Bug#1069859: atop: Fix atop for 64-bit time_t on arm

[Steve Langasek]

On Sun, May 26, 2024 at 06:12:50PM +0200, Marc Haber wrote:
> I am not too fond about the suggested patch since it breaks atop on
> systems with 32bit time_t,

It does not: promoting the time_t to a long long on all architectures before
passing it as an argument to the format string is portable to all (existing)
architectures.  Either sizeof(time_t) == sizeof(long long) and the cast is a
no-op, or sizeof(time_t) < sizeof(long long) and this is merely a signed
extension operation.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1071215: shim-signed 15.8 still on hold. Inconsistencies with shim-helpers-amd64-signed based on 15.8

[Steve McIntyre]

On Thu, May 16, 2024 at 11:56:19AM +0200, Eric Valette wrote:
>Package: shim-signed
>Version: 1.40+15.7-1
>Severity: normal
>
>For about two weeks, shim-helpers-amd64-signed is at version 15.8
>(I have downgraded and put it on hold) but corresponding shim-signed
>is apparently blocked and not entering unstable.
>
>Any rationale?

The process of getting a new version of shim-signed is long and
complex, and not entirely under our control:

1. Build shim, test the hell out of it.
2. Upload shim, wait for it to build, check that the binary is
   reproducible.
3. Submit a shim-review issue (or several) at
   https://github.com/rhboot/shim-review/issues .
4. Upload our binaries to Microsoft's site for signing.
5. Wait for the review (and maybe fix things), potentially multiple
   passes here.
6. Wait for the signature to come back.
7. Prepare the shim-signed package with the signed binaries, and test
   like hell.
8. Upload shim-signed.

We're currently at step 5.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
There's no sensation to compare with this
Suspended animation, A state of bliss

Bug#996202: EFI Secure Boot for systemd-boot

[Steve McIntyre]

On Fri, May 10, 2024 at 03:44:35PM +0100, Luca Boccassi wrote:
>On Fri, 10 May 2024 at 15:36, Steve McIntyre  wrote:
>> On Fri, May 10, 2024 at 04:29:00PM +0200, Ansgar  wrote:
>>
>> >Maybe we should use a non-trusted cert for the initial setup and only
>> >switch to a proper cert once everything is confirmed to be working as
>> >expected?
>>
>> Hmmm, maybe? Luca?
>
>What do you mean precisely here? A DSA-managed cert used by FTP to
>sign but that doesn't chain to the Debian CA? Or to do something
>completely local to the systemd-boot package?

Exactly the former - we can use a test key for signing systemd-boot to
start with. Once we're happy all round, we can switch to a cert in the
chain.

>I am fine with any approach that lets us move forward, if that needs
>to be some intermediate testing stage that's fine by me.

Cool.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
  Mature Sporty Personal
  More Innovation More Adult
  A Man in Dandism
  Powered Midship Specialty

Bug#996202: EFI Secure Boot for systemd-boot

[Steve McIntyre]

On Fri, May 10, 2024 at 04:29:00PM +0200, Ansgar  wrote:
>Hi,
>
>On Fri, 2024-05-10 at 15:20 +0100, Luca Boccassi wrote:
>> On Thu, 04 Apr 2024 20:41:59 +0100 Luca Boccassi 
>> > On IRC Steve mentioned that he's ok with proceeding with this.
>> > jcristau from DSA said that it's the FTP team that should confirm the 
>> > request
>> > for the new intermediate signer cert for systemd-boot to DSA.
>> > 
>> > FTP team, are you ok with proceeding with this? If so, would it be
>> > possible to have an ACK, please? Is there any more information required
>> > beforehand?
>
>As long as the security boot people are fine with this, I think this
>should be fine. (And AFAIU this seems to be the case.)

Yes, I'm happy for us to add this. Please go ahead.

>Maybe we should use a non-trusted cert for the initial setup and only
>switch to a proper cert once everything is confirmed to be working as
>expected?

Hmmm, maybe? Luca?

Also, while I'm thinking about things... We should probably also move
to a new kernel signing cert for unstable/testing now that we've moved
to build-time ephemeral keys for the modules. At some point in the
future that will let us DBX-block the old kernel signing
certificate(s) in a new shim build. Bastian: I'm assuming the
ephemeral change is only a thing in testing/unstable? Can we (easily)
use a different signer for different releases of the kernel here?

In fact, if we're going to generate new keys and certs for the
intermediate signers, it might be worth refreshing them all anyway
maybe?

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"Every time you use Tcl, God kills a kitten." -- Malcolm Ray

Bug#1068684: For arm64 -ffp-contract=off helps

[Steve Capper]

Hello,
FWIW, adding -ffp-contract=off to CFLAGS and CXXFLAGS appears to fix the build 
s.t the unit tests on arm64 pass and the package builds successfully.

Cheers,
--
Steve Capper

Bug#1068170: re: 'rust-apr: FTBFS on non-amd64/mips64el: error[E0308]: arguments to this function are incorrect'

[Steve Capper]

Hello,
For info…
The signed-ness of char issues have been fixed upstream here:
https://github.com/jelmer/apr-rs/commit/9ac891f205cb27a907b52860ce1741e1a5347135

By utilising std::ffi::c_char.

Cheers,
--
Steve Capper

Bug#1069410: efitools: FTBFS on arm64: make[1]: *** [Make.rules:130: HelloWorld-signed.efi] Error 1

[Steve McIntyre]

Control: tags -1 +confirmed

On Sat, Apr 20, 2024 at 02:01:48PM +0200, Lucas Nussbaum wrote:
>Source: efitools
>Version: 1.9.2-3
>Severity: serious
>Justification: FTBFS
>Tags: trixie sid ftbfs
>User: lu...@debian.org
>Usertags: ftbfs-20240420 ftbfs-trixie ftbfs-t64-arm64
>
>Hi,
>
>During a rebuild of all packages in sid, your package failed to build
>on arm64.

...

>> Signature at: 40
>> sbsign --key DB.key --cert DB.crt --output HelloWorld-signed.efi 
>> HelloWorld.efi
>> ./cert-to-efi-sig-list -g ----123456789abc PK.crt PK.esl
>> Invalid DOS header magic
>> make[1]: *** [Make.rules:130: HelloWorld-signed.efi] Error 1

I can reproduce this here. The HelloWorld.efi binary seems to be
totally malformed. Digging further...

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
You lock the door
And throw away the key
There's someone in my head but it's not me 

Bug#1070670: bullseye-pu: package shim/15.8-1~deb11u1

[Steve McIntyre]

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: debian-...@lists.debian.org

This is a new upstream version of shim, built for bullseye. This is
needed for better handling of SBAT-based revocations, plus a range of
security updates from upstream.

[ This is very similar to the bookworm update in #1070660 ]

See attached debdiff for the changes. They're not minimal, but in the
case of shim we need to be as close to upstream as possible for the
sake of getting stuff reviewed and signed. The only local patches to
the upstream source now are:

 * to force SBAT updates to revoke older insecure grub binaries
 * to allow for building on arm64 with older toolchain (retained from
   previous bullseye builds)

There are some minor changes to packaging to help with review.

I've tested locally using CI and also by hand on various machines and
all looks good here.

Obviously, once this is accepted and autobuilt I'll need to submit
things for review and signing elsewhere. Then we'll be want
shim-signed updting too.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

shim (15.8-1~deb11u1) bullseye; urgency=medium

  * New upstream release fixing more bugs
  * Remove previous patches, no longer needed:
+ Make-sbat_var.S-parse-right-with-buggy-gcc-binutils.patch (now
  upstream)
+ Enable-NX.patch (we don't want NX just yet until the whole boot
  stack is NX-capable)
+ block-grub-sbat3-debian.patch (not needed now upstream grub SBAT
  is 4)
  * Cherry-pick 2 new patches from upstream for grub revocations:
+ 0001-sbat-Add-grub.peimage-2-to-latest-CVE-2024-2312.patch
+ 0002-sbat-Also-bump-latest-for-grub-4-and-to-todays-date.patch
  * Log if the build is nx-compatible or not
  * Force shim to use the latest revocations by default to block some
older grub / peimage issues. This is:
"shim,4\ngrub,4\ngrub.peimage,2\n"
  * Install a copy of the Debian CA certificate into /usr/share/shim.
Closes: #1069054
  * Clean up better after build. Closes: #1046268


shim_15.8-1~deb11u1.debdiff.gz
Description: application/gzip

Bug#1070660: bookworm-pu: package shim/15.8-1~deb12u1

[Steve McIntyre]

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: debian-...@lists.debian.org

This is a new upstream version of shim, built for bookworm. This is
needed for better handling of SBAT-based revocations, plus a range of
security updates from upstream.

See attached debdiff for the changes. They're not minimal, but in the
case of shim we need to be as close to upstream as possible for the
sake of getting stuff reviewed and signed. The only local patches to
the upstream source now are to force SBAT updates to revoke older
insecure grub binaries. There are some minor changes to packaging to
help with review, and to add some autopkgtest stuff.

I've tested locally using CI and also by hand on various machines and
all looks good here.

Obviously, once this is accepted and autobuilt I'll need to submit
things for review and signing elsewhere. Then we'll be want
shim-signed updting too.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

shim (15.8-1~deb12u1) bookworm; urgency=medium

  [ Steve McIntyre ]
  * Cope with changes in pesign packaging.
  * New upstream release fixing more bugs
  * Remove all our previous patches, no longer needed:
+ Make-sbat_var.S-parse-right-with-buggy-gcc-binutils.patch (now
  upstream)
+ Enable-NX.patch (we don't want NX just yet until the whole boot
  stack is NX-capable)
+ block-grub-sbat3-debian.patch (not needed now upstream grub SBAT
  is 4)
  * Cherry-pick 2 new patches from upstream for grub revocations:
+ 0001-sbat-Add-grub.peimage-2-to-latest-CVE-2024-2312.patch
+ 0002-sbat-Also-bump-latest-for-grub-4-and-to-todays-date.patch
  * Log if the build is nx-compatible or not
  * Force shim to use the latest revocations by default to block some
older grub / peimage issues. This is:
"shim,4\ngrub,4\ngrub.peimage,2\n"
  * Install a copy of the Debian CA certificate into /usr/share/shim.
Closes: #1069054
  * Clean up better after build. Closes: #1046268

  [ Bastien Roucariès ]
  * Port autopkgtest from ubuntu
  * Import MR-12: "shim-unsigned:amd64 cannot be installed alongside
shim-unsigned:i386", thanks to adrian15 adrian15 (Closes: #936009).
  * Fix debian/watch and check signature


shim_15.8-1~deb12u1.debdiff.gz
Description: application/gzip

Bug#1065688: [Pkg-freeipa-devel] Bug#1065688: python-jwcrypto: CVE-2024-28102

[Steve McIntyre]

Hi Timo,

On Thu, May 02, 2024 at 09:07:08AM +0300, Timo Aaltonen wrote:
>Steve McIntyre kirjoitti 30.4.2024 klo 19.19:
>> Hi!
>> 
>> On Fri, Mar 08, 2024 at 10:42:40PM +0100, Salvatore Bonaccorso wrote:
>> > Source: python-jwcrypto
>> > Version: 1.5.4-1
>> > Severity: important
>> > Tags: security upstream
>> > X-Debbugs-Cc: car...@debian.org, Debian Security Team 
>> > 
>> > 
>> > Hi,
>> > 
>> > The following vulnerability was published for python-jwcrypto.
>> > 
>> > CVE-2024-28102[0]:
>> > | JWCrypto implements JWK, JWS, and JWE specifications using python-
>> > | cryptography. Prior to version 1.5.6, an attacker can cause a denial
>> > | of service attack by passing in a malicious JWE Token with a high
>> > | compression ratio. When the server processes this token, it will
>> > | consume a lot of memory and processing time. Version 1.5.6 fixes
>> > | this vulnerability by limiting the maximum token length.
>> 
>> We wanted this fixed in Pexip, so I've taken a look at this bug.
>> 
>> The upstream bugfix just needs a small rework so it applies cleanly to
>> the version in bookworm. Here's a debdiff for that that in case it's
>> useful.
>
>I've pushed 1.5.6 to sid now, feel free to upload the proposed version for
>bookworm, thanks.

I've asked the release team to approve, ready to upload when they say
so. I've also pushed a bookworm branch and a tag for this release to

https://salsa.debian.org/93sam/python-jwcrypto/-/tree/bookworm

if you'd like to merge those.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
  Getting a SCSI chain working is perfectly simple if you remember that there
  must be exactly three terminations: one on one end of the cable, one on the
  far end, and the goat, terminated over the SCSI chain with a silver-handled
  knife whilst burning *black* candles. --- Anthony DeBoer

Bug#1070249: bookworm-pu: package python-jwcrypto/1.1.0-1+deb12u1

[Steve McIntyre]

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: steve.mcint...@pexip.com, Timo Aaltonen 

Hi,

[ Reason ]
I've backported the upstream fix for CVE-2024-28102 (#1065688) to
bookworm. It's not considered critical as a security fix by the
security team, but would still be good to have in bookworm.

Ready to upload if you're happy.

Timo is happy for me to upload this - see the conversation in
#1065688.

[ Impact ]
Minor security issue.

[ Tests ]
The patch comes from upstream, and includes a unit test.

[ Risks ]
The changes are straightforward, cherry-picked from current upstream
and just massaged to fit the older version in bookworm.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]

The debdiff here just contains trivial metadata changes from my
initial debdiff in #1065688

python-jwcrypto (1.1.0-1+deb12u1) bookworm; urgency=medium

  * Apply and tweak upstream security fix for CVE-2024-28102
Address potential DoS with high compression ratio
diff -Nru python-jwcrypto-1.1.0/debian/changelog 
python-jwcrypto-1.1.0/debian/changelog
--- python-jwcrypto-1.1.0/debian/changelog  2022-03-29 08:33:50.0 
+0100
+++ python-jwcrypto-1.1.0/debian/changelog  2024-04-26 17:18:31.0 
+0100
@@ -1,3 +1,10 @@
+python-jwcrypto (1.1.0-1+deb12u1) bookworm; urgency=medium
+
+  * Apply and tweak upstream security fix for CVE-2024-28102
+Address potential DoS with high compression ratio
+
+ -- Steve McIntyre <93...@debian.org>  Fri, 26 Apr 2024 17:18:31 +0100
+
 python-jwcrypto (1.1.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru python-jwcrypto-1.1.0/debian/patches/CVE-2024-28102.patch 
python-jwcrypto-1.1.0/debian/patches/CVE-2024-28102.patch
--- python-jwcrypto-1.1.0/debian/patches/CVE-2024-28102.patch   1970-01-01 
01:00:00.0 +0100
+++ python-jwcrypto-1.1.0/debian/patches/CVE-2024-28102.patch   2024-04-26 
17:18:31.0 +0100
@@ -0,0 +1,72 @@
+commit 90477a3b6e73da69740e00b8161f53fea19b831f
+Author: Simo Sorce 
+Date:   Tue Mar 5 16:57:17 2024 -0500
+
+Address potential DoS with high compression ratio
+
+Fixes CVE-2024-28102
+
+Signed-off-by: Simo Sorce 
+
+Index: os-python-jwcrypto/jwcrypto/jwe.py
+===
+--- os-python-jwcrypto.orig/jwcrypto/jwe.py
 os-python-jwcrypto/jwcrypto/jwe.py
+@@ -9,6 +9,9 @@ from jwcrypto.common import base64url_de
+ from jwcrypto.common import json_decode, json_encode
+ from jwcrypto.jwa import JWA
+ 
++# Limit the amount of data we are willing to decompress by default.
++default_max_compressed_size = 256 * 1024
++
+ 
+ # RFC 7516 - 4.1
+ # name: (description, supported?)
+@@ -387,6 +390,10 @@ class JWE:
+ 
+ compress = jh.get('zip', None)
+ if compress == 'DEF':
++if len(data) > default_max_compressed_size:
++raise InvalidJWEData(
++'Compressed data exceeds maximum allowed'
++'size' + f' ({default_max_compressed_size})')
+ self.plaintext = zlib.decompress(data, -zlib.MAX_WBITS)
+ elif compress is None:
+ self.plaintext = data
+Index: os-python-jwcrypto/jwcrypto/tests.py
+===
+--- os-python-jwcrypto.orig/jwcrypto/tests.py
 os-python-jwcrypto/jwcrypto/tests.py
+@@ -1716,6 +1716,32 @@ class ConformanceTests(unittest.TestCase
+ check.decrypt(key)
+ self.assertEqual(check.payload, b'plain')
+ 
++def test_jwe_decompression_max(self):
++key = jwk.JWK(kty='oct', k=base64url_encode(b'A' * (128 // 8)))
++payload = '{"u": "' + "u" * 4 + '", "uu":"' \
+++ "u" * 4 + '"}'
++protected_header = {
++"alg": "A128KW",
++"enc": "A128GCM",
++"typ": "JWE",
++"zip": "DEF",
++}
++enc = jwe.JWE(payload.encode('utf-8'),
++  recipient=key,
++  protected=protected_header).serialize(compact=True)
++with self.assertRaises(jwe.InvalidJWEData):
++check = jwe.JWE()
++check.deserialize(enc)
++check.decrypt(key)
++
++defmax = jwe.default_max_compressed_size
++jwe.default_max_compressed_size = 10
++# ensure we can eraise the limit and decrypt
++check = jwe.JWE()
++check.deserialize(enc)
++check.decrypt(key)
++jwe.default_max_compressed_size = defmax
++
+ 
+ class JWATests(unittest.TestCase):
+ def test_jwa_crea

Bug#1070133: Patches for these two bugs

[Steve McIntyre]

On Thu, May 02, 2024 at 08:09:46AM -0400, Stefano Rivera wrote:
>Control: tag 1070133 +pending
>Control: tag 1070135 +pending
>
>Hi Steve (2024.05.01_06:07:10_-0400)
>
>Thanks for the patches, backported some more security patches and filed
>a bookworm-pu request (#1070232).

Lovely. :-)

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
  Armed with "Valor": "Centurion" represents quality of Discipline,
  Honor, Integrity and Loyalty. Now you don't have to be a Caesar to
  concord the digital world while feeling safe and proud.

Bug#1070133: Patches for these two bugs

[Steve McIntyre]

Control: tag 1070133 +patch
Control: tag 1070135 +patch

Here's a debdiff against what's already in 3.11.2-6+deb12u1 in
-proposed-updates

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
< sladen> I actually stayed in a hotel and arrived to find a post-it
  note stuck to the mini-bar saying "Paul: This fridge and
  fittings are the correct way around and do not need altering"
diff -Nru python3.11-3.11.2/debian/changelog python3.11-3.11.2/debian/changelog
--- python3.11-3.11.2/debian/changelog  2024-03-02 20:28:50.0 +
+++ python3.11-3.11.2/debian/changelog  2024-04-26 16:10:48.0 +0100
@@ -1,3 +1,14 @@
+python3.11 (3.11.2-6+deb12u2) bookworm; urgency=medium
+
+  * Apply upstream security fix for CVE-2024-0450
+Protect zipfile from "quoted-overlap" zipbomb.
+Closes: #1070133
+  * Apply and tweak upstream security fix for CVE-2023-6597
+tempfile.TemporaryDirectory: fix symlink bug in cleanup
+    Closes: #1070135
+
+ -- Steve McIntyre   Fri, 26 Apr 2024 16:10:48 +0100
+
 python3.11 (3.11.2-6+deb12u1) bookworm; urgency=medium
 
   [ Anders Kaseorg ]
diff -Nru python3.11-3.11.2/debian/patches/CVE-2023-6597.patch 
python3.11-3.11.2/debian/patches/CVE-2023-6597.patch
--- python3.11-3.11.2/debian/patches/CVE-2023-6597.patch1970-01-01 
01:00:00.0 +0100
+++ python3.11-3.11.2/debian/patches/CVE-2023-6597.patch2024-04-26 
16:10:48.0 +0100
@@ -0,0 +1,202 @@
+commit 5585334d772b253a01a6730e8202ffb1607c3d25
+Author: Serhiy Storchaka 
+Date:   Thu Dec 7 18:37:10 2023 +0200
+
+[3.11] gh-91133: tempfile.TemporaryDirectory: fix symlink bug in cleanup 
(GH-99930) (GH-112839)
+
+(cherry picked from commit 81c16cd94ec38d61aa478b9a452436dc3b1b524d)
+
+Co-authored-by: Søren Løvborg 
+
+diff --git a/Lib/tempfile.py b/Lib/tempfile.py
+index aace11fa7b..f59a63a7b4 100644
+--- a/Lib/tempfile.py
 b/Lib/tempfile.py
+@@ -270,6 +270,22 @@ def _mkstemp_inner(dir, pre, suf, flags, output_type):
+ raise FileExistsError(_errno.EEXIST,
+   "No usable temporary file name found")
+ 
++def _dont_follow_symlinks(func, path, *args):
++# Pass follow_symlinks=False, unless not supported on this platform.
++if func in _os.supports_follow_symlinks:
++func(path, *args, follow_symlinks=False)
++elif _os.name == 'nt' or not _os.path.islink(path):
++func(path, *args)
++
++def _resetperms(path):
++try:
++chflags = _os.chflags
++except AttributeError:
++pass
++else:
++_dont_follow_symlinks(chflags, path, 0)
++_dont_follow_symlinks(_os.chmod, path, 0o700)
++
+ 
+ # User visible interfaces.
+ 
+@@ -863,17 +879,10 @@ def __init__(self, suffix=None, prefix=None, dir=None,
+ def _rmtree(cls, name, ignore_errors=False):
+ def onerror(func, path, exc_info):
+ if issubclass(exc_info[0], PermissionError):
+-def resetperms(path):
+-try:
+-_os.chflags(path, 0)
+-except AttributeError:
+-pass
+-_os.chmod(path, 0o700)
+-
+ try:
+ if path != name:
+-resetperms(_os.path.dirname(path))
+-resetperms(path)
++_resetperms(_os.path.dirname(path))
++_resetperms(path)
+ 
+ try:
+ _os.unlink(path)
+diff --git a/Lib/test/test_tempfile.py b/Lib/test/test_tempfile.py
+index 1242ec7e3c..675edc8de9 100644
+--- a/Lib/test/test_tempfile.py
 b/Lib/test/test_tempfile.py
+@@ -1565,6 +1565,103 @@ def test_cleanup_with_symlink_to_a_directory(self):
+  "were deleted")
+ d2.cleanup()
+ 
++@os_helper.skip_unless_symlink
++def test_cleanup_with_symlink_modes(self):
++# cleanup() should not follow symlinks when fixing mode bits (#91133)
++with self.do_create(recurse=0) as d2:
++file1 = os.path.join(d2, 'file1')
++open(file1, 'wb').close()
++dir1 = os.path.join(d2, 'dir1')
++os.mkdir(dir1)
++for mode in range(8):
++mode <<= 6
++with self.subTest(mode=format(mode, '03o')):
++def test(target, target_is_directory):
++d1 = self.do_create(recurse=0)
++symlink = os.path.join(d1.name, 'symlink')
++os.symlink(target, symlink,
++target_is_directory=target_is_directory)
++try:
++os.chmod(symlink, mode, follow_symlinks=False)
++except NotImplementedError:
++pass
++try:
++os.chmod(symlink, mode

Bug#1070135: Acknowledgement (tempfile.TemporaryDirectory: symlink bug in cleanup (CVE-2023-6597))

[Steve McIntyre]

Control: fixed 1070135 3.11.8-1

On Tue, Apr 30, 2024 at 05:45:04PM +, Debian Bug Tracking System wrote:
>Thank you for filing a new Bug report with Debian.
>
>You can follow progress on this Bug here: 1070135: 
>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070135.
>
>This is an automatically generated reply to let you know your message
>has been received.
>
>Your message is being forwarded to the package maintainers and other
>interested parties for their attention; they will reply in due course.
>
>As you requested using X-Debbugs-CC, your message was also forwarded to
>  steve.mcint...@pexip.com, debian security team 
>(after having been given a Bug report number, if it did not have one).
>
>Your message has been sent to the package maintainer(s):
> Matthias Klose 
>
>If you wish to submit further information on this problem, please
>send it to 1070...@bugs.debian.org.
>
>Please do not send mail to ow...@bugs.debian.org unless you wish
>to report a problem with the Bug-tracking system.
>
>-- 
>1070135: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070135
>Debian Bug Tracking System
>Contact ow...@bugs.debian.org with problems
>
-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"C++ ate my sanity" -- Jon Rabone

Bug#1070135: tempfile.TemporaryDirectory: symlink bug in cleanup (CVE-2023-6597)

[Steve McIntyre]

Source: python3.11
Version: 3.11.2-6
Severity: minor
Tags: security upstream
X-Debbugs-Cc: steve.mcint...@pexip.com, Debian Security Team 


Quoting https://security-tracker.debian.org/tracker/CVE-2023-6597:

An issue was found in the CPython `tempfile.TemporaryDirectory` class
affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and
prior. The tempfile.TemporaryDirectory class would dereference
symlinks during cleanup of permissions-related errors. This means
users which can run privileged programs are potentially able to modify
permissions of files referenced by symlinks in some circumstances.

Upstream have a patch for this, against 3.11.8. It's not too hard to
backport - I'll attach the tweaked patch shortly.

-- System Information:
Debian Release: 12.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-20-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- debconf-show failed

Bug#1070133: Acknowledgement (python 3.11 zipbomb attack (CVE-2024-0450))

[Steve McIntyre]

Control: fixed 1070133 3.11.8-1

On Tue, Apr 30, 2024 at 05:24:04PM +, Debian Bug Tracking System wrote:
>Thank you for filing a new Bug report with Debian.
>
>You can follow progress on this Bug here: 1070133: 
>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070133.
>
>This is an automatically generated reply to let you know your message
>has been received.
>
>Your message is being forwarded to the package maintainers and other
>interested parties for their attention; they will reply in due course.
>
>As you requested using X-Debbugs-CC, your message was also forwarded to
>  debian security team 
>(after having been given a Bug report number, if it did not have one).
>
>Your message has been sent to the package maintainer(s):
> Matthias Klose 
>
>If you wish to submit further information on this problem, please
>send it to 1070...@bugs.debian.org.
>
>Please do not send mail to ow...@bugs.debian.org unless you wish
>to report a problem with the Bug-tracking system.
>
>-- 
>1070133: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070133
>Debian Bug Tracking System
>Contact ow...@bugs.debian.org with problems
>
-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
You raise the blade, you make the change... You re-arrange me 'til I'm sane...

Bug#1070133: python 3.11 zipbomb attack (CVE-2024-0450)

[Steve McIntyre]

Source: python3.11
Version: 3.11.2-6
Severity: important
Tags: upstream security
X-Debbugs-Cc: Debian Security Team 

Quoting https://security-tracker.debian.org/tracker/CVE-2024-0450:

An issue was found in the CPython `zipfile` module affecting versions
3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile
module is vulnerable to “quoted-overlap” zip-bombs which exploit the
zip format to create a zip-bomb with a high compression ratio. The
fixed versions of CPython makes the zipfile module reject zip archives
which overlap entries in the archive.

Upstream have a patch for this, against 3.11.8. It's not too hard to
backport - I'll attach the tweaked patch shortly.

-- System Information:
Debian Release: 12.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-20-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- debconf-show failed

Bug#1059007: python-asyncssh: CVE-2023-48795

[Steve McIntyre]

Hi!

On Tue, Dec 19, 2023 at 09:31:00AM +0100, Salvatore Bonaccorso wrote:
>Source: python-asyncssh
>Version: 2.10.1-2
>Severity: important
>Tags: security upstream
>X-Debbugs-Cc: car...@debian.org, Debian Security Team 
>
>
>Hi,
>
>The following vulnerability was published for python-asyncssh.
>
>CVE-2023-48795[0]:
>| The SSH transport protocol with certain OpenSSH extensions, found in
>| OpenSSH before 9.6 and other products, allows remote attackers to
>| bypass integrity checks such that some packets are omitted (from the
>| extension negotiation message), and a client and server may
>| consequently end up with a connection for which some security
>| features have been downgraded or disabled, aka a Terrapin attack.
>| This occurs because the SSH Binary Packet Protocol (BPP),
>| implemented by these extensions, mishandles the handshake phase and
>| mishandles use of sequence numbers. For example, there is an
>| effective attack against SSH's use of ChaCha20-Poly1305 (and CBC
>| with Encrypt-then-MAC). The bypass occurs in
>| chacha20-poly1...@openssh.com and (if CBC is used) the
>| -e...@openssh.com MAC algorithms. This also affects Maverick Synergy
>| Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh
>| before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before
>| 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, and
>| libssh2 through 1.11.0; and there could be effects on Bitvise SSH
>| through 9.31.

We wanted this fixed in Pexip, so I've taken a look at this bug.

