Bug#1007364: postmark: please consider upgrading to 3.0 source format
Am Montag, dem 02.10.2023 um 17:57 +0200 schrieb Bastian Germann: > I am uploading a NMU with the attached changes to DELAYED/10 in order > to fix this. Merci. :) -- Noël Köthe Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#1043017: Take patch from upstream to fix 'Fix crash when printing download rate'
found 1043017 1.21.4-1 tags 1043017 + patch upstream confirmed thx Hello, Am Freitag, dem 04.08.2023 um 13:38 +0200 schrieb Wiebe Cazemier: > Actually all versions of wget 1.xxx on all (supported) versions of > Debian. > > Wget can segfault, caused by passing undefined memory to printf. It's > been fixed upstream. > > https://git.savannah.gnu.org/git/wget.git > Commit 04ab35666997fbb3cd5d72497415fb3dfd62dcc5 > > https://lists.gnu.org/archive/html/bug-wget/2023-08/msg1.html > > Patch attached. Thank you for reporting. Since the commit there wasn't a wget release which includes the patch. I tend to include it into the next Debian package upload.:) -- Noël Köthe Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#1051538: lintian: silent-on-rules-requiring-root.tag wrong path for rootless-builds.txt
Package: lintian Version: 2.116.3 Severity: minor Tags: patch Dear Maintainer, tags/s/silent-on-rules-requiring-root.tag states at the end: ... See-Also: /usr/share/doc/dpkg/rootless-builds.txt.gz, ... dpkg-dev package have this file in a subdirectory: $ dpkg -L dpkg-dev |grep rootless /usr/share/doc/dpkg/spec/rootless-builds.txt The simple patch might be: --- a/silent-on-rules-requiring-root.tag2023-01-28 19:46:08.0 +0100 +++ b/silent-on-rules-requiring-root.tag2023-09-09 14:20:09.464726338 +0200 @@ -16,6 +16,6 @@ debian/control, but please verify with diffoscope(1) that the installation packages produced are in fact identical. See-Also: - /usr/share/doc/dpkg/rootless-builds.txt.gz, + /usr/share/doc/dpkg/spec/rootless-builds.txt debian-policy 4.9.2, debian-policy 5.6.31 Thank you. Noël -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 6.4.0-3-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages lintian depends on: ii binutils2.41-5 ii bzip2 1.0.8-5+b1 ii diffstat1.65-1 ii dpkg1.22.0 ii dpkg-dev1.22.0 ii file1:5.45-2 ii gettext 0.21-13+b1 ii gpg 2.2.40-1.1 ii intltool-debian 0.35.0+20060710.6 ii iso-codes 4.15.0-1 ii libapt-pkg-perl 0.1.40+b2 ii libarchive-zip-perl 1.68-1 ii libberkeleydb-perl 0.64-2+b1 ii libcapture-tiny-perl0.48-2 ii libclass-xsaccessor-perl1.19-4+b1 ii libclone-perl 0.46-1 ii libconfig-tiny-perl 2.29-1 ii libconst-fast-perl 0.014-2 ii libcpanel-json-xs-perl 4.37-1 ii libdata-dpath-perl 0.58-2 ii libdata-validate-domain-perl0.10-1.1 ii libdata-validate-uri-perl 0.07-2 ii libdevel-size-perl 0.83-2+b1 pn libdigest-sha-perl ii libdpkg-perl1.22.0 ii libemail-address-xs-perl1.05-1+b1 ii libfile-basedir-perl0.09-2 ii libfile-find-rule-perl 0.34-3 ii libfont-ttf-perl1.06-2 ii libhtml-html5-entities-perl 0.004-3 ii libhtml-tokeparser-simple-perl 3.16-4 ii libio-interactive-perl 1.023-2 ii libipc-run3-perl0.048-3 ii libjson-maybexs-perl1.004005-1 ii liblist-compare-perl0.55-2 ii liblist-someutils-perl 0.59-1 ii liblist-utilsby-perl0.12-2 ii libmldbm-perl 2.05-4 ii libmoo-perl 2.005005-1 ii libmoox-aliases-perl0.001006-2 ii libnamespace-clean-perl 0.27-2 ii libpath-tiny-perl 0.144-1 ii libperlio-gzip-perl 0.20-1+b1 ii libperlio-utf8-strict-perl 0.010-1 ii libproc-processtable-perl 0.636-1 ii libregexp-wildcards-perl1.05-3 ii libsereal-decoder-perl 5.004+ds-1 ii libsereal-encoder-perl 5.004+ds-1 ii libsort-versions-perl 1.62-3 ii libsyntax-keyword-try-perl 0.29-1 ii libterm-readkey-perl2.38-2+b1 ii libtext-levenshteinxs-perl 0.03-5+b1 ii libtext-markdown-discount-perl 0.16-1 ii libtext-xslate-perl 3.5.9-1+b2 ii libtime-duration-perl 1.21-2 ii libtime-moment-perl 0.44-2+b1 ii libtimedate-perl2.3300-2 ii libunicode-utf8-perl0.62-2 ii liburi-perl 5.21-1 ii libwww-mechanize-perl 2.17-1 ii libwww-perl 6.72-1 ii libxml-libxml-perl 2.0207+dfsg+really+2.0134-1+b1 ii libyaml-libyaml-perl0.86+ds-1 ii lzip [lzip-decompressor]1.23-6 ii lzop1.04-2 ii man-db 2.11.2-3 ii patchutils 0.4.2-1 ii perl [libencode-perl] 5.36.0-8 ii t1utils 1.41-4 ii unzip 6.0-28 ii xz-utils5.4.4-0.1 lintian recommends no packages. Versions of packages lintian suggests: pn binutils-multiarch ii libtext-template-perl 1.61-1 -- no debconf information
Bug#1012666: ITS: wget2
Hello Boyuan, Am Samstag, dem 11.06.2022 um 09:10 -0400 schrieb Boyuan Yang: > After looking into the package you maintain (wget2, > https://tracker.debian.org/pkg/wget2), I found that this package > received no maintainer updates in the past 4 years and missed several > upstream > releases. The request of making new uploads > at https://bugs.debian.org/951354 > was not solved as well. As a result, I am filing an ITS (Intent to > Salvage) > request against your package according to section 5.12 in Debian's > Developers' > Reference [1]. > > My current plan is to package the latest upstream release (2.0.1) and > clean up existing bugs. > > Please let me know whether you are still willing to maintain this > package. According to the criteria listed at [2], I will upload a > Non-maintainer Upload (NMU) of this package onto DELAYED/7 after 21 > days (July 02, 2022) to continue with the package salvaging. If you > find it necessary to pause the ITS process, please let me know > immediately by replying this bug report. Thank you for your email. I will be able to work on the package in July (Debconf22) but you are welcome to do a NMU before.:) A DELAYED/2 will be fine for me. Thank you for your help and work. -- Noël Köthe Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#1009051: free(): double free detected in tcache 2
Hello Mathieu, Am Mittwoch, dem 06.04.2022 um 17:14 +0200 schrieb Mathieu Malaterre: > Control: fixed -1 1.21.3-1+b1 > Control: forwarded -1 https://savannah.gnu.org/bugs/?61277 > > Seems like this is fixed in sid. Closing. It might be this bug was fixed here: /usr/share/doc/wget/NEWS.gz ... * Noteworthy changes in release 1.21.2 (2021-09-07) ... * Fix a double free in FTP when using an absolute path ... signature.asc Description: This is a digitally signed message part
Bug#996174: wget: Spurious SSL_INIT in 1.21.2-1
tags 996174 + confirmed patch pending thanks Hello Bob, Am Montag, dem 11.10.2021 um 13:41 -0600 schrieb Bob Proulx: > Bob Proulx wrote: > > In today's daily upgrade wget 1.21.2-1 was installed and now emits > > a > > spurious "SSL_INIT" message. This is breaking scripts. :-( > > > > $ wget -q -O/dev/null https://www.example.com/ > > SSL_INIT > > Already fixed upstream. > > > https://git.savannah.gnu.org/cgit/wget.git/commit/?id=3ea9658c072fa1dc87aec7af45393b46904b143f > > The problematic commit that added the message. > > > https://git.savannah.gnu.org/cgit/wget.git/commit/src/gnutls.c?id=5fe8d26904880ab59b2343f31ff7399edbbc43f1 > > However I do note that upstream has not yet made a release since > v1.21.2 that contains the above fix. Thanks for your research and work. I uploaded a cherry picked fixed version of wget right now. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#996174: please cherry-pick for now
Hello, Am Mittwoch, dem 13.10.2021 um 16:36 +0200 schrieb Adam Borowski: > > Already fixed upstream. > > > > > https://git.savannah.gnu.org/cgit/wget.git/commit/?id=3ea9658c072fa1dc87aec7af45393b46904b143f > > > However I do note that upstream has not yet made a release since > > v1.21.2 that contains the above fix. > > Given the fallout, could you please cherry-pick the fix and upload? Yes, building already 1.21.2-2 with this patch. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#983488: O: lftp -- needs new maintainer
Hello Stefan Am Sonntag, dem 21.03.2021 um 00:16 +0100 schrieb Stefan Schindler: > I am sorry for appearing hostile, I tried to contact you via email No problem. > back in 2020-10-16, but it appears that this email never found you. Uh, sorry. > Regarding the "new upstream package", I was not sure that I needed to > create a special ticket because the tracker had the new version > already listed: https://tracker.debian.org/pkg/lftp > > Thank you for updating the package. It would be great if the latest > version would make it into this or the next stable version of debian. > I assume it will land in sid first, I would love to test it there. Yes you are right. After your email I worked on the package but the bullseye freeze policy doesn't allow new package versions anymore.:( https://release.debian.org/bullseye/freeze_policy.html (new src packages) This was my failure. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#983488: O: lftp -- needs new maintainer
Good morning Stefan, Am Donnerstag, dem 25.02.2021 um 01:14 +0100 schrieb Stefan Schindler: > Package: lftp > Version: 4.9.2; reported 2020-02-25 > Severity: important > > The upstream has released multiple packages since 2018 when the last > debian package was fetched. > * https://github.com/lavv17/lftp/blob/master/NEWS > * https://packages.debian.org/source/sid/lftp > > I would like to maintain this package, who can sponsor me with this? Hmm, there is no "new upstream release" bugreport and you didn't contacted the maintainer before this orphan bugreport. I think this is at least unfriendly. I will upload an updated package. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#958011: yersinia: diff for NMU version 0.8.2-2.1
Hello Michael, Am Dienstag, den 06.10.2020, 12:46 +1300 schrieb mwhud...@debian.org: > I've prepared an NMU for yersinia (versioned as 0.8.2-2.1) and > uploaded it to DELAYED/15. Please feel free to tell me if I > should delay it longer. Thanks for your work.:) You can upload it without delay. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#919350: hyperv-daemons: hv_get_dhcp_info, hv_get_dns_info not found
Package: hyperv-daemons Version: 4.19.132-1 Followup-For: Bug #919350 Dear Maintainer, installed hyperv-daemons on a HyperV Debian Buster guest and the log gets repeated lines about the missing hv_get_dhcp_info and hv_get_dns_info scripts at the not existing path /usr/libexec/hypervkvpd/ Bug #927384 is a similar problem with the path. Installing the Buster Backport Package 5.7.10-1~bpo10+1 fixes the problem. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 5.8.0-1-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages hyperv-daemons depends on: ii init-system-helpers 1.58 ii libc62.31-3 ii lsb-base 11.1.0 hyperv-daemons recommends no packages. hyperv-daemons suggests no packages.
