Bug#1063215: closed by Debian FTP Masters (reply to Luca Falavigna ) (Bug#1063215: fixed in gp-saml-gui 0.0~git20230507-3)

[Corey Hickey]

On 2024-02-10 10:06, Debian Bug Tracking System wrote:

#1063215: gp-saml-gui: package depends on openconnect, but openconnect not 
strictly necessary

It has been closed by Debian FTP Masters  (reply to 
Luca Falavigna ).


Thank you for including this.

-Corey

Bug#1061519: shim: all CVEs fixed in upstream 15.8, please package

[Martin-Éric Racine]

Package: shim
Followup-For: Bug #1061519

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

shim 15.8 @vathpela vathpela released this 23 Jan 19:01

What's New

* Various CVE fixes:
  CVE-2023-40546 mok: fix LogError() invocation
  CVE-2023-40547 - avoid incorrectly trusting HTTP headers
  CVE-2023-40548 Fix integer overflow on SBAT section size on 32-bit system
  CVE-2023-40549 Authenticode: verify that the signature header is in bounds.
  CVE-2023-40550 pe: Fix an out-of-bound read in verify_buffer_sbat()
  CVE-2023-40551: pe-relocate: Fix bounds check for MZ binaries

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEyJACx3qL7GpObXOQrh+Cd8S017YFAmXIZ50ACgkQrh+Cd8S0
17ZHWhAAge996R8VG8WR1eoqM13HYsAvDh/ITPOHEAInuAvxnxW2f77RQuAdh/lL
SK0++9aR6P2yQu1j+JjfRz7vBt4FQ1j08RkjYj3kpKq8nHdA6C0fg1OvqXKs5+lc
44noX5AfKGyYDu/EhNkmAdFmE98sRVRqLlu8Ilfg1r8/voYFLOeyplW1T5Pk9xqW
Uv+wvLFNyj5mxMakPRyuZWD0bjkw33GYHKHMG5uB1ElwKws8cS/Lh9ZjaDk0GBy+
m4v0mhsIghPCcrNSfNcxvBT7fzR0dsD/wO21rBLcJc3ExdCeA39U4+jO86TS2/39
cfJhaY5FO72F8kX5qDKsNJzvl8Bhq4gH7YtEqyZC9aYdQgSpUdAuU6RQu9zDvpZm
EKuJVmXlgc+4IhgYLzJDHH2rL9gI2IctMNPwlKPI89SVs5J+Ha11t8V6oC36Chgq
nWrJeWnAhgHiDoTwHwqsj2j3YAVE7lHrAcxqgN1Sl5knmO26qxf8ZgrjB3iR/lVR
ufjBnkN+MJaN5oSV4XUTOlOk8uDswtQ1b6ycJAHbA+XhyHcHLRFY4bLVuDviJFsd
c3HGcsjzEwepvkg5mmKBm9renLxyUkqhiXQ7JSr5nKWlkaz5DR/4t74sfPjm1qK2
jsugjusiKZG4D895vQ3QcDafL4hdpqgpfi8k4O/Xbq5ncFIjs4Y=
=bM7B
-END PGP SIGNATURE-

Bug#1063688: mypy fails with a combination of argparse and glob

[Mike Castle]

Package: mypy
Version: 1.0.1-1
Severity: normal
X-Debbugs-Cc: dalg...@gmail.com

Dear Maintainer,

$ cat u.py
import argparse
import glob

parser = argparse.ArgumentParser()
parser.add_argument('-g', type=glob.glob)

$ mypy u.py
u.py:5: error: Argument "type" to "add_argument" of "_ActionsContainer" has 
incompatible type "Callable[[AnyStr, DefaultNamedArg(Optional[Union[str, bytes, 
PathLike[str], PathLike[bytes]]], 'root_dir'), DefaultNamedArg(Optional[int], 
'dir_fd'), DefaultNamedArg(bool, 'recursive'), DefaultNamedArg(bool, 
'include_hidden')], List[AnyStr]]"; expected "Union[Callable[[str], 
List[AnyStr]], FileType]"  [arg-type]
Found 1 error in 1 file (checked 1 source file)

Add the following directive to whatever line contains "type=glob.glob" is a
work around:

# type: ignore[arg-type]

-- System Information:
Debian Release: 12.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-17-amd64 (SMP w/6 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages mypy depends on:
ii  python3   3.11.2-1+b1
ii  python3-mypy  1.0.1-1

Versions of packages mypy recommends:
ii  python3-typeshed  0.0~git20221107.4f381af-1

Versions of packages mypy suggests:
pn  mypy-doc  

-- no debconf information

Bug#1060934: pycountry: FTBFS: dh_auto_test: error: pybuild --test -i python{version} -p "3.12 3.11" returned exit code 13

[Scott Kitterman]

It's been a couple of weeks and no action upstream.  I'll plan on uploading 
this unless you'd rather I hold off for some reason.

Scott K

On Wed, 24 Jan 2024 16:56:30 -0500 Scott Kitterman  
wrote:
> On Tue, 16 Jan 2024 20:41:58 +0100 Lucas Nussbaum  wrote:
> > Source: pycountry
> > Version: 23.12.11+ds1-1
> > Severity: serious
> > Justification: FTBFS
> > Tags: trixie sid ftbfs
> > User: lu...@debian.org
> > Usertags: ftbfs-20240115 ftbfs-trixie
> > 
> > Hi,
> > 
> > During a rebuild of all packages in sid, your package failed to build
> > on amd64.
> 
> This is due to changes in the recent iso-codes upload.  the patch below fixes 
> it so it should work with either version:
> 
> --- pycountry-23.12.11+ds1.orig/src/pycountry/__init__.py
> +++ pycountry-23.12.11+ds1/src/pycountry/__init__.py
> @@ -169,7 +169,8 @@ class SubdivisionHierarchy(pycountry.db.
>  kw["parent_code"] = None
>  super().__init__(**kw)
>  self.country_code = self.code.split("-")[0]
> -if self.parent_code is not None:
> +if (self.parent_code is not None and
> +self.country_code != self.parent_code.split("-")[0]):
>  self.parent_code = f"{self.country_code}-{self.parent_code}"
>  
>  @property
> 
> Please let me know if you don't want an NMU.  This will eventually cause 
> xml2rfc to be removed, so I'll NMU at some point unless you want to take 
care 
> of it first (thanks if you do).
> 
> Scott K
=<2567281.9CzbHMAgVU@zini-1880>

signature.asc
Description: This is a digitally signed message part.

Bug#1063185: readpe: NMU diff for 64-bit time_t transition

[David da Silva Polverari]

Dear Steve,

First of all, thanks for your report and for the work on the transition!

After having a look at [1] and [2], I found the only reported problem
was due to the usage of a pointer to the pe_ctx structure (typedef'ed as
pe_ctx_t) [3] as the first parameter of the exported functions from
libpe, as its map_size field is of type off_t ("Base type has been
changed from long to long long. Recompilation of a client program may be
broken.").

The output of `apt rdepends libpe1` shows that only the binaries built
by readpe depend on it. Besides, within readpe itself, there is only one
mention to accessing the map_size field directly outside of libpe, and
it is commented out [4].

That said, I am not sure that including readpe in the transition will be
necessary, but maybe I have overlooked something. But I thought I should
add this information here.

[1] 
https://adrien.dcln.fr/misc/armhf-time_t/2024-02-01T09:53:00/compat_reports/libpe-dev/base_to_lfs/compat_report.html
[2] 
https://adrien.dcln.fr/misc/armhf-time_t/2024-02-01T09:53:00/compat_reports/libpe-dev/lfs_to_time_t/compat_report.html
[3] 
https://salsa.debian.org/pkg-security-team/readpe/-/blob/debian/master/lib/libpe/include/libpe/context.h?ref_type=heads#L72
[4] 
https://salsa.debian.org/pkg-security-team/readpe/-/blob/debian/master/src/pescan.c?ref_type=heads#L372

Regards,

-- 
⢀⣴⠾⠻⢶⣦⠀ David da Silva Polverari 
⣾⠁⢠⠒⠀⣿⡁
⢿⡄⠘⠷⠚⠋⠀ Debian: The universal operating system
⠈⠳⣄

Bug#1058563:

[Yangfl]

Hi,

1.6.0-2 comes with fix for debconf conflict with user's modification
on /etc/default/minissdpd. Please recheck if /etc/default/minissdpd
was accidentally edit by debconf and whether the issue is gone with
1.6.0-2.

Bug#955729:

[Sai Karthik]

Tags: wontfix

Since this package is unmaintained upstream, Marking this as wontfix
for now. Feel free to re assign this if inappropriate.
-- 
Sai Karthik

Bug#1063687: ITP: sploitscan -- Search for CVE information

[Josenilson Ferreira da Silva]

Package: wnpp
Severity: wishlist
Owner: Josenilson Ferreira da Silva 
X-Debbugs-Cc: debian-de...@lists.debian.org, nilsonfsi...@hotmail.com

* Package name: sploitscan
  Version : 0.0.0
  Upstream Contact: Alex xaitax 
* URL : https://github.com/xaitax/SploitScan
* License : GPL-3.0 
  Programming Lang: Python
  Description : Search for CVE information

  sploitScan is an efficient and easy-to-use command-line tool designed to
  query CVEs. Extremely important, as it allows professionals to implement
  measures that prevent the exploitation of discovered vulnerabilities.
  .
  Through ".csv and .json" files, the tool obtains information from the
  main entities that deal with CVE's, this allows you to:
- Extract CVE details from the national vulnerability database.
- Integration with EPSS (Exploit Prediction Scoring System), providing
  a probability score for the probability of CVE exploitation, assisting
  with prioritization.
- Gather PoCs (Proof of Concepts) publicly available exploits, improving
  understanding of vulnerabilities.
- Show through KEV whether CVE has been listed in the Cybersecurity and
  Infrastructure Security Agency's (CISA) Exploited Vulnerabilities.
- Capable of interacting with the Patch Priority System, responsible for
  evaluating and assigning a patch priority rating based on several factors,
  including the availability of public exploits.
- Multi-CVE support and export options: Supports multiple CVEs in a single
  run and allows you to export the results to JSON and CSV formats

Bug#1063686: installation-reports: GUI checkbox in high contrast dark mode isn't high contrast

[T. Joseph Carter]

Package: installation-reports
Severity: wishlist

Either normal/a11y or wishlist depending how you wanna call it.

I normally use the slang version of the Debian installer. Because I'm
using a 14" 1080p portable monitor here, I decided to use the GUI. In
dark mode because albino. Bright = pain. Sub-optimal install for me,
will switch to ssh as soon as the network's configured.

Went to select installer components because parted pls, but when I
selected it, I didn't see that it was selected at first. That's odd.
Then I looked closer and … oh yeah, I guess it is selected. Just this
theme/widget set uses a very small/thin checkmark inside the box.

Basically, I'd like a checkbox whose checked/unchecked states are more
visually not the same. Particularly important in the dark mode, since
that's intended to be high contrast for accessibility reasons. (Which is
why I was using it…)

Suggest a bigger/bolder checkmark might be the path of least resistance
for a fix.

Boot method: usb
Image version: 
https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-12.5.0-amd64-netinst.iso
Date: Sat, 10 Feb 2024 17:54:18 -0800 (in the middle of installing now)

Machine: Ryzen 3000 series with B450 chipset
Partitions: 

Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it

Initial boot:   [O]
Detect network card:[O]
Configure network:  [O]
Detect media:   [O]
Load installer modules: [?] ← Here's where I noticed the problem

Bug#1063685: precious - upcoming rust-indexmap update.

[Peter Michael Green]

Package: precious

Now that rust-ahash 0.8 is in trixie and noble I hope to update
rust-hashbrown and rust-indexmap soon to versions 0.14
and version 2 respectively. The new versions are currently
available in experimental.

precious does not use hashbrown directly, and already uses
indexmap 2 upstream, so the fix is a simple matter of
dropping a patch and updating the build dependency.

Debdiff is attatched.
diff -Nru precious-0.6.0/debian/changelog precious-0.6.0/debian/changelog
--- precious-0.6.0/debian/changelog 2024-01-30 14:43:30.0 +
+++ precious-0.6.0/debian/changelog 2024-02-11 01:24:39.0 +
@@ -1,3 +1,10 @@
+precious (0.6.0-3.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Drop 2001_indexnap.patch and update build-depends for indexmap 2.
+
+ -- Peter Michael Green   Sun, 11 Feb 2024 01:24:39 +
+
 precious (0.6.0-3) unstable; urgency=medium
 
   * update patch 2001_toml;
diff -Nru precious-0.6.0/debian/control precious-0.6.0/debian/control
--- precious-0.6.0/debian/control   2024-01-30 14:34:12.0 +
+++ precious-0.6.0/debian/control   2024-02-11 01:24:24.0 +
@@ -21,8 +21,8 @@
  librust-filetime-0.2+default-dev (>= 0.2.18),
  librust-globset-0.4+default-dev (>= 0.4.9),
  librust-ignore-0.4+default-dev (>= 0.4.18),
- librust-indexmap-1+default-dev (>= 1.9.1),
- librust-indexmap-1+serde-dev (>= 1.9.1),
+ librust-indexmap-2+default-dev (>= 2.0.2),
+ librust-indexmap-2+serde-dev (>= 2.0.2),
  librust-itertools+default-dev (<< 0.11),
  librust-log-0.4+default-dev (>= 0.4.17),
  librust-md5-0.7+default-dev,
diff -Nru precious-0.6.0/debian/patches/2001_indexmap.patch 
precious-0.6.0/debian/patches/2001_indexmap.patch
--- precious-0.6.0/debian/patches/2001_indexmap.patch   2023-12-19 
20:58:05.0 +
+++ precious-0.6.0/debian/patches/2001_indexmap.patch   1970-01-01 
00:00:00.0 +
@@ -1,18 +0,0 @@
-Description: accept older branch of crate indexmap
-Author: Jonas Smedegaard 
-Bug-Debian: https://bugs.debian.org/1053953
-Forwarded: not-needed
-Last-Update: 2023-12-19

-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
 a/Cargo.toml
-+++ b/Cargo.toml
-@@ -35,7 +35,7 @@
- filetime = "0.2.22"
- globset = "0.4.13"
- ignore = "0.4.20"
--indexmap = { version = "2.0.2", features = ["serde"] }
-+indexmap = { version = ">= 1.9.3, <= 2.0.2", features = ["serde"] }
- itertools = ">= 0.9.0, < 0.11.0"
- log = "0.4.20"
- md5 = "0.7.0"
diff -Nru precious-0.6.0/debian/patches/series 
precious-0.6.0/debian/patches/series
--- precious-0.6.0/debian/patches/series2023-11-28 23:56:05.0 
+
+++ precious-0.6.0/debian/patches/series2024-02-11 01:23:59.0 
+
@@ -1,4 +1,3 @@
 2001_comfy-table.patch
-2001_indexmap.patch
 2001_toml.patch
 2002_privacy.patch

Bug#831850: lxc: Please add a way to set root password for debian template

[Mathias Gibbens]

Control: tags -1 + wontfix

  Given that we've now had four releases of Debian without the
capability to set a root password via template argument and that the
upstream project is depreciated, I don't think it's worth the effort to
add this capability back -- tagging with wontfix. It's still documented
in lxc's README.Debian that you can run `lxc-attach -n 
passwd` to set a root password if really needed.

Mathias


signature.asc
Description: This is a digitally signed message part

Bug#1063684: cross-gcc-dev: needs update for gcc-13

[Samuel Thibault]

Package: cross-gcc-dev
Version: 248
Severity: important

Hello,

The gcc-13 doesn't apply any more, e.g. when using rebootstrap:

Applying patch 
/usr/share/cross-gcc/patches/gcc-13/0003-Compilers-now-depend-on-cpp-instead-of-gcc-base.patch
patching file debian/control.m4
Hunk #1 FAILED at 1157.
Hunk #2 FAILED at 3661.
2 out of 2 hunks FAILED -- rejects in file debian/control.m4
patching file debian/rules.conf
Hunk #1 succeeded at 1281 (offset 26 lines).
Patch 
/usr/share/cross-gcc/patches/gcc-13/0003-Compilers-now-depend-on-cpp-instead-of-gcc-base.patch
 does not apply (enforce with -f)

Samuel

-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'unreleased'), 
(500, 'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 
'oldstable-proposed-updates-debug'), (500, 'oldstable-proposed-updates'), (500, 
'oldoldstable-proposed-updates'), (500, 'oldoldstable'), (500, 
'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 
'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 6.7.0 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages cross-gcc-dev depends on:
ii  coreutils  9.4-3+b1
ii  make   4.3-4.1

cross-gcc-dev recommends no packages.

cross-gcc-dev suggests no packages.

-- no debconf information

-- 
Samuel
---
Pour une évaluation indépendante, transparente et rigoureuse !
Je soutiens la Commission d'Évaluation de l'Inria.

Bug#1063682: loupe - upcoming rust-hashbrown update.

[Peter Michael Green]

Package: loupe

Now that rust-ahash 0.8 is in trixie and noble I hope to update
rust-hashbrown and rust-indexmap soon to versions 0.14
and version 2 respectively. The new versions are currently
available in experimental.

loupe does not use hashbrown directly, and already uses
indexmap 2 upstream, so the fix is a simple matter of
dropping a patch and updating the build dependency.

