Bug#889030: virtualbox: Windows10 guest flickers with nVidia drivers, there's a patch

2018-02-01 Thread Marius Mikucionis 
Package: virtualbox
Version: 5.2.6-dfsg-2
Severity: normal
Tags: patch

Dear Maintainer,

I am running Windows 10 guest and the screen flickers when something is 
(re)drawn,
basically it's unusable.

Relevant configuration to reproduce:
1) nVidia drivers on the host.
2) virtualbox guest additions with 3D acceleration enabled.
3) enabled 3D accelaration in the Windows 10 machine settings.

One workaround is to disable 3D acceleration, but here I found a better 
solution:

https://techblog.devlat.eu/2017/04/07/screen-flickering-in-virtualbox-with-3d-enabled/
in particular it says:

With nVidia drivers on the host, a race condition happens, causing buffers to 
be swapped (i.e. picture to be shown) before rendering is completed by the 
client, hence the flickering.
The only workaround is to change (comment out actually) a single line in 
VirtualBox source and recompile it. After recompilation is done, it is actually 
possible to just replace a single freshly compiled file, VBoxOGLrenderspu.so, 
which is located in /usr/lib/virtualbox/. No need to uninstall the “original” 
VirtualBox and install the self-compiled one.

The patch is just one line:
https://www.virtualbox.org/attachment/ticket/13653/vbox-NVIDIA-fix-v2.patch.txt
--- 
/home/alexey/vbox-orig/VirtualBox-5.0.0_BETA4/./src/VBox/HostServices/SharedOpenGL/render/renderspu_glx.c
   2015-05-18 18:02:05.0 +0300
+++ ./src/VBox/HostServices/SharedOpenGL/render/renderspu_glx.c 2015-05-22 
23:33:33.0 +0300
@@ -1922,11 +1922,10 @@
 XSync(window->visual->dpy, 0);
 }
 }
 }
 
-#define CR_RENDER_FORCE_PRESENT_MAIN_THREAD
 
 void renderspu_SystemVBoxPresentComposition( WindowInfo *window, const struct 
VBOXVR_SCR_COMPOSITOR_ENTRY *pChangedEntry )
 {
 /* the CR_RENDER_FORCE_PRESENT_MAIN_THREAD is actually inherited from 
cocoa backend impl,
  * here it forces rendering in WinCmd thread rather than a Main thread.


Perhaps this patch can be included in Debian.

Thanks!

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'stable'), (50, 'unstable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_DK.utf8, LC_CTYPE=en_DK.utf8 (charmap=UTF-8), 
LANGUAGE=en_DK.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages virtualbox depends on:
ii  adduser   3.116
ii  iproute2  4.14.1-1
ii  libc6 2.26-4
ii  libcurl3-gnutls   7.57.0-1
ii  libdevmapper1.02.12:1.02.145-4.1
ii  libgcc1   1:7.2.0-19
ii  libgsoap-2.8.49   2.8.49-1
ii  libpng16-16   1.6.34-1
ii  libpython3.6  3.6.4-3
ii  libsdl1.2debian   1.2.15+dfsg2-0.1
ii  libssl1.1 1.1.0f-3
ii  libstdc++67.2.0-19
ii  libvncserver1 0.9.11+dfsg-1
ii  libx11-6  2:1.6.4-3
ii  libxcursor1   1:1.1.15-1
ii  libxext6  2:1.3.3-1+b2
ii  libxml2   2.9.4+dfsg1-6.1
ii  libxmu6   2:1.1.2-2
ii  libxt61:1.1.5-1
ii  procps2:3.3.12-3
ii  python3   3.6.4-1
ii  python3.6 3.6.4-3
ii  virtualbox-dkms [virtualbox-modules]  5.2.6-dfsg-2
ii  zlib1g1:1.2.8.dfsg-5

Versions of packages virtualbox recommends:
ii  libgl1  1.0.0-1.1
ii  libqt5core5a5.9.2+dfsg-7
ii  libqt5opengl5   5.9.2+dfsg-7
ii  libqt5widgets5  5.9.2+dfsg-7
ii  virtualbox-qt   5.2.6-dfsg-2

Versions of packages virtualbox suggests:
ii  vde22.3.2+r586-2.1
ii  virtualbox-guest-additions-iso  5.2.6-1

-- no debconf information

Bug#888796: w3m: segfaults on keypresses with recent versions of gpm/libgpm2

2018-02-01 Thread Sisyphus Nz 
>  Anyway, try the latest version w3m 0.5.3-36, built with libgpm2 >=
1.20.7.

Having upgraded w3m to 0.5.3-36, the problem has resolved itself. Thanks
again.

Bug#889040: bareos-director: Backups sometimes fail with "No Volume name given"

2018-02-01 Thread Felix Geyer 
Package: bareos-director
Version: 16.2.4-3+deb9u1

Backups sometimes (more likely with concurrent backups on mutiple
devices) fail when sd requests a new volume from the director.

Error message:
> 28-Jan 01:05 X-sd JobId 71734: Warning: mount.c:248 Open device "X" (/X/) 
> Volume "" failed: ERR=Could not open file device "X" (/X/). No Volume name 
> given.

Felix

-- 
Felix Geyer
Berater
Tel.:   +49 2166 9901-125
Fax:+49 2166 9901-100
E-
Mail: felix.ge...@credativ.de
PGP:D1DF 8149 7643 8822 7283 92DC 1004
DA1C FF6D B892
http://www.credativ.de

credativ GmbH, HRB Mönchengladbach 12080
USt-ID-Nummer: DE204566209
Trompeterallee 108, 41189 Mönchengladbach
Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer

Bug#889043: openmsx uses deprecated Tcl 8.5

2018-02-01 Thread Sergei Golovan 
Source: openmsx
Version: 0.14.0-1
Severity: important
Tags: patch

Dear Maintainer,

Since Tcl 8.5 has reached its end-of-life it is to be removed from Debian. So
please, switch the openmsx package to a modern Tcl version.

I've attached a proposed NMU with replaceing tcl8.5-dev by tcl-dev (the
default Tcl version which is 8.6 as for now). This change is sufficient to
make openmsx build using Tcl 8.6 (and it'll automatically switch to 8.7
after it'll become the dafult). If you don't mind I can do the upload.

-- System Information:
Debian Release: 9.3
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'proposed-updates'), (500, 
'stable'), (500, 'oldstable'), (1, 'experimental'), (1, 'unstable'), (1, 
'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-0.bpo.3-amd64 (SMP w/12 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru openmsx-0.14.0/debian/changelog openmsx-0.14.0/debian/changelog
--- openmsx-0.14.0/debian/changelog 2017-08-06 15:57:22.0 +0300
+++ openmsx-0.14.0/debian/changelog 2018-02-01 13:56:35.0 +0300
@@ -1,3 +1,11 @@
+openmsx (0.14.0-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Switch to the default Tcl/Tk version from Tcl/Tk 8.5 which is to be
+removed from Debian.
+
+ -- Sergei Golovan   Thu, 01 Feb 2018 13:56:35 +0300
+
 openmsx (0.14.0-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru openmsx-0.14.0/debian/control openmsx-0.14.0/debian/control
--- openmsx-0.14.0/debian/control   2017-08-06 15:57:22.0 +0300
+++ openmsx-0.14.0/debian/control   2018-02-01 13:56:35.0 +0300
@@ -2,7 +2,7 @@
 Section: otherosfs
 Priority: optional
 Maintainer: Bas Wijnen 
-Build-Depends: debhelper (>= 10), dpkg-dev (>= 1.15.7), docbook-to-man, 
libsdl1.2-dev, libpng-dev, tcl8.5-dev, libgl1-mesa-dev | libgl-dev, 
libxml2-dev, libglew-dev, libsdl-ttf2.0-dev, python (>= 2.5), libvorbis-dev, 
libtheora-dev (>= 1.0), libogg-dev, libao-dev, libfreetype6-dev
+Build-Depends: debhelper (>= 10), dpkg-dev (>= 1.15.7), docbook-to-man, 
libsdl1.2-dev, libpng-dev, tcl-dev, libgl1-mesa-dev | libgl-dev, libxml2-dev, 
libglew-dev, libsdl-ttf2.0-dev, python (>= 2.5), libvorbis-dev, libtheora-dev 
(>= 1.0), libogg-dev, libao-dev, libfreetype6-dev
 Standards-Version: 4.0.0
 Homepage: http://openmsx.org

Bug#889042: lintian: Do not use dot as a separator in build profile names

2018-02-01 Thread Javier Serrano Polo 
Package: lintian
Version: 2.5.72
Severity: wishlist

Please switch the dot to a suitable character, such as slash, in
pkg.$sourcepackage.$anything build profile names, since dot is a valid
character in package names.


smime.p7s
Description: S/MIME cryptographic signature

Bug#889044: udev: system upgrade is broken

2018-02-01 Thread Boris Pek 
Package: udev
Version: 237-1
Severity: normal


Dear Maintainer,

I have upgraded a remote system (connected via ssh) as usual, but this
time the upgrading process was broken with strange results:

dina@Dina:~$ export LC_ALL=C
dina@Dina:~$ sudo apt-get dist-upgrade -V
Reading package lists... Done
Building dependency tree   
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
2 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] 
Setting up udev (237-1) ...
Failed to connect to bus: No such file or directory
Failed to connect to bus: No such file or directory
invoke-rc.d: could not determine current runlevel
Failed to connect to bus: No such file or directory
Failed to connect to bus: No such file or directory
Failed to connect to bus: No such file or directory
invoke-rc.d: initscript udev, action "restart" failed.
Failed to connect to bus: No such file or directory
dpkg: error processing package udev (--configure):
 installed udev package post-installation script subprocess returned error exit 
status 1
Setting up exim4-daemon-light (4.90-5) ...
Failed to connect to bus: No such file or directory
invoke-rc.d: could not determine current runlevel
Failed to connect to bus: No such file or directory
Failed to connect to bus: No such file or directory
Failed to connect to bus: No such file or directory
invoke-rc.d: initscript exim4, action "start" failed.
Failed to connect to bus: No such file or directory
dpkg: error processing package exim4-daemon-light (--configure):
 installed exim4-daemon-light package post-installation script subprocess 
returned error exit status 1
Errors were encountered while processing:
 udev
 exim4-daemon-light
E: Sub-process /usr/bin/dpkg returned an error code (1)


And now I cannot even reboot a system remotely...


dina@Dina:~$ sudo shutdown -r now
Failed to connect to bus: No such file or directory
Failed to open /dev/initctl: No such device or address
Failed to talk to init daemon.


dina@Dina:~$ ls -alp /dev/initctl
lrwxrwxrwx 1 root root 25 Jan 27 09:44 /dev/initctl -> /run/systemd/initctl/fifo
dina@Dina:~$ ls -alp /dev/initctl /run/systemd/initctl/fifo
lrwxrwxrwx 1 root root 25 Jan 27 09:44 /dev/initctl -> /run/systemd/initctl/fifo
prw--- 1 root root  0 Feb  1 14:46 /run/systemd/initctl/fifo


dina@Dina:~$ sudo dmesg | grep -i systemd
[3.958989] systemd[1]: RTC configured in localtime, applying delta of 180 
minutes to system time.
[3.985200] systemd[1]: systemd 236 running in system mode. (+PAM +AUDIT 
+SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS 
+ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN 
default-hierarchy=hybrid)
[4.004135] systemd[1]: Detected architecture x86-64.
[4.004258] systemd[1]: Set hostname to .
[4.027669] systemd[1]: File /lib/systemd/system/systemd-journald.service:35 
configures an IP firewall (IPAddressDeny=any), but the local system does not 
support BPF/cgroup based firewalling.
[4.027671] systemd[1]: Proceeding WITHOUT firewalling in effect! (This 
warning is only shown for the first loaded unit using IP firewalling.)
[4.059766] systemd[1]: System is tainted: local-hwclock:var-run-bad
[4.060039] systemd[1]: Created slice User and Session Slice.
[4.060133] systemd[1]: Created slice System Slice.
[4.060212] systemd[1]: Created slice system-systemd\x2dfsck.slice.
[4.060242] systemd[1]: Listening on Syslog Socket.
[4.107197] systemd-journald[251]: Received request to flush runtime journal 
from PID 1
[427045.160058] systemd: 43 output lines suppressed due to ratelimiting
[427045.167709] systemd[1]: systemd 237 running in system mode. (+PAM +AUDIT 
+SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS 
+ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 
default-hierarchy=hybrid)
[427045.168054] systemd[1]: Detected architecture x86-64.
[427045.210868] systemd[1]: File /lib/systemd/system/systemd-logind.service:37 
configures an IP firewall (IPAddressDeny=any), but the local system does not 
support BPF/cgroup based firewalling.
[427045.210870] systemd[1]: Proceeding WITHOUT firewalling in effect! (This 
warning is only shown for the first loaded unit using IP firewalling.)
[427045.228374] systemd[1]: Failed to connect to system bus: No such file or 
directory
[427045.228377] systemd[1]: Failed to initialize D-Bus connection: No such file 
or directory


dina@Dina:~$ dpkg -l '*systemd*'
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ NameVersionArchitecture   
Description
+++-===-==-==-===

Bug#889044: udev: system upgrade is broken

2018-02-01 Thread Michael Biebl 
Am 01.02.2018 um 13:17 schrieb Boris Pek:
> [4.059766] systemd[1]: System is tainted: local-hwclock:var-run-bad

 /var/run should be a symlink pointing at /run.

I suppose that is broken on your system and as a result, the dbus socket
files in /run are not found.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#889048: [node-source-map] FTBFS: lib/mappings.wasm

2018-02-01 Thread Bastien ROUCARIÈS 
Package: node-source-map
Version: 0.7.0+dfsg-1
Severity: serious

Please give me pointer how to compile this file

Bastien

signature.asc
Description: This is a digitally signed message part.

Bug#888953: gobby accesses the network during the build

2018-02-01 Thread Simon McVittie 
On Thu, 01 Feb 2018 at 12:40:16 +0100, Philipp Kern wrote:
> I'll note that I was told to stop build-depending on rarian-compat in
> #885642, which then introduced this bug.

That request was less clear than it could have been, but the intention
was to stop using the deprecated documentation toolchain, not just stop
build-depending on parts of it.

> > (For context, Scrollkeeper is very obsolete, rarian-compat is an
> > obsolete
> > compatibility shim for Scrollkeeper, and gnome-doc-utils has itself
> > been superseded by yelp-tools; it's deprecations all the way down.
> 
> Well, I suppose it'd help if there would be some guidance on how to do
> things today. I'm (somewhat) happy to fix it upstream if needed.

Here's upstream's migration guide, with links to the commits used to
migrate an example package:
https://wiki.gnome.org/Initiatives/GnomeGoals/NewDocumentationInfrastructure
(I'll try to follow up to the other bugs from the same MBF as #885642 at
some point with a reference to this.)

smcv

Bug#889056: auto-mode-alist-setting preumes too much

2018-02-01 Thread Erwan David 
Package: emacs-goodies-el
Version: 35.12
Severity: normal

In emacs-goodies-loaddefs.el we find :

(add-to-list 'auto-mode-alist '("sites-\\(available\\|enabled\\)/" . 
apache-mode))

But the sites-available/sites-enabled scheme is not used by apache
only, but also by freeradius (and could be used for other
configurations, eg nginx) using eg
add-to-list 'auto-mode-alist '("apache2/sites-\\(available\\|enabled\\)/" . 
apache-mode))
would be more appropriate.

-- System Information:
Debian Release: 8.10
  APT prefers oldstable-proposed-updates
  APT policy: (700, 'oldstable-proposed-updates'), (500, 'oldstable-updates'), 
(500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-0.bpo.4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages emacs-goodies-el depends on:
ii  bash 4.3-11+deb8u1
ii  dpkg 1.17.27
ii  emacs24-lucid [emacsen]  24.5+1-6~bpo8+1
ii  install-info 5.2.0.dfsg.1-6

Versions of packages emacs-goodies-el recommends:
pn  dict  
pn  perl-doc  
ii  wget  1.16-1+deb8u4

emacs-goodies-el suggests no packages.

-- no debconf information

Bug#889035: src:llvm-toolchain-5.0: New symbols appeared in the symbols file

2018-02-01 Thread Andreas Boll 
Package: src:llvm-toolchain-5.0
Version: 1:5.0.1-2
Severity: normal

Dear Maintainer,

There are new symbols exported by libclang1-5.0. Please update the symbols
file.

New symbols: (see also build log [1])

--- new_symbol_file (libclang1-5.0_1:5.0.1-2_i386)
+++ dpkg-gensymbolsuaN6L9   2017-12-22 22:00:39.778307536 +
@@ -62,12 +62,14 @@
  clang_Cursor_isAnonymous@LLVM_5.0 1:5.0~svn298832-1~
  clang_Cursor_isBitField@LLVM_5.0 1:5.0~svn298832-1~
  clang_Cursor_isDynamicCall@LLVM_5.0 1:5.0~svn298832-1~
+ clang_Cursor_isExternalSymbol@LLVM_5.0 1:5.0.1-2
  clang_Cursor_isFunctionInlined@LLVM_5.0 1:5.0~svn298832-1~
  clang_Cursor_isMacroBuiltin@LLVM_5.0 1:5.0~svn298832-1~
  clang_Cursor_isMacroFunctionLike@LLVM_5.0 1:5.0~svn298832-1~
  clang_Cursor_isNull@LLVM_5.0 1:5.0~svn298832-1~
  clang_Cursor_isObjCOptional@LLVM_5.0 1:5.0~svn298832-1~
  clang_Cursor_isVariadic@LLVM_5.0 1:5.0~svn298832-1~
+ clang_EnumDecl_isScoped@LLVM_5.0 1:5.0.1-2
  clang_EvalResult_dispose@LLVM_5.0 1:5.0~svn298832-1~
  clang_EvalResult_getAsDouble@LLVM_5.0 1:5.0~svn298832-1~
  clang_EvalResult_getAsInt@LLVM_5.0 1:5.0~svn298832-1~
@@ -187,6 +189,7 @@
  clang_findReferencesInFileWithBlock@LLVM_5.0 1:5.0~svn298832-1~
  clang_formatDiagnostic@LLVM_5.0 1:5.0~svn298832-1~
  clang_free@LLVM_5.0 1:5.0~svn298832-1~
+ clang_getAddressSpace@LLVM_5.0 1:5.0.1-2
  clang_getAllSkippedRanges@LLVM_5.0 1:5.0~svn302377-1~
  clang_getArgType@LLVM_5.0 1:5.0~svn298832-1~
  clang_getArrayElementType@LLVM_5.0 1:5.0~svn298832-1~
@@ -213,6 +216,7 @@
  clang_getCursorCompletionString@LLVM_5.0 1:5.0~svn298832-1~
  clang_getCursorDefinition@LLVM_5.0 1:5.0~svn298832-1~
  clang_getCursorDisplayName@LLVM_5.0 1:5.0~svn298832-1~
+ clang_getCursorExceptionSpecificationType@LLVM_5.0 1:5.0.1-2
  clang_getCursorExtent@LLVM_5.0 1:5.0~svn298832-1~
  clang_getCursorKind@LLVM_5.0 1:5.0~svn298832-1~
  clang_getCursorKindSpelling@LLVM_5.0 1:5.0~svn298832-1~
@@ -249,6 +253,7 @@
  clang_getEnumConstantDeclUnsignedValue@LLVM_5.0 1:5.0~svn298832-1~
  clang_getEnumConstantDeclValue@LLVM_5.0 1:5.0~svn298832-1~
  clang_getEnumDeclIntegerType@LLVM_5.0 1:5.0~svn298832-1~
+ clang_getExceptionSpecificationType@LLVM_5.0 1:5.0.1-2
  clang_getExpansionLocation@LLVM_5.0 1:5.0~svn298832-1~
  clang_getFieldDeclBitWidth@LLVM_5.0 1:5.0~svn298832-1~
  clang_getFile@LLVM_5.0 1:5.0~svn298832-1~
@@ -299,6 +304,7 @@
  clang_getTypeKindSpelling@LLVM_5.0 1:5.0~svn298832-1~
  clang_getTypeSpelling@LLVM_5.0 1:5.0~svn298832-1~
  clang_getTypedefDeclUnderlyingType@LLVM_5.0 1:5.0~svn298832-1~
+ clang_getTypedefName@LLVM_5.0 1:5.0.1-2
  clang_hashCursor@LLVM_5.0 1:5.0~svn298832-1~
  clang_indexLoc_getCXSourceLocation@LLVM_5.0 1:5.0~svn298832-1~
  clang_indexLoc_getFileLocation@LLVM_5.0 1:5.0~svn298832-1~
@@ -344,6 +350,7 @@
  clang_reparseTranslationUnit@LLVM_5.0 1:5.0~svn298832-1~
  clang_saveTranslationUnit@LLVM_5.0 1:5.0~svn298832-1~
  clang_sortCodeCompletionResults@LLVM_5.0 1:5.0~svn298832-1~
+ clang_suspendTranslationUnit@LLVM_5.0 1:5.0.1-2
  clang_toggleCrashRecovery@LLVM_5.0 1:5.0~svn298832-1~
  clang_tokenize@LLVM_5.0 1:5.0~svn298832-1~
  clang_visitChildren@LLVM_5.0 1:5.0~svn298832-1~


For easier detection of such issues I'd recommend bumping the dpkg-gensymbols
checker level to 4. This will cause the build to fail if there are any symbol
changes (added or removed).

e.g.
- dh_makeshlibs -plibclang1-5.0 -V"libclang1-5.0 (>= 1:5.0~svn298832-1~)"
+ dh_makeshlibs -plibclang1-5.0 -V"libclang1-5.0 (>= 1:5.0~svn298832-1~)" -- -c4


Thanks,
Andreas

[1] 
https://buildd.debian.org/status/fetch.php?pkg=llvm-toolchain-5.0=i386=1%3A5.0.1-2=1513980534=0

Bug#889036: kazam: When selecting an area, the screen is greyed-out

2018-02-01 Thread Jonas Andradas 
Package: kazam
Version: 1.4.5-2
Severity: important

Dear Maintainer,

When choosing to select an area to capture, all the screen (at least in the
monitor in which the mouse cursor is) is greyed out, blocking all underlying
windows.  I need to select a rectangle within the greyed-out area, but is hard
to do this correctly when what I want to record is not visible anymore.

