Bug#1071586: kicad: bookworm-backports requires update to 8.x

2024-05-21 Thread Charlemagne Lasse 
Package: kicad
Version: 7.0.11+dfsg-1~bpo12+1
Severity: wishlist

Backports is expected to track the version in testing. But at the
moment, it is unfortunately from an older version. It would be nice to
have an upload to bookworm-backports which updates it to the "same"
version. If there are any blockers then it would also be nice to just
hear about them.

(btw. thanks for all the work. I just got curious and took this as an
opportunity to create this ticket to track the state).

Bug#1069191: glibc: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence

2024-04-22 Thread Charlemagne Lasse 
Hi,

Can this be backported to older Debian versions via the security repo?
This bug can be used to execute code when using the PHP engine:

* https://www.offensivecon.org/speakers/2024/charles-fol.html
* https://www.openwall.com/lists/oss-security/2024/04/18/4

Bug#1064476: dpkg-buildflags: add support for building with frame pointers enabled

2024-03-17 Thread Charlemagne Lasse 
Control: merge 1064476 1058665 1058664

I would even love to have finally a debian again which can be used to
debug and profile production ready binaries (at least on amd64). See
also

* 
https://www.brendangregg.com/blog/2024-03-17/the-return-of-the-frame-pointers.html
* 
https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
* https://fedoraproject.org/wiki/Changes/fno-omit-frame-pointer

Bug#1037363: libkf5mimetreeparser5abi1: does not find the key used to sign a message if a signing subkey was used

2023-06-12 Thread Charlemagne Lasse 
Package: libkf5mimetreeparser5abi1
Version: 4:22.12.3-1
Tags: bookworm sid patch upstream
Forwarded: https://bugs.kde.org/show_bug.cgi?id=469304
Control: affects -1 kmail

SUMMARY
KMail claims that messages signed with a subkey of my own key are
signed with an unknown key.

STEPS TO REPRODUCE
1. You need an OpenPGP certficate with a signing subkey.
2. Sign a message with this key and send it to yourself (or use Send
Later to put it in your outbox).
3. View the message.

OBSERVED RESULT
I have an OpenPGP certficate with a signing subkey that is used to
sign my messages. KMail has no problem signing my messages, but when
viewing my messages KMail says:
> Message was signed on 25.04.23 18:24 with unknown key 
> 0xDB8E020E328C30942060BF21B16F599516474ABA.
> The validity of the signature cannot be verified.
> Status: Good signature

Obviously, this doesn't make any sense because how can the signature
be good if it was signed with an unknown key. It turns out that gpg
which is used to verify the signature very well knows the key, but
KMail is not able to find it.

EXPECTED RESULT
KMail should say something like:
> Message was signed by *@ingo-kloecker.de (Key ID: 0xE375339BF4C51840).
> The signature is valid and the key is ultimately trusted.


The fix can be found at
https://invent.kde.org/pim/messagelib/commit/70f39256784280d2034aa7bf1c4765f606c22d56

Bug#1031616: kmail: E-Mail signed with gnupg subkey not properly shown as valid

2023-02-19 Thread Charlemagne Lasse 
Package: kmail
Version: 22.12.2-1
Severity: normal
Tags: bookworm sid upstream
Forwarded: https://bugs.kde.org/show_bug.cgi?id=465551

SUMMARY
I'm using gnupg with an subkey to sign my e-mails.
KMail shows following message when a e-mail was signed with the gnugp subkey:
"Not enough information to check signature validity."

Details message:
"Message was signed on  with unknown key .
The validity of the signature cannot be verified.
Status: Good signature"

Expected
STEPS TO REPRODUCE
1. Create e-mail in composer, with signing active (using an gnupg key
with an signing only subkey)
2. save e-mail as draft (just for simplicity - sending the mail to
yourself would also work)
3. Open draft email (preview - not the editing)

OBSERVED RESULT
KMail shows an orange border with following message when a e-mail was
signed with the gnugp subkey:
"Not enough information to check signature validity."

Details message:
"Message was signed on  with unknown key .
The validity of the signature cannot be verified.
Status: Good signature"


EXPECTED RESULT
Showing an green border. This is also the result I see in Debian
bullseye with gpg  2.2.27-2, kmail 20.08.3 and 5.20.5


ADDITIONAL INFORMATION
The log output when "Write server mode logs to FILE" is configured
shows following Information when the signed e-mail is opened:

2023-02-10 17:06:11 gpg[1848451] armor: BEGIN PGP SIGNATURE
2023-02-10 17:06:11 gpg[1848451] Signature made Do 22 Dez 2022 11:53:36 CET
2023-02-10 17:06:11 gpg[1848451]using RSA key 
2023-02-10 17:06:11 gpg[1848451] using subkey  instead of
primary key 
2023-02-10 17:06:11 gpg[1848451] using subkey  instead of
primary key 
2023-02-10 17:06:11 gpg[1848451] using classic trust model
2023-02-10 17:06:11 gpg[1848451] key : accepted as trusted key
2023-02-10 17:06:11 gpg[1848451] Good signature from "" [ultimate]
2023-02-10 17:06:11 gpg[1848451] using subkey  instead of
primary key 
2023-02-10 17:06:11 gpg[1848451] binary signature, digest algorithm
SHA256, key algorithm rsa4096
2023-02-10 17:06:11 gpg[1848454] using character set 'utf-8'
2023-02-10 17:06:11 gpg[1848454] using classic trust model
2023-02-10 17:06:11 gpg[1848454] key : accepted as trusted key

So gnupg itself uses the subkey to verify the signature

Additional information.
When I click on the  link inside the details message
"Message was signed on  with unknown key "
an kleopatra window opens and shows the correct gnupg key/certificate.

It seems that only kmail cannot find the correct gnugpg
key/certificate via an gnupg subkey fingerprint

Bug#1003242: python3-mailman-hyperkitty: Need a newer version to match mailman core

2022-12-11 Thread Charlemagne Lasse 
Control: tags -1 + fixed-upstream patch security
Justification: CVE-2021-35058

https://gitlab.com/mailman/mailman-hyperkitty/-/commit/18816fbd4130a9f08b0885e0421c963879808921
https://gitlab.com/mailman/mailman-hyperkitty/-/commit/df9cdc44dc59c7ed78097ef8f5ba3db46e7a92e9

But it might be better to package 1.2.x instead of cherry-picking this patch

Bug#1025019: python-aiosmtpd: (autopkgtest) needs update for python3.11: Can't decode base64

2022-12-11 Thread Charlemagne Lasse 
Control: tags -1 + fixed-upstream patch

Patch can be found at
https://github.com/aio-libs/aiosmtpd/commit/827f2321b7a926f3e8ba2aad6387b36c7c2e0b9a.patch

Bug#1013480: hyperkitty: FTBFS: TypeError: __init__() got an unexpected keyword argument 'providing_args'

2022-11-14 Thread Charlemagne Lasse 
Am Mo., 14. Nov. 2022 um 10:53 Uhr schrieb Pierre-Elliott Bécue
:
> I really don't need reminders about the bugs on my packages.

This is not a reminder. I was just going through the mailman3 packages
to understand what is currently blocking the migration of packages.
And when I found out what is blocking it, I've only checked if this
problem is solved upstream or not. And if it was solved upstream, I
added information about the situation in the already existing bug.

> Please refrain from putting pressure on people with the expectation that 
> they'll do what you want at the tine you want.
>
> This is the last time I reply to such sollicitations.

I don't understand why you are so unfriendly.

Bug#1013480: hyperkitty: FTBFS: TypeError: __init__() got an unexpected keyword argument 'providing_args'

2022-11-14 Thread Charlemagne Lasse 
Control: tags -1 + fixed-upstream patch

This problem currently blocks various mailman3 related packages from
migrating to Debian bookwoom.

But it seems like this is fixed by 1.3.6:
https://docs.mailman3.org/projects/hyperkitty/en/latest/news.html#news-1-3-6

Bug#1013500: django-mailman3: FTBFS: TypeError: __init__() got an unexpected keyword argument 'providing_args'

2022-11-14 Thread Charlemagne Lasse 
Control: tags -1 + fixed-upstream patch

This problem currently blocks various mailman3 related packages from
migrating to Debian bookwoom.

But it seems like this is fixed by 1.3.8:
https://pypi.org/project/django-mailman3/

(btw. thanks for the mailman 3.3.7 upload)

Bug#998223: Contributors for Mailman 3 in Debian / your RFH

2022-11-13 Thread Charlemagne Lasse 
> Mailman3 has been part of buster and bullseye, but the release of sqlalchemy 
> 1.4 is not compatible with it and therefore there is a chance that it will 
> not make it in bookworm. There is nothing that any contributor can do except 
> taking the time to help mailman upstream to be fixed and work with sqlalchemy 
> 1.4.

Upstream released a version which is compatible with sqlalchemy 1.4
and which should also fix all other blocking problems in the mailman3
problems. See bug #1023976 for things I am assuming are fixed by it.

Bug#1023976: mailman3: Package version 3.3.7

2022-11-13 Thread Charlemagne Lasse 
Package: mailman3
Version: 3.3.3-1
Severity: wishlist
Control: block 996806 by -1
Control: tags 996806 + patch fixed-upstream
Control: block 995779 by -1
Control: tags 995779 + patch fixed-upstream
Control: block 1004934 by -1
Control: tags 1004934 + patch fixed-upstream
Control: block 1015989 by -1
Control: tags 1015989 + patch fixed-upstream
Control: block 997877 by -1
Control: tags 997877 + patch fixed-upstream



The version 3.3.7 was released upstream and should fix all the bugs
which are currently breaking mailman 3 on Debian unstable (and
preventing it to enter Debian bookworm).

https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/docs/NEWS.html

Bug#995779: autopkgtest fails with sqlalchemy 1.4.23+ds1

2022-11-06 Thread Charlemagne Lasse 
Control: tags 995779 + patch

This is the upstream merged fix for sqlalchemy 1.4:
https://gitlab.com/mailman/mailman/-/commit/c926e3d54680d4fac0648cde036368c699976038

Bug#998223: Contributors for Mailman 3 in Debian / your RFH

2022-11-04 Thread Charlemagne Lasse 
Am Sa., 15. Okt. 2022 um 09:39 Uhr schrieb Pierre-Elliott Bécue
:
> Mailman3 has been part of buster and bullseye, but the release of sqlalchemy 
> 1.4 is not compatible with it and therefore there is a chance that it will 
> not make it in bookworm. There is nothing that any contributor can do except 
> taking the time to help mailman upstream to be fixed and work with sqlalchemy 
> 1.4.

