Bug#896934: diffoscope: decode monitor EDID data to text

[Chris Lamb]

Hi Paul,

> […]

Just wondering if you've had any further input on this? :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#898815: ITP: r-cran-rstantools -- tools for developing GNU R packages interfacing with 'Stan'

[Andreas Tille]

Package: wnpp
Severity: wishlist
Owner: Andreas Tille 

* Package name: r-cran-rstantools
  Version : 1.5.0
  Upstream Author : Jonah Gabry, Ben Goodrich, Stefan Siegert,
* URL : https://cran.r-project.org/package=rstantools
* License : GPL-3+
  Programming Lang: GNU R
  Description : tools for developing GNU R packages interfacing with 'Stan'
 Provides various tools for developers of R packages interfacing
 with 'Stan' , including functions to set up the required
 package structure, S3 generics and default methods to unify function naming
 across 'Stan'-based R packages, and vignettes with recommendations for
 developers.

Remark: This package is maintained by Debian R Packages Maintainers at
   https://salsa.debian.org/r-pkg-team/r-cran-rstantools
This package belongs to a set of dependencies for r-cran-brms which is
needed to upgrade r-cran-emmeans to the latest upstream version.

Bug#898816: RFS: deepin-music/3.1.8.3+ds-1

[Yanhao Mo]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "deepin-music"

 * Package name: deepin-music
   Version : 3.1.8.3+ds-1
   Upstream Author : Deepin Technology Co., Ltd.
 * URL : https://github.com/linuxdeepin/deepin-music
 * License : GPL-3+
   Section : sound

It builds those binary packages:

  deepin-music - music player with brilliant and tweakful UI

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/deepin-music

Alternatively, one can download the package with dget using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/d/deepin-music/deepin-music_3.1.8.3+ds-1.dsc

More information about hello can be obtained from 
https://salsa.debian.org/pkg-deepin-team/deepin-music

Changes since the last upload:

  * New upstream release.

-- 
Yanhao Mo


signature.asc
Description: PGP signature

Bug#898817: RFS: deepin-terminal/3.0.0+ds-1

[Yanhao Mo]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "deepin-terminal"

* Package name: deepin-terminal
  Version : 3.0.0+ds-1
  Upstream Author : Deepin Technology Co., Ltd.
* URL : https://github.com/linuxdeepin/deepin-terminal
* License : GPL-3+
  Section : x11

It builds those binary packages:

  deepin-terminal - Deepin terminal emulator application

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/deepin-terminal

Alternatively, one can download the package with dget using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/d/deepin-terminal/deepin-terminal_3.0.0+ds-1.dsc

More information about hello can be obtained from
https://salsa.debian.org/pkg-deepin-team/deepin-terminal

Changes since the last upload:

  * New upstream release.
  * d/contorl: Add new uploader Yanhao Mo .
  * d/patches: modify patches to adapt to new upstream version.
  * d/rules: Refresh to build new package.
  * d/copyright: Exclude 3rdparty/ directory.
  * d/source/lintian-overrides: No need to override anything, delete it.
  * Bump Standards-Version to 4.1.4 (No changes needed).

-- 
Yanhao Mo


signature.asc
Description: PGP signature

Bug#898791: [Pkg-rust-maintainers] Bug#898791: rust-doc: [RC] embedded copy of normalize.css

[Ximin Luo]

Control: severity -1 normal

Please refrain from wasting maintainers' extremely limited time in future.

Bastien ROUCARIÈS:
> Package: rust-doc
> Version: 1.24.1+dfsg1-1
> Severity: serious
> Justification: Policy 4.13
> 
> This package include embedded copy of normalize.css
> /usr/share/doc/rust-doc/html/normalize.css
> 
> Please use the package libjs-normalize.css instead to use local copy
> 
> Thanks 
> 
> Bastien
> 


-- 
GPG: ed25519/56034877E1F87C35
GPG: rsa4096/1318EFAC5FBBDBCE
https://github.com/infinity0/pubkeys.git

Bug#898765: nmu: eccodes_2.7.3-2

[Alastair McKinstry]

On 15/05/2018 18:54, Gilles Filippini wrote:


Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

eccodes binary packages were built by the maintainer for arch amd64,
and it seems he used a GCC version different from 7.3.0 because building
metview on amd64 with default GCC FTBFS with:
/<>/src/libMvMacroApi/macro_api_f90.f90:23:6:

use grib_api
   1
Fatal Error: Cannot read module file 'grib_api.mod' opened at (1), because it 
was created by a different version of GNU Fortran


I did build eccodes (2.7.3-2) with gfortran 8, but I did so deliberately 
to provide the compatible mod file needed to test the ECMWF / meteo 
stack with gcc / g++ / gfortran 8.
metview is now (5.0.1-3) also compiled with gfortran-8 and compiles 
successfully. See the changelogs / diffs for the packages 
(https://salsa.debian.org/science-team/eccodes, etc)



The ECMWF packages (magics++, metview in particular) contain a lot of 
old-style C++ code, and typically FTBFS on g++ upgrades, needing syntax 
fixes for new warnings, etc. To ensure they compile and work (on all 
archs) required building eccodes with gfortran8 to get the dependencies 
working then building all with experimental.


So, these packages (eccodes, flextra, flexpart, metview) are temporarily 
hard-coded to use gfortran-8. I will revert this when the transition is 
compete.

grib_api.mod is part of libeccodes-dev.

Please rebuild eccodes with default GCC for amd64.

nmu eccodes_2.7.3-2 . amd64 . unstable . -m "Rebuild with GCC 7.3.0"

Thanks,

Thanks

--
Alastair McKinstry, , , 
https://diaspora.sceal.ie/u/amckinstry
Misentropy: doubting that the Universe is becoming more disordered.

Bug#898799: lintian: False positive for debhelper-compat-file-contains-multiple-levels

[Chris Lamb]

tags 898799 + pending
thanks

Thanks! Fixed in Git, pending upload:

  
https://salsa.debian.org/lintian/lintian/commit/623a6418151e567f5d78f433ebde0d49e6ce1d83

  checks/debhelper.pm| 14 ++
  debian/changelog   |  3 +++
  .../debhelper-compat-multiple-unrel/debian/debian/compat   |  3 +++
  t/tests/debhelper-compat-multiple-unrel/desc   |  5 +
  t/tests/debhelper-compat-multiple-unrel/tags   |  0
  t/tests/debhelper-compat-multiple/debian/debian/compat |  1 +
  t/tests/debhelper-compat-multiple/tags |  2 +-
  7 files changed, 23 insertions(+), 5 deletions(-)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#898818: systemd-journald can be restarted since systemd v233

[Mathieu Parent]

Package: needrestart
Version: 3.1-1
Severity: normal
Tags: upstream

Since systemd v233 (and probably v232 too), it is safe to restart 
systemd-journald as it now store fds.

The following line can be commented:
qr(^systemd-journald) => 0,

Note:
- stretch has systemd v232
- testing/buster has v238

Refs:
- 
https://salsa.debian.org/systemd-team/systemd/commit/75c7beacfdc9835a7a04a4a80e68a9ed2efdf419
- https://github.com/systemd/systemd/pull/4456
- https://bugs.debian.org/851438

-- Package-specific info:
needrestart output:
Your outdated processes:
at-spi-bus-laun[2140], at-spi2-registr[2148], bash[21612, 8749], 
dbus-daemon[2083, 2145], dconf-service[2474], evolution-addre[2502, 2488], 
evolution-alarm[2378], evolution-calen[2466, 2398], evolution-sourc[2216], 
gdm-x-session[2071], gnome-documents[4405], gnome-session-b[2086], 
gnome-shell[2166], gnome-shell-cal[2210], gnome-software[2379], 
gnome-terminal-[4421], goa-daemon[2225], goa-identity-se[2264], 
gsd-a11y-settin[2298], gsd-clipboard[2296], gsd-color[2297], 
gsd-datetime[2304], gsd-disk-utilit[2369], gsd-housekeepin[2299], 
gsd-keyboard[2301], gsd-media-keys[2313], gsd-mouse[2306], gsd-power[2270], 
gsd-print-notif[2273], gsd-printer[2333], gsd-rfkill[2274], 
gsd-screensaver[2275], gsd-sharing[2277], gsd-smartcard[2279], gsd-sound[2282], 
gsd-wacom[2286], gsd-xsettings[2287], gvfs-afc-volume[2247], gvfsd[2178], 
gvfsd-burn[4558], gvfsd-fuse[2183], gvfsd-metadata[2583], gvfsd-trash[4457], 
gvfs-goa-volume[2252], gvfs-gphoto2-vo[2243], gvfs-mtp-volume[2238], 
gvfs-udisks2-vo[2230], mission-control[2229], pulseaudio[2199], systemd[2053], 
telepathy-logge[4512], tracker-extract[2366], tracker-miner-a[2386], 
tracker-miner-f[2373], tracker-store[2397], Xorg[2073], zeitgeist-daemo[2433], 
zeitgeist-datah[2392], zeitgeist-fts[2444]



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.16.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), 
LANGUAGE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages needrestart depends on:
ii  binutils   2.30-15
ii  dpkg   1.19.0.5+b1
ii  gettext-base   0.19.8.1-6+b1
ii  libintl-perl   1.26-2
ii  libmodule-find-perl0.13-1
ii  libmodule-scandeps-perl1.24-1
ii  libproc-processtable-perl  0.55-1
ii  libsort-naturally-perl 1.03-2
ii  libterm-readkey-perl   2.37-1+b2
ii  perl   5.26.2-3
ii  xz-utils   5.2.2-1.3

Versions of packages needrestart recommends:
ii  libpam-systemd  238-4

Versions of packages needrestart suggests:
ii  iucode-tool  2.3.1-1
pn  needrestart-session | libnotify-bin  

-- Configuration Files:
/etc/needrestart/needrestart.conf changed:
$nrconf{blacklist} = [
# ignore sudo (not a daemon)
qr(^/usr/bin/sudo(\.dpkg-new)?$),
# ignore DHCP clients
qr(^/sbin/(dhclient|dhcpcd5|pump|udhcpc)(\.dpkg-new)?$),
# ignore apt-get (Debian Bug#784237)
qr(^/usr/bin/apt-get(\.dpkg-new)?$),
];
$nrconf{override_rc} = {
# DBus
qr(^dbus) => 0,
# display managers
qr(^gdm) => 0,
qr(^kdm) => 0,
qr(^nodm) => 0,
qr(^sddm) => 0,
qr(^wdm) => 0,
qr(^xdm) => 0,
qr(^lightdm) => 0,
qr(^slim) => 0,
qr(^lxdm) => 0,
# networking stuff
qr(^bird) => 0,
qr(^network-manager) => 0,
#MP: qr(^NetworkManager) => 0,
qr(^wpa_supplicant) => 0,
qr(^openvpn) => 0,
qr(^quagga) => 0,
qr(^tinc) => 0,
qr(^(open|free|libre|strong)swan) => 0,
# gettys
qr(^getty@.+\.service) => 0,
# systemd --user
qr(^user@\d+\.service) => 0,
# misc
qr(^zfs-fuse) => 0,
qr(^mythtv-backend) => 0,
qr(^xendomains) => 0,
qr(^lxcfs) => 0,
qr(^libvirt) => 0,
qr(^docker) => 0,
# workaround for broken systemd-journald
# (see also Debian Bug#771122 & #771254)
#MP: qr(^systemd-journald) => 0,
# more systemd stuff
# (see also Debian Bug#784238 & #784437)
qr(^emergency\.service$) => 0,
qr(^rescue\.service$) => 0,
# do not restart oneshot services, see #862840
qr(^apt-daily\.service$) => 0,
qr(^apt-daily-upgrade\.service$) => 0,
qr(^unattended-upgrades\.service$) => 0,
# ignore rc-local.service, see #852864
qr(^rc-local\.service$) => 0,
# don't restart systemd-logind, see #798097
qr(^systemd-logind) => 0,
};
$nrconf{override_cont} = {
};
$nrconf{blacklist_interp} = [
# ignore temporary files
qr(^/tmp/),
qr(^/var/),
qr(^/run/),
];
$nrconf{blacklist_mappings} = [
# special device paths
qr(^/(SYSV( \(deleted\))?|drm(\s|$)|dev/)),
# aio(7) mapping
qr(^/\[aio\]),
# Oil Runtime Compiler's JIT files
qr#/orcexec\.[\w\d]+( \(deleted\))?$#,
# plas

Bug#898431: please update version of file(1) on lindsay.debian.org to detect .wasm files

[Chris Lamb]

[adding Christoph Biedl to CC]

Niels Thykier wrote:

> >> source-contains-prebuilt-wasm-binary source tag is not emitted due to
> >> too old file.
> > 
> > To clarify anyone else who had difficult parsing this, "file" here
> > refers to file(1)/src:file, not the to the prebuilt .wasm file itself.
> > 
> > Niels, is this one for us or DSA?
> 
> The version of file(1) we need most be in stable or stable-backports.
> Once that is there, we send a patch to the DSA metapackage for lindsay

Christoph, would this be something you would be willing to do? :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#896674: interim status on 2.3.1 ?

[Christian Ehrhardt]

Hi,
I see there is work on the 2.3 series in experimental.
Even 2.3.1 is there already for a while.

I was starting to consider >=2.3.1 for Ubuntu as well and wondered if there
is any update here.
Like is it help in experimental for known issues or juts a lack of time.

If there are known issues are there any one could help?

I'll start a merge of the 2.3.1 version and do a few checks on my own, but
feedback on the current status from the maintainer working on it would be
appreciated.

-- 
Christian Ehrhardt
Software Engineer, Ubuntu Server
Canonical Ltd

Bug#898658: f-irc gets SEGV with TERM=xterm-256color

[Thomas Dickey]

On Tue, May 15, 2018 at 08:01:19PM -0400, Thomas Dickey wrote:
> On Tue, May 15, 2018 at 08:47:38PM +0200, Sven Joachim wrote:
> > CC'ing ncurses maintainer, it looks like the library might be at fault
> > here.
> ...
> > So it seems that the ncurses library did not allocate enough memory to
> > hold all the color pairs in sp->_color_pairs, resulting in the eventual
> > heap buffer overflow.
> > 
> > That's how far I have tracked the issue, hopefully Thomas Dickey can
> > investigate it further and even provide a fix.
> 
> I can reproduce this, will see...

The problem is that f-irc asks for pair-content of pairs which it did not
initialize, and in doing this, found a case I'd overlooked in the logic
for dynamically allocating the color-pair table last year.

Here's the diff to fix ncurses:

--- ncurses/base/lib_color.c2018/03/01 15:02:12 1.137
+++ ncurses/base/lib_color.c2018/05/16 08:24:08
@@ -938,9 +938,12 @@
 if (!ValidPair(sp, pair)) {
result = ERR;
 } else {
-   int fg = FORE_OF(sp->_color_pairs[pair]);
-   int bg = BACK_OF(sp->_color_pairs[pair]);
+   int fg;
+   int bg;
 
+   _nc_reserve_pairs(sp, pair);
+   fg = FORE_OF(sp->_color_pairs[pair]);
+   bg = BACK_OF(sp->_color_pairs[pair]);
 #if NCURSES_EXT_FUNCS
if (isDefaultColor(fg))
fg = -1;

f-irc, by the way, hits that function about a hundred times more than
the worst-case (7.2 million versus 65 thousand).  The usual application
won't do anything like that...

-- 
Thomas E. Dickey 
https://invisible-island.net
ftp://ftp.invisible-island.net


signature.asc
Description: Digital signature

Bug#898819: enigmail: Asks to trust my evil32 twin key

[Uwe Kleine-König]

Package: enigmail
Version: 2:2.0.2-1
Severity: normal

Hello,

from time to time I get an enigmail information dialog reading:

Your secret key "Uwe Kleine-König " (key ID 307F
F63B BBD2 84AF BEE8 BCBF 13CC 4EB4 3266 9BD6) has missing trust.

We recommend that you set "You rely on certifications" to
ultimate in key properties.

[ ] Do not show me this dialog again

{ Open Key Properties } { Close }

This is irritating (and IMHO dangerous) because all configured accounts
use explicitly my real key. (In the Account Settings for the
u...@kleine-koenig.org address (and all others, too) I have selected "Use
specific OpenPGP key ID: 0x0D2511F322BFAB1C1580266BE2DCDD9132669BD6".)
So enigmail shouldn't even consider
307FF63BBBD284AFBEE8BCBF13CC4EB432669BD6.

Best regards
Uwe

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (700, 'testing'), (600, 'unstable'), (500, 'unstable-debug'), 
(500, 'stable'), (499, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.16.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages enigmail depends on:
ii  gnupg2.2.5-1
ii  gnupg-agent  2.2.5-1
ii  gnupg2   2.2.5-1
ii  gpg-agent [gnupg-agent]  2.2.5-1
ii  thunderbird  1:52.7.0-1

Versions of packages enigmail recommends:
ii  pinentry-gnome3 [pinentry-x11]  1.1.0-1+b1

enigmail suggests no packages.

-- no debconf information

Bug#898820: libicu-dev is not Multi-Arch compatible

[Francois Gouget]

Package: libicu-dev
Version: 57.1-9
Severity: normal

Dear Maintainer,

libicu-dev is not multi-arch aware, causing the i386 version to conflict
with the amd64 one which makes it impossible to install both. As a
result the /usr/lib/i386-linux-gnu/libicu*.so symbolic links are missing
so that developping 32 bit applications using this library is
impossible on a 64 bit system.

In turn this impacts Wine development as it needs to support both 32 and
64 bit Windows applications and needs libxml2-dev for that. libxml2-dev
itself is multi-arch same but it depends on libicu-dev and thus it's
impossible to install both versions of libxml2-dev at the same time.

The lack of multi-arch support in libicu-dev also breaks multi-arch
support in the following packages: fis-gtm-6.3-003a libboost-regex1.62-dev
libcdr-dev libe-book-dev libharfbuzz-dev libical-dev libmspub-dev
libvisio-dev libxslt1-dev. So the impact is quite wide ranging.


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.16.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr:en_US (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libicu-dev depends on:
ii  icu-devtools 57.1-9
ii  libc6-dev [libc-dev] 2.27-3
ii  libicu57 57.1-9
ii  libstdc++-5-dev [libstdc++-dev]  5.4.1-4
ii  libstdc++-6-dev [libstdc++-dev]  6.4.0-12
ii  libstdc++-7-dev [libstdc++-dev]  7.3.0-17

libicu-dev recommends no packages.

Versions of packages libicu-dev suggests:
pn  icu-doc  

-- no debconf information

Bug#898821: maven-plugin-tools: FTBFS with Java 10 due to com.sun.tools.doclets removal

[Emmanuel Bourg]

Source: maven-plugin-tools
Severity: serious
Tags: sid buster
User: debian-j...@lists.debian.org
Usertags: default-java10
Forwarded: https://issues.apache.org/jira/browse/MPLUGIN-339

maven-plugin-tools fails to build with Java 10 due to the removal
of the com.sun.tools.doclets API:

  [INFO] -
  [ERROR] COMPILATION ERROR : 
  [INFO] -
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoAggregatorTypeTaglet.java:[26,29]
 package com.sun.tools.doclets does not exist
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/AbstractMojoTaglet.java:[34,29]
 package com.sun.tools.doclets does not exist
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/AbstractMojoTaglet.java:[50,16]
 cannot find symbol
symbol: class Taglet
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoAggregatorTypeTaglet.java:[108,46]
 cannot find symbol
symbol:   class Taglet
location: class 
org.apache.maven.tools.plugin.javadoc.MojoAggregatorTypeTaglet
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoGoalTypeTaglet.java:[26,29]
 package com.sun.tools.doclets does not exist
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoGoalTypeTaglet.java:[107,46]
 cannot find symbol
symbol:   class Taglet
location: class org.apache.maven.tools.plugin.javadoc.MojoGoalTypeTaglet
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoRequiresProjectTypeTaglet.java:[26,29]
 package com.sun.tools.doclets does not exist
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoRequiresProjectTypeTaglet.java:[108,46]
 cannot find symbol
symbol:   class Taglet
location: class 
org.apache.maven.tools.plugin.javadoc.MojoRequiresProjectTypeTaglet
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoExecuteTypeTaglet.java:[26,29]
 package com.sun.tools.doclets does not exist
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoExecuteTypeTaglet.java:[113,46]
 cannot find symbol
symbol:   class Taglet
location: class org.apache.maven.tools.plugin.javadoc.MojoExecuteTypeTaglet
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoPhaseTypeTaglet.java:[26,29]
 package com.sun.tools.doclets does not exist
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoPhaseTypeTaglet.java:[107,46]
 cannot find symbol
symbol:   class Taglet
location: class org.apache.maven.tools.plugin.javadoc.MojoPhaseTypeTaglet
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoRequiresDirectInvocationTypeTaglet.java:[26,29]
 package com.sun.tools.doclets does not exist
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoRequiresDirectInvocationTypeTaglet.java:[108,46]
 cannot find symbol
symbol:   class Taglet
location: class 
org.apache.maven.tools.plugin.javadoc.MojoRequiresDirectInvocationTypeTaglet
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoExecutionStrategyTypeTaglet.java:[26,29]
 package com.sun.tools.doclets does not exist
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoExecutionStrategyTypeTaglet.java:[107,46]
 cannot find symbol
symbol:   class Taglet
location: class 
org.apache.maven.tools.plugin.javadoc.MojoExecutionStrategyTypeTaglet
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoRequiresDependencyCollectionTypeTaglet.java:[22,29]
 package com.sun.tools.doclets does not exist
  [ERROR] 
/build/1st/maven-plugin-tools-3.5/maven-plugin-tools-javadoc/src/main/java/org/apache/maven/tools/plugin/javadoc/MojoRequiresDependencyCollectionTypeTaglet.java:[110,46]
 cannot find symbol
symbol:   class Taglet
location: class 
org.apache.maven.tools.plugin.javadoc.MojoRequiresDependencyCollectionTypeTaglet
  [ERROR] 
/build/1st/maven-plugin-

Bug#898790: r-cran-shiny: [RC] embedded copy of normalize.css

[Bastien ROUCARIES]

On Wed, May 16, 2018 at 8:18 AM, Andreas Tille  wrote:
> Hi Bastien,
>
> thanks for your QA work to decruft our code base.
>
> On Tue, May 15, 2018 at 10:48:12PM +0200, Bastien ROUCARIÈS wrote:
>> Package: r-cran-shiny
>> Version: 1.0.5+dfsg-4
>> Severity: serious
>> Justification: Policy 4.13
>>
>> This package include embedded copy of normalize.css
>> /usr/share/libreoffice/help/normalize.css
>
> I guess you used the same text for all bugs about normalize.css.  r-cran-shiny
> ships the copy in
>
>/usr/lib/R/site-library/shiny/www/shared/ionrangeslider/css/normalize.css
>
>> Please use the package libjs-normalize.css instead to use local copy
>
> I can not find a package libjs-normalize.css and when trying

It was just uploaded to unstable. It is a virtual package that is in
fact node-normalize.css.

