Bug#1029168: fonts-urw-base35: Apache pdfbox cannot load fonts. Complains "Start marker missing"
oh, and one way to convert the .t1 to traditional pfa or pfb is like this: t1disasm …/urw-base35/NimbusRoman-Bold.t1|t1asm -b -o NimbusRoman-Bold.pfb (or -a for .pfa). -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#1029168: fonts-urw-base35: Apache pdfbox cannot load fonts. Complains "Start marker missing"
having looked at one of those .t1 files now, i see that it is indeed a new file format. the plrm notes that eexec can handle either hex or binary data transparently, and that is the only difference from traditional pfa i can see. so they saved some disk size and some memory pressure compared to pfa. it should be possible these days to embed those files as is into a postscript file, given that transmission is likely to be over ip or usb. (unlike, say, rs232 with xon/xoff.) software which expects pfa or pfb should learn to hadle these, too. freetype has no problem with them. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#1029168: fonts-urw-base35: Apache pdfbox cannot load fonts. Complains "Start marker missing"
>>>>> "f" == fabian writes: f> NB: The file command reveals some subtle differences between both f> formats that pdfbox probably isn't aware of: f> $ file * f> NimbusRoman-BoldItalic.t1: PostScript Type 1 font text f> (NimbusRoman-BoldItalic 1.00) f> n022004l.pfb: PostScript Type 1 font program data f> (NimbusMonL-Bold 1.06) that eans that those t1 files are pfa rather than pfb. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#1020244: fonts-urw-base35: A monospaced font shouldn't have ligatures
as a side note (i can't see the proposed patch, so ignore this if the patch does this already), but do be sure not to remove the lig glyphs from the fonts, but rather just any gsub (or the like) features which replace char sequences with the ligs. ie, anything which replaces f i with fi, etc, should go, but the fi glyph, the mapping from U+FB01 to that glyph, and so on for the others, should all remain. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#1009143: plocate: Similar issue here
oh. is that all it is. ... so the reporter's issue is certainly different. SG> This was fixed in plocate 1.1.12. ... Which version are you running? as i mentioned the sbc has buster, so: ii plocate1.1.8-2~bpo10+1 armhfmuch faster locate -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#900028: closed by Michael Tokarev (Re: unbound: Fails to start)
closing the report like that makes no sense whatsoever. unbound as installed did not work. at all. blowing off that report is incomprehensible. the bug looks to have been fixed since then, though, so closing as fixed would have been reasonable. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#1009143: plocate: Similar issue here
>>>>> "SG" == Steinar H Gunderson writes: SG> If so, I don't understand why running updatedb manually doesn't do anything. SG> Perhaps there are multiple issues in play on the same bug number. *perhaps* he gets something similar to what i see on one arm32 buster sbc: updatedb exits complaining that $CWD is a directory. (cf below :) i've not had a chance to debug that beyond trying --debug-pruning and trying it from a variety of current directories and uids, all w/o benefit. the strace output ends with: openat(AT_FDCWD, "/var/lib/plocate/", O_WRONLY|O_LARGEFILE|O_TMPFILE, 0640) = -1 EISDIR (Is a directory) i've only seen it on arm32 buster, though. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#1003653: Revision of removal of rename.ul from package util-linux
from a user pov, i'd hate not to have the perl renae at /usr/bin/rename. i've been using it since the early '90s and its re support is essetial. i very uch doubt i'm alone in that. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#997835: you could add powerdns init script
the pdns init script from the-last-stable-which-had-one (either squeeze or buster) works fine on sid. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#994275: Reverting breaking changes in debianutils
>>>>> "CA" == Clint Adams writes: CA> However, I don't think that this is reasonable for tempfile(1) unless CA> someone is actually willing to package and maintain a tempfile(1). just saw this.. i got hit by the removal of tepfile(1); pv-grub-menu uses it in its postint script and its removal started blocking my apt upgrades. i had to copy tempfile over from a virt stuck on an older deb to get around it. (cf https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996101) it would be useful to ensure no packages rely on something before removing it... -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#996101: pv-grub-menu: uses tempfile(1) which is now gone from debianutils
Package: pv-grub-menu Version: 1.3+nmu1 Severity: important line 131 calls $(tempfile), but debianutils has dropped /bin/tempfile. -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-6-amd64 (SMP w/1 CPU thread) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages pv-grub-menu depends on: ii grub-common 2.04-20 pv-grub-menu recommends no packages. pv-grub-menu suggests no packages. -- no debconf information
Bug#966671: coturn is marked for autoremoval from testing
removing the -v (or --verbose) flag from /etc/init.d/coturn fixed this for me. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#956207: opendmarc remain in foreground, ie fails to daemonize
>>>>> "DB" == David Bürgin writes: DB> The -f flag suppresses backgrounding, omit the flag to run opendmarc in DB> the background. Again, I don’t see any changes since the last version DB> that would affect this, it continues to work as before for me. support for -f is entirely irrelevant. everything worked fine and now it does not. something obviously changed. DB> Your report is very terse, blamethe latest stroke for that; one handed typing is SLOW! and it seems typo-prone. :( DB> perhaps there is some frustration. But we DB> need a complete problem description and reproduction steps to find out DB> what the problem is. If you have a non-standard setup, have a look at DB> the changelog to see if there is anything else that might have an DB> impact. i gavea complete descripyion. dpkg and thus apt now hang after trying to restart opendmarc (and now also opendkim) because start-stop-daemon never returns. but backgrounding s-s-d with a & in the init script gets past that. stop and the config test work ok; only start hangs due to foregroung instead of background. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#956207: opendmarc remain in foreground, ie fails to daemonize
>>>>> "DB" == David Bürgin writes: DB> Daemonization is controlled with the ‘-f’ command-line option or the DB> ‘Background’ parameter in the configuration file. Nothing has changed in DB> this area since the last version, so not sure what the problem is. then either -f stoppped working or the init script got broken. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#956207: opendmarc remain in foreground, ie fails to daemonize
Package: opendmarc Version: 1.4.0~beta1+dfsg-1 Severity: normal leddaemoization renders the packae unusable. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages opendmarc depends on: ii adduser3.118 ii dbconfig-mysql 2.0.13 ii debconf [debconf-2.0] 1.5.73 ii init-system-helpers1.57 ii libbsd00.10.0-1 ii libc6 2.30-4 ii libmilter1.0.1 8.15.2-18 ii libopendmarc2 1.4.0~beta1+dfsg-1 ii lsb-base 11.1.0 ii publicsuffix 20200201.2258-1 Versions of packages opendmarc recommends: ii libdbd-mysql-perl 4.050-3 ii libdbi-perl 1.643-1 ii libhttp-message-perl 6.22-1 ii libopendbx1 1.4.6-14 pn libopendbx1-mysql ii libswitch-perl2.17-2 ii perl 5.30.0-9 Versions of packages opendmarc suggests: ii libmime-tools-perl 5.509-1 ii libxml-simple-perl 2.25-1 ii python 2.7.17-2 pn python-mysqldb -- Configuration Files: /etc/opendmarc.conf changed [not included] -- debconf information excluded
Bug#941663: openssh-server: fatal: privsep_preauth: preauth child terminated by signal 31
Using ed25519 keys (host and client) should work around this issue. -JimC -- James Cloos OpenPGP: 0x997A9F17ED7DAEA6
Bug#921538: Fails to start since upgrade to 1.9.0-1
