpkg/buildflags.mk
 
 %:
-   dh $@ --with quilt --with autoreconf
+   dh $@ --with autoreconf
 
 override_dh_auto_configure:
dh_auto_configure -- --prefix=/usr --mandir=/usr/share/man
diff -Nru judy-1.0.5/debian/source/format judy-1.0.5/debian/source/format
--- judy-1.0.5/debian/source/format 1970-01-01 01:00:00.0 +0100
+++ judy-1.0.5/debian/source/format 2023-10-28 13:58:33.0 +0200
@@ -0,0 +1 @@
+3.0 (quilt)

Bug#1007662: ips: please consider upgrading to 3.0 source format

[Bastian Germann]

I am uploading a NMU to DELAYED/10 in order to fix this.
Please find the debdiff attached.diff -Nru ips-4.0/debian/changelog ips-4.0/debian/changelog
--- ips-4.0/debian/changelog2023-10-28 13:52:40.0 +0200
+++ ips-4.0/debian/changelog2023-10-28 13:45:20.0 +0200
@@ -1,3 +1,11 @@
+ips (4.0-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Convert to source format 3.0. (Closes: #1007662)
+  * Fix FTCBFS: Let dh_auto_build pass cross tools to make. (Closes: #939992)
+
+ -- Bastian Germann   Sat, 28 Oct 2023 13:45:20 +0200
+
 ips (4.0-1.1) unstable; urgency=low
 
   * Non-maintainer upload.
diff -Nru ips-4.0/debian/control ips-4.0/debian/control
--- ips-4.0/debian/control  2023-10-28 13:52:40.0 +0200
+++ ips-4.0/debian/control  2023-10-28 13:45:03.0 +0200
@@ -1,8 +1,8 @@
 Source: ips
-Section: admin 
+Section: admin
 Priority: extra
 Maintainer: Michael Meskes 
-Build-Depends: debhelper (>= 5), quilt (>= 0.40), libncurses5-dev, libxt-dev
+Build-Depends: debhelper (>= 7), libncurses5-dev, libxt-dev
 Standards-Version: 3.8.4
 
 Package: ips
diff -Nru ips-4.0/debian/patches/conffile.diff 
ips-4.0/debian/patches/conffile.diff
--- ips-4.0/debian/patches/conffile.diff2023-10-28 13:52:40.0 
+0200
+++ ips-4.0/debian/patches/conffile.diff2023-10-28 13:45:20.0 
+0200
@@ -8,9 +8,9 @@
 +.I /etc/ips.init
  which is used to set system defaults for
  .BR ips .
- .PP
+ 
 @@ -936,7 +936,7 @@
- command line.
+ 
  .SH USEFUL MACROS
  The standard supplied system initialization file
 -.I /usr/local/lib/ips.init
diff -Nru ips-4.0/debian/rules ips-4.0/debian/rules
--- ips-4.0/debian/rules2023-10-28 13:52:40.0 +0200
+++ ips-4.0/debian/rules2023-10-28 13:45:20.0 +0200
@@ -9,10 +9,8 @@
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
-include /usr/share/quilt/quilt.make
-
 configure: configure-stamp
-configure-stamp: patch
+configure-stamp:
dh_testdir
# Add here commands to configure the package.
 
@@ -23,13 +21,10 @@
 
 build-stamp: configure-stamp 
dh_testdir
-
-   # Add here commands to compile the package.
-   $(MAKE) 
-
+   dh_auto_build
touch $@
 
-clean: unpatch
+clean:
dh_testdir
dh_testroot
rm -f build-stamp configure-stamp
diff -Nru ips-4.0/debian/source/format ips-4.0/debian/source/format
--- ips-4.0/debian/source/format2023-10-28 13:52:40.0 +0200
+++ ips-4.0/debian/source/format2023-10-28 13:39:17.0 +0200
@@ -1 +1 @@
-1.0
+3.0 (quilt)

Bug#1054668: RM: jcc -- RoQA; very low popcon; leaf package

[Bastian Germann]

Control: reassign -1 ftp.debian.org
Control: severity -1 normal

As the maintainer agreed to the removal, I am filing the RM now.

Bug#1033547: debian/rules: adjustment needed for up-to-date docs

[Wolfgang Schweer]

> To also fix the dblatex docs, two more patches would be needed

For the docs related changes to take effect, the rules file seems to 
need adjustment; patch attached, please check.

Wolfgang
--- a/debian/rules
+++ b/debian/rules
@@ -9,9 +9,10 @@ override_dh_clean:
 	dh_clean
 
 override_dh_auto_build:
-	# - Nothing to be compiled
 	# - Don't call build_doc, as it's superfluous and will run into
 	#   bootstrap problems.
+	# - But rebuild the PDF manuals, just in case source files contain changes.
+	rm --force docs/*.pdf
 
 override_dh_installchangelogs:
 	dh_installchangelogs docs/changes/changes.txt


signature.asc
Description: PGP signature

Bug#1007650: dv4l: please consider upgrading to 3.0 source format

[Bastian Germann]

I am uploading a NMU to DELAYED/10 in order to fix this.
Please find the debdiff attached.diff -Nru dv4l-1.0/debian/changelog dv4l-1.0/debian/changelog
--- dv4l-1.0/debian/changelog   2023-10-28 13:34:56.0 +0200
+++ dv4l-1.0/debian/changelog   2023-10-28 13:23:53.0 +0200
@@ -1,3 +1,13 @@
+dv4l (1.0-5.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Convert to source format 3.0. (Closes: #1007650)
+
+  [ Helmut Grohne ]
+  * Fix FTCBFS: Pass --host to configure. (Closes: #977632)
+
+ -- Bastian Germann   Sat, 28 Oct 2023 13:23:53 +0200
+
 dv4l (1.0-5) unstable; urgency=low
 
   * Remove vloopback-source from Recommends.
diff -Nru dv4l-1.0/debian/control dv4l-1.0/debian/control
--- dv4l-1.0/debian/control 2023-10-28 13:34:56.0 +0200
+++ dv4l-1.0/debian/control 2023-10-28 13:23:53.0 +0200
@@ -2,7 +2,7 @@
 Section: graphics
 Priority: optional
 Maintainer: Nobuhiro Iwamatsu 
-Build-Depends: cdbs, debhelper (>= 7), autotools-dev, quilt, 
+Build-Depends: cdbs, debhelper (>= 7), autotools-dev,
libraw1394-dev, libiec61883-dev, libdv-dev, libv4l-dev
 Standards-Version: 3.9.2
 Homepage: http://dv4l.berlios.de/
diff -Nru dv4l-1.0/debian/README.source dv4l-1.0/debian/README.source
--- dv4l-1.0/debian/README.source   2023-10-28 13:34:56.0 +0200
+++ dv4l-1.0/debian/README.source   1970-01-01 01:00:00.0 +0100
@@ -1,58 +0,0 @@
-This package uses quilt to manage all modifications to the upstream
-source.  Changes are stored in the source package as diffs in
-debian/patches and applied during the build.
-
-To configure quilt to use debian/patches instead of patches, you want
-either to export QUILT_PATCHES=debian/patches in your environment
-or use this snippet in your ~/.quiltrc:
-
-for where in ./ ../ ../../ ../../../ ../../../../ ../../../../../; do
-if [ -e ${where}debian/rules -a -d ${where}debian/patches ]; then
-export QUILT_PATCHES=debian/patches
-break
-fi
-done
-
-To get the fully patched source after unpacking the source package, cd to
-the root level of the source package and run:
-
-quilt push -a
-
-The last patch listed in debian/patches/series will become the current
-patch.
-
-To add a new set of changes, first run quilt push -a, and then run:
-
-quilt new 
-
-where  is a descriptive name for the patch, used as the filename in
-debian/patches.  Then, for every file that will be modified by this patch,
-run:
-
-quilt add 
-
-before editing those files.  You must tell quilt with quilt add what files
-will be part of the patch before making changes or quilt will not work
-properly.  After editing the files, run:
-
-quilt refresh
-
-to save the results as a patch.
-
-Alternately, if you already have an external patch and you just want to
-add it to the build system, run quilt push -a and then:
-
-quilt import -P  /path/to/patch
-quilt push -a
-
-(add -p 0 to quilt import if needed).  as above is the filename to
-use in debian/patches.  The last quilt push -a will apply the patch to
-make sure it works properly.
-
-To remove an existing patch from the list of patches that will be applied,
-run:
-
-quilt delete 
-
-You may need to run quilt pop -a to unapply patches first before running
-this command.
diff -Nru dv4l-1.0/debian/rules dv4l-1.0/debian/rules
--- dv4l-1.0/debian/rules   2023-10-28 13:34:56.0 +0200
+++ dv4l-1.0/debian/rules   2023-10-28 13:23:53.0 +0200
@@ -1,11 +1,14 @@
 #!/usr/bin/make -f
 
