Bug#854659: tcsh: fails to configure

[Sven Joachim]

Package: tcsh
Version: 6.20.00-6
Severity: serious

There was a problem when upgrading from 6.20.00-5 (sorry for the German):

,
| (Lese Datenbank ... 218742 Dateien und Verzeichnisse sind derzeit 
installiert.)
| Vorbereitung zum Entpacken von .../tcsh_6.20.00-6_i386.deb ...
| Entpacken von tcsh (6.20.00-6) über (6.20.00-5) ...
| /usr/bin/update-menus
| postrm called with unknown argument `upgrade'
| dpkg: Warnung: Unterprozess altes post-removal-Skript gab den Fehlerwert 1 
zurück
| dpkg: stattdessen wird Skript aus dem neuen Paket probiert ...
| /usr/sbin/remove-shell
| dpkg: ... sieht so aus, als hätte das geklappt.
| Vorbereitung zum Entpacken von .../debootstrap_1.0.88_all.deb ...
| Entpacken von debootstrap (1.0.88) über (1.0.87) ...
| Trigger für menu (2.1.47) werden verarbeitet ...
| tcsh (6.20.00-6) wird eingerichtet ...
| update-alternatives: Fehler: Alternativen-Pfad /bin/tcsh existiert nicht
| dpkg: Fehler beim Bearbeiten des Paketes tcsh (--configure):
|  Unterprozess installiertes post-installation-Skript gab den Fehlerwert 2 
zurück
`

The update-alternatives error happens because the postinst script is
trying to set up the alternative before creating the /bin/tcsh symlink,
AFAICS.


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (101, 'experimental')
Architecture: i386 (x86_64)

Kernel: Linux 4.9.8-nouveau (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages tcsh depends on:
ii  libc6  2.24-9
ii  libtinfo5  6.0+20161126-1

tcsh recommends no packages.

tcsh suggests no packages.

-- no debconf information

Bug#845899: marked as pending

[Brian May]

tag 845899 pending
thanks

Hello,

Bug #845899 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:


http://git.debian.org/?p=python-modules/packages/python-mysqldb.git;a=commitdiff;h=6c3fd23

---
commit 6c3fd23496be891868525437c03c65fddb9ec7e9
Author: Brian May 
Date:   Thu Feb 9 17:09:33 2017 +1100

Incorporate changes from NMU 1.3.7-1.1

diff --git a/debian/changelog b/debian/changelog
index f2437e4..76ae468 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+python-mysqldb (1.3.7-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Switch Build-Depends to default-libmysqlclient-dev.  (Closes: #845899)
+  * Switch Suggests to default-mysql-* | virtual-mysql-*.
+(Closes: #848484, #848485)
+  * Remove Monty Taylor from Uploaders.  (Closes: #738180)
+  * Run dh_strip with option --no-automatic-dbgsym to avoid generation of
+-dbg-dbgsym packages.
+
+ -- Andreas Beckmann   Mon, 16 Jan 2017 14:51:04 +0100
+
 python-mysqldb (1.3.7-1) unstable; urgency=medium
 
   * New upstream version.

Processed: Bug#845899 marked as pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 845899 pending
Bug #845899 {Done: Andreas Beckmann } [python-mysqldb] 
python-mysqldb: switch to build depend on the metapackage 
default-libmysqlclient-dev
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
845899: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845899
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854655: marked as done (diffoscope: Missing Recommends for comparators)

[Debian Bug Tracking System]

Your message dated Thu, 09 Feb 2017 04:18:32 +
with message-id 
and subject line Bug#854655: fixed in diffoscope 74
has caused the Debian Bug report #854655,
regarding diffoscope: Missing Recommends for comparators
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
854655: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854655
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: diffoscope
Version: 71
Severity: serious

diffoscope 71 only:

   Recommends: xxd | vim-common, python3-argcomplete,
 python3-debian, python3-guestfs, python3-progressbar,
 python3-rpm: python3-tlsh (>= 3.4.1)

It should have — at least — unzip. For example, I am currently
seeing:

  'zipinfo' not available in path. Falling back to binary comparison.
  Install 'unzip' to get a better output.

