Bug#780456: Guest session AppArmor profile doesn't work

2015-03-14 Thread Mathieu Parent 
Package: lightdm
Version: 1.10.3-3
Severity: normal
Tags: security patch

Hello,

The current AA profile in Jessie doesn't reference the correct exec, and some 
rules are missing.

Attached an updated profile and the correcponding patch.

I don't know if this would fit for Jessie, as:
- guest-sessions are not enabled by default,
- but, they should be secure by default

Regards

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages lightdm depends on:
ii  adduser3.113+nmu3
ii  dbus   1.8.12-3
ii  debconf [debconf-2.0]  1.5.55
ii  libc6  2.19-13
ii  libgcrypt201.6.2-4+b1
ii  libglib2.0-0   2.42.1-1
ii  libpam-systemd 215-11
ii  libpam0g   1.1.8-3.1
ii  libxcb11.10-3+b1
ii  libxdmcp6  1:1.1.1-1+b1
ii  lightdm-gtk-greeter [lightdm-greeter]  1.8.5-2

Versions of packages lightdm recommends:
ii  xserver-xorg  1:7.7+7

Versions of packages lightdm suggests:
ii  accountsservice  0.6.37-3+b1
ii  upower   0.99.1-3.1

-- debconf information:
  lightdm/daemon_name: /usr/sbin/lightdm
* shared/default-x-display-manager: lightdm
# vim:syntax=apparmor
# Profile for restricting lightdm guest session 
# Author: Martin Pitt martin.p...@ubuntu.com

#include tunables/global

/usr/lib/x86_64-linux-gnu/lightdm/lightdm-guest-session {
  #include abstractions/authentication
  #include abstractions/nameservice
  #include abstractions/wutmp
  /etc/compizconfig/config rw, # bug in compiz https://launchpad.net/bugs/697678
 
  / r,
  /bin/ rmix,
  /bin/fusermount Px,
  /bin/** rmix,
  /cdrom/ rmix,
  /cdrom/** rmix,
  /dev/ r,
  /dev/** rmw, # audio devices etc.
  owner /dev/shm/** rmw,
  /etc/ r,
  /etc/** rmk,
  /etc/gdm/Xsession ix,
  /etc/X11/Xsession ix,
  /lib/ r,
  /lib/** rmixk,
  /lib32/ r,
  /lib32/** rmixk,
  /lib64/ r,
  /lib64/** rmixk,
  owner /media/ r,
  owner /media/** rmwlixk,  # we want access to USB sticks and the like
  /opt/ r,
  /opt/** rmixk,
  @{PROC}/ r,
  @{PROC}/* rm,
  @{PROC}/asound rm,
  @{PROC}/asound/** rm,
  @{PROC}/ati rm,
  @{PROC}/ati/** rm,
  owner @{PROC}/** rm,
  # needed for gnome-keyring-daemon
  @{PROC}/*/status r,
  /sbin/ r,
  /sbin/** rmixk,
  /sys/ r,
  /sys/** rm,
  /tmp/ rw,
  owner /tmp/** rwlkmix,
  /usr/ r,
  /usr/** rmixk,
  /var/ r,
  /var/** rmixk,
  /var/guest-data/** rw, # allow to store files permanently
  /var/tmp/ rw,
  owner /var/tmp/** rwlkm,
  /{,var/}run/ r,
  # necessary for writing to sockets, etc.
  /{,var/}run/** rmkix,
  /{,var/}run/shm/** wl,
  /{,var/}run/uuid/request w,
  # libpam-xdg-support/logind
  owner /{,var/}run/user/*/** rw,

  capability ipc_lock,

  # silence warnings for stuff that we really don't want to grant
  deny capability dac_override,
  deny capability dac_read_search,
  #deny /etc/** w, # re-enable once LP#697678 is fixed
  deny /usr/** w,
  deny /var/crash/ w,
}
--- apparmor/lightdm-guest-session.dpkg-dist	2015-03-10 08:13:32.463146490 +0100
+++ apparmor/lightdm-guest-session	2015-03-10 08:14:26.789023315 +0100
@@ -4,7 +4,7 @@
 
 #include tunables/global
 
-/usr/lib/x86_64-linux-gnu/lightdm/lightdm-guest-session-wrapper {
+/usr/lib/x86_64-linux-gnu/lightdm/lightdm-guest-session {
   #include abstractions/authentication
   #include abstractions/nameservice
   #include abstractions/wutmp
@@ -22,6 +22,7 @@
   /etc/ r,
   /etc/** rmk,
   /etc/gdm/Xsession ix,
+  /etc/X11/Xsession ix,
   /lib/ r,
   /lib/** rmixk,
   /lib32/ r,
@@ -58,6 +59,9 @@
   # necessary for writing to sockets, etc.
   /{,var/}run/** rmkix,
   /{,var/}run/shm/** wl,
+  /{,var/}run/uuid/request w,
+  # libpam-xdg-support/logind
+  owner /{,var/}run/user/*/** rw,
 
   capability ipc_lock,

Bug#747909: WIP adt-virt-docker

2015-03-29 Thread Mathieu Parent 
2015-03-28 11:28 GMT+01:00 Mathieu Parent math.par...@gmail.com:
 Hello,

 I have attached the current version.

 Martin, can you review it? The manpage is missing.

Here's an improved version with th manpage.

Regards
-- 
Mathieu
From e5b3a94f7808cfd180a0e57007d36d27633a90a5 Mon Sep 17 00:00:00 2001
From: Mathieu Parent math.par...@gmail.com
Date: Sat, 28 Mar 2015 11:25:32 +0100
Subject: [PATCH] Add adt-virt-docker (Closes: #747909)

---
 virt-subproc/adt-virt-docker   | 141 +
 virt-subproc/adt-virt-docker.1 |  81 +++
 2 files changed, 222 insertions(+)
 create mode 100755 virt-subproc/adt-virt-docker
 create mode 100644 virt-subproc/adt-virt-docker.1

diff --git a/virt-subproc/adt-virt-docker b/virt-subproc/adt-virt-docker
new file mode 100755
index 000..2442200
--- /dev/null
+++ b/virt-subproc/adt-virt-docker
@@ -0,0 +1,141 @@
+#!/usr/bin/python3
+#
+# adt-virt-docker is part of autopkgtest
+# autopkgtest is a tool for testing Debian binary packages
+#
+# autopkgtest is Copyright (C) 2006-2015 Canonical Ltd.
+#
+# adt-virt-docker was derived from adt-virt-lxc and modified to suit Docker by
+# Mathieu Parent math.par...@gmail.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+# See the file CREDITS for a full list of credits information (often
+# installed as /usr/share/doc/autopkgtest/CREDITS).
+
+import sys
+import os
+import subprocess
+import tempfile
+import shutil
+import argparse
+
+try:
+our_base = os.environ['AUTOPKGTEST_BASE'] + '/lib'
+except KeyError:
+our_base = '/usr/share/autopkgtest/python'
+sys.path.insert(1, our_base)
+
+import VirtSubproc
+import adtlog
+
+
+capabilities = ['revert-full-system', 'root-on-testbed',
+'isolation-container']
+
+args = None
+docker_container_id = None
+shared_dir = None
+
+
+def parse_args():
+global args
+
+parser = argparse.ArgumentParser(fromfile_prefix_chars='@')
+
+parser.add_argument('-d', '--debug', action='store_true',
+help='Enable debugging output')
+parser.add_argument('image', help='Base image')
+parser.add_argument('dockerargs', nargs=argparse.REMAINDER,
+help='Additional arguments to pass to docker run ')
+args = parser.parse_args()
+if args.debug:
+adtlog.verbosity = 2
+
+
+def hook_open():
+global args, docker_container_id, shared_dir
+
+if shared_dir is None:
+shared_dir = tempfile.mkdtemp(prefix='adt-virt-docker.shared.')
+else:
+# don't change the name between resets, to provide stable downtmp paths
+os.makedirs(shared_dir)
+os.chmod(shared_dir, 0o755)
+docker_container_id = VirtSubproc.check_exec(['docker', 'run', '--detach=true',
+'--volume', {0}:{0}.format(shared_dir)] + args.dockerargs + [args.image, 'sh', '-c', 'while true; do sleep 600; done'],
+outp=True)
+adtlog.debug('hook_open: got docker container id %s' % docker_container_id)
+VirtSubproc.auxverb = [
+'docker', 'exec', docker_container_id
+]
+(status, out, err) = VirtSubproc.execute_timeout(None, 0, VirtSubproc.auxverb + ['false'], stdout=subprocess.PIPE)
+if status == 0:
+# In Docker  1.4, docker exec doesn't pass the return value
+# We use nsenter which pass return value
+# See https://github.com/duglin/docker/commit/90928eb1140fc0394e2
+adtlog.debug('hook_open: using nsenter workaround')
+docker_container_pid = VirtSubproc.check_exec(['docker', 'inspect',
+'--format', '{{.State.Pid}}', docker_container_id], outp=True)
+VirtSubproc.auxverb = [
+'sudo', 'nsenter', '--target', docker_container_pid, '--mount', '--uts', '--ipc', '--net',
+'--pid', '--root', '--wd' # '--user'
+]
+(status, out, err) = VirtSubproc.execute_timeout(None, 0, VirtSubproc.auxverb + ['apt-get', 'update'], stdout=subprocess.PIPE)
+
+
+def hook_downtmp(path):
+global capabilities, shared_dir
+
+if shared_dir:
+d = os.path.join(shared_dir, 'downtmp')
+# these permissions are ugly, but otherwise we can't clean up files
+# written by the testbed when running as user
+VirtSubproc.check_exec(['mkdir', '-m', '777', d], downp=True)
+capabilities.append('downtmp-host=' + d

Bug#747909: WIP adt-virt-docker

2015-03-24 Thread Mathieu Parent 
Hello,

I've started to implement adt-virt-docker. I will propose a patch within a week.

Regards

-- 
Mathieu


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#747909: WIP adt-virt-docker

2015-03-28 Thread Mathieu Parent 
Hello,

I have attached the current version.

Martin, can you review it? The manpage is missing.

Cheers,

2015-03-24 21:16 GMT+01:00 Mathieu Parent math.par...@gmail.com:
 Hello,

 I've started to implement adt-virt-docker. I will propose a patch within a 
 week.

 Regards

 --
 Mathieu



-- 
Mathieu
From 58f01839cd7452c971bc21187ee83ef2562ab33c Mon Sep 17 00:00:00 2001
From: Mathieu Parent math.par...@gmail.com
Date: Sat, 28 Mar 2015 11:25:32 +0100
Subject: [PATCH] Add adt-virt-docker

---
 virt-subproc/adt-virt-docker | 141 +++
 1 file changed, 141 insertions(+)
 create mode 100755 virt-subproc/adt-virt-docker

diff --git a/virt-subproc/adt-virt-docker b/virt-subproc/adt-virt-docker
new file mode 100755
index 000..2442200
--- /dev/null
+++ b/virt-subproc/adt-virt-docker
@@ -0,0 +1,141 @@
+#!/usr/bin/python3
+#
+# adt-virt-docker is part of autopkgtest
+# autopkgtest is a tool for testing Debian binary packages
+#
+# autopkgtest is Copyright (C) 2006-2015 Canonical Ltd.
+#
+# adt-virt-docker was derived from adt-virt-lxc and modified to suit Docker by
+# Mathieu Parent math.par...@gmail.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+# See the file CREDITS for a full list of credits information (often
+# installed as /usr/share/doc/autopkgtest/CREDITS).
+
+import sys
+import os
+import subprocess
+import tempfile
+import shutil
+import argparse
+
+try:
+our_base = os.environ['AUTOPKGTEST_BASE'] + '/lib'
+except KeyError:
+our_base = '/usr/share/autopkgtest/python'
+sys.path.insert(1, our_base)
+
+import VirtSubproc
+import adtlog
+
+
+capabilities = ['revert-full-system', 'root-on-testbed',
+'isolation-container']
+
+args = None
+docker_container_id = None
+shared_dir = None
+
+
+def parse_args():
+global args
+
+parser = argparse.ArgumentParser(fromfile_prefix_chars='@')
+
+parser.add_argument('-d', '--debug', action='store_true',
+help='Enable debugging output')
+parser.add_argument('image', help='Base image')
+parser.add_argument('dockerargs', nargs=argparse.REMAINDER,
+help='Additional arguments to pass to docker run ')
+args = parser.parse_args()
+if args.debug:
+adtlog.verbosity = 2
+
+
+def hook_open():
+global args, docker_container_id, shared_dir
+
+if shared_dir is None:
+shared_dir = tempfile.mkdtemp(prefix='adt-virt-docker.shared.')
+else:
+# don't change the name between resets, to provide stable downtmp paths
+os.makedirs(shared_dir)
+os.chmod(shared_dir, 0o755)
+docker_container_id = VirtSubproc.check_exec(['docker', 'run', '--detach=true',
+'--volume', {0}:{0}.format(shared_dir)] + args.dockerargs + [args.image, 'sh', '-c', 'while true; do sleep 600; done'],
+outp=True)
+adtlog.debug('hook_open: got docker container id %s' % docker_container_id)
+VirtSubproc.auxverb = [
+'docker', 'exec', docker_container_id
+]
+(status, out, err) = VirtSubproc.execute_timeout(None, 0, VirtSubproc.auxverb + ['false'], stdout=subprocess.PIPE)
+if status == 0:
+# In Docker  1.4, docker exec doesn't pass the return value
+# We use nsenter which pass return value
+# See https://github.com/duglin/docker/commit/90928eb1140fc0394e2
+adtlog.debug('hook_open: using nsenter workaround')
+docker_container_pid = VirtSubproc.check_exec(['docker', 'inspect',
+'--format', '{{.State.Pid}}', docker_container_id], outp=True)
+VirtSubproc.auxverb = [
+'sudo', 'nsenter', '--target', docker_container_pid, '--mount', '--uts', '--ipc', '--net',
+'--pid', '--root', '--wd' # '--user'
+]
+(status, out, err) = VirtSubproc.execute_timeout(None, 0, VirtSubproc.auxverb + ['apt-get', 'update'], stdout=subprocess.PIPE)
+
+
+def hook_downtmp(path):
+global capabilities, shared_dir
+
+if shared_dir:
+d = os.path.join(shared_dir, 'downtmp')
+# these permissions are ugly, but otherwise we can't clean up files
+# written by the testbed when running as user
+VirtSubproc.check_exec(['mkdir', '-m', '777', d], downp=True)
+capabilities.append('downtmp-host=' + d)
+else:
+d = VirtSubproc.downtmp_mktemp(path

Bug#784038: Remove uses of phppkginfo

2015-05-02 Thread Mathieu Parent 
Package: debpear
Version: 0.4
Severity: important

Hello,

I plan to remove the phppkginfo script from the pkg-php-tools package
before the stretch release.

Any use of it should be replaced by pkgtools.

Partial Roseta stone:
phppkginfo [name|summary|description|channel|...]
- pkgtools phppear [name|summary|description|channel|...]

phppkginfo debian_pkgname channel name
- pkgtools phppear debianname channel name
(introduced in 1.29)

phppkginfo debian_version version
- pkgtools phppear debianversion version

Regards

Mathieu Parent


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784048: Please move from dh-make-php to pkg-php-tools

2015-05-02 Thread Mathieu Parent 
Package: php-letodms-lucene
Version: 1.0.2-2
Severity: important
X-Debbugs-CC: pkg-php-p...@lists.alioth.debian.org

Dear maintainer,

Your package build-depend on dh-php-pear. Consider switching to
pkg-php-tools which is the current reference tool.

You can also move the pakage under the pkg-php-pear umbrella.

Regards

Mathieu Parent

NB: this bug is to drop the 3 remaining builddeps on dh-make-php:
- php-letodms-core
- php-letodms-lucene
- php-radius


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784047: Please move from dh-make-php to pkg-php-tools

2015-05-02 Thread Mathieu Parent 
Package: php-radius
Version: 1.2.5-2.4
Severity: important
X-Debbugs-CC: pkg-php-p...@lists.alioth.debian.org

Dear maintainer,

Your package build-depend on dh-php-pear. Consider switching to
pkg-php-tools which is the current reference tool.

You can also move the pakage under the pkg-php-pear umbrella.

Regards

Mathieu Parent

NB: this bug is to drop the 3 remaining builddeps on dh-make-php:
- php-letodms-core
- php-letodms-lucene
- php-radius


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784049: Please move from dh-make-php to pkg-php-tools

2015-05-02 Thread Mathieu Parent 
Package: php-letodms-core
Version: 3.3.11-1
Severity: important
X-Debbugs-CC: pkg-php-p...@lists.alioth.debian.org

Dear maintainer,

Your package build-depend on dh-php-pear. Consider switching to
pkg-php-tools which is the current reference tool.