The upstream bugfix just needs a small rework so it applies cleanly to
the version in bookworm. Here's a debdiff for that that in case it's
useful.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Into the distance, a ribbon of black
Stretched to the point of no turning back
diff -Nru python-asyncssh-2.10.1/debian/changelog 
python-asyncssh-2.10.1/debian/changelog
--- python-asyncssh-2.10.1/debian/changelog 2022-12-22 03:54:16.0 
+
+++ python-asyncssh-2.10.1/debian/changelog 2024-04-29 11:45:47.0 
+0100
@@ -1,3 +1,11 @@
+python-asyncssh (2.10.1-2+deb12u1) bookworm; urgency=medium
+
+  * Apply and tweak upstream security fix for CVE-2023-48795
+Implement "strict kex" support to harden AsyncSSH against Terrapin
+Attack. Closes: #1059007
+
+ -- Steve McIntyre   Mon, 29 Apr 2024 11:45:47 +0100
+
 python-asyncssh (2.10.1-2) unstable; urgency=medium
 
   * Team Upload.
diff -Nru python-asyncssh-2.10.1/debian/patches/CVE-2023-48795.patch 
python-asyncssh-2.10.1/debian/patches/CVE-2023-48795.patch
--- python-asyncssh-2.10.1/debian/patches/CVE-2023-48795.patch  1970-01-01 
01:00:00.0 +0100
+++ python-asyncssh-2.10.1/debian/patches/CVE-2023-48795.patch  2024-04-29 
11:45:47.0 +0100
@@ -0,0 +1,382 @@
+commit 0bc73254f41acb140187e0c89606311f88de5b7b
+Author: Ron Frederick 
+Date:   Mon Dec 18 07:41:57 2023 -0800
+
+Implement "strict kex" support to harden AsyncSSH against Terrapin Attack
+
+This commit implements "strict kex" support and other countermeasures to
+protect against the Terrapin Attack described in CVE-2023-48795. Thanks
+once again go to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk for
+identifying and reporting this vulnerability and providing detailed
+analysis and suggestions about proposed fixes.
+
+Index: b/asyncssh/connection.py
+===
+--- a/asyncssh/connection.py
 b/asyncssh/connection.py
+@@ -810,6 +810,7 @@ class SSHConnection(SSHPacketHandler, as
+ self._kexinit_sent = False
+ self._kex_complete = False
+ self._ignore_first_kex = False
++self._strict_kex = False
+ 
+ self._gss: Optional[GSSBase] = None
+ self._gss_kex = False
+@@ -1343,10 +1344,13 @@ class SSHConnection(SSHPacketHandler, as
+ (alg_type, b','.join(local_algs).decode('ascii'),
+  b','.join(remote_algs).decode('ascii')))
+ 
+-def _get_ext_info_kex_alg(self) -> List[bytes]:
+-"""Return the kex alg to add if any to request extension info"""
++def _get_extra_kex_algs(self) -> List[bytes]:
++"""Return the extra kex algs to add"""
+ 
+-return [b'ext-info-c' if self.is_client() else b'ext-info-s']
++if self.is_client():
++return [b'ext-info-c', b'kex-strict-c-...@openssh.com']
++else:
++return [b'ext-info-s', b'kex-strict-s-...@openssh.com']
+ 
+ def _send(self, data: bytes) -> None:
+ """Send data to the SSH connection"""
+@@ -1487,6 +1491,11 @@ class SSHConnection(SSHPacketHandler, as
+ self._ignore_first_kex = False
+ else:
+ handler = se

Bug#1065688: python-jwcrypto: CVE-2024-28102

[Steve McIntyre]

Hi!

On Fri, Mar 08, 2024 at 10:42:40PM +0100, Salvatore Bonaccorso wrote:
>Source: python-jwcrypto
>Version: 1.5.4-1
>Severity: important
>Tags: security upstream
>X-Debbugs-Cc: car...@debian.org, Debian Security Team 
>
>
>Hi,
>
>The following vulnerability was published for python-jwcrypto.
>
>CVE-2024-28102[0]:
>| JWCrypto implements JWK, JWS, and JWE specifications using python-
>| cryptography. Prior to version 1.5.6, an attacker can cause a denial
>| of service attack by passing in a malicious JWE Token with a high
>| compression ratio. When the server processes this token, it will
>| consume a lot of memory and processing time. Version 1.5.6 fixes
>| this vulnerability by limiting the maximum token length.

We wanted this fixed in Pexip, so I've taken a look at this bug.

The upstream bugfix just needs a small rework so it applies cleanly to
the version in bookworm. Here's a debdiff for that that in case it's
useful.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...
diff -Nru python-jwcrypto-1.1.0/debian/changelog 
python-jwcrypto-1.1.0/debian/changelog
--- python-jwcrypto-1.1.0/debian/changelog  2022-03-29 08:33:50.0 
+0100
+++ python-jwcrypto-1.1.0/debian/changelog  2024-04-26 17:18:31.0 
+0100
@@ -1,3 +1,10 @@
+python-jwcrypto (1.1.0-1+deb12u1) unstable; urgency=medium
+
+  * Apply and tweak upstream security fix for CVE-2024-28102
+    Address potential DoS with high compression ratio
+
+ -- Steve McIntyre   Fri, 26 Apr 2024 17:18:31 +0100
+
 python-jwcrypto (1.1.0-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru python-jwcrypto-1.1.0/debian/patches/CVE-2024-28102.patch 
python-jwcrypto-1.1.0/debian/patches/CVE-2024-28102.patch
--- python-jwcrypto-1.1.0/debian/patches/CVE-2024-28102.patch   1970-01-01 
01:00:00.0 +0100
+++ python-jwcrypto-1.1.0/debian/patches/CVE-2024-28102.patch   2024-04-26 
17:18:31.0 +0100
@@ -0,0 +1,72 @@
+commit 90477a3b6e73da69740e00b8161f53fea19b831f
+Author: Simo Sorce 
+Date:   Tue Mar 5 16:57:17 2024 -0500
+
+Address potential DoS with high compression ratio
+
+Fixes CVE-2024-28102
+
+Signed-off-by: Simo Sorce 
+
+Index: os-python-jwcrypto/jwcrypto/jwe.py
+===
+--- os-python-jwcrypto.orig/jwcrypto/jwe.py
 os-python-jwcrypto/jwcrypto/jwe.py
+@@ -9,6 +9,9 @@ from jwcrypto.common import base64url_de
+ from jwcrypto.common import json_decode, json_encode
+ from jwcrypto.jwa import JWA
+ 
++# Limit the amount of data we are willing to decompress by default.
++default_max_compressed_size = 256 * 1024
++
+ 
+ # RFC 7516 - 4.1
+ # name: (description, supported?)
+@@ -387,6 +390,10 @@ class JWE:
+ 
+ compress = jh.get('zip', None)
+ if compress == 'DEF':
++if len(data) > default_max_compressed_size:
++raise InvalidJWEData(
++'Compressed data exceeds maximum allowed'
++'size' + f' ({default_max_compressed_size})')
+ self.plaintext = zlib.decompress(data, -zlib.MAX_WBITS)
+ elif compress is None:
+ self.plaintext = data
+Index: os-python-jwcrypto/jwcrypto/tests.py
+===
+--- os-python-jwcrypto.orig/jwcrypto/tests.py
 os-python-jwcrypto/jwcrypto/tests.py
+@@ -1716,6 +1716,32 @@ class ConformanceTests(unittest.TestCase
+ check.decrypt(key)
+ self.assertEqual(check.payload, b'plain')
+ 
++def test_jwe_decompression_max(self):
++key = jwk.JWK(kty='oct', k=base64url_encode(b'A' * (128 // 8)))
++payload = '{"u": "' + "u" * 4 + '", "uu":"' \
+++ "u" * 4 + '"}'
++protected_header = {
++"alg": "A128KW",
++"enc": "A128GCM",
++"typ": "JWE",
++"zip": "DEF",
++}
++enc = jwe.JWE(payload.encode('utf-8'),
++  recipient=key,
++  protected=protected_header).serialize(compact=True)
++with self.assertRaises(jwe.InvalidJWEData):
++check = jwe.JWE()
++check.deserialize(enc)
++check.decrypt(key)
++
++defmax = jwe.default_max_compressed_size
++jwe.default_max_compressed_size = 10
++# ensure we can eraise the limit and decrypt
++check = jwe.JWE()
++check.deserialize(enc)
++check.decrypt(key)
++jwe.default_max_compressed_size = defmax
++
+ 
+ class JWATests(unittest.TestCase):
+ def test_jwa_create(self):
diff -Nru python-jwcrypto-1.1.0/debian/patches/series 
pytho

Bug#1068035: FTBFS: wrong --link-doc target

[Steve Langasek]

Package: mdbtools
Version: 1.0.0+dfsg-1.2
Followup-For: Bug #1068035
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Hi Jean-Michel,

I am unclear how there are binaries in the archive for mdbtools
1.0.0+dfsg-1.2, given this bug is present there and affects all
architectures.  Nevertheless, the fix for the problem is attached.  As this
is fallout from the time_t transition, I am uploading a 0-day NMU to correct
the issue.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru mdbtools-1.0.0+dfsg/debian/rules mdbtools-1.0.0+dfsg/debian/rules
--- mdbtools-1.0.0+dfsg/debian/rules2023-04-03 05:46:44.0 -0700
+++ mdbtools-1.0.0+dfsg/debian/rules2024-04-22 22:55:55.0 -0700
@@ -8,5 +8,5 @@
dh_auto_configure -- --with-unixodbc=/usr
 
 override_dh_installdocs:
-   dh_installdocs --no-package=mdbtools-doc --link-doc=libmdb3
+   dh_installdocs --no-package=mdbtools-doc --link-doc=libmdb3t64
dh_installdocs --package=mdbtools-doc

Bug#1069920: libtimezonemap: fixed-up port to libsoup3

[Steve Langasek]

Package: libtimezonemap
Version: 0.4.6-6
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch

Dear maintainers,

Because webkit2gtk has now moved to libsoup3, and because we have
reverse-dependencies that require both libtimezonemap and webkit2gtk, I have
done the work in Ubuntu to fix up the port of libtimezonemap to libsoup3.

This has been confirmed to work in the timezone picker in oem-config as used
on our Ubuntu images for Raspberry Pi and has shipped in Ubuntu 24.04 LTS.

Please consider including this revised patch in Debian.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru libtimezonemap-0.4.6/debian/control 
libtimezonemap-0.4.6/debian/control
--- libtimezonemap-0.4.6/debian/control 2024-03-30 19:18:27.0 -0700
+++ libtimezonemap-0.4.6/debian/control 2024-04-08 16:33:09.0 -0700
@@ -19,7 +19,7 @@
libgtk-3-dev (>= 3.1.4),
libcairo2-dev (>= 1.10),
libjson-glib-dev,
-   libsoup2.4-dev
+   libsoup-3.0-dev (>= 3.0.7)
 Standards-Version: 4.6.2
 Homepage: https://launchpad.net/timezonemap
 Vcs-Browser: https://salsa.debian.org/cinnamon-team/libtimezonemap
diff -Nru libtimezonemap-0.4.6/debian/patches/port-to-libsoup3.patch 
libtimezonemap-0.4.6/debian/patches/port-to-libsoup3.patch
--- libtimezonemap-0.4.6/debian/patches/port-to-libsoup3.patch  2023-06-20 
23:54:22.0 -0700
+++ libtimezonemap-0.4.6/debian/patches/port-to-libsoup3.patch  2024-04-08 
16:31:23.0 -0700
@@ -5,11 +5,11 @@
 Forwarded: not-yet
 Last-Update: 2022-08-06
 ---
-diff --git a/configure.ac b/configure.ac
-index 3f74dae..4e90e64 100644
 a/configure.ac
-+++ b/configure.ac
-@@ -50,13 +50,13 @@ GDK_REQUIRED_VERSION=2.22
+Index: libtimezonemap/configure.ac
+===
+--- libtimezonemap.orig/configure.ac
 libtimezonemap/configure.ac
+@@ -50,13 +50,13 @@
  GLIB_REQUIRED_VERSION=2.26
  GTK3_REQUIRED_VERSION=3.1.4
  GIO_REQUIRED_VERSION=2.5.11
@@ -25,23 +25,24 @@
json-glib-1.0)
  LIBTIMEZONEMAP_LIBS="$LIBTIMEZONEMAP_LIBS $LIBM"
  
-diff --git a/src/timezone-completion.c b/src/timezone-completion.c
-index d310235..6971ae9 100644
 a/src/timezone-completion.c
-+++ b/src/timezone-completion.c
-@@ -271,8 +271,10 @@ geonames_data_ready (GObject *object, GAsyncResult *res, 
gpointer user_data)
+Index: libtimezonemap/src/timezone-completion.c
+===
+--- libtimezonemap.orig/src/timezone-completion.c
 libtimezonemap/src/timezone-completion.c
+@@ -270,9 +270,10 @@
+   CcTimezoneCompletionPrivate * priv = completion->priv;
GError * error = NULL;
GInputStream * stream;
-   SoupMessage *message;
+-  SoupMessage *message;
 +  const gchar * reason_phrase;
 +  SoupStatus status_code;
  
 -  stream = soup_request_send_finish (SOUP_REQUEST (object), res, );
-+  stream = soup_session_send_finish (SOUP_SESSION (object), res, );
++  stream = soup_session_send_finish (priv->soup_session, res, );
if (stream == NULL)
  {
if (!g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
-@@ -283,8 +285,9 @@ geonames_data_ready (GObject *object, GAsyncResult *res, 
gpointer user_data)
+@@ -283,8 +284,9 @@
return;
  }
  
@@ -53,7 +54,7 @@
  {
JsonParser *parser;
  
-@@ -296,7 +299,7 @@ geonames_data_ready (GObject *object, GAsyncResult *res, 
gpointer user_data)
+@@ -296,10 +298,10 @@
else
  {
g_warning ("Unable to fetch geonames (server responded with: %u %s)",
@@ -61,8 +62,12 @@
 + status_code, reason_phrase);
  }
  
-   g_object_unref (message);
-@@ -362,7 +365,7 @@ static gboolean
+-  g_object_unref (message);
++  g_object_unref (object);
+   g_object_unref (stream);
+ }
+ 
+@@ -362,7 +364,7 @@
  request_zones (CcTimezoneCompletion * completion)
  {
CcTimezoneCompletionPrivate * priv = completion->priv;
@@ -71,28 +76,17 @@
GError *error = NULL;
  
priv->queued_request = 0;
-@@ -388,13 +391,14 @@ request_zones (CcTimezoneCompletion * completion)
-   gchar * version = get_version ();
-   gchar * locale = get_locale ();
-   gchar * url = g_strdup_printf (GEONAME_URL, escaped, version, locale);
-+  GAsyncResult * res;
+@@ -391,10 +393,11 @@
g_free (locale);
g_free (escaped);
  
 -  req = soup_session_request (priv->soup_session, url, );
-+  req = soup_message_new_from_uri (NULL, (GUri *) url);
++  req = soup_message_new (NULL, url);
if (req)
  {
 -  soup_request_send_async (req, pr

Bug#1015476: libbpp-qt: ftbfs with LTO (link time optimization) enabled

[Steve Langasek]

Package: libbpp-qt
Version: 2.4.1-9.1
Followup-For: Bug #1015476
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Dear maintainers,

This build failure is reproducible in Ubuntu, where LTO is enabled by
default on amd64.  The attached patch was sufficient to fix the build
failure there, and I expect will be sufficient to fix it in Debian with LTO
enabled, as well.

Thanks for considering,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru libbpp-qt-2.4.1/debian/libbpp-qt2t64.symbols.amd64 
libbpp-qt-2.4.1/debian/libbpp-qt2t64.symbols.amd64
--- libbpp-qt-2.4.1/debian/libbpp-qt2t64.symbols.amd64  2024-02-29 
07:30:55.0 -0800
+++ libbpp-qt-2.4.1/debian/libbpp-qt2t64.symbols.amd64  2024-04-11 
22:54:36.0 -0700
@@ -264,7 +264,7 @@
  _ZN5QListI7QStringED2Ev@Base 2.4.1
  _ZN5QListIP13QGraphicsItemED1Ev@Base 2.4.1
  _ZN5QListIP13QGraphicsItemED2Ev@Base 2.4.1
- _ZN5QListIP15QAbstractButtonE6detachEv@Base 2.4.1
+ (optional)_ZN5QListIP15QAbstractButtonE6detachEv@Base 2.4.1
  _ZN5QListIP15QAbstractButtonED1Ev@Base 2.4.1
  _ZN5QListIP15QAbstractButtonED2Ev@Base 2.4.1
  _ZN5QListIP17QGraphicsTextItemE18detach_helper_growEii@Base 2.4.1
@@ -273,7 +273,7 @@
  _ZN7QStringC2EPKc@Base 2.4.1
  _ZN7QStringD1Ev@Base 2.4.1
  _ZN7QStringD2Ev@Base 2.4.1
- _ZN9QtPrivate8RefCount5derefEv@Base 2.4.1
+ (optional)_ZN9QtPrivate8RefCount5derefEv@Base 2.4.1
  _ZNK3bpp10TreeCanvas10metaObjectEv@Base 2.4.1
  _ZNK3bpp10TreeCanvas12drawingWidthEv@Base 2.4.1
  _ZNK3bpp10TreeCanvas13drawingHeightEv@Base 2.4.1

Bug#1062071: genometools: NMU diff for 64-bit time_t transition

[Steve Langasek]

Dear maintainers,

There was a hard-coded test dependency on libgenometools0 in
debian/tests/control which prevents this package from being able to migrate
to testing.

There is no need to hard-code a dependency on the runtime lib given that
there is already a test dependency on libgenometools-dev.

I am uploading a follow-up 0-day NMU to fix this outstanding issue from the
time_t transition.  Please find attached a comprehensive NMU debdiff.

On Wed, Feb 28, 2024 at 04:30:06PM +, Steve Langasek wrote:
> Dear maintainer,
> 
> Please find attached a final version of this patch for the time_t
> transition.  This patch is being uploaded to unstable.
> 
> Note that this adds a versioned build-dependency on dpkg-dev, to guard
> against accidental backports with a wrong ABI.
> 
> Thanks!
> 
> 
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 6.5.0-14-generic (SMP w/12 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
> Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)

> diff -Nru genometools-1.6.5+ds/debian/changelog 
> genometools-1.6.5+ds/debian/changelog
> --- genometools-1.6.5+ds/debian/changelog 2023-10-25 22:08:09.0 
> +
> +++ genometools-1.6.5+ds/debian/changelog 2024-02-28 16:25:48.0 
> +
> @@ -1,3 +1,10 @@
> +genometools (1.6.5+ds-2.1) unstable; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * Rename libraries for 64-bit time_t transition.  Closes: #1062071
> +
> + -- Steve Langasek   Wed, 28 Feb 2024 16:25:48 +
> +
>  genometools (1.6.5+ds-2) unstable; urgency=medium
>  
>* Facilitate building twice from the same source directory.
> diff -Nru genometools-1.6.5+ds/debian/control 
> genometools-1.6.5+ds/debian/control
> --- genometools-1.6.5+ds/debian/control   2023-09-19 21:22:02.0 
> +
> +++ genometools-1.6.5+ds/debian/control   2024-02-28 16:25:48.0 
> +
> @@ -4,7 +4,7 @@
> Andreas Tille 
>  Section: science
>  Priority: optional
> -Build-Depends: debhelper (>= 13),
> +Build-Depends: dpkg-dev (>= 1.22.5), debhelper (>= 13),
> debhelper-compat (= 13),
> dh-python,
> liblua5.1-0-dev,
> @@ -70,7 +70,10 @@
>   transformations, style files, etc. required to use the GenomeTools
>   executable and/or library.
>  
> -Package: libgenometools0
> +Package: libgenometools0t64
> +Provides: ${t64:Provides}
> +Replaces: libgenometools0
> +Breaks: libgenometools0 (<< ${source:Version})
>  Architecture: any
>  Section: libs
>  Depends: ${shlibs:Depends},
> @@ -91,7 +94,7 @@
>  Section: libdevel
>  Depends: ${shlibs:Depends},
>   ${misc:Depends},
> - libgenometools0 (= ${binary:Version})
> + libgenometools0t64 (= ${binary:Version})
>  Description: development files for GenomeTools
>   This package contains the GenomeTools static library and necessary
>   header files.
> @@ -118,7 +121,7 @@
>  Depends: ${shlibs:Depends},
>   ${misc:Depends},
>   ${python3:Depends},
> - libgenometools0
> + libgenometools0t64
>  Description: Python3 bindings for genometools
>   Partial Python3 bindings for the GenomeTools library. Besides basic
>   bioinformatics data structures, the library contains components for sequence
> diff -Nru genometools-1.6.5+ds/debian/libgenometools0.install 
> genometools-1.6.5+ds/debian/libgenometools0.install
> --- genometools-1.6.5+ds/debian/libgenometools0.install   2023-09-19 
> 21:22:02.0 +
> +++ genometools-1.6.5+ds/debian/libgenometools0.install   1970-01-01 
> 00:00:00.0 +
> @@ -1 +0,0 @@
> -lib/libgenometools.so.0 usr/lib
> diff -Nru genometools-1.6.5+ds/debian/libgenometools0t64.install 
> genometools-1.6.5+ds/debian/libgenometools0t64.install
> --- genometools-1.6.5+ds/debian/libgenometools0t64.install1970-01-01 
> 00:00:00.0 +
> +++ genometools-1.6.5+ds/debian/libgenometools0t64.install2023-09-19 
> 21:22:02.0 +
> @@ -0,0 +1 @@
> +lib/libgenometools.so.0 usr/lib
> diff -Nru genometools-1.6.5+ds/debian/libgenometools0t64.lintian-overrides 
> genometools-1.6.5+ds/debian/libgenometools0t64.lintian-overrides
> --- genometools-1.6.5+ds/debian/libgenometools0t64.lintian-overrides  
> 1970-01-01 00:00:00.0 +
> +++ genometools-1.6.5+ds/debian/libgenometools0t64.lintian-overrides  
> 2024-02-28 16:15:24.0 +
> @@

Bug#1069915: file: wrong Breaks/Replaces in libmagic-mgc

[Steve Langasek]

Package: file
Version: 5.45-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu  ubuntu-patch

Hi Christoph,

The time_t transition automation scripts incorrectly changed the versioned
Breaks/Replaces against old libmagic1 to point to libmagic1t64, which
clearly never had a package version (<< 1:5.28-4~).

The attached patch fixes this mistake, although since the version in
oldoldstable is 1:5.35-4+deb10u2, perhaps you would prefer to drop the
fields instead.

Regards,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru file-5.45/debian/control file-5.45/debian/control
--- file-5.45/debian/control2024-03-01 09:30:02.0 -0800
+++ file-5.45/debian/control2024-03-22 11:54:36.0 -0700
@@ -50,9 +50,9 @@
 Architecture: any
 Depends: ${misc:Depends},
 Breaks:
-libmagic1t64 (<< 1:5.28-4~),
+libmagic1 (<< 1:5.28-4~),
 Replaces:
-libmagic1t64 (<< 1:5.28-4~),
+libmagic1 (<< 1:5.28-4~),
 Section: libs
 Priority: optional
 Multi-Arch: foreign

Bug#1069910: ecl: FTBFS with LTO

[Steve Langasek]

Package: ecl
Version: 21.2.1+ds-4.1
Severity: important
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu  ubuntu-patch

Dear maintainers,

ecl fails to build when LTO is enabled, basically hanging indefinitely until
hitting a timeout and being killed.

  https://launchpad.net/ubuntu/+source/ecl/21.2.1+ds-4.1/+build/27828342

LTO is enabled by default in Ubuntu, so we have worked around this there by
disabling LTO as in the attached patch.

LTO is not enabled by default in Debian, however there have been discussions
about doing so.  Therefore you may want to consider applying the attached
patch in Debian as well, to future-proof the package against toolchain
changes.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru ecl-21.2.1+ds/debian/rules ecl-21.2.1+ds/debian/rules
--- ecl-21.2.1+ds/debian/rules  2021-12-04 11:51:55.0 -0800
+++ ecl-21.2.1+ds/debian/rules  2024-03-27 22:26:54.0 -0700
@@ -3,6 +3,8 @@
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
+export DEB_BUILD_MAINT_OPTIONS=optimize=-lto
+
 %:
dh $@
 

Bug#1069909: dcraw: FTBFS due to conflicting memmem prototype

[Steve Langasek]

Package: dcraw
Version: 9.28-5
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch

Hi Filip,

In Ubuntu, dcraw was failing to build because of a local implementation of
memmem() whose prototype conflicts with the glibc prototype:

[...]
gcc -DPACKAGE_NAME=\"dcraw\" -DPACKAGE_TARNAME=\"dcraw\" 
-DPACKAGE_VERSION=\"9.28\" -DPACKAGE_STRING=\"dcraw\ 9.28\" 
-DPACKAGE_BUGREPORT=\"hr...@physics.muni.cz\" -DPACKAGE_URL=\"\" 
-DPACKAGE=\"dcraw\" -DVERSION=\"9.28\" -DHAVE_LIBM=1 -DHAVE_STDIO_H=1 
-DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 
-DHAVE_STRINGS_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_UNISTD_H=1 
-DSTDC_HEADERS=1 -DHAVE_JPEGLIB_H=1 -DHAVE_LIBJPEG=1 -DHAVE_LCMS2_H=1 
-DHAVE_LIBLCMS2=1 -I.   -Wdate-time -D_FORTIFY_SOURCE=3  -g -O2 
-fno-omit-frame-pointer -mno-omit-leaf-frame-pointer 
-ffile-prefix-map=/<>=. -flto=auto -ffat-lto-objects 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection 
-fdebug-prefix-map=/<>=/usr/src/dcraw-9.28-5build1 -O4 -c -o 
parse.o parse.c
[...]
parse.c:1216:7: error: conflicting types for ‘memmem’; have ‘char *(char *, 
size_t,  char *, size_t)’ {aka ‘char *(char *, long unsigned int,  char *, long 
unsigned int)’}
 1216 | char *memmem (char *haystack, size_t haystacklen,
  |   ^~
In file included from parse.c:13:
/usr/include/string.h:389:14: note: previous declaration of ‘memmem’ with type 
‘void *(const void *, size_t,  const void *, size_t)’ {aka ‘void *(const void 
*, long unsigned int,  const void *, long unsigned int)’}
  389 | extern void *memmem (const void *__haystack, size_t __haystacklen,
  |  ^~
[...]

  (https://launchpad.net/ubuntu/+source/dcraw/9.28-5build1/+build/28000832)

This is not currently a build failure in Debian, but that is strictly a
question of compiler behavior, and this may start to FTBFS in Debian at some
later point.

And anyway, there's no reason to reimplement memmem() here, it's probably
less performant than the version provided by glibc.

We have applied the attached patch in Ubuntu to fix the build failure.  I
think it would be a good idea to apply it in Debian as well.

Thanks for considering,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru dcraw-9.28/debian/patches/remove-duplicate-memmem.patch 
dcraw-9.28/debian/patches/remove-duplicate-memmem.patch
--- dcraw-9.28/debian/patches/remove-duplicate-memmem.patch 1969-12-31 
16:00:00.0 -0800
+++ dcraw-9.28/debian/patches/remove-duplicate-memmem.patch 2024-04-09 
16:49:27.0 -0700
@@ -0,0 +1,28 @@
+Description: don't reimplement memmem()
+ memmem() is implemented in glibc, don't have a redundant duplicate
+ implementation with a different prototype.
+Author: Steve Langasek 
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: dcraw-9.28/parse.c
+===
+--- dcraw-9.28.orig/parse.c
 dcraw-9.28/parse.c
+@@ -1213,16 +1213,6 @@
+   }
+ }
+ 
+-char *memmem (char *haystack, size_t haystacklen,
+-  char *needle, size_t needlelen)
+-{
+-  char *c;
+-  for (c = haystack; c <= haystack + haystacklen - needlelen; c++)
+-if (!memcmp (c, needle, needlelen))
+-  return c;
+-  return NULL;
+-}
+-
+ /*
+Identify which camera created this file, and set global variables
+accordingly.Return nonzero if the file cannot be decoded.
diff -Nru dcraw-9.28/debian/patches/series dcraw-9.28/debian/patches/series
--- dcraw-9.28/debian/patches/series2024-03-26 02:42:04.0 -0700
+++ dcraw-9.28/debian/patches/series2024-04-09 16:48:07.0 -0700
@@ -8,3 +8,4 @@
 iowrap.diff
 0009-missing_headers.patch
 0010-Fuji-headers.patch
+remove-duplicate-memmem.patch

Bug#1062074: clanlib FTBFS

[Steve Langasek]

Control: tags 1069385 patch

Please find attached a comprehensive NMU patch for both the time_t
conversion and the FTBFS errors.