Package: unbound Followup-For: Bug #921538 I found the that problem is that 1.9.0-1 does a chroot("/etc/unbound") even though there is no chroot option in the config files. Once that occurs, it cannot see files like /var/lib/unbound/root.key et alia. -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.15.0-2-amd64 (SMP w/1 CPU core) Kernel taint flags: TAINT_WARN Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages unbound depends on: ii adduser 3.118 ii dns-root-data 2018091102 ii libc6 2.28-6 ii libevent-2.1-6 2.1.8-stable-4 ii libfstrm0 0.4.0-1 ii libprotobuf-c1 1.3.1-1+b1 ii libpython3.73.7.2-2 ii libssl1.1 1.1.1a-1 ii libsystemd0 240-5 ii lsb-base10.2018112800 ii openssl 1.1.1a-1 ii unbound-anchor 1.8.1-1+b1 unbound recommends no packages. Versions of packages unbound suggests: pn apparmor -- no debconf information
Bug#919277: postinst failed on the recent upgrade because it required update-inetd
Package: uucp Version: 1.07-25 Severity: important The lastest apt upgrade failed to complete because uucp's postinst died due to the lack of update-inetd. But update-inetd is not installed (and is useless anyway) when xinetd is. Postinst should try to run update-inetd only after confirming that it exists. I expect many uucp users, like me, only use it over secsh and do not want any inetd involvement at all. update-inetd should be a suggested, not required. And only ever run iff test -e succeeds. -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-2-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages uucp depends on: ii bsd-mailx [mailx] 8.1.2-0.20180807cvs-1 ii cron [cron-daemon] 3.0pl1-130 ii cu 1.07-25 ii libc6 2.28-4 ii libpam-runtime 1.1.8-4 ii libpam0g 1.1.8-4 ii netbase5.5 ii xinetd [inet-superserver] 1:2.3.15.3-1 Versions of packages uucp recommends: ii logrotate 3.14.0-4 ii postfix3.3.2-1 uucp suggests no packages. -- Configuration Files: /etc/uucp/expire changed [not included] /etc/uucp/port changed [not included] -- no debconf information
Bug#908839: Some of my stretch ssh clients can no longer negotiate chacha20-poly1305
Package: openssh-client Version: 1:7.6p1-2 Severity: important File: openssh This is not the machine which shows this error; I was unable to install reportbug there due to: reportbug : Depends: python3-reportbug (= 7.1.7+deb9u2) but it is not going to be installed On that other machine, any mention of chacha20-poly1...@openssh.com in the Ciphers list before an alg which both sides support prevents cipher negotiation. Other stretch machines work fine (including this one, which already had reportbug installed). The other machine is also on 1:7.6p1-2, and is configured very similarly. One interesting thing from -vv output, is that it ends with: Unable to negotiate with IP.ADD.RE.SS port NUM: no matching cipher found. Their offer: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.comssh.com,aes256-...@openssh.com Note the aes256-...@openssh.comssh.com in there. -- System Information: Debian Release: stretch APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-042stab127.2 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages openssh-client depends on: ii adduser 3.116 ii dpkg 1.19.0.5 ii libc6 2.25-6 ii libedit2 3.1-20170329-1 ii libgssapi-krb5-2 1.15.2-2 ii libselinux1 2.7-2 ii libssl1.0.2 1.0.2n-1 ii passwd1:4.5-1 ii zlib1g1:1.2.8.dfsg-5 Versions of packages openssh-client recommends: pn xauth Versions of packages openssh-client suggests: pn keychain pn libpam-ssh pn monkeysphere pn ssh-askpass -- no debconf information
Bug#900028: Acknowledgement (unbound: Fails to start)
I tried running it with strace(8) and got this: sendto(9, "<29>May 24 20:17:10 unbound: [10"..., 70, MSG_NOSIGNAL, NULL, 0) = 70 getpid()= 10144 getpid()= 10144 getrandom(0x7fff9321c450, 40, 0)= -1 ENOSYS (Function not implemented) rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], [], 8) = 0 getpid()= 10144 gettid()= 10144 tgkill(10144, 10144, SIGKILL) = ? +++ killed by SIGKILL +++ If the lack of getrandom(2) is killing it, that is a grave bug. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#828475: openssh: Please migrate to openssl1.1 in Buster
>>>>> Moritz Muehlenhoff <j...@debian.org> writes: > This is clearly not ideal, Many would argue that it is ideal. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#893332: ghostscript: Ghostscript cannot find Resource directory
It makes little sense that a symlink fails. Except that deb's /usr/share/ghostscript/9.22/ has a relative symlink: iccprofiles -> ../../color/icc/ghostscript/ so you'd need also to fix that symlink to be absolute: iccprofiles -> /usr/share/color/icc/ghostscript/ The other symlink in the /usr/share/ghostscript tree is absolute. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#888183: libc6: Breaks openvz virtuals again
>>>>> "AJ" == Aurelien Jarno <aurel...@aurel32.net> writes: AJ> No, that simply doesn't scale. Other packages than the one in src:glibc AJ> depends on libc6 >= 2.26, and more and more are going to pick up this AJ> dependency in the next months. They might also be unpacked before libc6 AJ> preinst is ran. We can't add this check in every package. Then re-direct this to apt. There needs then to be a way to mark the deb that it *must* be installed first, before anything which depends on it. Not just "at the same time", but *before*. And then add that notation to the glibc debs. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#888183: libc6: Breaks openvz virtuals again
AJ> Do you have a list of other packages from the glibc src that are AJ> upgraded before? The following packages have unmet dependencies: libc-dev-bin : Depends: libc6 (> 2.26) but 2.25-6 is installed libc6-dev : Depends: libc6 (= 2.26-4) but 2.25-6 is installed libc6-i386 : Depends: libc6 (= 2.26-4) but 2.25-6 is installed libc6-pic : Depends: libc6 (= 2.26-4) but 2.25-6 is installed libc6-x32 : Depends: libc6 (= 2.26-4) but 2.25-6 is installed locales : Depends: libc-bin (> 2.26) but 2.25-6 is installed nscd : Depends: libc6 (> 2.26) but 2.25-6 is installed And on another box: The following packages have unmet dependencies: libc-dev-bin : Depends: libc6 (> 2.26) but 2.25-6 is installed libc6-dev : Depends: libc6 (= 2.26-2) but 2.25-6 is installed libnih1 : Depends: libc6 (> 2.26) but 2.25-6 is installed locales : Depends: libc-bin (> 2.26) And a third: The following packages have unmet dependencies: libc-dev-bin : Depends: libc6 (> 2.26) but 2.25-6 is installed libc6-dev : Depends: libc6 (= 2.26-4) but 2.25-6 is installed locales : Depends: libc-bin (> 2.26) but 2.25-6 is installed Those are after one previous attempt at --fix-broken. AJ> In any case it's not something we can control, the abort is done AJ> inside the libc6 preinst, there is no way the libc6 package can AJ> do that earlier. Of course it is. Just make every deb from the glibc src do that abort. Idealy, w/ a warning on how to hold them so that the rest of the upgradable packages can do so. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#888183: libc6: Breaks openvz virtuals again
>>>>> "AJ" == Aurelien Jarno <aurel...@aurel32.net> writes: AJ> It's exactly what the message does. It stopped the upgrade and prevented AJ> libc6 to be unpacked. That way your system is still usable. But that is NOT what the message does. The other debs from the glibc source are already upgraded and now everything breaks. The dialog has to occur before *any* of the debs from the glibc src are upgraded. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#888183: libc6: Breaks openvz virtuals again
>>>>> "AJ" == Aurelien Jarno <aurel...@aurel32.net> writes: AJ> This is perfectly normal that you do no get a dialog asking wether you AJ> want to upgrade libc6, as your kernel is too old for that. Not it is not normal. It still should have given that dialog so that I could skip libc and its fellows and upgrade what would have worked. AJ> 2.6.32 kernels are not supported anymore, you need at least a 3.2 kernel AJ> to run buster. Which is a bug. AJ> I'll add an entry to NEWS so that people get warned *before* trying to AJ> upgrade. *How* will they see it first? I only see package news after I upgrade, thanks to listchanges. AJ> You can use http://snapshot.debian.org/ to properly downgrade to the AJ> version prior to migration of glibc 2.26 to testing, which happened on AJ> 2018-01-12. Taking a bit of margin, that gives you: AJ> deb http://snapshot.debian.org/archive/debian/20180110T00Z/ buster main After running: echo 'Acquire::Check-Valid-Until "false";' >/etc/apt/apt.conf.d/98expires my update script almost worked with that. I still needed --fix-broken install. And a subsequent switch to stretch, even with dist-upgrade, didn't switch anything over to the stretch packages. Except of course on the 3 machines which report: apt: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.25' not found (required by /lib/x86_64-linux-gnu/libudev.so.1) I had to grab this and install it with dpkg to get apt working again on those (after a *lot* of earlier attempts): http://snapshot.debian.org/archive/debian/20180109T213416Z/pool/main/s/systemd/libudev1_232-25%2Bdeb9u1_amd64.deb -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#887628: [Pkg-roundcube-maintainers] Bug#887628: Acknowledgement (roundcube: Unsupported database driver with sqlite3 after dist-upgrade or install on stretch)