Thanks for the info. This is the upstream merged fix for sqlalchemy
1.4: 
https://gitlab.com/mailman/mailman/-/commit/c926e3d54680d4fac0648cde036368c699976038

Bug#998223: Contributors for Mailman 3 in Debian / your RFH

2022-10-15 Thread Charlemagne Lasse 
Hi,

Where can we find results from the new contributors? Because it looks
at the moment like Debian bookworm might become the third Debian
release (after buster + bullseye) which is unsuitable as a base system
for software project servers (redmine + mailman3 + gitolite). At
least, for the last two releases, redmine was to blame here but now it
looks like mailman3 might be the blocker.

See also https://lists.debian.org/debian-devel-announce/2022/10/msg4.html
for the Debian bookworm timeline

Bug#960454: chromium: Make Chromium ask before downloading and enabling DRM

2021-01-25 Thread Charlemagne Lasse 
Completely disabling the autoupdater was an extremely bad idea. Now
even various autoupdater scripts to update the global version in
/usr/lib/chromium/WidevineCdm don't work anymore - so leaving users in
a broken state.

See also #981069

Bug#981069: chromium: Doesn't load widevine from /usr/lib/chromium/WidevineCdm/

2021-01-25 Thread Charlemagne Lasse 
Package: chromium
Version: 88.0.4324.96-0.1
X-Debbugs-CC: Olivier Tilloy 
X-Debbugs-CC: mimi8 

The changes for ticket #960454 removed the autoupdater for widevine.
And then mentions in the README.debian that
/usr/lib/chromium/WidevineCdm/ is the place to put the widevine
binaries.

But this is not working anymore with this chromium version (but worked
with older versions from May 2020). Also the patch to load it from
$HOME/.local/lib/libwidevinecdm.so doesn't have any effect at all
anymore.

The only file queried for widevine is now
$HOME/.config/chromium/WidevineCdm/latest-component-updated-widevine-cdm

And this definitely makes sense because Debian builds it without
BUNDLE_WIDEVINE_CDM and so the code (AddContentDecryptionModules's
bundled_widevine, ...) is completely disabled - thus disabling
$HOME/.local/lib/libwidevinecdm.so and /usr/lib/chromium/WidevineCdm/

Bug#979970: libselinux1: dependency to newer libc6 ignored by/missing for aptitude

2021-01-12 Thread Charlemagne Lasse 
Package: libselinux1
Version: 2.8-1+b1
Severity: grave

Right now, an update from buster to bullseye on amd64 completely
bricks the system because libselinux1 is requiring a libc6 which is
not yet installed on the system:

Preparing to unpack .../0-libselinux1_3.1-2+b2_amd64.deb ...
De-configuring libselinux1:i386 (2.8-1+b1) ...
Unpacking libselinux1:amd64 (3.1-2+b2) over (2.8-1+b1) ...
tar: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.30' not
found (required by /lib/x86_64-linux-gnu/libselinux.so.1)
dpkg-deb: error: tar subprocess returned error exit status 1

It is then not possible anymore to recover the system because dpkg
(mv, ...) is no longer working.

There is most likely some kind dependency missing to let aptitude
known that it must first update libc6 before it can update
libselinux1. At least on this system, the installed version of libc6
for amd64 and i386 was still 2.28-10 when this happened

Bug#977510: [gajim] File/Link actions cause g-io-error-quark exception

2020-12-15 Thread Charlemagne Lasse 
Package: gajim
Version: 1.2.2-1
Severity: important
Tags: patch
X-Debbugs-Cc: pkg-gnome-maintain...@lists.alioth.debian.org
X-Debbugs-Cc: pkg-xmpp-de...@lists.alioth.debian.org
X-Debbugs-Cc: pkg-freedesktop-maintain...@lists.alioth.debian.org

It was noticed that there is a regression when switching from gajim on
Debian buster to gajim on Debian bullseye.

When clicking on a file (aesgcm://) in the chat, the data is
downloaded but the buttons "Open Folder" or "Open" aren't doing
anything. Also clicking on a link will not open a browser window. Only
following is shown in the log for all the described scenarios:

15.12.2020 09:23:17 (E) gajim.c.helpersg-io-error-quark:
No application is registered as handling this file (15)
Traceback (most recent call last):
 File "/usr/lib/python3/dist-packages/gajim/common/helpers.py", line
1044, in func_wrapper
   result = func(self, *args, **kwargs)
 File "/usr/lib/python3/dist-packages/gajim/common/helpers.py", line
1160, in open_file
   Gio.AppInfo.launch_default_for_uri(path)
gi.repository.GLib.GError: g-io-error-quark: No application is
registered as handling this file (15)

This can easily be fixed with the attached patch for the dependencies
in debian/control to make sure that desktop-file-utils are installed.
diff --git a/debian/control b/debian/control
index 697079d..11e7a3d 100644
--- a/debian/control
+++ b/debian/control
@@ -31,6 +31,7 @@ Architecture: all
 Depends:
 ${misc:Depends},
 ${python3:Depends},
+desktop-file-utils,
 gir1.2-gtk-3.0 (>= 3.22.27~),
 python3 (>= 3.5),
 python3-cssutils (>= 1.0.2),

Bug#950500: aqbanking-tools: aqpaypal-tool unable to call any control function

2020-02-02 Thread Charlemagne Lasse 
Package: aqbanking-tools
Version: 6.0.1-2
Tags: patch

The libaqbanking44 or the aqbanking-tools are currently incompatible
with each other when calling the aqpaypal backend

aqpaypal-tool  fff
3:2020/02/02 17-39-18:aqpaypal-tool(16869):aqpaypal-tool.c:  246:
Error calling control function (-51)

It can be solved by changing --with-backends="aqnone aqhbci
aqofxconnect aqebics" in debian/rules to --with-backends="aqnone
aqhbci aqofxconnect aqebics aqpaypal"

Bug#947080: [getmail] Crashes when not being able to decode encoding of Cc line

2019-12-20 Thread Charlemagne Lasse 
Package: getmail
Version: 5.13-1
Severity: normal
Tags: buster
X-Debbugs-CC: getm...@lists.pyropus.ca
X-Debbugs-CC: charlesc-getmail-supp...@pyropus.ca

I now have to soothe a lot of angry people because I didn't receive
some important mails from one of my accounts (and thus didn't act
correctly). The problem was that I received a mail with following
(raw) Cc line on the same account:

Cc: =?utf-8?b?UmFmYcWCIE1pxYJl?==?utf-8?b?Y2tp?= 

It seems like python2 can decode this:

>>> email.header.decode_header('=?utf-8?b?UmFmYcWCIE1pxYJl?= =?utf-8?b?Y2tp?=')

but not

>>> email.header.decode_header('=?utf-8?b?UmFmYcWCIE1pxYJl?==?utf-8?b?Y2tp?=')
Traceback (most recent call last):
 File "", line 1, in 
 File "/usr/lib/python2.7/email/header.py", line 108, in decode_header
   raise HeaderParseError
email.errors.HeaderParseError

getmail just crashed all the time (and systemd restarted it
automatically) but never downloaded any mail for this specific account
again.

getmail[15939]: Traceback (most recent call last):
getmail[15939]:   File "/usr/bin/getmail", line 934, in 
getmail[15939]: main()
getmail[15939]:   File "/usr/bin/getmail", line 898, in main
getmail[15939]: success = go(configs, options.idle)
getmail[15939]:   File "/usr/bin/getmail", line 200, in go
getmail[15939]: msg = retriever.getmsg(msgid)
getmail[15939]:   File
"/usr/lib/python2.7/dist-packages/getmailcore/_retrieverbases.py",
line 1008, in getmsg
getmail[15939]: return self._getmsgbyid(msgid)
getmail[15939]:   File
"/usr/lib/python2.7/dist-packages/getmailcore/_retrieverbases.py",
line 1934, in _getmsgbyid
getmail[15939]: for (val, encoding) in decode_header(encoded_value):
getmail[15939]:   File "/usr/lib/python2.7/email/header.py", line 108,
in decode_header
getmail[15939]: raise HeaderParseError
getmail[15939]: email.errors.HeaderParseError
systemd[261]: getmail.service: Main process exited, code=exited,
status=1/FAILURE
systemd[261]: getmail.service: Failed with result 'exit-code'.

This will no longer affect getmail in Debian sid in the near future
because sid is dropping Python2 (and Python3 doesn't have this
decoding problem).

Bug#945406: chromium: Widevine content decrytion module no longer working

2019-11-24 Thread Charlemagne Lasse 
Package: chromium
Version: 78.0.3904.97-1~deb10u1
Tags: buster

The update in Debian Buster amd64 broke the support for the Widevine
content decryption module. It was working fine before with
76.0.3809.100-1~deb10u1. The component is also no longer shown under
chrome://components/ and this problem is also visible when going to
https://bitmovin.com/demos/drm (see list of supported DRMs in the
list)

The 4.10.1440.19 version of widevine was installed under
/usr/lib/chromium/libwidevinecdm.so . It was downloaded from
https://dl.google.com/widevine-cdm/4.10.1440.19-linux-x64.zip. And it
is the same version which is also used by Firefox

This currently breaks chromium for me with Netflix and Amazon Prime (Music).

Bug#931496: redmine: Missing in Debian Buster

2019-07-06 Thread Charlemagne Lasse 
Source: redmine
Severity: normal
Tags: buster

I've just updated my server to Debian buster and then noticed that my
redmine was gone. Problem is that it was removed from Debian testing
https://tracker.debian.org/news/1027921/redmine-removed-from-testing/
(when Buster was still equal to testing)

Please provide an buster-backports upload to allow other admins to
upgrade their servers without ending up without redmine or with a
broken redmine installation.

