Bug#881020: code not parallelized

2017-11-07 Thread Andreas Glaeser 

In my particular case this is about DSA-signatures in Thunderbird with 
Enigmail. These are
very slow to re-check for messages with large attachments. I have a low-end 
25-W PC only
some notebooks and other embedded devices may also be affected by this problem.
When there are 3 to 4 compute-cores available and only one of them is used for
crypto-operations, obviously things are going slower than they could be.
Concerns about parallelizing crypto-code are generally understandable, because 
people
don't want to give away code-integrity and -safety for speed and 
auto-parallelizing does
not seem recommendable.
In spite of that, things should not deliberately be additionally worsened by
double-checking without any real need to do so.




pgpPLziBmmsDs.pgp
Description: OpenPGP digital signature

Bug#880976: lbdb: should not depend on bbdb (only suggest it)

2017-11-07 Thread Jochen Sprickerhof 

Also, accepting the upgrade gives me:

Loading /etc/emacs/site-start.d/50lbdb.el (source)...

In lbdb:
lbdb.el:236:32:Warning: ‘interactive-p’ is an obsolete function (as of 23.2);
   use ‘called-interactively-p’ instead.

In toplevel form:
lbdb_bbdb_query.el:8:1:Error: Cannot open load file: No such file or directory, 
bbdb-com
ERROR: install script from lbdb package failed
dpkg: error processing package lbdb (--configure):
installed lbdb package post-installation script subprocess returned error exit 
status 1
Processing triggers for libc-bin (2.24-17) ...
Errors were encountered while processing:
lbdb
E: Sub-process /usr/bin/dpkg returned an error code (1)

Full log:

# aptitude
Performing actions...
Laden der Fehlerberichte … Erledigt
»Found/Fixed«-Informationen werden ausgewertet … Erledigt
serious Fehler von emacs25 (→ 25.2+1-6) 
b1 - #875430 - emacs25: please add Breaks: edb (<< 1.32)
Zusammenfassung:
emacs25(1 Fehler)
Sind Sie sicher, dass Sie die oben genannten Pakete installieren bzw. ein 
Upgrade von ihnen durchführen wollen? [Y/n/?/...]
Reading changelogs... Done
(Reading database ... 68658 files and directories currently installed.)
Preparing to unpack .../libapt-pkg5.0_1.6~alpha4_armhf.deb ...
Unpacking libapt-pkg5.0:armhf (1.6~alpha4) over (1.6~alpha3) ...
Setting up libapt-pkg5.0:armhf (1.6~alpha4) ...
(Reading database ... 68658 files and directories currently installed.)
Preparing to unpack .../libapt-inst2.0_1.6~alpha4_armhf.deb ...
Unpacking libapt-inst2.0:armhf (1.6~alpha4) over (1.6~alpha3) ...
Preparing to unpack .../apt_1.6~alpha4_armhf.deb ...
Unpacking apt (1.6~alpha4) over (1.6~alpha3) ...
Setting up apt (1.6~alpha4) ...
(Reading database ... 68658 files and directories currently installed.)
Preparing to unpack .../apt-utils_1.6~alpha4_armhf.deb ...
Unpacking apt-utils (1.6~alpha4) over (1.6~alpha3) ...
Selecting previously unselected package install-info.
Preparing to unpack .../install-info_6.5.0.dfsg.1-1_armhf.deb ...
Unpacking install-info (6.5.0.dfsg.1-1) ...
Setting up install-info (6.5.0.dfsg.1-1) ...
Selecting previously unselected package liblockfile-bin.
(Reading database ... 68672 files and directories currently installed.)
Preparing to unpack .../00-liblockfile-bin_1.14-1+b1_armhf.deb ...
Unpacking liblockfile-bin (1.14-1+b1) ...
Selecting previously unselected package liblockfile1:armhf.
Preparing to unpack .../01-liblockfile1_1.14-1+b1_armhf.deb ...
Unpacking liblockfile1:armhf (1.14-1+b1) ...
Selecting previously unselected package liblqr-1-0:armhf.
Preparing to unpack .../02-liblqr-1-0_0.4.2-2+b2_armhf.deb ...
Unpacking liblqr-1-0:armhf (0.4.2-2+b2) ...
Selecting previously unselected package imagemagick-6-common.
Preparing to unpack .../03-imagemagick-6-common_8%3a6.9.7.4+dfsg-16_all.deb ...
Unpacking imagemagick-6-common (8:6.9.7.4+dfsg-16) ...
Selecting previously unselected package libmagickcore-6.q16-3:armhf.
Preparing to unpack .../04-libmagickcore-6.q16-3_8%3a6.9.7.4+dfsg-16_armhf.deb 
...
Unpacking libmagickcore-6.q16-3:armhf (8:6.9.7.4+dfsg-16) ...
Selecting previously unselected package libmagickwand-6.q16-3:armhf.
Preparing to unpack .../05-libmagickwand-6.q16-3_8%3a6.9.7.4+dfsg-16_armhf.deb 
...
Unpacking libmagickwand-6.q16-3:armhf (8:6.9.7.4+dfsg-16) ...
Selecting previously unselected package emacs25-common.
Preparing to unpack .../06-emacs25-common_25.2+1-6_all.deb ...
Unpacking emacs25-common (25.2+1-6) ...
Selecting previously unselected package emacs25-bin-common.
Preparing to unpack .../07-emacs25-bin-common_25.2+1-6_armhf.deb ...
Unpacking emacs25-bin-common (25.2+1-6) ...
Selecting previously unselected package libotf0:armhf.
Preparing to unpack .../08-libotf0_0.9.13-3+b1_armhf.deb ...
Unpacking libotf0:armhf (0.9.13-3+b1) ...
Selecting previously unselected package m17n-db.
Preparing to unpack .../09-m17n-db_1.7.0-2_all.deb ...
Unpacking m17n-db (1.7.0-2) ...
Selecting previously unselected package libm17n-0:armhf.
Preparing to unpack .../10-libm17n-0_1.7.0-3+b2_armhf.deb ...
Unpacking libm17n-0:armhf (1.7.0-3+b2) ...
Selecting previously unselected package emacs25.
Preparing to unpack .../11-emacs25_25.2+1-6_armhf.deb ...
Unpacking emacs25 (25.2+1-6) ...
Selecting previously unselected package bbdb.
Preparing to unpack .../12-bbdb_2.36-4.1_all.deb ...
Unpacking bbdb (2.36-4.1) ...
Preparing to unpack .../13-libgraphicsmagick-q16-3_1.3.26-18_armhf.deb ...
Unpacking libgraphicsmagick-q16-3 (1.3.26-18) over (1.3.26-17) ...
Preparing to unpack .../14-graphicsmagick_1.3.26-18_armhf.deb ...
Unpacking graphicsmagick (1.3.26-18) over (1.3.26-17) ...
Preparing to unpack .../15-lbdb_0.45.1_armhf.deb ...
Unpacking lbdb (0.45.1) over (0.45) ...
Preparing to unpack .../16-libaprutil1_1.6.1-1_armhf.deb ...
Unpacking libaprutil1:armhf (1.6.1-1) over (1.6.0-2) ...
Preparing to unpack .../17-libapr1_1.6.3-1_armhf.deb ...
Unpacking libapr1:armhf (1.6.3-1) over (1.6.2-1) ...
Preparing to unpack .../18-libass9_1%3a0.14.0-1_armhf.deb ...
Unpacking

Bug#881029: Debian mirror ftp.tsukuba.wide.ad.jp: syncscript/tracefile-info

2017-11-07 Thread Peter Palfrader 
Package: mirrors
User: mirr...@packages.debian.org
Usertags: mirror-problem may-auto-close
Control: submitter -1 mirr...@debian.org

Hi,

I was checking some things in the Debian mirror universe and noticed
this issue with your mirror:

The trace file at
http://ftp.tsukuba.wide.ad.jp/debian/project/trace/ftp.tsukuba.wide.ad.jp
contains very little information.

Please use our ftpsync script to mirror Debian.

Using a modern ftpsync ensures updates are done in the correct order
so apt clients don't get confused.   In particular, it processes
translations, contents, and more files that have been added to the
archive in recent years in the correct stage.  It also should produce
trace files that contain more information that is useful for us and helps
downstream mirrors sync better.

http://ftp.debian.org/debian/project/ftpsync/ftpsync-current.tar.gz


Cheers,
-- 
|  .''`.   ** Debian **
  Peter Palfrader   | : :' :  The  universal
 https://www.palfrader.org/ | `. `'  Operating System
|   `-https://www.debian.org/

Bug#880230: gerritlib: build depends on python{,3}-pbr (< 2.0) but 3.1.1-2 is to be installed

2017-11-07 Thread Mathieu Parent 
Control: affects 880230 + jeepyb

Hi,

2017-10-30 20:47 GMT+01:00 Adrian Bunk :
> Source: gerritlib
> Version: 4.0+git20150319-2
> Severity: serious
> Tags: buster sid
>
> The following packages have unmet dependencies:
>  builddeps:gerritlib : Depends: python-pbr (< 2.0) but 3.1.1-2 is to be 
> installed
>Depends: python3-pbr (< 2.0) but 3.1.1-2 is to be 
> installed

Thanks for you report. FYI I won't handle this bug as I don't use
gerritlib anymore (moved to gitlab).

I will ask for a removal (of gerritlib and jeepyb) unless someone step
in within a month as max(popcon[2 years])=4.

Regards
-- 
Mathieu Parent

Bug#861262: Sleep issue

2017-11-07 Thread Yvan Taviaud - Dugwood 
Hit the same issue, and read 
http://sphinxsearch.com/forum/view.html?id=10783 and 
https://bugs.launchpad.net/ubuntu/+source/sphinxsearch/+bug/990395.


At first I thought it was due to the privileged user (root used instead 
of sphinxsearch), but it seems the following isn't run:

[ -n "$DODTIME" ] && sleep $DODTIME

as the restart happens to run in less than one second:
DODTIME=1   # Time to wait for the server to die, in seconds
    # If this value is set too low you might not
    # let some servers to die gracefully and
    # 'restart' will not work

Running the following to simulate the behaviour always works:
service sphinxsearch stop && sleep 1 && service sphinxsearch start

I can see that the code is the same for all Debian releases (from Wheezy 
to Sid), so it must be an external change (bash/dash?).


Second restart works because the process is effectively stopped after 1 
second at most. If you run:
service sphinxsearch restart; service sphinxsearch restart; service 
sphinxsearch restart

you'll have 3 fails (or 2 if the service wasn't working at first).

I'm trying to find out why the sleep isn't run, I'll let you know when I 
find it.


--
Yvan.

Bug#880976: lbdb: should not depend on bbdb (only suggest it)

2017-11-07 Thread Jochen Sprickerhof 

Hi,

I found my server wanting to install 95MB of new packages because of 
this today. Would be great if you could downgrade the dependency.


Two other possibilities I see:

- Move the elisp files into a separate package.
- Use a trigger instead of the postinst (but that would be rather a 
 dh-elpa bug, I guess (haven't looked into it)).


Cheers Jochen


signature.asc
Description: PGP signature

Bug#881025: ITP: tryton-modules-account-eu -- Account EU Module for the Tryton Application Platform

2017-11-07 Thread Mathias Behrle 
X-Debbugs-CC: debian-de...@lists.debian.org
Package: wnpp
Severity: wishlist
Owner: Debian Tryton Maintainers 

* Package name: tryton-modules-account-eu
  Version : 4.6.0
  Upstream Author : Tryton project (www.tryton.org)
* URL : http://downloads.tryton.org/4.6/
* License : GPL-3+
  Programming Lang: Python
  Description : Tryton Application Platform (Account EU Module)
 Tryton is a high-level general purpose application platform. It is the base
 of a complete business solution as well as a comprehensive health and hospital
 information system (GNUHealth).
 .
 This module provides common accounting requirements in Europe like 
 e.g. the EC Sales List (ESL).


This package is another base module published by the Tryton project and needed
as new dependency for tryton-modules-account-be.

-- 

Mathias Behrle
PGP/GnuPG key availabable from any keyserver, ID: 0xD6D09BE48405BBF6
AC29 7E5C 46B9 D0B6 1C71  7681 D6D0 9BE4 8405 BBF6

Bug#881026: openms: Transition to xerces-c3.2

2017-11-07 Thread William Blough 
Source: openms
Version: 2.0.0-4
Severity: important


xerces-c will be transitioning from 3.1 to 3.2 soon.  However, I was
unable to build openms as part of the pre-transition check. Once the
blocking issues are resolved, I can try again.

Bug#881027: transition: scotch

2017-11-07 Thread Drew Parsons 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Scotch 6 is ready to release to unstable.  It has been tested in
experimental, dependent packages build without drama (all packages in
the auto-scotch transition except openfoam have been tested)

The current scotch 5.1 is quite old, this transition brings Debian up
to date.

For tracking purposes, libptscotch-6.0/libptscotch-5.1 could be
monitored alongside libscotch-6.0/libscotch-5.1

Ben file:

title = "scotch";
is_affected = .depends ~ "libscotch-5.1" | .depends ~ "libscotch-6.0";
is_good = .depends ~ "libscotch-6.0";
is_bad = .depends ~ "libscotch-5.1";


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#881030: dman: Does not revert to non-localised manpages as claimed by the manual page

2017-11-07 Thread Javier Fernandez-Sanguino 
Package: debian-goodies
Version: 0.76
Severity: normal

Dman's manual page claims that "It will fallback to the default
manpage if the translated version is not found.", but this is not
actually implemented in the script itself.

This is easy to test by setting the environment (LANG) to any language
and then try to download a manual page that does not have any
translation and is only available in English (e.g. clips,
https://manpages.debian.org/stretch/clips/clips.1.en.html). If doing
this, dman will claim that it did not found the manual page.

I have commited a patch to GIT that should fix this bug, by trying
first downloading a localised manpage and, in case of failure,
attempting the download of the English version.

Best regards


Javier

Bug#881024: RM: plexus-classworlds2 -- ROM; Merged with src:plexus-classworlds

2017-11-07 Thread Emmanuel Bourg 
Package: ftp.debian.org
Severity: normal

Hi,

Please remove the src:plexus-classworlds2 package, as part of the Maven 3
transition this package has been merged with src:plexus-classworlds and
is no longer used.

Thank you,

Emmanuel Bourg

Bug#880469: closed by Patrick Matthäi<pmatth...@debian.org> (Bug#880469: fixed in kdenlive 17.08.2-1)

2017-11-07 Thread Patrick Matthäi 


Am 06.11.2017 um 19:24 schrieb Алексей Шилин:
>> Понедельник,  6 ноября 2017, 18:30 +03:00 от Debian Bug Tracking System 
>> :
>>
>> This is an automatic notification regarding your Bug report
>> which was filed against the kdenlive package:
>>
>> #880469: Recommend breeze-icon-theme
>>
>> It has been closed by Patrick Matthäi < pmatth...@debian.org >.
>>
>> Their explanation is attached below along with your original report.
>> If this explanation is unsatisfactory and you have not received a
>> better one in a separate message then please contact Patrick Matthäi < 
>> pmatth...@debian.org > by
>> replying to this email.
> Thanks.
>
> However, if I read build logs [1] correctly, kdenlive still depends on 
> oxygen-icon-theme. I can't find any
> evidence that kdenlive application really needs it. Am I missing something, 
> or you simply forgot to remove
> this now-obsolete dependency?
Correct, will be corrected with the next upload
>
>  [1] 
> https://buildd.debian.org/status/fetch.php?pkg=kdenlive=i386=17.08.2-1=1509984372=0
>
>
> --
> Алексей Шилин

-- 
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

  Blog: http://www.linux-dev.org/
E-Mail: pmatth...@debian.org
patr...@linux-dev.org
*/

Bug#861262: Sleep issue

2017-11-07 Thread Yvan Taviaud - Dugwood 
File /etc/init.d/sphinxsearch isn't run, as my system uses systemd. 
Seems to be the issue: systemd doesn't use a timeout, it must be 
configured somewhere.

Bug#881028: notmuch FTBFS on Alpha due to broken gdb

2017-11-07 Thread Michael Cree 
Source: notmuch
Version: 0.25.2-1
Severity: important
Justification: fails to build from source (but built in the past)
User: debian-al...@lists.debian.org
Usertags: ftbfs

notmuch FTBFS on Alpha [1] in the test suite due to a broken gdb.
Please build notmuch on Alpha without the gdb build-depends as is
done on some other architectures. With that change notmuch builds
successfully on Alpha.

Cheers
Michael.

[1] 
https://buildd.debian.org/status/fetch.php?pkg=notmuch=alpha=0.25.2-1=1509996972=0

Bug#880604: mirror listing update for debian.utalca.cl

2017-11-07 Thread Peter Palfrader 
On Fri, 03 Nov 2017, Fabio Duran Verdugo wrote:

> It's done!

We recommend mirrors update four times a day.  Unfortunately, your
upstream mirror doesn't do that.  Are there other places you could
consider to mirror from?

Cheers,
-- 
|  .''`.   ** Debian **
  Peter Palfrader   | : :' :  The  universal
 https://www.palfrader.org/ | `. `'  Operating System
|   `-https://www.debian.org/

Bug#879495: gbp dch fails with UnboundLocalError

2017-11-07 Thread Guido Günther 
Hi,
On Thu, Oct 26, 2017 at 08:36:32AM +0200, Guido Günther wrote:
> Hi,
> On Sun, Oct 22, 2017 at 11:52:25AM +0200, Didier 'OdyX' Raboud wrote:
> > Package: git-buildpackage
> > Version: 0.9.0
> > Severity: normal
> > File: gbp-dch
> > 
> > On multiple of my repositories, `gbp dch` fails with the following error:
> > 
> > (That's on https://anonscm.debian.org/cgit/pkg-games/planetblupi.git )
> > 
> > $ gbp dch --release --verbose
> > gbp:debug: ['git', 'rev-parse', '--show-cdup']
> > gbp:debug: ['git', 'rev-parse', '--is-bare-repository']
> > gbp:debug: ['git', 'rev-parse', '--git-dir']
> > gbp:debug: ['git', 'symbolic-ref', 'HEAD']
> > gbp:debug: ['git', 'show-ref', 'refs/heads/debian/master']
> > gbp:debug: ['git', 'tag', '-l', 'debian/1.11.0-1']
> > gbp:debug: ['git', 'rev-parse', '--quiet', '--verify', 'debian/1.11.0-1^0']
> > gbp:debug: ['git', 'log', '--pretty=format:%H', 
> > 'a1f72589d8e0285b65438bb924197a3dd5a93bb2..HEAD', '--no-merges', '--']
> > gbp:debug: ['git', 'merge-base', 'HEAD', 'upstream/latest']
> > gbp:debug: ['git', 'describe', '--match', 'upstream/*', '--abbrev=0', 
> > 'e0ace8819512553d3680e912e419a5df1b8295ab']
> > gbp:debug: Found upstream version None.
> > gbp:debug: /usr/bin/dpkg ['--compare-versions'] [None, 'lt', '1.11.0-1']
>
> That's the problem and it results from the code around the above 'git
> describe' somehow returning None. From looking at the code and trying
> various things I can't reproduce this. Can you tell me where your HEAD was
> at when invoking the command?
> 
> git tag upstream/1.11.0 `git rev-parse v1.11.0`
> git tag -d upstream/1.11.0
> gbp dch -R
> 
> didn't do the trick. Any idea what I could be missing?

Can you point me to a repo where I can reproduce this?

Cheers,
 -- Guido

Bug#881031: Please build libkpmcore6 on Alpha.