>>>>> "RL" == Robert Lister <r...@lentil.org> writes: RL> reinstalling still produces a non-working roundcube install though. [writing as just another rc user] IIRC, roundcube upstream removed sqlite support. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#875423: [Pkg-openssl-devel] Bug#875423: openssl: Please re-enable TLS 1.0 and TLS 1.1 (at least in testing)
>>>>> "KR" == Kurt Roeckx <k...@roeckx.be> writes: KR> On Mon, Sep 11, 2017 at 11:33:22AM +0200, Raphaël Hertzog wrote: >> Or at least I would like a system-wide flag (in a configuration file?) to >> let me re-enable old protocols easily. KR> It was my understanding that other people also prefered to do this KR> on a per package level and not system wide. But the other way round. Openssl should by default support >= 1.0, and the individual packages should be the ones to limit it to 1.2 or later. That limit should be run-time and the config files which do it should have comments explaining exactly how to undo it. And packages like MTAs and web servers should have those configs commented out so that they work by default with 1.0+. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#871987: openssl breaks dovecot
>>>>> "CC" == Carlos Carvalho <car...@fisica.ufpr.br> writes: CC> Reverting the upgrade is messy (I run unstable). I tried to compile the CC> packages removing the disable-tls1 disable-tls1_1 in CONFARGS but the build CC> failed in the tests with You can grab the deb files for version 1.1.0f-3 of openssl, libssl1.1, libssl-dev and libssl-doc from any debian mirror. Eg, files like: http://ftp-nyc.osuosl.org/debian/pool/main/o/openssl/libssl-dev_1.1.0f-3_amd64.deb and use dpkg to install them. Then run: :; apt-mark hold openssl libssl1.1 libssl-dev libssl-doc to prevent them from upgrading past 1.1.0f-3. I had to do that on my MXs, main web site and outgoing smtp machines. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#803089: This affects emacs25, too, and should remain open
This should be reassigned from emacs24 to emacs25. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#870226: curvedns’s max tcp buffer of 8192 is too small
Package: curvedns Version: 0.87-3 Severity: normal Testing out curvedns, I discovered that a dnssec any query for the apex of my primary zone failed to send anything. It turns out that with a rsa 1k zsk a reasonably long spf txt rr and the ns and mx names in the zone (thus including their a and rrs in the additional secion) the reply grows past 8192 octets. global_ip_tcp_buffersize in curvedns’ io.c needs to be larger. 16384 is likely enough. (10k would be enough for my zone, even with the ns names switched to dnscurve style names). This is also reported as: https://github.com/curvedns/curvedns/issues/4 but a debian-specific patch increasing global_ip_tcp_buffersize would be welcome. The patch is just: diff --git a/ip.c b/ip.c index 664377b..c3b4493 100644 --- a/ip.c +++ b/ip.c @@ -45,7 +45,7 @@ int global_ip_sockets_count = 0; ev_tstamp global_ip_internal_timeout = 1.2; ev_tstamp global_ip_tcp_external_timeout = 60.0; intglobal_ip_tcp_max_number_connections = 25; -size_t global_ip_tcp_buffersize = 8192; +size_t global_ip_tcp_buffersize = 16384; size_t global_ip_udp_buffersize = 4096; uint8_tglobal_ip_udp_retries = 2; anysin_t global_target_address; -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.5.0-2-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages curvedns depends on: ii adduser 3.115 ii init-system-helpers 1.49 ii libc62.24-12 ii libev4 1:4.22-1+b1 ii libsodium18 1.0.13-1 ii lsb-base 9.20161125 curvedns recommends no packages. curvedns suggests no packages. -- Configuration Files: /etc/default/curvedns changed [not included] -- no debconf information
Bug#868270: Upgrade from kama 4 to kama 5 fails
Package: kamailio Version: 4.4.4-3+b1 Severity: important Trying to upgrade kamailio with apt dist-upgrade failed. The kama packages which were installed are: The following packages will be upgraded: kamailio (4.4.4-3+b1 => 5.0.2-1) kamailio-geoip-modules (4.4.4-3+b1 => 5.0.2-1) kamailio-json-modules (4.4.4-3+b1 => 5.0.2-1) kamailio-outbound-modules (4.4.4-3+b1 => 5.0.2-1) kamailio-perl-modules (4.4.4-3+b1 => 5.0.2-1) kamailio-postgres-modules (4.4.4-3+b1 => 5.0.2-1) kamailio-tls-modules (4.4.4-3+b1 => 5.0.2-1) kamailio-utils-modules (4.4.4-3+b1 => 5.0.2-1) kamailio-websocket-modules (4.4.4-3+b1 => 5.0.2-1) kamailio-xmpp-modules (4.4.4-3+b1 => 5.0.2-1) And these are the errors dpkg reported: Unpacking kamailio-perl-modules:amd64 (5.0.2-1) over (4.4.4-3+b1) ... dpkg: error processing archive /tmp/apt-dpkg-install-mhUp00/03-kamailio-perl-modules_5.0.2-1_amd64.deb (--unpack): trying to overwrite '/usr/lib/kamailio/libsrdb1.so.1.0', which is also in package kamailio-utils-modules:amd64 5.0.2-1 dpkg-deb: error: subprocess paste was killed by signal (Broken pipe) Unpacking kamailio-postgres-modules:amd64 (5.0.2-1) over (4.4.4-3+b1) ... dpkg: error processing archive /tmp/apt-dpkg-install-mhUp00/09-kamailio-postgres-modules_5.0.2-1_amd64.deb (--unpack): trying to overwrite '/usr/lib/kamailio/libsrdb1.so.1.0', which is also in package kamailio-utils-modules:amd64 5.0.2-1 dpkg-deb: error: subprocess paste was killed by signal (Broken pipe) dpkg: error processing archive /tmp/apt-dpkg-install-mhUp00/11-kamailio_5.0.2-1_amd64.deb (--unpack): trying to overwrite '/usr/lib/kamailio/libsrdb1.so.1.0', which is also in package kamailio-utils-modules:amd64 5.0.2-1 dpkg-deb: error: subprocess paste was killed by signal (Broken pipe) Kamailio not yet configured. Edit /etc/default/kamailio first. ... failed! Errors were encountered while processing: /tmp/apt-dpkg-install-mhUp00/03-kamailio-perl-modules_5.0.2-1_amd64.deb /tmp/apt-dpkg-install-mhUp00/09-kamailio-postgres-modules_5.0.2-1_amd64.deb /tmp/apt-dpkg-install-mhUp00/11-kamailio_5.0.2-1_amd64.deb E: Sub-process /usr/bin/dpkg returned an error code (1) -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages kamailio depends on: ii adduser 3.115 ii init-system-helpers 1.48 ii libc62.24-12 ii libncurses5 6.0+20170708-1 ii libpcre3 2:8.39-3 ii libreadline7 7.0-3 ii libtinfo56.0+20170708-1 ii lsb-base 9.20161125 ii python 2.7.13-2 kamailio recommends no packages. Versions of packages kamailio suggests: pn kamailio-berkeley-modules pn kamailio-carrierroute-modules pn kamailio-cpl-modules pn kamailio-ldap-modules pn kamailio-lua-modules pn kamailio-mono-modules pn kamailio-mysql-modules ii kamailio-perl-modules 4.4.4-3+b1 ii kamailio-postgres-modules 4.4.4-3+b1 pn kamailio-presence-modules pn kamailio-python-modules pn kamailio-radius-modules pn kamailio-redis-modules pn kamailio-snmpstats-modules pn kamailio-unixodbc-modules pn kamailio-xml-modules iu kamailio-xmpp-modules 5.0.2-1 pn stun-server | turn-server -- Configuration Files: /etc/kamailio/kamailio.cfg [Errno 2] No such file or directory: '/etc/kamailio/kamailio.cfg' -- no debconf information
Bug#865561: [Pkg-dns-devel] Bug#865561: closed by Christian Hofstaedtler <z...@debian.org> (Re: Bug#865561: pdns_server does not start after upgrade to stretch)
>>>>> "OS" == Ondřej Surý <ond...@sury.org> writes: OS> (e.g it is recommended to have bind plugin installed under common OS> conditions). Why is it recommended, though? I suspect most use pdns for db backends. All of the backends should be suggested, not recommended. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#855427: quicktun: Does not work