If I run kazam from a console, apart from warnings regarding several deprecated
GTK calls, I get the following, which seems relevant:

WARNING Window Select - Compositing window manager not found, expect the
unexpected.
WARNING Window Select - Compositing window manager not found, expect the
unexpected.

My kazam version is 1.4.5-2

This issue seems the same as:

https://bugs.launchpad.net/kazam/+bug/1263419




-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages kazam depends on:
ii  gir1.2-gst-plugins-base-1.0  1.12.4-1
ii  gir1.2-gstreamer-1.0 1.12.4-1
ii  gir1.2-keybinder-3.0 0.3.2-1
ii  gir1.2-wnck-3.0  3.24.1-2
ii  gnome-session-canberra   0.30-6
ii  gstreamer1.0-plugins-base1.12.4-1
ii  gstreamer1.0-plugins-good1.12.4-1
ii  gstreamer1.0-plugins-ugly1.12.4-1+b1
ii  gstreamer1.0-pulseaudio  1.12.4-1
ii  python3  3.6.4-1
ii  python3-cairo1.15.4-2
ii  python3-dbus 1.2.6-1
ii  python3-gi   3.26.1-2
ii  python3-gi-cairo 3.26.1-2
ii  python3-xdg  0.25-4

Versions of packages kazam recommends:
ii  gstreamer1.0-libav  1.12.4-1

kazam suggests no packages.

-- no debconf information

Bug#889045: [node-source-map] Need not available nodejs > 8

2018-02-01 Thread Bastien ROUCARIÈS 
Package: node-source-map
Version: 0.7.0+dfsg-1
Severity: serious

Need nodejs > 8 that is not available under debian

Give me on reverse dep:
ReferenceError: WebAssembly is not defined
at readWasm.then.buffer (/usr/lib/nodejs/source-map/lib/wasm.js:26:14)
{ name: 'TAP', type: 'ReferenceError', test: 'TAP' }
ReferenceError: WebAssembly is not defined
at readWasm.then.buffer (/usr/lib/nodejs/source-map/lib/wasm.js:26:14)
{ name: 'TAP', type: 'ReferenceError', test: 'TAP' }
ReferenceError: WebAssembly is not defined
at readWasm.then.buffer (/usr/lib/nodejs/source-map/lib/wasm.js:26:14)
{ name: 'TAP', type: 'ReferenceError', test: 'TAP' }
ReferenceError: WebAssembly is not defined
at readWasm.then.buffer (/usr/lib/nodejs/source-map/lib/wasm.js:26:14)
{ name: 'TAP', type: 'ReferenceError', test: 'TAP' }


signature.asc
Description: This is a digitally signed message part.

Bug#889046: ruby2.5 FTBFS with tzdata 2018c-1

2018-02-01 Thread Adrian Bunk 
Source: ruby2.5
Version: 2.5.0-4
Severity: serious

https://buildd.debian.org/status/package.php?p=ruby2.5=sid

...
  1) Failure:
TestTimeTZ#test_asia_tokyo [/<>/test/ruby/test_time_tz.rb:129]:
TZ=Asia/Tokyo Time.local(1951, 5, 6, 2, 0, 0).
<"1951-05-06 03:00:00 +1000"> expected but was
<"1951-05-06 02:00:00 +1000">.

  2) Failure:
TestTimeTZ#test_gen_Asia_Tokyo_24 
[/<>/test/ruby/test_time_tz.rb:259]:
TZ=Asia/Tokyo Time.utc(1951, 5, 5, 16, 59, 59).localtime.
<"1951-05-06 01:59:59 +0900"> expected but was
<"1951-05-06 02:59:59 +1000">.

  3) Failure:
TestTimeTZ#test_gen_Asia_Tokyo_27 
[/<>/test/ruby/test_time_tz.rb:259]:
TZ=Asia/Tokyo Time.utc(1951, 9, 7, 16, 0, 0).localtime.
<"1951-09-08 01:00:00 +0900"> expected but was
<"1951-09-08 02:00:00 +1000">.

  4) Failure:
TestTimeTZ#test_gen_Asia_Tokyo_69 
[/<>/test/ruby/test_time_tz.rb:277]:
TZ=Asia/Tokyo Time.local(1951, 5, 6, 1, 59, 59).
<"1951-05-06 01:59:59 +0900"> expected but was
<"1951-05-06 01:59:59 +1000">.

  5) Failure:
TestTimeTZ#test_gen_Asia_Tokyo_72 
[/<>/test/ruby/test_time_tz.rb:295]:
TZ=Asia/Tokyo Time.local(0, 0, 1, 8, 9, 1951, nil, nil, false, nil).
<"1951-09-08 01:00:00 +0900"> expected but was
<"1951-09-08 01:00:00 +1000">.

Finished tests in 384.583156s, 44.7940 tests/s, 5880.9466 assertions/s.
17227 tests, 2261713 assertions, 5 failures, 0 errors, 60 skips

ruby -v: ruby 2.5.0p0 (2017-12-25 revision 61468) [x86_64-linux-gnu]
uncommon.mk:698: recipe for target 'yes-test-almost' failed
make[2]: *** [yes-test-almost] Error 5



http://mm.icann.org/pipermail/tz-announce/2018-January/48.html

   Changes to past time stamps

 Japanese DST transitions (1948-1951) were Sundays at 00:00, not
 Saturdays or Sundays at 02:00.  (Thanks to Takayuki Nikai.)

Bug#888201: mailman: CVE-2018-5950

2018-02-01 Thread Thijs Kinkhorst 
>> I plan to release Mailman 2.1.26 along with a patch for older releases
>> to fix this issue on Feb 4, 2018. At that time, full details of the
>> vulnerability will be public.

I've reserved time on Sunday to in any case to sid when the fix is
released, and depending on the details/severity look into a security
upload.


Thijs

Bug#889048: [node-source-map] FTBFS: lib/mappings.wasm

2018-02-01 Thread Jérémy Lal 
2018-02-01 13:39 GMT+01:00 Bastien ROUCARIÈS :

> Package: node-source-map
> Version: 0.7.0+dfsg-1
> Severity: serious
>
> Please give me pointer how to compile this file
>

It's generated by another project:
https://github.com/fitzgen/source-map-mappings/blob/master/source-map-mappings-wasm-api/build.py

Bug#888126: [patch] Please enable systemd-sysusers unit

2018-02-01 Thread Michael Biebl 
Am 01.02.2018 um 07:39 schrieb Michael Vogt:
> Hi,
> 
> just a small update on this. systemd git master has the needed support
> to reproduce the base-passwd passwd and group files now. The sysuers.d
> conf file for this looks like this:
> 
>
> https://github.com/systemd/systemd/blob/master/test/TEST-21-SYSUSERS/test-5.input
> 
> and it generates output like this:
> 
>
> https://github.com/systemd/systemd/blob/master/test/TEST-21-SYSUSERS/test-5.expected-passwd
>
> https://github.com/systemd/systemd/blob/master/test/TEST-21-SYSUSERS/test-5.expected-group
> 
> The only remaining problem is that it generates /sbin/nologin which we
> do not have (we use /usr/sbin/nologin). But IMO that is not a blocker
> we could make it a problem of the user (by recommending to the users
> to create a symlink) - it may go away if UsrMerge takes off.

Given that /usr/sbin/nologin works on Debian and derivatives and
usr-merged systems, like Fedora, could you try to convince upstream to
use /usr/sbin/nologin instead of /sbin/nologin?
Or is there a solid reason to prefer /sbin/nologin over /usr/sbin/nologin?


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#889047: Missing dependencies

2018-02-01 Thread Adrien CLERC 
Hi,

Forget about the previous part. This was segfaulting because of a
missing dependency.

So to be clear: uwsgi-plugin-php requires libphp7.2-embed. php7.2-fpm is
not filling the requirement.
<>

Bug#472802: Limesurvey packaging was moved from SVN to Git

2018-02-01 Thread Andreas Tille 
Hi Julian,

On Thu, Feb 01, 2018 at 01:23:16PM +, Julian Gilbey wrote:
> 
> OK, I've now done that.  I'm not aware of any plans to migrate Alioth
> git repositories wholesale to salsa, though individual teams (such as
> the Go packaging team) are planning to migrate groups of
> respositories.
> 
> Some information about migration is available at
> https://wiki.debian.org/Salsa/Doc - in particular, the collab-maint is now
> the Debian/ namespace.
> 
> Limesurvey now lives at
> Vcs-Browser: https://salsa.debian.org/debian/limesurvey
> Vcs-Git: https://salsa.debian.org/debian/limesurvey.git

Cool.  Thanks for completing what I had started. :-)

Kind regards

  Andreas. 

-- 
http://fam-tille.de

Bug#889055: FTBFS with libminiupnpc-dev 2.0.20171212

2018-02-01 Thread Thomas Goirand 
Source: sushi
Version: 1.4.0+git20160822+dfsg-4
Severity: important

Hi,

Trying to build sushi with the latest version of libminiupnpc-dev which I
uploaded in Experimental failed. Here's the build log:

../source/plugins/upnp.c: In function ‘init’:
../source/plugins/upnp.c:271:56: warning: passing argument 6 of ‘upnpDiscover’ 
makes integer from pointer without a cast [-Wint-conversion]
   miniupnpc_dev = upnpDiscover(1000, NULL, NULL, 0, 0, );
^
In file included from ../source/plugins/upnp.c:41:0:
/usr/include/miniupnpc/miniupnpc.h:62:1: note: expected ‘unsigned char’ but 
argument is of type ‘gint * {aka int *}’
 upnpDiscover(int delay, const char * multicastif,
 ^~~~
../source/plugins/upnp.c:271:19: error: too few arguments to function 
‘upnpDiscover’
   miniupnpc_dev = upnpDiscover(1000, NULL, NULL, 0, 0, );
   ^~~~
In file included from ../source/plugins/upnp.c:41:0:
/usr/include/miniupnpc/miniupnpc.h:62:1: note: declared here
 upnpDiscover(int delay, const char * multicastif,
 ^~~~

Please fix the package before I upload libminiupnpc 2.0.20171212 in Sid, at
which time this bug will become RC.

Cheers,

Thomas Goirand (zigo)

Bug#889029: rsh-client: rcp: memory leak

2018-02-01 Thread Hiroyuki YAMAMORI 
Package: rsh-client
Version: 0.17-17+b1
Severity: normal
Tags: patch

Dear Maintainer,

The way to reproduce is as follows.

hostA$ mkdir /tmp/src30
hostA$ cd /tmp/src30
hostA$ seq 100 30 | xargs touch

hostB terminal-1: monitor memory use - e.g. top command.

hostB terminal-2: execute the rcp command as follows.

hostB$ mkdir /tmp/dest-0123456789abcdefghijklmnopqrstuvwxyz
hostB$ netkit-rcp -r hostA:/tmp/src30 
/tmp/dest-0123456789abcdefghijklmnopqrstuvwxyz


It will fix with the following patch.

--- netkit-rsh-0.17/rcp/rcp.c
+++ new/rcp/rcp.c
@@ -645,6 +645,8 @@
int ofd, setimes, targisdir;
off64_t size;
char *np, *vect[1], buf[BUFSIZ];
+   char *namebuf = NULL;
+   unsigned cursize = 0, nbase = 0;
 
 #defineatime   tv[0]
 #definemtime   tv[1]
@@ -666,8 +668,11 @@
targisdir = 1;
for (first = 1;; first = 0) {
cp = buf;
-   if (read(rem, cp, 1) <= 0)
+   if (read(rem, cp, 1) <= 0) {
+   if (namebuf)
+   free(namebuf);
return;
+   }
if (*cp++ == '\n')
SCREWUP("unexpected ");
do {
@@ -687,6 +692,8 @@
}
if (buf[0] == 'E') {
(void)write(rem, "", 1);
+   if (namebuf)
+   free(namebuf);
return;
}
 
@@ -741,17 +748,28 @@
if (*cp++ != ' ')
SCREWUP("size not delimited");
if (targisdir) {
-   static char *namebuf;
-   static int cursize;
-   int need;
-
-   need = strlen(targ) + strlen(cp) + 250;
+   char *newbuf;
+   int need = strlen(targ) + strlen(cp) + 2;
if (need > cursize) {
-   if (!(namebuf = malloc(need)))
+   need += 64;
+   if (!(newbuf = malloc(need))) {
error("out of memory\n");
+   exit(1);
+   }
+   if (namebuf) {
+   memcpy(newbuf, namebuf, nbase);
+   newbuf[nbase] = '\0';
+   free(namebuf);
+   } else {
+   strcpy(newbuf, targ);
+   if (*newbuf)
+   strcat(newbuf, "/");
+   nbase = strlen(newbuf);
+   }
+   namebuf = newbuf;
+   cursize = need;
}
-   (void)snprintf(namebuf, need, "%s%s%s", targ,
-   *targ ? "/" : "", cp);
+   strcpy(namebuf + nbase, cp);
np = namebuf;
}
else

Thank you,
Hiroyuki YAMAMORI


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 
(charmap=UTF-8)

Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages rsh-client depends on:
ii  libc6  2.26-6

rsh-client recommends no packages.

rsh-client suggests no packages.

-- no debconf information

Bug#888953: gobby accesses the network during the build

2018-02-01 Thread Simon McVittie 
On Thu, 01 Feb 2018 at 11:23:28 +0200, Adrian Bunk wrote:
> On Wed, Jan 31, 2018 at 03:53:11PM +0100, Matthias Klose wrote:
> > While seen on a launchpad build, it looks like a missing build dependency,
> > because it tries to access the docbookx.dtd from the network:

My understanding is that it's currently up to the package being built
(e.g. gobby, not gnome-doc-utils) to build-depend on the appropriate
package to get the DTDs of its XML documentation to be registered
in the xml-core catalog and available without hitting the network:
docbook-xml for docbookx.dtd, rarian-compat for scrollkeeper-omf.dtd,
and possibly others.

If GNOME-2-style documentation always includes both Docbook and
Scrollkeeper/Rarian OMF format (I'm not clear on the details) then perhaps
gnome-doc-utils should have Depends on both of those. If they are not
always needed, then it probably shouldn't.

(For context, Scrollkeeper is very obsolete, rarian-compat is an obsolete
compatibility shim for Scrollkeeper, and gnome-doc-utils has itself
been superseded by yelp-tools; it's deprecations all the way down. I've
asked the ftp team to override gnome-doc-utils from gnome to oldlibs,
and pushed a better package description to gnome-team git for inclusion
in the next upload.)

> There is also the related issue that 
> /usr/share/gnome-doc-utils/gnome-doc-utils.make
> shouldn't call xmllint without --nonet

I'm not sure that this would be a good idea to do
unconditionally. gnome-doc-utils.make gets copied into source packages
by gnome-doc-prepare (analogous to autoconf, automake, libtoolize) so
by making this change, we would be imposing Debian policy on upstream
packages that happen to have been prepared by a `make dist` on a Debian
system.

In Debian, accessing the network during build is forbidden (for good
reason), and we have the xml-core catalog as a way to get DTDs without
doing so. However, when packages whose upstream release happens to have
been made on a Debian system are built on less enlightened distributions
that don't have (or want) that policy, and that don't necessarily even
have an equivalent of xml-core, they still need to build successfully.

Is there a canonical way to detect that we are in a Debian package build,
that could be used to add --nonet to the xmllint command-line if and only
if this is a Debian package build?

smcv

Bug#889033: smartmontools: New version (6.6) is available

2018-02-01 Thread Steffen Kockel 
Package: smartmontools
Version: 6.5
Severity: wishlist

Dear Maintainer,

a new release of smartmontools is available. Please update
packages. 

-- System Information:
Debian Release: stretch/sid
  APT prefers artful-updates
  APT policy: (500, 'artful-updates'), (500, 'artful-security'), (500, 
'artful'), (100, 'artful-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.13.0-32-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages smartmontools depends on:
ii  debianutils  4.8.2
ii  init-system-helpers  1.49ubuntu1
ii  libc62.26-0ubuntu2.1
ii  libcap-ng0   0.7.7-3build1
ii  libgcc1  1:7.2.0-8ubuntu3
ii  libselinux1  2.7-1
ii  libstdc++6   7.2.0-8ubuntu3
ii  lsb-base 9.20160110ubuntu5

Versions of packages smartmontools recommends:
pn  mailx | mailutils  

Versions of packages smartmontools suggests:
pn  gsmartcontrol   
pn  smart-notifier

Bug#889041: RFP: tryton-modules-notification-email -- Tryton Application Platform (E-Mail Notification Module)

2018-02-01 Thread Nicolas Évrard 
Package: wnpp
Severity: wishlist

* Package name: tryton-modules-notification-email
  Version : 4.6.0
  Upstream Author : Tryton Foundation 
* URL : http://www.tryton.org/
* License : GPL
  Programming Lang: Python
  Description : Tryton Application Platform (E-Mail Notification Module)

Tryton is a high-level general purpose application platform. It is the base
of a complete business solution as well as a comprehensive health and hospital
information system (GNUHealth).
.
This module allows one to send notification by email when events
happens to Tryton records (like a sale being validated or a shipment
being sent)

Bug#889027: quodlibet: New upstream version (4.0.2) available (Python 3 support)

2018-02-01 Thread Rogério Brito 
Package: quodlibet
Version: 3.9.1-1.2
Severity: wishlist

Hi.

There's a new version of quodlibet available right now (4.0.2) that supports
Python 3 >= 3.5 and that incorporates a number of improvements.

Given that we are trying to get rid of as much Python 2 as possible, it
would be nice to have this new version in the Debian repositories. See
https://github.com/quodlibet/quodlibet/issues/1580

This also incorporates the use of XDG_CONFIG_HOME and many other goodies.

So, it would be awesome to have especially this or newer versions of
quodlibet available in our archives.


Thanks,

Rogério.



