Bug#920482: apt update fails to update from repository missing optional Contents files

[Julian Andres Klode]

On Sat, Jan 26, 2019 at 12:39:16PM +1100, Andrew Worsley wrote:
> Package: apt
> Version: 1.8.0~alpha3.1
> Severity: important
> 
> 
>   I maintain a mirror via a local python script which doesn't bother to cache 
> the optional
> Contents files as described in
> https://wiki.debian.org/DebianRepository/Format#A.22Contents.22_indices :
>   
> "They are optional indices describing which files can be found in which 
> packages"
> 
>   But whilst my debian stretch box happily upgrades my stretch mirror my 
> buster
> mirror is no longer wanting to upgrade my testing box.
> 
>   If I add a URL for my mirror and an official mirror ftp.au.debian.org and 
> do an update
> it appears to fail to update from my mirror complaining about the missing 
> Contents file:

I think that's correct. While the Contents files are optional; if the Release 
file advertises
them, they better be there. 

Partial mirroring is simply not supported - if you advertise it, ship it. I 
mean, the same
applies to architectures or sections: If they're not mirrored, but enabled on a 
client,
they will fail as well.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer  i speak de, en

Bug#920491: nsd: new upstream release 4.1.26 available

[Ville Mattila]

Package: nsd
Version: 4.1.25-2
Severity: wishlist

Dear Maintainer,

Upstream has released a new version 4.1.26.

https://www.nlnetlabs.nl/projects/nsd/download/

Regards,
Ville Mattila

-- System Information:
Debian Release: buster/sid
  APT prefers cosmic-updates
  APT policy: (500, 'cosmic-updates'), (500, 'bionic-updates'), (500, 
'bionic-security'), (500, 'bionic'), (400, 'cosmic')
Architecture: amd64 (x86_64)

Kernel: Linux 4.15.0-43-generic (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages nsd depends on:
ii  adduser 3.116ubuntu1
ii  libc6   2.27-3ubuntu1
ii  libevent-2.1-6  2.1.8-stable-4build1
ii  libssl1.1   1.1.0g-2ubuntu4.3
ii  lsb-base9.20170808ubuntu1
ii  openssl 1.1.0g-2ubuntu4.3

nsd recommends no packages.

nsd suggests no packages.

-- Configuration Files:
/etc/nsd/nsd.conf changed [not included]

-- debconf information excluded

Bug#920482: apt update fails to update from repository missing optional Contents files

[Andrew Worsley]

On Sat, 26 Jan 2019, 6:57 pm Julian Andres Klode  On Sat, Jan 26, 2019 at 12:39:16PM +1100, Andrew Worsley wrote:
> > Package: apt
> > Version: 1.8.0~alpha3.1
> > Severity: important
> >
> >
> >   I maintain a mirror via a local python script which doesn't bother to
> cache the optional
> > Contents files as described in
> > https://wiki.debian.org/DebianRepository/Format#A.22Contents.22_indices
> :
> >
> 
>


> I think that's correct. While the Contents files are optional; if the
> Release file advertises
> them, they better be there.
>
> Partial mirroring is simply not supported - if you advertise it, ship it.
> I mean, the same
> applies to architectures or sections: If they're not mirrored, but enabled
> on a client,
> they will fail as well
>
...
Ok thanks that's clarified things a lot.
I guess if I don't want to mirror the contents file I would have to edit
the InRelease file which would break the signatures I guess.
 The option that marks the contents as missing also lets me handle this
nicely.
Ideally this could be added to the repository definition wiki and or
perhaps apt's error message could say file defined in InRelease file is not
present.
 Perhaps change but report into a wish list or something?
Andrew

>

Bug#920493: vlan: missing executable bit on /etc/network/*/vlan

[Gedalya]

Package: vlan
Version: 2.0.3

Hello,

/etc/network/if-pre-up.d/vlan and /etc/network/if-post-down.d/vlan are now 
installed without the 'x' bit set. This makes vlan interfaces in 
/etc/network/interfaces useless.

Thanks,

Gedalya

Bug#920447: thanks for the reminder

[Paolo Greppi]

Please see: https://bugs.debian.org/919413

I'd appreciate any help on that but I have got no response yet.

Paolo

Bug#919541: RFS: blastem/0.6.1-1 [ITP] -- Fast and accurate Genesis emulator

[Tobias Frost]

Control: tags -1 moreinfo

Metadata is wrong, upstream is not Carlos but Michael Pavone, 
https://www.retrodev.com/repos/blastem

(Please see #919540 for further information.)

On Thu, 17 Jan 2019 00:35:56 -0200 Carlos Donizete Froes <
corin...@riseup.net> wrote:
> Package: sponsorship-requests
> Severity: normal
> 
>   Dear mentors,
> 
>   I am looking for a sponsor for my package "blastem"
> 
>  * Package name: blastem
>Version : 0.6.1-1
>Upstream Author : Carlos Donizete Froes 
>  * URL : https://gitlab.com/coringao/blastem
>  * License : GPL-3+
>Section : games
> 
>   It builds those binary packages:
> 
>   blastem - Fast and accurate Genesis emulator
> 
>   To access further information about this package, please visit the
following URL:
> 
>   https://mentors.debian.net/package/blastem
> 
>   Alternatively, one can download the package with dget using this
command:
> 
>   dget -x 
https://mentors.debian.net/debian/pool/main/b/blastem/blastem_0.6.1-1.dsc
> 
>   More information about BlastEm can be obtained from 
https://www.retrodev.com/blastem.
> 
>   Regards,
>Carlos Donizete Froes [a.k.a coringao]
> 
> 

Bug#919540: Export my package BlastEm to the Debian Games team

[Tobias Frost]

On Fri, Jan 25, 2019 at 10:06:18PM -0200, Carlos Donizete Froes wrote:
> Hi Tobias,
> 
> > Sorry, that I have again to be the game spoiler, but as I asked you
> > already on diffeent software but on quite a similiar situation:
> > 
> > _Why_ did you fork this?
> > 
> > There are no obvious reasons, upstream[1] is very active (and has
> > actually released a newer version than yours) and your changes to the
> > source code are fixing typos, and those mostly in comments. I could not
> > find any difference that. That does NOT make you the upstream author.
> > 
> > Maybe I was not explict enough: Such forks are damaging to the FLOSS
> > ecosystem. Forks should ONLY done for severe reasons.
> > 
> > Forks like this one might be even seen as quite offensive, as it
> > looks like that you want to take credits where credits are not due.
> > 
> > Work with upstream. Do not fork without *severe* reasons.
> > 
> > IMHO, if we include blastem, than from [1].
> 
> As the upstream is working with Mercurial, at the moment we were talking 
> about migrating to my
> GitLab account and the procedure to start the packaging and permission to 
> make small changes to
> reduce the huge amount of lintian errors and warnings.

So, ok; but this is not a reason to say:

  Upstream Author : Carlos Donizete Froes 

in #919540 and setting your gitlab repository as upstream repository in
the packaging. Actually, this is misleading and I also find this unfair
to Michael Pavone.
You can really alienate upstreams by claiming their work
is yours. You surely understand that this is bad and against the
spirit of Open Source and Debian.

From the posted mails in #919540 I cannot see that upstream agreed to
move everything to your repository, his words were, which IMHO as quite
different meaning and does not even touch the topic you seem to read out
of it:
"I realize Mercurial is a bit unfashionable these days, but I believe
there is a bridge that allows git to interop with it. Pulling from the
public repo will make it easier for me to accept your changes upstream.
Assuming that's what you want anyway."

(And I wonder why you set the gitlab as upstream repository, while you
seem to collaborate on github)

> Please follow the email contacts I had with the upstream.[1]
> 
> [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919540
> 
> I'm sorry for giving you a poor opinion that I only make corrections for 
> typos in my comments,
> please check my comments again. :(

I did a complete diff against upstream [1] and your repo [2], both
"trunk" for that. And the only behaviourl change seems to be

--- blastem-ba3fb7a3be6b/zlib/gzlib.c   2019-01-23 06:15:38.0 +0100
+++ blastem/zlib/gzlib.c2019-01-25 20:15:47.852968532 +0100
@@ -291,6 +291,7 @@
 gzFile gz;

 if (fd == -1 || (path = (char *)malloc(7 + 3 * sizeof(int))) == NULL)
+free(path);
 return NULL;
 #if !defined(NO_snprintf) && !defined(NO_vsnprintf)
 (void)snprintf(path, 7 + 3 * sizeof(int), "", fd);
diff -Naur blastem-ba3fb7a3be6b/zlib/trees.c blastem/zlib/trees.c

(which introduces a bug, as the return is no longer conditional.)

So either I'm right and there are no siginifant changes, or upstream has
merged everything you have provided, but that means that upstream is [2]
not you.

[1] https://gitlab.com/coringao/blastem
[2] https://www.retrodev.com/repos/blastem

> I do not want to be the author of the software. All the work I do, I'm always 
> communicating with the
> upstream. The reason is to help the upstream get their software in Debian. :)

Then do not claim being the upstream author in the first place.

> BlastEm (0.6.2-1) found in mentors.d.o[2] is the most current one with some 
> fixes for which the
> upstream itself made the changes to start Debian packaging.[3][4]

Ok, then this is an good occasion to fix those issues.

> [2] https://mentors.debian.net/package/blastem
> 
> [3] https://gitlab.com/coringao/blastem/commits/master
> 
> [4] https://www.retrodev.com/repos/blastem
> 
> Thanks!
> 
> -- 
> ⢀⣴⠾⠻⢶⣦⠀ Carlos Donizete Froes [a.k.a coringao]
> ⣾⠁⢠⠒⠀⣿⡁ - https://wiki.debian.org/coringao
> ⢿⡄⠘⠷⠚⠋⠀ GPG: 4096R/B638B780
> ⠈⠳⣄⠀⠀⠀  2157 630B D441 A775 BEFF  D35F FA63 ADA6 B638 B780




signature.asc
Description: PGP signature

Bug#919138: wpasupplicant: Fails to connect to some Wifi networks on version 2:2.7-3

[Andrej Shadura]

On Sun, 13 Jan 2019 at 04:18, Different55  wrote:
>
> Package: wpasupplicant
> Version: 2:2.6-21
> Severity: important
>
> Dear Maintainer,
>
> Running vanilla Debian Sid on my laptop here. Upgraded last night and when I
> woke up in the morning my Wifi had stopped working. It refused to connect to 
> my
> home Wifi anymore, although my phone's hotspot still worked fine.
>
> Freshly reinstalled Debian Buster this evening, upgrade back to Sid and the
> Wifi failed shortly after the wpa_supplicant package was upgraded to version
> 2:2.7-3. Downgrading to wpasupplicant back to the version in Buster (2:2.6-21)
> returning things to a working state.
>
> I attached some relevant-looking bits from journalctl.

Could you please test again with 2:2.7+git20190108+11ce7a1-2 from
experimental? Thanks!

-- 
Cheers,
  Andrej

Bug#918120: ITP: bpftrace -- high-level tracing language for Linux eBPF

[Vincent Bernat]

 ❦ 25 janvier 2019 22:54 +01, Michael Prokop :

>> * Package name: bpftrace
>>   Version : git
>>   Upstream Author : IO Visor Project
>> * URL : https://github.com/iovisor/bpftrace
>> * License : Apache 2
>>   Programming Lang: C++
>>   Description : high-level tracing language for Linux eBPF
>
> [...]
>
>> The copyright assignment is currently not precise enough. Original
>> author is Previously, Alastair Robertson.
>
> Has this been sorted out in the meanwhile?
> Or put differently, any news regarding the bpftrace package,
> would be great to have it available in/with buster!

Yes, it has been sorted out upstream. I'll try to work on the packaging
shortly.
-- 
Follow each decision as closely as possible with its associated action.
- The Elements of Programming Style (Kernighan & Plauger)


signature.asc
Description: PGP signature

Bug#920494: mark htmldoc Multi-Arch: foreign

[Helmut Grohne]

Package: htmldoc
Version: 1.9.3-1
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap
Control: affects -1 + src:mathomatic

mathomatic fails to cross build from source, because it fails running
htmldoc with an Exec format error. Given that htmldoc exclusively deals
with architecture-independent file formats (html, pdf, etc.) marking it
Multi-Arch: foreign is the way to fix that. Please consider applying the
attached patch.

Helmut
diff --minimal -Nru htmldoc-1.9.3/debian/changelog 
htmldoc-1.9.3/debian/changelog
--- htmldoc-1.9.3/debian/changelog  2018-04-11 20:04:27.0 +0200
+++ htmldoc-1.9.3/debian/changelog  2019-01-26 09:10:55.0 +0100
@@ -1,3 +1,9 @@
+htmldoc (1.9.3-2) UNRELEASED; urgency=medium
+
+  * Mark htmldoc Multi-Arch: foreign. (Closes: #-1)
+
+ -- Helmut Grohne   Sat, 26 Jan 2019 09:10:55 +0100
+
 htmldoc (1.9.3-1) unstable; urgency=medium
 
   * QA upload.
diff --minimal -Nru htmldoc-1.9.3/debian/control htmldoc-1.9.3/debian/control
--- htmldoc-1.9.3/debian/control2018-04-11 20:04:27.0 +0200
+++ htmldoc-1.9.3/debian/control2019-01-26 09:10:52.0 +0100
@@ -16,6 +16,7 @@
 
 Package: htmldoc
 Architecture: any
+Multi-Arch: foreign
 Depends: htmldoc-common,
  ${misc:Depends},
  ${shlibs:Depends}

Bug#920374: python-openssl: _ASN1_TYPE_TO_ENUM TypeError: 'type' object is not iterable

[thematsche]

Am Fri, 25 Jan 2019 21:31:26 -0500
schrieb Sandro Tosi :

> control: tags -1 +unreproducible +moreinfo
> 
> > >>> from OpenSSL import crypto, SSL  
> > Traceback (most recent call last):
> >   File "", line 1, in 
> >   File "/usr/lib/python2.7/dist-packages/OpenSSL/__init__.py", line
> > 8, in  from OpenSSL import crypto, SSL
> >   File "/usr/lib/python2.7/dist-packages/OpenSSL/crypto.py", line
> > 12, in  from cryptography import x509
> >   File
> > "/usr/lib/python2.7/dist-packages/cryptography/x509/__init__.py",
> > line 8, in  from cryptography.x509.base import ( File
> > "/usr/lib/python2.7/dist-packages/cryptography/x509/base.py", line
> > 16, in  from cryptography.x509.extensions import Extension,
> > ExtensionType File
> > "/usr/lib/python2.7/dist-packages/cryptography/x509/extensions.py",
> > line 24, in  from cryptography.x509.general_name import
> > GeneralName, IPAddress, OtherName File
> > "/usr/lib/python2.7/dist-packages/cryptography/x509/general_name.py",
> > line 18, in  from cryptography.x509.name import Name File
> > "/usr/lib/python2.7/dist-packages/cryptography/x509/name.py", line
> > 28, in  _ASN1_TYPE_TO_ENUM = dict((i.value, i) for i in
> > _ASN1Type) TypeError: 'type' object is not iterable  
> 
> I cannot replicate this crash in an up-to-date chroot, are you sure
> there's nothing wrong on your system?
> 

h, in which way?
I tried out:
apt-get install --reinstall python-enum34
apt-get install --reinstall python-openssl
apt-get install --reinstall python-cryptography

No success.

Any more detailed proposals?

But maybe debian has now some standard answers. :/

https://www.mail-archive.com/debian-bugs-closed@lists.debian.org/msg579616.html

Bug#655198: live-installer does not remove live packages in the installed system

[John Crawley]

Hello,
I ran into this issue last year making a derivative (BunsenLabs) live  
iso with live-build, and patched live-installer (53) to honour  
/cdrom/live/filesystem.packages-remove and enable the functionality  
described in Live-Manual 8.2.7 [1]


Just for reference, here's what we did:

1) I added finish-install.d/14copy-pkg-lists, which runs just before  
15cdrom-detect, and copies  
/cdrom/live/filesystem.packages-{remove,install} to  
/var/cache/live-installer/ (arbitary choice of directory).


2) finish-install.d/60remove-live-packages now looks at  
/var/cache/live-installer/filesystem.packages-remove for packages to remove.


3) Awk seems not to be available to the d-i hook scripts. I got "not  
found" errors when trying to use the existing code in  
60remove-live-packages, and likewise in a TTY shell during installation.  
No other d-i hooks invoke awk.
I did note, however, that live-installer's postinst script calls it on  
line 153 with no apparent ill-effects. (Maybe when install_live_system  
() is called the cdrom has already been unmounted, so the absence  
of/cdrom/live/filesystem.packages-install masks the unsupported awk?)


Anyway, to separate the first word on a line is a trivial task that can  
be done by 'read', which I substituted thus (now adding the forgotten  
read -r option):


# Remove packages as specified in specific package removal list
for list in /var/cache/live-installer/filesystem.packages-remove; do
if [ -e $list ]; then
while read -r package otherstuff; do
if [ -f /target/var/lib/dpkg/info/${package}.list ]; 
then
packages="$packages $package"
do_initrd=true
fi
done < "$list"
fi
done

4) Instead of purging packages individually I collected them all into a  
list for a single run of

in-target apt-get --yes purge

NOTE) Users of live-build might want to add a binary hook script to make  
sure that any live-only packages that have been provided as local .deb  
files get added to filesystem.packages-remove. Otherwise they are left  
off because local debs are installed in the first run of  
chroot_install-packages.


FWIW I'm attaching the patch on live-installer 53.

[1]  
https://live-team.pages.debian.net/live-manual/html/live-manual/customizing-package-installation.en.html#429


--
John
Description: Remove packages in /cdrom/live/filesystem.packages-remove.
 Packages listed in /cdrom/live/filesystem.packages-remove
 will be uninstalled at the finish-install phase of debian-installer.
 Intended to enable correct functionality of Live-Manual 8.2.7,
 raised and partly patched in Debian bug #655198.
Author: John Crawley 
Last-Update: 2018-03-25
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- /dev/null
+++ b/README
@@ -0,0 +1,12 @@
+Warning: This udeb package is for building debian-installer images only.
+Do not install it on a normal Debian system.
+
+This is a patched version of live-installer-54
+to make live-build's package.list.chroot_{install,live} syntax work.
+
+Packages listed in /cdrom/live/filesystem.packages-remove
+will be uninstalled at the finish-install phase of debian-installer.
+
+A binary hook needs to be added to live-build's config/hooks/normal
+to ensure that local debs are also added to filesystem.packages-remove
+if they are in *.list.chroot_live
--- /dev/null
+++ b/finish-install.d/14copy-pkg-lists
@@ -0,0 +1,15 @@
+#!/bin/sh -e
+
+# Copy package install/remove lists from cdrom before it's unmounted.
+
+lists='/cdrom/live/filesystem.packages-remove 
/cdrom/live/filesystem.packages-install'
+cachedir='/var/cache/live-installer'
+
+for list in $lists
+do
+   if [ -e "$list" ]
+   then
+   mkdir -p "$cachedir"
+   cp "$list" "$cachedir"
+   fi
+done
--- a/finish-install.d/60remove-live-packages
+++ b/finish-install.d/60remove-live-packages
@@ -1,20 +1,18 @@
 #!/bin/sh -e
 
 do_manual_removal=true
+packages=
 
 # Remove packages as specified in specific package removal list
-for list in /cdrom/live/filesystem.packages-remove; do
+for list in /var/cache/live-installer/filesystem.packages-remove; do
if [ -e $list ]; then
-   do_manual_removal=
+   while read package otherstuff; do
+   if [ -f /target/var/lib/dpkg/info/${package}.list ]; 
then
+   packages="$packages $package"
do_initrd=true
 
-   for package in $(awk '{ print $1 }' $list); do
-   if [ -f /target/var/lib/dpkg/info/$package.list ]; then
-   packages="$packages $package"
fi
-   done
-
-   in-target apt-get --yes purge $packages
+   done < "$list"
fi
 done
 
@@ -25,12 +23,16 @@ done
 if [ $do_manual_removal ]; then
for package in live-boot live

Bug#920495: Typo error in /etc/init.d/rpcbind

[Manfred Hampl]

Package: rpcbind
Version: 1.2.5-0.3
Severity: minor

The file /etc/init.d/rpcbind (created from debian/init.d) contains a typo error 
in line 51.