I am uploading this now as a 0-day NMU.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru clanlib-1.0~svn3827/debian/changelog 
clanlib-1.0~svn3827/debian/changelog
--- clanlib-1.0~svn3827/debian/changelog2023-09-15 13:49:45.0 
-0700
+++ clanlib-1.0~svn3827/debian/changelog2024-04-25 14:29:44.0 
-0700
@@ -1,3 +1,20 @@
+clanlib (1.0~svn3827-11.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix dep from -dev package to point to current runtime lib name.
+Closes: #1069385.
+  * debian/patches/64-bit-time-t-compat.patch: compatibility with 64-bit
+time_t.  Closes: #1067616.
+
+ -- Steve Langasek   Thu, 25 Apr 2024 21:29:44 +
+
+clanlib (1.0~svn3827-11.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Rename libraries for 64-bit time_t transition.  Closes: #1062074
+
+ -- Steve Langasek   Wed, 28 Feb 2024 15:52:37 +
+
 clanlib (1.0~svn3827-11) unstable; urgency=medium
 
   * Team upload.
diff -Nru clanlib-1.0~svn3827/debian/control clanlib-1.0~svn3827/debian/control
--- clanlib-1.0~svn3827/debian/control  2023-09-15 13:49:45.0 -0700
+++ clanlib-1.0~svn3827/debian/control  2024-04-25 14:29:44.0 -0700
@@ -4,7 +4,7 @@
  Barry deFreese 
 Section: libs
 Priority: optional
-Build-Depends:
+Build-Depends: dpkg-dev (>= 1.22.5),
  bzip2,
  debhelper-compat (= 12),
  libasound2-dev [linux-any],
@@ -28,14 +28,17 @@
 Vcs-Git: https://salsa.debian.org/games-team/clanlib.git
 Homepage: https://github.com/sphair/ClanLib
 
-Package: libclanapp-1.0v5
+Package: libclanapp-1.0t64
+Provides: ${t64:Provides}
+X-Time64-Compat: libclanapp-1.0v5
+Breaks: libclanapp-1.0v5 (<< ${source:Version})
 Architecture: any
 Depends:
  ${misc:Depends},
  ${shlibs:Depends}
 Conflicts:
  libclanapp-1.0
-Replaces:
+Replaces:libclanapp-1.0v5, 
  libclanapp-1.0
 Multi-Arch: same
 Description: ClanLib game SDK runtime
@@ -60,7 +63,7 @@
 Architecture: any
 Section: libdevel
 Depends:
- libclanapp-1.0v5 (= ${binary:Version}),
+ libclanapp-1.0t64 (= ${binary:Version}),
  ${misc:Depends}
 Recommends:
  libfreetype-dev,
diff -Nru clanlib-1.0~svn3827/debian/libclanapp-1.0t64.install 
clanlib-1.0~svn3827/debian/libclanapp-1.0t64.install
--- clanlib-1.0~svn3827/debian/libclanapp-1.0t64.install1969-12-31 
16:00:00.0 -0800
+++ clanlib-1.0~svn3827/debian/libclanapp-1.0t64.install2023-09-15 
13:49:45.0 -0700
@@ -0,0 +1,11 @@
+usr/lib/*/libclanApp*.so.*
+usr/lib/*/libclanCore*.so.*
+usr/lib/*/libclanDisplay*.so.*
+usr/lib/*/libclanGL*.so.*
+usr/lib/*/libclanGUI*.so.*
+usr/lib/*/libclanGUIStyleSilver*.so.*
+usr/lib/*/libclanMikMod*.so.*
+usr/lib/*/libclanNetwork*.so.*
+usr/lib/*/libclanSignals*.so.*
+usr/lib/*/libclanSound*.so.*
+usr/lib/*/libclanVorbis*.so.*
diff -Nru clanlib-1.0~svn3827/debian/libclanapp-1.0t64.lintian-overrides 
clanlib-1.0~svn3827/debian/libclanapp-1.0t64.lintian-overrides
--- clanlib-1.0~svn3827/debian/libclanapp-1.0t64.lintian-overrides  
1969-12-31 16:00:00.0 -0800
+++ clanlib-1.0~svn3827/debian/libclanapp-1.0t64.lintian-overrides  
2024-02-28 07:52:20.0 -0800
@@ -0,0 +1 @@
+libclanapp-1.0t64: package-name-doesnt-match-sonames libclanapp-1.0v5
diff -Nru clanlib-1.0~svn3827/debian/libclanapp-1.0v5.install 
clanlib-1.0~svn3827/debian/libclanapp-1.0v5.install
--- clanlib-1.0~svn3827/debian/libclanapp-1.0v5.install 2023-09-15 
13:49:45.0 -0700
+++ clanlib-1.0~svn3827/debian/libclanapp-1.0v5.install 1969-12-31 
16:00:00.0 -0800
@@ -1,11 +0,0 @@
-usr/lib/*/libclanApp*.so.*
-usr/lib/*/libclanCore*.so.*
-usr/lib/*/libclanDisplay*.so.*
-usr/lib/*/libclanGL*.so.*
-usr/lib/*/libclanGUI*.so.*
-usr/lib/*/libclanGUIStyleSilver*.so.*
-usr/lib/*/libclanMikMod*.so.*
-usr/lib/*/libclanNetwork*.so.*
-usr/lib/*/libclanSignals*.so.*
-usr/lib/*/libclanSound*.so.*
-usr/lib/*/libclanVorbis*.so.*
diff -Nru clanlib-1.0~svn3827/debian/patches/64-bit-time-t-compat.patch 
clanlib-1.0~svn3827/debian/patches/64-bit-time-t-compat.patch
--- clanlib-1.0~svn3827/debian/patches/64-bit-time-t-compat.patch   
1969-12-31 16:00:00.0 -0800
+++ clanlib-1.0~svn3827/debian/patches/64-bit-time-t-compat.patch   
2024-04-25 14:29:44.0 -0700
@@ -0,0 +1,53 @@
+Description: compatibility with 64-bit time_t
+ linux/input.h uses a different structure when time_t is 64-bit, so
+ patch around this.
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1067616
+Last-Update: 2024-04-25
+Forwarded: no
+
+Index: clanlib-1.0~svn3827/Sources/GL/GLX/input_device_linux

Bug#1069862: blktrace: FTBFS on ppc64el in Ubuntu (-O3?) due to wrong code analysis

[Steve Langasek]

Package: blktrace
Version: 1.2.0-5
Severity: minor
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu  ubuntu-patch

Dear maintainers,

In Ubuntu, we found that blktrace was failing to rebuild on ppc64el because
the compiler was wrongly identifying problems with format string handling:

[...]
gcc -o blkparse.o -c -D__DEB_CANARY_CPPFLAGS_4e732ced3463d06de0ca9a15b6153677__ 
-Wdate-time -D_FORTIFY_SOURCE=3 -g -O3 -Werror=implicit-function-declaration 
-Werror=array-bounds -Werror=clobbered -Werror=volatile-register-var 
-D__DEB_CANARY_CFLAGS_4e732ced3463d06de0ca9a15b6153677__ 
-fno-omit-frame-pointer -ffile-prefix-map=/<>=. -flto=auto 
-ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security 
-fno-stack-clash-protection 
-fdebug-prefix-map=/<>=/usr/src/blktrace-1.2.0-5build1 -Wall 
-Wextra -Wno-shadow -Werror -g -Wl,-Bsymbolic-functions 
-Wl,-z,deb-canary-4e732ced3463d06de0ca9a15b6153677 -flto=auto -ffat-lto-objects 
-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -D_GNU_SOURCE -D_LARGEFILE_SOURCE 
-D_FILE_OFFSET_BITS=64 blkparse.c
blkparse.c: In function ‘main’:
blkparse.c:376:56: error: ‘%s’ directive argument is null 
[-Werror=format-overflow=]
  376 | fprintf(stderr, "Out of memory, device %s (%d)\n", 
name, size);
  |^~
[...]
blkparse.c:1885:68: error: ‘):’ directive output may be truncated writing 2 
bytes into a region of size between 1 and 41 [-Werror=format-truncation=]
[...]

  (https://launchpad.net/ubuntu/+source/blktrace/1.2.0-5build1/+build/27931723)

It's possible/likely that this build failure is caused by the use of -O3 by
default for ppc64el builds in Ubuntu; so the attached patch, while it fixes
the problem in Ubuntu and should be harmless in Debian, may not be something
you want to apply as-is.  Perhaps you would prefer to use $(filter -O3,...)
instead?

Thanks for considering,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru blktrace-1.2.0/debian/control blktrace-1.2.0/debian/control
--- blktrace-1.2.0/debian/control   2024-03-16 02:13:36.0 -0700
+++ blktrace-1.2.0/debian/control   2024-03-22 19:17:48.0 -0700
@@ -1,8 +1,7 @@
 Source: blktrace
 Section: utils
 Priority: optional
-Maintainer: Ubuntu Developers 
-XSBC-Original-Maintainer: Bas Zoetekouw 
+Maintainer: Bas Zoetekouw 
 Uploaders: Dmitry Smirnov 
 Build-Depends:
 debhelper (>= 11),
diff -Nru blktrace-1.2.0/debian/rules blktrace-1.2.0/debian/rules
--- blktrace-1.2.0/debian/rules 2019-02-23 14:17:21.0 -0800
+++ blktrace-1.2.0/debian/rules 2024-03-22 19:17:33.0 -0700
@@ -10,6 +10,9 @@
 export DEB_BUILD_MAINT_OPTIONS = hardening=+all future=+all qa=+all 
reproducible=+all
 export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
 
+ifeq ($(DEB_HOST_ARCH),ppc64el)
+  export DEB_CFLAGS_MAINT_APPEND = -Wno-error=format-overflow 
-Wno-error=format-truncation
+endif
 # make sure TeX/dvipdfm generates reproducable builds
 export FORCE_SOURCE_DATE=1
 

Bug#1069859: atop: Fix atop for 64-bit time_t on arm

[Steve Langasek]

Package: atop
Version: 2.10.0-2
Severity: grave
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch

Hi Marc,

Although atop currently builds successfully on armhf and armel, it is broken
at runtime because it tries to use a time_t in a format string which now no
longer uses the correct size for the data.  This was found in Ubuntu via
autopkgtests (unfortunately, Debian does not run autopkgtests for binNMUs):

358s /tmp/autopkgtest.Nzaczp/build.Xps/src/debian/tests/01-numcpus: line 15:  
1136 Segmentation fault  (core dumped) atop -P cpu 5 1 1>&2
 
Please see attached a patch that fixes this issue.  It has been uploaded to
Ubuntu.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru atop-2.10.0/debian/patches/64-bit-time-t-compat.patch 
atop-2.10.0/debian/patches/64-bit-time-t-compat.patch
--- atop-2.10.0/debian/patches/64-bit-time-t-compat.patch   1969-12-31 
16:00:00.0 -0800
+++ atop-2.10.0/debian/patches/64-bit-time-t-compat.patch   2024-03-22 
11:11:06.0 -0700
@@ -0,0 +1,22 @@
+Description: compatibility with 64-bit time_t
+Author: Steve Langasek 
+Forwarded: no
+Last-Update: 2024-03-22
+
+Index: atop-2.10.0/parseable.c
+===
+--- atop-2.10.0.orig/parseable.c
 atop-2.10.0/parseable.c
+@@ -214,10 +214,10 @@
+   convdate(curtime, datestr);
+   convtime(curtime, timestr);
+ 
+-  snprintf(header, sizeof header, "%s %s %ld %s %s %d",
++  snprintf(header, sizeof header, "%s %s %lld %s %s %d",
+   labeldef[i].label,
+   utsname.nodename,
+-  curtime,
++  (long long)curtime,
+   datestr, timestr, numsecs);
+ 
+   /*
diff -Nru atop-2.10.0/debian/patches/series atop-2.10.0/debian/patches/series
--- atop-2.10.0/debian/patches/series   2024-01-14 12:18:53.0 -0800
+++ atop-2.10.0/debian/patches/series   2024-03-22 11:10:13.0 -0700
@@ -15,3 +15,4 @@
 no-atopgpud
 handle-default-file
 default
+64-bit-time-t-compat.patch

Bug#1069745: magics-python: wrong arch: any packaging builds potentially uninstallable packages

[Steve Langasek]

Package: magics-python
Version: 2:1.5.8-1
Severity: important
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch

Hi Alastair,

Working to resolve per-arch uninstallability of python3-magics++ in Ubuntu
for the upcoming release, I found significant issues in the packaging that
should be resolved.

 - The package build-depends on libeccodes-dev, but does not use it
 - It depends on libmagplus3v5, but nothing ensures that this package is
   only built for architectures on which libmagplus3v5 is available (both
   libmagplus3v5 and libeccodes have *similar* portability issues, but not
   identical; in Ubuntu we're now in the situation that we have architectures
   where libeccodes-dev is available but libmagplus is not)
 - It doesn't actually *use* libmagplus3v5, so this dependency is wrong;
   what it does use is libMagPlus.so, from libmagics++-dev, which is resolved
   via python3-ecmwflibs
 - But the package is missing an actual dependency on python3-ecmwflibs, so
   installing python3-magics++ by itself results in a python module that
   fails to import
 - But also, this package is a pure-python module containing no
   architecture-dependent code, so it should be Architecture: all anyway
   instead of Architecture: any (which also makes the per-arch
   installability issues go away)
 - And because it's architecture-independent it should build-depend on
   python3 - not python3-dev, which is for binary modules.

Please find attached a patch addressing these issues, which has been
uploaded to Ubuntu.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru magics-python-1.5.8/debian/control magics-python-1.5.8/debian/control
--- magics-python-1.5.8/debian/control  2022-04-17 00:12:44.0 -0700
+++ magics-python-1.5.8/debian/control  2024-04-23 17:10:54.0 -0700
@@ -4,8 +4,7 @@
 Maintainer: Alastair McKinstry 
 Build-Depends: debhelper-compat (= 13), 
   dh-sequence-python3,
-  libeccodes-dev,
-  python3-dev, 
+  python3, 
   python3-setuptools,
   python3-pytest-runner
 Standards-Version: 4.6.0
@@ -14,8 +13,8 @@
 Vcs-Git: https://salsa.debian.org:/science-team/magics-python.git -b 
debian/latest
 
 Package: python3-magics++
-Architecture: any
-Depends:  libmagplus3v5 , ${misc:Depends}, 
+Architecture: all
+Depends: python3-ecmwflibs, ${misc:Depends}, 
  ${python3:Depends}, 
  python3-simplejson, 
  python3-jinja2

Bug#1069682: debian-cd DVD source run failing

[Steve McIntyre]

Package: cdimage.debian.org

As a reminder for me: the latest weekly build failed, looks like
source packages no longer fit???

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"C++ ate my sanity" -- Jon Rabone

Bug#1069533: sayonara: Please package new upstream version

[Steve M]

Is this not an issue that would prevent such an update for the time being?


This package is part of the ongoing testing transition known as auto-qtbase-
opensource-src. Please avoid uploads unrelated to this transition, they would
likely delay it and require supplementary work from the release managers. On the
other hand, if your package has problems preventing it to migrate to testing,
please fix them as soon as possible. You can probably find supplementary
information in the debian-release archives or in the corresponding
release.debian.org bug.

This package is part of the ongoing testing transition known as libglib2.0-
0t64. Please avoid uploads unrelated to this transition, they would likely delay
it and require supplementary work from the release managers. On the other hand,
if your package has problems preventing it to migrate to testing, please fix
them as soon as possible. You can probably find supplementary information in the
debian-release archives or in the corresponding release.debian.org bug.



Thanks
-Steve




On Sat, 2024-04-20 at 09:19 -0400, Boyuan Yang wrote:
> Source: sayonara
> Version: 1.8.0-beta1-1
> Tags: sid
> X-Debbugs-CC: kokoye2...@gmail.com s...@swm1.com
> 
> Dear Debian sayonara package maintainers,
> 
> A new upstream release of package sayonara was released in Jan 2024.
> Since you are listed as Debian package maintainers, please consider
> upgrading its Debian package. If you have any questions, please let
> me know.
> 
> Thanks,
> Boyuan Yang

Bug#1066684: xpat2: FTBFS: loadsave.c:279:24: error: implicit declaration of function ‘cuserid’ [-Werror=implicit-function-declaration]

[Steve McIntyre]

Here's an NMU diff that fixes the FTBFS. In incoming right now.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"I used to be the first kid on the block wanting a cranial implant,
 now I want to be the first with a cranial firewall. " -- Charlie Stross
diff -Nru xpat2-1.07/debian/changelog xpat2-1.07/debian/changelog
--- xpat2-1.07/debian/changelog 2016-11-02 10:32:41.0 +
+++ xpat2-1.07/debian/changelog 2024-04-18 21:21:46.0 +
@@ -1,3 +1,10 @@
+xpat2 (1.07-20+nmu1) unstable; urgency=medium
+
+  * NMU
+  * Fix FTBFS for implicit declaration(s). Closes: #1066684
+
+ -- Steve McIntyre <93...@debian.org>  Thu, 18 Apr 2024 22:21:46 +0100
+
 xpat2 (1.07-20) unstable; urgency=medium
 
   * maintainer address change
diff -Nru xpat2-1.07/debian/patches/fix-implicit-declarations.diff 
xpat2-1.07/debian/patches/fix-implicit-declarations.diff
--- xpat2-1.07/debian/patches/fix-implicit-declarations.diff1970-01-01 
00:00:00.0 +
+++ xpat2-1.07/debian/patches/fix-implicit-declarations.diff2024-04-18 
21:21:46.0 +
@@ -0,0 +1,11 @@
+--- xpat2-1.07.orig/src/loadsave.c
 xpat2-1.07/src/loadsave.c
+@@ -26,6 +26,8 @@
+ 
+ #include 
+ 
++#define NO_CUSERID  /* Disable, it's not there */
++
+ #ifndef _POSIX_NAME_MAX
+ #  undef _POSIX_SOURCE/* seems that we have no POSIX system! 
*/
+ #  define NAME_MAX14  /* every UNIX should have at least this */
diff -Nru xpat2-1.07/debian/patches/series xpat2-1.07/debian/patches/series
--- xpat2-1.07/debian/patches/series2016-11-02 09:58:54.0 +
+++ xpat2-1.07/debian/patches/series2024-04-18 21:21:46.0 +
@@ -4,3 +4,4 @@
 localization-improvement
 icon-removal
 patch-loadsave.diff
+fix-implicit-declarations.diff

Bug#1061519: shim: CVE-2023-40546 CVE-2023-40547 CVE-2023-40548 CVE-2023-40549 CVE-2023-40550 CVE-2023-40551

[Steve McIntyre]

On Mon, Apr 15, 2024 at 11:33:14AM +, Bastien Roucariès wrote:
>Source: shim
>Followup-For: Bug #1061519
>Control: tags -1 + patch
>
>Dear Maintainer,
>
>Please find a MR here
>https://salsa.debian.org/efi-team/shim/-/merge_requests/13

ACK. Thanks for trying to help, but the merge isn't the hard bit here.

Tthe new upstream is a little problematic and I'm debugging some boot
failures in my local CI already.

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Into the distance, a ribbon of black
Stretched to the point of no turning back

Bug#1066342: eterm: FTBFS: libscream.c:3231:16: error: implicit declaration of function ‘safe_print_string’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: eterm
Followup-For: Bug #1066342
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru eterm-0.9.6/debian/patches/no-implicit-declarations.patch 
eterm-0.9.6/debian/patches/no-implicit-declarations.patch
--- eterm-0.9.6/debian/patches/no-implicit-declarations.patch   1969-12-31 
16:00:00.0 -0800
+++ eterm-0.9.6/debian/patches/no-implicit-declarations.patch   2024-04-13 
16:46:57.0 -0700
@@ -0,0 +1,18 @@
+Description: add missing include
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066342
+Last-Update: 2024-04-13
+Forwarded: no
+
+Index: eterm-0.9.6/src/libscream.c
+===
+--- eterm-0.9.6.orig/src/libscream.c
 eterm-0.9.6/src/libscream.c
+@@ -44,6 +44,7 @@
+ 
+ #include "config.h"
+ #include "feature.h"
++#include "misc.h"
+ 
+ /* use libast if we have it */
+ #ifdef DEBUG_ESCREEN
diff -Nru eterm-0.9.6/debian/patches/series eterm-0.9.6/debian/patches/series
--- eterm-0.9.6/debian/patches/series   2023-03-10 12:03:30.0 -0800
+++ eterm-0.9.6/debian/patches/series   2024-04-13 16:45:35.0 -0700
@@ -6,3 +6,4 @@
 fix-esetroot-on-pseudocolor.patch
 CVE-2021-33477.patch
 fix-fail-to-build-with-imlib2.patch
+no-implicit-declarations.patch

Bug#1065790: libosmo-netif: FTBFS on arm{el,hf}: tests fail

[Steve Langasek]

Package: libosmo-netif
Followup-For: Bug #1065790
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Well, maybe a version of the patch without a stray character that breaks
compilation.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru libosmo-netif-1.2.0/debian/patches/64-bit-time-t.patch 
libosmo-netif-1.2.0/debian/patches/64-bit-time-t.patch
--- libosmo-netif-1.2.0/debian/patches/64-bit-time-t.patch  1969-12-31 
16:00:00.0 -0800
+++ libosmo-netif-1.2.0/debian/patches/64-bit-time-t.patch  2024-04-13 
12:31:32.0 -0700
@@ -0,0 +1,136 @@
+Description: use a 64-bit safe format string for time_t.
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1065790
+Last-Update: 2024-04-13
+Forwarded: no
+
+Index: libosmo-netif-1.2.0/examples/ipa-stream-client.c
+===
+--- libosmo-netif-1.2.0.orig/examples/ipa-stream-client.c
 libosmo-netif-1.2.0/examples/ipa-stream-client.c
+@@ -143,7 +143,8 @@
+   timersub(, >tv, );
+ 
+   LOGP(DLINP, LOGL_NOTICE, "message %d replied "
+-  "in %lu.%.6lu\n", num, diff.tv_sec, diff.tv_usec);
++  "in %lld.%.6lld\n", num, (long long int)diff.tv_sec,
++  (long long int)diff.tv_usec);
+   talloc_free(found);
+   } else {
+   LOGP(DLINP, LOGL_ERROR,
+Index: libosmo-netif-1.2.0/src/jibuf.c
+===
+--- libosmo-netif-1.2.0.orig/src/jibuf.c
 libosmo-netif-1.2.0/src/jibuf.c
+@@ -385,10 +385,10 @@
+   timeradd(>last_enqueue_time, _ts, _ts);
+ 
+   LOGP(DLJIBUF, LOGL_DEBUG, "enqueuing packet seq=%"PRIu16" rel=%d 
delay=%d" \
+-  " skew=%d thres=%d {%lu.%06lu -> %lu.%06lu} %s\n",
++  " skew=%d thres=%d {%lld.%06lld -> %lld.%06lld} %s\n",
+   msg_get_sequence(msg), rel_delay, delay, jb->skew_us, 
jb->threshold_delay,
+-  jb->last_enqueue_time.tv_sec, jb->last_enqueue_time.tv_usec,
+-  sched_ts.tv_sec, sched_ts.tv_usec, msg_get_marker(msg)? "M" : 
"");
++  (long long int)jb->last_enqueue_time.tv_sec, (long long 
int)jb->last_enqueue_time.tv_usec,
++  (long long int)sched_ts.tv_sec, (long long 
int)sched_ts.tv_usec, msg_get_marker(msg)? "M" : "");
+ 
+   /* Add scheduled dequeue time in msg->cb so we can check it later */
+   unsigned long *old_cb = talloc_memdup(jb->talloc_ctx, msg->cb, 
sizeof(msg->cb));
+Index: libosmo-netif-1.2.0/tests/osmux/osmux_test.c
+===
+--- libosmo-netif-1.2.0.orig/tests/osmux/osmux_test.c
 libosmo-netif-1.2.0/tests/osmux/osmux_test.c
+@@ -69,8 +69,10 @@
+   struct timeval tv; \
+   osmo_clock_gettime(CLOCK_MONOTONIC, ); \
+   osmo_gettimeofday(, NULL); \
+-  fprintf(stderr, "sys={%lu.%06lu}, mono={%lu.%06lu}: " fmt, \
+-  tv.tv_sec, tv.tv_usec, ts.tv_sec, ts.tv_nsec/1000, 
##args); \
++  fprintf(stderr, "sys={%lld.%06lld}, mono={%lld.%06lld}: " fmt, \
++  (long long int)tv.tv_sec, (long long int)tv.tv_usec, \
++  (long long int)ts.tv_sec, \
++  (long long int)ts.tv_nsec/1000, ##args); \
+   } while(0)
+ 
+ static void clock_override_enable(bool enable)
+Index: libosmo-netif-1.2.0/tests/stream/stream_test.c
+===
+--- libosmo-netif-1.2.0.orig/tests/stream/stream_test.c
 libosmo-netif-1.2.0/tests/stream/stream_test.c
+@@ -60,7 +60,7 @@
+ #define LOGCLI(cli, fmt, args...) do { \
+   struct timeval tv; \
+   osmo_gettimeofday(, NULL); \
+-  printf("{%lu.%06lu} [%s] Client's %s(): " fmt, tv.tv_sec, 
tv.tv_usec, \
++  printf("{%lld.%06lld} [%s] Client's %s(): " fmt, (long long 
int)tv.tv_sec, (long long int)tv.tv_usec, \
+  osmo_stream_cli_get_data(cli) ? "OK" : "NA", __func__, 
##args); \
+   } while (0)
+ 
+@@ -235,7 +235,7 @@
+ #define LOGSRV(srv, fmt, args...) do { \
+   struct timeval tv; \
+   osmo_gettimeofday(, NULL); \
+-  printf("{%lu.%06lu} [%s|%s] Server's %s(): " fmt,  tv.tv_sec, 
tv.tv_usec, \
++  printf("{%lld.%06lld} [%s|%s] Server's %s(): "

Bug#1065790: libosmo-netif: FTBFS on arm{el,hf}: tests fail

[Steve Langasek]

Package: libosmo-netif
Followup-For: Bug #1065790
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached an alternative solution to this which has been uploaded
to Ubuntu.  I found it easier to fix the portability issue than deal with
removing the reverse-dependency chain.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru libosmo-netif-1.2.0/debian/patches/64-bit-time-t.patch 
libosmo-netif-1.2.0/debian/patches/64-bit-time-t.patch
--- libosmo-netif-1.2.0/debian/patches/64-bit-time-t.patch  1969-12-31 
16:00:00.0 -0800
+++ libosmo-netif-1.2.0/debian/patches/64-bit-time-t.patch  2024-04-13 
12:30:35.0 -0700
@@ -0,0 +1,142 @@
+Description: use a 64-bit safe format string for time_t.
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1065790
+Last-Update: 2024-04-13
+Forwarded: no
+
+Index: libosmo-netif-1.2.0/examples/ipa-stream-client.c
+===
+--- libosmo-netif-1.2.0.orig/examples/ipa-stream-client.c
 libosmo-netif-1.2.0/examples/ipa-stream-client.c
+@@ -143,7 +143,8 @@
+   timersub(, >tv, );
+ 
+   LOGP(DLINP, LOGL_NOTICE, "message %d replied "
+-  "in %lu.%.6lu\n", num, diff.tv_sec, diff.tv_usec);
++  "in %lld.%.6lld\n", num, (long long int)diff.tv_sec,
++  (long long int)diff.tv_usec);
+   talloc_free(found);
+   } else {
+   LOGP(DLINP, LOGL_ERROR,
+Index: libosmo-netif-1.2.0/src/jibuf.c
+===
+--- libosmo-netif-1.2.0.orig/src/jibuf.c
 libosmo-netif-1.2.0/src/jibuf.c
+@@ -385,10 +385,10 @@
+   timeradd(>last_enqueue_time, _ts, _ts);
+ 
+   LOGP(DLJIBUF, LOGL_DEBUG, "enqueuing packet seq=%"PRIu16" rel=%d 
delay=%d" \
+-  " skew=%d thres=%d {%lu.%06lu -> %lu.%06lu} %s\n",
++  " skew=%d thres=%d {%lld.%06lld -> %lld.%06lld} %s\n",
+   msg_get_sequence(msg), rel_delay, delay, jb->skew_us, 
jb->threshold_delay,
+-  jb->last_enqueue_time.tv_sec, jb->last_enqueue_time.tv_usec,
+-  sched_ts.tv_sec, sched_ts.tv_usec, msg_get_marker(msg)? "M" : 
"");
++  (long long int)jb->last_enqueue_time.tv_sec, (long long 
int)jb->last_enqueue_time.tv_usec,
++  (long long int)sched_ts.tv_sec, (long long 
int)sched_ts.tv_usec, msg_get_marker(msg)? "M" : "");
+ 
+   /* Add scheduled dequeue time in msg->cb so we can check it later */
+   unsigned long *old_cb = talloc_memdup(jb->talloc_ctx, msg->cb, 
sizeof(msg->cb));
+Index: libosmo-netif-1.2.0/tests/osmux/osmux_test.c
+===
+--- libosmo-netif-1.2.0.orig/tests/osmux/osmux_test.c
 libosmo-netif-1.2.0/tests/osmux/osmux_test.c
+@@ -1,4 +1,4 @@
+-/*
++y/*
+  * (C) 2013 by Pablo Neira Ayuso 
+  * (C) 2013 by On Waves ehf <http://www.on-waves.com>
+  *
+@@ -69,8 +69,10 @@
+   struct timeval tv; \
+   osmo_clock_gettime(CLOCK_MONOTONIC, ); \
+   osmo_gettimeofday(, NULL); \
+-  fprintf(stderr, "sys={%lu.%06lu}, mono={%lu.%06lu}: " fmt, \
+-  tv.tv_sec, tv.tv_usec, ts.tv_sec, ts.tv_nsec/1000, 
##args); \
++  fprintf(stderr, "sys={%lld.%06lld}, mono={%lld.%06lld}: " fmt, \
++  (long long int)tv.tv_sec, (long long int)tv.tv_usec, \
++  (long long int)ts.tv_sec, \
++  (long long int)ts.tv_nsec/1000, ##args); \
+   } while(0)
+ 
+ static void clock_override_enable(bool enable)
+Index: libosmo-netif-1.2.0/tests/stream/stream_test.c
+===
+--- libosmo-netif-1.2.0.orig/tests/stream/stream_test.c
 libosmo-netif-1.2.0/tests/stream/stream_test.c
+@@ -60,7 +60,7 @@
+ #define LOGCLI(cli, fmt, args...) do { \
+   struct timeval tv; \
+   osmo_gettimeofday(, NULL); \
+-  printf("{%lu.%06lu} [%s] Client's %s(): " fmt, tv.tv_sec, 
tv.tv_usec, \
++  printf("{%lld.%06lld} [%s] Client's %s(): " fmt, (long long 
int)tv.tv_sec, (long long int)tv.tv_usec, \
+  osmo_stream_cli_get_data(cli) ? "OK" : "NA", __func__, 
##args); \
+   } while (0)
+ 
+@@ -235,7 +235,7 @@
+ #define LOGSRV(srv, fmt, args...) do { \
+   struct timeval tv; \
+   

Bug#1066551: ramond: FTBFS: src/main.c:164:17: error: implicit declaration of function ‘LOG’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: ramond
Followup-For: Bug #1066551
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru ramond-0.5/debian/patches/0001-Daemonize-ramond-by-default.patch 
ramond-0.5/debian/patches/0001-Daemonize-ramond-by-default.patch
--- ramond-0.5/debian/patches/0001-Daemonize-ramond-by-default.patch
2020-09-09 13:09:14.0 -0700
+++ ramond-0.5/debian/patches/0001-Daemonize-ramond-by-default.patch
2024-04-13 09:50:06.0 -0700
@@ -8,10 +8,10 @@
  src/main.h |1 +
  2 files changed, 80 insertions(+), 2 deletions(-)
 
-diff --git a/src/main.c b/src/main.c
-index 0cb6e8a..3c4543d 100644
 a/src/main.c
-+++ b/src/main.c
+Index: ramond-0.5/src/main.c
+===
+--- ramond-0.5.orig/src/main.c
 ramond-0.5/src/main.c
 @@ -1,6 +1,5 @@
  #include "main.h"
  #include "log.h"
@@ -19,7 +19,7 @@
  apr_pool_t *masterPool;
  struct configuration *config;
  
-@@ -14,8 +13,9 @@ void listRules(void);
+@@ -14,8 +13,9 @@
  
  void usage(char *prog_name)
  {
@@ -30,7 +30,7 @@
fprintf(stderr, "   -c : path to config file.\n");
  }
  
-@@ -824,11 +824,74 @@ void rafixd_clearRoute(struct ra_info *data)
+@@ -824,11 +824,74 @@
pcap_close(fd);
  }
  
@@ -81,7 +81,7 @@
 +  pidfile = open("/var/run/ramond.pid", O_RDWR|O_CREAT, 0640);
 +  if(pidfile < 0)
 +  exit(EXIT_FAILURE);
-+  if(flock(pidfile, F_TLOCK, 0) < 0)
++  if(lockf(pidfile, F_TLOCK, 0) < 0)
 +  exit(EXIT_SUCCESS);
 +
 +  sprintf(pidstr, "%d\n", getpid());
@@ -105,7 +105,7 @@
if(argc > 6)
{
usage(argv[0]);
-@@ -842,6 +905,20 @@ int main(int argc, char *argv[])
+@@ -842,6 +905,20 @@
  
signal(SIGCHLD, sigchld_handler);
  
@@ -126,10 +126,10 @@
/* Find the config file */
if(!parseConfigFile(argc,argv))
{
-diff --git a/src/main.h b/src/main.h
-index 26de811..6552d5b 100644
 a/src/main.h
-+++ b/src/main.h
+Index: ramond-0.5/src/main.h
+===
+--- ramond-0.5.orig/src/main.h
 ramond-0.5/src/main.h
 @@ -1,5 +1,6 @@
  #include 
  #include 
diff -Nru ramond-0.5/debian/patches/no-implicit-declarations.patch 
ramond-0.5/debian/patches/no-implicit-declarations.patch
--- ramond-0.5/debian/patches/no-implicit-declarations.patch1969-12-31 
16:00:00.0 -0800
+++ ramond-0.5/debian/patches/no-implicit-declarations.patch2024-04-13 
09:50:06.0 -0700
@@ -0,0 +1,29 @@
+Description: fix missing function declarations.
+Author: Steve Langasek 
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/2061024
+Bug-Debian: https://bugs.debian.org/1066551
+Last-Update: 2024-04-13
+Forwarded: no
+
+Index: ramond-0.5/src/log.h
+===
+--- ramond-0.5.orig/src/log.h
 ramond-0.5/src/log.h
+@@ -25,4 +25,6 @@
+ 
+ FILE *log_file;
+ 
++void LOG(const char *fmt, ...);
++
+ #endif
+Index: ramond-0.5/src/main.c
+===
+--- ramond-0.5.orig/src/main.c
 ramond-0.5/src/main.c
+@@ -1,3 +1,6 @@
++#include 
++#include 
++
+ #include "main.h"
+ #include "log.h"
+ apr_pool_t *masterPool;
diff -Nru ramond-0.5/debian/patches/series ramond-0.5/debian/patches/series
--- ramond-0.5/debian/patches/series2022-04-20 16:48:49.0 -0700
+++ ramond-0.5/debian/patches/series2024-04-13 09:48:15.0 -0700
@@ -4,3 +4,4 @@
 0004-Honor-CFLAGS-CPPFLAGS-and-LDFLAGS.patch
 compiler.patch
 libxml2.patch
+no-implicit-declarations.patch

Bug#1068431: rakarrack dependencies unsatisfiable on 32-bit non-i386 architectures.