+include /usr/share/dpkg/architecture.mk
 include /usr/share/cdbs/1/rules/debhelper.mk
 include /usr/share/cdbs/1/class/autotools.mk
-include /usr/share/cdbs/1/rules/patchsys-quilt.mk
 
 DEB_CONFIGURE_NORMAL_ARGS = --prefix=/usr --libdir=/lib/dv4l \
-   --datarootdir=/share 
+   --datarootdir=/share \
+   --datarootdir=/share \
+   --build=$(DEB_BUILD_GNU_TYPE) \
+   --host=$(DEB_HOST_GNU_TYPE)
 
 install/dv4l::
install -m 0644 -D debian/lintian-override \
diff -Nru dv4l-1.0/debian/source/format dv4l-1.0/debian/source/format
--- dv4l-1.0/debian/source/format   1970-01-01 01:00:00.0 +0100
+++ dv4l-1.0/debian/source/format   2023-10-28 13:23:53.0 +0200
@@ -0,0 +1 @@
+3.0 (quilt)

Bug#1054891: gcc-12: sizeof() error in called function

[Matthias Klose]

Please report this, where you downloaded that package versions, closing here in 
Debian.



On 28.10.23 08:57, rhys wrote:

Package: gcc-12
Version: 12.2.0-14+rpi1
Severity: normal
X-Debbugs-Cc: rmor...@web.de

Dear Maintainer,

Following code:

#include 

char myBuf[] = { '\x01', '\x04', '\x31', '\x00', '\x00', '\x1D', '\x7E', '\xF7' 
};

void process_buffer (char *);

int main (int argc, char **argv) {
 printf ("sizeof (myBuf) = %d\n", sizeof (myBuf));

 process_buffer (myBuf);
}

void process_buffer (char *bufPtr) {
 printf ("sizeof (bufPtr) = %d\n", sizeof (bufPtr));
}

produces following output:

sizeof (myBuf) = 8
sizeof (bufPtr) = 4

expected output (confirmed on Oracle Linux 8.4):

sizeof (myBuf) = 8
sizeof (bufPtr) = 8



-- System Information:
Distributor ID: Raspbian
Description:Raspbian GNU/Linux 12 (bookworm)
Release:12
Codename:   bookworm
Architecture: armv6l

Bug#1007451: colplot: please consider upgrading to 3.0 source format

[Bastian Germann]

I am uploading a NMU to DELAYED/10 in order to fix this.
Please find the debdiff attached.diff -Nru colplot-5.2.0/debian/changelog colplot-5.2.0/debian/changelog
--- colplot-5.2.0/debian/changelog  2023-10-28 13:19:00.0 +0200
+++ colplot-5.2.0/debian/changelog  2023-10-28 13:10:46.0 +0200
@@ -1,3 +1,10 @@
+colplot (5.2.0-1.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Convert to source format 3.0. (Closes: #1007451)
+
+ -- Bastian Germann   Sat, 28 Oct 2023 13:10:46 +0200
+
 colplot (5.2.0-1.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru colplot-5.2.0/debian/control colplot-5.2.0/debian/control
--- colplot-5.2.0/debian/control2023-10-28 13:19:00.0 +0200
+++ colplot-5.2.0/debian/control2023-10-28 13:10:17.0 +0200
@@ -2,7 +2,7 @@
 Section: admin
 Priority: optional
 Maintainer: Troy Heber 
-Build-Depends: debhelper-compat (= 13), quilt (>= 0.40), po-debconf
+Build-Depends: debhelper-compat (= 13), po-debconf
 Standards-Version: 4.6.2
 
 Package: colplot
diff -Nru colplot-5.2.0/debian/patches/03_FIX_SITE_LOCATION.patch 
colplot-5.2.0/debian/patches/03_FIX_SITE_LOCATION.patch
--- colplot-5.2.0/debian/patches/03_FIX_SITE_LOCATION.patch 2023-10-28 
13:19:00.0 +0200
+++ colplot-5.2.0/debian/patches/03_FIX_SITE_LOCATION.patch 2023-10-28 
13:10:46.0 +0200
@@ -7,5 +7,5 @@
 -my $LibDir='/usr/share/collectl';
 +my $LibDir='/usr/share/colplot/site';
  
- my $Version="5.1.0";
+ my $Version="5.2.0";
  my $Copyright='Copyright 2004-2014 Hewlett-Packard Development Company, L.P.';
diff -Nru colplot-5.2.0/debian/rules colplot-5.2.0/debian/rules
--- colplot-5.2.0/debian/rules  2023-10-28 13:19:00.0 +0200
+++ colplot-5.2.0/debian/rules  2023-10-28 13:10:26.0 +0200
@@ -4,7 +4,7 @@
 export DH_VERBOSE=1
 
 %:
-   dh $@ --with quilt
+   dh $@
 
 override_dh_install:
chmod -x $(CURDIR)/oneperpage.ph
diff -Nru colplot-5.2.0/debian/source/format colplot-5.2.0/debian/source/format
--- colplot-5.2.0/debian/source/format  1970-01-01 01:00:00.0 +0100
+++ colplot-5.2.0/debian/source/format  2023-10-28 13:10:46.0 +0200
@@ -0,0 +1 @@
+3.0 (quilt)

Bug#1007559: clamsmtp: please consider upgrading to 3.0 source format

[Bastian Germann]