Instead of
log_action_msg "Already running: rcpbind"
it most probably should read
log_action_msg "Already running: rpcbind"

This swapping of letters seems to be there also in older versions, at least 
since 0.2.1-6

(This bug was first detected and reported in Ubuntu, 
https://bugs.launchpad.net/ubuntu/+source/rpcbind/+bug/1813289 but was 
identified as being inherited from Debian.)

Bug#914641: faad2: CVE-2018-19502 CVE-2018-19503 CVE-2018-19504

[Salvatore Bonaccorso]

Control: retitle -1 faad2: CVE-2018-19502 CVE-2018-19503 CVE-2018-19504 
CVE-2019-6956

On Sun, Nov 25, 2018 at 09:47:22PM +0100, Salvatore Bonaccorso wrote:
> Source: faad2
> Version: 2.8.8-1
> Severity: important
> Tags: security upstream
> Forwarded: https://sourceforge.net/p/faac/bugs/240/
> 
> Hi,
> 
> The following vulnerabilities were published for faad2.
> 
> CVE-2018-19502[0]:
> | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2)
> | 2.8.1. There was a heap-based buffer overflow in the function
> | excluded_channels() in libfaad/syntax.c.
> 
> CVE-2018-19503[1]:
> | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2)
> | 2.8.1. There was a stack-based buffer overflow in the function
> | calculate_gain() in libfaad/sbr_hfadj.c.
> 
> CVE-2018-19504[2]:
> | An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2)
> | 2.8.1. There is a NULL pointer dereference in ifilter_bank() in
> | libfaad/filtbank.c.

One more issue was reported (unfortunately in the same upstream bug,
so add it to the list here as well) in
https://sourceforge.net/p/faac/bugs/240/  which later on was assigned
CVE-2019-6956.

CVE-2109-6956 relates to the issue in
https://github.com/TeamSeri0us/pocs/blob/master/faad/global-buffer-overflow%40ps_mix_phase.md

Regards,
Salvatore

Bug#920496: distcc: [INTL:fr] French debconf translation update

[Quentin Lejard]

Package: distcc
Version: 3.3.2-5
Severity: wishlist
Tags: patch l10n

Dear Maintainer,

Please find attached the French debconf templates update, proofread by the
debian-l10n-french mailing list contributors.

Best regards,

Quentin Lejard


-- System Information:
Debian Release: 9.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.93-mainline-rev1 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set 
to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
# Translation of distcc debconf templates to French
# Copyright (C) 2007 Christian Perrier 
# Copyright (C) 2009-2019 Debian French l10n team 

# This file is distributed under the same license as the distcc package.
#
#
# Christian Perrier , 2007, 2008, 2009, 2010.
# Quentin Lejard , 2019.
msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: dis...@packages.debian.org\n"
"POT-Creation-Date: 2018-12-22 18:41+0100\n"
"PO-Revision-Date: 2019-01-18 12:53+0100\n"
"Last-Translator: Quentin LEJARD \n"
"Language-Team: French \n"
"Language: fr\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Lokalize 2.0\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"

#. Type: boolean
#. Description
#: ../distcc.templates:1001
msgid "Start the distcc daemon on startup?"
msgstr "Faut-il lancer le démon distcc au démarrage ?"

#. Type: boolean
#. Description
#: ../distcc.templates:1001
msgid ""
"distcc can be run as a daemon, listening on port 3632 for incoming "
"connections."
msgstr ""
"Distcc peut fonctionner avec un démon qui sera à l'écoute des connexions "
"entrantes sur le port 3632."

#. Type: boolean
#. Description
#: ../distcc.templates:1001
msgid ""
"You have the option of starting the distcc daemon automatically on the "
"computer startup. If in doubt, it's advised not to start it automatically on "
"startup. If you later change your mind, you can run: 'dpkg-reconfigure "
"distcc'."
msgstr ""
"Vous pouvez lancer le démon distcc automatiquement au démarrage du système. "
"Dans le doute, vous devriez vous en abstenir. Si vous souhaitez modifier ce "
"réglage plus tard, vous pourrez utiliser la commande « dpkg-reconfigure "
"distcc »."

#. Type: string
#. Description
#: ../distcc.templates:2001
msgid "Allowed client networks:"
msgstr "Réseaux clients autorisés :"

#. Type: string
#. Description
#: ../distcc.templates:2001
msgid ""
"The distcc daemon implements access control based on the IP address of the "
"client, that is trying to connect. Only the hosts or networks listed here "
"are allowed to connect."
msgstr ""
"Le démon distcc permet un contrôle d'accès basé sur l'adresse IP des clients "
"qui s'y connectent. Veuillez indiquer ici les hôtes ou réseaux qui seront "
"acceptés."

#. Type: string
#. Description
#: ../distcc.templates:2001
#| msgid ""
#| "You can list multiple hosts and/or networks, separated by spaces. Hosts "
#| "are represented by their IP address, networks have to be in CIDR "
#| "notation, f.e. \"192.168.1.0/24\"."
msgid ""
"You can list multiple hosts and/or networks, separated by spaces. Hosts are "
"represented by their IP address, networks have to be in CIDR notation, e.g. "
"\"192.168.1.0/24\"."
msgstr ""
"Vous pouvez indiquer plusieurs hôtes ou des réseaux entiers, séparés par des "
"espaces. Les hôtes sont représentés par leur adresse IP et les réseaux "
"doivent utiliser la notation CIDR, par exemple « 192.168.1.0/24 »."

#. Type: string
#. Description
#: ../distcc.templates:2001
msgid ""
"To change the list at a later point, you can run: 'dpkg-reconfigure distcc'."
msgstr ""
"Si vous souhaitez modifier la liste des réseaux autorisés plus tard, vous "
"pourrez utiliser la commande « dpkg-reconfigure distcc »."

#. Type: string
#. Description
#: ../distcc.templates:3001
msgid "Listen interfaces:"
msgstr "Interfaces d'écoute :"

#. Type: string
#. Description
#: ../distcc.templates:3001
msgid "The distcc daemon can be bound to a specific network interface."
msgstr "Le démon distcc peut être à l'écoute d'une interface spécifique."

#. Type: string
#. Description
#: ../distcc.templates:3001
msgid ""
"You probably want to choose the interface of your local network by entering "
"its IP address. If distccd should listen on all interfaces, just enter "
"nothing."
msgstr ""
"Si vous souhaitez utiliser l'interface de votre réseau local, veuillez "
"indiquer ici son adresse IP. Si vous souhaitez que distcc soit à l'écoute de "
"toutes les interfaces, il suffit de laisser ce champ vide."

#. Type: string
#. Description
#: ../distcc.templates:3001
msgid ""
"Be sure to protect distccd from unauthorized access, by being careful in "
"your choice of the listen interface and allowed networks. distccd should  "
"never be accessible

Bug#920497: clblas: *ger out of bounds memory access under pocl

[Rebecca N. Palmer]

Package: libclblas2,libpocl2
Version: 2.12-1,1.2-3
(and also 1.2-2, but the below is from -3)

libgpuarray's test_ger (DEVICE=opencl0:0 POCL_KERNEL_CACHE=0 nosetests3 
-v pygpu.tests.test_blas:test_ger, requires python3-pygpu, python3-nose, 
python3-scipy, ocl-icd-opencl-dev, libclblas-dev) crashes with memory 
corruption errors (e.g. "double free" - exact message varies) under 
clblas+pocl.  Changing the test matrix size (default 4x5) to 64x64 (i.e. 
a whole number of clblas blocks - 16x64 or 64x16 depending on array 
order) makes it stop crashing.


clblas' 
https://sources.debian.org/src/clblas/2.12-1/src/samples/example_sger.c/ 
(5x5 matrix, with CL_DEVICE_TYPE_GPU changed to _ALL) doesn't actually 
crash, but Valgrind says the kernel is reading and writing out-of-bounds 
memory.


The kernel source has what look like proper bounds checks for the 
edge-of-matrix blocks 
(https://sources.debian.org/src/clblas/2.12-1/src/library/blas/gens/clTemplates/ger.cl/#L263), 
but disassembling the kernel suggests these aren't there in the binary:


#no cache is to avoid #919824
$ POCL_KERNEL_CACHE=0 valgrind --track-origins=yes --vgdb=yes 
--vgdb-error=0 ./example_sger &

$ gdb ./example_sger

(relevant part - => is current position)
   0x04853a0f <+2303>:  mov$0x1,%eax # eax isn't 1 so we 
didn't arrive straight down from here - the next 4 jumps are the only 
ones into here

--Type  for more, q to quit, c to continue without paging--
   0x04853a14 <+2308>:  mov0x20(%rbx),%rcx
   0x04853a18 <+2312>:  nopl   0x0(%rax,%rax,1)
   0x04853a20 <+2320>:  mov%rdi,0x10(%rbx)
   0x04853a24 <+2324>:  mov%rsi,0x28(%rbx)
   0x04853a28 <+2328>:  mov%rsi,%r9
   0x04853a2b <+2331>:  mov%rdx,0x30(%rbx)
   0x04853a2f <+2335>:  mov%rdx,%r11
   0x04853a32 <+2338>:  mov%r10,0x38(%rbx)
   0x04853a36 <+2342>:  mov%r10,%rdi
   0x04853a39 <+2345>:  mov%rcx,0x20(%rbx)
   0x04853a3d <+2349>:  xor%r10d,%r10d
   0x04853a40 <+2352>:  cmp%r14,%rax
   0x04853a43 <+2355>:  mov0x40(%rbp),%r15
   0x04853a47 <+2359>:  mov0x30(%rbp),%r13d
   0x04853a4b <+2363>:  mov0x48(%rbx),%r8
   0x04853a4f <+2367>:  jae0x4853a9d 
<_pocl_launcher_Sger_R_kernel+2445>

   0x04853a51 <+2369>:  nopw   %cs:0x0(%rax,%rax,1)
   0x04853a5b <+2379>:  nopl   0x0(%rax,%rax,1)
   0x04853a60 <+2384>:  mov(%r9,%rax,4),%edx
   0x04853a64 <+2388>:  mov(%r11,%rax,4),%esi
   0x04853a68 <+2392>:  shl$0x4,%rsi
   0x04853a6c <+2396>:  vmulps (%r12,%rsi,1),%xmm0,%xmm1 # temp 
=  yRegS *  alpha ;
   0x04853a72 <+2402>:  mov(%rdi,%rax,4),%esi # row index 
to esi

--Type  for more, q to quit, c to continue without paging--
   0x04853a75 <+2405>:  imul   %r13d,%esi # esi = row*lda, lda 
in r13d
   0x04853a79 <+2409>:  lea(%r8,%rsi,4),%rsi #row start to 
rsi , r8 is base of A
   0x04853a7d <+2413>:  vbroadcastss (%r15,%rdx,4),%xmm2 # load 
xreg to xmm2 - r15 = localX base, tIDy in rdx here
   0x04853a83 <+2419>:  mov(%rcx,%rax,4),%edx # column 
index to edx

   0x04853a86 <+2422>:  vmulps %xmm1,%xmm2,%xmm1 # * of mad
=> 0x04853a8a <+2426>:  vaddps (%rsi,%rdx,4),%xmm1,%xmm1 #vload 
(out of bounds read - edx (col) is too big) and + of mad

   0x04853a8f <+2431>:  vmovups %xmm1,(%rsi,%rdx,4) #vstore
   0x04853a94 <+2436>:  add$0x1,%rax
   0x04853a98 <+2440>:  cmp%rax,%r14 # r14 is group size 
... is this the loop over workitems, with rax = local ID and (..,rax,4) 
= private variables?  and if it is, where are the bounds checks? 
(...which is the bug...)
   0x04853a9b <+2443>:  jne0x4853a60 
<_pocl_launcher_Sger_R_kernel+2384> # must have arrived from here

   0x04853a9d <+2445>:  add$0x1,%r10
   0x04853aa1 <+2449>:  mov0xc8(%rbx),%rax
   0x04853aa8 <+2456>:  add%rax,%rcx
   0x04853aab <+2459>:  add%rax,%rdi
   0x04853aae <+2462>:  add%rax,%r11
   0x04853ab1 <+2465>:  add%rax,%r9
   0x04853ab4 <+2468>:  mov$0x0,%eax
   0x04853ab9 <+2473>:  cmp0x70(%rbx),%r10
   0x04853abd <+2477>:  jb 0x4853a40 
<_pocl_launcher_Sger_R_kernel+2352>

   0x04853abf <+2479>:  mov0x10(%rbx),%rdi
   0x04853ac3 <+2483>:  add$0x1,%rdi
   0x04853ac7 <+2487>:  mov0x20(%rbx),%rcx
--Type  for more, q to quit, c to continue without paging--
   0x04853acb <+2491>:  mov0xf8(%rbx),%rax
   0x04853ad2 <+2498>:  add%rax,%rcx
   0x04853ad5 <+2501>:  mov0x38(%rbx),%r10
   0x04853ad9 <+2505>:  add%rax,%r10
   0x04853adc <+2508>:  mov0x30(%rbx),%rdx
   0x04853ae0 <+2512>:  add%rax,%rdx
   0x04853ae3 <+2515>:  mov0x28(%rbx),%rsi
   0x048

Bug#538304: Clarifying a few things

[Dmitry Bogatov]

[2019-01-24 19:42] Jesse Smith 
> I'm looking into this bug in insserv and want to make sure I'm
> understanding the issue correctly. As I read it, the problem is that if
> the user specifies the same runlevel in both the Default-Start and
> Default-Stop fields, insserv will set up the "Stop" symbolic link, but
> will not complain about it?
>
> Ideally, insserv should probably still use this behaviour, but print a
> warning that the same runlevels should not be listed in both the
> Default-Start and Default-Stop fields. Is this a correct summary of the
> above request?

While in this particular case submitter (Petter Reinholdtsen) is
subscribed to list, in general you may want to add NNN-submitter address
to make sure, that initial submitter read your email.

Thank you for your work, Jesse.
-- 
Note, that I send and fetch email in batch, once every 24 hours.
 If matter is urgent, try https://t.me/kaction
 --

Bug#914788: Please don't enable getty services for tty devices that don't exist

[Dmitry Bogatov]

[2019-01-25 10:34] Andras Korn 
> I believe instead of
>
> rm /etc/service/getty-@TTY@
>
> you should do
>
> rm "$(pwd)"
>
> because then it won't matter what the service is called and where the
> runsvdir root is (/etc/service or somewhere else).

I find it unsafe. Explicit is better implicit.

> Also, this seems redundant:
>
> #!/usr/bin/env /lib/runit/invoke-run
>
> why not just "#!/lib/runit/invoke-run"?

Because kFreeBSD kernel requires script interpreter to be compiled.
Portability.

> While invoke-run, as an interpreter, is an original idea, I'd make it a
> scriptlet a run script can source via ". /lib/runit/invoke-run". Then it
> wouldn't be necessary to export all variables the configuration sets and
> thereby clutter the environment of the daemon.
>
> The envdir bit could be handled by a construct like
>
> if [ -z "$1" ]; then
>   SVDIR="$(dirname $(readlink -f "$0")"
>   if [ -e "$SVDIR/conf" ]; then
>   exec chpst -e "$SVDIR/conf" -- "$0" "envdir-done"
> fi

Complicated. And depends on $0 trickery. We, at sysvinit team, had
problems with $0 trickery.

What is so bad about cluttering environment of daemon?

> (But then /etc/default/foo would have to take precedence over sv/foo/conf,
> because the /etc/default/foo variables would be lost during the exec since
> we want to avoid exporting them.)

This too. I want daemontools-style take precedence over sysvinit style.

> > Please,
> > 
> >  * build it (it will build runit-2.1.2-22, sorry for version havoc)
> >  * install bin:runit
> >  * install bin:getty-run
> >  * write "yes" into /etc/getty-tty1/conf/GIVE_UP_ON_MISSING_TTY file
>
> While this would work, it doesn't improve my situation: you're making me
> jump through hoops to get sensible behaviour. Creating these files isn't
> less effort than deleting the getty services on installation, so it just
> adds complexity and abstraction with no real benefit.

Not exactly. You mentioned that option to pre-seed debconf would help
you. I provide you with way to pre-provision system -- create
/etc/default/getty-tty{1..6} before installing runit.

After installing getty-run, you would get behaviour you want. Or I
missed the point?

> I still think the postinst modification I suggested (not installing
> getty services for non-existing tty devices) would be the cleanest
> solution.

And what if there were no tty on installation time, and after that they
appeared? (No idea, why, never dealt with devices without tty.)

As you can understand, I am wary about defaulting on behavior, that can
leave user without means to login.
-- 
Note, that I send and fetch email in batch, once every 24 hours.
 If matter is urgent, try https://t.me/kaction
 --

Bug#920498: os-prober generates jessy entry with bad UUID

[Joachim Schmidt]

Package: os-prober
Version: 1.76~deb9u1
Severity: important

Dear Maintainer,

os-prober generates an incorrect entry for old debian (jessie) partition.
UUID 28cc... is OK
UUID d4c0... is bad - with blkid there is no such UUID on my system

menuentry 'Debian GNU/Linux 8 (jessie) (auf /dev/sdb4)' --class debian --class
gnu-linux --class gnu --class os $menuentry_id_option 'osprober-gnulinux-
simple-28cc3074-3d74-4a0f-87b6-e0898d2a1e15' {
insmod part_gpt
insmod ext2
set root='hd1,gpt4'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd1,gpt4 --hint-
efi=hd1,gpt4 --hint-baremetal=ahci1,gpt4 --hint='hd1,gpt4'
28cc3074-3d74-4a0f-87b6-e0898d2a1e15
else
  search --no-floppy --fs-uuid --set=root
28cc3074-3d74-4a0f-87b6-e0898d2a1e15
fi
linux /boot/vmlinuz-3.16.0-4-amd64
root=UUID=d4c01c5a-d679-4725-bde1-bd56bc592d0e ro quiet
initrd /boot/initrd.img-3.16.0-4-amd64
}

I run update-grub some times with always the same result.
If I change the UUID in the linux line to 28cc.. then I can boot.