Debdiff is attatched.diff -Nru loupe-45.3/debian/changelog loupe-45.3/debian/changelog
--- loupe-45.3/debian/changelog 2024-02-08 13:16:52.0 +
+++ loupe-45.3/debian/changelog 2024-02-10 22:30:45.0 +
@@ -1,3 +1,10 @@
+loupe (45.3-2.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Stop patching indexmap dependency and update build-depends accordingly.
+
+ -- Peter Michael Green   Sat, 10 Feb 2024 22:30:45 +
+
 loupe (45.3-2) unstable; urgency=medium
 
   * Enable sandboxing for glycin-loaders; this was wrongfully enabled
diff -Nru loupe-45.3/debian/control loupe-45.3/debian/control
--- loupe-45.3/debian/control   2024-02-08 12:55:23.0 +
+++ loupe-45.3/debian/control   2024-02-10 22:30:45.0 +
@@ -36,7 +36,7 @@
  librust-gtk4-0.7+v4-12-dev (>= 0.7.1-~~),
  librust-gtk4-0.7+xml-validation-dev (>= 0.7.1-~~),
  librust-gvdb-macros-0.1+default-dev (>= 0.1.10-~~),
- librust-indexmap-1+default-dev,
+ librust-indexmap-2+default-dev,
  librust-kamadak-exif-0.5+default-dev (>= 0.5.5-~~),
  librust-libadwaita-0.5+default-dev (>= 0.5.2-~~),
  librust-libadwaita-0.5+v1-4-dev (>= 0.5.2-~~),
diff -Nru loupe-45.3/debian/patches/relax-deps.diff 
loupe-45.3/debian/patches/relax-deps.diff
--- loupe-45.3/debian/patches/relax-deps.diff   2024-02-08 12:55:23.0 
+
+++ loupe-45.3/debian/patches/relax-deps.diff   1970-01-01 00:00:00.0 
+
@@ -1,25 +0,0 @@
-From: Matthias Geiger 
-Date: Wed, 4 Oct 2023 14:44:44 -0400
-Subject: Relax dependencies in Cargo.toml
-
-Debian and upstream crates versions often differ. So we relax the versions.
-
-Forwarded: not-needed
-Last-Update: 2023-10-05

- Cargo.toml | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Cargo.toml b/Cargo.toml
-index 0242c68..837e3e2 100644
 a/Cargo.toml
-+++ b/Cargo.toml
-@@ -21,7 +21,7 @@ env_logger = "0.10.0"
- futures = "0.3.25"
- glycin = "0.1.0"
- gvdb-macros = "0.1.6"
--indexmap = "2.0.0"
-+indexmap = "1.9"
- kamadak-exif = "0.5.5"
- libgweather = "4.3.0"
- log = "0.4.17"
diff -Nru loupe-45.3/debian/patches/series loupe-45.3/debian/patches/series
--- loupe-45.3/debian/patches/series2024-02-08 12:55:23.0 +
+++ loupe-45.3/debian/patches/series2024-02-10 22:29:37.0 +
@@ -1,2 +1 @@
-relax-deps.diff
 patch-meson-build.diff

Bug#1062633: libsoup2.4: NMU diff for 64-bit time_t transition

[Jeremy Bícha]

Hi,

libsoup2.4 ships Lintian overrides, copied here:

# Historical quirk. We'd rename it if the SONAME gets bumped, but it
isn't worth changing now
libsoup2.4-1: package-name-doesnt-match-sonames libsoup-2.4-1

# Historical quirk. We'd rename it if the SONAME gets bumped, but it
isn't worth changing now
libsoup-gnome2.4-1: package-name-doesnt-match-sonames libsoup-gnome-2.4-1

Instead of renaming to libsoup2.4-1t64 and libsoup-gnome2.4-1t64, can
we just rename to libsoup-2.4-1 and libsoup-gnome-2.4-1 and drop the
Lintian overrides?

Thank you,
Jeremy Bícha

Bug#1060774: bullseye-pu: netatalk/3.1.12~ds-8+deb11u2

[Daniel Markstedt]

Control: tags -1 - moreinfo

On Wednesday, February 7th, 2024 at 3:06 AM, Jonathan Wiltshire 
 wrote:

> 
> 
> Hi,
> 
> On Tue, Jan 16, 2024 at 08:30:52AM +, Daniel Markstedt wrote:
> 
> > 2024年1月16日 (火) 02:53, Adam D. Barratt 
> > <[a...@adam-barratt.org.uk](mailto:2024年1月16日 (火) 02:53, Adam D. Barratt 
> > < 送信:
> > 
> > > Control: tags -1 + moreinfo
> > > 
> > > On Sun, 2024-01-14 at 06:23 +, Daniel Markstedt wrote:
> > > 
> > > > CVE-2022-22995
> > > > Ref. advisory: https://netatalk.sourceforge.io/CVE-2022-22995.php
> > > > 
> > > > The attached patch can be applied to Debian oldstable to address the
> > > > vulnerability.
> > > 
> > > In order to approve an upload, we need to see a full source debdiff of
> > > the proposed new package, not just the isolated patch. Please remove
> > > the moreinfo tag when providing that.
> > 
> > Adam, thanks for following up on this request.
> > I will work on a debdiff when I’m back home this coming weekend.
> > Right now I’m working offsite without access to a personal computer.
> 
> 
> Ping? It's now too late for 11.9 but your request can be considered for
> 11.10 if you send a debdiff.
> 
> Thanks,
> 
> --
> Jonathan Wiltshire j...@debian.org
> Debian Developer http://people.debian.org/~jmw
> 
> 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
> ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Jonathan,

Please find a debdiff attached here. Is this adequate for doing the security 
release?

Thank you!

Danieldiff -Nru netatalk-3.1.12~ds/debian/changelog 
netatalk-3.1.12~ds/debian/changelog
--- netatalk-3.1.12~ds/debian/changelog 2023-09-20 05:19:20.0 +
+++ netatalk-3.1.12~ds/debian/changelog 2024-02-10 23:49:31.0 +
@@ -1,3 +1,10 @@
+netatalk (3.1.12~ds-8+deb11u2) bullseye-security; urgency=high
+
+  * Fix CVE-2022-22995. Harden create_appledesktop_folder.
+closes: bug#1060773
+
+ -- Daniel Markstedt   Sat, 10 Feb 2024 23:49:31 +
+
 netatalk (3.1.12~ds-8+deb11u1) bullseye-security; urgency=high
 
   * Fix CVE-2021-31439, CVE-2022-0194, CVE-2022-23121, CVE-2022-23122,
diff -Nru netatalk-3.1.12~ds/debian/patches/CVE-2022-22995.patch 
netatalk-3.1.12~ds/debian/patches/CVE-2022-22995.patch
--- netatalk-3.1.12~ds/debian/patches/CVE-2022-22995.patch  1970-01-01 
00:00:00.0 +
+++ netatalk-3.1.12~ds/debian/patches/CVE-2022-22995.patch  2024-02-10 
23:40:03.0 +
@@ -0,0 +1,63 @@
+Description: CVE-2022-22995
+Author: Daniel Markstedt 
+Origin: 
https://github.com/Netatalk/netatalk/commit/9eb6d9d0ac17dca210ccbf05476a925a6b379dfb.diff
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/etc/afpd/desktop.c
 b/etc/afpd/desktop.c
+@@ -12,8 +12,10 @@
+ #endif /* HAVE_CONFIG_H */
+ 
+ #include 
++#include 
+ #include 
+ #include 
++#include 
+ 
+ #include 
+ 
+@@ -212,7 +214,6 @@
+ {
+ bstring olddtpath = NULL, dtpath = NULL;
+ struct stat st;
+-char *cmd_argv[4];
+ 
+ olddtpath = bfromcstr(vol->v_path);
+ bcatcstr(olddtpath, "/" APPLEDESKTOP);
+@@ -220,27 +221,24 @@
+ dtpath = bfromcstr(vol->v_dbpath);
+ bcatcstr(dtpath, "/" APPLEDESKTOP);
+ 
+-if (lstat(cfrombstr(dtpath), ) != 0) {
+-
+-become_root();
++become_root();
+ 
+-if (lstat(cfrombstr(olddtpath), ) == 0) {
+-cmd_argv[0] = "mv";
+-cmd_argv[1] = bdata(olddtpath);
+-cmd_argv[2] = bdata(dtpath);
+-cmd_argv[3] = NULL;
+-if (run_cmd("mv", cmd_argv) != 0) {
+-LOG(log_error, logtype_afpd, "moving .AppleDesktop from 
\"%s\" to \"%s\" failed",
++if (lstat(cfrombstr(dtpath), ) != 0) {
++if ((lstat(cfrombstr(olddtpath), ) == 0) && (S_ISDIR(st.st_mode) 
!= 0)) {
++  if (rename(bdata(olddtpath), bdata(dtpath)) != 0) {
++LOG(log_error, logtype_afpd, "moving .AppleDesktop from 
\"%s\" failed; creating new dir \"%s\"",
+ bdata(olddtpath), bdata(dtpath));
+ mkdir(cfrombstr(dtpath), 0777);
+ }
+ } else {
++LOG(log_debug, logtype_afpd, "no valid .AppleDesktop dir found; 
creating new dir \"%s\"",
++bdata(dtpath));
+ mkdir(cfrombstr(dtpath), 0777);
+ }
+-
+-unbecome_root();
+ }
+ 
++unbecome_root();
++
+ bdestroy(dtpath);
+ bdestroy(olddtpath);
+ }
diff -Nru netatalk-3.1.12~ds/debian/patches/series 
netatalk-3.1.12~ds/debian/patches/series
--- netatalk-3.1.12~ds/debian/patches/series2023-09-20 05:19:20.0 
+
+++ netatalk-3.1.12~ds/debian/patches/series2024-02-10 23:40:03.0 
+
@@ -28,3 +28,4 @@
 CVE-2022-23121_regression.patch
 CVE-2022-23123_part6.patch
 CVE-2023-42464.patch
+CVE-2022-22995.patch

Bug#1063675: bookworm-pu: package nvidia-graphics-drivers/525.147.05-6~deb12u1

[Jonathan Wiltshire]

Control: tag -1 confirmed

On Sat, Feb 10, 2024 at 11:00:58PM +0100, Andreas Beckmann wrote:
> [ Reason ]
> 1) A backported (by upstream) change in Linux 6.1.76 (included in
> today's point release) broke compilation of the non-free nvidia kernel
> module. A patched version of the driver is available in sid.
> 
> 2) In order to simplify future maintenance of the many Nvidia driver
> packages (also in stable and oldstable) I'm going to remove the
> distinction between "normal" and "Tesla" drivers (they were at the
> same version in stable anyway). The Tesla specific bits
> (src:nvidia-graphics-drivers-tesla) will be merged into
> src:nvidia-graphics-drivers (that mainly means addition of the ppc64el
> architecture to these packages, and building some binary packages from
> src:nvidia-graphics-drivers instead: nvidia-powerd, nvidia-cuda-mps).
> nvidia-detect has been updated, too, as it no longer needs to
> distinguish the Tesla variants.
> There will be one further update to src:nvidia-graphics-drivers-tesla
> in stable that turns these packages into transitional packages depending
> on their counterparts from src:nvidia-graphics-drivers. (Separate PU
> request upcoming.)
> There will also be a PU request for nvidia-settings, as we need to
> enable building that on ppc64el. (The src:nvidia-settings-tesla package
> will then become obsolete.)
> 
> 3) In order to better integrate the nvidia driver with the system power
> management, a new package nvidia-suspend-common is being introduced
> which properly ships and enables some systemd units that were previously
> only being shipped as examples. These power management changes are an
> enhancement for the 525 series, but seem to be required in the 535
> series. (We will have to switch to the 535 LTSB series in stable soon,
> as 525 has reached EoL. 535 will be supported till mid 2026, so that will
> be the last driver branch switch for bookworm.)
> nvidia-suspend-common was already prepared in the previous pu update,
> but not yet enabled on stable as it hadn't undergone enough testing. As
> no new issues have popped up on sid, I'm confident to enable this in
> stable now.

Please go ahead. Is this something we should release early through
stable-updates, given the breakage is caused by a point release?

Thanks,

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Bug#1061706: ITP: distrobuilder -- System container image builder for LXC and Incus

[Mathias Gibbens]

  Will likely want to package the lxc-ci image yamls from
https://github.com/lxc/lxc-ci as "distrobuilder-images" and depend on
that to provide a good set of image templates.


signature.asc
Description: This is a digitally signed message part

Bug#1063677: experimental version does not sho binNMU changelogs

[Jonathan Kamens]

Thank you for your report.

I need more information to investigate it.

Specifically:

1) I need to know which specific package you observed this problem with 
during an upgrade.


2) I need you to send me the snapshot in 
/var/lib/apt/listchanges-snapshots corresponding to the apt run in which 
you observed the issue. Please upload it to a file sharing site and send 
me the link (privately, not in the ticket). I'll let you know when I've 
downloaded it so you can remove the uploaded copy.


Thank you,

Jonathan Kamens

Bug#1063681: profile-sync-daemon: Please add missing dependencies

[Thomas Uhle]

Package: profile-sync-daemon
Version: 6.50-1
Severity: normal
Tags: patch

Dear maintainers,

profile-sync-daemon does not work without awk, gdbus, modinfo, pgrep, 
pkill, sudo and systemd-inhibit.  So could you please update the package's 
dependencies with the packages awk, kmod, libglib2.0-bin, procps, sudo 
and systemd.  A patch for the necessary change is attached.


Thank you in advance!

Best regards,

Thomas Uhle


-- System Information:
Debian Release: 12.5
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'proposed-updates'), (500, 
'stable')
Architecture: arm64 (aarch64)
Foreign Architectures: armhf

Kernel: Linux 6.1.0-18-arm64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8), LANGUAGE=en_US.UTF-8
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages profile-sync-daemon depends on:
ii  init-system-helpers  1.65.2
ii  rsync3.2.7-1

profile-sync-daemon recommends no packages.

Versions of packages profile-sync-daemon suggests:
ii  libpam-systemd  252.22-1~deb12u1
ii  systemd-sysv252.22-1~deb12u1

psd-fix-dependencies.diff.gz
Description: GNU Zip compressed data

Bug#1060164: (no subject)

[Gordon Ball]

Yes. I can see that there are API methods which expose nlohmann::json 
(eg, 
https://github.com/jupyter-xeus/xeus/blob/ebd21e9e7cfe143b4d0a6783112cc9006b456915/include/xeus/xdebugger.hpp#L55-L60) 
so changes the header library are going to cause ABI breakage.


I don't see much choice here but to binNMU xeus, xeus-zmq, xeus-python, 
which will presumably break custom kernels compiled against it and an 
older version of nl::json. I considered just updating everything to new 
versions and "rolling forward", but the latest version of xeus-zmq at 
least has an soversion bump so probably better to request binNMUs before 
waiting for NEW.

Bug#1063680: nmu: xeus_3.1.3-1

[Gordon Ball]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
X-Debbugs-Cc: x...@packages.debian.org, gor...@chronitis.net
Control: affects -1 + src:xeus

xeus exposes the interface of nlohmann::json as part of its ABI
(unfortunately), and changes in the header library from 3.11.2 to 3.11.3
have consequently caused an ABI break. This library is still fairly
niche, and I think this can probably just be dealt with for now by
NMUing the library and packaged dependencies.

nmu xeus_3.1.3-1 . ANY . unstable . -m "Rebuild against nlohmann-json3-dev 
3.11.3"
nmu xeus-zmq_1.1.1-1 . ANY . unstable . -m "Rebuild against nlohmann-json3-dev 
3.11.3"
nmu xeus-python_0.15.10+~0.6.1-1 . ANY . unstable . -m "Rebuild against 
nlohmann-json3-dev 3.11.3"

Bug#1052376: lxpanel: no longer obeys its geometry settings

[unknown]

Is there a way to help fixing that?

I get that the responsible DD(s) are ovewhelmed and unable to pay
attention to even a grave category bug. Could we somehow lend a hand?

Grigor

Bug#992255: openvpn fails in a container (missing cgroup2 support)

[Mathias Gibbens]

  It seems reasonable to me to add corresponding
"lxc.cgroup2.devices.allow" lines to the debian configuration file.
That appears to be the common solution that other users of lxc have
done when searching for discussions of similar issues.

  I'm not going to immediately push the updated config, as I don't want
to accidentally break something or weaken an assumed protection that
currently exists. However, if I don't hear any objections after a while
I'll make the changes later this year.

Mathias


signature.asc
Description: This is a digitally signed message part

Bug#1043530: closed by Debian FTP Masters (reply to Yangfl ) (Bug#1043530: fixed in micropython 1.22.1+ds-1)

[Faidon Liambotis]

Control: reopen -1

Hi there,

Thanks for including asyncio in the 1.22.1+ds-1 upload! That's already
going to be extremely useful!

The bug report was also requesting to ship the "mip" module as well, as
evident from the Subject and this:

On Sat, Feb 10, 2024 at 06:27:09PM +, Debian Bug Tracking System wrote:
> On that matter, the build above also enabled "mip", the new package
> manager and flagship feature of v1.20:
>>>> import mip
>>>>
> (There are some mbedTLS DEBUG messages being emitted when fetching from
> e.g. GitHub, that I haven't tracked down yet, but that's getting a
> little offtopic.)

I don't believe this has happened yet, so reopening the bug report.

On a different note: I looked into git to check whether this was fixed
there before I replied here. It was quite hard to understand the commit
history: it seems like the entirety of the upload was pushed as one
commit, including a re-export of debian/patches etc. I would recommend
that you commit changes as you go, one commit per functional change etc.

Thanks,
Faidon

Bug#1063679: O: unionfs-fuse -- Fuse implementation of unionfs

[Bernd Schubert]

Package: wnpp
Severity: normal


Dear Debian maintainers,

unfortunately I don't have time anymore to maintain unionfs-fuse. There
hadn't been any updates from me for the last years and I'm afraid it
does not get any better.
To my excuse I actually tried to upload a new version some time ago (1
or 2 years ago now), posted it to to debian mentors - no progress and I
then didn't have time again either - the updated package was
auto-removed from mentors.debian.net/packages/.