2017-11-07 Thread Michael Cree 
Source: kpmcore
Version: 3.2.1-2
Severity: important
Justification: was built in the past
User: debian-al...@lists.debian.org
Usertags: alpha

The latest build of kpmcore [1] did not package libkpmcore6 on Alpha,
and contained a comment in the changelog that "kde dependencies has
never been available since inception of this package" which I do
not believe is true in regards to Alpha.  It is true that the build
did fail once at version 3.2.0-1 due to bug #879024 in the
build-deps.  A better response would have been to version the
build-deps so that kpmcore would not build on Alpha until such time
as the build-deps can be fixed.  As it is, an updated version of the
build-deps are now available on Alpha so please re-enable the
packaging of libkpmcore6 in the build of kpmcore on Alpha.

Thanks,
Michael.

[1] 
https://buildd.debian.org/status/fetch.php?pkg=kpmcore=alpha=3.2.1-2=1509942961=0

Bug#861262: Sleep issue

2017-11-07 Thread Yvan Taviaud - Dugwood 

It's been fixed in Sphinx by using a dedicated systemd script:
http://sphinxsearch.com/bugs/view.php?id=2321

Hum... wait... blade106 is me... so I've already hit the bug 2 years 
ago, and found the fix :-)


In the meanwhile, Debian dropped the package in Jessie, so I've changed 
the installation script, that's why I'm here again.


Debian should include the systemd service script, as it is in the source 
tarball from Sphinx website.

Bug#439121: Add a .pc file for libapt-pkt

2017-11-07 Thread Corentin Noël 
Ah, you're right, so here is finally the right one

2017-11-07 23:44 GMT+01:00 Julian Andres Klode :

> On Tue, Nov 07, 2017 at 11:20:50PM +0100, Corentin Noël wrote:
> > Here is a patch working with current master, It's now fully working. It
> > contains a test to ensure that it works, I tested it with autopkgtest.
>
> > From 44fa7251911378bb0ca16a23024b7f7ede5a8f84 Mon Sep 17 00:00:00 2001
> > From: =?UTF-8?q?Corentin=20No=C3=ABl?= 
> > Date: Tue, 7 Nov 2017 20:38:13 +0100
> > Subject: [PATCH] Enable PkgConfig on the apt-pkg and apt-inst libraries
> >
> > ---
> >  apt-inst/CMakeLists.txt   |  3 +++
> >  apt-inst/apt-inst.pc.in   | 11 +++
> >  apt-pkg/CMakeLists.txt|  3 +++
> >  apt-pkg/apt-pkg.pc.in | 10 ++
> >  debian/libapt-pkg-dev.install |  1 +
> >  debian/tests/control  |  5 +++--
> >  debian/tests/pkg-config-test  | 22 ++
> >  7 files changed, 53 insertions(+), 2 deletions(-)
> >  create mode 100644 apt-inst/apt-inst.pc.in
> >  create mode 100644 apt-pkg/apt-pkg.pc.in
> >  create mode 100644 debian/tests/pkg-config-test
> >
> > diff --git a/apt-inst/CMakeLists.txt b/apt-inst/CMakeLists.txt
> > index 31da115e4..063b40318 100644
> > --- a/apt-inst/CMakeLists.txt
> > +++ b/apt-inst/CMakeLists.txt
> > @@ -12,6 +12,8 @@ set(APT_INST_MAJOR ${MAJOR} PARENT_SCOPE)
> >  file(GLOB_RECURSE library "*.cc")
> >  file(GLOB_RECURSE headers "*.h")
> >
> > +configure_file(apt-inst.pc.in ${CMAKE_CURRENT_BINARY_DIR}/apt-inst.pc
> @ONLY)
> > +
> >  # Create a library using the C++ files
> >  add_library(apt-inst SHARED ${library})
> >
> > @@ -25,4 +27,5 @@ add_version_script(apt-inst)
> >  # Install the library and the headers
> >  install(TARGETS apt-inst LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR})
> >  install(FILES ${headers} DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/
> apt-pkg)
> > +install(FILES ${CMAKE_CURRENT_BINARY_DIR}/apt-inst.pc DESTINATION
> ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
> >  flatify(${PROJECT_BINARY_DIR}/include/apt-pkg/ "${headers}")
> > diff --git a/apt-inst/apt-inst.pc.in b/apt-inst/apt-inst.pc.in
> > new file mode 100644
> > index 0..c752f4657
> > --- /dev/null
> > +++ b/apt-inst/apt-inst.pc.in
> > @@ -0,0 +1,11 @@
> > +prefix=@CMAKE_INSTALL_PREFIX@
> > +exec_prefix=${prefix}
> > +libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@
> > +includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@
>
> That's wrong. If I define CMAKE_INSTALL_LIBDIR to /foo,
> and prefix is /usr, you just set libdir to /usr//foo instead
> of /foo.
>
> Generally, we must not use CMAKE_INSTALL_PREFIX, and only
> use CMAKE_INSTALL_FULL_LIBDIR, CMAKE_INSTALL_FULL_INCLUDEDIR,
> and thus only define libdir and includedir, not prefix or
> exec_prefix.
>
> > +
> > +Name: apt-inst
> > +Description: deb package format runtime library
> > +Version: @MAJOR@.@MINOR@
> > +Libs: -L${libdir} -lapt-inst
> > +Cflags: -I${includedir}/apt-pkg
>
> The /apt-pkg should not be there.
>
> > diff --git a/apt-pkg/apt-pkg.pc.in b/apt-pkg/apt-pkg.pc.in
> > new file mode 100644
> > index 0..97c90ce5e
> > --- /dev/null
> > +++ b/apt-pkg/apt-pkg.pc.in
> > @@ -0,0 +1,10 @@
> > +prefix=@CMAKE_INSTALL_PREFIX@
> > +exec_prefix=${prefix}
> > +libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@
> > +includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@
>
> as above
>
> > +
> > +Name: apt-pkg
> > +Description: package management runtime library
> > +Version: @MAJOR@.@MINOR@
> > +Libs: -L${libdir} -lapt-pkg -pthread
> > +Cflags: -I${includedir}/apt-pkg
>
> as above
>
>
>
> --
> Debian Developer - deb.li/jak | jak-linux.org - free software dev
> Ubuntu Core Developer  de, en speaker
>
From 19d95cdb3b1c70419ca7d7c34bafe068a7e056f3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Corentin=20No=C3=ABl?= 
Date: Tue, 7 Nov 2017 20:38:13 +0100
Subject: [PATCH] Enable PkgConfig on the apt-pkg and apt-inst libraries

---
 apt-inst/CMakeLists.txt   |  3 +++
 apt-inst/apt-inst.pc.in   |  9 +
 apt-pkg/CMakeLists.txt|  3 +++
 apt-pkg/apt-pkg.pc.in |  8 
 debian/libapt-pkg-dev.install |  1 +
 debian/tests/control  |  5 +++--
 debian/tests/pkg-config-test  | 22 ++
 7 files changed, 49 insertions(+), 2 deletions(-)
 create mode 100644 apt-inst/apt-inst.pc.in
 create mode 100644 apt-pkg/apt-pkg.pc.in
 create mode 100644 debian/tests/pkg-config-test

diff --git a/apt-inst/CMakeLists.txt b/apt-inst/CMakeLists.txt
index 31da115e4..063b40318 100644
--- a/apt-inst/CMakeLists.txt
+++ b/apt-inst/CMakeLists.txt
@@ -12,6 +12,8 @@ set(APT_INST_MAJOR ${MAJOR} PARENT_SCOPE)
 file(GLOB_RECURSE library "*.cc")
 file(GLOB_RECURSE headers "*.h")
 
+configure_file(apt-inst.pc.in ${CMAKE_CURRENT_BINARY_DIR}/apt-inst.pc @ONLY)
+
 # Create a library using the C++ files
 add_library(apt-inst SHARED ${library})
 
@@ -25,4 +27,5 @@ add_version_script(apt-inst)
 # Install the library and the headers

Bug#876211:

2017-11-07 Thread Yangfl 
Literally you and me can't do anything to help packages get through new
queue. The new queue is widely known as seriously backlogged [
https://ftp-master.debian.org/stat.html]. We (another team) also suffer
from this.

But, you can try emailing ftp masters about this. Maybe they'll process our
package first.

2017年11月7日 下午10:39,"Nicholas Brown" 写道:

For what it's worth, I've build this package on a local OBS instance and
found it useful for developing local software I'm building.
How does the package get from new into testing?

Bug#879886: [Debian-med-packaging] libhts2: libhts2 needs to handle ABI changes

2017-11-07 Thread Diane Trout 
Hi everyone,

I talked some with upstream about the symbols issues with htslib2

https://github.com/samtools/htslib/issues/616

They think that cram/*.h are private headers, but because we have a
policy of avoiding convenience copies we made those functions public[1]
because a few applications embed htslib and directly use the private
headers.

I do think we should bring back the symbols file, but I was wondering
if we should split the cram headers into a libhts-private-dev so we can
at least track what is depending on the non-public api.

I did realize that my thought about updating the SOVERSION might be
wrong because I was just looking in the source tree for the removed
functions but I should have been checking the public header files.

Diane

[1] https://anonscm.debian.org/cgit/debian-med/htslib.git/tree/debian/p
atches/htslib-add-cram_to_bam.patch

Bug#881119: gifsicle: double free while running gifsicle

2017-11-07 Thread Joonun Jang 
Package: gifsicle
Version: 1.90-1
Severity: important
Tags: security

double free while running 'gifsicle with --delay 50 poc poc -o output' option

Running 'gifsicle --delay 50 poc poc -o output' with the attached file raises 
double free
which may allow a remote attacker to cause a denial-of-service attack or other 
unspecified
impact with a crafted file
I expected the program to terminate without segfault, but the program crashes 
as follow

---

june@yuweol:~/poc/gifsicle/crash1$ gifsicle poc poc -o output
gifsicle:poc:#0: read error: unknown block type 83 at file offset 37
gifsicle:poc: file not in GIF format
Segmentation fault

---

june@yuweol:~/poc/gifsicle/crash1$ 
~/project/analyze/bins/gifsicle-1.90/src/gifsicle --delay 50 poc poc -o output
gifsicle:poc:#0: read error: unknown block type 83 at file offset 37
gifsicle:poc: file not in GIF format
=
==4607==ERROR: AddressSanitizer: attempting double-free on 0x61100400 in 
thread T0:
#0 0x7f519caaafd0 in __interceptor_realloc 
(/usr/lib/x86_64-linux-gnu/libasan.so.4+0xd9fd0)
#1 0x562d9a5a6de8 in Gif_Realloc 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x1fde8)
#2 0x562d9a5b19db in suck_data 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x2a9db)
#3 0x562d9a5b2fe2 in read_gif 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x2bfe2)
#4 0x562d9a5b38cd in Gif_FullReadFile 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x2c8cd)
#5 0x562d9a60301d in input_stream 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x7c01d)
#6 0x562d9a60a2e2 in main 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x832e2)
#7 0x7f519c3502e0 in __libc_start_main 
(/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
#8 0x562d9a596da9 in _start 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0xfda9)

0x61100400 is located 0 bytes inside of 207-byte region 
[0x61100400,0x611004cf)
freed by thread T0 here:
#0 0x7f519caaa8c8 in __interceptor_free 
(/usr/lib/x86_64-linux-gnu/libasan.so.4+0xd98c8)
#1 0x562d9a5b33ae in read_gif 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x2c3ae)
#2 0x562d9a5b38cd in Gif_FullReadFile 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x2c8cd)
#3 0x562d9a60301d in input_stream 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x7c01d)
#4 0x562d9a60a2e2 in main 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x832e2)
#5 0x7f519c3502e0 in __libc_start_main 
(/lib/x86_64-linux-gnu/libc.so.6+0x202e0)

previously allocated by thread T0 here:
#0 0x7f519caaafd0 in __interceptor_realloc 
(/usr/lib/x86_64-linux-gnu/libasan.so.4+0xd9fd0)
#1 0x562d9a5a6de8 in Gif_Realloc 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x1fde8)
#2 0x562d9a5b19db in suck_data 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x2a9db)
#3 0x562d9a5b2fe2 in read_gif 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x2bfe2)
#4 0x562d9a5b38cd in Gif_FullReadFile 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x2c8cd)
#5 0x562d9a60301d in input_stream 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x7c01d)
#6 0x562d9a60a2e2 in main 
(/home/june/project/analyze/bins/gifsicle-1.90/src/gifsicle+0x832e2)
#7 0x7f519c3502e0 in __libc_start_main 
(/lib/x86_64-linux-gnu/libc.so.6+0x202e0)

SUMMARY: AddressSanitizer: double-free 
(/usr/lib/x86_64-linux-gnu/libasan.so.4+0xd9fd0) in __interceptor_realloc
==4607==ABORTING

---

This bug was found with a fuzzer developed by 'SoftSec' group at KAIST

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 
'stable-updates'), (500, 'testing'), (500, 'stable'), (1, 'experimental-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gifsicle depends on:
ii  libc6 2.24-17
ii  libx11-6  2:1.6.4-3

gifsicle recommends no packages.

gifsicle suggests no packages.

-- no debconf information


poc
Description: Binary data

Bug#881127: transition: xerces-c

2017-11-07 Thread William Blough 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Control: block -1 by 881026 881023 881108 881016 881018 881112 881114 881115
Control: block 873669 by -1

Hi,

I would like to transition xerces-c from 3.1 to 3.2 (currently in
experimental).  Test building the rdepends produced issues with the
following packages:

cegui-mk2 - Bug #881018 (with patch)
librcsb-core-wrapper - Bug #881023 (with patch)
openms - Bug #881026 (FTBFS with current unstable, not in testing)
pktanon - Bug #881016 (with patch)
xsd - Bug #881108
camitk - Bug #881112 (Blocked by 881108)
freecontact - Bug #881114 (Blocked by 881108)
libkolabxml - Bug #881115 (Blocked by 881108)


All other reverse dependencies (listed at [1]) build successfully against 3.2
and should be able to be transitioned via binNMU.

[1] https://release.debian.org/transitions/html/auto-xerces-c.html

Please schedule a slot for this transition.

Thanks!
Bill


Ben file:

title = "xerces-c";
is_affected = .depends ~ "libxerces-c3.1" | .depends ~ "libxerces-c3.2";
is_good = .depends ~ "libxerces-c3.2";
is_bad = .depends ~ "libxerces-c3.1";


signature.asc
Description: PGP signature

Bug#711469: [Pkg-openldap-devel] Bug#711469: Can we have libslapi-dev back please:

2017-11-07 Thread Ryan Tandy 

On Tue, Nov 07, 2017 at 03:07:04PM +0100, Florian Schlichting wrote:

Control: tags 711469 + patch


Hi, thank you for pinging the bug, and for the patch. I intend to make 
an upload in the coming weeks and I will definitely evaluate this 
addition. Do you have a convenient test case that I could use for 
verifying the result?


Thanks
Ryan

Bug#879886: [Debian-med-packaging] Bug#879886: libhts2: libhts2 needs to handle ABI changes

2017-11-07 Thread Charles Plessy 
Hi Diane and everybody,

Le Tue, Nov 07, 2017 at 05:09:34PM -0800, Diane Trout a écrit :
> 
> I do think we should bring back the symbols file

I think so too.

Symbols file are strange to work with because their update usually goes
through a build failure that outputs a patch, which is not very
intuitive.  And then the patched symbols file has to be edited to remove
the Debian minor version, otherwise it complicates backports etc.
Perhaps it can be simplified, better explained and streamlined.  In any
case, I think that for the htslib it is worth the effort.

> I was wondering if we should split the cram headers into a
> libhts-private-dev so we can at least track what is depending on the
> non-public api.

An ideal solution, and I understand that it may not be easy, would be to
make the upstream users of htslib talk with the htslib developers, so
that they can implement what they want to without needing to access
private functions.  I think that it would fit the aims of both sides.

> I did realize that my thought about updating the SOVERSION might be
> wrong because I was just looking in the source tree for the removed
> functions but I should have been checking the public header files.

Indeed, packages using private functions need to have a tight dependency
on the htslib (unless we are very confident that there are regression
tests that cover this area of the code).  Packages that are more
well-behaved can infer their dependency through the (to be re-added)
symbols file.

Have a nice day,

Charles

-- 
Charles Plessy
Debian Med packaging team,
http://www.debian.org/devel/debian-med
Tsurumi, Kanagawa, Japan

Bug#861796: Make Chromium run natively on Wayland

2017-11-07 Thread Michael Gilbert 
As of chromium 62 passing enable_wayland_server=true to gn fails with
an error related to ash.

For anyone interested in getting this working, you could try debugging
that error.

Best wishes,
Mike

Bug#878270: anthy (EUCJP->UTF-8) and *-anthy packages

2017-11-07 Thread dai 
On Tue, Nov 07, 2017 at 11:44:45PM +0900, Osamu Aoki wrote:
> Are *-anthy packages uploaded to cope with this new anthy just like 
> ibus-anthy?
>  fcitx-anthy
>  hime-anthy
>  scim-anthy
>  uim-anthy

They are rebuild with new anthy (libanthy1).

https://release.debian.org/transitions/html/auto-anthy.html

- https://packages.debian.org/unstable/fcitx-anthy (0.2.3-1)
- https://packages.debian.org/unstable/gcin-anthy (2.8.5+dfsg1-4+b1)
- https://packages.debian.org/unstable/hime-anthy 
(0.9.10+git20170427+dfsg1-2+b1)
- https://packages.debian.org/unstable/ibus-anthy (1.5.9-2.1)
- https://packages.debian.org/unstable/scim-anthy (1.2.7-6+b2)
- https://packages.debian.org/unstable/uim-plugins 
(1:1.8.6+gh20161003.0.d63dadd-8)

> Otherwise, they are broken in unstable now. (I did not have time to test
> them yet)

At least, I tested uim-anthy a little, it looks well.

> Even these are updated with manual patches, all these updated package
> needs to move together from unstable to testing.  I am not very familiar
> with this ABI breaking library update.  We may need to add BREAKS: to
> anthy to ensure this.  (I am not sure)  That may reqire to upload -7 for
> anthy.

I am not familiar and not sure, too.
-- 
Regards,
dai

GPG Fingerprint = 0B29 D88E 42E6 B765 B8D8 EA50 7839 619D D439 668E


signature.asc
Description: PGP signature

Bug#881128: texlive-publishers: revtex4/docs.sty is not part of revtex

2017-11-07 Thread Jerome Benoit 
Package: texlive-publishers
Version: 2016.20170123-5
Severity: normal

Dear Maintainer,

it appears that revtex4/docs.sty is systemwidely distributed in
/usr/share/texlive/texmf-dist/tex/latex/revtex4 ,
namely as part of REVTeX4 : as claimed in its header,
docs.sty is only meant to compose the REVTeX guides.
In short revtex4/docs.sty must not be distributed in texlive-publishers .

hth,
Jerome


-- Package-specific info:
IMPORTANT INFORMATION: We will only consider bug reports concerning
the packaging of TeX Live as relevant. If you have problems with
combination of packages in a LaTeX document, please consult your
local TeX User Group, the comp.text.tex user group, the author of
the original .sty file, or any other help resource. 

In particular, bugs that are related to up-upstream, i.e., neither
Debian nor TeX Live (upstream), but the original package authors,
will be closed immediately.

   *** The Debian TeX Team is *not* a LaTeX Help Desk ***

If you report an error when running one of the TeX-related binaries 
(latex, pdftex, metafont,...), or if the bug is related to bad or wrong
output, please include a MINIMAL example input file that produces the
error in your report.

Please run your example with
(pdf)latex -recorder ...
(or any other program that supports -recorder) and send us the generated
file with the extension .fls, it lists all the files loaded during
the run and can easily explain problems induced by outdated files in
your home directory.

Don't forget to also include minimal examples of other files that are 
needed, e.g. bibtex databases. Often it also helps
to include the logfile. Please, never send included pictures!