But it is better to depends on  libjs-normalize.css

Bastien
>
> $ apt-file search normalize.css
> cargo-doc: /usr/share/doc/cargo-doc/doc/normalize.css
> cargo-doc: /usr/share/doc/cargo-doc/doc/stylesheets/normalize.css
> coffeescript-doc: 
> /usr/share/doc/coffeescript/html/annotated-source/public/stylesheets/normalize.css
> coffeescript-doc: 
> /usr/share/doc/coffeescript/html/public/stylesheets/normalize.css
> glances: 
> /usr/lib/python3/dist-packages/glances/outputs/static/css/normalize.css
> glances: 
> /usr/lib/python3/dist-packages/glances/outputs/static/public/css/normalize.css
> grafana-data: /usr/share/grafana/missing-sources/normalize.css
> grafana-data: /usr/share/grafana/missing-sources/normalize.css.url
> icingaweb2: /usr/share/icingaweb2/public/css/vendor/normalize.css
> ldap-account-manager: 
> /usr/share/ldap-account-manager/style/responsive/105_normalize.css
> libreoffice-help-common: /usr/share/libreoffice/help/normalize.css
> r-cran-shiny: 
> /usr/lib/R/site-library/shiny/www/shared/ionrangeslider/css/normalize.css
> recon-ng: /usr/share/recon-ng/recon/core/web/static/normalize.css
> rust-doc: /usr/share/doc/rust-doc/html/normalize.css
> rust-src: /usr/src/rustc-1.24.1/src/librustdoc/html/static/normalize.css
> rust-src: /usr/src/rustc-1.25.0/src/librustdoc/html/static/normalize.css
> sympa: /usr/share/sympa/static_content/external/foundation/css/normalize.css
>
> I can only find packages which probably received your bug report but not
> a real solution how to fix this.
>
> Kind regards
>
>Andreas.
>
> --
> http://fam-tille.de

Bug#898822: [RFC] Detect data embeded image in html like file

[Bastien ROUCARIES]

Package: lintian
Version: 2.5.86
Severity: minor


Hi,


This is maybe a hot topic, so ask for comment

A not so well know feature of html format is the DATA uri scheme that
allow to embded some stuff like image in html file (see
https://en.wikipedia.org/wiki/Data_URI_scheme).

I am sure that base64 encoded stuff like image are not considered as
prefered form of modification, and I believe that lintian should
detect in source file this kind of use, in order to help ftpmaster
work.


They are also security implication and I think it is good to detect
this kind of stuff.

It is easy to implement:
- first move to files.pm privacy-breach logic detection to common
library (this one I need help)
- detect the base64 encoding in privacy-breach logic
- warn pedantically in files.pm for base64 and error in cruft.pm

Any comments ?

Bastien

Bug#898823: does not work for cryptopro test servers

[Dmitry Eremin-Solenikov]

Package: libengine-gost-openssl1.1
Version: 1.1.0.1-1
Severity: normal

Connecting to CryptoPro test servers does not seem to work. No
additional configuration was done to openssl.cnf.

$ openssl s_client -engine gost -connect tlsgost-2001.cryptopro.ru:443
engine "gost" set.
CONNECTED(0003)
140418489987264:error:141710F8:SSL routines:tls_process_server_hello:unknown 
cipher returned:../ssl/statem/statem_clnt.c:1028:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 1009 bytes and written 183 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol  : TLSv1
Cipher: 
Session-ID: AF4AA192F4073C85D989B2FE353303F2E00540B6864EA67829931754CB631AF5
Session-ID-ctx: 
Master-Key: 
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1526462942
Timeout   : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.16.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libengine-gost-openssl1.1 depends on:
ii  libc6  2.27-3
ii  libssl1.1  1.1.0h-2

libengine-gost-openssl1.1 recommends no packages.

libengine-gost-openssl1.1 suggests no packages.

-- no debconf information

Bug#898822: [RFC] Detect data embeded image in html like file

[Chris Lamb]

retitle 898822 Detect data encoded/embedded in HTML "Data" URI schemes
severity 898822 wishlist
tags 898822 + moreinfo
thanks 

Hi Bastien,

[..]

I think some concrete examples here would be useful in triaging/
prioritising this, as well as working out whether it is feasible or
sensible :)


Best wishes,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#898824: btrfs-progs: missing libbtrfs.so.0

[John Wong]

Package: btrfs-progs
Version: 4.16.1-2
Severity: important

Dear Maintainer,

 After upgrade to 4.16.1-2, some prog show the error message,
 like below: (snapper list)
 "snapper: error while loading shared libraries: libbtrfs.so.0:
 cannot open shared object file: No such file or directory"
 Please help, thank you.
*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.16.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages btrfs-progs depends on:
ii  libblkid1  2.32-0.1
ii  libc6  2.27-3
ii  liblzo2-2  2.10-0.1
ii  libuuid1   2.32-0.1
ii  zlib1g 1:1.2.11.dfsg-1

btrfs-progs recommends no packages.

Versions of packages btrfs-progs suggests:
pn  duperemove  

-- no debconf information

Bug#898634: kmail: efail attack against S/MIME

[Sandro Knauß]

Hey,

For S/MIME the situation is that it is a conceptional weakness in the standard 
to remove the target vector completely.

In KMail we have the best handling that we can get at the moment (with default 
settings). KMail never access resources from the internet without asking the 
user or an explicit change of the default setting:
Settings > Configure KMail > Security > Reading > Allow messages to load 
external references from the Internet

There are some small patches, that disable this setting for encrypted 
messages, to enforce a user interaction:

https://phabricator.kde.org/D12391
https://phabricator.kde.org/D12393
https://phabricator.kde.org/D12394

For me applying the patches makes sense to improve security for users, but 
disabling the external resource loading completely would break workflows. 
Those patches are applied for the following Debian packages, where the setting 
is used for everything:
libmessageviewer5  << 4:18.04.1
kmail < 4:18.04.1

As already mentioned, the underlying problem is the S/MIME conceptional 
weaknes, that can't be fixed by those patches.

The stack KMail is using for decryption is GPGME Qt backend that is packaged 
in gpgme1.0 for testing/sid and gpgmepp for stable and older.

I'm not sure, how this should be handled in Debian correctly.

For a more detailed look for KMail and EFail see the dot.kde article:

https://dot.kde.org/2018/05/15/efail-and-kmail

hefee

--
On Montag, 14. Mai 2018 15:33:02 CEST Yves-Alexis Perez wrote:
> Source: kmail
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> Hi,
> 
> as you may already know, a paper was published this morning describing a
> vulnerability known as efail against S/MIME and PGP/MIME implementations
> in various mail clients.
> 
> This vulnerability allows an attacker with read/write access to
> encrypted mail to retrieve the plaintext provided HTML mails are
> enabled, as well as loading of remote content.
> 
> The paper indicates that the PGP/MIME implementation in kmail is not
> vulnerable, but the S/MIME is.
> 
> It might be possible that the vulnerability is in an underlying library,
> so feel free to reassign if needed.
> 
> It's likely we'll have to issue a DSA for this.
> 
> Regards,



signature.asc
Description: This is a digitally signed message part.

Bug#898826: stretch-pu: package profphd in strech unusable

[olivier sallou]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org Usertags: pu
X-CC: debian-med-packag...@lists.alioth.debian.org


Hi,
it appears that profphd in stretch is unusable because it requires an older
perl version (and reject stretch perl version). As such, package should be
removed *or* attached patch could be applied to make it work with current
perl version.

It applies to strech with no additional feature or stuff, those patches
only fix issue of perl version to allow software to run.

Thanks for your advice and patch consideration.

Olivier (on behalf of debian-med team)
Author: Tatiana Malygina 
Description: fix error "Negative repeat count does nothing at" for various 
 lines (including possible places where this error might appear - 
 by semi-autoreplacement)
Last-Update: 2016-08-24

--- a/src/prof/scr/lib/lib-prof.pl
+++ b/src/prof/scr/lib/lib-prof.pl
@@ -1,5 +1,6 @@
 #use Data::Dumper;
 use Carp qw| cluck :DEFAULT |;
+use List::Util qw[max];
 no warnings 'deprecated';
 #--#
 #	CopyrightSep,	1998	   #
@@ -4401,7 +4402,7 @@
 # loop over all alis
 	foreach $itAli (@wantNum){
 	$hssp{"fin",$itAli}.=$hssp{"ali",$itAli,$itRes};
-	$hssp{"fin",$itAli}.="." x (1 + $insMax - length($hssp{"ali",$itAli,$itRes}));
+	$hssp{"fin",$itAli}.="." x max(1 + $insMax - length($hssp{"ali",$itAli,$itRes}), 0);
 	}
 }
 # --
@@ -11580,7 +11581,7 @@
 	next if ($rdb{$kwd}=~/^\s*$/);
 	$tmp{$kwd}=1;
 	$tmp=$kwd; $tmp=~tr/[a-z]/[A-Z]/;
-	push(@tmp2,"# VALUE".$tmp. " " x ($numwhite-length($tmp)) .": ".$rdb{$kwd});
+	push(@tmp2,"# VALUE".$tmp. " " x max($numwhite-length($tmp), 0) .": ".$rdb{$kwd});
 
 # other info
 	if ($kwd =~ /prot_nfar/ && $#otherDistance){
@@ -11595,7 +11596,7 @@
 		$val= $rdb{$kwd,$other};
 		$kwd2=$kwd.$other;}
 		$tmp=$kwd2; $tmp=~tr/[a-z]/[A-Z]/;
-		push(@tmp2,"# VALUE".$tmp. " " x ($numwhite-length($tmp)) .": ".$val);
+		push(@tmp2,"# VALUE".$tmp. " " x max($numwhite-length($tmp), 0) .": ".$val);
 	}}
 }
 
@@ -11618,7 +11619,7 @@
 	next if ($rdb{$kwd}=~/^\s*$/);
 	$tmp{$kwd}=1;
 	$tmp=$kwd; $tmp=~tr/[a-z]/[A-Z]/;
-	push(@tmp2,"# VALUE".$tmp. " " x ($numwhite-length($tmp)) .": ".$rdb{$kwd});}
+	push(@tmp2,"# VALUE".$tmp. " " x max($numwhite-length($tmp), 0) .": ".$rdb{$kwd});}
 push(@tmpwrt,@tmp2,"# ")if ($#tmp2 > 3);
 
 # --
@@ -11634,7 +11635,7 @@
 	@tmpval=split(/\t/,$rdb{$kwd});
 	$tmp=$kwd; $tmp=~tr/[a-z]/[A-Z]/;
 	foreach $tmpval (@tmpval){
-		push(@tmp2,"# VALUE".$tmp. " " x ($numwhiteHtm-length($tmp)) .": ".$tmpval);
+		push(@tmp2,"# VALUE".$tmp. " " x max($numwhiteHtm-length($tmp), 0) .": ".$tmpval);
 	}
 	}
 	push(@tmpwrt,@tmp2,"# ") if ($#tmp2>3);
@@ -11649,7 +11650,7 @@
 	next if ($rdb{$kwd}=~/^\s*$/);
 	$tmp{$kwd}=1;
 	$tmp=$kwd; $tmp=~tr/[a-z]/[A-Z]/;
-	push(@tmp2,"# VALUE".$tmp. " " x ($numwhite-length($tmp)) .": ".$rdb{$kwd});}
+	push(@tmp2,"# VALUE".$tmp. " " x max($numwhite-length($tmp), 0) .": ".$rdb{$kwd});}
 if ($#tmp2>3) { push(@tmpwrt,@tmp2,"# ");
 		$Lnet=1;} else {$Lnet=0;}
 
@@ -11830,12 +11831,12 @@
 
 # --
 # notation: header: protein
-$tmp="HEADER". " " x ($numwhite-6) . ": PROTEIN";
+$tmp="HEADER". " " x max($numwhite-6, 0) . ": PROTEIN";
 push(@tmp2,
 	 "# ",
 #	 "# NOTATION "."-" x length($tmp),
 	 "# "."-" x 72,
-	 "# NOTATION ".$tmp. " " x ($numwhite-length($tmp))
+	 "# NOTATION ".$tmp. " " x max($numwhite-length($tmp), 0)
 	 );
 foreach $kwd ("prot_id","prot_name","prot_nres","prot_nchn","prot_kchn",
 		  "prot_nali","prot_nfar"){
@@ -11843,60 +11844,60 @@
 	next if (! defined $tmp{$kwd});
 	$tmp=$kwd; $tmp=~tr/[a-z]/[A-Z]/;
 	$tmpcontd=$kwd." contd";
-	$tmpdes= "# NOTATION ".$tmp. " " x ($numwhite-length($tmp)) .": ";
-	$tmpdescontd="# NOTATION ".$tmpcontd. " " x ($numwhite-length($tmpcontd)) .": ";
+	$tmpdes= "# NOTATION ".$tmp. " " x max($numwhite-length($tmp), 0) .": ";
+	$tmpdescontd="# NOTATION ".$tmpcontd. " " x max($numwhite-length($tmpcontd), 0) .": ";
 	$notation=$par{"notation",$kwd};
 	$notation=~s/\n/\n$tmpdescontd/g;
 	push(@tmp2,$tmpdes.$notation);}
 
 # --
 # notation: header: alignment
-$tmp="HEADER". " " x ($numwhite-6) . ": ALIGNMENT";
+$tmp="HEADER". " " x max($numwhite-6, 0) . ": ALIGNMENT";
 push(@tmp2,
 	 "# ",
 	 "# "."-" x 72,
-	 "# NOTATION ".$tmp. " " x ($numwhite-length($tmp)));
+	 "# NOTATION ".$tmp. " " x max($numwhite-length($tmp), 0));
 foreach $kwd ("ali_orig","ali_used","ali_para"
 		  ){
 	next if (! defined $par{"notation",$kwd});
 	next if (! defined $tmp{$kwd});
 	$tmpcontd=$kwd." contd";
-	$tmpdes= "# NOTATION ".$tmp. " " x ($numwhite-length($tmp)) .": ";
-	$tmpdescontd="# NOTATION ".$tmpcontd. " " x ($numwhit

Bug#898825: linux-image-4.16.0-1-amd64: KMS/graphics not working on Lenovo P50 with 4.16

[Sam Morris]

Package: src:linux
Version: 4.16.5-1
Severity: normal

When booting 4.16 on my Lenovo P50, the plymouth splash screen never
appears, and I'm left starting at the text that appeared before it tried
to start drawing on the screen.

When booting with plymouth disabled, the system behaves normally until
Xorg starts, where again I'm left starting at the prior screen contents.

In both cases I can eventually reboot with Ctrl+Alt+Del.

In case it's relevant... this particular laptop has a muxless hybrid
graphics configuration.  Plymouth normally happily displays on both the
internal display (via the Intel GPU) and the external one (via the
NVIDIA GPU) without any special configuration. Xorg requires me to run
'xrandr --setprovideroutputsource 0x49 0xd5' to make the NVIDIA outputs
available to Xorg using the Intel GPU, but that doesn't happen until I
log in, and the problem manifests itself when GDM launches Xorg using
only the Intel GPU.

4.15 works fine (well, as good as it can with this POS NVIDIA card...)
:)

** Model information
sys_vendor: LENOVO
product_name: 20EQA063UK
product_version: ThinkPad P50
chassis_vendor: LENOVO
chassis_version: None
bios_vendor: LENOVO
bios_version: N1EET77W (1.50 )
board_vendor: LENOVO
board_name: 20EQA063UK
board_version: SDK0J40697 WIN

** PCI devices:
00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th 
Gen Core Processor Host Bridge/DRAM Registers [8086:1910] (rev 07)
Subsystem: Lenovo Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor 
Host Bridge/DRAM Registers [17aa:222e]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: skl_uncore

00:01.0 PCI bridge [0604]: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen 
Core Processor PCIe Controller (x16) [8086:1901] (rev 07) (prog-if 00 [Normal 
decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport
Kernel modules: shpchp

00:02.0 VGA compatible controller [0300]: Intel Corporation HD Graphics 530 
[8086:191b] (rev 06) (prog-if 00 [VGA controller])
Subsystem: Lenovo HD Graphics 530 [17aa:222e]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: i915
Kernel modules: i915

00:14.0 USB controller [0c03]: Intel Corporation Sunrise Point-H USB 3.0 xHCI 
Controller [8086:a12f] (rev 31) (prog-if 30 [XHCI])
Subsystem: Lenovo Sunrise Point-H USB 3.0 xHCI Controller [17aa:222e]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: xhci_hcd
Kernel modules: xhci_pci

00:14.2 Signal processing controller [1180]: Intel Corporation Sunrise Point-H 
Thermal subsystem [8086:a131] (rev 31)
Subsystem: Lenovo Sunrise Point-H Thermal subsystem [17aa:222e]
Control: I/O- Mem+ BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: intel_pch_thermal
Kernel modules: intel_pch_thermal

00:16.0 Communication controller [0780]: Intel Corporation Sunrise Point-H CSME 
HECI #1 [8086:a13a] (rev 31)
Subsystem: Lenovo Sunrise Point-H CSME HECI [17aa:222e]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: mei_me
Kernel modules: mei_me

00:17.0 SATA controller [0106]: Intel Corporation Sunrise Point-H SATA 
controller [AHCI mode] [8086:a102] (rev 31) (prog-if 01 [AHCI 1.0])
Subsystem: Lenovo Sunrise Point-H SATA controller [AHCI mode] 
[17aa:222e]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz+ UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: ahci
Kernel modules: ahci

00:1c.0 PCI bridge [0604]: Intel Corporation Sunrise Point-H PCI Express Root 
Port #1 [8086:a110] (rev f1) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
Pri

Bug#898634: kmail: efail attack against S/MIME

[Yves-Alexis Perez]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Wed, 2018-05-16 at 11:44 +0200, Sandro Knauß wrote:
> Hey,

Hi Sandro, thanks for the update on this.
> 
> For S/MIME the situation is that it is a conceptional weakness in the 
> standard 
> to remove the target vector completely.

Agreed, and I'm unsure what we can do about it in Debian right now, besides
mitigation for backchannels.
> 
> In KMail we have the best handling that we can get at the moment (with 
> default 
> settings). KMail never access resources from the internet without asking the 
> user or an explicit change of the default setting:
> Settings > Configure KMail > Security > Reading > Allow messages to load 
> external references from the Internet

Ok. Other clients like Evolution and Trojita also had an issue with DNS
prefetching which could be re-enabled in Webkit. Not sure on what library
KMail relies for HTML rending but it might be worth checking that too?

See https://bugs.webkit.org/show_bug.cgi?id=182924 for the webkit bug (with
links to the Evolution and Trojita ones).
> 
> There are some small patches, that disable this setting for encrypted 
> messages, to enforce a user interaction:
> 
> https://phabricator.kde.org/D12391
> https://phabricator.kde.org/D12393
> https://phabricator.kde.org/D12394
> 
> For me applying the patches makes sense to improve security for users, but 
> disabling the external resource loading completely would break workflows. 
> Those patches are applied for the following Debian packages, where the
> setting 
> is used for everything:
> libmessageviewer5  << 4:18.04.1
> kmail < 4:18.04.1

Thanks, that's good to know.
> 
> As already mentioned, the underlying problem is the S/MIME conceptional 
> weaknes, that can't be fixed by those patches.
> 
> The stack KMail is using for decryption is GPGME Qt backend that is
> packaged 
> in gpgme1.0 for testing/sid and gpgmepp for stable and older.
> 
> I'm not sure, how this should be handled in Debian correctly.