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable'), (150, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf-8, LC_CTYPE=pt_BR.utf-8 (charmap=UTF-8), 
LANGUAGE=en_US.utf-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages quodlibet depends on:
ii  exfalso  3.9.1-1.2
ii  gir1.2-gst-plugins-base-1.0  1.12.4-1
ii  gir1.2-gstreamer-1.0 1.12.4-1
ii  gir1.2-keybinder-3.0 0.3.2-1
ii  gstreamer1.0-alsa1.12.4-1
ii  gstreamer1.0-plugins-base1.12.4-1
ii  gstreamer1.0-plugins-good1.12.4-1
ii  gstreamer1.0-plugins-ugly1.12.4-1+b1
ii  gstreamer1.0-pulseaudio  1.12.4-1
ii  python   2.7.14-4

Versions of packages quodlibet recommends:
ii  gir1.2-gtksource-3.03.24.6-1
ii  gir1.2-webkit2-4.0  2.18.6-1
ii  libgpod40.8.3-11
ii  mate-notification-daemon [notification-daemon]  1.18.1-1
pn  media-player-info   
ii  python-dbus 1.2.4-1+b4
ii  python-feedparser   5.2.1-1
ii  python-pyinotify0.9.6-1
ii  udisks2 2.7.5-1

Versions of packages quodlibet suggests:
ii  gstreamer1.0-plugins-bad  1.12.4-2+b1

-- no debconf information

-- 
Rogério Brito : rbrito@{ime.usp.br,gmail.com} : GPG key 4096R/BCFC
http://cynic.cc/blog/ : github.com/rbrito : profiles.google.com/rbrito
DebianQA: http://qa.debian.org/developer.php?login=rbrito%40ime.usp.br

Bug#889037: debian-live: only 1GB ram detected in Lenovo ThinkPad X1 Carbon with Debian 9 i686 Live CD

2018-02-01 Thread gebjgd 
Package: debian-live
Severity: normal
Tags: lfs

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
i used a Debian 9 i686 LiveCD to start a Lenovo thinkpad X1 Carbon (5th 
gen.) laptop, but i only get 1 GB ram detected but not as 3.2 GB (due to 32bit 
memory address maping).
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
just boot the Lenovo thinkpad X1 Carbon with Debian 9 Live CD.
   * What was the outcome of this action?
1 GB ram affected usage of the live system
   * What outcome did you expect instead?
3.2GB ram detection as other Live CD (*Ubuntu LTS livecd)


-- System Information:
Debian Release: 9.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), 
LANGUAGE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#889052: ruby-pundit: Typo in package description

2018-02-01 Thread isbear 

Package: ruby-pundit
Severity: minor

Hello.

The package description contains a typo: "object oriente*d*
authorization for rails".

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB.UTF-8 (charmap=UTF-8)

Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ruby-pundit depends on:
ii  ruby1:2.3.3
pn  ruby-activesupport  

ruby-pundit recommends no packages.

ruby-pundit suggests no packages.

Bug#889050: dateutils FTBFS with tzdata >= 2018b-1

2018-02-01 Thread Adrian Bunk 
Source: dateutils
Version: 0.4.1-2
Severity: serious

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/dateutils.html

...
FAIL: dzone.007
===

$ dzone --next Asia/Singapore 2014-02-22
--- "expected output  5c83cb99" 2019-03-06 07:12:58.247403471 -1200
+++ "actual output  5c83cb99"   2019-03-06 07:12:58.247403471 -1200
@@ -1 +1 @@
-never -> never Asia/Singapore
+never -> 1901-12-15T37:42:47+08:00 Asia/Singapore
$? 1
FAIL dzone.007.clit (exit status: 1)


Testsuite summary for dateutils 0.4.1

# TOTAL: 808
# PASS:  807
# SKIP:  0
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0

See test/test-suite.log
Please report to https://github.com/hroptatyr/dateutils/issues

Makefile:1160: recipe for target 'test-suite.log' failed
make[6]: *** [test-suite.log] Error 1

Bug#889051: ruby-buff-shell-out: Typo in package description

2018-02-01 Thread isbear 

Package: ruby-buff-shell-out
Severity: minor

Hello.

Package description contains a typo: "Ruby library fo*r* issuing shell
commands and collecting the output".

Also here:
"This library provides and platform agnostic way of executing shell
commands on the local system."
the word "and" is probably wrong and should be something else, like "a".

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB.UTF-8 (charmap=UTF-8)

Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages ruby-buff-shell-out depends on:
ii  ruby   1:2.3.3
pn  ruby-buff-ruby-engine  

ruby-buff-shell-out recommends no packages.

ruby-buff-shell-out suggests no packages.

Bug#889028: minissdpd: Fails to install on Debian unstable

2018-02-01 Thread John Paul Adrian Glaubitz 
Source: minissdpd
Version: 1.5.20161216-1
Severity: serious
Justification: renders package unusable

Hello!

Trying to install minissdpd 1.5.20161216-1 on Debian unstable fails:

root@z6:~> apt install minissdpd
Reading package lists... Done
Building dependency tree   
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libgltf-0.1-1 liborcus-0.12-0
Use 'apt autoremove' to remove them.
The following NEW packages will be installed:
  minissdpd
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/26.7 kB of archives.
After this operation, 75.8 kB of additional disk space will be used.
Selecting previously unselected package minissdpd.
(Reading database ... 637745 files and directories currently installed.)
Preparing to unpack .../minissdpd_1.5.20161216-1_amd64.deb ...
Unpacking minissdpd (1.5.20161216-1) ...
Setting up minissdpd (1.5.20161216-1) ...
Job for minissdpd.service failed because of unavailable resources or another 
system error.
See "systemctl status minissdpd.service" and "journalctl -xe" for details.
invoke-rc.d: initscript minissdpd, action "start" failed.
● minissdpd.service - keep memory of all UPnP devices that announced themselves
   Loaded: loaded (/lib/systemd/system/minissdpd.service; disabled; vendor 
preset: enabled)
   Active: failed (Result: resources) since Thu 2018-02-01 11:28:53 CET; 3min 
0s ago
 Docs: man:minissdpd(1)
 Main PID: 27104 (code=exited, status=0/SUCCESS)

Feb 01 11:28:53 z6 minissdpd[15296]:   192.168.1.42/255.255.255.0, or an 
interface name such as eth0.
Feb 01 11:28:53 z6 minissdpd[15296]:   By default, socket will be open as 
/var/run/minissdpd.sock
Feb 01 11:28:53 z6 minissdpd[15296]:   and pid written to file 
/var/run/minissdpd.pid
Feb 01 11:28:53 z6 systemd[1]: minissdpd.service: Control process exited, 
code=exited status=1
Feb 01 11:28:53 z6 systemd[1]: minissdpd.service: Failed with result 
'exit-code'.
Feb 01 11:28:53 z6 systemd[1]: Failed to start keep memory of all UPnP devices 
that announced themselves.
Feb 01 11:31:53 z6 systemd[1]: minissdpd.service: Failed to load environment 
files: No such file or directory
Feb 01 11:31:53 z6 systemd[1]: minissdpd.service: Failed to run 'start' task: 
No such file or directory
Feb 01 11:31:53 z6 systemd[1]: minissdpd.service: Failed with result 
'resources'.
Feb 01 11:31:53 z6 systemd[1]: Failed to start keep memory of all UPnP devices 
that announced themselves.
dpkg: error processing package minissdpd (--configure):
 installed minissdpd package post-installation script subprocess returned error 
exit status 1
Processing triggers for systemd (237-1) ...
Processing triggers for man-db (2.7.6.1-4) ...
Errors were encountered while processing:
 minissdpd
needrestart is being skipped since dpkg has failed
E: Sub-process /usr/bin/dpkg returned an error code (1)
root@z6:~>

I don't have any particular configuration for minissdpd installed as I
never intentionally installed the package. It was installed as a recommended
package by transmission-gtk.

Adrian

--
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaub...@debian.org
`. `'   Freie Universitaet Berlin - glaub...@physik.fu-berlin.de
  `-GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Bug#888884: segfault for no obvious reason on rcp from remote host

2018-02-01 Thread Hiroyuki YAMAMORI 
Dear Maintainer,

It will fix with the following patch.

--- netkit-rsh-0.17/rcp/rcp.c
+++ new/rcp/rcp.c
@@ -889,7 +889,11 @@
fprintf(fp, "%c", 0x01);
vfprintf(fp, fmt, ap);
fflush(fp);
-   if (!iamremote) vfprintf(stderr, fmt, ap);
+   if (!iamremote) {
+   va_end(ap);
+   va_start(ap, fmt);
+   vfprintf(stderr, fmt, ap);
+   }
 
va_end(ap);
 }

Bug#366535 will also be fixed with this patch.

Thank you,
Hiroyuki YAMAMORI

Bug#889053: [gir1.2-ibus-1.0] Fails to install Multi-Arch

2018-02-01 Thread Peje Nilsson 
Package: gir1.2-ibus-1.0
Version: 1.5.17-3
Severity: normal

--- Please enter the report below this line. ---

I have gir1.2-ibus-1.0:amd64 installed and tried to install
gir1.2-ibus-1.0:i386 i got the following:

Setting up gir1.2-ibus-1.0:i386 (1.5.17-3) ...
dpkg-query: error: --listfiles needs a valid package name but
'gir1.2-ibus-1.0' is not: ambiguous package name 'gir1.2-ibus-1.0' with
more than one installed instance

Use --help for help about querying packages.
Traceback (most recent call last):
  File "/usr/bin/py3compile", line 290, in 
    main()
  File "/usr/bin/py3compile", line 270, in main
    options.force, options.optimize, e_patterns)
  File "/usr/bin/py3compile", line 154, in compile
    for fn, versions_to_compile in filter_files(files, e_patterns,
versions):
  File "/usr/bin/py3compile", line 106, in filter_files
    for fn in files:
  File "/usr/share/python3/debpython/files.py", line 71, in filter_public
    for fn in files:
  File "/usr/share/python3/debpython/files.py", line 53, in from_package
    raise Exception("cannot get content of %s" % package_name)
Exception: cannot get content of gir1.2-ibus-1.0
dpkg: error processing package gir1.2-ibus-1.0:i386 (--configure):
 installed gir1.2-ibus-1.0:i386 package post-installation script
subprocess returned error exit status 1

I managed to install by adding :i386 to the following line in
gir1.2-ibus-1.0:i386.postinst:
--- /var/lib/dpkg/info/gir1.2-ibus-1.0:i386.postinst.bak    2018-02-01
14:14:09.765218252 +0100
+++ /var/lib/dpkg/info/gir1.2-ibus-1.0:i386.postinst  2018-02-01
14:13:24.205715785 +0100
@@ -3,7 +3,7 @@
 
 # Automatically added by dh_python3:
 if which py3compile >/dev/null 2>&1; then
-   py3compile -p gir1.2-ibus-1.0
+   py3compile -p gir1.2-ibus-1.0:i386
 fi
 
 # End automatically added section



--- System information. ---
Architecture:
Kernel: Linux 4.14.0-3-amd64

Debian Release: buster/sid
500 unstable repo.skype.com
500 unstable ftp.se.debian.org
500 unstable deb-multimedia.org
500 testing ftp.se.debian.org
500 testing deb-multimedia.org
500 stable silk.apana.org.au
500 stable security.debian.org
500 stable repository.spotify.com
500 stable packages.microsoft.com
500 stable ftp.se.debian.org
500 stable dl.google.com
500 stable deb.obspy.org
500 sid linux.dropbox.com
500 precise ppa.launchpad.net
500 oldstable packages.x2go.org
1 experimental ftp.se.debian.org

--- Package information. ---
Package's Depends field is empty.

Package's Recommends field is empty.

Package's Suggests field is empty.

-- 
Peje Nilsson
===
Swedish Institute of Space Physics, Teknikhuset, SE-901 87 Umeå, SWEDEN
Web: www.umea.irf.se,   Phone: +46-(0)980-79018,E-mail: p...@irf.se

Bug#472802: Limesurvey packaging was moved from SVN to Git

2018-02-01 Thread Julian Gilbey 
On Thu, Feb 01, 2018 at 11:46:11AM +0100, Andreas Tille wrote:
> Hi Julian,
> 
> On Thu, Feb 01, 2018 at 09:33:10AM +, Julian Gilbey wrote:
> > >  https://anonscm.debian.org/git/collab-maint/limesurvey.git
> > > 
> > > Please note:  I'm NOT interested on working on the package in the
> > > foreseable future but once I had a look into limesurvey and there is a
> > > vague chance that I become interested in a far future again.  So please
> > > do not consider me as an active contributor to the package but I hope
> > > you like the move to Git.
> > 
> > Hi Andreas,
> > 
> > Thanks for this.  I'm a little confused though: you've moved it from
> > SVN on Alioth to Git on Alioth, so it'll still disappear?
> 
> As far as I know some automatic conversion will be done.
> 
> > Would it
> > not make more sense to move it to salsa?
> 
> That's correct but I did not found any collab-maint project on Salsa
> yet.  As far as I'm aware there is some automatic method to move whole
> projects from Alioth to Salsa and that will happen at some point in
> time.  If you know how to move the project to Salsa feel free to do
> so since this should be easy now.
> 
> Kind regards
> 
>  Andreas.

Thanks Andreas!

OK, I've now done that.  I'm not aware of any plans to migrate Alioth
git repositories wholesale to salsa, though individual teams (such as
the Go packaging team) are planning to migrate groups of
respositories.

Some information about migration is available at
https://wiki.debian.org/Salsa/Doc - in particular, the collab-maint is now
the Debian/ namespace.

Limesurvey now lives at
Vcs-Browser: https://salsa.debian.org/debian/limesurvey
Vcs-Git: https://salsa.debian.org/debian/limesurvey.git

Best wishes,

   Julian

Bug#888908: using ICU 60.2: Failed test: basic10_4.m:166 ... negativeFormat used for -ve number

2018-02-01 Thread Yavor Doganov 
forwarded 888908 https://savannah.gnu.org/bugs/?53035
tags 888908 + pending
thanks

Matthias Klose wrote:
> On 31.01.2018 08:51, László Böszörményi (GCS) wrote:
> >  Strange, I'm at least twice built the ICU reverse dependencies
> > successfully including gnustep-base.

That would have been with versions before 59.1-1.  The configure run
fails because the icu-config script has been removed.  You have to
pass --disable-icu-config to build gnustep-base.

> the comment above reads:
> 
>/* Different versions of ICU use different formats, so we need to
> * permit alternative results.
> */

Yes, this test has been failing before with different versions of
ICU.  I proposed another patch upstream and would like to wait for
their comments before uploading.

What are the plans for the ICU transition?

Bug#863227: system-config-printer: applet.py does not exit with session

2018-02-01 Thread Sergio Gelato 
I'm seeing this as well --- under Xfce.

I'm under the impression that applet.py is waiting for the DBus session bus
to exit, but my system has dbus-user-session installed and it's possible
that systemd is waiting for applet.py to exit before it will shut that down.
Indeed if I send a SIGTERM to the session dbus-daemon that's enough to make
applet.py exit.

I think that means applet.py needs some other (additional) way of being told
when to exit. How do other applications do it? XSMP?

Bug#889034: python-networkmanager: License has changed to zlib

2018-02-01 Thread Ana Rodriguez Lopez 
Package: python-networkmanager
Version: 2.0.1-1
Severity: normal

Dear maintainer,

upstream changed the license from GPL3+ to zlib on 2016-02-04 in commit
e9ba67a2e81f7a34e18cee2777925ab3c929b94d. Please update debian/changelog
accordingly.

Thanks,
Ana

Bug#888531: 888531 - transition: ruby2.5 - binNMU round #1

2018-02-01 Thread Antonio Terceiro 
Hi,

As part of the ruby2.5 transition, please binNMU the following packages:

hivex
libselinux
raspell
remctl
rrdtool
ruby-allocations
ruby-atomic
ruby-augeas
ruby-bcrypt
ruby-bert
ruby-byebug
ruby-cairo
ruby-charlock-holmes
ruby-concurrent-ext
ruby-curb
ruby-curses
ruby-dataobjects-mysql
ruby-dataobjects-postgres
ruby-dataobjects-sqlite3
ruby-debian
ruby-debug-inspector
ruby-defaults
ruby-eb
ruby-eventmachine
ruby-exif
ruby-fast-stemmer
ruby-fast-xs
ruby-fcgi
ruby-ferret
ruby-ffi
ruby-filesystem
ruby-fusefs
ruby-gd
ruby-god
ruby-google-protobuf
ruby-gpgme
ruby-hiredis
ruby-hitimes
ruby-json
ruby-kgio
ruby-kyotocabinet
ruby-ldap
ruby-levenshtein
ruby-libvirt
ruby-libxml
ruby-mecab
ruby-mmap2
ruby-mysql2
ruby-narray
ruby-ncurses
ruby-nfc
ruby-nio4r
ruby-nokogiri
ruby-oily-png
ruby-openssl
ruby-ox
ruby-pcaprub
ruby-pg
ruby-posix-spawn
ruby-psych
ruby-rblineprof
ruby-rdiscount
ruby-re2
ruby-rinku
ruby-rjb
ruby-rpatricia
ruby-rugged
ruby-sdl
ruby-sequel-pg
ruby-serialport
ruby-sigar
ruby-termios
ruby-timfel-krb5-auth
ruby-tioga
ruby-tokyocabinet
ruby-uconv
ruby-unf-ext
ruby-unicode
ruby-version-sorter
ruby-vmstat
ruby-websocket-driver
ruby-xmlhash
ruby-xmlparser
ruby-zoom
stfl
xmms2


signature.asc
Description: PGP signature

Bug#832020: ruby2.3: ruby2.3_2.3.1-5 does not build with latest gdbm

2018-02-01 Thread Gianfranco Costamagna 
control: severity -1 serious

On Thu, 21 Jul 2016 14:56:57 +0300 Dmitry Bogatov  wrote:
> Source: ruby2.3
> Version: 2.3.1-5
> Severity: important
> 
> Dear Maintainer,
> 
> 
> Latest version of libgdbm(1.12) in experimental have new SONAME and
> separates away dbm_* interface in libgdbm-compat4 binary package.
> 
> As such, it is transition, and I have to make sure, that reverse
> dependencies are okay. Most of them was trivial to fix -- just build-depend
> on libgdbm-compat-dev, but ruby2.3 proved to be harder.
> 
> Here is snippet from test suite, when building aganist gdbm/experimental:
> 
>   TestGDBM#test_s_open_nolock:
>   GDBMError: Bad magic number
>   /home/user/stuff/ruby2.3-2.3.1/test/gdbm/test_gdbm.rb:190:in `open'
>   /home/user/stuff/ruby2.3-2.3.1/test/gdbm/test_gdbm.rb:190:in `block 
> (2 levels) in test_s_open_nolock'
>   
> /home/user/stuff/ruby2.3-2.3.1/test/lib/test/unit/assertions.rb:171:in 
> `assert_nothing_raised'
>   /home/user/stuff/ruby2.3-2.3.1/test/gdbm/test_gdbm.rb:189:in `block 
> in test_s_open_nolock'
>   /home/user/stuff/ruby2.3-2.3.1/test/gdbm/test_gdbm.rb:152:in `block 
> in open_db_child'
>   /home/user/stuff/ruby2.3-2.3.1/test/gdbm/test_gdbm.rb:149:in `popen'
>   /home/user/stuff/ruby2.3-2.3.1/test/gdbm/test_gdbm.rb:149:in 
> `open_db_child'
>   /home/user/stuff/ruby2.3-2.3.1/test/gdbm/test_gdbm.rb:188:in 
> `test_s_open_nolock'
> 
> I barely read Ruby and it is hard for me to debug this issue, and, as
> ruby package maintainer, you are more competent than me at it. Would
> you be so kind to try build ruby aganist gdbm/experimental and see why
> this test fails?
> 
> 

it is now serious

G.



signature.asc
Description: OpenPGP digital signature

Bug#889057: gdbm: please remove dependency on dietlibc for ia64

2018-02-01 Thread Jason Duerstock 
Source: gdbm
Severity: normal
Tags: patch
User: debian-i...@lists.debian.org
Usertags: ia64

Dear Maintainer,

As dietlibc does not currently build for ia64, please remove the dependency on 
it.

Patch attached.



-- System Information:
Debian Release: buster/sid
  APT prefers unreleased
  APT policy: (500, 'unreleased'), (500, 'unstable')
Architecture: ia64

Kernel: Linux 3.14-0.bpo.2-mckinley (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
--- debian/control.orig 2018-02-01 07:55:07.603676109 -0500
+++ debian/control  2018-02-01 07:55:34.359575320 -0500
@@ -5,7 +5,7 @@
 Build-Depends: texinfo,
debhelper (>= 10),
dh-exec,
-   dietlibc-dev (>= 0.34~cvs20160606-3) [alpha amd64 arm arm64 
armeb armel armhf hppa i386 ia64 mips mipsel mips64el powerpc powerpcspe ppc64 
ppc64el s390 s390x sparc sparc64 x32],
+   dietlibc-dev (>= 0.34~cvs20160606-3) [alpha amd64 arm arm64 
armeb armel armhf hppa i386 mips mipsel mips64el powerpc powerpcspe ppc64 
ppc64el s390 s390x sparc sparc64 x32],
libreadline-dev
 Standards-Version: 4.1.3
 Homepage: https://gnu.org/software/gdbm

Bug#888953: gobby accesses the network during the build

2018-02-01 Thread Philipp Kern 

On 2018-02-01 11:38, Simon McVittie wrote:

On Thu, 01 Feb 2018 at 11:23:28 +0200, Adrian Bunk wrote:

On Wed, Jan 31, 2018 at 03:53:11PM +0100, Matthias Klose wrote:
> While seen on a launchpad build, it looks like a missing build dependency,
> because it tries to access the docbookx.dtd from the network:


My understanding is that it's currently up to the package being built
(e.g. gobby, not gnome-doc-utils) to build-depend on the appropriate
package to get the DTDs of its XML documentation to be registered
in the xml-core catalog and available without hitting the network:
docbook-xml for docbookx.dtd, rarian-compat for scrollkeeper-omf.dtd,
and possibly others.