You can also move the pakage under the pkg-php-pear umbrella.

Regards

Mathieu Parent

NB: this bug is to drop the 3 remaining builddeps on dh-make-php:
- php-letodms-core
- php-letodms-lucene
- php-radius


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784178: jessie-pu: package php-horde-passwd/5.0.2-3+deb8u1

2015-05-03 Thread Mathieu Parent 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Dear release team,

php-horde-passwd in jessie (5.0.2-3) has a typo bug in the Kolab driver 
(#780670) which needs a one-line fix.

I plan to upload an update versioned 5.0.2-3+deb8u1, once I have an ack.

debdiff attached.

Regards

Mathieu Parent

-- System Information:
Debian Release: 8.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff --git a/debian/changelog b/debian/changelog
index f59417d..6277198 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+php-horde-passwd (5.0.2-3+deb8u1) stable; urgency=medium
+
+  * Fix Kolab driver password change (Closes: #780670)
+
+ -- Mathieu Parent sath...@debian.org  Sun, 03 May 2015 20:42:42 +0200
+
 php-horde-passwd (5.0.2-3) unstable; urgency=medium
 
   * Fixed DEP-8 tests, by removing set -x
diff --git a/debian/patches/0001-Fix-Kolab-driver-password-change.patch b/debian/patches/0001-Fix-Kolab-driver-password-change.patch
new file mode 100644
index 000..137d730
--- /dev/null
+++ b/debian/patches/0001-Fix-Kolab-driver-password-change.patch
@@ -0,0 +1,23 @@
+From: Mike Gabriel mike.gabr...@das-netzwerkteam.de
+Date: Sun, 3 May 2015 20:27:06 +0200
+Subject: Fix Kolab driver password change
+Bug: https://github.com/horde/horde/pull/136
+Bug-Debian: https://bugs.debian.org/780670
+
+---
+ passwd-5.0.2/lib/Driver/Kolab.php | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/passwd-5.0.2/lib/Driver/Kolab.php b/passwd-5.0.2/lib/Driver/Kolab.php
+index 64554ed..ab49eee 100644
+--- a/passwd-5.0.2/lib/Driver/Kolab.php
 b/passwd-5.0.2/lib/Driver/Kolab.php
+@@ -73,7 +73,7 @@ class Passwd_Driver_Kolab extends Passwd_Driver
+ $userdn = ldap_get_dn($ds, $entry);
+ 
+ // Connect as the user.
+-$result = @ldap_bind($ds, $userdn, $old_password);
++$result = @ldap_bind($ds, $userdn, $oldpass);
+ if (!$result) {
+ throw new Passwd_Exception(_(Incorrect old password.));
+ }
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 000..fe1da9b
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+0001-Fix-Kolab-driver-password-change.patch

Bug#784413: ITP: php-horde-idna -- IDNA backend normalization package

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Horde_Idna
 Version : 1.0.4
 Upstream Author : Michael Slusarz
 URL : http://horde.org/
 License : BSD-2-Clause
 Programming Lang: PHP
 Description : IDNA backend normalization package
Normalized access to various backends providing IDNA (Internationalized Domain 
Names in Applications) support.

I'm packaging this as part of Horde5 packaging.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784410: ITP: php-math-biginteger -- Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] package|package_type|channel|summary|description|maintainers dir|package.xml /usr/share/pkg-

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type
  composer_keywords- Get Composer package keywords
  composer_homepage- Get Composer package homepage
  composer_time- Get Composer package time
  composer_license - Get Composer package license
  composer_authors - Get Composer package authors
  composer_support - Get Composer package support
  composer_require - Get Composer package require
  composer_require_dev - Get Composer package require_dev
  composer_conflict- Get Composer package conflict
  composer_replace - Get Composer package replace
  composer_provide - Get Composer package provide
  composer_suggest - Get Composer package suggest
  composer_autoload- Get Composer package autoload
  composer_config  - Get Composer package config
  composer_substvars   - Debian substvars from Composer package

arguments:
  dir - Directory containing package.xml, package2.xml or 
composer.json file

options:
  -d  - print debug to STDERR
 Version : Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type

Bug#784411: ITP: php-horde-idna -- IDNA backend normalization package

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Horde_Idna
 Version : 1.0.4
 Upstream Author : Michael Slusarz
 URL : http://horde.org/
 License : BSD-2-Clause
 Programming Lang: PHP
 Description : IDNA backend normalization package
Normalized access to various backends providing IDNA (Internationalized Domain 
Names in Applications) support.

I'm packaging this as part of Horde5 packaging.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784409: ITP: php-phpseclib-sourceforge-file-asn1 -- Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] package|package_type|channel|summary|description|maintainers dir|package.xml

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type
  composer_keywords- Get Composer package keywords
  composer_homepage- Get Composer package homepage
  composer_time- Get Composer package time
  composer_license - Get Composer package license
  composer_authors - Get Composer package authors
  composer_support - Get Composer package support
  composer_require - Get Composer package require
  composer_require_dev - Get Composer package require_dev
  composer_conflict- Get Composer package conflict
  composer_replace - Get Composer package replace
  composer_provide - Get Composer package provide
  composer_suggest - Get Composer package suggest
  composer_autoload- Get Composer package autoload
  composer_config  - Get Composer package config
  composer_substvars   - Debian substvars from Composer package

arguments:
  dir - Directory containing package.xml, package2.xml or 
composer.json file

options:
  -d  - print debug to STDERR
 Version : Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type

Bug#784412: ITP: php-horde-managesieve -- Client library for ManageSieve

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Horde_ManageSieve
 Version : 1.0.0alpha1
 Upstream Author : Jan Schneider
 URL : http://horde.org/
 License : BSD
 Programming Lang: PHP
 Description : Client library for ManageSieve
This library implements the ManageSieve protocol (RFC 5804).

I'm packaging this as part of Horde5 packaging.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784415: ITP: php-math-biginteger -- Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] package|package_type|channel|summary|description|maintainers dir|package.xml /usr/share/pkg-

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type
  composer_keywords- Get Composer package keywords
  composer_homepage- Get Composer package homepage
  composer_time- Get Composer package time
  composer_license - Get Composer package license
  composer_authors - Get Composer package authors
  composer_support - Get Composer package support
  composer_require - Get Composer package require
  composer_require_dev - Get Composer package require_dev
  composer_conflict- Get Composer package conflict
  composer_replace - Get Composer package replace
  composer_provide - Get Composer package provide
  composer_suggest - Get Composer package suggest
  composer_autoload- Get Composer package autoload
  composer_config  - Get Composer package config
  composer_substvars   - Debian substvars from Composer package

arguments:
  dir - Directory containing package.xml, package2.xml or 
composer.json file

options:
  -d  - print debug to STDERR
 Version : Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type

Bug#784414: ITP: php-horde-managesieve -- Client library for ManageSieve

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Horde_ManageSieve
 Version : 1.0.0alpha1
 Upstream Author : Jan Schneider
 URL : http://horde.org/
 License : BSD
 Programming Lang: PHP
 Description : Client library for ManageSieve
This library implements the ManageSieve protocol (RFC 5804).

I'm packaging this as part of Horde5 packaging.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784416: ITP: php-phpseclib-sourceforge-file-asn1 -- Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] package|package_type|channel|summary|description|maintainers dir|package.xml

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type
  composer_keywords- Get Composer package keywords
  composer_homepage- Get Composer package homepage
  composer_time- Get Composer package time
  composer_license - Get Composer package license
  composer_authors - Get Composer package authors
  composer_support - Get Composer package support
  composer_require - Get Composer package require
  composer_require_dev - Get Composer package require_dev
  composer_conflict- Get Composer package conflict
  composer_replace - Get Composer package replace
  composer_provide - Get Composer package provide
  composer_suggest - Get Composer package suggest
  composer_autoload- Get Composer package autoload
  composer_config  - Get Composer package config
  composer_substvars   - Debian substvars from Composer package

arguments:
  dir - Directory containing package.xml, package2.xml or 
composer.json file

options:
  -d  - print debug to STDERR
 Version : Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type

Bug#784419: ITP: php-math-biginteger -- Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] package|package_type|channel|summary|description|maintainers dir|package.xml /usr/share/pkg-

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type
  composer_keywords- Get Composer package keywords
  composer_homepage- Get Composer package homepage
  composer_time- Get Composer package time
  composer_license - Get Composer package license
  composer_authors - Get Composer package authors
  composer_support - Get Composer package support
  composer_require - Get Composer package require
  composer_require_dev - Get Composer package require_dev
  composer_conflict- Get Composer package conflict
  composer_replace - Get Composer package replace
  composer_provide - Get Composer package provide
  composer_suggest - Get Composer package suggest
  composer_autoload- Get Composer package autoload
  composer_config  - Get Composer package config
  composer_substvars   - Debian substvars from Composer package

arguments:
  dir - Directory containing package.xml, package2.xml or 
composer.json file

options:
  -d  - print debug to STDERR
 Version : Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type

Bug#784420: ITP: php-phpseclib-sourceforge-file-asn1 -- Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] package|package_type|channel|summary|description|maintainers dir|package.xml

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type
  composer_keywords- Get Composer package keywords
  composer_homepage- Get Composer package homepage
  composer_time- Get Composer package time
  composer_license - Get Composer package license
  composer_authors - Get Composer package authors
  composer_support - Get Composer package support
  composer_require - Get Composer package require
  composer_require_dev - Get Composer package require_dev
  composer_conflict- Get Composer package conflict
  composer_replace - Get Composer package replace
  composer_provide - Get Composer package provide
  composer_suggest - Get Composer package suggest
  composer_autoload- Get Composer package autoload
  composer_config  - Get Composer package config
  composer_substvars   - Debian substvars from Composer package

arguments:
  dir - Directory containing package.xml, package2.xml or 
composer.json file

options:
  -d  - print debug to STDERR
 Version : Usage: /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
package|package_type|channel|summary|description|maintainers dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
date|version|license|changelog|all|hasphpscript dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_deps 
dir|package.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_pkgname 
channel_url pear_name
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] debian_version 
version
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] 
channel_name|channel_summary|channel_alias channel.xml
   /usr/share/pkg-php-tools/scripts/phppkginfo [options] composer_... 
dir|composer.json

PEAR package commands:
  package - Name of package
  package_type- Type of package 
(php|extsrc|extbin|zendextsrc|zendextbin|bundle|false)
  channel - PEAR channel URL
  summary - Short summary of package
  description - Long description of package
  maintainers - Comma separated list of maintainers
  date- Date of release
  version - Version of package
  license - License of package
  changelog   - Full changelog of package
  all - print_r() of complete package file
  hasphpscript- Check if package contains files of type 'script'
  debian_deps - Print dependencies as Debian control fields
  debian_pkgname  - Translate a PEAR package name to a Debian package name
  debian_version  - Translate a PEAR version to a Debian version

PEAR channel commands:
  channel_name- Get channel name
  channel_summary - Get channel summary
  channel_alias   - Get channel alias

Composer commands:
  composer_name- Get Composer package name
  composer_description - Get Composer package description
  composer_version - Get Composer package version
  composer_type- Get Composer package type

Bug#784418: ITP: php-horde-managesieve -- Client library for ManageSieve

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Horde_ManageSieve
 Version : 1.0.0alpha1
 Upstream Author : Jan Schneider
 URL : http://horde.org/
 License : BSD
 Programming Lang: PHP
 Description : Client library for ManageSieve
This library implements the ManageSieve protocol (RFC 5804).

I'm packaging this as part of Horde5 packaging.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784417: ITP: php-horde-idna -- IDNA backend normalization package

2015-05-06 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Horde_Idna
 Version : 1.0.4
 Upstream Author : Michael Slusarz
 URL : http://horde.org/
 License : BSD-2-Clause
 Programming Lang: PHP
 Description : IDNA backend normalization package
Normalized access to various backends providing IDNA (Internationalized Domain 
Names in Applications) support.

I'm packaging this as part of Horde5 packaging.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#705254: is-enabled, the puppet side.

2015-05-07 Thread Mathieu Parent 
Hello,

Note that Puppet has the following code to test is a service is enabled:

  def enabled?
# TODO: Replace system call when Puppet::Util::Execution.execute
gives us a way
# to determine exit status.  http://projects.reductivelabs.com/issues/2538
system(/usr/sbin/invoke-rc.d, --quiet, --query,
@resource[:name], start)

# 104 is the exit status when you query start an enabled service.
# 106 is the exit status when the policy layer supplies a fallback action
# See x-man-page://invoke-rc.d
if [104, 106].include?($CHILD_STATUS.exitstatus)
  return :true
elsif [101, 105].include?($CHILD_STATUS.exitstatus)
  # 101 is action not allowed, which means we have to do the check manually.
  # 105 is unknown, which generally means the iniscript does not
support query
  # The debian policy states that the initscript should support
methods of query
  # For those that do not, peform the checks manually
  # http://www.debian.org/doc/debian-policy/ch-opersys.html
  if get_start_link_count = 4
return :true
  else
return :false
  end
else
  return :false
end
  end

I.E: this is more the policy POV. Isn't this sufficient?

-- 
Mathieu

Ref: 
https://github.com/puppetlabs/puppet/blob/master/lib/puppet/provider/service/debian.rb#L31


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784757: ITP: php-math-biginteger -- Pure-PHP arbitrary precission integer arithmetic library

2015-05-08 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent math.par...@gmail.com

 Package name: Math_BigInteger
 Version : 1.0.2
 Upstream Author : Jim Wigginton
 URL : http://pear.php.net/
 License : MIT
 Programming Lang: PHP
 Description : Pure-PHP arbitrary precission integer arithmetic library
Supports base-2, base-10, base-16, and base-256 numbers.  Uses the GMP or 
BCMath extensions, if available, and an internal implementation, otherwise.

I'm packaging this as part of Horde5 packaging.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784274: RM: php-horde-text-filter-csstidy -- ROM; Replaced by php-horde-css-parser

2015-05-04 Thread Mathieu Parent 
Package: ftp.debian.org
Severity: normal

Hello,

Please remove php-horde-text-filter-csstidy from unstable (then testing). It is 
no longer used.

Regards

Mathieu Parent


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#785281: [pkg-php-pear] Bug#785281: Bug#785281: Split phpseclib?

2015-05-16 Thread Mathieu Parent 
2015-05-16 20:58 GMT+02:00 David Prévot taf...@debian.org:
 Hi Mathieu,

Hi David,

 3./ The php-phpseclib should provide all the libraries it ships.
 This would be the proper fix for #785281.

 Digging a bit, this would not be the proper fix for #785281.

 Here is an extract from the diff:
   * Here's an example of how to use this library:
   * code
   * ?php
 - *include('Math/BigInteger.php');
 - *
 - *$a = new Math_BigInteger(2);
 - *$b = new Math_BigInteger(3);
 + *$a = new \phpseclib\Math\BigInteger(2);
 + *$b = new \phpseclib\Math\BigInteger(3);
 [...]
 +namespace phpseclib\Math;
 [...]

 Those are two different classes, with different namespaces.

 I can’t see such difference between the currently packaged phpseclib and
 php-math-biginteger. The namespaces change is supposed to happen in the
 next 1. or 2. branch of phpseclib, but the latest upstream version as
 available in Debian, is not yet inside this new namespace.

OK.

 Ha, that reminds me of the “good old times” and
 https://github.com/phpseclib/phpseclib/issues/125…

I see.

 It seems They should probably be installed at a different path:

 /usr/share/php/Math/BigInteger.php
 /usr/share/php/phpseclib/Math/BigInteger.php

 Not yet, sorry.

Indeed.

 I prefer that the files are moved. But this may be a painfull transition.

 One we’ll have to take care anyway, but I don’t intend to start it before
 upstream publish a stable release with the new namespase (not even an
 alpha has been published yet).

 I'd welcome if the phpseclib package Provides php-phpseclib-file-asn1

 Sure, I’ll had the others too, but the previous question still stands:
 should I
 add another fake “provides: php-math-biginteger (= 1.0.2-3)” for example
 (i.e., a bit higher than the current php-math-biginteger real package),
 or [would] you […] patch php-horde-mapi to drop the versionned dependency
 for php-math-biginteger.
 ?

I prefer the fake provide solution, maybe provides:
php-math-biginteger (= 1.0.2+phpseclib) ?

In parallel, I will remove php-math-integer source package from Debian.

Regards
-- 
Mathieu


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#785281: [pkg-php-pear] Bug#785281: Split phpseclib?

2015-05-16 Thread Mathieu Parent 
2015-05-16 17:53 GMT+02:00 David Prévot taf...@debian.org:
 [ Following up to #785281 only, all recipient should get the message
   from it (once). ]

 Hi Mathieu,

 Le 16/05/2015 08:07, Mathieu Parent a écrit :

 There are three problems here:
 […]
 2./ The current package name from composer should be php-phpseclib
 instead. I will file a bug about this.

