Bug#1008094: libexiv2-27: Consider building with -DEXIV2_ENABLE_BMFF=ON

2022-03-22 Thread Heiko Stuebner 
Package: libexiv2-27
Version: 0.27.5-1
Severity: wishlist

Bug #1000788 requested a version update to enable Canon CR3 support.

The ISOBMFF support needs a compile-time switch to be set to
get enabled though.

As the upstream issue suggests [0] there was a bit of legal 
uncertainity regarding patents, hence they added the switch.

With this enabled and a simple rebuild of the current darktable
present in Testing it is possible to open and edit Canon CR3 files
in it.

Please consider if enabling this switch is ok in Debian.

Thanks
Heiko


[0] https://github.com/Exiv2/exiv2/issues/1229


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 5.16.0-4-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libexiv2-27 depends on:
ii  libc6   2.33-7
ii  libexpat1   2.4.7-1
ii  libgcc-s1   12-20220313-1
ii  libstdc++6  12-20220313-1
ii  zlib1g  1:1.2.11.dfsg-2

libexiv2-27 recommends no packages.

Versions of packages libexiv2-27 suggests:
ii  exiv2  0.27.5-1

-- no debconf information

Bug#880631: Package needs to be upgraded

2017-11-04 Thread Heiko Stuebner 
Hi,

Am Donnerstag, 2. November 2017, 20:08:21 CET schrieben Sie:
> Package: libnl-route-3-dev
> Version: 3.2.24-2
> 
> The package libnl3 is out of date, and generates errors when compiling
> with -Werror, like below:
> 
> warning: passing argument 1 of ‘nl_addr2str’ makes pointer from
> integer without a cast [enabled by default]
> In file included from /usr/include/libnl3/netlink/attr.h:17:0,
>  from /usr/include/libnl3/netlink/msg.h:17,
> /usr/include/libnl3/netlink/addr.h:60:16: note: expected ‘struct
> nl_addr *’ but argument is of type ‘int’
> 
> In addition, it lacks some new features. The upstream has moved to
> github: https://github.com/thom311/libnl. I suggest upgrading to
> version 3.4.0, or 3.3.0.

Thanks for the push. I'm currently working on the upgrade and hope
to have something at the beginning of next week or so.


Heiko

Bug#860058: unblock: libnl3/3.2.27-2

2017-04-10 Thread Heiko Stuebner 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package libnl3

In CVE-2017-0553 a possible (but moderate) security issue was found
which resulted in bug #859948 against the Debian libnl3 package.

The 3.2.27-2 fixes this (and only this) issue.

debdiff:
diff -Nru libnl3-3.2.27/debian/changelog libnl3-3.2.27/debian/changelog
--- libnl3-3.2.27/debian/changelog  2016-01-24 23:54:53.0 +0100
+++ libnl3-3.2.27/debian/changelog  2017-04-10 11:48:23.0 +0200
@@ -1,3 +1,9 @@
+libnl3 (3.2.27-2) unstable; urgency=low
+
+  * Add upstream fix for CVE-2017-0553 (Closes: #859948)
+
+ -- Heiko Stuebner   Mon, 10 Apr 2017 11:48:23 +0200
+
 libnl3 (3.2.27-1) unstable; urgency=low