Bug#957582: ncftp: diff for NMU version 2:3.2.5-2.2
Hello Sudip, Am Dienstag, den 18.08.2020, 18:29 +0100 schrieb Sudip Mukherjee: > I've prepared an NMU for ncftp (versioned as 2:3.2.5-2.2) and > uploaded it to DELAYED/2. Please feel free to tell me if I > should cancel it. No, please go ahead. Thanks for your work.;) Regards Noël signature.asc Description: This is a digitally signed message part
Bug#923873: Please increase MAX_CONFIG_LINE, otherwise ipmi_sim is not practically useable
Salut Thomas, Am Donnerstag, den 14.03.2019, 00:18 +0100 schrieb Thomas Goirand: > In #924465, the release team has pre-approved this patch. If you do not > react to this bug, I will NMU it to the delayed queue (5 days) tomorrow. Thanks for your work. Just go ahead and upload without delay. Thanks again. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#883775: #883775 BayesStore: bayes_expire table grows, remove_running_expire_tok not called
Hello, the patch is included in the latest release 3.4.2 from 2018-09-16. A Debian package update would be great. thx. -- Noël Köthe Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#892065: #892065 flashrom: Please package new upstream version 1.0
Hello, yes, 1.0.0 would be helpfull in Debian. 2018-01-02: flashrom 1.0 released https://flashrom.org/Flashrom/1.0 Thank you. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#904681: gnutls28: please add TLS 1.3 to the description
Source: gnutls28 Version: 3.6.3-1 Severity: wishlist Dear Maintainer, with the TLS 1.3 support in the 3.6.3 version maybe you want to add it to the description. See attached patch. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.16.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enableddiff --git a/debian/control b/debian/control index 7cd3c0b..a24b5cf 100644 --- a/debian/control +++ b/debian/control @@ -44,7 +44,7 @@ Replaces: gnutls-dev Multi-Arch: same Description: GNU TLS library - development files GnuTLS is a portable library which implements the Transport Layer - Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram + Security (TLS 1.0, 1.1, 1.2, 1.3) and Secure Sockets Layer (SSL) 3.0 and Datagram Transport Layer Security (DTLS 1.0, 1.2) protocols. . GnuTLS features support for: @@ -71,7 +71,7 @@ Suggests: gnutls-bin Multi-Arch: same Description: GNU TLS library - main runtime library GnuTLS is a portable library which implements the Transport Layer - Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram + Security (TLS 1.0, 1.1, 1.2, 1.3) and Secure Sockets Layer (SSL) 3.0 and Datagram Transport Layer Security (DTLS 1.0, 1.2) protocols. . GnuTLS features support for: @@ -95,7 +95,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends} Multi-Arch: foreign Description: GNU TLS library - commandline utilities GnuTLS is a portable library which implements the Transport Layer - Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram + Security (TLS 1.0, 1.1, 1.2, 1.3) and Secure Sockets Layer (SSL) 3.0 and Datagram Transport Layer Security (DTLS 1.0, 1.2) protocols. . GnuTLS features support for: @@ -126,7 +126,7 @@ Depends: ${misc:Depends} Multi-Arch: foreign Description: GNU TLS library - documentation and examples GnuTLS is a portable library which implements the Transport Layer - Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram + Security (TLS 1.0, 1.1, 1.2, 1.3) and Secure Sockets Layer (SSL) 3.0 and Datagram Transport Layer Security (DTLS 1.0, 1.2) protocols. . GnuTLS features support for: @@ -150,7 +150,7 @@ Pre-Depends: ${misc:Pre-Depends} Multi-Arch: same Description: GNU TLS library - C++ runtime library GnuTLS is a portable library which implements the Transport Layer - Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram + Security (TLS 1.0, 1.1, 1.2, 1.3) and Secure Sockets Layer (SSL) 3.0 and Datagram Transport Layer Security (DTLS 1.0, 1.2) protocols. . GnuTLS features support for: @@ -174,7 +174,7 @@ Pre-Depends: ${misc:Pre-Depends} Multi-Arch: same Description: GNU TLS library - OpenSSL wrapper GnuTLS is a portable library which implements the Transport Layer - Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram + Security (TLS 1.0, 1.1, 1.2, 1.3) and Secure Sockets Layer (SSL) 3.0 and Datagram Transport Layer Security (DTLS 1.0, 1.2) protocols. . GnuTLS features support for: @@ -199,7 +199,7 @@ Pre-Depends: ${misc:Pre-Depends} Suggests: dns-root-data Multi-Arch: same Description: GNU TLS library - DANE security support - Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram + Security (TLS 1.0, 1.1, 1.2, 1.3) and Secure Sockets Layer (SSL) 3.0 and Datagram Transport Layer Security (DTLS 1.0, 1.2) protocols. . GnuTLS features support for: signature.asc Description: This is a digitally signed message part
Bug#874261: ncftp: diff for NMU version 2:3.2.5-2.1
Hallo Adrian, Am Sonntag, den 24.06.2018, 19:13 +0300 schrieb Adrian Bunk: > I've prepared an NMU for ncftp (versioned as 2:3.2.5-2.1) and > uploaded it to DELAYED/14. Please feel free to tell me if I should > cancel it. No, it's fine and you can upload it directly or with a lower delay if you want. Thanks for your work. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#775108: #775108 samba: reverse DNS registration / creating associated PTR not working
forwarded 775108 https://bugzilla.samba.org/show_bug.cgi?id=12258 thanks Found it in bugzilla. signature.asc Description: This is a digitally signed message part
Bug#691278: #691278 samba4: fails if password violates constraints
forwarded 691278 https://bugzilla.samba.org/show_bug.cgi?id=12235 tags 691278 + upstream thanks signature.asc Description: This is a digitally signed message part
Bug#887384: Ability to provide password per-instance
forwarded 887384 https://savannah.gnu.org/bugs/index.php?53021 thanks Hello madduck, thx for your request. I forwarded your request to the upstream bugtracker and lets see what the answer will be.;) Am Dienstag, den 16.01.2018, 08:34 +1300 schrieb martin f krafft: > As far as I can tell, Wget only provides the following methods to > provide a HTTP password: > > 1. as part of the URL > 2. with --http-password / --password > 3. using ~/.netrc > 4. using --use-askpass > 5. using --ask-password > > The problem is that 1 & 2 expose the password in the process table, > while ~/.netrc is a centralised resource that may not be editable by > a script. 4 & 5 are interactive, and while I could provide an ad-hoc > askpass script, this is a gross hack. > > It'd be awesome if Wget could provide one or more of the following > methods to provide the password: > > 1. read it from $WGET_PASSWORD > 2. read it from a specific file > 3. read it from a netrc-style file that is not ~/.netrc > 4. let --use-askpass specify parameters to the script/binary to > invoke > > Ftr, my current hack involves creating an executable temporary file > with content like this: > > #!/bin/sh > echo username:password > > and then invoking wget like so: > > wget -c --use-askpass=tempfile … > > and that works, but it's a hack that I think could be rendered > obsolete by Wget functionality. Lftp and cURL both provide ways to > either read from the environment, or to override the netrc filename. > Lftp furthermore can be scripted itself, which solves the problem > in its own way. signature.asc Description: This is a digitally signed message part
Bug#888691: wget -b produces empty wget-log file
forwarded 888691 https://savannah.gnu.org/bugs/index.php?53020 tags 888691 + upstream confirmed found 888691 1.19.3-1 found 888691 1.19.4-1 thanks Hello Chris, Am Sonntag, den 28.01.2018, 19:50 +0100 schrieb chris: > wget -b "http://dreamicus.com/data/cat/cat-01.jpg; > > produces empty wget-log file, since 1.19.3-2, I believe. Thx for your report. I can reproduce it with 1.19.3-1 and 1.19.4-1 and submitted a bug report to the upstream authors. > This is unusual. ;) Yes. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#883775: BayesStore: bayes_expire table grows, remove_running_expire_tok not called
Package: spamassassin Version: 3.4.1-8 Severity: normal Tags: patch Dear Maintainer, # Symptoms When Bayes is used with an SQL backend (PostgreSQL in the observed case), and autoexpiry is disabled, the bayes_expire table keeps growing for every sa-learn --force-expire call. # Analysis When Expiry is triggered a row gets inserted via set_running_expire_tok into the bayes_expire table. However it never get's delete, except: - if token to expire < 1000 - if $max_expire_mult would not expire any tokens # Effects on Runtime Because learner_is_scan_available calls $self->_opportunistic_calls(1); which calls $self->{store}->get_running_expire_tok(); every client will do a sequential scan on this table SELECT max(runtime) from bayes_expire WHERE id = ?"; which takes longer and longer as the bayes_expire table continues to grow. The problem is reported upstream and a patch commited. https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7340 Because of the longer release cycles we hope to get this small patch included in Debian. Thanks for your work Regards Noël -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.14.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages spamassassin depends on: ii adduser 3.116 ii init-system-helpers 1.51 ii libhtml-parser-perl 3.72-3+b2 ii libhttp-date-perl6.02-1 ii libmail-dkim-perl0.44-1 ii libnet-dns-perl 1.10-2 ii libnetaddr-ip-perl 4.079+dfsg-1+b2 ii libsocket6-perl 0.27-1+b3 ii libsys-hostname-long-perl1.5-1 ii libwww-perl 6.29-1 ii lsb-base 9.20170808 ii perl 5.26.1-3 ii perl-modules-5.26 [libarchive-tar-perl] 5.26.1-3 ii w3m 0.5.3-34 Versions of packages spamassassin recommends: ii gnupg 2.2.3-1 ii libio-socket-inet6-perl 2.72-2 ii libmail-spf-perl 2.9.0-4 ii libperl5.26 [libsys-syslog-perl] 5.26.1-3 ii sa-compile3.4.1-8 ii spamc 3.4.1-8 Versions of packages spamassassin suggests: ii libdbi-perl 1.637-1 pn libencode-detect-perl pn libgeo-ip-perl ii libio-socket-ssl-perl2.052-1 pn libnet-patricia-perl ii libperl5.26 [libcompress-zlib-perl] 5.26.1-3 pn pyzor pn razor -- no debconf information
Bug#833507: [pkg-wpa-devel] Bug#833507: Bug#833507: wpasupplicant: workaround wifi.scan-rand-mac-address=no
Hello Andrew, Am Dienstag, den 05.12.2017, 09:49 +0100 schrieb Andrew Shadura: > > If I can help you with more information just tell me. > > Thanks. Please have a look at > /usr/lib/NetworkManager/conf.d/no-mac-addr-change.conf. > > There should be a line: > > match-device=driver:rtl8723bs,… > > Please add driver:wl to this comma-separated list, remove your > previos NetworkManager.conf addition, restart NM and try again. If > this helps, we can close the bug. If it doesn't, please check whether > the config is being parsed at all by runnin /usr/sbin/NetworkManager > --print-config. I can confirm, that removing the workaround in /etc/NetworkManager/NetworkManager.conf and adding driver:wl into /usr/lib/NetworkManager/conf.d/no-mac-addr-change.conf as you described it, gives me a working wifi network. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#833507: [pkg-wpa-devel] Bug#833507: wpasupplicant: workaround wifi.scan-rand-mac-address=no
Hello Andrew, Am Dienstag, den 05.12.2017, 08:57 +0100 schrieb Andrew Shadura: > > I remember a workaround for this problem from the past to add > > into /etc/NetworkManager/NetworkManager.conf the following: > > > > [device] > > wifi.scan-rand-mac-address=no > > > > which fixed it again for me. > Just to be sure, are you absolutely sure it doesn't work with the > latest wpasupplicant without the NM snippet? Yes. Wifi worked until Tue or Wed last week and with my daily sid update I didn't get it working again. Module unloading and loading or network-manager restarts or complete reboots didn't helped. Until yesterday when I added the NM lines again. > I have put a similar one > into the wpasupplicant package, but a driver-specific one. OK. > Could you please let me know what driver are you using? wl module/driver with the broadcom-sta-dkms 6.30.223.271-7 03:00.0 Network controller: Broadcom Limited BCM4360 802.11ac Wireless Network Adapter (rev 03) on a MacBook Pro 03:00.0 0280: 14e4:43a0 (rev 03) > You should be able to find out by running: > > nmcli -f GENERAL.DRIVER,GENERAL.DRIVER-VERSION device show # nmcli -f GENERAL.DRIVER,GENERAL.DRIVER-VERSION device show GENERAL.DRIVER: tg3 GENERAL.DRIVER-VERSION: 3.137 GENERAL.DRIVER: wl GENERAL.DRIVER-VERSION: 6.30.223.271 (r587334) GENERAL.DRIVER: bridge GENERAL.DRIVER-VERSION: 2.3 GENERAL.DRIVER: unknown GENERAL.DRIVER-VERSION: -- GENERAL.DRIVER: tun GENERAL.DRIVER-VERSION: 1.6 > Please bear in mind the file I'm shipping doesn't work with old NM, > what version are you using? network-manager 1.10.0-1 It is a sid system with no package on hold. If I can help you with more information just tell me. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#833507: wpasupplicant: workaround wifi.scan-rand-mac-address=no