If your example file isn't short or produces more than one page of
output (except when multiple pages are needed to show the problem),
you can probably minimize it further. Instructions on how to do that
can be found at

http://www.minimalbeispiel.de/mini-en.html (english)

or 

http://www.minimalbeispiel.de/mini.html (german)

##
minimal input file


##
other files

##
 List of ls-R files

-rw-r--r-- 1 root root 2538 Sep 12 18:46 /var/lib/texmf/ls-R
-rw-r--r-- 1 root staff 4321 Aug 18  2016 /usr/local/share/texmf/ls-R
lrwxrwxrwx 1 root root 29 Jan 17  2017 /usr/share/texmf/ls-R -> 
/var/lib/texmf/ls-R-TEXMFMAIN
lrwxrwxrwx 1 root root 31 Mar  4  2017 /usr/share/texlive/texmf-dist/ls-R -> 
/var/lib/texmf/ls-R-TEXLIVEDIST
lrwxrwxrwx 1 root root 31 Mar  4  2017 /usr/share/texlive/texmf-dist/ls-R -> 
/var/lib/texmf/ls-R-TEXLIVEDIST
##
 Config files
-rw-r--r-- 1 root root 2344 Jun 26 18:27 /etc/texmf/web2c/texmf.cnf
lrwxrwxrwx 1 root root 33 Mar  4  2017 /usr/share/texmf/web2c/fmtutil.cnf -> 
/var/lib/texmf/fmtutil.cnf-DEBIAN
lrwxrwxrwx 1 root root 32 Mar  4  2017 /usr/share/texmf/web2c/updmap.cfg -> 
/var/lib/texmf/updmap.cfg-DEBIAN
-rw-r--r-- 1 root root 4138 Jun 28 11:09 
/var/lib/texmf/tex/generic/config/language.dat
##
 Files in /etc/texmf/web2c/
total 8
-rw-r--r-- 1 root root  283 Jan 10  2013 mktex.cnf
-rw-r--r-- 1 root root 2344 Jun 26 18:27 texmf.cnf
##
 md5sums of texmf.d
3bb00b8d973d9968c7204e593c3249e3  /etc/texmf/texmf.d/000local.cnf
ca40c66f144b4bafc3e59a2dd32ecb9c  /etc/texmf/texmf.d/00debian.cnf.disabled
055e06548bac99958d8ab2dd1248f2b4  /etc/texmf/texmf.d/80tex4ht.cnf
1df66bc319cec731e202eaf39f5d85e1  /etc/texmf/texmf.d/96JadeTeX.cnf

-- System Information:
Debian Release: Stretch*
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-updates')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.12.0-0.bpo.1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages texlive-publishers depends on:
ii  tex-common 6.06
ii  texlive-base   2016.20170123-5
ii  texlive-latex-base 2016.20170123-5
ii  texlive-latex-recommended  2016.20170123-5

Versions of packages texlive-publishers recommends:
ii  texlive-latex-extra 2016.20170123-5
ii  texlive-publishers-doc  2016.20170123-5

texlive-publishers suggests no packages.

Versions of packages tex-common depends on:
ii  dpkg  1.18.24
ii  ucf   3.0036

Versions of packages tex-common suggests:
ii  debhelper  10.2.5

Versions of packages texlive-publishers is related to:
ii  tex-common6.06
ii  texlive-binaries  2016.20160513.41080.dfsg-2

-- debconf information excluded

Bug#881142: ruby-yajl: uses embedded copy of yajl

2017-11-07 Thread Salvatore Bonaccorso 
Source: ruby-yajl
Severity: normal

Hi

ruby-yajl embedds a copy of yajl, which is packaged for Debian.
src:yajl is packaged in Debian.

It might need first investigation, but if possible please consider
switching to the system library for ruby-yajl instead of the embeeded
copy.

Regards,
Salvatore

Bug#881143: fig2dev: out of bound read while running fig2dev with -L tikz

2017-11-07 Thread Joonun Jang 
Package: fig2dev
Version: 1:3.2.6a-4
Severity: important
Tags: security

out of bound read while running fig2dev with -L tikz option

Running 'fig2dev -L tikz poc' with the attached file raises out of bound read 
bug
which may allow a remote attack to cause a denial-of-service attack or 
information
disclosure with a crafted file.

I expected the program to terminate without segfault, but the program crashes 
as follow

I sent this to debian security team before, but I didn't get any response.
So I send this to public.

===
june@june:~/project/analyze/poc/fig2dev/crash1$ fig2dev -L tikz poc
\ifx\XFigwidth\undefined\dimen1=0pt\else\dimen1\XFigwidth\fi
\divide\dimen1 by 1
\ifx\XFigheight\undefined\dimen3=0pt\else\dimen3\XFigheight\fi
\divide\dimen3 by 5
\ifdim\dimen1=0pt\ifdim\dimen3=0pt\dimen1=-9223372036854775808sp\dimen3\dimen1
\else\dimen1\dimen3\fi\else\ifdim\dimen3=0pt\dimen3\dimen1\fi\fi
\tikzpicture[x=+\dimen1, y=+\dimen3]
{\ifx\XFigu\undefined\catcode`\@11
\def\temp{\alloc@1\dimen\dimendef\insc@unt}\temp\XFigu\catcode`\@12\fi}
\XFigu-9223372036854775808sp
% Uncomment to scale line thicknesses with the same
% factor as width of the drawing.
%\pgfextractx\XFigu{\pgfqpointxy{1}{1}}
\ifdim\XFigu<0pt\XFigu-\XFigu\fi
\clip(91,-1) rectangle (92,4);
\tikzset{inner sep=+0pt, outer sep=+0pt}
Segmentation fault

[debugging]
Program received signal SIGSEGV, Segmentation fault.
strlen () at ../sysdeps/x86_64/strlen.S:106
106 ../sysdeps/x86_64/strlen.S: No such file or directory.
(gdb) bt
#0  strlen () at ../sysdeps/x86_64/strlen.S:106
#1  0x77339d78 in _IO_vfprintf_internal (s=0x7768b600 
<_IO_2_1_stdout_>,
format=, ap=ap@entry=0x7fffde88) at vfprintf.c:1637
#2  0x77340157 in __fprintf (stream=,
format=format@entry=0x555cc7e5 "\\normalfont%s ") at fprintf.c:32
#3  0x555b4615 in put_font (t=0x55810160) at gentikz.c:1725
#4  gentikz_text (t=0x55810160) at gentikz.c:1769
#5  0x555618cd in gendev_objects (dev=0x557f8ec0 , 
objects=0x7fffdfa0)
at fig2dev.c:833
#6  main (argc=, argv=) at fig2dev.c:467
(gdb) x/i $rip
=> 0x77371646 :  movdqu (%rax),%xmm4
(gdb) i r rax
rax0x29292922 690563362
(gdb) f 3
#3  0x555b4615 in put_font (t=0x55810160) at gentikz.c:1725
1725fprintf(tfp, "\\normalfont%s ",
(gdb) p t->font
$1 = -51
(gdb) p texfonts[-51]
$3 = 0x29292922 

with attached file, t->font can be set to negative value which causes this bug
[fig2dev/dev/gentikz.c]
1724   else
1725   fprintf(tfp, "\\normalfont%s ",
1726 texfonts[t->font <= MAX_FONT ? t->font : MAX_FONT - 1]);

===

This bug was found with a fuzzer developed by 'SoftSec' group at KAIST.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 
'stable-updates'), (500, 'testing'), (500, 'stable'), (1, 'experimental-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages fig2dev depends on:
ii  gawk 1:4.1.4+dfsg-1
ii  libc62.24-17
ii  libpng16-16  1.6.34-1
ii  libxpm4  1:3.5.12-1
ii  x11-common   1:7.7+19

Versions of packages fig2dev recommends:
ii  ghostscript  9.22~dfsg-1
ii  netpbm   2:10.0-15.3+b2

Versions of packages fig2dev suggests:
pn  xfig  

-- no debconf information

 1  1

1

11 4-51

11 0 5
1
91
1 
c

Bug#880691: ruby-yajl: diff for NMU version 1.2.0-3.1

2017-11-07 Thread Salvatore Bonaccorso 
Control: tags 880691 + patch
Control: tags 880691 + pending

Dear maintainer,

I've prepared an NMU for ruby-yajl (versioned as 1.2.0-3.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.

Regards,
Salvatore
diff -Nru ruby-yajl-1.2.0/debian/changelog ruby-yajl-1.2.0/debian/changelog
--- ruby-yajl-1.2.0/debian/changelog	2015-07-08 16:51:23.0 +0200
+++ ruby-yajl-1.2.0/debian/changelog	2017-11-08 07:31:37.0 +0100
@@ -1,3 +1,11 @@
+ruby-yajl (1.2.0-3.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2017-16516: Crafted JSON file allows to crash ruby process with a
+SIGABRT in the yajl_string_decode function (Closes: #880691)
+
+ -- Salvatore Bonaccorso   Wed, 08 Nov 2017 07:31:37 +0100
+
 ruby-yajl (1.2.0-3) unstable; urgency=medium
 
   [ Balasankar C ]
diff -Nru ruby-yajl-1.2.0/debian/patches/Don-t-advance-our-end-pointer-until-we-ve-checked-we.patch ruby-yajl-1.2.0/debian/patches/Don-t-advance-our-end-pointer-until-we-ve-checked-we.patch
--- ruby-yajl-1.2.0/debian/patches/Don-t-advance-our-end-pointer-until-we-ve-checked-we.patch	1970-01-01 01:00:00.0 +0100
+++ ruby-yajl-1.2.0/debian/patches/Don-t-advance-our-end-pointer-until-we-ve-checked-we.patch	2017-11-08 07:31:37.0 +0100
@@ -0,0 +1,52 @@
+From: Brian Lopez 
+Date: Mon, 6 Nov 2017 21:46:42 -0800
+Subject: Don't advance our end pointer until we've checked we have enough
+ buffer left and have peeked ahead to see that a unicode escape is
+ approaching.
+Origin: https://github.com/brianmario/yajl-ruby/commit/a8ca8f476655adaa187eedc60bdc770fff3c51ce
+Bug: https://github.com/brianmario/yajl-ruby/issues/176
+Bug-Debian: https://bugs.debian.org/880691
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-16516
+
+Thanks @kivikakk for helping me track down the actual bug here!
+---
+ ext/yajl/yajl_encode.c   | 4 ++--
+ spec/parsing/one_off_spec.rb | 7 +++
+ 2 files changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/ext/yajl/yajl_encode.c b/ext/yajl/yajl_encode.c
+index 8535c1b..716ddde 100644
+--- a/ext/yajl/yajl_encode.c
 b/ext/yajl/yajl_encode.c
+@@ -162,8 +162,8 @@ void yajl_string_decode(yajl_buf buf, const unsigned char * str,
+ end+=3;
+ /* check if this is a surrogate */
+ if ((codepoint & 0xFC00) == 0xD800) {
+-end++;
+-if (str[end] == '\\' && str[end + 1] == 'u') {
++if (end + 2 < len && str[end + 1] == '\\' && str[end + 2] == 'u') {
++end++;
+ unsigned int surrogate = 0;
+ hexToDigit(, str + end + 2);
+ codepoint =
+diff --git a/spec/parsing/one_off_spec.rb b/spec/parsing/one_off_spec.rb
+index 9bc6b32..f1a8aea 100644
+--- a/spec/parsing/one_off_spec.rb
 b/spec/parsing/one_off_spec.rb
+@@ -2,6 +2,13 @@
+ require File.expand_path(File.dirname(__FILE__) + '/../spec_helper.rb')
+ 
+ describe "One-off JSON examples" do
++  it "should not blow up with a bad surrogate trailer" do
++# https://github.com/brianmario/yajl-ruby/issues/176
++bad_json = "{\"e\":{\"\\uD800DC00\":\"a\"}}"
++
++Yajl::Parser.new.parse(bad_json)
++  end
++
+   it "should parse 23456789012E666 and return Infinity" do
+ infinity = (1.0/0)
+ silence_warnings do
+-- 
+2.15.0
+
diff -Nru ruby-yajl-1.2.0/debian/patches/series ruby-yajl-1.2.0/debian/patches/series
--- ruby-yajl-1.2.0/debian/patches/series	2015-07-08 16:47:52.0 +0200
+++ ruby-yajl-1.2.0/debian/patches/series	2017-11-08 07:31:37.0 +0100
@@ -1,2 +1,3 @@
 mocks-test-fix
 RSpec3-test-fix
+Don-t-advance-our-end-pointer-until-we-ve-checked-we.patch

Bug#881144: fig2dev: out of bound read while running fig2dev with -L pic option

2017-11-07 Thread Joonun Jang 
Package: fig2dev
Version: 1:3.2.6a-4
Severity: important
Tags: security

out of bound read while running fig2dev with -L pic option

Running 'fig2dev -L pic poc' with the attached file raises out of bound read bug
which may allow a remote attack to cause a denial-of-service attack or 
information
disclosure with a crafted file.

I expected the program to terminate without segfault, but the program crashes 
as follow

===

june@yuweol:~/poc/fig2dev/crash2$ fig2dev -L pic ./poc
.PS
.ps 11
Segmentation fault

===

Program received signal SIGSEGV, Segmentation fault.
0x55567960 in unpsfont (t=t@entry=0x55810160) at psfonts.c:194
194   if (PSmapwarn[t->font+1])
(gdb) p t->font
$1 = 7111
(gdb) bt
#0  0x55567960 in unpsfont (t=t@entry=0x55810160) at psfonts.c:194
#1  0x5558e282 in genpic_text (t=0x55810160) at genpic.c:443
#2  0x555615d2 in gendev_objects (dev=0x557ef200 , 
objects=0x7fffe0f0)
at fig2dev.c:833
#3  main (argc=, argv=) at fig2dev.c:467
(gdb) x/i $rip
=> 0x55567960 :  mov(%rcx,%rdx,4),%ecx
(gdb) i r rcx rdx
rcx0x555c3f60 93824992690016
rdx0x43d11c8  7112

===

This bug was found with a fuzzer developed by 'SoftSec' group at KAIST.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 
'stable-updates'), (500, 'testing'), (500, 'stable'), (1, 'experimental-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages fig2dev depends on:
ii  gawk 1:4.1.4+dfsg-1
ii  libc62.24-17
ii  libpng16-16  1.6.34-1
ii  libxpm4  1:3.5.12-1
ii  x11-common   1:7.7+19

Versions of packages fig2dev recommends:
ii  ghostscript  9.22~dfsg-1
ii  netpbm   2:10.0-15.3+b2

Versions of packages fig2dev suggests:
pn  xfig  

-- no debconf information


poc
Description: Binary data

Bug#881145: sox: null pointer dereference while running play

2017-11-07 Thread Joonun Jang 
Package: sox
Version: 14.4.1-5+b2
Severity: normal
Tags: security

null pointer dereference while running play with "poc bass +3" option

Running 'play poc bass +3' with the attached file raises null pointer 
dereference
which may allow a remote attack to cause a denial-of-service attack
I expected the program to terminate without segfault, but the program crashes 
as follow

I sent this to debian security team before, but I didn't get any response.
So I send this to public.

---

june@yuweol:~/poc/play/crash1$ play poc bass +3

poc:

 File Size: 48Bit Rate: 0.00394
  Encoding: WavPack
  Channels: 2 @ 16-bit
Samplerate: 44100Hz
Replaygain: off
  Duration: 27:03:11.55

In:0.00% 00:00:00.00 [27:03:11.55] Out:0 [  |  ]Clip:0
Segmentation fault

---

Thread 1 "play" received signal SIGSEGV, Segmentation fault.
0x7fffed796f34 in WavpackUnpackSamples () from 
/usr/lib/x86_64-linux-gnu/libwavpack.so.1
(gdb) x/i $rip
=> 0x7fffed796f34 :  mov0x1e0(%rdi),%rax
(gdb) i r rdi
rdi0x0  0

---

This bug was found with a fuzzer developed by 'SoftSec' group at KAIST.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 
'stable-updates'), (500, 'testing'), (500, 'stable'), (1, 'experimental-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages sox depends on:
ii  libc6 2.24-17
ii  libgomp1  7.2.0-12
ii  libsox-fmt-alsa   14.4.1-5+b2
ii  libsox-fmt-ao 14.4.1-5+b2
ii  libsox-fmt-base   14.4.1-5+b2
ii  libsox-fmt-oss14.4.1-5+b2
ii  libsox-fmt-pulse  14.4.1-5+b2
ii  libsox2   14.4.1-5+b2

sox recommends no packages.

Versions of packages sox suggests:
ii  libsox-fmt-all  14.4.1-5+b2

-- no debconf information
wvpk

Bug#880739: ERROR: PhantomJS executable not found in PATH, download it from http://phantomjs.org

2017-11-07 Thread Rogério Brito 
Dear Mathieu.

On Nov 04 2017, Mathieu Malaterre wrote:
> Package: youtube-dl
> Version: 2017.10.15.1-1
> Tags: patch

Your message didn't contain any patch. Anyway, it is so trivial that I
uploaded another package with the recommends in place.

> It would be super nice to add a Recommends: phantomjs on youtube-dl
> package. Otherwise it may fails sometimes with:
> 
> ERROR: PhantomJS executable not found in PATH, download it from
> http://phantomjs.org
(...)

Great. Can you please put offending URLs the next time, so that I can test
to see if the problem really went away?


Thanks,

-- 
Rogério Brito : rbrito@{ime.usp.br,gmail.com} : GPG key 4096R/BCFC
http://cynic.cc/blog/ : github.com/rbrito : profiles.google.com/rbrito
DebianQA: http://qa.debian.org/developer.php?login=rbrito%40ime.usp.br

Bug#878270: This NMU of anthy is not good enough

2017-11-07 Thread dai 
Control: tags -1 + moreinfo

1:0.3-6 has been uploaded. Can we close this bug?
-- 
Regards,
dai

GPG Fingerprint = 0B29 D88E 42E6 B765 B8D8 EA50 7839 619D D439 668E


signature.asc
Description: PGP signature

Bug#874223: make curl-config M-A-compatible by removing -fdebug-prefix-map

2017-11-07 Thread Timo Weingärtner 
control: tags -1 +patch

Hi,

please consider attached patch for these three incarnations of the same bug. 
It just removes -fdebug-prefix-map from the --configure line embedded into 
curl-config.

Inclusion of this patch into a stable update would also be nice given the rate 
of curl security updates that needs a dpkg --force-overwrite.


Regards
Timo
-- 
WIBU-SYSTEMS AG
Rüppurrer Strasse 52-54
76137 Karlsruhe
Germany
Tel: +49 721 93172-302
Fax: +49 721 93172-22

timo.weingaert...@wibu.com
http://www.wibu.com/

Vorstand: Oliver Winzenried
Aufsichtsratsvorsitzender: Marcellus Buchheit
HRB 107315 Mannheim--- a/debian/rules
+++ b/debian/rules
@@ -97,9 +97,12 @@ override_dh_install:
 #package.
 # 3. Likewise, replace the architecture name used for --build (and
 #build_alias) with a literal backquoted call to dpkg-architecture.
+# 4. In --configure output, remove
+#-fdebug-prefix-map=/buildd/specific/random/path=.
 	sed -e "/-lcurl /s|`krb5-config --libs gssapi`|\`krb5-config --libs gssapi\`|" \
 	-e "/--prefix/s|/$(DEB_HOST_MULTIARCH)'|/'\`dpkg-architecture -qDEB_HOST_MULTIARCH\`|g" \
 	-e "/--prefix/s|=$(DEB_BUILD_GNU_TYPE)'|='\`dpkg-architecture -qDEB_BUILD_GNU_TYPE\`|g" \
+	-e "/-fdebug-prefix-map=/s|\(-fdebug-prefix-map=\)/[^ ]*=.||" \
 	-i `find . -name curl-config`
 
 override_dh_installchangelogs:

Bug#881032: RFS: icecc/1.1-2~bpo9+1 NMU

2017-11-07 Thread Pablo Saavedra 
Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "icecc"

 * Package name    : icecc
   Version : 1.1-2~bpo9+1
   Upstream Author : schumac...@kde.org
 * URL : https://github.com/icecc/icecream
 * License : GNU General Public License v2.0
   Section : devel

I request for sponsorship for a backport of icecc (version 1.1-2) for
stretch-backports.