Bug#929492: iwyu: Requests to add forward declaration which is in file

2019-05-24 Thread Charlemagne Lasse 
Package: iwyu
Version: 7.0-3
Forwarded: 
https://github.com/include-what-you-use/include-what-you-use/issues/682
Tags: buster sid
X-Debbugs-CC: Kim Grasman 

Problem can reproduced via (please check the first line):

struct foobar;

struct foobar *test(struct foobar *asd)
{
return asd;
}

And then iwyu tells me:

$ iwyu test.c

test.c should add these lines:
struct foobar;

test.c should remove these lines:

The full include-list for test.c:
struct foobar;
---

Something which is already there. Now adding the line again:

struct foobar;
struct foobar;
struct foobar *test(struct foobar *asd)
{
return asd;
}

But it tells me now again that I should add this line again:

$ iwyu test.c

test.c should add these lines:
struct foobar;

test.c should remove these lines:

The full include-list for test.c:
struct foobar;
---

This currently breaks iwyu for me in Debian Buster

Bug#925528: kwin-x11: High CPU load and extreme screen tearing with nvidia driver

2019-03-26 Thread Charlemagne Lasse 
Here is a patch which can be applied on top of the kwin package to
include the two patches which modify GlxBackend::GlxBackend.
From ad5f05d207edd32fc8571c9ae6bb916e61b291d4 Mon Sep 17 00:00:00 2001
From: Charlemagne Lasse 
Date: Tue, 26 Mar 2019 15:30:19 +0100
Subject: [PATCH] Fix missing vsync and high CPU load with Nvidia's proprietary
 driver

---
 debian/changelog  |  8 ++
 .../patches/Fix-flickering-with-Qt-5.12.patch | 47 ++
 ...pBuffers-to-block-with-NVIDIA-driver.patch | 94 +++
 debian/patches/series |  2 +
 4 files changed, 151 insertions(+)
 create mode 100644 debian/patches/Fix-flickering-with-Qt-5.12.patch
 create mode 100644 debian/patches/Force-glXSwapBuffers-to-block-with-NVIDIA-driver.patch

diff --git a/debian/changelog b/debian/changelog
index 0f0e4d3..4f4ce7b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+kwin (4:5.14.5-2) UNRELEASED; urgency=medium
+
+  [ Charlemagne Lasse ]
+  * Backport upstream patches to fix missing vsync and high CPU load with
+Nvidia's proprietary driver (Closes: #925528)
+
+ -- Charlemagne Lasse   Tue, 26 Mar 2019 15:26:54 +0100
+
 kwin (4:5.14.5-1) unstable; urgency=medium
 
   * New upstream release (5.14.5).
diff --git a/debian/patches/Fix-flickering-with-Qt-5.12.patch b/debian/patches/Fix-flickering-with-Qt-5.12.patch
new file mode 100644
index 000..647fc69
--- /dev/null
+++ b/debian/patches/Fix-flickering-with-Qt-5.12.patch
@@ -0,0 +1,47 @@
+From: Alexander Volkov 
+Date: Tue, 22 Jan 2019 22:36:15 +0300
+Subject: Fix flickering with Qt 5.12
+
+Summary:
+Mesa requires XESetWireToEvent xlib callbacks to be called
+when DRI2 is used. This is done by the GLX integration in
+the Qt's xcb plugin, but Qt 5.12 initializes the GLX integration
+only when required, e.g. when a window with OpenGL support is
+created or when availability of OpenGL is checked.
+
+So force initialization of the GLX integration by calling
+QOpenGLContext::supportsThreadedOpenGL().
+
+https://codereview.qt-project.org/#/c/6557/
+https://bugzilla.opensuse.org/show_bug.cgi?id=1120090
+
+Reviewers: #kwin, graesslin
+
+Reviewed By: #kwin, graesslin
+
+Subscribers: davidedmundson, graesslin, fvogt, filipf, kwin
+
+Tags: #kwin
+
+Differential Revision: https://phabricator.kde.org/D18366
+
+Origin: upstream, https://cgit.kde.org/kwin.git/patch/?id=5d63b9c05bbe0c6545b3eeea98d95b40f800fb55
+---
+ plugins/platforms/x11/standalone/glxbackend.cpp | 4 
+ 1 file changed, 4 insertions(+)
+
+diff --git a/plugins/platforms/x11/standalone/glxbackend.cpp b/plugins/platforms/x11/standalone/glxbackend.cpp
+index a2c570e..eb2d464 100644
+--- a/plugins/platforms/x11/standalone/glxbackend.cpp
 b/plugins/platforms/x11/standalone/glxbackend.cpp
+@@ -115,6 +115,10 @@ GlxBackend::GlxBackend(Display *display)
+ , haveSwapInterval(false)
+ , m_x11Display(display)
+ {
++ // Force initialization of GLX integration in the Qt's xcb backend
++ // to make it call XESetWireToEvent callbacks, which is required
++ // by Mesa when using DRI2.
++ QOpenGLContext::supportsThreadedOpenGL();
+ }
+ 
+ static bool gs_tripleBufferUndetected = true;
diff --git a/debian/patches/Force-glXSwapBuffers-to-block-with-NVIDIA-driver.patch b/debian/patches/Force-glXSwapBuffers-to-block-with-NVIDIA-driver.patch
new file mode 100644
index 000..97b5932
--- /dev/null
+++ b/debian/patches/Force-glXSwapBuffers-to-block-with-NVIDIA-driver.patch
@@ -0,0 +1,94 @@
+From: Erik Kurzinger 
+Date: Wed, 20 Mar 2019 09:50:13 -0700
+Subject: Force glXSwapBuffers to block with NVIDIA driver
+
+Summary:
+The NVIDIA implementation of glXSwapBuffers will, by default, queue up
+to two frames for presentation before blocking. KWin's compositor,
+however, assumes that calls to glXSwapBuffers will always block until
+the next vblank when rendering double buffered. This assumption isn't
+valid, as glXSwapBuffers is specified as being an implicit glFlush,
+not an implicit glFinish, and so it isn't required to block. When this
+assumption is violated, KWin's frame timing logic will
+break. Specifically, there will be extraneous calls to
+setCompositeTimer with a waitTime of 0 after the non-blocking buffer
+swaps, dramatically reducing desktop responsiveness. To remedy this,
+a call to glXWaitGL was added by Thomas Luebking after glXSwapBuffers
+in 2015 (see bug 346275, commit
+8bea96d7018d02dff9462326ca9456f48e9fe9fb). That glXWaitGL call is
+equivalent to a glFinish call in direct rendering, so it was a good
+way to make glXSwapBuffers behave as though it implied a glFinish
+call.
+
+However, the NVIDIA driver will by default do a busy wait in glFinish,
+for reduced latency. Therefore that change dramatically increased CPU
+usage. GL_YIELD can be set to USLEEP (case insensitive) to change
+the behavior and use usleep instead. When using the NVIDIA driver,
+KWin will disable vsync entirely if GL_YIELD isn't set to USLEEP
+(case

Bug#925528: kwin-x11: High CPU load and extreme screen tearing with nvidia driver

2019-03-26 Thread Charlemagne Lasse 
Package: kwin-x11
Version: 4:5.14.5-1
Severity: important
Tags: buster sid patch upstream fixed-upstream
Forwarded: https://bugs.kde.org/show_bug.cgi?id=322060

kwin-x11 with the current nvidia driver causes extreme high CPU load
and tearing. The graphics performance is also reduced to an
unacceptable level when compositing is enabled. This is caused by the
way how kwin-x11 tries to flush frames - which doesn't work with
advanced drivers (like the ones from nvidia). This was better
described by Erik Kurzinger in his patch
https://phabricator.kde.org/D19867

The NVIDIA implementation of glXSwapBuffers will, by default, queue up
to two frames for presentation before blocking. KWin's compositor,
however, assumes that calls to glXSwapBuffers will always block until
the next vblank when rendering double buffered. This assumption isn't
valid, as glXSwapBuffers is specified as being an implicit glFlush,
not an implicit glFinish, and so it isn't required to block. When this
assumption is violated, KWin's frame timing logic will
break. Specifically, there will be extraneous calls to
setCompositeTimer with a waitTime of 0 after the non-blocking buffer
swaps, dramatically reducing desktop responsiveness. To remedy this,
a call to glXWaitGL was added by Thomas Luebking after glXSwapBuffers
in 2015 (see bug 346275, commit
8bea96d7018d02dff9462326ca9456f48e9fe9fb). That glXWaitGL call is
equivalent to a glFinish call in direct rendering, so it was a good
way to make glXSwapBuffers behave as though it implied a glFinish
call.

However, the NVIDIA driver will by default do a busy wait in glFinish,
for reduced latency. Therefore that change dramatically increased CPU
usage. GL_YIELD can be set to USLEEP (case insensitive) to change
the behavior and use usleep instead. When using the NVIDIA driver,
KWin will disable vsync entirely if GL_YIELD isn't set to USLEEP
(case sensitive, a bug in KWin).

However, the NVIDIA driver supports another environment variable,
__GL_MaxFramesAllowed, which can be used to control how many frames
may be queued by glXSwapBuffers. If this is set to 1 the function
will always block until retrace, in line with KWin's expectations.
This allows the now-unnecessary call to glXWaitGL to be removed along
with the logic to conditionally disable vsync, providing a better
experience on NVIDIA hardware.

The patch can be found under https://phabricator.kde.org/D19867 and
upstream (Martin Flöser) recommends to backport it to all older
versions. This also includes Debian Buster (and maybe also Stretch -
not sure about this part)

Bug#922502: plasma-desktop: regional settings allow do select system incompatible locales

2019-02-18 Thread Charlemagne Lasse 
> Control: reassign -1 libqt5core5a/5.11.3+dfsg-2
> Control: affects -1 plasma-desktop
>
> Control: severity -1 important
>
> Please, don't abuse the bugs severity just to get more attention.

I didn't  abuse the severity. The
https://www.debian.org/Bugs/Developer#severities has an entry "makes
unrelated software on the system (or the whole system) break". And
this is the case here. There is no obvious relation between
plasma-desktop/libqt5core5a and the tex-common installation scripts.

The same happened in the tex-common bug (actually worse - they just
closed it). I am under the impression that everyone just wants to
ignore this problem.

Bug#922213: Bug#922500: tex-common: Fails to install with LC_TIME=en_DE.UTF-8

2019-02-17 Thread Charlemagne Lasse 
> On Sun, 17 Feb 2019, Charlemagne Lasse wrote:
> > perl: warning: Setting locale failed.
> > perl: warning: Please check that your locale settings:
> > LANGUAGE = "en_US:en",
> > LC_ALL = (unset),
> > LC_TIME = "en_DE.UTF-8",
> > LANG = "C"
> > are supported and installed on your system.
>
> > locale: Cannot set LC_ALL to default locale: No such file or directory
>
> You have a broken locale setup, there is nothing we can do. luatex needs
> correctly setup locales, but they are not.

But the installation of tex-common should not fail because of this. It
works fine when LC_TIME is not set to C or en_US.UTF-8 and so on
(everything which locales-all provides).

If the installation of a package fails because a user set locale is
wrong then something is terrible broken with your installation
process. I understand that it may fail when the user calls luatex
manually with some incorrect env but not when the installation process
is run.

Setup/Installation happens in the system context. But now you are
telling me that something in the user context is allowed to break the
installation. Nothing in the users env should change the way how the
package installation process behaves. We have /etc for that - not the
user specific env.