Package: wpasupplicant Version: 2:2.6-11 Followup-For: Bug #833507 Dear Maintainer, with one of the sid updates last week my wireless stop working again with the wpa_supplicant[737]: wlan0: CTRL-EVENT-SUBNET-STATUS-UPDATE status=0 I remember a workaround for this problem from the past to add into /etc/NetworkManager/NetworkManager.conf the following: [device] wifi.scan-rand-mac-address=no which fixed it again for me. ... network-manager (1.4.0-4) unstable; urgency=medium ... * Fix MAC address randomization. Cherry-pick a couple of upstream commits which work around driver bugs when MAC address randomization is used. (Closes: #835822, #835553) ... Because the last network-manager was from 2017-11-10 and my wlan problem started last week I'm a bit unsure where the root cause is. Maybe the workaround helps someone. Regards Noël -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.14.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages wpasupplicant depends on: ii adduser 3.116 ii libc6 2.25-3 ii libdbus-1-3 1.12.2-1 ii libnl-3-200 3.2.27-2 ii libnl-genl-3-200 3.2.27-2 ii libpcsclite1 1.8.22-1 ii libreadline7 7.0-3 ii libssl1.1 1.1.0g-2 ii lsb-base 9.20170808 wpasupplicant recommends no packages. Versions of packages wpasupplicant suggests: pn libengine-pkcs11-openssl pn wpagui -- no debconf information
Bug#813158: wget: segfault executing sgfxi script
forwarded 813158 https://savannah.gnu.org/bugs/index.php?52349 tags 813158 + upstream confirmed thanks Hello Chris, thx for your report which I can reproduce and forwarded it to the upstream bugtracker. Am Sonntag, den 05.11.2017, 16:46 -0500 schrieb Chris Manougian: > Followup-For: Bug #813158 > A full discussion is at http://techpatterns.com/forums/about2621.html > > Running the sgfxi script after installing wget 1.19.2-1 produces the > following > segfault: > wget -O - smxi.org/sm/sm-versions > --2017-11-04 14:23:41-- http://smxi.org/sm/sm-versions > Resolving smxi.org (smxi.org)... 216.92.31.53 > Connecting to smxi.org (smxi.org)|216.92.31.53|:80... connected. > HTTP request sent, awaiting response... 301 Moved Permanently > Location: https://smxi.org/sm/sm-versions [following] > --2017-11-04 14:23:41-- https://smxi.org/sm/sm-versions > Connecting to smxi.org (smxi.org)|216.92.31.53|:443... connected. > HTTP request sent, awaiting response... 200 OK > Segmentation fault > > 4 people are reporting the exact same error. I'm not getting > this segfault with 1.19.1-4 signature.asc Description: This is a digitally signed message part
Bug#858995: wget: FTBFS on hurd-i386
Hello Svante, Am Dienstag, den 17.10.2017, 22:52 +0200 schrieb Svante Signell: > Cc: debian-hurd > > Another ping, almost two months later. > > > On Sun, 2017-08-27 at 10:30 +0200, Svante Signell wrote: > > found 858995 1.19.1-4 > > thanks > > > > ping again > > > > The upstream patch has already been added to grep and findutils > > (#867120). Sorry for the delay. I uploaded the package with the patch. Thanks for your report und the pings. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#874590: wget: creates log file when run in the background
forwarded 874590 https://savannah.gnu.org/bugs/?51181 tags 874590 + upstream thanks Hello Francesco, Am Donnerstag, den 07.09.2017, 14:27 +0200 schrieb Francesco Potortì: > This has hit many and is already reported in several distributions, > but not in Debian yet. > > Since 1.19, when run in the background, even with --quiet, wget > creates a log file wget-log in the current directory, which is > normally empty. > If wget-log exists, it creates wget-log.1, and so on. > > The workaround is to use -o /dev/null, but this changed behaviour > breaks existing scripts and is undocumented. thx for your report. I found an upstream bug and added your text to it. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#872004: linux: Please enable CONFIG_SPI_PXA2XX
Package: src:linux Version: 4.12.6-1 Followup-For: Bug #872004 Dear Maintainer, a friendly reminder on this missing module for some users.:) Thank you for enabling CONFIG_SPI_PXA2XX Regards Noël -- Package-specific info: ** Version: Linux version 4.12.0-1-amd64 (debian-ker...@lists.debian.org) (gcc version 6.4.0 20170805 (Debian 6.4.0-3) ) #1 SMP Debian 4.12.6-1 (2017-08-12) ** Command line: BOOT_IMAGE=/vmlinuz-4.12.0-1-amd64 root=UUID=381b94f4-a793-4d83-ac9b-7d5feb24c228 ro quiet ** Kernel log: Unable to read kernel log; any relevant messages should be attached ** Model information sys_vendor: Apple Inc. -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.12.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#870813: wget: Please hash the hostname in ~/.wget-hsts files
Hello Chris, Am Samstag, den 05.08.2017, 08:59 -0400 schrieb Chris Lamb: > I can't help but think of ~/.ssh/known_hosts which moved to hashing > the hostname for various security/privacy concerns. Shouldn't wget > make the parallel change? Upstream Tim answered but the answer didn't reach you. You can read it here: https://savannah.gnu.org/bugs/index.php?51666 or https://bugs.debian.org/870813 Regards Noel signature.asc Description: This is a digitally signed message part
Bug#752252: [lftp] lftp uses 100% CPU when limiting rate
tags 752252 + moreinfo thanks Hello Landry, Am Samstag, den 21.06.2014, 19:01 +0200 schrieb Landry MINOZA: > --- Please enter the report below this line. --- > I am limiting rate when uploading big files from my desktop to an FTP > server > with this ~/.lftprc file: > = > set ftp:passive-mode 1 > set net:limit-rate 1M > = > > With this settings, lftp process uses 100% CPU. When commenting the > limit-rate line, it uses about 1 to 10%. > I don't remember having this behaiviour more than 3 month ago but I > maybe I didn't notice. Is this still a problem you can reproduce? Thx for your answer. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#870813: wget: Please hash the hostname in ~/.wget-hsts files
tags 870813 + upstream forwarded 870813 https://savannah.gnu.org/bugs/?51666 thanks Hello Chris, Am Samstag, den 05.08.2017, 08:59 -0400 schrieb Chris Lamb: > I recently discovered the .wget-hsts file in my home directory which > is used to persist state for HSTS: > > https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security > > It contains lines such as: > > # HSTS 1.0 Known Hosts database for GNU Wget. > # Edit at your own risk. > # d> > github.com 0 1 1450887745 31536000 > ... > I can't help but think of ~/.ssh/known_hosts which moved to hashing > the hostname for various security/privacy concerns. Shouldn't wget > make the parallel change? I forwarded your feature request to the upstream bugtracker. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#258392: #258392 lftp should support encrypted passwords in bookmarks
tags 258392 + upstream forwarded 258392 https://github.com/lavv17/lftp/issues/373 thanks Hello, it was forwarded and discussed on the mailinglist https://www.mail-archive.com/lftp-devel@uniyar.ac.ru/msg01403.html but in the bugtracker it will not get lost.;) Regards Noel signature.asc Description: This is a digitally signed message part
Bug#538196: lftp: Add support for OpenSSH type URL login@host:dir
tags 538196 + wontfix thanks Hello Jari, your request to support login@host:dir will not work because by default of many programs : is reserved to seperate the hostname and the port. sftp and ssh just use their default port 22. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#797848: lftp: Doesn't use user name specified in ~/.netrc
found 797848 4.8.0-1 tags 797848 + upstream confirmed forwarded 797848 https://github.com/lavv17/lftp/issues/372 thanks Hello Neil, Am Mittwoch, den 02.09.2015, 17:36 -0600 schrieb Neil Mayhew: > I have specified login and password in ~/.netrc as follows: > > machine mysite.com > login myuser > password mypassword > > I then connect using: > > > lftp ftps://mysite.com > > I get a 530 Login or password incorrect! > > However, if I use: > > > lftp ftps://myu...@mysite.com > > everything works as expected, and I don't have to enter my password. I can reproduce your report with the latest version 4.8.0-1. When there is no user mentioned lftp tries to login as user anonymous ignoring you have a .netrc for this host/machine. I reported it to the upstream author. Thanks for your report. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#785236: lftp: asseration failures after upgrading to jessie
tags 785236 + moreinfo thanks Hello Richard, Am Mittwoch, den 13.05.2015, 12:44 -0500 schrieb Richard Stanway: > After upgrading to Debian jessie, the packaged version of lftp seems > to occasionally crash with segmentation faults or assertion failures. > > My use of lftp is invoked by a script and run without a terminal, > with the following sequence of commands passed via lftp -f > > get http://url/1/1mb.ts & > get http://url/2/1mb.ts & > get http://url/3/1mb.ts & > (repeated around 15 times with different URLs) > wait all > exit > > The URLs are to MPEG TS (HLS) segments which do not last more than a > minute, so I cannot include them here. It is possible that the HLS > segments are being deleted mid-transfer if this aids in reproduction. > > Under Debian wheezy, lftp when invoked with the same script never > once segfaulted or otherwise failed. The release of Debian strech now included lftp version 4.7.4. Can you still reproduce the problem (or with a version from testing/sid)? Thank you. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#870416: Fails on SwiFTP server
forwarded 870416 https://github.com/lavv17/lftp/issues/370 tags 870416 + upstream thanks Hello Eduard, Am Dienstag, den 01.08.2017, 21:14 +0200 schrieb Eduard Bloch: > I have a problem contacting the FTP server on my android device. It's > the free FTP Demo Server app from FDroid (or see > https://f-droid.org/packages/be.ppareit.swiftp_free/ ). > > With Firefox it works like usual. With mc it works just fine. > With lftp, it's not the case, seems to do weird things on login and > than > hangs in a retry loop with increasing timeout. I made a tcp dump, > see > below for text stream. ... Thanks for your report. I forwarded it to the upstream bug tracker. Regards Noel signature.asc Description: This is a digitally signed message part
Bug#768319: #768319 mumudvb version
Hello, just a friendly reminder that the mumudvb is still outdated in Debian. I build it myself and got it working with DVB-T2 but a packaged version is much better.;) Thanks for your work. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#861239: Impossible to connect to SFTP servers
Hello, Am Donnerstag, den 27.04.2017, 11:42 + schrieb Ulrike Uhlig: > Here is what I'm doing: > > lftp -d user:p...@sftp.dc0.gpaas.net -p 22 > Löse Hostadresse auf... > 2 Adressen gefunden: 2001:4b98:dc0:950::142, 217.70.180.142 > > lftp u...@sftp.dc0.gpaas.net:~> ls > Verbinde mit sftp.dc0.gpaas.net (2001:4b98:dc0:950::142) Port 22 > <--- SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 > »ls« bei 0 [TLS Verbindungsaufbau...] > > And it gets stuck at "ls". Nothing happens, no debugging information. > No certificate, no fingerprint. > > I'm using lftp 4.6.0-1+deb8u1. > > This also happens when I use one of the IPs directly. I tried that > because I suspected that there might be something wrong with the IPv6 > address. Try to add the protocol to the commandline. Else it will try to connect with the ftp protocol to the ssh port: $ LC_ALL=C lftp -d sftp://user:p...@sftp.dc0.gpaas.net lftp u...@sftp.dc0.gpaas.net:~> ls Running connect program (ssh -a -x -s -l user sftp.dc0.gpaas.net sftp) ---> sending a packet, length=5, type=1(INIT), id=0 <--- The authenticity of host 'sftp.dc0.gpaas.net (2001:4b98:dc0:950::142)' can't be established. <--- RSA key fingerprint is SHA256:1Tpwj0UT92ARAGczV2ha6tBE3lQz0uLvBRWCaIPmh6I. ... Regards Noël signature.asc Description: This is a digitally signed message part
Bug#861310: tvoe: cannot use/handle channels.conf from w_scan
Package: tvoe Version: 0.1-1+b1 Severity: normal Dear Maintainer, I'm trying to setup tvoe. The channels.conf is created with w_scan (package w-scan) in zap format (w_scan option -X) but tvoe cannot handle it: Parsing channel config failed: Line 1: Invalid number of tokens (was: 13, expected: 9) the channels.conf dvbv5-scan (original scan) also has 13 tokens. The channel.conf looks like this: http://vdr-wiki.de/wiki/index.php/Channels.conf_DVBT-DE-Hessen-Rhein-Main-Gebiet Can you add support for the channels.conf with 13 tokens, so it will work with recent DVB-T2? Thank you. Regards Noël -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#861239: Impossible to connect to SFTP servers