Thank You
Joachim



-- System Information:
Debian Release: 9.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 
'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-8-amd64 (SMP w/3 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), 
LANGUAGE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages os-prober depends on:
ii  grub-common  2.02~beta3-5+deb9u1
ii  libc62.24-11+deb9u3

os-prober recommends no packages.

os-prober suggests no packages.

-- no debconf information

Bug#919982: apt-setup: preseeded installation hangs at "Use a network mirror?"

[Wolfgang Schweer]

Hi Steve,

On Fri, Jan 25, 2019 at 11:58:08PM +, Steve McIntyre wrote:
> So I've been looking through this code again, and the corresponding
> code in apt-setup that uses these values. Last time I played with
> apt-setup, I added a table to describe what d-i will do based on the
> information in cd_type, to explain exactly what d-i expects:
> 
> # Various different image types look different here:
> #
> # Image Type   cd_type
> ###
> # netinst  "not_complete"
> # full CD sets (default desktop)   "full_cd"
> # desktop-specific CD images   "full_cd/single"
> # DVD  "dvd"
> # bluray   "bluray"
> # multi-arch CD/DVD"not_complete"
> # live "live"

Thanks for checking the code and providing this table.

The Debian Edu BD image (bluray) is generated using COMPLETE=0, see: 
https://salsa.debian.org/images-team/setup/blob/master/buster/cronjob.weekly#L268
 
because otherwise it turned out to be too big (~21 GiB).
This image is intended for offline installations, no mirror useable.

With this setting the Edu image differs from the stock BD/DLBD ones 
where COMPLETE=0 is missing and the default (COMPLETE=1) takes effect, 
see:
https://salsa.debian.org/images-team/setup/blob/master/buster/cronjob.weekly#L169

> The changes you've imported from the debian-edu fork of debian-cd
> clearly don't match up with these, and that's a problem.

Agreed; sorry for that.

> We'll come back to this again shortly. To help with that, could you
> describe exactly what debian-edu is expecting here please, i.e. what
> the settings in cd_type mean for the debian-edu installer?

I tried to understand the code that is used to write the content, see:
https://salsa.debian.org/images-team/debian-cd/blob/master/tools/start_new_disc#L179

If I understood correctly, for all cases with COMPLETE=0 the content of 
cd_type is 'not_complete'.

If the EDU BD image has 'blueray/not_complete' then this content matches 
the blueray*) case in apt-setup, see:
https://sources.debian.org/src/apt-setup/1:0.145/generators/50mirror/#L104
and the image is usable for offline installation.
This is the only change that is actually needed for the Edu BD image.

Commit 
https://salsa.debian.org/images-team/debian-cd/commit/15b482d49e642e21e983dba27a47b4fc2d8b90b4
incorrectly altered the setting 'not_complete' to 'cd/not_complete' for 
netinst, causing this bug. Sorry for not noticing it. 
  
> I'm worried that we may not have a clear solution here that can match 
> the current expectations of both d-i and and the debian-edu setup.

Hopefully I managed to clarify the Edu setup intention.

Wolfgang


signature.asc
Description: PGP signature

Bug#914150: pcmanfm: SIGSEGV, Segmentation fault on opening folder

[Nicola]

Package: pcmanfm
Version: 1.3.1-1
Followup-For: Bug #914150

Bug still exists. Opening a folder with many subfolder and files pcmanfm crash


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (800, 'unstable'), (750, 'experimental'), (500, 
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-7-amd64 (SMP w/2 CPU cores)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), 
LANGUAGE=it_IT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pcmanfm depends on:
ii  libatk1.0-0  2.30.0-2
ii  libc62.28-2
ii  libcairo21.16.0-2
ii  libfm-gtk4   1.3.1-1
ii  libfm4   1.3.1-1
ii  libfontconfig1   2.13.1-2
ii  libfreetype6 2.9.1-3
ii  libgdk-pixbuf2.0-0   2.38.0+dfsg-7
ii  libglib2.0-0 2.58.2-3
ii  libgtk2.0-0  2.24.32-3
ii  libpango-1.0-0   1.42.4-6
ii  libpangocairo-1.0-0  1.42.4-6
ii  libpangoft2-1.0-01.42.4-6
ii  libx11-6 2:1.6.7-1
ii  shared-mime-info 1.10-1

Versions of packages pcmanfm recommends:
ii  gnome-icon-theme 3.12.0-3
ii  gvfs-backends1.38.1-1
ii  gvfs-fuse1.38.1-1
ii  oxygen-icon-theme5:5.51.0-1
ii  policykit-1-gnome [polkit-1-auth-agent]  0.105-7
ii  tango-icon-theme 0.8.90-7

pcmanfm suggests no packages.

-- no debconf information

Bug#920499: postgresql-11: [INTL:fr] French debconf templates translation

[Jean-Pierre Giraud]

Package: postgresql-11
Severity: wishlist
Tags: patch l10n

Hi!

Please find attached the french debconf templates translation, proofread
by the debian-l10n-french mailing list contributors.

This file should be put as debian/po/fr.po in your package build tree.

Kind Regards

jipege

fr.po.gz
Description: application/gzip

Bug#913034: [Pkg-alsa-devel] Bug#913034: (no subject)

[Elimar Riesebieter]

* Lennart Weller  [2018-11-11 01:38 +0100]:

> Control: found 1.1.7-2
> 
> 
> I had my system automatically install libasound2-plugins 1.1.7-2 coming from
> 1.1.6-1+b1 which was working fine.
> 
> With 1.1.7-2 it is still failing on my system. Alsa shows all devices as on
> but Pulse in my case has no knowledge of them.

Is this still valid with latest libasound2 and pulse?

Elimar
-- 
  355/113: Not the famous irrational number pi,
   but an incredible simulation!
-unknown


signature.asc
Description: PGP signature

Bug#909856: owncloud-client: Build against libsecret

[Thomas Maaß]

Source: owncloud-client
Followup-For: Bug #909856

Dear Maintainer,

I can only confirm, that the problem is solved when building with libsecret
installed.
I checked it by rebuilding the owncloud-client package.
I also built the nextcloud-client package, which is still not in Debian, from
sources.
It has exactly the same behaviour.

Regards
Thomas



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), 
LANGUAGE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#889803: add package with cd-paranoia binary

[Niels Thykier]

On Fri, 25 Jan 2019 00:23:22 +0100 Klaumi Klingsporn 
wrote:
> Package: cd-paranoia
> Followup-For: Bug #889803
> 
> On Tue, 14 Aug 2018 19:24:07 + Niels Thykier
>  wrote:
> > Source: libcdio-paranoia
> > Source-Version: 10.2+0.94+2-4
> > 
> > We believe that the bug you reported is fixed in the
> > latest version of libcdio-paranoia
> > ...
> >* Remove cd-paranoia package again; the binary is also
> > provided by libcdio-utils.  (Reopens: #889803, Closes:
> > #906112)   
> 
> Dear Niels,
> 
> cd-paranoia is no longer provided in the package
> libcdio-utils >= 0.92. Version 2.0.0 is in testing
> and unstable. 
> 
> So there is no need to remove cd-paranoia from debian. There
> only needs to be set a
> "Breaks: libcdio-utils (<< 2.0.0)" 
> in the Debian/control file for the cd-paranoia package and
> upgrades from stable should work fine, without trying
> to overwrite anything.
> 
> Packages that I built with this change can be found at:
> apt.klaumikli.de/testing.
> 
> You can't ban cd-paranoia from Debian because of a missing
> Breaks-line! The binary is needed e.g. by whipper, the only
> linux-equivalent to the ExactAudioCopy-cd-ripper in the
> windows-world.
> 
> Nevertheless: Thanks for caring about this orphaned package!
> 
> Klaumi
> 
> [...]
Hi Klaumi,

I undid a faulty change I uploaded/introduced; nothing more, nothing
less.  From here the floor is open; I am not holding you (or Benjamin
back, who also showed interest in this).

However, I have spent the energy / time I was willing to use on
libcdio-paranoia for the next many years.  "Someone else(tm)" will have
to (properly) introduce the binary if they want it.  It would be even
better if they had a stake/interest in libcdio-paranoia (which I do not)
and could become the maintainer of the package.

Thanks,
~Niels

Bug#915856: sphinx: Failed cross building with Build-Depends on python3-sphinx

[kaliko]

Dmitry, Helmut

First, thanks for this insightful thread, even though it goes beyond my 
expertise I
learn about cross-building then :)

On 25/01/2019 22:55, Dmitry Shachnev wrote:
> On Fri, Jan 25, 2019 at 05:41:56PM +0100, Helmut Grohne wrote:
>> On Fri, Jan 25, 2019 at 11:14:23AM +0300, Dmitry Shachnev wrote:
>>> Does this mean that packages that are not using autodoc (like ncmpc) can
>>> already build-depend on python3-sphinx:native to become cross-buildable?
>>
>> Yes, that is my understanding. My plan was postponing such patches to
>> simplify stretch-backports. I'm not opposed to them in general, I just
>> didn't want to cause unnecessary work.
> 
> @Kaliko: please test if it works for you.

Indeed it did fix the issue :)
I set "Build-Depends-Indep: python3-sphinx:native" and built with pbuilder on 
testing.
But I'm having other problems later on, not related to sphinx though (some of 
them
probably x-build related).

I don't have enough time to go any further right now, but anyway the issue 
regarding
sphinx is actually fixed.

A final question, would you recommend sbuild rather than pbuilder?
Especially when trying to cross-build packages ?

Thanks Dmitry and Helmut for your help :)
Cheers
k



signature.asc
Description: OpenPGP digital signature

Bug#920467: ngraph-gtk: fails at runtime on 32-bit archs

[Bernhard Übelacker]

Control: tags 920467 + upstream patch


Dear Maintainer,
tried to have a look at the stack smashing.

It happens inside a call to g_stat/stat64.
The reason is as far as I see that in nconfig.c the type
GStatBuf has just a size of 88 bytes, therefore no
more memory is reserved. Inside nstat or g_stat/stat64
the type has a size of 96 bytes, that I assume would be
the right one.

By changing the include order in nconfig.c like in attached
patch I could finish the package build and run the test.

Kind regards,
Bernhard



Thread 1 "ngraph" hit Watchpoint 3: *0xb44c

Old value = 156167168
New value = 656566
0xb7fd4d51 in __kernel_vsyscall ()
1: x/i $pc
=> 0xb7fd4d51 <__kernel_vsyscall+9>:pop%ebp
(gdb) bt
#0  0xb7fd4d51 in __kernel_vsyscall ()
#1  0xb7bae4d5 in ___xstat64 (vers=3, name=0x5088c0 
"/etc/ngraph-gtk/Ngraph.ini", buf=0xb3f4) at 
../sysdeps/unix/sysv/linux/xstat64.c:35
#2  0xb7df609c in stat64 (__statbuf=0xb3f4, __path=0x5088c0 
"/etc/ngraph-gtk/Ngraph.ini") at /usr/include/i386-linux-gnu/sys/stat.h:455
#3  nstat (filename=0x558600 "/etc/ngraph-gtk/Ngraph.ini", buf=0xb3f4) at 
ioutil.c:819
#4  0xb7de90c1 in openconfig (section=0xb7eda7cd "[Ngraph]") at nconfig.c:141
#5  0xb7ebde7e in load_config (history_size=, 
allocconsole=, inst=0x58f560, sys=0x51bc20) at init.c:971
#6  n_initialize (argc=0xb5d0, argv=0xb56c) at init.c:971
#7  0xb7e5b65c in ngraph_initialize (argc=0xb5d0, argv=0xb56c) at 
ngraph_api.c:715
#8  0x0040116c in main (argc=, argv=) at 
main.c:122



(gdb) 
#2  0xb7df609c in stat64 (__statbuf=0xb3f4, __path=0x5088c0 
"/etc/ngraph-gtk/Ngraph.ini") at /usr/include/i386-linux-gnu/sys/stat.h:455
warning: Source file is more recent than executable.
455   return __xstat (_STAT_VER, __path, __statbuf);

(gdb) print sizeof(*__statbuf)
$9 = 96

(gdb) up
#3  nstat (filename=0x558600 "/etc/ngraph-gtk/Ngraph.ini", buf=0xb3f4) at 
ioutil.c:819
819   r = g_stat(tmp, buf);

(gdb) print sizeof(*buf)
$11 = 96

Description: Fix include order to avoid stack smashing

Bug-Debian: https://bugs.debian.org/920467
Forwarded: no
Last-Update: 2019-01-26

--- ngraph-gtk-6.08.00.orig/src/nconfig.c
+++ ngraph-gtk-6.08.00/src/nconfig.c
@@ -21,6 +21,8 @@
  *
  */
 
+#include "common.h"
+
 #include 
 #include 
 #include 
@@ -28,8 +30,6 @@
 #include 
 #include 
 
-#include "common.h"
-
 #include "object.h"
 #include "nstring.h"
 #include "ioutil.h"

# Buster i386 qemu VM 2019-01-26

apt update
apt dist-upgrade

apt install systemd-coredump xvfb xauth mc gdb ngraph-gtk ngraph-gtk-dbgsym 
libngraph0-dbgsym
apt install dpkg-dev devscripts
apt build-dep ngraph-gtk


mkdir source/ngraph-gtk/orig -p
cdsource/ngraph-gtk/orig
apt source ngraph-gtk
cd


cd source/ngraph-gtk/orig/ngraph-gtk-6.08.00
debian/tests/run-test



##



benutzer@debian:~/source/ngraph-gtk/orig/ngraph-gtk-6.08.00$ 
debian/tests/run-test 
*** stack smashing detected ***:  terminated
Aborted (core dumped)



root@debian:~# coredumpctl list
TIMEPID   UID   GID SIG COREFILE  EXE
Sat 2019-01-26 10:32:29 CET   16668  1000  1000   6 present   /usr/bin/ngraph

root@debian:~# coredumpctl gdb 16668
   PID: 16668 (ngraph-test)
   UID: 1000 (benutzer)
   GID: 1000 (benutzer)
Signal: 6 (ABRT)
 Timestamp: Sat 2019-01-26 10:32:28 CET (2min 26s ago)
  Command Line: /usr/bin/ngraph -i debian/tests/ngraph-test
Executable: /usr/bin/ngraph
 Control Group: /user.slice/user-1000.slice/session-3.scope
  Unit: session-3.scope
 Slice: user-1000.slice
   Session: 3
 Owner UID: 1000 (benutzer)
   Boot ID: 2891b09545794870a2a1bae01cecb105
Machine ID: 45f49504b47f4e5690bc479adf67aa5b
  Hostname: debian
   Storage: 
/var/lib/systemd/coredump/core.ngraph-test.1000.2891b09545794870a2a1bae01cecb105.16668.154849514800.lz4
   Message: Process 16668 (ngraph-test) of user 1000 dumped core.

Stack trace of thread 16668:
#0  0xb7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1  0xb7a352d2 raise (libc.so.6)
#2  0xb7a1f2b6 abort (libc.so.6)
#3  0xb7a76c1c n/a (libc.so.6)
#4  0xb7b10b6e n/a (libc.so.6)
#5  0xb7b10b1b __stack_chk_fail (libc.so.6)
#6  0xb7e0e624 n/a (libngraph.so.0)
#7  0xb7d2821c n/a (libngraph.so.0)
#8  0xb7dfce7e n/a (libngraph.so.0)
#9  0xb7d9a65c ngraph_initialize (libngraph.so.0)
#10 0x0041516c main (ngraph)
#11 0xb7a20b41 __libc_start_main (libc.so.6)
#12 0x004153e1 _start (ngraph)

Stack trace of thread 16670:
#0  0xb7f13d51 __kernel_vsyscall (linux-gate.so.1)
#1  0xb7bf13c2 pt

Bug#919584: man-db doesn't find subdirectories with man pages (from conda)

[Jan van Haarst]

Here it is (in attachment).

