Bug#1071675: duplicity: SSH broken with Paramiko 3.4
Package: duplicity Version: 2.1.4-3+b1 Severity: important When trying to do backup to an sftp:// target Duplicity fails since python3-paramiko was updated to 3.4.0-1, with the following error which looks like an API change in Paramiko: ssh: Unknown exception: public_blob ssh: Traceback (most recent call last): ssh: File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 2220, in run ssh: handler(m) ssh: File "/usr/lib/python3/dist-packages/paramiko/auth_handler.py", line 394, in _parse_service_accept ssh: key_type, bits = self._get_key_type_and_bits(self.private_key) ssh: ^ ssh: File "/usr/lib/python3/dist-packages/paramiko/auth_handler.py", line 218, in _get_key_type_and_bits ssh: if key.public_blob: ssh:^^^ ssh: File "/usr/lib/python3/dist-packages/paramiko/agent.py", line 476, in __getattr__ ssh: raise AttributeError(name) ssh: AttributeError: public_blob ssh: BackendException: ssh connection to ** failed: public_blob Downgrading python3-paramiko to 2.12.0-2 makes Duplicity work again, I assume Duplicity needs to be updated/fixed to work with the new Paramiko API. -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.8.9-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages duplicity depends on: ii gnupg 2.2.43-6 ii libc6 2.38-11 ii librsync2t642.3.4-1.1 ii python3 3.11.8-1 ii python3-fasteners 0.18-2 ii python3-setuptools-scm 8.0.4-2 ii python3.11 3.11.9-1 Versions of packages duplicity recommends: ii python3-oauthlib 3.2.2-1 ii python3-paramiko 3.4.0-1 ii python3-pexpect 4.9-2 ii python3-urllib3 1.26.18-2 ii rsync 3.3.0-1 Versions of packages duplicity suggests: pn lftp pn ncftp pn par2 pn python3-boto3 ii python3-pip 24.0+dfsg-2 pn python3-swiftclient pn tahoe-lafs -- no debconf information
Bug#1070730: ibus generally broken
I have the same issue with German and Finnish keyboard layouts via ibus (umlauts and other non-ASCII characters don't work) and ibus-anthy after the update from 2.80.0-9 to 2.80.0-10, downgrading fixes it. So it looks like that security fix breaks ibus with GTK applications in general. :-( Stopping ibus makes the system keyboard layout (German in my case) work.
Bug#1059159: foliate: Foliate 4-1 is actually 2.6.4, restores segfaults
Package: foliate Version: 4-1 Severity: normal After updating to the Foliate 4-1 package I was confused that the pre-3.0 UI was back, as well as the frequent segfaults (see #1039050). Looking at the source it seems like the package was actually reverted to upstream version 2.6.4, the upstream GitHub repository doesn't list any version newer than 3.0.1. Could you restore 3.0.1 and just add the dependency fix, please? -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.5.0-5-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages foliate depends on: ii dconf-gsettings-backend [gsettings-backend] 0.40.0-4 ii gir1.2-adw-1 1.4.2-1+b1 ii gir1.2-gtk-4.0 4.12.4+ds-3 ii gir1.2-webkit-6.02.42.4-1 ii gir1.2-webkit2-4.0 2.42.4-1 ii gjs 1.78.1-1 ii python3 3.11.6-1 Versions of packages foliate recommends: ii gnome-epub-thumbnailer 1.7-3 foliate suggests no packages. -- debconf-show failed
Bug#1058725: foliate: Missing runtime dependencies
Package: foliate Version: 3.0.1-1 Severity: important Dear maintainer, trying to start Foliate after updating to 3.0.1-1 resulted in a crash with the following error: $ foliate (gjs-console:177311): Gjs-CRITICAL **: 11:04:45.617: JS ERROR: Error: Requiring Gtk, version 4.0: Typelib file for namespace 'Gtk', version '4.0' not found require@resource:///org/gnome/gjs/modules/esm/gi.js:16:28 @gi://Gtk?version=4.0:3:25 (gjs-console:177311): Gjs-CRITICAL **: 11:04:45.617: Module file:///usr/bin/foliate threw an exception Installing gir1.2-gtk-4.0 changed the error message to a different missing dependency, in total I had to install 3 additional packages: gir1.2-gtk-4.0 gir1.2-adw-1 gir1.2-webkit-6.0 After that Foliate works fine for me. There are still error messages about missing Tracker, which can be resolved by installing gir1.2-tracker-3.0 (but doesn't seem to cause trouble otherwise, probably only relevant for people who want to use Tracker). Could you please add the missing dependencies to the binary package? I suppose the Tracker one should be Suggested or Recommended. -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.5.0-5-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages foliate depends on: ii dconf-gsettings-backend [gsettings-backend] 0.40.0-4 ii gir1.2-webkit2-4.0 2.42.3-1 ii gjs 1.78.1-1 ii python3 3.11.6-1 Versions of packages foliate recommends: ii gnome-epub-thumbnailer 1.7-3 foliate suggests no packages. -- debconf-show failed
Bug#1056277: python3-pysrt: Opening files fails due to outdated 'U' mode
Package: python3-pysrt
Version: 1.0.1-3
Severity: normal
SubRipFile.open() and any use of the included srt command line tool fail
because the pysrt code uses the outdated 'U' mode which has since been
removed (traceback below). This has been fixed upstream for a while [1],
so updating the package should be enough to fix this bug.