Hello Ulrike, Am Mittwoch, den 26.04.2017, 12:21 + schrieb Ulrike Uhlig: > I'm trying to connect to a SFTP server on port 22 using lftp. > The same connection works fine from a GUI client. > > It never works out, and I was wondering if this might be due to lftp > not being compiled with libssl? > > Here's what I get with ldd: > > ldd /usr/bin/lftp ... > libgnutls-deb0.so.28 => /usr/lib/x86_64-linux-gnu/libgnutls- > deb0.so.28 ... > This makes lftp kinda unusable for connection to SFTP servers. > Or am I missing something here? It is compiled against GNUTLS. You can test it with: # lftp -d https://www.debian.org/ and see the certificate for example. What is the debug output of your SFTP connection? Regards Noël signature.asc Description: This is a digitally signed message part
Bug#861302: w-scan: new upstream available 2017-01-07
Package: w-scan Severity: wishlist Dear Maintainer, there is a new upstream release available: http://wirbel.htpc-forum.de/w_scan/w_scan-20170107.tar.bz2 from http://wirbel.htpc-forum.de/w_scan/index2.html Please update the package. It might help to fix the bug #858752. Thanks for your work. Regards Noël -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#861301: linux-image-4.9.0-2-amd64: Dell Optiplex 790 does not reboot without reboot=pci
Package: src:linux Version: 4.9.18-1 Severity: normal Tags: patch Dear Maintainer, with the lastest and older kernels a Dell Optiplex needs the additional kernel commandline reboot=pci to reboot correctly. With it the machine hangs at the end of the shutdown. I found this bug report which confirms it: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/818933 There is a patch included which seems not included upstream (0004): http://people.canonical.com/~ogasawara/dell-reboot-quirks/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/x86/kernel/reboot.c Maybe it could be included in Debian and upstream and then it will be fixed in the long run. Thanks for your work. -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#843620: wget --continue: URL with trailing slash '/' (but Content-Disposition)
forwarded 843620 https://savannah.gnu.org/bugs/?50579 tags 843620 + upstream thanks Hello Mathieu, Am Dienstag, den 08.11.2016, 12:53 +0100 schrieb Mathieu Malaterre: > It would be nice if the behavior of --continue would also handle > corner cases, such as the following: > > $ wget --content-disposition --continue > http://www.mckesson.com/documents/providers/mckesson-radiology-12-dic > om-conformance-statement/ ... thx for the report. Sorry for the delayed forwarding to the upstream authors. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#858130: jessie-pu: package wget/1.16-1+deb8u2
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu Hello, wget 1.16-1+deb8u2 fixes CVE-2017-6508 (no-dsa) with the upstream patch. https://security-tracker.debian.org/tracker/CVE-2017-6508 The update is included in sid and unblocked for stretch (#858118) today. I prepared the jessie upload with pbuilder and the debdiff is: $ debdiff wget_1.16-1+deb8u1.dsc wget_1.16-1+deb8u2.dsc dpkg-source: Warnung: unsigniertes Quellpaket wird extrahiert (/home/nk/debian/wget/wget-jessie/wget_1.16-1+deb8u2.dsc) diff -Nru wget-1.16/debian/changelog wget-1.16/debian/changelog --- wget-1.16/debian/changelog 2016-07-05 16:21:21.0 +0200 +++ wget-1.16/debian/changelog 2017-03-18 15:39:29.0 +0100 @@ -1,3 +1,9 @@ +wget (1.16-1+deb8u2) jessie; urgency=medium + + * added upstream patch to fix CVE-2017-6508 closes: Bug#857073 + + -- Noël Köthe <n...@debian.org> Sat, 18 Mar 2017 15:39:29 +0100 + wget (1.16-1+deb8u1) jessie; urgency=medium * added patch for CVE-2016-4971. closes: #827003, #829130 diff -Nru wget-1.16/debian/patches/CVE-2017-6508.patch wget-1.16/debian/patches/CVE-2017-6508.patch --- wget-1.16/debian/patches/CVE-2017-6508.patch1970-01-01 01:00:00.0 +0100 +++ wget-1.16/debian/patches/CVE-2017-6508.patch2017-03-18 15:39:29.0 +0100 @@ -0,0 +1,32 @@ +commit 4d729e322fae359a1aefaafec1144764a54e8ad4 +Author: Tim Rühsen <tim.rueh...@gmx.de> +Date: Mon Mar 6 10:04:22 2017 +0100 + +Fix CRLF injection in Wget host part + +* src/url.c (url_parse): Reject control characters in host part of URL + +Reported-by: Orange Tsai + +diff --git a/src/url.c b/src/url.c +index 8f8ff0b8..7d36b27d 100644 +--- a/src/url.c b/src/url.c +@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri *iri, bool percent_encode) + url_unescape (u->host); + host_modified = true; + ++ /* check for invalid control characters in host name */ ++ for (p = u->host; *p; p++) ++{ ++ if (c_iscntrl(*p)) ++{ ++ url_free(u); ++ error_code = PE_INVALID_HOST_NAME; ++ goto error; ++} ++} ++ + /* Apply IDNA regardless of iri->utf8_encode status */ + if (opt.enable_iri && iri) + { diff -Nru wget-1.16/debian/patches/series wget-1.16/debian/patches/series --- wget-1.16/debian/patches/series 2016-06-30 17:21:45.0 +0200 +++ wget-1.16/debian/patches/series 2017-03-18 15:39:29.0 +0100 @@ -2,4 +2,4 @@ wget-doc-remove-usr-local-in-wget.texi wget-passive_ftp-default wget-CVE-2016-4971.patch - +CVE-2017-6508.patch If this is OK for you I would upload it. -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#849961: wget: info page section 9.1 with wrong URL
forwarded 849961 https://savannah.gnu.org/bugs/?50577 tags 849961 + upstream confirmed thanks Am Montag, den 02.01.2017, 17:46 +0100 schrieb Alek: > there is a wrong URL in the info page in chapter 9.1 Robot exclusion. > The old URL > http://www.robotstxt.org/wc/meta-user.html > should now be > http://www.robotstxt.org/meta.html Thank you for your report. I submitted it to the upstream bugtracker and I guess it will be fixed.:) Regards Noël signature.asc Description: This is a digitally signed message part
Bug#858118: unblock: wget/1.18-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package wget wget has a security problem CVE-2017-6508 #857073 https://security-tracker.debian.org/tracker/CVE-2017-6508 I fixed it in unstable but unstable already has the new upstream version 1.19.1. To fix this problem in stretch I fixed only this problem with the wget package 1.18-5 The debdiff: $ debdiff wget_1.18-4.1.dsc wget_1.18-5.dsc dpkg-source: Warnung: unsigniertes Quellpaket wird extrahiert (/home/nk/debian/wget/wget-stretch/wget_1.18-5.dsc) diff -Nru wget-1.18/debian/changelog wget-1.18/debian/changelog --- wget-1.18/debian/changelog 2017-02-25 16:58:53.0 +0100 +++ wget-1.18/debian/changelog 2017-03-18 15:12:55.0 +0100 @@ -1,3 +1,9 @@ +wget (1.18-5) testing-proposed-updates; urgency=medium + + * applied upstream patch to fix CVE-2017-6508 closes: Bug#857073 + + -- Noël Köthe <n...@debian.org> Sat, 18 Mar 2017 15:12:55 +0100 + wget (1.18-4.1) testing-proposed-updates; urgency=medium * Non-maintainer upload. diff -Nru wget-1.18/debian/patches/CVE-2017-6508.patch wget-1.18/debian/patches/CVE-2017-6508.patch --- wget-1.18/debian/patches/CVE-2017-6508.patch1970-01-01 01:00:00.0 +0100 +++ wget-1.18/debian/patches/CVE-2017-6508.patch2017-03-18 15:12:55.0 +0100 @@ -0,0 +1,32 @@ +commit 4d729e322fae359a1aefaafec1144764a54e8ad4 +Author: Tim Rühsen <tim.rueh...@gmx.de> +Date: Mon Mar 6 10:04:22 2017 +0100 + +Fix CRLF injection in Wget host part + +* src/url.c (url_parse): Reject control characters in host part of URL + +Reported-by: Orange Tsai + +diff --git a/src/url.c b/src/url.c +index 8f8ff0b8..7d36b27d 100644 +--- a/src/url.c b/src/url.c +@@ -925,6 +925,17 @@ url_parse (const char *url, int *error, struct iri *iri, bool percent_encode) + url_unescape (u->host); + host_modified = true; + ++ /* check for invalid control characters in host name */ ++ for (p = u->host; *p; p++) ++{ ++ if (c_iscntrl(*p)) ++{ ++ url_free(u); ++ error_code = PE_INVALID_HOST_NAME; ++ goto error; ++} ++} ++ + /* Apply IDNA regardless of iri->utf8_encode status */ + if (opt.enable_iri && iri) + { diff -Nru wget-1.18/debian/patches/series wget-1.18/debian/patches/series --- wget-1.18/debian/patches/series 2016-09-26 15:07:33.0 +0200 +++ wget-1.18/debian/patches/series 2017-03-18 15:12:55.0 +0100 @@ -4,3 +4,4 @@ wget-doc-CRLs.patch wget-openssl1.1.0.patch CVE-2016-7098.patch +CVE-2017-6508.patch If this is OK for you release-team I can upload it to testing-proposed-updates. Thanks for your release work and greeting from the credativ BSP.;) unblock wget/1.18-5 -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#833507: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22
Hello, running sid with Linux pro 4.9.0-1-amd64 #1 SMP Debian 4.9.6-3 (2017-01-28) x86_64 GNU/Linux wpasupplicant 2.6-3 03:00.0 Network controller: Broadcom Limited BCM4360 802.11ac Wireless Network Adapter (rev 03) 03:00.0 0280: 14e4:43a0 (rev 03) with the broadcom-sta-dkms 6.30.223.271-5 driver. After every suspend I get the following errors: Feb 14 20:02:40 pro wpa_supplicant[1091]: wlan0: Reject scan trigger since one is already pending Feb 14 20:02:41 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:42 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:43 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:44 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:45 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:46 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:47 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:48 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:49 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:50 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:51 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:52 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:53 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:54 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:55 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:56 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:57 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:58 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:02:59 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:00 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:01 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:02 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:03 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:04 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:05 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:06 pro wpa_supplicant[1091]: wlan0: Reject scan trigger since one is already pending Feb 14 20:03:10 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:11 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:12 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:13 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:14 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:15 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:16 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:17 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:18 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:19 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:20 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:21 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:22 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:23 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:24 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:25 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:26 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:27 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:28 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:29 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:30 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:31 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:32 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:33 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1 Feb 14 20:03:34 pro wpa_supplicant[1091]: wlan0: CTRL-EVENT-SCAN-FAILED ret=-22
Bug#707787: tag + patch (listadmin ssl cert support)
Am Montag, den 19.12.2016, 11:39 +0100 schrieb Petter Reinholdtsen: > [Holger Levsen] > > the patch looks ok to me on a quick check, it even adds the new > > options > > in the manpage! :) > > Yes, it work great for me to. > > Noël, any chance for you to upload a version with this patch included > befor > the Stretch package freeze? We are quickly running out of time here. > I would be happy to NMU if it is OK with you. Sure. Go ahead and thanks for your work. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#828469: openipmi: diff for NMU version 2.0.22-1.1
Hello Sebastian, Am Mittwoch, den 14.12.2016, 22:21 +0100 schrieb Sebastian Andrzej Siewior: > I've prepared an NMU for openipmi (versioned as 2.0.22-1.1) and > uploaded it to DELAYED/2. Please feel free to tell me if I > should delay it longer. No, everything is fine. Thanks for your work. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#847216: wget: let the user --convert-links separately, without downloading