 There is already #757537. If that’s enough, I can try and work on it.

Yes, that would do it.

 3./ The php-phpseclib should provide all the libraries it ships.
 This would be the proper fix for #785281.

Digging a bit, this would not be the proper fix for #785281.

Here is an extract from the diff:
  * Here's an example of how to use this library:
  * code
  * ?php
- *include('Math/BigInteger.php');
- *
- *$a = new Math_BigInteger(2);
- *$b = new Math_BigInteger(3);
+ *$a = new \phpseclib\Math\BigInteger(2);
+ *$b = new \phpseclib\Math\BigInteger(3);
[...]
+namespace phpseclib\Math;
[...]

Those are two different classes, with different namespaces.

It seems They should probably be installed at a different path:

/usr/share/php/Math/BigInteger.php
/usr/share/php/phpseclib/Math/BigInteger.php


What do you think?


[...]
 Please let me know if you prefer me to add this additional hack into
 phpseclib, or if you’re willing to drop the versionned dependency from
 php-horde-mapi.

I prefer that the files are moved. But this may be a painfull transition.

I'd welcome if the phpseclib package Provides php-phpseclib-file-asn1



-- 
Mathieu


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#785446: PEAR: Please reduce automatic names from sourceforge

2015-05-16 Thread Mathieu Parent 
Package: pkg-php-tools
Version: 1.29
Severity: minor

Hello,

Example: phpseclib.sourceforge.net/File_ASN1 becomes 
php-phpseclib-sourceforge-file-asn1.

Should be php-phpseclib-file-asn1, i.e consider sf as a TLD.

Regards

Mathieu Parent


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#785281: Split phpseclib?

2015-05-16 Thread Mathieu Parent 
Hello David,

phpseclib is provided upstream in two shapes: Composer (monolithic)
and PEAR (splitted, see PS).

Debian currently ships one binary package built from composer.

Some PEAR packages may depend on one particular package (this is
currently the case for php-horde-imp which recommends FIle_ASN1, and
for php-horde-mapi which depends on Math_BigInteger, see #785281).

There are three problems here:
1./ The PEAR calculated package name is weird:
phpseclib.sourceforge.net/File_ASN1 - php-phpseclib-sourceforge-file-asn1

I will fix this in pkg-php-tools, to consider sourceforge.net like a
TLD (we'll have php-phpseclib-file-asn1).

This is #785446.

2./ The current package name from composer should be php-phpseclib
instead. I will file a bug about this.

3./ The php-phpseclib should provide all the libraries it ships.
This would be the proper fix for #785281.



Regards
-- 
Mathieu Parent

PS: Here are the splitted packages

$ sudo pear channel-add http://phpseclib.sourceforge.net/channel.xml
Adding Channel phpseclib.sourceforge.net succeeded

$ pear  list-all -c phpseclib
All packages [Channel phpseclib]:
=
PackageLatest Local
phpseclib/Crypt_AES0.3.10   Pure-PHP implementation of AES
phpseclib/Crypt_Base   0.3.10   Base class for symmetric key
cryptographic algorithms
phpseclib/Crypt_Blowfish   0.3.10   Pure-PHP implementation of Blowfish
phpseclib/Crypt_DES0.3.10   Pure-PHP implementation of DES
phpseclib/Crypt_Hash   0.3.10   Pure-PHP implementations of
keyed-hash message authentication codes (HMACs) and various
cryptographic hashing functions
phpseclib/Crypt_Random 0.3.10   Random Number Generator
phpseclib/Crypt_RC40.3.10   Pure-PHP implementation of RC4
phpseclib/Crypt_Rijndael   0.3.10   Pure-PHP implementation of Rijndael
phpseclib/Crypt_RSA0.3.10   Pure-PHP PKCS#1 (v2.1)
compliant implementation of RSA
phpseclib/Crypt_TripleDES  0.3.10   Pure-PHP implementation of Triple DES
phpseclib/Crypt_Twofish0.3.10   Pure-PHP implementation of Twofish
phpseclib/File_ANSI0.3.10   Pure-PHP ANSI decoder
phpseclib/File_ASN10.3.10   Pure-PHP ASN1 parser
phpseclib/File_X5090.3.10   Pure-PHP X.509 encoder / decoder
phpseclib/Math_BigInteger  0.3.10   Pure-PHP arbitrary precision
integer arithmetic library
phpseclib/Net_SFTP 0.3.10   Pure-PHP implementation of SFTP
phpseclib/Net_SSH1 0.3.10   Pure-PHP implementation of SSHv1
phpseclib/Net_SSH2 0.3.10   Pure-PHP implementation of SSHv2
phpseclib/System_SSH_Agent 0.3.10   Pure-PHP ssh-agent client


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#785364: XSS in group administration

2015-05-15 Thread Mathieu Parent 
Package: php-horde
Version: 5.2.1+debian0-2
Tags: security jessie
X-Debbugs-CC: pkg-horde-hack...@lists.alioth.debian.org
Control: fixed -1 5.2.5+debian0-1

Hello,

Fix is at:
https://github.com/horde/horde/commit/dae5277746abe613de0cacc004e95e9ed9d78220

I plan to fix it in a stable update (see attached patch)

NB: no CVE (see
http://lists.horde.org/archives/dev/Week-of-Mon-20141201/028821.html
for my revious request)

Regards

-- 
Mathieu
From 7d562b1d1e92dd77c2875f8db990821521097e9b Mon Sep 17 00:00:00 2001
From: Mathieu Parent math.par...@gmail.com
Date: Fri, 15 May 2015 11:38:49 +0200
Subject: [PATCH] Fix XSS in group administration (Closes: #nn)

---
 debian/changelog   |  6 ++
 .../0003-Fix-XSS-in-group-administration.patch | 23 ++
 debian/patches/series  |  1 +
 3 files changed, 30 insertions(+)
 create mode 100644 debian/patches/0003-Fix-XSS-in-group-administration.patch

diff --git a/debian/changelog b/debian/changelog
index 2796877..384e52b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+php-horde (5.2.1+debian0-2+deb8u1) stable; urgency=medium
+
+  * Fix XSS in group administration (Closes: #nn)
+
+ -- Mathieu Parent sath...@debian.org  Fri, 15 May 2015 11:37:29 +0200
+
 php-horde (5.2.1+debian0-2) unstable; urgency=medium
 
   * Update Standards-Version, no change
diff --git a/debian/patches/0003-Fix-XSS-in-group-administration.patch b/debian/patches/0003-Fix-XSS-in-group-administration.patch
new file mode 100644
index 000..f318a40
--- /dev/null
+++ b/debian/patches/0003-Fix-XSS-in-group-administration.patch
@@ -0,0 +1,23 @@
+From: Mathieu Parent math.par...@gmail.com
+Date: Tue, 5 May 2015 21:56:08 +0200
+Subject: Fix XSS in group administration
+
+Origin: https://github.com/horde/horde/commit/dae5277746abe613de0cacc004e95e9ed9d78220
+Author: Jan Schneider j...@horde.org
+---
+ horde-5.2.1/admin/groups.php | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/horde-5.2.1/admin/groups.php b/horde-5.2.1/admin/groups.php
+index 3a3fa48..0423531 100644
+--- a/horde-5.2.1/admin/groups.php
 b/horde-5.2.1/admin/groups.php
+@@ -211,7 +211,7 @@ foreach ($nodes as $id = $node) {
+ $tree-addNode(array(
+ 'id' = $id,
+ 'parent' = null,
+-'label' = $node,
++'label' = htmlspecialchars($node),
+ 'expanded' = false,
+ 'params' = $group_node + $node_params,
+ 'right' = array($spacer, $delete_link)
diff --git a/debian/patches/series b/debian/patches/series
index 8e6d7d8..df54592 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 0002-Fix-rewrite-base.patch
+0003-Fix-XSS-in-group-administration.patch
-- 
2.1.4

Bug#785386: jessie-pu: package php-horde/5.2.1+debian0-2

2015-05-15 Thread Mathieu Parent 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Hello,

php-horde in Jessie has an XSS security bug (#785364).

I plan to fix in thru -updates.

Debdiff attached.

Regards

Mathieu Parent


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
From 4b855a205b0c33f91a908d070d7848100ef4697a Mon Sep 17 00:00:00 2001
From: Mathieu Parent math.par...@gmail.com
Date: Fri, 15 May 2015 11:38:49 +0200
Subject: [PATCH] Fix XSS in group administration (Closes: #785364)

---
 debian/changelog   |  6 ++
 .../0003-Fix-XSS-in-group-administration.patch | 23 ++
 debian/patches/series  |  1 +
 3 files changed, 30 insertions(+)
 create mode 100644 debian/patches/0003-Fix-XSS-in-group-administration.patch

diff --git a/debian/changelog b/debian/changelog
index 2796877..b801a8d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+php-horde (5.2.1+debian0-2+deb8u1) stable; urgency=medium
+
+  * Fix XSS in group administration (Closes: #785364)
+
+ -- Mathieu Parent sath...@debian.org  Fri, 15 May 2015 17:14:33 +0200
+
 php-horde (5.2.1+debian0-2) unstable; urgency=medium
 
   * Update Standards-Version, no change
diff --git a/debian/patches/0003-Fix-XSS-in-group-administration.patch b/debian/patches/0003-Fix-XSS-in-group-administration.patch
new file mode 100644
index 000..f318a40
--- /dev/null
+++ b/debian/patches/0003-Fix-XSS-in-group-administration.patch
@@ -0,0 +1,23 @@
+From: Mathieu Parent math.par...@gmail.com
+Date: Tue, 5 May 2015 21:56:08 +0200
+Subject: Fix XSS in group administration
+
+Origin: https://github.com/horde/horde/commit/dae5277746abe613de0cacc004e95e9ed9d78220
+Author: Jan Schneider j...@horde.org
+---
+ horde-5.2.1/admin/groups.php | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/horde-5.2.1/admin/groups.php b/horde-5.2.1/admin/groups.php
+index 3a3fa48..0423531 100644
+--- a/horde-5.2.1/admin/groups.php
 b/horde-5.2.1/admin/groups.php
+@@ -211,7 +211,7 @@ foreach ($nodes as $id = $node) {
+ $tree-addNode(array(
+ 'id' = $id,
+ 'parent' = null,
+-'label' = $node,
++'label' = htmlspecialchars($node),
+ 'expanded' = false,
+ 'params' = $group_node + $node_params,
+ 'right' = array($spacer, $delete_link)
diff --git a/debian/patches/series b/debian/patches/series
index 8e6d7d8..df54592 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 0002-Fix-rewrite-base.patch
+0003-Fix-XSS-in-group-administration.patch
-- 
2.1.4

Bug#785556: RM: php-math-biginteger -- ROM; Duplicate from php-seclib

2015-05-17 Thread Mathieu Parent 
Package: ftp.debian.org
Severity: normal

Hello,

Please remove php-math-biginteger from sid (then testing), it's only file is 
duplicated in php-seclib.

Context is in #785281.

Thanks

Mathieu Parent


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#785281: [pkg-php-pear] Bug#785281: Bug#785281: Split phpseclib?

2015-05-17 Thread Mathieu Parent 
2015-05-16 22:10 GMT+02:00 David Prévot taf...@debian.org:
 Hi Mathieu,

Hi David,

 On Sat, May 16, 2015 at 09:22:48PM +0200, Mathieu Parent wrote:
 2015-05-16 20:58 GMT+02:00 David Prévot taf...@debian.org:

  3./ The php-phpseclib should provide all the libraries it ships.
  This would be the proper fix for #785281.

 I prefer the fake provide solution, maybe provides:
 php-math-biginteger (= 1.0.2+phpseclib) ?

 Sure, done. I added the other provides (php-seclib, as well as the 19
 php-seclib-* packages from the phpseclib channel you pointed earlier)
 versionless, please shout (or directly fix in the VCS) if you prefer
 versioned Provides (not that I mind about seeing #761219 fixed first,
 but if versions are not needed, no need to add them).

 Upload in progress, you should be able to test it from incoming in a few
 minutes (I successfully installed php-horde-mapi with php-seclib, but
 didn’t test if it actually works).

Seems to work (but I don't have access to a MAPI server for complete test).

I've asked for removal of php-math-biginteger.

Reards
-- 
Mathieu


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#615858: Another possible patch

2015-06-05 Thread Mathieu Parent 
Package: python-stdeb
Version: 0.8.2-4
Followup-For: Bug #615858

Hello,

I ended up using the attached patch for this problem.

Regards

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python-stdeb depends on:
ii  debhelper  9.20150507
ii  python 2.7.9-1
ii  python-requests2.4.3-6
ii  python-setuptools  17.0-1
pn  python:any none

Versions of packages python-stdeb recommends:
ii  apt-file2.5.4
ii  dpkg-dev1.17.25
ii  python-all  2.7.9-1

Versions of packages python-stdeb suggests:
pn  python-all-dev  none

-- no debconf information
--- downloader.py	2015-05-27 19:28:33.444125512 +0200
+++ /usr/lib/python2.7/dist-packages/stdeb/downloader.py	2015-05-27 19:26:07.812543653 +0200
@@ -58,7 +58,7 @@
 for url in urls:
 if url['packagetype']=='sdist':
 assert url['python_version']=='source', 'how can an sdist not be a source?'
-if url['url'].endswith('.tar.gz'):
+if url['url'].endswith('.tar.gz') or url['url'].endswith('.zip'):
 download_url = url['url']
 if 'md5_digest' in url:
 expected_md5_digest = url['md5_digest']

Bug#789943: [pkg-php-pear] Bug#789943: FTBFS: Unable to parse version '=0.90 3.0' with dependency ruflin/elastica

2015-06-25 Thread Mathieu Parent 
2015-06-25 17:20 GMT+02:00 David Prévot taf...@debian.org:
[...]
 FWIW, I do use this version for a month already without any issue so
 far, except maybe not noticing FTBFSes like this one any more. The range
 specification was updated recently (in Composer 1.0.0~alpha10) [3].
 Hypen range is a bit trickier to handle as far as I’ve tried, but is not
 yet used in what is currently packaged in Debian AFAIK.

I've uploaded it you can do future upload as a team upload.

-- 
Mathieu


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#782537: [pkg-horde] Bug#782537: Bug#782537: Message composing broken due to missing symlink to ckeditor resources

2015-06-14 Thread Mathieu Parent 
2015-06-13 22:10 GMT+02:00 Markus Wagner mar...@mwagner.info:
 When will ckeditor3 be available in Jessie or sid/experimental?!

Probably never. unless someone take this job, and is able to build it
*from source*.

To be clear, the current ckeditor3 package as in git [1], has a lot of
lintian errors due to minified JS and I don't have enough time to fix
this soon. Patches welcome! Additionally, the NEW queue is currently
long.

In the meantime, you can build it yourself with gbp buildpackage

Regards

[1]: http://anonscm.debian.org/cgit/pkg-horde/PEAR/ckeditor3.git, this
is from the wheezy version.

Regards

-- 
Mathieu


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#788762: Please upload to sid

2015-06-14 Thread Mathieu Parent 
Package: etcd
Version: 2.0.8-2

Hello Jelmer,

Can you plese upload etcd to sid? Or is anything is missing?

thanks

-- 
Mathieu Parent


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#793947: [pkg-php-pear] Bug#793947: php-mail-mimedecode: Broken dependencies: dist-upgrade will pull in apache2 Webserver

2015-07-29 Thread Mathieu Parent 
2015-07-29 10:50 GMT+02:00 Matthias Merz deb...@merz-ka.de:
 Package: php-auth-sasl
 Package: php-mail-mimedecode


 When starting to dist-upgrade my machine, APT would pull in a fully fledged 
 apache Webserver.
 This is caused by a dependency to the php5 meta package which

 Depends: libapache2-mod-php5 | libapache2-mod-php5filter | php5-cgi | php5-fpm
 (versions omitted)

 Neither of them should be required IMHO. Wouldn't a dependency on php5-common 
 be correct?
 This is done e.g. in php-pear...

This can be fixed by a package rebuild (under jessie or later).

 Thanks for fixing this (maybe in the next stable point-release as well?)

I will let you know if I find some time to propose an update.

Regards

-- 
Mathieu


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#793082: ITP: gerritlib -- Client library for accessing Gerrit

2015-07-21 Thread Mathieu Parent 
Package: wnpp
Owner: Mathieu Parent sath...@debian.org
Severity: wishlist

  Package name: gerritlib
  Version : 0.4.0+git20150319
  Upstream Author : OpenStack Infrastructure Team
  URL : http://git.openstack.org/cgit/openstack-infra/gerritlib
  License : Apache-2
  Programming Lang: Python
  Description : Client library for accessing Gerrit

Gerritlib is a Python library for interacting with Gerrit.