For library use, loading the file outside pysrt and having pysrt parse
the string is a workaround.
[1]
https://github.com/byroot/pysrt/commit/17e1f58dab58b941abcbd035d9c6e2fcacba5600
Traceback (most recent call last):
File "/usr/bin/srt", line 33, in
sys.exit(load_entry_point('pysrt==1.0.1', 'console_scripts', 'srt')())
File "/usr/lib/python3/dist-packages/pysrt/commands.py", line 215, in
main
SubRipShifter().run(sys.argv[1:])
File "/usr/lib/python3/dist-packages/pysrt/commands.py", line 136, in run
self.arguments.action()
File "/usr/lib/python3/dist-packages/pysrt/commands.py", line 159, in
rate
self.input_file.shift(ratio=ratio)
^^^
File "/usr/lib/python3/dist-packages/pysrt/commands.py", line 197, in
input_file
self._source_file = SubRipFile.open(self.arguments.file,
File "/usr/lib/python3/dist-packages/pysrt/srtfile.py", line 152, in open
source_file = cls._open_unicode_file(path, claimed_encoding=encoding)
^^^
File "/usr/lib/python3/dist-packages/pysrt/srtfile.py", line 293, in
_open_unicode_file
source_file = codecs.open(path, 'rU', encoding=encoding)
^^
File "", line 918, in open
ValueError: invalid mode: 'rUb'
-- System Information:
Debian Release: trixie/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.5.0-4-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE
not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages python3-pysrt depends on:
ii python33.11.4-5+b1
ii python3-chardet5.2.0+dfsg-1
ii python3-pkg-resources 68.1.2-2
python3-pysrt recommends no packages.
python3-pysrt suggests no packages.
-- debconf-show failed
Bug#1039050: Seeing the same bug
I'm seeing the same behavior from Foliate, though the exact message from the crash varies. *In addition to* the one quoted above I've also seen: ** Gjs:ERROR:../gi/function.cpp:1035:bool Gjs::Function::invoke(JSContext*, const JS::CallArgs&, JS::HandleObject, GIArgument*): assertion failed (ffi_arg_pos == ffi_argc): (2 == 21960) Bail out! Gjs:ERROR:../gi/function.cpp:1035:bool Gjs::Function::invoke(JSContext*, const JS::CallArgs&, JS::HandleObject, GIArgument*): assertion failed (ffi_arg_pos == ffi_argc): (2 == 21960) Abgebrochen (Abgebrochen -> Aborted) And a simple Speicherzugriffsfehler (Segmentation fault) -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.3.0-1-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages foliate depends on: ii dconf-gsettings-backend [gsettings-backend] 0.40.0-4 ii gir1.2-webkit2-4.0 2.40.3-2 ii gjs 1.74.3-1 ii python3 3.11.4-1 Versions of packages foliate recommends: ii gnome-epub-thumbnailer 1.7-3 foliate suggests no packages. -- no debconf information
Bug#1038889: Same for firefox 114.0-1 and firefox-esr 102.12.0esr-1
Output from firefox-esr 102.12.0esr-1: $ firefox-esr ATTENTION: default value of option mesa_glthread overridden by environment. ATTENTION: default value of option mesa_glthread overridden by environment. ATTENTION: default value of option mesa_glthread overridden by environment. ATTENTION: default value of option mesa_glthread overridden by environment. ExceptionHandler::GenerateDump cloned child 13174 ExceptionHandler::SendContinueSignalToChild sent continue signal to child ExceptionHandler::WaitForContinueSignal waiting for continue signal... Exiting due to channel error. Output is almost the same for firefox 114.0-1, just one fewer of the mesa_glthread messages, and the last line is missing. Downgrading libnss3 to 2:3.89-2 fixes the crash here, too.