— 
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/clojure.html

This appears to be a regression introduced in:

  
https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=4cdfa577f090ca942db42127811937357ae7135a


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
--- End Message ---
--- Begin Message ---
Source: diffoscope
Source-Version: 74

We believe that the bug you reported is fixed in the latest version of
diffoscope, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 854...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Lamb  (supplier of updated diffoscope package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 09 Feb 2017 16:58:28 +1300
Source: diffoscope
Binary: diffoscope
Architecture: source
Version: 74
Distribution: unstable
Urgency: medium
Maintainer: Reproducible builds folks 

Changed-By: Chris Lamb 
Description:
 diffoscope - in-depth comparison of files, archives, and directories
Closes: 854655
Changes:
 diffoscope (74) unstable; urgency=medium
 .
   * Add missing Recommends for comparators. This was a regression introduced in
 version 71 due to lazily-importing them; they were then not available when
 we called "--list-tools=debian" during package build. (Closes: #854655)
Checksums-Sha1:
 399c511edf1ff8b909591ad7855fe919dc7da81e 2972 diffoscope_74.dsc
 1b368a0536471416940d6455906ccd3bb3aa7065 340160 diffoscope_74.tar.xz
 cda65a321a85da21c1281cb5a7cdc1cf013ade45 16033 diffoscope_74_amd64.buildinfo
Checksums-Sha256:
 4c7a232a4c8c06e9843002c96d4b9e4f4c42761af30af45f8b392e757de1e3c3 2972 
diffoscope_74.dsc
 ef3bc280491394176fd32e76804c0d466ccaab9cdc946c07883c69a83fd904fd 340160 
diffoscope_74.tar.xz
 28ee64aa6289d1cd2afa61157bd49623ebe0db7234a4a5a477f0c05f5bb3b5c0 16033 
diffoscope_74_amd64.buildinfo
Files:
 89beaf15bd99de92df41641eaad0c9da 2972 devel optional diffoscope_74.dsc
 b39e3cbed1b9df8d2ee135583297e57a 340160 devel optional diffoscope_74.tar.xz
 a84f4516c3bf33ff75f33c774a021201 16033 devel optional 
diffoscope_74_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlib6isACgkQHpU+J9Qx
HlhxNBAAtWakdVhcQ0pU0C4tfDxiqHSmBbn27ordSBbEy6poDALR3qJ4kl723dP1
eT3K53ADYI7UV9W1khlLLrz9h5QXCQ3zs+lQiFXKw80ZPdFHMQcJeUxPs4kXsKsc
Ac60x7OH7vkgkvulcvrY0Xwcj9B8y8yxIFJM6TQhPiErTbDzUs75YUyLvbMuQViQ
BB2gDVHmSfGm7+2Fpr4lBUdVwiWfoQX79LaEMkZifNJ+kBawomV+a19REX9eFazx
khpw1NLTbbppzgAKMoHMo91ZxgqRHRJaTW+WsonE8gBk5eDT1QKIUoeKcOQKygTk
WYUUHPzQOJNL8BRf34Kc1fj4AnF/II9Ama9e1uq97wXR88VE5RYF13grjIpVedq0
njiHbd/IJkfX4kiJmAOZmNNwWenXOsFsn6Qsbr8dv7ouCC0HkujJQEq2pUbMZ4G7
ahTP5Kst+R7K2uIikZ20luyqzVsk1zmE4LOfZvvh2pPIACr7l2GewjdS8LnWN5J2
Kz61UFbYixiqH2CDM02juZU6xkMjJKYYTCS3qiJo2K/edX4A4DeH7/X4CB0HOKTR
jp6batXNfR3kqFGCqoeRrpepJeVkK4OM4ihNMVRTnlNJmC0moEpiVjHIpxLq8/pd
c1qgrzxmNT5kV2n+zPSOnlrDBaMyI4AcsUNwReEPxP1XkwcrROw=
=BMLX
-END PGP SIGNATURE End Message ---

Bug#854535: uwsgi: dpkg-buildpackage fails due to open with O_TMPFILE

[Nobuhiro Iwamatsu]

Hi, Jonas.

>> This error is caused by updated libc6.
>> The changelog in libc6(2.19-18+deb8u6) says as follows.
>>
>> - Fix open and openat functions with O_TMPFILE.  Closes: #832521.
>>
>> I found a fix to this issue in upstream.
>>
>> https://github.com/unbit/uwsgi/commit/f6e5db93d8344d7f09ee5304394136d6f5cd7a38
>
> Thanks a lot both for reporting this and locating upstream fix for it.
>
> This was fixed in Debian with the release of 2.0.10-1.  Closing
> accordingly.
>
>  - Jonas

Thanks for your work, but we want to fix this bug with *stable*.
Could you fix this bug and upload to stable as 2.0.7-1+deb8u1?