I'm not the maintainer, nor I'm involved with the development of this
package on Debian. I'm CC'ing current maintainers.

I have updated the changelog accordingly and rebuilt the package in
a pristine environment (stretch cowbuilder). No more changes than
updating the changelog were needed.

After that I tested the package on a stretch machine and all works as
expected.

It builds those binary packages:

  icecc - distributed compiler (client and server)
 libicecc-dev - development files for icecc (distributed compiler)

To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/icecc


Alternatively, one can download the package with dget using this command:

  dget -x
https://mentors.debian.net/debian/pool/main/i/icecc/icecc_1.1-2~bpo9+1.dsc


Changes since the last upload:

  icecc (1.1-2~bpo9+1) stretch-backports; urgency=medium

  * Rebuild for stretch-backports.

  -- Pablo Saavedra   Mon, 06 Nov 2017 11:14:34 +

Therefore, I request for sponsorship for this backport.


  Regards,
   Pablo Saavedra Rodiño



signature.asc
Description: OpenPGP digital signature

Bug#881034: Sid: Galera-3 default configuration; nodes beyond primary will not connect.

2017-11-07 Thread Louis Schmitz 
Package: galera-3
Version: 25.3.19-2
Severity: minor
Tags: sid

The default configuration of Galera-3 systemd scripts for the mariaDB server in 
debian Sid is incorrect. The secondary (tertiary, etc.) nodes do not connect to 
the primary node.
The problem may also be with one of the 'systemd' or 'mariadb' packages, and 
the script may be provided upstream. This information is unknown to me.

Reproducing the issue:
1) Create 3 connected VMs or connect 3 physical machines on a LAN with a 
default debian install.
2) Install the galera-3, mariadb-client, mariadb-server, and rsync packages.
3) Configure /etc/mysql/conf.d/galera.cnf with the recommended settings. In my 
case, each of 3 servers had a configuration file like this (the two bottom 
lines are changed on a server-to-server basis):

[mysqld]
#mysql settings
binlog_format=ROW
default-storage-engine=innodb
innodb_autoinc_lock_mode=2
innodb_doublewrite=1
query_cache_size=0
query_cache_type=0
bind-address=0.0.0.0

#galera settings
wsrep_on=ON
wsrep_provider=/usr/lib/galera/libgalera_smm.so
wsrep_cluster_name="osdb_cluster"
wsrep_cluster_address=gcomm://10.0.40.111,10.0.40.112,10.0.40.113
wsrep_sst_method=rsync

wsrep_node_address="10.0.40.111"
wsrep_node_name="galera01"

4) Bootstrap the cluster by using the recommended script on the primary node, 
by calling
$ galera_new_cluster
5) Using the recommended way, check whether the cluster is started:

MariaDB [(none)]> SHOW STATUS LIKE 'wsrep_cluster_size';
++---+
| Variable_name  | Value |
++---+
| wsrep_cluster_size | 1 |
++---+
1 row in set (0.01 sec)

6) Now, on the second node, try the recommended way of starting this node (as 
described on galera's home page):
$ systemctl start mysql
Here's where the bug happens. This operation fails with the mysql server not 
starting on the second node, while we're expecting a two-node cluster.  Below 
is the output passed to the file '/var/log/mysql/error.log'.

2017-11-06 17:10:13 139930521723456 [Note] WSREP: Read nil XID from storage 
engines, skipping position init
2017-11-06 17:10:13 139930521723456 [Note] WSREP: wsrep_load(): loading 
provider library '/usr/lib/galera/libgalera_smm.so'
2017-11-06 17:10:13 139930521723456 [Note] WSREP: wsrep_load(): Galera 
3.19(rb98f92f) by Codership Oy  loaded successfully.
2017-11-06 17:10:13 139930521723456 [Note] WSREP: CRC-32C: using hardware 
acceleration.
2017-11-06 17:10:13 139930521723456 [Note] WSREP: Found saved state: 
----:-1, safe_to_bootsrap: 1
2017-11-06 17:10:13 139930521723456 [Note] WSREP: Passing config to GCS: 
base_dir = /var/lib/mysql/; base_host = 10.0.40.113; base_port = 4567; 
cert.log_conflicts = no; debug = no; evs.auto_evict = 0; evs.delay_margin = 
PT1S; evs.delayed_keep_period = PT30S; evs.inactive_check_period = PT0.5S; 
evs.inactive_timeout = PT15S; evs.join_retrans_period = PT1S; 
evs.max_install_timeouts = 3; evs.send_window = 4; evs.stats_report_period = 
PT1M; evs.suspect_timeout = PT5S; evs.user_send_window = 2; 
evs.view_forget_timeout = PT24H; gcache.dir = /var/lib/mysql/; 
gcache.keep_pages_size = 0; gcache.mem_size = 0; gcache.name = 
/var/lib/mysql//galera.cache; gcache.page_size = 128M; gcache.recover = no; 
gcache.size = 128M; gcomm.thread_prio = ; gcs.fc_debug = 0; gcs.fc_factor = 
1.0; gcs.fc_limit = 16; gcs.fc_master_slave = no; gcs.max_packet_size = 64500; 
gcs.max_throttle = 0.25; gcs.recv_q_hard_limit = 9223372036854775807; 
gcs.recv_q_soft_limit = 0.25; gcs.sync_donor = no; gmcast.segment = 0; 
gmcast.version = 0; pc.announce_timeout = PT3S; pc.checksum = false; pc.ig
2017-11-06 17:10:13 139930521723456 [Note] WSREP: GCache history reset: 
old(----:0) -> 
new(----:-1)
2017-11-06 17:10:13 139930521723456 [Note] WSREP: Assign initial position for 
certification: -1, protocol version: -1
2017-11-06 17:10:13 139930521723456 [Note] WSREP: wsrep_sst_grab()
2017-11-06 17:10:13 139930521723456 [Note] WSREP: Start replication
2017-11-06 17:10:13 139930521723456 [Note] WSREP: Setting initial position to 
----:-1
2017-11-06 17:10:13 139930521723456 [Note] WSREP: protonet asio version 0
2017-11-06 17:10:13 139930521723456 [Note] WSREP: Using CRC-32C for message 
checksums.
2017-11-06 17:10:13 139930521723456 [Note] WSREP: backend: asio
2017-11-06 17:10:13 139930521723456 [Note] WSREP: gcomm thread scheduling 
priority set to other:0
2017-11-06 17:10:13 139930521723456 [Warning] WSREP: access 
file(/var/lib/mysql//gvwstate.dat) failed(No such file or directory)
2017-11-06 17:10:13 139930521723456 [Note] WSREP: restore pc from disk failed
2017-11-06 17:10:13 139930521723456 [Note] WSREP: GMCast version 0
2017-11-06 17:10:13 139930521723456 [Note] WSREP: (f877f818, 
'tcp://0.0.0.0:4567') listening at tcp://0.0.0.0:4567
2017-11-06 17:10:13 139930521723456

Bug#881033: bitlbee: manpage needs updates, and broken CAPTCHA on upstream bugtracker

2017-11-07 Thread Nomen Nescio 
Package: bitlbee
Version: 3.5.1-1
Severity: wishlist

Dear Maintainer,

I'll start with the Debian-specific problem.

* bug 1 (manpage) *
The /man bitlbee/ cmd shows:

  BUGS
Of course there are bugs. If you find some, please report them at
http://bugs.bitlbee.org/.

Perhaps that should also mention the Debian bug tracker as well?

* bug 2 (upstream bug tracker broken) *
There is also an upstream bug that I was unable to report because the
CAPTCHA for http://bugs.bitlbee.org/ is broken.  I could clearly read
the CAPTCHA but all of my solutions got rejected.  It's very
frustrating b/c I took the time to write out a report not knowing it
would be subject to a CAPTCHA, much less a broken one.  Please also
update the manpage to warn users that http://bugs.bitlbee.org/ does
not support account creation and requires a CAPTCHA.

* bug 3 (manpage) *
Bitlbee saves data to /var/lib/bitlbee by default, which is important
for users to realize when migrating or backing up systems.  Yet this
information is somewhat buried in the documentation for the "-d"
option.  IMO it should be louder, and follow the convention of having
a FILES section in the manpage.

Bug 220 is loosely related.  I don't know what is meant by
"configtime", but that bug report should perhaps be handled together
with this one.

* bug 4 (upstream bug tracker form is out of date) *
I'm using version 3.5.1-1, which is not in the list of this bug reporting form.


-- System Information:
Debian Release: 9.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=1509983846 WARNING 
torsocks[26270]: [syscall] Unsupported syscall number 217. Denying the call (in 
tsocks_syscall() at syscall.c:488)
UTF-8), LANGUAGE=en_US.UTF-8 (charmap=1509983846 WARNING torsocks[26272]: 
[syscall] Unsupported syscall number 217. Denying the call (in tsocks_syscall() 
at syscall.c:488)
UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages bitlbee depends on:
ii  bitlbee-common  3.5.1-1
ii  debianutils 4.8.1.1
ii  libc6   2.24-11+deb9u1
ii  libevent-2.0-5  2.0.21-stable-3
ii  libgcrypt20 1.7.6-2+deb9u2
ii  libglib2.0-02.50.3-2
ii  libgnutls30 3.5.8-5+deb9u3

bitlbee recommends no packages.

bitlbee suggests no packages.

-- debconf information excluded

Bug#880949: closed by Gianfranco Costamagna <locutusofb...@debian.org> (Re: Bug#880949: no progress information or stats)

2017-11-07 Thread Gianfranco Costamagna 
control: forwarded -1 https://github.com/borgbackup/borg/issues/3298

thanks!

G.

Bug#881040: chromium: No distinction between --incognito and --temp-profile in the manpage

2017-11-07 Thread Nomen Nescio 
Package: chromium
Version: 58.0.3029.110-1
Severity: minor

Dear Maintainer,

Is there a difference between:

  $ chromium --temp-profile

and

  $ chromium --incognito

?  If so, it should be documented in the manpage.  If not, then the
--temp-profile option should be removed.

Bug#871502: Re : Bug#871502: zotero-standalone-build: The newer Zotero is standalone only ; a reorganization is neded.

2017-11-07 Thread Félix Sipma 
On 2017-11-06 12:11+0100, Sébastien Villemot wrote:
> On Mon, Nov 06, 2017 at 11:52:43AM +0100, Félix Sipma wrote:
>> On 2017-11-06 11:17+0100, Sébastien Villemot wrote:
> 
>>> Why experimental and not unstable? Is the new version of the plugin
>>> incompatible with Zotero 4? If yes, then that should be reflected in
>>> dependencies (but then it's probably too early to upload it).
>> 
>> It is not compatible with Zotero 4, as the Zotero part of the libreoffice
>> extension is now plugged in zotero-standalone. The package just installs the
>> libreoffice part. I've updated the control file to reflect this. OK, so we'll
>> wait until having a zotero-standalone 5 package ready. I think having the new
>> firefox extension ready should not be a blocker, though (in the case we don't
>> have the tools ready to package it in time).
> 
> Ok.
> 
>> Concerning the zotero-standalone package, I guess it would be easier to also
>> start from the beginning for the new package, as it was completely reworked.
>> You still have no objection in me doing so?
> 
> Please go ahead. Don't hesitate to revamp the packaging, what matters is to 
> get
> something functional and easy to maintain.
> 
> Thanks,

I misunderstood the 5.0 refactoring, zotero still has to be built from three
repos, only the client part (https://github.com/zotero/zotero) was refactored
to use npm/node (and so, needs js libs to get packaged). So, I guess the
packaging repo should stay as it is for now, and be refactored if upstream
decides to merge everything in a single repo.

Could you please share your workflow for updating the package?


signature.asc
Description: PGP signature

Bug#878751: closed by Georges Khaznadar <georg...@debian.org> (Bug#878751: fixed in expeyes 4.3.2+dfsg-1)

2017-11-07 Thread Adrian Bunk 
Control: found -1 4.3.3+dfsg-1

On Sun, Oct 22, 2017 at 05:21:08PM +, Debian Bug Tracking System wrote:
>...
>  expeyes (4.3.2+dfsg-1) unstable; urgency=medium
>...
>* Keep pdf precompiled file in the source package (the PDF comes
>  with its source in LyX format). Closes: #878751
>...
> Date: Mon, 16 Oct 2017 16:01:50 +0300
> From: Adrian Bunk 
> To: Debian Bug Tracking System 
> Subject: expeyes FTBFS: recipe for target 'microhope.pdf' failed
> 
> Source: expeyes
> Version: 4.3.1+dfsg-1
> Severity: serious
> 
> https://buildd.debian.org/status/package.php?p=expeyes=sid
> 
> ...
> make[3]: Entering directory 
> '/<>/expeyes-4.3.1+dfsg/microhope/microhope-doc'
> Exporting microhope.lyx to a LaTeX file ... Makefile:35: recipe for target 
> 'microhope.pdf' failed
> make[3]: *** [microhope.pdf] Error 127

The problem is back with 4.3.3+dfsg-1

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#881036: debian-parl build depends on boxer-data (< 10.6) but 10.6.0 is to be installed

2017-11-07 Thread Adrian Bunk 
Source: debian-parl
Version: 1.9.10
Severity: serious

The following packages have unmet dependencies:
 builddeps:debian-design : Depends: boxer-data (< 10.6) but 10.6.0 is to be 
installed

Bug#879713: konsole: Konsole freezes for a minute when I press backspace in empty command line

2017-11-07 Thread Boris Pek 
Hi,

> Since a few days (or weeks?) I experience a strange behavior in konsole.
> When editing a command line, if I press backspace too many times finally
> trying to delete a character from an empty line, konsole freezes for ca.
> one minute. The CPU load is almost 0%, other programs in the X windows
> session work corectly. Even other konsole windows work correctly.
>
> The interesting thing is that the problem occurs exactly ones in each
> konsole window. It doesn't matter how many tabs I open. If I press backspace
> in the empty command line for the first time in one of open tabs, the whole
> window freezes. After it recovers, I can safely press backspace in all tabs
> without any problems.

Try to use [Tab] key from keyboard to complete the command or path when you
are typing something. You will get exactly the same freeze.

> In fact it looks like konsole gets blocked trying to connect to certain not
> running network service.
>
> I don't know it it matters, but I use konsole in the MATE session.

Yes, this is important. When program is launched directly in KDE session this
bug is not reproducible.

But this bug could but easily reproduced even in KDE session. If there are two
users in your system (user1 and user2) and you have logged in as user1 then
launch:

$ ssh -C -X -p 22 user2@localhost konsole

and you will be able to see a number of issues in launched KDE application.
One of these issues is a bug described above.

Best regards,
Boris

Bug#880017: glusterfs: CVE-2017-15096: Null pointer dereference

2017-11-07 Thread Patrick Matthäi 
Am 06.11.2017 um 17:41 schrieb Salvatore Bonaccorso:
> Control: reopen -1
> Control: found -1 3.12.1-1
> Control: found -1 3.12.2-1
>
> Hi Patrick,
>
> On Sat, Oct 28, 2017 at 02:40:08PM +0200, Salvatore Bonaccorso wrote:
>> Source: glusterfs
>> Version: 3.12.1-1
>> Severity: important
>> Tags: patch security upstream
>> Forwarded: https://bugzilla.redhat.com/show_bug.cgi?id=1502928
>>
>> Hi,
>>
>> the following vulnerability was published for glusterfs.
>>
>> CVE-2017-15096[0]:
>> | A flaw was found in GlusterFS in versions prior to 3.10. A null
>> | pointer dereference in send_brick_req function in
>> | glusterfsd/src/gf_attach.c may be used to cause denial of service.
>>
>> If you fix the vulnerability please also make sure to include the
>> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>>
>> For further information see:
>>
>> [0] https://security-tracker.debian.org/tracker/CVE-2017-15096
>> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15096
>> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1502928
>> [2] 
>> http://git.gluster.org/cgit/glusterfs.git/commit/?id=1f48d17fee0cac95648ec34d13f038b27ef5c6ac
> The patch is missing to be applied though in the 3.12.2-1 version
> marking the bug as fixing. Thus reopening. The issue has only
> been fixed after the v3.12.2 release in release-3.12.
Thanks for pointing me on this fault :/
I have uploaded a fixed package with the patch included now
>
> Regards,
> Salvatore

-- 
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

  Blog: http://www.linux-dev.org/
E-Mail: pmatth...@debian.org
patr...@linux-dev.org
*/

Bug#881035: RFS: unixodbc/2.3.4-1.1 [NMU]

2017-11-07 Thread Hugh McMaster 
Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for an NMU of the package "unixodbc".

* Package name: unixodbc
  Version: 2.3.4-1.1
  Upstream Author: Nick Gorham 
* URL: http://www.unixodbc.org
* License: LGPL v2.1
  Section: libs

The source builds the following binary packages:
* libodbc1   - ODBC library for Unix
* odbcinst   - Helper program for accessing odbc ini files
* odbcinst1debian2 - Support library for accessing odbc ini files
* unixodbc   - Basic ODBC tools
* unixodbc-dev - ODBC libraries for UNIX (development files)

To access further information about this package, please visit the following 
URL:
https://mentors.debian.net/package/unixodbc

Alternatively, one can download the package with dget using this command:
dget -x 
https://mentors.debian.net/debian/pool/main/u/unixodbc/unixodbc_2.3.4-1.1.dsc

More information about unixodbc can be obtained from http://www.unixodbc.org.

Changes since the last upload:
  * Non-maintainer upload.
  * debian/control:
- Mark unixodbc-dev Multi-Arch: same (Closes: #872411).
- Depend on libltdl-dev instead of libltdl3-dev.
  * debian/rules:
- Compile with --enable-fastvalidate to avoid performance degradation
  when working with large numbers of handles (Closes: #819622).
- Move unixodbc_conf.h to /usr/include/ to avoid
  a file conflict on multi-arch systems.

I am aware that the package needs work to clean it up - e.g. converting to 
package format 3.0,
fixing lintian issues and so on. This work is not possible in a general NMU 
and, as a result, has
not been included in this release.

Regards,
Hugh McMaster

Bug#880997: nageru: FTBFS on armel

2017-11-07 Thread Adrian Bunk 
Control: tags -1 patch

On Mon, Nov 06, 2017 at 08:59:37PM +0100, Steinar H. Gunderson wrote:
> On Mon, Nov 06, 2017 at 08:51:27PM +0100, Sebastian Ramacher wrote:
> > | /usr/bin/ld: httpd.o: undefined reference to symbol 
> > '__atomic_fetch_sub_8@@LIBATOMIC_1.0'
> > | //usr/lib/arm-linux-gnueabi/libatomic.so.1: error adding symbols: DSO 
> > missing from command line
> 
> FWIW, last time I asked about this, it was a toolchain bug on armel
> (std::atomic doesn't work). Is there any other information I should know
> about?

It is not true that std::atomic doesn't work on armel,
and that's not what the error message is about.