   * New upstream release
diff -Nru libnl3-3.2.27/debian/patches/debian/nlmsg_reserve-overflow.patch
libnl3-3.2.27/debian/patches/debian/nlmsg_reserve-overflow.patch
--- libnl3-3.2.27/debian/patches/debian/nlmsg_reserve-overflow.patch
1970-01-01 01:00:00.0 +0100
+++ libnl3-3.2.27/debian/patches/debian/nlmsg_reserve-overflow.patch
2017-04-10 10:55:21.0 +0200
@@ -0,0 +1,38 @@
+From 3e18948f17148e6a3c4255bdeaaf01ef6081ceeb Mon Sep 17 00:00:00 2001
+From: Thomas Haller 
+Date: Mon, 6 Feb 2017 22:23:52 +0100
+Subject: [PATCH] lib: check for integer-overflow in nlmsg_reserve()
+
+In general, libnl functions are not robust against calling with
+invalid arguments. Thus, never call libnl functions with invalid
+arguments. In case of nlmsg_reserve() this means never provide
+a @len argument that causes overflow.
+
+Still, add an additional safeguard to avoid exploiting such bugs.
+
+Assume that @pad is a trusted, small integer.
+Assume that n->nm_size is a valid number of allocated bytes (and thus
+much smaller then SIZE_T_MAX).
+Assume, that @len may be set to an untrusted value. Then the patch
+avoids an integer overflow resulting in reserving too few bytes.
+---
+ lib/msg.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/lib/msg.c b/lib/msg.c
+index 9af3f3a..3e27d4e 100644
+--- a/lib/msg.c
 b/lib/msg.c
+@@ -411,6 +411,9 @@ void *nlmsg_reserve(struct nl_msg *n, size_t len, int pad)
+   size_t nlmsg_len = n->nm_nlh->nlmsg_len;
+   size_t tlen;
+
++  if (len > n->nm_size)
++  return NULL;
++
+   tlen = pad ? ((len + (pad - 1)) & ~(pad - 1)) : len;
+
+   if ((tlen + nlmsg_len) > n->nm_size)
+--
+2.9.3
+
diff -Nru libnl3-3.2.27/debian/patches/series
libnl3-3.2.27/debian/patches/series
--- libnl3-3.2.27/debian/patches/series 2016-01-24 00:36:27.0 +0100
+++ libnl3-3.2.27/debian/patches/series 2017-04-10 10:57:45.0 +0200
@@ -3,3 +3,4 @@
 debian/no-symvers.diff -p1
 debian/__nl_cache_ops_lookup-unstatic.diff -p1
 debian/_nl_socket_generate_local_port_no_release.diff -p1
+debian/nlmsg_reserve-overflow.patch -p1


unblock libnl3/3.2.27-2

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.8.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)

Bug#845004: ser2net: Prevent conflicts with similarly named devices in subdirectories

2016-11-19 Thread Heiko Stuebner 
Package: ser2net
Version: 2.10.1-1
Severity: normal

Dear Maintainer,

using ser2net with serial devices in subdirectories where the last part
is the same, like
/dev/google-servo/gru/cpu-uart
/dev/google-servo/pinky/cpu-uart

currently breaks, as the locking mechanism only takes the last part of
the path into account (cpu-uart in this case) and thus thinks
both paths are the same device.

After talking with upstream, this got fixed in commit
bfbb27684845 ("Fix UUCP locking to work with device paths") [0]
which also applies cleanly to 2.10.1 currently in Debian.

Maybe you could think about including this here as well?


Thanks
Heiko

[0] 
https://sourceforge.net/p/ser2net/code/ci/bfbb27684845756ec7bd97756be220d2ba453169/


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.7.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ser2net depends on:
ii  libc6 2.24-5
ii  libwrap0  7.6.q-25

ser2net recommends no packages.

Versions of packages ser2net suggests:
ii  telnet  0.17-40+b1

-- no debconf information

Bug#785957: agtl: diff for NMU version 0.8.0.3-1.1

2015-08-26 Thread Heiko Stuebner 
Hi Stefano,

Am Mittwoch, 19. August 2015, 22:42:31 schrieben Sie:
> I've prepared an NMU for agtl (versioned as 0.8.0.3-1.1) and
> uploaded it to DELAYED/2. Please feel free to tell me if I
> should delay it longer.

thanks for doing the NMU. I've meant to handle this, but looks like I didn't 
find the time before you got to it - sorry about that.


So, thanks again
Heiko

Bug#785574: xserver-xorg-core: depends on libegl1-mesa|libegl1 while virtual package is libegl1-x11

2015-05-17 Thread Heiko Stuebner 
Package: xserver-xorg-core
Version: 2:1.16.4-1
Severity: normal

xserver-xorg-core depends on one of libegl1-mesa|libegl1 while the virtual
package seems to be named libegl1-x11 - which is also the package
libegl1-mesa provides.

So currently it will lead to problems if an alternative package (like a
binary driver) does provide libegl1-x11 but not libegl1.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#678144: wrong ABS_PRESSURE test in input_raw / tslib to old

2012-06-19 Thread Heiko Stuebner 
Package: tslib
Version: 1.0-11
Severity: important

The consensus amongst kernel developers seems to be that touchscreens that
cannot report real pressure values should not use ABS_PRESSURE at all.

Older tslib versions (the input_raw plugin to be exact) used this property
amongst others to determine if the device is a touchscreen at all.

This behaviour was changed in tslib 4 years ago [1].