Best regards,
  Nobuhiro

-- 
Nobuhiro Iwamatsu
   iwamatsu at {nigauri.org / debian.org}
   GPG ID: 40AD1FA6

Bug#854655: diffoscope: Missing Recommends for comparators

[Chris Lamb]

tags 854655 + pending
thanks

Fixed in Git:

  
https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=46d5003dfd3328eb399797b87d2d5b5aff930c42


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Processed: Re: diffoscope: Missing Recommends for comparators

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 854655 + pending
Bug #854655 [diffoscope] diffoscope: Missing Recommends for comparators
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
854655: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854655
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854655: diffoscope: Missing Recommends for comparators

[Chris Lamb]

Package: diffoscope
Version: 71
Severity: serious

diffoscope 71 only:

   Recommends: xxd | vim-common, python3-argcomplete,
 python3-debian, python3-guestfs, python3-progressbar,
 python3-rpm: python3-tlsh (>= 3.4.1)

It should have — at least — unzip. For example, I am currently
seeing:

  'zipinfo' not available in path. Falling back to binary comparison.
  Install 'unzip' to get a better output.

— 
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/clojure.html

This appears to be a regression introduced in:

  
https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=4cdfa577f090ca942db42127811937357ae7135a


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Processed: fixed-upstream, pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 852811 + pending
Bug #852811 [systemd] udev: Doesn't start after upgrade mipsel, powerpc
Bug #853755 [systemd] udev: Doesn't start after upgrade mipsel, powerpc
Bug #853940 [systemd] udev: Doesn't start after upgrade mipsel, powerpc
Added tag(s) pending.
Added tag(s) pending.
Added tag(s) pending.
> tags 852811 + fixed-upstream
Bug #852811 [systemd] udev: Doesn't start after upgrade mipsel, powerpc
Bug #853755 [systemd] udev: Doesn't start after upgrade mipsel, powerpc
Bug #853940 [systemd] udev: Doesn't start after upgrade mipsel, powerpc
Added tag(s) fixed-upstream.
Added tag(s) fixed-upstream.
Added tag(s) fixed-upstream.
> --
Stopping processing here.

Please contact me if you need assistance.
-- 
852811: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852811
853755: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853755
853940: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853940
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854468: lprng: diff for NMU version 3.8.B-2.1

[Sandro Tosi]

control: tags -1 + pending

Dear maintainer,

I've prepared an NMU for lprng (versioned as 3.8.B-2.1) and
uploaded it to DELAYED/3. Please feel free to tell me if I
should delay it longer.

Sent on behalf of Reiner Herrmann 

Regards.
diff -Nru lprng-3.8.B/debian/changelog lprng-3.8.B/debian/changelog
--- lprng-3.8.B/debian/changelog	2012-06-11 04:07:15.0 -0400
+++ lprng-3.8.B/debian/changelog	2017-02-08 13:06:05.0 -0500
@@ -1,3 +1,11 @@
+lprng (3.8.B-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix silent loss of SSL support by checking against non-deprecated
+symbol (Closes: #854468).
+
+ -- Reiner Herrmann   Wed, 08 Feb 2017 19:06:05 +0100
+
 lprng (3.8.B-2) unstable; urgency=low
 