What would you say when you swedish system administrator installs
package xyz and suddenly all english-only speaking users of the system
have to deal with a swedish-only installation of xyz - even when the
swedish system admin never explicitly said that a swedish-only version
should be installed? Sounds wrong, correct?

It is a little bit like farting in the face of the reproducible build
folks. Cool, we removed all the non-reproducible behavior in the build
process - lets move all the reproducibility problems in the
installation process.

Maybe the package is assigned incorrectly in this ticket and
dpkg/aptitude/... should sanitize the env. But the ticket should not
be closed so easily.

It is not like I sat down and broke the package on purpose. I just
selected some good looking regional settings in KDE plasma. And
suddenly my texlive installation doesn't work anymore. Not something
which you would expect.

Bug#922502: plasma-desktop: regional settings allow do select system incompatible locales

2019-02-17 Thread Charlemagne Lasse 
See also https://bugs.debian.org/922500

Bug#922502: plasma-desktop: regional settings allow do select system incompatible locales

2019-02-17 Thread Charlemagne Lasse 
Package: plasma-desktop
Version: 4:5.14.5-1
Severity: critical
Justification: makes unrelated software break on the system

The "regional settings" allow to select various regions which are not
available on the system (even with locales-all). An example here is
en_DE (Germany) for "Time". This is then exported at the next login in
the env variable LC_TIME as "en_DE.UTF-8". This is not supported on
any Debian buster installation and is causing other software to break.

Here an example of me trying to install tex-common under the
environment created by the plasma desktop:

sudo aptitude reinstall tex-common
Warning: Invalid locale (please review locale settings, this might
lead to problems later):
  locale::facet::_S_create_c_locale name not valid
The following packages will be REINSTALLED:
  tex-common
0 packages upgraded, 0 newly installed, 1 reinstalled, 0 to remove and
33 not upgraded.
Need to get 53.0 kB of archives. After unpacking 0 B will be used.
Get: 1 http://ftp.de.debian.org/debian buster/main amd64 tex-common
all 6.10 [53.0 kB]
Fetched 53.0 kB in 1s (105 kB/s)
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
apt-listchanges: Can't set locale; make sure $LC_* and $LANG are correct!
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "de_DE.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("de_DE.UTF-8").
locale: Cannot set LC_ALL to default locale: No such file or directory
(Reading database ... 21 files and directories currently installed.)
Preparing to unpack .../tex-common_6.10_all.deb ...
Unpacking tex-common (6.10) over (6.10) ...
Setting up tex-common (6.10) ...
locale: Cannot set LC_ALL to default locale: No such file or directory
Running mktexlsr. This may take some time... done.
Running updmap-sys. This may take some time... done.
Running mktexlsr /var/lib/texmf ... done.
Building format(s) --all.
This may take some time...
fmtutil failed. Output has been stored in
/tmp/fmtutil.kwturaob
Please include this file if you report a bug.

dpkg: error processing package tex-common (--configure):
 installed tex-common package post-installation script subprocess
returned error exit status 1
Processing triggers for man-db (2.8.5-1) ...
Errors were encountered while processing:
 tex-common
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
E: Sub-process /usr/bin/dpkg returned an error code (1)
Setting up tex-common (6.10) ...
locale: Cannot set LC_ALL to default locale: No such file or directory
Running mktexlsr. This may take some time... done.
Running updmap-sys. This may take some time... done.
Running mktexlsr /var/lib/texmf ... done.
Building format(s) --all.
This may take some time...
fmtutil failed. Output has been stored in
/tmp/fmtutil.oXxMEBqv
Please include this file if you report a bug.

dpkg: error processing package tex-common (--configure):
 installed tex-common package post-installation script subprocess
returned error exit status 1
Errors were encountered while processing:
 tex-common





sudo cat /tmp/fmtutil.oXxMEBqv
fmtutil: fmtutil is using the

Bug#922500: tex-common: Fails to install with LC_TIME=en_DE.UTF-8

2019-02-17 Thread Charlemagne Lasse 
Package: tex-common
Version: 6.10
Severity: serious
Justification: Fails to install on a normal KDE installation with
"Germany" setting as Time localization

The installation works fine with LC_TIME=C but not with the setting
generated by KDE LC_TIME=en_DE.UTF-8. The aptitude output follows and
at the end the log file content mentioned in the aptitude output

sudo LC_TIME=en_DE.UTF-8 aptitude reinstall tex-common
Warning: Invalid locale (please review locale settings, this might
lead to problems later):
  locale::facet::_S_create_c_locale name not valid
The following packages will be REINSTALLED:
  tex-common
0 packages upgraded, 0 newly installed, 1 reinstalled, 0 to remove and
33 not upgraded.
Need to get 53.0 kB of archives. After unpacking 0 B will be used.
Get: 1 http://ftp.de.debian.org/debian buster/main amd64 tex-common
all 6.10 [53.0 kB]
Fetched 53.0 kB in 1s (105 kB/s)
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
apt-listchanges: Can't set locale; make sure $LC_* and $LANG are correct!
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "de_DE.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to a fallback locale ("de_DE.UTF-8").
locale: Cannot set LC_ALL to default locale: No such file or directory
(Reading database ... 21 files and directories currently installed.)
Preparing to unpack .../tex-common_6.10_all.deb ...
Unpacking tex-common (6.10) over (6.10) ...
Setting up tex-common (6.10) ...
locale: Cannot set LC_ALL to default locale: No such file or directory
Running mktexlsr. This may take some time... done.
Running updmap-sys. This may take some time... done.
Running mktexlsr /var/lib/texmf ... done.
Building format(s) --all.
This may take some time...
fmtutil failed. Output has been stored in
/tmp/fmtutil.kwturaob
Please include this file if you report a bug.

dpkg: error processing package tex-common (--configure):
 installed tex-common package post-installation script subprocess
returned error exit status 1
Processing triggers for man-db (2.8.5-1) ...
Errors were encountered while processing:
 tex-common
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
E: Sub-process /usr/bin/dpkg returned an error code (1)
Setting up tex-common (6.10) ...
locale: Cannot set LC_ALL to default locale: No such file or directory
Running mktexlsr. This may take some time... done.
Running updmap-sys. This may take some time... done.
Running mktexlsr /var/lib/texmf ... done.
Building format(s) --all.
This may take some time...
fmtutil failed. Output has been stored in
/tmp/fmtutil.oXxMEBqv
Please include this file if you report a bug.

dpkg: error processing package tex-common (--configure):
 installed tex-common package post-installation script subprocess
returned error exit status 1
Errors were encountered while processing:
 tex-common














sudo cat /tmp/fmtutil.oXxMEBqv
fmtutil: fmtutil is using the following fmtutil.cnf files (in precedence order):
fmtutil:   /usr/share/texmf/web2c/fmtutil.cnf
fmtutil:   /usr/share/texlive/texmf-dist/web2c/fmtutil.cnf
fmtutil: fmtutil is using the

Bug#922213: locales-all: Doesn't provide en_DE.UTF-8

2019-02-13 Thread Charlemagne Lasse 
Package: locales-all
Version: 2.28-6
Severity: normal
X-Debbugs-CC: debian-qt-...@lists.debian.org, debian-tex-ma...@lists.debian.org



It is possible under KDE to change the locale to en_DE.UTF-8/German
for some specific parts (e.g. time) but it seems to be missing on the
system even when locales-all is installed.

This breaks various things - here for example when I install
tex-common (via texlive package) and have LC_TIME set to en_DE.UTF-8:

LANG=C sudo aptitude
Warning: Invalid locale (please review locale settings, this might
lead to problems later):
  locale::facet::_S_create_c_locale name not valid
Performing actions...
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_ALL to default locale: No such file or directory
Setting up tex-common (6.10) ...
locale: Cannot set LC_ALL to default locale: No such file or directory
Running mktexlsr. This may take some time... done.
Running updmap-sys. This may take some time... done.
Running mktexlsr /var/lib/texmf ... done.
Building format(s) --all.
This may take some time...
fmtutil failed. Output has been stored in
/tmp/fmtutil.JfWPLgok
Please include this file if you report a bug.

dpkg: error processing package tex-common (--configure):
 installed tex-common package post-installation script subprocess
returned error exit status 1
Errors were encountered while processing:
 tex-common
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = "en_US:en",
LC_ALL = (unset),
LC_TIME = "en_DE.UTF-8",
LANG = "C"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
E: Sub-process /usr/bin/dpkg returned an error code (1)
Setting up tex-common (6.10) ...
locale: Cannot set LC_ALL to default locale: No such file or directory
Running mktexlsr. This may take some time... done.
Running updmap-sys. This may take some time... done.
Running mktexlsr /var/lib/texmf ... done.
Building format(s) --all.
This may take some time...
fmtutil failed. Output has been stored in
/tmp/fmtutil.uxDJVCLH
Please include this file if you report a bug.

dpkg: error processing package tex-common (--configure):
 installed tex-common package post-installation script subprocess
returned error exit status 1
Errors were encountered while processing:
 tex-common
Press Return to continue, 'q' followed by Return to quit.
q






LC_TIME=C LANG=C sudo aptitude
Performing actions...
Setting up tex-common (6.10) ...
Running mktexlsr. This may take some time... done.
Running updmap-sys. This may take some time... done.
Running mktexlsr /var/lib/texmf ... done.
Building format(s) --all.
This may take some time... done.
Press Return to continue, 'q' followed by Return to quit.





sudo tail -n 50 /tmp/fmtutil.uxDJVCLH
(/usr/share/texlive/texmf-dist/tex/generic/hyphen/ibyhyph.tex
Greek hyphenation patterns for Ibycus encoding, v3.0))
) )
Beginning to dump on file mllatex.fmt
(preloaded format=mllatex 2019.2.13)
5212 strings of total length 71738
47758 memory locations dumped; current usage is 144&46999
3492 multiletter control sequences
\font\nullfont=nullfont

Bug#921381: [firefox-esr] Fails to use the correct esr update channel + gmp-components

2019-02-11 Thread Charlemagne Lasse 
> The attached patch can be used to switch firefox-esr to the correct
> MOZ_UPDATE_CHANNEL "esr" instead of "default" (which provided the
> incompatible Gecko Media Plugins widevine and openh264)

The same problem was observed on Gentoo. The gentoo reporter basically
ported the bugfix from this ticket to fix their ebuild:
https://bugs.gentoo.org/677722

Bug#921832: [firefox-esr] FTBFS of security/certverifier/Buffer.cpp

2019-02-09 Thread Charlemagne Lasse 
Source: firefox-esr
Version: 60.5.0esr-1
Severity: grave
Tags: patch
Forwarded: https://bugzilla.mozilla.org/show_bug.cgi?id=1526648