I'll note that I was told to stop build-depending on rarian-compat in 
#885642, which then introduced this bug.


[...]
(For context, Scrollkeeper is very obsolete, rarian-compat is an 
obsolete

compatibility shim for Scrollkeeper, and gnome-doc-utils has itself
been superseded by yelp-tools; it's deprecations all the way down. I've
asked the ftp team to override gnome-doc-utils from gnome to oldlibs,
and pushed a better package description to gnome-team git for inclusion
in the next upload.)


Well, I suppose it'd help if there would be some guidance on how to do 
things today. I'm (somewhat) happy to fix it upstream if needed.


Kind regards and thanks
Philipp Kern

Bug#889039: python-networkmanager: python-networkmanager does not contain code

2018-02-01 Thread Ana Rodriguez Lopez 
Package: python-networkmanager
Version: 2.0.1-1
Severity: normal

Dear maintainer,

I tried to build your package from the Debian git and the python2
version does not contain the actual code, only docs. I changed
debian/rules as follows:

diff --git a/debian/rules b/debian/rules
index bb8cca4..8a2fe95 100755
--- a/debian/rules
+++ b/debian/rules
@@ -1,24 +1,14 @@
 #!/usr/bin/make -f

-PYTHON2=$(shell pyversions -vr)
-PYTHON3=$(shell py3versions -vr)
+export PYBUILD_NAME=networkmanager

 %:
-   dh $@ --with python2,python3 --buildsystem=python_distutils
+   dh $@ --with python2,python3 --buildsystem=pybuild

-build-python%:
-   python$* setup.py build
-
-override_dh_auto_build: $(PYTHON3:%=build-python%)
+override_dh_auto_build:
dh_auto_build
make -C docs html

-install-python%:
-   python$* setup.py install --root=$(CURDIR)/debian/tmp
--install-layout=deb
-
-override_dh_auto_install: $(PYTHON3:%=install-python%)
-   dh_auto_install
-
 override_dh_auto_clean:
dh_auto_clean
make -C docs clean


And also removed debian/python3-networkmanager.install.


Thanks,
Ana

Bug#889030: virtualbox: Windows10 guest flickers with nVidia drivers, there's a patch

2018-02-01 Thread Gianfranco Costamagna 
control: close -1
On Thu, 01 Feb 2018 11:40:35 +0100 Marius Mikucionis  
wrote:
> Package: virtualbox
> Version: 5.2.6-dfsg-2
> Severity: normal
> Tags: patch
> 
> Dear Maintainer,
> 
> I am running Windows 10 guest and the screen flickers when something is 
> (re)drawn,
> basically it's unusable.
> 
> Relevant configuration to reproduce:
> 1) nVidia drivers on the host.
> 2) virtualbox guest additions with 3D acceleration enabled.
> 3) enabled 3D accelaration in the Windows 10 machine settings.
> 
> One workaround is to disable 3D acceleration, but here I found a better 
> solution:
> 
> https://techblog.devlat.eu/2017/04/07/screen-flickering-in-virtualbox-with-3d-enabled/
> in particular it says:
> 
> With nVidia drivers on the host, a race condition happens, causing buffers to 
> be swapped (i.e. picture to be shown) before rendering is completed by the 
> client, hence the flickering.
> The only workaround is to change (comment out actually) a single line in 
> VirtualBox source and recompile it. After recompilation is done, it is 
> actually possible to just replace a single freshly compiled file, 
> VBoxOGLrenderspu.so, which is located in /usr/lib/virtualbox/. No need to 
> uninstall the “original” VirtualBox and install the self-compiled one.
> 
> The patch is just one line:
> https://www.virtualbox.org/attachment/ticket/13653/vbox-NVIDIA-fix-v2.patch.txt
> --- 
> /home/alexey/vbox-orig/VirtualBox-5.0.0_BETA4/./src/VBox/HostServices/SharedOpenGL/render/renderspu_glx.c
>2015-05-18 18:02:05.0 +0300
> +++ ./src/VBox/HostServices/SharedOpenGL/render/renderspu_glx.c 2015-05-22 
> 23:33:33.0 +0300
> @@ -1922,11 +1922,10 @@
>  XSync(window->visual->dpy, 0);
>  }
>  }
>  }
>  
> -#define CR_RENDER_FORCE_PRESENT_MAIN_THREAD
>  
>  void renderspu_SystemVBoxPresentComposition( WindowInfo *window, const 
> struct VBOXVR_SCR_COMPOSITOR_ENTRY *pChangedEntry )
>  {
>  /* the CR_RENDER_FORCE_PRESENT_MAIN_THREAD is actually inherited from 
> cocoa backend impl,
>   * here it forces rendering in WinCmd thread rather than a Main thread.
> 
> 
> Perhaps this patch can be included in Debian.
> 

Hello, thanks for the patch!
There is a runtime variable that you can use to disable that thing, however I 
don't like to apply such patches, until upstream merges them.
https://www.virtualbox.org/ticket/13653/
I pinged upstream, I'll include in case they ack it

thanks

G.



signature.asc
Description: OpenPGP digital signature

Bug#886323: popcon-developers@l.a.d.o transition

2018-02-01 Thread Bill Allombert 
On Tue, Jan 30, 2018 at 07:18:06AM +0100, Hanno 'Rince' Wagner wrote:
> Hi Bill!
> 
> On Thu, 04 Jan 2018, Bill Allombert wrote:
> 
> > I would like to migrate popcon-developers@l.alioth.d.o to
> > lists.debian.org. This list is important to coordinate the Debian
> > popularity-contest project.
> 
> The mailinglist debian-pop...@lists.debian.org has been created and
> the archive has been imported. Please test wether everything works as
> expected.

Excellent! I sent a post and it was received and archived correctly.

Thanks for having processed my request so quickly!

Cheers,
-- 
Bill. 

Imagine a large red swirl here.

Bug#889049: mate-screensaver: potential privacy violation

2018-02-01 Thread ant 
Package: mate-screensaver
Version: 1.18.2-1
Severity: normal

Dear Maintainer,

  i was very surprised to see a display of pictures
from my personal folders even when i never told it
to go look.

  this should be warned about or an optional feature
with some setup before happening.

  i don't keep embarrassing pictures, but some people
may, and having a random picture like that showing up
could be quite a surprise...

  the only way i found to turn it off was to remove 
the whole package.


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages mate-screensaver depends on:
ii  dbus-x11  1.12.2-1
ii  libatk1.0-0   2.26.1-3
ii  libc6 2.26-4
ii  libcairo-gobject2 1.15.8-3
ii  libcairo2 1.15.8-3
ii  libdbus-1-3   1.12.2-1
ii  libdbus-glib-1-2  0.108-3
ii  libgdk-pixbuf2.0-02.36.11-1
ii  libgl11.0.0-2
ii  libglib2.0-0  2.54.3-2
ii  libgtk-3-03.22.26-2
ii  libice6   2:1.0.9-2
ii  libmate-desktop-2-17  1.18.0-2
ii  libmate-menu2 1.18.1-2
ii  libmatekbd4   1.18.2-3
ii  libnotify40.7.7-3
ii  libpam0g  1.1.8-3.6
ii  libpango-1.0-01.40.14-1
ii  libpangocairo-1.0-0   1.40.14-1
ii  libsm62:1.2.2-1+b3
ii  libstartup-notification0  0.12-5
ii  libsystemd0   236-3
ii  libx11-6  2:1.6.4-3
ii  libxext6  2:1.3.3-1+b2
ii  libxklavier16 5.4-3
ii  libxss1   1:1.2.2-1+b2
ii  libxxf86vm1   1:1.1.4-1+b2
ii  mate-desktop-common   1.18.0-2
ii  mate-screensaver-common   1.18.2-1
ii  mate-session-manager  1.18.2-1

Versions of packages mate-screensaver recommends:
ii  mate-power-manager  1.18.1-3

Versions of packages mate-screensaver suggests:
pn  rss-glx
pn  xscreensaver-data  

-- no debconf information

Bug#889032: pd-tclpd uses deprecated Tcl 8.5

2018-02-01 Thread Sergei Golovan 
Source: pd-tclpd
Version: 0.3.0-1
Severity: important
Tags: patch

Dear Maintainer,

We are planning to remove Tcl 8.5 from Debian since it's reaced the
end-of-life. So please, switch pd-tclpd to a more recent Tcl version.

I'd like to propose a NMU which just replaces tcl8.6-dev by tcl-dev
(the default Tcl version, which is currently 8.6) and patches
Makefile to use it instead of 8.5. If it's okay to you, I could
dor the upload.

-- System Information:
Debian Release: 9.3
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'proposed-updates'), (500, 
'stable'), (500, 'oldstable'), (1, 'experimental'), (1, 'unstable'), (1, 
'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-0.bpo.3-amd64 (SMP w/12 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru pd-tclpd-0.3.0/debian/changelog pd-tclpd-0.3.0/debian/changelog
--- pd-tclpd-0.3.0/debian/changelog 2015-08-18 00:58:39.0 +0300
+++ pd-tclpd-0.3.0/debian/changelog 2018-02-01 13:31:51.0 +0300
@@ -1,3 +1,11 @@
+pd-tclpd (0.3.0-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Switch to the default Tcl/Tk from Tcl/Tk 8.5 which is to be removed from
+Debian.
+
+ -- Sergei Golovan   Thu, 01 Feb 2018 13:31:51 +0300
+
 pd-tclpd (0.3.0-1) unstable; urgency=medium
 
   * Initial release. (Closes: #795898)
diff -Nru pd-tclpd-0.3.0/debian/control pd-tclpd-0.3.0/debian/control
--- pd-tclpd-0.3.0/debian/control   2015-08-18 00:58:15.0 +0300
+++ pd-tclpd-0.3.0/debian/control   2018-01-20 09:40:48.0 +0300
@@ -6,7 +6,7 @@
  debhelper,
  dh-buildinfo,
  puredata-dev | puredata,
- tcl8.5-dev,
+ tcl-dev,
  swig
 Standards-Version: 3.9.6
 Section: sound
diff -Nru pd-tclpd-0.3.0/debian/control.in pd-tclpd-0.3.0/debian/control.in
--- pd-tclpd-0.3.0/debian/control.in2015-08-18 00:49:54.0 +0300
+++ pd-tclpd-0.3.0/debian/control.in2018-01-20 09:40:58.0 +0300
@@ -4,7 +4,7 @@
 Uploaders: IOhannes m zmölnig (Debian/GNU) 
 Build-Depends: @cdbs@,
  puredata-dev | puredata,
- tcl8.5-dev,
+ tcl-dev,
  swig
 Standards-Version: 3.9.6
 Section: sound
diff -Nru pd-tclpd-0.3.0/debian/patches/default-tcltk.patch 
pd-tclpd-0.3.0/debian/patches/default-tcltk.patch
--- pd-tclpd-0.3.0/debian/patches/default-tcltk.patch   1970-01-01 
03:00:00.0 +0300
+++ pd-tclpd-0.3.0/debian/patches/default-tcltk.patch   2018-01-20 
09:43:49.0 +0300
@@ -0,0 +1,19 @@
+--- a/Makefile
 b/Makefile
+@@ -38,14 +38,14 @@
+ #
+ 
#--#
+ 
+-ALL_CFLAGS = -I"$(PD_INCLUDE)" -std=c99 -I/usr/include/tcl8.5 \
++ALL_CFLAGS = -I"$(PD_INCLUDE)" -std=c99 -I/usr/include/tcl \
+   -I/Library/Frameworks/Tcl.framework/Headers \
+   -Wall -W -Wno-unused-parameter \
+   -DHASHTABLE_COPY_KEYS
+ ALL_LDFLAGS = -fPIC
+ SHARED_LDFLAGS =
+ ALL_LIBS = 
+-LIBS_linux = -ltcl8.5
++LIBS_linux = -ltcl
+ LIBS_macosx = -framework Tcl
+ LIBS_windows = -ltcl85 "$(LIBRARY_NAME).def"
+ 
diff -Nru pd-tclpd-0.3.0/debian/patches/series 
pd-tclpd-0.3.0/debian/patches/series
--- pd-tclpd-0.3.0/debian/patches/series2015-08-18 00:43:54.0 
+0300
+++ pd-tclpd-0.3.0/debian/patches/series2018-01-20 09:43:01.0 
+0300
@@ -1 +1,2 @@
 fix_format-security.patch
+default-tcltk.patch

Bug#889031: override: ruby-dev:ruby/optional, ruby-all-dev:ruby/optional

2018-02-01 Thread Antonio Terceiro 
Package: ftp.debian.org
Severity: normal

Hi, please move ruby-dev and ruby-all-dev to section `ruby`. The change
in the package control file was just uploaded to unstable.

TIA


signature.asc
Description: PGP signature

Bug#472802: Limesurvey packaging was moved from SVN to Git

2018-02-01 Thread Andreas Tille 
Hi Julian,

On Thu, Feb 01, 2018 at 09:33:10AM +, Julian Gilbey wrote:
> >  https://anonscm.debian.org/git/collab-maint/limesurvey.git
> > 
> > Please note:  I'm NOT interested on working on the package in the
> > foreseable future but once I had a look into limesurvey and there is a
> > vague chance that I become interested in a far future again.  So please
> > do not consider me as an active contributor to the package but I hope
> > you like the move to Git.
> 
> Hi Andreas,
> 
> Thanks for this.  I'm a little confused though: you've moved it from
> SVN on Alioth to Git on Alioth, so it'll still disappear?

As far as I know some automatic conversion will be done.

> Would it
> not make more sense to move it to salsa?

That's correct but I did not found any collab-maint project on Salsa
yet.  As far as I'm aware there is some automatic method to move whole
projects from Alioth to Salsa and that will happen at some point in
time.  If you know how to move the project to Salsa feel free to do
so since this should be easy now.

Kind regards

 Andreas.

-- 
http://fam-tille.de

Bug#537042: Get one chance of first impression from website

2018-02-01 Thread Veera mehta 
Hello!!

The basic aim is to provide complete holistic as well as interactive web design 
solutions to our clients.

Get back to us to see our work samples.

Thanks,
Veera Mehta

Bug#889047: uwsgi-plugin-php: Segfault with PHP7.2

2018-02-01 Thread Adrien CLERC 
Package: uwsgi-plugin-php
Version: 2.0.15+10.1+0.0.2+b1
Severity: important

Hi, after upgrading to the version compiled for PHP7.2, I got the
following trace:

févr. 01 13:31:36 belette64 uwsgi[11136]: !!! uWSGI process 11198 got
Segmentation Fault !!!
févr. 01 13:31:36 belette64 uwsgi[11136]: *** backtrace of 11198 ***
févr. 01 13:31:36 belette64 uwsgi[11136]:
/usr/bin/uwsgi-core(uwsgi_backtrace+0x2a) [0x7126526cca]
févr. 01 13:31:36 belette64 uwsgi[11136]:
/usr/bin/uwsgi-core(uwsgi_segfault+0x23) [0x71265270b3]
févr. 01 13:31:36 belette64 uwsgi[11136]:
/lib/x86_64-linux-gnu/libc.so.6(+0x34720) [0x3c3db8fe720]
févr. 01 13:31:36 belette64 uwsgi[11136]:
/usr/lib/uwsgi/plugins/php_plugin.so(+0x5396) [0x3c3d8437396]
févr. 01 13:31:36 belette64 uwsgi[11136]: *** end of backtrace ***

I changed only UWSGI. It is running in Emperor mode with a vassal
configuration:

[uwsgi]
uid = www-data
gid = www-data
plugins = php
php-sapi-name = apache

cheaper-algo = spare2
chdir = /var/www/


If I can provide more information, please let me know.


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-4-grsec-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8),
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages uwsgi-plugin-php depends on:
ii  libc6    2.26-4
ii  php7.2-cli [phpapi-20170718] 7.2.1-1
ii  php7.2-fpm [phpapi-20170718] 7.2.1-1
ii  uwsgi-core [uwsgi-abi-8ecc7b0491fca07eb2d7b0c9aaeb180f]  2.0.15-10

uwsgi-plugin-php recommends no packages.

uwsgi-plugin-php suggests no packages.

-- no debconf information

Bug#889054: ITP: pytest-astropy -- Metapackage to resolve pytest dependencies for Astropy

2018-02-01 Thread Ole Streicher 
Package: wnpp
Severity: wishlist
Owner: Ole Streicher 
X-Debbugs-Cc: debian-pyt...@lists.debian.org, debian-de...@lists.debian.org

* Package name: pytest-astropy
  Version : 0.2.1
  Upstream Author : Thomas Robitaille
* URL : https://github.com/astropy/pytest-astropy
* License : BSD-3-Clause
  Programming Lang: Python
  Description : Pytest dependencies for Astropy & Co.

This is a meta-package that pulls in the dependencies that are used by
`astropy` and some `affiliated packages` for testing. It can also be
used for testing packages that are not affiliated with the Astropy
project. It is a new build dependency of astropy 3.0.

I will maintain it within the Debian Astro team.

Best regards

Ole

Bug#889064: automysqlbackup: monthly backup fails with line 427: [: too many arguments

2018-02-01 Thread Sergi Baila 
Package: automysqlbackup
Version: 2.6+debian.4-1
Severity: important

Dear Maintainer,

Today, first of month, a new installed server has reported an error
trying to backup MariaDB using the package automysqlbackup.

The error is:

/usr/sbin/automysqlbackup: line 427: [: too many arguments

My configuration does not use separate directories. I've googled the
error and found what seems to be a bug reported to Ubuntu.

https://bugs.launchpad.net/ubuntu/+source/automysqlbackup/+bug/1718887

So it seems that some quotes are needed.


-- System Information:
Debian Release: 9.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-5-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages automysqlbackup depends on:
ii  bsd-mailx [mailx]   8.1.2-0.20160123cvs-4
ii  mariadb-client-10.1 [virtual-mysql-client]  10.1.26-0+deb9u1

Versions of packages automysqlbackup recommends:
pn  mutt  

automysqlbackup suggests no packages.

-- Configuration Files:
/etc/default/automysqlbackup changed:
DBHOST=localhost
DBNAMES=`mysql --defaults-file=/etc/mysql/debian.cnf --execute="SHOW
DATABASES" | awk '{print $1}' | grep -v ^Database$ | grep -v ^mysql$ | grep
-v ^performance_schema$ | grep -v ^information_schema$ | tr \\\r\\\n ,\ `
BACKUPDIR="/var/lib/automysqlbackup"
MAILCONTENT="quiet"
MAXATTSIZE="4000"
MAILADDR="[redacted]"
MDBNAMES="mysql $DBNAMES"
DBEXCLUDE=""
CREATE_DATABASE=yes
SEPDIR=no
DOWEEKLY=6
COMP=bzip2
COMMCOMP=no
LATEST=no
MAX_ALLOWED_PACKET=
SOCKET=
ROUTINES=yes


-- no debconf information

Bug#741097: octave: nox package of Octave

2018-02-01 Thread Mike Miller 
If this bug is still of interest, I think a useful first step would be
for someone to adapt the octave source package and add the appropriate
--without-X options. Once there are proof of concept binary packages
built without any graphical dependencies, then a useful disk usage
comparison can be done.

Of course it would be even more helpful if someone were interested
enough to help work on the full packaging changes needed to build octave
both with and without all graphical libraries. I suspect an octave-nox
package might also imply liboctave-noxN and liboctave-nox-dev packages,
and each would have a Conflicts on its counterpart.

-- 
mike


signature.asc
Description: PGP signature

Bug#888526: RFS: dxf2gcode/20170925-5 [ITP] -- converts 2D drawings to G-code for CNC machines

2018-02-01 Thread Juhani Numminen 
Control: tags -1 moreinfo

Sebastian Kuzminsky kirjoitti 26.01.2018 klo 20:15:
> Dear Mentors/Sponsors,
> 
> I am looking for a Sponsor for my package "dxf2gcode":

Here's my short review of the package, but I can't sponsor it.

I'm afraid the package cannot be built twice in a row (build log attached),
which indicates that the clean target is not functioning as it should.
(The relevant Debian Policy chapter is 4.9.)

One way to make the cleaning adequate is in build_twice.diff.
I added a patch to disable the pylupdate part because it is modifying
the *.ts files which is a bit problematic from our POV. If you go that
route, I suggest asking upstream to provide a way to disable pylupdate,
in order to keep Debian-specific changes to a minimum.