Thanks,
Bernd

Bug#1063508: ITP: node-long -- Class for representing 64-bit two's-complement integer value

[Bastien ROUCARIES]

Hi,

Moreover other package embed it and need repacking (after checking)
and filling RC bug:
node-enquirer: /usr/share/doc/node-enquirer/examples/select/select-long.js
node-mongodb: /usr/lib/nodejs/bson/lib/bson/long.js
node-mongodb: /usr/share/nodejs/mongodb/node_modules/bson/lib/bson/long.js
node-webassemblyjs:
/usr/share/nodejs/webassemblyjs/node_modules/@xtuc/long/dist/long.js
node-webassemblyjs:
/usr/share/nodejs/webassemblyjs/node_modules/@xtuc/long/dist/long.js.map
node-webassemblyjs:
/usr/share/nodejs/webassemblyjs/node_modules/@xtuc/long/src/long.js
pipewire-doc: /usr/share/doc/pipewire/html/structspa__pod__long.js
python3-jupyterlab:
/usr/share/jupyter/lab/staging/node_modules/@xtuc/long/dist/long.js
python3-jupyterlab:
/usr/share/jupyter/lab/staging/node_modules/@xtuc/long/dist/long.js.map
python3-jupyterlab:
/usr/share/jupyter/lab/staging/node_modules/@xtuc/long/src/long.js
python3-jupyterlab:
/usr/share/jupyter/lab/staging/node_modules/minimist/test/long.js

Bastien

Le sam. 10 févr. 2024 à 17:28, Marco Trevisan  a écrit :
>
> Hi Bastien,
>
> I checked again, it definitely still has it, however it's completely
> optional so I think we can just do some repackaged sources.
>
> Il giorno ven 9 feb 2024 alle ore 21:33 Bastien ROUCARIES
>  ha scritto:
> >
> >
> >
> > Le ven. 9 févr. 2024 à 04:42, Marco Trevisan  a écrit :
> >>
> >> Package: wnpp
> >> Severity: wishlist
> >> Owner: Marco Trevisan (Treviño) 
> >> X-Debbugs-CC: debian-de...@lists.debian.org
> >>
> >> * Package name: node-long
> >>   Version : 5.2.3
> >>   Upstream Author : Daniel Wirtz 
> >> * URL : https://github.com/dcodeIO/long.js#readme
> >> * License : Apache-2.0
> >>   Programming Lang: JavaScript
> >>   Description : Class for representing 64-bit two's-complement
> >> integer value
> >>
> >>  A Long class for representing a 64 bit two's-complement integer value
> >>  derived from the Closure Library for stand-alone use and extended with
> >>  unsigned support.
> >>  .
> >>  This is a class used by various modules that does not use newer bigint.
> >>  .
> >>  Node.js is an event-based server-side JavaScript engine.
> >>
> >> This is a tiny module that is needed for protobufjs (bug #977564),
> >> although being widely used according to npm stats, I feel it's better to
> >> package it as standalone and not as grouped package.
> >>
> >> Salsa repository is at:
> >>  https://salsa.debian.org/3v1n0-guest/node-esm2umd/-/tree/debian/latest
> >>
> >> Please mark the debian/latest as default branch since I can't change it 
> >> myself.
> >>
> >> The package had a dependency on a very tiny project (esm2umd) that was
> >> just basically a tiny wrapper to babel. I've also prepared the packaging
> >> for it [1], but given that such project has not a clear license (I
> >> mailed the maintainer meanwhile), I preferred to avoid using it, also
> >> because it's really just a script using babel and I have been able to
> >> easily re-implement it, making the build process slightly bigger
> >>
> >> The package needs sponsor, since I'm only a maintainer, but I'll be
> >> happy keeping the maintenance of it.
> >
> >
> > Hi will do but last i checked it has a long line of wasm wirhout source
> >
> > Bastien
> >>
> >>
> >> I've given access to the js salsa team.
> >>
> >> [1] https://salsa.debian.org/3v1n0-guest/node-esm2umd/
> >>

Bug#1063678: libmrss0: Memory leak while parsing an RSS2 feed

[Mikhail Kot]

Package: libmrss0
Version: 0.19.2-7
Severity: important
X-Debbugs-Cc: to-debian-...@myrrc.dev

Dear Maintainer,

I have found a bug in libmrss0 leading to memory leak on parsing some of
files. Please find the details attached.

For the following program:

```c
int main(int argc, char **argv) {
  (void)argc, (void)argv;
  mrss_t *doc = NULL;

  FILE *rss = fopen("rss.xml", "r");
  fseek(rss, 0, SEEK_END);
  long len = ftell(rss);
  rewind(rss);

  char *str = malloc(len + 1);
  fread(str, len, 1, rss);
  fclose(rss);
  str[len] = 0;

  mrss_parse_buffer(str, len, );
  mrss_free(doc);
  free(str);
  return 0;
}
```

built with

```
gcc -o out -fsanitize=address nxml_err.c -lmrss
```

Given rss.xml is `wget https://blog.demofox.org/rss.xml`,

ASan reports the following error:

```
=
==967975==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 3 byte(s) in 1 object(s) allocated from:
#0 0x7f87515749a7 in __interceptor_strdup 
../../../../src/libsanitizer/asan/asan_interceptors.cpp:454
#1 0x7f87511cec70 in nxmle_find_attribute 
(/lib/x86_64-linux-gnu/libnxml.so.0+0x5c70)

SUMMARY: AddressSanitizer: 3 byte(s) leaked in 1 allocation(s).
```

The issue also reproduces on different files. On some other files,
a bigger leak is reported.

```
=
==966721==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 376010 byte(s) in 18 object(s) allocated from:
#0 0x7ff5db6989a7 in __interceptor_strdup 
../../../../src/libsanitizer/asan/asan_interceptors.cpp:454
#1 0x7ff5dad73029 in nxml_get_string 
(/lib/x86_64-linux-gnu/libnxml.so.0+0x5029)

Direct leak of 3 byte(s) in 1 object(s) allocated from:
#0 0x7ff5db6989a7 in __interceptor_strdup 
../../../../src/libsanitizer/asan/asan_interceptors.cpp:454
#1 0x7ff5dad73c70 in nxmle_find_attribute 
(/lib/x86_64-linux-gnu/libnxml.so.0+0x5c70)

SUMMARY: AddressSanitizer: 376013 byte(s) leaked in 19 allocation(s).
```

Libmrss0 uses nxml0 internally. For the following program,

```c
int main(int argc, char **argv) {
  (void)argc, (void)argv;
  nxml_t *doc = NULL;

  FILE *rss = fopen("rss.xml", "r");
  fseek(rss, 0, SEEK_END);
  long len = ftell(rss);
  rewind(rss);

  char *str = malloc(len + 1);
  fread(str, len, 1, rss);
  fclose(rss);
  str[len] = 0;

  if (nxml_new() != NXML_OK)
return 1;
  nxml_parse_buffer(doc, str, len);
  nxml_free(doc);

  free(str);
  return 0;
}
```

built with

```
gcc -o out -fsanitize=address nxml_err.c -lnxml
```

the leak does not reproduce which makes me think the issue not related to
libnxml0.
If we modify the first program to parse an url instead,

```
mrss_parse_url("https://blog.demofox.org/rss.xml;, );
```

the error remains the same which makes me think the issue is not related
to libcurl.

According to libmrss0 sources
(https://github.com/bakulf/libmrss/blob/cc2f489ba698a2227065731b714905ab56b1de1a/test/parser.c#L27),
no invocation except `mrss_free` is required, so I believe
this is a bug indeed.


-- System Information:
Debian Release: bookworm/sid
  APT prefers jammy-updates
  APT policy: (500, 'jammy-updates'), (500, 'jammy-security'), (500, 'jammy'), 
(100, 'jammy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.15.0-25-generic (SMP w/12 CPU threads)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libmrss0 depends on:
ii  libc62.35-0ubuntu3.6
ii  libcurl3-gnutls  7.81.0-1ubuntu1.15
ii  libnxml0 0.18.4-1

libmrss0 recommends no packages.

libmrss0 suggests no packages.

-- no debconf information

Bug#1063677: experimental version does not sho binNMU changelogs

[Jochen Sprickerhof]

Package: apt-listchanges
Version: 4.4
Severity: normal

As title says.


-- Package-specific info:
==> /etc/apt/listchanges.conf <==
[apt]
frontend=pager
which=news
email_address=root
email_format=text
confirm=false
headers=false
reverse=false
save_seen=/var/lib/apt/listchanges
capture_snapshots=auto
snapshot_dir=/var/lib/apt/listchanges-snapshots


==> /etc/apt/listchanges.conf.d/jo-tools.conf <==
[apt]
which=both
email_address=none
headers=true
reverse=true
no_network=false

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.6.13-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apt-listchanges depends on:
ii  apt2.7.10
ii  debconf [debconf-2.0]  1.5.85
ii  python33.11.6-1
ii  python3-apt2.7.5
ii  python3-debconf1.5.85
ii  sensible-utils 0.0.22
ii  ucf3.0043+nmu1

apt-listchanges recommends no packages.

Versions of packages apt-listchanges suggests:
ii  chromium [www-browser]  121.0.6167.160-1
pn  default-mta | mail-transport-agent  
ii  firefox [www-browser]   122.0.1-1
ii  lynx [www-browser]  2.9.0rel.0-2
ii  python3-gi  3.46.0-3
ii  w3m [www-browser]   0.5.3+git20230121-2+b2
pn  x-terminal-emulator 

-- debconf information:
* apt-listchanges/frontend: pager
* apt-listchanges/confirm: false
* apt-listchanges/email-format: text
* apt-listchanges/headers: false
* apt-listchanges/email-address: root
* apt-listchanges/no-network: false
* apt-listchanges/save-seen: true
* apt-listchanges/reverse: false
* apt-listchanges/which: news

Bug#1037299: debian-live-12.0.0-amd64-xfce.iso: "Install Debian" -> "Untrusted application launcher"

[Simon McVittie]

On Sat, 10 Jun 2023 at 17:42:34 +0100, Simon McVittie wrote:
> Here is a route towards a proper fix which can hopefully go into the
> 12.1 point release:
> 
> # as root
> apt install libglib2.0-bin
> 
> # as the 'live' user
> gio set --type=string ~/Desktop/install-debian.desktop \
> metadata::trusted true
> gio set --type=string ~/Desktop/install-debian.desktop \
> metadata::xfce-exe-checksum \
> "$(sha256sum ~/Desktop/install-debian.desktop | cut -f1)"
> touch ~/Desktop/install-debian.desktop

I might have been transcribing this incorrectly from the live session
(which didn't have a convenient storage mechanism).
https://salsa.debian.org/live-team/calamares-settings-debian-packaging/-/merge_requests/2
points out that I probably meant $(... | cut -f1 -d ' '), to get only
the checksum and not the whole line.

smcv

Bug#1063676: rust-ahash - upcoming rust-hashbrown update.

[Peter Michael Green]

Package: rust-ahash

Now that rust-ahash 0.8 is in trixie and noble I hope to update
rust-hashbrown and rust-indexmap soon to versions 0.14
and version 2 respectively.

ahash has a dev-dependency on hashbrown which the current
packaging translates into a build-dependency and a
test-dependency. After bumping these dependencies the
package builds/and runs autopkgtests fine.
diff -Nru rust-ahash-0.8.7/debian/changelog rust-ahash-0.8.7/debian/changelog
--- rust-ahash-0.8.7/debian/changelog   2024-02-06 19:01:40.0 +
+++ rust-ahash-0.8.7/debian/changelog   2024-02-10 21:45:21.0 +
@@ -1,3 +1,10 @@
+rust-ahash (0.8.7-4.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Bump hasbrown dev-dependency to 0.14.
+
+ -- Peter Michael Green   Sat, 10 Feb 2024 21:45:21 +
+
 rust-ahash (0.8.7-4) unstable; urgency=medium
 
   * relax to declare most package relations unversioned:
diff -Nru rust-ahash-0.8.7/debian/control rust-ahash-0.8.7/debian/control
--- rust-ahash-0.8.7/debian/control 2024-02-06 18:58:48.0 +
+++ rust-ahash-0.8.7/debian/control 2024-02-10 21:43:07.0 +
@@ -12,7 +12,7 @@
  librust-fnv-1+default-dev ,
  librust-fxhash-0.2+default-dev ,
  librust-getrandom-0.2+default-dev ,
- librust-hashbrown-0.12+default-dev ,
+ librust-hashbrown-0.14+default-dev ,
  librust-hex-0.4+default-dev ,
  librust-no-panic-0.1+default-dev ,
  librust-once-cell-1+alloc-dev ,
diff -Nru rust-ahash-0.8.7/debian/patches/1003_hashbrown.patch 
rust-ahash-0.8.7/debian/patches/1003_hashbrown.patch
--- rust-ahash-0.8.7/debian/patches/1003_hashbrown.patch1970-01-01 
00:00:00.0 +
+++ rust-ahash-0.8.7/debian/patches/1003_hashbrown.patch2024-02-10 
21:45:21.0 +
@@ -0,0 +1,14 @@
+Description: Bump hasbrown dev-dependency to 0.14.
+Author: Peter Michael Green 
+
+--- rust-ahash-0.8.7.orig/Cargo.toml
 rust-ahash-0.8.7/Cargo.toml
+@@ -95,7 +95,7 @@ fxhash = "0.2.1"
+ hex = "0.4.2"
+ rand = "0.8.5"
+ serde_json = "1.0.59"
+-hashbrown = "0.12.3"
++hashbrown = "0.14"
+ 
+ [package.metadata.docs.rs]
+ rustc-args = ["-C", "target-feature=+aes"]
diff -Nru rust-ahash-0.8.7/debian/patches/series 
rust-ahash-0.8.7/debian/patches/series
--- rust-ahash-0.8.7/debian/patches/series  2024-02-01 20:48:14.0 
+
+++ rust-ahash-0.8.7/debian/patches/series  2024-02-10 21:45:21.0 
+
@@ -1,5 +1,6 @@
 0_bigendian.patch
 1001_bench_overflow.patch
 1002_test_feature_requirements.patch
+1003_hashbrown.patch
 2001_zerocopy.patch
 2002_no_nightly.patch
diff -Nru rust-ahash-0.8.7/debian/tests/control 
rust-ahash-0.8.7/debian/tests/control
--- rust-ahash-0.8.7/debian/tests/control   2024-02-06 18:58:28.0 
+
+++ rust-ahash-0.8.7/debian/tests/control   2024-02-10 21:45:21.0 
+
@@ -8,7 +8,7 @@
  librust-criterion-0.3+html-reports-dev,
  librust-fnv-1+default-dev,
  librust-fxhash-0.2+default-dev,
- librust-hashbrown-0.12+default-dev,
+ librust-hashbrown-0.14+default-dev,
  librust-hex-0.4+default-dev,
  librust-no-panic-0.1+default-dev,
  librust-rand-0.8+default-dev,
@@ -26,7 +26,7 @@
  librust-criterion-0.3+html-reports-dev,
  librust-fnv-1+default-dev,
  librust-fxhash-0.2+default-dev,
- librust-hashbrown-0.12+default-dev,
+ librust-hashbrown-0.14+default-dev,
  librust-hex-0.4+default-dev,
  librust-no-panic-0.1+default-dev,
  librust-rand-0.8+default-dev,
@@ -44,7 +44,7 @@
  librust-criterion-0.3+html-reports-dev,
  librust-fnv-1+default-dev,
  librust-fxhash-0.2+default-dev,
- librust-hashbrown-0.12+default-dev,
+ librust-hashbrown-0.14+default-dev,
  librust-hex-0.4+default-dev,
  librust-no-panic-0.1+default-dev,
  librust-rand-0.8+default-dev,
@@ -62,7 +62,7 @@
  librust-criterion-0.3+html-reports-dev,
  librust-fnv-1+default-dev,
  librust-fxhash-0.2+default-dev,
- librust-hashbrown-0.12+default-dev,
+ librust-hashbrown-0.14+default-dev,
  librust-hex-0.4+default-dev,
  librust-no-panic-0.1+default-dev,
  librust-rand-0.8+default-dev,
@@ -80,7 +80,7 @@
  librust-criterion-0.3+html-reports-dev,
  librust-fnv-1+default-dev,
  librust-fxhash-0.2+default-dev,
- librust-hashbrown-0.12+default-dev,
+ librust-hashbrown-0.14+default-dev,
  librust-hex-0.4+default-dev,
  librust-no-panic-0.1+default-dev,
  librust-rand-0.8+default-dev,
@@ -98,7 +98,7 @@
  librust-criterion-0.3+html-reports-dev,
  librust-fnv-1+default-dev,
  librust-fxhash-0.2+default-dev,
- librust-hashbrown-0.12+default-dev,
+ librust-hashbrown-0.14+default-dev,
  librust-hex-0.4+default-dev,
  librust-no-panic-0.1+default-dev,
  librust-rand-0.8+default-dev,
@@ -116,7 +116,7 @@
  librust-criterion-0.3+html-reports-dev,
  librust-fnv-1+default-dev,
  librust-fxhash-0.2+default-dev,
- librust-hashbrown-0.12+default-dev,
+ librust-hashbrown-0.14+default-dev,
  librust-hex-0.4+default-dev,
  librust-no-panic-0.1+default-dev,
  librust-rand-0.8+default-dev,
@@ -134,7 +134,7 @@
  librust-criterion-0.3+html-reports-dev,
  

Bug#1063675: bookworm-pu: package nvidia-graphics-drivers/525.147.05-6~deb12u1

[Andreas Beckmann]

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
Control: affects -1 + src:nvidia-graphics-drivers
Control: block 1063363 with -1
Control: block 1062932 with -1

[ Reason ]
1) A backported (by upstream) change in Linux 6.1.76 (included in
today's point release) broke compilation of the non-free nvidia kernel
module. A patched version of the driver is available in sid.