I'm not sure either, to be honest.
> 
> For a more detailed look for KMail and EFail see the dot.kde article:
> 
> https://dot.kde.org/2018/05/15/efail-and-kmail

That article indicates KMail uses GnuPG for S/MIME, which I find a bit weird.
- -- 
Yves-Alexis
-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlr8AQkACgkQ3rYcyPpX
RFvIOQf/YLo7d/Fgy8CCPYH+rwiS0A+EwzXQZhCCykF4nk9lGH3uwQHGa9a4UdJT
FuCBu3krxPUymczIsT+p0XCUBuindZ8wknMzkqJ9rRXGN0L3634Cau7CgSA4e84H
bG1EMMfWxx2wwAjaK3dAXHF4gAUXRVfpKMdJEpidFiXZ9ixZtCKSyhM2AaF+IYli
I8kVG6gzOxrEwo+2BbQOjo+e25be19HoktnQAFbBEafVIwcjQSrop5Y4A6cXkJ5P
CT0tzc+VloCIgDwQHEkUCyM3rXJbkklgZWmTXhhDU1lMteZixnXU5uB2Gc5akW4q
alumMVM6AXu9NzAe+PioFrChglkixQ==
=2SgF
-END PGP SIGNATURE-

Bug#894510: debhelper: Because it is listing tmpfiles in systemd's only, conf overriding is not working

[Seyeong Kim]

Hello

I noticed that tmpfiles are built based on systemd source directory not local 
machine /

e.g debian/systemd/usr/lib/tmpfiles.d/x11.conf

so 00rsyslog.conf file ( from rsyslog pkg, in /usr/lib/tmpfiles.d/ ) is not 
there

I checked this with dh_installinit —no-start

I understand override feature(actually i misunderstood it )

no way to do this based on installed tmpfiles?( or not recommended ? )

## dh_installinit

        if (!$dh{NOSCRIPTS}) {
                # Include postinst-init-tmpfiles if the package ships any files
                # in /usr/lib/tmpfiles.d or /etc/tmpfiles.d
                my @tmpfiles;
                find({
                        wanted => sub {
                                my $name = $File::Find::name;
                                return unless -f $name;
                                print "Seyeong1 : ".$name."\n";
                                $name =~ s/^\Q$tmp\E//g;
                                print "Seyeong2 : ".$name."\n";
                                if ($name =~ m,^/usr/lib/tmpfiles\.d/, ||
                                        $name =~ m,^/etc/tmpfiles\.d/,) {
                                        print "Seyeong3 : ".$name."\n";
                                        push @tmpfiles, $name;
                                }
                        },
                        no_chdir => 1,
                }, $tmp);
                if (@tmpfiles > 0) {
                        autoscript($package,"postinst", 
"postinst-init-tmpfiles",
                                "s,#TMPFILES#," . join(" ", sort 
@tmpfiles).",g");
                }
        }


generated postinst.debhelper
echo part is what i added

# Automatically added by dh_installinit
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = 
"abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
        # In case this system is running systemd, we need to ensure that all
        # necessary tmpfiles (if any) are created before starting.
        if [ -d /run/systemd/system ] ; then
                echo /usr/lib/tmpfiles.d/debian.conf 
/usr/lib/tmpfiles.d/home.conf /usr/lib/tmpfiles.d/journal-nocow.conf 
/usr/lib/tmpfiles.d/legacy.conf /usr/lib/tmpfiles.d/systemd-nologin.conf 
/usr/lib/tmpfiles.d/systemd.conf /usr/lib/tmpfiles.d/tmp.conf 
/usr/lib/tmpfiles.d/var.conf /usr/lib/tmpfiles.d/x11.conf
                systemd-tmpfiles --create /usr/lib/tmpfiles.d/debian.conf 
/usr/lib/tmpfiles.d/home.conf /usr/lib/tmpfiles.d/journal-nocow.conf 
/usr/lib/tmpfiles.d/legacy.conf /usr/lib/tmpfiles.d/systemd-nologin.conf 
/usr/lib/tmpfiles.d/systemd.conf /usr/lib/tmpfiles.d/tmp.conf 
/usr/lib/tmpfiles.d/var.conf /usr/lib/tmpfiles.d/x11.conf >/dev/null || true
        fi
fi
# End automatically added section
# Automatically added by dh_installdeb
dpkg-maintscript-helper rm_conffile 
/etc/bash_completion.d/systemctl-bash-completion.sh 204-1~ -- "$@"
# End automatically added section
# Automatically added by dh_installdeb
dpkg-maintscript-helper rm_conffile 
/etc/bash_completion.d/systemd-bash-completion.sh 204-1~ -- "$@"
# End automatically added section
# Automatically added by dh_installdeb
dpkg-maintscript-helper mv_conffile /etc/systemd/systemd-logind.conf 
/etc/systemd/logind.conf 204-1~ -- "$@"
# End automatically added section
# Automatically added by dh_installdeb
dpkg-maintscript-helper mv_conffile /etc/systemd/systemd-journald.conf 
/etc/systemd/journald.conf 204-1~ -- "$@"
# End automatically added section
# Automatically added by dh_installdeb
dpkg-maintscript-helper rm_conffile 
/etc/dbus-1/system.d/org.freedesktop.machine1.conf 228-5~ -- "$@"
# End automatically added section
# Automatically added by dh_installdeb
dpkg-maintscript-helper rm_conffile /etc/X11/xinit/xinitrc.d/50-systemd-user.sh 
228-3~ -- "$@"
# End automatically added section





On 12 May 2018, 2:41 AM +0900, Niels Thykier , wrote:
> Seyeong Kim:
> > Hello
> >
> > I tested them but symptom is still there
> >
> > so I put “print “#TMPFILES#” on autoscripts/postinst-init-tmpfiles like 
> > below
> >
> > ###
> > if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ]; then
> > # In case this system is running systemd, we need to ensure that all
> > # necessary tmpfiles (if any) are created before starting.
> > if [ -d /run/systemd/system ] ; then
> >                 print "#TMPFILES#"
> > systemd-tmpfiles --create #TMPFILES# >/dev/null || true
> > fi
> > fi
> > ###
> >
> > and built systemd with this deb helper
> >
> > When installing systemd after build, i got below string ( installed 
> > 00rsyslog.conf in /usr/lib/tmpfiles.d/ and copied to /etc/tmpfiles.d/ )
> >
> > ###
> > Error: no such file "debian.conf home.conf journal-nocow.conf legacy.conf 
> > systemd-nologin.conf systemd.conf tmp.conf var.conf x11.conf"
> >
> > ###
> >
>
> Can you show me the full postinst generated with your patched version?
> AFAICT, neither dh_installinit nor dh_installsystem should pass those
> fil

Bug#898658: f-irc gets SEGV with TERM=xterm-256color

[Sven Joachim]

On 2018-05-16 04:34 -0400, Thomas Dickey wrote:

> On Tue, May 15, 2018 at 08:01:19PM -0400, Thomas Dickey wrote:
>> On Tue, May 15, 2018 at 08:47:38PM +0200, Sven Joachim wrote:
>> > CC'ing ncurses maintainer, it looks like the library might be at fault
>> > here.
>> ...
>> > So it seems that the ncurses library did not allocate enough memory to
>> > hold all the color pairs in sp->_color_pairs, resulting in the eventual
>> > heap buffer overflow.
>> > 
>> > That's how far I have tracked the issue, hopefully Thomas Dickey can
>> > investigate it further and even provide a fix.
>> 
>> I can reproduce this, will see...
>
> The problem is that f-irc asks for pair-content of pairs which it did not
> initialize, and in doing this, found a case I'd overlooked in the logic
> for dynamically allocating the color-pair table last year.
>
> Here's the diff to fix ncurses:
>
> --- ncurses/base/lib_color.c  2018/03/01 15:02:12 1.137
> +++ ncurses/base/lib_color.c  2018/05/16 08:24:08
> @@ -938,9 +938,12 @@
>  if (!ValidPair(sp, pair)) {
>   result = ERR;
>  } else {
> - int fg = FORE_OF(sp->_color_pairs[pair]);
> - int bg = BACK_OF(sp->_color_pairs[pair]);
> + int fg;
> + int bg;
>  
> + _nc_reserve_pairs(sp, pair);
> + fg = FORE_OF(sp->_color_pairs[pair]);
> + bg = BACK_OF(sp->_color_pairs[pair]);
>  #if NCURSES_EXT_FUNCS
>   if (isDefaultColor(fg))
>   fg = -1;

Thanks, that helps. :-)

> f-irc, by the way, hits that function about a hundred times more than
> the worst-case (7.2 million versus 65 thousand).

Yes, the double loop in init_nick_colorpairs() is horribly inefficient.
Try to start f-irc with TERM=xterm-direct, I killed it after two
minutes of using 100% CPU.

> The usual application won't do anything like that...

There's a reason why nobody had noticed the problem earlier, I guess.

Cheers,
   Sven

Bug#898829: netdata: [INTL:fr] French debconf translation update

[Alban Vidal]

Package: netdata
Version: 1.10.0
Severity: wishlist
Tags: patch l10n

Dear Maintainer,

Please find attached the French debconf templates update, proofread by the
debian-l10n-french mailing list contributors.

Best regards,

Alban Vidal
# Translation of netdata debconf templates to French.
# Copyright (C) 2018, French l10n team 
# This file is distributed under the same license as the netdata package.
#
# Translators:
# Alban Vidal , 2018.
msgid ""
msgstr ""
"Project-Id-Version: netdata 1.10.0\n"
"Report-Msgid-Bugs-To: netd...@packages.debian.org\n"
"POT-Creation-Date: 2018-02-27 10:30+0100\n"
"PO-Revision-Date: 2018-05-12 22:25+0100\n"
"Last-Translator: Alban Vidal \n"
"Language-Team: French \n"
"Language: fr\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Lokalize 2.0\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"

#. Type: title
#. Description
#: ../netdata.templates:1001
msgid "netdata: Configuration"
msgstr "netdata : configuration"

#. Type: boolean
#. Description
#: ../netdata.templates:2001
msgid "send emails:"
msgstr "Envoi des courriels :"

#. Type: boolean
#. Description
#: ../netdata.templates:2001
msgid ""
"netdata sends emails for warnings and alerts to root@localhost for "
"monitoring purposes. Potentially this can trigger a lot of emails."
msgstr ""
"netdata envoie des courriels d'avertissement et d'alerte à root@localhost "
"à des fins de surveillance. Potentiellement, cela peut produire l'envoi de "
"beaucoup de courriels."

#. Type: boolean
#. Description
#: ../netdata.templates:2001
msgid "Please choose to enable or disable sending emails."
msgstr ""
"Veuillez choisir si vous souhaitez activer ou non l'envoi des courriels."

#. Type: boolean
#. Description
#: ../netdata.templates:2001
msgid "If unsure, allow it to send emails (default)."
msgstr "Si vous n'êtes pas sûr, autorisez l'envoi des courriels (par défaut)."

Bug#898827: mysql-5.7: [INTL:fr] French debconf translation update

[Alban Vidal]

Package: mysql-5.7
Version: 5.7.21-1
Severity: wishlist
Tags: patch l10n

Dear Maintainer,

Please find attached the French debconf templates update, proofread by the
debian-l10n-french mailing list contributors.

Best regards,

Alban Vidal
# Translation of mysql-5.7 debconf templates to French
# Copyright (C) 2004-2009, 2012, 2017 Debian French l10n team 

# This file is distributed under the same license as the mysql-5.7 packages.
#
# Translators:
# Christian Perrier , 2004, 2006, 2007, 2009, 2012.
# Alban Vidal , 2017, 2018.
msgid ""
msgstr ""
"Project-Id-Version: mysql-5.7 5.7.21-1\n"
"Report-Msgid-Bugs-To: mysql-...@packages.debian.org\n"
"POT-Creation-Date: 2018-01-10 07:21+\n"
"PO-Revision-Date: 2018-05-09 20:00+0100\n"
"Last-Translator: Alban Vidal \n"
"Language-Team: French \n"
"Language: fr\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"debian.org>\n"
"X-Generator: Lokalize 2.0\n"
"Plural-Forms: Plural-Forms: nplurals=2; plural=n>1;\n"

#. Type: note
#. Description
#: ../mysql-server-5.7.templates:2001
msgid "Automatic maintenance of MySQL server daemon disabled"
msgstr "Maintenance automatique du démon du serveur MySQL désactivée"

#. Type: note
#. Description
#: ../mysql-server-5.7.templates:2001
msgid ""
"Packaging maintainer scripts detected a case that it does not know how to "
"handle and cannot continue configuring MySQL. Automatic management of your "
"MySQL installation has been disabled to allow other packaging tasks to "
"complete. For more details, see /etc/mysql/FROZEN."
msgstr ""
"Les scripts des mainteneurs du paquet ont détecté un cas qu'ils ne savent pas "
"gérer et ils ne peuvent pas continuer la configuration de MySQL. La gestion "
"automatique de votre installation MySQL a été désactivée pour permettre aux "
"autres tâches du paquet de s'exécuter correctement. Pour plus de détails, "
"veuillez consulter /etc/mysql/FROZEN."

#. Type: note
#. Description
#: ../mysql-server-5.7.templates:3001
msgid "Important note for NIS/YP users"
msgstr "Note importante pour les utilisateurs NIS/YP"

#. Type: note
#. Description
#: ../mysql-server-5.7.templates:3001
msgid ""
"Using MySQL under NIS/YP requires a mysql user account to be added on the "
"local system with:"
msgstr ""
"L'utilisation de MySQL avec NIS/YP impose l'ajout d'un compte local "
"« mysql » avec la commande :"

#. Type: note
#. Description
#: ../mysql-server-5.7.templates:3001
msgid ""
"You should also check the permissions and ownership of the /var/lib/mysql "
"directory:"
msgstr ""
"Vous devez également vérifier le propriétaire et les droits du "
"répertoire /var/lib/mysql :"

#. Type: boolean
#. Description
#: ../mysql-server-5.7.templates:4001
msgid "Remove all MySQL databases?"
msgstr "Faut-il supprimer toutes les bases de données MySQL ?"

#. Type: boolean
#. Description
#: ../mysql-server-5.7.templates:4001
msgid ""
"The /var/lib/mysql directory which contains the MySQL databases is about to "
"be removed."
msgstr ""
"Le répertoire /var/lib/mysql qui contient les bases de données de MySQL va "
"être supprimé."

#. Type: boolean
#. Description
#: ../mysql-server-5.7.templates:4001
msgid ""
"This will also erase all data in /var/lib/mysql-files as well as /var/lib/"
"mysql-keyring."
msgstr ""
"Cela effacera aussi toutes les données du répertoire /var/lib/mysql-files et "
"du répertoire /var/lib/mysql-keyring."

#. Type: boolean
#. Description
#: ../mysql-server-5.7.templates:4001
msgid ""
"If you're removing the MySQL package in order to later install a more recent "
"version or if a different mysql-server package is already using it, the data "
"should be kept."
msgstr ""
"Si vous prévoyez d'installer une version plus récente de MySQL ou si un "
"autre paquet mysql-server les utilise déjà, vous devriez les conserver."

#. Type: boolean
#. Description
#: ../mysql-server-5.7.templates:5001
msgid "Start the MySQL server on boot?"
msgstr "Faut-il lancer MySQL au démarrage ?"

#. Type: boolean
#. Description
#: ../mysql-server-5.7.templates:5001
msgid ""
"The MySQL server can be launched automatically at boot time or manually with "
"the '/etc/init.d/mysql start' command."
msgstr ""
"MySQL peut être lancé soit au démarrage, soit en entrant la commande « /etc/"
"init.d/mysql start »."

#. Type: password
#. Description
#: ../mysql-server-5.7.templates:6001
msgid "New password for the MySQL \"root\" user:"
msgstr ""
"Nouveau mot de passe de l'utilisateur « root » (superutilisateur) de MySQL :"

#. Type: password
#. Description
#: ../mysql-server-5.7.templates:6001
msgid ""
"While not mandatory, it is highly recommended that you set a password for "
"the MySQL administrative \"root\" user."
msgstr ""
"Il est très fortement recommandé d'établir un mot de passe pour le compte "
"d'administration de MySQL (« root »)."

#. Type: password
#. Description
#: ../mysql-server-5.7.templates:6001
msgid "If this field is left blank, the password will not be changed."
msgstr "S

Bug#898828: horizon: [INTL:fr] French debconf translation update

[Alban Vidal]

Package: horizon
Version: 3_13.0.0-4
Severity: wishlist
Tags: patch l10n

Dear Maintainer,

Please find attached the French debconf templates update, proofread by the
debian-l10n-french mailing list contributors.

Best regards,

Alban Vidal
# Translation of horizon debconf templates to French.
# Copyright (C) 2013, 2018, French l10n team 

# This file is distributed under the same license as the HORIZON package.
#
# Translators:
# Julien Patriarca , 2013.
# Alban Vidal , 2018.
msgid ""
msgstr ""
"Project-Id-Version: horizon 3_13.0.0-4\n"
"Report-Msgid-Bugs-To: hori...@packages.debian.org\n"
"POT-Creation-Date: 2018-02-20 08:18+\n"
"PO-Revision-Date: 2018-05-09 18:15+0100\n"
"Last-Translator: Alban Vidal \n"
"Language-Team: French \n"
"Language: fr\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Lokalize 2.0\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"

#. Type: boolean
#. Description
#: ../openstack-dashboard-apache.templates:2001
msgid "Activate Dashboard and disable default VirtualHost?"
msgstr ""
"Faut-il activer OpenStack Dashboard et désactiver l'hôte virtuel par défaut ?"

#. Type: boolean
#. Description
#: ../openstack-dashboard-apache.templates:2001
msgid ""
"The Apache package sets up a default web site and a default page, configured "
"in /etc/apache2/sites-available/default."
msgstr ""
"Le paquet Apache installe un site Web et une page par défaut, configurés "
"dans /etc/apache2/sites-available/default."

#. Type: boolean
#. Description
#: ../openstack-dashboard-apache.templates:2001
msgid ""
"If this option is not selected, Horizon will be installed using /horizon "
"instead of the webroot."
msgstr ""
"Si cette option n'est pas sélectionnée, Horizon sera installé sur /horizon "
"plutôt qu'à la racine du serveur Web."

#. Type: boolean
#. Description
#: ../openstack-dashboard-apache.templates:2001
msgid ""
"Choose this option to replace that default with the OpenStack Dashboard "
"configuration."
msgstr ""
"Choisissez cette option pour remplacer le réglage par défaut par la "
"configuration d'OpenStack Dashboard."

#. Type: boolean
#. Description
#: ../openstack-dashboard-apache.templates:3001
msgid "Should the Dashboard use HTTPS?"
msgstr "Faut-il utiliser HTTPS pour OpenStack Dashboard ?"

#. Type: boolean
#. Description
#: ../openstack-dashboard-apache.templates:3001
msgid ""
"Select this option if you would like Horizon to be served over HTTPS only, "
"with a redirection to HTTPS if HTTP is in use."
msgstr ""
"Veuillez choisir cette option si vous souhaitez qu'Horizon soit installé sur "
"HTTPS uniquement, avec une redirection vers HTTPS si HTTP est utilisé."

#. Type: string
#. Description
#: ../openstack-dashboard.templates:2001
#| msgid "Allowed hostname(s)"
msgid "Allowed hostname(s):"
msgstr "Nom(s) d'hôte autorisé(s) :"

#. Type: string
#. Description
#: ../openstack-dashboard.templates:2001
msgid ""
"Please enter the list of hostnames that can be used to reach your OpenStack "
"Dashboard server. This is a security measure to prevent HTTP Host header "
"attacks, which are possible even under many seemingly-safe web server "
"configurations."
msgstr ""
"Veuillez saisir la liste des noms d'hôte qui peuvent être utilisés pour "
"joindre votre serveur OpenStack Dashboard. Il s'agit d'une mesure de "
"sécurité afin de prévenir les attaques HTTP, au travers des en-têtes d'hôte, "
"qui sont possibles sur de nombreux serveurs Web dont la configuration paraît "
"sécurisée."

#. Type: string
#. Description
#: ../openstack-dashboard.templates:2001
msgid ""
"Enter values separated by commas. Any space will be removed, so you can add "
"some to make it more readable."
msgstr ""
"Entrez les valeurs séparées par des virgules. Les espaces seront supprimées, "
"mais vous pouvez en ajouter pour plus de lisibilité."