Bug#1037161: pelican-quickstart crashes if python3-tzlocal is installed
Package: pelican
Version: 4.8.0+dfsg-1
Severity: normal
Tags: upstream
Running pelican-quickstart fails with the exception below if
python3-tzlocal is installed. Otherwise the ImportError for tzlocal is
caught and the buggy code avoided.
The buggy code is still present upstream:
https://github.com/getpelican/pelican/blob/1f6b344f7d7b7e8dd0271cc333a257faca566c15/pelican/tools/pelican_quickstart.py#L17-L21
The problem is that zoneinfo.ZoneInfo (part of the standard library)
does not have a "zone" attibute, I assume "key" would be the correct one.
$ pelican-quickstart
Traceback (most recent call last):
File "/usr/bin/pelican-quickstart", line 33, in
sys.exit(load_entry_point('pelican==4.8.0', 'console_scripts',
'pelican-quickstart')())
^^^
File "/usr/bin/pelican-quickstart", line 25, in
importlib_load_entry_point
return next(matches).load()
File "/usr/lib/python3.11/importlib/metadata/__init__.py", line 202,
in load
module = import_module(match.group('module'))
File "/usr/lib/python3.11/importlib/__init__.py", line 126, in
import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "", line 1206, in _gcd_import
File "", line 1178, in _find_and_load
File "", line 1149, in
_find_and_load_unlocked
File "", line 690, in _load_unlocked
File "", line 940, in exec_module
File "", line 241, in
_call_with_frames_removed
File
"/usr/lib/python3/dist-packages/pelican/tools/pelican_quickstart.py",
line 19, in
_DEFAULT_TIMEZONE = tzlocal.get_localzone().zone
AttributeError: 'zoneinfo.ZoneInfo' object has no attribute 'zone'
-- System Information:
Debian Release: 12.0
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.1.0-9-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE
not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages pelican depends on:
ii python33.11.2-1+b1
ii python3-blinker1.5-1
ii python3-dateutil 2.8.2-2
ii python3-docutils 0.19+dfsg-6
ii python3-feedgenerator 2.0.0-1
ii python3-jinja2 3.1.2-1
ii python3-markdown 3.4.1-2
ii python3-pkg-resources 66.1.1-1
ii python3-pygments 2.15.1+dfsg-1
ii python3-rich 13.3.1-1
ii python3-tz 2022.7.1-4
ii python3-unidecode 1.3.6-1
pelican recommends no packages.
Versions of packages pelican suggests:
ii pandoc 2.17.1.1-1.1
pn pelican-doc
ii python3-bs4 4.11.2-2
-- no debconf information
Bug#1034271: libqt5core5a: Update also causes segfault during startup in linphone
Package: libqt5core5a
Version: 5.15.8+dfsg-6
Followup-For: Bug #1034271
The update from 5.15.8+dfsg-5 to 5.15.8+dfsg-6 also causes a segfault in
linphone (package linphone-desktop) during startup, making linphone
unusable (command line output attached). Downgrading makes linphone work
again.