2) In order to simplify future maintenance of the many Nvidia driver
packages (also in stable and oldstable) I'm going to remove the
distinction between "normal" and "Tesla" drivers (they were at the
same version in stable anyway). The Tesla specific bits
(src:nvidia-graphics-drivers-tesla) will be merged into
src:nvidia-graphics-drivers (that mainly means addition of the ppc64el
architecture to these packages, and building some binary packages from
src:nvidia-graphics-drivers instead: nvidia-powerd, nvidia-cuda-mps).
nvidia-detect has been updated, too, as it no longer needs to
distinguish the Tesla variants.
There will be one further update to src:nvidia-graphics-drivers-tesla
in stable that turns these packages into transitional packages depending
on their counterparts from src:nvidia-graphics-drivers. (Separate PU
request upcoming.)
There will also be a PU request for nvidia-settings, as we need to
enable building that on ppc64el. (The src:nvidia-settings-tesla package
will then become obsolete.)

3) In order to better integrate the nvidia driver with the system power
management, a new package nvidia-suspend-common is being introduced
which properly ships and enables some systemd units that were previously
only being shipped as examples. These power management changes are an
enhancement for the 525 series, but seem to be required in the 535
series. (We will have to switch to the 535 LTSB series in stable soon,
as 525 has reached EoL. 535 will be supported till mid 2026, so that will
be the last driver branch switch for bookworm.)
nvidia-suspend-common was already prepared in the previous pu update,
but not yet enabled on stable as it hadn't undergone enough testing. As
no new issues have popped up on sid, I'm confident to enable this in
stable now.

[ Impact ]
Users are unable to use the non-free nvidia module.

[ Tests ]
Only module building can be (and has been) tested. Everything else
requires use of nvidia hardware and the driver.

[ Risks ]
This time there is no new upstream release involved, but some larger
packaging changes which have been taken unchanged from sid.
I prefer to not mix a new upstream version in there as well.

[ Checklist ]
  [*] *all* changes are documented in the d/changelog
  [*] I reviewed all changes and I approve them
  [*] attach debdiff against the package in (old)stable
  [*] the issue is verified as fixed in unstable

[ Changes ]

nvidia-graphics-drivers (525.147.05-6~deb12u1) bookworm; urgency=medium

  * Rebuild for bookworm.

 -- Andreas Beckmann   Sat, 10 Feb 2024 22:03:15 +0100

nvidia-graphics-drivers (525.147.05-6) unstable; urgency=medium

  * Apply pfn_valid patch from gentoo to fix kernel module build for
Linux 6.1.76, 6.6.15, 6.7.3, 6.8.  (Closes: #1063363, #1062932)
  * nvidia-detect: Tesla and regular driver packages have been merged.
  * nvidia-detect: Add superficial autopkgtest for checking codename support.
  * Update lintian overrides.

 -- Andreas Beckmann   Fri, 09 Feb 2024 20:43:30 +0100

nvidia-graphics-drivers (525.147.05-5) unstable; urgency=medium

  * Switch src:nvidia-graphics-drivers to the Tesla driver series.
  * Build for ppc64el.
  * Build all unversioned packages from src:nvidia-graphics-drivers.
  * Enable nvidia-suspend-common.  (Closes: #1059581, #1056557, #1062281)
  * nvidia-suspend-common: Depend on kbd for chvt.  (Closes: #1058081)
  * New Romanian (ro) debconf translations by Remus-Gabriel Chelu.
(Closes: #1059590)

 -- Andreas Beckmann   Tue, 23 Jan 2024 18:13:36 +0100

 debian/README.source   |  61 ++-
 debian/bug-control.mk  |   4 +-
 debian/changelog   | 406 +--
 debian/control | 116 --
 debian/control.in  |  14 +-
 debian/control.md5sum  |   8 +-
 debian/copyright   |   8 +-
 debian/detect/nvidia-418.ids   | 304 --
 debian/detect/nvidia-470.ids   | 439 -
 debian/detect/nvidia-detect.in | 117 +++---
 debian/detect/nvidia-tesla.ids | 370 -
 debian/gbp.conf|   1 +
 debian/libnvidia-eglcore.lintian-overrides.in  |   1 +
 debian/libnvidia-glcore.lintian-overrides.in   |   1 +
 debian/not-installed.in|  17 -
 debian/nvidia-detect.install   |  

Bug#1008196: lxc-templates: Permission issues on device nodes: move to cgroups2

[Mathias Gibbens]

Control: merge 992255 1008196

  This is the same issue as reported in bug #992255.

Mathias


signature.asc
Description: This is a digitally signed message part

Bug#1063674: RFP: llama.cpp -- Port of Facebook's LLaMA model in C/C++

[Petter Reinholdtsen]

Package: wnpp
Severity: wishlist
X-Debbugs-CC: Debian Deep Learning Team 

  Package name: llama.cpp
  Version : b2116
  Upstream Author : Georgi Gerganov and more
  URL : https://github.com/ggerganov/llama.cpp.git
  License : MIT
  Programming Lang: C++
  Description : Port of Facebook's LLaMA model in C/C++

-- 
Happy hacking
Petter Reinholdtsen

Bug#1063673: ITP: llama.cpp -- Inference of Meta's LLaMA model (and others) in pure C/C++

[Christian Kastner]

Package: wnpp
Severity: wishlist
Owner: Christian Kastner 
X-Debbugs-Cc: debian-de...@lists.debian.org, debian...@lists.debian.org

* Package name: llama.cpp
  Version : b2116
  Upstream Author : Georgi Gerganov
* URL : https://github.com/ggerganov/llama.cpp
* License : MIT
  Programming Lang: C++
  Description : Inference of Meta's LLaMA model (and others) in pure C/C++

The main goal of llama.cpp is to enable LLM inference with minimal
setup and state-of-the-art performance on a wide variety of hardware -
locally and in the cloud.

* Plain C/C++ implementation without any dependencies
* Apple silicon is a first-class citizen - optimized via ARM NEON,
  Accelerate and Metal frameworks
* AVX, AVX2 and AVX512 support for x86 architectures
* 2-bit, 3-bit, 4-bit, 5-bit, 6-bit, and 8-bit integer quantization for
  faster inference and reduced memory use
* Custom CUDA kernels for running LLMs on NVIDIA GPUs (support for AMD
  GPUs via HIP)
* Vulkan, SYCL, and (partial) OpenCL backend support
* CPU+GPU hybrid inference to partially accelerate models larger than
  the total VRAM capacity

This package will be maintained by the Debian Deep Learning Team.

Bug#907615: lxc-console not getting prompt with debian template

[Mathias Gibbens]

Control: tags -1 + confirmed
Control: found -1 lxc-templates/3.0.4.48.g4765da8-1

  I've confirmed that this issue is still present in bookworm, and that
adding "-t 0" to `lxc-console` does allow one to properly connect to
the container's console.

Mathias


signature.asc
Description: This is a digitally signed message part

Bug#1037279: Angelfish built-in ad blocker not built due to missing Rust Build-Depends (Corrosion etc.)

[Nilesh Patra]

Quoting Nilesh Patra:
>> On Sat, 10 Jun 2023 05:09:08 +0200 Kevin Kofler  
>> wrote:
>> In addition to Corrosion, you will need cargo(though Corrosion should
>> already be requiring it), rust-adblock, rust-cxx-build, and rust-cxx.
> corossion, rust-adblock need packaging. Rest are in the archive already at 
> the moment. I doubt if we need
> corossion too, since this is mainly for comat with cmake based projects, and 
> we are usually not relying on
> submodule struct, and package things separately.

I have uploaded corrosion to NEW, it helps to build angelfish with adblock 
support
at least locally (with internet enabled fetching cargo deps).

Rest rust-cxx packages are in the archive already. rust-adblock is what we need.
I've filed an RFP bug#1063626 and pinged in rust-team IRC incase someone could 
pick
it up. I don't have the spoons to do so.

Best,
Nilesh


signature.asc
Description: PGP signature

Bug#1063581: gnumed-client: checked by upstream

[Karsten Hilbert]

Package: gnumed-client
Version: 1.8.18+dfsg-1
Followup-For: Bug #1063581

I have checked and from an upstream point of view the dependancy
can be changed from p7zip-full to 7zip.

Thanks,
Karsten


-- System Information:
Debian Release: 12.5
  APT prefers stable-updates
  APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 
'stable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 6.7-686-pae (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnumed-client depends on:
ii  aspell   0.60.8-4+b1
ii  file 1:5.44-3
ii  gnumed-common1.8.18+dfsg-1
ii  hunspell 1.7.1-1
ii  imagemagick  8:6.9.11.60+dfsg-1.6
ii  imagemagick-6.q16 [imagemagick]  8:6.9.11.60+dfsg-1.6
ii  ispell   3.4.05-1
ii  python3  3.11.2-1+b1
ii  python3-enchant  3.2.2-1
ii  python3-gnuplot  1.8-8
ii  python3-hl7  0.4.5-1
ii  python3-httplib2 0.20.4-3
ii  python3-lxml 4.9.2-1+b1
ii  python3-psutil   5.9.4-1+b1
ii  python3-pyudev   0.24.0-1
ii  python3-wxgtk4.0 4.2.0+dfsg-3
ii  texlive-latex-base   2022.20230122-3

Versions of packages gnumed-client recommends:
ii  aeskulap   0.2.2-beta2+git20190406.ef77f01-4+b1
ii  amide  1.0.6-1
ii  audiofile-tools0.3.6-5+b1
ii  chktex 1.7.8-1
ii  chromium [www-browser] 121.0.6167.160-1~deb12u1
ii  dcmtk  3.6.7-8+b1
ii  extract1:1.11-7
ii  firefox-esr [www-browser]  115.7.0esr-1~deb12u1
ii  gnumed-doc 1.8.18+dfsg-1
ii  gpg2.2.40-1.1
ii  gtklp  1.3.4-3+b1
ii  konqueror [www-browser]4:22.12.3-1
ii  lacheck1.26-17
ii  libimage-exiftool-perl 12.57+dfsg-1
ii  libreoffice-writer 4:7.4.7-1+deb12u1
ii  lynx [www-browser] 2.9.0dev.12-1
ii  p7zip-full 16.02+dfsg-8
ii  pdftk-java 3.3.2-1
ii  poppler-utils  22.12.0-2+b1
ii  python3-docutils   0.19+dfsg-6
ii  python3-pyqrcode   1.2.1-4
ii  python3-unidecode  1.3.6-1
ii  python3-vobject0.9.6.1-2
ii  qpdf   11.3.0-1+deb12u1
ii  systemd-timesyncd  252.22-1~deb12u1
ii  texlive-latex-extra2022.20230122-4
ii  texlive-latex-recommended  2022.20230122-3
ii  w3m [www-browser]  0.5.3+git20230121-2
ii  wgerman-medical20220425-1
ii  xdg-utils  1.1.3-4.1
ii  xmedcon0.23.0-gtk3+dfsg-1
ii  xsane  0.999-12+b1

Versions of packages gnumed-client suggests:
pn  autokey-qt | autokey-gtk
ii  edfbrowser  2.00+dfsg-1
ii  entangle3.0-3
ii  gnumed-server   22.28-1
pn  incron  
ii  kolourpaint 4:22.12.3-1
pn  konsolekalendar 
pn  korganizer  
ii  libchipcard-tools   5.1.6-1+b1
ii  nvram-wakeup1.1-4+b1
ii  python3-uno 4:7.4.7-1+deb12u1
ii  qrisk2  0.1.20150729-5
pn  shutdown-at-night   
pn  wakeonlan | etherwake | gwakeonlan  

-- no debconf information

Bug#1063672: ibus-chewing: Please update to 2.0.0~rc1

[Jeremy Bícha]

Oh, ibus-chewing already dropped the GTK2 dependency in the previous
upload so I closed those bugs.

Thank you,
Jeremy Bícha

Bug#1061832: kitty keyboard shortcut is not delivered to kitty window in focus

[Nilesh Patra]

Control: forwarded -1 https://github.com/kovidgoyal/kitty/issues/7116

On Tue, Jan 30, 2024 at 02:49:10AM +0530, Nilesh Patra wrote:
> I am unable to reproduce it in my machine and the mapping works just fine for 
> me.
> What is the desktop environment you use - what is the display server protocol 
> (wayland/x11)?
> Do you have any weird key mappings in your config?
> 
> Does it happen even with the upstream kitty binary? If so, can you please 
> report it in kitty's github
> tracker? Upstream is very responsive and can assist with this issue.

I have forwarded it upstream.

Best,
Nilesh


signature.asc
Description: PGP signature

Bug#1063672: ibus-chewing: Please update to 2.0.0~rc1

[Jeremy Bícha]

Source: ibus-chewing
Version: 1.6.2-1
Severity: wishlist
X-Debbugs-CC: by...@debian.or

Please update ibus-chewing to the new 2.0.0-rc1 release. Because of
Debian version sorting, I recommend treating it as 2.0.0~rc1

It would allow closing https://bugs.debian.org/967535 and
https://launchpad.net/bugs/1736603 because it switches to libadwaita-1
and gtk4.

https://github.com/chewing/ibus-chewing/releases

Thank you,
Jeremy Bícha

Bug#1063151: igb: unpredictable interface names for four port nic

[Václav Ovsík]

I was curious today and tried to build latest systemd and it is fixed already!
I have done a git bisect and the commit fixing the problem is


https://github.com/systemd/systemd/commit/af7417ac7b07bc01232982bf46e9d72e69e7f820

Regards
-- 
Zito

Bug#1062387: drogon: NMU diff for 64-bit time_t transition

[Pierre-Elliott Bécue]

Hi,

mwhud...@debian.org wrote on 01/02/2024 at 09:46:18+0100:

> Source: drogon
> Version: 1.8.7+ds-1
> Severity: serious
> Tags: patch pending
> Justification: library ABI skew on upgrade
> User: debian-...@lists.debian.org
> Usertags: time-t
>
> Dear maintainer,
>
> As part of the 64-bit time_t transition required to support 32-bit
> architectures in 2038 and beyond
> (https://wiki.debian.org/ReleaseGoals/64bit-time), we have identified
> drogon as a source package shipping runtime libraries whose ABI
> either is affected by the change in size of time_t, or could not be
> analyzed via abi-compliance-checker (and therefore to be on the safe
> side we assume is affected).
>
> To ensure that inconsistent combinations of libraries with their
> reverse-dependencies are never installed together, it is necessary to
> have a library transition, which is most easily done by renaming the
> runtime library package.
>
> Since turning on 64-bit time_t is being handled centrally through a change
> to the default dpkg-buildflags (https://bugs.debian.org/1037136), it is
> important that libraries affected by this ABI change all be uploaded close
> together in time.  Therefore I have prepared a 0-day NMU for drogon
> which will initially be uploaded to experimental if possible, then to
> unstable after packages have cleared binary NEW.
>
> Please find the patch for this NMU attached.
>
> If you have any concerns about this patch, please reach out ASAP.  Although
> this package will be uploaded to experimental immediately, there will be a
> period of several days before we begin uploads to unstable; so if information
> becomes available that your package should not be included in the transition,
> there is time for us to amend the planned uploads.

I don't really like the new name for the libs, will you change it back
at some point?

-- 
PEB



signature.asc
Description: PGP signature

Bug#1063671: FTBFS: 32 bit arm fail with undefined reference to `raise_func_trampoline'

[Petter Reinholdtsen]

Package: wine
Version: 9.0~repack-3
Severity: serious
Forwarded: https://gitlab.winehq.org/wine/wine/-/merge_requests/4928

The current build fail on 32 bit arm architectures with the following
error:

  /usr/bin/ld: dlls/ntdll/unix/signal_arm.o: in function 
`libunwind_virtual_unwind':
  ./dlls/ntdll/unix/signal_arm.c:724:(.text+0x69c): undefined reference to 
`raise_func_trampoline'
  collect2: error: ld returned 1 exit status
  make[2]: *** [Makefile:15978: dlls/ntdll/ntdll.so] Error 1

The problem seem to have been fixed upstream in 
https://gitlab.winehq.org/wine/wine/-/commit/4e9838fbc2d9ccca1e8b5a80d0e9000bfacc4938
 >
and the fix was included in the 9.2 release recently tagged.

-- 
Happy hacking
Petter Reinholdtsen

Bug#1063670: fcgiwrap very slow with default systemd config (no parallel request)

[Martin Monperrus]

Package: fcgiwrap
Version: 1.1.0-12
Severity: normal

Dear Maintainer,

   * What led up to the situation?

I installed fcgiwrap to run Python scripts on nginx.

   * What was the outcome of this action?

CGI scripts can be run, but sequentially, one-by-one, very slow

   * What outcome did you expect instead?

CGI scripts can be run in parallel.

   * What is the solution?

The default setup in /lib/systemd/system/fcgiwrap.service should use option "-c
" (Number of processes to prefork), for example "-c 5"

Thanks!