I am uploading a NMU to DELAYED/10 in order to fix this.
Please find the debdiff attached.diff -Nru clamsmtp-1.10/debian/changelog clamsmtp-1.10/debian/changelog
--- clamsmtp-1.10/debian/changelog  2023-10-28 12:59:24.0 +0200
+++ clamsmtp-1.10/debian/changelog  2023-10-28 12:35:57.0 +0200
@@ -1,3 +1,10 @@
+clamsmtp (1.10-17.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Convert to source format 3.0. (Closes: #1007559)
+
+ -- Bastian Germann   Sat, 28 Oct 2023 12:35:57 +0200
+
 clamsmtp (1.10-17.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru clamsmtp-1.10/debian/control clamsmtp-1.10/debian/control
--- clamsmtp-1.10/debian/control2023-10-28 12:59:24.0 +0200
+++ clamsmtp-1.10/debian/control2023-10-28 12:34:37.0 +0200
@@ -3,7 +3,7 @@
 Priority: optional
 Maintainer: ClamAV Team 
 Uploaders: Michael Meskes 
-Build-Depends: debhelper (>= 11), quilt (>= 0.46-7)
+Build-Depends: debhelper (>= 11)
 Standards-Version: 4.1.3
 Vcs-Git: git://anonscm.debian.org/pkg-clamav/clamsmtp.git
 Vcs-Browser: 
https://anonscm.debian.org/gitweb/?p=pkg-clamav/clamsmtp.git;a=summary
diff -Nru clamsmtp-1.10/debian/patches/include_order.patch 
clamsmtp-1.10/debian/patches/include_order.patch
--- clamsmtp-1.10/debian/patches/include_order.patch2023-10-28 
12:59:24.0 +0200
+++ clamsmtp-1.10/debian/patches/include_order.patch2023-10-28 
12:35:57.0 +0200
@@ -21,13 +21,13 @@
 @@ -51,6 +51,8 @@
  AC_PROG_LN_S
  AC_PROG_MAKE_SET
-
+ 
 +AC_USE_SYSTEM_EXTENSIONS
 +
  # Debug mode
- AC_ARG_ENABLE(debug,=20
+ AC_ARG_ENABLE(debug, 
  AC_HELP_STRING([--enable-debug],
-
+ [Compile binaries in debug mode]))
 diff -Nru clamsmtp-1.10/common/smtppass.c clamsmtp-patched/common/smtppass.c
 --- clamsmtp-1.10/common/smtppass.c2015-03-02 09:36:27.793398352 +0100
 +++ clamsmtp-patched/common/smtppass.c 2015-03-02 09:38:50.843467581 +0100
diff -Nru clamsmtp-1.10/debian/README.source clamsmtp-1.10/debian/README.source
--- clamsmtp-1.10/debian/README.source  2023-10-28 12:59:24.0 +0200
+++ clamsmtp-1.10/debian/README.source  1970-01-01 01:00:00.0 +0100
@@ -1,58 +0,0 @@
-This package uses quilt to manage all modifications to the upstream
-source.  Changes are stored in the source package as diffs in
-debian/patches and applied during the build.
-
-To configure quilt to use debian/patches instead of patches, you want
-either to export QUILT_PATCHES=debian/patches in your environment
-or use this snippet in your ~/.quiltrc:
-
-for where in ./ ../ ../../ ../../../ ../../../../ ../../../../../; do
-if [ -e ${where}debian/rules -a -d ${where}debian/patches ]; then
-export QUILT_PATCHES=debian/patches
-break
-fi
-done
-
-To get the fully patched source after unpacking the source package, cd to
-the root level of the source package and run:
-
-quilt push -a
-
-The last patch listed in debian/patches/series will become the current
-patch.
-
-To add a new set of changes, first run quilt push -a, and then run:
-
-quilt new 
-
-where  is a descriptive name for the patch, used as the filename in
-debian/patches.  Then, for every file that will be modified by this patch,
-run:
-
-quilt add 
-
-before editing those files.  You must tell quilt with quilt add what files
-will be part of the patch before making changes or quilt will not work
-properly.  After editing the files, run:
-
-quilt refresh
-
-to save the results as a patch.
-
-Alternately, if you already have an external patch and you just want to
-add it to the build system, run quilt push -a and then:
-
-quilt import -P  /path/to/patch
-quilt push -a
-
-(add -p 0 to quilt import if needed).  as above is the filename to
-use in debian/patches.  The last quilt push -a will apply the patch to
-make sure it works properly.
-
-To remove an existing patch from the list of patches that will be applied,
-run:
-
-quilt delete 
-
-You may need to run quilt pop -a to unapply patches first before running
-this command.
diff -Nru clamsmtp-1.10/debian/rules clamsmtp-1.10/debian/rules
--- clamsmtp-1.10/debian/rules  2023-10-28 12:59:24.0 +0200
+++ clamsmtp-1.10/debian/rules  2023-10-28 12:34:55.0 +0200
@@ -3,4 +3,4 @@
 export DEB_BUILD_MAINT_OPTIONS=hardening=+all
 
 %:
-   dh $@ --with quilt,autoreconf
+   dh $@ --with autoreconf
diff -Nru clamsmtp-1.10/debian/source/format clamsmtp-1.10/debian/source/format
--- clamsmtp-1.10/debian/source/format  2023-10-28 12:59:24.0 +0200
+++ clamsmtp-1.10/debian/source/format  2023-10-28 12:34:23.0 +0200
@@ -1 +1 @@
-1.0
+3.0 (quilt)

Bug#1054889: linux-image-6.5.0-2-amd64: Kernel 6.5 amdgpu, with refreshrate above 120Hz, black screen appears when certain graphical element appear

[Diederik de Haas]

On Saturday, 28 October 2023 06:20:43 CEST dada007 wrote:
> Package: src:linux
> Version: 6.5.6-1
> 
>* What led up to the situation?
> Updating from kernel 6.4 to 6.5
>* What exactly did you do (or not do) that was effective (or
>  ineffective)?
> When I later changed screen resolution from 144Hz down to 120Hz
>* What was the outcome of this action?
> The black screens stopped. It does not matter which kernel
> 6.5-version I use, it is the same. Black screen happens when certain
> graphical elements are shown.

On https://snapshot.debian.org/binary/linux-image-amd64/ you can find all the 
kernel versions released in Debian.
Can you verify that 6.5~rc4-1~exp1 indeed also has this issue?
When that's the case, can you ssh into your machine and get the `dmesg` output 
and attach that to this bug report?

On Saturday, 28 October 2023 06:20:43 CEST dada007 wrote:
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers testing
>   APT policy: (500, 'testing')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 6.5.9-2-liquorix-amd64 (SMP w/12 CPU threads; PREEMPT)

That's not Debian's kernel. Why did you not report it to liquorix's repo?

signature.asc
Description: This is a digitally signed message part.

Bug#1054668: RM: jcc -- RoQA; very low popcon; leaf package

[Emmanuel Arias]

Hi Bastian,

I do not have arguments against your proposal. So go ahead please.