-- System Information:
Debian Release: 12.0
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.1.0-7-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE
not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libqt5core5a depends on:
ii libc6 2.36-9
ii libdouble-conversion3 3.2.1-1
ii libgcc-s1 12.2.0-14
ii libglib2.0-0 2.74.6-2
ii libicu72 72.1-3
ii libpcre2-16-0 10.42-1
ii libstdc++6 12.2.0-14
ii libzstd1 1.5.4+dfsg2-5
ii shared-mime-info 2.2-1
ii zlib1g 1:1.2.13.dfsg-1
Versions of packages libqt5core5a recommends:
ii qttranslations5-l10n 5.15.8-2
Versions of packages libqt5core5a suggests:
ii libthai0 0.1.29-1
-- no debconf information
[09:41:47:734][0x55902e0a4330][Info]"Starting Linphone (bin: linphone)"
[09:41:47:734][0x55902e0a4330][Info]"Use locale: de_DE"
[09:41:47:749][0x55902e0a4330][Info]Available fonts : ("Bitstream Charter", "C059 [UKWN]", "C059 [urw]", "Cantarell", "Cantarell Extra Bold", "Cantarell Light", "Cantarell Thin", "cmex10", "cmmi10", "cmr10", "cmsy10", "Courier", "Courier 10 Pitch", "D05L [urw]", "D05L [URW ]", "DejaVu Math TeX Gyre", "DejaVu Sans", "DejaVu Sans Condensed", "DejaVu Sans Mono", "DejaVu Serif", "DejaVu Serif Condensed", "Droid Sans Fallback", "dsrom10", "esint10", "eufm10", "FontAwesome", "Latin Modern Math", "Latin Modern Mono", "Latin Modern Mono Caps", "Latin Modern Mono Light", "Latin Modern Mono Light Cond", "Latin Modern Mono Prop", "Latin Modern Mono Prop Light", "Latin Modern Mono Slanted", "Latin Modern Roman", "Latin Modern Roman Caps", "Latin Modern Roman Demi", "Latin Modern Roman Dunhill", "Latin Modern Roman Slanted", "Latin Modern Roman Unslanted", "Latin Modern Sans", "Latin Modern Sans Demi Cond", "Latin Modern Sans Quotation", "Lato", "Lato Black", "Lato Hairline", "Lato Heavy", "Lato Light", "Lato Medium", "Lato Semibold", "Lato Thin", "Liberation Mono", "Liberation Sans", "Liberation Sans Narrow", "Liberation Serif", "LM Mono 10", "LM Mono 12", "LM Mono 8", "LM Mono 9", "LM Mono Caps 10", "LM Mono Light 10", "LM Mono Light Cond 10", "LM Mono Prop 10", "LM Mono Prop Light 10", "LM Mono Slanted 10", "LM Roman 10", "LM Roman 12", "LM Roman 17", "LM Roman 5", "LM Roman 6", "LM Roman 7", "LM Roman 8", "LM Roman 9", "LM Roman Caps 10", "LM Roman Demi 10", "LM Roman Dunhill 10", "LM Roman Slanted 10", "LM Roman Slanted 12", "LM Roman Slanted 17", "LM Roman Slanted 8", "LM Roman Slanted 9", "LM Roman Unslanted 10", "LM Sans 10", "LM Sans 12", "LM Sans 17", "LM Sans 8", "LM Sans 9", "LM Sans Demi Cond 10", "LM Sans Quot 8", "MathJax_AMS", "MathJax_Caligraphic", "MathJax_Fraktur", "MathJax_Main", "MathJax_Math", "MathJax_SansSerif", "MathJax_Script", "MathJax_Size1", "MathJax_Size2", "MathJax_Size3", "MathJax_Size4", "MathJax_Typewriter", "MathJax_Vector", "MathJax_Vector-Bold", "MathJax_WinChrome", "MathJax_WinIE6", "Monospace", "msam10", "msbm10", "Nimbus Mono PS [urw]", "Nimbus Mono PS [UKWN]", "Nimbus Roman [urw]", "Nimbus Roman [UKWN]", "Nimbus Sans [urw]", "Nimbus Sans [URW ]", "Nimbus Sans [UKWN]", "Nimbus Sans Narrow [urw]", "Nimbus Sans Narrow [UKWN]", "Noto Color Emoji", "Noto Kufi Arabic", "Noto Looped Lao", "Noto Looped Lao UI", "Noto Looped Thai", "Noto Looped Thai UI", "Noto Mono", "Noto Music", "Noto Naskh Arabic", "Noto Naskh Arabic UI", "Noto Nastaliq Urdu", "Noto Rashi Hebrew", "Noto Sans", "Noto Sans Adlam", "Noto Sans Adlam Unjoined", "Noto Sans Anatolian Hieroglyphs", "Noto Sans Arabic", "Noto Sans Arabic UI", "Noto Sans Armenian", "Noto Sans Avestan", "Noto Sans Balinese", "Noto Sans Bamum", "Noto Sans Bassa Vah", "Noto Sans Batak", "Noto Sans Bengali", "Noto Sans Bengali UI", "Noto Sans Bhaiksuki", "Noto Sans Brahmi", "Noto Sans Buginese", "Noto Sans Buhid", "Noto Sans Canadian Aboriginal", "Noto Sans Carian", "Noto Sans Caucasian Albanian", "Noto Sans Chakma", "Noto Sans Cham", "Noto Sans Cherokee", "Noto Sans CJK HK", "Noto Sans CJK JP", "Noto Sans CJK KR", "Noto Sans CJK SC", "Noto Sans CJK TC", "Noto Sans Coptic", "Noto Sans Cuneiform", "Noto Sans Cypriot", "Noto Sans Deseret", "Noto Sans Devanagari", "Noto Sans Devanagari UI", "Noto Sans Display", "Noto Sans Duployan", "Noto Sans Egyptian Hieroglyphs", "Noto Sans Elbasan", "Noto Sans Elymaic", "Noto Sans Ethiopic", "Noto Sans Georgian", "Noto Sans Glagolitic", "Noto Sans Gothic", "Noto Sans Grantha", "Noto Sans