It aims to provide a more conventionally pythonic way of managing a
Gerrit instance.


This package is a requirement for jeepyb.

Regards

Mathieu Parent


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#793083: ITP: jeepyb -- Tools for managing gerrit projects and external sources

2015-07-21 Thread Mathieu Parent 
Package: wnpp
Owner: Mathieu Parent sath...@debian.org
Severity: wishlist

  Package name: jeepyb
  Version : 0+git...
  Upstream Author : OpenStack Infrastructure Team
  URL : http://git.openstack.org/cgit/openstack-infra/jeepyb
  License : Apache-2
  Programming Lang: Python
  Description : Tools for managing gerrit projects and external sources

jeepyb is a collection of tools which make managing a gerrit easier.
Specifically, management of gerrit projects and their associated upstream
integration with things like github, launchpad, and storyboard.

Regards

Mathieu Parent


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#793076: The attachment

2015-07-20 Thread Mathieu Parent 
of course, I forgot the actual patch...

-- 
Mathieu
From 221885918cd28ba5ef242df654007968ebecf9ac Mon Sep 17 00:00:00 2001
From: Mathieu Parent math.par...@gmail.com
Date: Sun, 19 Jul 2015 16:22:58 +0200
Subject: [PATCH] Add suport for PHP PEAR and PECL packages

---
 debmake/analyze.py | 17 +
 debmake/control.py | 19 +--
 debmake/debs.py| 20 +++-
 debmake/para.py| 14 ++
 debmake/sanity.py  |  6 --
 5 files changed, 71 insertions(+), 5 deletions(-)

diff --git a/debmake/analyze.py b/debmake/analyze.py
index 37ea828..f16770f 100755
--- a/debmake/analyze.py
+++ b/debmake/analyze.py
@@ -368,6 +368,23 @@ def analyze(para):
 para['build_depends'].update({'qt4-qmake'})
 if setmultiarch:
 para['override'].update({'multiarch'})
+# PEAR or PECL
+elif os.path.isfile('package.xml'):
+para['section'] = 'php'
+# XXX FIXME para['fullname'] = 'Debian PHP PEAR Maintainers'
+# XXX FIXME para['email'] = 'pkg-php-p...@lists.alioth.debian.org'
+# XXX FIXME para['uploaders'] = ...
+# XXX FIXME para['homepage'] = 'http://pear.php.net/package/' + para['pearname'] + '/'
+para['vcsvcs'] = 'git://anonscm.debian.org/pkg-php/' + para['package'] + '.git'
+para['vcsbrowser'] = 'http://anonscm.debian.org/gitweb/?p=pkg-php/' + para['package'] + '.git'
+para['dh_buildsystem'] = 'phppear'
+para['dh_with'].update({'phppear'})
+para['build_type']  = 'PEAR'
+para['build_depends'].update({'pkg-php-tools'})
+if para['desc'] == '':
+para['desc'] = '${phppear:summary}'
+if para['desc_long'] == '':
+para['desc_long'] = ' ${phppear:description}'
 else:
 para['build_type']  = 'Unknown'
 if setmultiarch:
diff --git a/debmake/control.py b/debmake/control.py
index b4e9a34..20aab45 100755
--- a/debmake/control.py
+++ b/debmake/control.py
@@ -184,13 +184,25 @@ def control_bin(para, deb):
 section = 'Section: doc\n'
 else:
 section = ''
+if deb['recommends']:
+recommends = 'Recommends: ' + deb['recommends'] + '\n'
+else:
+recommends = ''
+if deb['suggests']:
+suggests = 'Suggests: ' + deb['suggests'] + '\n'
+else:
+suggests = ''
+if deb['breaks']:
+breaks = 'Breaks: ' + deb['breaks'] + '\n'
+else:
+breaks = ''
 ###
 return '''\
 Package: {0}
 {1}Architecture: {2}
 {3}{4}Depends: {5}
-Description: {6}
-{7}
+{6}{7}{8}Description: {9}
+{10}
 '''.format(
 deb['package'],
 section,
@@ -198,6 +210,9 @@ Description: {6}
 multiarch,
 predepends,
 ',\n\t'.join(deb['depends']),
+recommends,
+suggests,
+breaks,
 deb['desc'],
 deb['desc_long'])
 
diff --git a/debmake/debs.py b/debmake/debs.py
index d70fc94..84b7666 100755
--- a/debmake/debs.py
+++ b/debmake/debs.py
@@ -66,6 +66,9 @@ def debs(binaryspec, package, monoarch, dh_with):
 m = 'foreign'   # muiti-arch
 t = ''  # type
 dp = {'${misc:Depends}'}
+rec = {}
+sug = {}
+br = {}
 pd = set()
 ###
 # Prefix names should come first to be overriden later
@@ -171,6 +174,10 @@ def debs(binaryspec, package, monoarch, dh_with):
 a = 'all'
 m = 'foreign'
 t = 'ruby'
+elif match_prefix(t, 'phppear'): # PHP PEAR or PECL
+a = 'all' # XXX FIXME any for PECL
+m = 'foreign'
+t = 'phppear'
 elif match_prefix(t, 'sc') or (t == 'sh'): # script
 a = 'all'
 m = 'foreign'
@@ -215,6 +222,9 @@ def debs(binaryspec, package, monoarch, dh_with):
 elif 'python3' in dh_with:
 a = 'all'
 t = 'python3'
+elif 'phppear' in dh_with:
+a = 'all' # XXX FIXME any for PECL
+t = 'phppear'
 elif a == 'any': # bin as default 
 t = 'bin'
 else:
@@ -247,6 +257,11 @@ def debs(binaryspec, package, monoarch, dh_with):
 dp.update({'${python3:Depends}'})
 elif t == 'ruby': # gem2deb ???  FIXME 
 dp.update({'${ruby:Depends}'})
+elif t == 'phppear': # dh_phppear
+dp.update({'${phppear:Debian-Depends}'})
+rec.update({'${phppear:Debian-Recommends}'})
+sug.update({'${phppear:Debian-Suggests}'})
+br.update({'${phppear:Debian-Breaks}'})
 else:
 pass
 ###
@@ -268,7 +283,10 @@ def debs(binaryspec, package, monoarch, dh_with

Bug#793076: Support for PHP PEAR, PECL and Composer packages

2015-07-20 Thread Mathieu Parent 
Package: debmake
Version: 4.2.1-1
Severity: wishlist

Hello,

I've prepared a patch to add support for PEAR and PECL packages.

I couldn't get the following to work:
- binary deps are skipped (and reverted to Depends: ${misc:Depends},
  ${shlibs:Depends})
- How to pass arch?
- Vcs-* fields are not in control field (even commented out)

Once I understand this, I will also add Composer support.

NB: some other things that we know with thoses kind of pakages:
- Maintainer/Uploaders field
- (sometimes) Home page
- (sometimes) upstream tarball (debian/watch)

Regards

Mathieu Parent

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages debmake depends on:
ii  devscripts   2.15.5
ii  dpkg-dev 1.18.1
ii  python3  3.4.3-4
pn  python3:any  none
ii  rsync3.1.1-3

Versions of packages debmake recommends:
ii  build-essential  11.7
ii  curl 7.43.0-1
ii  strace   4.9-2
ii  wget 1.16.3-3

Versions of packages debmake suggests:
ii  autotools-dev 20140911.1
pn  ccachenone
ii  cmake 3.2.2-2
ii  cowbuilder0.73
ii  dh-autoreconf 10
ii  dh-python 1.20150705-1
ii  eatmydata 82-6
pn  gem2deb   none
ii  git   1:2.1.4-2.1
ii  git-buildpackage  0.6.32
pn  gitk  none
pn  javahelpernone
ii  lintian   2.5.33
pn  mcnone
ii  pbuilder  0.215+nmu4
pn  quilt none
ii  rpm2cpio  4.12.0.1+dfsg1-3

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#802989: [pkg-php-pear] Bug#802989: Composer: ~5 translates badly as (>= 5) and (<< 1~~)

2015-10-26 Thread Mathieu Parent 
2015-10-25 21:03 GMT+01:00 David Prévot :
> Package: pkg-php-tools
> Version: 1.30
> Severity: normal
>
> Hi,

Hi David,

> While looking at the latest (2.0.1) version of phpunit-dbunit (Vcs up to
> date, except the changelog entry), I noticed that the following entry in
> composer.json:
>
> "require": {
> […]
> "phpunit/phpunit": "~5",
>
> was translated as “phpunit (>= 5), phpunit (<< 1~~)” by dh_phpcomposer,
> making the package uninstallable (even if phpunit 5 were available),
> instead of the expected “phpunit (>= 5), phpunit (<< 6~~)”.

Accorind to doc (https://getcomposer.org/doc/articles/versions.md#tilde):

Note: The ~ operator has an exception on its behavior for the major
release number. This means for example that ~1 is the same as ~1.0 as
it will not allow the major number to increase trying to keep
backwards compatibility.

> I haven’t tracked down the issue, sorry, but filling a bug report not to
> forget it.

Will fix and upload shortly (hopefully).

Regards
-- 
Mathieu

Bug#769031: Crowfunding the port of IMP to latest ckeditor?

2015-11-08 Thread Mathieu Parent 
Hello,

On 11/10/2014 10:46 AM, Michael M Slusarz wrote:
[...]
> IMP uses the Ckeditor 3.x javascript API.  Ckeditor's 4.x javascript API
> is completely different.
>
> Using Ckeditor 4.x will only be possible when all of IMP's javascript
> code interfacing with Ckeditor is rewritten.
>
> michael
Ref: http://lists.horde.org/archives/horde/Week-of-Mon-20141110/052934.html

Is there any plan to port IMP to ckeditor 4 or upcoming 5? Can you
estimate the amount of work required? Can it be crowfunded?

NB: Part of the ckeditor 4 API will be available in ckeditor 5:
https://medium.com/content-uneditable/ckeditor-5-the-future-of-rich-text-editing-2b9300f9df2c#2b4d

Regards
-- 
Mathieu Parent

Bug#682157: Bugs 759282 and 682157 (php-pear unsafe use of /tmp) should probably not be closed

2015-11-08 Thread Mathieu Parent 
Control: reopen -1

2015-11-08 7:25 GMT+01:00 Salvatore Bonaccorso <car...@debian.org>:
> Hi Mathieu,

Hi Salvatore,

> On Sat, Nov 07, 2015 at 03:53:07PM +0100, Mathieu Parent wrote:
>> 2015-11-07 15:05 GMT+01:00 Salvatore Bonaccorso <car...@debian.org>:
>> > Hi Mathieu,
>> >
>> > On Sat, Nov 07, 2015 at 01:27:07PM +, Debian Bug Tracking System wrote:
>> >> Version: 5.3.6-1
>> >>
>> >> Hello,
>> >>
>> >> According to https://pear.php.net/bugs/bug.php?id=18056, it's fixed since 
>> >> 1.9.2
>> >
>> > is this true? I just did a quick check (not a full analysis) and it
>> > still seems to use /tmp/pear.
>>
>> Yes, it does. But it checks for symlinks and truncate the file.
>>
>> This even introduced a regression on Windows:
>> https://pear.php.net/bugs/bug.php?id=18834
>>
>> > Can you check if the upstream bug report might be pointing to the
>> > wrong fixing version?
>>
>> This is:
>> https://github.com/pear/pear-core/commit/38de9355e3a9c66445a6d39d2c9a20f73e986d9a
>> (which is in 1.9.2)
>>
>> And further improvement in:
>> https://github.com/pear/pear-core/commit/cd31da7d8b5e684f177a8fe700339f7eb2420876
>> (which is in 1.9.3)
>>
>> > (I have reopened the bugs for now)
>>
>> Can we close it then?
>
> Well, IMHO no, that is not correct. The issues are still there even
> you cannot globber anymore someone else files. A can block another
> user this way.

I didn't want to close, it, but my Reply-to-all went to the -done addresses.

>
> As user foo do:
>
> foo@sid:~$ pear download HTML_Common2
> downloading HTML_Common2-2.1.1.tgz ...
> Starting to download HTML_Common2-2.1.1.tgz (8,604 bytes)
> .done: 8,604 bytes
> File /home/foo/HTML_Common2-2.1.1.tgz downloaded
>
>
> then replace the cache files with symlinks (e.g. to files in home of
> user bar, since he want's to try to globber these files). bar now is
> unable to pear download HTML_Common2:
>
> bar@sid:~$ pear download HTML_Common2
>
> Notice: unserialize(): Error at offset 0 of 220 bytes in PEAR/REST.php on 
> line 203
> PHP Notice:  unserialize(): Error at offset 0 of 220 bytes in 
> /usr/share/php/PEAR/REST.php on line 203
> No releases available for package "pear.php.net/HTML_Common2"
> download failed
> bar@sid:~$ ls
> bar@sid:~$
>
> or as root
>
> root@sid:~# pear download HTML_Common2
>
> Notice: unserialize(): Error at offset 0 of 220 bytes in PEAR/REST.php
> on line 203
> PHP Notice:  unserialize(): Error at offset 0 of 220 bytes in
> /usr/share/php/PEAR/REST.php on line 203
> No releases available for package "pear.php.net/HTML_Common2"
> download failed
> root@sid:~# pear install HTML_Common2
>
> Notice: unserialize(): Error at offset 0 of 220 bytes in PEAR/REST.php
> on line 203
> PHP Notice:  unserialize(): Error at offset 0 of 220 bytes in
> /usr/share/php/PEAR/REST.php on line 203
> No releases available for package "pear.php.net/HTML_Common2"
> install failed
> root@sid:~#
>
> So again, I don't think the issues with unsafe use of /tmp are fixed
> correctly and the bugs should not be closed. PHP maintainers, what do
> you think (Ondřej cc'ed)?

Which pear version are you testing?

Note that I'll be the php-pear maintainer, once the new package [1] is finished.

We should test against this latest 1.10 and report upstream is the bug remain.

[1]: anonscm.debian.org/cgit/pkg-php/php-pear.git

Regards

-- 
Mathieu

Bug#803191: closed by Mathieu Parent <sath...@debian.org> (Bug#803191: fixed in jeepyb 0+20150929-2)

2015-11-02 Thread Mathieu Parent 
2015-11-02 20:24 GMT+01:00 Hans Joachim Desserud :
>> This is an automatic notification regarding your Bug report
>> which was filed against the jeepyb package:
>>
>> #803191: jeepyb FTBFS: A newer version of python-pbr has been packaged
>>
>
> Thank you, Mathieu. :)
>
> You may have noticed this already, but gerritlib also depends on
> python3-pbr < 1.0 and is thus also affected. I'm not sure
> whether I need to file a separate bug on that or not.

Not needed.

There is currently a patch waiting upstream:
https://review.openstack.org/#/c/199568/

I will upload a fixed gerritlib soon.

Regards

-- 
Mathieu

Bug#803641: [pkg-horde] Bug#803641: php-horde: Multiple CSRF Vulnerabilities

2015-11-01 Thread Mathieu Parent 
Control: severity -1 important
Control: tag -1 + confirmed upstream security patch jessie fixed-upstream fixed
Control: fixed -1 5.2.8+debian0-1


2015-11-01 12:37 GMT+01:00 Philip Frei :
> Package: php-horde
> Version: 5.2.1+debian0-2+deb8u1
> Severity: normal
>
> Dear Maintainer,
>
> there are some multiple CSRF vulnerabilities in Horde that were recently
> discovered[1].
> The new version (5.2.8) in testing/unstable fixes this problem. But the
> problem still exists for stable's version.
> I would be nice to have a fixed version in stable too.

This seems to be:
https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae

I will prepare an upload for next jessie point-release, unless you
think it should go to the security mirors sooner.

Regards
-- 
Mathieu

Bug#801690: [Pkg-samba-maint] Bug#801690: 'smbstatus -b' leads to broken ctdb cluster

2015-11-01 Thread Mathieu Parent 
2015-10-13 15:44 GMT+02:00 Adi Kriegisch :
> Package: ctdb
> Version: 2.5.4+debian0-4
>
> Dear maintainers,

Hello Adi,

Sorry for my late reply.

> I recently upgraded a samba cluster from Wheezy (with Kernel, ctdb, samba
> and glusterfs from backports) to Jessie. The cluster itself is way older
> and basically always worked. Since the upgrade to Jessie 'smbstatus -b'
> (almost always) just hangs the whole cluster; I need to interrupt the call
> with ctrl+c (or run with 'timeout 2') to avoid a complete cluster lockup
> leading to the other cluster nodes being banned and the node I run smbstatus
> on to have ctdbd run at 100% load but not being able to recover.

How do you recover then? KILL-ing ctdbd?