Cheers,
Emmanuel


signature.asc
Description: PGP signature

Bug#1054661: blastem: Segfault when trying to open rom or access system settings

[Tobias Frost]

Control: tags -1 confirmed

Here's a backtrace when clicking on Settings -> System. 
Thread 1 "blastem" received signal SIGSEGV, Segmentation fault.
tern_foreach_int (head=, fun=0x555c12a0 , 
data=0x7fffd7f0, keybuf=0x7fffd8c0 "\020", pos=0)
at /build/blastem-kipVNx/blastem-0.6.3.4/tern.c:268
268 if (!head->el) {
(gdb) bt
#0  tern_foreach_int (head=, fun=0x555c12a0 , 
data=0x7fffd7f0, keybuf=0x7fffd8c0 "\020", pos=0)
at /build/blastem-kipVNx/blastem-0.6.3.4/tern.c:268
#1  0x555c7e15 in tern_foreach (data=0x7fffd7f0, fun=0x555c12a0 
, head=)
at /build/blastem-kipVNx/blastem-0.6.3.4/tern.c:291
#2  get_models (num_out=0x557a8ba0 ) at 
nuklear_ui/blastem_nuklear.c:1873
#3  view_system_settings (context=0x55611ab8 ) at 
nuklear_ui/blastem_nuklear.c:1907
#4  0x555c8354 in blastem_nuklear_render () at 
nuklear_ui/blastem_nuklear.c:2049
#5  0x55589e1b in render_update_display () at 
/build/blastem-kipVNx/blastem-0.6.3.4/render_sdl.c:1783
#6  0x555caeeb in ui_idle_loop () at nuklear_ui/blastem_nuklear.c:2075
#7  0xdefa in blastem_nuklear_init (file_loaded=0 '\000') at 
nuklear_ui/blastem_nuklear.c:2332
#8  main (argc=, argv=) at 
/build/blastem-kipVNx/blastem-0.6.3.4/blastem.c:714
(gdb) 

Did not investigate further.

-- 
tobi


On Fri, Oct 27, 2023 at 04:41:32PM +0100, Karl Pirton wrote:
> Package: blastem
> Version: 0.6.3.4-1+b2
> Severity: grave
> Justification: renders package unusable
> X-Debbugs-Cc: jsupert...@dnmx.org
> 
> Dear Maintainer,
> 
> Selecting "Open ROM" or going to options and selecting "System" causes the 
> program to crash with a Segmentation Fault.
> 
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers testing
>   APT policy: (500, 'testing')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 6.5.0-2-amd64 (SMP w/12 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
> TAINT_UNSIGNED_MODULE
> Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
> LANGUAGE=en_GB:en
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
> 
> Versions of packages blastem depends on:
> ii  libc6  2.37-12
> ii  libgl1 1.7.0-1
> ii  libglew2.2 2.2.0-4+b1
> ii  libsdl2-2.0-0  2.28.4+dfsg-1
> ii  zlib1g 1:1.2.13.dfsg-3
> 
> blastem recommends no packages.
> 
> blastem suggests no packages.
> 
> -- no debconf information
> 

Bug#1054898: piuparts: drop unmerged-usr sid configuration for debci

[Luca Boccassi]

Source: piuparts
Severity: important
Tags: patch
X-Debbugs-Cc: hel...@subdivi.de

Dear Piuparts Maintainers,

Last month the buildds were reconfigured to always build unstable in
merged-usr, as expected given the transition is moving forward.
usrmerge no longer allows skipping the setup now, as the next step.
Piuparts still creates both an unmerged and a merged sid chroot - the
former needs to be dropped now, as it can no longer be set up. A
tentative config change can be found here - please note that it is just
speculative, as I am no expert on this matter:

https://salsa.debian.org/debian/piuparts/-/merge_requests/44

-- 
Kind regards,
Luca Boccassi


signature.asc
Description: This is a digitally signed message part

Bug#1054798: opendht: FTBFS: dh_missing: error: missing files, aborting

[Tobias Frost]

On Fri, Oct 27, 2023 at 11:01:15PM -0400, Amin Bandali wrote:
> Control: merge 1054359 1054798
> Control: tags -1 pending
> X-Debbugs-CC: Tobias Frost 
> 
> Hi Lucas,
> 
> Thanks for the bug report.  However, this is a duplicate of #1054359,
> so I'm merging the two.  I have an upload[1,2] pending review and
> sponsoring by Tobi - the AM for my DD process - to fix the FTBFS and
> address the longstanding #866075 as well.  I hope Tobi can review and
> sponsor it through NEW soon.
> 
> Thanks,
> -a
> 
> [1] https://salsa.debian.org/debian/opendht
> [2] https://mentors.debian.net/package/opendht/

Uploaded, it will be in NEW shortly.

Bug#1054897: lintian: Also warn about later switches to date-based versioning schemes

[Peter Wienemann]

Package: lintian
Version: 2.116.3
Severity: wishlist

Dear maintainers,

at present Lintian only emits the tag 
"new-package-uses-date-based-version-number" if
- a date-based versioning scheme is used for the latest changelog entry and
- the number of changelog entries is one.

I think it would be better to emit it if
- a date-based versioning scheme is used for the latest changelog entry and
- the number of changelog entries with a date-based versioning scheme is one.

One might also consider adapting the tag name to reflect the change of logic.

The background of this request is a discussion on the security tools mailing 
list [0]
which made me aware that the present rule set offers a loophole.

Best regards,

Peter

[0] https://lists.debian.org/debian-security-tools/2023/10/msg9.html

Bug#1054896: libasound2: alsa 1.2.10-1 segfaults on i386

[Petra Rübe-Pugliese]

Package: libasound2
Version: 1.2.10-1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

Since update of the alsa packages
libasound2
libasound2-data
alsa-utils
libatopology2
from v1.2.9-1 to v1.2.10-1 all sound programs fail with a
segfault (see typical output below.)

This happens reproducibly on four different i386 computers
(this Thinkpad T420, two older Thinkpads T41, and an old PC).
I cannot tell if any other architecture is affected.

Downgrading of the four packages to v1.2.9-1 solves the problem.

Typical output:

~ > play /usr/share/sounds/alsa/Noise.wav
Segmentation fault
~ > aplay /usr/share/sounds/alsa/Noise.wav
Segmentation fault
~ > play 
/usr/share/javascript/mathjax/unpacked/extensions/a11y/invalid_keypress.mp3
Segmentation fault
~ > aplay 
/usr/share/javascript/mathjax/unpacked/extensions/a11y/invalid_keypress.mp3
Segmentation fault
~ > mpg123 
/usr/share/javascript/mathjax/unpacked/extensions/a11y/invalid_keypress.mp3
High Performance MPEG 1.0/2.0/2.5 Audio Player for Layers 1, 2 and 3
  version 1.32.3; written and copyright by Michael Hipp and others
  free software (LGPL) without any warranty but with best wishes
Segmentation fault
~ > mocp
Running the server...
Trying ALSA...

FATAL_ERROR: Server exited!