Have a nice day,

Jan

On Sat, Jan 26, 2019 at 2:33 AM Colin Watson  wrote:

> On Thu, Jan 17, 2019 at 04:19:16PM +0100, Jan van Haarst wrote:
> >I am trying to use a man page that is installed using conda.
> >
> >If I start man like this : man -d parallel , I see this :
> >
> >(unrelated info removed)
> >---
> >path directory /home/haars001/miniconda2/envs/isoseq/bin is not in the
> >config file
> >and doesn't have ../man, man, ../share/man, or share/man
> subdirectories
> >---
> >But if I do a manual lookup with ls, I get this :
> >---
> >ls /home/haars001/miniconda2/envs/isoseq/bin/../man
> >man1  man3
> >ls /home/haars001/miniconda2/envs/isoseq/bin/../share/man
> >man1  man3  man5  man7  man8
> >---
> >As man can't find the correct subdirectory, I get the wrong man page
> in
> >this case, or man can't find the man page in other cases.
> >I hope this is user error, then it's easier to fix
>
> Thanks for your report.  Could I please see the full output of "man -d
> parallel", even if some of it looks unrelated?
>
> --
> Colin Watson   [cjwat...@debian.org]
>


-- 
Dag,
Jan
haars001@hogeweg:~$ conda activate isoseq
(isoseq) haars001@hogeweg:~$ man -d parallel
ruid=16825946, euid=16825946
rgid=1629, egid=1629
++priv_drop_count = 1
From the config file /etc/manpath.config:

Mandatory mandir `/usr/man'.
Mandatory mandir `/usr/share/man'.
Mandatory mandir `/usr/local/share/man'.
Path `/bin' mapped to mandir `/usr/share/man'.
Path `/usr/bin' mapped to mandir `/usr/share/man'.
Path `/sbin' mapped to mandir `/usr/share/man'.
Path `/usr/sbin' mapped to mandir `/usr/share/man'.
Path `/usr/local/bin' mapped to mandir `/usr/local/man'.
Path `/usr/local/bin' mapped to mandir `/usr/local/share/man'.
Path `/usr/local/sbin' mapped to mandir `/usr/local/man'.
Path `/usr/local/sbin' mapped to mandir `/usr/local/share/man'.
Path `/usr/X11R6/bin' mapped to mandir `/usr/X11R6/man'.
Path `/usr/bin/X11' mapped to mandir `/usr/X11R6/man'.
Path `/usr/games' mapped to mandir `/usr/share/man'.
Path `/opt/bin' mapped to mandir `/opt/man'.
Path `/opt/sbin' mapped to mandir `/opt/man'.
Global mandir `/usr/man', catdir `/var/cache/man/fsstnd'.
Global mandir `/usr/share/man', catdir `/var/cache/man'.
Global mandir `/usr/local/man', catdir `/var/cache/man/oldlocal'.
Global mandir `/usr/local/share/man', catdir `/var/cache/man/local'.
Global mandir `/usr/X11R6/man', catdir `/var/cache/man/X11R6'.
Global mandir `/opt/man', catdir `/var/cache/man/opt'.
Added section `1'.
Added section `n'.
Added section `l'.
Added section `8'.
Added section `3'.
Added section `2'.
Added section `3posix'.
Added section `3pm'.
Added section `3perl'.
Added section `3am'.
Added section `5'.
Added section `4'.
Added section `9'.
Added section `6'.
Added section `7'.
`/usr/man'  `'  `1'
`/usr/share/man'`'  `1'
`/usr/local/share/man'  `'  `1'
`/bin'  `/usr/share/man'`0'
`/usr/bin'  `/usr/share/man'`0'
`/sbin' `/usr/share/man'`0'
`/usr/sbin' `/usr/share/man'`0'
`/usr/local/bin'`/usr/local/man'`0'
`/usr/local/bin'`/usr/local/share/man'  `0'
`/usr/local/sbin'   `/usr/local/man'`0'
`/usr/local/sbin'   `/usr/local/share/man'  `0'
`/usr/X11R6/bin'`/usr/X11R6/man'`0'
`/usr/bin/X11'  `/usr/X11R6/man'`0'
`/usr/games'`/usr/share/man'`0'
`/opt/bin'  `/opt/man'  `0'
`/opt/sbin' `/opt/man'  `0'
`/usr/man'  `/var/cache/man/fsstnd' `-1'
`/usr/share/man'`/var/cache/man'`-1'
`/usr/local/man'`/var/cache/man/oldlocal'   `-1'
`/usr/local/share/man'  `/var/cache/man/local'  `-1'
`/usr/X11R6/man'`/var/cache/man/X11R6'  `-1'
`/opt/man'  `/var/cache/man/opt'`-1'
`1' `'  `-5'
`n' `'  `-5'
`l' `'  `-5'
`8' `'  `-5'
`3' `'  `-5'
`2' `'  `-5'
`3posix'`'  `-5'
`3pm'   `'  `-5'
`3perl' `'  `-5'
`3am'   `'  `-5'
`5' `'  `-5'
`4' `'  `-5'
`9' `'  `-5'
`6' `'  `-5'
`7' `'  `-5'
is a tty
real user = 16825946; effective user = 16825946

using pager as pager

path directory /home/haars001/miniconda2/envs/isoseq/bin is not in the config 
file
and doesn't have ../man, man, ../share/man, or share/man subdirectories

path directory /home/haars001/bin is not in the config file
and doesn't have ../man, man, ../share/man, or share/man subdirectories

path directory /home/haars001/.local/bin is not in the config file
and doesn't have ../man, man, ../share/man, or share/man subdirectories

path directory /home/haars001/miniconda2/bin is not in the config file
and doesn't have ../man, man, ../share/man, or share/man subdirectories

path directory /usr/local/sbin is in the config file
adding /usr/local/man to manpath
adding /usr/local/share/man to manpa

Bug#915816: RM: uptimed -- ROM; long time bugs non-fixed, better alternatives

[Axel Beckert]

Hi,

gustavo panizzo wrote:
> Alex, any update on this?

I just looked through the open bug reports. The _only_ non-wishlist
bug report open is the one about duplicated bug reports by myself.

So the plural in "long-time bugs non-fixed" is IMHO exaggeration.

So I'm slightly fail to see the reason to remove it. So far I also
doubt that tuptime is superior in every way.

> Is there anything I can help with to move this forward?

I'm not keen at all to take over yet another package, but I fear
there's no other way.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#920502: O: pandora-build -- Build macros for libdrizzle, libmemcached, drizzle and gearmand

[Mattia Rizzolo]

Package: wnpp

The current maintainer of pandora-build, Robert Collins 
,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: pandora-build
Binary: pandora-build
Version: 0.98-1.1
Maintainer: Robert Collins 
Build-Depends: debhelper (>= 7.0), autoconf (>= 2.59), automake, libtool, 
autoconf-archive
Architecture: all
Standards-Version: 3.8.2
Format: 1.0
Files:
 2490110c7a4cf9590aa8b5efd849e476 1109 pandora-build_0.98-1.1.dsc
 53037ecf175230b79adb0e4876c4822a 362618 pandora-build_0.98.orig.tar.gz
 32968cbcdd1376d825f4f71e695dea93 2981 pandora-build_0.98-1.1.diff.gz
Checksums-Sha256:
 bb57407f079582ddc8fda9ea970e51feb51360f7a1b75e61285b039ae08af768 1109 
pandora-build_0.98-1.1.dsc
 76a72f825305f6c13dcb35d2f8bc08c895bfe4838bc7c807bc12e201dfaa90de 362618 
pandora-build_0.98.orig.tar.gz
 7f029d774c469f9f18d6832364c480f32bdef4ccfde064ff2ec544a47c7e2c33 2981 
pandora-build_0.98-1.1.diff.gz
Homepage: http://code.launchpad.net/pandora-build
Directory: pool/main/p/pandora-build
Priority: source
Section: devel

Package: pandora-build
Version: 0.98-1.1
Installed-Size: 416
Maintainer: Robert Collins 
Architecture: all
Description: Build macros for libdrizzle, libmemcached, drizzle and gearmand
Description-md5: c768511f4cfe105ebb44de70404fe3dd
Homepage: http://code.launchpad.net/pandora-build
Section: devel
Priority: optional
Filename: pool/main/p/pandora-build/pandora-build_0.98-1.1_all.deb
Size: 57276
MD5sum: 7379a1195f9df8414b2c36503976c0cd
SHA256: 269bfd98f3e07fa14a8a5c487019fb97890b5ab37dbc10682ab562d8b6e572a2


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#920504: O: bicyclerepair -- A refactoring tool for python

[Mattia Rizzolo]

Package: wnpp

The current maintainer of bicyclerepair, Robert Collins 
,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: bicyclerepair
Binary: bicyclerepair
Version: 0.9-6.2
Maintainer: Robert Collins 
Build-Depends: debhelper (>= 10)
Build-Depends-Indep: python-all-dev (>= 2.6.6-3~)
Architecture: all
Standards-Version: 3.9.8
Format: 1.0
Files:
 95153d94d289f24e9955917572f7eddc 1783 bicyclerepair_0.9-6.2.dsc
 f825f48384febefacf0717738e909321 165025 bicyclerepair_0.9.orig.tar.gz
 7a8e46021c58c196b6e37d74e938b526 4581 bicyclerepair_0.9-6.2.diff.gz
Checksums-Sha256:
 bca857fa300b51cd658b70b1e5fd605b41e18245247c78339e0f4d3654d23846 1783 
bicyclerepair_0.9-6.2.dsc
 69509eebaeb595ad1d14291b47c6236df97abd5893352965055d91b0cfaea116 165025 
bicyclerepair_0.9.orig.tar.gz
 0a8f5001ad7f305093bdb07a244aba0879a04988d54c4da731f25b4c63c06640 4581 
bicyclerepair_0.9-6.2.diff.gz
Homepage: http://bicyclerepair.sourceforge.net/
Package-List: 
 bicyclerepair deb devel optional arch=all
Directory: pool/main/b/bicyclerepair
Priority: source
Section: devel

Package: bicyclerepair
Version: 0.9-6.2
Installed-Size: 512
Maintainer: Robert Collins 
Architecture: all
Depends: python (<< 2.8), python (>= 2.7), python:any (>= 2.6.6-7~)
Recommends: vim-addon-manager
Suggests: vim-python (>= 1:6.2) | idle | pymacs
Description: A refactoring tool for python
Description-md5: 58612bd05fbcb8e6b7d6a142c47cacc3
Homepage: http://bicyclerepair.sourceforge.net/
Tag: devel::lang:python, devel::library, implemented-in::python, role::plugin
Section: devel
Priority: optional
Filename: pool/main/b/bicyclerepair/bicyclerepair_0.9-6.2_all.deb
Size: 96696
MD5sum: c47b9258d99ee3acac5794b2d89a6b2b
SHA256: c8cf2bb5884e3c6039bde285b20a52aefb26a49b51e16fa5661da514aaf6e14d


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#920501: O: pyjunitxml -- PyUnit extension for reporting in JUnit compatible XML

[Mattia Rizzolo]

Package: wnpp

The current maintainer of pyjunitxml, Robert Collins 
,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: pyjunitxml
Binary: python-junitxml, python3-junitxml
Version: 0.6-1.3
Maintainer: Robert Collins 
Build-Depends: debhelper (>= 9), python-all (>= 2.6.6-3~), python3-all, 
dh-python
Build-Depends-Indep: subunit (>= 0.0.2), python3-subunit
Architecture: all
Standards-Version: 4.1.1
Format: 3.0 (quilt)
Files:
 97ca0c59ca1541234e1dd33a188768d1 1906 pyjunitxml_0.6-1.3.dsc
 cfe9e457b3006b9fc8952bf12d4a1a66 21619 pyjunitxml_0.6.orig.tar.gz
 266f651cea37d260ee2c26b5be26d99f 3656 pyjunitxml_0.6-1.3.debian.tar.xz
Checksums-Sha256:
 fd3f97434ab9af04d6e466593dd7620e8424d393d9b9e31071add6e5fd9cf374 1906 
pyjunitxml_0.6-1.3.dsc
 f5d7a19e80b4c83ba64150831e1db5cdec4881718d12626844161d3b2204584c 21619 
pyjunitxml_0.6.orig.tar.gz
 770c2f83cdd31f5b8db6674011b1b661c116da9c34924d0749f917ada285aa39 3656 
pyjunitxml_0.6-1.3.debian.tar.xz
Homepage: https://launchpad.net/pyjunitxml
Package-List: 
 python-junitxml deb python optional arch=all
 python3-junitxml deb python optional arch=all
Directory: pool/main/p/pyjunitxml
Priority: source
Section: python

Package: python-junitxml
Source: pyjunitxml
Version: 0.6-1.3
Installed-Size: 42
Maintainer: Robert Collins 
Architecture: all
Depends: python:any (<< 2.8), python:any (>= 2.7.5-5~)
Description: PyUnit extension for reporting in JUnit compatible XML
Description-md5: cc63da11d6dad794838abdee946caf95
Homepage: https://launchpad.net/pyjunitxml
Section: python
Priority: optional
Filename: pool/main/p/pyjunitxml/python-junitxml_0.6-1.3_all.deb
Size: 9260
MD5sum: 3d6b0e0bc0968b55faeab04dcf3ddb07
SHA256: ab5776bd5cc02d7d108c68cfff452b4fc52b50b593b3283f688fabfe28032bf4

Package: python3-junitxml
Source: pyjunitxml
Version: 0.6-1.3
Installed-Size: 38
Maintainer: Robert Collins 
Architecture: all
Depends: python3:any (>= 3.3.2-2~)
Description: PyUnit extension for reporting in JUnit compatible XML
Description-md5: c169fbabac91bb8a2e7146219f0dc17f
Homepage: https://launchpad.net/pyjunitxml
Section: python
Priority: optional
Filename: pool/main/p/pyjunitxml/python3-junitxml_0.6-1.3_all.deb
Size: 7864
MD5sum: 417ff4f57f399ca8056052e8ce44e965
SHA256: ff4a9660d5b154cf99ca6d3f84287e99a49919e095cdfda020c16657b46b5bfb


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#920503: O: fl-cow -- copy-on-write utility

[Mattia Rizzolo]

Package: wnpp

The current maintainer of fl-cow, Robert Collins ,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: fl-cow
Binary: fl-cow
Version: 0.6-4.2
Maintainer: Robert Collins 
Build-Depends: debhelper (>= 7), autoconf (>= 2.59), automake, libtool
Build-Conflicts: autoconf2.13, automake1.4
Architecture: any
Standards-Version: 3.8.4
Format: 1.0
Files:
 65a3a1e175b3808c69e200e8b41f5bca 1684 fl-cow_0.6-4.2.dsc
 9a8c970c934d3aad1ac68a3c7e928de7 305453 fl-cow_0.6.orig.tar.gz
 c25042b720064a080e6ef6d6c7d47478 471158 fl-cow_0.6-4.2.diff.gz
Checksums-Sha256:
 0263451d7d682d3063d602a61ac942c3f409a12e16eb1b0858de8c1fd18c9e10 1684 
fl-cow_0.6-4.2.dsc
 5edbf45f92c8839957e51772e0499a0fcc5176e2b979b1f581c35b2304da0e16 305453 
fl-cow_0.6.orig.tar.gz
 07d6accdbfe03f6d031394bcabdb5f1800f31e02dd6300c1587845a5da80341a 471158 
fl-cow_0.6-4.2.diff.gz
Package-List: 
 fl-cow deb utils extra arch=any
Directory: pool/main/f/fl-cow
Priority: source
Section: utils

Package: fl-cow
Version: 0.6-4.2
Installed-Size: 56
Maintainer: Robert Collins 
Architecture: amd64
Depends: libc6 (>= 2.14)
Description: copy-on-write utility
Description-md5: b35d8c4bff298c12fc96e08f2b34a941
Section: utils
Priority: optional
Filename: pool/main/f/fl-cow/fl-cow_0.6-4.2_amd64.deb
Size: 6568
MD5sum: f0e6ad2221399a9e39f80e4b44f2540c
SHA256: d2a70536bb2a5d7887864e7fa6f5c49121fdfb430eefa8a2a0e00524fc4cbbee


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#920500: O: python-poster -- Python support for HTTP multipart PUT/POST

[Mattia Rizzolo]

Package: wnpp

The current maintainer of python-poster, Robert Collins 
,
has retired.  Therefore, I orphan this package now.

Maintaining a package requires time and skills. Please only adopt this
package if you will have enough time and attention to work on it.

If you want to be the new maintainer, please see
https://www.debian.org/devel/wnpp/#howto-o for detailed
instructions how to adopt a package properly.

Some information about this package:

Package: python-poster
Binary: python-poster
Version: 0.8.1-0.2
Maintainer: Robert Collins 
Build-Depends: debhelper (>= 7.0.50~), cdbs (>= 0.4.49), python-all (>= 
2.3.5-11), dh-python, python-setuptools
Architecture: all
Standards-Version: 3.9.1.0
Format: 1.0
Files:
 a5cc4da7ef302ab54834a370cbfb0181 1836 python-poster_0.8.1-0.2.dsc
 2db12704538781fbaa7e63f1505d6fc8 12274 python-poster_0.8.1.orig.tar.gz
 ba686ef743a8c41e94aa72a72ce4d687 2064 python-poster_0.8.1-0.2.diff.gz
Vcs-Bzr: lp:debian/sid/python-poster/packaging
Checksums-Sha256:
 e824ae8094bed2d5b8d2e7b50f4a3e79861dd28ba08f663525133ede3ea1ba32 1836 
python-poster_0.8.1-0.2.dsc
 af5bf45da4a916db2b638cffd9e9d6668b33020e2b8ca9f864db79b49331c6ff 12274 
python-poster_0.8.1.orig.tar.gz
 81bafa98fa5e147e4bd6d5a4306124ccf40233d87c8afe246b6172f404d31b6e 2064 
python-poster_0.8.1-0.2.diff.gz
Homepage: http://atlee.ca/software/poster/
Package-List: 
 python-poster deb python optional arch=all
Directory: pool/main/p/python-poster
Priority: source
Section: python

Package: python-poster
Version: 0.8.1-0.2
Installed-Size: 47
Maintainer: Robert Collins 
Architecture: all
Depends: python:any (<< 2.8), python:any (>= 2.7.5-5~)
Description: Python support for HTTP multipart PUT/POST
Description-md5: a9614cdecff6e6695f3334307694d6bf
Homepage: http://atlee.ca/software/poster/
Section: python
Priority: optional
Filename: pool/main/p/python-poster/python-poster_0.8.1-0.2_all.deb
Size: 9702
MD5sum: 3497c3082b3b7b07d37b3520dd75cea2
SHA256: 25eda1fb3d7a719b444f5fc22d0eff24e9fffe754e236e5975420f9fdfa622ff


-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#920507: Updating the subunit Uploaders list

[Mattia Rizzolo]

Source: subunit
Version: 1.3.0-1
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Robert Collins  has retired, so can't work on
the subunit package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#920506: Updating the testrepository Uploaders list

[Mattia Rizzolo]

Source: testrepository
Version: 0.0.20-3
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Robert Collins  has retired, so can't work on
the testrepository package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#920508: Updating the python-testtools Uploaders list

[Mattia Rizzolo]

Source: python-testtools
Version: 2.3.0-5
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Robert Collins  has retired, so can't work on
the python-testtools package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#920510: Updating the python-fixtures Uploaders list

[Mattia Rizzolo]

Source: python-fixtures
Version: 3.0.0-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Robert Collins  has retired, so can't work on
the python-fixtures package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#920509: Updating the python-testscenarios Uploaders list

[Mattia Rizzolo]

Source: python-testscenarios
Version: 0.5.0-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Robert Collins  has retired, so can't work on
the python-testscenarios package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#920505: Updating the testresources Uploaders list

[Mattia Rizzolo]

Source: testresources
Version: 2.0.0-2
Severity: minor
User: m...@qa.debian.org
Usertags: mia-teammaint

Robert Collins  has retired, so can't work on
the testresources package anymore (at least with this address).

We are tracking their status in the MIA team and would like to ask you
to remove them from the Uploaders list of the package so we can close
that part of the file.

(If the person is listed as Maintainer, what we are asking is to please
step in as a new maintainer.)