> The cluster itself consists of three nodes sharing three cluster ips. The
> only service ctdb manages is Samba. The lock file is located on a mirrored
> glusterfs volume.
>
> running and interrupting the hanging smbstatus leads to the following log
> messages in /var/log/ctdb/log.ctdb:
>   | 2015/10/13 15:09:24.923002 [19378]: Starting traverse on DB
>   |  smbXsrv_session_global.tdb (id 2592646)
>   | 2015/10/13 15:09:25.505302 [19378]: server/ctdb_traverse.c:644 Traverse
>   |  cancelled by client disconnect for database:0x6b06a26d
>   | 2015/10/13 15:09:25.505492 [19378]: Could not find idr:2592646
>   | [...]
>   | 2015/10/13 15:09:25.507553 [19378]: Could not find idr:2592646
>
> 'ctdb getdbmap' lists that database, but also lists a second entry for
> smbXsrv_session_global.tdb:
>   | dbid:0x521b7544 name:smbXsrv_version_global.tdb 
> path:/var/lib/ctdb/smbXsrv_version_global.tdb.0
>   | dbid:0x6b06a26d name:smbXsrv_session_global.tdb 
> path:/var/lib/ctdb/smbXsrv_session_global.tdb.0
> (I have no idea if that has always been the case or if that happened after
> the upgrade).
>
> Calling 'smbstatus --locks' and 'smbstatus --shares' works just fine.

Have you tried which of --processes, --notify hangs? Does it hangs
with "-b --fast"?

,

> 'strace'ing ctdbd leads to a massive amount of these messages:
>   | 
> write(58,"\240\4\0\0BDTC\1\0\0\0\215U\336\25\5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
>   |  1184) = -1 EAGAIN (Resource temporarily 
> unavailable)

fd 58 is probably the ctdb socket. Can you confirm?

To have more usefull info, can you install gdb, ctdb-dbg and samba-dbg
and send the stacktrace of ctdbd at the write?

> Running 'ctdb_diagnostics' is only possible shortly after  the cluster is
> started (ie. while smbstatus -b works) and yields the following messages:
>   | ERROR[1]: /etc/krb5.conf is missing on node 0
>   | ERROR[2]: File /etc/hosts is different on node 1
>   | ERROR[3]: File /etc/hosts is different on node 2
>   | ERROR[4]: File /etc/samba/smb.conf is different on node 1
>   | ERROR[5]: File /etc/samba/smb.conf is different on node 2
>   | ERROR[6]: File /etc/fstab is different on node 1
>   | ERROR[7]: File /etc/fstab is different on node 2
>   | ERROR[8]: /etc/multipath.conf is missing on node 0
>   | ERROR[9]: /etc/pam.d/system-auth is missing on node 0
>   | ERROR[10]: /etc/default/nfs is missing on node 0
>   | ERROR[11]: /etc/exports is missing on node 0
>   | ERROR[12]: /etc/vsftpd/vsftpd.conf is missing on node 0
>   | ERROR[13]: Optional file /etc/ctdb/static-routes is not present on node 0
> '/etc/hosts' differs in some newlines and comments while 'smb.conf' only
> has some different log levels on the nodes. The rest of the messages does
> not affect ctdb as it only manages samba.

Yes. Nothing relevant here.

> Feel free to ask if you need any more information.

Regards


-- 
Mathieu

Bug#803641: [pkg-horde] Bug#803641: Bug#803641: php-horde: Multiple CSRF Vulnerabilities

2015-11-01 Thread Mathieu Parent 
2015-11-02 7:52 GMT+01:00 Mathieu Parent <math.par...@gmail.com>:
> Control: severity -1 important
> Control: tag -1 + confirmed upstream security patch jessie fixed-upstream 
> fixed
> Control: fixed -1 5.2.8+debian0-1
>
>
> 2015-11-01 12:37 GMT+01:00 Philip Frei <p...@gmx.de>:
>> Package: php-horde
>> Version: 5.2.1+debian0-2+deb8u1
>> Severity: normal
>>
>> Dear Maintainer,
>>
>> there are some multiple CSRF vulnerabilities in Horde that were recently
>> discovered[1].
>> The new version (5.2.8) in testing/unstable fixes this problem. But the
>> problem still exists for stable's version.
>> I would be nice to have a fixed version in stable too.
>
> This seems to be:
> https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae
>
> I will prepare an upload for next jessie point-release, unless you
> think it should go to the security mirors sooner.

I have prepared the upload to jessie-security:
http://anonscm.debian.org/cgit/pkg-horde/PEAR/php-horde.git/commit/?h=debian/jessie=47c6d6e6ad0836d657eee75e36ef8dbd19c843d2

To the security team: Can/Should I upload it?

Note that the Horde team doesn't provide CVEs, I've asked for it at:
http://lists.horde.org/archives/dev/Week-of-Mon-20141201/028821.html

Regards
-- 
Mathieu

Bug#769031: [pkg-horde] Issue with php-horde-editor and ckeditor3

2015-11-07 Thread Mathieu Parent 
2015-11-02 21:28 GMT+01:00 T.A. van Roermund :
> Dear package Maintainer,

Hello Timo,

> I hope you can help me with the following issue.
>
> I installed the Horde framework (under Debian testing) and noticed that name
> completion did not work in my Imp compose window. When digging into the
> issue, I saw that Firebug actually reported a JS error, which seems to stop
> all (further) JS processing:
>
> "TypeError: CKEDITOR.on is not a function"
>
> After some searching, I found the following bug report:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769031
>
> It says:
> "Release to experimental, until ckeditor3 is in the archive"
>
> However, the following bug report seems to indicate that ckeditor3 is not
> going to become available in Debian:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769455
>
> "This package as not been accepted in time for jessie. Let's drop it."
>
> What is the current plan forward?

This problem is currently stalled.

I planned to fix it by:
- packaging old ckeditor as a ckeditor3 package
- make php-horde-editor depends on it and update symlinks

Appart from the lack of time finishing the work (including making
ckeditor3 dfsg), the security team may forbid having an old ckeditor
in the archive.

I've asked this at:
https://lists.debian.org/debian-security/2014/11/msg00035.html but
received no response (I also forwarded the message to the Debian
security team).

Funding the work to port Horde to ckeditor 4 is the way forward. I
will propose this to the horde-dev ML.

> Or is there no plan and should I better fix it manually (if so, any
> suggestions how)?

The workaround are :
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769031#15, or
- install files and directories from
(horde.git)/horde/framework/Editor/js/ckeditor into the debian package
directory /usr/share/horde/js/ckeditor/


> Thanks for your support!
>
> Timo van Roermund
-- 
Mathieu

Bug#803641: [pkg-horde] Bug#803641: Aw: Re: Bug#803641: php-horde: Multiple CSRF Vulnerabilities

2015-11-03 Thread Mathieu Parent 
2015-11-02 14:27 GMT+01:00 Philip Frei :
>> This seems to be:
>> https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae
>
>> I will prepare an upload for next jessie point-release, unless you
>> think it should go to the security mirors sooner.
>
> Thanks a lot!
>
> I think Horde's command shells are hardly used (I, for one don't use them 
> very often).

But it is enabled by default. I have tested and uploaded the fix to
security-master-unembargoed, in coordination with the security team.
If I understand correctly, it will go to the security mirrors soon.

Regards

-- 
Mathieu

Bug#803337: [Pkg-samba-maint] Bug#803337: Small error in smb.conf manpage

2015-10-30 Thread Mathieu Parent 
Control: tag -1 upstream

2015-10-28 20:21 GMT+01:00 Yvan Masson :
> Package: samba-common-bin
> Version: 2:4.1.17+dfsg-2
> Severity: minor
>
> Dear maintainers,

Hello Yvan,

> In the smb.conf manpage, the following sentence is written:
[...]

Thanks for your report. Can you send a patch directly upstream?

See https://wiki.samba.org/index.php/Contribute

Regards

-- 
Mathieu

Bug#795664: Fixed ruby-handlebars-assets FTBS

2015-10-13 Thread Mathieu Parent 
Hello,

I've fixed the FTBS in my local git repo. I'll request pkg-ruby-extras
membership and upload the fixes next week. As don't know Ruby either,
can someone from the team review?

Detail:
* patch 0001: the package was previously splitted as libjs-handlebars
and libjs-handlebars.runtime
* patch 0002: missing ruby load path. This one is strange and I don't
understand why system load path should be listed here
* patch 0003: fixes js path. This is related to 0001
* TODO patch 0004: debian/changelog

Regards
-- 
Mathieu
From 23e6c7735a5421b5142bf47cc76d97ba72623931 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Tue, 13 Oct 2015 04:58:28 +0200
Subject: [PATCH 3/3] Fix path during tests

---
 debian/patches/0002-Fix-slimbars-test.patch | 37 +
 debian/patches/series   |  1 +
 2 files changed, 38 insertions(+)
 create mode 100644 debian/patches/0002-Fix-slimbars-test.patch

diff --git a/debian/patches/0002-Fix-slimbars-test.patch b/debian/patches/0002-Fix-slimbars-test.patch
new file mode 100644
index 000..78c433f
--- /dev/null
+++ b/debian/patches/0002-Fix-slimbars-test.patch
@@ -0,0 +1,37 @@
+From: Mathieu Parent <math.par...@gmail.com>
+Date: Tue, 13 Oct 2015 05:26:45 +0200
+Subject: Fix slimbars test
+
+---
+ test/handlebars_assets/slimbars_test.rb | 5 +
+ 1 file changed, 5 insertions(+)
+
+diff --git a/test/handlebars_assets/slimbars_test.rb b/test/handlebars_assets/slimbars_test.rb
+index f162d81..2002f26 100644
+--- a/test/handlebars_assets/slimbars_test.rb
 b/test/handlebars_assets/slimbars_test.rb
+@@ -5,6 +5,11 @@ module HandlebarsAssets
+ include SprocketsScope
+ include CompilerSupport
+ 
++def teardown
++  HandlebarsAssets::Config.reset!
++  HandlebarsAssets::Handlebars.reset!
++end
++
+ def compile_slim(source)
+   Slim::Template.new(HandlebarsAssets::Config.slim_options) { source }.render
+ end
+diff --git a/test/test_helper.rb b/test/test_helper.rb
+index c829413..fc18e3c 100644
+--- a/test/test_helper.rb
 b/test/test_helper.rb
+@@ -57,7 +57,7 @@ module HandlebarsAssets
+ def reset!
+   @chomp_underscore_for_partials = nil
+   @compiler = nil
+-  @compiler_path = nil
++  @compiler_path = 'vendor/assets/javascripts'
+   @haml_options = nil
+   @known_helpers = nil
+   @known_helpers_only = nil
diff --git a/debian/patches/series b/debian/patches/series
index d77d941..543a72c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 engine-root.patch
+0002-Fix-slimbars-test.patch
-- 
2.6.1

From c20b61299da5ba14d7e61f8d66702beb251fb747 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Tue, 13 Oct 2015 04:11:55 +0200
Subject: [PATCH 2/3] Fixing: uninitialized constant MiniTest::Test (NameError)
 (Closes: #795664)

---
 debian/ruby-tests.rake | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/ruby-tests.rake b/debian/ruby-tests.rake
index fc925a8..024e4ab 100644
--- a/debian/ruby-tests.rake
+++ b/debian/ruby-tests.rake
@@ -1,5 +1,6 @@
 require 'rake/testtask'
 Rake::TestTask.new(:test) do |test|
+  test.libs << '/usr/lib/ruby/vendor_ruby'
   test.libs << 'test'
   test.test_files = FileList["test/**/*_test.rb"]
   test.verbose = false
-- 
2.6.1

From 09f88579ab0f0b667ce40d56b0964af281d212f9 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Tue, 13 Oct 2015 03:21:04 +0200
Subject: [PATCH 1/3] Remove circular dep on libjs-handlebars{,.runtime}

---
 debian/control | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/debian/control b/debian/control
index ab3e0c2..7388f96 100644
--- a/debian/control
+++ b/debian/control
@@ -4,8 +4,7 @@ Priority: optional
 Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintain...@lists.alioth.debian.org>
 Uploaders: Pirate Praveen <prav...@debian.org>
 Build-Depends: debhelper (>= 7.0.50~), gem2deb (>= 0.7.5~), ruby-slim,
- ruby-execjs, ruby-tilt, ruby-multi-json, ruby-sprockets, ruby-haml,
- libjs-handlebars (>= 2:0.20.1~), libjs-handlebars.runtime (>= 2:0.20.1~)
+ ruby-execjs, ruby-tilt, ruby-multi-json, ruby-sprockets, ruby-haml
 Standards-Version: 3.9.6
 Vcs-Git: git://anonscm.debian.org/pkg-ruby-extras/ruby-handlebars-assets.git
 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-ruby-extras/ruby-handlebars-assets.git;a=summary
-- 
2.6.1

Bug#784047: Moving from dh-make-php to pkg-php-tools in one month

2015-10-07 Thread Mathieu Parent 
Hello,

Without any news within a month, I will go ahead and move this package
to pkg-php-tools.

Regards

-- 
Mathieu

Bug#801269: Superseeded by pkg-php-tools

2015-10-07 Thread Mathieu Parent 
Package: dh-make-php
Version: 0.4.0
Severity: normal
Control: block -1 by 784047 784048 784049

Hello,

pkg-php-tools is here since wheezy (and squeeze-backports), and it builds most 
of the PEAR/PECL/Composer packages now. The major difference is that 
dh-make-php is CDBS-oriented and pkg-php-tools is dh7-oriented (but both can 
probably be used either way).

debpear can be used to bootstrap a package.

I propose to remove dh-make-php from stretch and sid, once the blocker bugs are 
fixed (currently: 3 reverse builddeps).

Thanks Uwe Steinmann for this package!

Regards

Mathieu Parent

Bug#800341: Fixed in git

2015-10-08 Thread Mathieu Parent 
Hello,

I have fixed both problems in git.

I think commits 444a7fb4df and 6ac65f75a971a4a should be applied for
jessie too. What do you think? NB: the second commit should use
"pidfile: /var/run/squid3.pid" on jessie.


Regards
-- 
Mathieu Parent

Bug#801919: ITP: php-pear -- PEAR - PHP Extension and Application Repository

2015-10-15 Thread Mathieu Parent 
Package: wnpp
Severity: wishlist
Owner: Mathieu Parent <sath...@debian.org>

* Package name: php-pear
  Version : 1:1.10
  Upstream Author : a lot
* URL : https://pear.php.net/package/PEAR
* License : BSD-2-Clause
  Programming Lang: PHP
  Description : PEAR - PHP Extension and Application Repository

Current description (from src:php5):
 This package contains the base PEAR classes for PHP, as well as the PEAR
 installer.  Many PEAR classes are already packaged for Debian, and can be
 easily identified by names beginning with "php-", such as php-db and
 php-auth.  Note: to build and install precompiled PECL extensions, you
 will need one of the php development packages installed.
 .
 PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used
 open source general-purpose scripting language that is especially suited
 for web development and can be embedded into HTML.

This is to fix #714848. The package will be maintained in the pkg-php-pear ML.

To avoid having a circular dependency, I won't build-depend on pkg-php-tools,
as its dependencies:
- Archive_Tar
- Structures_Graph
- Console_Getopt
- XML_Util

Regards 

Mathieu Parent

Bug#800341: squid3: systemctl reports squid is running when there is a bungled squid.conf and it has exited.

2015-10-07 Thread Mathieu Parent 
On Tue, 29 Sep 2015 18:36:59 +1300 Amos Jeffries  wrote:
> Hi Alex,
>  Thank you for this report.
>
> To summarize:
> * this appears to be a bug in systemd, or maybe systemd-shim
> * the systemd init.d script handler is lying and corrupting systemd state

See my explanations below.

>
> On Mon, 28 Sep 2015 14:26:00 +1300 Alex King wrote:
> >
> > For example, with squid running, add a nonsense line into the
> > configuration. Reload with "systemctl reload squid3". Now "systemctl
> > status squid3" shows:
> >
> > ● squid3.service - LSB: Squid HTTP Proxy version 3.x
> > Loaded: loaded (/etc/init.d/squid3)
> > Active: active (exited) since Mon 2015-09-28 13:31:37 NZDT; 12min ago
> > Process: 25937 ExecReload=/etc/init.d/squid3 reload (code=exited,
> status=0/SUCCESS)
>
> systemd is lying.

Nope, process has exited with exit status of 0.

>
> The init script contains this to exit with an error on squid.conf errors:
>res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL .*"`
>   if test -n "$res";
>   then
> log_failure_msg "$res"
> exit 3
>   ...

This is were the error is.

With a faulty config, I have the following log:
FATAL: Bungled /etc/squid3/squid.conf line 272: http_access allow toto

The grep doesn't match! It should be grep -o "FATAL: .*"`.