#. Type: string
#. Description
#: ../openstack-dashboard.templates:2001
msgid ""
"Values in this list can be fully qualified names like \"www.example.com\", "
"in which case they will be matched against the request's Host header exactly "
"(case-insensitive, not including port). A value beginning with a period can "
"be used as a subdomain wildcard: \".example.com\" will match example.com, "
"www.example.com, and any other subdomain of example.com. A value of \"*\" "
"will match anything; in this case you are responsible for providing your own "
"validation of the Host header (perhaps in middleware; if so this middleware "
"must be listed first in MIDDLEWARE)."
msgstr ""
"Les valeurs de cette liste peuvent être les noms d'hôte complètement "
"qualifiés tels que « www.example.com », et, dans ce cas, elles seront "
"comparées exactement avec les en-têtes Host de la requête (casse "
"indifférente, sans inclure le numéro de port). Une valeur commençant par un "
"point peut être utilisée en tant que joker de sous-domaine : « .example."
"com » fonctionnera pour « example.com », « www.example.com », ou tout autre "
"sous

Bug#898745: cups-daemon: cups.service spamming log and journal

[Brian Potkin]

tags 898745 upstream
thanks


On Tue 15 May 2018 at 17:31:58 +0200, Yves-Alexis Perez wrote:

> Package: cups-daemon
> Version: 2.2.7-3
> Severity: important
> 
> Hi,
> 
> cups.service seems to spam the syslog and journal with the following
> lines *every minute*:
> 
> May 10 19:06:30 scapa systemd[1]: cups.service: Service hold-off time over, 
> scheduling restart.
> May 10 19:06:30 scapa systemd[1]: cups.service: Scheduled restart job, 
> restart counter is at 428.
> May 10 19:06:30 scapa systemd[1]: Stopped CUPS Scheduler.
> May 10 19:06:30 scapa systemd[1]: Closed CUPS Scheduler.
> May 10 19:06:30 scapa systemd[1]: Stopping CUPS Scheduler.
> May 10 19:06:30 scapa systemd[1]: Listening on CUPS Scheduler.
> May 10 19:06:30 scapa systemd[1]: Stopped CUPS Scheduler.
> May 10 19:06:30 scapa systemd[1]: Stopping CUPS Scheduler.
> May 10 19:06:30 scapa systemd[1]: Started CUPS Scheduler.
> May 10 19:06:30 scapa systemd[1]: Started CUPS Scheduler.
> May 10 19:07:31 scapa systemd[1]: cups.service: Service hold-off time over, 
> scheduling restart.
> May 10 19:07:31 scapa systemd[1]: cups.service: Scheduled restart job, 
> restart counter is at 429.
> May 10 19:07:31 scapa systemd[1]: Stopped CUPS Scheduler.
> May 10 19:07:31 scapa systemd[1]: Stopped CUPS Scheduler.
> May 10 19:07:31 scapa systemd[1]: Stopping CUPS Scheduler.
> May 10 19:07:31 scapa systemd[1]: Started CUPS Scheduler.
> May 10 19:07:31 scapa systemd[1]: Closed CUPS Scheduler.
> May 10 19:07:31 scapa systemd[1]: Stopping CUPS Scheduler.
> May 10 19:07:31 scapa systemd[1]: Listening on CUPS Scheduler.
> May 10 19:07:31 scapa systemd[1]: Started CUPS Scheduler.
> 
> The cups service seems to be running normally, although I'd prefer
> having it *not* running and only listening on the socket:
> 
> ● cups.service - CUPS Scheduler
>Loaded: loaded (/lib/systemd/system/cups.service; enabled; vendor preset: 
> enabled)
>Active: active (running) since Tue 2018-05-15 17:30:40 CEST; 20s ago
>  Docs: man:cupsd(8)
>  Main PID: 15235 (cupsd)
> Tasks: 1 (limit: 4915)
>Memory: 2.3M
>CGroup: /system.slice/cups.service
>└─15235 /usr/sbin/cupsd -l
> 
> May 15 17:30:40 scapa systemd[1]: Started CUPS Scheduler.

Hello Yves-Alexis. Thank you for your report.

This is probably Issue #5297:

https://github.com/apple/cups/pull/5297

Try replacing "Restart=always" with "Restart=on-failure" in cups.service.

Regards,

Brian.

Bug#898830: weboob-qt: qgalleroob from /usr/share/applications/qgalleroob.desktop cannot be found in $PATH

[Axel Beckert]

Package: weboob-qt
Version: 1.3-1

Hi,

/usr/share/applications/qgalleroob.desktop refers to a binary called
qgalleroob, but this binary cannot be found on my system, just
/usr/lib/python2.7/dist-packages/weboob/applications/qgalleroob/qgalleroob.py.

So either there is a symlink or binary not shipping in /usr/bin/ or the
command in the .desktop file is wrong.

I noticed the issue due to a warning by
/usr/share/flwm/generate-flwm-menu-from-desktop-files.

But this is actually also reported by lintian at
https://lintian.debian.org/maintainer/rom...@symlink.me.html#weboob

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (980, 'unstable-debug'), (600, 'testing'), 
(111, 'buildd-unstable'), (111, 'buildd-experimental'), (110, 'experimental'), 
(105, 'experimental-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 4.15.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages weboob-qt depends on:
ii  python 2.7.15~rc1-1
ii  python-pyqt5   5.10.1+dfsg-2
ii  python-weboob  1.3-1

Versions of packages weboob-qt recommends:
pn  python-pyqt5.qtmultimedia  

weboob-qt suggests no packages.

-- no debconf information

Bug#898831: charliecloud: [INTL:fr] French debconf translation update

[Alban Vidal]

Package: charliecloud
Version: 0.2.3-2
Severity: wishlist
Tags: patch l10n

Dear Maintainer,

Please find attached the French debconf templates update, proofread by the
debian-l10n-french mailing list contributors.

Best regards,

Alban Vidal
# Translation of charliecloud debconf templates to French.
# Copyright (C) 2018, French l10n team 
# This file is distributed under the same license as the charliecloud package.
#
# Translators:
# Alban Vidal , 2018.
msgid ""
msgstr ""
"Project-Id-Version: charliecloud 0.2.3-2\n"
"Report-Msgid-Bugs-To: charliecl...@packages.debian.org\n"
"POT-Creation-Date: 2018-04-23 23:40+0200\n"
"PO-Revision-Date: 2018-05-12 22:30+0100\n"
"Last-Translator: Alban Vidal \n"
"Language-Team: French \n"
"Language: fr\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Lokalize 2.0\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"

#. Type: note
#. Description
#: ../charliecloud.templates:1001
msgid "Unprivileged user namespaces are disabled in the running kernel"
msgstr ""
"Les espaces de noms d'utilisateur non privilégiés sont désactivés dans le "
"noyau en cours d'exécution."

#. Type: note
#. Description
#: ../charliecloud.templates:1001
msgid ""
"To use Charliecloud unprivileged user namespaces need to be enabled. This is "
"done by running the following commands as root:"
msgstr ""
"Pour pouvoir utiliser Charliecloud, les espaces de noms d'utilisateur non "
"privilégiés doivent être activés. Cela peut être fait en exécutant les "
"commandes suivantes en tant que superutilisateur (root) :"

#. Type: note
#. Description
#: ../charliecloud.templates:1001
msgid ""
"echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns."
"conf"
msgstr ""
"echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns."
"conf"

#. Type: note
#. Description
#: ../charliecloud.templates:1001
msgid "service procps restart"
msgstr "service procps restart"

Bug#832132: /etc/init.d/radicale start does not work

[Karl Heisenberg]

Hi,
the init.d script works after changing permissions.In my case I have solved by
chown -R radicale:adm /etc/radicale


BestRoberto

Bug#898634: kmail: efail attack against S/MIME

[Sandro Knauß]

> Ok. Other clients like Evolution and Trojita also had an issue with DNS
> prefetching which could be re-enabled in Webkit. Not sure on what library
> KMail relies for HTML rending but it might be worth checking that too?
> 
> See https://bugs.webkit.org/show_bug.cgi?id=182924 for the webkit bug (with
> links to the Evolution and Trojita ones).

KMail using QtWebEngine ( based on Chromium engine) to display content. So far 
I think it is not affected as it is not listed in the efail paper:
https://efail.de/efail-attack-paper.pdf, page 20

> > There are some small patches, that disable this setting for encrypted
> > messages, to enforce a user interaction:
> > 
> > https://phabricator.kde.org/D12391
> > https://phabricator.kde.org/D12393
> > https://phabricator.kde.org/D12394
> > 
> > For me applying the patches makes sense to improve security for users, but
> > disabling the external resource loading completely would break workflows.
> > Those patches are applied for the following Debian packages, where the
> > setting
> > is used for everything:
> > libmessageviewer5  << 4:18.04.1
> > kmail < 4:18.04.1
> 
> Thanks, that's good to know.

Should I prepare a update with those patches for stable?

> > For a more detailed look for KMail and EFail see the dot.kde article:
> > 
> > https://dot.kde.org/2018/05/15/efail-and-kmail
> 
> That article indicates KMail uses GnuPG for S/MIME, which I find a bit
> weird. 
Okay it is simplyfied a lot - but in the end... GPGME itself using gpg-agent 
etc. to request the work, so in the end it is the normal GnuPG pipeline, that 
is doing the work, without parsing comandline output :) But for more detailed 
look I wrote a blog post about the whole crypto stack some while ago:
https://exote.ch/blogs/sandro/kontact-and-gnupg-under-windows/

hefee


signature.asc
Description: This is a digitally signed message part.

Bug#408226: dh_movefiles should have a --prune-empty option

[Niels Thykier]

Control: tags -1 wontfix

On Wed, 24 Jan 2007 11:19:26 + Ian Jackson
 wrote:
> Package: debhelper
> Version: 5.0.42
> Severity: wishlist
> 
> It would be nice if dh_movefiles had the ability to prune the empty
> directories which often result.
> 
> Ian.
> 
> 

Hi,

This bug is rather old and I suspect that the landscape has changed
since then.  At least, dh_install is and has been recommended over
dh_movefiles for quite a while.

As it is, I see no renaissance or revival for dh_movefiles - it will
remain for the packages that still use it, but I am not planning a new
features or changes to its interface.  Accordingly, I am now tagging
this bug as "wontfix".

Thanks,
~Niels

Bug#898832: ecere-sdk: FTBFS on i386: /usr/lib/gcc/i686-linux-gnu/7/include/stddef.h:435:78: error: syntax error

[Sven Joachim]

Source: ecere-sdk
Version: 0.44.15-1
Severity: serious
Tags: buster sid

Your package fails to build on i386[1] with a rather bogus syntax error:

,
| Building 2nd stage ecere...
| make[2]: Entering directory '/tmp/ecere-sdk-0.44.15/ecere'
| /usr/lib/gcc/i686-linux-gnu/7/include/stddef.h:435:78: error: syntax error
| Makefile:1078: recipe for target 'obj/release.linux/EARArchive.c' failed
| make[2]: *** [obj/release.linux/EARArchive.c] Error 1
`

Possible fixes in the upstream git repository, which I have not tested
at all:

https://github.com/ecere/ecere-sdk/commit/73e2e8c1f1e1963cfad0ae4b9866cd159a0c3ece
https://github.com/ecere/ecere-sdk/commit/9085cb19656728b5ccdbbbe26377ad5112513d01


1. 
https://buildd.debian.org/status/fetch.php?pkg=ecere-sdk&arch=i386&ver=0.44.15-1%2Bb2&stamp=1526325541&raw=0

Bug#898448: reopening 898448

[Mike Gabriel]

Control: reassign -1 vinagre
Control: found -1 3.22.0-5

Hi,

I had more chat exchange with upstream and we both did some tests in  
Debian sid VMs with vinagre and freerdp2.


On  Mi 16 Mai 2018 00:11:53 CEST, Josh Triplett wrote:


reopen 898448
thanks

I can still reproduce this segfault with the patched libfreerdp2-2 in
current unstable.


akallabeth from FreeRDP2 posted on the upstream tracker:

```
found the issue, looks like vinagre does session disconnect regardless  
of connection state. The behaviour slightly changed since freerdp `1`  
and was buggy for quite some time in `2` (which is why this might have  
gone unnoticed)

```

And on IRC:

```
11:34 < _akallabeth_> sunweaver: hmm, interesting, getting segfaults  
in different areas with a fresh debian sid
11:35 < _akallabeth_> sunweaver: starts to smell like there is  
something wrong in vinagre too

11:52 < _akallabeth_> sunweaver: ah, got it.
11:54 < _akallabeth_> looks like freerdp_disconnect is called  
regardless of connection success state
11:59 < _akallabeth_> sunweaver: so that calls freerdp_disconnect  
twice (once to clean up resources in connect and another time afterward)
12:03 < _akallabeth_> same for gdi_init/gdi_free, that is handled  
optimistic in vinagre (post disconnect may never fail, not even the  
library internals)

```

In vinagre, the gdi_free and context_disconnect functions should only  
be called if there is something to disconnect or to free...


Thus, reassigning to vinagre with this message. Thanks!

Hope that helps,
Mike
--

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
mobile: +49 (1520) 1976 148
landline: +49 (4354) 8390 139

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de



pgp2ELUtLhpwp.pgp
Description: Digitale PGP-Signatur

Bug#898833: icinga2-common: included postgres checkcommand using wrong path

[Jens Holzkämper]

Package: icinga2-common
Version: 2.6.0-2
Severity: normal
Tags: patch

/usr/share/icinga2/include/plugins-contrib.d/databases.conf defines a couple of 
CheckCommands for databases. The one defined for postgres references 
[ PluginContribDir + "/check_postgres.pl" ] as command but the check_postgres 
package in Debian installs to /usr/bin/check_postgres; so the following patch 
should fix this:



Description: Configuration changes for Debian
- change commmand for CheckCommand postgres to correct path
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- /usr/share/icinga2/include/plugins-contrib.d/databases.conf
+++ /usr/share/icinga2/include/plugins-contrib.d/databases2.conf
@@ -419,7 +419,7 @@
 object CheckCommand "postgres" {
import "ipv4-or-ipv6"
 
-   command = [ PluginContribDir + "/check_postgres.pl" ]
+   command = [ "/usr/bin/check_postgres" ]
 
arguments = {
"-H" = {




-- System Information:
Debian Release: 9.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-6-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages icinga2-common depends on:
ii  adduser  3.115
ii  init-system-helpers  1.48
ii  lsb-base 9.20161125
ii  lsb-release  9.20161125

Versions of packages icinga2-common recommends:
ii  logrotate  3.11.0-0.1

icinga2-common suggests no packages.

Bug#898825: linux-image-4.16.0-1-amd64: KMS/graphics not working on Lenovo P50 with 4.16

[Sam Morris]

I noticed that after a few minutes, the kernel logs additional messages.
Aside from libvirt, the tasks all appear to be stuck inside nouveau/drm
funtions.

May 16 11:15:20 kernel: INFO: task kworker/7:0:53 blocked for more than 120 
seconds.
May 16 11:15:20 kernel:   Tainted: G   O 4.16.0-1-amd64 #1 
Debian 4.16.5-1
May 16 11:15:20 kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" 
disables this message.
May 16 11:15:20 kernel: kworker/7:0 D053  2 0x8000
May 16 11:15:20 kernel: Workqueue: events output_poll_execute [drm_kms_helper]
May 16 11:15:20 kernel: Call Trace:
May 16 11:15:20 kernel:  ? __schedule+0x291/0x870
May 16 11:15:20 kernel:  schedule+0x28/0x80
May 16 11:15:20 kernel:  schedule_preempt_disabled+0xa/0x10
May 16 11:15:20 kernel:  __mutex_lock.isra.1+0x1a0/0x4e0
May 16 11:15:20 kernel:  ? drm_setup_crtcs+0x104/0xaf0 [drm_kms_helper]
May 16 11:15:20 kernel:  drm_setup_crtcs+0x104/0xaf0 [drm_kms_helper]
May 16 11:15:20 kernel:  ? schedule_preempt_disabled+0xa/0x10
May 16 11:15:20 kernel:  __drm_fb_helper_initial_config_and_unlock+0x3d/0x450 
[drm_kms_helper]
May 16 11:15:20 kernel:  output_poll_execute+0xa2/0x1b0 [drm_kms_helper]
May 16 11:15:20 kernel:  process_one_work+0x17b/0x360
May 16 11:15:20 kernel:  worker_thread+0x2e/0x390
May 16 11:15:20 kernel:  ? process_one_work+0x360/0x360
May 16 11:15:20 kernel:  kthread+0x113/0x130
May 16 11:15:20 kernel:  ? kthread_create_worker_on_cpu+0x70/0x70
May 16 11:15:20 kernel:  ret_from_fork+0x35/0x40
May 16 11:15:20 kernel: INFO: task kworker/0:1:58 blocked for more than 120 
seconds.
May 16 11:15:20 kernel:   Tainted: G   O 4.16.0-1-amd64 #1 
Debian 4.16.5-1
May 16 11:15:20 kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" 
disables this message.
May 16 11:15:20 kernel: kworker/0:1 D058  2 0x8000
May 16 11:15:20 kernel: Workqueue: pm pm_runtime_work
May 16 11:15:20 kernel: Call Trace:
May 16 11:15:20 kernel:  ? __schedule+0x291/0x870
May 16 11:15:20 kernel:  schedule+0x28/0x80
May 16 11:15:20 kernel:  schedule_timeout+0x1ee/0x380
May 16 11:15:20 kernel:  wait_for_completion+0x12c/0x190
May 16 11:15:20 kernel:  ? wake_up_q+0x70/0x70
May 16 11:15:20 kernel:  ? get_work_pool+0x40/0x40
May 16 11:15:20 kernel:  flush_work+0x11e/0x1d0
May 16 11:15:20 kernel:  ? worker_attach_to_pool+0x90/0x90
May 16 11:15:20 kernel:  __cancel_work_timer+0x126/0x1b0
May 16 11:15:20 kernel:  ? enqueue_entity+0x106/0x640
May 16 11:15:20 kernel:  ? pci_pm_runtime_resume+0xa0/0xa0
May 16 11:15:20 kernel:  nouveau_pmops_runtime_suspend+0x38/0xb0 [nouveau]
May 16 11:15:20 kernel:  pci_pm_runtime_suspend+0x61/0x170
May 16 11:15:20 kernel:  ? pci_pm_runtime_resume+0xa0/0xa0
May 16 11:15:20 kernel:  __rpm_callback+0xc7/0x200
May 16 11:15:20 kernel:  ? __switch_to_asm+0x40/0x70
May 16 11:15:20 kernel:  rpm_callback+0x1f/0x70
May 16 11:15:20 kernel:  ? pci_pm_runtime_resume+0xa0/0xa0
May 16 11:15:20 kernel:  rpm_suspend+0x12d/0x610
May 16 11:15:20 kernel:  ? __switch_to_asm+0x34/0x70
May 16 11:15:20 kernel:  ? __switch_to_asm+0x40/0x70
May 16 11:15:20 kernel:  pm_runtime_work+0x6e/0x90
May 16 11:15:20 kernel:  process_one_work+0x17b/0x360
May 16 11:15:20 kernel:  worker_thread+0x2e/0x390
May 16 11:15:20 kernel:  ? process_one_work+0x360/0x360
May 16 11:15:20 kernel:  kthread+0x113/0x130
May 16 11:15:20 kernel:  ? kthread_create_worker_on_cpu+0x70/0x70
May 16 11:15:20 kernel:  ret_from_fork+0x35/0x40
May 16 11:15:20 kernel: INFO: task kworker/7:1:79 blocked for more than 120 
seconds.
May 16 11:15:20 kernel:   Tainted: G   O 4.16.0-1-amd64 #1 
Debian 4.16.5-1
May 16 11:15:20 kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" 
disables this message.
May 16 11:15:20 kernel: kworker/7:1 D079  2 0x8000
May 16 11:15:20 kernel: Workqueue: events_long drm_dp_mst_link_probe_work 
[drm_kms_helper]
May 16 11:15:20 kernel: Call Trace:
May 16 11:15:20 kernel:  ? __schedule+0x291/0x870
May 16 11:15:20 kernel:  schedule+0x28/0x80
May 16 11:15:20 kernel:  schedule_preempt_disabled+0xa/0x10
May 16 11:15:20 kernel:  __mutex_lock.isra.1+0x1a0/0x4e0
May 16 11:15:20 kernel:  ? _cond_resched+0x15/0x40
May 16 11:15:20 kernel:  ? drm_modeset_lock+0x6f/0xf0 [drm]
May 16 11:15:20 kernel:  ? drm_fb_helper_add_one_connector+0x27/0x50 
[drm_kms_helper]
May 16 11:15:20 kernel:  drm_fb_helper_add_one_connector+0x27/0x50 
[drm_kms_helper]
May 16 11:15:20 kernel:  nv50_mstm_register_connector+0x2c/0x50 [nouveau]
May 16 11:15:20 kernel:  drm_dp_add_port+0x31d/0x450 [drm_kms_helper]
May 16 11:15:20 kernel:  ? try_to_del_timer_sync+0x4d/0x80
May 16 11:15:20 kernel:  ? del_timer_sync+0x35/0x40
May 16 11:15:20 kernel:  ? schedule_timeout+0x181/0x380
May 16 11:15:20 kernel:  ? prepare_to_wait_event+0x7d/0x150
May 16 11:15:20 kernel:  ? _cond_resched+0x15/0x40
May 16 11:15:20 kernel:  ? mutex_lock+0xe/0x30
May 16 11:15:20 kernel:  drm_dp_send_link_address+0x168/0x200 [drm_kms_helper]
May 16 11:

Bug#898634: kmail: efail attack against S/MIME

[Yves-Alexis Perez]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Wed, 2018-05-16 at 12:33 +0200, Sandro Knauß wrote:
> > Thanks, that's good to know.
> 
> Should I prepare a update with those patches for stable?