~ >

--

# dmesg
[...]
[11710.534679] play[3439]: segfault at 10f ip b7967fa6 sp bfd905f0 error 4 
in libasound.so.2.0.0[b78f4000+a4000] likely on CPU 2 (core 1, socket 0)
[11710.534726] Code: 70 fc ff ff 8b 4e 28 85 c9 0f 85 65 fc ff ff 83 8e 04 
02 00 00 02 e9 64 fc ff ff 8d b4 26 00 00 00 00 66 90 8b 45 1c 8d 7a ff <8b> 88 
0c 01 00 00 8d 46 24 85 d7 0f 85 83 01 00 00 8b 7e 28 31 d2
[11717.042680] aplay[3440]: segfault at 10b ip b7e6ba1a sp bfd00b50 error 4 
in libasound.so.2.0.0[b7df8000+a4000] likely on CPU 2 (core 1, socket 0)
[11717.042730] Code: 55 57 56 53 e8 17 f7 f8 ff 81 c3 7b 69 09 00 83 ec 0c 
8b 6c 24 20 8b 74 24 24 8b 85 08 01 00 00 8b 50 20 85 d2 74 11 8b 40 1c <8b> 80 
08 01 00 00 85 c0 0f 84 88 00 00 00 8d 7e 04 89 f1 31 c0 c7
[11836.719067] play[3449]: segfault at 10f ip b791efa6 sp bffeb600 error 4 
in libasound.so.2.0.0[b78ab000+a4000] likely on CPU 1 (core 0, socket 0)
[11836.719118] Code: 70 fc ff ff 8b 4e 28 85 c9 0f 85 65 fc ff ff 83 8e 04 
02 00 00 02 e9 64 fc ff ff 8d b4 26 00 00 00 00 66 90 8b 45 1c 8d 7a ff <8b> 88 
0c 01 00 00 8d 46 24 85 d7 0f 85 83 01 00 00 8b 7e 28 31 d2
[11841.862973] aplay[3450]: segfault at 10b ip b7efea1a sp bfb4f740 error 4 
in libasound.so.2.0.0[b7e8b000+a4000] likely on CPU 0 (core 0, socket 0)
[11841.863024] Code: 55 57 56 53 e8 17 f7 f8 ff 81 c3 7b 69 09 00 83 ec 0c 
8b 6c 24 20 8b 74 24 24 8b 85 08 01 00 00 8b 50 20 85 d2 74 11 8b 40 1c <8b> 80 
08 01 00 00 85 c0 0f 84 88 00 00 00 8d 7e 04 89 f1 31 c0 c7
[11849.966973] mpg123[3451]: segfault at 10f ip b6cc0fa6 sp bf927ea0 error 
4 in libasound.so.2.0.0[b6c4d000+a4000] likely on CPU 2 (core 1, socket 0)
[11849.967022] Code: 70 fc ff ff 8b 4e 28 85 c9 0f 85 65 fc ff ff 83 8e 04 
02 00 00 02 e9 64 fc ff ff 8d b4 26 00 00 00 00 66 90 8b 45 1c 8d 7a ff <8b> 88 
0c 01 00 00 8d 46 24 85 d7 0f 85 83 01 00 00 8b 7e 28 31 d2
[11862.990240] mocp[3454]: segfault at 115 ip b7d0bfa6 sp bfd39d50 error 4 
in libasound.so.2.0.0[b7c98000+a4000] likely on CPU 3 (core 1, socket 0)
[11862.990286] Code: 70 fc ff ff 8b 4e 28 85 c9 0f 85 65 fc ff ff 83 8e 04 
02 00 00 02 e9 64 fc ff ff 8d b4 26 00 00 00 00 66 90 8b 45 1c 8d 7a ff <8b> 88 
0c 01 00 00 8d 46 24 85 d7 0f 85 83 01 00 00 8b 7e 28 31 d2
#


 Best regards,
 Petra




-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 6.5.0-2-686-pae (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libasound2 depends on:
ii  libasound2-data  1.2.10-1
ii  libc62.37-12

libasound2 recommends no packages.

Versions of packages libasound2 suggests:
pn  libasound2-plugins  

-- no debconf information

Bug#1052818: djangorestframework-filters: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p 3.11 returned exit code 13

[s3v]

Dear Maintainer,

> >   from django.conf.urls import include, url
> E   ImportError: cannot import name 'url' from 'django.conf.urls' 
> (/usr/lib/python3/dist-packages/django/conf/urls/__init__.py)


Since Django 4.x, url() function was removed and replaced by "re_path". Attached
patch fix the build failure.

Kind regards--- a/tests/testapp/urls.py
+++ b/tests/testapp/urls.py
@@ -1,5 +1,5 @@
 
-from django.conf.urls import include, url
+from django.urls import include, re_path
 from rest_framework import routers
 
 from . import views
@@ -15,5 +15,5 @@
 
 
 urlpatterns = [
-url(r'^', include(router.urls)),
+re_path(r'^', include(router.urls)),
 ]
--- a/tests/perf/urls.py
+++ b/tests/perf/urls.py
@@ -1,5 +1,5 @@
 
-from django.conf.urls import include, url
+from django.urls import include, re_path
 from rest_framework import routers
 
 from . import views
@@ -10,5 +10,5 @@
 
 
 urlpatterns = [
-url(r'^', include(router.urls)),
+re_path(r'^', include(router.urls)),
 ]

Bug#1054806: git-cola: FTBFS: sed: can't read /<>/debian/git-cola/usr/lib/python3*/site-packages/cola/widgets/spellcheck.py: No such file or directory

[David Aguilar]

On Sat, Oct 28, 2023 at 12:13 AM László Böszörményi (GCS)
 wrote:
>
> Hi David,
>
> On Sat, Oct 28, 2023 at 6:39 AM David Aguilar  wrote:
> > This step in the build log looks suspicious:
> >
> > sed -i 's|env python|env python3|' \
> >
> > /<>/debian/git-cola/usr/lib/python3*/site-packages/cola/widgets/spellcheck.py
>  Yes, this is the culprit and already fixed locally.
>
> > Another note is that 3.12.0 is a very old version. Newer versions have
> > the python3 shebangs. That's probably related.
>  Then newer versions also have a new dependency that is not (yet)
> packaged for Debian. I don't have time for that as if I remember
> correctly it is something uncommon. I think I will let git-cola go.
>
> Regards,
> Laszlo/GCS

Sorry for the inconvenience. I always strive to avoid breaking Debian.

We shouldn't have any new dependencies -- that might've been an oversight
(adding a dependency on rst.linker) which was fixed some time ago.

I believe a related issue was that rst.linker did not work offline
(which was bad for Debian), so we dropped it.

https://github.com/git-cola/git-cola/issues/1251

Git Cola itself will only ever depend on packages already available in
Debian, forevermore.

Thank you Laszlo,
David

Bug#1054777: Fwd: Bug#1054777: libfiu: FTBFS: dh_auto_test: error: make -j8 test V=1 LC_ALL=C returned exit code 2

[Chris Lamb]

Hey Alberto,

Hope all is well with you. Just wondering if you received the below
re. a recently-filed bug report against libfiu. I can reproduce it
locally if that helps.


Best wishes,

Chris



- Original message -
From: Lucas Nussbaum 
To: sub...@bugs.debian.org
Subject: Bug#1054777: libfiu: FTBFS: dh_auto_test: error: make -j8 test V=1 
LC_ALL=C returned exit code 2
Date: Friday, 27 October 2023 8:31 PM

Source: libfiu
Version: 1.1-4
Severity: serious
Justification: FTBFS
Tags: trixie sid ftbfs
User: lu...@debian.org
Usertags: ftbfs-20231027 ftbfs-trixie

Hi,

During a rebuild of all packages in sid, your package failed to build
on amd64.