-- System Information:
Debian Release: bookworm/sid
  APT prefers jammy-updates
  APT policy: (500, 'jammy-updates'), (500, 'jammy-security'), (500, 'jammy'), 
(100, 'jammy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.15.0-91-generic (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages fcgiwrap depends on:
ii  libc6 2.35-0ubuntu3.6
ii  libfcgi0ldbl  2.4.2-2build2
ii  libsystemd0   249.11-0ubuntu3.12
ii  lsb-base  11.1.0ubuntu4
ii  systemd   249.11-0ubuntu3.12

fcgiwrap recommends no packages.

fcgiwrap suggests no packages.

Bug#1063669: gnumed-client-de: please demote libchipcard-tools from dep: to rec:

[Karsten Hilbert]

Package: gnumed-client-de
Version: latest
Severity: normal

As the Subject says -- prompted by

1062249: libchipcard: NMU diff for 64-bit time_t transition
 https://bugs.debian.org/1062249
1062362: libgwenhywfar: NMU diff for 64-bit time_t transition
 https://bugs.debian.org/1062362

I would like to ask for libchipcard-tools to be set
to Recommends: instead of Depends:.

Thanks,
Karsten
(upstream)


-- System Information:
Debian Release: 12.5
  APT prefers stable-updates
  APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 
'stable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 6.7-686-pae (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnumed-client-de depends on:
ii  adduser3.134
ii  gnumed-client  1.8.18+dfsg-1
ii  libchipcard-tools  5.1.6-1+b1

Versions of packages gnumed-client-de recommends:
ii  dmtx-utils   0.7.6-1.1+b1
pn  hunspell-de-med  
ii  iec16022 0.2.4-3
ii  wgerman-medical  20220425-1

Versions of packages gnumed-client-de suggests:
pn  libctapimkt1  

Bug#1055370: consider adding security repos by default

[Mathias Gibbens]

Control: tags -1 + moreinfo

  lxc already appears to be setting the security repo by default for
containers created with the debian template. On a bookworm system,
creating both a bookworm and bullseye container results in a
sources.list file that looks like this (of course, bullseye had the
proper release name):

> deb http://deb.debian.org/debian bookworm main
> deb http://security.debian.org/debian-security bookworm-security main

  I suspect debci is either adding options or directly generating a
sources.list that is injected into the container. The word "debug"
doesn't appear anywhere within the debian template script and I'm not
sure how the "deb-src" lines could be introduced with the existing
template logic.

  Maybe there's something else going on in lxc-templates, but I'm not
seeing anything immediately obvious to explain where debci's
sources.list is coming from.

Mathias


signature.asc
Description: This is a digitally signed message part

Bug#1063668: linux-image-6.1.0-18-amd64: Nvidia 525.147.05-4 issues

[Joshua Beckwith]

Package: linux-image-6.1.0-18-amd64
Version: linux-image-6.1.0-18
Severity: important
X-Debbugs-Cc: joshua.beckwith@gmail.com

Dear Maintainer,

I have noticed some issues pertaining to both packages, namely linux-
image-6.1.0-18-amd64 & linux-headers-6.1.0-18-amd64-common. The repository
Nvidia Driver 525.147.05-4 fails to build the module for this Kernel with exit
code: 10.

I hope this isn't too much of a problem.

Kind regards

Joshua Beckwith



-- System Information:
Debian Release: 12.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.7.4-1-liquorix-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages linux-image-6.1.0-18-amd64 depends on:
ii  initramfs-tools [linux-initramfs-tool]  0.142
ii  kmod30+20221128-1
ii  linux-base  4.9

Versions of packages linux-image-6.1.0-18-amd64 recommends:
ii  apparmor 3.0.8-3
ii  firmware-linux-free  20200122-1

Versions of packages linux-image-6.1.0-18-amd64 suggests:
pn  debian-kernel-handbook  
ii  grub-efi-amd64  2.06-13+deb12u1
pn  linux-doc-6.1   

Bug#1063667: jgmenu-xfce4-panel-applet: The applet is not available via panel settings add item. Adding manually has no effect either.

[eriefisher]

Package: jgmenu-xfce4-panel-applet
Version: 4.4.1-1+b1
Severity: important
X-Debbugs-Cc: eriefis...@gmail.com

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?

Tried to add jgmenu-xfce4-panel-applet to panel

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

Normal steps to add an item to the xfce4-pane

   * What was the outcome of this action?

Applet is not available in the list of items

   * What outcome did you expect instead?

Expected to see the applet listed and available to add to the panel


-- System Information:
Debian Release: trixie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.7.4-1-siduction-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages jgmenu-xfce4-panel-applet depends on:
ii  jgmenu  4.4.1-1+b1

jgmenu-xfce4-panel-applet recommends no packages.

jgmenu-xfce4-panel-applet suggests no packages.

-- no debconf information

Bug#1061256: edk2: CVE-2023-45229 CVE-2023-45230 CVE-2023-45231 CVE-2023-45232 CVE-2023-45233 CVE-2023-45234 CVE-2023-45235 CVE-2023-45236 CVE-2023-45237

[dann frazier]

Thanks Salvatore.

The first 7 are now fixed upstream, so I'm preparing an upload for
those. Fixes for CVE-2023-45236 and CVE-2023-45237 are still in the
works. Should we split those into separate bugs?

  -dann

Bug#1063665: konqueror: start page -> "The requested operation could not be completed", "Undocumented error"

[Simon McVittie]

On Sat, 10 Feb 2024 at 19:30:35 +, Simon McVittie wrote:
> I have not yet verified whether this is reproducible in the live image
> itself (that's the next thing on my list).

Yes it is.

> Unknown error code 1,560,894,720 Please send a full bug report at 
> https://bugs.kde.org.

The error code was different (a similarly large negative number) when
I tried it in the live image. I assume it's uninitialized or otherwise
meaningless, rather than having billions of distinct error codes.

smcv

Bug#967994: CVE-2019-14560 fixed, but rejected?

[dann frazier]

fixed 967994 2023.05-1
thanks

Yes, there is a fix for this in upstream edk2-stable202305. However,
the CVE is marked as rejected:
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14560

But it seems to have been treated a valid issue.

There is a note about requesting a new CVE:
  https://bugzilla.tianocore.org/show_bug.cgi?id=2167#c14

I asked for the status there.

  -dann

Bug#1062932: nvidia-graphics-drivers: Version 525.147.05-6 not available in stable, dkms fails with kernel 6.1.0-18

[M G]

Dear maintainers,

Debian 12.5 stable updated here from the main repo, impossible to
compile nvidia module with dkms on 6.1.0-18.


Same error as everyone else:
ERROR: modpost: GPL-incompatible module nvidia.ko uses GPL-only symbol
'__rcu_read_lock'
ERROR: modpost: GPL-incompatible module nvidia.ko uses GPL-only symbol
'__rcu_read_unlock'

In addition to here, they talk about it here:

https://forums.developer.nvidia.com/t/linux-6-7-3-545-29-06-550-40-07-error-modpost-gpl-incompatible-module-nvidia-ko-uses-gpl-only-symbol-rcu-read-lock/280908/55

Machines are stuck and can't boot up with the graphics cards working, you
have to apply the solution, everyone is going to be impacted.

Regards,
Maxime.

Bug#1063666: adwaita-icon-theme: 46 breaks gnome-shell cursor, fixed with mutter 44.8-3

[Jeremy Bícha]

Source: adwaita-icon-theme
Version: 46~beta-1
Severity: serious
Tags: pending trixie

I am filing this bug as a duplicate of https://bugs.debian.org/1063640
to prevent adwaita-icon-theme 46~beta-1 from migrating to Testing
until mutter 44.8-3 migrates first.

Thank you,
Jeremy Bícha

Bug#1063665: konqueror: start page -> "The requested operation could not be completed", "Undocumented error" code 1560894720

[Simon McVittie]

Package: konqueror
Version: 4:20.12.0-4
Severity: normal
Tags: bullseye upstream
Forwarded: https://bugs.kde.org/show_bug.cgi?id=451480

Issue found during Debian 11.9 point release media testing, sorry if this
is already a known problem (I couldn't fnd a duplicate bug report).

To reproduce


* Boot an expendable machine into debian-installer from
  debian-live-11.9.0-amd64-kde.iso
* Install (I used British English and default settings for everything else)
* Log in
* Open the menu in the bottom left corner
* Choose Konqueror from the menu

I have not yet verified whether this is reproducible in the live image
itself (that's the next thing on my list).

Expected result
===

Konqueror with either a totally blank page, or some sort of splash page

Actual result
=

The URL bar shows "konq:blank".

The window content is as transcribed here:

---
[/!\] The requested operation could not be completed
 |/   --
  Undocumented Error
  --
Details of the request:

* URL:
* Date and Time: (a correct date and time)
* Additional Information:

Description:

Unknown error code 1,560,894,720 Please send a full bug report at 
https://bugs.kde.org.
---

This appears to be the same issue as upstream bug report
.

I don't know whether Debian 12 still has this issue. I don't normally use
Plasma, I'm only here because it's on the install media testing checklist.

Thanks,
smcv

Bug#1014468: fixed

[dann frazier]

fixed 1014468 2022.11-1
thanks

CVE-2021-38576 was fixed in 2021.11-1.
CVE-2021-38577 was rejected.
CVE-2021-38578 was fixed in 2022.11-1.

  -dann

Bug#1063466: winetricks: architecture detection mechanism (commit #9ca7a68b) breaks winetricks.desktop

[Jens Reyer]

control: retitle -1 winetricks: architecture detection mechanism (commit 
#9ca7a68b) broken


On 08.02.24 16:02, Alex Volkov wrote:

as the architecture detection mechanism (commit #9ca7a68b) checks $1
argument, it views the "--gui" parameter in the .desktop file as a
filename, which leads to appearance of erroneous messages about
"Unknown file arch" when launching from the applications menu. Not a
big deal, but can be confusing to an unsuspecting user.


Thanks for the report. Turns out there are some other issues causing the
symptoms you reported:

The detection fails because it can't handle wrapper scripts like
Debian's wine and wineserver.  But this goes unnoticed if "--gui"
is not specified, but still leads to the correct outcome on a
common installation (wine32+wine64 in Debian).

"winetricks --gui" just exposes this issue because then winetricks is more
verbose at this moment, while "winetricks" also starts the GUI
but the logic is after the broken architecture detection mechanism.

I'll try to find a solution for this with upstream.

Greets
jre

Bug#1063664: gcc-13-cross: file conflicts between gnat-13- and gnat-{9,10}-

[Andreas Beckmann]

Source: gcc-13-cross
Version: 14
Severity: serious

Hi,

there are undeclared file conflicts between gnat-13- and
gnat-{9,10}- in sid. (but not between -9- and -10-).
Maybe it would be sufficient to rebuild the package against gcc-13
13.2.0-13 which had some gnat conflict fixes.

The conflicting files e.g. for gnat-13-aarch64-linux-gnu on amd64 are

usr/aarch64-linux-gnu/lib/libgnarl.so
usr/aarch64-linux-gnu/lib/libgnat.so
usr/bin/aarch64-linux-gnu-gnat
usr/bin/aarch64-linux-gnu-gnatbind
usr/bin/aarch64-linux-gnu-gnatchop
usr/bin/aarch64-linux-gnu-gnatclean
usr/bin/aarch64-linux-gnu-gnatgcc
usr/bin/aarch64-linux-gnu-gnathtml
usr/bin/aarch64-linux-gnu-gnatkr
usr/bin/aarch64-linux-gnu-gnatlink
usr/bin/aarch64-linux-gnu-gnatls
usr/bin/aarch64-linux-gnu-gnatmake
usr/bin/aarch64-linux-gnu-gnatname
usr/bin/aarch64-linux-gnu-gnatprep
usr/share/man/man1/aarch64-linux-gnu-gnat.1.gz
usr/share/man/man1/aarch64-linux-gnu-gnatbind.1.gz
usr/share/man/man1/aarch64-linux-gnu-gnatchop.1.gz
usr/share/man/man1/aarch64-linux-gnu-gnatclean.1.gz
usr/share/man/man1/aarch64-linux-gnu-gnathtml.1.gz
usr/share/man/man1/aarch64-linux-gnu-gnatkr.1.gz
usr/share/man/man1/aarch64-linux-gnu-gnatlink.1.gz
usr/share/man/man1/aarch64-linux-gnu-gnatls.1.gz
usr/share/man/man1/aarch64-linux-gnu-gnatmake.1.gz
usr/share/man/man1/aarch64-linux-gnu-gnatname.1.gz
usr/share/man/man1/aarch64-linux-gnu-gnatprep.1.gz


Andreas

Bug#1063662: bleachbit: Depends on transitional policykit-1

[Fabio Fantoni]

Control: merge -1 1025545

Il 10/02/2024 18:37, Martin-Éric Racine ha scritto:> Package: bleachbit

> Version: 4.4.2-1
> Severity: important
>

> Bleachbit version 4.4.2-1 depends on policykit-1 which is a 
transitional package that pulls pkexec and polkitd. Dependencies should 
be upgraded accordingly.


Hi, latest version is 4.6.0-1, before report is good check the latest 
version, this was already reported in 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025545 and solved in 
4.4.2-2:



bleachbit (4.4.2-2) unstable; urgency=medium

* Team upload
* d/control: remove policykit-1 depends (Closes: #1025545)

-- Fabio Fantoni  Thu, 10 Aug 2023 11:21:13 +




OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1063663: dh-make: dh_make with python package type does not add by default --with python3

[Francesco Ballarin]

Package: dh-make
Version: 2.202304
Severity: minor
X-Debbugs-Cc: francesco.balla...@unicatt.it, dpars...@debian.org

Dear Maintainer,

Hi,
I am relatively new to debian packaging, and I am mainly using dh_make with 
python libraries.

I noticed that the dh call produced by default when initializating a new
python project with dh_make is

dh $@ --buildsystem=pybuild


Is there a specific reason why the default line is not

dh $@ --with python3 --buildsystem=pybuild

instead? Is --with python3 implicitly enabled? If not, is not adding it by 
default done on purpose?

There is a comment stating

# If you need to rebuild the Sphinx documentation:
# Add sphinxdoc to the dh --with line.

but there is no suggestion to add python3 to the --with arguments.

As a beginner, the source of my confusion is that dh_make seems to
automatically handle all requirements written in the "quick guide for 
maintainers" at
https://manpages.debian.org/testing/dh-python/dh_python3.1.en.html
(notably, the first and the last bullet), except for adding the --with argument.


Simple script to reproduce is reported below.

Thanks,
Francesco






# Create a mock python library
$ mkdir my_python_library
$ touch my_python_library/__init__.py
$ tar -czvf archive.tar.gz my_python_library

# Run dh_make
$ dh_make -p my-python-library_0.0.1 -f archive.tar.gz
# select p when asked "Type of package"

$ cat debian/rules

#!/usr/bin/make -f

# See debhelper(7) (uncomment to enable).
# Output every command that modifies files on the build system.
#export DH_VERBOSE = 1

export PYBUILD_NAME=my-python-library

%:
dh $@ --buildsystem=pybuild


# If you need to rebuild the Sphinx documentation:
# Add sphinxdoc to the dh --with line.
#
# And uncomment the following lines.
#execute_after_dh_auto_build-indep: export http_proxy=127.0.0.1:9
#execute_after_dh_auto_build-indep: export https_proxy=127.0.0.1:9
#execute_after_dh_auto_build-indep:
#   PYTHONPATH=. python3 -m sphinx -N -bhtml \
#   docs/ build/html # HTML generator
#   PYTHONPATH=. python3 -m sphinx -N -bman \
#   docs/ build/man # Manpage generator











-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.6.13-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect

Versions of packages dh-make depends on:
ii  debhelper  13.13
ii  dpkg-dev   1.22.4
ii  make   4.3-4.1
ii  python33.11.6-1

dh-make recommends no packages.

Versions of packages dh-make suggests:
ii  build-essential  12.10

-- no debconf information

Bug#1063662: bleachbit: Depends on transitional policykit-1

[Martin-Éric Racine]

Package: bleachbit
Version: 4.4.2-1
Severity: important

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Bleachbit version 4.4.2-1 depends on policykit-1 which is a transitional 
package that pulls pkexec and polkitd. Dependencies should be upgraded 
accordingly.

- -- System Information:
Debian Release: 12.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-18-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fi_FI.utf8, LC_CTYPE=fi_FI.utf8 (charmap=UTF-8), LANGUAGE=fi:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages bleachbit depends on:
ii  gir1.2-gtk-3.0 3.24.38-2~deb12u1
ii  gir1.2-notify-0.7  0.8.1-1
ii  libgtk-3-0 3.24.38-2~deb12u1
ii  pkexec 122-3
ii  policykit-1122-3
ii  python33.11.2-1+b1
ii  python3-chardet5.1.0+dfsg-2
ii  python3-gi 3.42.2-3+b1
ii  python3-requests   2.28.1+dfsg-1

bleachbit recommends no packages.

bleachbit suggests no packages.