Hello Thaddeus, Am Montag, den 12.12.2016, 17:31 + schrieb Thaddeus H. Black: > Summary: I am working on a patch which will be hundreds of > lines long. I have not yet mentioned the patch upstream. > Upstream has already heard of this bug from others. > > Details follow. > > A similar bug has been reported upstream as early as 2010, by > one Peng Yu. In response, upstream developer Giuseppe Scrivano > has not himself tried to fix the bug, but has invited others > to try. [1] > > 1: https://lists.gnu.org/archive/html/bug-wget/2010-05/msg00052.h > tml > > So, I am trying. > > I have not yet spoken to anyone upstream about this patch, but > of course (unless you advise otherwise) I eventually will. My strong advise is to contact the upstream mailinglist were you will get the best feedback regarding patches and hints for integration. The upstream maintainer switched since 2010 and other developer are very active on the mailinglist. https://lists.gnu.org/mailman/listinfo/bug-wget Regards Noël signature.asc Description: This is a digitally signed message part
Bug#833070: wget: please make the build reproducible
Hello Reiner, Am Sonntag, den 31.07.2016, 15:30 +0200 schrieb Reiner Herrmann: > While working on the "reproducible builds" effort [1], we have > noticed > that wget could not be built reproducibly. > The gettext mo files contain the current date/time in metadata > (POT-Creation-Date). > This can be normalized to a deterministic value (changelog date) > by strip-nondeterminism. See attached patch. thx for your patch. I will add it with my next upload. I need to add a build dependency for dh-strip-nondeterminism which is missing in your patch. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#829130: jessie-pu: package wget/1.16-1+deb8u1
Hello Salvatore and Stable Release Managers, Am Dienstag, den 05.07.2016, 15:44 +0200 schrieb Salvatore Bonaccorso: > > Package: release.debian.org > > Severity: normal > > Tags: jessie > > User: release.debian@packages.debian.org > > Usertags: pu > > wget in stable is affected by CVE-2016-4971, an issue where wget ... > JFTR, if actually Noël Köthe <n...@debian.org> would like to do the > upload himself, I can happily hand over. I wasn't aware of this release bugreport (sorry). Thanks for CC:. DSA informed me that there will be no DSA for this CVE and liked to see this fixed by a jessie point release. https://security-tracker.debian.org/tracker/CVE-2016-4971 (at the end "no DSA"). Attached the minor changed debdiff based on the backported patch from Salvatore. I tested the resulting wget 1.16-1+deb8u1 package on a amd64 jessie machine. If the Stable Release Manager accept the changes I will upload the package. Regards Noeldiff -Nru wget-1.16/debian/changelog wget-1.16/debian/changelog --- wget-1.16/debian/changelog 2014-10-27 11:41:18.0 +0100 +++ wget-1.16/debian/changelog 2016-07-05 16:21:21.0 +0200 @@ -1,3 +1,15 @@ +wget (1.16-1+deb8u1) jessie; urgency=medium + + * added patch for CVE-2016-4971. closes: #827003, #829130 +By default, on server redirects to a FTP resource, use the original +URL to get the local file name. Close CVE-2016-4971. This +introduces a backward-incompatibility for HTTP->FTP redirects and +any script that relies on the old behaviour must use +--trust-server-names. + * debian/rules fixed clean target + + -- Noël Köthe <n...@debian.org> Mon, 04 Jul 2016 18:37:47 +0200 + wget (1.16-1) unstable; urgency=medium * new upstream release from 2014-10-27 diff -Nru wget-1.16/debian/patches/series wget-1.16/debian/patches/series --- wget-1.16/debian/patches/series 2014-10-16 11:32:22.0 +0200 +++ wget-1.16/debian/patches/series 2016-06-30 17:21:45.0 +0200 @@ -1,4 +1,5 @@ wget-doc-remove-usr-local-in-sample.wgetrc wget-doc-remove-usr-local-in-wget.texi wget-passive_ftp-default +wget-CVE-2016-4971.patch diff -Nru wget-1.16/debian/patches/wget-CVE-2016-4971.patch wget-1.16/debian/patches/wget-CVE-2016-4971.patch --- wget-1.16/debian/patches/wget-CVE-2016-4971.patch 1970-01-01 01:00:00.0 +0100 +++ wget-1.16/debian/patches/wget-CVE-2016-4971.patch 2016-07-05 16:09:10.0 +0200 @@ -0,0 +1,270 @@ +Description: ftp: understand --trust-server-names on a HTTP->FTP redirect + If not --trust-server-names is used, FTP will also get the destination + file name from the original url specified by the user instead of the + redirected url. Closes CVE-2016-4971. +Origin: backport, http://git.savannah.gnu.org/cgit/wget.git/commit/?id=e996e322ffd42aaa051602da182d03178d0f13e1 +Bug-Debian: https://bugs.debian.org/827003 +Forwarded: not-needed +Author: Giuseppe Scrivano <gscri...@redhat.com> +Reviewed-by: Salvatore Bonaccorso <car...@debian.org> +Last-Update: 2016-06-30 +Applied-Upstream: 1.18 +--- + +--- a/src/ftp.c b/src/ftp.c +@@ -235,14 +235,15 @@ print_length (wgint size, wgint start, b + logputs (LOG_VERBOSE, !authoritative ? _(" (unauthoritative)\n") : "\n"); + } + +-static uerr_t ftp_get_listing (struct url *, ccon *, struct fileinfo **); ++static uerr_t ftp_get_listing (struct url *, struct url *, ccon *, struct fileinfo **); + + /* Retrieves a file with denoted parameters through opening an FTP +connection to the server. It always closes the data connection, +and closes the control connection in case of error. If warc_tmp +is non-NULL, the downloaded data will be written there as well. */ + static uerr_t +-getftp (struct url *u, wgint passed_expected_bytes, wgint *qtyread, ++getftp (struct url *u, struct url *original_url, ++wgint passed_expected_bytes, wgint *qtyread, + wgint restval, ccon *con, int count, wgint *last_expected_bytes, + FILE *warc_tmp) + { +@@ -992,7 +993,7 @@ Error in server response, closing contro + { + bool exists = false; + struct fileinfo *f; +- uerr_t _res = ftp_get_listing (u, con, ); ++ uerr_t _res = ftp_get_listing (u, original_url, con, ); + /* Set the DO_RETR command flag again, because it gets unset when + calling ftp_get_listing() and would otherwise cause an assertion + failure earlier on when this function gets repeatedly called +@@ -1536,7 +1537,8 @@ Error in server response, closing contro +This loop either gets commands from con, or (if ON_YOUR_OWN is +set), makes them up to retrieve the file given by the URL. */ + static uerr_t +-ftp_loop_internal (struct url *u, struct fileinfo *f, ccon *con, char **local_file) ++ftp_loop_internal (struct url *u, struct url *original_url, struct fileinfo *f, ++ ccon *con, char
Bug#827950: wget udeb https support inclusion in Jessie
Salut Yann, Am Donnerstag, den 23.06.2016, 11:05 +0200 schrieb Yann Soubeyrand: > Marga Manterola provided a patch to build a wget udeb which supports > https that was included in Sid (#802596). Could this patch be a > candidate for Jessie inclusion? If so, you can find a patch attached > to this mail. I just checked and if I'm not wrong the needed dependency of the libssl udeb needs to be available first. https://packages.debian.org/source/stable/openssl You requested this in #827951 which got rejected and without the udeb the wget udeb doesn't make any sense. Do you agree to close this request? Regards Noel signature.asc Description: This is a digitally signed message part
Bug#817778: info-beamer: nmu 1.0~pre3+dfsg-0.1
Hello James, Am Mittwoch, den 29.06.2016, 02:14 +0100 schrieb James Cowgill: > I have uploaded an NMU to DELAYED/10 to fix the following bugs. > Please tell me if I should cancel / delay it. > #817778 silkscreen font is not DFSG compliant > #826288 info-beamer: please use glfw3 Thanks for your work! You can upload it again without delay if you like. Regards Noel
Bug#802596: libssl-udeb now available
Hello Marga, Am Mittwoch, den 27.04.2016, 09:51 + schrieb Marga Manterola: > The latest openssl version now includes the necessary libssl-udeb ( > https://tracker.debian.org/media/packages/o/openssl/changelog-1.0.2g- > 2). > > Please apply the attached patch so that d-i can have https support. Thanks alot for your patch and work. I will upload wget with it in some minutes. Sorry, for not answering your initial bug report but I look from time to time for the libssl udeb. Have a nice day Noël signature.asc Description: This is a digitally signed message part
Bug#819172: xul-ext-lightbeam: should depend on firefox-esr | firefox instead of iceweasel
Package: xul-ext-lightbeam Version: 1.3.0+dfsg-1 Severity: important Dear Maintainer, in sid the iceweasel package is only a transitional package for the firefox package. Your package depends only on iceweasel but for the switch from iceweasel to firefox it should change the dependency to firefox-esr | firefox Thank you. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.4.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages xul-ext-lightbeam depends on: ii fonts-font-awesome 4.5.0~dfsg-1 ii iceweasel45.0.1esr-1 ii libjs-d3 3.5.16-1 ii texlive-fonts-extra 2015.20160320-1 xul-ext-lightbeam recommends no packages. xul-ext-lightbeam suggests no packages. -- no debconf information
Bug#819173: xul-ext-firebug: should depend on firefox-esr | firefox instead of iceweasel
Package: xul-ext-firebug Version: 2.0.14-1 Severity: important Dear Maintainer, in sid the iceweasel package is only a transitional package for the firefox package. Your package depends only on iceweasel but for the switch from iceweasel to firefox it should change the dependency to firefox-esr | firefox Thank you. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.4.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages xul-ext-firebug depends on: ii iceweasel 45.0.1esr-1 xul-ext-firebug recommends no packages. xul-ext-firebug suggests no packages. -- no debconf information
Bug#700594: #700594
Control: tags -1 + confirmed Control: found -1 1:3.3.6-4 Hello, I can confirm this problem with amanda on jessie amd64. When OpenVAS scans our network it results on wild running amandad. I guess you can use this to DoS the CPU of the server. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#805673: wget: segfault in strlen()
Control: tags -1 + upstream confirmed Control: forwarded -1 https://lists.gnu.org/archive/html/bug-wget/2015-11/msg00065.html Am Freitag, den 20.11.2015, 18:56 -0200 schrieb Nelson A. de Oliveira: Hello Nelson, > Trying to use wget like this: > > wget -N http://josm.openstreetmap.de/josm-latest.jar > > In a dir where I already have a file named "josm-latest.jar" is > causing > a segfault in wget. > > gdb's output with "thread apply all bt full" is attached. Thank you for your detailed report. On the upstream mailing list this problem is already raised and commented: https://lists.gnu.org/archive/html/bug-wget/2015-11/msg00064.html Regards Noël signature.asc Description: This is a digitally signed message part
Bug#803924: samba: missing logrotate for /var/log/samba/log.samba
Package: samba Version: 2:4.1.20+dfsg-1 Severity: normal Dear Maintainer, running samba as a DC the logfile /var/log/samba/log.samba will always increase and fill up the /var partition because the logrotate file from samba debian/samba.logrotate in the source and /etc/logrotate.d/samba in the installation is missing an entry for this file. This should fix it (samba-ad-dc has no reload): debian/samba.logrotate /var/log/samba/log.samba { weekly missingok rotate 7 postrotate /etc/init.d/samba-ad-dc restart > /dev/null endscript compress notifempty } /var/log/samba/log.smbd { ... Thx for fixing this small but disk filling bug.;) Regards Noël -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.2.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages samba depends on: ii adduser 3.113+nmu3 ii dpkg 1.18.3 ii libasn1-8-heimdal1.6~rc2+dfsg-10 ii libbsd0 0.7.0-2 ii libc62.19-22 ii libcomerr2 1.42.13-1 ii libhdb9-heimdal [heimdal-hdb-api-8] 1.6~rc2+dfsg-10 ii libkdc2-heimdal 1.6~rc2+dfsg-10 ii libkrb5-26-heimdal 1.6~rc2+dfsg-10 ii libldb1 2:1.1.21-1 ii libpam-modules 1.1.8-3.1 ii libpam-runtime 1.1.8-3.1 ii libpopt0 1.16-10 ii libpython2.7 2.7.10-5 ii libroken18-heimdal 1.6~rc2+dfsg-10 ii libtalloc2 2.1.3-1 ii libtdb1 1.3.7-1 ii libtevent0 0.9.25-2 ii lsb-base 9.20150917 ii procps 2:3.3.10-4 ii python 2.7.9-1 ii python-dnspython 1.12.0-1 ii python-ntdb 1.0-7 ii python-samba 2:4.1.20+dfsg-1 pn python2.7:any ii samba-common 2:4.1.20+dfsg-1 ii samba-common-bin 2:4.1.20+dfsg-1 ii samba-dsdb-modules 2:4.1.20+dfsg-1 ii samba-libs 2:4.1.20+dfsg-1 ii tdb-tools1.3.7-1 ii update-inetd 4.43 Versions of packages samba recommends: ii attr 1:2.4.47-2 ii logrotate 3.8.7-2 ii samba-vfs-modules 2:4.1.20+dfsg-1 Versions of packages samba suggests: pn bind9 pn bind9utils pn ctdb pn ldb-tools ii ntp1:4.2.8p4+dfsg-3 pn smbldap-tools pn winbind -- no debconf information
Bug#801049: #801049: GDM autologin does not allow use of Gnome keyring and makes Evolution unusable
Hello, I can confirm this problem.:( The workaround is a logout and login again. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#797057: wget https://contributors.debian.org fails with "No data received."