Theonly other issue is that the web site claims that REMOTE_PORT defaults to LOCAL_PORT. When specifying ports in interfaces with qt_local_port and qt_remote_port, remote does not default to local. The readme should detail all of the qt_ options and their (actual) defaults. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#855606: sqrt() regression on powerpc/jessie
>>>>> Christoph Berg <m...@debian.org> writes: > Jessie: 0X1.C48C6001F0ABFP+3 > Sid:0X1.C48C6001F0ACP+3 Looking tat the code glibc switched from fsqrt to a software version, resulting in the ulp difference. I see on pgsql-hackers, though, that glibc has enabled fma and as a result that difference is avoided. So jessie's libc6 on ppc32 needs to include the fma patch or switch back to using fsqrt. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#855427: quicktun: Does not work
The upstream web site recommended using qt_private_key_file in interfaces. Your readme instead recommends qt_private_key. Switching to qt_private_key helped. But there is still the problem that only one tunnel can be used at a time. It would help were the readme to include mention that in order to run multiple tunnels each has to specify a differnt port number for the udp traffic. I had to strace ifup(8) to notice that. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#855606: sqrt() regression on powerpc/jessie
It may be a bit more informative to add: printf("0X %A\n", r); to that main() to see exactly what is different between the two. The only ppc I have access to are those in the gcc farm and those (the online ones anyway) only run fedora and aix, so I cannot test it myself. Except that everything else reports: 0X 0X1.C48C6001F0ACP+3 -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#855653: libreswan: /etc/init.d/ipsec is missing
[A wrong version of this email might have gone out; please ignore it in favour of this version. -JimC] The missing file is based on: libreswan/initsystems/sysvinit/init.debian.in -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#855653: libreswan: /etc/init.d/ipsec is missing
The missing file is based on: libreswan/initsystems/sysvinit/ipsec.init.in -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#855427: quicktun: Does not work
I'll try again once the new version makes it though. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#849211: Acknowledgement (Installing gives multiple errors)
And on another box I get: Can't locate JSON.pm in @INC And then: Can't locate Geo/IP.pm in @INC After adding those perl packages apt-get hangs again. The postinst script needs to avoid hanging. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#849211: Installing gives multiple errors
Package: mtpolicyd Version: 2.02-1 Severity: important On one mx I got: insserv: warning: script 'opendkim.service' missing LSB tags and overrides Starting postfix policy server: mtpolicydcould not initialize plugin greylist: install_driver(SQLite) failed: Can't locate DBD/SQLite.pm in @INC (you may need to install the DBD::SQLite module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.24.1 /usr/local/share/perl/5.24.1 /usr/lib/x86_64-linux-gnu/perl5/5.24 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at (eval 460) line 3. Perhaps the DBD::SQLite perl module hasn't been fully installed, or perhaps the capitalisation of 'SQLite' isn't right. Available drivers: CSV, DBM, ExampleP, File, Gofer, Pg, Proxy, Sponge. at /usr/share/perl5/Mail/MtPolicyd/Connection/Sql.pm line 27. failed! invoke-rc.d: initscript mtpolicyd, action "start" failed. dpkg: error processing package mtpolicyd (--configure): subprocess installed post-installation script returned error exit status 2 Errors were encountered while processing: mtpolicyd E: Sub-process /usr/bin/dpkg returned an error code (1) On another I got: Starting postfix policy server: mtpolicydArgument "0.33_01" isn't numeric in numeric lt (<) at /usr/share/perl5/Net/Server/Log/Sys/Syslog.pm line 42. . and it hung. I had to kill(1) the apt-get process from another terminal. Manually stopping and starting via the init.d script gives: Argument "0.33_01" isn't numeric in numeric lt (<) at /usr/share/perl5/Net/Server/Log/Sys/Syslog.pm line 42. So, at the very least it should depend on libdbd-sqlite3-perl. I haven’t figured out where the 0.33_01 comes from. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages mtpolicyd depends on: ii adduser3.115 ii libcache-memcached-perl1.30-1 ii libconfig-general-perl 2.63-1 ii libdbi-perl1.636-1+b1 ii libmail-rbl-perl 1.10-1 ii libmoose-perl 2.1806-1 ii libmoosex-getopt-perl 0.71-1 ii libmoosex-role-parameterized-perl 1.09-1 ii libmoosex-singleton-perl 0.29-1 ii libnamespace-autoclean-perl0.28-1 ii libtie-ixhash-perl 1.23-2 ii lsb-base 9.20161125 ii perl 5.24.1~rc4-1 Versions of packages mtpolicyd recommends: pn libdbd-sqlite3-perl ii libgeo-ip-perl1.50-1+b1 ii libjson-perl 2.90-1 ii libmail-spf-perl 2.9.0-4 ii libnet-ldap-perl 1:0.6500+dfsg-1 ii libnet-server-perl2.008-3 pn libtime-piece-mysql-perl mtpolicyd suggests no packages. -- no debconf information
Bug#831448: gitlab: fails to install database
>>>>> "CB" == Christoph Berg <m...@debian.org> writes: CB> cloos: Was your system configured with "en_US" when you installed CB> postgresql? reportbug now reports your locale to be "en_US.UTF-8". I use: LANG=en_US.UTF-8 LC_COLLATE=C LC_CTYPE=en_US.UTF-8 LC_TIME=C and my deb systems also add LANGUAGE=en_US:en when I ssh in. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#832136: dnsdist is missing an init.d script
Package: dnsdist Version: 1.0.0-2 Severity: normal There is no /etc/init.d/dnsdist and /etc/default/dnsdist files in the package. Packages are not supposed only to support that systemd crud. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages dnsdist depends on: ii init-system-helpers 1.36 ii libc62.23-1 ii libedit2 3.1-20150325-1+b1 ii libgcc1 1:6.1.1-8 ii liblua5.2-0 5.2.4-1 ii libsodium18 1.0.10-1 ii libstdc++6 6.1.1-8 ii libtinfo56.0+20160319-2+b1 dnsdist recommends no packages. dnsdist suggests no packages. -- no debconf information
Bug#831741: [Pkg-dns-devel] Bug#831741: pdns-backend-pgsql: new pdns spams postgres log until disk fills up
>>>>> "CH" == Christian Hofstaedtler <z...@debian.org> writes: CH> Do you possibly have some powerdns logs with that? It's odd that CH> these (empty) statements get deallocated hundreds of times per CH> second. AXFRs were occurring at the time. (My pdns is a hidden master, so most of its traffic is ?xfr.) Also, I've had to significantly increase pg's max_connections for pdns4. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#820721: won't install
Package: letsencrypt Severity: grave On several sid systems I get this: :; apt-get install letsencrypt Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: letsencrypt : Depends: python-letsencrypt (= 0.4.1-1) but it is not going to be installed E: Unable to correct problems, you have held broken packages. :; apt-get install letsencrypt python-letsencrypt Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: python-letsencrypt : Depends: python-acme (>= 0.4.1) but it is not going to be installed E: Unable to correct problems, you have held broken packages. :; apt-get install letsencrypt python-letsencrypt python-acme Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: python-acme : Breaks: python-letsencrypt (< 0.5.0) but 0.4.1-1 is to be installed E: Unable to correct problems, you have held broken packages. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init)
Bug#819107: letsencrypt: Wrong file permissions on private key
Matching debian's existing practice of using the ssl-cert group is the right thing to do here. The keys should have something like 640 perms and root:ssl-cert ownership. (root until the package works as a non-root user, but still chgrp ssl-cert if the user running it is root or in that group.) -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#815622: [sigh]
I forgot to remove this from the postqueue before getting the upgade to 3.0.4; I didn't see any other reports of it when I first wrote it, but of course it couldn't get out until postfix worked.. Sorry for the bandwidth waste. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#815622: Postfix fails to start after apt-get upgrade