- -- no debconf information

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEyJACx3qL7GpObXOQrh+Cd8S017YFAmXHtEEACgkQrh+Cd8S0
17ZKABAAm3UPEs3tiBO/ozbVddGWR9IsaIm0+uspQL+kYqG5EYda71GcrxTbA4lf
IJzYOEv9/0o7h4yvs70z9Fsp7q1o4UBMGksnGh1M7NUCZvPmMpBdtj6dOm/pktVE
7QLhPeGN/6hIa3pl+kw0J1ccCWvmWf1jPdxZ00eGsorwj6RX/uNF4zlYDhcXtPWr
adIQ4prkirPCLo5DC4H4NEag2fbqft9nwutyuLV69anQDZWRjetPz37W04EHlarR
qvuKQgjGKoezhIpYA84ao2+B22FWG6lWBZ0ouGw+bqRQZKobojlkjrIMSA891HXB
AiVLGy+EcjFJ7Z33tkQWJ9f47JW55tHARlWa6Z6U48kO1NpV4rfFqtAGAh/T872n
oYBxU8moE2kaHBVQ36GFpqX3Jh0vB8G/1oApTFkPDraG2D+Ed74CEuGMAqn9NvjK
OPuoqw8WwHO5dLpC8A4LSnbBTg1qAkHNIy6/ClwOMONLS+zHsO3CX8X97d+om8i3
YV8EwGKYqYDJMgSgjhyxftxDD5sPUF09rIeQ3X4Xsp4IjYgjbt/p97OKDJkDuPLK
g/yn986uoHVl8W8pfmeb+jfEf1OpSxxkoKY9zx7rK8o+ZZBLVeqQGFE2lHJ+6837
HqdwlotUN0yLwC70EE/AW6/if5+3WZf3N/+XZmys8utJTE1hx40=
=48oq
-END PGP SIGNATURE-

Bug#1052930: triton: FTBFS: make: *** [debian/rules:5: binary] Error 25

[Petter Reinholdtsen]

[Lucas Nussbaum]
> During a rebuild of all packages in sid, your package failed to build
> on amd64.

Thank you for letting us know.  I have tried to figure out what is going wrong,
without success so far.  I can reproduce it in my sid chroot.

I tried replacing build dependencies libmlir-14-dev and mlir-14-tools with
libmlir-16-dev and mlir-16-tools to match the llvm version detected
during my build, but it still fail.  I do not undrestand cmake enough to
understand why it fail.

I also tried to fetch the latest upstream version, but it also fail to
build.

I would love some help figuring out what is going wrong here.
-- 
Happy hacking
Petter Reinholdtsen

Bug#1063661: xfce4: "IBus Notification: Keymap changes do not work in Plasma Wayland" but this is not Plasma Wayland

[Simon McVittie]

Package: xfce4
Version: 4.18
Severity: normal
Tags: bookworm

Encountered while testing Debian 12.5.0 live media. This is probably a
bug in some component other than xfce4, but I don't know which one -
please reassign as appropriate and add "affects" on xfce4.

Steps to reproduce
==

Boot Debian 12.5.0 live media, or install from the same live media
(with either d-i or Calamares) and log in. In case it matters, my
installation was in en_GB (British English) and otherwise using defaults.

Expected result
===

No spurious popups

Actual result
=

I got this notification popping up (screenshot attached, transcribed here):

IBus Notification
-
Keymap changes do not work in Plasma Wayland at present. Please use
systemsettings5 instead.

It seems odd to get this message when I'm running a non-Plasma, X11 desktop.

smcv

Bug#1037299: debian-live-12.5.0-amd64-xfce.iso: "Install Debian" -> "Untrusted application launcher"

[Simon McVittie]

On Wed, 03 Jan 2024 at 17:03:09 +0200, Jonathan Carter wrote:
> On 2024/01/03 12:37, Patrick Schleizer wrote:
> > Didn't work for me but this did:
> > 
> > https://forum.xfce.org/viewtopic.php?id=16357
> 
> What did you do from there that made it work? We set the metadata bit from a
> script on the live image too, but it doesn't seem to have any effect.

I confirm that this bug is still present in the Debian 12.5 XFCE live image.
As Patrick said, a workaround is to run this in a terminal in the live image:

sudo apt install libglib2.0-bin
gio set -t string \
~/Desktop/install-debian.desktop \
metadata::xfce-exe-checksum \
$(sha256sum ~/Desktop/install-debian.desktop | awk '{print $1}')

before launching the installer.

smcv

Bug#1063656: linux-image-6.1.0-18-amd64: Incomapabile module nvida.ko

[Mark Knutson]

Package: src:linux
Followup-For: Bug #1063656
X-Debbugs-Cc: deb...@mlkenterprises.com

Dear Maintainer,

   * What led up to the situation?
When upgrading from kernel 6.1.0-17-amd64 to 6.1.0-18-amd64 I get the 
error message of incompatible module nivida.ko

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
as root ran "apt update" then "apt upgrade"

   * What was the outcome of this action?
an error message saying the new kernel is partially installed

   * What outcome did you expect instead?
An upgrade as normal

-- Package-specific info:
** Kernel log: boot messages should be attached

** Model information
sys_vendor: LENOVO
product_name: 90GV0004US
product_version: ideacentre 510A-15IKL
chassis_vendor: LENOVO
chassis_version: None
bios_vendor: LENOVO
bios_version: O2TKT34A
board_vendor: LENOVO
board_name: 36C5
board_version: SDK0J40700 WIN 3258084057140

** PCI devices:
00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v6/7th Gen Core 
Processor Host Bridge/DRAM Registers [8086:591f] (rev 05)
Subsystem: Lenovo Xeon E3-1200 v6/7th Gen Core Processor Host 
Bridge/DRAM Registers [17aa:36c5]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: skl_uncore

00:02.0 VGA compatible controller [0300]: Intel Corporation HD Graphics 630 
[8086:5912] (rev 04) (prog-if 00 [VGA controller])
DeviceName:  Onboard IGD
Subsystem: Lenovo HD Graphics 630 [17aa:36c5]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: i915
Kernel modules: i915

00:14.0 USB controller [0c03]: Intel Corporation 200 Series/Z370 Chipset Family 
USB 3.0 xHCI Controller [8086:a2af] (prog-if 30 [XHCI])
Subsystem: Lenovo 200 Series/Z370 Chipset Family USB 3.0 xHCI 
Controller [17aa:36c5]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: xhci_hcd
Kernel modules: xhci_pci

00:14.2 Signal processing controller [1180]: Intel Corporation 200 Series PCH 
Thermal Subsystem [8086:a2b1]
Subsystem: Lenovo 200 Series PCH Thermal Subsystem [17aa:36c5]
Control: I/O- Mem+ BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 

00:16.0 Communication controller [0780]: Intel Corporation 200 Series PCH CSME 
HECI #1 [8086:a2ba]
Subsystem: Lenovo 200 Series PCH CSME HECI [17aa:36c5]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: mei_me
Kernel modules: mei_me

00:17.0 SATA controller [0106]: Intel Corporation 200 Series PCH SATA 
controller [AHCI mode] [8086:a282] (prog-if 01 [AHCI 1.0])
Subsystem: Lenovo 200 Series PCH SATA controller [AHCI mode] [17aa:36c5]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: ahci
Kernel modules: ahci

00:1c.0 PCI bridge [0604]: Intel Corporation 200 Series PCH PCI Express Root 
Port #5 [8086:a294] (rev f0) (prog-if 00 [Normal decode])
Subsystem: Lenovo 200 Series PCH PCI Express Root Port [17aa:36c5]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:1d.0 PCI bridge [0604]: Intel Corporation 200 Series PCH PCI Express Root 
Port #11 [8086:a29a] (rev f0) (prog-if 00 [Normal decode])
Subsystem: Lenovo 200 Series PCH PCI Express Root Port [17aa:36c5]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:1f.0 ISA bridge [0601]: Intel Corporation 200 Series PCH LPC Controller 
(B250) [8086:a2c8]
Subsystem: Lenovo 200 Series PCH LPC Controller (B250) [17aa:36c5]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- 

Bug#1062805: RFS: mini-httpd/1.30-8 -- Small HTTP server

[Abhijith PA]

Hi,

On 10/02/24 02:39 PM, Alexandru Mihail wrote:
> Hi Abhijith,
> 
> Thanks a lot ! I'll wait for your upload before pushing git tags then.
> Have a great day and thanks again for the help,

I just did source only upload. You might receive a notification mail 
when dak do the processing.

--abhijith 

Bug#1062455: ITP: tiv -- Small command-line image viewer using RGB ANSI colors and Unicode block characters to render image

[Gunnar Wolf]

Before adding yet another tool doing more or less the same, please
check whether this tool is better for all use cases. In case you
require a "modern terminal" (as mentioned by tiv's web page), consider
"chafa" instead.

I read my mail with mutt on a (often) remote system. I use a terminal
emulator capable of displaying "sixels", and by using chafa, I can
view attached images basically with no need to infer anything from the
images, as if it were a local image viewer.

My only quip about using sixels is that it takes a long time to open a
large image (compared to "cacaterm", what I used before. I think tiv's
quality is better than cacaterm's, but I'm not sure if your needs will
be better covered by chafa.

Loren M. Lang dijo [Thu, Feb 01, 2024 at 07:35:24AM -0800]:
> Package: wnpp
> Severity: wishlist
> Owner: "Loren M. Lang" 
> X-Debbugs-Cc: debian-de...@lists.debian.org
> 
> * Package name: tiv
>   Version : 1.2.1
>   Upstream Author : Aaron Liu , Stefan Haustein 
> 
> * URL : https://github.com/stefanhaustein/TerminalImageViewer
> * License : GPL3, ASL
>   Programming Lang: C++
>   Description : Small command-line viewer using RGB colors and Unicode 
> block characters to render image
> 
> Small command-line image viewer using 24-bit RGB ANSI colors and Unicode
> block characters which create a 4x8 pixel cell for each character. With
> the use of these Unicode block characters, this can provide a higher
> resolution image for the same screen real estate.
> 
> It was compared with timg and catimg and can get out finer detail than
> those tools and make a sharper presentation. The mail_new.png icon seems
> to have a lot of fine detail with the text on the page. Here is my
> comparision case:
> 
> catimg -H 32 /usr/share/icons/mate/256x256/actions/mail_new.png
> timg -g 32x32 /usr/share/icons/mate/256x256/actions/mail_new.png
> ./tiv -h 32 -w 32 /usr/share/icons/mate/256x256/actions/mail_new.png
> 
> I am currently planning on maintaining it myself, but I am open if there
> is a team that is more appropriate to help with it. The package itself
> is very lightweight and should not require much maintenance. I will need
> a sponsor to get this package into Debian.



-- 



signature.asc
Description: PGP signature

Bug#1063660: the amdgpu module is missing from the kernel

[Nikolay Sabelnikov]

Package: linux-image-amd64
Version: 6.1.76-1


update-initramfs: Generating /boot/initrd.img-6.1.0-18-amd64
W: Possible missing firmware /lib/firmware/amdgpu/ip_discovery.bin for 
module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/vega10_cap.bin for 
module amdgpu
W: Possible missing firmware 
/lib/firmware/amdgpu/sienna_cichlid_cap.bin for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/navi12_cap.bin for 
module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/psp_13_0_11_ta.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/psp_13_0_11_toc.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/psp_13_0_10_ta.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/psp_13_0_10_sos.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/aldebaran_cap.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_3_imu.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_4_rlc.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_4_mec.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_4_me.bin for 
module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_4_pfp.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_3_rlc.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_3_mec.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_3_me.bin for 
module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_3_pfp.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_0_toc.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/sdma_6_0_3.bin for 
module amdgpu
W: Possible missing firmware 
/lib/firmware/amdgpu/sienna_cichlid_mes1.bin for module amdgpu
W: Possible missing firmware 
/lib/firmware/amdgpu/sienna_cichlid_mes.bin for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/navi10_mes.bin for 
module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_4_mes1.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_4_mes_2.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_4_mes.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_3_mes1.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_3_mes_2.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_3_mes.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_2_mes_2.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_1_mes_2.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/gc_11_0_0_mes_2.bin 
for module amdgpu
W: Possible missing firmware /lib/firmware/amdgpu/smu_13_0_10.bin for 
module amdgpu

I: The initramfs will attempt to resume from /dev/nvme0n1p6

Bug#1061034: Re Bug#1061034

[Peter B]

While Lazarus release (3.0+dfsg1-6) fixed the immediate problem
of ideconfig.lpk missing, lazbuilds still all fail, now with

"Note: (lazarus) Invalid Package Link: file 
"/usr/lib/lazarus/3.0/ide/packages/idedebugger/idedebugger.lpk" does not 
exist."


Builds fail on the firts missing (lazarus) package. Providing 
idedebugger.lpk alone may not be sufficient to fix builds


lazarus packages fail to build unless lazarus_src is included in build 
depends.

Affects c-evo-dh, ddrescueview, view3dscene, winff, doublecmd

Bug#1063659: nginx: Set worker_cpu_affinity in default configuration

[David Gilman]

Package: nginx
Version: 1.22.1-9
Severity: wishlist
X-Debbugs-Cc: davidgilm...@gmail.com

Dear Maintainer,

Please consider setting `worker_cpu_affinity auto;` in the default
nginx.conf. The default configuration already sets `worker_processes
auto;` to direct nginx to spin up a worker process on each CPU. The auto
setting for worker_cpu_affinity is the sibling setting for auto
worker_processes, it takes each of those worker processes and pins them
to a unique CPU.

-- System Information:
Debian Release: 12.5
  APT prefers stable-updates
  APT policy: (991, 'stable-updates'), (991, 'stable-security'), (990, 
'stable'), (600, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-17-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages nginx depends on:
ii  iproute2  6.1.0-3
ii  libc6 2.36-9+deb12u4
ii  libcrypt1 1:4.4.36-4
ii  libpcre2-8-0  10.42-1
ii  libssl3   3.0.11-1~deb12u2
pn  nginx-common  
ii  zlib1g1:1.2.13.dfsg-1

nginx recommends no packages.

nginx suggests no packages.

Bug#1061790: gerbera: Missing files JS files prevent UI from working

[Graham Cobb]

Package: gerbera
Version: 2.0.0+dfsg-1
Followup-For: Bug #1061790

Dear Maintainer,

I use Gerbera rarely and have been running an old version.
I upgraded to 2.0.0+dfsg-1 and now see the same problem.

Note: in my case, I do not run Gerbera from systemd - I just invoke
it from my user terminal session.

Please let me know if I can provide any further information.

Graham

-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-5-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_IE.utf8, LC_CTYPE=en_IE.utf8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_IE.utf8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gerbera depends on:
ii  adduser 3.137
ii  fonts-font-awesome  5.0.10+really4.7.0~dfsg-4.1
ii  fonts-lato  2.015-1
ii  init-system-helpers 1.66
ii  libavcodec607:6.1.1-1
ii  libavformat60   7:6.1.1-1
ii  libavutil58 7:6.1.1-1
ii  libc6   2.37-13
ii  libcurl3-gnutls 8.5.0-2
ii  libduktape207   2.7.0-2+b1
ii  libebml51.4.5-1
ii  libexif12   0.6.24-1+b1
ii  libexiv2-27 0.27.6-1+b1
ii  libffmpegthumbnailer4v5 2.2.2+git20220218+dfsg-2+b1
ii  libfmt9 9.1.0+ds1-2
ii  libgcc-s1   13.2.0-9
ii  libixml11   1:1.14.18-1
ii  libjs-bootstrap44.6.1+dfsg1-4
ii  libjs-jquery3.6.1+dfsg+~3.5.14-1
ii  libjs-jquery-ui 1.13.2+dfsg-1
ii  libjs-popper.js 1.16.1+ds-6
ii  libjs-prototype 1.7.3-1
ii  libmagic1   1:5.45-2+b1
ii  libmariadb3 1:10.11.6-1
ii  libmatroska71.7.1-1
ii  libpugixml1v5   1.14-0.1
ii  libspdlog1.12 [libspdlog1.12-fmt9]  1:1.12.0+ds-2
ii  libsqlite3-03.44.2-1
ii  libstdc++6  13.2.0-9
ii  libtag1v5   1.13.1-1
ii  libupnp17   1:1.14.18-1
ii  libuuid12.39.3-6
ii  node-js-cookie  3.0.1+~3.0.0-3

gerbera recommends no packages.

Versions of packages gerbera suggests:
ii  firefox-esr [www-browser]  115.6.0esr-1
pn  gerbera-doc
ii  konqueror [www-browser]4:22.12.3-2
ii  links2 [www-browser]   2.29-1+b1
ii  lynx [www-browser] 2.9.0dev.12-1
ii  w3m [www-browser]  0.5.3+git20230121-2+b2

-- Configuration Files:
/etc/gerbera/config.xml changed:

http://mediatomb.cc/config/2; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; 
xsi:schemaLocation="http://mediatomb.cc/config/2 
http://mediatomb.cc/config/2.xsd;>
  
  

  

  

gerbera
uuid:69d46ab1-48be-4104-a6c8-50a09af2561a
/var/lib/gerbera
/usr/share/gerbera/web

1800

  
gerbera.db
  
  
localhost
gerbera
gerbera
  







  
128
5
yes
no
  
  
*

  video

  

  
  

  /usr/share/gerbera/js/common.js
  /usr/share/gerbera/js/playlists.js
  
/usr/share/gerbera/js/import.js
  


  























  
  




  
  
















  


  





  

  
  

  
  
  
  


  
audio/L16
no
yes
no


  
  
video/mpeg
yes
yes
yes


  

  



-- debconf-show failed

Bug#1025084: ruby-graphlient fails to rebuild after updating ruby-faraday to upstream

[Pirate Praveen]

Control: fixed -1 0.7.0-1

On Wed, 7 Feb 2024 14:03:34 +0530 Praveen Arimbrathodiyil 
 wrote:

Control: severity -1 serious

On Sun, 18 Jun 2023 13:14:21 +0530 Pirate Praveen 
 wrote:
> 
> Since ruby-faraday-middleware is deprecated, we should update to 
> graphlient 0.7

ruby-faraday 2 is in unstable now.


Fixed in ruby-graphlient 0.7.0

Bug#1063658: drop snowlow-tracker orig tar

[Pirate Praveen]

Package: gitlab
Version: 16.6.6-3
Severity: wishlist

snowplow-tracker orig.tar can be removed now, this was included because 
snowplow-tracker was in vendor in a generated form so providing the 
corresponding source was required to satisfy dfsg. Now snowplow-tracker 
is available from npmjs.com and covered by yarn install in postinst.