> On most OS a shell script calling exit N with a non-0 value means
> failure. Apparently systemd is different.

As stated, "/etc/init.d/squid3 status" returned 0 here.
Once the attached patch is applied, and "systemctl daemon-reload" is
run, with a running service, doing the following will work as
expected:

me@srv:~$ sudo systemctl reload squid3.service
Job for squid3.service failed. See 'systemctl status squid3.service'
and 'journalctl -xn' for details.
me@srv:~$ systemctl status squid3.service
● squid3.service - LSB: Squid HTTP Proxy version 3.x
   Loaded: loaded (/etc/init.d/squid3)
   Active: active (running) (Result: exit-code) since mer. 2015-10-07
15:46:14 CEST; 1min 34s ago
  Process: 17652 ExecReload=/etc/init.d/squid3 reload (code=exited, status=3)
   CGroup: /system.slice/squid3.service
   ├─17066 /usr/sbin/squid3 -YC -f /etc/squid3/squid.conf
   ├─17069 (squid-1) -YC -f /etc/squid3/squid.conf
   ├─17070 (negotiate_wrapper_auth) --ntlm /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp --kerberos
/usr/lib/squid3/negotiate_kerberos_auth -s HTTP/proxy-pp.nantes
   ├─17071 /usr/lib/squid3/negotiate_kerberos_auth -s
HTTP/proxy-pp.nantes@ad.nantes.net
   ├─17072 (ntlm_auth) --helper-protocol=squid-2.5-ntlmssp
   ├─17073 /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
   ├─17074 (ntlm_auth) --helper-protocol=squid-2.5-basic
   ├─17075 /usr/bin/perl -w /usr/lib/squid3/ext_wbinfo_group_acl -K
   ├─17076 /usr/bin/perl -w /usr/lib/squid3/ext_wbinfo_group_acl -K
   ├─17077 /usr/bin/perl -w /usr/lib/squid3/ext_wbinfo_group_acl -K
   ├─17078 /usr/bin/perl -w /usr/lib/squid3/ext_wbinfo_group_acl -K
   ├─17079 /usr/bin/perl -w /usr/lib/squid3/ext_wbinfo_group_acl -K
   └─17080 (pinger)



Additionnaly (but this is orthogonal), the systemctl status command
will incorrectly report service as active if it exited with status 0.

To fix, run:
sudo mkdir /etc/systemd/system/squid3.service.d
cat &1 | grep -o "FATAL .*"`
+   res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL: .*"`
if test -n "$res";
then
log_failure_msg "$res"
@@ -153,7 +153,7 @@
fi
;;
 reload|force-reload)
-   res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL .*"`
+   res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL: .*"`
if test -n "$res";
then
log_failure_msg "$res"
@@ -166,7 +166,7 @@
fi
;;
 restart)
-   res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL .*"`
+   res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL: .*"`
if test -n "$res";
then
log_failure_msg "$res"

Bug#801327: [Pkg-samba-maint] Bug#801327: ctdb: Man page for ctdb_diagnostics

2015-10-08 Thread Mathieu Parent 
2015-10-08 18:49 GMT+02:00 Martijn van Brummelen :
> Dear Maintainer,

hello Martin,

> I created a manpage for ctdb_diagnostics.
> What do you think about it?

This is good. Can you please send this directly upstream? this can be
done by sending this to samba-technical mailing list [1], or creating
a pull-request to the samba github repository [2].

[1]:https://lists.samba.org/mailman/listinfo/samba-technical
[2]:https://github.com/samba-team/samba/pulls

Regards
-- 
Mathieu

Bug#789370: [pkg-php-pear] Bug#789370: php-services-weather: package description lines with wrong indentation are treated verbatim

2015-07-12 Thread Mathieu Parent 
2015-07-08 23:15 GMT+02:00 David Prévot taf...@debian.org:
[...]
 FWIW, this package is only recommended by php-horde, is not maintained
 upstream anymore, and seen its last upstream update almost three years
 ago. If someone familiar with Horde could investigate if this package is
 still useful, that would be nice. If dropping the recommendation makes
 sense, an RC bug against php-services-weather could prevent it from
 getting shipped with Stretch, even before asking for its removal.

Hello,

It's still used in horde/lib/Block/Metar.php, even on current upstream
git master. but alternatively, there is horde/lib/Block/Weather.php,
whch seems to provide the same info.

I've filled https://bugs.horde.org/ticket/14050 upstream.

Regards
-- 
Mathieu


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#747909: WIP adt-virt-docker

2015-09-06 Thread Mathieu Parent 
2015-08-28 21:58 GMT+02:00 Chris Kuehl :
> Howdy there Mathieu and Martin,

Hello Chris and Martin,

> Thanks for your work on this! This is pretty cool.
>
> Out of curiosity, has any progress been made on this patch/bug?

Nope

> If you'd like some help, I'd be happy to lend a hand to addressing the
> comments in Martin's review -- would really like to use this feature
> myself :-)

Please go ahead, this feature is not my top priority currently (but I
will happily test your patch).

Regards

-- 
Mathieu

Bug#793948: WIP php-auth-sasl: Broken dependencies: dist-upgrade will pull in apache2 Webserver

2015-09-16 Thread Mathieu Parent 
Hello,

I 'm uploading fixed packages to both sid and jessie-updates.

Hopefully, this will go in the next point-release = 8.

Regards

-- 
Mathieu

Bug#793947: WIP php-mail-mimedecode: Broken dependencies: dist-upgrade will pull in apache2 Webserver

2015-09-16 Thread Mathieu Parent 
Hello,

I 'm uploading fixed packages to both sid and jessie-updates.

Hopefully, this will go in the next point-release = 8.3

Regards

-- 
Mathieu

Bug#799229: jessie-pu: package php-mail-mimedecode/1.5.5-2

2015-09-16 Thread Mathieu Parent 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Some php-* packages, built with an older pkg-php-tools, incorrectly depends on 
php5 instead of php5-common.

php5 pulls a web-server which is not intented.

As php-mail-mimedecode can be used in a non-webserver setup, it deserves a fix 
(#793947).

Actually, I went too fast, and already uploaded to sid and jessie-updates. 
Sorry :-(

Regards

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.1.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#793947: [pkg-php-pear] Bug#793947: WIP php-mail-mimedecode: Broken dependencies: dist-upgrade will pull in apache2 Webserver

2015-09-16 Thread Mathieu Parent 
2015-09-17 4:11 GMT+02:00 David Prévot <da...@tilapin.org>:
> Hi Mathieu,
>
> Le 16/09/2015 21:02, Mathieu Parent a écrit :
>
>> I 'm uploading fixed packages to both sid and jessie-updates.
>
> I fail to find the bug report (on release.debian.org) asking for
> jessie-updates, and so the following ack from the release team (and
> ditto for your other uploads).

You're right. Will do now.

Thanks
-- 
Mathieu

Bug#799230: jessie-pu: package php-auth-sasl/1.0.6-1+deb8u1

2015-09-16 Thread Mathieu Parent 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Some php-* packages, built with an older pkg-php-tools, incorrectly depends on 
php5 instead of php5-common.

php5 pulls a web-server which is not intented.

As php-auth-sasl can be used in a non-webserver setup, it deserves a fix 
(#793948).

Actually, I went too fast, and already uploaded to sid and jessie-updates. 
Sorry :-(

Regards

Mathieu Parent

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.1.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#799538: Don't migrate to testing, no maintained

2015-09-19 Thread Mathieu Parent 
Package: shinken-common
Version: 2.0.3-4
Severity: grave

Hello,

Nobody is maintaining actively the package anymore [1].

We won't support it for stretch, but anybody wanting to test it on sid still 
can.

I will fill an RFA too.

Regards

Mathieu Parent

[1]: 
http://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20150914/000273.html

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.1.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#799537: RM: shinken-module-simple-log -- ROM; Replaced by shinken-mod-simple-log

2015-09-19 Thread Mathieu Parent 
Package: ftp.debian.org
Severity: normal

Hello,

This package was forgotten during th shinken 2.0 transition, when all 
shinken-module-... where rename shinken-mod-...

Please remove it from the archive.

Regards

Mathieu Parent

Bug#799539: RFA: shinken

2015-09-19 Thread Mathieu Parent 
Package: wnpp
Severity: normal

Hello,

Nobody is maintaining actively the package anymore [1].

We won't support it for stretch, but keep it in sid (See #799538).

Regards

Mathieu Parent

[1]: 
http://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20150914/000273.html

Bug#807711: O: kolabadmin

2015-12-11 Thread Mathieu Parent 
Package: wnpp
Severity: normal

Hello,

I first thought to remove it from the archive directly, but I give it one more 
chance...

If nobody take this package soon, it'll removed before the stretch release.

Context:
- I don't use it
- none of the kolab server packages are in Debian
- it may be incompatible with newer kolab

Cheers

Mathieu Parent

Bug#808055: [pkg-php-pear] Bug#808055: php-pinba: FTBFS: PHP Fatal error: Call to a member function getFilelist() on null in /usr/share/php/PEAR/Command/Install.php on line 747

2015-12-16 Thread Mathieu Parent 
>
> Dear Maintainer,

hello Chris,

> php-pinba fails to build from source in unstable/amd64:

This is same as #805222. More info there (but no fix yet).

Regards
-- 
Mathieu Parent

Bug#771480: c-icap: Segmentation Fault with libLLVM-3.0.so.1

2016-01-05 Thread Mathieu Parent 
Hello,

(being busy, sorry for the lag)

On Mon, 08 Dec 2014 01:41:22 +0100 Luca Lanari <lucalanar...@gmail.com> wrote:
> i wasn't able to get a backtrace.
[...]
> Any hint on how to collect other useful infos?


Have you tried launching the daemon first (using service c-icap start)
and later attaching gdb with "gdb ./usr/bin/c-icap "?

Regards

Mathieu Parent

Bug#808769: ldb: FTBFS on s390x

2016-01-05 Thread Mathieu Parent 
On Tue, 22 Dec 2015 17:39:05 +0100 Ivo De Decker <iv...@debian.org> wrote:
> Package: ldb
> Version: 2:1.1.23-1
> Severity: serious
>
> Hi Jelmer,
>
> The ldb testsuite fails on s390x, causing the build to fail. Obviously, this
> also blocks the build of the latest version of samba (which build-depends on
> it).

It's also failing on ppc64 with the same error. Both s390x and ppc64
are Big-endian, but it builds on mips which is also big-endian, so
problem on 64bit big-endian?

==
ERROR: test_set_component (__main__.DnTests)
--
Traceback (most recent call last):
  File "tests/python/api.py", line 661, in test_set_component
dn.set_component(0, 'cn', 'bar')
TypeError: Failed to set component

==
ERROR: test_set_component_bytes (__main__.DnTests)
--
Traceback (most recent call last):
  File "tests/python/api.py", line 672, in test_set_component_bytes
dn.set_component(0, 'cn', b'bar')
TypeError: Failed to set component

--

Ref:
https://buildd.debian.org/status/logs.php?pkg=ldb=2%3A1.1.24-1
https://buildd.debian.org/status/fetch.php?pkg=ldb=ppc64=2%3A1.1.24-1=1450397581
https://buildd.debian.org/status/fetch.php?pkg=ldb=ppc64=2%3A1.1.24-1=1450616129

Regards

Mathieu Parent

Bug#808467: Why serious?

2015-12-28 Thread Mathieu Parent 
Control: severity -1 important


Hello,

Downgrading severity. I don't find anything in the policy making it RC.

Regards
-- 
Mathieu Parent

Bug#810858: [pkg-horde] Bug#810858: webmail-install and horde try to create db schema multiple times + wrong schema version

2016-01-13 Thread Mathieu Parent 
2016-01-12 22:28 GMT+01:00 Ivan Sergio Borgonovo :
> Package: php-horde-webmail
> Version: 5.2.11-1

Hello,

> I had to fresh reinstall horde on Debian testing.
>
> It was installed several months ago on the same machine and it was working,
> it passed through a series of updates and I just had to update the DB schema
> of some components.
> Now with the same package version that were previously working fine and
> coming from a series of upgrades I can't get a fresh install working.
>
> I did
[...]
> Dropped the DB, run horde-db-migrate. It successfully build the DB with no
> error this time but again, when I log into horde it tries again to create
> imp_schema_info table.

Can you try this again with logs enabled and post them here?

Thanks

Mathieu

Bug#825572: Uploaded to DELAYED/2

2016-06-06 Thread Mathieu Parent 
 Hello David,

I've uploaded php-sabre-vobject (2.1.7-3) to DELAYED/2. to fix this RC

Cheers,
-- 
Mathieu Parent

Bug#826985: RM: shinken-mod-livestatus/experimental -- ROM; Debian packaging team inactive

2016-06-10 Thread Mathieu Parent 
Package: ftp.debian.org
Severity: normal

Hello,

It appears that #821253 was not completely fixed.

Madison says:

 shinken-mod-livestatus | 1.0.1-2 | jessie-kfreebsd | source, all
 shinken-mod-livestatus | 1.0.1-2 | jessie  | source, all
 shinken-mod-livestatus | 1.1-1   | experimental| source, all

Ref: https://qa.debian.org/madison.php?package=shinken-mod-livestatus

This appears in my UDD dashboard (new upstream version).

Can you completely remove this package from experimental?

Thanks

Mathieu Parent

Bug#827259: [Pkg-samba-maint] Bug#827259: samba-libs: winbind segfault in libsamba-security.so.0 after update to 4.2.10+dfsg-0+deb8u3

2016-06-14 Thread Mathieu Parent 
2016-06-14 11:57 GMT+02:00 r0p <r...@gazeta.pl>:
> Package: samba-libs
> Version: 2:4.2.10+dfsg-0+deb8u3
> Severity: normal
>
> Dear Maintainer,
>
> Server act as http proxy with squid and winbind against AD (2003).
> The squid3 configuration file containis the following line:
> /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
>
> After update (samba,winbind) to version 4.2.10+dfsg-0+deb8u3 authentication 
> stop working with these errors:
> cze 14 09:17:02 httproxy kernel: ntlm_auth[2454]: segfault at 4 ip b6f44163 
> sp bfe64fb0 error 4 in libsamba-security.so.0
> cze 14 09:17:04 httproxy kernel: ntlm_auth[2467]: segfault at 4 ip b6fd1163 
> sp bfd8c8d0 error 4 in libsamba-security.so.0
> cze 14 09:17:19 httproxy kernel: ntlm_auth[2469]: segfault at 4 ip b6f5a163 
> sp bf9c0a10 error 4 in libsamba-security.so.0
> cze 14 09:17:53 httproxy kernel: ntlm_auth[2470]: segfault at 4 ip b6f68163 
> sp bffda370 error 4 in libsamba-security.so.0
> cze 14 09:17:58 httproxy kernel: ntlm_auth[2471]: segfault at 4 ip b6f14163 
> sp bf9709a0 error 4 in libsamba-security.so.0

Can you try downgrading to previous version?

I have a similar setup (but with AD 2008r2) and don't have this issue.

Regards
-- 
Mathieu Parent

Bug#825572: Uploaded to DELAYED/2

2016-06-07 Thread Mathieu Parent 
2016-06-07 0:16 GMT+02:00 David Prévot <taf...@debian.org>:
> Hi Mathieu,

Hi David,

> On Mon, Jun 06, 2016 at 09:50:21PM +0200, Mathieu Parent wrote:
>
>> I've uploaded php-sabre-vobject (2.1.7-3) to DELAYED/2. to fix this RC
>
> Thanks for your update! No need to wait IMHO, so I just ran:
>
> dcut reschedule \
> --file=php-sabre-vobject_2.1.7-3_amd64.changes --days=0

thanks.

> FYI, there is now a buildd available for arch:all, so you could have
> simply dput the _source.changes without any binary package.

Yes I know. But I don't have yet a simple way to build this
_source.changes from "gbp buildpackage". how to ?



> Regards
>
> David

Cheers

-- 
Mathieu

Bug#827483: [pkg-horde] Bug#827483: php-horde-mapi: fix autopkgtest errors

2016-06-18 Thread Mathieu Parent 
Hello David, hello Nish

2016-06-17 18:48 GMT+02:00 Nish Aravamudan :
[...]
>>
>> Thanks for the patch. I won't merge it, can you fix php-seclib instead
>> (while not re-introducing #819420)?
>
> I am happy to try! It seems like the attached patch should do it at
> least for all the php-seclib code.

Thanks for your quick fix.

> I'm not sure there's a way to audit
> all source files in Debian that might include a PHP file from php-seclib
> and then define a class and not use the non-deprecated constructor
> syntax?

The only references to "::Crypt" are in embedded copies of seclib:
https://codesearch.debian.net/results/%3A%3ACrypt_/page_0

Some other things may break, but I'll vote still vote for this patch,
as only 6 packages depends on it.