The following patch fixes the FTBFS on armel
and the other architectures where nageru currently FTBFS:

--- debian/rules.old2017-11-07 09:43:20.849529546 +
+++ debian/rules2017-11-07 09:43:20.849529546 +
@@ -1,5 +1,8 @@
 #!/usr/bin/make -f
 
+# see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81358
+export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed -latomic
+
 export QT_SELECT=5
 
 %:


cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#881038: jupyter-notebook FTBFS: ERROR: notebook.tests.test_notebookapp.test_notebook_stop

2017-11-07 Thread Adrian Bunk 
Source: jupyter-notebook
Version: 5.1.0-1
Severity: serious

https://buildd.debian.org/status/fetch.php?pkg=jupyter-notebook=all=5.1.0-1=1509918772=0

...
   dh_auto_test -i -O--buildsystem=pybuild
I: pybuild base:184: cd /<>/.pybuild/pythonX.Y_2.7/build; 
python2.7 -m nose 
No handlers could be found for logger "NotebookApp"
../usr/lib/python2.7/dist-packages/ipython_genutils/tempdir.py:58:
 Warning: Implicitly cleaning up 
  Warning)
./usr/lib/python2.7/dist-packages/ipython_genutils/tempdir.py:58: Warning: 
Implicitly cleaning up 
  Warning)
.../usr/lib/python2.7/dist-packages/nbformat/validator.py:251:
 UserWarning: No schema for validating v2 notebooks
  warnings.warn("No schema for validating v%s notebooks" % version, UserWarning)
.Traceback
 (most recent call last):
  File "/usr/lib/python2.7/runpy.py", line 163, in _run_module_as_main
mod_name, _Error)
  File "/usr/lib/python2.7/runpy.py", line 102, in _get_module_details
loader = get_loader(mod_name)
  File "/usr/lib/python2.7/pkgutil.py", line 464, in get_loader
return find_loader(fullname)
  File "/usr/lib/python2.7/pkgutil.py", line 475, in find_loader
loader = importer.find_module(fullname)
  File "/usr/lib/python2.7/pkgutil.py", line 184, in find_module
path = [os.path.realpath(self.path)]
  File "/usr/lib/python2.7/posixpath.py", line 375, in realpath
path, ok = _joinrealpath('', filename, {})
  File "/usr/lib/python2.7/posixpath.py", line 400, in _joinrealpath
if not islink(newpath):
  File "/usr/lib/python2.7/posixpath.py", line 135, in islink
st = os.lstat(path)
KeyboardInterrupt
../usr/lib/python2.7/dist-packages/jupyter_client/kernelspec.py:199: 
UserWarning: Invalid kernelspec directory name (Kernel names can only contain 
ASCII letters and numbers and these separators: - . _ (hyphen, period, and 
underscore).): /tmp/tmpphMb4f/data/kernels/sample 2
  d = self.find_kernel_specs()
./<>/.pybuild/pythonX.Y_2.7/build/notebook/services/kernelspecs/handlers.py:56:
 UserWarning: Invalid kernelspec directory name (Kernel names can only contain 
ASCII letters and numbers and these separators: - . _ (hyphen, period, and 
underscore).): /tmp/tmpphMb4f/data/kernels/sample 2
  for kernel_name in ksm.find_kernel_specs():
./usr/lib/python2.7/dist-packages/ipython_genutils/tempdir.py:58:
 Warning: Implicitly cleaning up 
  Warning)
.E.S
==
ERROR: notebook.tests.test_notebookapp.test_notebook_stop
--
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/nose/case.py", line 197, in runTest
self.test(*self.arg)
  File 
"/<>/.pybuild/pythonX.Y_2.7/build/notebook/tests/test_notebookapp.py",
 line 165, in test_notebook_stop
app.start()
  File "/<>/.pybuild/pythonX.Y_2.7/build/notebook/notebookapp.py", 
line 367, in start
servers = list(list_running_servers(self.runtime_dir))
  File "/usr/lib/python2.7/dist-packages/traitlets/traitlets.py", line 556, in 
__get__
return self.get(obj, cls)
  File "/usr/lib/python2.7/dist-packages/traitlets/traitlets.py", line 535, in 
get
value = self._validate(obj, dynamic_default())
  File "/usr/lib/python2.7/dist-packages/jupyter_core/application.py", line 99, 
in _runtime_dir_default
ensure_dir_exists(rd, mode=0o700)
  File "/usr/lib/python2.7/dist-packages/ipython_genutils/path.py", line 167, 
in ensure_dir_exists
os.makedirs(path, mode=mode)
  File "/usr/lib/python2.7/os.py", line 150, in makedirs
makedirs(head, mode)
  File "/usr/lib/python2.7/os.py", line 150, in makedirs
makedirs(head, mode)
  File "/usr/lib/python2.7/os.py", line 157, in makedirs
mkdir(name, mode)
OSError: [Errno 13] Permission denied: '/run/user'

--
Ran 251 tests in 32.221s

FAILED (SKIP=1, errors=1)
/usr/lib/python2.7/dist-packages/ipython_genutils/tempdir.py:58: Warning: 
Implicitly cleaning up 
  Warning)
/usr/lib/python2.7/dist-packages/ipython_genutils/tempdir.py:58: Warning: 
Implicitly cleaning up 
  Warning)
/usr/lib/python2.7/dist-packages/ipython_genutils/tempdir.py:58: Warning: 
Implicitly cleaning up 
  Warning)
/usr/lib/python2.7/dist-packages/ipython_genutils/tempdir.py:58: Warning: 
Implicitly cleaning up 
  Warning)
/usr/lib/python2.7/dist-packages/ipython_genutils/tempdir.py:58: Warning: 
Implicitly cleaning up 
  Warning)
E: pybuild pybuild:283: test: plugin distutils failed with: exit code=1: cd 
/<>/.pybuild/pythonX.Y_2.7/build; python2.7 -m nose 
dh_auto_test: pybuild --test --test-nose -i python{version} -p 2.7 returned 
exit code 13
debian/rules:12: recipe for target 'build-indep' failed
make: ***

Bug#881037: debian-design build depends on boxer-data (< 10.6) but 10.6.0 is to be installed

2017-11-07 Thread Adrian Bunk 
Source: debian-design
Version: 3.0.7
Severity: serious

The following packages have unmet dependencies:
 builddeps:debian-design : Depends: boxer-data (< 10.6) but 10.6.0 is to be 
installed

Bug#881036: debian-parl build depends on boxer-data (< 10.6) but 10.6.0 is to be installed

2017-11-07 Thread Adrian Bunk 
On Tue, Nov 07, 2017 at 12:19:47PM +0200, Adrian Bunk wrote:
> Source: debian-parl
> Version: 1.9.10
> Severity: serious
> 
> The following packages have unmet dependencies:
>  builddeps:debian-design : Depends: boxer-data (< 10.6) but 10.6.0 is to be 
> installed

Cut'n'paste error, correct is:

The following packages have unmet dependencies:
 builddeps:debian-parl : Depends: boxer-data (< 10.6) but 10.6.0 is to be 
installed


cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#816872: wmbattery: memory leak in wmbattery

2017-11-07 Thread Doug Torrance 

Control: tags -1 pending

On Mon, 6 Nov 2017 09:58:29 -0500 Doug Torrance wrote:
> Wonderful, thank you! I've submitted the patch upstream and hope to
> release a new Debian version soon.

FYI, a new upstream version containing this patch (2.51) has been released:
http://www.dockapps.net/wmbattery

The new Debian package is awaiting sponsorship.

Doug

Bug#881103: openresolv: bump version to 3.9.0 so it works with systemd

2017-11-07 Thread Roy Marples 
Package: openresolv
Version: 3.8.0-1
Severity: important

Dear Maintainer,

Please consider bumping openresolv to 3.9.0 so it works with systemd,
which is the Debian default init now.
The current version fails to restart services, rendering it pretty
useless.

Thanks

Roy


-- System Information:
Distributor ID: Sparky
Description:SparkyLinux
Release:5
Codename:   Nibiru
Architecture: x86_64

Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- no debconf information

Bug#880889: zfs-linux: zvol not in /dev after upgrade to 0.7.3-1

2017-11-07 Thread Moritz "LittleFox" Grosch 
Hi again,

sorry for the false bug report. This problem came from some packages at
0.6.5 and some at 0.7.3.

Since there are already other bugs asking for fixed versions (#881013,
#880709), this bug can be closed.

Best regards,
Moritz "LittleFox" Grosch

Bug#857730: Need to support DPKG_ROOT

2017-11-07 Thread Bastien ROUCARIES 
On Thu, Nov 2, 2017 at 6:27 PM, Thomas Liske  wrote:
>
> tags 857730 upstream
> severity 857730 wishlist
> thanks
>
>
> Hi Bastien,
>
>
> Bastien ROUCARIES  writes:
>
 severity: important
>>>
>>> Using severity important for anything DPKG_ROOT related sounds dubious
>>> to me, because the feature is not finalized in dpkg, but a technology
>>> preview.
>
> Please do not abuse the bug severity - I do not think that this issue has any
> major effect on the usability of a package.
>
> [1] https://www.debian.org/Bugs/Developer#severities
>
>
 Testing dpkg testsuite without beeing root needrestart crash.
>>>
>>> Maybe you can give more details here as to what crashes and how it
>>> fails?
>>>
 I believe need restart need to take in account $DPKG_ROOT
>>>
>>> You mentioned on irc that the file you want to touch is
>>> /etc/dpkg/dpkg.cfg.d/needrestart. That's not a maintainer script.
>>> DPKG_ROOT is only defined during maintainer script execution. Thus
>>> DPKG_ROOT will be undefined here.
>>>
 at least it should not execute if dpkg-root is set (so patch)
>>>
>>> Why should execution of needrestart depend on the way maintainer scripts
>>> are executed? That doesn't make any sense to me. Shouldn't the real
>>> condition be something like skipping needrestart when it is not
>>> installed in the system /?
>>
>> No rootless dpkg fail if needrestart is installed. This is the bug.
>>
>> To test install dpkg testsuite and run
>>
>>  DPKG_TESTSUITE_OPTIONS="not-root" eatmydata make test
>>
>> it will fail with a permission problem
>
> Please provide a consistent error description (Does needrestart crash or
> is there a permission problem?) including some screen logs and howto
> reproduce the problem.
>
> If the testsuite stuff is WIP we maybe should wait until it is finalized
> and there is a recommendation available howto handle the testsuite in
> (pre-invoke|post-invoke|status-logger) commands.

Seems reasonable but it still fail with permission problem. It is
reproductible do not remember the exact error but it fail apt
>
>
> HTH,
> Thomas
>
> --
>
> ::  WWW:https://fiasko-nw.net/~thomas/  ::
>:::  Jabber:   xmpp:tho...@jabber.fiasko-nw.net  :::
> ::  flickr: https://www.flickr.com/photos/laugufe/  ::

Bug#881097: libnet-ping-external-perl: long-standing command injection via crafted arguments

2017-11-07 Thread Salvatore Bonaccorso 
Control: retitle -1 libnet-ping-external-perl: CVE-2008-7319: command injection 
via crafted arguments

This issue got assigned CVE-2008-7319.

I have filled #881102 for requesting the removal from unstable.

For stretch and jessie I think the best course would be to have it
removed as well in the next point releases, given no package depends
on it.

Regards,
Salvatore

Bug#812721: gbp could filter out Files-Excluded: entries when committing to the pristine-tar branch

2017-11-07 Thread Michael Stapelberg 
Thanks for your reply. Answers inline:

On Mon, Nov 6, 2017 at 8:59 AM, Guido Günther  wrote:
> Hi,
> On Tue, Oct 31, 2017 at 05:24:05PM +0100, Michael Stapelberg wrote:
>> Hi Guido,
>>
>> The pkg-go team is currently discussing changes to its workflow, and
>> we’d be interested in resolving this feature request.
>
> Can you provide a pointer to the discussion?

Have a look at 
https://lists.alioth.debian.org/pipermail/pkg-go-maintainers/Week-of-Mon-20171016/015809.html

>
>>
>> Guido Günther  writes:
>> > I would rather do this with a dfsg-clean branch. You delete once and
>> > then use git tools from there on.
>>
>> Searching for how dfsg-clean branches should be named, I found
>> https://honk.sigxcpu.org/projects/git-buildpackage/manual-html/gbp.branch.naming.html,
>> which recommends “dfsg/latest”.
>>
>> However, my reading of section “About repacked upstream sources” of
>> http://dep.debian.net/deps/dep14/ directly contradicts the above advice:
>> DEP14 says upstream/* should contain the repackaged files.
>>
>> How do we reconcile this apparent contradiction?
>
> Since gbp makes no assumptions on this I'm happy to update the docs. How
> would we call the non-filtered branch then "nondfsg/latest"?  When we
> base our packaging on upstream git we'll likely use upstream's branch
> name but in case of tarballs we should provide a good recommendation.

Just to make sure we’re talking about the same thing: the branch
you’re asking for naming recommendations is currently called
“upstream”, yes?

If yes, then I don’t particularly like the name “nondfsg/latest”, as
it is a double-negative, but describes a very common case. Why not
keep calling it “upstream”, or “upstream/latest” if symmetry is
desired?

>
>> >> It would be great if gbp could produce the 1.2.3+dfsg tag itself by
>> >> reading debian/copyright and excluding the Files-Excluded: files.
>> >
>> > If somebody comes up with a clean patch I'm happy to merge that.
>>
>> Which part of gbp specifically should be patched here? AFAICT, there is
>> no command which pulls a new version from upstream yet. Should one be
>> added? What should it be called?
>
> My first reaction was to teach gbp import-orig to have a
>
> gbp import-orig "git-ref"
>
> mode that would do the right thing but I now think having
>
> gbp update "git-ref"
>
> that
>
> - does the excluding and tagging if necessary
> - merges to the debian branch
>
> is better. We need to make sure that gbp import-orig's filtering (using
> the --filter command line or filter= gbp.conf option) stays in sync with
> what we do so we don't have on tool using --filter= and the other one
> parsing debian/changelog.

You’re saying gbp import-orig and gbp update should both support the
same filter option, in additon to d/copyright, yes?

>
> If somebody comes up with a better name than "update" that's all fine.

“update” is a rather generic term. Given that the underlying git
operation is “git pull”, how about “gbp pull-upstream”?


-- 
Best regards,
Michael

Bug#866343: extlinux: Files in /etc/kernel/ not removed during upgrade

2017-11-07 Thread Lukas Schwaighofer 
Hi again,

I just checked the contents of the
 /etc/kernel/post{inst,rm}.d/zz-extlinux
files which are identical:

#!/bin/sh

set -e

# Exit if extlinux was removed (!= purged)
if [ -x /usr/sbin/extlinux-update ]
then
# Update extlinux configuration
extlinux-update
fi

Since the file is harmless enough when /usr/sbin/extlinux-update does
not exist, I think removing the file in sid/testing will be good enough.

Sorry for the noise, should have checked that file earlier.

Regards
Lukas

Bug#881111: python3-netaddr: unicode vs bytes issue between Python 2.x and 3.x when reading and writing IEEE data files

2017-11-07 Thread MoaMoaK 
Package: python3-netaddr
Version: 0.7.18-2
Severity: normal

Dear Maintainer,

When requesting OUI information on some MAC address with Python 3.x
( EUI("70:5A:B6:B8:64:8C").oui ), the package seems to fail on unicode vs bytes 
decoding
if the MAC has been used before with Python 2.x

The issue has been solved in the latest version of python3-netaddr (0.7.19)
( the commit 
https://github.com/drkjam/netaddr/commit/af145601df4329a4dc55ef0ce9ce5f8645f09d4f
 )

The package needs to be updated to latest version to solve this.

-- MoaMoaK

-- System Information:
Debian Release: 9.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python3-netaddr depends on:
ii  ieee-data  20160613.1
ii  python33.5.3-1

python3-netaddr recommends no packages.

Versions of packages python3-netaddr suggests:
ii  ipython3 5.1.0-3
pn  python-netaddr-docs  

-- no debconf information

Bug#880234: Re%3A nibabel%3A FTBFS%3A Test failures

2017-11-07 Thread Yaroslav Halchenko 
Thanks for checking it out!  I will issue an updated package shortly

Cheers and thnks again

On Tue, 07 Nov 2017, Thiago Franco de Moraes wrote:

> Hi

> I cloned the git repo from nibabel and did some tests. I saw the HEAD of 
> upstream doesn't have this problem. The difference from the HEAD to the 2.1.0 
> version in the file with the error is diff I've attached in this email. 
> Applying this diff fix this problem. I think you can send this patch to the 
> guy which packages nibabel.

> Kind regards.



-- 
Yaroslav O. Halchenko
Center for Open Neuroscience http://centerforopenneuroscience.org
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834   Fax: +1 (603) 646-1419
WWW:   http://www.linkedin.com/in/yarik

Bug#881114: freecontact: Transition to xerces-c 3.2

2017-11-07 Thread William Blough 
Source: freecontact
Severity: important
User: de...@blough.us
Usertags: xerces-c3.2-transition
Control: block -1 by 881108


This bug is for transition tracking purposes.

xerces-c will be transitioning from 3.1 to 3.2 soon.  However,
freecontact depends on src:xsd which does not currently work with
libxerces-c3.2 (bug 881108).  Once the issue with xsd has been resolved,
it will be necessary to test freecontact with xerces 3.2

Bug#881112: camitk: Transition to xerces-c 3.2

2017-11-07 Thread William Blough 
Source: camitk
Severity: important
User: de...@blough.us
Usertags: xerces-c3.2-transition
Control: block -1 by 881108

This bug is for transition tracking purposes.

xerces-c will be transitioning from 3.1 to 3.2 soon.  However, camitk
depends on src:xsd which does not currently work with libxerces-c3.2
(bug 881108).  Once the issue with xsd has been resolved, it will be
necessary to test camitk with xerces 3.2

Bug#881113: mailman3-core: Package should suggest lynx

2017-11-07 Thread Philip Frei 
Package: mailman3-core
Version: 3.1.0-1
Severity: minor

Dear Maintainer,

Mailman uses lynx to convert html to plain text messages. Maybe it's a
good idea to add lynx to the package suggestions.