Have you forwarded 
0001-install-AppStream-metadata-in-the-correct-directory.patch
upstream? Please also use DEP3 to document it in the patch file.
http://dep.debian.net/deps/dep3/

You have build-depends qt4-linguist-tools, which seems to work, but Qt5
linguist tools are in qttools5-dev-tools as indicated by this search:
https://packages.debian.org/file:lrelease

When you have resolved these, you can remove the moreinfo tag from the RFS.


Regards,
Juhani


20180201_twice.build
Description: application/extension-build
diff -Nru dxf2gcode-20170925/debian/patches/no-lupdate.patch dxf2gcode-20170925/debian/patches/no-lupdate.patch
--- dxf2gcode-20170925/debian/patches/no-lupdate.patch	1970-01-01 02:00:00.0 +0200
+++ dxf2gcode-20170925/debian/patches/no-lupdate.patch	2018-02-01 18:24:20.0 +0200
@@ -0,0 +1,13 @@
+--- a/make_tr.py
 b/make_tr.py
+@@ -72,8 +72,8 @@
+ OPTIONS = "-ts"
+ 
+ cmd1 = ("%s %s %s %s\n" % (PLYPATH, FILESSTR, OPTIONS, TSFILESTR))
+-print(cmd1)
+-print(subprocess.call(cmd1, shell=True))
++#print(cmd1)
++#print(subprocess.call(cmd1, shell=True))
+ 
+ cmd2 = ("%s %s\n" % (LREPATH, TSFILESTR))
+ print(cmd2)
diff -Nru dxf2gcode-20170925/debian/patches/series dxf2gcode-20170925/debian/patches/series
--- dxf2gcode-20170925/debian/patches/series	2018-01-26 07:53:27.0 +0200
+++ dxf2gcode-20170925/debian/patches/series	2018-02-01 18:24:20.0 +0200
@@ -1 +1,2 @@
 0001-install-AppStream-metadata-in-the-correct-directory.patch
+no-lupdate.patch
diff -Nru dxf2gcode-20170925/debian/rules dxf2gcode-20170925/debian/rules
--- dxf2gcode-20170925/debian/rules	2018-01-26 07:57:51.0 +0200
+++ dxf2gcode-20170925/debian/rules	2018-02-01 18:24:20.0 +0200
@@ -24,6 +24,12 @@
 #	dh_auto_configure -- #	-DCMAKE_LIBRARY_PATH=$(DEB_HOST_MULTIARCH)
 
 override_dh_auto_clean:
+	python3 st-setup.py clean -a
+	rm -rf dxf2gcode_images5_rc.py \
+	   dxf2gcode_ui5.py \
+	   dxf2gcode.egg-info/ \
+	   globals/__pycache__/ \
+	   i18n/*.qm
 
 override_dh_auto_build:
 	./make_tr.py

Bug#888992: linux-image-4.14.0-3-amd64: kernel oops on dpkg/apt/aptitude

2018-02-01 Thread Bastian Blank 
Control: forcemerge 888954 -1

On Wed, Jan 31, 2018 at 07:35:00PM -0500, Scott Bailey wrote:
> This bizarre behavior first appeared during the week between Christmas and
> New Years (approx 28 December 2017) and has plagued me relentlessly since
> that
> time, across multiple kernel versions. I run testing (buster) and am in the
> habit of applying updates at least every few days, so the update triggering
> this behavior presumably migrated to testing very close to Christmas.

This problem was already reported as #888954, merging the two bugs.

Bastian

Bug#889075: ITP: qt5-engines-kvantum -- SVG-based theme engine for Qt5

2018-02-01 Thread Alf Gaida 
Package: wnpp
Severity: wishlist
Owner: Alf Gaida 

* Package name: qt5-engines-kvantum
  Version : 10.5
  Upstream Author : Pedram Pourang  
* URL : https://github.com/tsujan/Kvantum
* License : GPL-3.0+
  Programming Lang: C++, etc
  Description : SVG-based theme engine for Qt5

Kvantum (by Pedram Pourang, a.k.a. Tsu Jan tsujan2...@gmail.com) is an SVG-based
theme engine for Qt4/Qt5, KDE and LXQt, with an emphasis on elegance, usability
and practicality.

LXQt Team want to maintain it.

Bug#889078: beets: autopkgtest failure

2018-02-01 Thread Graham Inggs 
Source: beets
Version: 1.4.5-1
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu bionic autopkgtest

Hi Maintainer

Since the upload of 1.4.5-1, beets has been failing its autopkgtests
[1] with the following error (among others):

==
ERROR: test.test_pipeline (unittest.loader.ModuleImportFailure)
--
ImportError: Failed to import test module: test.test_pipeline
Traceback (most recent call last):
  File "/usr/lib/python2.7/unittest/loader.py", line 254, in _find_tests
module = self._get_module_from_name(name)
  File "/usr/lib/python2.7/unittest/loader.py", line 232, in
_get_module_from_name
__import__(name)
  File 
"/tmp/autopkgtest-lxc.si6q566i/downtmp/autopkgtest_tmp/test/test_pipeline.py",
line 23, in 
from beets.util import pipeline
  File "/usr/share/beets/beets/__init__.py", line 20, in 
from beets.util import confit
  File "/usr/share/beets/beets/util/__init__.py", line 31, in 
from beets.util import hidden
ImportError: cannot import name hidden

Regards
Graham


[1] https://ci.debian.net/packages/b/beets/unstable/amd64/

Bug#889042: lintian: Do not use dot as a separator in build profile names

2018-02-01 Thread Niels Thykier 
Chris Lamb:
> tags 889042 + moreinfo
> thanks
> 
> Hi Javier,
> 
>> Please switch the dot to a suitable character, such as slash, in
>> pkg.$sourcepackage.$anything build profile names, since dot is a valid
>> character in package names.
> 
> Unless I'm missing something obvious, Lintian does not generate these
> files...?
> 
> 
> Regards,
> 


@lamby: It is a build-profile (not a file).  As used in e.g. the
Build-Profiles field in d/control.

Regarding the proposal: Lintian is not the one deciding the namespace
rules for build-profiles.  We only emit tags based on the existing
guidelines/namespace rules (https://wiki.debian.org/BuildProfileSpec).
  I have CC'ed Helmut as he is more involved in the build-profiles work.


Thanks,
~Niels

Bug#881297: Summary: The state of the existing karaf debian package

2018-02-01 Thread Steinar Bang 
My own karaf debian package[1] is now in a state where it does what I
need for my own use.  I'm serving the package from my own unofficial APT
repository (which I will discontinue if this RFP results in an official
karaf package).

I don't plan to do any more work on this packaging, except what is
needed to make new stable karaf releases run (ie. I will roll a new
version of the package when karaf 4.1.5 is out).

I'm leaving some notes on the current state of the packaging here
(ie. in the mailing list archives) in case someone wants to use this
package as a starter for an official package.  I will send a message to
the RFP with the same information.

The current state of the karaf debian package, is:
 1. The package is created using native debian packaging tools

 2. The package is built from the source tarball of karaf releases

 3. The source is built with maven and openjdk-8

 4. lintian no longer gives any warnings on the package (I have only run
lintian with "lintian karaf_xxx.deb", I haven't tried with any
arguments)

 5. The package creates a system user named karaf, with group karaf, and
home directory /var/lib/karaf

 6. A karaf service is added to systemd, running as user karaf and
logging to /var/log/syslog and using the following directories:
 KARAF_ETC = /etc/karaf/
 KARAF_HOME = /usr/share/karaf/
 KARAF_DATA = /var/lib/karaf/data/
all directories are owned by user karaf, group karaf

 7. The karaf package works with "apt-get dist-upgrade", config changes
in KARAF_ETC gets the usual APT dialog on modified config change
(ie. "user the package maintainer's version or the modified file
from the old version?), the karaf cache is flushed during an
upgrade, which means that all installed features are lost and must
be reinstalled, contents in KARAF_ETC not installed by the karaf
package is untouched

 8. Those karaf boot requirements that could be satisfied by current
debian stable (debian 9, stretch) uses debian dependencies:
 - Java 8 RE
 - OSGi core 6
 - libjna-java (not strictly needed, but part of the boot directory)
 - libjansi-java
   - This one can be used as a pattern for how to setup
 startup.properties dependencies, the changes are[2]
 a. Add a debian dependency to the control file
 b. Replace the jansi version number with "debian" in
$KARAF_ETC/startup.properties
 c. Remove jansi from the $KARAF_HOME/system maven repository
 d. Symlink the "debian" version from debian's maven repository
into the $KARAF_HOME/system repository
 
 9. The jar files that make up karaf are structured as a maven
repository under $KARAF_HOME/system

10. The initial boot is done from the jar files found in
$KARAF_HOME/lib/boot/ (I have replaced non-karaf dependencies here
with symlinks to the jar files of debian packages)

11. The jar files needed to boot to a state where karaf can start
downloading dependencies from maven central (or other maven
repositories), are listed in $KARAF_ETC/startup.properties

12. The $KARAF_HOME/system maven repository has been cleaned for files
not built by source that aren't needed for karaf boot.  The
non-karaf jar files currently in there are needed for boot, and
cannot be satisfied by existing debian java packages


I believe the following steps are needed to make this an official
package:
 1. Replace the remaining non-karaf boot jars with debian packages,
these packages are:
a. apache felix framework 5.6.10
   - Already a debian package, but currently in version 4.6.12 in
 stretch, testing and unstable [3]
b. apache felix metatype 1.1.6 [4]
c. apache felix configadmin 1.8.16 [5]
d. apache felix file install 3.6.4 [6]
e. OPS4J PAX URL Aether 2.5.3 [7]
f. OPS4J PAX Logging API 1.10.1 [8]
g. OPS4J PAX Logging Log4J2 1.10.1 [9]
 2. Restructure karaf into two packages, karaf and libkaraf-java, with
libkaraf-java containing the jar files structured like debian java
packages (ie. in /usr/share/maven-repo both with their actual
version and with the "debian" version).
IMO I'm not sure if this is worth the effort, because the karaf jar
files aren't really meaningful outside of karaf, or in a version
independent manner


Thanks in advance to anyone who will create an official debian package,
whether it is based on my package or not! :-)


- Steinar


References:
 [1] 
 [2] 

 [3] 
 [4] 

 [5] 

 [6] 

 [7]

Bug#889042: lintian: Do not use dot as a separator in build profile names

2018-02-01 Thread Javier Serrano Polo 
We had some words at #debian-bootstrap. Helmut agrees. I will fix this
someday.


smime.p7s
Description: S/MIME cryptographic signature

Bug#840104: Encrypted uploads to the security archive

2018-02-01 Thread Philipp Kern 
On 01.02.2018 10:30, Ansgar Burchardt wrote:
> Philipp Kern writes:
>> On 31.01.2018 01:11, Ansgar Burchardt wrote:
>>> I'm not sure if buildds are already configured to upload to the security
>>> archive via ssh as they do for the main archive.  It might be a good
>>> idea to do so.
>>
>> What's the requirement here? I think traditionally we use machine-local
>> SSH authorized_keys for role accounts. So we already provision keys to
>> every buildd that allows it to talk to wanna-build, but I'm not sure how
>> we'd maintain that with another host. Especially one that presumably can
>> be repointed?
> 
> There is already a `buildd-uploader` role account on the upload hosts
> both main and security archive, a `rsync-ssh-wrap` script, and someone
> also set up authorized_keys.
> 
> I'm just not sure if it is already in use for security uploads?  I
> believe it was used for uploads to the main archive already (not sure if
> it currently is?).

Indeed, it uses rsync over SSH through dupload. For security it uses
FTP. Interestingly an rsync-security dupload.conf entry exists, but it
doesn't seem to be used[1].

>> Maybe this is more of a question for DSA, but I don't know what the
>> current setup entails and if you wrote your own SSH daemon for uploads.
>> In that case we should be able to figure something out.
> 
> It's the regular OpenSSH with forced command setup.
> 
> Hmm, another issue comes to mind:
> 
> If we care about encrypted buildd uploads, the buildds should probably
> also download from the (private) security-buildd archive over an
> encrypted connection, ideally with client authentication.  Otherwise
> people could see the embargoed fixes in the source package.

Well, I thought this was already the case at this point. I suppose it
shouldn't be too hard to add https:// support at this point given that
apt supports it natively. But I think client auth should be a weak
requirement at this point.

> Maybe a local proxy that translates http to https requests and which
> provides a client certificate (so the chroot doesn't need it added)?
> The proxy could also filter out other network requests we don't want by
> default.

It's the kind of solution that I'd propose as well, if the preconditions
were different ones. Unless it's a pretty stock setup that can be run
with default packages I don't see that happening.

> We could also move the security buildd archive away from security-master
> at the same time (as we did for ftp-master).  Then there should no
> longer be a reason for a httpd on security-master.

Whatever works for you, the script is now in puppet[2]. (Assuming that
you'd be able to forward-port the current ACLing system.)

Kind regards and thanks
Philipp Kern

[1]
https://salsa.debian.org/dsa-team/mirror/dsa-puppet/blob/master/modules/buildd/files/dupload.conf
[2]
https://salsa.debian.org/dsa-team/mirror/dsa-puppet/blob/master/modules/schroot/files/schroot-setup.d/99builddsourceslist

Bug#888531: 888531 - transition: ruby2.5 - binNMU round #1

2018-02-01 Thread Antonio Terceiro 
On Thu, Feb 01, 2018 at 10:57:09AM -0200, Antonio Terceiro wrote:
> ruby-defaults

err, no need to binNMU ruby-defaults


signature.asc
Description: PGP signature

Bug#889042: lintian: Do not use dot as a separator in build profile names

2018-02-01 Thread Chris Lamb 
tags 889042 + moreinfo
thanks

Hi Javier,

> Please switch the dot to a suitable character, such as slash, in
> pkg.$sourcepackage.$anything build profile names, since dot is a valid
> character in package names.

Unless I'm missing something obvious, Lintian does not generate these
files...?


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#888809: lintian: VCS URLs and salsa.d.o

2018-02-01 Thread Chris Lamb 
tags 09 + pending
thanks

Fixed in Git, pending upload:

  
https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=7592ff5f83deda44716ac8d96340f29998eb3e41


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#889074: libreoffice: Libreoffice crashes on saving OOXML: undefined symbol

2018-02-01 Thread Jakub Lucký 
Package: libreoffice
Version: 1:6.0.0-1
Severity: important

lowriter or localc crash on saving OOXML files (docx, xlsx) with "symbol
lookup error", see console output below.

Steps to reproduce
1) Open new document
2) Write/paste anything (one space is enough)
3) Save as .docx (or xlsx)
4) Crash, file not saved. No recovery.

The same happens with preexisting documents.

I observed the same behaviour in 1:6.0.0~rc3-2 which was in experimental

Deleting ~/.config/libreoffice does not help.

This is the output when launched from terminal/bash:

$ lowriter 

** (soffice:7401): WARNING **: Couldn't register with accessibility bus: Did 
not receive a reply. Possible causes include: the remote application did not 
send a reply, the message bus security policy blocked the reply, the reply 
timeout expired, or the network connection was broken.
error
xsltParseStylesheetFile : cannot parse 
I/O warning : failed to load external entity ""
error
xsltParseStylesheetFile : cannot parse 
error
xsltParseStylesheetFile : cannot parse 
I/O warning : failed to load external entity ""
error
xsltParseStylesheetFile : cannot parse 

** (soffice:7431): WARNING **: Couldn't register with accessibility bus: Did 
not receive a reply. Possible causes include: the remote application did not 
send a reply, the message bus security policy blocked the reply, the reply 
timeout expired, or the network connection was broken.
/usr/lib/libreoffice/program/soffice.bin: symbol lookup error: 
/usr/lib/libreoffice/program/libooxlo.so: undefined symbol: 
_ZNK11LanguageTag10getBcp47MSEv

If I can provide any more information, please, let me know.

Jakub Lucký




-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libreoffice depends on:
ii  libreoffice-avmedia-backend-gstreamer  1:6.0.0-1
ii  libreoffice-avmedia-backend-vlc1:6.0.0-1
ii  libreoffice-base   1:6.0.0-1
ii  libreoffice-calc   1:6.0.0-1
ii  libreoffice-core   1:6.0.0-1
ii  libreoffice-draw   1:6.0.0-1
ii  libreoffice-impress1:6.0.0-1
ii  libreoffice-math   1:6.0.0-1
ii  libreoffice-report-builder-bin 1:6.0.0-1
ii  libreoffice-writer 1:6.0.0-1
ii  python3-uno1:6.0.0-1

Versions of packages libreoffice recommends:
ii  fonts-crosextra-caladea 20130214-2
ii  fonts-crosextra-carlito 20130920-1
ii  fonts-dejavu2.37-1
ii  fonts-liberation1:1.07.4-5
pn  fonts-liberation2   
ii  fonts-linuxlibertine5.3.0-4
ii  fonts-noto-hinted   20171026-2
pn  fonts-noto-mono 
ii  fonts-sil-gentium-basic 1.1-7
ii  libreoffice-java-common 1:6.0.0-1
pn  libreoffice-librelogo   
pn  libreoffice-nlpsolver   
pn  libreoffice-ogltrans
pn  libreoffice-report-builder  
pn  libreoffice-script-provider-bsh 
pn  libreoffice-script-provider-js  
pn  libreoffice-script-provider-python  
pn  libreoffice-sdbc-postgresql 
ii  libreoffice-wiki-publisher  1.2.0+LibO5.4.4-1

Versions of packages libreoffice suggests:
ii  cups-bsd2.2.6-4
ii  default-jre [java6-runtime] 2:1.8-59
ii  firefox-esr 52.6.0esr-2
ii  ghostscript 9.22~dfsg-1
ii  gnupg   2.2.4-1
pn  gpa 
ii  gstreamer1.0-libav  1:1.12.4-dmo1
ii  gstreamer1.0-plugins-bad1.12.4-dmo2
ii  gstreamer1.0-plugins-base   1.12.4-1
ii  gstreamer1.0-plugins-good   1.12.4-1
ii  gstreamer1.0-plugins-ugly   1:1.12.4-dmo2
ii  hunspell-en-gb [hunspell-dictionary]1:6.0.0~rc1-1
ii  hyphen-en-us [hyphen-hyphenation-patterns]  2.8.8-5
ii  imagemagick 8:6.9.7.4+dfsg-16
ii  imagemagick-6.q16 [imagemagick] 8:6.9.7.4+dfsg-16
ii  libgl1  1.0.0-2
ii  libreoffice-gnome   1:6.0.0-1
pn  libreoffice-grammarcheck
pn  libreoffice-help
pn  libreoffice-l10n
pn

Bug#889077: miniupnpd: new upstream version (2.0.20171212)

2018-02-01 Thread Vladislav Artemyev 

Package: miniupnpd
Version: 1.8.20140523-4.2

again there's a new 2.0.20171212 release available from upstream 
(http://miniupnp.free.fr/files/) which contains important fixes 
(http://miniupnp.free.fr/files/changelog.php?file=miniupnpd-2.0.20171212.tar.gz). 
current version available from any Debian branch is way too old - 
released almost 4 years ago and been fixed a lot!


--
Vladislav Artemyev

Bug#879865: Patch to fix compilation of jessie-backports python-setuptools

2018-02-01 Thread Sebastian Pipping 
Here's the patch I use to fix compilation.  Enjoy :)

>From e4f488128b52b13c78c5ce30b5feae6c44255bb9 Mon Sep 17 00:00:00 2001
From: Sebastian Pipping 
Date: Thu, 1 Feb 2018 14:56:42 +0100
Subject: [PATCH 1/2] Address bootstrapping issue

Also known as Debian bug 879865:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879865

$ debuild -us -uc
[..]
dh_auto_clean
I: pybuild base:170: python2.7 setup.py clean
Traceback (most recent call last):
  File "setup.py", line 188, in 
require_metadata()
  File "setup.py", line 20, in require_metadata
raise RuntimeError(msg)
RuntimeError: Cannot build setuptools without metadata. Run bootstrap.py
[..]
---
 setup.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/setup.py b/setup.py
index d75cdb3..37cc8b5 100755
--- a/setup.py
+++ b/setup.py
@@ -177,5 +177,6 @@ setup_params = dict(
 if __name__ == '__main__':
 # allow setup.py to run from another directory
 here and os.chdir(here)
-require_metadata()
+if sys.argv != ['setup.py', 'clean']:
+require_metadata()
 dist = setuptools.setup(**setup_params)
-- 
2.11.0

Bug#889072: chromium: Crash when opening print dialog (regression from v 63 in stable)

2018-02-01 Thread Dominic Hargreaves 
Package: chromium
Version: 64.0.3282.119-1~deb9u1
Severity: important

On upgrade to chromium 64 from the stable-security suite, I get a
reproducible crash every time I try and print anything. The normal view
appears momentarily and then disappears, with a crash (backtrace attached,
though as there doesn't seem to be a chromium-dbg package any more, I'm
not sure how useful it will be?)