Package: postfix Version: 3.0.3-1 Severity: important After running apt-get upgrade, postfix fails to start due to this: postmulti: fatal: instance /etc/postfix, shlib_directory=/usr/lib/postfix conflicts with instance /etc/postfix, daemon_directory=/usr/lib/postfix Neither shlib_directory nor daemon_directory are mentioned in my /etc/postfix, and I had not been using multi at all on this box. If the new init script cannot handle having shlib_directory and daemon_directory be identical, the defaults should not have them identical. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages postfix depends on: ii adduser3.113+nmu3 ii cpio 2.11+dfsg-5 ii debconf [debconf-2.0] 1.5.58 ii dpkg 1.18.4 ii libc6 2.21-9 ii libdb5.3 5.3.28-11 ii libicu55 55.1-7 ii libsasl2-2 2.1.26.dfsg1-14+b1 ii libsqlite3-0 3.11.0-1 ii libssl1.0.21.0.2f-2 ii lsb-base 9.20160110 ii netbase5.3 ii ssl-cert 1.0.37 Versions of packages postfix recommends: ii python3 3.5.1-1 Versions of packages postfix suggests: ii bsd-mailx [mail-reader]8.1.2-0.20160123cvs-2 pn dovecot-common ii emacs24-nox [mail-reader] 24.5+1-6+b1 ii libsasl2-modules 2.1.26.dfsg1-14+b1 ii mutt [mail-reader] 1.5.24-1+b1 ii postfix-cdb3.0.3-1 ii postfix-doc3.0.3-1 pn postfix-ldap pn postfix-mysql ii postfix-pcre 3.0.3-1 ii postfix-pgsql 3.0.3-1 ii procmail 3.22-25 pn resolvconf ii s-nail [mail-reader] 14.8.6-1 pn sasl2-bin pn ufw -- debconf information: postfix/sqlite_warning: postfix/protocols: all postfix/relayhost: postfix/procmail: true postfix/mynetworks: 127.0.0.0/8 [::1]/128 postfix/root_address: postfix/tlsmgr_upgrade_warning: postfix/mailbox_limit: 0 postfix/recipient_delim: + * postfix/main_mailer_type: Internet Site postfix/mydomain_warning: postfix/bad_recipient_delimiter: postfix/destinations: globe.jhcloos.com, localhost.jhcloos.com, localhost postfix/not_configured: postfix/kernel_version_warning: postfix/retry_upgrade_warning: * postfix/mailname: globe.jhcloos.com postfix/rfc1035_violation: false postfix/chattr: false postfix/relay_restrictions_warning:
Bug#815047: postfix: Postfix fails to start after upgrade
How about using: shlib_directory=/usr/lib/postfix/lib daemon_directory=/usr/lib/postfix/daemons Or both sinngular or both plural? If you feel the need to patch postfix to allow the two directories to continue to coexist, please pushd out a temp update which uses two directories until the patch can be written and tested. A quick change like the above Adding the above to lines to /etc/postfix/main.cf mostly worked. It started, but is complaing about my proxy:pgsql: lines, so either the syntax for those changed or something more is wrong -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#804596: pdns-server: New version fails to sign axfrs
>>>>> "PvD" == Peter van Dijk <peter.van.d...@powerdns.com> writes: >> So it looks like running check-all-zones changed something. PvD> That doesn’t make any sense :( check-all-zones is a readonly PvD> operation. That is what I had previously presumed but something changed. I only changed two of the zones based on the check-all-zones output and that allowed all of the zones to *start* working again. Perhaps the issue then is that the geoip backend changed its name and thus failed to upgrade with the server and the pg backend. Although my config didn't load the geo backend... I noticed when I grabbed the old debs from the pool that the package name changed from pdns-backend-geo to pdns-backend-geoip. After Christian's first reply I manually removed the geo backend, fixed the couple of errors reported by check (a couple of duplicate CNAME records and an OPENPGPKEY records in raw syntax from when I was trying to add support back before the stroke). After those changes all of the zones worked again. Before them none of the zones worked. Non AXFR requests worked, though. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#804596: pdns-server: New version fails to sign axfrs
>>>>> "PvD" == Peter van Dijk <peter.van.d...@powerdns.com> writes: PvD> geo did not change its name - geoip is a different backend. Sorry for forgetting that. I now recall that again. So I should have written about the one backend replacing the other, and as such apt left the old one there. The geoip deb needs to have an annotation that it replaces the geo deb given that there is no 3.4.7 deb for geo. That should have been done when 3.4.6-3 was uploaded, based on the files currently in pool. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#804596: pdns-server: New version fails to sign axfrs
>>>>> "CH" == Christian Hofstaedtler <z...@debian.org> writes: CH> Could you please check if completely installing those packages makes CH> the error go away? I removedf the geodns backend -- wasn't using it anyway -- and re-upgraded the two remaining packages (server and pgsql backend). The error remains. Using dpkg to downgrade back to: pdns-server_3.4.6-3+b1_amd64.deb pdns-backend-pgsql_3.4.6-3+b1_amd64.deb gets things working again. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#804276: kamailio-tls-modules: Incompatible with the new openssl (wants an sslv3 object, which is no longer there).
Daniel posted the fix upstream (including to the 4.3 branch as commit 946e996fed4bed9a62703cdd248777e2c7ab4a89): diff --git a/modules/tls/tls_init.c b/modules/tls/tls_init.c index bd14647..d7f3cef 100644 --- a/modules/tls/tls_init.c +++ b/modules/tls/tls_init.c @@ -344,9 +344,11 @@ static void init_ssl_methods(void) ssl_methods[TLS_USE_SSLv2 - 1] = SSLv2_method(); #endif +#ifndef OPENSSL_NO_SSL3_METHOD ssl_methods[TLS_USE_SSLv3_cli - 1] = SSLv3_client_method(); ssl_methods[TLS_USE_SSLv3_srv - 1] = SSLv3_server_method(); ssl_methods[TLS_USE_SSLv3 - 1] = SSLv3_method(); +#endif ssl_methods[TLS_USE_TLSv1_cli - 1] = TLSv1_client_method(); ssl_methods[TLS_USE_TLSv1_srv - 1] = TLSv1_server_method(); Please upload new debs w/ that patch. Thanks! -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#804596: pdns-server: New version fails to sign axfrs
>>>>> "CH" == Christian Hofstaedtler <z...@debian.org> writes: CH> Upstream suggested to run 'pdnssec check-zone' on any zone that CH> shows this behaviour, as they think that "just failing it" should be CH> covered by their testsuite. That helped. Now only one zone fails (even though only two zones had any errors, and previously all zones failed), and it gives a different error pattern: pdns[25904]: Signing thread died because of std::exception: Reading from socket in Signing Pipe loop: Connection reset by peer but I cannot tell from the log which zone failed. The AXFR which initiated just before that log succeeded. And each of them have the correct (new) SOA values on the secondaries. So it looks like running check-all-zones changed something. Thanks for the quick reply. Given that running check-all-zones seems to have cured things (notwithstanding that one std::exception), I think we can close this (or at least lower its severity) and I'll followup on the upstream mailing list. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#792303: asterisk-modules: new upload has undesireable depends
>>>>> "TC" == Tzafrir Cohen <tzaf...@cohens.org.il> writes: TC> res_rtp_asterisk and the pjsip modules link with pjproject TC> libraries. I guess further symbols diet may be needed. Perhaps pjproject needs a x vs nox split? -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
Bug#748972: libmilter1.0.1: Opendkim and opendmarc milters have allocation leaks; libmilter is common element
AB == Andreas Beckmann a...@debian.org writes: AB Is this still occurring with the libmilter from jessie, stretch, sid, or AB experimental? I.e. version 8.14.4-8 or newer. Yes, sid still shows this. And since the last two updates to opendkim, it crashes daily again. Some days multiple times per day. It hadn't been crashing for a while before that. But the Virt still grows constantly. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#787964:
Issue has already been addressed in an upload I tried to get a bit before the Jessie freeze but forgot about since. IPv6 support is configured through a config_site.h file (see debian/config_site.h). I hope to shortly upload version 2.4. Cool. Thanks. I only noticed it because when using pjsip asterisk would not accept ip6 transports. Looking forward to the updates. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#783946: kamailio: Recompile needed due to sid's openssl uprade.