-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.13.0-0.bpo.1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), 
LANGUAGE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Bug#881117: Printing a pdf with non-ascii title with evince fails

2017-11-07 Thread Brian Oney 
Package: hplip
Version: 3.16.11+repack0-3

Package: evince
Version: 3.22.1-3+deb9u1

Dear Debian Developers,
I can't print a pdf with a title that has a non-ascii character (possibly) with 
evince. It looks like evince's handling of the pdf (ps conversion?) seems to 
cause it. qpdfviewer works just find. lp also works fine. The cups error log is 
appended but the important bit is: 
D [07/Nov/2017:23:17:25 +0100] [Job 114] os.write(output_fd, 
to_bytes_utf8(\'@PJL SET JOBNAME=\"%s\"\\x0a\' % title))D [07/Nov/2017:23:17:25 
+0100] [Job 114] File \"/usr/share/hplip/base/sixext.py\", line 109, in 
to_bytes_utf8D [07/Nov/2017:23:17:25 +0100] [Job 114] return 
s.encode(\"utf-8\")D [07/Nov/2017:23:17:25 +0100] [Job 114] UnicodeEncodeError: 
\'utf-8\' codec can\'t encode character \'\\udcc3\' in position 21: surrogates 
not allowed
It looks the pdf 'Title:' may not contain an ä (or the like).
I guess it has to be evince, but it also appears that hplip could better handle 
pdf metadata.
Thanks!Brian
Tex filecat > test.tex << end_tex% Intended LaTeX compiler: 
pdflatex\documentclass[DIV=14,
fontsize=11pt,
parskip=half,
backaddress=false,
fromemail=true,
fromphone=true,
  fromalign=left]{scrlttr2}
 \usepackage[ngerman, germanb]{babel}
\usepackage[utf8]{inputenc}
\usepackage[T1]{fontenc}
\usepackage{graphicx}
\usepackage{grffile}
\usepackage{longtable}
\usepackage{wrapfig}
\usepackage{rotating}
\usepackage[normalem]{ulem}
\usepackage{amsmath}
\usepackage{textcomp}
\usepackage{amssymb}
\usepackage{capt-of}
\usepackage{hyperref}
\KOMAoption{fromurl}{false}
\LoadLetterOption{SN}
\setkomavar{fromname}{Brian O}
\setkomavar{fromemail}{}
\KOMAoption{fromemail}{false}
\KOMAoption{fromphone}{true}
\setkomavar{signature}{Brian  O}
\KOMAoption{backaddress}{false}
\setkomavar{place}{Earth}
\KOMAoptions{foldmarks=true}
\date{den 08.11.2017}
\hypersetup{
 pdfauthor={Brian O},
 pdftitle={Banänas!},
 pdflang={Germanb}}
\begin{document}
\setkomavar{title}{Banänas!}
\begin{letter}{%
Universe}
\opening{We the people\ldots{}}
\ldots{}like bananas!
And apples!
\url{https://youtu.be/wopHYlQEv7s}
\closing{Feed me}
\end{letter}
\end{document}
end_tex
pdflatex test.tex

CUPS error log:

[Job 114] Job stopped due to filter errors; please consult the error_log file 
for details.
[Job 114] The following messages were recorded from 23:17:11 to 23:17:25
[Job 114] Adding start banner page "none".
[Job 114] Queued on "HP_LaserJet_600_M602" by "".
[Job 114] Auto-typing file...
[Job 114] Request file type is application/pdf.
[Job 114] File of type application/pdf queued by "".
[Job 114] Adding end banner page "none".
[Job 114] time-at-processing=1510093031
[Job 114] 3 filters for job:
[Job 114] pdftopdf (application/pdf to application/vnd.cups-pdf, cost 66)
[Job 114] pdftops (application/vnd.cups-pdf to application/vnd.cups-postscript, 
cost 100)
[Job 114] hpps (application/vnd.cups-postscript to 
printer/HP_LaserJet_600_M602, cost 0)
[Job 114] job-sheets=none,none
[Job 114] argv[0]="HP_LaserJet_600_M602"
[Job 114] argv[1]="114"
[Job 114] argv[2]=""
[Job 114] argv[3]="Banänas!"
[Job 114] argv[4]="1"
[Job 114] argv[5]="noCollate cups-browsed cups-browsed-dest-printer=\\\"38\\ 
barry.local:631\\\" Duplex=None HPEconoMode HPEdgeToEdge HPFIDigit=0 
HPFTDigit=0 HPPaperSource=AutomaticallySelect noHPPinPrnt HPPrintQuality=600dpi 
HPSEDigit=0 HPTHDigit=0 job-uuid=urn:uuid:5e668a8e-b163-390d-47e5-d5d9159b4e18 
MediaType=Unspecified number-up=1 OutputBin=None PageSize=A4 
job-originating-host-name=192.168.0.29 date-time-at-creation= 
date-time-at-processing= time-at-creation=1510093031 
time-at-processing=1510093031"
[Job 114] argv[6]="/var/spool/cups/d00114-001"
[Job 114] envp[0]="CUPS_CACHEDIR=/var/cache/cups"
[Job 114] envp[1]="CUPS_DATADIR=/usr/share/cups"
[Job 114] envp[2]="CUPS_DOCROOT=/usr/share/cups/doc-root"
[Job 114] envp[3]="CUPS_FONTPATH=/usr/share/cups/fonts"
[Job 114] envp[4]="CUPS_REQUESTROOT=/var/spool/cups"
[Job 114] envp[5]="CUPS_SERVERBIN=/usr/lib/cups"
[Job 114] envp[6]="CUPS_SERVERROOT=/etc/cups"
[Job 114] envp[7]="CUPS_STATEDIR=/var/run/cups"
[Job 114] envp[8]="HOME=/var/spool/cups/tmp"
[Job 114] envp[9]="PATH=/usr/lib/cups/filter:/usr/bin:/usr/sbin:/bin:/usr/bin"
[Job 114] envp[10]="SERVER_ADMIN=root@barry"
[Job 114] envp[11]="SOFTWARE=CUPS/2.2.1"
[Job 114] envp[12]="TMPDIR=/var/spool/cups/tmp"
[Job 114] envp[13]="USER=root"
[Job 114] envp[14]="CUPS_MAX_MESSAGE=2047"
[Job 114] envp[15]="CUPS_SERVER=/var/run/cups/cups.sock"
[Job 114] envp[16]="CUPS_ENCRYPTION=IfRequested"
[Job 114] envp[17]="IPP_PORT=631"
[Job 114] envp[18]="CHARSET=utf-8"
[Job 114] envp[19]="LANG=en_US.UTF-8"
[Job 114] envp[20]="PPD=/etc/cups/ppd/HP_LaserJet_600_M602.ppd"
[Job 114] envp[21]="RIP_MAX_CACHE=128m"
[Job 114]

Bug#880604: mirror listing update for debian.utalca.cl

2017-11-07 Thread Fabio Duran Verdugo 
As recommendation I update the upstream mirror from debian.netlinux.cl
to mirrors.sfo.kernel.org. 

Now the repository is synchronized and you can check in this link https
://mirror-master.debian.org/status/mirror-info/debian.utalca.cl.html



-- 
Fabio Durán Verdugo
Escuela de Ingeniería Civil en Bioinformática 
Facultad de Ingeniería, Universidad de Talca
Fono: (56) -(71) - 2418857

On Tue, 2017-11-07 at 08:51 +, Peter Palfrader wrote:
> On Fri, 03 Nov 2017, Fabio Duran Verdugo wrote:
> 
> > It's done!
> 
> We recommend mirrors update four times a day.  Unfortunately, your
> upstream mirror doesn't do that.  Are there other places you could
> consider to mirror from?
> 
> Cheers,

signature.asc
Description: This is a digitally signed message part

Bug#881102: RM: libnet-ping-external-perl -- RoQA; unmaintained upstream, contains security issue for several years unadressed

2017-11-07 Thread Salvatore Bonaccorso 
Package: ftp.debian.org
Severity: normal

Hi

As prompted by http://www.openwall.com/lists/oss-security/2017/11/07/4
and has been reported to the BTS as #881097:

libnet-ping-external-perl is basically unmaintained upstream and has a
command injection vulnerability reported upstream without having had a
reply. Thus thinking this is basically unmaintained upstream. The same
version is back in wheezy.

There are no packages depending on it in Debian, so it looks the
safest course of action is to remove it from unstable (possibly as
well from other suites later on via point release) and not having it
included in buster.

Regards
Salvatore

Bug#881101: eyed3 FTBFS with LC_ALL=C

2017-11-07 Thread Adrian Bunk 
Source: eyed3
Version: 0.8.3-1
Severity: serious

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/eyed3.html

...
dh clean --with python2,python3 --buildsystem=pybuild
   dh_auto_clean -O--buildsystem=pybuild
I: pybuild base:184: python2.7 setup.py clean 
running clean
removing '/build/1st/eyed3-0.8.3/.pybuild/pythonX.Y_2.7/build' (and everything 
under it)
'build/bdist.linux-amd64' does not exist -- can't clean it
'build/scripts-2.7' does not exist -- can't clean it
I: pybuild base:184: python3.6 setup.py clean 
Traceback (most recent call last):
  File "setup.py", line 108, in 
PKG_INFO, REQUIREMENTS = getPackageInfo()
  File "setup.py", line 72, in getPackageInfo
history = history_file.read().replace(".. :changelog:", "")
  File "/usr/lib/python3.6/encodings/ascii.py", line 26, in decode
return codecs.ascii_decode(input, self.errors)[0]
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 11969: 
ordinal not in range(128)
E: pybuild pybuild:283: clean: plugin distutils failed with: exit code=1: 
python3.6 setup.py clean 
dh_auto_clean: pybuild --clean -i python{version} -p 3.6 returned exit code 13
debian/rules:10: recipe for target 'clean' failed
make: *** [clean] Error 25

Bug#867671: libratbag-tools: removal of libratbag-tools/sid makes files disappear from liblur3/testing

2017-11-07 Thread Andreas Beckmann 
On 07/08/2017 03:35 PM, Stephen Kitt wrote:
> As I understand Policy in this case, I’m not convinced this is a violation.
> lur-command.1.gz should never have been in liblur3; it should always have
> been in libratbag-tools. I moved the file from liblur3 to libratbag-tools, and
> added the appropriate Replaces relationship; but as I understand it, Breaks
> isn’t needed because the upgrade doesn’t actually break liblur3.

It breaks anything assuming that a certain file exists if a certain
(buggy) package version is installed.

> Considering
> the behaviour described in footnote 54 (53 doesn’t apply here AFAICT), I don’t
> think there’s a problem: the old liblur3 does end up missing a file, but it’s
> a file it doesn’t need and should never have had, so its disappearance
> doesn’t cause any problems.

"its disappearance doesn’t cause any problems"
That's something very hard to teach some automated tools. These tools
look for things that could be problematic (or become problematic at some
point).

What's the actual problem with adding the matching Breaks?
That's just going to invalidate some version mixtures and downgrade
paths that you don't want to support anyway.


Andreas

Bug#866343: extlinux: Files in /etc/kernel/ not removed during upgrade

2017-11-07 Thread Lukas Schwaighofer 
Hi Laurent,

thanks for reporting this problem.  Leftover files in /etc/kernel/*.d
are bad…  I made a bit of research and found out the following, all of
which happened during the jessie release cycle:

0. The syslinux installer is part of the syslinux binary package
1. Version 3:6.03~pre1+dfsg-2: The installer was moved from the
   extlinux binary package to a newly introduced syslinux-stuff binary
   package
2. Version 3:6.03~pre19+dfsg-1: The syslinux-stuff binary package was
   dropped (completely removing the extlinux installer from Debian)

So, as far as I can tell, every system that has syslinux since
pre-jessie (and was never reinstalled since) will have those leftover
files.

Fixing this now in unstable feels somewhat in vain… I will ask for
advise on how to best deal with this issue.  For now I wanted to
document my findings.

Regards
Lukas

Bug#877562: libqb FTCBFS: uses uncached AC_RUN_IFELSE

2017-11-07 Thread Ferenc Wágner 
Control: forwarded -1 https://github.com/ClusterLabs/libqb/pull/269

"Manuel A. Fernandez Montecelo"  writes:

> If upstream Hurd people were so sure about it I'd strongly consider to
> follow their advice.

That's the plan.  Unfortunately, the POSIX interface defers the check to
runtime on amd64 for example, so we'll have to code that up.

> From what you talk about in this bug report, if the extra check is
> mostly to satisfy a bug in Hurd and they fix it, you could as well
> remove it.

When we have the runtime check, the configure check will degrade to a
mere optimization specific to exotic platforms guaranteeing a monotonic
clock.  Probably not worth keeping.

> But on the other hand, as Helmut says, if many other projects do it and
> since Hurd is not very popular, perhaps it's a wider problem than Hurd.

Yes, in the above sense it is, see also the discussion in the linked
upstream pull request.
-- 
Regards,
Feri

Bug#881115: libkolabxml: Transition to xerces-c 3.2

2017-11-07 Thread William Blough 
Source: libkolabxml
Severity: important
User: de...@blough.us
Usertags: xerces-c3.2-transition
Control: block -1 by 881108


This bug is for transition tracking purposes.

xerces-c will be transitioning from 3.1 to 3.2 soon.  However,
libkolabxml depends on src:xsd which does not currently work with
libxerces-c3.2 (bug 881108).  Once the issue with xsd has been resolved, it
will be necessary to test libkolabxml with xerces 3.2

Bug#866343: extlinux: Files in /etc/kernel/ not removed during upgrade

2017-11-07 Thread Lukas Schwaighofer 
On Tue, 7 Nov 2017 21:48:04 +0100
Lukas Schwaighofer  wrote:

> 0. The syslinux installer is part of the syslinux binary package

That should have been:
0. The syslinux installer is part of the *extlinux* binary package

Bug#880996: ring: FTBFS on mips64el

2017-11-07 Thread James Cowgill 
Hi,

On 06/11/17 19:48, Sebastian Ramacher wrote:
> Source: ring
> Version: 20170912.1.912f772~dfsg1-2
> Severity: serious
> Tags: sid buster
> Control: block 880355 by -1
> 
> ring FTBFS on mips64el during the libva transition:
[...]
> | ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
> `ring::RingAccount::useIdentity(std::pair  std::shared_ptr > const&)':
> | ./daemon/src/ringdht/ringaccount.cpp:845: undefined reference to 
> `dht::Value::msgpack_unpack(msgpack::v1::object)'
> | ./daemon/src/ringdht/ringaccount.cpp:845: undefined reference to 
> `dht::Value::msgpack_unpack(msgpack::v1::object)'
> | ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
> `msgpack::v1::type::detail::convert_integer_sign false>::convert(msgpack::v1::object const&)':
> | /usr/include/msgpack/v1/adaptor/int.hpp:46: undefined reference to 
> `dht::unpackBlob(msgpack::v1::object&)'
> | ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
> `dht::IceCandidates::msgpack_unpack(msgpack::v1::object)':
> | /usr/include/opendht/default_types.h:190: undefined reference to 
> `dht::unpackBlob(msgpack::v1::object&)'
> | ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
> `msgpack::v1::type::detail::convert_integer_sign false>::convert(msgpack::v1::object const&)':
> | /usr/include/msgpack/v1/adaptor/int.hpp:46: undefined reference to 
> `dht::unpackBlob(msgpack::v1::object&)'
> | ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
> `dht::IceCandidates::msgpack_unpack(msgpack::v1::object)':
> | /usr/include/opendht/default_types.h:190: undefined reference to 
> `dht::unpackBlob(msgpack::v1::object&)'
> | ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
> `msgpack::v1::type::detail::convert_integer_sign false>::convert(msgpack::v1::object const&)':
> | /usr/include/msgpack/v1/adaptor/int.hpp:46: undefined reference to 
> `dht::unpackBlob(msgpack::v1::object&)'
> | 
> ../src/.libs/libring.a(libringacc_la-ringaccount.o):/usr/include/opendht/default_types.h:190:
>  more undefined references to `dht::unpackBlob(msgpack::v1::object&)' follow
> | ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
> `msgpack::v1::adaptor::convert void>::operator()(msgpack::v1::object const&, dht::crypto::RevocationList&) 
> const':
> | /usr/include/msgpack/v1/object.hpp:209: undefined reference to 
> `dht::crypto::RevocationList::msgpack_unpack(msgpack::v1::object)'
> | /usr/include/msgpack/v1/object.hpp:209: undefined reference to 
> `dht::crypto::RevocationList::msgpack_unpack(msgpack::v1::object)'
> | collect2: error: ld returned 1 exit status
> | Makefile:628: recipe for target 'dring' failed

The problem is that ring forces the use of the msgpack v1 API, but
opendht uses whatever the default msgpack API was when it was built.
When opendht was originally uploaded this was v1 and everything was
good. Around 1 month ago, opendht was binNMUed on just mips64el and this
caused the mips64el version of opendht to use v2 of the API. Ring then
FTBFS on mips64el because it tried to use the v1 functions which don't
exist anymore.

There needs to be some agreement between ring and opendht as to what
msgpack API to use (both use v1 or v2). I'm not sure what the best
option is, but I would guess that forcing opendht to v1 would fix this.

Thanks,
James



signature.asc
Description: OpenPGP digital signature

Bug#879856: okular(25652)/kdecore (KConfigSkeleton) KCoreConfigSkeleton::writeConfig:

2017-11-07 Thread Sandro Knauß 
Contro: tags -1 +moreinfo

Hey,

it is a upstream bug. So please report this bug upstream (htps://bugs.kde.org) 
and send the bug number to this bugreport. If you have any further questions, 
feel free to ask them here.

Best Regards,

sandro

--
On Donnerstag, 26. Oktober 2017 16:46:15 CEST Nomen Nescio wrote:
> Package: okular
> Version: 4:16.08.2-1+b1
> Severity: minor
> 
> Dear Maintainer,
> 
> When okular is invoked on the commandline, the terminal from which it
> launches is junked up with this:
> 
> okular(25652)/kdecore (KConfigSkeleton) KCoreConfigSkeleton::writeConfig:
> okular(25652)/kdecore (KConfigSkeleton) KCoreConfigSkeleton::writeConfig:
> okular(25652)/kdecore (KConfigSkeleton) KCoreConfigSkeleton::writeConfig:
> okular(25652)/kdecore (KConfigSkeleton) KCoreConfigSkeleton::writeConfig:
> 
> If that noise is necessary, it should be re-worded so users know what
> the message is trying to convey.  Otherwise it should be silenced.
> 
> -- System Information:
> Debian Release: 9.2
>   APT prefers stable-updates
>   APT policy: (500, 'stable-updates'), (500, 'stable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 4.9.0-4-amd64 (SMP w/2 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=1509013311 WARNING
> torsocks[10749]: [syscall] Unsupported syscall number 217. Denying the call
> (in tsocks_syscall() at syscall.c:488) UTF-8), LANGUAGE=en_US.UTF-8
> (charmap=1509013311 WARNING torsocks[10751]: [syscall] Unsupported syscall
> number 217. Denying the call (in tsocks_syscall() at syscall.c:488) UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
> 
> Versions of packages okular depends on:
> ii  kde-runtime 4:16.08.3-2
> ii  libc6   2.24-11+deb9u1
> ii  libfreetype62.6.3-3.2
> ii  libjpeg62-turbo 1:1.5.1-2
> ii  libkdecore5 4:4.14.26-2
> ii  libkdeui5   4:4.14.26-2
> ii  libkexiv2-114:15.04.3-1
> ii  libkio5 4:4.14.26-2
> ii  libkparts4  4:4.14.26-2
> ii  libkprintutils4 4:4.14.26-2
> ii  libkpty44:4.14.26-2
> ii  libokularcore7  4:16.08.2-1+b1
> ii  libphonon4  4:4.9.0-4
> ii  libpoppler-qt4-40.48.0-2
> ii  libqca2 2.1.1-4+b2
> ii  libqimageblitz4 1:0.0.6-4+b2
> ii  libqmobipocket1 4:16.08.0-1
> ii  libqt4-dbus 4:4.8.7+dfsg-11
> ii  libqt4-declarative  4:4.8.7+dfsg-11
> ii  libqt4-svg  4:4.8.7+dfsg-11
> ii  libqt4-xml  4:4.8.7+dfsg-11
> ii  libqtcore4  4:4.8.7+dfsg-11
> ii  libqtgui4   4:4.8.7+dfsg-11
> ii  libsolid4   4:4.14.26-2
> ii  libspectre1 0.2.8-1
> ii  libstdc++6  6.3.0-18
> ii  phonon  4:4.9.0-4
> ii  zlib1g  1:1.2.8.dfsg-5
> 
> Versions of packages okular recommends:
> ii  cups-bsd  2.2.1-8
> 
> Versions of packages okular suggests:
> ii  ghostscript9.20~dfsg-3.2+deb9u1
> pn  jovie  
> pn  okular-extra-backends  
> ii  poppler-data   0.4.7-8
> ii  texlive-binaries   2016.20160513.41080.dfsg-2
> ii  unrar  1:5.3.2-1+deb9u1



signature.asc
Description: This is a digitally signed message part.

Bug#880587: [Pkg-tigervnc-devel] Bug#880587: xrandr -o left/right crashes the X server if libvnc.so loaded

2017-11-07 Thread Ola Lundqvist 
Hi

Thank you for the report.