Chromium 63.0.3239.84-1~deb9u1 does not have this problem.

Thanks,
Dominic.

-- System Information:
Debian Release: 9.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages chromium depends on:
ii  libasound2   1.1.3-5
ii  libatk1.0-0  2.22.0-1
ii  libavcodec57 7:3.2.10-1~deb9u1
ii  libavformat577:3.2.10-1~deb9u1
ii  libavutil55  7:3.2.10-1~deb9u1
ii  libc62.24-11+deb9u1
ii  libcairo21.14.8-1
ii  libcups2 2.2.1-8
ii  libdbus-1-3  1.10.24-0+deb9u1
ii  libevent-2.0-5   2.0.21-stable-3
ii  libexpat12.2.0-2+deb9u1
ii  libflac8 1.3.2-1
ii  libfontconfig1   2.11.0-6.7+b1
ii  libfreetype6 2.6.3-3.2
ii  libgcc1  1:6.3.0-18
ii  libgdk-pixbuf2.0-0   2.36.5-2+deb9u2
ii  libglib2.0-0 2.50.3-2
ii  libgtk2.0-0  2.24.31-2
ii  libicu57 57.1-6+deb9u1
ii  libjpeg62-turbo  1:1.5.1-2
ii  libminizip1  1.1-8+b1
ii  libnspr4 2:4.12-6
ii  libnss3  2:3.26.2-1.1+deb9u1
ii  libopus0 1.2~alpha2-1
ii  libpango-1.0-0   1.40.5-1
ii  libpangocairo-1.0-0  1.40.5-1
ii  libpng16-16  1.6.28-1
ii  libpulse010.0-1+deb9u1
ii  libre2-3 20170101+dfsg-1
ii  libsnappy1v5 1.1.3-3
ii  libstdc++6   6.3.0-18
ii  libvpx4  1.6.1-3
ii  libwebp6 0.5.2-1
ii  libwebpdemux20.5.2-1
ii  libwebpmux2  0.5.2-1
ii  libx11-6 2:1.6.4-3
ii  libx11-xcb1  2:1.6.4-3
ii  libxcb1  1.12-1
ii  libxcomposite1   1:0.4.4-2
ii  libxcursor1  1:1.1.14-1+deb9u1
ii  libxdamage1  1:1.1.4-2+b3
ii  libxext6 2:1.3.3-1+b2
ii  libxfixes3   1:5.0.3-1
ii  libxi6   2:1.7.9-1
ii  libxml2  2.9.4+dfsg1-2.2+deb9u2
ii  libxrandr2   2:1.5.1-1
ii  libxrender1  1:0.9.10-1
ii  libxslt1.1   1.1.29-2.1
ii  libxss1  1:1.2.2-1
ii  libxtst6 2:1.2.3-1
ii  x11-utils7.7+3+b1
ii  xdg-utils1.1.1-1
ii  zlib1g   1:1.2.8.dfsg-5

Versions of packages chromium recommends:
ii  fonts-liberation  1:1.07.4-2

Versions of packages chromium suggests:
pn  chromium-driver
pn  chromium-l10n  
pn  chromium-shell 
pn  chromium-widevine  

-- no debconf information
# Env:
# LD_LIBRARY_PATH=
#PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
#GTK_PATH=
#  CHROMIUM_FLAGS= --show-component-extension-options 
--ignore-gpu-blacklist --no-default-browser-check --disable-pings 
--media-router=0 --enable-remote-extensions
/usr/bin/gdb /usr/lib/chromium/chromium -x /tmp/chromiumargs.a5IeRx
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/lib/chromium/chromium...(no debugging symbols 
found)...done.
(gdb) bt
No stack.
(gdb) run
Starting program: /usr/lib/chromium/chromium --show-component-extension-options 
--ignore-gpu-blacklist --no-default-browser-check --disable-pings 
--media-router=0 --enable-remote-extensions --single-process 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffde75c700 (LWP 23893)]
[New Thread 0x7fffddf5b700 (LWP 23898)]
[New Thread 0x7fffdc996700 (LWP 23899)]
[New Thread 0x7fffdc195700 (LWP 23900)]
[New Thread 0x77e08700 (LWP 23901)]
[New Thread 0x7fffdb994700 (LWP 23902)]
[New Thread 0x7fffd9b13700 (LWP 23903)]
[New Thread 0x7fffd9312700 (LWP 23904)]
[New Thread 0x7fffd8b11700 (LWP 23905)]
[New Thread

Bug#889006: [debhelper-devel] Bug#889006: dh-autoreconf is run before patching

2018-02-01 Thread Niels Thykier 
Sven Joachim:
> [ CC'ing dpatch maintainer. ]
> 
> On 2018-02-01 08:56 +0200, Adrian Bunk wrote:
> 
>> [...]
> 
> The dansguardian package uses dpatch:
> 
> ,
> | %:
> | dh $@ --with dpatch,autotools_dev,autoreconf
> `
> 
> And /usr/share/perl5/Debian/Debhelper/Sequence/dpatch.pm has this line:
> 
> insert_before("dh_auto_configure", "dh_dpatch_patch");
> 
> I think this should be changed to
> 
> insert_before("dh_update_autotools_config", "dh_dpatch_patch");
> 
> as is the case in quilt.pm (since quilt 0.63-8.2).  Haven't tested it,
> though.
> 
> Cheers,
>Sven
> 

Hi Sven,

Thanks for forwarding the issue to dpatch.

Indeed, from my PoV we would ideally fix this issue in dpatch.  However,
we need to handle backports as well and that puts quilt back the table
as well.  I am not quite sure that I want to backport quilt and dpatch
to provide further debhelper backports.

Thanks,
~Niels

Bug#888653: No openvpn connection possible since upgrade from 1.2.8-2 to 1.8.0-2

2018-02-01 Thread Dariusz Brzeziński 

Hi everyone,

I can also confirm the bug.

2018-02-01 06:04:32 upgrade network-manager-openvpn:amd64 1.2.8-2 
1.8.0-2
2018-02-01 06:04:32 upgrade network-manager-openvpn-gnome:amd64 1.2.8-2 
1.8.0-2


kernel: #1 SMP Debian 4.14.13-1 (2018-01-14) x86_64 GNU/Linux

Package: gnome-shell
Version: 3.26.2-3

Thank's,

  Dariusz.

Bug#885117: drupal7-mod-civicrm: Please stop building the drupal7-mod-civicrm binary package (dependency drupal7 to be removed)

2018-02-01 Thread Gunnar Wolf 
tags 885117 + patch
thanks

I am attaching a proposed patch to stop building the Drupal7 module
packages. Please note that I have *not* tested it, am just sending
what makes "semantic sense". Most important, probably
debian/patches/debian-split-confname.patch is now useless, but you
should check if no other parts depend on the renamed Wordpress
configuration location.

Greetings,


signature.asc
Description: PGP signature

Bug#889016: lintian: Please update dh_commands for scour 0.36-2

2018-02-01 Thread Chris Lamb 
tags 889016 + pending
thanks

Fixed in Git, pending upload:

  
https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=a84f7ee75ada87a4745803680e08bf2cf2816318


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#889073: Permission denied on /run/munin/munin-node.pid

2018-02-01 Thread Jörg Frings-Fürst 
Package: munin-node
Version: 2.0.34-3
Severity: grave

Hello,

on a fresh installed buster I get the message

[quote]
Initializing plugins..done.
Restarting munin-node..Created symlink /etc/systemd/system/multi-
user.target.wants/munin-node.service → /lib/systemd/system/munin-node.service.

Job for munin-node.service failed because a timeout was exceeded.
See "systemctl status munin-node.service" and "journalctl -xe" for details.
invoke-rc.d: initscript munin-node, action "start" failed.
● munin-node.service - Munin Node
   Loaded: loaded (/lib/systemd/system/munin-node.service; enabled; vendor
preset: enabled)
   Active: activating (auto-restart) (Result: timeout) since Thu 2018-02-01
18:59:58 CET; 11ms ago
 Docs: man:munin-node(1)
   http://munin.readthedocs.org/en/stable-2.0/reference/munin-node.html
  Process: 4460 ExecStart=/usr/sbin/munin-node $DAEMON_ARGS (code=exited,
status=0/SUCCESS)
dpkg: Fehler beim Bearbeiten des Paketes munin-node (--configure):
 installed munin-node package post-installation script subprocess returned
error exit status 1
Trigger für systemd (237-1) werden verarbeitet ...
Fehler traten auf beim Bearbeiten von:
 munin-node
E: Sub-process /usr/bin/dpkg returned an error code (1)
[/quote]

Journalctl give this output:
[quote]
$ journalctl -xe
Hint: You are currently not seeing messages from other users and the system.
  Users in the 'systemd-journal' group can see all messages. Pass -q to
  turn off this notice.
No journal files were opened due to insufficient permissions.
jff@merkur:/data/entwicklung/linux/debian$ sudo journalctl -xe
Feb 01 18:58:21 merkur chfn[3897]: changed user 'munin' information
Feb 01 18:58:21 merkur systemd[1]: Reloading.
Feb 01 18:58:25 merkur kernel: ip6_tables: (C) 2000-2006 Netfilter Core Team
Feb 01 18:58:27 merkur systemd[1]: Reloading.
Feb 01 18:58:27 merkur systemd[1]: Reloading.
Feb 01 18:58:28 merkur systemd[1]: Reloading.
Feb 01 18:58:28 merkur systemd[1]: Starting Munin Node...
-- Subject: Unit munin-node.service has begun start-up
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- Unit munin-node.service has begun starting up.
Feb 01 18:58:28 merkur systemd[1]: munin-node.service: Permission denied while
opening PID file or unsafe symlink chain: /run/munin/munin-node.pid
Feb 01 18:59:58 merkur systemd[1]: munin-node.service: Start operation timed
out. Terminating.
Feb 01 18:59:58 merkur systemd[1]: munin-node.service: Failed with result
'timeout'.
Feb 01 18:59:58 merkur systemd[1]: Failed to start Munin Node.
-- Subject: Unit munin-node.service has failed
[/quote]

Output of ls -l /run
[quote]
$ ls -l /run
insgesamt 32
[...]
drwxr-xr-x  2 rootroot  60 Feb  1 18:37 mount
drwxr-xr-x  2 munin   root  60 Feb  1 19:15 munin
drwxr-xr-x  2 rootroot 100 Feb  1 18:37 network
[...]
[/quote]


CU
Jörg



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/6 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages munin-node depends on:
ii  gawk1:4.1.4+dfsg-1+b1
ii  libnet-server-perl  2.008-4
ii  lsb-base9.20170808
ii  munin-common2.0.34-3
ii  munin-plugins-core  2.0.34-3
ii  perl5.26.1-4
ii  procps  2:3.3.12-3

Versions of packages munin-node recommends:
ii  libnet-snmp-perl 6.0.1-3
ii  munin-plugins-extra  2.0.34-3

Versions of packages munin-node suggests:
pn  default-mysql-client  
pn  ethtool   
ii  hdparm9.53+ds-1
pn  libcrypt-ssleay-perl  
pn  libdbd-pg-perl
pn  liblwp-useragent-determined-perl  
pn  libnet-irc-perl   
pn  libtext-csv-xs-perl   
ii  libwww-perl   6.31-1
ii  libxml-simple-perl2.24-1
ii  lm-sensors1:3.4.0-4
ii  logtail   1.3.18
pn  munin 
pn  munin-plugins-java
pn  net-tools 
ii  python2.7.14-4
pn  ruby  
ii  smartmontools 6.5+svn4324-1

-- no debconf information

Bug#888653: [Pkg-utopia-maintainers] Bug#888653: No openvpn connection possible since upgrade from 1.2.8-2 to 1.8.0-2

2018-02-01 Thread Michael Biebl 
Am 01.02.2018 um 20:02 schrieb Dariusz Brzeziński:
> Hi everyone,
> 
> I can also confirm the bug.
> 
> 2018-02-01 06:04:32 upgrade network-manager-openvpn:amd64 1.2.8-2 1.8.0-2
> 2018-02-01 06:04:32 upgrade network-manager-openvpn-gnome:amd64 1.2.8-2
> 1.8.0-2
> 
> kernel: #1 SMP Debian 4.14.13-1 (2018-01-14) x86_64 GNU/Linux
> 
> Package: gnome-shell
> Version: 3.26.2-3
> 


No need to confirm the issue but rather upgrade gnome-shell.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#884707: apparmor breaks clamdscan

2018-02-01 Thread Francois Gouget 
On Sun, 7 Jan 2018, intrigeri wrote:
[...]
> The alternatives are not very compelling, they are
> basically: either give up on path-based LSM entirely or make the
> AppArmor policy wide enough to accommodate all kinds of needs; in both
> cases, we lose security benefits of the majority of users for whom the
> current profile would work just fine, which is sad.

I don't see how the AppArmor profile improves security.

I assume the goal is to either prevent remote attacks, local privilege 
escalations or limit damage after a compromise.

For a remote attack the exploit is likely to come in the form of an 
email attachment or a link to a malicious file that will get saved to 
~/Downloads. Both locations are allows by the AppArmor profile so that 
these exploits will reach their targets (clamd). Plus, as pointed out 
before, any file saved in a location out of reach of clamd will instead 
be able to attack the user account without risking detection.

For a local privilege escalation, the attacker can simply use --fdpass 
to bypass the path-based AppArmor restrictions. So again the Apprmor 
profile provides no benefit.

So now what about mitigating the damage that can be done by compromising 
the clamd process?

What kind of damage can be done?

* Making the clamd process inoperative so other exploits can slip 
  undetected.
  -> The AppArmor profile cannot prevent that.

* Leaking sensitive files.
  -> The clamd process runs in the clamav account and thus does not have 
 more privileged access to sensitive files than any other accounts 
 with the exception of the clamav files. But the AppArmor grants 
 read access to all the clamav files so it does not help here 
 either.

* Poisonning the clamav virus database to disable it.
  -> The AppArmor profile allows write access to the /var/lib/clamav/* 
 files which, if I understand correctly, is where the virus database 
 files are. So it does not help for this either.

* Using clamd to perform other system attacks.
  -> The system vulnerabilities are not going to be more exploitable 
 from the clamd process than from any other user account. So the 
 AppArmor is no help for local privilege exploits but could help 
 mitigate the damage caused by remote attacks.
  -> That's as long as users use clamd rather than clamscan which is 
 not protected by any AppArmor profile.


I think the basic mistake is treating clamd as if it was a web or 
database server. Database servers are supposed to only use a very 
limited set of files so an AppArmor profile limiting them to that set of 
files makes sense.

But the whole purpose of an anti-virus is being able to check *any* file 
on the system. Any place that the anti-virus cannot check is a place 
that an attacker can use to put an exploit that won't be detected. That 
was a big part of the issue with the Sony rootkit. That ClamAV is doing 
it to itself makes it no better.

The profile would make sense if clamd is only used remotely rather than 
to scan local files.

-- 
Francois Gouget   http://fgouget.free.fr/
  Nouvelle version : les anciens bogues ont été remplacés par de nouveaux.

Bug#514862: bash: POSIX conformance: set -e and $(...)

2018-02-01 Thread Hartmut Buhrmester 

This specific behavior is still found in "GNU bash, Version
4.4.12(1)-release" from Debian 9 Stretch, but a new shell option
enables the more consistent behavior of other shells.

Subshells for command substitutions do not automatically inherit
the option "errexit". This must be enabled by another option
"inherit_errexit". The manual page for the bash explains it like:


inherit_errexit
If  set,  command substitution inherits the value of the
errexit option, instead of unsetting it in the  subshell
environment.   This option is enabled when posix mode is
enabled.


Using this option gives the expected result:


hb1@debian:~$ bash -c 'set -e ; z=$(false;echo foo) ; echo $z'
foo
hb1@debian:~$ echo $?
0
hb1@debian:~$ bash -c 'set -e ; shopt -s inherit_errexit ; z=$(false;echo foo) 
; echo $z'
hb1@debian:~$ echo $?
1


As mentioned in the manual, the POSIX mode also gives the expected
result:


hb1@debian:~$ bash --posix -c 'set -e ; z=$(false;echo foo) ; echo $z'
hb1@debian:~$ echo $?
1


The Bash Reference Manual explains the difference:


42. Enabling POSIX mode has the effect of setting the inherit_errexit
option, so subshells spawned to execute command substitutions
inherit the value of the -e option from the parent shell. When
the inherit_errexit option is not enabled, Bash clears the -e
option in such subshells.


The Bash Reference Manual can be installed with the Debian package
"bash-doc". Then see:

file:///usr/share/doc/bash/bashref.html#Bash-POSIX-Mode


The option inherit_errexit is new in bash-4.4. The file
/usr/share/doc/bash/NEWS.gz lists it under the first topic:


This is a terse description of the new features added to bash-4.4
since the release of bash-4.3. [...]

ii. inherit_errexit: a new `shopt' option that, when set, causes
command substitutions to inherit the -e option.  By default,
those subshells disable -e.  It's enabled as part of turning on
posix mode.


--
Regards,
Hartmut Buhrmester

Bug#863841: [Pkg-dns-devel] Bug#863841: Enable systemd hardening options for named

2018-02-01 Thread Ondřej Surý 
Here:

https://salsa.debian.org/dns-team/bind9.git (and future 
https://salsa.debian.org/dns-team/bind.git), you'll probably need an guest 
account that could be created here: https://signup.salsa.debian.org/

Ondrej
-- 
Ondřej Surý 

On Thu, Feb 1, 2018, at 09:44, Ludovic Gasc wrote:
> Hi,
> 
> On Mon, 29 Jan 2018 11:18:47 -0500 Simon Deziel  wrote:
> > SystemCallArchitectures=native
> > # note: AF_NETLINK is needed for getifaddrs(3)
> > RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX AF_NETLINK
> 
> I'm also working to increase the security of bind via systemd without MAC
> enabled, I have integrated your suggestions.
> FYI, I have discussed about this on bind mailing-list to validate the unit
> file, the complete discussion:
> https://lists.isc.org/pipermail/bind-users/2018-January/099437.html
> 
> Below, the actual unit file, I'm using on our production.
> If you have extra suggestions, I'm interested in.
> 
> How I could send a merge request ?
> I have found the file in Git:
> https://anonscm.debian.org/git/pkg-dns/bind9.git/tree/debian/bind9.service
> I send a patch on the Debian-DNS mailing-list ?
> 
> Regards
> 
> [Unit]
> After=network-online.target
> 
> [Service]
> Type=simple
> TimeoutSec=25
> Restart=always
> RestartSec=1
> User=bind
> Group=bind
> CapabilityBoundingSet=CAP_NET_BIND_SERVICE
> AmbientCapabilities=CAP_NET_BIND_SERVICE
> SystemCallFilter=~@mount @debug acct modify_ldt add_key adjtimex
> clock_adjtime delete_module fanotify_init finit_module get_mempolicy
> init_module io_destroy io_getevents iopl ioperm io_setup io_submit
> io_cancel kcmp kexec_load keyctl lookup_dcookie migrate_pages move_pages
> open_by_handle_at perf_event_open process_vm_readv process_vm_writev ptrace
> remap_file_pages request_key set_mempolicy swapoff swapon uselib vmsplice
> RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX AF_NETLINK
> LimitCORE=infinity
> LimitNOFILE=65535
> NoNewPrivileges=true
> SystemCallArchitectures=native
> MemoryDenyWriteExecute=true
> RestrictRealtime=true
> PrivateDevices=true
> PrivateTmp=true
> ProtectHome=true
> ProtectSystem=strict
> ProtectKernelModules=true
> ProtectKernelTunables=true
> ProtectControlGroups=true
> ReadOnlyPaths=/sys
> InaccessiblePaths=/home
> InaccessiblePaths=/opt
> InaccessiblePaths=/root
> ReadWritePaths=/run/named
> ReadWritePaths=/var/cache/bind
> ReadWritePaths=/var/lib/bind
> ___
> pkg-dns-devel mailing list
> pkg-dns-de...@lists.alioth.debian.org
> https://lists.alioth.debian.org/mailman/listinfo/pkg-dns-devel

Bug#867294: [Pkg-javascript-devel] Bug#867294: npm2deb: please support creating libjs-xxx packages as well

2018-02-01 Thread Daniel Kahn Gillmor 
On Wed 2017-07-05 19:32:04 +0200, Johannes Schauer wrote:
> On Wed, 05 Jul 2017 17:06:26 +0200 Johannes Schauer  wrote:
>> Also, libjs-xxx packages will not need a dependency on nodejs and the note
>> "Node.js is an event-based server-side JavaScript engine." in the package
>> description is unnecessary as well.
>
> Furthermore, libjs-xxx packages need to have a different Section field (set to
> javascript instead of web) and the default destination in debian/install 
> should
> not be usr/lib/nodejs/*/ but usr/share/javascript/*/


On Tue 2016-10-25 11:53:55 +0530, Pirate Praveen wrote:
> Subject: Re: [Pkg-javascript-devel] Bug#841994: when bower.json is present, 
> create libjs-xxx package
 […]
> An example module is jquery-textcomplete

These two bug reports (#867294 and #841994) seem like they might be
asking for the same thing and could be merged.