David, what do you think?

Regards
-- 
Mathieu

Bug#827483: [pkg-horde] Bug#827483: php-horde-mapi: fix autopkgtest errors

2016-06-19 Thread Mathieu Parent 
)Control: clone -1 -2
Control: reassign -1 php-horde-mapi 1.0.8-2
Control: tag -1 + patch
Control: tag -2 + patch wontfix

2016-06-19 9:46 GMT+02:00 Nish Aravamudan <nish.aravamu...@canonical.com>:
> On 18.06.2016 [16:50:23 -0400], David Prévot wrote:
[...]
>> I disagree, and stand to what I’ve written in the last changelog entry:
>>
>>   Actually fixing the constructors requires to also fix all their calls,
>>   both internally and externally. This backward-incompatible change has
>>   been achieved in version 2 of phpseclib, packaged in Debian as
>>   php-phpseclib to ensure co-installability. (Closes: #819420)

Okay. I agree with you David.

> Right, my original patch in this e-mail was just to quieten the
> deprecated call from this testcase, as it's not really a failure (any
> output on stderr is treated as a failure).
>
>> From http://phpseclib.sourceforge.net/:
>>
>>   The 2.0 branch has pretty much the exact same API as the 1.0 branch,
>>   save for that it is namespaced, uses PHP5-style constructors (thereby
>>   avoiding E_DEPRECATED errors) and requires the use of an autoloader.
[...]
> Agreed, and perhaps something like the attached (which passes
> autopkgtests for me) can be applied to Debian's package (and we can sync
> in Ubuntu) and massaged to be sent upstream? I apologize if this is way
> off-base, I'm not all a PHP developer :)

Thanks Nish. You patch looks good.

Some notes:
- In d/control, use php-phpseclib (>= 2~) as < and > operators are
obsolete (see man:dpkg(1))
- "use phpseclib\Math;" is probably not needed as you use fully
qualified names after (see
http://php.net/manual/en/language.namespaces.importing.php)
- Can you send this upstream (using github.com/horde/horde or bugs.horde.org)?

I'll apply your patch once I have some time to test.

Regards
-- 
Mathieu Parent

Bug#827483: [pkg-horde] Bug#827483: php-horde-mapi: fix autopkgtest errors

2016-06-20 Thread Mathieu Parent 
2016-06-20 23:33 GMT+02:00 Nish Aravamudan :
[...]
> Another question I had about this, since I was thinking about it. The
> current pkg-php-tools-overrides file for php-horde-mapi has:
>
> pear.php.net Math_BigInteger none
>
> Would it make sense to have php-seclib/php-phpseclib (appropriately
> versioned) provide this in the overrides file? Then the control file
> wouldn't need a manual modification, AIUI. Just trying to understand if
> that is the more maintainable approach.

It is not possible to specify version in the override file, and seclib
(>= 2) is not available thru PEAR.

So, no.

Regards

-- 
Mathieu

Bug#827483: [pkg-horde] Bug#827483: php-horde-mapi: fix autopkgtest errors

2016-06-20 Thread Mathieu Parent 
2016-06-21 3:36 GMT+02:00 Mathieu Parent <math.par...@gmail.com>:
> 2016-06-20 23:33 GMT+02:00 Nish Aravamudan <nish.aravamu...@canonical.com>:
> [...]
>> Another question I had about this, since I was thinking about it. The
>> current pkg-php-tools-overrides file for php-horde-mapi has:
>>
>> pear.php.net Math_BigInteger none
>>
>> Would it make sense to have php-seclib/php-phpseclib (appropriately
>> versioned) provide this in the overrides file? Then the control file
>> wouldn't need a manual modification, AIUI. Just trying to understand if
>> that is the more maintainable approach.
>
> It is not possible to specify version in the override file, and seclib
> (>= 2) is not available thru PEAR.
>
> So, no.

My answer was cryptic. Let's recap:

As seclib >=2 is not available thru PEAR, this dep should be removed
from package.xml. When the package is available thru composer instead,
upstream ships it under a bundle directory. Upstream will guide you
once you've sent the minimal pull-request (i.e with stripped
package.xml + patches php files).

If Ubuntu is interrested to improve Horde in Debian (and transitively
in Ubuntu), I need help on #825256

Regards

-- 
Mathieu

Bug#799539: Removing shinken from Debian in about a month

2016-01-13 Thread Mathieu Parent 
Hello,

I don't want to keep a non-maintained packages in sid, and nobody has
adopted them.

I plan to ask removal of all shinken* packages in a month or so.

More info in #799539

Regards
-- 
Mathieu Parent

Bug#810858: [pkg-horde] Bug#810858: Bug#810858: webmail-install and horde try to create db schema multiple times + wrong schema version

2016-01-13 Thread Mathieu Parent 
2016-01-13 12:09 GMT+01:00 Ivan Sergio Borgonovo <ivan@gmail.com>:
> Hi,

Hello,

> On 01/13/2016 10:49 AM, Mathieu Parent wrote:
[...]
>
> horde=# select * from kronolith_schema_info ;
>  version
> -
>   17
> (1 row)

This should be 26 instead.
Ref: https://github.com/horde/horde/tree/master/kronolith/migration

Does the 'kronolith_sharesng' table have a 'share_parents' column
(added in step 17)?
Does the 'kronolith_events' table have the 'event_category' column
(removed in step 18)?

Can you run "horde-db-migrate --debug kronolith up"?

>
> horde=# select * from imp_schema_info ;
>  version
> -
>3

This looks ok.
Ref: https://github.com/horde/horde/tree/master/imp/migration

Regards

-- 
Mathieu Parent

Bug#811360: [pkg-horde] Bug#811360: php-horde-mapi: depends on not-in-the-archive-anymore php-math-biginteger

2016-01-18 Thread Mathieu Parent 
2016-01-18 11:15 GMT+01:00 Mattia Rizzolo :
> Package: php-horde-mapi
> Version: 1.0.5-3
> Severity: serious
>
> Dear maintainer,
>
> your package depends on a package not available anymore in unstable, and
> that is keep in testing just for you.

It shouldn't, as this package is provided by php-seclib.

See https://tracker.debian.org/media/packages/p/phpseclib/control-1.0.0-3

> Is it possible to have a binary without such dependency?

Given the above: Why?

Regards

-- 
Mathieu

Bug#810858: [pkg-horde] Bug#810858: Bug#810858: webmail-install and horde try to create db schema multiple times + wrong schema version

2016-01-15 Thread Mathieu Parent 
2016-01-14 15:59 GMT+01:00 Ivan Sergio Borgonovo <ivan@gmail.com>:
> On 01/14/2016 03:48 AM, Mathieu Parent wrote:
|...]
>
> 
> I think I got it...

Great!

>
> What really get executed is:
> SELECT tablename FROM pg_tables WHERE schemaname IN ('"$user"','
>   public')
>
> In the actual SQL statement there is an extra white space before public!
>
> The problem should be here
> foreach (explode(',', $this->getSchemaSearchPath()) as $p) {
>   $schemas[] = $this->quote($p);
> }
> $p should be trimmed before. Anyway I find this way error prone.
>
>
> I don't know if this went under the radar just because pg is seldom used
> with horde. I still don't get why moving from one update to the other didn't
> trigger this problem.
>
> It's a pretty long time I havent written more than a couple of lines in PHP
> and I'm not that familiar with the horde codebase.
>
> Sorry for thinking the problem was in packaging and not upstream.
> I initially thought it was a problem of mixed versions in the repo.
>
>
> BTW if you're going to report the bug upstream a more standard way to get
> the visible tables would be:
>
> SELECT table_name FROM information_schema.tables WHERE table_schema = ANY
> (CURRENT_SCHEMAS(false));
>
> This omit the $user schema if there is no $user schema... so it shows what
> can *actually* be seen from the current search_path
>
> CURRENT_SCHEMAS() is available at least starting from pg 8.0 and
> information_schema is supported from 7.4
> Postgres 8.0 is over 10 years old.
>
> This method could be used even to retrieve indexes() so to completely get
> rid of getSchemaSearchPath()
>
> Otherwise, let me know if I've to report it upstream and if you know... to
> which horde component.

Can you propose a PR? There are at least two usages of this pattern:
https://github.com/horde/horde/blob/master/framework/Db/lib/Horde/Db/Adapter/Postgresql/Schema.php#L256
https://github.com/horde/horde/blob/master/framework/Db/lib/Horde/Db/Adapter/Postgresql/Schema.php#L299

Propose the CURRENT_SCHEMAS() pattern first. And post the PR here.


-- 
Mathieu

Bug#799539: [Pkg-shinken-maint] Removing shinken from Debian in about a month

2016-01-14 Thread Mathieu Parent 
2016-01-14 10:06 GMT+01:00 Maximilien Douchet :
> Hello,
>
> I don't want to see the shinken package unmaintained. So I intend to
> be the new maintainer of the shinken package.
>
> I only wish some help to get started. I already tried to build a new
> shinken package few month ago.

OK.

Do you have proper permissions on the alioth git repos ?

Once you have pushed you changes to the repos, ask for review here or
on debian-mentors. I don't have much time to help, but will do my
best.

Regards
-- 
Mathieu

Bug#828789: False-positive on samba build

2016-06-27 Thread Mathieu Parent 
Package: blhc
Version: 0.06-0.1
Severity: minor
Tags: upstream

Hello,

blhc outputs:
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): 19:49:25 runner  
../source3/script/build_env.sh /build/samba-4.4.4+dfsg/source3 
/build/samba-4.4.4+dfsg/source3 /usr/bin/gcc > 
default/source3/include/build_env.h 

Here, gcc is just ${CC} expanded by waf. No compilation is done.

Maybe gcc followed by ">" can always be ignored?

Regards

Mathieu Parent

Bug#828137: [Pkg-samba-maint] Bug#828137: samba does not install and fails to start

2016-06-25 Thread Mathieu Parent 
Control: tag -1 + confirmed

Hi,

Thanks for reporting.

2016-06-25 12:45 GMT+02:00 Eric Valette <eric.vale...@free.fr>:
> Package: samba
> Version: 2:4.4.4+dfsg-1
> Severity: grave
> Justification: renders package unusable


> apt-get -f install
[...]
> juin 25 10:49:30 tri-yann4 systemd[1]: Starting Samba AD Daemon...
> -- Subject: L'unité (unit) samba-ad-dc.service a commencé à démarrer
> -- Defined-By: systemd
> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> --
> -- L'unité (unit) samba-ad-dc.service a commencé à démarrer.
> juin 25 10:49:30 tri-yann4 systemd[1]: samba-ad-dc.service: Supervising 
> process 2930 which is not our child. We'll most likely not notice when it 
> exits.
> juin 25 10:49:30 tri-yann4 systemd[1]: samba-ad-dc.service: Main process 
> exited, code=exited, status=1/FAILURE
> juin 25 10:49:30 tri-yann4 systemd[1]: Failed to start Samba AD Daemon.
> -- Subject: L'unité (unit) samba-ad-dc.service a échoué
> -- Defined-By: systemd
> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> --
> -- L'unité (unit) samba-ad-dc.service a échoué, avec le résultat failed.
> juin 25 10:49:30 tri-yann4 systemd[1]: samba-ad-dc.service: Unit entered 
> failed state.
> juin 25 10:49:30 tri-yann4 systemd[1]: samba-ad-dc.service: Failed with 
> result 'exit-code'.

I can reproduce the problem.

$ sudo systemctl status samba-ad-dc.service
Mot de passe [sudo] de mathieu :
● samba-ad-dc.service - Samba AD Daemon
   Loaded: loaded (/lib/systemd/system/samba-ad-dc.service; enabled;
vendor preset: enabled)
   Active: failed (Result: exit-code) since sam. 2016-06-25 19:07:12
CEST; 2h 15min ago
 Docs: man:samba(8)
   man:samba(7)
   man:smb.conf(5)
 Main PID: 20308 (code=exited, status=1/FAILURE)
   Status: "daemon failed to start: Samba detected misconfigured
'server role' and exited. Check logs for details"

juin 25 19:07:12 ultrathieu systemd[1]: Starting Samba AD Daemon...
juin 25 19:07:12 ultrathieu systemd[1]: samba-ad-dc.service:
Supervising process 20308 which is not our child. We'll most likely
not notice when it ex
juin 25 19:07:12 ultrathieu systemd[1]: samba-ad-dc.service: Main
process exited, code=exited, status=1/FAILURE
juin 25 19:07:12 ultrathieu systemd[1]: Failed to start Samba AD Daemon.
juin 25 19:07:12 ultrathieu systemd[1]: samba-ad-dc.service: Unit
entered failed state.
juin 25 19:07:12 ultrathieu systemd[1]: samba-ad-dc.service: Failed
with result 'exit-code'.


[2016/06/25 19:07:12.722665,  0] ../source4/smbd/server.c:472(binary_smbd_main)
  At this time the 'samba' binary should only be used for either:
  'server role = active directory domain controller' or to access the
ntvfs file server with 'server services = +smb' or the rpc proxy with
'dcerpc endpoint servers = remote'
  You should start smbd/nmbd/winbindd instead for domain member and
standalone file server tasks
[2016/06/25 19:07:12.723006,  0] ../lib/util/become_daemon.c:111(exit_daemon)
  STATUS=daemon failed to start: Samba detected misconfigured 'server
role' and exited. Check logs for details, error code 22

We need to replicate the init script snipset:
SERVER_ROLE=`samba-tool testparm --parameter-name="server
role"  2>/dev/null | tail -1`
if [ "$SERVER_ROLE" != "active directory domain controller" ]; then
exit 0
fi

in the meantime, you can run:
$ sudo systemctl mask samba-ad-dc.service
$ sudo apt-get install -f

I still need to fix this in the package.

Regards

Mathieu Parent

Bug#828084: Proposed patch to dak/debianqueued

2016-06-24 Thread Mathieu Parent 
See attached patch.

This actually ignore files:
- starting with a dot
- containing a colon (See: #828084)

Regards
-- 
Mathieu Parent
From 1f5b0f6bf7dafb7816f7e1ad4f38ec8335215395 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Fri, 24 Jun 2016 22:10:52 +0200
Subject: [PATCH] Be more restrictive in accepted files

to match daklib/regexes.py (re_file_safe).

This actually ignore files:
- starting with a dot
- containing a colon (See: #828084)
---
 tools/debianqueued-0.9/debianqueued | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/debianqueued-0.9/debianqueued b/tools/debianqueued-0.9/debianqueued
index 7b02551..34b62b9 100755
--- a/tools/debianqueued-0.9/debianqueued
+++ b/tools/debianqueued-0.9/debianqueued
@@ -67,7 +67,7 @@ package main;
 ($main::hostname, undef, undef, undef, undef) = gethostbyname(hostname());
 
 my %packages = ();
-my $re_file_safe_prefix = qr/\A([a-zA-Z0-9.][a-zA-Z0-9_.:~+-]*)/s;
+my $re_file_safe_prefix = qr/\A([a-zA-Z0-9][a-zA-Z0-9_.~+-]*)/s;
 my $re_file_safe = qr/$re_file_safe_prefix\z/s;
 
 # extract -r and -k args
-- 
2.8.1

Bug#828084: Please remove samba 4.4.4 from FTP queue

2016-06-24 Thread Mathieu Parent 
Package: ftp.debian.org
Severity: normal

Dear ftp masters,

I'm stuck uploading samba 4.4.4+dfsg-1.

When, I use dput, the response is:
/samba_4.4.4+dfsg-1_amd64.changes is already present on target host:
samba_4.4.4+dfsg-1.debian.tar.xz
Either you already uploaded it, or someone else came first.
Job samba_4.4.4+dfsg-1_amd64.changes removed.

The reason is:  waldi: 
20160624191820|process-upload|dak|samba_2:4.4.4+dfsg-1_source.changes|Error 
while loading changes: samba_2:4.4.4+dfsg-1_source.changes: unsafe filename

When I use dcut:
sathieu_home:  dcut:> rm --searchdirs samba_4.4.4+dfsg-1.debian.tar.xz
samba_4.4.4+dfsg-1.debian.tar.xz did not match anything
No files to delete

The reason is I tried source-only upload, after a full build, following
<https://www.corsac.net/?rub=blog=1579> and the epoch is kept the file
name (2:4.4.4...).

My understanding: franck.debian.org accepted this file, which is rejected on 
the next hop.

This was discussed in IRC (#debian-ftp) some minutes ago.

Can you please remove all this cruft?