As this new usage scheme for ABS_PRESSURE is enforced for new touchscreen
drivers, none of the pressureless touchscreens will work with the tslib in
Debian.

Therefore could you either upgrade to a newer tslib version or port the
ABS_PRESSURE fix to the current version?


[1] 
https://github.com/kergoth/tslib/commit/548320749f93dde15fef8df07238410c013ce577

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.37-2-686 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#677714: wine-unstable: Incomplete upload of 1.5 for amd64

2012-06-16 Thread Heiko Stuebner 
Package: wine-unstable
Version: 1.1.36-1
Severity: grave
Justification: renders package unusable

The original upload of wine-unstable for amd64 seems to be missing all packages.

The original acceptance mail [1] does not list them neither in the list of build
packages nor in the accepted packages.

Therefore the only package available in amd64 is "wine-unstable" itself,
making wine-unstable uninstallable.

The other arches seem have been build just fine by the buildds.


[1] http://packages.qa.debian.org/w/wine-unstable/news/20120611T193410Z.html


-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.37-2-686 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages wine-unstable depends on:
ii  libwine-alsa-unstable 1.1.36-1   Windows API implementation - ALSA 
ii  libwine-cms-unstable  1.1.36-1   Windows API implementation - color
ii  libwine-gl-unstable   1.1.36-1   Windows API implementation - OpenG
ii  libwine-gphoto2-unstable  1.1.36-1   Windows API implementation - camer
ii  libwine-ldap-unstable 1.1.36-1   Windows API implementation - LDAP 
ii  libwine-openal-unstable   1.1.36-1   Windows API implementation - OpenA
ii  libwine-print-unstable1.1.36-1   Windows API implementation - print
ii  libwine-sane-unstable 1.1.36-1   Windows API implementation - scann
ii  wine-bin-unstable 1.1.36-1   Windows API implementation - binar

Versions of packages wine-unstable recommends:
ii  ttf-liberation 1.06.0.20100721-1 Fonts with the same metrics as Tim

Versions of packages wine-unstable suggests:
pn  avscan | klamav | clamav   (no description available)
ii  binfmt-support2.0.8  Support for extra binary formats
ii  ttf-mscorefonts-installer 3.3Installer for Microsoft TrueType c
pn  winbind(no description available)
pn  wine-doc   (no description available)

Versions of packages libwine-unstable depends on:
ii  libc6   2.13-16  Embedded GNU C Library: Shared lib
ii  libfreetype62.4.4-1  FreeType 2 font engine, shared lib
ii  libhal1 0.5.14-5 Hardware Abstraction Layer - share
ii  libice6 2:1.0.7-1X11 Inter-Client Exchange library
ii  libjpeg88c-1 The Independent JPEG Group's JPEG 
ii  libmpg123-0 1.12.1-3 MPEG layer 1/2/3 audio decoder -- 
ii  libpng12-0  1.2.44-2 PNG library - runtime
ii  libsm6  2:1.2.0-1X11 Session Management library
ii  libssl1.0.0 1.0.0d-3 SSL shared libraries
ii  libx11-62:1.4.3-1X11 client-side library
ii  libxcursor1 1:1.1.11-1   X cursor management library
ii  libxext62:1.2.0-2X11 miscellaneous extension librar
ii  libxi6  2:1.4.1-1X11 Input extension library
ii  libxinerama12:1.1.1-1X11 Xinerama extension library
ii  libxml2 2.7.8.dfsg-2 GNOME XML library
ii  libxrandr2  2:1.3.1-1X11 RandR extension library
ii  libxrender1 1:0.9.6-1X Rendering Extension client libra
ii  zlib1g  1:1.2.3.4.dfsg-3 compression library - runtime

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#658646: libreoffice-pdfimport: Extension does not work at all

2012-02-04 Thread Heiko Stuebner 
Package: libreoffice-pdfimport
Severity: important

After installing the extension, it is listed in the extension manager.
But when opening a pdf, libreoffice still asks for the file type
as opposed to opening it in draw.
Also the option to export a hyprid-pdf (pdf+libreoffice document)
which should be provided by the extension, does not appear in the
export-dialog.

This problem seems to be experienced by others too [1].