 --dkg

Bug#889065: openvas-setup lib kb_redis-CRITICAL **: redis_new: cannot access redis at '/tmp/redis.sock'

2018-02-01 Thread ilovesusu 
Package: openvas
Version: 9.0.2
Severity: important

# openvas-setup
...
(openvassd:4648): lib  kb_redis-CRITICAL **: get_redis_ctx: redis connection
error: No such file or directory

(openvassd:4648): lib  kb_redis-CRITICAL **: redis_new: cannot access redis at
'/tmp/redis.sock'

(openvassd:4648): lib  kb_redis-CRITICAL **: get_redis_ctx: redis connection
error: No such file or directory
openvassd: 未找到进程
...




-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8), 
LANGUAGE=zh_CN.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages openvas depends on:
ii  greenbone-security-assistant  7.0.2+dfsg.1-2
ii  openvas-cli   1.4.5-1+b1
ii  openvas-manager   7.0.2-2
ii  openvas-scanner   5.1.1-3

Versions of packages openvas recommends:
ii  rsync 3.1.2-2.1
ii  sqlite3   3.22.0-1
ii  xsltproc  1.1.29-5

openvas suggests no packages.

-- no debconf information

Bug#889067: chromium: Access to microphone fails

2018-02-01 Thread Nicolas Braud-Santoni 
Package: chromium
Version: 64.0.3282.119-1,62.0.3202.89-1
Severity: important
Tags: upstream buster sid
Control: forwarded -1 
https://bugs.chromium.org/p/chromium/issues/detail?id=808068

Hi,

Accessing the microphone in videoconferencing systems like highfive.com,
or in an automated WebRTC test such as https://test.webrtc.org/, fails.

I couldn't reproduce the issue under Google Chrome (64.0.3282.119-1 as
shipped in http://dl.google.com/linux/chrome/deb), but that's not a solution


Best,

  nicoo

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set 
to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages chromium depends on:
ii  chromium-common  64.0.3282.119-1
ii  libasound2   1.1.3-5
ii  libatk-bridge2.0-0   2.26.1-1
ii  libatk1.0-0  2.26.1-3
ii  libavcodec57 7:3.4.1-1+b2
ii  libavformat577:3.4.1-1+b2
ii  libavutil55  7:3.4.1-1+b2
ii  libc62.26-4
ii  libcairo21.15.8-3
ii  libcups2 2.2.6-4
ii  libdbus-1-3  1.12.2-1
ii  libevent-2.1-6   2.1.8-stable-4
ii  libexpat12.2.5-3
ii  libflac8 1.3.2-1
ii  libfontconfig1   2.12.6-0.1
ii  libfreetype6 2.8.1-1
ii  libgcc1  1:7.2.0-19
ii  libgdk-pixbuf2.0-0   2.36.11-1
ii  libglib2.0-0 2.54.3-2
ii  libgtk-3-0   3.22.26-2
ii  libharfbuzz0b1.7.2-1
ii  libicu57 57.1-8
ii  libjpeg62-turbo  1:1.5.2-2+b1
ii  liblcms2-2   2.9-1
ii  libminizip1  1.1-8+b1
ii  libnspr4 2:4.16-1+b1
ii  libnss3  2:3.34.1-1
ii  libopus0 1.2.1-1
ii  libpango-1.0-0   1.40.14-1
ii  libpangocairo-1.0-0  1.40.14-1
ii  libpng16-16  1.6.34-1
ii  libpulse011.1-4
ii  libre2-3 20170101+dfsg-1
ii  libsnappy1v5 1.1.7-1
ii  libstdc++6   7.2.0-19
ii  libvpx4  1.6.1-3
ii  libwebp6 0.6.0-4
ii  libwebpdemux20.6.0-4
ii  libwebpmux3  0.6.0-4
ii  libx11-6 2:1.6.4-3
ii  libx11-xcb1  2:1.6.4-3
ii  libxcb1  1.12-1
ii  libxcomposite1   1:0.4.4-2
ii  libxcursor1  1:1.1.15-1
ii  libxdamage1  1:1.1.4-3
ii  libxext6 2:1.3.3-1+b2
ii  libxfixes3   1:5.0.3-1
ii  libxi6   2:1.7.9-1
ii  libxml2  2.9.4+dfsg1-6.1
ii  libxrandr2   2:1.5.1-1
ii  libxrender1  1:0.9.10-1
ii  libxslt1.1   1.1.29-5
ii  libxss1  1:1.2.2-1+b2
ii  libxtst6 2:1.2.3-1
ii  zlib1g   1:1.2.8.dfsg-5

Versions of packages chromium recommends:
ii  fonts-liberation  1:1.07.4-5

Versions of packages chromium suggests:
pn  chromium-driver
pn  chromium-l10n  
pn  chromium-shell 
pn  chromium-widevine  

-- no debconf information


signature.asc
Description: PGP signature

Bug#889047: [pkg-uWSGI-devel] Bug#889047: Missing dependencies

2018-02-01 Thread Jonas Smedegaard 
Quoting Adrien CLERC (2018-02-01 14:06:13)
> Forget about the previous part. This was segfaulting because of a 
> missing dependency.
> 
> So to be clear: uwsgi-plugin-php requires libphp7.2-embed. php7.2-fpm 
> is not filling the requirement.

Thanks for the bugreport and the further investigations.

I will make sure to add that dependency, and also try come up with an 
autopkgtest to hopefully catch related issues faster in the future.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private


signature.asc
Description: signature

Bug#877082: The .desktop file should register all supported file types

2018-02-01 Thread Hartmut Buhrmester 

As a related feature request, I like to suggest, that the .desktop
file for MuPDF should also register all other supported file types.

MuPDF started as a simple PDF viewer, but it now also supports the
formats XPS, OpenXPS and ePub. In my experience, it is a fast and
reliable viewer for ePub files from the Project Gutenberg.

For a better desktop integration, the .desktop file should register
these file types as well. For ePub files it would be:

MimeType=application/pdf;application/epub+zip;

I don't know about XPS files, though.

--
Regards,
Hartmut Buhrmester

Bug#741097: Ubuntu Launchpad and Octave Savannah Issue

2018-02-01 Thread Christian Himpe 
Dear Maintainer,

here is the associated Ubuntu Launchpad issue: 

https://bugs.launchpad.net/ubuntu/+source/octave/+bug/1706596

and the Octave Savannah issue:

https://savannah.gnu.org/bugs/?func=detailitem_id=47939

I too would appreciate this feature, first for headless compute nodes, as it 
would install GUI stack down to X-Server which no other application might 
require, and also single board computers such as the RaspberryPi for which 
storage may be limited.

Thank you

Christian Himpe

-- 
Christian Himpe
Computational Methods in Systems and Control Theory
Max Planck Institute for Dynamics of Complex Technical Systems
Sandtorstr. 1
D-39106 Magdeburg
Germany

Bug#889058: ITP: node-ava -- Futuristic test runner 

2018-02-01 Thread Pirate Praveen 
Package: wnpp
Severity: wishlist
Owner: Pirate Praveen 
X-Debbugs-CC: debian-de...@lists.debian.org

* Package name: node-ava
  Version : 0.25.0
  Upstream Author : Sindre Sorhus 
(sindresorhus.com)
* URL : https://ava.li
* License : Expat
  Programming Lang: JavaScript
  Description : Futuristic test runner 

 Even though JavaScript is single-threaded, IO in Node.js can happen in
 parallel due to its async nature. AVA takes advantage of this and runs your
 tests concurrently, which is especially beneficial for IO heavy tests. In
 addition, test files are run in parallel as separate processes, giving you
 even better performance and an isolated environment for each test file.
 .
 Switching from Mocha to AVA in Pageres brought the test time down from
31 to
 11 seconds. Having tests run concurrently forces you to write atomic tests,
 meaning tests don't depend on global state or the state of other tests,
which
 is a great thing!
 .
 Node.js is an event-based server-side JavaScript engine.

Many nodejs modules already packaged use ava for their tests, but we are
not able to run them currently because ava is not packaged.



signature.asc
Description: OpenPGP digital signature

Bug#889062: FTBFS

2018-02-01 Thread Thomas Goirand 
Package: swift-im
Version: 3.0.4-1
Severity: serious

Hi,

I've rebuilt all reverse build dependency for libminiupnpc-dev, which
I intend to upload to Sid after it clears the NEW queue and I get
authorization from the release team.

Rebuilding swift-im with libminiupnpc-dev 2.0.20171212 (that I have just
uploaded to Experimental) fails:

Creating 'Swift/QtUI/COPYING'
scons: *** [Swift/QtUI/COPYING] UnicodeEncodeError : 'ascii' codec can't encode 
character u'\xe7' in position 73: ordinal not in range(128)
Traceback (most recent call last):
  File "/usr/lib/scons/SCons/Action.py", line 1197, in execute
result = self.execfunction(target=target, source=rsources, env=env)
  File 
"/home/zigo/sources/miniupnp/rev-build-dep/swift-im/swift-im-3.0.4/BuildTools/SCons/Tools/textfile.py",
 line 116, in _action
fd.write(_do_subst(s, subs))
UnicodeEncodeError: 'ascii' codec can't encode character u'\xe7' in position 
73: ordinal not in range(128)
scons: building terminated because of errors.

This seems, however, to be unrelated to libminiupnpc.

Cheers,

Thomas Goirand (zigo)

Bug#889063: RM: fcitx-zhuyin -- ROM; Superseded by fcitx-libpinyin

2018-02-01 Thread 陳昌倬 
Package: ftp.debian.org
Severity: normal

I would like to request to remove source package fcitx-zhuyin as part of
libpinyin transition [0]. fcitx-zhuyin is superseded by fcitx-libpinyin.


[0] https://bugs.debian.org/888655

-- 
ChangZhuo Chen (陳昌倬) czchen@{czchen,debconf,debian}.org
http://czchen.info/
Key fingerprint = BA04 346D C2E1 FE63 C790  8793 CC65 B0CD EC27 5D5B


signature.asc
Description: PGP signature

Bug#889061: RM: libzhuyin -- ROM; Superseded by libpinyin

2018-02-01 Thread 陳昌倬 
Package: ftp.debian.org
Severity: normal

I would like to request to remove source package libzhuyin as part of
libpinyin transition [0]. libzhuyin is superseded by libpinyin.


[0] https://bugs.debian.org/888655

-- 
ChangZhuo Chen (陳昌倬) czchen@{czchen,debconf,debian}.org
http://czchen.info/
Key fingerprint = BA04 346D C2E1 FE63 C790  8793 CC65 B0CD EC27 5D5B


signature.asc
Description: PGP signature

Bug#889066: lintian should warn if the maintainer scripts include "chown -R" or "chmod -R"

2018-02-01 Thread Daniel Kahn Gillmor 
Package: lintian
Version: 2.5.72
Severity: wishlist

"chown -R" and "chmod -R" are very hard to use safely, and very
tempting as a sledgehammer to "just make the permissions be what i
want them to be".

some debian maintainer scripts might be tempted to use them to adjust
file ownership to specific users.  however, those scripts are
vulnerable to attack on kernels that do not have
fs.protected_hardlinks=1.

while debian defaults to fs.protected_hardlinks=1, we also want to
safely support people who run:

 * non-debian kernels
 * with some kind of fiddly settings in /etc/sysctl*

And, debian maintscripts are often used as a basis for other distros
or other packaging that doesn't necessarily inherit the protections
that the debian kernel ships with, so making sure our maintscripts are
safe in these other contexts is a worthwhile task.

 --dkg

-- System Information:
Debian Release: buster/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (500, 'oldstable'), 
(200, 'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages lintian depends on:
ii  binutils  2.29.1-13
ii  bzip2 1.0.6-8.1
ii  diffstat  1.61-1+b1
ii  dpkg  1.19.0.5
ii  file  1:5.32-1
ii  gettext   0.19.8.1-4
ii  intltool-debian   0.35.0+20060710.4
ii  libapt-pkg-perl   0.1.33
ii  libarchive-zip-perl   1.60-1
ii  libclass-accessor-perl0.51-1
ii  libclone-perl 0.39-1
ii  libdpkg-perl  1.19.0.5
ii  libemail-valid-perl   1.202-1
ii  libfile-basedir-perl  0.07-1
ii  libipc-run-perl   0.96-1
ii  liblist-moreutils-perl0.416-1+b3
ii  libparse-debianchangelog-perl 1.2.0-12
ii  libperl5.24 [libdigest-sha-perl]  5.24.1-7
ii  libperl5.26 [libdigest-sha-perl]  5.26.1-4
ii  libtext-levenshtein-perl  0.13-1
ii  libtimedate-perl  2.3000-2
ii  liburi-perl   1.73-1
ii  libxml-simple-perl2.24-1
ii  libyaml-libyaml-perl  0.69+repack-1
ii  man-db2.7.6.1-4
ii  patchutils0.3.4-2
ii  perl  5.26.1-4
ii  t1utils   1.41-2
ii  xz-utils  5.2.2-1.3

Versions of packages lintian recommends:
pn  libperlio-gzip-perl  

Versions of packages lintian suggests:
pn  binutils-multiarch 
ii  dpkg-dev   1.19.0.5
ii  libhtml-parser-perl3.72-3+b2
ii  libtext-template-perl  1.47-1

-- no debconf information

Bug#889006: dh-autoreconf is run before patching

2018-02-01 Thread Sven Joachim 
[ CC'ing dpatch maintainer. ]

On 2018-02-01 08:56 +0200, Adrian Bunk wrote:

> Package: debhelper,dh-autoreconf
> Severity: serious
> Control: found -1 16
> Control: affects -1 src:dansguardian
>
> https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/dansguardian.html
>
> ...
>dh_autoreconf
> configure.ac:14: installing './compile'
> src/Makefile.am:13: warning: source file 'contentscanners/clamav.cpp' is in a 
> subdirectory,
> src/Makefile.am:13: but option 'subdir-objects' is disabled
> automake: warning: possible forward-incompatibility.
> automake: At least a source file is in a subdirectory, but the 
> 'subdir-objects'
> automake: automake option hasn't been enabled.  For now, the corresponding 
> output
> automake: object file(s) will be placed in the top-level directory.  However,
> automake: this behaviour will change in future Automake versions: they will
> automake: unconditionally cause object files to be placed in the same 
> subdirectory
> automake: of the corresponding sources.
> automake: You are advised to start using 'subdir-objects' option throughout 
> your
> automake: project, to avoid future incompatibilities.
> src/Makefile.am:31: warning: source file 'contentscanners/icapscan.cpp' is in 
> a subdirectory,
> src/Makefile.am:31: but option 'subdir-objects' is disabled
> src/Makefile.am:39: warning: source file 'contentscanners/kavdscan.cpp' is in 
> a subdirectory,
> src/Makefile.am:39: but option 'subdir-objects' is disabled
> src/Makefile.am:25: warning: source file 'contentscanners/clamdscan.cpp' is 
> in a subdirectory,
> src/Makefile.am:25: but option 'subdir-objects' is disabled
> src/Makefile.am:43: warning: source file 
> 'contentscanners/commandlinescan.cpp' is in a subdirectory,
> src/Makefile.am:43: but option 'subdir-objects' is disabled
> src/Makefile.am:48: warning: source file 'downloadmanagers/default.cpp' is in 
> a subdirectory,
> src/Makefile.am:48: but option 'subdir-objects' is disabled
> src/Makefile.am:53: warning: source file 'downloadmanagers/fancy.cpp' is in a 
> subdirectory,
> src/Makefile.am:53: but option 'subdir-objects' is disabled
> src/Makefile.am:57: warning: source file 'downloadmanagers/trickle.cpp' is in 
> a subdirectory,
> src/Makefile.am:57: but option 'subdir-objects' is disabled
> src/Makefile.am:62: warning: source file 'authplugins/proxy.cpp' is in a 
> subdirectory,
> src/Makefile.am:62: but option 'subdir-objects' is disabled
> src/Makefile.am:63: warning: source file 'authplugins/ident.cpp' is in a 
> subdirectory,
> src/Makefile.am:63: but option 'subdir-objects' is disabled
> src/Makefile.am:64: warning: source file 'authplugins/ip.cpp' is in a 
> subdirectory,
> src/Makefile.am:64: but option 'subdir-objects' is disabled
> src/Makefile.am:70: warning: source file 'authplugins/ntlm.cpp' is in a 
> subdirectory,
> src/Makefile.am:70: but option 'subdir-objects' is disabled
> src/Makefile.am:65: warning: source file 'authplugins/digest.cpp' is in a 
> subdirectory,
> src/Makefile.am:65: but option 'subdir-objects' is disabled
>dh_dpatch_patch
> applying patch 03_add_unconfigures to ./ ... ok.
> applying patch 07_fix_config_paths to ./ ... ok.
> applying patch 11_FixOptionContainer.cpp_on_arm to ./ ... ok.
> applying patch 50_clamav095_support to ./ ... ok.
> applying patch 60_add_gcc4.4_support to ./ ... ok.
> applying patch 65-fix_clamdsocket to ./ ... ok.
> applying patch 70-gcc4.6 to ./ ... ok.
> applying patch 70_fix_clamav_detection to ./ ... ok.
> applying patch 80_fix_libcre3_max_sub_expression_allocation to ./ ... ok.
> ...
> checking for CLAMAV... no
> configure: error: Package requirements (libclamav >= 4) were not met:
>
> Requested 'libclamav >= 4' but version of libclamav is 0.99.3-beta2
>
>
> This is caused by:
>
>
> dh-autoreconf (16) unstable; urgency=medium
> ...
>   * Run dh_autoreconf after dh_update_autotools_config,
> not before dh_auto_configure

The dansguardian package uses dpatch:

,
| %:
|   dh $@ --with dpatch,autotools_dev,autoreconf
`

And /usr/share/perl5/Debian/Debhelper/Sequence/dpatch.pm has this line:

insert_before("dh_auto_configure", "dh_dpatch_patch");

I think this should be changed to

insert_before("dh_update_autotools_config", "dh_dpatch_patch");

as is the case in quilt.pm (since quilt 0.63-8.2).  Haven't tested it,
though.