Relevant part (hopefully):
> make[4]: Entering directory '/<>/tests/utils'
> mkdir -p libs/
> ln -f ../../preload/posix/fiu_posix_preload.so libs/
> ln -f ../../preload/run/fiu_run_preload.so libs/
> LD_LIBRARY_PATH=../../libfiu/ ./test-basic_ctrl.py > 
> output-test-basic_ctrl.py.txt 2>&1
> LD_LIBRARY_PATH=../../libfiu/ ./test-basic_run.sh > 
> output-test-basic_run.sh.txt 2>&1
> ./generate-test -c tests/fprintf.conf -o tests/fprintf.c
> ./generate-test -c tests/fread.conf -o tests/fread.c
> ./generate-test -c tests/kill.conf -o tests/kill.c
> ./generate-test -c tests/malloc.conf -o tests/malloc.c
> ./generate-test -c tests/mmap.conf -o tests/mmap.c
> cc -I../../libfiu/ -L../../libfiu/ -L./ -D_XOPEN_SOURCE=600 -D_GNU_SOURCE 
> -fPIC -DFIU_ENABLE=1 -g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong -fstack-clash-protection -Wformat 
> -Werror=format-security -fcf-protection -std=c99 -pedantic -Wall -std=c99 
> -pedantic -Wall -L. binary.c -lfiu -lcoltest -o binary
> ./generate-test -c tests/open.conf -o tests/open.c
> ln -f ../preload/posix/fiu_posix_preload.so libs/
> ln -f ../preload/run/fiu_run_preload.so libs/
> ./generate-test -c tests/open64.conf -o tests/open64.c
> ./generate-test -c tests/pread.conf -o tests/pread.c
> ./generate-test -c tests/pread64.conf -o tests/pread64.c
> ./generate-test -c tests/strdup.conf -o tests/strdup.c
> cc -I../libfiu/ -L../libfiu/ -D_XOPEN_SOURCE=600 -D_GNU_SOURCE -fPIC 
> -DFIU_ENABLE=1 -g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong -fstack-clash-protection -Wformat 
> -Werror=format-security -fcf-protection -std=c99 -pedantic -Wall \
>   -rdynamic -fno-optimize-sibling-calls test-enable_stack.c -lfiu 
> -lpthread -o test-enable_stack
> test-enable_stack.c: In function 'main':
> test-enable_stack.c:32:50: warning: ISO C forbids conversion of function 
> pointer to object pointer type [-Wpedantic]
>32 | r = fiu_enable_stack("fp-1", 1, NULL, 0, (void *) , -1);
>   |  ^
> cc -I../libfiu/ -L../libfiu/ -D_XOPEN_SOURCE=600 -D_GNU_SOURCE -fPIC 
> -DFIU_ENABLE=1 -g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong -fstack-clash-protection -Wformat 
> -Werror=format-security -fcf-protection -std=c99 -pedantic -Wall \
>   -rdynamic -fno-optimize-sibling-calls test-enable_stack_by_name.c -lfiu 
> -lpthread -o test-enable_stack_by_name
> cc -I../../libfiu/ -L../../libfiu/ -D_XOPEN_SOURCE=600 -D_GNU_SOURCE -fPIC 
> -DFIU_ENABLE=1 -g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong -fstack-clash-protection -Wformat 
> -Werror=format-security -fcf-protection -std=c99 -pedantic -Wall -std=c99 
> -pedantic -Wall tests/fopen.c -lfiu -o tests/fopen.bin
> LD_LIBRARY_PATH="./:../../libfiu/" ./binary
> make[4]: Leaving directory '/<>/tests/collisions'
> cc -I../libfiu/ -L../libfiu/ -D_XOPEN_SOURCE=600 -D_GNU_SOURCE -fPIC 
> -DFIU_ENABLE=1 -g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong -fstack-clash-protection -Wformat 
> -Werror=format-security -fcf-protection -std=c99 -pedantic -Wall 
> test-ferror.c -lfiu -lpthread -o test-ferror
> cc -I../../libfiu/ -L../../libfiu/ -D_XOPEN_SOURCE=600 -D_GNU_SOURCE -fPIC 
> -DFIU_ENABLE=1 -g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong -fstack-clash-protection -Wformat 
> -Werror=format-security -fcf-protection -std=c99 -pedantic -Wall -std=c99 
> -pedantic -Wall tests/fprintf.c -lfiu -o tests/fprintf.bin
> cc -I../../libfiu/ -L../../libfiu/ -D_XOPEN_SOURCE=600 -D_GNU_SOURCE -fPIC 
> -DFIU_ENABLE=1 -g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong -fstack-clash-protection -Wformat 
> -Werror=format-security -fcf-protection -std=c99 -pedantic -Wall -std=c99 
> -pedantic -Wall tests/fread.c -lfiu -o tests/fread.bin
> cc -I../../libfiu/ -L../../libfiu/ -D_XOPEN_SOURCE=600 -D_GNU_SOURCE -fPIC 
> -DFIU_ENABLE=1 -g -O2 -ffile-prefix-map=/<>=. 
> -fstack-protector-strong -fstack-clash-protection -Wformat 
> -Werror=format-security -fcf-protection -std=c99 -pedantic -Wall -std=c99 
> -pedantic -Wall tests/kill.c -lfiu -o tests/kill.bin
> LD_LIBRARY_PATH=../libfiu/ 
> LD_PRELOAD=./libs/fiu_run_preload.so:./libs/fiu_posix_preload.so 
> ./test-enable_stack
> ./wrap-python 3 ./test-basic.py
> Can't find python3 bindings, run make python3
> make[3]: *** [Makefile:96: 

Bug#1054895: O: php-fpdf -- PHP class to generate PDF files

[Alessandro De Zorzi]

Package: wnpp
Severity: normal
X-Debbugs-Cc: php-f...@packages.debian.org
Control: affects -1 + src:php-fpdf

Due to lack of interest and time
I intend to orphan the php-fpdf package.

cheers
Alessandro - Lota

Bug#1035936: fixed in maradns 2.0.13-1.4+deb11u1

[Andreas Beckmann]

On Thu, 29 Jun 2023 22:32:33 + Debian FTP Masters 
 wrote:

Source: maradns
Source-Version: 2.0.13-1.4+deb11u1
Done: Aron Xu 



 maradns (2.0.13-1.4+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team, patches are from
 Bastien Roucariès of LTS team.
   * CVE-2023-31137: integer underflow in the DNS packet decompression
 (Closes: #1035936).
   * CVE-2022-30256: revoked and expired domains remain resolvable for
 a long time (Closes: #1033252).


Can you upload that to unstable, too?

Thanks.

Andreas

Bug#1054667: [Pkg-javascript-devel] Bug#1054667: node-browserify-sign: CVE-2023-46234

[Yadd]

On 10/27/23 20:20, Moritz Mühlenhoff wrote:

Source: node-browserify-sign
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for node-browserify-sign.

CVE-2023-46234[0]:
| browserify-sign is a package to duplicate the functionality of
| node's crypto public key functions, much of this is based on Fedor
| Indutny's work on indutny/tls.js. An upper bound check issue in
| `dsaVerify` function allows an attacker to construct signatures that
| can be successfully verified by any public key, thus leading to a
| signature forgery attack. All places in this project that involve
| DSA verification of user-input signatures will be affected by this
| vulnerability. This issue has been patched in version 4.2.2.

https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw
https://github.com/browserify/browserify-sign/commit/85994cd6348b50f2fd1b73c54e20881416f44a30


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-46234
 https://www.cve.org/CVERecord?id=CVE-2023-46234

Please adjust the affected versions in the BTS as needed.