[Steve Langasek]

Package: rakarrack
Followup-For: Bug #1068431
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru rakarrack-0.6.1/debian/control rakarrack-0.6.1/debian/control
--- rakarrack-0.6.1/debian/control  2024-03-12 00:01:51.0 -0700
+++ rakarrack-0.6.1/debian/control  2024-04-12 22:22:56.0 -0700
@@ -21,9 +21,6 @@
 Architecture: any
 Depends: ${misc:Depends},
  ${shlibs:Depends},
- libfltk1.3,
- libxpm4,
- libasound2,
  jackd
 Description: Simple and easy guitar effects processor for GNU/Linux
  Rakarrack is a guitar effects processor for GNU / Linux simple and easy to use

Bug#1067623: FTBFS: error: format ‘%ld’ expects argument of type ‘long int’, but argument 2 has type ‘__time64_t’ {aka ‘long long int’}

[Steve Langasek]

Package: acm
Followup-For: Bug #1067623
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru acm-6.0+20200416/debian/patches/64-bit-time-t.patch 
acm-6.0+20200416/debian/patches/64-bit-time-t.patch
--- acm-6.0+20200416/debian/patches/64-bit-time-t.patch 1969-12-31 
16:00:00.0 -0800
+++ acm-6.0+20200416/debian/patches/64-bit-time-t.patch 2024-04-12 
17:30:16.0 -0700
@@ -0,0 +1,22 @@
+Description: use 64-bit-safe format string for time_t
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1067623
+Last-Update: 2024-04-12
+Forwarded: no
+
+Index: acm-6.0+20200416/src/dis/test/disscope.c
+===
+--- acm-6.0+20200416.orig/src/dis/test/disscope.c
 acm-6.0+20200416/src/dis/test/disscope.c
+@@ -239,8 +239,9 @@
+   printf ("Family   %d\n", pdu.hdr.protocol_family);
+   printf ("Exercise id  %d\n", pdu.hdr.exercise_id);
+   dis_timestampToTimeval (_stamp, );
+-  printf ("Time stamp   %ld.%ld\n", tm.tv_sec,
+-  tm.tv_usec / 1000);
++  printf ("Time stamp   %lld.%lld\n",
++  (long long int)tm.tv_sec,
++  (long long int)tm.tv_usec / 1000);
+   switch (pdu.hdr.pdu_type) {
+   case PDUTypeEntityState:
+   printf ("Entity (sim.app.eid) : %d/%d/%d\n",
diff -Nru acm-6.0+20200416/debian/patches/series 
acm-6.0+20200416/debian/patches/series
--- acm-6.0+20200416/debian/patches/series  2022-10-17 08:51:57.0 
-0700
+++ acm-6.0+20200416/debian/patches/series  2024-04-12 17:28:43.0 
-0700
@@ -4,3 +4,4 @@
 fix_paths_in_acm_tcl.patch
 hardening1.patch
 fix_buffer_size.patch
+64-bit-time-t.patch

Bug#1066315: kraptor: FTBFS: src/main.c:57:5: error: implicit declaration of function ‘mkdir’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: kraptor
Followup-For: Bug #1066315
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru kraptor-0.0.20040403+ds/debian/patches/no-implicit-declarations.patch 
kraptor-0.0.20040403+ds/debian/patches/no-implicit-declarations.patch
--- kraptor-0.0.20040403+ds/debian/patches/no-implicit-declarations.patch   
1969-12-31 16:00:00.0 -0800
+++ kraptor-0.0.20040403+ds/debian/patches/no-implicit-declarations.patch   
2024-04-12 16:42:20.0 -0700
@@ -0,0 +1,18 @@
+Description: add missing include
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066315
+Last-Update: 2024-04-12
+Forwarded: no
+
+Index: kraptor-0.0.20040403+ds/src/main.c
+===
+--- kraptor-0.0.20040403+ds.orig/src/main.c
 kraptor-0.0.20040403+ds/src/main.c
+@@ -19,6 +19,7 @@
+ // 
+ #include 
+ #include 
++#include 
+ #include 
+ #include 
+ #include  /* DUMB: musica MOD, XM, etc */
diff -Nru kraptor-0.0.20040403+ds/debian/patches/series 
kraptor-0.0.20040403+ds/debian/patches/series
--- kraptor-0.0.20040403+ds/debian/patches/series   2024-01-04 
16:48:45.0 -0800
+++ kraptor-0.0.20040403+ds/debian/patches/series   2024-04-12 
16:40:54.0 -0700
@@ -14,3 +14,4 @@
 14_create-hidden-kraptor-directory-in-home.patch
 15_reproducible-build.patch
 fix_building_kraptor_with_fix_functions.patch
+no-implicit-declarations.patch

Bug#1066654: mlpcap: FTBFS: utils.c:184:3: error: implicit declaration of function ‘camlidl_ml2c_pcap_pcap_handle’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: mlpcap
Followup-For: Bug #1066654
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue that has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru mlpcap-0.9/debian/patches/no-implicit-declarations.patch 
mlpcap-0.9/debian/patches/no-implicit-declarations.patch
--- mlpcap-0.9/debian/patches/no-implicit-declarations.patch1969-12-31 
16:00:00.0 -0800
+++ mlpcap-0.9/debian/patches/no-implicit-declarations.patch2024-04-10 
16:59:47.0 -0700
@@ -0,0 +1,22 @@
+Description: add missing prototype
+ This function is code generated by camlidl from the .idl input file;
+ unfortunately it does not emit a header including the prototype.
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066654
+Last-Update: 2024-04-10
+Forwarded: no
+
+Index: mlpcap-0.9/utils.c
+===
+--- mlpcap-0.9.orig/utils.c
 mlpcap-0.9/utils.c
+@@ -33,6 +33,9 @@
+ #include 
+ #include "utils.h"
+ 
++extern void camlidl_ml2c_pcap_pcap_handle(value _v1, pcap_handle * _c2,
++  camlidl_ctx _ctx);
++
+ void
+ _pcap_callback (void *cback, va_alist alist)
+ {
diff -Nru mlpcap-0.9/debian/patches/series mlpcap-0.9/debian/patches/series
--- mlpcap-0.9/debian/patches/series2023-09-11 22:50:01.0 -0700
+++ mlpcap-0.9/debian/patches/series2024-04-10 16:57:47.0 -0700
@@ -5,3 +5,4 @@
 03_correct_META.diff
 07_dll_with_camlidl.diff
 08_ffcall.diff
+no-implicit-declarations.patch

Bug#1065774: libdigidoc: FTBFS on arm{el,hf}: /<>/libdigidoc/DigiDocService.c:327:19: error: implicit declaration of function ‘ddocAddSignatureFromMemory’ [-Werror=implicit-function-decla

[Steve Langasek]

Package: libdigidoc
Followup-For: Bug #1065774
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue that has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru libdigidoc-3.10.5/debian/patches/no-implicit-declarations.patch 
libdigidoc-3.10.5/debian/patches/no-implicit-declarations.patch
--- libdigidoc-3.10.5/debian/patches/no-implicit-declarations.patch 
1969-12-31 16:00:00.0 -0800
+++ libdigidoc-3.10.5/debian/patches/no-implicit-declarations.patch 
2024-04-10 16:10:25.0 -0700
@@ -0,0 +1,30 @@
+Description: add missing define and includes required for prototypes
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1065774
+Last-Update: 2024-04-10
+Forwarded: no
+
+Index: libdigidoc-3.10.5/libdigidoc/DigiDocVerify.c
+===
+--- libdigidoc-3.10.5.orig/libdigidoc/DigiDocVerify.c
 libdigidoc-3.10.5/libdigidoc/DigiDocVerify.c
+@@ -20,6 +20,7 @@
+ //  Creation
+ //==
+ 
++#define WITH_DEPRECATED_FUNCTIONS
+ #include "DigiDocVerify.h"
+ #include "DigiDocError.h"
+ #include "DigiDocLib.h"
+Index: libdigidoc-3.10.5/libdigidoc/DigiDocService.c
+===
+--- libdigidoc-3.10.5.orig/libdigidoc/DigiDocService.c
 libdigidoc-3.10.5/libdigidoc/DigiDocService.c
+@@ -26,6 +26,7 @@
+ #include 
+ #include 
+ #include 
++#include 
+ #include 
+ #include 
+ #include 
diff -Nru libdigidoc-3.10.5/debian/patches/series 
libdigidoc-3.10.5/debian/patches/series
--- libdigidoc-3.10.5/debian/patches/series 2022-07-10 19:12:11.0 
-0700
+++ libdigidoc-3.10.5/debian/patches/series 2024-04-10 16:08:47.0 
-0700
@@ -1,3 +1,4 @@
 versioninfo.cmake-set-build_date-using-u.patch
 build-with-openssl-v3.patch
 fix-national-encoding.patch
+no-implicit-declarations.patch

Bug#1066512: latencytop: FTBFS: fsync.c:330:17: error: implicit declaration of function ‘gettimeofday’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: latencytop
Followup-For: Bug #1066512
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru latencytop-0.5.0/debian/patches/no-implicit-declarations.patch 
latencytop-0.5.0/debian/patches/no-implicit-declarations.patch
--- latencytop-0.5.0/debian/patches/no-implicit-declarations.patch  
1969-12-31 16:00:00.0 -0800
+++ latencytop-0.5.0/debian/patches/no-implicit-declarations.patch  
2024-04-10 16:02:15.0 -0700
@@ -0,0 +1,18 @@
+Description: add missing include
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066512
+Last-Update: 2024-04-10
+Forwarded: no
+
+Index: latencytop-0.5.0/fsync.c
+===
+--- latencytop-0.5.0.orig/fsync.c
 latencytop-0.5.0/fsync.c
+@@ -32,6 +32,7 @@
+ #include 
+ #include 
+ #include 
++#include 
+ 
+ #include 
+ 
diff -Nru latencytop-0.5.0/debian/patches/series 
latencytop-0.5.0/debian/patches/series
--- latencytop-0.5.0/debian/patches/series  2021-08-24 10:26:05.0 
-0700
+++ latencytop-0.5.0/debian/patches/series  2024-04-10 16:01:05.0 
-0700
@@ -1,3 +1,4 @@
 0001-Convert-to-autoconf.patch
 0002-Fix-FTBFS-in-fsync.c.patch
 0003-typo-fix.patch
+no-implicit-declarations.patch

Bug#1066689: kdrill: FTBFS: init.c:171:12: error: implicit declaration of function ‘isMapped’; did you mean ‘IsUnmapped’? [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: kdrill
Followup-For: Bug #1066689
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru kdrill-6.5deb2/debian/patches/no-implicit-declarations.patch 
kdrill-6.5deb2/debian/patches/no-implicit-declarations.patch
--- kdrill-6.5deb2/debian/patches/no-implicit-declarations.patch
1969-12-31 16:00:00.0 -0800
+++ kdrill-6.5deb2/debian/patches/no-implicit-declarations.patch
2024-04-10 15:56:58.0 -0700
@@ -0,0 +1,18 @@
+Description: add missing include
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066689
+Last-Update: 2024-04-10
+Forwarded: no
+
+Index: kdrill-6.5deb2/init.c
+===
+--- kdrill-6.5deb2.orig/init.c
 kdrill-6.5deb2/init.c
+@@ -24,6 +24,7 @@
+ #include "searchwidgets.h"
+ #include "widgets.h"
+ #include "timeout.h"
++#include "utils.h"
+ 
+ #include "icon_xbm"
+ 
diff -Nru kdrill-6.5deb2/debian/patches/series 
kdrill-6.5deb2/debian/patches/series
--- kdrill-6.5deb2/debian/patches/series2021-10-20 10:11:20.0 
-0700
+++ kdrill-6.5deb2/debian/patches/series2024-04-10 15:55:23.0 
-0700
@@ -12,3 +12,4 @@
 use-env-flags.diff
 warning-fixes.diff
 rename-getline.diff
+no-implicit-declarations.patch

Bug#1067259: jabberd2: FTBFS: make[3]: *** [Makefile:538: libsx_la-websocket.lo] Error 1

[Steve Langasek]

Package: jabberd2
Followup-For: Bug #1067259
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue that has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru jabberd2-2.7.0/debian/patches/no-implicit-declarations.patch 
jabberd2-2.7.0/debian/patches/no-implicit-declarations.patch
--- jabberd2-2.7.0/debian/patches/no-implicit-declarations.patch
1969-12-31 16:00:00.0 -0800
+++ jabberd2-2.7.0/debian/patches/no-implicit-declarations.patch
2024-04-10 15:03:46.0 -0700
@@ -0,0 +1,81 @@
+Description: add missing includes and disable conflicting crypt_r()
+ Nothing uses crypt_r() externally, it should use the glibc one; so disable
+ the conflicting prototype in the internal header.
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1067259
+Last-Update: 2024-04-10
+Forwarded: no
+
+Index: jabberd2-2.7.0/storage/authreg_sqlite.c
+===
+--- jabberd2-2.7.0.orig/storage/authreg_sqlite.c
 jabberd2-2.7.0/storage/authreg_sqlite.c
+@@ -32,6 +32,7 @@
+ #define _XOPEN_SOURCE 500
+ #include "c2s.h"
+ #include 
++#include 
+ 
+ /* Windows does not have the crypt() function, let's take DES_crypt from 
OpenSSL instead */
+ #if defined(HAVE_OPENSSL_CRYPTO_H) && defined(_WIN32)
+Index: jabberd2-2.7.0/storage/authreg_pgsql.c
+===
+--- jabberd2-2.7.0.orig/storage/authreg_pgsql.c
 jabberd2-2.7.0/storage/authreg_pgsql.c
+@@ -32,6 +32,7 @@
+ #else
+ #ifdef HAVE_CRYPT
+ #include 
++#include 
+ #endif
+ #endif
+ 
+Index: jabberd2-2.7.0/storage/authreg_ldapfull.c
+===
+--- jabberd2-2.7.0.orig/storage/authreg_ldapfull.c
 jabberd2-2.7.0/storage/authreg_ldapfull.c
+@@ -35,6 +35,7 @@
+ #ifdef STORAGE_LDAP
+ #ifdef HAVE_CRYPT
+ #include 
++#include 
+ #endif
+ 
+ #ifdef HAVE_SSL
+Index: jabberd2-2.7.0/util/crypt_blowfish.c
+===
+--- jabberd2-2.7.0.orig/util/crypt_blowfish.c
 jabberd2-2.7.0/util/crypt_blowfish.c
+@@ -54,6 +54,8 @@
+ /* Just to make sure the prototypes match the actual definitions */
+ #include "crypt_blowfish.h"
+ 
++char *crypt_r(__const char *key, __const char *setting, void *data);
++
+ #if defined(__i386__) || defined(__x86_64__) || defined(__alpha__) || 
defined(__hppa__)
+ #define BF_SCALE  1
+ #else
+Index: jabberd2-2.7.0/util/crypt_blowfish.h
+===
+--- jabberd2-2.7.0.orig/util/crypt_blowfish.h
 jabberd2-2.7.0/util/crypt_blowfish.h
+@@ -23,7 +23,6 @@
+ #endif
+ 
+ extern char *bcrypt(__const char *key, __const char *setting);
+-extern char *crypt_r(__const char *key, __const char *setting, void *data);
+ 
+ #ifndef __SKIP_OW
+ extern char *crypt_rn(__const char *key, __const char *setting,
+Index: jabberd2-2.7.0/storage/authreg_mysql.c
+===
+--- jabberd2-2.7.0.orig/storage/authreg_mysql.c
 jabberd2-2.7.0/storage/authreg_mysql.c
+@@ -35,6 +35,7 @@
+ #else
+ #ifdef HAVE_CRYPT
+ #include 
++#include 
+ #endif
+ #endif
+ 
diff -Nru jabberd2-2.7.0/debian/patches/series 
jabberd2-2.7.0/debian/patches/series
--- jabberd2-2.7.0/debian/patches/series2023-09-05 14:07:00.0 
-0700
+++ jabberd2-2.7.0/debian/patches/series2024-04-10 15:00:33.0 
-0700
@@ -7,3 +7,4 @@
 systemd-alias.diff
 m4-ax_check_compile_flag.diff
 mysql8_my_bool.patch
+no-implicit-declarations.patch

Bug#1065969: ike-scan: FTBFS on arm{el,hf}: configure: error: cannot determine snprintf format string for long long int

[Steve Langasek]

Package: ike-scan
Followup-For: Bug #1065969
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue that has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru ike-scan-1.9.5/debian/patches/no-implicit-declarations.patch 
ike-scan-1.9.5/debian/patches/no-implicit-declarations.patch
--- ike-scan-1.9.5/debian/patches/no-implicit-declarations.patch
1969-12-31 16:00:00.0 -0800
+++ ike-scan-1.9.5/debian/patches/no-implicit-declarations.patch
2024-04-10 14:34:34.0 -0700
@@ -0,0 +1,18 @@
+Description: add missing include
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1065969
+Last-Update: 2024-04-10
+Forwarded: no
+
+Index: ike-scan-1.9.5/acinclude.m4
+===
+--- ike-scan-1.9.5.orig/acinclude.m4
 ike-scan-1.9.5/acinclude.m4
+@@ -180,6 +180,7 @@
+ AC_CACHE_VAL(pgac_cv_snprintf_long_long_int_format,
+ [for pgac_format in '%lld' '%qd' '%I64d'; do
+ AC_TRY_RUN([#include 
++#include 
+ typedef long long int int64;
+ #define INT64_FORMAT "$pgac_format"
+ 
diff -Nru ike-scan-1.9.5/debian/patches/series 
ike-scan-1.9.5/debian/patches/series
--- ike-scan-1.9.5/debian/patches/series2021-10-18 02:12:52.0 
-0700
+++ ike-scan-1.9.5/debian/patches/series2024-04-10 14:03:18.0 
-0700
@@ -1,2 +1,3 @@
 disable_aggressive_in_v2.patch
 skip-malformed-comp.patch
+no-implicit-declarations.patch

Bug#1066672: httest: FTBFS: socks_module.c:115:21: error: implicit declaration of function ‘atoi’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: httest
Followup-For: Bug #1066672
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru httest-2.4.23/debian/patches/no-implicit-declarations.patch 
httest-2.4.23/debian/patches/no-implicit-declarations.patch
--- httest-2.4.23/debian/patches/no-implicit-declarations.patch 1969-12-31 
16:00:00.0 -0800
+++ httest-2.4.23/debian/patches/no-implicit-declarations.patch 2024-04-10 
13:45:54.0 -0700
@@ -0,0 +1,43 @@
+Description: add missing includes
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066672
+Last-Update: 2024-04-10
+Forwarded: no
+
+Index: httest-2.4.23/src/socks_module.c
+===
+--- httest-2.4.23.orig/src/socks_module.c
 httest-2.4.23/src/socks_module.c
+@@ -25,6 +25,8 @@
+ /
+  * Includes
+  ***/
++#include 
++
+ #include "module.h"
+ #ifndef HAVE_NO_NETINET
+   #include 
+Index: httest-2.4.23/src/annotation_module.c
+===
+--- httest-2.4.23.orig/src/annotation_module.c
 httest-2.4.23/src/annotation_module.c
+@@ -25,6 +25,7 @@
+ /
+  * Includes
+  ***/
++#include 
+ #include "module.h"
+ 
+ /
+Index: httest-2.4.23/src/dbg_module.c
+===
+--- httest-2.4.23.orig/src/dbg_module.c
 httest-2.4.23/src/dbg_module.c
+@@ -24,6 +24,7 @@
+ /
+  * Includes
+  ***/
++#include 
+ #include "store.h"
+ #include "module.h"
+ 
diff -Nru httest-2.4.23/debian/patches/series 
httest-2.4.23/debian/patches/series
--- httest-2.4.23/debian/patches/series 2023-12-18 04:21:33.0 -0800
+++ httest-2.4.23/debian/patches/series 2024-04-10 13:45:05.0 -0700
@@ -4,3 +4,4 @@
 fix-gcc-10.patch
 autoconf-2.70.patch
 pcre2.patch
+no-implicit-declarations.patch

Bug#1065777: clblas: FTBFS on arm{el,hf}: /<>/src/library/blas/gens/symv.c:955:29: error: implicit declaration of function ‘abs’; did you mean ‘fabs’? [-Werror=implicit-function-declarati

[Steve Langasek]

Package: clblas
Followup-For: Bug #1065777
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Apologies, the patch I attached fixed a real missing include, but not the
one mentioned in this bug and the package still failed to build.  Attached
is a patch that has passed build testing locally with
DEB_CFLAGS_APPEND=-Werror=implicit-function-declaration in Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru clblas-2.12/debian/patches/no-implicit-declarations.patch 
clblas-2.12/debian/patches/no-implicit-declarations.patch
--- clblas-2.12/debian/patches/no-implicit-declarations.patch   1969-12-31 
16:00:00.0 -0800
+++ clblas-2.12/debian/patches/no-implicit-declarations.patch   2024-04-09 
14:42:11.0 -0700
@@ -0,0 +1,30 @@
+Description: Add missing stdlib.h includes
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1065777
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: clblas-2.12/src/library/blas/gens/gemv.c
+===
+--- clblas-2.12.orig/src/library/blas/gens/gemv.c
 clblas-2.12/src/library/blas/gens/gemv.c
+@@ -21,6 +21,7 @@
+ 
+ #include 
+ #include 
++#include 
+ #include 
+ #include 
+ #include 
+Index: clblas-2.12/src/library/blas/gens/symv.c
+===
+--- clblas-2.12.orig/src/library/blas/gens/symv.c
 clblas-2.12/src/library/blas/gens/symv.c
+@@ -21,6 +21,7 @@
+ 
+ #include 
+ #include 
++#include 
+ #include 
+ #include 
+ #include 
diff -Nru clblas-2.12/debian/patches/series clblas-2.12/debian/patches/series
--- clblas-2.12/debian/patches/series   2023-09-28 16:21:54.0 -0700
+++ clblas-2.12/debian/patches/series   2024-04-09 14:40:35.0 -0700
@@ -9,3 +9,4 @@
 Fix-double-literals.patch
 Fix-null-pointer-crash.patch
 Fix-local-variables-not-declared-in-outermost-scope.patch
+no-implicit-declarations.patch

Bug#1066359: aview: FTBFS: main.c:30:86: error: implicit declaration of function ‘exit’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: aview
Followup-For: Bug #1066359
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru aview-1.3.0rc1/debian/patches/no-implicit-declarations.patch 
aview-1.3.0rc1/debian/patches/no-implicit-declarations.patch
--- aview-1.3.0rc1/debian/patches/no-implicit-declarations.patch
1969-12-31 16:00:00.0 -0800
+++ aview-1.3.0rc1/debian/patches/no-implicit-declarations.patch
2024-04-10 11:18:59.0 -0700
@@ -0,0 +1,15 @@
+Description: add missing includes
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066359
+Last-Update: 2024-04-10
+Forwarded: no
+
+Index: aview-1.3.0rc1/main.c
+===
+--- aview-1.3.0rc1.orig/main.c
 aview-1.3.0rc1/main.c
+@@ -1,3 +1,4 @@
++#include 
+ #include 
+ #include 
+ #include "image.h"
diff -Nru aview-1.3.0rc1/debian/patches/series 
aview-1.3.0rc1/debian/patches/series
--- aview-1.3.0rc1/debian/patches/series2024-02-17 15:14:52.0 
-0800
+++ aview-1.3.0rc1/debian/patches/series2024-04-10 11:18:13.0 
-0700
@@ -2,3 +2,4 @@
 01_manpages.patch
 02_tmp_creation.patch
 03_missing_library.patch
+no-implicit-declarations.patch

Bug#1066645: gtkterm: FTBFS: ../src/interface.c:738:9: error: implicit declaration of function ‘g_sprintf’; did you mean ‘g_snprintf’? [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: gtkterm
Followup-For: Bug #1066645
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru gtkterm-1.2.1/debian/patches/no-implicit-declarations.patch 
gtkterm-1.2.1/debian/patches/no-implicit-declarations.patch
--- gtkterm-1.2.1/debian/patches/no-implicit-declarations.patch 1969-12-31 
16:00:00.0 -0800
+++ gtkterm-1.2.1/debian/patches/no-implicit-declarations.patch 2024-04-09 
22:49:04.0 -0700
@@ -0,0 +1,28 @@
+Description: add missing includes
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066645
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: gtkterm-1.2.1/src/interface.c
+===
+--- gtkterm-1.2.1.orig/src/interface.c
 gtkterm-1.2.1/src/interface.c
+@@ -79,6 +79,7 @@
+ #include "logging.h"
+ 
+ #include 
++#include 
+ #include 
+ 
+ guint id;
+Index: gtkterm-1.2.1/src/user_signals.c
+===
+--- gtkterm-1.2.1.orig/src/user_signals.c
 gtkterm-1.2.1/src/user_signals.c
+@@ -1,3 +1,5 @@
++#include 
++#include 
+ #include 
+ #include "interface.h"
+ 
diff -Nru gtkterm-1.2.1/debian/patches/series 
gtkterm-1.2.1/debian/patches/series
--- gtkterm-1.2.1/debian/patches/series 1969-12-31 16:00:00.0 -0800
+++ gtkterm-1.2.1/debian/patches/series 2024-04-09 22:48:12.0 -0700
@@ -0,0 +1 @@
+no-implicit-declarations.patch