After some further research, I've discoverred that adding: modparam(tls, tls_force_run, 1) to kamailio.cfg allows kama to start, so the bug probably is a bit less severe than grave. Testing shows that such an addition does allow kam to not only start, but actually use tls. That being said, recomilation still is required. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#751560: opendkim: Please enable DNSSEC by default
SK == Scott Kitterman deb...@kitterman.com writes: SK The package is compiled with and linked against libunbound. I don't have SK DNSSEC, so I can't test this. Reading the documentation, I think you SK additionally have to install unbound (not just the lib) and configure it with a SK trust anchor. I mis-hypothesized the reason for the error I saw. In the 2.7.0 section of RELEASE_NOTES I see: , | Feature request #SF3545658: Replace ResolvConf with Nameservers | and add support for NS list overrides for versions of bind | that have res_setservers(). Also rename UnboundConfigFile | to ResolverConfiguration, and make TrustAnchorFile | generally available. ` And, indeed, using ResolverConfiguration works. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#751560: opendkim: Please enable DNSSEC by default
opendkim could depend on dns-root-data and have: TrustAnchorFile /usr/share/dns/root.key in the default opendkim.conf. I've been using TrustAnchorFile /var/lib/unbound/root.key on my MXs for the longer of: as long as opendkim has supported TrustAnchorFile or as long as I've run opendkim (I cannot remember which came first.) But have had a local verifying unbound on them longer than that. dns-root-data's /usr/share/dns/root.key has the same data (less comments) as unbound-anchor's /var/lib/unbound/root.key. Passing an unbound.conf to opendkim could be used to modify how it resolves and verifies, but isn't required for dnssec support. It should be reasonable to expect the dns-root-data package to be updated whenever a new dnskey or ns records are published for . so depending on that package should be sufficient. [Had fully to wake up and think about it...] -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#782167: libasterisk-agi-perl: Update available, fixes important bugs
Package: libasterisk-agi-perl Version: 1.01-2 Severity: normal http://asterisk.gnuinter.net/asterisk-perl/latest/CHANGES shows that 1.03 is available with important fixes for agi quoting, manager parsing and a few other fixes. The quoting issues with 1.01 have a real impact on useful real-world AGI code. -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.14-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages libasterisk-agi-perl depends on: ii perl 5.20.2-3 libasterisk-agi-perl recommends no packages. libasterisk-agi-perl suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#780797: Package modifying a user-modified config file? [Bug #780797]
I didn't read much of this thread at it occurred; am catching up now. It is absolutely and unquestionably essential that no file in /etc which has *any* local modifications ever be edited on package upgrade w/o the admin's consent. Adding users and groups on install is one thing, editing a locally edited config file during a package upgrade w/o asking for permission, OTOH, is UNacceptable. The normal dialog, with the options for seeing the diff, accepting the maintainers' version, keeping the local version or starting a shell manually to handle it, works fine. The openssh package should use that just like everything else. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#777677: nginx: Please package 1.7 releases
TW == Thomas Ward tew...@dark-net.net writes: TW I can understand the want of the newer features, but there's a bunch of TW changes upstream in 1.7.x, and I don't think we can call it 'stable' TW enough for inclusion. Sid really ought to have the most recent nginx release, but if that is too hard to separate from what testing gets, then the current release should be in experimental. But the current release SHOULD be available somwhere easy to apt-get. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#777677: nginx: Please package 1.7 releases
TW == Thomas Ward tew...@dark-net.net writes: JC But the current release SHOULD be available somwhere easy to apt-get. TW We could create a separate nginx source package, called nginx-mainline, TW that conflicts with the other nginx packages. It would be the mainline TW branch, whereas nginx would be the stable. That also is a perfect solution for those using nginx on debian. There are packages which maintain several branches in the alioth gits. the third party plugins do not all build on 1.7.x as they exist now I, for one, don't mind don't mind some missing 3rd party plugins on mainline. As long as it is well announced, and they get added back as they are forward-ported. But then I do not use -extras. Those who do might prefer otherwise -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773318: clamav dies/hangs
AC == Andreas Cadhalpun andreas.cadhal...@googlemail.com writes: AC You mean it crashed? AC Please provide excerpts of /var/log/clamav/clamav.log and AC /var/log/syslog from around the time of the crashes. Yes, the clamd process quit, so the milter process was rejecting all incoming mail with a 4xx try again reply. In each case the last thing logged to clamav.log before I restarted clamd was just a Reading databases from /var/lib/clamav line. So it looks like it died during a reload, since: Database correctly reloaded did not get logged. AC If you can reproduce the crashes, please install clamav-dbg and use AC gdb to provide a backtrace of the crashes. I removed the clamav-milter call to keep mail flowing; I'll turn it back on on one of them this weekend. After removing the clamav-unofficial-sigs cron job, last night clamd got stuck using all cpu. (800% on the 8-node box.) AC Again, please provide the logs mentioned above. Again there nothing was logged to clamd.log. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#773318: clamav dies/hangs
After removing the clamav-unofficial-sigs cron job, last night clamd got stuck using all cpu. (800% on the 8-node box.) I should add that the looping occurred quickly there after. Even w/ the milter not called, one of the MXs has one clamd thread consuming 100% cpu right now. gdb says: #0 0x7fd0b4791ed0 in ?? () from /usr/lib/x86_64-linux-gnu/libmspack.so.0 #1 0x7fd0b47863ea in ?? () from /usr/lib/x86_64-linux-gnu/libmspack.so.0 #2 0x7fd0b55c1e26 in cli_scanmscab (ctx=0x7fd096dfb6b0, sfx_offset=256) at libmspack.c:384 #3 0x7fd0b5597aa0 in magic_scandesc (ctx=0x7fd096dfb6b0, type=CL_TYPE_ANY) at scanners.c:2703 #4 0x7fd0b5598059 in cli_base_scandesc (desc=12, ctx=0x7fd096dfb6b0, type=CL_TYPE_ANY) at scanners.c:3051 #5 0x7fd0b559bf33 in fileblobScan (fb=0x7fd088003910) at blob.c:641 #6 0x7fd0b559c01d in fileblobScanAndDestroy (fb=fb@entry=0x7fd088003910) at blob.c:399 #7 0x7fd0b55a08db in do_multipart (mainMessage=0x0, messages=optimized out, i=optimized out, rc=0x7fd096dfa35c, mctx=0x7fd096dfa420, messageIn=optimized out, tptr=0x7fd096dfa360, recursion_level=0) at mbox.c:3712 #8 0x7fd0b55a0019 in parseEmailBody (messageIn=0x7fd095df4000, messageIn@entry=0x7fd088004940, textIn=0x100, textIn@entry=0x0, mctx=0x7fd0880047b1, recursion_level=32512, recursion_level@entry=0) at mbox.c:1533 #9 0x7fd0b55a1232 in cli_parse_mbox ( dir=dir@entry=0x7fd088000e50 /tmp/clamav-4b94ddbad0a132b5af6d2f6db3a76e40.tmp, ctx=ctx@entry=0x7fd096dfb6b0) at mbox.c:508 #10 0x7fd0b55a1b1a in cli_mbox ( dir=dir@entry=0x7fd088000e50 /tmp/clamav-4b94ddbad0a132b5af6d2f6db3a76e40.tmp, ctx=ctx@entry=0x7fd096dfb6b0) at mbox.c:309 #11 0x7fd0b5579218 in cli_scanmail (ctx=0x7fd096dfb6b0) at scanners.c:1702 . . . -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#764705: [Pkg-postgresql-public] Bug#764705: Bug#764705: Bug#764705: Bug#764705: Bug#764705: postgresql-9.4: ERROR: The database format changed between beta 2 and 3. Please dump, but how?
CB == Christoph Berg m...@debian.org writes: CB I've now put a nice NEWS message in postgresql-9.4.NEWS, and updated CB the preinst failure message to show a similar message. The text is: Yes, that is a suitable message. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#764705: [Pkg-postgresql-public] Bug#764705: Bug#764705: Bug#764705: Bug#764705: postgresql-9.4: ERROR: The database format changed between beta 2 and 3. Please dump, but how?
This is a rather awkward position for upgraders to be in, as we essentially cannot automate this robustly. Is it really that much of a problem to do something like: su -s /bin/sh -c 'pg_dumpall -c' - postgres /var/tmp/old_pg94.sql pg_dropcluster 9.4 main --stop ... pg_createcluster 9.4 main service postgres start su -s /bin/sh -c 'psql -f /var/tmp/old_pg94.sql template1' - postgres after checking the size of the data directory vs the amount of free disk space, what 9.4 clusters exist, which ports they each use, et cetera, with the upgrade occuring at the ... point? And stop like it currently did if there isn't enough space. I didn't move anything big over to 9.4, just some small stuff I knew I could afford to deal with should a dump/restore be required, but I still had to fuss with one or two of them to get the pattern down. And for one server I even managed to get β3 installed before grabbing a fresh dump from β2, and had to resort to using an old dump (but not so old that I lost anything). I can imagine that it could be quite an ordeal for some users. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#760564: postgresql-9.4: regexp_matches behavior change 9.3 - 9.4
select regexp_matches('gestion/football/ligue-des-champions', '^((?!d{4}-d{1,2}-d{1,2})[^/]+?)(?:/((?!d{4}-d{1,2}-d{1,2})[^/]+?))(?:/((?!d{4}-d{1,2}-d{1,2})[^/]+?))?$', 'g'); Is there a typo in that? I get no matches on 9.3, too. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#755525: graphviz: Upgrade pulls in unnecessary junk
MK == Matthias Klose d...@debian.org writes: MK your wording in your message, junk, unacceptable, eliminated MK is not acceptable. The package is currently maintained by the QA MK team, and can need some help. So instead of shouting, just spend MK some time and send a patch. Thanks for your understanding. Gui libraries are withough question unnessesary junk on a headless server. It is wrong and inappropriate to pretend otherwise. And there was no shouting. Just statements of fact. Dot should not pull in qt. Or gtk. I can take a look into a fix; I don't know how long it'll take. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#756627: postfix-pgsql broken with libpq5 (9.4~beta2-1) now in jessie and sid
postfix with libpq5-9.4~beta2-1 works fine on a sid box, at least when using pf config likes like: relay_recipient_maps = proxy:pgsql:/etc/postfix/recipients.cf This must be specific to jessie or to the non-proxy case. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#755382: ITP: fonts-adobe-sourcehansans-cn -- “Source Han Sans CN” A sans-serif Pan-CJK font family (CN subset) that is offered in seven weights