Control: tags -1 + upstream Control: forwarded -1 https://savannah.gnu.org/bugs/?46061 Hello Enrico, Am Donnerstag, den 27.08.2015, 15:37 +0200 schrieb Enrico Zini: > thank you for maintaining wget. A simple > wget https://contributors.debian.org currently fails: > > $ wget https://contributors.debian.org > --2015-08-27 15:34:30-- https://contributors.debian.org/ ... > HTTP request sent, awaiting response... No data received. > Retrying. ... > We currently added "SSLVerifyClient optional" to the server > configuration to support authentication with client certificates, but > client certificates are not required to connect. The relevant apache > configuration is here: > > https://wiki.debian.org/DebianSingleSignOn#Documentation_for_web_ap > plication_owners-1 > > curl can access the site. Thx for your report. I forwarded it to the upstream bugtracker. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#563218: #563218 wget: odometer style progress display would be good, increase accessiblity
Control: tags 563218 + moreinfo Hello Dallas, did you tried the option --progress=bar:noscroll which looks like this: --8-- ... Length: 581959680 (555M), 456079160 (435M) remaining (unauthoritative) debian-8.1.0-amd64-i386-neti 22%[++ ] 124.65M 1.63MB/sL --8-- where the % and the two right numbers are increasing. Or is the bar so disturbing and your request is to have the option e.g.--progress=nobar and it should look like this: --8-- ... Length: 581959680 (555M), 456079160 (435M) remaining (unauthoritative) debian-8.1.0-amd64-i386-neti 22% 124.65M 1.63MB/s --8-- thx for your feedback. Regards Noël -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#712155: #712155 wget: -O does not work as described wrt timestamps
forwarded 712155 https://savannah.gnu.org/bugs/?45789 tags 712155 + upstream thanks Hello, your reported bug https://bugs.debian.org/712155 was commented by the maintainer on the same day but to be sure I submitted it to the upstream BTS. Regards Noël -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#281201: #281201 wget prints it's progress even when background
forwarded 281201 https://savannah.gnu.org/bugs/?45790 tags 281201 - moreinfo found 281201 1.16.3-3 thanks Hello, the wishlist reqest is now forwarded to the upstream bugtracker. Regards Noël -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#660932: #660932 Double quote in (some) wget's international output for downloaded filename
forwarded 660932 https://savannah.gnu.org/bugs/?45791 tags 660932 + upstream found 660932 1.16.3-3 thanks Hello, even after info to the translators there are still double quotes I reported it to the upstream bugtracker. Regards Noël -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#778277: wget memory problem in mirror mode, possible memory leak
tags 778277 + moreinfo squeeeze thanks Hello, Am Freitag, den 13.02.2015, 02:51 +0100 schrieb treaki: ... [269277.634832] Out of memory: Kill process 4049 (wget) score 780 or sacrifice child [269277.634843] Killed process 4049 (wget) total-vm:5596716kB, anon -rss:4111532kB, file-rss:56kB i have just a command lige this: $ wget -a wgetlog -m http://domain.tld/path/ and let it run and this is the resould please fix that. I didn't get any other bug report like yours and I cannot reproduce it. Can you give me the exact commadnline? Is it reproducible for you? Can you reproduce it with Debian stable(jessie with wget 1.16? thx. Regards Noël -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#744170: wget: Read error in TLS connection with openssl s_server -www server
Control: tags -1 +upstream Control: forwarded -1 https://savannah.gnu.org/bugs/?45792 Hello Vincent Am Dienstag, den 18.08.2015, 12:39 +0200 schrieb Vincent Lefevre: wget 1.16 fixed a lot of gnutls problems. Could you still reproduce this problem with 1.16 in jessie or the later version in testing/unstable? Still the same problem in unstable: --2015-08-18 12:29:07-- https://www.vinc17.net:4433/ Resolving www.vinc17.net (www.vinc17.net)... 92.243.22.117,2001:4b98:dc0:45:216:3eff:fe9b:eb2f ... 2015-08-18 12:29:07 (204 MB/s) - Read error at byte 5386 (The TLS connection was non-properly terminated.).Retrying. Thanks for your fast reply and the testserver. I submitted the problem to the upstream bugtracker. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#744170: wget: Read error in TLS connection with openssl s_server -www server
tags 744170 + moreinfo thanks Hello Vincent, Am Freitag, den 11.04.2014, 03:35 +0200 schrieb Vincent Lefevre: Package: wget Version: 1.15-1 Severity: normal What I set up a test server with: openssl s_server -CAfile ... -key ... -cert ... -www and try wget with it, I get errors: --2014-04-11 03:30:47-- https://www.vinc17.net:4433/ Resolving www.vinc17.net (www.vinc17.net)... 92.243.22.117, 2001:4b98:dc0:45:216:3eff:fe9b:eb2f Connecting to www.vinc17.net (www.vinc17.net)|92.243.22.117|:4433... connected. HTTP request sent, awaiting response... 200 ok Length: unspecified [text/html] Saving to: ‘index.html.2’ [ = ] 5,494 --.-K/s in 0s 2014-04-11 03:30:47 (45.7 MB/s) - Read error at byte 5494 (The TLS connection was non-properly terminated.).Retrying. ... wget 1.16 fixed a lot of gnutls problems. Could you still reproduce this problem with 1.16 in jessie or the later version in testing/unstable? thx. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#496583: #496583 wget: ClamAV
Control: tags -1 + wontfix Hello, marking this bug as will not be fixed as you can read in the two answers. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#794483: wget: German translation: format string written to console
tags 794483 + moreinfo thanks Hello Simon, Am Montag, den 03.08.2015, 16:47 +0200 schrieb Simon Richter: after fetching a file from FTP with the -c option, I was shown the message Die Datei »%s« ist geholt worden. This appears to be an error in the translation, apparently fixed up to avoid dereferencing an invalid pointer. I tried to reproduce your report but I couldn't. Can you give to an example? --8-- $ wget -c ftp://cdimage.debian.org/debian-cd/current/multi-arch/iso-cd/debian-8.1.0-amd64-i386-netinst.iso --2015-08-16 10:27:03-- ftp://cdimage.debian.org/debian-cd/current/multi-arch/iso-cd/debian-8.1.0-amd64-i386-netinst.iso = »debian-8.1.0-amd64-i386-netinst.iso« Auflösen des Hostnamens »cdimage.debian.org (cdimage.debian.org)« … 2001:6b0:e:2018::165, 2001:6b0:e:2018::173, 130.239.18.173, ... Verbindungsaufbau zu cdimage.debian.org (cdimage.debian.org)|2001:6b0:e:2018::165|:21 … verbunden. Anmelden als anonymous … Angemeldet! == SYST ... fertig.== PWD ... fertig. == TYPE I ... fertig. == CWD (1) /debian-cd/current/multi-arch/iso-cd ... fertig. == SIZE debian-8.1.0-amd64-i386-netinst.iso ... 581959680 == EPSV ... fertig.== REST 326482088 ... fertig. == RETR debian-8.1.0-amd64-i386-netinst.iso ... fertig. Länge: 581959680 (555M), 255477592 (244M) sind noch übrig (unmaßgeblich) debian-8.1.0-amd64- 100%[=] 555,00M 4,53MB/s in 44s 2015-08-16 10:27:48 (5,48 MB/s) - »debian-8.1.0-amd64-i386-netinst.iso« gespeichert [581959680] $ wget -c ftp://cdimage.debian.org/debian-cd/current/multi-arch/iso-cd/debian-8.1.0-amd64-i386-netinst.iso --2015-08-16 10:32:17-- ftp://cdimage.debian.org/debian-cd/current/multi-arch/iso-cd/debian-8.1.0-amd64-i386-netinst.iso = »debian-8.1.0-amd64-i386-netinst.iso« Auflösen des Hostnamens »cdimage.debian.org (cdimage.debian.org)« … 2001:6b0:e:2018::173, 2001:6b0:e:2018::165, 130.239.18.165, ... Verbindungsaufbau zu cdimage.debian.org (cdimage.debian.org)|2001:6b0:e:2018::173|:21 … verbunden. Anmelden als anonymous … Angemeldet! == SYST ... fertig.== PWD ... fertig. == TYPE I ... fertig. == CWD (1) /debian-cd/current/multi-arch/iso-cd ... fertig. == SIZE debian-8.1.0-amd64-i386-netinst.iso ... 581959680 Die Datei ist bereits geholt worden. 2015-08-16 10:32:17 (0,00 B/s) - »debian-8.1.0-amd64-i386-netinst.iso« gespeichert [581959680] --8-- -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#330885: #330885 postfix enable TLS for smtp
Hello, maybe before the bugreport gets 10 years old it could be fixed? IMHO it would be a good goal to have a default configuration which has TLS enabled. Thank you. Regards Noël -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#790523: [bug #45443] http_proxy variable should also work for capitalized HTTP_PROXY
tags 790523 + wontfix thanks Hello, upstream will not fix this: Am Freitag, den 14.08.2015, 08:58 + schrieb Tim Ruehsen: Update of bug #45443 (project wget): Status:None = Wont Fix Assigned to:None = rockdaboot ___ Follow-up Comment #1: I cite Daniel Stenberg (curl maintainer/developer) from the mailing list bug-w...@gnu.org, Tue, 30 Jun 2015 11:20:28 +0200 (CEST): The reason some tools don't accept HTTP_PROXY and only http_proxy is that the CGI interface from back in the old days provide headers from the incoming request to the CGI program prefixed with HTTP_. Thus, running a CGI script from a server, an incoming Proxy: header (which normally doesn't do anything) would be sent to the program as HTTP_PROXY, leading to confusions or in the worst case some sort of attack. The CGI interface is an ancient thing, probably boardering to extinction. Still it is out there and some such CGIs probably use wget. Incidently, curl also only accepts the lower case version of this environment variable and I believe it goes for some other related tools as well. ___ Reply to this item at: http://savannah.gnu.org/bugs/?45443 -- Noël Köthe noel@ ebian.org Debian GNU/Linux, www.debian.org
Bug#750601: GnuTLS: Error in the push function when using a client certificate
tags 750601 + moreinfo thanks Hello Florent, Am Donnerstag, den 05.06.2014, 00:15 +0200 schrieb Florent Rougon: It seems unfortunately that bug #646983 is back in wheezy, or something that looks similar: % wget --certificate=*.pem --private-key=*** -rc -nH -np -vvv \ --ca-cert=*** https://server-name:port/path; --2014-06-03 23:09:39-- https://server-name:port/path; Resolving server-name (server-name)... server-ip Connecting to server-name (server-name)|server-ip|:port... connected. GnuTLS: Error in the push function. Unable to establish SSL connection. The same thing works fine in Firefox as well as with curl (using options --cert and --key). Is this still reproduce able with wget in jessie (1.16) or later? Thanks. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#794484: wget: does not reuse FTP connection when given URLs from stdin
forcemerge 32353 794484 found 32353 1.16.3-3 forwarded 32353 https://savannah.gnu.org/bugs/index.php?45689 thanks Hello Simon, Am Montag, den 03.08.2015, 16:50 +0200 schrieb Simon Richter: I've fed a list of ftp:// URLs to wget on stdin, expecting that the same connection would be used for all transfers, as all used the same host name. Transferring many small files this way has a massive overhead, so it would be nice if connection reuse could be added in this case as well. Yes, this is an old feature request. I added it to the wget bugtracker because I just found it in the mailinglist. Regards Noël -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#790523: wget does not recognize proxy variables when capitalized correctly.
Hello Ben, Am Dienstag, den 30.06.2015, 11:13 +0200 schrieb Noël Köthe: wget does not recognize proxy variables when capitalized correctly. ... I can confirm this issue and reported it to the upstream bugtracker. ... On the upstream mailinglist your problem is discussed and maybe you want to join: https://lists.gnu.org/archive/html/bug-wget/2015-06/msg00052.html Regards Noël -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#790523: wget does not recognize proxy variables when capitalized correctly.
forwarded 790523 https://savannah.gnu.org/bugs/?45443 found 790523 1.16.3-3 tags 790523 + confirmed thanks Hello Ben, Am Montag, den 29.06.2015, 17:56 -0600 schrieb Ben Hildred: wget does not recognize proxy variables when capitalized correctly. It wants them in lowercase, which conflicts with private variables in my script. snarf does this correctly. I can confirm this issue and reported it to the upstream bugtracker. # http_proxy=http://doesnotexist wget gnu.org --2015-06-30 10:58:36-- http://gnu.org/ Resolving doesnotexist (doesnotexist)... failed: Name or service not known. wget: unable to resolve host address 'doesnotexist' but using it with capitalized variables they are ignored: # HTTP_PROXY=http://doesnotexist wget gnu.org --2015-06-30 11:07:42-- http://gnu.org/ Resolving gnu.org (gnu.org)... 208.118.235.148 Connecting to gnu.org (gnu.org)|208.118.235.148|:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: http://www.gnu.org/ [following] --2015-06-30 11:07:42-- http://www.gnu.org/ Resolving http://www.gnu.org (http://www.gnu.org)... 208.118.235.148, 2001:4830:134:3::a Reusing existing connection to gnu.org:80. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] Saving to: 'index.html' index.html [ = ] 23.12K 63.1KB/s in 0.4s 2015-06-30 11:07:43 (63.1 KB/s) - 'index.html' saved [23677] -- Noël Köthe n...@debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#787942: wget: https no longer works due to certificate error with rebuild against libnettle6
Hello Vincent, Am Sonntag, den 14.06.2015, 22:14 +0200 schrieb Vincent Lefevre: Upgrading libgnutls-deb0-28 to 3.3.15-6 solves the problem. So, this is due to a missing versioned dependency. I will upload wget with the versioned dependency but this does not solve the problem in the future because the last wget upload was in March were everything worked and in the last weeks gnutls and libnettle changed without changed soname of the lib. Regards Noël -- Noël Köthe n...@debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#788333: wget: Segmentation fault after upgrade (libnettle6 installation)
force-merge 784009 788333 thanks Hello, Am Mittwoch, den 10.06.2015, 13:00 +0200 schrieb nfb: after today's upgrade which installed libnettle6 as dependency, i get segmentation fault running wget. Here is the gdb output: thx for your report. The cause of the problem is in the dependency gnutls (see #784009) which is fixed in 3.3.15-5 (unstable). Regards Noël signature.asc Description: This is a digitally signed message part
Bug#787942: wget: https no longer works due to certificate error with rebuild against libnettle6
tags 787942 + moreinfo unreproducible thanks Hello Vincent, Am Samstag, den 06.06.2015, 18:34 +0200 schrieb Vincent Lefevre: I get the following error: $ wget -O - https://www.vinc17.net/ ... ERROR: The certificate of ‘www.vinc17.net’ is not trusted. ... If I reinstall wget 1.16.3-2 (without doing anything else), the problem disappears. With the same version it works yesterday/today: $ wget https://www.vinc17.net/ --2015-06-09 10:07:40-- https://www.vinc17.net/ Resolving www.vinc17.net (www.vinc17.net)... 92.243.22.117, 2001:4b98:dc0:45:216:3eff:fe9b:eb2f Connecting to www.vinc17.net (www.vinc17.net)|92.243.22.117|:443... connected. HTTP request sent, awaiting response... 200 OK The gnutls dependency changed since Saturday and this would be the reason for your reported problem: Versions of packages wget depends on: ii libc6 2.19-18 same ii libgnutls-deb0-28 3.3.14-2 3.3.15-5 ii libidn11 1.30-1 same ii libnettle6 3.1.1-3 same ii libpcre3 2:8.35-5 same ii libpsl00.5.1-1 same ii libuuid1 2.26.2-6 same ii zlib1g 1:1.2.8.dfsg-2+b1 same If you confirm wget is working again I will close this bug. Regards -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#787624: evolution-data-server: d/p/05_imapx-Shared-folders-removed-folder-list-refresh.patch got lost?