Yes I think it'd be worth it.
> 
> > > For a more detailed look for KMail and EFail see the dot.kde article:
> > > 
> > > https://dot.kde.org/2018/05/15/efail-and-kmail
> > 
> > That article indicates KMail uses GnuPG for S/MIME, which I find a bit
> > weird. 
> Okay it is simplyfied a lot - but in the end... GPGME itself using gpg-agent 
> etc. to request the work, so in the end it is the normal GnuPG pipeline, that 
> is doing the work, without parsing comandline output :) But for more detailed 
> look I wrote a blog post about the whole crypto stack some while ago:
> https://exote.ch/blogs/sandro/kontact-and-gnupg-under-windows/

There's a misunderstanding. My point isn't about PGP/MIME (which is indeed
handled by gnupg, even if through gpgme), but about S/MIME, which I really
don't think it handled by anything related to gnupg.

Regards,
- -- 
Yves-Alexis
-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlr8DW8ACgkQ3rYcyPpX
RFsDIAf8DJe2LkURVnSyWskcAW9zer3zZHkHsWke9FhFbRIzulbMMco4s6bNSGnC
n2jh2VdA/6vdNKPq5LqczAmiZVto8OOeX6unWhoJ/egvTiVgCQLdnnT7NHOh5VXM
2GDssF2DQmvI/rE5WYzNr51DunqAeodzhZeZfGOfjBqugKTgj3bhAiQglvti/Q+L
Y40nQf0yD+00DkDlTcuJGXJSN52HbsepraoS80z3t22SUSwXdEn+dhTMDw+Lh0qh
Kq7AZIrHUT6EvhsIqV75OsJb56+xjOHaGnuSa01SjRooF+ACnG2WPh4W88C/77gq
zlQqqwW8dWws2SdcO3LSKn055PSKow==
=JsqI
-END PGP SIGNATURE-

Bug#258627: dh_movefiles: exclude list should catch non-existent files

[Niels Thykier]

Control: tags -1 wontfix

On Sat, 10 Jul 2004 14:42:00 -0400 Mike Furr  wrote:
> Package: debhelper
> Version: 4.2.13
> Severity: wishlist
> 
> It would be nice if dh_movefiles could handle non-existent entries in
> pkg.files.  As it stands now, it first checks if $file exists and then
> runs it through the exclude filter.  Thus it is somewhat of a pain to
> handle files which are only generated on some architectures.  It would
> be nice if the exists check was removed(by default, or via an option) so
> that the exclude filter could be applied to possible non-existent
> entries.
> 
> 
> [...]


Hi,

This bug is rather old and I suspect that the landscape has changed
since then.  At least, dh_install is and has been recommended over
dh_movefiles for quite a while.

As it is, I see no renaissance or revival for dh_movefiles - it will
remain for the packages that still use it, but I am not planning a new
features or changes to its interface.  Accordingly, I am now tagging
this bug as "wontfix".

Thanks,
~Niels

Bug#894510: debhelper: Because it is listing tmpfiles in systemd's only, conf overriding is not working

[Niels Thykier]

Seyeong Kim:
> Hello
> 
> I noticed that tmpfiles are built based on systemd source directory not local 
> machine /
> 
> e.g debian/systemd/usr/lib/tmpfiles.d/x11.conf
> 
> so 00rsyslog.conf file ( from rsyslog pkg, in /usr/lib/tmpfiles.d/ ) is not 
> there
> 
> I checked this with dh_installinit —no-start
> 
> I understand override feature(actually i misunderstood it )
> 
> no way to do this based on installed tmpfiles?( or not recommended ? )
> 

As I understand it, if we do that we might as well remove the #TMPFILES#
marker in the shell script (as it would be simpler and probably faster
than implementing the same code in shell).  But then we are back to the
place that Michael recommended us to avoid.

Have you considered the options that Michael recommended for Ubuntu?
E.g. correcting the vars.conf in the systemd package.  If so, what is
holding you back from applying that change?

Thanks,
~Niels

Bug#898834: ITP: disperse -- Automatic feature identification in 2D and 3D

[Gürkan Myczko]

Package: wnpp
Severity: wishlist

* Package name: disperse
  Version : 0.9.24
  Upstream Authors: Thierry Sousbie 
* URL : https://github.com/thierry-sousbie/DisPerSE
* License : CeCILL-C or CeCILL-2.0
  Description : Automatic feature identification in 2D and 3D
 DisPerSE stands for "Discrete Persistent Structures Extractor" and its 
main
 purpose is the automatic identification of persistent topological 
features
 such as peaks, voids, walls and in particular filamentary structures 
within

 sampled distributions in 2D, 3D, and possibly more...
 .
 Although it was initially developed with cosmology in mind (for the 
study of
 the properties of filamentary structures in the so called comic web of 
galaxy
 distribution over large scales in the Universe), the present version is 
quite
 versatile and should be useful for any application where a robust 
structure
 identification is required, for segmentation or for studying the 
topology of
 sampled functions (like computing persistent Betti numbers for 
instance).

 .
 It is able to deal directly with noisy datasets using the concept of
 persistence (a measure of the robustness of topological features) and 
can work

 indifferently on many kinds of cell complex (such as structured and
 unstructured grids, 2D manifolds embedded within a 3D space, discrete 
point
 samples using delaunay tesselation, Healpix tesselations of the sphere, 
...).
 The only constraint is that the distribution must be defined over a 
manifold,

 possibly with boundaries.

A working package is available at http://sid.ethz.ch/debian/disperse/

Bug#898835: tracker.debian.org: Should new upstream release be advertised if alpha/beta/rc releases?

[Pierre-Elliott Bécue]

Package: tracker.debian.org
Severity: wishlist

Hi,

The tracker tends to advertise as high priority also alpha/beta
releases.

See[1,2] for examples.

I wonder if these specific upstream releases shouldn't be skipped by the
tracker tasks while updating the new upstream release action item.

Cheers,

-- System Information:
Debian Release: 9.4
  APT prefers stable
  APT policy: (990, 'stable'), (99, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to fr_FR.UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set 
to fr_FR.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#898745: cups-daemon: cups.service spamming log and journal

[Yves-Alexis Perez]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

control: forwarded -1 https://github.com/apple/cups/pull/5297
On Wed, 2018-05-16 at 11:31 +0100, Brian Potkin wrote:
> Hello Yves-Alexis. Thank you for your report.
> 
> This is probably Issue #5297:
> 
> https://github.com/apple/cups/pull/5297
> 
> Try replacing "Restart=always" with "Restart=on-failure" in cups.service.

Yes, it seems to do the trick, thanks for the tip.
- -- 
Yves-Alexis
-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlr8D/oACgkQ3rYcyPpX
RFv3lggA7db8qQtfwDQC4fkDwrYvm2U/CANMPwySjWR5VBUtPE6zMY9BB9cr4Hl/
Dqr5hMCGP1JkjqgpXDh/EYOkCEzwsFfMdTGOq83LsOHRE22ORFXrV20OtQSBt2fA
+iNQ8fs1uDDRyyplpnT8Lr75dGQgJ1+W+rs7tsHjJYUisqPi0OwtV5hUvp4icnKF
CXQwEEE7U0XAT0WX3puGZlKAkOPaTNsWSMfY6rfbmlzJj02tz88ogX8tIGPbjaQM
3KpwUb9zWXTK+wxZu2Hr3+Vq6fMbwo9cm6rLN9lNwBEuqwxwnQ+lVyruNKKr1/kf
CbFNMF7iG8A6fDkHIUwUQ3S2YGmnpw==
=QDPv
-END PGP SIGNATURE-

Bug#898634: kmail: efail attack against S/MIME

[Sandro Knauß]

> There's a misunderstanding. My point isn't about PGP/MIME (which is indeed
> handled by gnupg, even if through gpgme), but about S/MIME, which I really
> don't think it handled by anything related to gnupg.

It is - the binary and package is called gpgsm and is part of gnupg souce 
tarball. GPGME itself can handle PGP/MIME and S/MIME (if gpgsm is installed) 
content transparently. You only tell GPGME what to use.

hefee



signature.asc
Description: This is a digitally signed message part.

Bug#897274: myspell-fo: Refactor package name to hunspell-fo

[Agustin Martin]

On Tue, May 01, 2018 at 09:57:33AM +0200, Pander wrote:
> Package: myspell-fo
> Severity: normal
> Tags: l10n
> 
> Please refactor the name of the package myspell-fo to hunspell-fo. This
> is the only remaining package containing Hunspell dictionaries that has
> the old name from Myspell.

Hi,

Some years ago, when designing the policy for spellchecking dictionaries we
decided to keep the myspell-xx name for dictionaries working only with
myspell and hunspell-xx for dictionaries designed to use hunspell features
(not working with myspell). This is the reason for old names, not a
renaming for the new tool,

http://dict-common.alioth.debian.org/dsdt-policy.html

Regarding languages where there are both myspell-xx and hunspell-xx
available there are two different cases,

 * hunspell-xx is created by same authors as myspell-xx being just am
   updated version with more features. In this case, myspell-xx is made a
   transitional package to hunspell-xx.

 * hunspell-xx and myspell-xx are created by different authors and have
   different features. 
   - In this case, if there is clear consensus that hunspell-xx dict is
 much better than myspell-xx this last one is made a transitional
 package.
   - If there is no clear consensus I prefer to keep both alive and let
 users decide.

If there is only myspell-xx I prefer to follow current policy and keep it as
such. This way we can track better new really hunspell dict if created. This
is the case for myspell-fo and so I prefer not to make the change.

I am cc'ing the dict-common-dev mailing list in case someone else wants to
contribute. Note that this list will soon be disabled.

Unless convinced of a policy change I will mark this as wontfix.

Thanks for your contribution.

Regards,

-- 
Agustin

Bug#898634: kmail: efail attack against S/MIME

[Yves-Alexis Perez]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Wed, 2018-05-16 at 13:04 +0200, Sandro Knauß wrote:
> > There's a misunderstanding. My point isn't about PGP/MIME (which is indeed
> > handled by gnupg, even if through gpgme), but about S/MIME, which I really
> > don't think it handled by anything related to gnupg.
> 
> It is - the binary and package is called gpgsm and is part of gnupg souce 
> tarball. GPGME itself can handle PGP/MIME and S/MIME (if gpgsm is installed) 
> content transparently. You only tell GPGME what to use.

Oh ok, I didn't know about that, thanks. Sorry for the confusion then.

Regards,
- -- 
Yves-Alexis
-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlr8ELAACgkQ3rYcyPpX
RFtfPwf+PsbsKlkG3NfU1uSYvOHmMxemAKerPPQu37/lnQqgw6XDJHcB3ctFv+Lh
aVHsOKe3l4eXgl6RxDQCqPdJe9H2Yf0xkf71y+ah8dOKJ6jS2ghbe2Hir3dmUCqK
nZfcb9DPeEGXmAwJOo+Fb/+Msp2FK9FMZawDSW4VmgrHw0iod00YJZR9dsc3FJuy
Gh4LK4rW7lAuKTblRnOXx2k1bSUiX3zhLP1gIjtFE2nKHEfr42QppKbjLW5CK1Ri
KfLfPuoFWEPGniic/cLkXjO6QX8QsupqvderjO2YxuqFhH30F9Qz9r4H5AR36tV9
i9G0AJEBj7W+2NfV0tCFO30mEcnb4Q==
=cor6
-END PGP SIGNATURE-

Bug#888262: dh_strip: include debug symbols for binary maintainer "scripts"

[Niels Thykier]

On Wed, 24 Jan 2018 13:37:40 +0100 Ansgar Burchardt 
wrote:
> Package: debhelper
> Version: 11.1.2
> Severity: wishlist
> 
> dh_strip should also include debug symbols for maintainer "scripts"
> that are binary programs in the *-dbgsym packages.
> 
> The only example I'm aware of is dash (preinst).
> 
> Ansgar
> 
> 

Having reviewed the code; I /think/ dh_strip does that by default.
However, the default dh sequence calls dh_strip prior to dh_installdeb
(which installs the "maintscripts" files).

AFAICT:

 * dh_strip must be run before dh_gencontrol (or we get inaccurate
   Installed-Size fields)

 * dh_installdeb can be run before or after dh_strip (they have no
   particular relation beyond the one mentioned above).

 * dh_strip + dh_dwz can be run before or after dh_makeshlibs and
   dh_shlibdeps.  (Presumably at some negligible overhead of having
   the tooling to wade through debug info)

 * dh_installdeb wants to be run after dh_makeshlibs and dh_shlibs.
   Notably, there are some compat constraints that require this at the
   moment.

With this, the following sequence should satisfy the constraints (review
welcome):


NEW SEQUENCE:
[...]
dh_compress
dh_fixperms
dh_missing
dh_makeshlibs  # ARCH-only
dh_shlibdeps   # ARCH-only
dh_installdeb
dh_dwz # ARCH-only (compat 12+)
dh_strip   # ARCH-only
dh_gencontrol
dh_md5sums
dh_builddeb


CURRENT SEQUENCE (for comparison):
[...]
dh_compress
dh_fixperms
dh_missing
dh_dwz # ARCH-only (compat 12+)
dh_strip   # ARCH-only
dh_makeshlibs  # ARCH-only
dh_shlibdeps   # ARCH-only
dh_installdeb
dh_gencontrol
dh_md5sums
dh_builddeb

As mentioned; a review is welcome.  Changes to the sequence require a
compat bump, so it can at earliest appear in compat 12.

Thanks,
~Niels

Bug#898637: Pluma text editor crashes when scrolling while hovering over a tab

[C. Masloch]

> I can't reproduce the issue, it works fine here
>
> Do you have the same problem in pluma 1.20.0 ?
>
> If it works fine for you in 1.20.0, then this new feature causes the
bug:
>
> https://github.com/mate-desktop/pluma/pull/276

I installed libgtk-3-dev, libenchant-dev, gobject-introspection,
yelp-tools, and mate-common, and then I did this:

$ git clone git://github.com/mate-desktop/pluma
$ cd pluma
$ git checkout v1.20.0
$ ./autogen.sh && make && sudo make install

This checked out revision 29d362e10ff63935fa1ecc12a0156b43fd3c11b9 and
the bug does not occur any longer in the program compiled from that.
Scrolling while hovering either a filename or the empty space next to
the tab headers does nothing.


I tried re-installing Debian's pluma package, but that didn't restore
the pluma command when run from a terminal. (How do I go back to using
Debian's packages?) Instead, I did this then:

$ git checkout master
$ ./autogen.sh && make && sudo make install

This checked out revision 7b7cd3f48b52cbfb3591a61e43c40492c2ac3a72 and
the bug does happen with that for me.

I've noticed that the bug only occurs when directly pointing at one of
the filenames, or one of the tab close buttons. When pointing either
below the filename (just above the editing area) or pointing into the
empty space to the right of the tab headers, scrolling does switch the
active tab as intended.

Regards,
ecm

Bug#898637: Pluma text editor crashes when scrolling while hovering over a tab

[Mike Gabriel]

Hi,

On  Mi 16 Mai 2018 13:16:41 CEST, C. Masloch wrote:


I can't reproduce the issue, it works fine here

Do you have the same problem in pluma 1.20.0 ?

If it works fine for you in 1.20.0, then this new feature causes the

bug:


https://github.com/mate-desktop/pluma/pull/276


I installed libgtk-3-dev, libenchant-dev, gobject-introspection,
yelp-tools, and mate-common, and then I did this:

$ git clone git://github.com/mate-desktop/pluma
$ cd pluma
$ git checkout v1.20.0
$ ./autogen.sh && make && sudo make install

This checked out revision 29d362e10ff63935fa1ecc12a0156b43fd3c11b9 and
the bug does not occur any longer in the program compiled from that.
Scrolling while hovering either a filename or the empty space next to
the tab headers does nothing.


I tried re-installing Debian's pluma package, but that didn't restore
the pluma command when run from a terminal. (How do I go back to using
Debian's packages?) Instead, I did this then:

$ git checkout master
$ ./autogen.sh && make && sudo make install

This checked out revision 7b7cd3f48b52cbfb3591a61e43c40492c2ac3a72 and
the bug does happen with that for me.

I've noticed that the bug only occurs when directly pointing at one of
the filenames, or one of the tab close buttons. When pointing either
below the filename (just above the editing area) or pointing into the
empty space to the right of the tab headers, scrolling does switch the
active tab as intended.


Thanks for these test. I guess this will greatly help upstream to pin  
down your issue.


Furthermore, I assume you have installed pluma to /usr/local. And I  
assume, that pluma has a proper "sudo make uninstall" target. Try  
that, I hope that works for you.


Mike

--

DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
mobile: +49 (1520) 1976 148
landline: +49 (4354) 8390 139

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de



pgpajJT8hvXso.pgp
Description: Digitale PGP-Signatur

Bug#898832: ecere-sdk: FTBFS on i386: /usr/lib/gcc/i686-linux-gnu/7/include/stddef.h:435:78: error: syntax error

[Jérôme St-Louis]

Dear Sven,

Thank you for the notice.
It would be extremely helpful in solving this rapidly to have a 
quick-link to the exact version of that stddef.h (possibly the other 
libc headers as well if that line refers so something else...).


Were you suggesting those commits because there were __alignof or 
__float128 at that line?


Best regards,

-Jerome

On 2018-05-16 6:34 AM, Sven Joachim wrote:

Source: ecere-sdk
Version: 0.44.15-1
Severity: serious
Tags: buster sid

Your package fails to build on i386[1] with a rather bogus syntax error:

,
| Building 2nd stage ecere...
| make[2]: Entering directory '/tmp/ecere-sdk-0.44.15/ecere'
| /usr/lib/gcc/i686-linux-gnu/7/include/stddef.h:435:78: error: syntax error
| Makefile:1078: recipe for target 'obj/release.linux/EARArchive.c' failed
| make[2]: *** [obj/release.linux/EARArchive.c] Error 1
`

Possible fixes in the upstream git repository, which I have not tested
at all:

https://github.com/ecere/ecere-sdk/commit/73e2e8c1f1e1963cfad0ae4b9866cd159a0c3ece
https://github.com/ecere/ecere-sdk/commit/9085cb19656728b5ccdbbbe26377ad5112513d01


1. 
https://buildd.debian.org/status/fetch.php?pkg=ecere-sdk&arch=i386&ver=0.44.15-1%2Bb2&stamp=1526325541&raw=0

Bug#897274: myspell-fo: Refactor package name to hunspell-fo

[Agustin Martin]

On Wed, May 16, 2018 at 12:52:40PM +0200, Agustin Martin wrote:
> On Tue, May 01, 2018 at 09:57:33AM +0200, Pander wrote:
> > Package: myspell-fo
> > Severity: normal
> > Tags: l10n
> > 
> > Please refactor the name of the package myspell-fo to hunspell-fo. This
> > is the only remaining package containing Hunspell dictionaries that has
> > the old name from Myspell.
> 
> If there is only myspell-xx I prefer to follow current policy and keep it as
> such. This way we can track better new really hunspell dict if created. This
> is the case for myspell-fo and so I prefer not to make the change.
> 
> I am cc'ing the dict-common-dev mailing list in case someone else wants to
> contribute. Note that this list will soon be disabled.

Just to note that the mailing list seems already disabled.

-- 
Agustin

Bug#898836: HTML validator error for templates/popup: Stray end tag "span".

[Martin Michlmayr]

Package: ikiwiki
Version: 3.20170111

While doc/templates/popup.mdwn has 4 opening  and 4 closing
 elements, the generated HTML has 3 opening and 4 closing
statements:

/usr/share/doc/ikiwiki/html/templates/popup.html
[[templatebody <
[]

ENDBODY]]

This leads to:

ERROR:html5validator.validator:"file:/home/tbm/scratch/cvs/spi/html/templates/popup/index.html":81.1-81.7:
 error: Stray end tag "span".

-- 
Martin Michlmayr
https://www.cyrius.com/

Bug#898637: Pluma text editor crashes when scrolling while hovering over a tab

[C. Masloch]

On at 2018-05-16 11:19 +, Mike Gabriel wrote:
> Thanks for these test. I guess this will greatly help upstream to pin
> down your issue.
> 
> Furthermore, I assume you have installed pluma to /usr/local. And I
> assume, that pluma has a proper "sudo make uninstall" target. Try that,
> I hope that works for you.

I did sudo make uninstall and this seems to have restored pluma to
running the version installed from the packages, version 1.20.1 (the
master commit identified itself as 1.21.0 in the About page). Thanks!

Regards,
ecm

Bug#898738: debootstrap fails when specifying components

[Luca Falavigna]

Hi Hideki,

2018-05-16 2:03 GMT+02:00 Hideki Yamane :
>> See attached patch, against the offending commit. It doesn't apply to
>> master as-is because of the by-hash addition.
>
>  Simply initialize "ext" prevents this failure, could you check attached
>  patch, please?

I applied to 1.0.98 package in unstable, and it fixes the problem for me.

-- 
Cheers,
Luca

Bug#894510: debhelper: Because it is listing tmpfiles in systemd's only, conf overriding is not working

[Seyeong Kim]

Yes. Im considering all but leave them last chance.

ok  I’ll have discussion with team based on this thread

Thanks :)

On 16 May 2018, 8:01 PM +0900, Niels Thykier , wrote:
>
>
> As I understand it, if we do that we might as well remove the #TMPFILES#
> marker in the shell script (as it would be simpler and probably faster
> than implementing the same code in shell). But then we are back to the
> place that Michael recom

Bug#898832: ecere-sdk: FTBFS on i386: /usr/lib/gcc/i686-linux-gnu/7/include/stddef.h:435:78: error: syntax error

[Sven Joachim]

Thanks for the quick reply.