Cheers,
   Sven

Bug#888929: libetonyek FTBFS with libglm-dev 0.9.9~a2-1

2018-02-01 Thread Rene Engelhard 
Hi,

On Wed, Jan 31, 2018 at 11:24:47AM +0200, Adrian Bunk wrote:
> ...
> In file included from /usr/include/glm/gtx/quaternion.hpp:20:0,
>  from /usr/include/glm/gtx/io.hpp:24,
>  from IWORKTransformationTest.cpp:13:
> /usr/include/glm/gtx/norm.hpp:21:3: error: #error "GLM: GLM_GTX_norm is an 
> experimental extension and may change in the future. Use #define 
> GLM_ENABLE_EXPERIMENTAL before including it, if you really want to use it."
>  # error "GLM: GLM_GTX_norm is an experimental extension and may change in 
> the future. Use #define GLM_ENABLE_EXPERIMENTAL before including it, if you 
> really want to use it."
>^

The straightforward fix is

$ cat debian/patches/GLM_ENABLE_EXPERIMENTAL.diff 
diff --git a/src/test/Makefile.am b/src/test/Makefile.am
index f71ee6d..5d054c9 100644
--- a/src/test/Makefile.am
+++ b/src/test/Makefile.am
@@ -14,6 +14,7 @@ test_CPPFLAGS = \
$(CPPUNIT_CFLAGS) \
$(XML_CFLAGS) \
$(GLM_CFLAGS) \
+   -DGLM_ENABLE_EXPERIMENTAL \
$(MDDS_CFLAGS) \
$(LANGTAG_LIBS) \
$(DEBUG_CXXFLAGS)

but that causes

FAIL: test
===
   libetonyek 0.1.7: src/test/test-suite.log
===

# TOTAL: 2
# PASS:  1
# SKIP:  0
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0

.. contents:: :depth: 2

FAIL: test
==

test::IWAFieldTest::testEmpty : OK
test::IWAFieldTest::testParse : OK
test::IWAFieldTest::testParsePacked : OK
test::IWAFieldTest::testOptional : OK
test::IWAFieldTest::testRepeated : OK
test::IWAMessageTest::testSimple : OK
test::IWAMessageTest::testNestedMessage : OK
test::IWAMessageTest::testMessageSimpleAccess : OK
test::IWAMessageTest::testMissingFields : OK
test::IWAMessageTest::testRepeated : OK
test::IWAMessageTest::testPacked : OK
test::IWAMessageTest::testInvalidInput : OK
test::IWAMessageTest::testNestedMessageWithTrailingData : OK
test::IWAMessageTest::testEmptyMessage : OK
test::IWAMessageTest::testEmptyString : OK
test::IWAReaderTest::testString : OK
test::IWAReaderTest::testBytes : OK
test::IWASnappyStreamTest::testBlock : OK
test::IWASnappyStreamTest::testInvalid : OK
test::IWASnappyStreamTest::testFull : OK
test::IWORKChainedTokenizerTest::testNormal : OK
test::IWORKChainedTokenizerTest::testQualified : OK
test::IWORKFormulaTest::testNumbers : OK
test::IWORKFormulaTest::testStrings : OK
test::IWORKFormulaTest::testCellReferences : OK
test::IWORKFormulaTest::testOperators : OK
test::IWORKFormulaTest::testFunctions : OK
test::IWORKFormulaTest::testExpressions : OK
test::IWORKFormulaTest::testInvalid : OK
test::IWORKPathTest::testConstruction : OK
test::IWORKPathTest::testConversion : OK
test::IWORKPropertyMapTest::testLookup : OK
test::IWORKPropertyMapTest::testLookupWithParent : OK
test::IWORKShapeTest::testMakePolygonPath : OK
test::IWORKShapeTest::testMakeRoundedRectanglePath : OK
test::IWORKShapeTest::testMakeArrowPath : OK
test::IWORKShapeTest::testMakeDoubleArrowPath : OK
test::IWORKShapeTest::testMakeStarPath : OK
test::IWORKShapeTest::testMakeConnectionPath : OK
test::IWORKShapeTest::testMakeCalloutPath : OK
test::IWORKShapeTest::testMakeQuoteBubblePath : OK
test::IWORKStyleTest::testLink : OK
test::IWORKStyleTest::testFlatten : OK
test::IWORKStyleTest::testLookup : OK
test::IWORKStyleStackTest::testLookup : OK
test::IWORKTokenizerBaseTest::testNormal : OK
test::IWORKTokenizerBaseTest::testQualified : OK
test::IWORKTransformationTest::testConstruction : OK
test::IWORKTransformationTest::testConstructionIdentity : assertion
test::IWORKTransformationTest::testConstructionFromGeometry : assertion
test::IWORKTransformationTest::testIdentities : OK
test::IWORKTransformationTest::testInverseOperations : assertion
test::LibetonyekUtilsTest::testReadSVar : OK
test::LibetonyekUtilsTest::testReadUVar : OK
test::IWORKLanguageManagerTest::testTagToProps : OK
test::IWORKLanguageManagerTest::testLanguageToProps : OK
IWORKTransformationTest.cpp:112:Assertion
Test name: test::IWORKTransformationTest::testConstructionIdentity
equality assertion failed
- Expected: 
[[0.000,0.000,0.000]
 [0.000,0.000,0.000]
 [0.000,0.000,0.000]]
- Actual  : 
[[1.000,0.000,0.000]
 [0.000,1.000,0.000]
 [0.000,0.000,1.000]]

IWORKTransformationTest.cpp:136:Assertion
Test name: test::IWORKTransformationTest::testConstructionFromGeometry
equality assertion failed
- Expected: 
[[1.000,0.000,0.000]
 [0.000,1.000,0.000]
 [0.000,0.000,1.000]]
- Actual  : 
[[0.000,0.000,0.000]
 [0.000,0.000,0.000]
 [0.000,0.000,0.000]]

IWORKTransformationTest.cpp:226:Assertion
Test name: test::IWORKTransformationTest::testInverseOperations
equality assertion failed
- Expected: 
[[2.000,0.000,0.000]
 [4.000,2.000,0.000]
 [1.000,0.000,2.000]]
- Actual  : 
[[1.000,0.000,

Bug#863227: system-config-printer: applet.py does not exit with session

2018-02-01 Thread Sergio Gelato 
* Sergio Gelato [2018-02-01 12:09:18 +0100]:
> I think that means applet.py needs some other (additional) way of being told
> when to exit. How do other applications do it? XSMP?

Could it be as simple as the second option in
https://bugs.freedesktop.org/show_bug.cgi?id=94508#c11 ,
namely arrange for system-config-printer-applet to connect to the X display
so that it gets killed when the X session exits? Maybe that can be done
without the full overhead of inserting an icon into the notification area,
which I understand the applet deliberately avoids doing until a job has been
printed?

Bug#889068: RFS: ncurses-hexedit/0.9.7+orig-2

2018-02-01 Thread Carlos Maddela 
Package: sponsorship-requests
Severity: normal

  Dear mentors,

  I am looking for a sponsor for my package "ncurses-hexedit"

 * Package name: ncurses-hexedit
   Version : 0.9.7+orig-2
   Upstream Author : Adam Rogoyski 
 * URL : http://www.rogoyski.com/adam/programs/hexedit/
 * License : GPL-2.0+
   Section : editors

  It builds this binary package:

ncurses-hexedit - Edit files/disks in hex, ASCII and EBCDIC

  To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/ncurses-hexedit


  Alternatively, one can download the package with dget using this command:

dget -x 
https://mentors.debian.net/debian/pool/main/n/ncurses-hexedit/ncurses-hexedit_0.9.7+orig-2.dsc

  Changes since the last upload:

  * Add missing dependency for dot-info autopkgtest and provide more
specific exit statuses in case of failure.
  * Update overridden Lintian warning:
debian-watch-may-check-gpg-signature ->
debian-watch-does-not-check-gpg-signature


  Regards,
   Carlos Maddela

Bug#889069: binutils related binNMUs

2018-02-01 Thread Matthias Klose 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

please binNMU boinc-app-eah-brp and wcc for the upper dependencies on binutils.

Bug#889070: am-utils silently drops gdbm support with libgdbm-dev 1.14.1-2

2018-02-01 Thread Adrian Bunk 
Source: am-utils
Version: 6.2+rc20110530-3.2
Severity: serious

https://buildd.debian.org/status/package.php?p=am-utils

...
checking gdbm/ndbm.h usability... no
checking gdbm/ndbm.h presence... no
checking for gdbm/ndbm.h... no
...

Bug#889009: postfix: /etc/systemd/system/postfix.service.d/override.conf is not world readable

2018-02-01 Thread Daniel Kahn Gillmor 
On Thu 2018-02-01 01:33:10 -0500, Daniel Kahn Gillmor wrote:
> check out these permissions:
>
> 0 root@alice:~# ls -la /etc/systemd/system/postfix.service.d/override.conf 
> -rw--- 1 root root 66 Jan 23  2017 
> /etc/systemd/system/postfix.service.d/override.conf
> 0 root@alice:~#
>
>
> and yet, there is nothing secret in the file:
>
> 0 root@alice:~# cat /etc/systemd/system/postfix.service.d/override.conf 
> [Unit]
> After=network-online.target
> After=systemd-resolved.service
> 0 root@alice:~# 
>
> shouldn't this file be created in mode 0644?  no other override.conf
> files are unreadable by "other" on this system.

I note that this shows up in the journal as:

Configuration file /etc/systemd/system/postfix.service.d/override.conf
is marked world-inaccessible. This has no effect as configuration data
is accessible via APIs without restrictions. Proceeding anyway.

so systemd is complaining about it too :/ fixing this would also cut out
the noise there.

   --dkg

Bug#888297: p7zip: CVE-2017-17969: ZIP Shrink: Heap Buffer Overflow

2018-02-01 Thread Antoine Beaupre 
On Fri, Jan 26, 2018 at 04:10:54PM -0500, Antoine Beaupre wrote:
> Control: tags -1 +patch
> 
> Since a fix was published in upstream 18.00-beta, I looked at the source
> there and was able to produce a simple patch for wheezy, which should be
> trivial to port to jessie and easy to port to stretch:
> 
> https://sourceforge.net/p/p7zip/bugs/_discuss/thread/0920f369/c296/attachment/CVE-2017-17969.patch
> 
> Attached as well.
> 
> Looks good?

It does not, at all, look good: that doesn't even compile...

I've submitted a new patch upstream:

https://sourceforge.net/p/p7zip/bugs/_discuss/thread/0920f369/#2de7

And will leave the discussion happening there.

This one builds, at least, and as far as I can tell, doesn't introduce
regressions in the normal code paths that I could test. I've asked the
original researcher for a reproducer to see if this fixes the issue as
well, so I'll wait a little longer for feedback before issuing an
advisory on that one.

A.


signature.asc
Description: PGP signature

Bug#787774: [Pkg-javascript-devel] Looking for help Re: Bug#787774: RFP: libjs-openpgp -- OpenPGP JavaScript Implementation (OpenPGP.js)

2018-02-01 Thread Pirate Praveen 
On Wed, 31 Jan 2018 23:05:56 +0100 =?UTF-8?B?SsOpcsOpbXkgTGFs?=
 wrote:
> 2018-01-31 21:51 GMT+01:00 Daniel Kahn Gillmor :
> > I'm not very skilled with the node/grunt toolchain in debian, or with
> > the current debian javascript packaging policy but i'd be happy to learn
> > if someone wants to give me pointers.

Hi Daniel,

You can just call grunt during build target in rules. See

https://wiki.debian.org/Javascript/Nodejs#Using_build_tools_like_grunt

(though the current path in grunt for using globally installed tasks is
not perfect, it may work in sbuild only and not with dpkg-buildpackage).

See this also
https://anonscm.debian.org/cgit/pkg-javascript/node-fuzzaldrin-plus.git/tree/debian/patches/use-global-tasks.patch

You will need to remove optional grunt plugins too

see
https://anonscm.debian.org/cgit/pkg-javascript/node-handlebars.git/tree/debian/patches/skip-some-modules.patch

Just ask if you hit any issues.

Thanks
Praveen



signature.asc
Description: OpenPGP digital signature

Bug#889059: FTBFS with 2.0.20171212

2018-02-01 Thread Thomas Goirand 
Source: warzone2100
Version: 3.2.1-2
Severity: important

Hi,

Rebuilding warzone2100 with libminiupnpc 2.0.20171212, that I have just uploaded
to Experimental (currently in NEW) leads to FTBFS:

netplay.cpp: In function ‘int upnp_init(void*)’:
netplay.cpp:954:50: error: invalid conversion from ‘int*’ to ‘unsigned char’ 
[-fpermissive]
   devlist = upnpDiscover(3000, NULL, NULL, 0, 0, );
  ^~~
netplay.cpp:954:57: error: too few arguments to function ‘UPNPDev* 
upnpDiscover(int, const char*, const char*, int, int, unsigned char, int*)’
   devlist = upnpDiscover(3000, NULL, NULL, 0, 0, );
 ^
In file included from netplay.cpp:45:0:
/usr/include/miniupnpc/miniupnpc.h:62:1: note: declared here
 upnpDiscover(int delay, const char * multicastif,
 ^~~~
netplay.cpp:974:106: error: too few arguments to function ‘void* 
miniwget_getaddr(const char*, int*, char*, int, unsigned int, int*)’
descXML = (char *)miniwget_getaddr(dev->descURL, , lanaddr, 
sizeof(lanaddr), dev->scope_id);

  ^
In file included from netplay.cpp:44:0:
/usr/include/miniupnpc/miniwget.h:21:25: note: declared here
 MINIUPNP_LIBSPEC void * miniwget_getaddr(const char *, int *, char *, int, 
unsigned int, int *);
 ^~~~
netplay.cpp: In function ‘int NETsendFile(char*, const Sha256&, UDWORD)’:
netplay.cpp:1932:107: warning: ‘PHYSFS_sint64 PHYSFS_read(PHYSFS_File*, void*, 
PHYSFS_uint32, PHYSFS_uint32)’ is deprecated [-Wdeprecated-declarations]
  bytesToRead = PHYSFS_read(NetPlay.players[player].wzFile.pFileHandle, inBuff, 
1, MAX_FILE_TRANSFER_PACKET);

   ^
In file included from ../../lib/framework/file.h:22:0,
 from netplay.cpp:30:
/usr/include/physfs.h:1333:27: note: declared here
 PHYSFS_DECL PHYSFS_sint64 PHYSFS_read(PHYSFS_File *handle,
   ^~~
In file included from ../../lib/framework/string_ext.h:24:0,
 from ../../lib/framework/frame.h:44,
 from netplay.cpp:26:
netplay.cpp: In function ‘UBYTE NETrecvFile(NETQUEUE)’:
netplay.cpp:2005:103: warning: ‘const char* PHYSFS_getLastError()’ is 
deprecated [-Wdeprecated-declarations]
 debug(LOG_FATAL, "PHYSFS_openRead(\"%s\") failed with error: %s\n", 
fileName, PHYSFS_getLastError());

   ^
../../lib/framework/debug.h:261:93: note: in definition of macro ‘debug’
 #define debug(part, ...) do { if (enabled_debug[part]) _debug(__LINE__, part, 
__FUNCTION__, __VA_ARGS__); } while(0)

 ^~~
In file included from ../../lib/framework/file.h:22:0,
 from netplay.cpp:30:
/usr/include/physfs.h:654:25: note: declared here
 PHYSFS_DECL const char *PHYSFS_getLastError(void) PHYSFS_DEPRECATED;
 ^~~
netplay.cpp:2080:62: warning: ‘PHYSFS_sint64 PHYSFS_write(PHYSFS_File*, const 
void*, PHYSFS_uint32, PHYSFS_uint32)’ is deprecated [-Wdeprecated-declarations]
  PHYSFS_write(NetPlay.pMapFileHandle, outBuff, bytesToRead, 1);
  ^
In file included from ../../lib/framework/file.h:22:0,
 from netplay.cpp:30:
/usr/include/physfs.h:1362:27: note: declared here
 PHYSFS_DECL PHYSFS_sint64 PHYSFS_write(PHYSFS_File *handle,
   ^~~~
In file included from ../../lib/framework/string_ext.h:24:0,
 from ../../lib/framework/frame.h:44,
 from netplay.cpp:26:
netplay.cpp:2087:101: warning: ‘const char* PHYSFS_getLastError()’ is 
deprecated [-Wdeprecated-declarations]
debug(LOG_ERROR, "Could not close file handle after trying to save map: 
%s", PHYSFS_getLastError());

 ^
../../lib/framework/debug.h:261:93: note: in definition of macro ‘debug’
 #define debug(part, ...) do { if (enabled_debug[part]) _debug(__LINE__, part, 
__FUNCTION__, __VA_ARGS__); } while(0)

 ^~~
In file included from ../../lib/framework/file.h:22:0,
 from netplay.cpp:30:
/usr/include/physfs.h:654:25: note: declared here
 PHYSFS_DECL const char *PHYSFS_getLastError(void) PHYSFS_DEPRECATED;
 ^~~
netplay.cpp: In function ‘void dumpDebugSync(uint8_t*, size_t, uint32_t, 
unsigned int)’:
netplay.cpp:3599:33: warning: ‘PHYSFS_sint64 PHYSFS_write(PHYSFS_File*, const 
void*, PHYSFS_uint32,

Bug#889060: colord.postinst: colord -> root escalation on systems with fs.protected_hardlinks=0

2018-02-01 Thread Ansgar Burchardt 
Package: colord
Version: 1.3.3-2
Severity: important
Tags: security

On systems with fs.protected_hardlinks=0 the postinst script allows
escalation from the colord user to root:

+---
| # sysctl fs.protected_hardlinks=0
| # runuser -u colord ln /bin/bash /var/lib/colord/bash
| # ls -l /bin/bash
| -rwxr-xr-x 2 root root 1099016 May 15  2017 /bin/bash
| # dpkg-reconfigure colord
| # ls -l /bin/bash
| -rwxr-xr-x 2 colord colord 1099016 May 15  2017 /bin/bash
+---

This is essentially the same problem as CVE-2017-18078.

Ansgar
  (now hoping every other `chmod -R` call gets a CVE assigned)

Bug#888958: stretch-pu: package flatpak/0.8.9-0+deb9u1

2018-02-01 Thread Simon McVittie 
On Wed, 31 Jan 2018 at 15:41:47 +, Simon McVittie wrote:
> debdiff --exclude=configure --exclude=po flatpak_0.8.8-0+deb9u1.dsc 
> flatpak_0.8.9-0+deb9u1.dsc

Sorry, I should have mentioned that this diff is relative to the version
that was previously OK'd for upload by Julien Cristau, but not yet
accepted into stable-proposed-updates (#883483). Let me know if you'd
prefer a single monolithic diff relative to 0.8.7-2~deb9u1, which is
what's currently in stable.

smcv

Bug#871077: gnu-smalltalk: FTBFS: configure: error: Synchronization primitives not found, please use a newer compiler.

2018-02-01 Thread Adrian Bunk 
Control: tags -1 patch

On Sun, Aug 06, 2017 at 05:59:50PM -0400, Lucas Nussbaum wrote:
>...
> > checking for LIBFFI... yes
> > checking for sigsegv_install_handler in -lsigsegv... no
> > 
> > Platform environment:
> > checking whether the host supports __sync_fetch_and_add... no
> > configure: error: Synchronization primitives not found, please use a newer 
> > compiler.
> > debian/rules:16: recipe for target 'configure-stamp' failed
>...

The actual error is according to config.log:
cc1: error: -Wformat-security ignored without -Wformat [-Werror=format-security]

Fix:

--- debian/rules.old2018-02-01 14:55:54.960603766 +
+++ debian/rules2018-02-01 14:58:04.752602528 +
@@ -8,6 +8,7 @@
 QUILT_STAMPFN = patch-stamp
 include /usr/share/quilt/quilt.make
 
+export DEB_BUILD_MAINT_OPTIONS = hardening=-format
 DPKG_EXPORT_BUILDFLAGS = 1
 include /usr/share/dpkg/buildflags.mk
 

There is now also a second build failure later related to Tcl 8.6,
upstream fix for that is attached.


cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

>From 84fc8a50f692624921d4233dec1a3c8796f5b5da Mon Sep 17 00:00:00 2001
From: Holger Hans Peter Freyther 
Date: Mon, 26 May 2014 07:53:05 +0200
Subject: blox: Direct usage of result is deprecated and stops working

Use Tcl_GetStringResult(interp) instead of interp->result on
newer versions of Tcl. It looks like Tcl_GetStringResult has
been present in the entire 8.0 series.

2014-05-26  Holger Hans Peter Freyther  

	* BloxTK.c: Use Tcl_GetStringResult to access the result.
---
 packages/blox/tk/BloxTK.c  | 4 ++--
 packages/blox/tk/ChangeLog | 4 
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/packages/blox/tk/BloxTK.c b/packages/blox/tk/BloxTK.c
index 2ba40b81..2f06b7f0 100644
--- a/packages/blox/tk/BloxTK.c
+++ b/packages/blox/tk/BloxTK.c
@@ -173,12 +173,12 @@ tclInit (void)
 
   if (Tcl_Init (interp) == TCL_ERROR)
 {
-  fprintf (stderr, "Tcl_Init failed: %s\n", interp->result);
+  fprintf (stderr, "Tcl_Init failed: %s\n",  Tcl_GetStringResult(interp));
   exit (1);
 }
   if (Tk_Init (interp) == TCL_ERROR)
 {
-  fprintf (stderr, "Tk_Init failed: %s\n", interp->result);
+  fprintf (stderr, "Tk_Init failed: %s\n", Tcl_GetStringResult(interp));
   exit (1);
 }
   Tcl_CreateCommand (interp, "callback", doCallback, NULL, NULL);
diff --git a/packages/blox/tk/ChangeLog b/packages/blox/tk/ChangeLog
index aefd2dcb..159b1776 100644
--- a/packages/blox/tk/ChangeLog
+++ b/packages/blox/tk/ChangeLog
@@ -1,3 +1,7 @@
+2014-05-26  Holger Hans Peter Freyther  
+
+	* BloxTK.c: Use Tcl_GetStringResult to access the result.
+
 2010-12-04  Paolo Bonzini  
 
 	* package.xml: Remove now superfluous  tags.
-- 
2.11.0

  1   2   3   >