[1] 
http://stevenrosenberg.net/blog/linux/debian/2011_1215_libre_office_debian_backports_pdf_fix

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.37-2-686 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#627234: djvulibre-desktop: Wrong display of files in color

2011-05-18 Thread Heiko Stuebner 
Package: djvulibre-desktop
Version: 3.5.24-3
Severity: normal

After upgrading from 3.5.24-2 to 3.5.24-3 colored djvu files
(with color layer) are displayed wrong.
They become some sort of pattern-overlay with green dots.

Bitonal files are displayed correctly.


-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.37-2-686 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#612096: ITP: abootimg -- Tool to read/write/update android boot images

2011-02-05 Thread Heiko Stuebner 
Package: wnpp
Severity: wishlist
Owner: Heiko Stuebner 


* Package name: abootimg
  Version : 0.3
  Upstream Author : Gilles Grandou 
* URL : http://gitorious.org/ac100/abootimg
* License : GPL2 and Apache 2.0
  Programming Lang: C
  Description : Tool to read/write/update android boot images

 Android devices use a special partition format to boot any
 operating system on the devices. These boot-images contain
 a kernel image, a ramdisk, optionally a 2nd stage boot loader
 and the commandline passed to the kernel when booting.
 The original mkbootimg from Android can only create these images
 where abootimg can also extract and modify them.



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#574302: fso-abyss

2010-06-08 Thread Heiko Stuebner 
Hi,

does someone still work on abyss or is it completly dead?

As I was updating my fso-abyss build the whole new config handling was included 
and I was not able to create a working config again.

I moved abyss.conf to /etc/freesmartphone/conf/GTA02/fso-abyss.conf which 
resulted in abyss finding it again but I can't figure out how the config 
sections 
and params should look now for the new libgsm0710mux versions.

Thanks
Heiko



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#509360: current status?

2009-03-28 Thread Heiko Stuebner 
Hi,

How the packaging is coming along? 
I can skip packaging it for myself if yours is almost ready - or do you need a 
hand?

Greetings
Heiko



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#505449: postgresql-8.3: pg_upgradecluster ignores different database-encodings when upgrading

2008-11-12 Thread Heiko Stuebner 
Package: postgresql-8.3
Version: 8.3.4-2
Severity: important

The database-setting is as follows:
template0 LATIN9 OR UTF8
template1 LATIN9 OR UTF8
DB1 SQL_ASCII
DB2 SQL_ASCII

When upgrading the cluster, pg_upgradcluster ignores the SQL_ASCII encoding 
of DB1 and DB2 and makes them LATIN9 or UTF8 respectively.

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.18-6-amd64 (SMP w/4 CPU cores)
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages postgresql-8.3 depends on:
ii  libc6 2.7-15 GNU C Library: Shared libraries
ii  libcomerr21.41.2-1   common error description library
ii  libkrb53  1.6.dfsg.4~beta1-4 MIT Kerberos runtime libraries
ii  libldap-2.4-2 2.4.11-1   OpenLDAP libraries
ii  libpam0g  1.0.1-4+b1 Pluggable Authentication Modules l
ii  libpq58.3.4-2PostgreSQL C client library
ii  libssl0.9.8   0.9.8g-14  SSL shared libraries
ii  libxml2   2.6.32.dfsg-4  GNOME XML library
ii  postgresql-client-8.3 8.3.4-2front-end programs for PostgreSQL 
ii  postgresql-common 91 PostgreSQL database-cluster manage
ii  ssl-cert  1.0.23 simple debconf wrapper for OpenSSL
ii  tzdata2008h-2time zone and daylight-saving time

postgresql-8.3 recommends no packages.

Versions of packages postgresql-8.3 suggests:
pn  oidentd | ident-server (no description available)

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#298689: apache2: logrotate script and new init script break ssl certificates with passphrase

2005-03-09 Thread Heiko Stuebner 
Package: apache2
Version: 2.0.53-5
Severity: important

the logrotate script for apache2 calls /etc/init.d/apache2 restart in
its postrotate command.
The old init-script called $APACHE2CTL restart and everything was
working.
The new init-script (provided by 2.0.53-5) has changed the restart
command to "apache stop" and "$APACHE2CTL startssl".
This breaks the logrotate postrotate for servers with ssl certificates
that have a passphrase set for them, as the restart command hangs and
noone can enter the passphrase.
A better solution would be to call the apache2 init script with the
reload command in the logrotate postrotate.

Greetings
Heiko

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.25
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages apache2 depends on:
ii  apache2-mpm-prefork   2.0.53-5   traditional model for Apache2

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]