Hi,

please find attached the debdiff for Bookworm

Kind regards,
Yadddiff --git a/debian/changelog b/debian/changelog
index 5e3404f..c421503 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+node-browserify-sign (4.2.1-3+deb12u1) bookworm-security; urgency=high
+
+  * Team upload
+  * Properly check the upper bound for DSA signatures (Closes: #1054667, 
CVE-2023-46234)
+
+ -- Yadd   Sat, 28 Oct 2023 12:03:04 +0400
+
 node-browserify-sign (4.2.1-3) unstable; urgency=medium
 
   * Team upload
diff --git a/debian/patches/CVE-2023-46234.patch 
b/debian/patches/CVE-2023-46234.patch
new file mode 100644
index 000..152fd72
--- /dev/null
+++ b/debian/patches/CVE-2023-46234.patch
@@ -0,0 +1,68 @@
+Description: properly check the upper bound for DSA signatures
+Author: roadicing 
+Origin: upstream, https://github.com/browserify/browserify-sign/commit/85994cd6
+Bug: 
https://github.com/browserify/browserify-sign/security/advisories/GHSA-x9w5-v3q2-3rhw
+Bug-Debian: https://bugs.debian.org/1054667
+Forwarded: not-needed
+Applied-Upstream: 4.2.2, commit: 85994cd6
+Reviewed-By: Yadd 
+Last-Update: 2023-10-28
+
+--- a/browser/verify.js
 b/browser/verify.js
+@@ -78,7 +78,7 @@
+ 
+ function checkValue (b, q) {
+   if (b.cmpn(0) <= 0) throw new Error('invalid sig')
+-  if (b.cmp(q) >= q) throw new Error('invalid sig')
++  if (b.cmp(q) >= 0) throw new Error('invalid sig')
+ }
+ 
+ module.exports = verify
+--- a/test/index.js
 b/test/index.js
+@@ -4,6 +4,8 @@
+ var nCrypto = require('crypto')
+ var bCrypto = require('../browser')
+ var fixtures = require('./fixtures')
++var BN = require('bn.js')
++var parseKeys = require('parse-asn1')
+ 
+ function isNode10 () {
+   return parseInt(process.version.split('.')[1], 10) <= 10
+@@ -100,6 +102,35 @@
+   t.end()
+ })
+   }
++
++  var s = parseKeys(pub).data.q;
++  test(
++f.message + ' against a fake signature',
++{ skip: !s || '(this test only applies to DSA signatures and not EC 
signatures, this is ' + f.scheme + ')' },
++function (t) {
++  var messageBase64 = Buffer.from(f.message, 'base64');
++
++  // forge a fake signature
++  var r = new BN('1');
++
++  try {
++var fakeSig = asn1.signature.encode({ r: r, s: s }, 'der');
++  } catch (e) {
++t.ifError(e);
++t.end();
++return;
++  }
++
++  var bVer = bCrypto.createVerify(f.scheme);
++  t['throws'](
++function () { bVer.update(messageBase64).verify(pub, fakeSig); },
++Error,
++'fake signature is invalid'
++  );
++
++  t.end();
++}
++  );
+ })
+ 
+ fixtures.valid.kvectors.forEach(function (f) {
diff --git a/debian/patches/series b/debian/patches/series
index 8aafdeb..86ff972 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 drop-rmd160-support.patch
+CVE-2023-46234.patch

Bug#1001786: fixed in jpeg-xl 0.9.0~git20230612.38b629f-1

[Andreas Beckmann]

Control: reopen -1

On Tue, 13 Jun 2023 18:00:51 + Debian FTP Masters 
 wrote:

 jpeg-xl (0.9.0~git20230612.38b629f-1) experimental; urgency=medium

...

   * d/rules: Build gdk-pixbuf plugin. Closes: #1001786


That version was removed from experimental without being uploaded to 
unstable.



Andreas

Bug#1054894: haskell-bytestring-lexing: FTBFS on ppc64el: unrecognized opcode: `clrrhi'

[Sebastian Ramacher]

Source: haskell-bytestring-lexing
Version: 0.5.0.10-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)
X-Debbugs-Cc: sramac...@debian.org

https://buildd.debian.org/status/fetch.php?pkg=haskell-bytestring-lexing=ppc64el=0.5.0.10-1=1697971391=0

[2 of 3] Compiling Data.ByteString.Lex.Integral ( 
src/Data/ByteString/Lex/Integral.hs, 
dist-ghc/build/Data/ByteString/Lex/Integral.o, 
dist-ghc/build/Data/ByteString/Lex/Integral.dyn_o )
/tmp/ghc1310727_0/ghc_5.s: Assembler messages:

/tmp/ghc1310727_0/ghc_5.s:8917:0: error:
 Error: unrecognized opcode: `clrrbi'
 |
8917 | clrrbi 31, 31, 3
 | ^

/tmp/ghc1310727_0/ghc_5.s:14742:0: error:
 Error: unrecognized opcode: `clrrhi'
  |
14742 | clrrhi 31, 31, 3
  | ^

: error:
`powerpc64le-linux-gnu-gcc' failed in phase `Assembler'. (Exit code: 1)
-e: error: debian/hlibrary.setup build --builddir=dist-ghc returned exit code 1
 at /usr/share/perl5/Debian/Debhelper/Dh_Lib.pm line 880.
Debian::Debhelper::Dh_Lib::error("debian/hlibrary.setup build 
--builddir=dist-ghc returned exit"...) called at 
/usr/share/perl5/Debian/Debhelper/Dh_Lib.pm line 610
Debian::Debhelper::Dh_Lib::error_exitcode("debian/hlibrary.setup build 
--builddir=dist-ghc") called at /usr/share/perl5/Debian/Debhelper/Dh_Lib.pm 
line 473
Debian::Debhelper::Dh_Lib::doit("debian/hlibrary.setup", "build", 
"--builddir=dist-ghc") called at 
/usr/share/perl5/Debian/Debhelper/Buildsystem/Haskell/Recipes.pm line 656
Debian::Debhelper::Buildsystem::Haskell::Recipes::build_recipe() called 
at -e line 1
make: *** [/usr/share/cdbs/1/class/hlibrary.mk:158: build-ghc-stamp] Error 25

Cheers
-- 
Sebastian Ramacher

Bug#1054893: undertow: CVE-2023-3223

[Salvatore Bonaccorso]

Source: undertow
Version: 2.3.8-2
Severity: important
Tags: security upstream
Forwarded: https://issues.redhat.com/browse/UNDERTOW-2271
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for undertow.

CVE-2023-3223[0]:
| A flaw was found in undertow. Servlets annotated with
| @MultipartConfig may cause an OutOfMemoryError due to large
| multipart content. This may allow unauthorized users to cause remote
| Denial of Service (DoS) attack. If the server uses fileSizeThreshold
| to limit the file size, it's possible to bypass the limit by setting
| the file name in the request to null.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-3223
https://www.cve.org/CVERecord?id=CVE-2023-3223
[1] https://issues.redhat.com/browse/UNDERTOW-2271
[2] https://github.com/undertow-io/undertow/pull/1521

Regards,
Salvatore

Bug#1036906: debian-junior: Desktop environment for Debian Junior

[Stefan Kropp]

Control: reassign -1 tasksel
Control: affects -1 + debian-junior

debian-junior (1.31) has been uploaded to unstable.
There is a new meta package called junior-desktop [1]

It would be nice to add this package to the Debian Installer.
(Only junior-desktop - not the others in debian-junior)

The goal is to let the user install an Desktop environment for
the Debian Pure Blend project "Debian Jr." [2]

[1] https://packages.debian.org/unstable/junior-desktop
[2] https://www.debian.org/devel/debian-jr/

-- 
Stefan
Diese E-Mail wurde von einem Debian GNU/Linux System gesendet

Bug#1054892: nodejs: CVE-2023-39333 CVE-2023-38552

[Salvatore Bonaccorso]

Source: nodejs
Version: 18.13.0+dfsg1-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerabilities were published for nodejs.