Bug#1066222: gtk-chtheme: FTBFS: theme_sel.c:113:5: error: implicit declaration of function ‘gtk_timeout_add’; did you mean ‘g_timeout_add’? [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: gtk-chtheme
Followup-For: Bug #1066222
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru gtk-chtheme-0.3.1/debian/patches/no-implicit-declarations.patch 
gtk-chtheme-0.3.1/debian/patches/no-implicit-declarations.patch
--- gtk-chtheme-0.3.1/debian/patches/no-implicit-declarations.patch 
1969-12-31 16:00:00.0 -0800
+++ gtk-chtheme-0.3.1/debian/patches/no-implicit-declarations.patch 
2024-04-09 22:44:20.0 -0700
@@ -0,0 +1,19 @@
+Description: don't set GTK_DISABLE_DEPRECATED, deprecated APIs in use.
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066222
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: gtk-chtheme-0.3.1/Makefile
+===
+--- gtk-chtheme-0.3.1.orig/Makefile
 gtk-chtheme-0.3.1/Makefile
+@@ -5,7 +5,7 @@
+ 
+ LDFLAGS = $(shell $(PKG_CONFIG) --libs gtk+-2.0)
+ CFLAGS += -Wall
+-CFLAGS += $(shell $(PKG_CONFIG) --cflags gtk+-2.0) -DGTK_DISABLE_BROKEN 
-DGTK_DISABLE_DEPRECATED
++CFLAGS += $(shell $(PKG_CONFIG) --cflags gtk+-2.0) -DGTK_DISABLE_BROKEN
+ CFLAGS += -DPROJNAME='"$(PROJNAME)"' -DVERSION='"$(VERSION)"'
+ CPPFLAGS =
+ CXXFLAGS =
diff -Nru gtk-chtheme-0.3.1/debian/patches/series 
gtk-chtheme-0.3.1/debian/patches/series
--- gtk-chtheme-0.3.1/debian/patches/series 2020-03-28 16:34:21.0 
-0700
+++ gtk-chtheme-0.3.1/debian/patches/series 2024-04-09 22:43:09.0 
-0700
@@ -2,3 +2,4 @@
 deprecated-on-gtk3+.patch
 cross.patch
 fix_ftbfs.patch
+no-implicit-declarations.patch

Bug#1066463: gnome-paint: FTBFS: cv_resize.c:368:9: error: implicit declaration of function ‘undo_add_resize’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: gnome-paint
Followup-For: Bug #1066463
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru gnome-paint-0.4.0/debian/patches/no-implicit-declarations.patch 
gnome-paint-0.4.0/debian/patches/no-implicit-declarations.patch
--- gnome-paint-0.4.0/debian/patches/no-implicit-declarations.patch 
1969-12-31 16:00:00.0 -0800
+++ gnome-paint-0.4.0/debian/patches/no-implicit-declarations.patch 
2024-04-09 22:03:59.0 -0700
@@ -0,0 +1,192 @@
+Description: Add missing includes, don't set GTK_DISABLE_DEPRECATED
+ deprecated APIs are in use.
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066463
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: gnome-paint-0.4.0/src/Makefile.am
+===
+--- gnome-paint-0.4.0.orig/src/Makefile.am
 gnome-paint-0.4.0/src/Makefile.am
+@@ -78,7 +78,6 @@
+ gnome_paint_CFLAGS = \
+   -DG_DISABLE_DEPRECATED\
+   -DG_DISABLE_SINGLE_INCLUDES\
+-  -DGTK_DISABLE_DEPRECATED\
+   -DGDK_DISABLE_SINGLE_INCLUDES\
+   -DGTK_DISABLE_SINGLE_INCLUDES
+ 
+Index: gnome-paint-0.4.0/src/color.c
+===
+--- gnome-paint-0.4.0.orig/src/color.c
 gnome-paint-0.4.0/src/color.c
+@@ -20,6 +20,8 @@
+ #include "common.h"
+ #include "color.h"
+ #include "cv_drawing.h"
++#include "cv_eraser_tool.h"
++#include "cv_paintbrush_tool.h"
+ #include "pixbuf_util.h"
+ 
+ #include 
+Index: gnome-paint-0.4.0/src/undo.c
+===
+--- gnome-paint-0.4.0.orig/src/undo.c
 gnome-paint-0.4.0/src/undo.c
+@@ -28,7 +28,7 @@
+ #include "gp-image.h"
+ #include "gp_point_array.h"
+ #include "file.h"
+-
++#include "selection.h"
+ 
+ 
+ typedef enum
+Index: gnome-paint-0.4.0/src/cv_rectangle_tool.c
+===
+--- gnome-paint-0.4.0.orig/src/cv_rectangle_tool.c
 gnome-paint-0.4.0/src/cv_rectangle_tool.c
+@@ -25,6 +25,7 @@
+ #include 
+ 
+ #include "cv_rectangle_tool.h"
++#include "cv_drawing.h"
+ #include "file.h"
+ #include "undo.h"
+ #include "gp_point_array.h"
+Index: gnome-paint-0.4.0/src/cv_pencil_tool.c
+===
+--- gnome-paint-0.4.0.orig/src/cv_pencil_tool.c
 gnome-paint-0.4.0/src/cv_pencil_tool.c
+@@ -23,6 +23,7 @@
+  
+  #include 
+ 
++#include "cv_drawing.h"
+ #include "cv_pencil_tool.h"
+ #include "gp_point_array.h"
+ #include "undo.h"
+Index: gnome-paint-0.4.0/src/cv_resize.c
+===
+--- gnome-paint-0.4.0.orig/src/cv_resize.c
 gnome-paint-0.4.0/src/cv_resize.c
+@@ -28,6 +28,7 @@
+ #include "cv_resize.h"
+ #include "cv_drawing.h"
+ #include "file.h"
++#include "undo.h"
+ 
+ 
+ #define BOX_EDGE_SIZE 4
+Index: gnome-paint-0.4.0/src/cv_ellipse_tool.c
+===
+--- gnome-paint-0.4.0.orig/src/cv_ellipse_tool.c
 gnome-paint-0.4.0/src/cv_ellipse_tool.c
+@@ -24,6 +24,7 @@
+  
+  #include 
+ 
++#include "cv_drawing.h"
+ #include "cv_ellipse_tool.h"
+ #include "file.h"
+ #include "undo.h"
+Index: gnome-paint-0.4.0/src/cv_polygon_tool.c
+===
+--- gnome-paint-0.4.0.orig/src/cv_polygon_tool.c
 gnome-paint-0.4.0/src/cv_polygon_tool.c
+@@ -24,6 +24,7 @@
+  
+  #include 
+ 
++#include "cv_drawing.h"
+ #include "cv_polygon_tool.h"
+ #include "gp_point_array.h"
+ #include "undo.h"
+Index: gnome-paint-0.4.0/src/image_menu.c
+===
+--- gnome-paint-0.4.0.orig/src/image_menu.c
 gnome-paint-0.4.0/src/image_menu.c
+@@ -28,6 +28,7 @@
+ #include "selection.h"
+ #include "image_menu.h"
+ #include "gp-image.h"
++#include "undo.h"
+ 
+ typedef enum{
+   GP_FILP_VERT = 0,
+Index: gnome-paint-0.4.0/src/selection.h
+===
+--- gnome-paint-0.4.0.orig/src/selection.h
 gnome-paint-0.4.0/src/selection.h
+@@ -38,6 +38,10 @@
+ gbooleangp_selection_start_action

Bug#1066584: gnome-breakout: FTBFS: anim.c:58:17: error: implicit declaration of function ‘gb_error’; did you mean ‘g_error’? [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: gnome-breakout
Followup-For: Bug #1066584
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue, which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru gnome-breakout-0.5.3/debian/patches/no-implicit-declarations.patch 
gnome-breakout-0.5.3/debian/patches/no-implicit-declarations.patch
--- gnome-breakout-0.5.3/debian/patches/no-implicit-declarations.patch  
1969-12-31 16:00:00.0 -0800
+++ gnome-breakout-0.5.3/debian/patches/no-implicit-declarations.patch  
2024-04-09 21:55:20.0 -0700
@@ -0,0 +1,30 @@
+Description: fix missing gb_error() prototype
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066584
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: gnome-breakout-0.5.3/src/anim.c
+===
+--- gnome-breakout-0.5.3.orig/src/anim.c
 gnome-breakout-0.5.3/src/anim.c
+@@ -11,6 +11,7 @@
+ #include"gui.h"
+ #include"animloc.h"
+ #include"anim.h"
++#include "util.h"
+ 
+ /* Database of all the animations */
+ static Animation *animations;
+Index: gnome-breakout-0.5.3/src/gui.c
+===
+--- gnome-breakout-0.5.3.orig/src/gui.c
 gnome-breakout-0.5.3/src/gui.c
+@@ -14,6 +14,7 @@
+ #include "gui-callbacks.h"
+ #include "game.h"
+ #include "anim.h"
++#include "util.h"
+ 
+ /* See gui.h for more info */
+ static GuiInfo *gui = NULL;
diff -Nru gnome-breakout-0.5.3/debian/patches/series 
gnome-breakout-0.5.3/debian/patches/series
--- gnome-breakout-0.5.3/debian/patches/series  2018-09-13 05:13:26.0 
-0700
+++ gnome-breakout-0.5.3/debian/patches/series  2024-04-09 21:52:53.0 
-0700
@@ -7,3 +7,4 @@
 07_fix_wformat_warnings.patch
 08_link_mathlib.patch
 09_goocanvas_port.patch
+no-implicit-declarations.patch

Bug#1066608: dvbstreamer: FTBFS: standard/dvb/sdtprocessor.c:299:14: error: implicit declaration of function ‘UTF8_nextchar’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: dvbstreamer
Followup-For: Bug #1066608
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue which has been uploaded to
Ubuntu.  In addition to the missing declaration of UTF8_nextchar(), this
fixes a typo which would cause one of the plugins to build, but have
unresolvable symbol references.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru dvbstreamer-2.1.0/debian/patches/no-implicit-declarations.patch 
dvbstreamer-2.1.0/debian/patches/no-implicit-declarations.patch
--- dvbstreamer-2.1.0/debian/patches/no-implicit-declarations.patch 
1969-12-31 16:00:00.0 -0800
+++ dvbstreamer-2.1.0/debian/patches/no-implicit-declarations.patch 
2024-04-09 17:01:35.0 -0700
@@ -0,0 +1,38 @@
+Description: fix missing declaration of UTF8_nextchar() and typo
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066608
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: dvbstreamer-2.1.0/src/standard/dvb/sdtprocessor.c
+===
+--- dvbstreamer-2.1.0.orig/src/standard/dvb/sdtprocessor.c
 dvbstreamer-2.1.0/src/standard/dvb/sdtprocessor.c
+@@ -46,6 +46,7 @@
+ #include "sdtprocessor.h"
+ #include "dvbtext.h"
+ #include "standard/dvb.h"
++#include "utf8.h"
+ 
+ 
/***
+ * Defines 
 *
+Index: dvbstreamer-2.1.0/src/plugins/cam.c
+===
+--- dvbstreamer-2.1.0.orig/src/plugins/cam.c
 dvbstreamer-2.1.0/src/plugins/cam.c
+@@ -97,7 +97,7 @@
+ 
+ if (pmt->i_program_number == service->id)
+ {
+-needs_decrypting = PMTDoesNeedDecypting(pmt);
++needs_decrypting = PMTDoesNeedDecrypting(pmt);
+ 
+ if (currentPMT)
+ {
+@@ -197,4 +197,4 @@
+ }
+ 
+ return false;
+-}
+\ No newline at end of file
++}
diff -Nru dvbstreamer-2.1.0/debian/patches/series 
dvbstreamer-2.1.0/debian/patches/series
--- dvbstreamer-2.1.0/debian/patches/series 2021-10-16 01:37:38.0 
-0700
+++ dvbstreamer-2.1.0/debian/patches/series 2024-04-09 17:00:23.0 
-0700
@@ -16,3 +16,4 @@
 
 ## does not apply, needs some care
 #svn_819.diff
+no-implicit-declarations.patch

Bug#1066286: das-watchdog: FTBFS: test_rt.c:32:33: error: implicit declaration of function ‘getpid’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: das-watchdog
Followup-For: Bug #1066286
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue, which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru das-watchdog-0.9.0/debian/patches/no-implicit-declarations.patch 
das-watchdog-0.9.0/debian/patches/no-implicit-declarations.patch
--- das-watchdog-0.9.0/debian/patches/no-implicit-declarations.patch
1969-12-31 16:00:00.0 -0800
+++ das-watchdog-0.9.0/debian/patches/no-implicit-declarations.patch
2024-04-09 16:13:22.0 -0700
@@ -0,0 +1,18 @@
+Description: add missing unistd.h include
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066286
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: das-watchdog-0.9.0/test_rt.c
+===
+--- das-watchdog-0.9.0.orig/test_rt.c
 das-watchdog-0.9.0/test_rt.c
+@@ -4,6 +4,7 @@
+ #include 
+ #include 
+ #include 
++#include 
+ 
+ int main() {
+   struct sched_param params;
diff -Nru das-watchdog-0.9.0/debian/patches/series 
das-watchdog-0.9.0/debian/patches/series
--- das-watchdog-0.9.0/debian/patches/series2023-09-19 01:59:37.0 
-0700
+++ das-watchdog-0.9.0/debian/patches/series2024-04-09 16:11:24.0 
-0700
@@ -6,3 +6,4 @@
 0001-Remove-duplicate-check-for-temp-i-0.patch
 0003-The-result-of-fgetc-is-an-int-not-a-char.patch
 fix-memory-leak-on-realloc.patch
+no-implicit-declarations.patch

Bug#1065777: clblas: FTBFS on arm{el,hf}: /<>/src/library/blas/gens/symv.c:955:29: error: implicit declaration of function ‘abs’; did you mean ‘fabs’? [-Werror=implicit-function-declarati

[Steve Langasek]

Package: clblas
Followup-For: Bug #1065777
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a patch for this issue.  This patch has been uploaded
to Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru clblas-2.12/debian/patches/no-implicit-declarations.patch 
clblas-2.12/debian/patches/no-implicit-declarations.patch
--- clblas-2.12/debian/patches/no-implicit-declarations.patch   1969-12-31 
16:00:00.0 -0800
+++ clblas-2.12/debian/patches/no-implicit-declarations.patch   2024-04-09 
14:41:58.0 -0700
@@ -0,0 +1,18 @@
+Description: Add missing stdlib.h include
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1065777
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: clblas-2.12/src/library/blas/gens/gemv.c
+===
+--- clblas-2.12.orig/src/library/blas/gens/gemv.c
 clblas-2.12/src/library/blas/gens/gemv.c
+@@ -21,6 +21,7 @@
+ 
+ #include 
+ #include 
++#include 
+ #include 
+ #include 
+ #include 
diff -Nru clblas-2.12/debian/patches/series clblas-2.12/debian/patches/series
--- clblas-2.12/debian/patches/series   2023-09-28 16:21:54.0 -0700
+++ clblas-2.12/debian/patches/series   2024-04-09 14:40:35.0 -0700
@@ -9,3 +9,4 @@
 Fix-double-literals.patch
 Fix-null-pointer-crash.patch
 Fix-local-variables-not-declared-in-outermost-scope.patch
+no-implicit-declarations.patch

Bug#1067108: alien-arena: FTBFS with -Werror=implicit-function-declaration

[Steve Langasek]

Package: alien-arena
Followup-For: Bug #1067108
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a fix for this bug, which has been uploaded to Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru alien-arena-7.71.3+dfsg/debian/patches/no-implicit-declarations.patch 
alien-arena-7.71.3+dfsg/debian/patches/no-implicit-declarations.patch
--- alien-arena-7.71.3+dfsg/debian/patches/no-implicit-declarations.patch   
1969-12-31 16:00:00.0 -0800
+++ alien-arena-7.71.3+dfsg/debian/patches/no-implicit-declarations.patch   
2024-04-09 13:53:07.0 -0700
@@ -0,0 +1,18 @@
+Description: add missing include
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1067108
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: alien-arena-7.71.3+dfsg/source/game/g_unlagged.c
+===
+--- alien-arena-7.71.3+dfsg.orig/source/game/g_unlagged.c
 alien-arena-7.71.3+dfsg/source/game/g_unlagged.c
+@@ -21,6 +21,7 @@
+ #include "config.h"
+ #endif
+ 
++#include "qcommon/qcommon.h"
+ #include "g_local.h"
+ 
+ /*
diff -Nru alien-arena-7.71.3+dfsg/debian/patches/series 
alien-arena-7.71.3+dfsg/debian/patches/series
--- alien-arena-7.71.3+dfsg/debian/patches/series   2023-02-12 
08:19:19.0 -0800
+++ alien-arena-7.71.3+dfsg/debian/patches/series   2024-04-09 
13:51:57.0 -0700
@@ -6,3 +6,4 @@
 odeconfig.patch
 irc.patch
 http11.patch
+no-implicit-declarations.patch

Bug#1066274: aa3d: FTBFS: aa3d.c:37:30: error: implicit declaration of function ‘strcmp’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: aa3d
Version: 1.0-8.2
Followup-For: Bug #1066274
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a fix for this bug.

This fix has been uploaded to Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru aa3d-1.0/debian/patches/no-implicit-declarations.patch 
aa3d-1.0/debian/patches/no-implicit-declarations.patch
--- aa3d-1.0/debian/patches/no-implicit-declarations.patch  1969-12-31 
16:00:00.0 -0800
+++ aa3d-1.0/debian/patches/no-implicit-declarations.patch  2024-04-09 
13:42:30.0 -0700
@@ -0,0 +1,18 @@
+Description: add missing string.h include
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066274
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: aa3d-1.0/aa3d.c
+===
+--- aa3d-1.0.orig/aa3d.c
 aa3d-1.0/aa3d.c
+@@ -22,6 +22,7 @@
+  */
+ #include 
+ #include 
++#include 
+ static char data[65536 / 2];
+ int main(int argc, char **argv)
+ {
diff -Nru aa3d-1.0/debian/patches/series aa3d-1.0/debian/patches/series
--- aa3d-1.0/debian/patches/series  1969-12-31 16:00:00.0 -0800
+++ aa3d-1.0/debian/patches/series  2024-04-09 13:41:03.0 -0700
@@ -0,0 +1 @@
+no-implicit-declarations.patch

Bug#1066305: 3dchess: FTBFS: init.c:140:21: error: implicit declaration of function ‘time’ [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: 3dchess
Version: 0.8.1-21
Followup-For: Bug #1066305
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached the fix for this bug, which has been uploaded to
Ubuntu.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru 3dchess-0.8.1/debian/patches/no-implicit-declarations.patch 
3dchess-0.8.1/debian/patches/no-implicit-declarations.patch
--- 3dchess-0.8.1/debian/patches/no-implicit-declarations.patch 1969-12-31 
16:00:00.0 -0800
+++ 3dchess-0.8.1/debian/patches/no-implicit-declarations.patch 2024-04-09 
13:23:33.0 -0700
@@ -0,0 +1,18 @@
+Description: fix missing declaration of time()
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066305
+Last-Update: 2024-04-09
+Forwarded: no
+
+Index: 3dchess-0.8.1/src/init.c
+===
+--- 3dchess-0.8.1.orig/src/init.c
 3dchess-0.8.1/src/init.c
+@@ -29,6 +29,7 @@
+ #include 
+ #include 
+ #include 
++#include 
+ #include "../include/machine.h"
+ #include "../include/3Dc.h"
+ 
diff -Nru 3dchess-0.8.1/debian/patches/series 
3dchess-0.8.1/debian/patches/series
--- 3dchess-0.8.1/debian/patches/series 2022-03-26 18:33:58.0 -0700
+++ 3dchess-0.8.1/debian/patches/series 2024-04-09 13:22:34.0 -0700
@@ -4,3 +4,4 @@
 13_machine.h.patch
 hardening.patch
 wasteful-CPU-consumption.patch
+no-implicit-declarations.patch

Bug#1068679: port-to-libsoup3.patch looks bad

[Steve Langasek]

Package: libtimezonemap
Version: 0.4.6-6
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch

Hello,

This is a follow-up to bug #1037940 which is now archived.

With the move of webkit2gtk to libsoup3, this now becomes non-negotiable for
us in Ubuntu, as ubiquity requires both webkit and libtimezonemap.

I have taken a stab at fixing this patch up based on the feedback in the
other bug and have something that passes libtimezonemap's own build-time
tests, and ubiquity's tests, though it's hard to tell how much the latter
actually matters for verifying libtimezonemap correctness due to mocking.

Please consider this for inclusion in Debian as well.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru libtimezonemap-0.4.6/debian/control 
libtimezonemap-0.4.6/debian/control
--- libtimezonemap-0.4.6/debian/control 2024-03-07 21:30:43.0 -0800
+++ libtimezonemap-0.4.6/debian/control 2024-04-08 16:33:09.0 -0700
@@ -1,8 +1,7 @@
 Source: libtimezonemap
 Section: misc
 Priority: optional
-Maintainer: Ubuntu Developers 
-XSBC-Original-Maintainer: Debian Cinnamon Team 

+Maintainer: Debian Cinnamon Team 
 Uploaders:
  Maximiliano Curia ,
  Margarita Manterola ,
@@ -20,7 +19,7 @@
libgtk-3-dev (>= 3.1.4),
libcairo2-dev (>= 1.10),
libjson-glib-dev,
-   libsoup2.4-dev
+   libsoup-3.0-dev (>= 3.0.7)
 Standards-Version: 4.6.2
 Homepage: https://launchpad.net/timezonemap
 Vcs-Browser: https://salsa.debian.org/cinnamon-team/libtimezonemap
diff -Nru libtimezonemap-0.4.6/debian/patches/port-to-libsoup3.patch 
libtimezonemap-0.4.6/debian/patches/port-to-libsoup3.patch
--- libtimezonemap-0.4.6/debian/patches/port-to-libsoup3.patch  2023-06-20 
23:54:22.0 -0700
+++ libtimezonemap-0.4.6/debian/patches/port-to-libsoup3.patch  2024-04-08 
16:31:23.0 -0700
@@ -5,11 +5,11 @@
 Forwarded: not-yet
 Last-Update: 2022-08-06
 ---
-diff --git a/configure.ac b/configure.ac
-index 3f74dae..4e90e64 100644
 a/configure.ac
-+++ b/configure.ac
-@@ -50,13 +50,13 @@ GDK_REQUIRED_VERSION=2.22
+Index: libtimezonemap/configure.ac
+===
+--- libtimezonemap.orig/configure.ac
 libtimezonemap/configure.ac
+@@ -50,13 +50,13 @@
  GLIB_REQUIRED_VERSION=2.26
  GTK3_REQUIRED_VERSION=3.1.4
  GIO_REQUIRED_VERSION=2.5.11
@@ -25,23 +25,24 @@
json-glib-1.0)
  LIBTIMEZONEMAP_LIBS="$LIBTIMEZONEMAP_LIBS $LIBM"
  
-diff --git a/src/timezone-completion.c b/src/timezone-completion.c
-index d310235..6971ae9 100644
 a/src/timezone-completion.c
-+++ b/src/timezone-completion.c
-@@ -271,8 +271,10 @@ geonames_data_ready (GObject *object, GAsyncResult *res, 
gpointer user_data)
+Index: libtimezonemap/src/timezone-completion.c
+===
+--- libtimezonemap.orig/src/timezone-completion.c
 libtimezonemap/src/timezone-completion.c
+@@ -270,9 +270,10 @@
+   CcTimezoneCompletionPrivate * priv = completion->priv;
GError * error = NULL;
GInputStream * stream;
-   SoupMessage *message;
+-  SoupMessage *message;
 +  const gchar * reason_phrase;
 +  SoupStatus status_code;
  
 -  stream = soup_request_send_finish (SOUP_REQUEST (object), res, );
-+  stream = soup_session_send_finish (SOUP_SESSION (object), res, );
++  stream = soup_session_send_finish (priv->soup_session, res, );
if (stream == NULL)
  {
if (!g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED))
-@@ -283,8 +285,9 @@ geonames_data_ready (GObject *object, GAsyncResult *res, 
gpointer user_data)
+@@ -283,8 +284,9 @@
return;
  }
  
@@ -53,7 +54,7 @@
  {
JsonParser *parser;
  
-@@ -296,7 +299,7 @@ geonames_data_ready (GObject *object, GAsyncResult *res, 
gpointer user_data)
+@@ -296,10 +298,10 @@
else
  {
g_warning ("Unable to fetch geonames (server responded with: %u %s)",
@@ -61,8 +62,12 @@
 + status_code, reason_phrase);
  }
  
-   g_object_unref (message);
-@@ -362,7 +365,7 @@ static gboolean
+-  g_object_unref (message);
++  g_object_unref (object);
+   g_object_unref (stream);
+ }
+ 
+@@ -362,7 +364,7 @@
  request_zones (CcTimezoneCompletion * completion)
  {
CcTimezoneCompletionPrivate * priv = completion->priv;
@@ -71,28 +76,17 @@
GError *error = NULL;
  
priv->queued_request = 0;
-@@ -388,13 +391,14 @@ request_zones (CcTimezoneCompletion * completion)
-   gchar * version = get_version ();
-   gchar * locale = get_locale ();
-   gchar * url = g_strdup_printf (GEONAME_URL, escaped,

Bug#1066065: libvformat: FTBFS: vf_reader.c:178:33: error: implicit declaration of function ‘read’; did you mean ‘fread’? [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: libvformat
Version: 1.13-12.1
Followup-For: Bug #1066065
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find the fix for this attached.

As this is fallout from the time_t transition, I am uploading this as a 0-day
NMU.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru libvformat-1.13/debian/control libvformat-1.13/debian/control
--- libvformat-1.13/debian/control  2024-03-31 12:51:42.0 -0700
+++ libvformat-1.13/debian/control  2024-04-07 01:00:50.0 -0700
@@ -1,8 +1,7 @@
 Source: libvformat
 Section: devel
 Priority: optional
-Maintainer: Ubuntu Developers 
-XSBC-Original-Maintainer: Thomas Preud'homme 
+Maintainer: Thomas Preud'homme 
 Standards-Version: 4.5.0
 Build-Depends: dpkg-dev (>= 1.22.5), debhelper-compat (= 13), texinfo, 
automake, autoconf, libtool
 Build-Conflicts: autoconf2.13, automake1.4
diff -Nru libvformat-1.13/debian/patches/no-implicit-declarations.patch 
libvformat-1.13/debian/patches/no-implicit-declarations.patch
--- libvformat-1.13/debian/patches/no-implicit-declarations.patch   
1969-12-31 16:00:00.0 -0800
+++ libvformat-1.13/debian/patches/no-implicit-declarations.patch   
2024-04-07 00:59:05.0 -0700
@@ -0,0 +1,43 @@
+Description: fix missing unistd.h include
+ src/vf_reader.c includes unistd.h conditionally, but the condition
+ doesn't properly match what's emitted by autoconf.  Fix the #if so we
+ get a declaration for read().
+Author: Steve Langasek 
+Last-Update: 2024-04-07
+Forwarded: no
+Bug-Debian: https://bugs.debian.org/1066065
+
+Index: libvformat-1.13/src/vf_reader.c
+===
+--- libvformat-1.13.orig/src/vf_reader.c
 libvformat-1.13/src/vf_reader.c
+@@ -85,10 +85,12 @@
+  
*=*/
+ 
+ 
++#include "config.h"
++
+ #include 
+ #include 
+ 
+-#if defined(HAS_UNISTD_H)
++#if defined(HAVE_UNISTD_H)
+ #include 
+ #endif
+ 
+Index: libvformat-1.13/test/testsuppt.c
+===
+--- libvformat-1.13.orig/test/testsuppt.c
 libvformat-1.13/test/testsuppt.c
+@@ -51,9 +51,10 @@
+ 
/**
+  ANSI C & System-wide Header Files
+  
**/
++#include "config.h"
+ 
+ #include 
+-#if defined(HAS_UNISTD_H)
++#if defined(HAVE_UNISTD_H)
+ #include 
+ #endif
+ #include 
diff -Nru libvformat-1.13/debian/patches/series 
libvformat-1.13/debian/patches/series
--- libvformat-1.13/debian/patches/series   2020-08-10 14:55:14.0 
-0700
+++ libvformat-1.13/debian/patches/series   2024-04-07 00:50:34.0 
-0700
@@ -9,3 +9,4 @@
 0009-Fix-errors-returned-by-Werror-format-security.patch
 0010-Fix-typos-in-man-pages.patch
 auto-gitignore
+no-implicit-declarations.patch

Bug#1068220: normalize case of debian/control fields

[Steve Langasek]

Package: debian-policy
Version: 4.6.2.1

In the process of preparing mass-NMUs for the time_t transition, I
encountered a package where the scripted approach I was using failed because
a package already had a 'replaces' field in debian/control, and dpkg
detected the addition of a 'Replaces' field as a duplicate.

Although we are accustomed to seeing a certain capitalization for fields in
debian/control, I was surprised to see upon review that Debian Policy has
always said that the field names are case-insensitive.

While it may make sense for dpkg to be permissive in this regard, I don't
think it makes sense for Debian to allow it, as it unnecessarily makes
parsing of this file more difficult for little value.

I therefore propose that we change Debian policy 5.1 to standardize its case
rules for debian/control field names, using the well-known spongebob casing
rules.

The first, third, fourth, and seventh characters in the field name are
capitalized, with the second, fith, sixth, and eighth characters in lower
case, then repeating for each subsequent octet of characters.

As you can see, this consistency immediately gives much more readable
results:

SoURce: xz-utils
SeCTioN: utils
PrIOriTy: optional
MaINtaInEr: Jonathan Nieder 
UpLOadErS: Mohammed Adnène Trojette 
BuILd-DePeNDs: debhelper-compat (= 13), dpkg-dev (>= 1.16.2),
 autoconf (>= 2.64~), automake, libtool (>= 2.2),
 gettext, autopoint | gettext (<< 0.18-1), autopoint | cvs, po4a
BuILd-DePeNDs-Indep: doxygen
BuILd-CoNfLIctS: automake1.4
StANdaRdS-VErsIoN: 4.6.1
VcS-brOwSeR: https://salsa.debian.org/debian/xz-utils
VcS-giT: https://salsa.debian.org/debian/xz-utils
HoMEpaGe: https://tukaani.org/xz/
RuLEs-ReQuIRes-rOoT: no

Thanks for considering,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1068017: util-linux: please ship liblastlog2 packages

[Steve Langasek]

On Sat, Mar 30, 2024 at 08:32:40AM +0100, Sven Joachim wrote:
> >> So we could either put pam_lastlog2.so into a common-* file from
> >> src:pam, or openssh and shadow should switch their setup.

> >> What do we all think about that?

> > pam should not be adding any modules to common-* that it itself does not
> > ship.  Instead they should be added via pam-auth-config.