Package: evolution-data-server Version: 3.12.11-1 Severity: normal Hello, with the update of evolution-data-server my shared-folder (on dovecot) are always got lost/not viewed. The problem was fixed since Feb with evolution-data-server (3.12.9~git20141128.5242b0-2+deb8u2) unstable; urgency=medium * d/p/05_imapx-Shared-folders-removed-folder-list-refresh.patch: Fix shared IMAP folders disappearing in some situations. -- Jordi Mallach jo...@debian.org Thu, 12 Feb 2015 10:59:19 +0100 ... but with 3.12.11-1 the problem is there again. The patch deletes code in camel/providers/imapx/camel-imapx-store.c which is still there in 3.12.11-1 Please reapply this patch again so it will work again. Thank you. Regards Noël -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.0.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages evolution-data-server depends on: ii evolution-data-server-common 3.12.11-1 ii gnome-keyring 3.16.0-2 ii libc6 2.19-18 ii libcamel-1.2-49 3.12.11-1 ii libdb5.3 5.3.28-9 ii libebackend-1.2-7 3.12.11-1 ii libebook-1.2-14 3.12.11-1 ii libebook-contacts-1.2-0 3.12.11-1 ii libecal-1.2-163.12.11-1 ii libedata-book-1.2-20 3.12.11-1 ii libedata-cal-1.2-23 3.12.11-1 ii libedataserver-1.2-18 3.12.11-1 ii libgcr-base-3-1 3.16.0-1 ii libgcr-ui-3-1 3.16.0-1 ii libgdata190.16.1-1 ii libglib2.0-0 2.44.1-1 ii libgoa-1.0-0b 3.16.2-1 ii libgtk-3-03.14.5-1 ii libgweather-3-6 3.16.1-1 ii libical1a 1.0-1.3 ii libldap-2.4-2 2.4.40+dfsg-1 ii libpango-1.0-01.36.8-3 ii libsecret-1-0 0.18.2-1 ii libsoup2.4-1 2.50.0-2 ii libxml2 2.9.2+dfsg1-3 evolution-data-server recommends no packages. Versions of packages evolution-data-server suggests: ii evolution 3.12.11-1 pn evolution-data-server-dbg none -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#785016: GnuTLS: received alert [70]: Error in protocol version
notfound 785016 1.16.3-2 tags 785016 + moreinfo thanks Hello Mathieu, please use reportbug to report your bugs because it includes more information about your system. The missing information is which Debian version you are using (stable, testing,...) and what versions of the dependencies are installed. I can guess but this might be wrong. thx. Am Montag, den 11.05.2015, 17:49 +0200 schrieb Mathieu Malaterre: Package: wget Version: 1.16-1 Severity: important I cannot download a zip file from https location: ... (documents.epfl.ch)|128.178.222.31|:443... connected. GnuTLS: A TLS fatal alert has been received. GnuTLS: received alert [70]: Error in protocol version Unable to establish SSL connection. It seems to be working from chromium -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#784348: wget -O foo ftp://ftp.funet.fi/pub/Linux/mirrors/debian/README deletes README symlink
forwarded 784348 https://savannah.gnu.org/bugs/?45037 found 784348 1.16.3-2 tags 784348 upstream thanks Hello Joey, Am Dienstag, den 05.05.2015, 13:18 -0400 schrieb Joey Hess: ... Doesn't happen if README is a file rather than a symlink, doesn't happen when using http. The ftp downloader apparently has a bug.. Thanks for your report. It is reproducible with the latest version 1.16.3 and I forwarded it to the upstream bugtracker. Regards Noël -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#783009: mirror segfaults on huge destination directory
Hello Harald, Am Montag, den 20.04.2015, 17:05 +0200 schrieb Harald Dunkel: lftp mirror dies with SEGV, if the local destination directory contains a huge number of files. lftp config file: open -u username, sftp://remote.example.com/incoming/ !mkdir -p /space/mirror/incoming mirror --newer-than=now-78days . /space/mirror/incoming close quit command line: % lftp -f .lftp/remote.lftp Segmentation fault(0) [Waiting for response...] ... Could you run your command with -d (debug) and send us the output? thx. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#740330: Debian Installer Jessie RC 3 release
Hello Installer experts, Am Sonntag, den 19.04.2015, 16:25 +0200 schrieb Cyril Brulebois: Feedback for this release = We need your help to find bugs and further improve the installer, so please try it. Installer CDs, other media and everything else you will need are available at our web site[3]. Maybe you can look on #740330 which was raised on debian-boot in October: https://lists.debian.org/debian-boot/2014/10/msg00115.html IMHO it is an important problem with a patch. Thanks for your work. -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#780710: wget: while downloading, when ETA comes fills screen
forcemerge 768110 780710 thanks Hello, Am Mittwoch, den 18.03.2015, 09:49 +0200 schrieb Pekka Takala: When downloading with wget and using the new style (not the dot style) downloading, wget scrolls the name if it is longer than the space reserved for the system. That is ok. But when the system starts to show estimated time, the screen fills with extra lines instead of staying on one line. Yes, sadly this is a problem in 1.16 and fixed in 1.16.1 but the fixing version is only in experimental because of the Jessie release freeze. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#779519: wget: --quiet is not quiet
forwarded 779519 https://savannah.gnu.org/bugs/index.php?44403 tags 779519 + confirmed upstream thanks Hello Jakub, Am Sonntag, den 01.03.2015, 21:11 +0100 schrieb Jakub Wilk: $ wget --quiet http://www.debian.org/ index.html 100%[=] 14.79K 3.67KB/s in 4.0s Thanks for your report. I forwarded it to the upstream bugtracker. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#779278: thc-ipv6: new upstream version 2.7 available
Package: thc-ipv6 Version: 2.5-3 Severity: wishlist Dear Maintainer, https://www.thc.org/thc-ipv6/ list 2.7 from 2014-12-30 as latest release. Maybe you can update the package. Thank you. Regards Noël -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages thc-ipv6 depends on: ii libc62.19-15 ii libpcap0.8 1.6.2-2 ii libssl1.0.0 1.0.1k-1 thc-ipv6 recommends no packages. thc-ipv6 suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#776721: unblock: lftp/4.6.0-1+deb8u1
tags 776721 - moreinfo thanks Am Sonntag, den 01.02.2015, 17:32 + schrieb Adam D. Barratt: As far as I can see, that patch is not yet in unstable. In general, where an issue affects both unstable and testing, it should be fixed in unstable first and then in testing, either directly or via t-p-u; new fixes should not be initially added directly via t-p-u. Please remove the moreinfo tag once the upload to unstable has occurred. I waited some more time for an upstream release but it is not there and Moritz pinged me. 4.6.1-2 includes the upstream patch so I removed the tag. thx and regards Noël signature.asc Description: This is a digitally signed message part
Bug#768110: wget: strange progress display with certain locale settings
Hello, Am Mittwoch, den 04.02.2015, 17:04 +0300 schrieb Vlad Orlov: Please migrate 1.61.1-1 to Jessie. I don't like wget spamming my terminal emulator while downloading large files. I understand this but the release team does not allow new upstream versions for jessie since November (1.16.1 released 2014-12-08).:( Sorry. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#776721: unblock: lftp/4.6.0-1+deb8u1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package lftp lftp in jessie/testing accepts adds ssh host keys (fish/sftp) hardcoded. This is fixed by the upstream patch. Debian Bug #774769 Upstream Patch https://github.com/lavv17/lftp/commit/bc7b476e782d77839765f56bbdb4cee9f36b54ec The bug is reported normal with the security tag and Moritz Mühlenhoff asked for jessie integration. Thanks for your work Regards Noël # debdiff lftp_4.6.0-1.dsc lftp_4.6.0-1+deb8u1.dsc diff -Nru lftp-4.6.0/debian/changelog lftp-4.6.0/debian/changelog --- lftp-4.6.0/debian/changelog 2014-10-14 14:29:20.0 +0200 +++ lftp-4.6.0/debian/changelog 2015-01-31 18:32:39.0 +0100 @@ -1,3 +1,10 @@ +lftp (4.6.0-1+deb8u1) testing-proposed-updates; urgency=medium + + * adding upstream patch to fix auto-confirm of ssh/sftp host keys +closes: Bug#774769 + + -- Noël Köthe n...@debian.org Sat, 31 Jan 2015 18:29:33 +0100 + lftp (4.6.0-1) unstable; urgency=medium * new upstream release from 2014-10-14 diff -Nru lftp-4.6.0/debian/patches/add-settingsfish_auto-confirmandsftp_auto-confirm.patch lftp-4.6.0/debian/patches/add-settingsfish_auto-confirmandsftp_auto-confirm.patch --- lftp-4.6.0/debian/patches/add-settingsfish_auto-confirmandsftp_auto-confirm.patch 1970-01-01 01:00:00.0 +0100 +++ lftp-4.6.0/debian/patches/add-settingsfish_auto-confirmandsftp_auto-confirm.patch 2015-01-31 18:24:16.0 +0100 @@ -0,0 +1,78 @@ +From bc7b476e782d77839765f56bbdb4cee9f36b54ec Mon Sep 17 00:00:00 2001 +From: Alexander V. Lukyanov lavv...@gmail.com +Date: Tue, 13 Jan 2015 15:33:54 +0300 +Subject: [PATCH] add settings fish:auto-confirm and sftp:auto-confirm + +New host keys are now not confirmed by default, this should improve security. +Suggested by Marcin Szewczyk marcin.szewc...@wodny.org +--- + doc/lftp.1| 8 + src/SSH_Access.cc | 5 +++-- + src/resource.cc | 2 ++ + 3 files changed, 13 insertions(+), 2 deletions(-) + +diff --git a/doc/lftp.1 b/doc/lftp.1 +index cabc1be..ed6c388 100644 +--- a/doc/lftp.1 b/doc/lftp.1 +@@ -1384,6 +1384,10 @@ address family in dns:order. + .BR file:charset \ (string) + local character set. It is set from current locale initially. + .TP ++.BR fish:auto-confirm \ (boolean) ++when true, lftp answers ``yes'' to all ssh questions, in particular to the ++question about a new host key. Otherwise it answers ``no''. ++.TP + .BR fish:charset \ (string) + the character set used by fish server in requests, replies and file listings. + Default is empty which means the same as local. +@@ -1952,6 +1956,10 @@ minimal chunk size to split the file to. + save pget transfer status this often. Set to `never' to disable saving of the status file. + The status is saved to a file with suffix \fI.lftp-pget-status\fP. + .TP ++.BR sftp:auto-confirm \ (boolean) ++when true, lftp answers ``yes'' to all ssh questions, in particular to the ++question about a new host key. Otherwise it answers ``no''. ++.TP + .BR sftp:charset \ (string) + the character set used by SFTP server in file names and file listings. + Default is empty which means the same as local. This setting is only used +diff --git a/src/SSH_Access.cc b/src/SSH_Access.cc +index 706fc6a..17c716d 100644 +--- a/src/SSH_Access.cc b/src/SSH_Access.cc +@@ -72,8 +72,9 @@ int SSH_Access::HandleSSHMessage() + } + if(s=y_len !strncasecmp(b+s-y_len,y,y_len)) + { +- pty_recv_buf-Put(yes\n); +- pty_send_buf-Put(yes\n); ++ const char *answer=QueryBool(auto-confirm,hostname)?yes\n:no\n; ++ pty_recv_buf-Put(answer); ++ pty_send_buf-Put(answer); +return m; + } + if(!received_greeting recv_buf-Size()0) +diff --git a/src/resource.cc b/src/resource.cc +index 91b2e60..3a5e8b9 100644 +--- a/src/resource.cc b/src/resource.cc +@@ -339,6 +339,7 @@ static ResType lftp_vars[] = { +{mirror:no-empty-dirs,no, ResMgr::BoolValidate,ResMgr::NoClosure}, +{mirror:require-source, no, ResMgr::BoolValidate,ResMgr::NoClosure}, + ++ {sftp:auto-confirm, no,ResMgr::BoolValidate,0}, +{sftp:max-packets-in-flight,16, ResMgr::UNumberValidate,0}, +{sftp:protocol-version, 6, ResMgr::UNumberValidate,0}, +{sftp:size-read, 32k, ResMgr::UNumberValidate,0}, +@@ -367,6 +368,7 @@ static ResType lftp_vars[] = { +{dns:strict-dnssec, no,ResMgr::BoolValidate,0}, + #endif + ++ {fish:auto-confirm, no,ResMgr::BoolValidate,0}, +{fish:shell, /bin/sh,0,0}, +{fish:connect-program,ssh -a -x,0,0}, +{fish:charset,, ResMgr::CharsetValidate,0}, +-- +2.1.4 + diff -Nru lftp-4.6.0/debian/patches/series lftp-4.6.0/debian/patches/series --- lftp-4.6.0/debian/patches/series2014-06-03 11:08:12.0 +0200 +++ lftp-4.6.0/debian/patches/series2015-01-31 18:33:43.0 +0100