CVE-2023-39333[0]:
| Code injection via WebAssembly export names


CVE-2023-38552[1]:
| When the Node.js policy feature checks the integrity of a resource
| against a trusted manifest, the application can intercept the
| operation and return a forged checksum to the node's policy
| implementation, thus effectively disabling the integrity check.
| Impacts: This vulnerability affects all users using the experimental
| policy mechanism in all active release lines: 18.x and, 20.x. Please
| note that at the time this CVE was issued, the policy mechanism is
| an experimental feature of Node.js.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-39333
https://www.cve.org/CVERecord?id=CVE-2023-39333
[1] https://security-tracker.debian.org/tracker/CVE-2023-38552
https://www.cve.org/CVERecord?id=CVE-2023-38552
[2] https://nodejs.org/en/blog/vulnerability/october-2023-security-releases

Regards,
Salvatore

Bug#1054806: git-cola: FTBFS: sed: can't read /<>/debian/git-cola/usr/lib/python3*/site-packages/cola/widgets/spellcheck.py: No such file or directory

[GCS]

Hi David,

On Sat, Oct 28, 2023 at 6:39 AM David Aguilar  wrote:
> This step in the build log looks suspicious:
>
> sed -i 's|env python|env python3|' \
>
> /<>/debian/git-cola/usr/lib/python3*/site-packages/cola/widgets/spellcheck.py
 Yes, this is the culprit and already fixed locally.

> Another note is that 3.12.0 is a very old version. Newer versions have
> the python3 shebangs. That's probably related.
 Then newer versions also have a new dependency that is not (yet)
packaged for Debian. I don't have time for that as if I remember
correctly it is something uncommon. I think I will let git-cola go.

Regards,
Laszlo/GCS

Bug#1054891: gcc-12: sizeof() error in called function

[rhys]

Package: gcc-12
Version: 12.2.0-14+rpi1
Severity: normal
X-Debbugs-Cc: rmor...@web.de

Dear Maintainer,

Following code:

#include 

char myBuf[] = { '\x01', '\x04', '\x31', '\x00', '\x00', '\x1D', '\x7E', '\xF7' 
};

void process_buffer (char *);

int main (int argc, char **argv) {
printf ("sizeof (myBuf) = %d\n", sizeof (myBuf));

process_buffer (myBuf);
}

void process_buffer (char *bufPtr) {
printf ("sizeof (bufPtr) = %d\n", sizeof (bufPtr));
}

produces following output:

sizeof (myBuf) = 8
sizeof (bufPtr) = 4

expected output (confirmed on Oracle Linux 8.4):

sizeof (myBuf) = 8
sizeof (bufPtr) = 8



-- System Information:
Distributor ID: Raspbian
Description:Raspbian GNU/Linux 12 (bookworm)
Release:12
Codename:   bookworm
Architecture: armv6l

Kernel: Linux 6.1.0-rpi4-rpi-v6 (UP)
Kernel taint flags: TAINT_CRAP
Locale: LANG=en_NZ, LC_CTYPE=en_NZ (charmap=ISO-8859-1) (ignored: LC_ALL set to 
en_NZ), LANGUAGE=en_NZ
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gcc-12 depends on:
ii  binutils   2.40-2+rpi2
ii  cpp-12 12.2.0-14+rpi1
ii  gcc-12-base12.2.0-14+rpi1
ii  libc6  2.36-9+rpt2+deb12u3
ii  libcc1-0   12.2.0-14+rpi1
ii  libgcc-12-dev  12.2.0-14+rpi1
ii  libgcc-s1  12.2.0-14+rpi1
ii  libgmp10   2:6.2.1+dfsg1-1.1
ii  libisl23   0.25-1
ii  libmpc31.3.1-1
ii  libmpfr6   4.2.0-1
ii  libstdc++6 12.2.0-14+rpi1
ii  libzstd1   1.5.4+dfsg2-5
ii  zlib1g 1:1.2.13.dfsg-1

Versions of packages gcc-12 recommends:
ii  libc6-dev  2.36-9+rpt2+deb12u3

Versions of packages gcc-12 suggests:
pn  gcc-12-doc  
pn  gcc-12-locales  

-- no debconf information

Bug#1054890: ddccontrol: conffiles not removed: /etc/dbus-1/system.d/ddccontrol.DDCControl.conf

[Paul Wise]

Package: ddccontrol
Version: 1.0.0-1
Severity: normal
User: debian...@lists.debian.org
Usertags: obsolete-conffile adequate

The recent upgrade did not deal with obsolete conffiles properly.
Please use the dpkg-maintscript-helper support provided by
dh_installdeb to remove these obsolete conffiles on upgrade.

https://www.debian.org/doc/debian-policy/ch-files.html#s-config-files
https://manpages.debian.org/man/1/dh_installdeb

This bug report brought to you by adequate:

https://bonedaddy.net/pabs3/log/2013/02/23/inadequate-software/

$ p=ddccontrol ; adequate $p ; dpkg-query -W -f='${Conffiles}\n' $p | grep 
obsolete
ddccontrol: obsolete-conffile /etc/dbus-1/system.d/ddccontrol.DDCControl.conf
 /etc/dbus-1/system.d/ddccontrol.DDCControl.conf 
26e8dc96db0945813b9058ef78afb5b4 obsolete

-- System Information:
Debian Release: trixie/sid
  APT prefers testing-debug
  APT policy: (900, 'testing-debug'), (900, 'testing'), (800, 
'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 
'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-2-amd64 (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ddccontrol depends on:
ii  ddccontrol-db   20231004-2
ii  libc6   2.37-12
ii  libddccontrol0  1.0.0-1

ddccontrol recommends no packages.

ddccontrol suggests no packages.

-- no debconf information

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#1054175: Closing: not a bug

[Yadd]

Control: close -1
Control: notfound -1 2.0.0-2

Closing: unable to reproduce

Bug#969177: debmake: cannot create deb for nodejs modeule

[Osamu Aoki]

Hi,

On Fri, 2023-10-27 at 20:59 +0530, Pirate Praveen wrote:
> 
> 
> On 27/10/23 8:12 PM, Osamu Aoki wrote:
> > Hi,
...
> > Can you elaborate what do you mean by
> > > Though after this it'd take some effort to edit source package name.
> > 
> > Maybe, we can work together to fix it.  Please understand I have no idea on
> > the nodejs package name conventions.
> 
> May be looking for a package.json or package.yaml file in the source 
> directory would be a better thing to detect a nodejs package.


Currently, I have 'src/debmake/analyze.py' containing:

> # Javascript nodejs
> elif os.path.isfile("package.json"):
> para["build_type"] = "nodejs"
> para["dh_with"].update({"nodejs"})
> para["build_depends"].update({"pkg-js-tools"})
> 

Should I do:
# Javascript nodejs
elif os.path.isfile("package.json") or os.path.isfile("package.yaml"):
para["build_type"] = "nodejs"
para["dh_with"].update({"nodejs"})
para["build_depends"].update({"pkg-js-tools"})

Regards,

Osamu