Thanks.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#920374: python-openssl: _ASN1_TYPE_TO_ENUM TypeError: 'type' object is not iterable

[Sandro Tosi]

control: reassign -1 python-cryptography

On Sat, Jan 26, 2019 at 4:33 AM thematsche  wrote:
>
> Am Fri, 25 Jan 2019 21:31:26 -0500
> schrieb Sandro Tosi :
>
> > control: tags -1 +unreproducible +moreinfo
> >
> > > >>> from OpenSSL import crypto, SSL
> > > Traceback (most recent call last):
> > >   File "", line 1, in 
> > >   File "/usr/lib/python2.7/dist-packages/OpenSSL/__init__.py", line
> > > 8, in  from OpenSSL import crypto, SSL
> > >   File "/usr/lib/python2.7/dist-packages/OpenSSL/crypto.py", line
> > > 12, in  from cryptography import x509
> > >   File
> > > "/usr/lib/python2.7/dist-packages/cryptography/x509/__init__.py",
> > > line 8, in  from cryptography.x509.base import ( File
> > > "/usr/lib/python2.7/dist-packages/cryptography/x509/base.py", line
> > > 16, in  from cryptography.x509.extensions import Extension,
> > > ExtensionType File
> > > "/usr/lib/python2.7/dist-packages/cryptography/x509/extensions.py",
> > > line 24, in  from cryptography.x509.general_name import
> > > GeneralName, IPAddress, OtherName File
> > > "/usr/lib/python2.7/dist-packages/cryptography/x509/general_name.py",
> > > line 18, in  from cryptography.x509.name import Name File
> > > "/usr/lib/python2.7/dist-packages/cryptography/x509/name.py", line
> > > 28, in  _ASN1_TYPE_TO_ENUM = dict((i.value, i) for i in
> > > _ASN1Type) TypeError: 'type' object is not iterable
> >
> > I cannot replicate this crash in an up-to-date chroot, are you sure
> > there's nothing wrong on your system?
> >
>
> h, in which way?
> I tried out:
> apt-get install --reinstall python-enum34
> apt-get install --reinstall python-openssl
> apt-get install --reinstall python-cryptography
>
> No success.
>
> Any more detailed proposals?
>
> But maybe debian has now some standard answers. :/
>
> https://www.mail-archive.com/debian-bugs-closed@lists.debian.org/msg579616.html

since both crashes actually happen in cryptography, i'm reasisgning it
to that package

-- 
Sandro "morph" Tosi
My website: http://sandrotosi.me/
Me at Debian: http://wiki.debian.org/SandroTosi
G+: https://plus.google.com/u/0/+SandroTosi

Bug#920511: libesedb: Apparent endianess problem causes test failure on s390x

[Hilko Bengen]

Source: src:libesedb
Version: 20181229-1
Severity: normal
Tag: upstream
Control: forwarded -1 https://github.com/libyal/libesedb/issues/45

libesedb/20181229-1 fails to build on s390x[1] due to what looks like an
endianess issue:

,
| esedb_test_checksum.c:1237 checksum_value (1617174027) != 669295665
`

I have disabled the test for now.

[1] 
https://buildd.debian.org/status/fetch.php?pkg=libesedb&arch=s390x&ver=20181229-1&stamp=1547425061&raw=0

Bug#914150: pcmanfm: SIGSEGV, Segmentation fault on opening folder

[Andriy Grytsenko]

Nicola has written on Saturday, 26 January, at 11:30:
>Bug still exists. Opening a folder with many subfolder and files pcmanfm crash

That is pretty bad. Thank you for such a notice. I would be glad if you
could help with trace debug, please. For that you have to install debug
symbols for both libfm and pcmanfm - that are libfm-dbg, libfm-gtk-dbg,
pcmanfm-dbg packages. Then attach gdb to the running process, you can do
that using next command:

gdb pcmanfm $(pidof pcmanfm)

and when you attach to it, simply enter 'c' (which means continue) and
reproduce your issue. When it crashes, please, enter a GDB command to see
backtraces:

thread apply all bt full

and then send the return of it to me or to BTS to diagnose what happens.

Don't hesitate to contact me if you get into some troubles with GDB.
Thank you in advance.

Bug#920512: syslog-ng: FTBFS with dpkg-buildpackage -A

[Andreas Beckmann]

Source: syslog-ng
Version: 3.19.1-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

syslog-ng/experimental FTBFS during the binary-indep-only build, i.e. if
built with dpkg-buildpackage -A:

 debian/rules build-indep
make: 'build-indep' is up to date.
 fakeroot debian/rules binary-indep
dh binary-indep --with autoreconf,systemd,python2
   debian/rules build-indep
make[1]: Entering directory '/build/syslog-ng-3.19.1'
make[1]: 'build-indep' is up to date.
make[1]: Leaving directory '/build/syslog-ng-3.19.1'
   dh_testroot -i
   dh_prep -i
   dh_installdirs -i
   debian/rules override_dh_auto_install
make[1]: Entering directory '/build/syslog-ng-3.19.1'
dh_auto_install -- \
pkgconfigdir=/usr/lib/x86_64-linux-gnu/pkgconfig \
PYSETUP_OPTIONS="--install-layout=deb \
--root=/build/syslog-ng-3.19.1/debian/tmp/"
find . -name \*.la | xargs --no-run-if-empty rm
make[1]: Leaving directory '/build/syslog-ng-3.19.1'
   dh_install -i
dh_install: Cannot find (any matches for) 
"usr/share/syslog-ng/include/scl/default-network-drivers/*" (tried in ., 
debian/tmp)

dh_install: syslog-ng-mod-extra missing files: 
usr/share/syslog-ng/include/scl/default-network-drivers/*
dh_install: Cannot find (any matches for) 
"usr/share/syslog-ng/include/scl/ewmm/*" (tried in ., debian/tmp)

dh_install: syslog-ng-mod-extra missing files: 
usr/share/syslog-ng/include/scl/ewmm/*
dh_install: Cannot find (any matches for) 
"usr/share/syslog-ng/include/scl/graylog2/*" (tried in ., debian/tmp)

dh_install: syslog-ng-mod-extra missing files: 
usr/share/syslog-ng/include/scl/graylog2/*
dh_install: Cannot find (any matches for) 
"usr/share/syslog-ng/include/scl/loadbalancer/*" (tried in ., debian/tmp)

dh_install: syslog-ng-mod-extra missing files: 
usr/share/syslog-ng/include/scl/loadbalancer/*
dh_install: Cannot find (any matches for) 
"usr/share/syslog-ng/include/scl/osquery/*" (tried in ., debian/tmp)

dh_install: syslog-ng-mod-extra missing files: 
usr/share/syslog-ng/include/scl/osquery/*
dh_install: Cannot find (any matches for) 
"usr/share/syslog-ng/include/scl/windowseventlog/*" (tried in ., debian/tmp)

dh_install: syslog-ng-mod-extra missing files: 
usr/share/syslog-ng/include/scl/windowseventlog/*
dh_install: missing files, aborting
make: *** [debian/rules:205: binary-indep] Error 25


The 'build-indep' target seems to be a no-op, not creating the stuff
needed by the subsequent install target.


cheers,

Andreas


syslog-ng_3.19.1-1_indep.log.gz
Description: application/gzip

Bug#920513: node-evp-bytestokey: switch build-depends from nodejs-dev to libnode-dev

[Andreas Beckmann]

Source: node-evp-bytestokey
Version: 1.0.3-4
Severity: serious
Justification: fails to build from source

Hi,

the old transitional package nodejs-dev is no longer built, please
update your build-depends to libnode-dev.


Andreas

Bug#920515: node-xmpp: switch build-depends from nodejs-dev to libnode-dev

[Andreas Beckmann]

Source: node-xmpp
Version: 0.3.2-3
Severity: serious

Hi,

the old transitional package nodejs-dev is no longer built, please
update your build-depends to libnode-dev.


Andreas

Bug#917128: Bug

[Wolfgang Walter]

Yes, I tested this with 240-4.

Regards,
-- 
Wolfgang Walter
Studentenwerk München
Anstalt des öffentlichen Rechts

Bug#920366: developers-reference: ftbfs in sid, builds fine in stable

[Raphael Hertzog]

Hi,

On Sat, 26 Jan 2019, Norbert Preining wrote:
> FIrst of all, I cannot reproduce this error on sid, so with all packages
> properly upgraded.
> 
> That means, I assume you have a mixed upgrade of packages where it
> fails, is this correct?

Yes, debci triggers autopkgtest of reverse dependencies but it only
upgrades the candidate package when it can (there might be more package
updates at the same time if dependencies require it).

> I will upload new packages that include the fontspec fixes, as well as
> tighter package coupling. This will fix 2- and most probably also 1-,
> but I still hope that I get feedback from logidee-tools maintainers.

Honestly, I haven't looked into this problem but if you look at
https://ci.debian.net/packages/l/logidee-tools/ you will see that it
always passed in "sid" but that it failed in testing when you inject
texlive-base or texlive-extra from sid:
https://ci.debian.net/packages/l/logidee-tools/testing/amd64/

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/

Bug#920514: node-nodedbi: switch build-depends from nodejs-dev to libnode-dev

[Andreas Beckmann]

Source: node-nodedbi
Version: 1.0.12-2
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

the old transitional package nodejs-dev is no longer built, please
update your build-depends to libnode-dev.


Andreas

Bug#919540: Export my package BlastEm to the Debian Games team

[Carlos Donizete Froes]

Hi Tobias,

> So, ok; but this is not a reason to say:
> 
>   Upstream Author : Carlos Donizete Froes 
> 
> in #919540 and setting your gitlab repository as upstream repository in
> the packaging. Actually, this is misleading and I also find this unfair
> to Michael Pavone.
> You can really alienate upstreams by claiming their work
> is yours. You surely understand that this is bad and against the
> spirit of Open Source and Debian.

Now I completely understand what you're telling me, honestly, it was an 
oversight on my part, I did
not mean to do that.

My biggest reason is to help the upstream get their software in Debian. I do 
this for love and I do
not want to undermine the work of the original author.

> From the posted mails in #919540 I cannot see that upstream agreed to
> move everything to your repository, his words were, which IMHO as quite
> different meaning and does not even touch the topic you seem to read out
> of it:
> "I realize Mercurial is a bit unfashionable these days, but I believe
> there is a bridge that allows git to interop with it. Pulling from the
> public repo will make it easier for me to accept your changes upstream.
> Assuming that's what you want anyway."
> 
> (And I wonder why you set the gitlab as upstream repository, while you
> seem to collaborate on github)

I would like GitLab to have an easy way to import the Mercurial repository. The 
only way to get it
is by GitHub, which has this import function from hg to git. And then I would 
be able to import into
my GitLab account.

I know this is crazy, but the only way to start my work in packaging.

I do not use GitHub, I had previous problems with my password, just to import 
hg to git, if you have
another way to import into GitLab, please I'm here to learn and fix my errors.

> I did a complete diff against upstream [1] and your repo [2], both
> "trunk" for that. And the only behaviourl change seems to be
> 
> --- blastem-ba3fb7a3be6b/zlib/gzlib.c   2019-01-23 06:15:38.0 +0100
> +++ blastem/zlib/gzlib.c2019-01-25 20:15:47.852968532 +0100
> @@ -291,6 +291,7 @@
>  gzFile gz;
> 
>  if (fd == -1 || (path = (char *)malloc(7 + 3 * sizeof(int))) == NULL)
> +free(path);
>  return NULL;
>  #if !defined(NO_snprintf) && !defined(NO_vsnprintf)
>  (void)snprintf(path, 7 + 3 * sizeof(int), "", fd);
> diff -Naur blastem-ba3fb7a3be6b/zlib/trees.c blastem/zlib/trees.c
> 
> (which introduces a bug, as the return is no longer conditional.)
> 
> So either I'm right and there are no siginifant changes, or upstream has
> merged everything you have provided, but that means that upstream is [2]
> not you.
> 
> [1] https://gitlab.com/coringao/blastem
> [2] https://www.retrodev.com/repos/blastem

I am sorry to inform you, but it was not only that, after working with the 
packaging, there were
several simple bugs and warnings that I needed to correct:

- I have changed some files with executable permission.[1]
- Fixed a warning I was not finding on the line.[2]
- Fixed the typing error, this is because when doing a 'debuild', the warning 
appears in lintian in
the generated binary.[3]
- Added -g in GCC to appear debug information during compilation.[4]
- Commented the file 'test.c', where an error occurred during debuild.[5]

[1] 
https://gitlab.com/coringao/blastem/commit/5a4a48dd763aacd788c340b6a2d9f92f841ad1ee

[2] 
https://gitlab.com/coringao/blastem/commit/9dadd76de5759c1fd7a150d42263b1782d717df9

[3] 
https://gitlab.com/coringao/blastem/commit/e8c58c4fe20323c90d486bdcd8c7f6321d96e538

[4] 
https://gitlab.com/coringao/blastem/commit/3b697e6d38e5c872dac5f88b82baac448718805a

[5] 
https://gitlab.com/coringao/blastem/commit/490b40f5d765a0dbf9354a2ea2697ed9e140abf8

> Then do not claim being the upstream author in the first place.

As I said at the beginning, it is not my intention, it was a mistake on my part 
and I will correct
it.

> Ok, then this is an good occasion to fix those issues.

Yes, I am making this correction immediately.

Thanks!

-- 
⢀⣴⠾⠻⢶⣦⠀ Carlos Donizete Froes [a.k.a coringao]
⣾⠁⢠⠒⠀⣿⡁ - https://wiki.debian.org/coringao
⢿⡄⠘⠷⠚⠋⠀ GPG: 4096R/B638B780
⠈⠳⣄⠀⠀⠀  2157 630B D441 A775 BEFF  D35F FA63 ADA6 B638 B780


signature.asc
Description: This is a digitally signed message part

Bug#920516: ITP: libjs-rtcpeerconnection-shim -- RTCPeerConnection API implemented ontop of ORTC

[Jonas Smedegaard]

Package: wnpp
Severity: wishlist
Owner: Jonas Smedegaard 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: libjs-rtcpeerconnection-shim
  Version : 1.2.14
  Upstream Author : Philipp Hancke
* URL : https://github.com/otalk/rtcpeerconnection-shim
* License : BSD-3-clause
  Programming Lang: JavaScript
  Description : RTCPeerConnection API implemented ontop of ORTC

 RTCPeerConnection shim i an implementation
 of the W3C RTCPeerConnection API
 as a shim ontop of the ORTC API.
 .
 The RTCPeerConnection API
 enables audio and video communication between peers.
 It performs signal processing, codec handling,
 peer-to-peer communication, security, and bandwidth management.
 .
 Object Real-Time Communications (ORTC) provides a powerful API
 for the development of WebRTC based applications.
 .
 WebRTC (Web Real-Time Communication) is a project
 that provides web browsers and mobile applications
 with real-time communication (RTC)
 via simple application programming interfaces (APIs).

This package is needed by libjs-webrtc-adapter (see bug#867274).

The package will be maintained in the JavaScript team.

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAlxMWloACgkQLHwxRsGg
ASEVXA/8CbWk06+mxRL6xs8aEr4Xet6AIN3n9BdXMCch1YEwMVEpG6mKE4WcnNE6
AYVG1ZltLwKWYOHUlpxLgxnQeXJI/E/jE4GCdwEq5pMTjRwJwq3Shwrd/IRU2+JN
j3cXJ5xIGyS/ZjmaPCewfXGy0a5eWY/5/sP5Zv76MDqJIS35h7lgDjS/BOJK4j8b
SOaiQpu530Ay/O2uWAjdSAwRUQ7BarJ+tkyuMpV2c7Ztme640QYvngpi0Na+1i+B
uQ7EGq63H/V0T8tPqtT0449uAzUf5Dx6lkR0rRhboMI1sqzIXOvozkuaXJKkKLqf
Qj9/9/hSvjMKRKQuIjju+m2CcM0ZN7YC5QsHzjBZdKtOgnMA2J86/VJalGnGJYSm
KqtulQvhL1SEnCmNVCaqdzec0J8Xc4RKbXpLvpPVBBa/LF98oNauD37YPBs4c2sV
RZZBpmMoVMNlfH8sGqinrqwhUHmILxUSu3sDg/xC8R3sX57V5FpDYO1ZpJjwks+S
LYxCbcEjxDzCnRhLM2qc+Ecs0JqkyZogDh+oB9Zv2RsxVa7JWiS53uQl29u4gqHp
GTXqoIZGY3LxvDkugEl1lEKT9YXJNNWCUZh9bjbsMUeE8k35KBSjKlmGEESgv3fr
Lp2JowhSyEmP/eiUVU9e8iNeqd+z48c7n5cRHVCUgTkdRBN15CM=
=ruJp
-END PGP SIGNATURE-

Bug#914730: missing itp

[Bart Martens]

Hello,

For packages not yet in debian, there must be an ITP as meant here:
https://www.debian.org/doc/manuals/developers-reference/ch05.en.html#newpackage

Cheers,

Bart

Bug#914615: [Pkg-mozext-maintainers] Bug#914615: closed by Mechtilde Stehmann (reply to mechti...@debian.org) (914615-d...@bugs.debian.org)

[Jeremy Bicha]

On Sat, Jan 26, 2019 at 2:16 AM Mechtilde  wrote:
> there is no*tbsync package in the Ubuntu repo. there is no need to
> define a dependency to xul-ext-lightning.

Yes, but that's *because* of this bug.

The package is in disco-proposed but we don't let packages in to
Ubuntu that have unsatisfiable dependencies:
https://launchpad.net/ubuntu/+source/tbsync

See 
https://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#tbsync
(large page so takes a few moments to load).

I'd be happy to submit merge proposals to fix this bug.

Thanks,
Jeremy Bicha

Bug#920232: closed by Christoph Berg (Bug#920232: fixed in cqrlog 2.3.0-2)

[Nate Bargmann]

I can confirm that CQRlog not starts normally and my log data is
present.

Thanks, Christoph.

73, Nate

-- 

"The optimist proclaims that we live in the best of all
possible worlds.  The pessimist fears this is true."

Web: http://www.n0nb.us  GPG key: D55A8819  GitHub: N0NB


signature.asc
Description: PGP signature

Bug#920517: node-gyp: depends on cruft package nodejs-dev

[Andreas Beckmann]

Package: node-gyp
Version: 3.8.0-2
Severity: serious

Hi,

nodejs-dev is no longer built. Please check whether you can use
libnode-dev as a replacement.


Andreas

Bug#880324: any update on ruby-license-finder ftbfs issue ?

[shirish शिरीष]

Dear all,

Any update on the ruby-license-finder fails to build from source
(ftbfs) since we now use ruby 2.5

$ ruby -v
ruby 2.5.3p105 (2018-10-18 revision 65156) [x86_64-linux-gnu]

Also the ruby-license-finder is now at 5.6.0  upstream as also shown
by  https://tracker.debian.org/pkg/ruby-license-finder

Look forward to a new release of ruby-license-finder.
-- 
  Regards,
  Shirish Agarwal  शिरीष अग्रवाल
  My quotes in this email licensed under CC 3.0
http://creativecommons.org/licenses/by-nc/3.0/
http://flossexperiences.wordpress.com
EB80 462B 08E1 A0DE A73A  2C2F 9F3D C7A4 E1C4 D2D8

Bug#920518: RFP: httpauthenticationoverxmpp -- provide an HTTP authentication over XMPP

[W. Martin Borgert]

Package: wnpp
Severity: wishlist

* Package name: httpauthenticationoverxmpp
  Version : v0.5-dev
  Upstream Author : Geoffrey Pouzet 
* URL : 
https://git.kingpenguin.tk/chteufleur/HTTPAuthentificationOverXMPP
* License : MIT
  Programming Lang: Go
  Description : provide an HTTP authentication over XMPP

Provide an HTTP authentication over XMPP.
Implementation of XEP-0070.
Can be run as a XMPP client or XMPP component.