// Ola

On 2 November 2017 at 16:13, Pierre Dinh-van  wrote:
> Package: tigervnc-xorg-extension
> Version: 1.7.0+dfsg-7
> Severity: normal
> Tags: upstream
>
> Dear Maintainer,
>
> I set up libvnc.so from tigervnc-xorg-extension for my stretch
> workstations by adding a config file
> /usr/share/X11/xorg.conf.d/99-vnc.conf with in it :
>
>
> Section "Module"
>   Load  "vnc"
> EndSection
> Section "Screen"
>   Identifier "Screen0"
>   Device "Card0"
>   Monitor"Monitor0"
>   Option "SecurityTypes" "VncAuth"
>   Option "QueryConnect"
>   Option "QueryConnectTimeout" "30"
>   Option "IdleTimeout" "60"
>   Option "UserPasswdVerifier" "VncAuth"
>   Option "PasswordFile" "/etc/vncpasswd"
> EndSection
>
>
> I try to rotate locally my screen with 'xrandr -o left' or 'xrandr -o right'
>
> it crashes the X session and goes back to lightdm.
>
> If the resolution is not changed, for example with '-o inverted' then, the
> session runs further.
>
> I tried with the upstream release 1.8.0 and it's affected by the same
> problem
> I tried on computers with intel graphics, and in a VirtualBox VM. The result
> is the same on both.
>
> removing the /usr/share/X11/xorg.conf.d/99-vnc.conf and restarting ligthdm
> removes the issue.
>
>
> It's a problem for my users who might have the orientation of the display
> set up in the preferences of there XFCE4.
>
> I cannot upgrade such users, or they will be first unable to login until
> they fix there xfce4 profile and they are then unable to use a vertical
> layout for their screen.
>
>
>
> -- System Information:
> Debian Release: 9.2
>   APT prefers unstable
>   APT policy: (500, 'unstable')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 4.9.0-4-amd64 (SMP w/4 CPU cores)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
> LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages tigervnc-xorg-extension depends on:
> ii  libaudit1  1:2.6.7-2
> ii  libbsd00.8.3-1
> ii  libc6  2.24-11+deb9u1
> ii  libgcc11:6.3.0-18
> ii  libgnutls303.5.8-5+deb9u3
> ii  libjpeg62-turbo1:1.5.1-2
> ii  libpam0g   1.1.8-3.6
> ii  libstdc++6 6.3.0-18
> ii  xserver-xorg-core  2:1.19.2-1+deb9u2
> ii  zlib1g 1:1.2.8.dfsg-5
>
> Versions of packages tigervnc-xorg-extension recommends:
> ii  tigervnc-common  1.7.0+dfsg-7
>
> tigervnc-xorg-extension suggests no packages.
>
> -- no debconf information
>
>
> ___
> Pkg-tigervnc-devel mailing list
> pkg-tigervnc-de...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-tigervnc-devel



-- 
 - Ola Lundqvist ---
/  o...@debian.org Folkebogatan 26  \
|  o...@inguza.com  654 68 KARLSTAD  |
|  http://inguza.com/  +46 (0)70-332 1551   |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36  4FE4 18A1 B1CF 0FE5 3DD9 /
 ---

Bug#881104: RM: libhdcd -- ROM; unused library

2017-11-07 Thread Sebastian Ramacher 
Package: ftp.debian.org
Severity: normal

Please remove libhdcd from the archive. Initially ffmpeg was supposed to use it,
but integrated the code in a different way. So libhdcd is not used and can be
removed from the archive.

Cheers
-- 
Sebastian Ramacher


signature.asc
Description: PGP signature

Bug#881105: golang-github-nebulouslabs-fastrand build depends on the obsolete golang-1.8-go

2017-11-07 Thread Adrian Bunk 
Source: golang-github-nebulouslabs-fastrand
Version: 0.0~git20170420.0.5a1a312-1
Severity: serious

golang-github-nebulouslabs-fastrand build depends on the
obsolete golang-1.8-go.

Bug#881107: gb (build) depends on the obsolete golang-1.8-go

2017-11-07 Thread Adrian Bunk 
Source: gb
Version: 0.4.4-1
Severity: serious

gb depends and build depends on the obsolete golang-1.8-go.

Bug#881106: flam3: Update to flam3 v3.1.1

2017-11-07 Thread linus . luessing 
Package: flam3
Severity: wishlist

Hi,

Qosmic[0] seems to require flam3 v3.1.1. Would it be possible to update
the flam3 package?

Regards, Linus

[0]: https://github.com/bitsed/qosmic


-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable')
Architecture: armhf (armv7l)

Kernel: Linux 4.13.2 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages flam3 depends on:
ii  libc62.24-17
ii  libjpeg62-turbo  1:1.5.2-2
ii  libpng16-16  1.6.34-1
ii  libxml2  2.9.4+dfsg1-5+b1
ii  zlib1g   1:1.2.8.dfsg-5

flam3 recommends no packages.

flam3 suggests no packages.

Bug#878203: apparmor logs /proc//cmdline denials on vm shutdown

2017-11-07 Thread Gabriel Filion 
Hello,

I can still see this in the apparmor file included in
libvirt-daemon-system 3.9.0-1

FWIW according to this ubuntu bug they've added a line to the profile to
permit access:

https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1693115



signature.asc
Description: OpenPGP digital signature

Bug#878722: bts reassign 878722 partman-auto

2017-11-07 Thread Michael Kesper 
Dear Cyril,


On 07.11.2017 08:12, Cyril Brulebois wrote:
> Michael Kesper  (2017-11-06):
>> I think this bug is specific to partman-auto.
>> Partman should allow rescanning devices and recognize NVMe devices when
>> preconfigured with /dev/sda.
>> Alternatively, there should be an installation target "largest disk" or
>> something similar.
> 
> I'm not sure hardcoding /dev/sda as the target device is right when all you
> have is NVMe… Don't feed wrong info through preseed in the first place?

Yes sure but why can't I correct it after the fact?
Even "rescanning disks" does not let you chose any other disks.

> Also, “largest disk” doesn't seem too good an idea, as evidenced here:
>   https://lists.debian.org/debian-boot/2017/11/msg00028.html

Is there a way of chosing "first internal disk" then?
Imagine I want to create one installation medium for laptops which only
differ whether they are set up with a NVM or a sata SSD.
I did not find any documentation helping me with this.

Best wishes
Michael



signature.asc
Description: OpenPGP digital signature

Bug#880982: ifup does not trigger scripts any more after booting

2017-11-07 Thread Narcis Garcia 
Thanks Guus for the suggestion about netplug as alternative.
Network interface's configurtaion (IP) is already done when hotplugging
the cable.
What is not working on same event is the run-parts of scripts in
/etc/network/if-up.d (as non-Systemd Debian versions did) and maybe
other directories as:

/etc/network/if-down.d
/etc/network/if-pre-up.d
/etc/network/if-post-down.d

This bad behavior happens when no Desktop/NetworkManager is in effect,
and since Debian 9 is beyond 5 minutes after boot.

I've tried to set TimeoutStartSec=infinity with no success at
/lib/systemd/system/ifup@.service


__
I'm using this express-made address because personal addresses aren't
masked enough at this mail public archive. Public archive administrator
should fix this against automated addresses collectors.

Bug#880982: ifup does not trigger scripts any more after booting

2017-11-07 Thread Guus Sliepen 
On Tue, Nov 07, 2017 at 09:55:17PM +0100, Narcis Garcia wrote:

> Thanks Guus for the suggestion about netplug as alternative.
> Network interface's configurtaion (IP) is already done when hotplugging
> the cable.
> 
> What is not working on same event is the run-parts of scripts in
> /etc/network/if-up.d [...]

Aha. If you are using DHCP, then the DHCP client will probably detect
that the cable is plugged in again at some point, and will assign it an
address. However, ifupdown is never called when that happens, so
ifupdown will not cause any of the scripts to run. Also, ifupdown will
consider the interface to be up all the time, whether the cable is
plugged in or not.

Note that dhclient itself can also run scripts when it gets or loses a
lease, see man dhclient-script.

> (as non-Systemd Debian versions did)

This has nothing to do with systemd vs. sysvinit. Maybe it is caused by
changes in udev. But on my computers, I don't see udev generating any
events when I plug or unplug a network cable...

-- 
Met vriendelijke groet / with kind regards,
  Guus Sliepen 


signature.asc
Description: PGP signature

Bug#881116: Call trace at debian stretch

2017-11-07 Thread paulo bruck 
Package: linux-image-4.9.0-4-amd64
Version: 4.9.51-1
Severity: critical
Justification: breaks the whole system

Dear Mainteners

Actually I am using kernel from jessie because if I try to use kernel
from strech it hangs at boot  with this message bellow.

Let me know if I could help witn more details.

nov 07 18:10:12 zeus kernel: CPU: 0 PID: 5729 Comm: munin-update
Tainted: G  DO4.9.0-4-amd64 #1
 Debian 4.9.51-1
nov 07 18:10:12 zeus kernel: Hardware name: Gigabyte Technology Co.,
Ltd. P67A-D3-B3/P67A-D3-B3, BIOS F1 03
/03/2011
nov 07 18:10:12 zeus kernel: task: 98ebd40e0040 task.stack: bd4cc8274000
nov 07 18:10:12 zeus kernel: RIP: 0010:[]
[] in_group_p+0x40/0x60
nov 07 18:10:12 zeus kernel: RSP: 0018:bd4cc8277c98  EFLAGS: 00010a07
nov 07 18:10:12 zeus kernel: RAX: 7ced RBX:
41ed RCX: 
nov 07 18:10:13 zeus kernel: RDX: f9db RSI:
7ced RDI: 
nov 07 18:10:13 zeus kernel: RBP: 98ec6f651168 R08:
98eba96d99c0 R09: 2f2f2f2f2f2f2f2f
nov 07 18:10:13 zeus kernel: R10:  R11:
98ebd40e0040 R12: 0081
nov 07 18:10:13 zeus kernel: R13: 0001 R14:
bd4cc8277e90 R15: 
nov 07 18:10:13 zeus kernel: FS:  7f576d6642c0()
GS:98ec7f40() knlGS:
nov 07 18:10:13 zeus kernel: CS:  0010 DS:  ES:  CR0: 80050033
nov 07 18:10:13 zeus kernel: CR2: 98eda96d8d7c CR3:
000232656000 CR4: 000426f0
nov 07 18:10:13 zeus kernel: Stack:
nov 07 18:10:13 zeus kernel:  9320d625 cbf036f6ecc9a92c
98ec6f651168 0081
nov 07 18:10:13 zeus kernel:  bd4cc8277d80 0001
9320d6c4 98ec73ec101d
nov 07 18:10:13 zeus kernel:  fefefefefefefeff bd4cc8277d80
9320fea6 2f2f2f2f2f2f2f2f
nov 07 18:10:13 zeus kernel: Call Trace:
nov 07 18:10:13 zeus kernel:  [] ?
generic_permission+0x105/0x180
nov 07 18:10:13 zeus kernel:  [] ?
__inode_permission+0x24/0xc0
nov 07 18:10:13 zeus kernel:  [] ? link_path_walk+0x86/0x650
nov 07 18:10:13 zeus kernel:  [] ? path_lookupat+0x86/0x120
nov 07 18:10:13 zeus kernel:  [] ? filename_lookup+0xb1/0x180
nov 07 18:10:13 zeus kernel:  [] ?
__check_object_size+0xfa/0x1d8
nov 07 18:10:13 zeus kernel:  [] ?
strncpy_from_user+0x48/0x160
nov 07 18:10:13 zeus kernel:  [] ? getname_flags+0x6a/0x1e0
nov 07 18:10:13 zeus kernel:  [] ? vfs_fstatat+0x59/0xb0
nov 07 18:10:13 zeus kernel:  [] ? SYSC_newstat+0x2a/0x60
nov 07 18:10:13 zeus kernel:  [] ? __do_page_fault+0x2d1/0x510
nov 07 18:10:13 zeus kernel:  [] ?
system_call_fast_compare_end+0xc/0x9b
nov 07 18:10:13 zeus kernel: Code: 3b 78 20 74 38 4c 8b 80 90 00 00 00
4d 85 c0 74 29 41 8b 50 04 85 d2 74 21 31 c9 eb 07 8d 48 01 39 ca 76
16 8d 04 0a d1 e8 89 c6 <41> 3b 7c b0 08 77 eb 73 09 89 c2 39 ca 77 ea
31 c0 c3 b8 01 00
nov 07 18:10:13 zeus kernel: RIP  [] in_group_p+0x40/0x60
nov 07 18:10:13 zeus kernel:  RSP 
nov 07 18:10:13 zeus kernel: CR2: 98eda96d8d7c
nov 07 18:10:13 zeus kernel: ---[ end trace 84c3ad992cd5b40b ]---

-- 
Paulo Ricardo Bruck consultor
tel 011 3596-4881/4882  011 98140-9184 (TIM)
http://www.contatogs.com.br
http://www.protejasuarede.com.br
gpg AAA59989 at wwwkeys.us.pgp.net

Bug#439121: Add a .pc file for libapt-pkt

2017-11-07 Thread Corentin Noël 
Here is a patch working with current master, It's now fully working. It
contains a test to ensure that it works, I tested it with autopkgtest.
From 44fa7251911378bb0ca16a23024b7f7ede5a8f84 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Corentin=20No=C3=ABl?= 
Date: Tue, 7 Nov 2017 20:38:13 +0100
Subject: [PATCH] Enable PkgConfig on the apt-pkg and apt-inst libraries

---
 apt-inst/CMakeLists.txt   |  3 +++
 apt-inst/apt-inst.pc.in   | 11 +++
 apt-pkg/CMakeLists.txt|  3 +++
 apt-pkg/apt-pkg.pc.in | 10 ++
 debian/libapt-pkg-dev.install |  1 +
 debian/tests/control  |  5 +++--
 debian/tests/pkg-config-test  | 22 ++
 7 files changed, 53 insertions(+), 2 deletions(-)
 create mode 100644 apt-inst/apt-inst.pc.in
 create mode 100644 apt-pkg/apt-pkg.pc.in
 create mode 100644 debian/tests/pkg-config-test

diff --git a/apt-inst/CMakeLists.txt b/apt-inst/CMakeLists.txt
index 31da115e4..063b40318 100644
--- a/apt-inst/CMakeLists.txt
+++ b/apt-inst/CMakeLists.txt
@@ -12,6 +12,8 @@ set(APT_INST_MAJOR ${MAJOR} PARENT_SCOPE)
 file(GLOB_RECURSE library "*.cc")
 file(GLOB_RECURSE headers "*.h")
 
+configure_file(apt-inst.pc.in ${CMAKE_CURRENT_BINARY_DIR}/apt-inst.pc @ONLY)
+
 # Create a library using the C++ files
 add_library(apt-inst SHARED ${library})
 
@@ -25,4 +27,5 @@ add_version_script(apt-inst)
 # Install the library and the headers
 install(TARGETS apt-inst LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR})
 install(FILES ${headers} DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/apt-pkg)
+install(FILES ${CMAKE_CURRENT_BINARY_DIR}/apt-inst.pc DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
 flatify(${PROJECT_BINARY_DIR}/include/apt-pkg/ "${headers}")
diff --git a/apt-inst/apt-inst.pc.in b/apt-inst/apt-inst.pc.in
new file mode 100644
index 0..c752f4657
--- /dev/null
+++ b/apt-inst/apt-inst.pc.in
@@ -0,0 +1,11 @@
+prefix=@CMAKE_INSTALL_PREFIX@
+exec_prefix=${prefix}
+libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@
+includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@
+
+Name: apt-inst
+Description: deb package format runtime library
+Version: @MAJOR@.@MINOR@
+Libs: -L${libdir} -lapt-inst
+Cflags: -I${includedir}/apt-pkg
+Requires: apt-pkg
diff --git a/apt-pkg/CMakeLists.txt b/apt-pkg/CMakeLists.txt
index 2f5ad3200..44e5fd9c7 100644
--- a/apt-pkg/CMakeLists.txt
+++ b/apt-pkg/CMakeLists.txt
@@ -29,6 +29,8 @@ execute_process(COMMAND grep "^#define APT_PKG_RELEASE"
 message(STATUS "Building libapt-pkg ${MAJOR} (release ${MINOR})")
 set(APT_PKG_MAJOR ${MAJOR} PARENT_SCOPE) # exporting for methods/CMakeLists.txt
 
+configure_file(apt-pkg.pc.in ${CMAKE_CURRENT_BINARY_DIR}/apt-pkg.pc @ONLY)
+
 # Definition of the C++ files used to build the library - note that this
 # is expanded at CMake time, so you have to rerun cmake if you add or remove
 # a file (you can just run cmake . in the build directory)
@@ -65,6 +67,7 @@ add_version_script(apt-pkg)
 # Install the library and the header files
 install(TARGETS apt-pkg LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR})
 install(FILES ${headers} DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/apt-pkg)
+install(FILES ${CMAKE_CURRENT_BINARY_DIR}/apt-pkg.pc DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
 flatify(${PROJECT_BINARY_DIR}/include/apt-pkg/ "${headers}")
 
 if(CMAKE_BUILD_TYPE STREQUAL "Coverage")
diff --git a/apt-pkg/apt-pkg.pc.in b/apt-pkg/apt-pkg.pc.in
new file mode 100644
index 0..97c90ce5e
--- /dev/null
+++ b/apt-pkg/apt-pkg.pc.in
@@ -0,0 +1,10 @@
+prefix=@CMAKE_INSTALL_PREFIX@
+exec_prefix=${prefix}
+libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@
+includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@
+
+Name: apt-pkg
+Description: package management runtime library
+Version: @MAJOR@.@MINOR@
+Libs: -L${libdir} -lapt-pkg -pthread
+Cflags: -I${includedir}/apt-pkg
diff --git a/debian/libapt-pkg-dev.install b/debian/libapt-pkg-dev.install
index 42e7c34d5..563e99909 100644
--- a/debian/libapt-pkg-dev.install
+++ b/debian/libapt-pkg-dev.install
@@ -1,3 +1,4 @@
 usr/include/apt-pkg/
 usr/lib/*/libapt-inst*.so
 usr/lib/*/libapt-pkg*.so
+usr/lib/*/pkgconfig/apt-*.pc
diff --git a/debian/tests/control b/debian/tests/control
index 85b16e062..a0234b50b 100644
--- a/debian/tests/control
+++ b/debian/tests/control
@@ -1,8 +1,9 @@
-Tests: run-tests
+Tests: run-tests, pkg-config-test
 Restrictions: allow-stderr
 Depends: @, @builddeps@, dpkg, fakeroot, wget, stunnel4, lsof, db-util,
  gnupg (>= 2) | gnupg2,
  gnupg1 | gnupg (<< 2),
  gpgv (>= 2) | gpgv2,
  gpgv1 | gpgv (<< 2),
- libfile-fcntllock-perl, python3-apt
+ libfile-fcntllock-perl, python3-apt,
+ pkg-config
diff --git a/debian/tests/pkg-config-test b/debian/tests/pkg-config-test
new file mode 100644
index 0..cb8d1ffb0
--- /dev/null
+++ b/debian/tests/pkg-config-test
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+set -e
+
+WORKDIR=$(mktemp -d)
+trap "rm -rf $WORKDIR" 0 INT QUIT ABRT PIPE TERM
+cd $WORKDIR
+cat < pkgconfigtest.c

Bug#880551: xterm: corrections to man page

2017-11-07 Thread G. Branden Robinson 
At 2017-11-06T18:51:32-0500, Thomas Dickey wrote:
> > > > 10. Remove boldfacing from portions of code examples; these escapes
> > > > changed the font family back to Times from Courier.  If this change
> > > > is unacceptable, I can come up with one that will stay within the
> > > > Courier family, but it will only work for groff.  I don't know of
> > > > a portable way to do what I think is desired here.
> > > 
> > > This is a problem, since I'm using the boldface to guide
> > > a script which generates the hyperlinks here:
> > > 
> > > https://invisible-island.net/xterm/manpage/xterm.html
> > > 
> > > The \fP's should have done what was needed to restore the font-family...
> > 
> > Ah.  I'll revert that part for my next patch submission, than.
> 
> thanks :-)

I note that PRIMARY, SELECT, and CLIPBOARD all get the boldface
treatment, but CUT_BUFFER[01] do not.  Would you like me to bold these
as well for consistency and potential future documentation, or leave
them alone?