Bug#1063657: installation-reports: expert install + https asks for a choice with only one option

[Simon McVittie]

Package: installation-reports
Severity: minor

Boot method: USB flash drive
Image version: reproduced on debian-12.5.0-i386-DVD-1.iso and 
debian-12.5.0-amd64-netinst.iso
Date: 2024-02-10
Machine: not relevant
Partitions: not relevant

My partner encountered an unexpected UX during point release media
testing, which #debian-cd asked me to report as a bug.

Steps to reproduce:

- boot into expert install (we used text mode)
- accept defaults until "Configure the package manager"
- asked to choose http, https or ftp for file downloads
- choose https

Expected result: maybe one of these:

- be offered a list of countries with https mirrors
- or proceed directly to entering information manually
- or a 2-way choice between https://deb.debian.org/debian or
  "enter information manually"

Actual result:

- I'm asked for "Debian archive mirror country"
- the only option is "enter information manually", which makes it look
  as though there isn't going to be any reasonable default
- but when I choose that, the default is deb.debian.org, which is good

Bug#1063655: RM: ruby-graphql-errors -- ROM; unmaintained upstream, incompatible with ruby-graphql 2.x

[Pirate Praveen]

Package: ftp.debian.org
Severity: normal
User: ftp.debian@packages.debian.org
Usertags: remove
X-Debbugs-Cc: ruby-graphql-err...@packages.debian.org
Control: affects -1 + src:ruby-graphql-errors
Control: block 1063654 by -1

Reported as RC bug 1063654. ruby-graphlient dropped the build dependency 
in last upload and it has no other reverse dependencies.

Bug#1055966: bookworm-pu: package openvpn-dco-dkms/0.0+git20230324-1+deb12u1 (or 0.0+git20231103-0+deb12u1?)

[Bernhard Schmidt]

Hi,

Considering the version in unstable is currently

0.0+git20231103-1

should the upload be versioned

0.0+git20231103-0+deb12u1 (like originally proposed) or
0.0+git20231103-1~deb12u1


As originally proposed please. You're not backporting 0.0+git20231103-1
directly as far as I know, because you have intermediate changes which
should not be included (correct me if I'm wrong about that).


There have been no changes in unstable other than the new upstream 
version, so technically it would be a backport of 0.0+git20231103-1. 
This is a diff between 0.0+git20230324-1 and 0.0+git20231103-1.


 Makefile| 13 ++---
 compat-include/net/gso.h| 20 
 debian/changelog| 21 +
 debian/rules|  2 +-
 drivers/net/ovpn-dco/ovpn.c |  1 +
 drivers/net/ovpn-dco/tcp.c  | 14 +++---
 linux-compat.h  |  4 ++--
 7 files changed, 66 insertions(+), 9 deletions(-)

The change in d/rules is a new directory in the new upstream version.

I would just add a d/gbp.conf for the bookworm branch.

So 0.0+git20231103-1~deb12u1 ?

Bernhard

Bug#1017780: fixed in mumble 1.5.517-1

[Diederik de Haas]

Hi Chris,

On Wed, 03 Jan 2024 07:52:23 + Debian FTP Masters 
 wrote:
> Source: mumble
> Source-Version: 1.5.517-1
> Done: Christopher Knadle 

Can you push it to Salsa too?

Cheers,
  Diederik

signature.asc
Description: This is a digitally signed message part.

Bug#1063654: ruby-graphql-errors - upstream dead and incompatible with ruby-graphql 2.x

[Pirate Praveen]

Package: ruby-graphql-errors
Version:  0.4.0-2
Severity: serious

source package has 1 unsatisfiable build dependency

Build dependencies in unstable cannot be satisfied on amd64 
because: unsatisfied dependency on ruby-graphql (< 2)


Last commint was 4 years ago and 
https://github.com/exAspArk/graphql-errors has a banner "This repository 
has been archived by the owner on Apr 8, 2020. It is now read-only."


This was originally packaged as build dependency for ruby-graphlient 
which no longer needs it.

Bug#1063653: anope: Please ship new upstream version

[Victor Coss]

Package: anope
Version: 2.0.12-1
Severity: wishlist

Dear Maintainer,

Please update Anope to the latest stable upstream version 2.0.14. This brings 
quite a few bug fixes and has no breaking changes. It would be nice to see this 
update for the next
point release of Debian.

Thank you,
Victor Coss

-- System Information:
Debian Release: 12.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-18-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages anope depends on:
ii  init-system-helpers1.65.2
ii  libc6  2.36-9+deb12u4
ii  libgcc-s1  12.2.0-14
ii  libgnutls303.7.9-2+deb12u2
ii  libldap-2.5-0  2.5.13+dfsg-5
ii  libmariadb31:10.11.6-0+deb12u1
ii  libpcre2-8-0   10.42-1
ii  libsqlite3-0   3.40.1-2
ii  libstdc++6 12.2.0-14
ii  lsb-base   11.6
ii  sysvinit-utils [lsb-base]  3.06-4

Versions of packages anope recommends:
ii  postfix [mail-transport-agent]  3.7.10-0+deb12u1

anope suggests no packages.

Bug#1063652: jigdo-lite: batch mode will cause prompts for a non-US mirror

[Steve McIntyre]

Package: jigdo-file
Version: 0.8.0-1
Severity: normal
Tags: upstream

Specify more than one file on the command line (as in the example
here), and jigdo-lite will assume it needs to prompt for everything
*including* non-US. non-US went away decades ago, and we should just
drop this.

$ jigdo-lite debian-12.5.0-amd64-BD-1.jigdo debian-12.5.0-amd64-BD-1.template

Jigsaw Download "lite"
Copyright (C) 2001-2009  |  jigdo@
Richard Atterer  |  atterer.org
Copyright (C) 2016-2021
Steve McIntyre <93...@debian.org>
Loading settings from `/home/smcv/.jigdo-lite'

-
You have asked me to process several files/URLs:
  debian-12.5.0-amd64-BD-1.jigdo
  debian-12.5.0-amd64-BD-1.template

Entering batch mode

-
Images offered by `debian-12.5.0-amd64-BD-1.jigdo':
  1: 'Debian GNU/Linux 12.5.0 "Bookworm" - Official amd64 BD Binary-1 with 
firmware 20240210-11:28 (20240210)' (debian-12.5.0-amd64-BD-1.iso)

-
Batch mode: Will download `debian-12.5.0-amd64-BD-1.iso'

Further information about `debian-12.5.0-amd64-BD-1.iso':
Generated on Sat, 10 Feb 2024 12:47:41 +

-
If you already have a previous version of the CD you are
downloading, jigdo can re-use files on the old CD that are also
present in the new image, and you do not need to download them
again. Mount the old CD ROM and enter the path it is mounted under
(e.g. `/mnt/cdrom').
Alternatively, just press enter if you want to start downloading
the remaining files.
Files to scan: 

-
The jigdo file refers to files stored on Debian mirrors. Please
choose a Debian mirror as follows: Either enter a complete URL
pointing to a mirror (in the form
`ftp://ftp.debian.org/debian/'), or enter any regular expression
for searching through the list of mirrors: Try a two-letter
country code such as `de', or a country name like `United
States', or a server name like `sunsite'.
Debian mirror [http://localhost:3142/debian/]:   

-
The jigdo file also refers to the Non-US section of the Debian
archive. Please repeat the mirror selection for Non-US. Do not
simply copy the URL you entered above; this does not work because
the path on the servers differs!
Debian non-US mirror: 
http://archive.debian.org/debian-non-US/ # NL Netherlands (Amsterdam)
ftp://ftp.uwa.edu.au/mirrors/linux/debian-non-US/ # AU Australia (Perth, 
Western)
http://mirror.eftel.com/debian-non-US/   # AU Australia
...
http://debian.dynamica.it/debian-non-US/ # IT Italy (Milan)
http://ftp.ee.debian.org/debian-non-US/  # EE Estonia
http://dennou-h.gfd-dennou.org/library/Linux/debian-non-US/ # JP Japan (Kyoto)

An up-to-date copy of the above list is available at
ftp://ftp.debian.org/debian/README.non-US

-
The jigdo file also refers to the Non-US section of the Debian
archive. Please repeat the mirror selection for Non-US. Do not
simply copy the URL you entered above; this does not work because
the path on the servers differs!
Debian non-US mirror: http://ftp2.de.debian.org/debian-non-US/ 

Not downloading .template file - `debian-12.5.0-amd64-BD-1.template' already 
present



-- System Information:
Debian Release: 11.8
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500, 
'oldoldstable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-26-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages jigdo-file depends on:
ii  libbz2-1.0   1.0.8-4
ii  libc62.31-13+deb11u7
ii  libdb5.3 5.3.28+dfsg1-0.8
ii  libgcc-s1 [libgcc1]  10.2.1-6
ii  libgcc1  1:8.3.0-6
ii  libstdc++6   10.2.1-6
ii  wget 1.21-1+deb11u1
ii  zlib1g   1:1.2.11.dfsg-2+deb11u2

jigdo-file recommends no packages.

jigdo-file suggests no packages.

-- no debconf information

Bug#1063361: nvidia-graphics-drivers-tesla-470: autopkgtest needs update for new version of linux

[Florian Ernst]

Control: tag 1063361 + bookworm

On Sat, Feb 10, 2024 at 03:49:45PM +0100,  wrote:
> Control: found 1063361 470.223.02-2~deb12u1
> [...]
> Thus now marking this bug accordingly.

Not quite, but hopefully now.

FWIW, manually adding 0035-fix-build-w-kernel-6.1.76-6.6.15-6.7.3.patch[0]
fixes the build for me on bookworm as well.

Cheers,
Flo

[0] 
https://sources.debian.org/src/nvidia-graphics-drivers-tesla-470/470.223.02-4/debian/module/debian/patches/0035-fix-build-w-kernel-6.1.76-6.6.15-6.7.3.patch/


signature.asc
Description: PGP signature

Bug#1062932: nvidia-graphics-drivers: Version 525.147.05-6 not available in stable, dkms fails with kernel 6.1.0-18

[Patrick ZAJDA]

Source: nvidia-graphics-drivers
Version: 525.147.05-4~deb12u1
Followup-For: Bug #1062932

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Dear Maintainer,

Kernel version 6.1.0-18 is now available on stable but it looks the version 
which fix DKMS issue has only been uploaded to unstable.
Consequence is DKMS fails to build NVIDIA modules when updating kernel in 
Bookworm.

ERROR: modpost: GPL-incompatible module nvidia.ko uses GPL-only symbol 
'__rcu_read_lock'
ERROR: modpost: GPL-incompatible module nvidia.ko uses GPL-only symbol 
'__rcu_read_unlock'

Best regards,

Patrick


- -- System Information:
Debian Release: 12.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-17-amd64 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEF6TZmSao+HhR4xlgnUrTW+onPcoFAmXHj2IACgkQnUrTW+on
PcoLcxAAoP6H+4J3P/gbnzhPtKqyPtTWKXJQiz66ihT4ZQkY+BM29nuZfMW6d7yI
uIYjhybL3ArG+Or1FFfiG8OVPEvPKYlK7VQsXH6jWY//J+1YVEnOPUTJKP7AGcL/
tuL1ONTMwk715UY0q5W2CDtnrkYsIcQ7pxUd4DKUw8Kja7ZAhWcyJ7M09jTa6HAv
63aVI41Lw2JrRFmOdtIH9Hv4sYpXegpdsh6ZSmKmlahfKqMmcX++zqQDHJzPDtVS
3lwZ/ZEMhd0JDTWrtrshb64y/TztNkl9QLG1fOnG9m35rWpeQjVwz+VTDe88yKDQ
w/swAzXjxp1kygHqLAhZErN5eXBxtnPOZuKR2VUccnmXoEwpUuEhm/rwggo+zueQ
lxPHcPWfI1Vjwuhq9k16y2IguDMrnG5w+D15MnpK1qt5I8ZpKPFE9Qm3CDClTpZG
7kfwhQbbZG2h9LuZHGakrkB1wjpnuPCpIPdWoaYRAFcuZe5ITjP0egpg0xv3f6zg
RyYDKoltJyl4gq56gEykflqKnmHGN2SE6S/hL/AdPOcEIkV5G6P3Sa18Wx2S567D
uBJ9NwPCFylVFHpgQXBZyEiHwHt4q0WOdIoCyS43M04PjsxfK3Rwv9iIRq+tp+pz
PlqPLQU1jdJm43MhF5BEIZ8414L4loprN3z092uvnbKJL1Qs4ts=
=lBJv
-END PGP SIGNATURE-

Bug#1063361: nvidia-graphics-drivers-tesla-470: autopkgtest needs update for new version of linux

[Florian Ernst]

Control: found 1063361 470.223.02-2~deb12u1

On Tue, Feb 06, 2024 at 09:18:15PM +0100, Paul Gevers wrote:
> Source: nvidia-graphics-drivers-tesla-470
> Version: 470.223.02-3
> Severity: serious
> X-Debbugs-CC: li...@packages.debian.org
> Tags: sid trixie
> User: debian...@lists.debian.org
> Usertags: needs-update
> Control: affects -1 src:linux
> [...]
> 320s # MODPOST
> /var/lib/dkms/nvidia-tesla-470/470.223.02/build/Module.symvers
> 320sscripts/mod/modpost -M -m   -o
> /var/lib/dkms/nvidia-tesla-470/470.223.02/build/Module.symvers -T
> /var/lib/dkms/nvidia-tesla-470/470.223.02/build/modules.order -i
> Module.symvers -e
> 320s ERROR: modpost: GPL-incompatible module nvidia.ko uses GPL-only symbol
> '__rcu_read_unlock'
> 320s ERROR: modpost: GPL-incompatible module nvidia.ko uses GPL-only symbol
> '__rcu_read_lock'
> 320s make[4]: ***
> [/usr/src/linux-headers-6.6.15-common/scripts/Makefile.modpost:145:
> /var/lib/dkms/nvidia-tesla-470/470.223.02/build/Module.symvers] Error 1

Well, now that Linux 6.1.76 has entered Bookworm as part of today's
point release[0] this bug eccurs there as well. Here the end of my
/var/lib/dkms/nvidia-tesla-470/470.223.02/build/make.log:

| sh /usr/src/linux-headers-6.1.0-18-common/scripts/modules-check.sh 
/var/lib/dkms/nvidia-tesla-470/470.223.02/build/modules.order
| make -f /usr/src/linux-headers-6.1.0-18-common/scripts/Makefile.modpost
|sed 's/ko$/o/'  
/var/lib/dkms/nvidia-tesla-470/470.223.02/build/modules.order | 
scripts/mod/modpost -m -o 
/var/lib/dkms/nvidia-tesla-470/470.223.02/build/Module.symvers -e -i 
Module.symvers -T -
| ERROR: modpost: GPL-incompatible module nvidia.ko uses GPL-only symbol 
'__rcu_read_lock'
| ERROR: modpost: GPL-incompatible module nvidia.ko uses GPL-only symbol 
'__rcu_read_unlock'
| make[3]: *** 
[/usr/src/linux-headers-6.1.0-18-common/scripts/Makefile.modpost:126: 
/var/lib/dkms/nvidia-tesla-470/470.223.02/build/Module.symvers] Error 1
| make[2]: *** [/usr/src/linux-headers-6.1.0-18-common/Makefile:1991: modpost] 
Error 2
| make[2]: Leaving directory '/usr/src/linux-headers-6.1.0-18-amd64'
| make[1]: *** [Makefile:250: __sub-make] Error 2
| make[1]: Leaving directory '/usr/src/linux-headers-6.1.0-18-common'
| make: *** [Makefile:80: modules] Error 2

Thus now marking this bug accordingly.

Cheers,
Flo


[0] 
https://tracker.debian.org/news/1499745/accepted-linux-6176-1-source-into-proposed-updates/


signature.asc
Description: PGP signature

Bug#1056793: False positive bug?

[Matthew Vernon]

Hi,

I looked at the build log, and the problems look to be disk related?

/usr/bin/ld: final link failed: No space left on device
collect2: error: ld returned 1 exit status

(there follow further ENOSPC and also some No such file or directory 
errors, which presumably relate to things not written because of running 
out of space).


...so maybe the answer is not to go to cython-legacy, but to try a build 
somewhere with more disk?


Regards,

Matthew

Bug#1063651: RFS: letterize/1.5-1 [ITA] -- phone digits to letter-mnemonics

[Shriram Ravindranathan]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "letterize":

 * Package name : letterize
   Version  : 1.5-1
   Upstream contact : Eric S. Raymond
 * URL  :http://www.catb.org/~esr/letterize/
 * License  : BSD-3-clause
 * Vcs  :https://salsa.debian.org/debian/letterize
   Section  : misc

The source builds the following binary packages:

  letterize - phone digits to letter-mnemonics

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/letterize/

Alternatively, you can download the package with 'dget' using this command:

  dget 
-xhttps://mentors.debian.net/debian/pool/main/l/letterize/letterize_1.5-1.dsc

Changes since the last upload:

 letterize (1.5-1) unstable; urgency=medium
 .
   * New upstream release.
   * New maintainer (Closes: #1050242)
   * debian/control:
 - Add new maintainer's name to maintainer field.
   * debian/copyright:
 - Add new maintainer to copyright field.

Regards,
--
  Shriram Ravindranathan




OpenPGP_0xFC7E951A7BEF0836.asc
Description: OpenPGP public key


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1055966: bookworm-pu: package openvpn-dco-dkms/0.0+git20230324-1+deb12u1 (or 0.0+git20231103-0+deb12u1?)