Bug#914615: [Pkg-mozext-maintainers] Bug#914615: Bug#914615: closed by Mechtilde Stehmann (reply to mechti...@debian.org) (914615-d...@bugs.debian.org)

[Mechtilde]

Hello Jeremy,

Am 26.01.19 um 14:04 schrieb Jeremy Bicha:
> On Sat, Jan 26, 2019 at 2:16 AM Mechtilde  wrote:
>> there is no*tbsync package in the Ubuntu repo. there is no need to
>> define a dependency to xul-ext-lightning.
> 
> Yes, but that's *because* of this bug.
> 
> The package is in disco-proposed but we don't let packages in to
> Ubuntu that have unsatisfiable dependencies:
> https://launchpad.net/ubuntu/+source/tbsync
> 
> See 
> https://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#tbsync
> (large page so takes a few moments to load).
> 
> I'd be happy to submit merge proposals to fix this bug.

Then you can do a separate package for Ubuntu yourself. Take the sources
and pack it. The same is done for lightnicng which has also a different
name.

For Lightning Ubuntu use a different name than in Debian. Why should i
change anything?

> 
> Thanks,
> Jeremy Bicha

kind regards


-- 
Mechtilde Stehmann
## Apache OpenOffice
## Freie Office Suite für Linux, MacOSX, Windows
## Debian Developer
## PGP encryption welcome
## F0E3 7F3D C87A 4998 2899  39E7 F287 7BBA 141A AD7F



signature.asc
Description: OpenPGP digital signature

Bug#919226: hardening

[Yves-Alexis Perez]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Tue, 2019-01-15 at 10:26 +0100, Yves-Alexis Perez wrote:
> I think it would make more sense to migrate the modules_disabled part to
> hardening-runtime and I would happily welcome co-maintainership on this if
> you're interested. Obviously that's my opinion and I can understand if you're
> reluctant on that :)

Hi,

In case you missed, I've uploaded hardening-runtime and it just migrated to
testing.

Regards,
- -- 
Yves-Alexis
-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlxMZJkACgkQ3rYcyPpX
RFtpEQf/eRKkXdzk+xLPOKm4Mg9BKTgSM7NUClH7LGxz+S3c5Ycbw1rLH3TAPCry
t0OGzp+J47/xoXl4N2xJbZou1jgAIQEVl0hCj78RvoaYdoAoKaVJqU/iwEwjWy+2
pd1/KlmabF2Ju1u3AEBwepso8LvcFQ5g5QOOGpe3hYdZPAF2RHHlEm/yFFvp0JLk
Vu+9gfYp6f9wciRQPLRM3kt+tL13xCC9Cf6YPVDpquUHMR9b+TPoUf5SnXw6Fy2d
hAwYfaJIvZJ1rvaF0d5Af6+jsQyhh94pvZsTnCs0zPwDOMLv9eNCivMlXTcLasi/
7fNYzpm2vzO/PwhBlh190mysNh3ryQ==
=mjOI
-END PGP SIGNATURE-

Bug#914615: [Pkg-mozext-maintainers] Bug#914615: Bug#914615: closed by Mechtilde Stehmann (reply to mechti...@debian.org) (914615-d...@bugs.debian.org)

[Mechtilde Stehmann]

Hello,

Am 26.01.19 um 14:44 schrieb Mechtilde:
> Hello Jeremy,
> 
> Am 26.01.19 um 14:04 schrieb Jeremy Bicha:
>> On Sat, Jan 26, 2019 at 2:16 AM Mechtilde  wrote:
>>> there is no*tbsync package in the Ubuntu repo. there is no need to
>>> define a dependency to xul-ext-lightning.
>>
>> Yes, but that's *because* of this bug.
>>
>> The package is in disco-proposed but we don't let packages in to
>> Ubuntu that have unsatisfiable dependencies:
>> https://launchpad.net/ubuntu/+source/tbsync
>>
>> See 
>> https://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#tbsync
>> (large page so takes a few moments to load).
>>
>> I'd be happy to submit merge proposals to fix this bug.
> 
> Then you can do a separate package for Ubuntu yourself. Take the sources
> and pack it. The same is done for lightnicng which has also a different
> name.
> 
> For Lightning Ubuntu use a different name than in Debian. Why should i
> change anything?

I cannot control that webext-tbsync works with the Thunderbird/lightning
versions in the different Ubuntu versions. Esp because of the different
update policy for main and universe.

In former time that also was the reason why I couldn't upload any
extension to Ubuntu.

> kind regards
> 
> 

-- 
Mechtilde Stehmann
## Debian Developer
## PGP encryption welcome
## F0E3 7F3D C87A 4998 2899  39E7 F287 7BBA 141A AD7F



signature.asc
Description: OpenPGP digital signature

Bug#919190: Acknowledgement (ITP: wnpp -- KeePassXC-Browser extension for the KeePassXC password manager)

[Bruno Kleinert]

I uploaded the package and it's now in the NEW queue:

https://ftp-master.debian.org/new/keepassxc-browser_1.3.2-1.html


signature.asc
Description: This is a digitally signed message part

Bug#866443: Info received (Replace with python-pil)

[Bruno Kleinert]

Hi Emilien,

please consider addressing this RC bug.

Just to raise awareness: I plan to NMU with my previously attached
patch around week 7.

Cheers - Bruno


signature.asc
Description: This is a digitally signed message part

Bug#919658: root cause lies in camomile package

[Hilko Bengen]

control: reassign -1 1.0.1-1

With libcamomile-ocaml-dev/1.0.1-1 installed, the following command no
longer works, breaking the ocaml-gettext build:

ocamlfind query camomile

Instead of installing everything (including META) to
/usr/{lib,share}/ocaml/camomile, files are now installed into
/usr/{lib,share}/libcamomile-ocaml-data.

ocamlfind does not even try looking there, see the following strace
output:

,
| stat("/etc/ocamlfind.conf.d", 0x7ffc5f3322e0) = -1 ENOENT (No such file or 
directory)
| stat("/usr/local/lib/ocaml/4.05.0/camomile/META", 0x7ffc5f3323a0) = -1 ENOENT 
(No such file or directory)
| stat("/usr/local/lib/ocaml/4.05.0/META.camomile", 0x7ffc5f3323a0) = -1 ENOENT 
(No such file or directory)
| stat("/usr/lib/ocaml/camomile/META", 0x7ffc5f3323a0) = -1 ENOENT (No such 
file or directory)
| stat("/usr/lib/ocaml/META.camomile", 0x7ffc5f3323a0) = -1 ENOENT (No such 
file or directory)
| stat("/usr/lib/ocaml/METAS/camomile/META", 0x7ffc5f3323a0) = -1 ENOENT (No 
such file or directory)
| stat("/usr/lib/ocaml/METAS/META.camomile", 0x7ffc5f3323a0) = -1 ENOENT (No 
such file or directory)
| write(2, "ocamlfind: Package `camomile' no"..., 40) = 40
`

This change was introduced in commit
992c94fb58fabb46f11db172cd4969cc2b5d7409.

Cheers,
-Hilko

Bug#659321: Fix for Gnome 3

[Bruno Kleinert]

Hi David,

please consider addressing this RC bug.

Just to raise awareness: I plan to NMU with my previously attached
patch around week 7.

Cheers - Bruno


signature.asc
Description: This is a digitally signed message part

Bug#920519: O: mtx -- controls tape autochangers

[Ivo De Decker]

package: wnpp

Hi,

I'm not using mtx anymore, so I'm orphaning it. If you are using it, please
consider adopting it.

Thanks,

Ivo

Bug#917984: [Pkg-dpdk-devel] Bug#917984: Bug#917984: Bug#917984: Bug#917984: Can not link ODP with newer DPDK

[Luca Boccassi]

On Thu, 2019-01-03 at 13:26 +0100, Luca Boccassi wrote:
> On Thu, 2019-01-03 at 02:29 +0300, Dmitry Eremin-Solenikov wrote:
> > Hello,
> > 
> > чт, 3 янв. 2019 г. в 02:09, Luca Boccassi :
> > > On Wed, 2019-01-02 at 14:55 +0300, Dmitry Eremin-Solenikov wrote:
> > > > ср, 2 янв. 2019 г. в 14:49, Luca Boccassi :
> > > > > On Wed, 2019-01-02 at 01:43 +0300, Dmitry Eremin-Solenikov
> > > > > wrote:
> > > > > Strange that libtool is messing things up, I've used the same
> > > > > pkgconfig
> > > > > file in a few different projects that use autoconf/automake
> > > > > and
> > > > > I
> > > > > haven't seen this issue.
> > > > 
> > > > libtool rearranges/squashes linking flags in an attempt to find
> > > > 'better'
> > > > linking flags. Unfortunately this fail for DPDK. We have worked
> > > > around
> > > > this by squashing all PMDs into a single gcc argument:
> > > > -Wl,--whole-archive,-lrte_pmd_af_packet,-
> > > > lrte_pmd_ark,,-
> > > > lrte_pmd_vmxnet3_uio,--no-whole-archive
> > > > -ldpdk
> > > > 
> > > > Thus libtool won't move PMDs from --whole-archive/--no-whole-
> > > > archive
> > > > brackets.
> > > > 
> > > > > I had a look on github, and it does not seem that odp is
> > > > > currently
> > > > > using pkg-config, but rather doing some manual check - is
> > > > > there
> > > > > a
> > > > > branch in a fork or a patch you could point me to so that I
> > > > > can
> > > > > try
> > > > > to
> > > > > reproduce?
> > > > 
> > > > No, I have not pushed my code to github yet. The easies way to
> > > > reproduce
> > > > is to statically link a sample program with libtool and check
> > > > that
> > > > generated
> > > > ELF contains all PMDs.
> > > 
> > > That looks like a very very old libtool bug:
> > > 
> > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=347650
> > > 
> > > Have you tried patching config/ltmain.sh as it's suggested on
> > > that
> > > bug?
> > 
> > I can try doing that as a test, but I wouldn't like to have patched
> > ltmain.sh
> > in the source tree.
> 
> Another workaround has been suggested and I've verified that it
> works:
> parse the output of pkg-config --libs --static libdpdk and change the
> string "-Wl,--whole-archive -lrte_pmdfoo -lrte_pmdbar ... -Wl,--no-
> whole-archive" intoto "-Wl,--whole-archive,-lrte_pmdfoo,-
> lrte_pmdbar,...,--no-whole-archive"
> 
> Basically, trick libtool into thinking that it's a single linker
> flag:
> 
> > > Something like:
> > 
> > [patch skipped]
> > 
> > > Note that the current version of Meson does not do a good job of
> > > generating the pkg-config file, but it's fixed in the version in
> > > development. I also found a couple of bugs in dpdk. So the
> > > following
> > > content for libdpdk.pc is more correct:
> > 
> > [libdpdk.pc skipped]
> > 
> > Do you plan to upload fixed dpdk packages?
> 
> Yes, I'll push the changes upstream and backport them sometimes
> within
> the next couple of days.

I've uploaded that in the past couple of days, the pkg-config file now
lists everything needed for static builds and uses Requires.private for
recursive dependencies.

Note that on amd64 libdpdk-dev is missing a dependency on libipsec-mb-
dev, this will be fixed in the next upload.

-- 
Kind regards,
Luca Boccassi

signature.asc
Description: This is a digitally signed message part

Bug#920520: ITP: websocketd -- Turn any stdin/sdtout program into a websocket server

[Josue Ortega]

Package: wnpp
Severity: wishlist
Owner: Josue Ortega 

*Package name: websocketd
 Version: 0.3.0
 Upstream Author: Joe Walnes 
*URL: https://github.com/joewalnes/websocketd
*Licence: BSD-2-Clause
 Programming Lang: Go
Description: websocketd is a small command-line tool that will
 wrap an existing command-line interface program, and allow it to
 be accessed via a WebSocket.
 WebSocket-capable applications can now be built very easily. As
 long as you can write an executable program that reads STDIN
 and writes to STDOUT, you can build a WebSocket server.
 Do it in Python, Ruby, Perl, Bash, .NET, C, Go, PHP, Java,
 Clojure, Scala, Groovy, Expect, Awk, VBScript, Haskell, Lua,
 R, whatever! No networking libraries necessary.


signature.asc
Description: PGP signature

Bug#919324: CVE-2018-20450 CVE-2018-20452

[Dirk Eddelbuettel]

On 24 January 2019 at 19:54, Evan Miller wrote:
| 
| > On Jan 24, 2019, at 19:10, Dirk Eddelbuettel  wrote:
| > 
| > 
| > On 24 January 2019 at 16:36, Evan Miller wrote:
| > | 
| > | > On Jan 23, 2019, at 01:16, Evan Miller  wrote:
| > | > 
| > | > #34 and #35 have returned from the dead on GitHub. I’ll take a closer 
look later this week.
| > | > 
| > | > Evan
| > | 
| > | 
| > | OK — I can confirm that all of the reported libxls bugs are fixed.
| > 
| > As in: in the current libxls GH version?  I can make a patched Debian
| > release of that.
| 
| Yes, they are fixed in master on GitHub. Note that there are quite a few 
changes since 1.4 – I can’t promise that master has ABI compatibility with the 
last official 1.4 release. But if you compile the new sources using the old 
headers (or diff and merge manually) I don’t think there will be an issue on 
that front.

Maybe Jenny could take a look?

It is her use of your library in her package that I stand behind for Debian.

Thanks for all your diligent work on this. It is great to see this move in
the right ("fuzzing") direction.

Dirk

| Evan
| 
| > 
| > | I have successfully integrated libxls into OSS-Fuzz, and have added the 
researcher’s test files to the fuzzing corpus, so that this and related issues 
should be caught by the address sanitizer in the future.
| > | 
| > | OSS-Fuzz has turned up a number of other issues. I will plan to do a 
release when they are all addressed.
| > 
| > That is awesome.
| > 
| > Thank you,  Dirk
| > 
| > | Evan
| > | 
| > | > 
| > | >> On Jan 15, 2019, at 14:12, Moritz Muehlenhoff mailto:j...@inutil.org>> wrote:
| > | >> 
| > | >> On Tue, Jan 15, 2019 at 10:43:25AM -0600, Dirk Eddelbuettel wrote:
| > | >>> 
| > | >>> Hi Evan,
| > | >>> 
| > | >>> On 15 January 2019 at 11:18, Evan Miller wrote:
| > | >>> | 
| > | >>> | > On Jan 15, 2019, at 03:06, Moritz Muehlenhoff mailto:j...@inutil.org>> wrote:
| > | >>> | > 
| > | >>> | > On Mon, Jan 14, 2019 at 08:45:56PM -0500, Evan Miller wrote:
| > | >>> | >> Oddly, all four issues (#34, #35, #36, #37) seem to have 
disappeared from GitHub. I don’t know if the original reporter intended to 
close them, or what.
| > | >>> | >> 
| > | >>> | >> I have an email copy of #34 but do not have access to the PoC 
files. So without the cooperation of the reporter (Zhao Liang, Huawei Weiran 
Labs) my ability to research will be limited.
| > | >>> | > 
| > | >>> | > That's really strange, do you have the mail address of Zhao, 
could you ask him what happened?
| > | >>> | 
| > | >>> | His address may be leon.zha...@gmail.com 
 - I’ll try it. His GitHub profile is now a 404.
| > | >>> | 
| > | >>> | > 
| > | >>> | > MITRE doesn't archive security content per se, they only deal 
with the organisation and assignment
| > | >>> | > of numbers. The Internet Archive's Wayback machine also hasn't 
archived the Github pages.
| > | >>> | > 
| > | >>> | > Cheers,
| > | >>> | >Moritz
| > | >>> | 
| > | >>> | 
| > | >>> | Here are the Google caches of #34 and #35:
| > | >>> | 
| > | >>> | 
https://webcache.googleusercontent.com/search?q=cache:pgRHJwznP7wJ:https://github.com/evanmiller/libxls/issues/34+&cd=1&hl=en&ct=clnk&gl=us&client=safari
 

| > | >>> | 
| > | >>> | 
https://webcache.googleusercontent.com/search?q=cache:5GNSeHQTzEsJ:https://github.com/evanmiller/libxls/issues/35+&cd=1&hl=en&ct=clnk&gl=us&client=safari
 

| > | >>> | 
| > | >>> | The PoC links are dead.
| > | >>> | 
| > | >>> | Looking at the backtraces and the commit fixing #36 and #37 
(https://github.com/evanmiller/libxls/commit/24044ad7d7cec8a6a1c2370caad27890121a776e
 
)
 it is my belief that issues #34 and #35 are NOT fixed.
| > | >>> | 
| > | >>> | I’ll look into them soon.
| > | >>> 
| > | >>> You're awesome!  Much appreciated.
| > | >>> 
| > | >>> Moritz: Do you expect the CVE to puliverize too, or will it remain 
active and
| > | >>> open, but "simply" without any hard (public) evidence backing it?
| > | >> 
| > | >> No, they stick around, it sometimes happens that references vanish, 
e.g. then hosting sites
| > | >> go down (think of berlios or similar)
| > | >> 
| > | >> Cheers,
| > | >>Moritz
| > | > 
| > | 
| > 
| > -- 
| > http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org

Bug#920521: ITP: golang-github-karrick-godirwalk -- Fast directory traversal for Golang

[Dhanesh B. Sabane]

Package: wnpp
Severity: wishlist
Owner: Dhanesh B. Sabane 

* Package name: golang-github-karrick-godirwalk
  Version : 1.7.8-1
  Upstream Author : Karrick McDermott
* URL : https://github.com/karrick/godirwalk
* License : BSD-2-clause
  Programming Lang: Go
  Description : Fast directory traversal for Golang

 godirwalk godirwalk is a library for traversing a directory tree on a
 file system.
 .
 This library will normalize the provided top level directory name based
 on the os-specific path separator by calling filepath.Clean on its
 first argument. However it always provides the pathname created by
 using  the correct os-specific path separator when invoking the
 provided callback function.
 .
 This library not only provides functions for traversing a file system
 directory tree, but also for obtaining a list of immediate descendants
 of a particular directory, typically much more quickly than using
 os.ReadDir or os.ReadDirnames.

I'm not a member of the Golang maintainers team and would like to be one.

--
Dhanesh B. Sabane
PGP ID: 0xB69A98C9C1642329
Fingerprint: 9655 11F2 0D18 E76A 2396 D64D B69A 98C9 C164 2329

Bug#920522: vim-runtime: no highlight for "urgency=emergency" in debian/changelog

[Jakub Wilk]

Package: vim-runtime
Version: 2:8.1.0693-2

As per Policy §5.6.17, please add "emergency" as a valid urgency to 
syntax/debchangelog.vim.


--
akub Wilk

Bug#866443: Info received (Replace with python-pil)

[Emilien Klein]

Please go ahead and NMU.
Emilien


Le sam. 26 janv. 2019 à 15:18, Bruno Kleinert  a écrit :

> Hi Emilien,
>
> please consider addressing this RC bug.
>
> Just to raise awareness: I plan to NMU with my previously attached
> patch around week 7.
>
> Cheers - Bruno
>

Bug#914150: pcmanfm: SIGSEGV, Segmentation fault on opening folder

[brambil]

nicola@lenovo:~$  gdb pcmanfm $(pidof pcmanfm)
GNU gdb (Debian 8.2-1) 8.2
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later

This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
    .