On 2018-05-16 06:46 -0400, Jérôme St-Louis wrote:

> Dear Sven,
>
> Thank you for the notice.
> It would be extremely helpful in solving this rapidly to have a
> quick-link to the exact version of that stddef.h (possibly the other
> libc headers as well if that line refers so something else...).

That stddef file is from gcc-7 (or more precisely, from
libgcc-7-dev:i386), not from glibc.  The line is question is this:

#ifdef __i386__
  __float128 __max_align_f128 
__attribute__((__aligned__(__alignof(__float128;
#endif

> Were you suggesting those commits because there were __alignof or
> __float128 at that line?

Indeed.  But, as I said, I haven't looked very closely at these commits.

Cheers,
   Sven

Bug#898738: debootstrap fails when specifying components

[Hideki Yamane]

On Wed, 16 May 2018 13:34:44 +0200
Luca Falavigna  wrote:
> >  Simply initialize "ext" prevents this failure, could you check attached
> >  patch, please?
> 
> I applied to 1.0.98 package in unstable, and it fixes the problem for me.

 Good :)  Then, let's add test for it as attached.

>From fe8dc595667af73c50324e975c7f1186a45e51e1 Mon Sep 17 00:00:00 2001
From: Hideki Yamane 
Date: Wed, 16 May 2018 09:19:29 +0900
Subject: [PATCH 2/2] Set multiple components for test

---
 debian/tests/debian-testing | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/debian/tests/debian-testing b/debian/tests/debian-testing
index 65ee196..1209498 100755
--- a/debian/tests/debian-testing
+++ b/debian/tests/debian-testing
@@ -234,9 +234,11 @@ else {
 my $distro_info = DebianDistroInfo->new;
 my $testing = $distro_info->testing;
 
+# Should specify multiple components for checking (see Bug#898738)
 if (!verbose_run(['debootstrap',
 '--include=debootstrap,debian-archive-keyring,gnupg,hello',
 '--variant=minbase',
+'--components=main,contrib,non-free',
 $testing, 'chroot.d', $mirror], '>&2')) {
 BAIL_OUT("debootstrap failed: $?");
 }
-- 
2.17.0

Bug#898837: RFP: mellowplayer -- Cloud music integration for your desktop

[Pierre Rudloff]

Package: wnpp
Severity: wishlist

* Package name: mellowplayer
  Version : 3.3.5
  Upstream Author : Colin Duquesnoy
* URL : https://colinduquesnoy.github.io/MellowPlayer/
* License : GPL
  Programming Lang: C++
  Description : Cloud music integration for your desktop

MellowPlayer is a free, open source and cross-platform desktop application that
runs web-based music streaming services in its own window and provides
integration with your desktop (hotkeys, multimedia keys, system tray,
notifications and more).

MellowPlayer is a Qt based alternative to NuvolaPlayer initially crafted for
KaOS. MellowPlayer is written in C++ and QML.

Bug#893268: libjbzip2-java now in Java team, libnanoxml2-java remains buggy (Was: Bug#893268: Intend to take over libjbzip2-java and libnanoxml2-java into Debian Med team)

[Andreas Tille]

Hi,

On Sat, May 12, 2018 at 01:59:42AM +0200, Emmanuel Bourg wrote:
> > You summoned?
> 
> Thank you for the quick help! It works perfectly.
> 
> @Andreas: I pushed the fixes, could you complete the upload please?

Done.

BTW, I did the team hijack to enable every team member to upload.  While
its fine for me to do this its also perfectly welcome if you upload any
of the packages that are mentioning myself as Uploader (which was not
even the case here) without asking. :-)

Kind regards
 
Andreas.

-- 
http://fam-tille.de

Bug#898630: enigmail: efail attack against enigmail

[Carsten Schoenert]

Am 15.05.2018 um 22:31 schrieb David Sanders:
> I think this bug applies to Thunderbird as well as Enigmail and both 
> packages need urgent updates.

...

> Could the maintainers of Enigmail take for action updating to the 
> already released 2.0.3? And forwarding the bug to Thunderbird for 
> further action?

For Thunderbird there is a separate issue created.

https://bugs.debian.org/898631

I guess the "only" problem with enigmail is the recent package version
isn't available in unstable/testing. The main issue of Efail in Enigmail
is fixed since Enigmail 2.0.0

https://sourceforge.net/p/enigmail/forum/announce/thread/527a26fc/

-- 
Regards
Carsten Schoenert

Bug#898838: raintpl: bad Homepage

[Thorsten Glaser]

Source: raintpl
Version: 2.7.2-1
Severity: normal

Hi,

the package Homepage field
> Homepage: http://www.raintpl.com/ 
>
appears to have been domain-grabbed or otherwise taken over:
the automatic translation e.g. at
https://translate.google.com/translate?sl=auto&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=http%3A%2F%2Fwww.raintpl.com%2F&edit-text=&act=url
talks about getting out of debt, etc.

Perhaps https://github.com/feulf/raintpl would be a more
fitting homepage (the debian/watch file should also be
adjusted, as https://github.com/rainphp/raintpl redirects
there).


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.16.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Init: sysvinit (via /sbin/init)

Bug#898824: btrfs-progs: missing libbtrfs.so.0

[Dimitri John Ledkov]

Hi,

On 16 May 2018 at 10:40, John Wong  wrote:
> Package: btrfs-progs
> Version: 4.16.1-2
> Severity: important
>
> Dear Maintainer,
>
>  After upgrade to 4.16.1-2, some prog show the error message,
>  like below: (snapper list)
>  "snapper: error while loading shared libraries: libbtrfs.so.0:
>  cannot open shared object file: No such file or directory"
>  Please help, thank you.
> *** Reporter, please consider answering these questions, where appropriate ***
>
>* What led up to the situation?
>* What exactly did you do (or not do) that was effective (or
>  ineffective)?
>* What was the outcome of this action?
>* What outcome did you expect instead?
>
> *** End of the template - remove these template lines ***
>

The library was moved into a standalone package. I guess I need to
declare breaks, to force correct upgrade sequency and recompile
snapper against the new btrfs-progs.

-- 
Regards,

Dimitri.

Bug#898836: HTML validator error for templates/popup: Stray end tag "span".

[Simon McVittie]

On Wed, 16 May 2018 at 12:43:57 +0200, Martin Michlmayr wrote:
> While doc/templates/popup.mdwn has 4 opening  and 4 closing
>  elements, the generated HTML has 3 opening and 4 closing
> statements:
> 
> /usr/share/doc/ikiwiki/html/templates/popup.html
> [[templatebody <
> [ popup>]
> 
> ENDBODY]]

That content isn't really meant to be rendered at all. If you change
[[templatebody to [[!templatebody in the source, does that resolve this?

smcv

Bug#896666: qemu-system-x86: page allocation failure: 4.16.0-0.bpo.1-amd64

[Russell Mosemann]

Package: src:linux
Version: 4.16.5-1~bpo9+1
Severity: important
 
May 16 00:47:48 vhost003 kernel: qemu-system-x86: page allocation failure: 
order:4, mode:0x140c0c0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), nodemask=(null)
May 16 00:47:48 vhost003 kernel: qemu-system-x86 cpuset=emulator 
mems_allowed=0-1
May 16 00:47:48 vhost003 kernel: CPU: 15 PID: 17479 Comm: qemu-system-x86 
Tainted: G  I  4.16.0-0.bpo.1-amd64 #1 Debian 4.16.5-1~bpo9+1
May 16 00:47:48 vhost003 kernel: Hardware name: HP ProLiant DL380 G6, BIOS P62 
08/16/2015
May 16 00:47:48 vhost003 kernel: Call Trace:
May 16 00:47:48 vhost003 kernel:  dump_stack+0x5c/0x85
May 16 00:47:48 vhost003 kernel:  warn_alloc+0xfc/0x180
May 16 00:47:48 vhost003 kernel:  __alloc_pages_slowpath+0xded/0xe00
May 16 00:47:48 vhost003 kernel:  ? _cond_resched+0x16/0x40
May 16 00:47:48 vhost003 kernel:  __alloc_pages_nodemask+0x212/0x250
May 16 00:47:48 vhost003 kernel:  kmalloc_order+0x14/0x40
May 16 00:47:48 vhost003 kernel:  kmalloc_order_trace+0x1d/0xa0
May 16 00:47:48 vhost003 kernel:  kvm_dev_ioctl+0xb4/0x680 [kvm]
May 16 00:47:48 vhost003 kernel:  do_vfs_ioctl+0xa2/0x620
May 16 00:47:48 vhost003 kernel:  SyS_ioctl+0x74/0x80
May 16 00:47:48 vhost003 kernel:  do_syscall_64+0x6c/0x130
May 16 00:47:48 vhost003 kernel:  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
May 16 00:47:48 vhost003 kernel: RIP: 0033:0x7fd6e18b9dd7
May 16 00:47:48 vhost003 kernel: RSP: 002b:7fffa7041f78 EFLAGS: 0246 
ORIG_RAX: 0010
May 16 00:47:48 vhost003 kernel: RAX: ffda RBX: ae01 
RCX: 7fd6e18b9dd7
May 16 00:47:48 vhost003 kernel: RDX:  RSI: ae01 
RDI: 000b
May 16 00:47:48 vhost003 kernel: RBP:  R08: 555a7efbd9b8 
R09: 0050
May 16 00:47:48 vhost003 kernel: R10: 0020 R11: 0246 
R12: 555a80583960
May 16 00:47:48 vhost003 kernel: R13: 0002 R14: 0120 
R15: 
May 16 00:47:48 vhost003 kernel: Mem-Info:
May 16 00:47:48 vhost003 kernel: active_anon:9919 inactive_anon:13764 
isolated_anon:0
  active_file:57177 inactive_file:1052655 
isolated_file:0
  unevictable:16418 dirty:36959 writeback:64 
unstable:0
  slab_reclaimable:57939 
slab_unreclaimable:402293
  mapped:27646 shmem:10693 pagetables:4097 
bounce:0
  free:66557 free_pcp:32 free_cma:0
May 16 00:47:48 vhost003 kernel: Node 0 active_anon:18152kB 
inactive_anon:32628kB active_file:76068kB inactive_file:2066032kB 
unevictable:62744kB isolated(anon):0kB isolated(file):0kB mapped:82604kB 
dirty:22800kB writeback:0kB shmem:42208kB shmem_thp: 0kB shmem_pmdmapped: 0kB 
anon_thp: 20480kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
May 16 00:47:48 vhost003 kernel: Node 1 active_anon:21524kB 
inactive_anon:22428kB active_file:152640kB inactive_file:2144588kB 
unevictable:2928kB isolated(anon):0kB isolated(file):0kB mapped:27980kB 
dirty:125036kB writeback:256kB shmem:564kB shmem_thp: 0kB shmem_pmdmapped: 0kB 
anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
May 16 00:47:48 vhost003 kernel: Node 0 DMA free:15892kB min:20kB low:32kB 
high:44kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB 
unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB 
kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB 
free_cma:0kB
May 16 00:47:48 vhost003 kernel: lowmem_reserve[]: 0 3486 30139 30139 30139

May 16 00:47:48 vhost003 kernel: Node 0 DMA32 free:122416kB min:5204kB 
low:8772kB high:12340kB active_anon:15212kB inactive_anon:30096kB 
active_file:71568kB inactive_file:2035316kB unevictable:58560kB 
writepending:22792kB present:3643520kB managed:3577952kB mlocked:58560kB 
kernel_stack:1504kB pagetables:7072kB bounce:0kB free_pcp:0kB local_pcp:0kB 
free_cma:0kB
May 16 00:47:48 vhost003 kernel: lowmem_reserve[]: 0 0 26653 26653 26653
May 16 00:47:48 vhost003 kernel: Node 0 Normal free:42476kB min:39784kB 
low:67076kB high:94368kB active_anon:2940kB inactive_anon:2532kB 
active_file:4500kB inactive_file:30220kB unevictable:4184kB writepending:8kB 
present:27787264kB managed:27292884kB mlocked:4184kB kernel_stack:1640kB 
pagetables:260kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
May 16 00:47:48 vhost003 kernel: lowmem_reserve[]: 0 0 0 0 0
May 16 00:47:48 vhost003 kernel: Node 1 Normal free:85444kB min:45096kB 
low:76032kB high:106968kB active_anon:21300kB inactive_anon:22428kB 
active_file:152640kB inactive_file:2144152kB unevictable:2928kB 
writepending:125292kB present:31457276kB managed:30943772kB mlocked:2928kB 
kernel_stack:5224kB pagetables:9056kB bounce:0kB free_pcp:256kB local_pcp:0kB 
free_cma:0kB
May 16 00:47:48 vhost003 kernel: lowmem_reserve[]: 0 0 0 0 0
May 16 00:47:48 vhost003 kernel: Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (

Bug#896666: qemu-system-x86: page allocation failure: 4.16.0-0.bpo.1-amd64

[Russell Mosemann]

 
Package: src:linux
Version: 4.16.5-1~bpo9+1
Severity: important

 
 
 
May 16 04:37:09 vhost003 kernel: qemu-system-x86: page allocation failure: 
order:4, mode:0x140c0c0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), nodemask=(null)
May 16 04:37:09 vhost003 kernel: qemu-system-x86 cpuset=emulator 
mems_allowed=0-1
May 16 04:37:09 vhost003 kernel: CPU: 1 PID: 14195 Comm: qemu-system-x86 
Tainted: G  I  4.16.0-0.bpo.1-amd64 #1 Debian 4.16.5-1~bpo9+1
May 16 04:37:09 vhost003 kernel: Hardware name: HP ProLiant DL380 G6, BIOS P62 
08/16/2015
May 16 04:37:09 vhost003 kernel: Call Trace:
May 16 04:37:09 vhost003 kernel:  dump_stack+0x5c/0x85
May 16 04:37:09 vhost003 kernel:  warn_alloc+0xfc/0x180
May 16 04:37:09 vhost003 kernel:  __alloc_pages_slowpath+0xded/0xe00
May 16 04:37:09 vhost003 kernel:  ? _cond_resched+0x16/0x40
May 16 04:37:09 vhost003 kernel:  __alloc_pages_nodemask+0x212/0x250
May 16 04:37:09 vhost003 kernel:  kmalloc_order+0x14/0x40
May 16 04:37:09 vhost003 kernel:  kmalloc_order_trace+0x1d/0xa0
May 16 04:37:09 vhost003 kernel:  kvm_dev_ioctl+0xb4/0x680 [kvm]
May 16 04:37:09 vhost003 kernel:  do_vfs_ioctl+0xa2/0x620
May 16 04:37:09 vhost003 kernel:  SyS_ioctl+0x74/0x80
May 16 04:37:09 vhost003 kernel:  do_syscall_64+0x6c/0x130
May 16 04:37:09 vhost003 kernel:  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
May 16 04:37:09 vhost003 kernel: RIP: 0033:0x7ff50a42add7
May 16 04:37:09 vhost003 kernel: RSP: 002b:7ffc775ed8a8 EFLAGS: 0246 
ORIG_RAX: 0010
May 16 04:37:09 vhost003 kernel: RAX: ffda RBX: ae01 
RCX: 7ff50a42add7
May 16 04:37:09 vhost003 kernel: RDX:  RSI: ae01 
RDI: 000b
May 16 04:37:09 vhost003 kernel: RBP:  R08: 556a05f139b8 
R09: 0050
May 16 04:37:09 vhost003 kernel: R10: 0020 R11: 0246 
R12: 556a08987960
May 16 04:37:09 vhost003 kernel: R13: 0002 R14: 0120 
R15: 
May 16 04:37:09 vhost003 kernel: Mem-Info:
May 16 04:37:09 vhost003 kernel: active_anon:23438 inactive_anon:31607 
isolated_anon:0
  active_file:358045 inactive_file:743446 
isolated_file:0
  unevictable:16418 dirty:42 writeback:0 
unstable:0
  slab_reclaimable:50014 
slab_unreclaimable:381709
  mapped:29948 shmem:10852 pagetables:4559 
bounce:0
  free:72131 free_pcp:0 free_cma:0
May 16 04:37:09 vhost003 kernel: Node 0 active_anon:44228kB 
inactive_anon:61024kB active_file:1023812kB inactive_file:1106028kB 
unevictable:62744kB isolated(anon):0kB isolated(file):0kB mapped:88356kB 
dirty:112kB writeback:0kB shmem:42496kB shmem_thp: 0kB shmem_pmdmapped: 0kB 
anon_thp: 18432kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
May 16 04:37:09 vhost003 kernel: Node 1 active_anon:49524kB 
inactive_anon:65404kB active_file:408368kB inactive_file:1867756kB 
unevictable:2928kB isolated(anon):0kB isolated(file):0kB mapped:31436kB 
dirty:56kB writeback:0kB shmem:912kB shmem_thp: 0kB shmem_pmdmapped: 0kB 
anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
May 16 04:37:09 vhost003 kernel: Node 0 DMA free:15892kB min:20kB low:32kB 
high:44kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB 
unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB 
kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB 
free_cma:0kB
May 16 04:37:09 vhost003 kernel: lowmem_reserve[]: 0 3486 30139 30139 30139
May 16 04:37:09 vhost003 kernel: Node 0 DMA32 free:121472kB min:5204kB 
low:8772kB high:12340kB active_anon:29448kB inactive_anon:55680kB 
active_file:1001284kB inactive_file:1099716kB unevictable:58560kB 
writepending:112kB present:3643520kB managed:3577952kB mlocked:58560kB 
kernel_stack:1648kB pagetables:8308kB bounce:0kB free_pcp:0kB local_pcp:0kB 
free_cma:0kB
May 16 04:37:09 vhost003 kernel: lowmem_reserve[]: 0 0 26653 26653 26653
May 16 04:37:09 vhost003 kernel: Node 0 Normal free:39900kB min:39784kB 
low:67076kB high:94368kB active_anon:14780kB inactive_anon:5344kB 
active_file:22528kB inactive_file:6184kB unevictable:4184kB writepending:0kB 
present:27787264kB managed:27292884kB mlocked:4184kB kernel_stack:1640kB 
pagetables:260kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
May 16 04:37:09 vhost003 kernel: lowmem_reserve[]: 0 0 0 0 0
May 16 04:37:09 vhost003 kernel: Node 1 Normal free:111260kB min:45096kB 
low:76032kB high:106968kB active_anon:49696kB inactive_anon:65180kB 
active_file:408368kB inactive_file:1867784kB unevictable:2928kB 
writepending:56kB present:31457276kB managed:30943772kB mlocked:2928kB 
kernel_stack:4904kB pagetables:9668kB bounce:0kB free_pcp:0kB local_pcp:0kB 
free_cma:0kB
May 16 04:37:09 vhost003 kernel: lowmem_reserve[]: 0 0 0 0 0
May 16 04:37:09 vhost003 kernel: Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 0*32kB

Bug#898839: objenesis: FTBFS with Java 10 due to test errors

[Emmanuel Bourg]

Source: objenesis
Severity: serious
Tags: sid buster
User: debian-j...@lists.debian.org
Usertags: default-java10
Forwarded: https://github.com/easymock/objenesis/issues/59

objenesis fails to build with Java 10 due to test errors:

  Tests run: 2, Failures: 0, Errors: 2, Skipped: 0, Time elapsed: 0.053 sec <<< 
FAILURE! - in org.objenesis.instantiator.sun.MagicInstantiatorTest
  
testInternalInstantiator(org.objenesis.instantiator.sun.MagicInstantiatorTest)  
Time elapsed: 0.014 sec  <<< ERROR!
  java.lang.IllegalAccessError: class 
org.objenesis.instantiator.sun.MagicInstantiator$$$EmptyClass loaded by 
jdk/internal/loader/ClassLoaders$AppClassLoader cannot access 
jdk/internal/reflect superclass jdk.internal.reflect.MagicAccessorImpl
  at 
org.objenesis.instantiator.sun.MagicInstantiatorTest.testInternalInstantiator(MagicInstantiatorTest.java:51)
  
  testNewInstance(org.objenesis.instantiator.sun.MagicInstantiatorTest)  Time 
elapsed: 0 sec  <<< ERROR!
  java.lang.IllegalAccessError: class 
org.objenesis.instantiator.sun.MagicInstantiator$$$EmptyClass loaded by 
jdk/internal/loader/ClassLoaders$AppClassLoader cannot access 
jdk/internal/reflect superclass jdk.internal.reflect.MagicAccessorImpl
  at 
org.objenesis.instantiator.sun.MagicInstantiatorTest.testNewInstance(MagicInstantiatorTest.java:42)

It looks like these tests aren't meant to run on any JDK higher than 8,
but the JDK check is limited to Java 9.

Bug#897542: raincat: FTBFS: Could not find module `Item.Items'

[Markus Koschany]

Control: tags -1 pending

I still can't upgrade to the new SDL2 version of raincat because
haskell-mixer-sdl2 and haskell-image-sdl2 or similar packages are
currently not available in Debian.