> I think you mean pam-auth-update here.

Yes.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1068017: util-linux: please ship liblastlog2 packages

[Steve Langasek]

On Sat, Mar 30, 2024 at 01:41:40AM +0100, Chris Hofstaedtler wrote:
> Hi OpenSSH, shadow Maintainers,
> 
> On Sat, Mar 30, 2024 at 01:32:08AM +0100, Chris Hofstaedtler wrote:
> > On Fri, Mar 29, 2024 at 06:02:39PM +0100, Sven Joachim wrote:
> > > It seems desirable to ship liblastlog2 in trixie, considering that the
> > > /var/log/lastlog file is not Y2038-safe and pam in unstable has already
> > > dropped pam_lastlog.so, meaning that non-ssh logins are no longer
> > > recorded in /var/log/lastlog.

> [..]
> > At the same time, all traditional writing to /var/log/lastlog should
> > stop.

> > So, after some of the current fog clears, src:util-linux could
> > introduce new binary packages (at least libpam-lastlog2), but
> > src:pam would need to add it to the common-* config files.

> > Does this seem right?

> Answering my own question, not quite.

> Apparently, traditionally we have:

> * sshd writes to /var/log/lastlog by itself.
> * login has pam_lastlog.so in its PAM snippet. 

> Both of these would need to be replaced by pam_lastlog2.so. I don't
> really know what the other distros are doing right now, and/or if
> we should align on this.

> So we could either put pam_lastlog2.so into a common-* file from
> src:pam, or openssh and shadow should switch their setup.

> What do we all think about that?

pam should not be adding any modules to common-* that it itself does not
ship.  Instead they should be added via pam-auth-config.

I don't have an opinion about this being done in common-* vs being done in
sshd+login particularly; but putting it to common-* by default seems a
behavior change that warrants broader discussion e.g.  debian-devel.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1063085: uhd: NMU diff for 64-bit time_t transition

[Steve Langasek]

Control: reopen -1

Reopening, closed by an upload of an unrelated package.

On Fri, Mar 22, 2024 at 12:20:06PM +0100, Andreas Beckmann wrote:
> Control: reopen -1
> Control: severity -1 serious

> I'm reopening this due to the regression (file conflict) #1063324

> Both libuhd4.6.0 and libuhd4.6.0-dpdk provide
>   /usr/lib/x86_64-linux-gnu/libuhd.so.4.6.0
> and are conflicting with each other.

> So I'm a bit confused that only libuhd4.6.0 got renamed to libuhd4.6.0t64
> ...

> Even if libuhd4.6.0-dpdk would not need to be renamed, I'd suggest to rename
> it anyway to not make the logic too complicated.

> Anyway libuhd4.6.0-dpdk (or libuhd4.6.0t64-dpdk) needs
>   Conflicts: libuhd4.6.0, libuhd4.6.0t64
> to solve #1063324.

Ah libuhd4.6.0-dpdk would not have been renamed because it is not built on
any 32-bit architectures.

So I think the Conflicts: just needs updating but the package does not need
renamed.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1059150: No longer works with signing subkeys

[Steve McIntyre]

On Wed, Dec 20, 2023 at 11:59:31PM +0100, Guillem Jover wrote:
>Hi!
>
>On Wed, 2023-12-20 at 15:30:24 +0000, Steve McIntyre wrote:
>> Package: debsig-verify
>> Version: 0.23+b2
>> Severity: important
>> Tags: patch
>
>> Updating our derived distro from bullseye to bookworm, we've moved on
>> from 0.23 to 0.28.  We're using subkeys for signing our debs, and that
>> no longer works. I can see that the change you've made to no longer
>> fall back if a fingerprint doesn't match
>> (849d9633ebf809398c848821c603148ae0470278) has broken this.
>
>Ouch, I've been increasingly unhappy with the whole policy thing,
>because it was not functioning as documented, fixing it to do so has
>broken multiple use cases, it seems like unnecessary complexity and in
>a way trying to reimplement some of the checks that should be done by
>the OpenPGP implementation, and it is getting in the way of adding
>other OpenPGP backends due to the insistence of tying the signature
>issuer fingerprint with the policy to apply, which means the primary
>certificate fingerprint cannot be used as would perhaps be usually
>expected.

Nod. To make everything work reliably here for all cases, we're now
making 4 copies of the policy directory for every key we might use,
using both the long keyid and the full fingerprint for each of the
master key and the signing subkey. Then we're including a keyring with
all of the keys in each of those policy directories. It's not
wonderful... :-/

>I recorded part of this in the TODO, and I had in mind asking you
>about how you use this as part of the redesign work, but I'll leave
>that for a later point. :)

ACK. :-)

So, I'm curious...

Debsig-verify does seem to be really quite over-complicated, at least
for our use case. Wouldn't it be much simpler to just have a keyring
per origin, and then (maybe) a system config file to state which
origin(s) are needed. The policy definition files don't seem to add
any value here. IMHO.

It would also be lovely if the design was less restricted by
GnuPG. (Yes, I know!) A real problem for me is that debsig-verify
wants to see *every* signature accounted for when verifying a
package. This is opposite to the behaviour of gpgv, which is more like
what we were inititally expecting / hoping for. We're signing packages
with a rolling range of N keys for our releases, similar to Debian's
Release.gpg setup, and now we have to include 4*N policy directories
for debsig-verify, and our keyring files all have to include *all* the
keys.

So, I'd be tempted by something easier to follow:

 * config to say which keyring(s) to use, and (maybe) some config to
   say "need minimum N valid sigs"

 * keyring(s) including key(s)

 * when validating signatures, verify each of them individually rather
   than expecting GnuPG to DTRT. I think we both know how well that
   works *grin*. If enough valid sigs are detected, we're good. If
   not, fail.

Does that sound reasonable? What am I missing?

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"I suspect most samba developers are already technically insane... Of
 course, since many of them are Australians, you can't tell." -- Linus Torvalds

Bug#1059150: No longer works with signing subkeys

[Steve McIntyre]

On Wed, Mar 20, 2024 at 05:18:08PM +, Steve McIntyre wrote:
>Hi Guillem,
>
>Sorry, I've been swamped with other stuff then ill for the last week
>or so. Looking now...

And I can confirm that your changes work here for our system too.

Thanks!

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"Every time you use Tcl, God kills a kitten." -- Malcolm Ray

Bug#1059150: No longer works with signing subkeys

[Steve McIntyre]

Hi Guillem,

Sorry, I've been swamped with other stuff then ill for the last week
or so. Looking now...

On Thu, Mar 07, 2024 at 04:22:08AM +0100, Guillem Jover wrote:
>Hi!
>
>On Wed, 2023-12-20 at 23:59:31 +0100, Guillem Jover wrote:
>> On Wed, 2023-12-20 at 15:30:24 +, Steve McIntyre wrote:
>> > diff --git a/src/openpgp-gpg.c b/src/openpgp-gpg.c
>> > index 4c29b7f..97ec3a4 100644
>> > --- a/src/openpgp-gpg.c
>> > +++ b/src/openpgp-gpg.c
>> > @@ -241,6 +242,7 @@ gpg_getKeyID(const char *keyring, const char *match_id)
>> >continue;
>> >  if (strcmp(uid, match_id) != 0) {
>> >  free(uid);
>> > +  state = KEYID_SUB;
>> >continue;
>> >}
>> >  free(uid);
>> 
>> I think the problem with this is that if the first uid does not match,
>> then it will then switch to looking for a new fingerprint line, which
>> might then omit some valid uids.
>> 
>> I've prepared a change based on this at:
>> 
>>   
>> https://git.hadrons.org/cgit/debian/dpkg/debsig-verify.git/log/?h=pu/openpgp-subkey
>> 
>> With the assumption that one would define the policy and keyrings
>> paths based on the subkey fingerprint and not the primary public
>> certificate fingerprint, because otherwise some of the other matches
>> cannot easily match, such as uid-based ones. But wanted to check with
>> you whether that's the case before merging. Otherwise I can try to see
>> how to support all the various cases.
>
>I assume you have had no time to look into this, but I'd like to make
>sure the above branch fixes your issue before merging, and potentially
>preparing a backport for stable. :)
>
>Thanks,
>Guillem
>
-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"Further comment on how I feel about IBM will appear once I've worked out
 whether they're being malicious or incompetent. Capital letters are forecast."
 Matthew Garrett, http://www.livejournal.com/users/mjg59/30675.html

Bug#1067054: Debian 12 - Copy files on USB 3

[Steve McIntyre]

pham...@bluewin.ch wrote:
>
>For complement of information :
>The SSD used is a Samsung 850 Pro 256 GB and the case is a Satechi ST-TCDEM. 
>Write rates were high at the start of the copy (450 MB/sec then dropped before
>the crash to +/- 30 Mb/sec).
> 
> 
> Restoring the disk image with this same SSD but integrated in a Delock USB 3 
> Type A case to a USB A socket on my computer works correctly with a transfer
>rate of 60 to 90 MB/s.
> 
> 
>The same SSD still plugged into the Delock USB 3 Type A box but connected to 
>my machine on a USB C port completes the restoration of the image with a 
>constant
>transfer rate of +/- 41MB/sec.
>Regards.

What you're describing sounds just as likely to be a hardware problem
with the enclosure, to be honest. Does it work 100% reliably elsewhere?

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Bug#1062092: coin3: NMU diff for 64-bit time_t transition

[Steve Langasek]

Although the package renaming in this patch appears to have been correct,
the actual code fails to build on 32-bit archs with 64-bit time_t.  Please
find an updated NMU patch that corrects this issue.

I am uploading this change to unstable.

On Wed, Feb 28, 2024 at 04:52:14PM +, Steve Langasek wrote:
> Dear maintainer,
> 
> Please find attached a final version of this patch for the time_t
> transition.  This patch is being uploaded to unstable.
> 
> Note that this adds a versioned build-dependency on dpkg-dev, to guard
> against accidental backports with a wrong ABI.
> 
> Thanks!
> 
> 
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 6.5.0-14-generic (SMP w/12 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
> Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)

> diff -Nru coin3-4.0.2+ds/debian/changelog coin3-4.0.2+ds/debian/changelog
> --- coin3-4.0.2+ds/debian/changelog   2023-12-09 15:57:42.0 +
> +++ coin3-4.0.2+ds/debian/changelog   2024-02-28 16:47:51.0 +
> @@ -1,3 +1,10 @@
> +coin3 (4.0.2+ds-1.1) unstable; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * Rename libraries for 64-bit time_t transition.  Closes: #1062092
> +
> + -- Steve Langasek   Wed, 28 Feb 2024 16:47:51 +
> +
>  coin3 (4.0.2+ds-1) unstable; urgency=medium
>  
>* Team upload.
> diff -Nru coin3-4.0.2+ds/debian/control coin3-4.0.2+ds/debian/control
> --- coin3-4.0.2+ds/debian/control 2023-12-09 15:56:48.0 +
> +++ coin3-4.0.2+ds/debian/control 2024-02-28 16:47:51.0 +
> @@ -3,7 +3,7 @@
>  Uploaders: Leopold Palomo-Avellaneda 
>  Section: graphics
>  Priority: optional
> -Build-Depends: debhelper-compat (= 13),
> +Build-Depends: dpkg-dev (>= 1.22.5), debhelper-compat (= 13),
> cmake,
> doxygen,
> libexpat-dev,
> @@ -25,7 +25,10 @@
>  Vcs-Git: https://salsa.debian.org/science-team/coin3.git
>  Homepage: https://github.com/coin3d
>  
> -Package: libcoin80c
> +Package: libcoin80t64
> +Provides: ${t64:Provides}
> +X-Time64-Compat: libcoin80c
> +Breaks: libcoin80c (<< ${source:Version})
>  Architecture: any
>  Multi-Arch: same
>  Section: libs
> @@ -37,7 +40,7 @@
>libsimage-dev,
>zlib1g
>  Pre-Depends: ${misc:Pre-Depends}
> -Replaces: libcoin80v5
> +Replaces: libcoin80c, libcoin80v5
>  Description: high-level 3D graphics kit implementing the Open Inventor API
>   Coin is an OpenGL-based, retain-mode 3D graphics library that
>   implements the Open Inventor 2.1 API. It also includes support for
> @@ -52,7 +55,7 @@
>  Package: libcoin-dev
>  Architecture: any
>  Section: libdevel
> -Depends: libcoin80c (= ${binary:Version}),
> +Depends: libcoin80t64 (= ${binary:Version}),
>   libgl-dev,
>libopengl-dev,
>libglew-dev,
> @@ -93,7 +96,7 @@
>  Multi-Arch: foreign
>  Section: libs
>  Depends: ${misc:Depends}
> -Suggests: libcoin80c
> +Suggests: libcoin80t64
>  Replaces: libcoin80-runtime
>  Breaks: libcoin80-runtime
>  Description: high-level 3D graphics kit - external data files
> diff -Nru coin3-4.0.2+ds/debian/libcoin80c.install 
> coin3-4.0.2+ds/debian/libcoin80c.install
> --- coin3-4.0.2+ds/debian/libcoin80c.install  2023-12-09 15:56:48.0 
> +
> +++ coin3-4.0.2+ds/debian/libcoin80c.install  1970-01-01 00:00:00.0 
> +
> @@ -1 +0,0 @@
> -usr/lib/*/lib*.so.*
> diff -Nru coin3-4.0.2+ds/debian/libcoin80t64.install 
> coin3-4.0.2+ds/debian/libcoin80t64.install
> --- coin3-4.0.2+ds/debian/libcoin80t64.install1970-01-01 
> 00:00:00.0 +
> +++ coin3-4.0.2+ds/debian/libcoin80t64.install2023-12-09 
> 15:56:48.0 +
> @@ -0,0 +1 @@
> +usr/lib/*/lib*.so.*
> diff -Nru coin3-4.0.2+ds/debian/libcoin80t64.lintian-overrides 
> coin3-4.0.2+ds/debian/libcoin80t64.lintian-overrides
> --- coin3-4.0.2+ds/debian/libcoin80t64.lintian-overrides  1970-01-01 
> 00:00:00.0 +
> +++ coin3-4.0.2+ds/debian/libcoin80t64.lintian-overrides  2024-02-28 
> 16:46:37.0 +
> @@ -0,0 +1 @@
> +libcoin80t64: package-name-doesnt-match-sonames libcoin80c


-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com

Bug#1067065: nmu: gringo_5.6.2-1

[Steve M. Robbins]

Package: release.debian.org
Severity: normal
X-Debbugs-Cc: gri...@packages.debian.org
Control: affects -1 + src:gringo
User: release.debian@packages.debian.org
Usertags: binnmu

nmu gringo_5.6.2-1 . ANY . unstable . -m "Rebuild against updated python3.11
for 64-bit time transition"

Bug#1064165: lam: NMU diff for 64-bit time_t transition

[Steve Langasek]

Unfortunately, the lam source package has a debian/shlibs.local file which
resulted in incorrect internal dependencies between binary packages built
from this source.

The debian/shlibs.local is actually incorrect (it is more lax than the
public one) so the correct fix here is to drop it.

Attached is a full NMU debdiff for -7.2 which I am uploading now.

On Sat, Feb 17, 2024 at 10:27:54PM +, Steve Langasek wrote:
> Source: lam
> Version: 7.1.4-7
> Severity: important
> Tags: patch pending sid trixie
> User: debian-...@lists.debian.org
> Usertags: time-t
> 
> NOTICE: these changes must not be uploaded to unstable yet!
> 
> Dear maintainer,
> 
> As part of the 64-bit time_t transition required to support 32-bit
> architectures in 2038 and beyond
> (https://wiki.debian.org/ReleaseGoals/64bit-time), we have identified
> lam as a source package shipping runtime libraries whose ABI
> either is affected by the change in size of time_t, or could not be
> analyzed via abi-compliance-checker (and therefore to be on the safe
> side we assume is affected).
> 
> To ensure that inconsistent combinations of libraries with their
> reverse-dependencies are never installed together, it is necessary to
> have a library transition, which is most easily done by renaming the
> runtime library package.
> 
> Since turning on 64-bit time_t is being handled centrally through a change
> to the default dpkg-buildflags (https://bugs.debian.org/1037136), it is
> important that libraries affected by this ABI change all be uploaded close
> together in time.  Therefore I have prepared a 0-day NMU for lam
> which will initially be uploaded to experimental if possible, then to
> unstable after packages have cleared binary NEW.
> 
> Please find the patch for this NMU attached.
> 
> If you have any concerns about this patch, please reach out ASAP.  Although
> this package will be uploaded to experimental immediately, there will be a
> period of several days before we begin uploads to unstable; so if information
> becomes available that your package should not be included in the transition,
> there is time for us to amend the planned uploads.
> 
> 
> 
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
> 'experimental')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 6.5.0-14-generic (SMP w/12 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
> Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)

> diff -Nru lam-7.1.4/debian/changelog lam-7.1.4/debian/changelog
> --- lam-7.1.4/debian/changelog2021-11-06 14:23:49.0 +
> +++ lam-7.1.4/debian/changelog2024-02-17 22:00:52.0 +0000
> @@ -1,3 +1,10 @@
> +lam (7.1.4-7.1) experimental; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * Rename libraries for 64-bit time_t transition.
> +
> + -- Steve Langasek   Sat, 17 Feb 2024 22:00:52 +
> +
>  lam (7.1.4-7) unstable; urgency=medium
>  
>* --with-romio-flags=-ar_nolocal in two configure runs in debian/rules
> diff -Nru lam-7.1.4/debian/control lam-7.1.4/debian/control
> --- lam-7.1.4/debian/control  2021-11-06 14:22:46.0 +
> +++ lam-7.1.4/debian/control  2024-02-17 22:00:52.0 +
> @@ -21,7 +21,7 @@
>  Package: lam4-dev
>  Section: devel
>  Architecture: any
> -Depends: liblam4 (= ${binary:Version}), libc6-dev,${misc:Depends}
> +Depends: liblam4t64 (= ${binary:Version}), libc6-dev,${misc:Depends}
>  Provides: lam-dev
>  Conflicts: lam-dev,lam,lam1-dev,mpi-doc (<< 1.2.7-4),lam-runtime (<= 7.1.2-2)
>  Replaces: lam-dev,lam,lam1-dev,lam2-dev,lam3-dev,lam-runtime (<= 7.1.2-2)
> @@ -31,16 +31,16 @@
>   .
>   This package provides the development headers and related files.
>  
> -Package: liblam4
> +Package: liblam4t64
>  Section: libs
>  Architecture: any
>  Multi-Arch: same
>  Depends: ${shlibs:Depends},${misc:Depends}
> -Provides: mpi
> +Provides: ${t64:Provides}, mpi
>  Conflicts: lam,lam1,lam4,lam4c2
> -Replaces: lam,lam1,lam4,lam4c2
> +Replaces: liblam4, lam,lam1,lam4,lam4c2
>  Recommends: lam-runtime
> -Breaks: libopenmpi-dev (<< 3.0.1~rc1-2), openmpi-bin (<< 3.0.1~rc1-2), mpich 
> (<< 3.3~a3-2), libmpich-dev (<< 3.3~a3-2)
> +Breaks: liblam4 (<< ${source:Version}), libopenmpi-dev (<< 3.0.1~rc1-2), 
> openmpi-bin (<< 3.0.1~rc1-2), mpich (<< 3.3~a3-2), libmpich-dev (<< 3.3~a3-2)
>  Description: Shared libraries used by LAM parallel programs
>   LAM (Local Area Multicomputer) is an

Bug#1062426: libmstoolkit: NMU diff for 64-bit time_t transition

[Steve Langasek]

Unfortunately, the scripting to automatically patch packages for the rename
can't address debian/rules so the hard-coded reference to the library
package name there was missed.  Please find an updated NMU patch for this
issue.  I am uploading this follow-up fix to unstable.

On Thu, Feb 01, 2024 at 10:16:27AM +, Steve Langasek wrote:
> Source: libmstoolkit
> Version: 82-7
> Severity: serious
> Tags: patch pending
> Justification: library ABI skew on upgrade
> User: debian-...@lists.debian.org
> Usertags: time-t
> 
> Dear maintainer,
> 
> As part of the 64-bit time_t transition required to support 32-bit
> architectures in 2038 and beyond
> (https://wiki.debian.org/ReleaseGoals/64bit-time), we have identified
> libmstoolkit as a source package shipping runtime libraries whose ABI
> either is affected by the change in size of time_t, or could not be
> analyzed via abi-compliance-checker (and therefore to be on the safe
> side we assume is affected).
> 
> To ensure that inconsistent combinations of libraries with their
> reverse-dependencies are never installed together, it is necessary to
> have a library transition, which is most easily done by renaming the
> runtime library package.
> 
> Since turning on 64-bit time_t is being handled centrally through a change
> to the default dpkg-buildflags (https://bugs.debian.org/1037136), it is
> important that libraries affected by this ABI change all be uploaded close
> together in time.  Therefore I have prepared a 0-day NMU for libmstoolkit
> which will initially be uploaded to experimental if possible, then to
> unstable after packages have cleared binary NEW.
> 
> Please find the patch for this NMU attached.
> 
> If you have any concerns about this patch, please reach out ASAP.  Although
> this package will be uploaded to experimental immediately, there will be a
> period of several days before we begin uploads to unstable; so if information
> becomes available that your package should not be included in the transition,
> there is time for us to amend the planned uploads.
> 
> 
> 
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 6.5.0-14-generic (SMP w/12 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
> Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)

> diff -Nru libmstoolkit-82/debian/changelog libmstoolkit-82/debian/changelog
> --- libmstoolkit-82/debian/changelog  2020-06-16 11:25:37.0 +
> +++ libmstoolkit-82/debian/changelog  2024-02-01 10:15:18.0 +
> @@ -1,3 +1,10 @@
> +libmstoolkit (82-7.1) experimental; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * Rename libraries for 64-bit time_t transition.
> +
> + -- Steve Langasek   Thu, 01 Feb 2024 10:15:18 +
> +
>  libmstoolkit (82-7) unstable; urgency=low
>  
>* Fix the VCS urls to point to the salsa git repos.
> diff -Nru libmstoolkit-82/debian/control libmstoolkit-82/debian/control
> --- libmstoolkit-82/debian/control2020-06-16 11:25:37.0 +
> +++ libmstoolkit-82/debian/control2024-02-01 10:15:18.0 +
> @@ -18,7 +18,7 @@
>  Section: libdevel
>  Architecture: any
>  Depends: ${misc:Depends}, 
> - libmstoolkit82 (= ${binary:Version}),
> + libmstoolkit82t64 (= ${binary:Version}),
>zlib1g-dev (>=1:1.2.8),
>   libsqlite3-dev (>= 3.8.6),
>   libexpat1-dev (>= 2.1.0) 
> @@ -44,7 +44,10 @@
> - Sequential or random-access file reading.
>  
>  
> -Package: libmstoolkit82
> +Package: libmstoolkit82t64
> +Provides: ${t64:Provides}
> +Replaces: libmstoolkit82
> +Breaks: libmstoolkit82 (<< ${source:Version})
>  Architecture: any
>  Depends: ${shlibs:Depends}, 
>   ${misc:Depends}
> @@ -78,7 +81,7 @@
>  Package: libmstoolkit-tools
>  Section: science
>  Architecture: any
> -Depends: libmstoolkit82 (= ${binary:Version}),
> +Depends: libmstoolkit82t64 (= ${binary:Version}),
>   ${shlibs:Depends}, 
>   ${misc:Depends}
>  Description: libraries for manipulating mass spectrometry data - tools
> diff -Nru libmstoolkit-82/debian/libmstoolkit82.dirs 
> libmstoolkit-82/debian/libmstoolkit82.dirs
> --- libmstoolkit-82/debian/libmstoolkit82.dirs2020-06-16 
> 11:25:37.0 +
> +++ libmstoolkit-82/debian/libmstoolkit82.dirs1970-01-01 
> 00:00:00.0 +
> @@ -1 +0,0 @@
> -usr/lib
> diff -Nru libmstool

Bug#870836: imake generated makefile use deprecated -D_BSD_SOURCE and -D_SVID_SOURCE

[Steve McIntyre]

On Sat, Nov 24, 2018 at 02:02:58PM -0800, Bart Massey wrote:
>Hilariously, I just ran into this today when building a program I wrote in
>1987. Thanks huge to Teemu for working out the patch; I have verified that it
>works for me. It would be great if this could be packaged.

Still seeing this over 5 years later. Is there any reason not to do an
upload with the patch here?

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
You raise the blade, you make the change... You re-arrange me 'til I'm sane...

Bug#1066281: libdbi-drivers: FTBFS: src/unit.c:229:5: error: implicit declaration of function ‘wait’; did you mean ‘want’? [-Werror=implicit-function-declaration]

[Steve Langasek]

Package: libdbi-drivers
Version: 0.9.0-11
Followup-For: Bug #1066281
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch
Control: tags -1 patch

Please find attached a (trivial) patch for this issue.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru libdbi-drivers-0.9.0/debian/control 
libdbi-drivers-0.9.0/debian/control
--- libdbi-drivers-0.9.0/debian/control 2023-01-18 07:10:49.0 -0800
+++ libdbi-drivers-0.9.0/debian/control 2024-03-17 11:28:49.0 -0700
@@ -1,8 +1,7 @@
 Source: libdbi-drivers
 Section: libs
 Priority: optional
-Maintainer: Ubuntu Developers 
-XSBC-Original-Maintainer: Laszlo Boszormenyi (GCS) 
+Maintainer: Laszlo Boszormenyi (GCS) 
 Uploaders: Prach Pongpanich 
 Build-Depends: automake,
debhelper-compat (= 12),
diff -Nru libdbi-drivers-0.9.0/debian/patches/no-implicit-declarations.patch 
libdbi-drivers-0.9.0/debian/patches/no-implicit-declarations.patch
--- libdbi-drivers-0.9.0/debian/patches/no-implicit-declarations.patch  
1969-12-31 16:00:00.0 -0800
+++ libdbi-drivers-0.9.0/debian/patches/no-implicit-declarations.patch  
2024-03-17 11:28:43.0 -0700
@@ -0,0 +1,20 @@
+Description: fix implicit declaration error for wait()
+ 64-bit time_t requires us to be stricter about function declarations.
+ include the missing system header that defines wait().
+Author: Steve Langasek 
+Bug-Debian: https://bugs.debian.org/1066281
+Forwarded: no
+Last-Update: 2024-03-17
+
+Index: libdbi-drivers-0.9.0/tests/cgreen/src/unit.c
+===
+--- libdbi-drivers-0.9.0.orig/tests/cgreen/src/unit.c
 libdbi-drivers-0.9.0/tests/cgreen/src/unit.c
+@@ -9,6 +9,7 @@
+ #include 
+ #include 
+ #include 
++#include 
+ 
+ enum {test_function, test_suite};
+ 
diff -Nru libdbi-drivers-0.9.0/debian/patches/series 
libdbi-drivers-0.9.0/debian/patches/series
--- libdbi-drivers-0.9.0/debian/patches/series  2023-01-18 07:10:47.0 
-0800
+++ libdbi-drivers-0.9.0/debian/patches/series  2024-03-17 11:26:21.0 
-0700
@@ -10,3 +10,4 @@
 test_mysql_date_tz.patch
 mysql-8.0.patch
 no_mariadb_timezone.patch
+no-implicit-declarations.patch

Bug#1061902: consolekit2: NMU diff for 64-bit time_t transition

[Steve Langasek]

The build failure is not caused by this patch.  You have an existing
severity: serious bug open about the build failure:
https://bugs.debian.org/1061493

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1067030: gammu: FTBFS in Ubuntu due to buffer overflow

[Steve Langasek]

Package: gammu
Version: 1.42.0-8.1
Severity: important
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch

Hi Boian,

In Ubuntu gammu fails to build from source with the current default compiler
because it checks more strictly than Debian's for buffer overflows, and it
finds one in the handling of the GSM_Backup.Creator field: this is a buffer
of 80 characters, and the code assumes it can shove the entire output of
`uname` into it with no bounds checking.

Attached is a patch that allows the package to build without test failures
due to buffer overflows.

Thanks for considering,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru gammu-1.42.0/debian/patches/series gammu-1.42.0/debian/patches/series
--- gammu-1.42.0/debian/patches/series  2023-01-29 13:07:57.0 -0800
+++ gammu-1.42.0/debian/patches/series  2024-03-17 01:18:45.0 -0700
@@ -5,3 +5,4 @@
 06-disable_smsd-dbi-sqlite3.patch
 07-use_posix_shell_only.patch
 08-no_warnings_in_docs.patch
+uname-buffer-overflow.patch
diff -Nru gammu-1.42.0/debian/patches/uname-buffer-overflow.patch 
gammu-1.42.0/debian/patches/uname-buffer-overflow.patch
--- gammu-1.42.0/debian/patches/uname-buffer-overflow.patch 1969-12-31 
16:00:00.0 -0800
+++ gammu-1.42.0/debian/patches/uname-buffer-overflow.patch 2024-03-17 
01:22:52.0 -0700
@@ -0,0 +1,47 @@
+Description: fix buffer overflow in GSM_Backup.Creator
+ GSM_Backup contains an 80-char 'Creator' field which it tries to fill
+ with the contents of 'uname -a'.  Recent compilers rightly detect a
+ buffer overflow (on Ubuntu, this output is 120 characters long and it's
+ not the only thing expected to go in this field).  Avoid use of the
+ never-safe strcat().
+Author: Steve Langasek 
+Forwarded: no
+Last-Update: 2024-03-17
+
+Index: gammu-1.42.0/gammu/backup.c
+===
+--- gammu-1.42.0.orig/gammu/backup.c
 gammu-1.42.0/gammu/backup.c
+@@ -347,6 +347,7 @@
+   GSM_GPRSAccessPoint GPRSPoint;
+   gbooleanDoBackupPart;
+   char buffer[GSM_MAX_INFO_LENGTH];
++  size_t  len;
+ 
+   if (argc == 4 && strcasecmp(argv[3],"-yes") == 0) always_answer_yes = 
TRUE;
+ 
+@@ -354,13 +355,18 @@
+   GSM_GetBackupFormatFeatures(GSM_GuessBackupFormat(argv[2], 
FALSE),);
+ 
+   sprintf(Backup.Creator, "Gammu %s", GAMMU_VERSION);
+-  if (strlen(GetOS()) != 0) {
+-  strcat(Backup.Creator+strlen(Backup.Creator),", ");
+-  strcat(Backup.Creator+strlen(Backup.Creator),GetOS());
++  len = sizeof(Backup.Creator) - strlen(Backup.Creator) - 1;
++  if (strlen(GetOS()) != 0 && len > strlen(GetOS()) + 3) {
++  strncat(Backup.Creator+strlen(Backup.Creator),", ", len);
++  len -= 2;
++  strncat(Backup.Creator+strlen(Backup.Creator),GetOS(), len);
++  len -= strlen(GetOS());
+   }
+-  if (strlen(GetCompiler()) != 0) {
+-  strcat(Backup.Creator+strlen(Backup.Creator),", ");
+-  strcat(Backup.Creator+strlen(Backup.Creator),GetCompiler());
++  if (strlen(GetCompiler()) != 0 && len > strlen(GetCompiler()) + 3) {
++  strncat(Backup.Creator+strlen(Backup.Creator),", ", len);
++  len -= 2;
++  strncat(Backup.Creator+strlen(Backup.Creator),GetCompiler(),
++  len);
+   }
+ 
+   signal(SIGINT, interrupt);

Bug#1064158: jxrlib: NMU diff for 64-bit time_t transition

[Steve Langasek]

Hello,

Unfortunately, the mass NMU scripting missed that debian/symbols needed
updated as well, resulting in a libjxr0t64 package that depends on libjxr0
which doesn't exist on 32-bit archs.