Noticed while trying to prepare the mini fix for https://bugs.debian.org/921381

/usr/bin/g++ -o Unified_cpp_certverifier0.o -c -Ibuster/stl_wrappers
-Ibuster/system_wrappers -include
/build/firefox-esr-60.5.0esr/config/gcc_hidden.h -DNDEBUG=1
-DTRIMMED=1 '-DDLL_PREFIX="lib"' '-DDLL_SUFFIX=".so"'
-DSTATIC_EXPORTABLE_JS_API -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API
-DIMPL_LIBXUL -I/build/firefox-esr-60.5.0esr/security/certverifier
-I/build/firefox-esr-60.5.0esr/build-browser/security/certverifier
-I/build/firefox-esr-60.5.0esr/security/manager/ssl
-I/build/firefox-esr-60.5.0esr/security/pkix/include
-I/build/firefox-esr-60.5.0esr/security/pkix/lib
-I/build/firefox-esr-60.5.0esr/build-browser/dist/include
-I/usr/include/nspr -I/usr/include/nss -fPIC -DMOZILLA_CLIENT -include
/build/firefox-esr-60.5.0esr/build-browser/mozilla-config.h
-Wdate-time -D_FORTIFY_SOURCE=2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2
-Wall -Wempty-body -Wignored-qualifiers -Woverloaded-virtual
-Wpointer-arith -Wsign-compare -Wtype-limits -Wunreachable-code
-Wwrite-strings -Wno-invalid-offsetof -Wc++1z-compat -Wduplicated-cond
-Wimplicit-fallthrough -Wno-error=maybe-uninitialized
-Wno-error=deprecated-declarations -Wno-error=array-bounds
-Wno-error=free-nonheap-object -Wformat -Wformat-overflow=2
-fno-sized-deallocation -fstack-protector-strong -Wformat
-Werror=format-security -fno-schedule-insns2 -fno-lifetime-dse
-fno-delete-null-pointer-checks -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2
-fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections
-fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -g
-freorder-blocks -O2 -fomit-frame-pointer -Wall -Wextra
-Wunreachable-code -Wno-unused-parameter  -MD -MP -MF
.deps/Unified_cpp_certverifier0.o.pp
/build/firefox-esr-60.5.0esr/build-browser/security/certverifier/Unified_cpp_certverifier0.cpp
In file included from
/build/firefox-esr-60.5.0esr/build-browser/security/certverifier/Unified_cpp_certverifier0.cpp:20:
/build/firefox-esr-60.5.0esr/security/certverifier/Buffer.cpp: In
function 'bool mozilla::operator==(const Buffer&, const Buffer&)':
/build/firefox-esr-60.5.0esr/security/certverifier/Buffer.cpp:14:11:
error: 'memcmp' was not declared in this scope
   memcmp(a.begin(), b.begin(), a.length()) == 0);
   ^~
/build/firefox-esr-60.5.0esr/security/certverifier/Buffer.cpp:14:11:
note: 'memcmp' is defined in header ''; did you forget to
'#include '?
/build/firefox-esr-60.5.0esr/security/certverifier/Buffer.cpp:1:1:
+#include 
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/build/firefox-esr-60.5.0esr/security/certverifier/Buffer.cpp:14:11:
   memcmp(a.begin(), b.begin(), a.length()) == 0);
   ^~
make[6]: *** [/build/firefox-esr-60.5.0esr/config/rules.mk:1056:
Unified_cpp_certverifier0.o] Error 1
make[6]: Leaving directory
'/build/firefox-esr-60.5.0esr/build-browser/security/certverifier'
make[5]: *** [/build/firefox-esr-60.5.0esr/config/recurse.mk:73:
security/certverifier/target] Error 2
make[5]: Leaving directory '/build/firefox-esr-60.5.0esr/build-browser'
make[4]: *** [/build/firefox-esr-60.5.0esr/config/recurse.mk:33:
compile] Error 2
make[4]: Leaving directory '/build/firefox-esr-60.5.0esr/build-browser'
make[3]: *** [/build/firefox-esr-60.5.0esr/config/rules.mk:442: default] Error 2
make[3]: Leaving directory '/build/firefox-esr-60.5.0esr/build-browser'
dh_auto_build: cd build-browser && make -j1
LD_LIBS=-Wl,--no-gc-sections _LEAKTEST_FILES=leaktest.py returned exit
code 2
make[2]: *** [debian/rules:227: stamps/build-browser] Error 2
make[2]: Leaving directory '/build/firefox-esr-60.5.0esr'
make[1]: *** [debian/rules:336: build-arch] Error 2
make[1]: Leaving directory '/build/firefox-esr-60.5.0esr'
make: *** [debian/rules:336: build] Error 2
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
From: Charlemange Lasse 
Date: Sat, 9 Feb 2019 10:08:10 +0100
Subject: [PATCH] Fix FTBFS of security/certverifier/Buffer.cpp
---
 debian/changelog |  1 +
 .../Bug-1526648-Include-cstring-for-memcmp.patch | 12 
 debian/patches/series|  1 +
 3 files changed, 14 insertions(+)
 create mode 100644 debian/patches/fixes/Bug-1526648-Include-cstring-for-memcmp.patch

--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,7 @@ firefox-esr (60.5.0esr-2) UNRELEASED; urgency=medium
 
   * Fix download of esr compatible Gecko Media Plugins (widevine, openh264) by
 switching to "esr" update channel (Closes: #921381, #921121, #921654)
+  * Fix FTBFS of security/certverifier/Buffer.cpp (Closes: #-TODO)
 
  -- Charlemange Lasse   Sat, 09 Feb 2019 08:47:47 +0100
 
--- /dev/null
+++ b/debian/patches/fixes/Bug-1526648-Include-cstring-for-memcmp.patch
@@ -0,0 +1,12 @@
+diff --git

Bug#921381: [firefox-esr] Fails to use the correct esr update channel + gmp-components

2019-02-09 Thread Charlemagne Lasse 
forcemerge 921381 921654 921121
tags 921381 + patch sid buster stretch
found 921381 60.5.0esr-1
thanks

The attached patch can be used to switch firefox-esr to the correct
MOZ_UPDATE_CHANNEL "esr" instead of "default" (which provided the
incompatible Gecko Media Plugins widevine and openh264)
From: Charlemange Lasse 
Date: Sat, 9 Feb 2019 08:53:20 +0100
Subject: [PATCH] Switch to ESR update channel for GMP downloads

It was noticed that the Debian stretch version (and most likely also the
Debian buster) of firefox-esr uses the wrong channel to search for
components. As result, the downloaded components don't work with the esr
browser and break major parts of the multimedia features of the browser.

This was also confirmed by a Mozilla developer
https://bugzilla.mozilla.org/show_bug.cgi?id=1524830#c4

The fix is to use MOZ_UPDATE_CHANNEL "esr" and not "default".
---
 debian/browser.mozconfig.in | 1 +
 debian/changelog| 9 +
 2 files changed, 10 insertions(+)

--- a/debian/browser.mozconfig.in
+++ b/debian/browser.mozconfig.in
@@ -43,3 +43,4 @@ ac_add_options --disable-updater
 ac_add_options --enable-pie
 ac_add_options --with-unsigned-addon-scopes=app,system
 ac_add_options --enable-alsa
+ac_add_options --enable-update-channel=esr
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+firefox-esr (60.5.0esr-2) UNRELEASED; urgency=medium
+
+  [ Charlemagne Lasse ]
+
+  * Fix download of esr compatible Gecko Media Plugins (widevine, openh264) by
+switching to "esr" update channel (Closes: #921381, #921121, #921654)
+
+ -- Charlemange Lasse   Sat, 09 Feb 2019 08:47:47 +0100
+
 firefox-esr (60.5.0esr-1) unstable; urgency=medium
 
   * New upstream release.

Bug#921823: chromium: FTBFS of vaapi_wrapper.cc in i386/armhf (pointer casting)

2019-02-09 Thread Charlemagne Lasse 
Source: chromium
Version: 72.0.3626.81-1
Severity: grave
X-Debbugs-CC: 856...@bugs.debian.org