However the fix seems to be trivial. The import statement is wrong and
should be Items.Items instead of Item.Items. No idea how this could work
in the past.

Markus



signature.asc
Description: OpenPGP digital signature

Bug#898684: 100% when monitor is plugged/unplugged while system is suspended or hibernated

[Michael Biebl]

Hi

Am 15.05.2018 um 09:04 schrieb Enrico Zini:
> 1. start from home, with the laptop attached to an external monitor
> 2. suspend or hibernate
> 3. detach the external monitor and pack the laptop
> 4. go visit an important customer
> 5. wake up the system
> 6. gnome-shell will now consume 100% CPU, overheat the laptop, severely
>reduce system performance and battery time, ruin a work day at the
>important customer, cause serious embarassment
> 
> I have not found a way to make it stop, short of having another external
> monitor to plug/unplug, restart the whole X session, or reboot.

Which graphics driver is used on this particular laptop?
Are you using Xorg or Wayland?
Do you get anything relevant in the log files/journal which might hint
at a problem?



-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#898771: libconfig-model-dpkg-perl: Please replace Maintainers @lists.alioth.debian.org by @alioth-lists.debian.net

[Dominique Dumont]

On Tuesday, 15 May 2018 20:45:13 CEST you wrote:
> alioth lists were moved from lists.alioth.debian.org to
> @alioth-lists.debian.net.  As far as I understood the maintainers
> of alioth-lists.debian.net would prefer the real DNS name instead
> of the redirect.  Thus it would be sensible to replace this in the
> maintainer fields of packages.

Makes sense.

Is there any volunteer to create a new warning and fix for Maintainer element 
?

(using 'cme meta edit' in libconfig-model-dpkg-perl repo should make this 
easier)

All the best

Bug#898840: Latest update breaks ip6 default gateway cli api

[Hans van Kranenburg]

Package: iproute2
Version: 4.16.0-2
Severity: normal

Hi,

The last iproute2 update has a backwards incompatible change in setting
IPv6 default routes, breaking existing configuration and scripts.

Previously, the following was possible, and now it requires an explicit
-6 option to be added:

-# ip route add default via 2001:db8::1 dev eth0
Error: inet address is expected rather than "2001:db8::1".

This works:
-# ip -6 route add default via 2001:db8::1 dev eth0

I found out after having systems end up being unreachable after a
reboot, because I have commands like these in network/interfaces.

I had a look at upstream changelogs, but I don't see any mention of
this, and suspect it was not intentional. However, it's bad.

-- 
Hans van Kranenburg

Bug#897555: subversion: FTBFS: /bin/bash: /usr/lib/jvm/default-java/bin/javah: No such file or directory

[James McCoy]

On Fri, May 11, 2018 at 04:27:39PM +0200, Emmanuel Bourg wrote:
> Control: tags -1 + patch
> 
> Le 06/05/2018 à 02:13, James McCoy a écrit :
> 
> > It looks like that will do the right thing.  Now I just need to figure
> > out the larger issue of adapting upstream's build system.
> 
> I've managed to patch the EZT Make template to use 'javac -h' instead of
> javah. A few classes with no native methods but static fields used in
> native code also required the addition of the @Native annotation.

Thanks!  I'll get the annotations upstreamed soon, since those seem like
obvious fixes.  I'm pretty close to having a more general fix for the
Java templates, but if subversion starts getting in the way of other
packages it's good to have your patch to fall back on.

Cheers,
-- 
James
GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7  2D23 DFE6 91AE 331B A3DB

Bug#887904: RFR: Make dh_installinit and dh_installsystemd debhelper autoscript snippets independent in c12 (Was: Re: Bug#887904: dh_installsystemd will unmask services *after* an attempt to start the

[Niels Thykier]

Felipe Sateler:
> [...]
> 
> I think the entanglement can be removed by runtime checking of the unit.
> 
> 1. Swap the order of installinit and installsystemd so systemd acts first.

(Moved related argument up)
> Step one is needed in case the compatibility symlink is created at
> systemd-enable time (via Alias)
>

Just to confirm, we just need "d-s-h enable " from
dh_installsystemd to run before the snippet below for the same service,
correct?

If so, then we have an alternative method for handling that besides
re-ordering the helpers.  That would have the advantage of also working
if people call dh_installinit and dh_installsystemd in a different order
than we expect.

> 2. Have the installinit snippet do:
> 
> if [ -d /run/systemd/system ] && [ "/etc/init.d/#SCRIPT" != "$(systemctl
> show --value --property SourcePath #SCRIPT#.service)" ] ; then
>   # do nothing
> else
>   invoke-rc.d #SCRIPT# start || #ERROR_HANDLER#
> fi
> 
> This checking could also be moved into invoke-rc.d via some flag. What do
> you think?
> 

I think it would be best if that logic was handled by invoke-rc.d.  In
case that logic need to be updated for some reason, then it is a lot
easier to just update update-rc.d than thousands of maintscripts.

Can you handle the update-rc.d side or should I file a bug against
init-system-helpers?

Thanks,
~Niels

Bug#898761: [Qa-jenkins-dev] Bug#898761: jenkins: d-i jobs not running due to orig repository move

[Holger Levsen]

On Tue, May 15, 2018 at 07:26:19PM +0200, Mattia Rizzolo wrote:
> I remember the d-i guys not being extremely happy with the situation, so
> I wonder if we should spend effort in fixing those jobs or just
> disable/remove them.

I once thought so as well but then learned that they were indeed happy
about them.

That said, I believe we should still contact them and ask them which are
useful and wanted by them, and which are useless.


-- 
cheers,
Holger


signature.asc
Description: PGP signature

Bug#898836: HTML validator error for templates/popup: Stray end tag "span".

[Martin Michlmayr]

* Simon McVittie  [2018-05-16 13:01]:
> That content isn't really meant to be rendered at all.

Right, but the problem is when I run "ikiwiki -v --plugin goodstuff website 
html"
then I end up with html/templates/popup/index.html (even though I
don't use any popups).  Therefore, running a HTML validator over my
whole html directory breaks.

> If you change [[templatebody to [[!templatebody in the source, does
> that resolve this?

I don't know.  I'll have to try later.
-- 
Martin Michlmayr
https://www.cyrius.com/

Bug#898841: graphviz: CVE-2018-10196

[Salvatore Bonaccorso]

Source: graphviz
Version: 2.40.1-3
Severity: normal
Tags: security upstream
Forwarded: https://gitlab.com/graphviz/graphviz/issues/1367

Hi,

The following vulnerability was published for graphviz.

CVE-2018-10196[0]:
null derefence in rebuild_vlist

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-10196
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10196
[1] https://gitlab.com/graphviz/graphviz/issues/1367

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#898824: btrfs-progs: missing libbtrfs.so.0

[johnw]

Hi John,

On 05/16/2018 07:57 PM, Dimitri John Ledkov wrote:
>
> The library was moved into a standalone package. I guess I need to
> declare breaks, to force correct upgrade sequency and recompile
> snapper against the new btrfs-progs.
>
Yes, I think "force correct upgrade sequency and recompile snapper
against the new btrfs-progs",

is not bad idea.


I solved the problem after install libbtrfs0,

so I will close this bug report,

Thank you.




signature.asc
Description: OpenPGP digital signature

Bug#834270: xorg: logging out of shell on vt2 crashes X on vt1

[Michael Siegel]

On Sat, 13 Aug 2016 17:40:49 -0500 Rob Browning 
wrote:
> With a machine running more or less current stretch the following steps
> will crash X on VT1 every time:
> 
>   - log in to VT1
>   - launch X via startx (.xsession launches a few things, and then xmonad)
>   - Ctrl-Alt-F2
>   - log in as another user on VT2
>   - launch X via startx (.xsession launches xmonad)
>   - quit xmonad, which quits the xsession
>   - exit the VT2 shell
> 
> At that point, the X instance on VT1 will crash
[...]

Summing up a discussion on #devuan:

The crash on logout is caused by the clear_console program shipped with
Debian's package of Bash.

There is a default configuration in ~./bash_logout which will run
clear_console when Bash is a login shell:

  # ~/.bash_logout: executed by bash(1) when login shell exits.

  # when leaving the console clear the screen to increase privacy

  if [ "$SHLVL" = 1 ]; then
  [ -x /usr/bin/clear_console ] && /usr/bin/clear_console -q
  fi

Commenting the last three lines (or just deleting the file) will prevent
this.

So, as far as I can see, this is not an xorg issue.

Bug#898842: dcm2nii compiled with debug

[Mathieu Malaterre]

Source: mricron
Version: 0.20140804.1~dfsg.1-2

It would be super nice to handle debug package for mricron.

Steps:

https://wiki.debian.org/HowToGetABacktrace#Rebuilding_the_package_you.2BIBk-re_debugging

$ sudo apt-get build-dep mricron
$ DEB_BUILD_OPTIONS="nostrip noopt" fakeroot apt-get -b source mricron
$ sudo dpkg -i mricron_0.20140804.1~dfsg.1-2_amd64.deb
$ sudo dpkg -i mricron-data_0.20140804.1~dfsg.1-2_all.deb

Leads to a binary that has been stripped:

$ file /usr/bin/dcm2nii
/usr/bin/dcm2nii: ELF 64-bit LSB executable, x86-64, version 1 (SYSV),
statically linked, for GNU/Linux 2.4.0, stripped

Bug#898840: [iproute2] Bug#898840: Latest update breaks ip6 default gateway cli api

[Luca Boccassi]

On Wed, 2018-05-16 at 14:26 +0200, Hans van Kranenburg wrote:
> Package: iproute2
> Version: 4.16.0-2
> Severity: normal
> 
> Hi,
> 
> The last iproute2 update has a backwards incompatible change in
> setting
> IPv6 default routes, breaking existing configuration and scripts.
> 
> Previously, the following was possible, and now it requires an
> explicit
> -6 option to be added:
> 
> -# ip route add default via 2001:db8::1 dev eth0
> Error: inet address is expected rather than "2001:db8::1".
> 
> This works:
> -# ip -6 route add default via 2001:db8::1 dev eth0
> 
> I found out after having systems end up being unreachable after a
> reboot, because I have commands like these in network/interfaces.
> 
> I had a look at upstream changelogs, but I don't see any mention of
> this, and suspect it was not intentional. However, it's bad.

Hello Serhey and Stephen,

Hans reported a regression in v4.16.0, ip route now requires -6 to be
manually added when using v6 addresses while up to 4.15 it didn't, the
commands quoted show the problem.

Bisecting shows that the following commit from Serhey introduced the
problem:

93fa12418dc6f5943692250244be303bb162175b
utils: Always specify family and ->bytelen in get_prefix_1()

Could you please have a look when you have a moment? It's very easy to
reproduce, and it breaks existing scripts and so on.

Thanks!

-- 
Kind regards,
Luca Boccassi

signature.asc
Description: This is a digitally signed message part

Bug#898483: PHYSFS_setWriteDir creates an empty file

[Patrick Matthäi]

Hi,


Am 12.05.2018 um 17:40 schrieb Markus Koschany:
> Hello Patrick,
>
> Am 12.05.2018 um 16:19 schrieb James Cowgill:
> [...]
>> I think this is a bug in libphysfs 3.0.1. It seems that in this version
>> (unlike 2.0.3), PHYSFS_setWriteDir has the side effect of creating an
>> empty file if the path it is given does not exist. This will later cause
>> PHYSFS_mkdir to fail even if it's given the right path.
>>
>> This would also explain why this bug is not present in stretch.
> A bug was reported against lincity-ng but it looks more like this is a
> regression/bug in libphysfs 3.0.1. The setWriteDir function creates an
> empty file which makes the mkdir function fail later on. Shall I
> reassign this bug report to libphysfs?
>
> Regards,
>
> Markus

Maybe upstream can say something about it? :) =>:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898483

-- 
/*
Mit freundlichem Gruß / With kind regards,
 Patrick Matthäi
 GNU/Linux Debian Developer

  Blog: http://www.linux-dev.org/
E-Mail: pmatth...@debian.org
patr...@linux-dev.org
*/




signature.asc
Description: OpenPGP digital signature

Bug#898843: Error with producer 'SQL::Translator::Producer::JSON': Can't locate object method "imap_url" via package "JSON"

[Andrius Merkys]

Package: libsql-translator-perl

libsql-translator-perl fails to convert valid MySQL CREATE TABLE statement to 
JSON with quite a strange error:

andrius@amalas:$ cat sql/tables/numbers.sql
DROP TABLE IF EXISTS `numbers`;

CREATE TABLE `numbers` (
  `id` int(11) NOT NULL AUTO_INCREMENT COMMENT 'unique table key',
  `range` varchar(12) DEFAULT NULL COMMENT '',
  `user` varchar(255) DEFAULT NULL COMMENT 'name of the user associated with 
the range',
  PRIMARY KEY (`id`)
) CHARSET=utf8
COMMENT='stores SOLSA sample ID ranges associated with specific users';
andrius@amalas:$ sqlt --from MySQL --to JSON sql/tables/numbers.sql 
Error: translate: Error with producer 'SQL::Translator::Producer::JSON': Can't 
locate object method "db_user" via package "JSON" at /usr/share/perl5/JSON.pm 
line 166.

Observed with the following versions on unstable:

libsql-translator-perl  0.11024-1
libjson-perl2.97001-1

-- 
Andrius Merkys
Vilnius University Institute of Biotechnology, Saulėtekio al. 7, room V325
LT-10257 Vilnius, Lithuania

Bug#898844: ITP: r-cran-shinythemes -- Themes for Shiny

[Andreas Tille]

Package: wnpp
Severity: wishlist
Owner: Andreas Tille 

* Package name: r-cran-shinythemes
  Version : 1.1.1
  Upstream Author : Winston Chang, RStudio
* URL : https://cran.r-project.org/package=shinythemes
* License : GPL-3
  Programming Lang: GNU R
  Description : Themes for Shiny
 Themes for use with Shiny. Includes several Bootstrap themes
 from , which are packaged for use with Shiny
 applications.

Remark: This package is maintained by Debian R Packages Maintainers at
   https://salsa.debian.org/r-pkg-team/r-cran-shinythemes
This package belongs to a set of dependencies for r-cran-brms which is
needed to upgrade r-cran-emmeans to the latest upstream version.

Bug#887904: RFR: Make dh_installinit and dh_installsystemd debhelper autoscript snippets independent in c12 (Was: Re: Bug#887904: dh_installsystemd will unmask services *after* an attempt to start the

[Felipe Sateler]

On Wed, May 16, 2018 at 8:34 AM Niels Thykier  wrote:

> Felipe Sateler:
> > [...]
> >
> > I think the entanglement can be removed by runtime checking of the unit.
> >
> > 1. Swap the order of installinit and installsystemd so systemd acts
> first.
>
> (Moved related argument up)
> > Step one is needed in case the compatibility symlink is created at
> > systemd-enable time (via Alias)
> >
>
> Just to confirm, we just need "d-s-h enable " from
> dh_installsystemd to run before the snippet below for the same service,
> correct?
>

That's what I had in mind, yes.


> If so, then we have an alternative method for handling that besides
> re-ordering the helpers.  That would have the advantage of also working
> if people call dh_installinit and dh_installsystemd in a different order
> than we expect.
>

Well, dh helpers are already order dependent so I wouldn't loose much sleep
over it.


>
> > 2. Have the installinit snippet do:
> >
> > if [ -d /run/systemd/system ] && [ "/etc/init.d/#SCRIPT" != "$(systemctl
> > show --value --property SourcePath #SCRIPT#.service)" ] ; then
> >   # do nothing
> > else
> >   invoke-rc.d #SCRIPT# start || #ERROR_HANDLER#
> > fi
> >
> > This checking could also be moved into invoke-rc.d via some flag. What do
> > you think?
> >
>
> I think it would be best if that logic was handled by invoke-rc.d.  In
> case that logic need to be updated for some reason, then it is a lot
> easier to just update update-rc.d than thousands of maintscripts.
>

Agreed.


> Can you handle the update-rc.d side or should I file a bug against
> init-system-helpers?
>

I'd like opinions from the rest of pkg-systemd first. Michael, what do you
think?

Another thing that came to mind is that the above check won't work in a
chroot. But invoke-rc.d already denies chroot execution without
policy-rc.d, and systemd execution has no chance of working either
(systemctl rejects calls when it detects it is chrooted), so perhaps this
is enough of a corner case to be pushed into the future when someone bumps
into it.


-- 

Saludos,
Felipe Sateler

Bug#896886: openmpi: upstream version 3.0.1 makes lots of autopkgtests flaky

[Graham Inggs]

Hi Alastair

In Ubuntu, we are having problems autopkgtests on armhf.  I still see 
several FTBFS for armhf in Debian [1] too.


Open MPI bug fix release 3.1.0 is now available [2].  Is there any 
chance this could be packaged soon?


Paul, I believe the other issue with ray is now fixed in git [3].

Regards
Graham


[1] https://release.debian.org/transitions/html/auto-openmpi.html
[2] https://www.mail-archive.com/announce@lists.open-mpi.org//msg00109.html
[3] 
https://salsa.debian.org/med-team/ray/commit/815c1cb5c9bd2ebb245855d7953c8dd97ccef569

Bug#898822: [RFC] Detect data embeded image in html like file

[Bastien ROUCARIES]

On Wed, May 16, 2018 at 11:33 AM, Chris Lamb  wrote:
> retitle 898822 Detect data encoded/embedded in HTML "Data" URI schemes
> severity 898822 wishlist
> tags 898822 + moreinfo
> thanks
>
> Hi Bastien,
>
> [..]
>
> I think some concrete examples here would be useful in triaging/
> prioritising this, as well as working out whether it is feasible or
> sensible :)
Code search with request
(https://codesearch.debian.net/search?q=src%3D%22data%3A&page=1&perpkg=1)
give 75 packages affected:
asciidoctor
cacti
chemical-structures
chromium-browser
ckeditor
classified-ads
diffoscope
edbrowse
firefox
firefox-esr
fontforge
fossil
gitinspector
golang-github-microcosm-cc-bluemonday
html5lib
icingaweb2
ikiwiki
ipython
jmol
julia
kmplayer
kopano-webapp
landslide
libcgi-application-plugin-dbiprofile-perl
libxml-atom-fromowl-perl
libxml-atom-owl-perl
lua-apr
matplotlib
mayavi2
mediawiki
nbconvert
node-normalize.css
notmuch
oca-core
openlp
opennebula
openscad
pandoc
php-doctrine-bundle
php-getid3
php-kdyby-events
phpmyadmin
python-cartopy
python-darkslide
python-mne
python-pweave
python-pydub
python-pyqrcode
python-qtconsole
qtwebengine-opensource-src
rails
rapid-photo-downloader
r-cran-knitr
r-cran-repr
r-cran-rmarkdown
rdkit
request-tracker4
roundcube
rss-bridge
rubocop
sagemath
sass-spec
simplesamlphp
spip
sympa
thunderbird
trac
turbogears2-doc
veusz
virtuoso-opensource
vistrails
woo
xhtml2pdf
yt
zotero-standalone-build

Some are clearly abuse see:
1. 
https://sources.debian.org/src/chemical-structures/2.2.dfsg.0-12/debian/patches/privacy.patch/?hl=10#L10
(render package undistributable one of sourceforge logo)
2. 
https://codesearch.debian.net/show?file=lua-apr_0.23.2.dfsg-4%2Fsrc%2Fbase64.c&line=33
FTBFS not prefered modification source
3. 
https://sources.debian.org/src/rubocop/0.52.1+dfsg-1/debian/patches/04-adjust-tests-due-to-rubocop-logo-removal-from-package.diff/?hl=25#L25
(remove logo as file not as included base64 => RC undistributable)
4.https://sources.debian.org/src/fontforge/1:20170731%7Edfsg-1/debian/patches/2003_avoid_privacy_breach.patch/?hl=59#L59
Border line could use the same trick that I have done in
libjs-normalize.css to generate with js the image (not prefered source
of modification)

I have not checked all the package.

another risk is to carry forbidden image like porn of think like this
is this stuff. I prefer lintian to signal pedantically in order to
manually check acceptance.

Better safe than sorry

Bastien


>
> Best wishes,
>
> --
>   ,''`.
>  : :'  : Chris Lamb
>  `. `'`  la...@debian.org / chris-lamb.co.uk
>`-

Bug#896886: openmpi: upstream version 3.0.1 makes lots of autopkgtests flaky

[Alastair McKinstry]

Hi Graham

Yes, I'll package 3.1.0 ASAP. pmix 2.1.1 was uploaded today.
It appears all the outstanding FTBFS are due to MPI hangs in tests. I'm 
trying to get builds on armhf hardware to debug.


regards
Alastair


On 16/05/2018 14:52, Graham Inggs wrote:

Hi Alastair

In Ubuntu, we are having problems autopkgtests on armhf.  I still see 
several FTBFS for armhf in Debian [1] too.


Open MPI bug fix release 3.1.0 is now available [2].  Is there any 
chance this could be packaged soon?


Paul, I believe the other issue with ray is now fixed in git [3].