Attached is a comprehensive NMU patch that fixes this issue as well.  I am
uploading this change to unstable.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org

On Sat, Feb 17, 2024 at 08:36:44PM +, Steve Langasek wrote:
> Source: jxrlib
> Version: 1.2~git20170615.f752187-5
> Severity: important
> Tags: patch pending sid trixie
> User: debian-...@lists.debian.org
> Usertags: time-t
> 
> NOTICE: these changes must not be uploaded to unstable yet!
> 
> Dear maintainer,
> 
> As part of the 64-bit time_t transition required to support 32-bit
> architectures in 2038 and beyond
> (https://wiki.debian.org/ReleaseGoals/64bit-time), we have identified
> jxrlib as a source package shipping runtime libraries whose ABI
> either is affected by the change in size of time_t, or could not be
> analyzed via abi-compliance-checker (and therefore to be on the safe
> side we assume is affected).
> 
> To ensure that inconsistent combinations of libraries with their
> reverse-dependencies are never installed together, it is necessary to
> have a library transition, which is most easily done by renaming the
> runtime library package.
> 
> Since turning on 64-bit time_t is being handled centrally through a change
> to the default dpkg-buildflags (https://bugs.debian.org/1037136), it is
> important that libraries affected by this ABI change all be uploaded close
> together in time.  Therefore I have prepared a 0-day NMU for jxrlib
> which will initially be uploaded to experimental if possible, then to
> unstable after packages have cleared binary NEW.
> 
> Please find the patch for this NMU attached.
> 
> If you have any concerns about this patch, please reach out ASAP.  Although
> this package will be uploaded to experimental immediately, there will be a
> period of several days before we begin uploads to unstable; so if information
> becomes available that your package should not be included in the transition,
> there is time for us to amend the planned uploads.
> 
> 
> 
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
> 'experimental')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 6.5.0-14-generic (SMP w/12 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
> Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)

> diff -Nru jxrlib-1.2~git20170615.f752187/debian/changelog 
> jxrlib-1.2~git20170615.f752187/debian/changelog
> --- jxrlib-1.2~git20170615.f752187/debian/changelog   2022-01-28 
> 12:55:06.0 +
> +++ jxrlib-1.2~git20170615.f752187/debian/changelog   2024-02-17 
> 20:20:40.0 +
> @@ -1,3 +1,10 @@
> +jxrlib (1.2~git20170615.f752187-5.1) experimental; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * Rename libraries for 64-bit time_t transition.
> +
> + -- Steve Langasek   Sat, 17 Feb 2024 20:20:40 +
> +
>  jxrlib (1.2~git20170615.f752187-5) unstable; urgency=medium
>  
>[ Mathieu Malaterre ]
> diff -Nru jxrlib-1.2~git20170615.f752187/debian/control 
> jxrlib-1.2~git20170615.f752187/debian/control
> --- jxrlib-1.2~git20170615.f752187/debian/control 2022-01-28 
> 10:19:14.0 +
> +++ jxrlib-1.2~git20170615.f752187/debian/control 2024-02-17 
> 20:20:40.0 +
> @@ -14,7 +14,10 @@
>  Standards-Version: 4.6.0
>  Rules-Requires-Root: no
>  
> -Package: libjxr0
> +Package: libjxr0t64
> +Provides: ${t64:Provides}
> +Replaces: libjxr0
> +Breaks: libjxr0 (<< ${source:Version})
>  Section: libs
>  Architecture: any
>  Depends: ${misc:Depends}, ${shlibs:Depends}
> @@ -42,7 +45,7 @@
>  Architecture: any
>  Section: libdevel
>  Multi-Arch: same
> -Depends: libjxr0 (= ${binary:Version}), ${misc:Depends}
> +Depends: libjxr0t64 (= ${binary:Version}), ${misc:Depends}
>  Description: JPEG-XR lib - dev files
>   JPEG XR is an approved ISO/IEC International standard (its official
>   designation is ISO/IEC 29199-2).
> diff -Nru jxrlib-1.2~git20170615.f752187/debian/libjxr0t64.lintian-overrides 
> jxrlib-1.2~git20170615.f752187/debian/libjxr0t64.lintian-overrides
> --- jxrlib-1.2~git2017061

Bug#1066237: nas: FTBFS: main.c:125:9: error: implicit declaration of function ‘yyparse’ [-Werror=implicit-function-declaration]

[Steve McIntyre]

On Wed, Mar 13, 2024 at 12:42:56PM +0100, Lucas Nussbaum wrote:
>Source: nas
>Version: 1.9.4-7
>Severity: serious
>Justification: FTBFS
>Tags: trixie sid ftbfs
>User: lu...@debian.org
>Usertags: ftbfs-20240313 ftbfs-trixie ftbfs-impfuncdef

Thanks for the report!

Nas contains some really awful old C code, and it's taking a bit of
fixing. But I'm getting there...

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
You lock the door
And throw away the key
There's someone in my head but it's not me 

Bug#1061901: compiz: NMU diff for 64-bit time_t transition

[Steve Langasek]

Unfortunately, compiz FTBFS on armel and armhf because
libstartup-notification is not 64-bit time_t-safe.  I have uploaded a
follow-up NMU to fix this.  Please find attached the comprehensive NMU
patch.

On Wed, Feb 28, 2024 at 05:32:03PM +, Steve Langasek wrote:
> Dear maintainer,
> 
> Please find attached a final version of this patch for the time_t
> transition.  This patch is being uploaded to unstable.
> 
> Note that this adds a versioned build-dependency on dpkg-dev, to guard
> against accidental backports with a wrong ABI.
> 
> Thanks!
> 
> 
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 6.5.0-14-generic (SMP w/12 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
> Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru compiz-0.8.18/debian/changelog compiz-0.8.18/debian/changelog
--- compiz-0.8.18/debian/changelog  2023-01-01 21:58:27.0 +
+++ compiz-0.8.18/debian/changelog  2024-03-16 01:19:57.0 +
@@ -1,3 +1,18 @@
+compiz (2:0.8.18-5.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * debian/patches/64-bit-time-t-compat.patch: fix build with
+_TIME_BITS=64.
+
+ -- Steve Langasek   Sat, 16 Mar 2024 01:19:57 +
+
+compiz (2:0.8.18-5.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Rename libraries for 64-bit time_t transition.  Closes: #1061901
+
+ -- Steve Langasek   Wed, 28 Feb 2024 17:31:21 +
+
 compiz (2:0.8.18-5) unstable; urgency=medium
 
   [ Samuel Thibault ]
diff -Nru compiz-0.8.18/debian/control compiz-0.8.18/debian/control
--- compiz-0.8.18/debian/control2023-01-01 21:58:27.0 +
+++ compiz-0.8.18/debian/control2024-02-28 17:31:21.0 +
@@ -3,7 +3,7 @@
 Priority: optional
 Maintainer: Hypra Team 
 Uploaders: Samuel Thibault 
-Build-Depends: debhelper-compat (= 13),
+Build-Depends: dpkg-dev (>= 1.22.5), debhelper-compat (= 13),
intltool,
libcairo2-dev,
libglib2.0-dev,
@@ -159,7 +159,10 @@
  This package contains the standard plugins that come with compiz. Compiz
  without these plugins is not very useful.
 
-Package: libdecoration0
+Package: libdecoration0t64
+Provides: ${t64:Provides}
+Replaces: libdecoration0
+Breaks: libdecoration0 (<< ${source:Version})
 Section: libs
 Architecture: any
 Multi-Arch: same
@@ -174,7 +177,7 @@
 Section: libdevel
 Architecture: any
 Multi-Arch: same
-Depends: libdecoration0 (= ${binary:Version}),
+Depends: libdecoration0t64 (= ${binary:Version}),
  ${misc:Depends},
  libx11-dev,
  libxrender-dev
diff -Nru compiz-0.8.18/debian/libdecoration0.install 
compiz-0.8.18/debian/libdecoration0.install
--- compiz-0.8.18/debian/libdecoration0.install 2018-10-27 12:09:18.0 
+
+++ compiz-0.8.18/debian/libdecoration0.install 1970-01-01 00:00:00.0 
+
@@ -1 +0,0 @@
-usr/lib/libdecoration*.so.*
diff -Nru compiz-0.8.18/debian/libdecoration0t64.install 
compiz-0.8.18/debian/libdecoration0t64.install
--- compiz-0.8.18/debian/libdecoration0t64.install  1970-01-01 
00:00:00.0 +
+++ compiz-0.8.18/debian/libdecoration0t64.install  2018-10-27 
12:09:18.0 +
@@ -0,0 +1 @@
+usr/lib/libdecoration*.so.*
diff -Nru compiz-0.8.18/debian/libdecoration0t64.lintian-overrides 
compiz-0.8.18/debian/libdecoration0t64.lintian-overrides
--- compiz-0.8.18/debian/libdecoration0t64.lintian-overrides1970-01-01 
00:00:00.0 +
+++ compiz-0.8.18/debian/libdecoration0t64.lintian-overrides2024-02-28 
17:29:20.0 +
@@ -0,0 +1 @@
+libdecoration0t64: package-name-doesnt-match-sonames libdecoration0
diff -Nru compiz-0.8.18/debian/patches/64-bit-time-t-compat.patch 
compiz-0.8.18/debian/patches/64-bit-time-t-compat.patch
--- compiz-0.8.18/debian/patches/64-bit-time-t-compat.patch 1970-01-01 
00:00:00.0 +
+++ compiz-0.8.18/debian/patches/64-bit-time-t-compat.patch 2024-03-16 
01:19:57.0 +
@@ -0,0 +1,30 @@
+Description: fix build with _TIME_BITS=64
+ The startup-notification API takes a long * where it ought to have always
+ taken a time_t *.  As a consequence, changing the size of time_t makes
+ callers fail to build.  Work around this by safely casting to a long.
+ This will continue to work on 32-bit systems until 2038, by which time
+ all the 32-bit systems will be dead

Bug#1062199: gvm-libs: NMU diff for 64-bit time_t transition

[Steve Langasek]

Hi Sophie,

gvm-libs needs a further change to actually be buildable on 32-bit archs
with 64-bit time_t.  I've done a follow-up NMU for this; please find a
comprehensive debdiff attached.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru gvm-libs-22.7.3/debian/changelog gvm-libs-22.7.3/debian/changelog
--- gvm-libs-22.7.3/debian/changelog2023-11-20 15:13:25.0 +
+++ gvm-libs-22.7.3/debian/changelog2024-03-16 00:32:34.0 +
@@ -1,3 +1,18 @@
+gvm-libs (22.7.3-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * debian/patches/64-bit-time-t-compat.patch: wrap the write symbols
+when _FILE_OFFSET_BITS=64 is set.
+
+ -- Steve Langasek   Sat, 16 Mar 2024 00:32:34 +
+
+gvm-libs (22.7.3-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Rename libraries for 64-bit time_t transition.  Closes: #1062199
+
+ -- Lukas Märdian   Wed, 28 Feb 2024 09:24:41 +
+
 gvm-libs (22.7.3-1) unstable; urgency=medium
 
   * New upstream version 22.7.3
diff -Nru gvm-libs-22.7.3/debian/control gvm-libs-22.7.3/debian/control
--- gvm-libs-22.7.3/debian/control  2023-11-20 15:13:25.0 +
+++ gvm-libs-22.7.3/debian/control  2024-02-28 09:24:41.0 +
@@ -3,7 +3,7 @@
 Priority: optional
 Maintainer: Debian Security Tools 
 Uploaders: Sophie Brun 
-Build-Depends: debhelper-compat (= 13),
+Build-Depends: dpkg-dev (>= 1.22.5), debhelper-compat (= 13),
cmake,
   libcgreen1-dev [!ppc64el !s390x],
libglib2.0-dev,
@@ -37,7 +37,7 @@
  libgpgme-dev,
  libhiredis-dev,
  libksba-dev,
- libgvm22 (= ${binary:Version}),
+ libgvm22t64 (= ${binary:Version}),
  libpcap-dev,
  libssh-dev,
  uuid-dev,
@@ -71,12 +71,14 @@
  libraries.
 
 
-Package: libgvm22
+Package: libgvm22t64
+Provides: ${t64:Provides}
+Breaks: libgvm22 (<< ${source:Version})
 Architecture: any
 Depends: ${misc:Depends},
  ${shlibs:Depends},
 Multi-Arch: same
-Replaces: libopenvas9
+Replaces: libgvm22, libopenvas9
 Conflicts: libopenvas9
 Description: remote network security auditor - shared libraries
  The Open Vulnerability Assessment System is a modular security auditing
diff -Nru gvm-libs-22.7.3/debian/libgvm22.install 
gvm-libs-22.7.3/debian/libgvm22.install
--- gvm-libs-22.7.3/debian/libgvm22.install 2023-11-20 15:13:25.0 
+
+++ gvm-libs-22.7.3/debian/libgvm22.install 1970-01-01 00:00:00.0 
+
@@ -1 +0,0 @@
-usr/lib/*/libgvm*.so.*
diff -Nru gvm-libs-22.7.3/debian/libgvm22.lintian-overrides 
gvm-libs-22.7.3/debian/libgvm22.lintian-overrides
--- gvm-libs-22.7.3/debian/libgvm22.lintian-overrides   2023-11-20 
15:13:25.0 +
+++ gvm-libs-22.7.3/debian/libgvm22.lintian-overrides   1970-01-01 
00:00:00.0 +
@@ -1,4 +0,0 @@
-# this package provides several shared libraries built from the same source
-# tree; since they change their SONAMES together they are provided in a single
-# library package
-package-name-doesnt-match-sonames
diff -Nru gvm-libs-22.7.3/debian/libgvm22.symbols 
gvm-libs-22.7.3/debian/libgvm22.symbols
--- gvm-libs-22.7.3/debian/libgvm22.symbols 2023-11-20 15:13:25.0 
+
+++ gvm-libs-22.7.3/debian/libgvm22.symbols 1970-01-01 00:00:00.0 
+
@@ -1,486 +0,0 @@
-libgvm_base.so.22 libgvm22 #MINVER#
-* Build-Depends-Package: libgvm-dev
- addr6_as_str@Base 22.4.0
- addr6_to_str@Base 22.4.0
- append_to_credentials_password@Base 22.4.0
- append_to_credentials_username@Base 22.4.0
- array_add@Base 22.4.0
- array_free@Base 22.4.0
- array_reset@Base 22.4.0
- array_terminate@Base 22.4.0
- cleanup_settings_iterator@Base 22.4.0
- current_environ@Base 22.4.0
- drop_privileges@Base 22.4.0
- facilitynames@Base 22.4.0
- free_credentials@Base 22.4.0
- free_log_configuration@Base 22.4.0
- free_log_reference@Base 22.4.4
- get_cvss_score_from_base_metrics@Base 22.4.0
- get_log_reference@Base 22.4.4
- get_time@Base 22.4.0
- global_source_addr6@Base 22.4.0
- global_source_addr@Base 22.4.0
- global_source_iface@Base 22.4.0
- gvm_append_string@Base 22.4.0
- gvm_append_text@Base 22.4.0
- gvm_close_sentry@Base 22.4.0
- gvm_disable_password_policy@Base 22.4.0
- gvm_duplicate_host@Base 22.4.0
- gvm_duplicate_vhost@Base 22.4.0
- gvm_free_string_var@Base 22.4.0
- gvm_get_host_type@Base 22.4.0
- gvm_get_outgoing_iface@Base 22.4.0
- gvm_has_sentry_support@Base 22.4.0
- gvm_host_add_reverse_lookup@Base 22.4.0
- gvm_host_find_in_hosts@Base 22.4.0
- gvm_host_free@Base 22.4.0
- gvm_host_from_str@Base 22.4.0
- gvm_host_get_addr6@Base 22.4.0
- gvm_host_in_hosts@Base 22.4.0
- gvm_host_resolve@Base 22.4.0
- gvm_host_reverse_lookup@Base 22.4.0
- gvm_host_

Bug#1066264: cdrkit: diff for NMU version 9:1.1.11-3.5

[Steve McIntyre]

Thanks! If you think this is a good bugfix, please go ahead and upload
straight to unstable.

On Thu, Mar 14, 2024 at 09:55:13PM +0500, Andrey Rakhmatullin wrote:
>Control: tags 1066264 + patch
>Control: tags 1066264 + pending
>
>Dear maintainer,
>
>I've prepared an NMU for cdrkit (versioned as 9:1.1.11-3.5) and
>uploaded it to DELAYED/4. Please feel free to tell me if I
>should delay it longer.
>
>Regards.
>
>
>-- 
>WBR, wRAR

>diff -Nru cdrkit-1.1.11/debian/changelog cdrkit-1.1.11/debian/changelog
>--- cdrkit-1.1.11/debian/changelog 2022-06-24 19:56:39.0 +0500
>+++ cdrkit-1.1.11/debian/changelog 2024-03-14 21:53:13.0 +0500
>@@ -1,3 +1,10 @@
>+cdrkit (9:1.1.11-3.5) unstable; urgency=medium
>+
>+  * Non-maintainer upload.
>+  * Fix FTBFS with -Werror=implicit-function-declaration (Closes: #1066264).
>+
>+ -- Andrey Rakhmatullin   Thu, 14 Mar 2024 21:53:13 +0500
>+
> cdrkit (9:1.1.11-3.4) unstable; urgency=low
> 
>   * Non-maintainer upload.
>diff -Nru cdrkit-1.1.11/debian/patches/fix-implicit-function-declaration.patch 
>cdrkit-1.1.11/debian/patches/fix-implicit-function-declaration.patch
>--- cdrkit-1.1.11/debian/patches/fix-implicit-function-declaration.patch   
>1970-01-01 05:00:00.0 +0500
>+++ cdrkit-1.1.11/debian/patches/fix-implicit-function-declaration.patch   
>2024-03-14 21:50:53.0 +0500
>@@ -0,0 +1,29 @@
>+Description: Add missing header includes.
>+Author: Andrey Rakhmatullin 
>+Bug-Debian: https://bugs.debian.org/1066264
>+Last-Update: 2024-03-14
>+
>+Index: cdrkit-1.1.11/genisoimage/genisoimage.c
>+===
>+--- cdrkit-1.1.11.orig/genisoimage/genisoimage.c
> cdrkit-1.1.11/genisoimage/genisoimage.c
>+@@ -54,6 +54,7 @@
>+ #include 
>+ #include "match.h"
>+ #include "exclude.h"
>++#include "checksum.h"
>+ #include /* For UNICODE translation */
>+ #include 
>+ #ifdef UDF
>+Index: cdrkit-1.1.11/genisoimage/jte.c
>+===
>+--- cdrkit-1.1.11.orig/genisoimage/jte.c
> cdrkit-1.1.11/genisoimage/jte.c
>+@@ -27,6 +27,7 @@
>+ #include "ifo_read.h"
>+ #include "endianconv.h"
>+ #include "checksum.h"
>++#include "md5.h"
>+ #endif
>+ #ifdef APPLE_HYB
>+ #include 
>diff -Nru cdrkit-1.1.11/debian/patches/series 
>cdrkit-1.1.11/debian/patches/series
>--- cdrkit-1.1.11/debian/patches/series2022-05-25 07:57:10.0 
>+0500
>+++ cdrkit-1.1.11/debian/patches/series2024-03-14 21:48:02.0 
>+0500
>@@ -4,3 +4,4 @@
> add-efi-boot.patch
> gcc10.patch
> fix_format-security.patch
>+fix-implicit-function-declaration.patch



-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
Can't keep my eyes from the circling sky,
Tongue-tied & twisted, Just an earth-bound misfit, I...

Bug#1066839: pipewire: ftbfs with 64-bit time_t

[Steve Langasek]

Package: pipewire
Version: 1.0.3-1.1
Severity: serious
Tags: patch
Justification: ftbfs
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch

Dear maintainers,

pipewire fails to build from source on 32-bit architectures under 64-bit
time_t, because it has a module that legitimately un-sets _FILE_OFFSET_BITS
for building but this is not allowed without also unsetting _TIME_BITS.

Since this is a legitimate un-setting of _FILE_OFFSET_BITS in order to get
access to the necessary libc6 prototypes and macros, and since the functions
being intercepted are not sensitive to time_t, the simplest solution is to
also unset _TIME_BITS.

Please see the attached patch, which has been uploaded to Ubuntu to fix this
build failure.

Thanks for considering,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru pipewire-1.0.3/debian/control pipewire-1.0.3/debian/control
--- pipewire-1.0.3/debian/control   2024-03-04 08:54:55.0 -0800
+++ pipewire-1.0.3/debian/control   2024-03-13 23:11:56.0 -0700
@@ -1,8 +1,7 @@
 Source: pipewire
 Section: libs
 Priority: optional
-Maintainer: Ubuntu Developers 
-XSBC-Original-Maintainer: Utopia Maintenance Team 

+Maintainer: Utopia Maintenance Team 

 Uploaders: Jeremy Bicha ,
Dylan Aïssi 
 Build-Depends: dpkg-dev (>= 1.22.5), debhelper-compat (= 13),
diff -Nru pipewire-1.0.3/debian/patches/64-bit-time-t-compat.patch 
pipewire-1.0.3/debian/patches/64-bit-time-t-compat.patch
--- pipewire-1.0.3/debian/patches/64-bit-time-t-compat.patch1969-12-31 
16:00:00.0 -0800
+++ pipewire-1.0.3/debian/patches/64-bit-time-t-compat.patch2024-03-13 
23:11:47.0 -0700
@@ -0,0 +1,21 @@
+Description: 64-bit time_t compatibility for v4l2 module
+ The v4l2 build unsets _FILE_OFFSET_BITS, which is not allowed when setting
+ _TIME_BITS=64.  Having verified that nothing in this module is sensitive to
+ 64-bit time_t (none of the functions it intercepts handle time), we also
+ unset _TIME_BITS to allow this to build as before.
+Author: Steve Langasek 
+Forwarded: no
+Last-Update: 2024-03-13
+
+Index: pipewire-1.0.3/pipewire-v4l2/src/meson.build
+===
+--- pipewire-1.0.3.orig/pipewire-v4l2/src/meson.build
 pipewire-1.0.3/pipewire-v4l2/src/meson.build
+@@ -12,6 +12,7 @@
+   '-U_FILE_OFFSET_BITS',
+   '-D_FILE_OFFSET_BITS=32',
+   '-D_LARGEFILE64_SOURCE',
++  '-U_TIME_BITS',
+   '-fvisibility=hidden',
+ ]
+ 
diff -Nru pipewire-1.0.3/debian/patches/series 
pipewire-1.0.3/debian/patches/series
--- pipewire-1.0.3/debian/patches/series2024-03-04 08:54:55.0 
-0800
+++ pipewire-1.0.3/debian/patches/series2024-03-13 23:09:06.0 
-0700
@@ -19,3 +19,4 @@
 snap/snap-policy-Manage-ENOPROTOOPT-error-in-aa_getpeercon.patch
 snap/snap-policy-ensure-audio-works-with-.deb-snapd.patch
 snap/snap-policy-fix-memory-leak.patch
+64-bit-time-t-compat.patch

Bug#1066836: libcamera: ftbfs with 64-bit time_t

[Steve Langasek]

Package: libcamera
Version: 0.2.0-1
Severity: serious
Tags: patch
Justification: ftbfs
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch

Dear maintainers,

libcamera fails to build from source on 32-bit architectures under 64-bit
time_t, because it has a module that legitimately un-sets _FILE_OFFSET_BITS
for building but this is not allowed without also unsetting _TIME_BITS:

[...]
[267/430] c++ -Isrc/v4l2/v4l2-compat.so.p -Isrc/v4l2 -I../src/v4l2 -Iinclude 
-I../include -Iinclude/libcamera/ipa -Iinclude/libcamera 
-fdiagnostics-color=always -Wall -Winvalid-pch -Wextra -Werror -std=c++17 
-Wno-redundant-move -Wno-psabi -Wshadow -include 
/<>/obj-arm-linux-gnueabihf/config.h -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat 
-Werror=format-security -fno-stack-clash-protection 
-fdebug-prefix-map=/<>=/usr/src/libcamera-0.2.0-1ubuntu3 
-Wno-error -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64 
-Wdate-time -D_FORTIFY_SOURCE=3 -fPIC -DLIBCAMERA_BASE_PRIVATE 
-U_FILE_OFFSET_BITS -D_FILE_OFFSET_BITS=32 -D_LARGEFILE64_SOURCE 
-fvisibility=hidden -MD -MQ src/v4l2/v4l2-compat.so.p/v4l2_camera.cpp.o -MF 
src/v4l2/v4l2-compat.so.p/v4l2_camera.cpp.o.d -o 
src/v4l2/v4l2-compat.so.p/v4l2_camera.cpp.o -c ../src/v4l2/v4l2_camera.cpp
FAILED: src/v4l2/v4l2-compat.so.p/v4l2_camera.cpp.o 
c++ -Isrc/v4l2/v4l2-compat.so.p -Isrc/v4l2 -I../src/v4l2 -Iinclude -I../include 
-Iinclude/libcamera/ipa -Iinclude/libcamera -fdiagnostics-color=always -Wall 
-Winvalid-pch -Wextra -Werror -std=c++17 -Wno-redundant-move -Wno-psabi 
-Wshadow -include /<>/obj-arm-linux-gnueabihf/config.h -g -O2 
-ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat 
-Werror=format-security -fno-stack-clash-protection 
-fdebug-prefix-map=/<>=/usr/src/libcamera-0.2.0-1ubuntu3 
-Wno-error -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64 
-Wdate-time -D_FORTIFY_SOURCE=3 -fPIC -DLIBCAMERA_BASE_PRIVATE 
-U_FILE_OFFSET_BITS -D_FILE_OFFSET_BITS=32 -D_LARGEFILE64_SOURCE 
-fvisibility=hidden -MD -MQ src/v4l2/v4l2-compat.so.p/v4l2_camera.cpp.o -MF 
src/v4l2/v4l2-compat.so.p/v4l2_camera.cpp.o.d -o 
src/v4l2/v4l2-compat.so.p/v4l2_camera.cpp.o -c ../src/v4l2/v4l2_camera.cpp
In file included from /usr/include/features.h:394,
 from 
/usr/include/arm-linux-gnueabihf/c++/13/bits/os_defines.h:39,
 from 
/usr/include/arm-linux-gnueabihf/c++/13/bits/c++config.h:679,
 from /usr/include/c++/13/bits/requires_hosted.h:31,
 from /usr/include/c++/13/deque:60,
 from ../src/v4l2/v4l2_camera.h:10,
 from ../src/v4l2/v4l2_camera.cpp:8:
/usr/include/features-time64.h:26:5: error: #error "_TIME_BITS=64 is allowed 
only with _FILE_OFFSET_BITS=64"
   26 | #   error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
  | ^
[...]

  
(https://launchpad.net/ubuntu/+source/libcamera/0.2.0-1ubuntu3/+build/27902670)

Since this is a legitimate un-setting of _FILE_OFFSET_BITS in order to get
access to the necessary libc6 prototypes and macros, and since the functions
being intercepted are not sensitive to time_t, the simplest solution is to
also unset _TIME_BITS.

Please see the attached patch, which has been uploaded to Ubuntu to fix this
build failure.