FAILED: obj/media/gpu/vaapi/vaapi/vaapi_wrapper.o
g++ -MMD -MF obj/media/gpu/vaapi/vaapi/vaapi_wrapper.o.d
-DMEDIA_GPU_IMPLEMENTATION -DV8_DEPRECATION_WARNINGS -DUSE_UDEV
-DUSE_AURA=1 -DUSE_GLIB=1 -DUSE_NSS_CERTS=1 -DUSE_X11=1 -DNO_TCMALLOC
-DFULL_SAFE_BROWSING -DSAFE_BROWSING_CSD -DSAFE_BROWSING_DB_LOCAL
-DCHROMIUM_BUILD -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
-D_LARGEFILE64_SOURCE -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS
-D_FORTIFY_SOURCE=2 -DNDEBUG -DNVALGRIND
-DDYNAMIC_ANNOTATIONS_ENABLED=0
-DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_32
-DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_26 -DVK_NO_PROTOTYPES
-DGL_GLEXT_PROTOTYPES -DUSE_GLX -DUSE_EGL -DSK_HAS_PNG_LIBRARY
-DSK_HAS_WEBP_LIBRARY -DSK_HAS_JPEG_LIBRARY
-DSK_VULKAN_HEADER=\"../../skia/config/SkVulkanConfig.h\"
-DSK_VULKAN=1 -DSK_SUPPORT_GPU=1
-DSK_GPU_WORKAROUNDS_HEADER=\"gpu/config/gpu_driver_bug_workaround_autogen.h\"
-DVK_NO_PROTOTYPES -DUSING_SYSTEM_ICU=1
-DICU_UTIL_DATA_IMPL=ICU_UTIL_DATA_STATIC -DUCHAR_TYPE=uint16_t
-DU_IMPORT=U_EXPORT -DGOOGLE_PROTOBUF_NO_RTTI
-DGOOGLE_PROTOBUF_NO_STATIC_INITIALIZER -DHAVE_PTHREAD
-DLEVELDB_PLATFORM_CHROMIUM=1 -DLEVELDB_PLATFORM_CHROMIUM=1 -I../..
-Igen -I../../third_party/libyuv/include
-Igen/shim_headers/libevent_shim -Igen/shim_headers/libpng_shim
-Igen/shim_headers/libwebp_shim -Igen/shim_headers/icuuc_shim
-Igen/shim_headers/zlib_shim -I../../third_party/khronos -I../../gpu
-Igen/shim_headers/libdrm_shim -I../../third_party/vulkan/include
-Igen/shim_headers/icui18n_shim -Igen/shim_headers/re2_shim
-Igen/shim_headers/ffmpeg_shim -Igen/shim_headers/libvpx_shim
-Igen/shim_headers/snappy_shim -Igen/shim_headers/opus_shim
-I../../skia/config -I../../skia/ext
-I../../third_party/skia/include/c
-I../../third_party/skia/include/config
-I../../third_party/skia/include/core
-I../../third_party/skia/include/docs
-I../../third_party/skia/include/effects
-I../../third_party/skia/include/encode
-I../../third_party/skia/include/gpu
-I../../third_party/skia/include/pathops
-I../../third_party/skia/include/ports
-I../../third_party/skia/include/utils
-I../../third_party/vulkan/include
-I../../third_party/skia/third_party/vulkanmemoryallocator
-I../../third_party/skia/include/codec
-I../../third_party/skia/src/gpu -I../../third_party/skia/src/sksl
-I../../third_party/skia/modules/skottie/include
-I../../third_party/vulkan/include -I../../third_party/ced/src
-I../../third_party/protobuf/src -I../../third_party/mesa_headers
-I../../third_party/libwebm/source -I../../third_party/protobuf/src
-Igen/protoc_out -I../../third_party/leveldatabase
-I../../third_party/leveldatabase/src
-I../../third_party/leveldatabase/src/include -fno-strict-aliasing
--param=ssp-buffer-size=4 -fstack-protector
-Wno-builtin-macro-redefined -D__DATE__= -D__TIME__= -D__TIMESTAMP__=
-funwind-tables -fPIC -pipe -pthread -march=armv7-a -mfloat-abi=hard
-mtune=generic-armv7-a -mfpu=vfpv3-d16 -mthumb -Wall -Wno-psabi
-Wno-unused-local-typedefs -Wno-maybe-uninitialized
-Wno-deprecated-declarations -Wno-comments
-Wno-missing-field-initializers -Wno-unused-parameter -O2 -fno-ident
-fdata-sections -ffunction-sections -fno-omit-frame-pointer -g0
-fvisibility=hidden -I/usr/include/glib-2.0
-I/usr/lib/arm-linux-gnueabihf/glib-2.0/include -std=gnu++14
-Wno-narrowing -fno-exceptions -fno-rtti -fvisibility-inlines-hidden
-Wdate-time -D_FORTIFY_SOURCE=2 -Wno-pedantic -Wno-unused-function
-Wno-unused-variable -Wno-unused-but-set-variable
-Wno-deprecated-declarations  -Wno-return-type
-Wno-misleading-indentation  -Wno-attributes -Wno-subobject-linkage
-Wno-ignored-attributes -Wno-address -Wno-dangling-else
-Wno-class-memaccess -Wno-invalid-offsetof -Wno-packed-not-aligned
-Wno-pedantic -Wno-unused-function -Wno-unused-variable
-Wno-unused-but-set-variable -Wno-deprecated-declarations
-Wno-return-type -Wno-misleading-indentation  -Wno-attributes
-Wno-subobject-linkage  -Wno-ignored-attributes -Wno-address
-Wno-dangling-else -Wno-class-memaccess -Wno-invalid-offsetof
-Wno-packed-not-aligned  -c ../../media/gpu/vaapi/vaapi_wrapper.cc -o
obj/media/gpu/vaapi/vaapi/vaapi_wrapper.o
../../media/gpu/vaapi/vaapi_wrapper.cc: In member function
'scoped_refptr
media::VaapiWrapper::CreateVASurfaceForPixmap(const
scoped_refptr&)':
../../media/gpu/vaapi/vaapi_wrapper.cc:1012:38: error: invalid
conversion from 'long unsigned int*' to 'uintptr_t*' {aka 'unsigned
int*'} [-fpermissive]
   va_attrib_extbuf.buffers = fds.data();
  ^~

https://buildd.debian.org/status/fetch.php?pkg=chromium=armhf=72.0.3626.81-1=1549182249=0
https://buildd.debian.org/status/fetch.php?pkg=chromium=i386=72.0.3626.81-1=1549136121=0

Bug#921738: chromium-widevine: Widevine does not work with Netflix

2019-02-08 Thread Charlemagne Lasse 
tags 921738 + wontfix
bye

This package is *not* widevine. It is the *support* for the legacy
widevine cdm. You still have to download the widevine cdm from
widevine.com/google. Google prohibits its distribution without a
license:

> "Google Inc. and its affiliates ("Google") own all legal right, title and
> interest in and to the content decryption module software ("Software") and
> related documentation, including any intellectual property rights in the
> Software. You may not use, modify, sell, or otherwise distribute the Software
> without a separate license agreement with Google.  The Software is not open
> source software.
>
> If you are interested in licensing the Software, please contact
> widev...@google.com.

This package was removed from newer releases of the chromium package.
The new widevine cdm module (4.10.1196.0) will be loaded directly by
the browser from /usr/lib/chromium/libwidevinecdm.so when you have a
version installed which isn't affected by
https://bugs.debian.org/916058 - you still have to get
libwidevinecdm.so

If you are interested in automatically installing this plugin then
please use the approach by
https://tracker.debian.org/pkg/pepperflashplugin-nonfree and upload
the download helper to contrib/web.

As far as I know, Mozilla has a license to use widevine but not a
license to distribute it. Steam/Valve maybe has a license to
redistribute it (I could be wrong but I thought that it was in their
steam runtime) and the chrome team definitely has a license to
distribute it.

You have to contact netflix directly about their wrong help message

Bug#921646: kdepim-runtime: akonadi_imap_resource fails to download gmail content

2019-02-07 Thread Charlemagne Lasse 
Package: kdepim-runtime
Version: 4:18.08.3-1
Severity: important

I've spend now a week trying to get may my gmail imap downloaded.
I am using the standard settings from imap with imap server set to
imap.gmail.com. It downloads the mails  of a single year (2015) and
then shows it stops suddenly

After a couple of minutes it then starts the download again (starting a 0%)
but cancels itself again after a couple of seconds (when it reaches 4%).

AgentBase(akonadi_imap_resource_14): killed
AgentBase(akonadi_imap_resource_14): Unable to connect to the IMAP server.

and sometimes it also only shows:

AgentBase(akonadi_imap_resource_14): Connection lost

I've tried to restart akonoadi, reboot the pc, remove and readd the imap
account and to completely remove the akonadi files and restart the PC. Nothing
worked and it is always it this state.

It is basically impossible to use kmail at the moment for me with gmail. It
was working fine with Debian stretch.

I am only minutes away from throwing my PC against a wall.

Bug#921521: chromium-browser: CVE/Security fixes missing in stable-sec

2019-02-06 Thread Charlemagne Lasse 
Package: chromium
Version: 71.0.3578.80-1~deb9u1
Severity: serious

The stable-sec package is stuck with version 71.0.3578.80 and is
missing security updates for several CVEs.  Take for example the list
from 72.0.3626.81

- Stack buffer overflow in Skia. Reported by Ivan Fratric
- Use after free in Mojo, FileAPI, and Payments. Reported by Mark Brand
- CVE-2018-17481: Use after free in PDFium. Reported by Anonymous
- CVE-2019-5754: Inappropriate implementation in QUIC Networking. Reported
  by Klzgrad
- CVE-2019-5755: Inappropriate implementation in V8. Reported by Jay
  Bosamiya
- CVE-2019-5756: Use after free in PDFium. Reported by Anonymous
- CVE-2019-5757: Type Confusion in SVG. Reported by Alexandru Pitis
- CVE-2019-5758: Use after free in Blink. Reported by Zhe Jin
- CVE-2019-5759: Use after free in HTML select elements. Reported by Almog
  Benin
- CVE-2019-5760: Use after free in WebRTC. Reported by Zhe Jin
- CVE-2019-5762: Use after free in PDFium. Reported by Anonymous
- CVE-2019-5763: Insufficient validation of untrusted input in V8.
  Reported by Guang Gong
- CVE-2019-5764: Use after free in WebRTC. Reported by Eyal Itkin
- CVE-2019-5765: Insufficient policy enforcement in the browser. Reported
  by Sergey Toshin
- CVE-2019-5766: Insufficient policy enforcement in Canvas. Reported by
  David Erceg
- CVE-2019-5767: Incorrect security UI in WebAPKs. Reported by Haoran Lu,
  Yifan Zhang, Luyi Xing, and Xiaojing Liao
- CVE-2019-5768: Insufficient policy enforcement in DevTools. Reported by
  Rob Wu
- CVE-2019-5769: Insufficient validation of untrusted input in Blink.
  Reported by Guy Eshel
- CVE-2019-5770: Heap buffer overflow in WebGL. Reported by hemidallt
- CVE-2019-5772: Use after free in PDFium. Reported by Zhen Zhou
- CVE-2019-5773: Insufficient data validation in IndexedDB. Reported by
  Yongke Wang
- CVE-2019-5774: Insufficient validation of untrusted input in
  SafeBrowsing. Reported by Junghwan Kang and Juno Im
- CVE-2019-5775: Insufficient policy enforcement in Omnibox. Reported by
  evi1m0
- CVE-2019-5776: Insufficient policy enforcement in Omnibox. Reported by
  Lnyas Zhang
- CVE-2019-5777: Insufficient policy enforcement in Omnibox. Reported by
  Khalil Zhani
- CVE-2019-5778: Insufficient policy enforcement in Extensions. Reported
  by David Erceg
- CVE-2019-5779: Insufficient policy enforcement in ServiceWorker.
  Reported by David Erceg
- CVE-2019-5780: Insufficient policy enforcement. Reported by Andreas
  Hegenberg
- CVE-2019-5781: Insufficient policy enforcement in Omnibox. Reported by
  evi1m0
- CVE-2019-5782: Inappropriate implementation in V8 reported by Qixun Zhao
- CVE-2019-5783: Insufficient validation of untrusted input in DevTools.
  Reported by Shintaro Kobori

Bug#921381: [firefox-esr] Fails to use the correct esr update channel + gmp-components

2019-02-04 Thread Charlemagne Lasse 
Package: firefox-esr
Version: 60.5.0esr-1~deb9u1
Severity: important
X-Debbugs-CC: bvan...@mozilla.com

It was noticed that the Debian stretch version (and most likely also the
Debian buster) of firefox-esr uses the wrong channel to search for
components. As result, the downloaded components don't work with the esr
browser and break major parts of the multimedia features of the browser.

This was also confirmed by a Mozilla developer
https://bugzilla.mozilla.org/show_bug.cgi?id=1524830#c4

The fix is to use MOZ_UPDATE_CHANNEL "esr" and not "default". One place
which is affected by it is

$ grep app.update.channel /usr/lib/firefox-esr/defaults/pref/channel-prefs.js
pref("app.update.channel", "default");

This should be "esr" and not "default".