> fwiw, I wrote a script yesterday which compares the copies of the
> macros with a reference version (thinking of ncurses).

Of course!  Once you've done it right once, automate it!  :D

-- 
Regards,
Branden


signature.asc
Description: PGP signature

Bug#880998: debian-goodies: checkrestart should error-out when failing to call lsof

2017-11-07 Thread Nicolas Braud-Santoni 
On Mon, Nov 06, 2017 at 10:12:11PM +0100, Axel Beckert wrote:
> 
> Hi Nicolas,
> 
> Nicolas Braud-Santoni wrote:
> > PS: I included the patches as signed commit in the
> > collab-maint repository, in branch bug880998.
> 
> Thanks! That makes it way easier as "git am" choked on your bug report
> mail with the two patches.

That's interesting, I just generated the patches with
`git format-patch origin/master` and attached them to the mail with reportbug.
What would be the correct way to send multiple patches to a bug?

In any case, thanks for the swift reply.


Best,

  nicoo


signature.asc
Description: PGP signature

Bug#880997: nageru: FTBFS on armel

2017-11-07 Thread Steinar H. Gunderson 
On Tue, Nov 07, 2017 at 12:21:24PM +0200, Adrian Bunk wrote:
>> FWIW, last time I asked about this, it was a toolchain bug on armel
>> (std::atomic doesn't work). Is there any other information I should know
>> about?
> It is not true that std::atomic doesn't work on armel,
> and that's not what the error message is about.

If you can't use something from std:: without linking to an extra library,
it “doesn't work” in my world. :-) Especially given that it used to work just
fine.

> The following patch fixes the FTBFS on armel
> and the other architectures where nageru currently FTBFS:

I'll be happy to include the patch in the next upload, but I do consider it a
workaround (and in particular, I won't be pulling it upstream).

/* Steinar */
-- 
Homepage: https://www.sesse.net/

Bug#871502: Re : Bug#871502: zotero-standalone-build: The newer Zotero is standalone only ; a reorganization is neded.

2017-11-07 Thread Sébastien Villemot 
On Tue, Nov 07, 2017 at 12:38:36PM +0100, Félix Sipma wrote:

> Do you want to help me packaging some node-* libs (I guess there will be 
> enough
> for several people :-))? Again, I'm sure we'll be able to package the firefox
> extension again once the mozext team will have dealt with webextensions.

Well, I have basically zero knowledge of NodeJS, and am not very interested in
contributing to the Debian Javascript Maintainers team.

I am nevertheless ready to help, at least by sponsoring. And maybe also by
crafting a few packages if there is a clear recipe somewhere (but ideally I
would prefer not to be listed in the Uploaders).

Do you have a dependency tree of libraries that are not in Debian?

Note that many nodejs libraries are currently waiting in the NEW queue, and
some others may be in the pipeline (basically for getting the new gitlab in
Debian), so do not forget to check the NEW queue summary [1] and the WNPP
database [2].

 [1] https://ftp-master.debian.org/new.html
 [2] https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=wnpp;dist=unstable

-- 
⢀⣴⠾⠻⢶⣦⠀  Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁  Debian Developer
⢿⡄⠘⠷⠚⠋⠀  http://sebastien.villemot.name
⠈⠳⣄  http://www.debian.org


signature.asc
Description: PGP signature

Bug#880997: nageru: FTBFS on armel

2017-11-07 Thread Adrian Bunk 
On Tue, Nov 07, 2017 at 12:48:03PM +0100, Steinar H. Gunderson wrote:
> On Tue, Nov 07, 2017 at 12:21:24PM +0200, Adrian Bunk wrote:
> >> FWIW, last time I asked about this, it was a toolchain bug on armel
> >> (std::atomic doesn't work). Is there any other information I should know
> >> about?
> > It is not true that std::atomic doesn't work on armel,
> > and that's not what the error message is about.
> 
> If you can't use something from std:: without linking to an extra library,
> it “doesn't work” in my world. :-) Especially given that it used to work just
> fine.

armel needing -latomic here is new with gcc 7,
but it already used to not work on mips/mipsel
and several non-release architectures before.

> > The following patch fixes the FTBFS on armel
> > and the other architectures where nageru currently FTBFS:
> 
> I'll be happy to include the patch in the next upload, but I do consider it a
> workaround (and in particular, I won't be pulling it upstream).

My patch is for debian/rules and points to the gcc bug.

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#881050: ltsp-server: After boot only a black screen

2017-11-07 Thread W Forum W 
Package: ltsp-server
Version: 5.5.9-2
Severity: important

Dear Maintainer,
We use LTSP with Fat Clients with NBD
Most of the clients need to boot several times before they get the Login Page.
They always get a black screen. After a few reboots the boot process get 
through.
This is very annoying for our users.
After login averything works fine.

Any one an idea in wich direction we have to look?

No error messages found


-- Package-specific info:
chroot information: /opt/ltsp/stretch

-- System Information:
Debian Release: 9.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ltsp-server depends on:
ii  debconf [debconf-2.0]  1.5.61
ii  debconf-utils  1.5.61
ii  debootstrap1.0.89
ii  gettext-base   0.19.8.1-2
ii  iproute2   4.9.0-1
ii  lsb-release9.20161125
ii  openssh-client 1:7.4p1-10+deb9u1
ii  python 2.7.13-2
ii  tcpd   7.6.q-26

Versions of packages ltsp-server recommends:
ii  dnsmasq   2.76-5+deb9u1
ii  gnupg 2.1.18-8~deb9u1
ii  nbd-server1:3.15.2-3
ii  openbsd-inetd [inet-superserver]  0.20160825-2
ii  openssh-server1:7.4p1-10+deb9u1
ii  squashfs-tools1:4.3-3+deb9u1
ii  tftpd-hpa 5.2+20150808-1+b1

Versions of packages ltsp-server suggests:
pn  audiooss  
ii  dnsmasq   2.76-5+deb9u1
ii  isc-dhcp-server   4.3.5-3
ii  ldm-server2:2.2.18-2
ii  libasound2-plugins1.1.1-1
ii  ltsp-docs 1.2-1
ii  ltspfs1.4-2+b1
ii  marco [x-window-manager]  1.16.1-1
ii  mate-desktop-environment  1.16.0+1
ii  mate-session-manager [x-session-manager]  1.16.1-1
pn  pulseaudio
pn  qemu-user-static  
pn  sdm   
ii  x11-utils 7.7+3+b1
ii  xauth 1:1.0.9-1+b2

-- debconf information:
  ltsp-server/build_client: false

Bug#880551: xterm: corrections to man page

2017-11-07 Thread G. Branden Robinson 
At 2017-11-07T08:10:40-0500, G. Branden Robinson wrote:
> Here's an updated version of the patch, reverting the de-boldfacing of
> action names (and some token names) in resource translations.

Of course, by sending that I guaranteed I'd find a problem with it.

Here's my next try.  The problem with the previous was stuff like this:

\\fP(ti

in many of the resource translation lines.

Third try attached.

-- 
Regards,
Branden
--- xterm-330/xterm.man	2017-06-18 14:07:02.0 -0400
+++ xterm-330-branden/xterm.man	2017-11-07 08:15:09.462564868 -0500
@@ -61,16 +61,16 @@
 .\"
 .\" Bulleted paragraph
 .de bP
-.ie \n(.IP \(bu 4
-.el.IP \(bu 2
+.ie n .IP \(bu 4
+.el   .IP \(bu 2
 ..
 .\" these would be fallbacks for DS/DE,
 .\" but groff changed the meaning of the macros.
 .de NS
-.ie \n(.sp
-.el.sp .5
-.ie \n(.in +4
-.el.in +2
+.ie n .sp
+.el   .sp .5
+.ie n .in +4
+.el   .in +2
 .nf
 .ft C			\" Courier
 ..
@@ -912,7 +912,7 @@
 Also, \fI\*n\ \-e\fP is supposed to provide a consistent
 functionality for other applications that need to start text-mode
 programs in a window, and if \fBloginShell\fP were not ignored, the
-result of ~/.profile might interfere with that.
+result of \(ti/.profile might interfere with that.
 .IP
 If you do want the effect of \fB\-ls\fP and \fB\-e\fP simultaneously, you
 may get away with something like
@@ -1325,9 +1325,9 @@
 (the first two are equivalent
 since the descriptor follows the last \*(``/\*(''):
 .NS 15
--S/dev/pts/123/45
--S123/45
--Sab34
+\-S/dev/pts/123/45
+\-S123/45
+\-Sab34
 .NE
 .IP
 Note that \fI\*n\fP does not close any file descriptor
@@ -1488,13 +1488,13 @@
 .bP
 .B ptyInitialErase\fP (PIE), along with the
 .bP
-\fIstty\fP erase character (^H for backspace, ^? for delete)
+\fIstty\fP erase character (\(haH for backspace, \(ha? for delete)
 .RE
 .IP
 will affect DECBKM.  First, \fI\*n\fP obtains the initial \fIerase\fP character:
 .RS
 .bP
-\fI\*n\fP's internal value is ^H
+\fI\*n\fP's internal value is \(haH
 .bP
 \fI\*n\fP asks the operating system for the value which \fBstty\fP shows
 .bP
@@ -1509,14 +1509,14 @@
 _ _ _ _
 l c c c.
 \fBPIE\fR	\fBstty\fR	\fBtermcap\fR	\fIerase\fP
-false	^H	^H	^H
-false	^H	^?	^?
-false	^?	^H	^H
-false	^?	^?	^?
-true	^H	^H	^H
-true	^H	^?	^H
-true	^?	^H	^?
-true	^?	^?	^?
+false	\(haH	\(haH	\(haH
+false	\(haH	\(ha?	\(ha?
+false	\(ha?	\(haH	\(haH
+false	\(ha?	\(ha?	\(ha?
+true	\(haH	\(haH	\(haH
+true	\(haH	\(ha?	\(haH
+true	\(ha?	\(haH	\(ha?
+true	\(ha?	\(ha?	\(ha?
 .TE
 .IP
 Using that \fIerase\fP character, \fI\*n\fP allows further choices:
@@ -1526,8 +1526,9 @@
 character for the initial state of \fBDECBKM\fP
 .bP
 if \fBbackarrowKeyIsErase\fP is false, \fI\*n\fP sets \fBDECBKM\fP
-to 2 (internal).  This ties together \fBbackarrowKey\fP
-and the control sequence for \fBDECBKM\fP
+to 2 (internal).
+This ties together \fBbackarrowKey\fP and the control sequence for
+\fBDECBKM\fP.
 .bP
 applications can send a control sequence to set/reset \fBDECBKM\fP control set
 .bP
@@ -1540,14 +1541,14 @@
 _ _ _ _ _
 c l l c c.
 \fIerase\fR	\fBBKIE\fR	\fBBK\fR	\fBDECBKM\fP	\fIresult\fP
-^?	false	false	2	^H
-^?	false	true	2	^?
-^?	true	false	0	^?
-^?	true	true	1	^?
-^H	false	false	2	^H
-^H	false	true	2	^?
-^H	true	false	0	^H
-^H	true	true	1	^H
+\(ha?	false	false	2	\(haH
+\(ha?	false	true	2	\(ha?
+\(ha?	true	false	0	\(ha?
+\(ha?	true	true	1	\(ha?
+\(haH	false	false	2	\(haH
+\(haH	false	true	2	\(ha?
+\(haH	true	false	0	\(haH
+\(haH	true	true	1	\(haH
 .TE
 .TP 8
 .B "fullscreen\fP (class\fB Fullscreen\fP)"
@@ -1911,17 +1912,18 @@
 susp,
 swtch and
 weras.
-Control characters may be specified as ^char (e.g., ^c or ^u)
-and \fB^?\fP may be used to indicate delete (127).
-Use \fB^\-\fP to denote \fIundef\fP.
-Use \fB\\034\fP to represent \fB^\\\fP, since a literal backslash in
+Control characters may be specified as \fB\(ha\fPchar
+(e.g., \fB\(hac\fP or \fB\(hau\fP)
+and \fB\(ha?\fP may be used to indicate delete (127).
+Use \fB\(ha\-\fP to denote \fIundef\fP.
+Use \fB\e034\fP to represent \fB\(ha\e\fP, since a literal backslash in
 an X resource escapes the next character.
 .IP
 This is very useful for overriding
 the default terminal settings without having to do an \fIstty\fP every time
 an \fI\*n\fP is started.
 Note, however, that the \fIstty\fP program on a given host may use different
-keywords; \fI\*n\fR's table is built-in.
+keywords; \fI\*n\fR's table is built in.
 .IP
 If the \fBttyModes\fP resource specifies a value for \fBerase\fP,
 that overrides the \fBptyInitialErase\fP resource setting,
@@ -2443,7 +2445,7 @@
 .B "charClass\fP (class\fB CharClass\fP)"
 Specifies comma-separated lists of character class bindings of the form
 .NS
-\fIlow\fP[-\fIhigh]\fP[:\fIvalue\fP].
+\fIlow\fP[\-\fIhigh]\fP[:\fIvalue\fP].
 .NE
 .IP
 These are used in determining which
@@ -3064,9 +3066,9 @@
 .IP
 It is possible to select suitable bitmap fonts using a script such as this:
 .NS
-\

Bug#881041: gzip/gunzip: fails to preserve filename

2017-11-07 Thread Georg Herrmann 
Package: gzip
Version: 1.6-5+b1
Severity: serious
Tags: Security

Dear Maintainer,

say I will gzip a file named sample_name. As result I get a new
packed file sample_name.gz. When gunzipping this file the result is a
file named sample_name. That is the expected result and in no way
surprising or objectionable.

But when I rename sample_name.gz to disguised_name.gz and than gunzip
it, the result is a file withe the new name disguised_name. The
original filename will not be preserved. Even if I look into the file
with gunzip -l, I will not see the original filename.

This might be intentional behaviour, but it is somewhat surprising -
and it might lead to dangerous results! In fact, this behaviour is
currently actively exploited to bypass content checks on MTA's and
deliver trojans via mail to their intended victims.

The problem is, that other (un)zipping tools, e.g. file-roller or
nearly each and every unzipping tool under Windows don't show the same
behaviour as gunzip, but unzip the file to it's original filename.

The scenario is as follows: a trojan horse named trojan.exe will be
gzipped. The resulting file will be renamed trojan.pdf.gz and will
then be sent via mail to some target address.

The MTA uses e.g. Amavis to look into the attachment with gunzip -l,
sees an obviously harmless filename trojan.pdf and let it pass. The
recipient unzips the file, expects a pdf, but gets an executable,
doubleclick...

This scenario will not work with any other zipping tool than gzip!

As said before, this behaviour might be intentional; even more, there
might be scripts in the wild, which count on this behaviour and would be
broken, if it is changed.

But at least the list command gzip -l resp. gunzip -l should show the
real content of the zipped file and not just the filename with the .gz
stripped.

Bug#871502: Re : Bug#871502: zotero-standalone-build: The newer Zotero is standalone only ; a reorganization is neded.

2017-11-07 Thread Sébastien Villemot 
On Tue, Nov 07, 2017 at 11:38:04AM +0100, Félix Sipma wrote:

> I misunderstood the 5.0 refactoring, zotero still has to be built from three
> repos, only the client part (https://github.com/zotero/zotero) was refactored
> to use npm/node (and so, needs js libs to get packaged). So, I guess the
> packaging repo should stay as it is for now, and be refactored if upstream
> decides to merge everything in a single repo.
> 
> Could you please share your workflow for updating the package?

1. look at the end of debian/rules, in the get-orig-source rule: it has the
  machinery for creating a new tarball, by pinning commits in the 3 repos.
  You'll probably have to update the rule, I tried to give it a try with
  commits from 5.0 and it failed.

2. then update debian/copyright

3. and deal with all the minified javascript snippets (see
  debian/source/lintian-overrides and debian/missing-sources/*)

2. and 3. are very painful, so of course you can do them only at the end of the
packaging process if you prefer.


-- 
⢀⣴⠾⠻⢶⣦⠀  Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁  Debian Developer
⢿⡄⠘⠷⠚⠋⠀  http://sebastien.villemot.name
⠈⠳⣄  http://www.debian.org


signature.asc
Description: PGP signature

Bug#881052: RM: plexus-containers1.5 -- ROM; Merged with src:plexus-containers

2017-11-07 Thread Emmanuel Bourg 
Package: ftp.debian.org
Severity: normal

Hi,

Please remove the plexus-containers1.5 package, as part of the Maven 3
transition this package has been merged with src:plexus-containers and
is no longer used. Its binary packages are now built by src:plexus-containers.

Thank you,

Emmanuel Bourg

Bug#820119: tidy reports valid NCR as invalid

2017-11-07 Thread Neil Roeth 
Sorry, I should have used my Debian email address on that last update. 
I'm the maintainer of the opensp package which provides the onsgmls
executable used by validate.

-- 
Neil Roeth

Bug#876501: Fixed in buster

2017-11-07 Thread Eric Van Buggenhaut 
After testing I can confirm the patch I mentioned before has been
applied and the bug fixed in version 2:1.19.5-1
-- 
Eric

Bug#871502: Re : Bug#871502: zotero-standalone-build: The newer Zotero is standalone only ; a reorganization is neded.

2017-11-07 Thread Félix Sipma 
On 2017-11-07 12:17+0100, Sébastien Villemot wrote:
> On Tue, Nov 07, 2017 at 11:38:04AM +0100, Félix Sipma wrote:
> 
>> I misunderstood the 5.0 refactoring, zotero still has to be built from three
>> repos, only the client part (https://github.com/zotero/zotero) was refactored
>> to use npm/node (and so, needs js libs to get packaged). So, I guess the
>> packaging repo should stay as it is for now, and be refactored if upstream
>> decides to merge everything in a single repo.
>> 
>> Could you please share your workflow for updating the package?
> 
> 1. look at the end of debian/rules, in the get-orig-source rule: it has the
>  machinery for creating a new tarball, by pinning commits in the 3 repos.
>  You'll probably have to update the rule, I tried to give it a try with
>  commits from 5.0 and it failed.

I never used get-orig-source, you just run ./debian/rules get-orig-source? Or
is this integrated with something else?

> 2. then update debian/copyright
> 
> 3. and deal with all the minified javascript snippets (see
>  debian/source/lintian-overrides and debian/missing-sources/*)
> 
> 2. and 3. are very painful, so of course you can do them only at the end of 
> the
> packaging process if you prefer.

Thanks!


signature.asc
Description: PGP signature

Bug#871502: Re : Bug#871502: zotero-standalone-build: The newer Zotero is standalone only ; a reorganization is neded.

2017-11-07 Thread Sébastien Villemot 
On Tue, Nov 07, 2017 at 12:22:36PM +0100, Félix Sipma wrote:

> I never used get-orig-source, you just run ./debian/rules get-orig-source? Or
> is this integrated with something else?

Indeed you have to run it manually. It is documented in the Debian Policy, but
in practice it is less popular than using uscan. In the present case however,
uscan is not very well suited.



-- 
⢀⣴⠾⠻⢶⣦⠀  Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁  Debian Developer
⢿⡄⠘⠷⠚⠋⠀  http://sebastien.villemot.name
⠈⠳⣄  http://www.debian.org


signature.asc
Description: PGP signature

Bug#531221: Har du brug for et uopsætteligt lån?

2017-11-07 Thread ANZSURE LOANS 
HELLO, Går du igennem økonomiske vanskeligheder, eller du har brug for 
et presserende lån for at forbedre din forretningsstandard. ... Vi 
tilbyder også både personlige lån, virksomhedslån, realkreditlån, 
studielån og payday lån.

  1   2   3   >