Next time, I'll use one of those methods (on IRC):
jcristau:  or use mergechanges -S -f foo.changes
mapreri: debuild -S && pbuilder b ../*dsc && dput ../*_source.changes  ?
sathieu_home:  mapreri: yes. This is another answer
sathieu_home:  or use https://www.corsac.net/?rub=blog=1579, but stripping 
epoch

Fixing queued to behave the same would help too:
jcristau:  feel free to send patches
sathieu_home:  where is the code?
sathieu_home:  in the dak repo?
jcristau:  https://ftp-master.debian.org/#dak
jcristau:  in tools/debianqueued-0.9/

Regards

Mathieu Parent

Bug#827483: [pkg-horde] Bug#827483: php-horde-mapi: fix autopkgtest errors

2016-06-17 Thread Mathieu Parent 
Control: tag -1 + confirmed + upstream - patch
Control: reassign -1 + php-seclib 1.0.2-1
Control: affects -1 + php-horde-mapi


2016-06-16 23:09 GMT+02:00 Nishanth Aravamudan :
> Package: php-horde-mapi
> Version: 1.0.8-2
> Severity: wishlist
> Tags: patch
> User: ubuntu-de...@lists.ubuntu.com
> Usertags: origin-ubuntu yakkety ubuntu-patch
>
> Dear Maintainer,
>
> autopkgtests in Debian and Ubuntu are failing, due to a deprecation
> warning being emitted on stderr during the test.
>
> In Ubuntu, the attached patch was applied to achieve the following:
>
>   * d/tests/control: allow stderr output, as deprecated warnings from
> BigInteger are reported with PHP7.0 (LP: #1593003).
>
> Thanks for considering the patch.

Hello Nishanth,

Thanks for the patch. I won't merge it, can you fix php-seclib instead
(while not re-introducing #819420)?

Regards
-- 
Mathieu

Bug#827492: [pkg-horde] Bug#827492: php-horde-http: use fully-qualified non-existent domain

2016-06-17 Thread Mathieu Parent 
2016-06-17 1:31 GMT+02:00 Nishanth Aravamudan :
> Package: php-horde-http
> Version: 2.1.6-3
> Severity: wishlist
> Tags: patch
> User: ubuntu-de...@lists.ubuntu.com
> Usertags: origin-ubuntu yakkety ubuntu-patch
>
> Dear Maintainer,
>
> We found a failure in the php-horde-http autopkgtest without the
> following.
>
> In Ubuntu, the attached patch was applied to achieve the following:
>
> - fix_test_domain.patch: use a fully-qualified inexistent domain for
>   test suite to prevent test failure in autopkgtest environment.
>
> Thanks for considering the patch.

Thanks for your patch.

The test pass on debci. Can you tell me what is specific to Ubuntu here?

Also were is Ubuntu ci?

Regards
-- 
Mathieu

Bug#813590: Jessie debdiff

2016-02-04 Thread Mathieu Parent 
Here is the patch for jessie.

-- 
Mathieu
From e296b805cc1def193d3e9efa6891e031f18cb1de Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Thu, 4 Feb 2016 14:03:33 +0100
Subject: [PATCH] Escape form value, fix XSS in Horde_Core_VarRenderer_Html
 (Closes: #813590)

---
 debian/changelog|  6 ++
 debian/patches/0001-Escape-form-value.patch | 25 +
 debian/patches/series   |  1 +
 3 files changed, 32 insertions(+)
 create mode 100644 debian/patches/0001-Escape-form-value.patch
 create mode 100644 debian/patches/series

diff --git a/debian/changelog b/debian/changelog
index 3a76ef5..950c5c6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+php-horde-core (2.15.0+debian0-2) unstable; urgency=medium
+
+  * Escape form value, fix XSS in Horde_Core_VarRenderer_Html (Closes: #813590)
+
+ -- Mathieu Parent <sath...@debian.org>  Thu, 04 Feb 2016 14:03:38 +0100
+
 php-horde-core (2.15.0+debian0-1) unstable; urgency=medium
 
   * New upstream version 2.15.0+debian0
diff --git a/debian/patches/0001-Escape-form-value.patch b/debian/patches/0001-Escape-form-value.patch
new file mode 100644
index 000..1907b08
--- /dev/null
+++ b/debian/patches/0001-Escape-form-value.patch
@@ -0,0 +1,25 @@
+From: Michael J Rubinsky <mrubi...@horde.org>
+Date: Mon, 14 Dec 2015 09:27:09 -0500
+Subject: Escape form value.
+
+Even though this is a numeric field, this isn't enforced until
+the form is submitted.
+
+(Adapted from upstream 11d74fa5a22fe626c5e5a010b703cd46a136f253)
+
+diff --git a/Horde_Core-2.15.0/lib/Horde/Core/Ui/VarRenderer/Html.php b/Horde_Core-2.15.0/lib/Horde/Core/Ui/VarRenderer/Html.php
+index 62ae559..580dc27 100644
+--- a/Horde_Core-2.15.0/lib/Horde/Core/Ui/VarRenderer/Html.php
 b/Horde_Core-2.15.0/lib/Horde/Core/Ui/VarRenderer/Html.php
+@@ -48,7 +48,7 @@ class Horde_Core_Ui_VarRenderer_Html extends Horde_Core_Ui_VarRenderer
+ return sprintf('',
+htmlspecialchars($var->getVarName()),
+$this->_genID($var->getVarName(), false),
+-   $value,
++   htmlspecialchars($value),
+$this->_getActionScripts($form, $var)
+);
+ }
+-- 
+2.7.0
+
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 000..3a37ec8
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+0001-Escape-form-value.patch
-- 
2.7.0

Bug#813573: Jessie patch

2016-02-04 Thread Mathieu Parent 
Here is the jessie debdiff.

-- 
Mathieu
From ce52fddc5bacf6a089ce777ccbde1b80b915d7e6 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Thu, 4 Feb 2016 13:47:41 +0100
Subject: [PATCH] Fix XSS vulnerability in menu bar (Closes: #813573)

and release
---
 debian/changelog|  6 ++
 .../0005-Fix-XSS-vulnerability-in-menu-bar.patch| 21 +
 debian/patches/series   |  1 +
 3 files changed, 28 insertions(+)
 create mode 100644 debian/patches/0005-Fix-XSS-vulnerability-in-menu-bar.patch

diff --git a/debian/changelog b/debian/changelog
index fdc10df..512c484 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+php-horde (5.2.1+debian0-2+deb8u3) jessie-security; urgency=high
+
+  * Fix XSS vulnerability in menu bar (Closes: #813573)
+
+ -- Mathieu Parent <sath...@debian.org>  Thu, 04 Feb 2016 13:46:39 +0100
+
 php-horde (5.2.1+debian0-2+deb8u2) jessie-security; urgency=high
 
   * Add session token checking to various admin pages (Closes: #803641)
diff --git a/debian/patches/0005-Fix-XSS-vulnerability-in-menu-bar.patch b/debian/patches/0005-Fix-XSS-vulnerability-in-menu-bar.patch
new file mode 100644
index 000..8d35066
--- /dev/null
+++ b/debian/patches/0005-Fix-XSS-vulnerability-in-menu-bar.patch
@@ -0,0 +1,21 @@
+From: Jan Schneider <j...@horde.org>
+Date: Wed, 6 Jan 2016 11:46:35 +0100
+Subject: [jan] SECURITY: Fix XSS vulnerability in menu bar exposed by
+ only a few applications (Bug #14213).
+
+
+(Adapted from upstream ab07a1b447de34e13983b4d7ceb18b58c3a358d8)
+
+diff --git a/horde-5.2.1/templates/topbar/_menubar.html.php b/horde-5.2.1/templates/topbar/_menubar.html.php
+index acb416c..df75623 100644
+--- a/horde-5.2.1/templates/topbar/_menubar.html.php
 b/horde-5.2.1/templates/topbar/_menubar.html.php
+@@ -23,7 +23,7 @@
+ 
+   
+ 
+-  
++  
+ 
+   
+ 
diff --git a/debian/patches/series b/debian/patches/series
index 79d01fd..ac555f4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 0002-Fix-rewrite-base.patch
 0003-Fix-XSS-in-group-administration.patch
 0004-Add-session-token-checking-to-various-admin-pages.patch
+0005-Fix-XSS-vulnerability-in-menu-bar.patch
-- 
2.7.0

Bug#813406: Jessie patch

2016-02-04 Thread Mathieu Parent 
Here is the debdifff for jessie.

-- 
Mathieu
From e8478a6d112d3ba908adc964f2772d6bef949bbf Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Wed, 3 Feb 2016 22:50:01 +0100
Subject: [PATCH] Fix CTDB behavior since CVE-2015-8543 (Closes: #813406)

---
 debian/changelog|   6 ++
 debian/patches/series   |   1 +
 debian/patches/sockets-with-htons.patch | 136 
 3 files changed, 143 insertions(+)
 create mode 100644 debian/patches/sockets-with-htons.patch

diff --git a/debian/changelog b/debian/changelog
index bb64ed8..70d230b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ctdb (2.5.4+debian0-5) UNRELEASED; urgency=medium
+
+  * Fix CTDB behavior since CVE-2015-8543 (Closes: #813406)
+
+ -- Mathieu Parent <sath...@debian.org>  Wed, 03 Feb 2016 22:48:35 +0100
+
 ctdb (2.5.4+debian0-4) unstable; urgency=medium
 
   * Install ctdb.service during dh_install, and thus before dh_systemd_enable
diff --git a/debian/patches/series b/debian/patches/series
index e69de29..a359082 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -0,0 +1 @@
+sockets-with-htons.patch
diff --git a/debian/patches/sockets-with-htons.patch b/debian/patches/sockets-with-htons.patch
new file mode 100644
index 000..8fb3536
--- /dev/null
+++ b/debian/patches/sockets-with-htons.patch
@@ -0,0 +1,136 @@
+From: Amitay Isaacs <ami...@gmail.com>
+Date: Fri, 29 Jan 2016 00:05:26 +1100
+Subject: [PATCH 1/2] ctdb-common: Protocol argument must be in host order for
+ socket() call
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=11705
+
+Signed-off-by: Amitay Isaacs <ami...@gmail.com>
+Reviewed-by: Volker Lendecke <v...@samba.org>
+(cherry picked from commit 9f8395cb7d49b63a82f75bf504f5f83920102b29)
+---
+ common/system_aix.c  | 4 ++--
+ common/system_common.c   | 2 +-
+ common/system_freebsd.c  | 2 +-
+ common/system_gnu.c  | 2 +-
+ common/system_kfreebsd.c | 2 +-
+ common/system_linux.c| 8 
+ 6 files changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/common/system_aix.c b/common/system_aix.c
+index 41f61ae..2637442 100644
+--- a/common/system_aix.c
 b/common/system_aix.c
+@@ -44,7 +44,7 @@ int ctdb_sys_open_sending_socket(void)
+ 	int s, ret;
+ 	uint32_t one = 1;
+ 
+-	s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++	s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 	if (s == -1) {
+ 		DEBUG(DEBUG_CRIT,(" failed to open raw socket (%s)\n",
+ 			 strerror(errno)));
+@@ -121,7 +121,7 @@ int ctdb_sys_send_tcp(const ctdb_sock_addr *dest,
+ 
+ 
+ 
+-	s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++	s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 	if (s == -1) {
+ 		DEBUG(DEBUG_CRIT,(" failed to open raw socket (%s)\n",
+ 			 strerror(errno)));
+diff --git a/common/system_common.c b/common/system_common.c
+index 899f3b5..3e30a6c 100644
+--- a/common/system_common.c
 b/common/system_common.c
+@@ -85,7 +85,7 @@ char *ctdb_sys_find_ifname(ctdb_sock_addr *addr)
+ 	struct ifconf ifc;
+ 	char *ptr;
+ 
+-	s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++	s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 	if (s == -1) {
+ 		DEBUG(DEBUG_CRIT,(__location__ " failed to open raw socket (%s)\n",
+ 			 strerror(errno)));
+diff --git a/common/system_freebsd.c b/common/system_freebsd.c
+index 9597a7a..d026864 100644
+--- a/common/system_freebsd.c
 b/common/system_freebsd.c
+@@ -158,7 +158,7 @@ int ctdb_sys_send_tcp(const ctdb_sock_addr *dest,
+ 		ip4pkt.tcp.th_sum   = tcp_checksum((uint16_t *), sizeof(ip4pkt.tcp), );
+ 
+ 		/* open a raw socket to send this segment from */
+-		s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++		s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 		if (s == -1) {
+ 			DEBUG(DEBUG_CRIT,(__location__ " failed to open raw socket (%s)\n",
+  strerror(errno)));
+diff --git a/common/system_gnu.c b/common/system_gnu.c
+index 2ab1399..8f776c6 100644
+--- a/common/system_gnu.c
 b/common/system_gnu.c
+@@ -156,7 +156,7 @@ int ctdb_sys_send_tcp(const ctdb_sock_addr *dest,
+ 		ip4pkt.tcp.check= tcp_checksum((uint16_t *), sizeof(ip4pkt.tcp), );
+ 
+ 		/* open a raw socket to send this segment from */
+-		s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++		s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 		if (s == -1) {
+ 			DEBUG(DEBUG_CRIT,(__location__ " failed to open raw socket (%s)\n",
+  strerror(errno)));
+diff --git a/common/system_kfreebsd.c b/common/system_kfreebsd.c
+index 41aa4d6..7d9182c 100644
+--- a/common/system_kfreebsd.c
 b/common/system_kfreebsd.c
+@@ -156,7 +156,7 @@ int ctdb_sys_send_tcp(const ctdb_sock_addr *dest,
+ 		ip4pkt.tcp.check= tcp_checksum((uint16_t *), sizeof(ip4pkt.tcp), );
+ 
+ 		/* open a raw socket to send this segment from */
+-		s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++		s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 		if (s

Bug#813573: [php-horde] XSS vulnerability in menu bar

2016-02-03 Thread Mathieu Parent 
Package: php-horde
Version: 5.2.8+debian0-1

Hello,

According to: http://lists.horde.org/archives/announce/2016/001140.html

Regards
-- 
Mathieu Parent

Bug#813573: [pkg-horde] Bug#813573: [php-horde] XSS vulnerability in menu bar

2016-02-03 Thread Mathieu Parent 
Control: tag -1 + security upstream fixed-upstream pending
Control: severity -1 grave
Control: forwarded -1 https://bugs.horde.org/ticket/14213

This is a security bug probably affecting jessie. I need to patch this
branch too.

Remark: No CVE, as usual with horde.

-- 
Mathieu Parent

Bug#813590: [php-horde-core] XSS in Horde_Core_VarRenderer_Html

2016-02-03 Thread Mathieu Parent 
Package: php-horde-core
Version: 2.22.5+debian0-1

Will post more info later.

-- 
Mathieu

Bug#813406: [Pkg-samba-maint] Bug#813406: ctdb, raw sockets and CVE-2015-8543

2016-02-03 Thread Mathieu Parent 
2016-02-01 17:29 GMT+01:00 Adi Kriegisch :
> Package: ctdb
> Severity: grave
> Tags: patch,upstream
>
> Hi!
>
> The kernel upgrade for CVE-2015-8543 showed a bug in CTDB that leads to a
> broken cluster:
>   | s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
> htons(IPPROTO_RAW) leads to 0xff00 which causes "-1 EINVAL (Invalid
> argument)" because of CVE-2015-8543.
> The fix for the issue is quite simple: remove IPPROTO_RAW; to make the fix
> more consistent with what was used before, use IPPROTO_IP (which is 0).
>
> Error messages related to this bug are:
>   | We are still serving a public IP 'x.x.x.x' that we should not be serving. 
> Removing it
>   | common/system_common.c:89 failed to open raw socket (Invalid argument)
>   | Could not find which interface the ip address is hosted on. can not 
> release it
> and
>   | common/system_linux.c:344 failed to open raw socket (Invalid argument)
> As a result, IP addresses cannot be released and multiple nodes in the
> cluster serve the same address, which obviously does not work.

Thank you so much for finding this bug! I was wondering why my
clusters were crazy, blaming the network itself.

> Upstream bug: https://bugzilla.samba.org/show_bug.cgi?id=11705 and mailing
> list conversation: 
> https://lists.samba.org/archive/samba/2016-January/197389.html

There are two set of patches:
- yours that basically keep the same behavior as pre-CVE-2015-8543 (proto=0)
- Amitay's that restore the intented behavior (proto=255)

Also you patch only fixes 2 functions.

Amitay's patch also fixes references to ETHERTYPE_ARP (0x0806) and
ETH_P_ALL (0x0003)

I think I'll got for Amitay's patch which probably fixes a lot of
weird behaviors I've seen pre-CVE-2015-8543 (i.e TCP connections not
reset, Ip not properly relocated).

I plan to fix this for wheezy and jessie. stretch will come with next
upstream release.

Givent the importance of the bug, I think it can go thru -security.

Regards
-- 
Mathieu

<    3   4   5   6   7   8   9   10   11   12   >