Bug#1028192: [Pkg-xmpp-devel] Bug#1028192: Needs to block python3-nbxmpp
Am 10.01.23 um 20:03 schrieb Martin: Btw. thanks for testing the latest nbxmpp master! You're welcome! After testing the patch I also tried installing nbxmpp and gajim in a virtualenv. And there Gajim starts! "pip3 list" output within the virtualenv: Package Version Editable project location - --- - cffi 1.15.1 cryptography 39.0.0 css-parser1.0.8 gajim 1.6.0 /home/fiona/development/gajim idna 3.4 importlib-metadata6.0.0 jaraco.classes3.2.3 jeepney 0.8.0 keyring 23.13.1 more-itertools9.0.0 nbxmpp4.0.0 /home/fiona/development/python-nbxmpp packaging 23.0 Pillow9.4.0 pip 22.3.1 precis-i18n 1.0.5 protobuf 4.21.12 pycairo 1.23.0 pycparser 2.21 PyGObject 3.42.2 python-axolotl0.2.3 python-axolotl-curve25519 0.4.1.post2 SecretStorage 3.3.3 setuptools65.6.3 wheel 0.38.4 zipp 3.11.0 PyGObject is at the same version as in unstable, as is cffi. I wonder if there's an ABI incompatibility somewhere, or something similarly tricky? I'm not sure how to debug it, though.
Bug#1028192: Needs to block python3-nbxmpp
In that case python3-nbxmpp 4.x must not migrate either, because it breaks Gajim 1.5.x. I'm not sure what's the proper way to achieve that, should I file another bug or is there some "blocks" mechanism in the BTS?
Bug#1028192: gajim: Gajim 1.6.0-1 crashes on connect
Package: gajim Version: 1.6.0-1 Severity: important Gajim 1.6.0-1 crashes while connecting to XMPP server(s). Visually the Gajim window pops up briefly and then disappears again. According to the stack trace below the crash seems related to libproxy.so.1, but I don't have any proxy configured for the account. $ gdb --ex r --args python3 $(command -v gajim) -v [shortened to remove private info, let me know if you need more detail] 01/08/23 11:06:16 (D) gajim.gui.main Window state changed: ICONIFIED: False, WITHDRAWN: False 01/08/23 11:06:16 (I) gajim.c.settings Set settings: app 01/08/23 11:06:16 (I) gajim.c.settings Signal: is_window_visible changed 01/08/23 11:06:16 (D) gajim.c.storage.cache Execution time for _commit: 1 ms 01/08/23 11:06:16 (I) gajim.c.settings Commit 01/08/23 11:06:16 (I) gajim.c.dbus.logindName org.freedesktop.login1 appeared, owned by :1.0 01/08/23 11:06:16 (I) gajim.c.dbus.logindObtained shutdown delay inhibitor 01/08/23 11:06:16 (I) gajim.gui.notification Notifications D-Bus connected 01/08/23 11:06:16 (I) gajim.c.settings Set account settings: *** 01/08/23 11:06:16 (I) gajim.c.settings Signal: last_status changed 01/08/23 11:06:16 (I) gajim.c.settings Set account settings: *** 01/08/23 11:06:16 (I) gajim.c.settings Signal: last_status_msg changed 01/08/23 11:06:16 (I) gajim.client Connect 01/08/23 11:06:16 (I) gajim.client State: 3 01/08/23 11:06:16 (I) gajim.client Signal: state-changed 01/08/23 11:06:16 (I) gajim.gui.css Get .gajim-status-connecting color: rgb(77, 166, 255) 01/08/23 11:06:16 (D) gajim.c.storage.cache Execution time for get_contact: 1 ms 01/08/23 11:06:16 (I) nbxmpp.stream (***) Connect 01/08/23 11:06:16 (I) nbxmpp.stream (***) Set state: StreamState.RESOLVE 01/08/23 11:06:16 (I) nbxmpp.http Request(140734679377472): Created 01/08/23 11:06:16 (I) nbxmpp.http Request(140734679377472): Request sent, method: GET, uri: https://***/.well-known/host-meta [New Thread 0x7fff3fbff6c0 (LWP 8799)] Thread 27 "pool-org.gajim." received signal SIGABRT, Aborted. [Switching to Thread 0x7fff53fff6c0 (LWP 8765)] __pthread_kill_implementation (threadid=, signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44 44 ./nptl/pthread_kill.c: No such file or directory. (gdb) bt #0 __pthread_kill_implementation (threadid=, signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44 #1 0x77d28d2f in __pthread_kill_internal (signo=6, threadid=) at ./nptl/pthread_kill.c:78 #2 0x77cd9ef2 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #3 0x77cc4472 in __GI_abort () at ./stdlib/abort.c:79 #4 0x73a9d40a in () at /lib/x86_64-linux-gnu/libstdc++.so.6 #5 0x73aa861a in __gxx_personality_v0 () at /lib/x86_64-linux-gnu/libstdc++.so.6 #6 0x71c63131 in __libunwind_Unwind_Resume () at /lib/x86_64-linux-gnu/libunwind.so.8 #7 0x7fff51ebd34a in () at /lib/x86_64-linux-gnu/libproxy.so.1 #8 0x7fff51eb3e52 in () at /lib/x86_64-linux-gnu/libproxy.so.1 #9 0x7fff51eb4287 in () at /lib/x86_64-linux-gnu/libproxy.so.1 #10 0x7fff51eb4751 in px_proxy_factory_get_proxies () at /lib/x86_64-linux-gnu/libproxy.so.1 #11 0x7fff51ee761f in () at /usr/lib/x86_64-linux-gnu/gio/modules/libgiolibproxy.so #12 0x77024793 in () at /lib/x86_64-linux-gnu/libgio-2.0.so.0 #13 0x773016da in () at /lib/x86_64-linux-gnu/libglib-2.0.so.0 #14 0x77300d0d in () at /lib/x86_64-linux-gnu/libglib-2.0.so.0 #15 0x77d26fd4 in start_thread (arg=) at ./nptl/pthread_create.c:442 #16 0x77da766c in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 -- System Information: Debian Release: bookworm/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.0.0-6-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages gajim depends on: ii desktop-file-utils 0.26-1 ii gir1.2-gst-plugins-base-1.0 1.20.5-1 ii gir1.2-gtk-3.0 3.24.36-1 ii gir1.2-gtksource-4 4.8.4-1 ii python3 3.11.1-1 ii python3-cairo1.20.1-5 ii python3-cryptography 38.0.4-1 ii python3-css-parser 1.0.8-1 ii python3-gi 3.42.2-3 ii python3-gi-cairo 3.42.2-3 ii python3-idna 3.3-1 ii python3-keyring 23.9.3-2 ii python3-nbxmpp 4.0.0-1 ii python3-packaging22.0-2 ii python3-pil
Bug#1026072: Workaround
The bug affects a few more libraries. I found that creating symlinks for all of them in /usr/lib/firefox/ is a workaround: /usr/lib/x86_64-linux-gnu/libnssutil3.so /usr/lib/x86_64-linux-gnu/libnss3.so /usr/lib/x86_64-linux-gnu/libsmime3.so /usr/lib/x86_64-linux-gnu/libssl3.so
Bug#1012170: systemctl miscalculates boottime, consequently considers services inactive
Package: systemctl Version: 1.4.4181-1.1 Severity: important The packaged version of docker-systemctl-replacement contains an upstream bug where systemctl assumes that the mtime of /proc files of the init process is the boot time of the container. Status and PID files with older timestamps are considered invalid and then truncated, breaking further operations that rely on them. Unfortunately the underlying assumption about mtime of files in /proc is not reliable (often it works, sometimes it doesn't). As a result, running services are unpredictably considered invalid during further systemctl operations, notably "systemctl reload" commands. The upstream fix notes this in comments on the new function that uses the actual start time of the init process: https://github.com/gdraheim/docker-systemctl-replacement/commit/2f782b85b56680f45e09f78321d14614984edbc4 Please update the package to the current upstream release, as of this email it's 1.5.4505. I'd appreciate a backport of the fix to stable. -- System Information: Debian Release: bookworm/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.17.0-3-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages systemctl depends on: ii python3 3.10.4-1+b1 Versions of packages systemctl recommends: ii procps 2:3.3.17-7+b1 Versions of packages systemctl suggests: ii tini 0.19.0-1
Bug#1005882: modsecurity-apache: Typo in homepage URL, leading to 404
Source: modsecurity-apache Version: 2.9.5-1 Severity: minor The homepage URL listed in debian/control is https://github.com/SpiderLapbs/ModSecurity, which doesn't exist. debian/watch correctly uses https://github.com/SpiderLabs/ModSecurity, so I guess it's just a typo. Please fix the homepage URL. -- System Information: Debian Release: bookworm/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 5.16.0-1-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#747909: Docker through SSH virt
I've written a setup script for autopkgtest-virt-ssh that sets up a local Docker container as a testbed, and supports revert: https://github.com/airtower-luna/autopkgtest-ssh-docker Of course native Docker support would be nicer, but maybe this script could be included in /usr/share/autopkgtest/ssh-setup/ until that becomes available?