Thanks for considering,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru libcamera-0.2.0/debian/control libcamera-0.2.0/debian/control
--- libcamera-0.2.0/debian/control  2024-01-17 13:27:50.0 -0800
+++ libcamera-0.2.0/debian/control  2024-03-13 22:27:39.0 -0700
@@ -1,7 +1,6 @@
 Source: libcamera
 Priority: optional
-Maintainer: Ubuntu Developers 
-XSBC-Original-Maintainer: Debian Multimedia Maintainers 

+Maintainer: Debian Multimedia Maintainers 
 Uploaders: Emmanuel Arias ,
IOhannes m zmölnig (Debian/GNU) ,
Andrej Shadura ,
diff -Nru libcamera-0.2.0/debian/patches/64-bit-time-t-compat.patch 
libcamera-0.2.0/debian/patches/64-bit-time-t-compat.patch
--- libcamera-0.2.0/debian/patches/64-bit-time-t-compat.patch   1969-12-31 
16:00:00.0 -0800
+++ libcamera-0.2.0/debian/patches/64-bit-time-t-compat.patch   2024-03-13 
22:27:33.0 -0700
@@ -0,0 +1,21 @@
+Description: 64-bit time_t compatibility for v4l2 module
+ The v4l2 build unsets _FILE_OFFSET_BITS, which is not allowed when setting
+ _TIME_BITS=64.  Having verified that nothing in this module is sensitive to
+ 64-bit time_t (none of the functions it intercepts handle time), we also
+ unset _TIME_BITS to allow this to build as before.
+Author: Steve Langasek 
+Forwarded: no
+Last-Update: 2

Bug#1066140: afflib: strlcpy,strlcat in .symbols but not part of API; ftbfs with glibc >= 2.38

[Steve Langasek]

Package: afflib
Version: 3.7.20-1.1
Severity: important
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch

Hi João,

afflib fails to build from source in Ubuntu because Ubuntu ships glibc 2.39
which now provides implementations of strlcat and strlcpy, which means other
packages no longer include their own implementations, resulting in a
mismatch with the libafflib0t64 symbols file.

The attached patch treats these symbols as optional, since they are not part
of the afflib API.

This change has been uploaded to Ubuntu.

Thanks for considering,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru afflib-3.7.20/debian/libafflib0t64.symbols 
afflib-3.7.20/debian/libafflib0t64.symbols
--- afflib-3.7.20/debian/libafflib0t64.symbols  2024-02-27 16:12:21.0 
-0800
+++ afflib-3.7.20/debian/libafflib0t64.symbols  2024-03-12 17:10:21.0 
-0700
@@ -787,8 +787,8 @@
  s3_request_retry_count@Base 3.7.6
  s3_retry_max@Base 3.7.6
  split_raw_increment_fname@Base 3.7.6
- strlcat@Base 3.7.6
- strlcpy@Base 3.7.6
+ (optional)strlcat@Base 3.7.6
+ (optional)strlcpy@Base 3.7.6
  strstart@Base 3.7.6
  term_print_filename@Base 3.7.6
  term_printf@Base 3.7.6

Bug#1065787: 64-bit time_t transition: cargo needs manual intervention

[Steve Langasek]

On Mon, Mar 11, 2024 at 09:07:17PM -0500, Steven Robbins wrote:
> Peter convincingly argues (details in bug) that manual intervention is needed 
> for package "cargo":

> On Sun, 10 Mar 2024 00:48:32 + Peter Michael Green  
> wrote:

> > This will require manual intervention to resolve, either through
> > cross-building or through building manually in a hacked-up build
> > environment.

> > I've certainly seen mention of rustc on #debian-devel recently,
> > so I think the people handling the time_t transition are already
> > aware of this.

> I'm wondering if the time_t people or the rust people could comment on this?  
> This build failure has a surprisingly (to me) long chain of casualties.  Is 
> this an easy thing to fix or is going to take weeks?

The quickest fix for this based on what we've done in Ubuntu is:

- unpack cargo and libstd-rust debs to the root via dpkg-deb -x
- use equivs to mock up packages by these names with no dependencies and
  install those
- bootstrap
- enjoy

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1063175: orc: NMU diff for 64-bit time_t transition

[Steve Langasek]

Dear maintainers,

One more bug in the orc transition: the .symbols file declares shlibs
dependencies for multiple libraries, but only the first of them was updated
to point at the new library name.

Please find attached a comprehensive patch for orc vis-à-vis t64.  I've
uploaded this hopefully final NMU to unstable.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru orc-0.4.34/debian/changelog orc-0.4.34/debian/changelog
--- orc-0.4.34/debian/changelog 2024-02-28 12:51:27.0 +
+++ orc-0.4.34/debian/changelog 2024-03-11 04:36:15.0 +
@@ -1,3 +1,25 @@
+orc (1:0.4.34-4.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix symbols dependencies on liborc-test.
+
+ -- Steve Langasek   Mon, 11 Mar 2024 04:36:15 +
+
+orc (1:0.4.34-4.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix build depedency on dpkg-dev to use >= not >> (sorry).
+
+ -- Michael Hudson-Doyle   Tue, 05 Mar 2024 
10:54:56 +1300
+
+orc (1:0.4.34-4.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add build depedency on dpkg-dev (>= 1.22.5) for time_t transition.
+(Closes: #1065272)
+
+ -- Michael Hudson-Doyle   Mon, 04 Mar 2024 23:40:36 +1300
+
 orc (1:0.4.34-4) unstable; urgency=medium
 
   * Team upload
diff -Nru orc-0.4.34/debian/control orc-0.4.34/debian/control
--- orc-0.4.34/debian/control   2024-02-28 12:51:27.0 +
+++ orc-0.4.34/debian/control   2024-03-04 21:54:56.0 +
@@ -4,7 +4,8 @@
 Maintainer: Maintainers of GStreamer packages 
 Uploaders: Sebastian Dröge ,
Sjoerd Simons 
-Build-Depends: debhelper-compat (= 13),
+Build-Depends: dpkg-dev (>= 1.22.5),
+   debhelper-compat (= 13),
meson,
pkg-config,
gtk-doc-tools
diff -Nru orc-0.4.34/debian/liborc-0.4-0t64.symbols 
orc-0.4.34/debian/liborc-0.4-0t64.symbols
--- orc-0.4.34/debian/liborc-0.4-0t64.symbols   2024-02-28 12:51:27.0 
+
+++ orc-0.4.34/debian/liborc-0.4-0t64.symbols   2024-03-11 04:35:56.0 
+
@@ -308,7 +308,7 @@
  orc_x86_get_regname_sse@Base 1:0.4.34
  orc_x86_get_regnum@Base 1:0.4.34
  orc_x86_output_insns@Base 1:0.4.34
-liborc-test-0.4.so.0 liborc-0.4-0 #MINVER#
+liborc-test-0.4.so.0 liborc-0.4-0t64 #MINVER#
 * Build-Depends-Package: liborc-0.4-dev
  orc_array_check_out_of_bounds@Base 1:0.4.34
  orc_array_compare@Base 1:0.4.34


signature.asc
Description: PGP signature

Bug#1065807: installation-reports: Verify Installtion Media Fails

[Steve McIntyre]

Hi Neal,

On Sat, Mar 09, 2024 at 08:45:28PM -0500, Neal wrote:
>
>(Please provide enough information to help the Debian
>maintainers evaluate the report efficiently - e.g., by filling
>in the sections below.)
>
>Boot method: USB
>Image version: https://cdimage.debian.org/cdimage/weekly-builds/amd64/iso-
>cd/debian-testing-amd64-netinst.iso 2024-03-07
>Date: 3/9/24
>
>Machine: Lenovo Thinkcenter
>Partitions: Failed be being set
>
>Base System Installation Checklist:
>[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it
>
>Initial boot:   [O ]
>Detect network card:[ ]
>Configure network:  [ ]
>Detect media:   [ O]
>Load installer modules: [ ]
>Clock/timezone setup:   [ ]
>User/password setup:[ ]
>Detect hard drives: [ ]
>Partition hard drives:  [ ]
>Install base system:[ ]
>Install tasks:  [ ]
>Install boot loader:[ ]
>Overall install:[ ]
>
>Comments/Problems:
>
>It always detects a file corruption. I verified hash on download and verified
>good usb stick. Same usb was used to install Debian 12 after, which correctly
>verified.

Hmmm. I've just grabed the latest weekly amd64 netinst and tried to
reproduce your issue. Things work here just fine in a VM, using this
image:

e618afbebbbdf9495c74140bc87f2a4b  debian-testing-amd64-netinst.iso

Does that match your image?

If the integrity check fails, it should say which file is wrong. What
did it report for please?

-- 
Steve McIntyre, Cambridge, UK.st...@einval.com
"... the premise [is] that privacy is about hiding a wrong. It's not.
 Privacy is an inherent human right, and a requirement for maintaining
 the human condition with dignity and respect."
  -- Bruce Schneier

Bug#1065702: krb5-kdc: uninstallable due to hard-coded dependency on libverto-libev1 | libverto-libevent1,

[Steve Langasek]

Package: krb5-kdc
Version: 1.20.1-5.1
Severity: serious
User: debian-...@lists.debian.org
Usertag: time-t

Hi Sam,

I've run into a problem with openldap not being bootstrappable for the
time_t transition because it build-depends on krb5-kdc, and krb5-kdc is
uninstallable on arm* because of a hard-coded dependency on libverto-libev1
| libverto-libevent1.  Both of these library packages have changed names so
are now libverto-libev1t64 and libverto-libevent1t64.  I don't know why
these need to be hard-coded, but if they do they need to be updated, because
they conflict with the shlibdeps-generated dependency on libverto1t64.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1065634: wv: /usr/share/doc wv is a dangling symlink

[Steve Langasek]

On Thu, Mar 07, 2024 at 08:00:34PM +0100, Sven Joachim wrote:
> On 2024-03-07 18:49 +0100, Sven Joachim wrote:
> 
> > Package: wv
> > Version: 1.2.9-6.1
> > Severity: serious
> > X-Debbugs-Cc: Sven Joachim , Steve Langasek 
> > 
> >
> > After renaming the libwv-1.2-4 library package to libwv-1.2-4t64, the
> > /usr/share/doc/wv symlink has become dangling.
> >
> > ,
> > | $ file /usr/share/doc/wv
> > | /usr/share/doc/wv: broken symbolic link to libwv-1.2-4
> > `
> >
> > It should point to libwv-1.2-4t64 instead, obviously.
> 
> There is a similar broken symlink in the libwv-dev package (which
> I do not have installed).  The attached patch takes care of them.

> Steve, would you like to upload that?  Note that the package is
> orphaned, therefore I have created a debian/changelog entry for a QA
> upload rather than for another NMU.

Thanks, uploaded.

> diff -Nru wv-1.2.9/debian/changelog wv-1.2.9/debian/changelog
> --- wv-1.2.9/debian/changelog 2024-02-29 06:47:50.0 +0100
> +++ wv-1.2.9/debian/changelog 2024-03-07 19:42:29.0 +0100
> @@ -1,3 +1,10 @@
> +wv (1.2.9-7) unstable; urgency=medium
> +
> +  * QA upload.
> +  * Fix dangling /usr/share/doc symlinks (Closes: #1065634).
> +
> + -- Sven Joachim   Thu, 07 Mar 2024 19:42:29 +0100
> +
>  wv (1.2.9-6.1) unstable; urgency=medium
> 
>* Non-maintainer upload.
> diff -Nru wv-1.2.9/debian/libwv-dev.links wv-1.2.9/debian/libwv-dev.links
> --- wv-1.2.9/debian/libwv-dev.links   2023-09-17 23:45:41.0 +0200
> +++ wv-1.2.9/debian/libwv-dev.links   2024-03-07 19:41:38.0 +0100
> @@ -1 +1 @@
> -usr/share/doc/libwv-1.2-4 usr/share/doc/libwv-dev
> +usr/share/doc/libwv-1.2-4t64 usr/share/doc/libwv-dev
> diff -Nru wv-1.2.9/debian/wv.links wv-1.2.9/debian/wv.links
> --- wv-1.2.9/debian/wv.links  2023-09-17 23:45:41.0 +0200
> +++ wv-1.2.9/debian/wv.links  2024-03-07 19:01:19.0 +0100
> @@ -1 +1 @@
> -usr/share/doc/libwv-1.2-4 usr/share/doc/wv
> +usr/share/doc/libwv-1.2-4t64 usr/share/doc/wv


-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1065700: mysql-8.0: ftbfs with 64-bit time_t on 32-bit archs

[Steve Langasek]

Package: mysql-8.0
Version: 8.0.36-2
Severity: serious
Tags: patch
Justification: ftbfs
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch

Dear maintainers,

With the switch to 64-bit time_t on 32-bit archs, mysql-8.0 now fails to
build from source because of a test that *checks* that only 32-bit time is
supported:

[...]

[ 57%] main.func_unixtime_32bitsw4  [ fail ]
Test ended at 2024-03-09 05:01:27

CURRENT_TEST: main.func_unixtime_32bits
--- /<>/mysql-test/r/func_unixtime_32bits.result   2023-12-12 
21:09:36.0 +0300
+++ /<>/builddir/mysql-test/var/4/log/func_unixtime_32bits.reject  
2024-03-09 08:01:27.450443865 +0300
@@ -12,7 +12,7 @@
 2038-01-19 06:14:07
 select from_unixtime(2147483648);
 from_unixtime(2147483648)
-NULL
+2038-01-19 06:14:08
 select from_unixtime(0);
 from_unixtime(0)
 1970-01-01 03:00:00
@@ -32,26 +32,26 @@
 2147483647
 select unix_timestamp(from_unixtime(2147483648));
 unix_timestamp(from_unixtime(2147483648))
-NULL
+2147483648
[...]

 - the logfile can be found in 
'/<>/builddir/mysql-test/var/log/main.func_unixtime_32bits/func_unixtime_32bits.log'

Test main.func_unixtime_32bits has failed 2 times, no more retries.
[...]

 (https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.36-2/+build/27892969)

Please find attached a patch for this issue which I have uploaded to Ubuntu.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru mysql-8.0-8.0.36/debian/patches/64bit_time_everywhere.patch 
mysql-8.0-8.0.36/debian/patches/64bit_time_everywhere.patch
--- mysql-8.0-8.0.36/debian/patches/64bit_time_everywhere.patch 1969-12-31 
16:00:00.0 -0800
+++ mysql-8.0-8.0.36/debian/patches/64bit_time_everywhere.patch 2024-03-08 
21:59:20.0 -0800
@@ -0,0 +1,22 @@
+Description: fix test for 64-bit time_t
+ i386 is the only architecture where we don't have 64-bit time_t now.
+ Update the tests accordingly.
+Author: Steve Langasek 
+Forwarded: no
+Last-Update: 2024-03-08
+
+Index: mysql-8.0-8.0.36/mysql-test/include/have_32bits_time.inc
+===
+--- mysql-8.0-8.0.36.orig/mysql-test/include/have_32bits_time.inc
 mysql-8.0-8.0.36/mysql-test/include/have_32bits_time.inc
+@@ -1,8 +1,7 @@
+ # see also have_64bits_time.inc
+ 
+-let $have_64bit = `SELECT @@version_compile_machine IN
+-  ('x86_64', 'amd64', 'sparc', 'sparc64', 'arm64', 
'aarch64',
+-   'ppc64', 'ppc64le', 's390x')`;
++let $have_64bit = `SELECT @@version_compile_machine != 'i686'`;
++
+ if ($have_64bit) {
+   --skip Doesn't support 32 bits UNIX time, only 64 bits
+ }
diff -Nru mysql-8.0-8.0.36/debian/patches/series 
mysql-8.0-8.0.36/debian/patches/series
--- mysql-8.0-8.0.36/debian/patches/series  2024-03-05 06:26:25.0 
-0800
+++ mysql-8.0-8.0.36/debian/patches/series  2024-03-08 21:55:11.0 
-0800
@@ -9,3 +9,4 @@
 disable_timestamping_test.patch
 mysql_secure_installation-remove-root-pw-creation.patch
 suppress_armhf_test_warning.patch
+64bit_time_everywhere.patch

Bug#1065633: openldap: FTBFS on hppa - implicit declaration of function 'kadm5_s_init_with_password_ctx'

[Steve Langasek]

On Fri, Mar 08, 2024 at 08:04:59PM -0800, Ryan Tandy wrote:
> > This does fix the build failure.  I was about to push such a change to the
> > repo and do a maintainer upload, since I've never been removed from the
> > uploaders field after all these years ;)  Do you want me to do this, or
> > would you be able to do it tonight?  Getting openldap to build is a priority
> > wrt rebootstrapping 32-bit archs for time_t.

> I wasn't sure where openldap was on the priority list for arm* since it's
> still BD-Uninstallable on the buildds.

Yes, it's BD-Uninstallable there because it needs manually built to address
build loops (ldap->cyrus-sasl2->krb5).

> Yes, I can upload it tonight, in a couple of hours from now. Is that OK?

Works for me!

> > WARNING!
> > Running as root!
> > There's a fair chance slapd will fail to start.
> > Check file permissions!
> > 
> > Starting slapd on TCP/IP port 9011...
> > Testing slapd searching...
> > Creating a dynamic entry...
> > ldapadd failed (255)!
> > ../../../tests/scripts/test046-dds: 93: kill: No such process
> > 
> > > > > > > test046-dds failed for mdb after 2 seconds
> > (exit 255)
> > make[4]: *** [Makefile:303: mdb-mod] Error 255

> I have not seen this failure. Ran it again just now and it passed. But I
> only run amd64... I wouldn't be able to dig into that tonight, even if I
> could reproduce it. Do you think I should disable the test proactively?

Rather than disabling the test in the package, I can do a
DEB_BUILD_OPTIONS=nocheck build to help get things bootstrapped in the
archive.  I'm interested to know if it also shows up on hppa, since that
would definitely point to it being time_t related.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1065633: openldap: FTBFS on hppa - implicit declaration of function 'kadm5_s_init_with_password_ctx'

[Steve Langasek]

Control: severity -1 serious

Hi Ryan,

This bug is also reproducible on the armel and armhf release archs as a
result of the time_t transition, so bumping this to serious.

On Fri, Mar 08, 2024 at 06:04:45PM -0800, Ryan Tandy wrote:
> Would you be willing to test build the attached patch on hppa? I've tested
> it on amd64 with -Werror=implicit-function-declaration appended.


> From fa0b704371762bdc479a5d8dc6a0a6df4ec3a52e Mon Sep 17 00:00:00 2001
> From: Ryan Tandy 
> Date: Fri, 8 Mar 2024 17:58:15 -0800
> Subject: [PATCH] Fix implicit declaration of kadm5_s_init_with_password_ctx
> 
> ---
>  debian/patches/series|  1 +
>  debian/patches/smbk5pwd-implicit-declaration | 12 
>  2 files changed, 13 insertions(+)
>  create mode 100644 debian/patches/smbk5pwd-implicit-declaration
> 
> diff --git a/debian/patches/series b/debian/patches/series
> index a8d57cb99c..7381d0a06b 100644
> --- a/debian/patches/series
> +++ b/debian/patches/series
> @@ -13,3 +13,4 @@ add-tlscacert-option-to-ldap-conf
>  fix-build-top-mk
>  switch-to-lt_dlopenadvise-to-get-RTLD_GLOBAL-set.diff
>  set-maintainer-name
> +smbk5pwd-implicit-declaration
> diff --git a/debian/patches/smbk5pwd-implicit-declaration 
> b/debian/patches/smbk5pwd-implicit-declaration
> new file mode 100644
> index 00..a704086286
> --- /dev/null
> +++ b/debian/patches/smbk5pwd-implicit-declaration
> @@ -0,0 +1,12 @@
> +Description: Fix implicit declaration of kadm5_s_init_with_password_ctx
> +Bug-Debian: https://bugs.debian.org/1065633
> +--- a/contrib/slapd-modules/smbk5pwd/smbk5pwd.c
>  b/contrib/slapd-modules/smbk5pwd/smbk5pwd.c
> +@@ -45,6 +45,7 @@
> + #include 
> + #include 
> + #include 
> ++#include 
> + 
> + #ifndef HDB_INTERFACE_VERSION
> + #define HDB_MASTER_KEY_SET  master_key_set
> -- 
> 2.39.2

This does fix the build failure.  I was about to push such a change to the
repo and do a maintainer upload, since I've never been removed from the
uploaders field after all these years ;)  Do you want me to do this, or
would you be able to do it tonight?  Getting openldap to build is a priority
wrt rebootstrapping 32-bit archs for time_t.

BTW there's also a reproducible test failure that I'm seeing on armhf in
both Debian and Ubuntu which is new; I'm not sure if it's related to time_t,
or if it affects other archs?

>>>>> Starting test046-dds for mdb...
running defines.sh
Running slapadd to build slapd database...
Running slapindex to index slapd database...

WARNING!
Running as root!
There's a fair chance slapd will fail to start.
Check file permissions!

Starting slapd on TCP/IP port 9011...
Testing slapd searching...
Creating a dynamic entry...
ldapadd failed (255)!
../../../tests/scripts/test046-dds: 93: kill: No such process  

>>>>> test046-dds failed for mdb after 2 seconds
(exit 255)
make[4]: *** [Makefile:303: mdb-mod] Error 255


In Ubuntu we disabled the tests on armhf to not hold up the bootstrap.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1061894: apr: NMU diff for 64-bit time_t transition

[Steve Langasek]

The NMU was buggy because symbols files are in a non-standard location, so
did not get updated by our transition scripts; with the result that packages
rebuilt against libapr1t64 still had a dependency on libapr1.  Please find
attached a full NMU debdiff for an updated NMU.

On Wed, Feb 28, 2024 at 01:17:59AM +, Steve Langasek wrote:
> Dear maintainer,
> 
> Please find attached a final version of this patch for the time_t
> transition.  This patch is being uploaded to unstable.
> 
> Note that this adds a versioned build-dependency on dpkg-dev, to guard
> against accidental backports with a wrong ABI.
> 
> Thanks!
> 
> 
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> 
> Kernel: Linux 6.5.0-14-generic (SMP w/12 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
> Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)

> diff -Nru apr-1.7.2/debian/changelog apr-1.7.2/debian/changelog
> --- apr-1.7.2/debian/changelog2023-02-26 20:51:24.0 +
> +++ apr-1.7.2/debian/changelog2024-02-28 01:17:18.0 +
> @@ -1,3 +1,10 @@
> +apr (1.7.2-3.1) unstable; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * Rename libraries for 64-bit time_t transition.  Closes: #1061894
> +
> + -- Steve Langasek   Wed, 28 Feb 2024 01:17:18 +
> +
>  apr (1.7.2-3) unstable; urgency=medium
>  
>* Add more fixes for atomics from upstream, in particular for
> diff -Nru apr-1.7.2/debian/control apr-1.7.2/debian/control
> --- apr-1.7.2/debian/control  2023-02-03 16:18:13.0 +
> +++ apr-1.7.2/debian/control  2024-02-28 01:17:18.0 +
> @@ -3,7 +3,7 @@
>  Priority: optional
>  Maintainer: Debian Apache Maintainers 
>  Uploaders: Stefan Fritsch 
> -Build-Depends: debhelper-compat (= 13),
> +Build-Depends: dpkg-dev (>= 1.22.5), debhelper-compat (= 13),
>   autoconf,
>   mawk,
>   uuid-dev,
> @@ -19,7 +19,10 @@
>  Homepage: https://apr.apache.org/
>  Rules-Requires-Root: no
>  
> -Package: libapr1
> +Package: libapr1t64
> +Provides: ${t64:Provides}
> +Replaces: libapr1
> +Breaks: libapr1 (<< ${source:Version})
>  Architecture: any
>  Depends: ${shlibs:Depends}, ${misc:Depends}
>  Pre-Depends: ${misc:Pre-Depends}
> @@ -33,7 +36,7 @@
>  Package: libapr1-dev
>  Architecture: any
>  Section: libdevel
> -Depends: libapr1 (= ${binary:Version}), uuid-dev, ${misc:Depends}, 
> libsctp-dev [linux-any], python3:any
> +Depends: libapr1t64 (= ${binary:Version}), uuid-dev, ${misc:Depends}, 
> libsctp-dev [linux-any], python3:any
>  Conflicts: libapr1.0-dev, libapr0-dev
>  Description: Apache Portable Runtime Library - Development Headers
>   APR is Apache's Portable Runtime Library, designed to be a support library
> diff -Nru apr-1.7.2/debian/libapr1.docs apr-1.7.2/debian/libapr1.docs
> --- apr-1.7.2/debian/libapr1.docs 2023-02-02 21:18:42.0 +
> +++ apr-1.7.2/debian/libapr1.docs 1970-01-01 00:00:00.0 +
> @@ -1 +0,0 @@
> -NOTICE
> diff -Nru apr-1.7.2/debian/libapr1.install apr-1.7.2/debian/libapr1.install
> --- apr-1.7.2/debian/libapr1.install  2023-02-02 21:18:42.0 +
> +++ apr-1.7.2/debian/libapr1.install  1970-01-01 00:00:00.0 +
> @@ -1 +0,0 @@
> -usr/lib/*/libapr-1.so.*
> diff -Nru apr-1.7.2/debian/libapr1.lintian-overrides 
> apr-1.7.2/debian/libapr1.lintian-overrides
> --- apr-1.7.2/debian/libapr1.lintian-overrides2023-02-02 
> 21:18:42.0 +
> +++ apr-1.7.2/debian/libapr1.lintian-overrides1970-01-01 
> 00:00:00.0 +
> @@ -1 +0,0 @@
> -libapr1: package-name-doesnt-match-sonames libapr-1-0
> diff -Nru apr-1.7.2/debian/libapr1.symbols apr-1.7.2/debian/libapr1.symbols
> --- apr-1.7.2/debian/libapr1.symbols  2023-02-02 21:18:42.0 +
> +++ apr-1.7.2/debian/libapr1.symbols  1970-01-01 00:00:00.0 +
> @@ -1,2 +0,0 @@
> -here for the purpose of tricking debhelper...bwahahahaha.
> -
> diff -Nru apr-1.7.2/debian/libapr1t64.docs apr-1.7.2/debian/libapr1t64.docs
> --- apr-1.7.2/debian/libapr1t64.docs  1970-01-01 00:00:00.0 +
> +++ apr-1.7.2/debian/libapr1t64.docs  2023-02-02 21:18:42.0 +
> @@ -0,0 +1 @@
> +NOTICE
> diff -Nru apr-1.7.2/debian/libapr1t64.install 
> apr-1.7.2/debian/libapr1t64.install
> --- apr-1.7.2/debian/libapr1t64.install   1970-01-01 00:00:00.0 
> +
> +++ apr-1.7.2/debian/libapr1t64.install   2023-02-02 21:18:42.0 
> +
> @@ -0,0 +1 @@
>

Bug#1065666: Compiz 0.8.18 appears to be broken in testing

[Steve Langasek]

On Wed, Mar 06, 2024 at 03:46:41PM +0100, Colomban Wendling wrote:
> Anyway, I'm CCing Steve (who did the unstable NMU) and Samuel in case they
> have extra clues.

The only change in the NMU was to rename the libdecoration0 package to
libdecoration0t64 for the 64-bit time_t transition.  Unless this managed to
break the *contents* of that package (i.e. the library has gone missing),
this should not have had any effect on the behavior of compiz.

> Note that you probably should report a bug, although it's understandably
> harder with scarce data to reference.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1065666: Compiz 0.8.18 appears to be broken in testing

[Steve Langasek]

On Wed, Mar 06, 2024 at 06:19:48PM +0100, Colomban Wendling wrote:
> Le 06/03/2024 à 17:31, Steve Langasek a écrit :
> > On Wed, Mar 06, 2024 at 03:46:41PM +0100, Colomban Wendling wrote:
> > > Anyway, I'm CCing Steve (who did the unstable NMU) and Samuel in case they
> > > have extra clues.

> > The only change in the NMU was to rename the libdecoration0 package to
> > libdecoration0t64 for the 64-bit time_t transition.  Unless this managed to
> > break the *contents* of that package (i.e. the library has gone missing),
> > this should not have had any effect on the behavior of compiz.

> So the package has not been rebuilt with different flags or anything?

Not *deliberately* as part of this upload.  The only change to flags should
be on 32-bit architectures, excluding i386.  I have assumed you are not
trying to run compiz on one of these archs!

But the toolchain also evolves over time, so this could certainly be a
misbuild due to underlying changes.

> Anyway, I hardly expect this to be an issue, I just wanted to eliminate the
> only Compiz-side change that happened in the last months.


-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1065373: fix heimdal build with abi=time64

[Steve Langasek]

Control: tags -1 -experimental

Since heimdal failing to build from source has a significant impact on
rebootstrapping the archive on 32-bit archs, I am going ahead and uploading
a 0-day NMU for this issue with the patch provided by Matthias.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1063088: weston: NMU diff for 64-bit time_t transition

[Steve Langasek]

On Wed, Mar 06, 2024 at 10:42:16AM +0100, Dylan Aïssi wrote:
> Hello,

> Le lun. 5 févr. 2024 à 02:54, Steve Langasek  a écrit :

> > If you have any concerns about this patch, please reach out ASAP.  Although
> > this package will be uploaded to experimental immediately, there will be a
> > period of several days before we begin uploads to unstable; so if 
> > information
> > becomes available that your package should not be included in the 
> > transition,
> > there is time for us to amend the planned uploads.

> I am wondering what is the plan with this package/bug? I noticed that changes
> related to the 64-bit time_t transition were not uploaded to unstable and
> because I uploaded several versions in unstable after your NMU in exp, I
> wonder if I haven't interfered with this transition.

Sorry, yes, the uploads with renaming of both dev package and runtime lib
package in the midst of the transition resulted in this package being lost.

Since this is a completely new soname, and only packages built from weston
source depend on it, I suggest that you simply request a binNMU of weston on
armhf and armel and consider this resolved.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature

Bug#1064282: poppler: NMU diff for 64-bit time_t transition

[Steve Langasek]

On Tue, Mar 05, 2024 at 02:14:09PM +0100, Sune Stolborg Vuorela wrote:
> On Sunday, March 3, 2024 7:40:52 AM CET Steve Langasek wrote:
> > (Particularly irrelevant for poppler, whose soname changes ~ monthly.)

> Please note that the poppler frontends, that applications are supposed to be 
> using does only very rarely change SONAME. the glib frontend haven't since 
> it's introduction. Neither have the cpp frontend. The qt5 frontend has 
> changed 
> once. 

> The Poppler Core library, which is meant to be a private shared thing between 
> the frontends is changing SONAME monthly. But poppler core and the frontends 
> are all in the same source, so it shouldn't affect anyone who behaves with 
> poppler as documented. 

Heh true.  But now the ABI has changed, because these libraries are all
confirmed to expose time_t in their ABIs...

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: PGP signature