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from pcmanfm...Reading symbols from
/usr/lib/debug/.build-id/1c/cd4e413e0b8eb1e25a3a50da686d460653f6e4.debug...done.
done.
Attaching to program: /usr/bin/pcmanfm, process 23615
[New LWP 23616]
[New LWP 23617]
[New LWP 23618]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
0x7f681fb22b39 in poll () from /lib/x86_64-linux-gnu/libc.so.6
(gdb) c
Continuing.
[New Thread 0x7f6815b49700 (LWP 24296)]
[Thread 0x7f6815b49700 (LWP 24296) exited]
[New Thread 0x7f6815b49700 (LWP 24437)]
[New Thread 0x7f6816b4b700 (LWP 24438)]
[Thread 0x7f6816b4b700 (LWP 24438) exited]
[New Thread 0x7f681634a700 (LWP 24439)]
[Thread 0x7f681634a700 (LWP 24439) exited]
[New Thread 0x7f681634a700 (LWP 24440)]
[Thread 0x7f681634a700 (LWP 24440) exited]
[Thread 0x7f6815b49700 (LWP 24437) exited]
[New Thread 0x7f6815b49700 (LWP 24545)]
[New Thread 0x7f681634a700 (LWP 24546)]
[Thread 0x7f681634a700 (LWP 24546) exited]
[New Thread 0x7f681634a700 (LWP 24547)]
[Thread 0x7f681634a700 (LWP 24547) exited]
[New Thread 0x7f681634a700 (LWP 24548)]
[Thread 0x7f681634a700 (LWP 24548) exited]
[New Thread 0x7f681634a700 (LWP 24550)]
[Thread 0x7f681634a700 (LWP 24550) exited]
[New Thread 0x7f681634a700 (LWP 24551)]
[Thread 0x7f681634a700 (LWP 24551) exited]
[New Thread 0x7f681634a700 (LWP 24552)]
[Thread 0x7f681634a700 (LWP 24552) exited]
[New Thread 0x7f681634a700 (LWP 24553)]
[Thread 0x7f681634a700 (LWP 24553) exited]
[New Thread 0x7f681634a700 (LWP 24554)]
[Thread 0x7f681634a700 (LWP 24554) exited]
[New Thread 0x7f681634a700 (LWP 24555)]
[Thread 0x7f681634a700 (LWP 24555) exited]
[New Thread 0x7f681634a700 (LWP 24556)]
[Thread 0x7f681634a700 (LWP 24556) exited]
[Thread 0x7f6815b49700 (LWP 24545) exited]
[New Thread 0x7f6815b49700 (LWP 24673)]
[Thread 0x7f6815b49700 (LWP 24673) exited]
[New Thread 0x7f6815b49700 (LWP 24720)]
[New Thread 0x7f681634a700 (LWP 24721)]
[Thread 0x7f681634a700 (LWP 24721) exited]
[New Thread 0x7f681634a700 (LWP 24722)]
[Thread 0x7f681634a700 (LWP 24722) exited]
[New Thread 0x7f681634a700 (LWP 24723)]
[Thread 0x7f681634a700 (LWP 24723) exited]
[New Thread 0x7f681634a700 (LWP 24724)]
[Thread 0x7f681634a700 (LWP 24724) exited]
[New Thread 0x7f681634a700 (LWP 24725)]
[Thread 0x7f681634a700 (LWP 24725) exited]
[New Thread 0x7f681634a700 (LWP 24726)]
[Thread 0x7f681634a700 (LWP 24726) exited]
[New Thread 0x7f681634a700 (LWP 24727)]
[Thread 0x7f681634a700 (LWP 24727) exited]
[New Thread 0x7f681634a700 (LWP 24728)]

Thread 30 "loader" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f681634a700 (LWP 24728)]
0x7f6816c292c0 in ?? ()
   from
/usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
(gdb) thread apply all bt full

Thread 30 (Thread 0x7f681634a700 (LWP 24728)):
#0  0x7f6816c292c0 in  ()
    at
/usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
#1  0x7f682029812d in  ()
    at /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0
#2  0x7f6820298bd8 in gdk_pixbuf_loader_write ()
    at /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0
#3  0x7f6820296668 in gdk_pixbuf_get_file_info ()
    at /usr/lib/x86_64-linux-gnu/libgdk_pixbuf-2.0.so.0
#4  0x7f682095da06 in read_image_from_file
    (filename=0x7f680c001570
"/mnt/dati_linux/cns-doc/REGATE/RegateDOC/meteoCNS") at
gtk/fm-thumbnail.c:142
    w = 1
    h = 1
#5  0x7f68200fca0c in generate_thumbnails_with_builtin
    (task=task@entry=0x55dc91ffd780) at base/fm-thumbnail-loader.c:979
    gf = 0x55dc91e2ee60
    file_name = 0x7f680c001570
"/mnt/dati_linux/cns-doc/REGATE/RegateDOC/meteoCNS"
    normal_pix = 0x0
    large_pix = 0x0
--Type  for more, q to quit, c to continue without paging--
    cancellable = 
    ori_pix = 
    rotate_degrees = 
    mime_type = 
#6  0x7f68200fd628 in generate_thumbnails (task=0x55dc91ffd780)
    at base/fm-thumbnail-loader.c:812
    uri = 0x7f680c0014c0
"file:///mnt/dati_linux/cns-doc/REGATE/RegateDOC/meteoCNS"
    md5 = 
    reql = 
    task = 0x55dc91ffd780
    sum = 0x55dc91f67720
    normal_path = 0x55dc91f8ec70
"/home/nicola/.thumbnails/normal

Bug#920463: texlive-base breaks fig2dev autopkgtest

[Paul Gevers]

Hi Norbert,

On 25-01-2019 22:21, Norbert Preining wrote:
> I guess you then have a mixed system of texlive packages installed, some
> from testing and some from unstable. Is this correct?

If nothing forces other versions from unstable, than only the package
that tries to migrate is taken from unstable in a testing environment.
So, yes.

> This has triggered other bugs, so I will upload new packages with strict
> versioning so that all tl have to be of the same version in the next
> days.

Thanks for taking care of this.

Paul



signature.asc
Description: OpenPGP digital signature

Bug#919540: ITP: blastem -- The fast and accurate Genesis emulator

[Carlos Donizete Froes]

Hi,

I apologize, there was an error typing where "Upstream Author" is mentioning:

Upstream Author : Carlos Donizete Froes 

The correct is:

Upstream Author : Michael Pavone 

Thanks!

-- 
⢀⣴⠾⠻⢶⣦⠀ Carlos Donizete Froes [a.k.a coringao]
⣾⠁⢠⠒⠀⣿⡁ - https://wiki.debian.org/coringao
⢿⡄⠘⠷⠚⠋⠀ GPG: 4096R/B638B780
⠈⠳⣄⠀⠀⠀  2157 630B D441 A775 BEFF  D35F FA63 ADA6 B638 B780


signature.asc
Description: This is a digitally signed message part

Bug#919324: CVE-2018-20450 CVE-2018-20452

[Evan Miller]

> On Jan 26, 2019, at 10:05, Dirk Eddelbuettel  wrote:
> 
> 
> On 24 January 2019 at 19:54, Evan Miller wrote:
> | 
> | > On Jan 24, 2019, at 19:10, Dirk Eddelbuettel  wrote:
> | > 
> | > 
> | > On 24 January 2019 at 16:36, Evan Miller wrote:
> | > | 
> | > | > On Jan 23, 2019, at 01:16, Evan Miller  wrote:
> | > | > 
> | > | > #34 and #35 have returned from the dead on GitHub. I’ll take a closer 
> look later this week.
> | > | > 
> | > | > Evan
> | > | 
> | > | 
> | > | OK — I can confirm that all of the reported libxls bugs are fixed.
> | > 
> | > As in: in the current libxls GH version?  I can make a patched Debian
> | > release of that.
> | 
> | Yes, they are fixed in master on GitHub. Note that there are quite a few 
> changes since 1.4 – I can’t promise that master has ABI compatibility with 
> the last official 1.4 release. But if you compile the new sources using the 
> old headers (or diff and merge manually) I don’t think there will be an issue 
> on that front.
> 
> Maybe Jenny could take a look?
> 
> It is her use of your library in her package that I stand behind for Debian.

Ah, okay, then the ABI doesn’t matter. I had assumed you were packaging libxls 
as a runtime library + development headers.

> 
> Thanks for all your diligent work on this. It is great to see this move in
> the right ("fuzzing") direction.

Long overdue! :-)

Evan

> 
> Dirk
> 
> | Evan
> | 
> | > 
> | > | I have successfully integrated libxls into OSS-Fuzz, and have added the 
> researcher’s test files to the fuzzing corpus, so that this and related 
> issues should be caught by the address sanitizer in the future.
> | > | 
> | > | OSS-Fuzz has turned up a number of other issues. I will plan to do a 
> release when they are all addressed.
> | > 
> | > That is awesome.
> | > 
> | > Thank you,  Dirk
> | > 
> | > | Evan
> | > | 
> | > | > 
> | > | >> On Jan 15, 2019, at 14:12, Moritz Muehlenhoff  > wrote:
> | > | >> 
> | > | >> On Tue, Jan 15, 2019 at 10:43:25AM -0600, Dirk Eddelbuettel wrote:
> | > | >>> 
> | > | >>> Hi Evan,
> | > | >>> 
> | > | >>> On 15 January 2019 at 11:18, Evan Miller wrote:
> | > | >>> | 
> | > | >>> | > On Jan 15, 2019, at 03:06, Moritz Muehlenhoff  > wrote:
> | > | >>> | > 
> | > | >>> | > On Mon, Jan 14, 2019 at 08:45:56PM -0500, Evan Miller wrote:
> | > | >>> | >> Oddly, all four issues (#34, #35, #36, #37) seem to have 
> disappeared from GitHub. I don’t know if the original reporter intended to 
> close them, or what.
> | > | >>> | >> 
> | > | >>> | >> I have an email copy of #34 but do not have access to the PoC 
> files. So without the cooperation of the reporter (Zhao Liang, Huawei Weiran 
> Labs) my ability to research will be limited.
> | > | >>> | > 
> | > | >>> | > That's really strange, do you have the mail address of Zhao, 
> could you ask him what happened?
> | > | >>> | 
> | > | >>> | His address may be leon.zha...@gmail.com 
>  - I’ll try it. His GitHub profile is now a 404.
> | > | >>> | 
> | > | >>> | > 
> | > | >>> | > MITRE doesn't archive security content per se, they only deal 
> with the organisation and assignment
> | > | >>> | > of numbers. The Internet Archive's Wayback machine also hasn't 
> archived the Github pages.
> | > | >>> | > 
> | > | >>> | > Cheers,
> | > | >>> | >Moritz
> | > | >>> | 
> | > | >>> | 
> | > | >>> | Here are the Google caches of #34 and #35:
> | > | >>> | 
> | > | >>> | 
> https://webcache.googleusercontent.com/search?q=cache:pgRHJwznP7wJ:https://github.com/evanmiller/libxls/issues/34+&cd=1&hl=en&ct=clnk&gl=us&client=safari
>  
> 
> | > | >>> | 
> | > | >>> | 
> https://webcache.googleusercontent.com/search?q=cache:5GNSeHQTzEsJ:https://github.com/evanmiller/libxls/issues/35+&cd=1&hl=en&ct=clnk&gl=us&client=safari
>  
> 
> | > | >>> | 
> | > | >>> | The PoC links are dead.
> | > | >>> | 
> | > | >>> | Looking at the backtraces and the commit fixing #36 and #37 
> (https://github.com/evanmiller/libxls/commit/24044ad7d7cec8a6a1c2370caad27890121a776e
>  
> )
>  it is my belief that issues #34 and #35 are NOT fixed.
> | > | >>> | 
> | > | >>> | I’ll look into them soon.
> | > | >>> 
> | > | >>> You're awesome!  Much appreciated.
> | > | >>> 
> | > | >>> Moritz: Do you expect the CVE to puliverize too, or will it remain 
> active and
> | > | >>> open, but "simply" without any hard (public) evidence backing it?
> | > | >> 
> | > | >> No, they stick around, it sometimes happens that references vanish, 
> e.g. then hosting sites
> | > | >> go down (think of berlios or similar)
> |

Bug#919540: ITP: blastem -- The fast and accurate Genesis emulator

[Carlos Donizete Froes]

Hi,

I apologize, there was an error typing where "Upstream Author" is mentioning:

Upstream Author : Carlos Donizete Froes 

O correto é:

Upstream Author : Michael Pavone 

Thanks!

-- 
⢀⣴⠾⠻⢶⣦⠀ Carlos Donizete Froes [a.k.a coringao]
⣾⠁⢠⠒⠀⣿⡁ - https://wiki.debian.org/coringao
⢿⡄⠘⠷⠚⠋⠀ GPG: 4096R/B638B780
⠈⠳⣄⠀⠀⠀  2157 630B D441 A775 BEFF  D35F FA63 ADA6 B638 B780


signature.asc
Description: This is a digitally signed message part

Bug#920524: valabind: valabind does not start, libvalaccodegen.so not found.

[Hilko Bengen]

Package: valabind
Version: 1.5.0-3
Severity: serious

Dear Maintainer,

when trying to run valabind, I get:

,
| $ valabind
| valabind: error while loading shared libraries: libvalaccodegen.so:
| cannot open shared object file: No such file or directory
`

valac/0.42.5-1 ships the shared library but it is not installed into a
standard directory:

,
| valac: /usr/lib/x86_64-linux-gnu/vala-0.42/libvalaccodegen.so
`

Cheers,
-Hilko

Bug#920525: freecad: autopkgtest failure

[Mattia Rizzolo]

Source: freecad
Version:  0.17+dfsg1-7
Severity: serious

Dear maintainer,

even after -7, autopkgtest still fails
https://ci.debian.net/data/autopkgtest/unstable/amd64/f/freecad/1785985/log.gz

From what I can see, I think the test itself passes, but it outputs
stuff to stderr, which causes autopkgtest to consider it as a failure.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature

Bug#876660: ledger: CVE-2017-2807: Ledger CLI Tags Parsing Code Execution Vulnerability

[Martin Michlmayr]

* Salvatore Bonaccorso  [2017-09-24 18:01]:
> the following vulnerability was published for ledger.
> 
> CVE-2017-2807[0]:
> | An exploitable buffer overflow vulnerability exists in the tag parsing
> | functionality of Ledger-CLI 3.1.1. A specially crafted journal file
> | can cause an integer underflow resulting in code execution. An
> | attacker can construct a malicious journal file to trigger this
> | vulnerability.

Fixed here:
https://github.com/ledger/ledger/commit/5682f377aed5b0db6b6c4a44b1d8868103b7e9f7

-- 
Martin Michlmayr
https://www.cyrius.com/

Bug#876659: ledger: CVE-2017-2808: Ledger CLI Account Directive Use-After-Free Vulnerability

[Martin Michlmayr]

* Salvatore Bonaccorso  [2017-09-24 17:57]:
> the following vulnerability was published for ledger.
> 
> CVE-2017-2808[0]:
> | An exploitable use-after-free vulnerability exists in the account

This has been fixed upstream:
https://github.com/ledger/ledger/commit/f3bad93db256db07b6cb831d4d24f47543f57e4a
We're also working on releasing 3.1.2 with fixes for all 4 CVE items.

I consider this (and all the other CVE issues filed against ledger)
low impact.  Salvatore/David, do you want to make a release for
stable?

Salvatore, can you tell me how to inform CVE/Mitre once 3.1.2 is out
that these CVEs have been addressed?

-- 
Martin Michlmayr
https://www.cyrius.com/

Bug#919298: libreoffice-mysql-connector: fails to upgrade from sid: dpkg-maintscript-helper errors out

[Rene Engelhard]

tag 919298 - pending
thanks

Hi,


On Mon, Jan 14, 2019 at 07:35:53PM +0100, Andreas Beckmann wrote:
> during a test with piuparts I noticed your package fails to upgrade from
> 'sid' to 'experimental'.
> 
> >From the attached log (scroll to the bottom...):
> 
>   Preparing to unpack 
> .../7-libreoffice-mysql-connector_1%3a6.2.0~rc2-1_all.deb ...
>   dpkg-query: no packages found matching $DPKG_MAINTSCRIPT_PACKAGE
>   dpkg-query: error: --listfiles needs a valid package name but 
> '$DPKG_MAINTSCRIPT_PACKAGE' is not: illegal package name in specifier 
> '$DPKG_MAINTSCRIPT_PACKAGE': must start with an alphanumeric character
>   
>   Use --help for help about querying packages.
>   dpkg-maintscript-helper: error: file 
> '/usr/share/doc/libreoffice-mysql-connector' not owned by package 
> '$DPKG_MAINTSCRIPT_PACKAGE'
>   dpkg-query: error: --listfiles needs a valid package name but 
> '$DPKG_MAINTSCRIPT_PACKAGE' is not: illegal package name in specifier 
> '$DPKG_MAINTSCRIPT_PACKAGE': must start with an alphanumeric character
>   
>   Use --help for help about querying packages.
>   dpkg-maintscript-helper: error: file 
> '/usr/share/doc/libreoffice-mysql-connector/copyright' not owned by package 
> '$DPKG_MAINTSCRIPT_PACKAGE'
>   dpkg-query: error: --listfiles needs a valid package name but 
> '$DPKG_MAINTSCRIPT_PACKAGE' is not: illegal package name in specifier 
> '$DPKG_MAINTSCRIPT_PACKAGE': must start with an alphanumeric character
>   
>   Use --help for help about querying packages.
>   dpkg-maintscript-helper: error: file 
> '/usr/share/doc/libreoffice-mysql-connector/changelog.Debian.gz' not owned by 
> package '$DPKG_MAINTSCRIPT_PACKAGE'
>   dpkg-query: error: --listfiles needs a valid package name but 
> '$DPKG_MAINTSCRIPT_PACKAGE' is not: illegal package name in specifier 
> '$DPKG_MAINTSCRIPT_PACKAGE': must start with an alphanumeric character
>   
>   Use --help for help about querying packages.
>   dpkg-maintscript-helper: error: file 
> '/usr/share/doc/libreoffice-mysql-connector/changelog.Debian.amd64.gz' not 
> owned by package '$DPKG_MAINTSCRIPT_PACKAGE'
>   dpkg-maintscript-helper: error: directory 
> '/usr/share/doc/libreoffice-mysql-connector' contains files not owned by 
> package $DPKG_MAINTSCRIPT_PACKAGE, cannot switch to symlink
>   dpkg: error processing archive 
> /tmp/apt-dpkg-install-w3OdOs/7-libreoffice-mysql-connector_1%3a6.2.0~rc2-1_all.deb
>  (--unpack):
>new libreoffice-mysql-connector package pre-installation script subprocess 
> returned error exit status 1
>   Errors were encountered while processing:
>
> /tmp/apt-dpkg-install-w3OdOs/7-libreoffice-mysql-connector_1%3a6.2.0~rc2-1_all.deb
> 
> 
> Without looking at the code I'd suspect you have a redundant

There's no code (except maybe in dh), just a .maintscript:

$ cat libreoffice-mysql-connector.maintscript
dir_to_symlink /usr/share/doc/libreoffice-mysql-connector
/usr/share/doc/libreoffice-common 1:6.2.0~alpha-1

Which was added after your http://bugs.debian.org/915019 ... :(

>   $DPKG_MAINTSCRIPT_PACKAGE
> in libreoffice-mysql-connector.maintscript. Current debhelper compat
> levels properly escape the '$' character.