PW == Paul Wise p...@debian.org writes: * Package name: fonts-adobe-sourcehansans-cn PW Due to the need for Adobe's ADFKO, this will have to go to contrib. PW IIRC ADFKO will become open source at some point and the font could PW move to main then. AFAICT, fontforge has enough capability to convert the format of the files in the git repo into OTF files, at least. Pehaps also combining those into the OTC files. The outlines are in the repo as type0 (collection of type1) format, but again fontforge can edit and save that format just as well as its own sfd format, so onecan argue that it is close enough to preferred src format. So it seems they are already dfsg-free, even without a dfsg-free release of adfko, yes? Or did I miss something which fontforge and/or fonttools cannot yet accomplish? -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#755525: graphviz: Upgrade pulls in unnecessary junk
Package: graphviz Version: 2.26.3-17.1 Severity: normal The new version in sid pulls in 86.0 MB unnecessary junk on headless systems: libaudio2 libcdt5 libcgraph6 libgvc6 libgvpr2 libmng1 libqtcore4 libqtgui4 qtcore4-l10n qt, especially, in unacceptable. The new depends in graphviz must be eliminated. Anything which would require them should be in a separate package. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages graphviz depends on: ii libc6 2.19-7 ii libcdt4 2.26.3-17.1 ii libcgraph5 2.26.3-17.1 ii libexpat1 2.1.0-6 ii libgd3 2.1.0-3+b1 ii libgraph4 2.26.3-17.1 ii libgvc5 2.26.3-17.1 ii libgvpr12.26.3-17.1 ii libx11-62:1.6.2-2 ii libxaw7 2:1.0.12-2 ii libxmu6 2:1.1.2-1 ii libxt6 1:1.1.4-1 Versions of packages graphviz recommends: ii ttf-liberation 1.07.4-1 Versions of packages graphviz suggests: pn graphviz-doc none ii gsfonts 1:8.11+urwcyr1.0.7~pre44-4.2 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#742767: TeX Gyre OpenType and wrongly(?) named glyphs
HH == Hans Hagen pra...@wxs.nl writes: HH if dropping in otf files for type 1 ones is considered a valid HH solution, then poppler should do more checking anyway for the few f HH related ligatures (which makes me wonder why the otf file is used as HH drop-in) Poppler asks fontconfig for a font with whatever name the pdf specifies; it gets back whatever fontconfig provides. (IIRC, it does map the 14 abbreviations like TiRo, Symb, ZaDb, et cetera to the full names before doing the lookup.) For the vast majority of applications, it is better for fontconfig to provide SFNT fonts rather than T1. It is reasonable to expect apps and libs which do only need the glyphs properly to handle that. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#742767: TeX Gyre OpenType and wrongly(?) named glyphs
HH == Hans Hagen pra...@wxs.nl writes: HH As you mention in a previous mail, it's a bug in poppler (or maybe HH some library it uses) that somehow used glyph names. The bug shows up when the pdf file does not embed the font, forcing viewers and renderers to find a substitute font. A patch has at least been proposed for poppler to treat glyph names like /f_i as equivilent to names like /fi, at least for the f-ligs found in the standard pdf font encodings for the base14 fonts. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#753163: gnupg-agent: depends on pinentry-gtk2
The problem may best be fixed by making pinentry-curses the first of the three possible dependencies. Ie: s(pinentry-gtk2 | pinentry-curses | pinentry)(pinentry-curses | pinentry-gtk2 | pinentry) That way non-gui boxen will get pinentry-curses w/o having to install it before upgrading or at the same time as a gnupg2 install. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#752845: recent libnet-dns-perl upgrade has broken policyd-weight.
WD == Werner Detter wer...@aloah-from-hell.de writes: WD I've prepared a new package, please test: WD wget http://www.werner-detter.de/policyd-weight_0.1.15.2-8_all.deb It works. Your patch matches what I tried after sending my last note. It is slow for un-cached senders, but those tend to be more rare than repeat senders. And I'd have to bring up a test box to see whether using the XS version, as it used to, also was slow for un-cached. I guess ship it is the idiom of the day. ;^) -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#752845: recent libnet-dns-perl upgrade has broken policyd-weight.
I see that there is a dn_expand_PP method; perhaps having policyd-weight call that explicitly might work? The dn_expand method in /usr/lib/perl5/Net/DNS/Packet.pm is: sub dn_expand { #FYImy ($packet, $offset) = @_; return dn_expand_XS(@_) if $Net::DNS::HAVE_XS; # warn USING PURE PERL dn_expand()\n; return dn_expand_PP(@_, {} ); # $packet, $offset, anonymous hash } so it should work, albeit slower than it used to. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#752845: policyd-weight: recent libnet-dns-perl upgrade has broken policyd-weight.
Package: policyd-weight Version: 0.1.15.2-7 Severity: grave Justification: renders package unusable Policyd started generating bogus scores. After a restart it generates errors like this: postfix/policyd-weight[26689]: warning: child: err: Undefined subroutine main::dn_expand called at /usr/sbin/policyd-weight line 3590, GEN33 line 26.#012 that results in the mail getting refused. main::dn_expand is from: use Net::DNS::Packet qw(dn_expand); The dn_expand() in /usr/lib/perl5/Net/DNS/Packet.pm is commented out. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages policyd-weight depends on: ii adduser 3.113+nmu3 ii libio-socket-inet6-perl 2.72-1 ii libnet-dns-perl 0.77-3 ii libnet-ip-perl 1.26-1 ii lsb-base 4.1+Debian13 ii perl 5.18.2-4 Versions of packages policyd-weight recommends: ii perl [libsys-syslog-perl] 5.18.2-4 policyd-weight suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#752479: Version 1.0.0 released in April; version 1.0.1 in May
Package: roundcube Version: 0.9.5-4 Severity: normal The changelog from 0.9.5 to 1.0.0 is significant; 1.0.1 fixes even more. Upgrading probably will fix many of the debian bug reports. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.13-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages roundcube depends on: ii roundcube-core 0.9.5-4 roundcube recommends no packages. roundcube suggests no packages. Versions of packages roundcube-core depends on: ii dbconfig-common1.8.47+nmu1 ii debconf [debconf-2.0] 1.5.53 ii libjs-jquery 1.7.2+dfsg-3 ii libmagic1 1:5.19-1 ii php-auth 1.6.4-1 ii php-mail-mime 1.8.8-1 ii php-net-smtp 1.6.1-1 ii php-net-socket 1.0.14-1 ii php5 5.6.0~beta4+dfsg-4 ii php5-common5.6.0~beta4+dfsg-4 ii php5-intl 5.6.0~beta4+dfsg-4 ii php5-json 1.3.5-2 ii php5-mcrypt5.6.0~beta4+dfsg-4 ii roundcube-pgsql0.9.5-4 ii tinymce3.4.8+dfsg0-1 ii ucf3.0030 Versions of packages roundcube-core recommends: ii nginx-full [httpd-cgi] 1.6.0-1 ii php5-gd 5.6.0~beta4+dfsg-4 ii php5-pspell 5.6.0~beta4+dfsg-4 Versions of packages roundcube-core suggests: ii php-auth-sasl 1.0.6-1 pn php-crypt-gpg none pn roundcube-plugins none -- debconf information excluded -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#748972: libmilter1.0.1: Opendkim and opendmarc milters have allocation leaks; libmilter is common element
Package: libmilter1.0.1 Version: 8.14.4-5 Severity: normal I’m not certain which package is at fault. I’m starting here because both milters use libmilter1.0.1. The bug is socket-type agnostic. It occurs with unix domain and with tcp sockets. Every milter event allocates ram which is not free(2)d. (It shows up in VmData in /proc/$pid/status.) I estimate that the process vm grows about 10k-20k per message. Rss doesn’t grow. If swap usage grows, it doesn’t do so fast enough to confirm. So the allocated pages may be untouched. Eventually the milter gets a segv. The forensics are insufficient to confirm whether the leak causes or even contributes to the segv. -- Package-specific info: Output of /usr/share/bug/libmilter1.0.1/script: ls -alR /etc/mail: /etc/mail: total 20 drwxr-xr-x 3 root root 4096 Jan 31 2013 . drwxr-xr-x 143 root root 12288 May 20 21:16 .. drwxr-xr-x 2 root root 4096 May 20 21:16 m4 /etc/mail/m4: total 12 drwxr-xr-x 2 root root 4096 May 20 21:16 . drwxr-xr-x 3 root root 4096 Jan 31 2013 .. -rw-r--r-- 1 root root 789 Oct 8 2012 clamav-milter.m4 -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libmilter1.0.1 depends on: ii libc6 2.18-7 libmilter1.0.1 recommends no packages. libmilter1.0.1 suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#749024: Bad command line in init script
Package: asterisk Version: 1:11.9.0~dfsg-1 Severity: important Today’s update breaks /etc/init.d/asterisk. It passes $ETCDIR (/etc/asterisk) as the value for the -C option when starting asterisk. The -C option specifies a file, not a directory. The easy, short-term workaround is to add: ETCDIR=/etc/asterisk/asterisk.conf to /etc/default/asterisk. If the init script wants to use -C and ETCDIR, it should pass -C ${ETCDIR}/asterisk.conf -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.14-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages asterisk depends on: ii adduser 3.113+nmu3 ii asterisk-config 1:11.9.0~dfsg-1 ii asterisk-core-sounds-en [asterisk-prompt-en] 1.4.22-1 ii asterisk-core-sounds-en-gsm 1.4.22-1 ii asterisk-modules 1:11.9.0~dfsg-1 ii libc6 2.18-7 ii libcap2 1:2.22-1.2 ii libedit2 3.1-20140213-1 ii libgcc1 1:4.9.0-4 ii libpopt0 1.16-8 ii libsqlite3-0 3.8.4.3-3 ii libssl1.0.0 1.0.1g-4 ii libstdc++64.9.0-4 ii libtinfo5 5.9+20140118-1 ii libxml2 2.9.1+dfsg1-3 Versions of packages asterisk recommends: ii asterisk-moh-opsound-gsm 2.03-1 ii asterisk-voicemail [asterisk-voicemail-storage] 1:11.9.0~dfsg-1 ii sox 14.4.1-4 Versions of packages asterisk suggests: pn asterisk-dahdi none ii asterisk-dev 1:11.9.0~dfsg-1 pn asterisk-doc none pn asterisk-ooh323 none pn asterisk-vpb none -- Configuration Files: /etc/default/asterisk changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#740775: sks: Upgrade fails (again)
CM == Christoph Martin mar...@uni-mainz.de writes: CM sks depends on db-util which depends on the current db utils package. CM The current db-util in testing/jessie has version 5.3 and depends on CM db5.3-utils. CM So this should be no problem. Maybe at the time of your install there CM was an old version of db-util installed. IIRC, the bug is that a newer version of db5.x-utils got installed, the old version was removed, and apt permitted said removal even though sks needed said old version. I think sks has to depend on the exact version of db5.x-utils it uses, to ensure that it always can recover the db. Unless there is a better way to ensure that the proper recovery tool is available. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 0x997A9F17ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#742059: nginx: CVE-2014-0133: SPDY heap buffer overflow
y == yatiohi yati...@ideopolis.gr writes: y we are not vulnerable since nginx is compiled with the --with-debug y configure option. Does that also apply to 1.5.11 in experimental? y Although, we will release 1.4.7-1 shortly to follow y upstream and include a few module updates as well. Updating experimental to 1.5.12 is welcome in either case. Thanks! -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#741293: git over https fails with gnutls_handshake() failed: A record packet with illegal version was received.