Bug#911433: [nvidia-driver] Update to 410.66

2018-10-19 Thread Charlemagne Lasse 
Source: nvidia-driver
Severity: wishlist

The new driver version is required to support the current generation
of nvidia GPUs:

Added support for the following GPUs:

GeForce RTX 2070
GeForce RTX 2080 Ti
GeForce RTX 2080
Quadro P5200 with Max-Q Design
Quadro P4200 with Max-Q Design
Quadro P2000 with Max-Q Design

https://www.nvidia.com/Download/driverResults.aspx/138959/en-us


I am currently unable to work under Debian because of the missing driver package


--- System information. ---
Architecture:
Kernel:   Linux 4.18.0-2-amd64

Debian Release: buster/sid
  500 testing-debug   debug.mirrors.debian.org
  500 testing deb.debian.org
1 testing www.deb-multimedia.org

--- Package information. ---
Package's Depends field is empty.

Package's Recommends field is empty.

Package's Suggests field is empty.

Bug#904652: pulseaudio: looses device and replace it with dummy package so no sound possible

2018-07-28 Thread Charlemagne Lasse 
found 904652 11.1-5
thanks

> i didn't do anything.
> Upgrading the system like always.
> Suddenly there was no sound available.

Change /etc/pulse/default.pa to automatically load module-alsa-sink on
boot (module-udev-detect is broken and will not load the alsa-sink
anymore)

This is also a problem in buster (which is still using 11.1-5)

Bug#898643: [python-keyring] update to keyring 12.x

2018-05-14 Thread Charlemagne Lasse 
Source: python-keyring
Version: 10.1-1
Severity: normal

The gajim developers asked me to test 12.x of python keyring. These
seems to fix a problem with their login system. See
https://dev.gajim.org/gajim/gajim/issues/9126#note_186025

Bug#888605: [gajim] Regression: kwallet integration missing

2018-02-09 Thread Charlemagne Lasse 
Source: gajim
Source-Version: 1.0.0~beta1-1

Seems to work here. Thanks

Bug#889809: [linux] Fails to compile external modules

2018-02-07 Thread Charlemagne Lasse 
Source: linux
Version: 4.14.13-1~bpo9+1
Severity: normal
X-Debbugs-CC: backpo...@vger.kernel.org

It seems like the current kernel in stretch backporst and in buster
has problems when compiling external modules against it. This worked
fine in the past. Also works fine when compiling against a manually
compiled 4.14 Linux kernel. So it seems to be a Debian specific
regression. Here are some examples

$ curl https://mirror2.openwrt.org/sources/backports-2017-11-01.tar.xz|tar xvJ
$ make -C backports-2017-11-01 defconfig-ath9k
$ make -C backports-2017-11-01
make: Entering directory '/usr/src/backports-2017-11-01'
make[5]: 'conf' is up to date.
#
# configuration written to .config
#
Building backport-include/backport/autoconf.h ... done.
In file included from :0:0:
/usr/src/backports-2017-11-01/backport-include/backport/backport.h:3:32:
fatal error: generated/autoconf.h: No such file or directory
 #include 
^
compilation terminated.
In file included from :0:0:
/usr/src/backports-2017-11-01/backport-include/backport/backport.h:3:32:
fatal error: generated/autoconf.h: No such file or directory
 #include 


$ curl 
https://downloads.open-mesh.org/batman/stable/sources/batman-adv/batman-adv-2017.4.tar.gz|tar
xvz
$ make -C batman-adv-2017.4
make: Entering directory '/usr/src/batman-adv-2017.4'
/usr/src/batman-adv-2017.4/gen-compat-autoconf.sh
/usr/src/batman-adv-2017.4/compat-autoconf.h
mkdir -p /usr/src/batman-adv-2017.4/build/net/batman-adv/
compat-patches/replacements.sh
touch /usr/src/batman-adv-2017.4/build/net/batman-adv/.compat-prepared
make -C /lib/modules/4.14.0-0.bpo.3-amd64/build
M=/usr/src/batman-adv-2017.4/build
PWD=/usr/src/batman-adv-2017.4/build REVISION= CONFIG_BATMAN_ADV=m
CONFIG_BATMAN_ADV_DEBUG=n CONFIG_BATMAN_ADV_DEBUGFS=y
CONFIG_BATMAN_ADV_BLA=y CONFIG_BATMAN_ADV_DAT=y CONFIG_BATMAN_ADV_NC=n
CONFIG_BATMAN_ADV_MCAST=y CONFIG_BATMAN_ADV_BATMAN_V=n
INSTALL_MOD_DIR=updates/  modules
make[1]: Entering directory '/usr/src/linux-headers-4.14.0-0.bpo.3-amd64'
In file included from :31:0:
/usr/src/batman-adv-2017.4/build/../compat.h:24:52: fatal error:
linux/version.h: No such file or directory
 #include  /* LINUX_VERSION_CODE */
^
compilation terminated.
In file included from :31:0:
/usr/src/batman-adv-2017.4/build/../compat.h:24:52: fatal error:
linux/version.h: No such file or directory
 #include  /* LINUX_VERSION_CODE */
^
compilation terminated.

--- System information. ---
Architecture:
Kernel:   Linux 4.14.0-0.bpo.3-amd64

Debian Release: 9.3
  500 stable  security.debian.org
  500 stable  httpredir.debian.org
  100 stretch-backports httpredir.debian.org

Bug#888605: [gajim] Regression: kwallet integration missing

2018-02-03 Thread Charlemagne Lasse 
forwarded 888605 https://dev.gajim.org/gajim/gajim/issues/8875
tags 888605 + patch
thanks

The problem is fixed in
https://dev.gajim.org/gajim/gajim/merge_requests/206. The kwalletcli
dependency has to be dropped in debian (it is wrong at the moment
anyway) and instead it now has to depend on python3-keyring and
python3-dbus

Bug#888611: [gajim] Fails to keep connection against prosody 0.9.12-2 (Debian Stretch)

2018-01-27 Thread Charlemagne Lasse 
Package: gajim
Version: 1.0.0~alpha2-1
Severity: normal

The gajim version from Debian Stretch worked fine but now with gajim
1.0.0~alpha2-1 (0.98.2 according to the about page), the connection
drops all the time against a prosody 0.9.12-2 server (Debian Stretch).
I see following in the XML log:


























This makes it impossible to use gajim for me.


--- System information. ---
Architecture:
Kernel:   Linux 4.14.0-3-amd64

Debian Release: buster/sid
  500 testing-debug   debug.mirrors.debian.org
  500 testing httpredir.debian.org
1 testing www.deb-multimedia.org

--- Package information. ---
Depends  (Version) | Installed
==-+-==
python3-nbxmpp  (>= 0.6.0) | 0.6.2-1
python3-openssl  (>= 0.12) | 17.5.0-1
python3-pyasn1 | 0.4.2-3
python3:any  (>= 3.3.2-2~) |
gir1.2-gtk-3.0 | 3.22.26-2
python3| 3.6.4-1
python3-gi | 3.26.1-2
python3-gi-cairo   | 3.26.1-2
python3-idna   | 2.6-1


Recommends   (Version) | Installed
==-+-===
aspell-en  | 2017.08.24-0-0.1
 OR aspell-dictionary  |
ca-certificates| 20170717
dbus   | 1.12.2-1
fonts-noto-color-emoji | 0~20180102-1
gajim-omemo (>= 2.5.1) | 2.5.4-1
gajim-pgp  | 1.2.1-2
gir1.2-farstream-0.2   | 0.2.8-2
gir1.2-geoclue-2.0 | 2.4.7-1
gir1.2-gspell-1| 1.6.1-1
gir1.2-gst-plugins-base-1.0| 1.12.4-1
gir1.2-gstreamer-1.0   | 1.12.4-1
gir1.2-gupnpigd-1.0| 0.2.4-2
gir1.2-networkmanager-1.0  | 1.10.2-1
gir1.2-secret-1| 0.18.5-5
gstreamer0.10-plugins-ugly |
notification-daemon| 3.20.0-2
pulseaudio-utils   | 11.1-4
 OR alsa-utils | 1.1.3-1
 OR sox| 14.4.2-3
 OR oss4-base  |
python3-crypto | 2.6.1-8
python3-dbus (>= 0.81) | 1.2.4-1+b4
python3-gnupg   (>= 0.4.1) | 0.4.1-1
python3-pil| 4.3.0-2
python3-precis-i18n|


Suggests  (Version) | Installed
===-+-===
avahi-daemon| 0.7-3
libxss1 |
nautilus-sendto |
python3-avahi   |
python3-gconf   |
python3-gnome2  |
python3-kerberos   (>= 1.1) |
python3-pycurl  |

Bug#888609: [smb4k] Retrieving the list of available domains failed

2018-01-27 Thread Charlemagne Lasse 
Package: smb4k
Version: 2.0.2-1
Severity: normal

smb4k shows me following when it gets started under Debian buster:

Retrieving the list of available domains failed:
Usage: [-?fMRSTrAV] [-?|--help] [--usage] [-B|--broadcast=BROADCAST-ADDRESS]
[-f|--flags] [-U|--unicast=STRING] [-M|--master-browser]
[-R|--recursion] [-S|--status] [-T|--translate] [-r|--root-port]
[-A|--lookup-by-ip] [-d|--debuglevel=DEBUGLEVEL]
[-s|--configfile=CONFIGFILE] [-l|--log-basename=LOGFILEBASE]
[-V|--version] [--option=name=value]
[-O|--socket-options=SOCKETOPTIONS] [-n|--netbiosname=NETBIOSNAME]
[-W|--workgroup=WORKGROUP] [-i|--scope=SCOPE] ...