[Jonathan Wiltshire]

On Tue, Feb 06, 2024 at 10:02:20PM +0100, Bernhard Schmidt wrote:
> Hi Jonathan,
> 
> > On Tue, Nov 14, 2023 at 11:26:54PM +0100, Bernhard Schmidt wrote:
> > > [ Reason ]
> > > openvpn-dco-dkms packages an accelerator kernel module for OpenVPN 
> > > (OpenVPN
> > > data channel offload). There is one annoying bug tracked as Bug#1055809 
> > > where on
> > > heavily loaded TCP servers a refcount issue might occur and the module 
> > > will
> > > become unusable.
> > 
> > This request was approved but not uploaded in time for the previous point
> > release (12.5). Should it be included in 12.6, or should this request be
> > abandoned and closed?
> 
> Sorry, my bad, I'm getting old. I'm still interested.
> 
> Considering the version in unstable is currently
> 
> 0.0+git20231103-1
> 
> should the upload be versioned
> 
> 0.0+git20231103-0+deb12u1 (like originally proposed) or
> 0.0+git20231103-1~deb12u1

As originally proposed please. You're not backporting 0.0+git20231103-1
directly as far as I know, because you have intermediate changes which
should not be included (correct me if I'm wrong about that).

Thanks,

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Bug#1052455: RE: freetype 2.12.1+dfsg-5+deb12u1 makes chromium segfault at startup

[Jonathan Wiltshire]

On Sat, Feb 10, 2024 at 12:23:06AM +1100, Hugh McMaster wrote:
> Hi Jonathan,
> 
> On Wed, 7 Feb 2024 at 04:47, Jonathan Wiltshire wrote:
> 
> > What's your plan at this point? We have skipped this update in two point
> > releases now and it needs a resolution.
> 
> 
> Thanks for following up. I’d actually forgotten about this.
> 
> I’d still like to disable the incomplete and incompatible COLRv1 support in
> Bookworm’s FreeType library.
> 
> The additional patch Ben Wagner identified is required.
> 
> Chromium seems to have fixed the bug we encountered last year, as I tested
> a build of FreeType as originally submitted and had no issues.
> 
> To avoid any surprises though, we should add the extra patch.
> 
> When is the next point release scheduled for?

It isn't yet, but the normal candence is approximately every two months.
You need to allow plenty for time for review and testing though. Please
propose a source debdiff as usual.

Thanks,

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Bug#1049982: bullseye-pu: package riemann-c-client/1.10.4-2+b2

[Jonathan Wiltshire]

On Fri, Feb 09, 2024 at 06:48:34PM -1000, Romain Tartière wrote:
> Hi Jonathan,
> 
> On Tue, Feb 06, 2024 at 05:59:10PM +, Jonathan Wiltshire wrote:
> > This request was approved but not uploaded in time for the previous point
> > releases (11.8 and 11.9). Should it be included in 11.10, or should this
> > request be abandoned and closed?
> 
> I am not sure about the process, but AFAIK there is nothing more I can
> do and I have to wait for a Debian committer to push it so that the
> fixed version is available to all Debian users.
> 
> As far as I am concerned, I am still very interested in seeing the fixed
> version shipped in Debian!
> 
> In case I missed something and the ball is in my court, please point me
> to the next move because I obviously missed it!

It's your responsibility to upload (or find a sponsor for) the package
incorporating the approved changes. Once that's done it can be reviewed and
accepted by SRMs.

Thanks,

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Bug#1050242: New Version

[Shriram Ravindranathan]

Whoops, I completely forgot how to retitle bugs here, sorry for the 
above two messages.


Eric S. Raymond published a new version (1.5) of letterize yesterday.
I'd love to see it on debian so I'll be adopting and packaging this.

--
Shriram Ravindranathan



OpenPGP_0xFC7E951A7BEF0836.asc
Description: OpenPGP public key


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1050242: Retitle O to ITA #1050242

[Shriram Ravindranathan]

retitle 1050242 ITA: letterize -- phone digits to letter-mnemonics

thanks



OpenPGP_0xFC7E951A7BEF0836.asc
Description: OpenPGP public key


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1050242: Retitle O to ITA #1050242

[Shriram Ravindranathan]

retitle #1050242 ITA: letterize -- phone digits to letter-mnemonics

thanks




OpenPGP_0xFC7E951A7BEF0836.asc
Description: OpenPGP public key


OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1063649: maint-guide: synatx error in setup instructions for sbuild

[Osamu Aoki]

Control: tags -1 pending


Hi,

Fixed in the salsa repo.


Thanks

On Sat, 2024-02-10 at 12:52 +, Nicholas Bamber wrote:
> Package: maint-guide
> Severity: important
> X-Debbugs-Cc: np.bam...@gmail.com
> 
> Dear Maintainer,
> 
> Hi Osamu,
> 
> 
> I think I found an error in section 3.6 (sbuild) of Guide for Debian
> Maintainers.
> 
> I think
> > $ sudo usermod -a -G  sbuild
> should be
> 
> > $ sudo usermod -a -G  sbuild 
> yours Nicholas
> 
> 
> -- System Information:
> Debian Release: 12.4
>   APT prefers stable-updates
>   APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
> 'stable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 6.1.0-17-amd64 (SMP w/2 CPU threads; PREEMPT)
> Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
> LANGUAGE=en_GB:en
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
> 
> maint-guide depends on no packages.
> 
> maint-guide recommends no packages.
> 
> Versions of packages maint-guide suggests:
> pn  debian-policy 
> pn  developers-reference  
> ii  devscripts    2.23.4+deb12u1
> pn  dh-make   
> pn  doc-base  
> ii  dput  1.1.3
> ii  fakeroot  1.31-1.2
> ii  lintian   2.116.3
> pn  pbuilder  
> ii  quilt 0.67+really0.66-1
> 

Bug#984976: mumble: Keyboard shortcuts can't be assigned

[James Valleroy]

The upstream issue was fixed in version 1.4:
https://github.com/mumble-voip/mumble/issues/3243#issuecomment-602499348



OpenPGP_signature.asc
Description: OpenPGP digital signature

Bug#1061145: debmake: use python3 command for Python 3 packages instead of python command

[Osamu Aoki]

Hi,

Thanks for reminder.  That is my oversight.  (I may have been expecting python2-
>3 transition will include python command to be available back then... I don't
remember ...)

With python package moving to pyproject.toml, I am just repackaging one of my
python package.  For trixie, I suppose we need to fix this as:

```
python3 -m build
```

In bookworm (current stable), we needed setup.py even if it is an empty one.

But I need this to be in line with trixie

Osamu

On Fri, 2024-01-19 at 09:53 -0300, Ernesto Domato wrote:
> Package: debmake
> Version: 4.4.0-3
> Severity: normal
> X-Debbugs-Cc: edom...@gmail.com
> 
> Hi,
> 
> When I tried to use debmake to package a Python 3 only application, and even
> when I force it
> to -b":python3", debmake try to run "python setup.py" which is wrong and
> should
> use "python3 setup.py"
> 
> Thanks.
> Ernesto
> 
> 
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 6.6.11-amd64 (SMP w/8 CPU threads; PREEMPT)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
> LANGUAGE=en_US:en
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
> 
> Versions of packages debmake depends on:
> ii  devscripts  2.23.7
> ii  dpkg-dev    1.22.2
> ii  python3 3.11.6-1
> ii  python3-debian  0.1.49
> ii  rsync   3.2.7-1+b1
> 
> Versions of packages debmake recommends:
> ii  build-essential  12.10
> ii  curl 8.5.0-2
> ii  strace   6.5-0.1
> ii  wget 1.21.4-1+b1
> 
> Versions of packages debmake suggests:
> ii  autotools-dev 20220109.1
> pn  ccache    
> pn  cmake 
> ii  debmake-doc   1.17-9
> pn  dgit  
> ii  dh-autoreconf 20
> ii  dh-python 6.20231223
> ii  eatmydata 131-1
> pn  gem2deb   
> ii  git   1:2.43.0-1
> pn  git-buildpackage  
> ii  gitk  1:2.43.0-1
> pn  javahelper    
> ii  lintian   2.116.3
> ii  mc    3:4.8.30-1
> ii  quilt 0.67+really0.67-4
> pn  rpm2cpio  
> ii  sbuild    0.85.4
> 
> -- no debconf information

Bug#1063350: lists.debian.org: Request for new mailinglist: debian-debtags

[Diederik de Haas]

On Sat, 10 Feb 2024 11:10:38 + Cord Beermann  wrote:
> On Tue, 06 Feb 2024 15:11:10 +0100 Birger Schacht  wrote:
> > for communication about managing and developing the debtags.debian.org
> > service, we would like to have a new Debian mailinglist:
> > 
> > Name: debian-debtags
> > Rationale: main communication about the debtags.d.o Debian service
> > Short description: debtags, the Debian package tagging system
> > Web Archive: yes

I think this is a setting too: please make it monthly archives

> After filing the request, it would be very much appreciated if several 
> other people interested in the new list would send a mail to the bug,
> in order to record their interest.

I'm interested too.

Cheers,
  Diederik

signature.asc
Description: This is a digitally signed message part.

Bug#1063650: reportbug: add menu to select port/arch usertags

[Paul Wise]

Package: reportbug
Severity: wishlist

I have been working on an enhancement[1] to reportbug that would allow
interactive selection of port/arch usertags[2] and automatically set
them in code paths that currently already ask for an architecture.

I could use some design advice around the data for this.

Currently the canonical definitions of the tags is the wiki page. The
reportbug patchset has a function to convert the wiki page to Python
objects. Then the reportbug code has a copy of the autogenerated Python
objects. However, in keeping with the spirit of what I wrote on [3],
I intend to switch that to storing a full copy of the raw source for
the wiki page in the reportbug source and then doing the conversion
at build time. There is similar data needed from [4] and [5].

Since the copy of the data in reportbug would get outdated, I was
thinking to download new copies when in online mode, cache them locally
and then use them in preference to the copy in the reportbug package.
This would happen only for code paths that do arch selection of course.

Does this feature and approach to data caching sound reasonable?

   1. https://salsa.debian.org/pabs/reportbug/-
  /compare?from=master=arch-usertags
   2. https://wiki.debian.org/Teams/Debbugs/ArchitectureTags
   3. https://wiki.debian.org/AutoGeneratedFiles
   4. https://salsa.debian.org/webmaster-team/webwml/-
  /raw/master/english/releases/arches.data
   5. The 'vancouvered' column in the buildd database, currently only
  at postgresql://udd-mirror:udd-mir...@udd-mirror.debian.net/udd

-- 
bye, pabs https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#1061496: valgrind: Segmentation fault on armhf checking programs built with -fstack-clash-protection or -fstack-check

[Emanuele Rocca]

Hi Petter,

On 2024-02-10 06:04, Petter Reinholdtsen wrote:
> This issue cause a failing autopkgtest with libvorbis.  I would much
> prefer a fix in valgrind instead of disabling a autopkgtest check.

As an alternative to disabling the test, you could consider disabling
stack-clash-protection on armhf for libvorbis:

ifeq ($(DEB_TARGET_ARCH),armhf)
  export DEB_BUILD_MAINT_OPTIONS = hardening=+all,-stackclash
else
  export DEB_BUILD_MAINT_OPTIONS = hardening=+all
endif

Bug#1063640: adwaita-icon-theme: cursor theme not found

[Jeremy Bícha]

Control: reassign -1 src:mutter 44.8-2

I found some mutter commits to fix this issue and am uploading now.

Thank you,
Jeremy Bícha

Bug#1063401: atm-tools: has gained /usr/share/doc/libatm1/changelog.*

[Andreas Metzler]

Control: tags -1 patch

On 2024-02-07 Andreas Beckmann  wrote:
> Package: atm-tools
> Version: 1:2.5.1-5.1~exp1
[...]
> atm-tools/experimental has gained two unexpected files, causing file
> conflicts on upgrades:
[...]
> There is still an libatm1 dependency, and the new libatm1t64 dependency
> seems to miss the epoch.

Hello,

Both issues are fixed by a one-line-change, a dh_lintian call should
also be added.

diff -Nru linux-atm-2.5.1/debian/rules linux-atm-2.5.1/debian/rules
--- linux-atm-2.5.1/debian/rules2019-07-19 11:14:25.0 +0200
+++ linux-atm-2.5.1/debian/rules2024-02-10 13:31:02.0 +0100
@@ -72,7 +72,7 @@
dh_testroot
dh_install --sourcedir=debian/tmp
rm debian/atm-tools/usr/share/man/man8/br2684ctl.8
-   dh_installdocs --link-doc=libatm1
+   dh_installdocs --link-doc=libatm1t64
dh_installinit --init-script=atm
dh_installsystemd --name=atm
dh_installman
@@ -80,6 +80,7 @@
dh_link
dh_strip
dh_compress
+   dh_lintian
dh_fixperms
dh_makeshlibs -- -c4
dh_installdeb

cu Andreas

Bug#749193: apt-listbugs: Reemergence of ruby encoding troubles

[François Revol]

Same here on apt upgrade, it stops on wine:



Analyse des informations Trouvé/Corrigé… Fait
bogues de gravité grave sur python3-jedi (0.18.2-1 → 0.19.1+ds-1) attente de traitement>
 b1 - #1063491 - python3-jedi: unvendoring python3-typeshed breaks 
other packages
bogues de gravité serious sur adwaita-icon-theme (45.0-2 → 46~beta-1) 


 b2 - #1063640 - adwaita-icon-theme: cursor theme not found
bogues de gravité serious sur fwupd (1.9.11-1 → 1.9.13-1) traitement>
 b3 - #1061731 - fwupd: Failed to load daemon: failed to load engine: 
Failed to load config: Key file does not have group “redfish”
bogues de gravité serious sur wine (8.0.2~repack-2 → 9.0~repack-2) 

/usr/lib/ruby/vendor_ruby/aptlistbugs/logic.rb:842:in `+': incompatible 
character encodings: ASCII-8BIT and UTF-8 (Encoding::CompatibilityError)
from /usr/lib/ruby/vendor_ruby/aptlistbugs/logic.rb:842:in 
`block (4 levels) in display_bugs'
from /usr/lib/ruby/vendor_ruby/aptlistbugs/debian/bug.rb:69:in 
`block in each_by_category'
from /usr/lib/ruby/vendor_ruby/aptlistbugs/debian/bug.rb:68:in 
`each'
from /usr/lib/ruby/vendor_ruby/aptlistbugs/debian/bug.rb:68:in 
`each_by_category'
from /usr/lib/ruby/vendor_ruby/aptlistbugs/logic.rb:821:in 
`block (3 levels) in display_bugs'

from /usr/lib/ruby/vendor_ruby/aptlistbugs/logic.rb:817:in `each'
from /usr/lib/ruby/vendor_ruby/aptlistbugs/logic.rb:817:in 
`block (2 levels) in display_bugs'

from /usr/lib/ruby/vendor_ruby/aptlistbugs/logic.rb:816:in `each'
from /usr/lib/ruby/vendor_ruby/aptlistbugs/logic.rb:816:in 
`block in display_bugs'

from /usr/lib/ruby/vendor_ruby/aptlistbugs/logic.rb:815:in `each'
from /usr/lib/ruby/vendor_ruby/aptlistbugs/logic.rb:815:in 
`display_bugs'

from /usr/lib/ruby/vendor_ruby/aptlistbugs/logic.rb:465:in `view'
from /usr/bin/apt-listbugs:632:in `'
E: Le sous-processus /usr/bin/apt-listbugs apt a renvoyé un code 
d'erreur (1)

E: Failure running script /usr/bin/apt-listbugs apt





Passing LANG=C seems to work around it:

Parsing Found/Fixed information... Done
grave bugs of python3-jedi (0.18.2-1 -> 0.19.1+ds-1) 
 b1 - #1063491 - python3-jedi: unvendoring python3-typeshed breaks 
other packages

serious bugs of adwaita-icon-theme (45.0-2 -> 46~beta-1) 
 b2 - #1063640 - adwaita-icon-theme: cursor theme not found
serious bugs of fwupd (1.9.11-1 -> 1.9.13-1) 
 b3 - #1061731 - fwupd: Failed to load daemon: failed to load engine: 
Failed to load config: Key file does not have group “redfish”
serious bugs of wine (8.0.2~repack-2 -> 9.0~repack-2) Version>
 b4 - #1061655 - wine: FTBFS with error: unknown conversion type 
character ‘I’ in format [-Werror=format=] (Fixed: wine/9.0~repack-3)

Summary:
 adwaita-icon-theme(1 bug), fwupd(1 bug), wine(1 bug), python3-jedi(1 bug)




Could it be the UTF-8 single quotes around the I that triggers it?
  e2 80 98 49 e2 80 99 0a   |...I|

Bug#1063649: maint-guide: synatx error in setup instructions for sbuild

[Nicholas Bamber]

Package: maint-guide
Severity: important
X-Debbugs-Cc: np.bam...@gmail.com

Dear Maintainer,

Hi Osamu,


I think I found an error in section 3.6 (sbuild) of Guide for Debian 
Maintainers.

I think
> $ sudo usermod -a -G  sbuild
should be

> $ sudo usermod -a -G  sbuild 
yours Nicholas


-- System Information:
Debian Release: 12.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-17-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

maint-guide depends on no packages.

maint-guide recommends no packages.

Versions of packages maint-guide suggests:
pn  debian-policy 
pn  developers-reference  
ii  devscripts2.23.4+deb12u1
pn  dh-make   
pn  doc-base  
ii  dput  1.1.3
ii  fakeroot  1.31-1.2
ii  lintian   2.116.3
pn  pbuilder  
ii  quilt 0.67+really0.66-1