AG == Alessandro Ghedini gh...@debian.org writes: AG If you mean its relicensing to LGPL3+, No, I mean the more recent relicense to LGPL3+ OR GPL2+, as mentioned on the gnutls thread on debian-devel. I confirmed it in the README in their HG repo https://gmplib.org/repo/gmp/ and the changset: changeset: 16260:da670a8513db user:Torbjorn Granlund t...@gmplib.org date:Mon Jan 27 21:47:39 2014 +0100 summary: Update library files license to use LGPL3+ and GPL2+. But I see that the change is not reflected in the README in the repo for the 5.1 branch, https://gmplib.org/repo/gmp-5.1/. I don't know their intent as to which versions are relicensed. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#739920: nginx: 1.5.10 available, adds SPDY/3.1
I was planning a missive, to end with the suggestion that, even if it couldn’t make sid, it would be enough for it to make experimental. But it seems you beat me to the punch. Thanks! -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#741293: git over https fails with gnutls_handshake() failed: A record packet with illegal version was received.
AG == Alessandro Ghedini gh...@debian.org writes: AG If you are using Debian sid, gnutls-cli is built against libgnutls28 (while AG licurl uses libgnutls26) so this isn't much useful (unfortunately we can't AG switch to libgnutls28 for licensing problems). Didn’t the gmp relicensing fix such license issues? Or is that not yet in place for sid? -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#739255: nginx: Please upgrade nginx to 1.5 for sid and jessie.
A further note: As of 'zilla 28 (ff28 and sm 2.25) spdy2 is gone. Chromium droped support for spdy2 in 33 or 34. And mod_spdy doesn't support apache 2.4. So nginx 1.5 is the only decent-performance option for those running web services who want to support spdy also for the current beta (soon to be non-beta) releases of the major browsers. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#734923: base-passwd: The change to uucp shell broke the uucp cron jobs
Ah. Yes, that is a valid fix. I should have found 734723 before reporting. ☹ Thanks, -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#505893: seems fixed upstream
Unless this bug is specific to debian, this should be fixed in xmessage-1.0.4 with a current Xorg server. At least it does the right thing for me on my Gentoo workstation. (I only use debian on my servers) -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#699746: probably fixed upstream
Xprop(1) got a significant overhall a while back. This should work correcly now. That said, xterm(1) doesn’t do the right thing with such titles in that it stores them on the server as STRING where they ought to be stored as COMPOUND_TEXT for WM_NAME and WM_ICON_NAME and as UTF8_STRING for _NET_WM_NAME and _NET_WM_ICON_NAME (which xterm does not set at all). (The latter two props, of course, were created just to provided the names as UTF8_STRINGs rather than as COMPOUND_TEXT.) -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 signature.asc Description: PGP signature
Bug#733295: gnutls-bin: please compile GnuTLS with DANE support
AM == Andreas Metzler ametz...@bebt.de writes: AM libdane requires and links against libunbound. libunbound OTOH AM is linked against OpenSSL's libssl on Debian[1]. A possible way forward is to configure unbound --with-nss, which should provide license compatibility for all libunbound users. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#729612: nsd: fails to install: dpkg-query: error: package 'nsd3' is not installed
Package: nsd Version: 4.0.0-4 Followup-For: Bug #729612 This bug also applies when upgrading from 4.0.0-3 to 4.0.0-4, if the nsd3 transition package is not also installed. The (non-)?existence of the old /ets/nsd3 directory does not impact the bug. (This bug — at least when upgrading from 4.0.0-3 — also affects ubuntu trusty.) -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages nsd depends on: ii adduser3.113+nmu3 ii debconf [debconf-2.0] 1.5.52 ii libc6 2.17-95 ii libevent-2.0-5 2.0.21-stable-1 ii libssl1.0.01.0.1e-4 ii lsb-base 4.1+Debian12 nsd recommends no packages. nsd suggests no packages. -- Configuration Files: /etc/nsd/nsd.conf changed [not included] -- debconf information: nsd3/old_confdir_exists: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#727841: powl() inaccurate but only at runtime
Z == Zefram zef...@fysh.org writes: Z On amd64, powl() is generating inaccurate results when called at runtime, Z but if a call to it gets constant-folded at compile time (by gcc 4.7) Z then the constant-folded result is much more accurate. AIUI, gcc uses multi-precision arith for constant folding, so that it can generate accurate results even when cross-compiling. The difference you show is likely libm vs mpfr. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#727841: powl() inaccurate but only at runtime
[I hit send to soon ... -JimC] And glibc 2.17 gets the same result as gcc does. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#727608: hylafax-client: jpg conversion fail, -dpi with float
FD == Frank Doepper f...@taz.de writes: FD %R is substituted with a float, 204.00 in my case, and apparently FD gets interpreted by pnmtops as 0 instead of 204. pnmtops.c expects either INT or INTxINT for -dpi (it calls strtol(dpiOpt, dpistr2, 10) to parse the numbers), so sending it a float is a bug. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#707761: pdns-backend-pgsql: IP fields too short for master/slave operation over IPv6
PD == Peter van Dijk peter.van.d...@netherlabs.nl writes: JC The ip column should not be varchar or text. JC It should be inet. PD We are happy to consider this change upstream Pull request sent. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 signature.asc Description: PGP signature
Bug#710360: First autoremovals happen in about 8 days
This bug report is about to get pdns kicked out of Jessie. Please do something about that. Thanks, -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#707761: pdns-backend-pgsql: IP fields too short for master/slave operation over IPv6
MH == Marc Haber mh+debian-packa...@zugschlus.de writes: alter table supermasters alter COLUMN ip type inet using ip::inet; and change the sql which creates the table during install to use inet for that column. MH Can pdns handle that table format? It is transparent to pdns. I've been using it in production since before I posted that. Were pdns to try to store something in that column which wasn't an ip address, pg would complain and the transaction would fail. But pdns only reads that table, and the text returned from a SELECT on an inet column looks like the normal text notation of an ipv4 or ipv6 address. Were someone to store a cidr (such as 10.1.2.4/8) then pdns would complain; but again the result would be no different than if one were to store such data in a text or varchar field. The column needs to be either text, varchar(39) or larger, or inet to support all possible ipv4 and ipv6 addresses. Inet has the benefit of documenting the column's intent and rejecting most bogus data before it can confuse or break pdns. -JimC -- James Cloos cl...@jhcloos.com OpenPGP: 1024D/ED7DAEA6 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org