Bug#774769: [lftp] saves unknown host's fingerprint in known_hosts without any prompt
Hello Moritz, Am Montag, den 26.01.2015, 13:13 +0100 schrieb Moritz Mühlenhoff: Thanks for your report. I agree the user should be asked and forwarded your report to the upstream issue tracker. Since this has been fixed upstream, could you pick the fix for jessie? I will work on a jessie update tomorrow. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#774769: [lftp] saves unknown host's fingerprint in known_hosts without any prompt
tags 774769 + upstream forwarded 774769 https://github.com/lavv17/lftp/issues/116 thanks Hello Marcin, Am Mittwoch, den 07.01.2015, 12:39 +0100 schrieb Marcin Szewczyk: From the src/SSH_Access.cc file: 47: const char *y=(yes/no)?; 73: if(s=y_len !strncasecmp(b+s-y_len,y,y_len)) 74: { 75: pty_recv_buf-Put(yes\n); 76: pty_send_buf-Put(yes\n); 77: return m; 78: } Not only does it make a particular SFTP file transfer insecure, but also any future connection via any SSH client. ... Thanks for your report. I agree the user should be asked and forwarded your report to the upstream issue tracker. Regards Noël -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#770910: When edit makes a temporary copy of a file, keep its extension intact
forwarded 770910 https://github.com/lavv17/lftp/issues/103 tags 770910 + upstream thanks Hello Jason, Am Dienstag, den 25.11.2014, 00:21 -0500 schrieb Jason Spiro: When I run an lftp command like edit index.php.new, lftp creates a temporary local copy of the remote file in my /tmp directory. It gives it a name like edit.tmp.4075. Sadly, some text editors make decisions regarding syntax highlighting simply by looking at the filename extension, and won't highlight a .4075 file at all. Please preserve the remote file's extension when creating the local copy. Instead of calling the local copy something like edit.tmp.4075, call it edit.tmp.4075.php.new. Thanks for your report. I forwarded it to the lftp upstream issue tracker. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#768304: unblock: wget/1.16-2
Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: normal Please unblock package wget wget 1.16-2 fixes two important problems: 1. with some locales the progressbar is broken and you it scrolls down. The patch from the upstream git. #768110 screenshot from reporter: http://imgbin.org/index.php?page=imageid=20771 2. it is not documented that certificate revocation lists (CRLs) are not checked (reporter reported it as grave). This is added to the manpage. Upstream is working on CRL support but until then it is documented somewhere. #767283 Additional I added the CVE number of the security problem which is fixes by 1.16 for documentation. Shame on me I accidentally deleted an unused patch which blow up the debdiff. Attached you find the full debdiff and inline for reading. I'm not sure if it is worth to reupload -3 with the needed changelog line because there are no changes for the resulting binaries but I understand if you require it. Thanks you. Regards Noël diff -Nru wget-1.16/debian/changelog wget-1.16/debian/changelog --- wget-1.16/debian/changelog 2014-10-27 11:41:18.0 +0100 +++ wget-1.16/debian/changelog 2014-11-05 11:31:52.0 +0100 @@ -1,7 +1,18 @@ +wget (1.16-2) unstable; urgency=medium + + * debian/changelog mention CVE-2014-4877 in 1.16-1 + * debian/patches/wget-progressbar.patch upstream commited patch +76f6fe22 to fix progressbar. Closes: #768110 + * debian/patches/wget-doc-CRLs.patch document that CRLs are not checked. +Closes: #767283 + + -- No�l K�the n...@debian.org Wed, 05 Nov 2014 12:15:02 +0100 + wget (1.16-1) unstable; urgency=medium * new upstream release from 2014-10-27 -- Poodle do not use SSLv3 except explicitely requested (CVE-2014-3566) +- No longer create local symbolic links by default CVE-2014-4877 +- Poodle do not use SSLv3 except explicitly requested CVE-2014-3566 * debian/control: Public Suffix List cookie domain checking via libpsl Closes: #766780 * debian/control: updated Standards-Version to 3.9.6 (no changes needed) diff -Nru wget-1.16/debian/patches/disable-SSLv2 wget-1.16/debian/patches/disable-SSLv2 --- wget-1.16/debian/patches/disable-SSLv2 2011-04-25 19:28:29.0 +0200 +++ wget-1.16/debian/patches/disable-SSLv2 1970-01-01 01:00:00.0 +0100 [...patch removed.. No�l] diff -Nru wget-1.16/debian/patches/series wget-1.16/debian/patches/series --- wget-1.16/debian/patches/series 2014-10-16 11:32:22.0 +0200 +++ wget-1.16/debian/patches/series 2014-11-05 11:18:51.0 +0100 @@ -1,4 +1,6 @@ wget-doc-remove-usr-local-in-sample.wgetrc wget-doc-remove-usr-local-in-wget.texi wget-passive_ftp-default +wget-progressbar.patch +wget-doc-CRLs.patch diff -Nru wget-1.16/debian/patches/wget-doc-CRLs.patch wget-1.16/debian/patches/wget-doc-CRLs.patch --- wget-1.16/debian/patches/wget-doc-CRLs.patch1970-01-01 01:00:00.0 +0100 +++ wget-1.16/debian/patches/wget-doc-CRLs.patch2014-11-05 12:05:49.0 +0100 @@ -0,0 +1,26 @@ +Author: Noël Köthe n...@debian.org +Date: Wed, 05 Nov 2014 12:10:41 +0100 + + document no CRLs are checked. + See bug https://savannah.gnu.org/bugs/?43501 + +--- a/doc/wget.texi2014-11-05 12:03:10.848353361 +0100 b/doc/wget.texi2014-11-05 12:08:46.831481483 +0100 +@@ -165,6 +165,17 @@ + @c man end + + @item ++@ignore ++@c man begin DESCRIPTION ++ ++@c man end ++@end ignore ++@c man begin DESCRIPTION ++Wget does not support Client Revocation Lists (CRLs) so the HTTPS ++certificate you are connecting to might be revoked by the siteowner. ++@c man end ++ ++@item + Wget supports proxy servers, which can lighten the network load, speed + up retrieval and provide access behind firewalls. Wget uses the passive + @sc{ftp} downloading by default, active @sc{ftp} being an option. diff -Nru wget-1.16/debian/patches/wget-progressbar.patch wget-1.16/debian/patches/wget-progressbar.patch --- wget-1.16/debian/patches/wget-progressbar.patch 1970-01-01 01:00:00.0 +0100 +++ wget-1.16/debian/patches/wget-progressbar.patch 2014-11-05 08:51:44.0 +0100 @@ -0,0 +1,33 @@ +commit 35bfcb34b0eb5ccc28c1e9f308678fd476f6fe22 +Author: Darshit Shah dar...@gmail.com +Date: Sat Nov 1 05:34:04 2014 +0530 + +Remove extra padding from the progress bar + +diff --git a/src/progress.c b/src/progress.c +index 5ba542d..a0b48e4 100644 +--- a/src/progress.c b/src/progress.c +@@ -907,10 +907,6 @@ create_image (struct bar_progress *bp, double dl_total_time, bool done) + char *p = bp-buffer; + wgint size = bp-initial_length + bp-count; + +- const char *size_grouped = with_thousand_seps (size); +- int size_grouped_len = count_cols (size_grouped); +- /* Difference between num cols and num bytes: */ +- int size_grouped_diff = strlen (size_grouped) - size_grouped_len; + int size_grouped_pad; /* Used to pad the field width for
Bug#768302: wget: ctrl+c sends wget into background
tags 768302 + moreinfo unreproducible thanks Hello Dirk, Am Donnerstag, den 06.11.2014, 12:04 +0100 schrieb Dirk Griesbach: With some URLs CTRL+C will send wget 1.16-2 into background the first time it is entered while wget 1.16-1 worked just fine: , | $ --2014-11-06 11:40:48-- http://downloads.sourceforge.net/project/systemrescuecd/sysresccd-x86/4.4.0/systemrescuecd-x86-4.4.0.iso?r=http%3A%2F%2Fwww.sysresccd.org%2FDownload | Auflösen des Hostnamen »downloads.sourceforge.net (downloads.sourceforge.net)«... 216.34.181.59 | Verbindungsaufbau zu downloads.sourceforge.net (downloads.sourceforge.net)|216.34.181.59|:80... verbunden. | HTTP-Anforderung gesendet, warte auf Antwort... 302 Found | Platz: http://freefr.dl.sourceforge.net/project/systemrescuecd/sysresccd-x86/4.4.0/systemrescuecd-x86-4.4.0.iso[folge] | --2014-11-06 11:40:48-- http://freefr.dl.sourceforge.net/project/systemrescuecd/sysresccd-x86/4.4.0/systemrescuecd-x86-4.4.0.iso | Auflösen des Hostnamen »freefr.dl.sourceforge.net (freefr.dl.sourceforge.net)«... 88.191.250.136, 2a01:e0d:1:8:58bf:fa88:0:1 | Verbindungsaufbau zu freefr.dl.sourceforge.net (freefr.dl.sourceforge.net)|88.191.250.136|:80... verbunden. | HTTP-Anforderung gesendet, warte auf Antwort... 200 OK | Länge: 411967488 (393M) [application/octet-stream] | In »»systemrescuecd-x86-4.4.0.iso?r=http%3A%2F%2Fwww.sysresccd.org%2FDownload.8«« speichern. | | -x86-4.4.0.iso?r=ht 0%[ ] 3,30M 1,10MB/s | [2]+ Fertig ts=1415268201 | emrescuecd-x86-4.4. 17%[== ] 70,11M 1,26MB/s eta 4m 20s | p%3A%2F%2Fwww.sysre 23%[ ] 92,25M 1,26MB/s eta 4m 1s | w.sysresccd.org%2FD 24%[ ] 95,26M 1,26MB/s eta 3m 59s | ysresccd.org%2FDown 24%[ ] 96,02M 1,26MB/s eta 3m 58s | %3A%2F%2Fwww.sysres 27%[ ] 106,35M 1,26MB/s eta 3m 50s ` If I then execute 'fg' wget will be a foreground process again and can be killed with CTR+C. Hmm, Ctrl+C shouldn't send a job into background. You see the [2]+ Fertig. It looks like you have 2 jobs and the 1. is finished and with fg you go back to it. Could you retry it with quoting the URL into ? It should behave like the cdimage URL. However, this behavior is not exhibited with e.g. | wget http://cdimage.debian.org/debian-cd/7.7.0/kfreebsd-amd64/iso-cd/debian-7.7.0-kfreebsd-amd64-netinst.iso which can be terminated with CTRL+C like expected. This is the correct behavior. Regards Noël -- Noël Köthe noel debian.org Debian GNU/Linux, www.debian.org signature.asc Description: This is a digitally signed message part
Bug#768319: mumudvb: new upstream lease available
Package: mumudvb Version: 1.7.1-1 Severity: wishlist Dear Maintainer, 1.7.2 is available since nearly a year and a 2.0.0. Could you update the package in Debian? Thank you. Regards Noël -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.16-3-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#768110: reopen 768110
reopen 768110 thanks Hello, sadly the patch results in failing downloads. I removed the patch (1.16-3) and ugly progress bar is better than failing downloads. Regards Noël signature.asc Description: This is a digitally signed message part
Bug#768302: wget: ctrl+c sends wget into background
Hello Dirk, Am Donnerstag, den 06.11.2014, 14:06 +0100 schrieb Dirk Griesbach: Now I see [1] and the example mentioned: | wget http://fly.osdn.org.ua/~mike/iso/tmp/live-flightgear-20141101-x86_64.iso with version 1.16-2 will trigger the assertion while version 1.16-1 would just download the file. I think for now a garbled progress bar is better than not downloading a file at all. So maybe it is better to revert the patch for bug #768110? Should I open a separate bug for the latter issue or would it be OK to hijack this one and just rename it? No need to report an additional bug. I removed the patch and upload 1.16-3 without the progress bar patch. Thanks for raising this issue! Regards Noël signature.asc Description: This is a digitally signed message part