Regards
Graham


[1] https://release.debian.org/transitions/html/auto-openmpi.html
[2] 
https://www.mail-archive.com/announce@lists.open-mpi.org//msg00109.html
[3] 
https://salsa.debian.org/med-team/ray/commit/815c1cb5c9bd2ebb245855d7953c8dd97ccef569


--
Alastair McKinstry, , , 
https://diaspora.sceal.ie/u/amckinstry
Commander Vimes didn’t like the phrase “The innocent have nothing to fear,”
 believing the innocent had everything to fear, mostly from the guilty but in 
the longer term
 even more from those who say things like “The innocent have nothing to fear.”
 - T. Pratchett, Snuff

Bug#898845: RM: openggsn -- RoM; upstream replaced software by osmo-ggsn

[Thorsten Alteholz]

Package: ftp.debian.org
Severity: normal

openggsn is replaced by osmo-ggsn now

  Thorsten

Bug#898846: RFS: dtkwidget/2.0.8.1-1

[Yanhao Mo]

Package: sponsorship-requests
Severity: normal

Dear mentors,

I am looking for a sponsor for my package "dtkwidget"

* Package name: dtkwidget
  Version : 2.0.8.1-1
  Upstream Author : Deepin Technology Co., Ltd.
* URL : https://github.com/linuxdeepin/dtkwidget
* License : GPL-3+
  Section : libs

It builds those binary packages:

  libdtkwidget-dev - Deepin Tool Kit Widget library (development files)
  libdtkwidget2 - Deepin Tool Kit Widget library

To access further information about this package, please visit the following 
URL:

  https://mentors.debian.net/package/dtkwidget

Alternatively, one can download the package with dget using this command:

  dget -x 
https://mentors.debian.net/debian/pool/main/d/dtkwidget/dtkwidget_2.0.8.1-1.dsc

More information about hello can be obtained from
https://salsa.debian.org/pkg-deepin-team/dtkwidget

-- 
Yanhao Mo


signature.asc
Description: PGP signature

Bug#898822: [RFC] Detect data embeded image in html like file

[Bastien ROUCARIES]

On Wed, May 16, 2018 at 4:00 PM, Bastien ROUCARIES
 wrote:
> On Wed, May 16, 2018 at 11:33 AM, Chris Lamb  wrote:
>> retitle 898822 Detect data encoded/embedded in HTML "Data" URI schemes
>> severity 898822 wishlist
>> tags 898822 + moreinfo
>> thanks
>>
>> Hi Bastien,
>>
>> [..]
>>
>> I think some concrete examples here would be useful in triaging/
>> prioritising this, as well as working out whether it is feasible or
>> sensible :)
> Code search with request
> (https://codesearch.debian.net/search?q=src%3D%22data%3A&page=1&perpkg=1)
> give 75 packages affected:
> asciidoctor
> cacti
> chemical-structures
> chromium-browser
> ckeditor
> classified-ads
> diffoscope
> edbrowse
> firefox
> firefox-esr
> fontforge
> fossil
> gitinspector
> golang-github-microcosm-cc-bluemonday
> html5lib
> icingaweb2
> ikiwiki
> ipython
> jmol
> juli
> kmplayer
> kopano-webapp
> landslide
> libcgi-application-plugin-dbiprofile-perl
> libxml-atom-fromowl-perl
> libxml-atom-owl-perl
> lua-apr
> matplotlib
> mayavi2
> mediawiki
> nbconvert
> node-normalize.css
> notmuch
> oca-core
> openlp
> opennebula
> openscad
> pandoc
> php-doctrine-bundle
> php-getid3
> php-kdyby-events
> phpmyadmin
> python-cartopy
> python-darkslide
> python-mne
> python-pweave
> python-pydub
> python-pyqrcode
> python-qtconsole
> qtwebengine-opensource-src
> rails
> rapid-photo-downloader
> r-cran-knitr
> r-cran-repr
> r-cran-rmarkdown
> rdkit
> request-tracker4
> roundcube
> rss-bridge
> rubocop
> sagemath
> sass-spec
> simplesamlphp
> spip
> sympa
> thunderbird
> trac
> turbogears2-doc
> veusz
> virtuoso-opensource
> vistrails
> woo
> xhtml2pdf
> yt
> zotero-standalone-build
>
> Some are clearly abuse see:
> 1. 
> https://sources.debian.org/src/chemical-structures/2.2.dfsg.0-12/debian/patches/privacy.patch/?hl=10#L10
> (render package undistributable one of sourceforge logo)
> 2. 
> https://codesearch.debian.net/show?file=lua-apr_0.23.2.dfsg-4%2Fsrc%2Fbase64.c&line=33
> FTBFS not prefered modification source
> 3. 
> https://sources.debian.org/src/rubocop/0.52.1+dfsg-1/debian/patches/04-adjust-tests-due-to-rubocop-logo-removal-from-package.diff/?hl=25#L25
> (remove logo as file not as included base64 => RC undistributable)
> 4.https://sources.debian.org/src/fontforge/1:20170731%7Edfsg-1/debian/patches/2003_avoid_privacy_breach.patch/?hl=59#L59
> Border line could use the same trick that I have done in
> libjs-normalize.css to generate with js the image (not prefered source
> of modification)
>
> I have not checked all the package.
>
> another risk is to carry forbidden image like porn of think like this
> is this stuff. I prefer lintian to signal pedantically in order to
> manually check acceptance.
>
> Better safe than sorry

This request is also interesting:
https://codesearch.debian.net/search?q=href%3D%22data%3A&perpkg=1&page=1

>
> Bastien
>
>
>>
>> Best wishes,
>>
>> --
>>   ,''`.
>>  : :'  : Chris Lamb
>>  `. `'`  la...@debian.org / chris-lamb.co.uk
>>`-

Bug#898847: librosbag-dev: Missing dependency on libstd-srvs-dev

[Johannes Schauer]

Package: librosbag-dev
Version: 1.13.5+ds1-3
Severity: normal

Hi,

/usr/share/rosbag/cmake/rosbagConfig.cmake contains (around line 165):

set(depends "rosbag_storage;rosconsole;roscpp;std_srvs;topic_tools;xmlrpcpp")
foreach(depend ${depends})
  [...]
  find_package(${rosbag_dep} REQUIRED NO_MODULE)

the package already depends on librosbag-storage-dev, librosconsole-dev,
libroscpp-dev, libtopic-tools-dev and libxmlrpcpp-dev but it does *not*
yet depend on libstd-srvs-dev and thus, an error will be raised:

-- catkin 0.7.8
CMake Error at /usr/share/rosbag/cmake/rosbagConfig.cmake:165 (find_package):
  Could not find a package configuration file provided by "std_srvs" with any
  of the following names:

std_srvsConfig.cmake
std_srvs-config.cmake

  Add the installation prefix of "std_srvs" to CMAKE_PREFIX_PATH or set
  "std_srvs_DIR" to a directory containing one of the above files.  If
  "std_srvs" provides a separate development package or SDK, be sure it has
  been installed.

You can easily reproduce this with a simple CMakeLists.txt:

cmake_minimum_required(VERSION 3.9)
find_package(catkin REQUIRED COMPONENTS rosbag)

It would probably help to add a very simple autopkgtest to the package
which just tries to configure such a trivial CMake project. You could
get yourself inspired with what I did for orocos-bfl:

https://sources.debian.org/src/orocos-bfl/0.8.0-4/debian/tests/run-tests/

It will be much simpler though in this case. :)

Thanks!

cheers, josch

Bug#898848: libtasn1-6: FTBFS documentation test failure

[Helmut Grohne]

Source: libtasn1-6
Version: 4.13-2
Severity: serious
Tags: ftbfs
User: helm...@debian.org
Usertags: rebootstrap

libtasn1-6 fails to build from source in unstable (full build).

| Making check in reference
| make  check-TESTS
| make[5]: Entering directory '/<>/doc/reference'
| echo "#!/bin/sh -e" > gtkdoc-check.test; \
|   echo "/usr/bin/gtkdoc-check || exit 1" >> gtkdoc-check.test; \
|   chmod +x gtkdoc-check.test
| make[5]: Leaving directory '/<>/doc/reference'
| make[5]: Entering directory '/<>/doc/reference'
| FAIL: gtkdoc-check.test
| make[5]: Leaving directory '/<>/doc/reference'
| make[5]: Entering directory '/<>/doc/reference'
| =
|GNU Libtasn1 4.13: doc/reference/test-suite.log
| =
| 
| # TOTAL: 1
| # PASS:  0
| # SKIP:  0
| # XFAIL: 0
| # FAIL:  1
| # XPASS: 0
| # ERROR: 0
| 
| .. contents:: :depth: 2
| 
| FAIL: gtkdoc-check
| ==
| 
| Running suite(s): gtk-doc-libtasn1
| libtasn1-undocumented.txt:1:E: 104 undocumented or incomplete symbols
| libtasn1-undeclared.txt:1:E: 88 undeclared symbols
| 
| libtasn1-unused.txt:1:E: 1 unused documentation entries
| 
| /<>/doc/reference/libtasn1-docs.sgml:1:E: doesn't appear to 
include "xml/api-index-2.0.xml"
| /<>/doc/reference/libtasn1-docs.sgml:1:E: doesn't appear to 
include "xml/api-index-1.6.xml"
| /<>/doc/reference/libtasn1-docs.sgml:1:E: doesn't appear to 
include "xml/api-index-deprecated.xml"
| 0.0%: Checks 4, Failures: 4
| FAIL gtkdoc-check.test (exit status: 1)
| 
| 
| Testsuite summary for GNU Libtasn1 4.13
| 
| # TOTAL: 1
| # PASS:  0
| # SKIP:  0
| # XFAIL: 0
| # FAIL:  1
| # XPASS: 0
| # ERROR: 0
| 
| See doc/reference/test-suite.log
| Please report to help-libta...@gnu.org
| 
| make[5]: *** [Makefile:1288: test-suite.log] Error 1
| make[5]: Leaving directory '/<>/doc/reference'
| make[4]: *** [Makefile:1396: check-TESTS] Error 2
| make[3]: *** [Makefile:1462: check-am] Error 2
| make[2]: *** [Makefile:1350: check-recursive] Error 1
| make[1]: *** [Makefile:1027: check-recursive] Error 1
| dh_auto_test: make -j8 -Oline check VERBOSE=1 returned exit code 2
| make: *** [debian/rules:51: binary] Error 25
| dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 
2

A certain coincidence with the dh-autoreconf/18 upload cannot be ruled
out. Thus I added Julian to Cc.

A quick solution is appreciated as this breaks architecture bootstrap.

Helmut

Bug#898849: ITP: golang-github-satta-ifplugo -- ifplugd-powered network link status notification for Go

[Sascha Steinbiss]

Package: wnpp
Severity: wishlist
Owner: Sascha Steinbiss 

* Package name: golang-github-satta-ifplugo
  Version : 0.0~git20180516.4249335-1
  Upstream Author : Sascha Steinbiss
* URL : https://github.com/satta/ifplugo
* License : GPL-2.0
  Programming Lang: Go
  Description : network link status notification for Go

 ifplugo delivers network interface link information and link
 changes. It does this (on Linux) by using code from ifplugd
 (http://0pointer.de/lennart/projects/ifplugd/) to gather the necessary
 status information, then emits a status summary on a given channel. This
 summary (LinkStatusSample) is emitted on the first invocation and each
 time the state changes for at least one monitored interface.

Bug#898836: HTML validator error for templates/popup: Stray end tag "span".

[Simon McVittie]

Control: tags -1 + patch fixed-upstream

On Wed, 16 May 2018 at 14:07:23 +0200, Martin Michlmayr wrote:
> * Simon McVittie  [2018-05-16 13:01]:
> > That content isn't really meant to be rendered at all.
> 
> Right, but the problem is when I run "ikiwiki -v --plugin goodstuff website 
> html"
> then I end up with html/templates/popup/index.html (even though I
> don't use any popups).

html/templates/popup/index.html is meant to be rendered, but it isn't
meant to include the body of the template reinterpreted as (bad) Markdown,
only the documentation of the template. (Compare templates/note, which
doesn't render an empty notebox in its HTML form.)

> > If you change [[templatebody to [[!templatebody in the source, does
> > that resolve this?
> 
> I don't know.  I'll have to try later.

It looks as though it does, so I pushed that change upstream.

smcv

Bug#898828: [PKG-Openstack-devel] Bug#898828: horizon: [INTL:fr] French debconf translation update

[Thomas Goirand]

On 05/16/2018 12:28 PM, Alban Vidal wrote:
> Package: horizon
> Version: 3_13.0.0-4
> Severity: wishlist
> Tags: patch l10n
> 
> Dear Maintainer,
> 
> Please find attached the French debconf templates update, proofread by the
> debian-l10n-french mailing list contributors.
> 
> Best regards,
> 
> Alban Vidal

Hi Alban,

Thanks for this. Could you also have a look at openstack-pkg-tools,
which is from where all of OpenStack packages are taking translations?
If you complete the French translation there, then it will be used in
20+ packages.

Cheers,

Thomas Goirand (zigo)

Bug#898840: [iproute2] Bug#898840: Latest update breaks ip6 default gateway cli api

[Michal Kubecek]

On Wed, May 16, 2018 at 02:42:24PM +0100, Luca Boccassi wrote:
> Hans reported a regression in v4.16.0, ip route now requires -6 to be
> manually added when using v6 addresses while up to 4.15 it didn't, the
> commands quoted show the problem.
> 
> Bisecting shows that the following commit from Serhey introduced the
> problem:
> 
> 93fa12418dc6f5943692250244be303bb162175b
> utils: Always specify family and ->bytelen in get_prefix_1()
> 
> Could you please have a look when you have a moment? It's very easy to
> reproduce, and it breaks existing scripts and so on.

Fixed already:

--
mike@unicorn:~/work/git/iproute2> git --no-pager log --grep 93fa12418dc6
commit d42c7891d26e4d5616a55aac9fe10813767fcf9c
Author: David Ahern 
Date:   Fri Apr 13 09:36:33 2018 -0700

utils: Do not reset family for default, any, all addresses

Thomas reported a change in behavior with respect to autodectecting
address families. Specifically, 'ip ro add default via fe80::1'
syntax was failing to treat fe80::1 as an IPv6 address as it did in
prior releases. The root causes appears to be a change in family when
the default keyword is parsed.

'default', 'any' and 'all' are relevant outside of AF_INET. Leave the
family arg as is for these when setting addr.

Fixes: 93fa12418dc6 ("utils: Always specify family and ->bytelen in 
get_prefix_1()")
Reported-by: Thomas Deutschmann 
Signed-off-by: David Ahern 
Cc: Serhey Popovych 
--

Michal Kubecek

Bug#898347: Cleans and builds using python2 even when not asked to

[Niels Thykier]

Thomas Goirand:
> Package: debhelper
> Version: 11.2.1
> Severity: important
> 
> When using debhelper like this:
> 
>   dh $@ --buildsystem=python_distutils --with python3
> 
> then it still calls:
>   python setup.py clean
> and:
>   python setup.py build
> 
> when really, nobody asked for it to use Python 2. As a consequence, one has to
> override_dh_auto_{clean,build} just to make it not do it.
> 
> My suggestion is to make dh just clean and build with python3 when there's 
> only
> --with python3 and no --with python2.
> 
> Cheers,
> 
> Thomas Goirand (zigo)
> 

The python-distutils build system does not support python3 (see
#597105).  I note that the pybuild (third-party) build system seems to
do and probably a lot better / up to date than debhelper's variant ever
will.

Seems to me that the proper thing to do would be to retire the
python-distutils build system and have people migrate to the pybuild
build system.

Thanks,
~Niels

Bug#898850: ui-utilcpp: FTBFS: syntax error in configure script

[Sven Joachim]

Source: ui-utilcpp
Version: 1.8.5-2
Severity: serious

Your package FTBFS everywhere[1], the reason being that the configure
script has a syntax error after regeneration (but not before):

,
| $ bash -n ./configure
| $ dh_autoreconf
| libtoolize: putting auxiliary files in '.'.
| libtoolize: copying file './ltmain.sh'
| libtoolize: Consider adding 'AC_CONFIG_MACRO_DIRS([m4])' to configure.ac,
| libtoolize: and rerunning libtoolize and aclocal.
| libtoolize: Consider adding '-I m4' to ACLOCAL_AMFLAGS in Makefile.am.
| $ bash -n ./configure
| ./configure: line 2468: syntax error near unexpected token 
`src/ui-utilcpp/Exception.hpp,'
| ./configure: line 2468: `UI_INIT(src/ui-utilcpp/Exception.hpp, 
9:0:0,,,tar-pax)'
`

Could you please have a look?


1. https://buildd.debian.org/status/package.php?p=ui-utilcpp

Bug#897481: cofoja: FTBFS: [ujavac] /<>/src/com/google/java/contract/Invariant.java:36: error: unmappable character (0xC3) for encoding US-ASCII

[Emmanuel Bourg]

Control: forwarded -1 https://github.com/nhatminhle/cofoja/issues/52

The IllegalArgumentException thrown by ASM can be fixed either
by upgrading ASM or setting the source/target level on the  task.

There is another issue hidden behind this one though. Cofoja uses
internal JDK classes and it now breaks badly:

  build:
  [mkdir] Created dir: cofoja/obj/bare
 [ujavac] Compiling 86 source files to cofoja/obj/bare
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:20: 
error: package com.sun.source.tree does not exist
 [ujavac] import com.sun.source.tree.AnnotationTree;
 [ujavac]   ^
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:21: 
error: package com.sun.source.tree does not exist
 [ujavac] import com.sun.source.tree.AssignmentTree;
 [ujavac]   ^
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:22: 
error: package com.sun.source.tree does not exist
 [ujavac] import com.sun.source.tree.CompilationUnitTree;
 [ujavac]   ^
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:23: 
error: package com.sun.source.tree does not exist
 [ujavac] import com.sun.source.tree.ExpressionTree;
 [ujavac]   ^
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:24: 
error: package com.sun.source.tree does not exist
 [ujavac] import com.sun.source.tree.ImportTree;
 [ujavac]   ^
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:25: 
error: package com.sun.source.tree does not exist
 [ujavac] import com.sun.source.tree.LineMap;
 [ujavac]   ^
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:26: 
error: package com.sun.source.tree does not exist
 [ujavac] import com.sun.source.tree.NewArrayTree;
 [ujavac]   ^
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:27: 
error: package com.sun.source.tree.Tree does not exist
 [ujavac] import com.sun.source.tree.Tree.Kind;
 [ujavac]^
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:28: 
error: package com.sun.source.util does not exist
 [ujavac] import com.sun.source.util.SourcePositions;
 [ujavac]   ^
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:29: 
error: package com.sun.source.util does not exist
 [ujavac] import com.sun.source.util.TreePath;
 [ujavac]   ^
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:30: 
error: package com.sun.source.util does not exist
 [ujavac] import com.sun.source.util.Trees;
 [ujavac]   ^
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:61: 
error: cannot find symbol
 [ujavac] Trees treeUtils = Trees.instance(processingEnv);
 [ujavac] ^
 [ujavac]   symbol:   class Trees
 [ujavac]   location: class JavacUtils
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:61: 
error: cannot find symbol
 [ujavac] Trees treeUtils = Trees.instance(processingEnv);
 [ujavac]   ^
 [ujavac]   symbol:   variable Trees
 [ujavac]   location: class JavacUtils
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:66: 
error: cannot find symbol
 [ujavac] TreePath path = treeUtils.getPath(element, annotation);
 [ujavac] ^
 [ujavac]   symbol:   class TreePath
 [ujavac]   location: class JavacUtils
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:71: 
error: cannot find symbol
 [ujavac] CompilationUnitTree unitTree = path.getCompilationUnit();
 [ujavac] ^
 [ujavac]   symbol:   class CompilationUnitTree
 [ujavac]   location: class JavacUtils
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:72: 
error: cannot find symbol
 [ujavac] LineMap lineMap = unitTree.getLineMap();
 [ujavac] ^
 [ujavac]   symbol:   class LineMap
 [ujavac]   location: class JavacUtils
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:73: 
error: cannot find symbol
 [ujavac] SourcePositions positions = treeUtils.getSourcePositions();
 [ujavac] ^
 [ujavac]   symbol:   class SourcePositions
 [ujavac]   location: class JavacUtils
 [ujavac] cofoja/src/com/google/java/contract/core/apt/JavacUtils.java:75: 
error: cannot find symbol
 [ujavac] AnnotationTree annotationTree = (AnnotationTree) 
path.getLeaf();
 [ujavac] ^
 [ujavac]   symbol:   class AnnotationTree
 [ujavac]   location: class JavacUtils
 [ujavac] cofoja/src/com/google/java/contract/core/apt/J

Bug#898851: New upstream available: 6.38

[Yuri D'Elia]

Package: ipset
Version: 6.34-1
Severity: wishlist

Dear maintainer, there's a new upstream source for the userland utilities of
ipset (6.38) which fixes a parsing bug.

It would be nice to update the package.
Thanks!

-- System Information:
Debian Release: buster/sid
 APT prefers unstable
 APT policy: (900, 'unstable'), (800, 'experimental'), (500, 'unstable-debug')
Architecture: amd64 (x86_64)

Kernel: Linux 4.17.0-rc3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ipset depends on:
ii  iptables   1.6.2-1
ii  libc6  2.27-3
ii  libipset3  6.34-1

ipset recommends no packages.

ipset suggests no packages.