No, that may be the cause of this exact instance, but after removing that one 
it still fails.

Preparing to unpack .../11-libreoffice-mysql-connector_6.2.0~rc3-1_all.deb ...
dpkg-query: no packages found matching libreoffice-mysql-connector:all
dpkg-query: package 'libreoffice-mysql-connector' is not installed
Use dpkg --contents (= dpkg-deb --contents) to list archive files contents.
dpkg-maintscript-helper: error: file 
'/usr/share/doc/libreoffice-mysql-connector' not owned by package 
'libreoffice-mysql-connector:all'
dpkg-query: package 'libreoffice-mysql-connector' is not installed
Use dpkg --contents (= dpkg-deb --contents) to list archive files contents.
dpkg-maintscript-helper: error: file 
'/usr/share/doc/libreoffice-mysql-connector/changelog.Debian.gz' not owned by 
package 'libreoffice-mysql-connector:all'
dpkg-query: package 'libreoffice-mysql-connector' is not installed
Use dpkg --contents (= dpkg-deb --contents) to list archive files contents.
dpkg-maintscript-helper: error: file 
'/usr/share/doc/libreoffice-mysql-connector/copyright' not owned by package 
'libreoffice-mysql-connector:all'
dpkg-maintscript-helper: error: directory 
'/usr/share/doc/libreoffice-mysql-connector' contains files not owned by 
package libreoffice-mysql-connector:all, cannot switch to symlink
dpkg: error processing archive 
/tmp/apt-dpkg-install-Cmo0nn/11-libreoffice-mysql-connector_6.2.0~rc3-1_all.deb 
(--unpack):
 new libreoffice-mysql-connector package pre-installation script subprocess 
returned error exit status 1
Errors were encountered while processing:
 /tmp/apt-dpkg-install-Cmo0nn/11-libreoffice-mysql-connector_6.2.0~rc3-1_all.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)

the package changed any (well, arch-specific) to all (transitional package), 
maybe
that confuses dpkg-maintsc

Bug#854590: einstein upstream

[Bart Martens]

Looking at the commits, it just follows debian.

Bug#920526: neutron-fwaas: [INTL:de] Updated German debconf translation

[Chris Leick]

Package: neutron-fwaas
Version: 13.0.1-5
Severity: wishlist
Tags: l10n patch



Hi,

please find attached the newest German translation.

Kind regards,
Chris


de.po.gz
Description: application/gzip

Bug#716086: [Mayhem] Bug report on ledger: ledger crashes with exit status 139

[Martin Michlmayr]

* Martin Michlmayr  [2014-10-05 17:39]:
> > The attachment [1] contains a testcase (under ./crash) crashing the
> > program. It ensures that you can easily reproduce the bug. Additionally,
> > under ./crash_info/, we include more information about the crash such as
> > a core dump, the dmesg generated by the crash, and its output.
> 
> ledger 2.6.2 is no longer supported.   I cannot reproduce this with
> ledger 3.0.  I get: Error: Illegal option...

I suggest closing this ticket.  ledger 3 produces an error in ledger
2.6.2 has not been supported in years.

-- 
Martin Michlmayr
https://www.cyrius.com/

Bug#740757: ledger: wtf?

[Martin Michlmayr]

* Anonymous  [2015-06-02 20:59]:
> If gc support was lost upstream, then the fix is not to march ahead
> and introduce a serious problem.  Why have a debian "stable", with
> testing, and diligence, the whole nine yards if they're going to
> wildly upgrade packages to versions that break?
> 
> Not sure about others, but for me this is catastrophic.  I used ledger
> exclusively to harvest data from gnucash.  Gnucash is the best user
> interface, while gnucash is atrocious for scripting and automation
> (which ledger was good at).  Gnucash and ledger need each other.

ledger 3 is basically a rewrite of ledger 2.  Gnucash support was lost
as part of this.  There have been calls upstream for a volunteer to
implement Gnucash support.  If you feel strongly about this, please go
ahead and volunteer to implement Gnucash support upstream.

As mentioned, there's a Python script to convert from Gnucash to
ledger:
https://github.com/MatzeB/pygnucash

I suggest this bug report be closed as there is no work upstream to
implement Gnucash support.

-- 
Martin Michlmayr
https://www.cyrius.com/

Bug#920527: perl-doc: bad example of default warning

[Jakub Wilk]

Package: perl-doc
Version: 5.28.1-3

The warnings(3perl) man page says this code should always produce a 
warning:


  my $a = "2:" + 3;

But it doesn't:

  $ perl -e 'my $a = "2:" + 3;'
  


-- System Information:
Architecture: i386

Versions of packages perl-doc depends on:
ii  perl  5.28.1-3

--
Jakub Wilk

Bug#791609: Error on restoring ledger buffer from desktop file

[Martin Michlmayr]

* David Bremner  [2015-07-10 20:58]:
> > Thanks for the report.  Here is how I tried, and failed, to reproduce this:
> >
> > emacs -q foo.lgr
> > M-x desktop-save
> > C-x C-c
> > emacs -q
> > M-x desktop-read
> >
> > I'm using emacs24.4 still, so maybe this is 24.5 specific.
> >
> > Cheers,
> 
> I tried the same recipe with 24.5, but still did not reproduce the
> failure.

Ben, it seems like David cannot reproduce your issue.  Can you check
again?

-- 
Martin Michlmayr
https://www.cyrius.com/

Bug#870900: CVE-2017-12481 CVE-2017-12482

[Martin Michlmayr]

* Moritz Muehlenhoff  [2017-08-06 10:41]:
> CVE-2017-12481 was assigned to http://bugs.ledger-cli.org/show_bug.cgi?id=1222
> and CVE-2017-12482 was assigned to 
> http://bugs.ledger-cli.org/show_bug.cgi?id=1224

Both are fixed upstream now.

CVE-2017-12481
https://github.com/ledger/ledger/commit/c5343f18744d0f6fddcc590f9a54c23674d8c489
CVE-2017-12481
https://github.com/ledger/ledger/commit/7c0ae5b02571e21f97d45f5d091cb78af9885713

> CVE-2017-12482 is probably entirely mitigated by the hardening build options 
> and
> it general is feels somewhat silly to assign CVE IDs for such crashes...

Yeah, not sure if the security team/Debian maintainer want to publish
a security update for this.

But all 4 CVEs are fixed upstream now.

-- 
Martin Michlmayr
https://www.cyrius.com/

Bug#684603: ledger: Payee names containing angle brackets ("<>") result in corrupti reports

[Martin Michlmayr]

* Martin Michlmayr  [2014-10-05 17:42]:
> > If a gnucash register looks like this (for example):
> > 
> >   2012/06/11  T-Mobile  - topup  $50.00
> >   2012/07/11  T-Mobile  - topup  $50.00
> >   2012/08/11  T-Mobile  - topup  $50.00
> > 
> > Ledger loses all text before the last angle bracket.  E.g.:

> ledger 3.x no longer supports reading gnucash files and ledger 2.x is
> no longer supported.

I think this should be closed.

ledger itself supports <> just fine in the payee.  Ths was a problem
with the Gnucash support, which no longer exists in ledger 3.

-- 
Martin Michlmayr
https://www.cyrius.com/

Bug#920528: RM: lemonldap-ng-fr-doc [all] -- RoQA; NBS; cruft arch:all package

[Andreas Beckmann]

Package: ftp.debian.org
Severity: normal

Please remove the cruft lemonldap-ng-fr-doc package, it is no longer
built starting with lemonldap-ng (2.0.0~beta1+ds-1).

lemonldap-ng-fr-doc | 1.9.18+ds-1 | all

There are no dependency problems.


Andreas

Bug#920529: libtool: Please cherry-pick upstream commit f9970d99 to support -fuse-ld=

[Reuben Thomas]

Package: libtool
Version: 2.4.6-2
Severity: wishlist

Currently it’s not possible to use -fuse-ld=gold, for example, cleanly with
libtool. This upstream commit:

http://git.savannah.gnu.org/cgit/libtool.git/commit/?id=f9970d99293faf908fdc153a653fa5781095fb7a

adds the requisite support.

-- System Information:
Debian Release: buster/sid
  APT prefers bionic-updates
  APT policy: (500, 'bionic-updates'), (500, 'bionic-security'), (500, 
'bionic'), (100, 'bionic-backports'), (90, 'disco')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-43-generic (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libtool depends on:
ii  autotools-dev   20180224.1
ii  clang-6.0 [c-compiler]  1:6.0-1ubuntu2
ii  cpp 4:7.3.0-3ubuntu2.1
ii  file1:5.32-2ubuntu0.1
ii  gcc [c-compiler]4:7.3.0-3ubuntu2.1
ii  gcc-7 [c-compiler]  7.3.0-27ubuntu1~18.04
ii  gcc-8 [c-compiler]  8.2.0-1ubuntu2~18.04
ii  libc6-dev [libc-dev]2.27-3ubuntu1

Versions of packages libtool recommends:
ii  libltdl-dev  2.4.6-2

Versions of packages libtool suggests:
ii  autoconf 2.69-11
ii  automake [automaken] 1:1.15.1-3ubuntu2
ii  automake1.11 [automaken] 1:1.11.6-4
pn  gcj-jdk  
ii  gfortran 4:7.3.0-3ubuntu2.1
ii  gfortran-7 [fortran95-compiler]  7.3.0-27ubuntu1~18.04
ii  libtool-doc  2.4.6-2

-- no debconf information

Bug#910548: base-files - please consider adding /usr/share/common-licenses/Unicode-Data

[Paul Hardy]

Unicode's new version for 2019 is attached, with data files in
http://www.unicode.org/ivd/data/ explicitly mentioned as covered under
the license.  The source text is at
http://www.unicode.org/copyright.html.

Thanks,


Paul Hardy


Unicode-Data
Description: Binary data


Unicode-Data.sig
Description: Binary data

Bug#863533: Urgent translation update for camlidl

[Chris Leick]

Hi Helge,

the change was just a short string. The new version is attached.

Kind regards,
Chris


Helge Kreutzmann:

you provided a man page translation for camlidl some time ago. I'm
intending to update camlidl to include your translation. Unfortunately
the man page does not build as your translation is out of date.

I attached the current de.po to this e-mail. If you update the file by
2019-01-31 I can include it in the next upload and it will hit Debian
before the freeze.




de.po.gz
Description: application/gzip

Bug#919298: libreoffice-mysql-connector: fails to upgrade from sid: dpkg-maintscript-helper errors out

[Rene Engelhard]

Hi again,

On Sat, Jan 26, 2019 at 05:25:14PM +0100, Rene Engelhard wrote:
> Preparing to unpack .../11-libreoffice-mysql-connector_6.2.0~rc3-1_all.deb ...
> dpkg-query: no packages found matching libreoffice-mysql-connector:all
> dpkg-query: package 'libreoffice-mysql-connector' is not installed
> Use dpkg --contents (= dpkg-deb --contents) to list archive files contents.
> dpkg-maintscript-helper: error: file 
> '/usr/share/doc/libreoffice-mysql-connector' not owned by package 
> 'libreoffice-mysql-connector:all'
> dpkg-query: package 'libreoffice-mysql-connector' is not installed
> Use dpkg --contents (= dpkg-deb --contents) to list archive files contents.
> dpkg-maintscript-helper: error: file 
> '/usr/share/doc/libreoffice-mysql-connector/changelog.Debian.gz' not owned by 
> package 'libreoffice-mysql-connector:all'
> dpkg-query: package 'libreoffice-mysql-connector' is not installed
> Use dpkg --contents (= dpkg-deb --contents) to list archive files contents.
> dpkg-maintscript-helper: error: file 
> '/usr/share/doc/libreoffice-mysql-connector/copyright' not owned by package 
> 'libreoffice-mysql-connector:all'
> dpkg-maintscript-helper: error: directory 
> '/usr/share/doc/libreoffice-mysql-connector' contains files not owned by 
> package libreoffice-mysql-connector:all, cannot switch to symlink
> dpkg: error processing archive 
> /tmp/apt-dpkg-install-Cmo0nn/11-libreoffice-mysql-connector_6.2.0~rc3-1_all.deb
>  (--unpack):
>  new libreoffice-mysql-connector package pre-installation script subprocess 
> returned error exit status 1
> Errors were encountered while processing:
>  
> /tmp/apt-dpkg-install-Cmo0nn/11-libreoffice-mysql-connector_6.2.0~rc3-1_all.deb
> E: Sub-process /usr/bin/dpkg returned an error code (1)
> 
> the package changed any (well, arch-specific) to all (transitional package), 
> maybe
> that confuses dpkg-maintscript-helper? Any suggestion to get out of this?

Except the "obvious" solution of keeping the transitional package
arch-dep and changing the -common to -core in maintscript... Needs to be
tested.

Would like to avoid that, though; there's nothing arch-dep in this
package.

Regards,
 
Rene

Bug#912879: email-reminder: Depends on libgtk2-perl, that won't be part of Bullseye

[Francois Marier]

On 2018-11-04 at 18:55:55, intrig...@debian.org wrote:
> This package depends on libgtk2-perl, that I intend to remove
> from testing soon after the Buster release, and then from sid at
> some later point during the Bullseye development cycle:
> 
>https://bugs.debian.org/912860
> 
> I notice you're also upstream for this project, so please consider
> porting the GUI to libgtk3-perl. I've personally ported a couple Perl
> GTK+ apps from 2.x to 3.x and it's rather straightforward.
> Upstream for the GTK+ 3 and GObject Introspection Perl bindings is
> responsive and happy to add missing bits to the bindings.

Sorry for the super-late reply. I was hoping to get to this during the
holidays, but it didn't happen.

If you have any useful docs you can point to in terms of transitioning,
please feel free to share them.

It's been more than 5 years since I've touched Perl I think. This will be a
major project for me, so if anybody wants to help, please don't be shy :)

Francois

-- 
https://fmarier.org/

Bug#839634: ledger(1): short option -f (for --file) missing in manpage

[Martin Michlmayr]

* Jonas Meurer  [2016-10-03 11:46]:
> The ledger(1) manpage misses the short commandline option -f (for
> --file). See attached patch to fix this documentation issue.

Thanks, Jonas.  I commited your patch upstream:
https://github.com/ledger/ledger/commit/33cbed3211ccab0f18e1ad7af3fea6af697df2e0

-- 
Martin Michlmayr
https://www.cyrius.com/

Bug#915856: sphinx: Failed cross building with Build-Depends on python3-sphinx

[Helmut Grohne]

On Sat, Jan 26, 2019 at 11:40:55AM +0100, kaliko wrote:
> Indeed it did fix the issue :)
> I set "Build-Depends-Indep: python3-sphinx:native" and built with pbuilder on 
> testing.

Do note that :native does not make any sense in Build-Depends-Indep.
Whenever you move your dependency to Build-*-Indep, it becomes
irrelevant to cross building and thus :native becomes irrelevant.

> But I'm having other problems later on, not related to sphinx though (some of 
> them
> probably x-build related).

I invite you to share your cross problems with
debian-cr...@lists.debian.org or #debian-bootstrap on irc.oftc.net.

> I don't have enough time to go any further right now, but anyway the issue 
> regarding
> sphinx is actually fixed.
> 
> A final question, would you recommend sbuild rather than pbuilder?
> Especially when trying to cross-build packages ?

I recommend using one of pbuilder or sbuild, because both reportedly
work well. At least in unstable (and likely buster) they should be on
parity wrt. features.

Helmut

Bug#915856: sphinx: Failed cross building with Build-Depends on python3-sphinx

[Helmut Grohne]

Hi Dmitry,

On Sat, Jan 26, 2019 at 12:55:28AM +0300, Dmitry Shachnev wrote:
> So I cannot promise that I will take care of half of those packages.
> I will take care only of some of them, those that I am familiar with or
> those that are easy to fix. Fortunately cmake matches these patterns.

That was wishful thinking indeed. I don't expect you to save the world.
;)

> P.S. Maybe I should merge this bug with #818115? They both discuss cross-
> building issues.

Given that dpkg now allows python3-sphinx:native, I'm inclined to not
only merge them but also close them.

Helmut

Bug#920498: os-prober generates jessy entry with bad UUID

[Ben Hutchings]

On Sat, 2019-01-26 at 11:21 +0100, Joachim Schmidt wrote:
> Package: os-prober
> Version: 1.76~deb9u1
> Severity: important
> 
> Dear Maintainer,
> 
> os-prober generates an incorrect entry for old debian (jessie) partition.
> UUID 28cc... is OK
> UUID d4c0... is bad - with blkid there is no such UUID on my system
> 
> menuentry 'Debian GNU/Linux 8 (jessie) (auf /dev/sdb4)' --class debian --class
> gnu-linux --class gnu --class os $menuentry_id_option 'osprober-gnulinux-
> simple-28cc3074-3d74-4a0f-87b6-e0898d2a1e15' {
> insmod part_gpt
> insmod ext2
> set root='hd1,gpt4'
> if [ x$feature_platform_search_hint = xy ]; then
>   search --no-floppy --fs-uuid --set=root --hint-bios=hd1,gpt4 --hint-
> efi=hd1,gpt4 --hint-baremetal=ahci1,gpt4 --hint='hd1,gpt4'
> 28cc3074-3d74-4a0f-87b6-e0898d2a1e15
> else
>   search --no-floppy --fs-uuid --set=root
> 28cc3074-3d74-4a0f-87b6-e0898d2a1e15
> fi
> linux /boot/vmlinuz-3.16.0-4-amd64
> root=UUID=d4c01c5a-d679-4725-bde1-bd56bc592d0e ro quiet
> initrd /boot/initrd.img-3.16.0-4-amd64
> }
> 
> I run update-grub some times with always the same result.
> If I change the UUID in the linux line to 28cc.. then I can boot.
[...]

In the jessie installation, what does /etc/fstab say is the root
device?

Ben.

-- 
Ben Hutchings
I'm not a reverse psychological virus.
Please don't copy me into your signature.




signature.asc
Description: This is a digitally signed message part

Bug#919298: libreoffice-mysql-connector: fails to upgrade from sid: dpkg-maintscript-helper errors out

[Andreas Beckmann]

On 2019-01-26 17:25, Rene Engelhard wrote:
> the package changed any (well, arch-specific) to all (transitional package), 
> maybe
> that confuses dpkg-maintscript-helper? Any suggestion to get out of this?

dpkg-maintscript-helper does not work properly on any->all (or vice
versa) changes. #813455

Easiest solution would be to keep the transitional package arch:any (or
some).


Andreas