Bug#954374: Breaks on systems with /usr merge
This change appears to break systems with /usr merge [1], I get this when trying to upgrade libc6 from 2.30-2 to 2.30-3 on amd64: > A copy of the C library was found in an unexpected directory: > '/usr/lib/x86_64-linux-gnu/ld-2.30.so' > It is not safe to upgrade the C library in this situation; > please remove that copy of the C library or get it out of > '/usr/lib/x86_64-linux-gnu' and try again. It seems like the preinst script is getting confused by /lib being a symlink to /usr/lib: $ dpkg -L libc6 | grep ld-2.30.so /lib/x86_64-linux-gnu/ld-2.30.so $ realpath /lib/x86_64-linux-gnu/ld-2.30.so /usr/lib/x86_64-linux-gnu/ld-2.30.so [1] https://wiki.debian.org/UsrMerge
Bug#950301: Fixed upstream in 0.10.0
This issue has been fixed in upstream version 0.10.0 (out just now). This is caused by recent GnuTLS versions (since 3.6.11 AFAIK) listing the peer's certificate type in the session description so they aren't identical on anonymous client and authenticated server, so backporting shouldn't be necessary.
Bug#950300: Fixed in upstream version 0.9.1
This has been fixed upstream since version 0.9.1.
Bug#950359: Thread-safety issues inherited from Curl
Package: libmsv1 Version: 1.1.1-3 Dear Maintainer, this is more an upstream issue, but unfortunately the upstream website seems to have been broken for a while now. :( Summary of the problem: The way libmsv uses libcurl is not suitable for multi-threaded applications without precautions, and not at all for dynamically loaded modules. I've recently implemented (optional) Valgrind checks for mod_gnutls, and got a lot of leak messages like this one when running with MSVA client certificate validation using libmsv: > ==10832== 24 bytes in 1 blocks are definitely lost in loss record 37 of 130 > ==10832==at 0x4838B65: calloc (vg_replace_malloc.c:762) > ==10832==by 0x58BEEFE: ??? (in /usr/lib/x86_64-linux-gnu/libnspr4.so) > ==10832==by 0x58CC041: ??? (in /usr/lib/x86_64-linux-gnu/libnspr4.so) > ==10832==by 0x5271CA1: Curl_nss_init (nss.c:1432) > ==10832==by 0x5271CA1: Curl_nss_init (nss.c:1428) > ==10832==by 0x52375FF: global_init (easy.c:158) > ==10832==by 0x52377F7: curl_easy_init (easy.c:285) > ==10832==by 0x502CABB: msv_query_agent (in /usr/lib/libmsv.so.1.0.1) > ==10832==by 0x500F85E: mgs_cert_verify (gnutls_hooks.c:1749) > ==10832==by 0x5012DB1: mgs_hook_authz (gnutls_hooks.c:1509) > ==10832==by 0x15A9BF: ap_run_access_checker (in /usr/sbin/apache2) > ==10832==by 0x15CFDA: ap_process_request_internal (in /usr/sbin/apache2) > ==10832==by 0x17D0CF: ap_process_async_request (in /usr/sbin/apache2) The full Valgrind log is attached (please don't get confused by the kernel version, it's from a Sid container running on an Ubuntu host). I've installed libcurl3-nss-dbgsym to get function names for the Curl-internal part of the trace (above curl_easy_init). All these leaks are from Curl global init triggered by curl_easy_init(). According to its documentation the global init must run before any other threads are started. I've considered calling curl_global_init() during mod_gnutls initialization, but I cannot guarantee that there aren't any other threads at that point either. Even worse, there should be a matching call to curl_global_cleanup(), which has the same requirement, and the documentation unfortunately says this [1]: > We recommend you do not run libcurl from any module that may be unloaded > dynamically. Which means that running libcurl in an Apache HTTPD module is explicitly unsupported, and that sadly implicitly extends to libmsv. My preferred solution would be to remove the dependency on libcurl. One alternative would be to send a hand-crafted request (e.g. similar to what GnuTLS ocsptool does [2]). I'd be happy to test patches or possibly write one myself, if we can agree on an approach (and I have time). To reproduce