--- System information. ---
Architecture:
Kernel:   Linux 4.14.0-3-amd64

Debian Release: buster/sid
  500 testing-debug   debug.mirrors.debian.org
  500 testing httpredir.debian.org
1 testing www.deb-multimedia.org

--- Package information. ---
Depends  (Version) | Installed
==-+-==
cifs-utils  (>= 2:4.1) | 2:6.7-1
samba-common-bin (>= 2:3.4.7~dfsg) | 2:4.7.4+dfsg-1
smbclient(>= 2:3.4.7~dfsg) | 2:4.7.4+dfsg-1
kio| 5.37.0-2
libc6(>= 2.14) |
libkf5auth5(>= 4.96.0) |
libkf5completion5  (>= 4.97.0) |
libkf5configcore5  (>= 4.98.0) |
libkf5configgui5   (>= 4.97.0) |
libkf5configwidgets5   (>= 4.96.0) |
libkf5coreaddons5   (>= 5.2.0) |
libkf5dbusaddons5  (>= 4.97.0) |
libkf5i18n5(>= 4.97.0) |
libkf5iconthemes5  (>= 5.11.0) |
libkf5jobwidgets5  (>= 4.96.0) |
libkf5kiocore5 (>= 4.96.0) |
libkf5kiowidgets5(>= 5.5.0+git20141226.0011+15.04) |
libkf5notifications5   (>= 4.96.0) |
libkf5parts5   (>= 4.96.0) |
libkf5solid5   (>= 4.97.0) |
libkf5wallet-bin   |
libkf5wallet5  (>= 4.96.0) |
libkf5widgetsaddons5   (>= 4.96.0) |
libkf5windowsystem5(>= 4.96.0) |
libkf5xmlgui5  (>= 4.98.0) |
libqt5core5a   (>= 5.9.0~beta) |
libqt5gui5  (>= 5.7.0) |
libqt5network5  (>= 5.0.2) |
libqt5printsupport5 (>= 5.0.2) |
libqt5test5 (>= 5.0.2) |
libqt5widgets5  (>= 5.7.0) |
libstdc++6  (>= 4.1.1) |


Recommends  (Version) | Installed
=-+-===
sudo  | 1.8.21p2-3


Suggests(Version) | Installed
=-+-===
kwalletmanager| 4:17.08.3-1

Bug#888605: [gajim] Regression: kwallet integration missing

2018-01-27 Thread Charlemagne Lasse 
Package: gajim
Version: 1.0.0~alpha2-1
Severity: important

The kwallet integration was done in the gajim stretch version using
kwalletcli. But upstream removed it in 13a61d76187c ("Remove support for GNOME
Keyring and KWalletCLI, instead always use libsecret.") without a replacement
for KDE. The kwallet can  currently no longer be used with this gajim version.
This is a regression compared to the older version.

Either kwalletcli is added again to gajim or org.freedesktop.secrets dbus
support must be added to kwalletd5


--- System information. ---
Architecture:
Kernel:   Linux 4.14.0-3-amd64

Debian Release: buster/sid
  500 testing-debug   debug.mirrors.debian.org
  500 testing httpredir.debian.org
1 testing www.deb-multimedia.org

--- Package information. ---
Depends  (Version) | Installed
==-+-==
python3-nbxmpp  (>= 0.6.0) | 0.6.2-1
python3-openssl  (>= 0.12) | 17.5.0-1
python3-pyasn1 | 0.4.2-3
python3:any  (>= 3.3.2-2~) |
gir1.2-gtk-3.0 | 3.22.26-2
python3| 3.6.4-1
python3-gi | 3.26.1-2
python3-gi-cairo   | 3.26.1-2
python3-idna   | 2.6-1


Recommends   (Version) | Installed
==-+-===
aspell-en  | 2017.08.24-0-0.1
 OR aspell-dictionary  |
ca-certificates| 20170717
dbus   | 1.12.2-1
fonts-noto-color-emoji | 0~20180102-1
gajim-omemo (>= 2.5.1) | 2.5.4-1
gajim-pgp  | 1.2.1-2
gir1.2-farstream-0.2   | 0.2.8-2
gir1.2-geoclue-2.0 | 2.4.7-1
gir1.2-gspell-1| 1.6.1-1
gir1.2-gst-plugins-base-1.0| 1.12.4-1
gir1.2-gstreamer-1.0   | 1.12.4-1
gir1.2-gupnpigd-1.0| 0.2.4-2
gir1.2-networkmanager-1.0  | 1.10.2-1
gir1.2-secret-1| 0.18.5-5
gstreamer0.10-plugins-ugly |
notification-daemon| 3.20.0-2
pulseaudio-utils   | 11.1-4
 OR alsa-utils | 1.1.3-1
 OR sox| 14.4.2-3
 OR oss4-base  |
python3-crypto | 2.6.1-8
python3-dbus (>= 0.81) | 1.2.4-1+b4
python3-gnupg   (>= 0.4.1) | 0.4.1-1
python3-pil| 4.3.0-2
python3-precis-i18n|


Suggests  (Version) | Installed
===-+-===
avahi-daemon| 0.7-3
libxss1 |
nautilus-sendto |
python3-avahi   |
python3-gconf   |
python3-gnome2  |
python3-kerberos   (>= 1.1) |
python3-pycurl  |

Bug#888442: [nftables] Crash when list(ing) ip6tables-compat CT rules

2018-01-25 Thread Charlemagne Lasse 
Package: nftables
Version: 0.7-1
Severity: important

The nft list crashes when an ip6tables-compat CT rule is found also in
iptables-compat. This is either an assert with 0.7-1 or a segfault
with 0.8-2~bpo9+1.

# nft flush ruleset
# nft list ruleset
# iptables-compat -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# nft list ruleset
table ip filter {
   chain INPUT {
   type filter hook input priority 0; policy accept;
   ct state related,established counter packets 0 bytes 0 accept
   }

   chain FORWARD {
   type filter hook forward priority 0; policy accept;
   }

   chain OUTPUT {
   type filter hook output priority 0; policy accept;
   }
}
# ip6tables-compat -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# nft list ruleset
BUG: XT match conntrack not found
nft: xt.c:208: netlink_parse_match: Assertion `0' failed.
Aborted


--- System information. ---
Architecture:
Kernel:   Linux 4.9.65-3+deb9u2

Debian Release: 9.3
  500 stable  security.debian.org
  500 stable  httpredir.debian.org
  100 stretch-backports httpredir.debian.org
1 stable  www.deb-multimedia.org

--- Package information. ---
Depends   (Version) | Installed
===-+-
init-system-helpers  (>= 1.18~) | 1.48
libc6 (>= 2.15) |
libgmp10|
libmnl0   (>= 1.0.3-4~) |
libnftnl4   (>= 1.0.5+snapshot20160416) |
libreadline7   (>= 6.0) |
libxtables12|


Package's Recommends field is empty.

Package's Suggests field is empty.

Bug#863475: [prosody] Fails to initiate s2s when lua-event 0.4.3 is installed

2017-05-27 Thread Charlemagne Lasse 
Package: prosody
Version: 0.9.12-1
Severity: serious
Tags: patch stretch

Prosody fails to intiate S2S connections when lua-event 0.4.3 is
installed. This bug was already fixed in the 0.10 branch of prosody
but is still present on Debian stretch (which is shipped with
lua-event 0.4.3)

The fix can be found at https://prosody.im/issues/issue/555

Errors in the log are:

May 27 13:47:24 adnswarnDNS socket for 8.8.8.8
disconnected: connection timeout
May 27 13:47:39 adnswarnDNS socket for 8.8.4.4
disconnected: connection timeout
May 27 13:47:59 adnswarnDNS socket for 8.8.8.8
disconnected: connection timeout
May 27 13:47:59 adnserror   Exhausted all 2 configured DNS
servers, next lookup will try 8.8.4.4 again
May 27 13:48:04 s2sout55ea3204b2d0  infoOut of connection
options, can't connect to jabber.linux.it
May 27 13:48:04 s2sout55ea3204b2d0  infoSending error
replies for 2 queued stanzas because of failed outgoing connection to
jabber.linux.it

The problem can either be resolved by backporting the fix or marking
lua-event 0.4.3 as conflict (and remove it from the Recommended
field).

Marking this as serious bug because federation is an extreme important
part of XMPP/Jabber

--- System information. ---
Architecture:
Kernel:   Linux 4.9.0-3-amd64

Debian Release: 9.0
  500 testing-debug   debug.mirrors.debian.org
  500 testing httpredir.debian.org

Bug#842710: [gcc-6] Fails to compile OpenWrt/LEDE prereq-build

2016-10-31 Thread Charlemagne Lasse 
Package: gcc-6
Version: 6.2.0-10
Severity: serious
X-Debbugs-CC: lede-...@lists.infradead.org

There is a regression after gcc-6 6.2.0-6. I get following output when
trying to compile LEDE/OpenWrt "Please install a static zlib"

This is wrong

$ ls -ltr /usr/lib/x86_64-linux-gnu/libz.a
-rw-r--r-- 1 root root 149834 Nov 27  2014 /usr/lib/x86_64-linux-gnu/libz.a

Following can be found in their include/prereq-build.mk

ifeq ($(HOST_OS),Linux)
  zlib_link_flags := -Wl,-Bstatic -lz -Wl,-Bdynamic
else
  zlib_link_flags := -lz
endif

$(eval $(call TestHostCommand,zlib, \
Please install a static zlib. (Missing libz.a or zlib.h), \
echo 'int main(int argc, char **argv) { gzdopen(0, "rb"); return 0; }' | \
gcc -include zlib.h -x c -o $(TMP_DIR)/a.out - $(zlib_link_flags)))

Testing it with gcc-6 6.2.0-6 works:

$ echo 'int main(int argc, char **argv) { gzdopen(0, "rb"); return 0;
}' | gcc -include zlib.h -x c -o a.out - -Wl,-Bstatic -lz
-Wl,-Bdynamic
$ echo $?
0

with gcc-6 6.2.0-10 fails:

$ echo 'int main(int argc, char **argv) { gzdopen(0, "rb"); return 0;
}' | gcc -include zlib.h -x c -o a.out - -Wl,-Bstatic -lz
-Wl,-Bdynamic
/usr/bin/ld: 
/usr/lib/gcc/x86_64-linux-gnu/6/../../../x86_64-linux-gnu/libz.a(gzlib.o):
relocation R_X86_64_32S against `.rodata' can not be used when making
a shared object; recompile with -fPIC
/usr/bin/ld: final link failed: Nonrepresentable section on output
collect2: error: ld returned 1 exit status
$ echo $?
1

Bug#831525: [libretro-mupen64plus] Remove copies of mupen64plus-*

2016-08-21 Thread Charlemagne Lasse 
severity 831525 serious
bye

Then please integrate your changes in upstream mupen64plus. Many
"forks" are now removed from debian (I think mutt-patched is one of
the recent ones) and now you start to introduce new ones - against the
Debian policy

Bug#831525: [libretro-mupen64plus] Remove copies of mupen64plus-*

2016-07-16 Thread Charlemagne Lasse 
Source: libretro-mupen64plus
Version: 2.0+git20160207+dfsg2-1
Severity: serious

Marked as serious because it is a violation of paragraph 4.13 from the
Debian Policy.

Debian should not ship the same things twice. So the Debian Games Team
should decide whether it wants to ship mupen64plus-* or
libretro-mupen64plus

Maybe it is also possible not to use the included copies and instead
load the plugins from mupen64plus-*