the issue, please check my repository at [3], the build process would be: autoreconf -fiv ./configure --enable-valgrind-test --enable-msva make TESTS="test-15_basic_msva.bash" make -e check The restriction of TESTS to the MSVA test is just to save time, running all tests with Valgrind may take a couple of minutes. Thank you for your attention! Fiona Klute [1] https://curl.haxx.se/libcurl/c/curl_global_cleanup.html [2] https://gitlab.com/gnutls/gnutls/blob/master/src/ocsptool-common.c [3] https://github.com/airtower-luna/mod_gnutls ==10831== Memcheck, a memory error detector ==10831== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==10831== Using Valgrind-3.15.0-608cb11914-20190413 and LibVEX; rerun with -h for copyright info ==10831== Command: /usr/sbin/apache2 -f /home/fiona/mod_gnutls/test/tests/15_basic_msva/apache.conf -k start -DFOREGROUND ==10831== Parent PID: 10824 ==10831== --10831-- --10831-- Valgrind options: --10831---v --10831----leak-check=full --10831----gen-suppressions=all --10831----keep-debuginfo=yes --10831----track-origins=yes --10831----vgdb=no --10831----log-file=logs/valgrind-15_basic_msva.log --10831----suppressions=./suppressions.valgrind --10831-- Contents of /proc/version: --10831-- Linux version 5.3.0-29-generic (buildd@lcy01-amd64-024) (gcc version 9.2.1 20191008 (Ubuntu 9.2.1-9ubuntu2)) #31-Ubuntu SMP Fri Jan 17 17:27:26 UTC 2020 --10831-- --10831-- Arch and hwcaps: AMD64, LittleEndian, amd64-cx16-lzcnt-rdtscp-sse3-ssse3-avx-avx2-bmi-f16c-rdrand --10831-- Page sizes: currently 4096, max supported 4096 --10831-- Valgrind library directory: /usr/lib/x86_64-linux-gnu/valgrind --10831-- Reading syms from /usr/sbin/apache2 --10831--object doesn't have a symbol table --10831-- Reading syms from /usr/lib/x86_64-linux-gnu/ld-2.29.so --10831-- Considering /usr/lib/debug/.build-id/bd/c4116b3193146db4945c36329513df492b14ab.debug .. --10831-- .. build-id is valid --10831-- Reading syms from /usr/lib/x86_64-linux-gnu/valgrind/memcheck-amd64-linux --10831-- Considering /usr/lib/debug/.build-id/80/5d052772dc3c48dbe4654094fcd7fdb87a.debug .. --10831-- .. build-id is val
Bug#942737: Can't reproduce, please try dbgsym packages for backtrace
Hi Nico, I tried to reproduce the issue but couldn't. Exactly how are you sending the requests? I've tried both curl and hand-typing over gnutls-cli. If you still have this issue, could you try enabling the appropriate debug repositories (see https://wiki.debian.org/AutomaticDebugPackages) and installing the relevant *-dbgsym packages to see which functions loop in the backtrace? I assume you'll need at least these: apache2-bin-dbgsym libapache2-mod-gnutls-dbgsym libgnutls30-dbgsym Best regards, Fiona
Bug#917582: Looks like a pandoc bug
On Wed, 23 Jan 2019 22:46:59 +0100 Fiona Klute wrote: > The easiest solution for the mod-gnutls package should be to remove the > PDF documentation, I realized the PDF documentation doesn't get installed anyway, so the easiest workaround will be to remove the pdf_DATA line in doc/Makefile.am to prevent it from getting built.
Bug#917582: Looks like a pandoc bug
That looks like a bug in pandoc to me. There's no PDF template configuration in mod_gnutls, so this seems to affect PDF generation with pandoc's default settings. The easiest solution for the mod-gnutls package should be to remove the PDF documentation, and maybe replace it with the manual page available in 0.9.0. I added that because I consider it more useful on a server system anyway. ;-) Regards, Fiona
Bug#917584: Should be fixed in mod_gnutls 0.9.0
These test failures look like they are due to the switch to GnuTLS 3.6 (different default algorithms, OpenPGP removal), and should be fixed in mod_gnutls 0.9.0 (released today).
Bug#894874: Fixed in mod_gnutls 0.8.4
The issue is fixed in the 0.8.4 upstream release, please update the package. :-) Regards, Fiona