   * Compilies on hurd-i386 Closes: #671848
diff -Nru lprng-3.8.B/debian/patches/openssl_1.1.patch lprng-3.8.B/debian/patches/openssl_1.1.patch
--- lprng-3.8.B/debian/patches/openssl_1.1.patch	1969-12-31 19:00:00.0 -0500
+++ lprng-3.8.B/debian/patches/openssl_1.1.patch	2017-02-08 13:05:01.0 -0500
@@ -0,0 +1,34 @@
+Author: Reiner Herrmann 
+Description: Fix silent dropping of OpenSSL support
+ With OpenSSL 1.1 SSL_load_error_strings is deprecated.
+ Checking for this causes loss of SSL support, as the link check
+ no longer succeeded. Check instead for OPENSSL_init_ssl.
+Bug-Debian: https://bugs.debian.org/854468
+
+--- a/configure.ac
 b/configure.ac
+@@ -1008,7 +1008,7 @@
+ 			SSL_LDADD="-L$dir $SSL_LDADD"
+ 		fi
+ 		LDFLAGS="$LDFLAGS $SSL_LDADD"
+-		AC_TRY_LINK_FUNC(SSL_load_error_strings,ac_linked_libssl="true",
++		AC_TRY_LINK_FUNC(OPENSSL_init_ssl,ac_linked_libssl="true",
+ 			ac_linked_libssl="false");
+ 		AC_TRY_LINK_FUNC(RC4_set_key,ac_linked_libcrypto="true",
+ 			ac_linked_libcrypto="false");
+--- a/configure
 b/configure
+@@ -10408,11 +10408,11 @@
+ #ifdef __cplusplus
+ extern "C"
+ #endif
+-char SSL_load_error_strings ();
++char OPENSSL_init_ssl ();
+ int
+ main ()
+ {
+-return SSL_load_error_strings ();
++return OPENSSL_init_ssl ();
+   ;
+   return 0;
+ }
diff -Nru lprng-3.8.B/debian/patches/series lprng-3.8.B/debian/patches/series
--- lprng-3.8.B/debian/patches/series	2012-06-11 02:49:05.0 -0400
+++ lprng-3.8.B/debian/patches/series	2017-02-08 13:01:42.0 -0500
@@ -1,3 +1,4 @@
 lpd_conf_manwarnings
 portable_maxpathlen
 string_literals
+openssl_1.1.patch

Bug#854548: xrdp fails to start at boot

[Joel]

On Wed, 8 Feb 2017 11:19:54 -0500 RLFrost  wrote:
> I have this bug on two systems running stretch as well. The problem for
> me is a missing directory /run/xrdp. When I create that directory
> xrdp-sesman can be started functions properly. On reboot, the directory
> is deleted and the service doesn't work again until the directory is
> created and the service restarted. Hope this helps.
>
> RLFrost
>
>

Same issue here, same fix also works.

Processed: lprng: diff for NMU version 3.8.B-2.1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + pending
Bug #854468 [src:lprng] lprng silently loses authentication support when 
compiled with OpenSSL 1.1
Ignoring request to alter tags of bug #854468 to the same tags previously set

-- 
854468: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854468
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854279: matplotlib: contains fonts without DFSG-compatible licensing

[Sandro Tosi]

> The "base 14" fonts below lib/matplotlib/mpl-data/fonts/pdfcorefonts
> includes a seemingly non-authoritative liense grant which is omitted
> from debian/copyright.
>
> Some of the fonts below lib/matplotlib/mpl-data/fonts/afm also by Adobe
> lack license as well - also already documented in debian/copyright.

l'll add/extend the copyright notices for these 2 blocks

> The fonts lib/matplotlib/mpl-data/fonts/ttf/c*ttf do not include license
> - they seem to be BaKoMa which some sources mention as "free" while e.g.
> http://www.math.utah.edu/~beebe/fonts/bakoma.html describe them as free
> only for non-commercial use.
+
> 0.82-1 seems to confirm by guess that the c*ttf fonst are BaKoMa and
> that they are restricted to non-commercial use: That release contains
> file fonts/BaKoMa-CM.Fonts with the following text:
>
>> The author of this fonts grants to any individual or non-commercial
>> organization the right to use and to make an unlimited number of
>> copies of full package or selected fonts when this is done WITHOUT
>> CHARGE and has attached this file with licence agreement.
>>
>> This fonts cannot be sold or distributed with any commercial product
>> or used in any commercial organization without additional agreement
>> with author. If you want to charge a small fee via distribution these
>> fonts or any derivations from this fonts, you should contact the
>> author.
>>
>> This restriction is also true for only outlines from this fonts. i.e.
>> outlines exported into other font formats, for example TrueType or
>> Type3.
>>
>> This restriction is not intended to apply to connect time charges, or
>> flat rate connection/download fees for electronic bulletin board
>> services.

0.82-1 is way old and cannot be used as reference.

those fonts are the same as provided by fonts-lyx

$ ls -l /usr/share/fonts/truetype/lyx/c*ttf
-rw-r--r-- 1 root root 20688 Jul  2  2016
/usr/share/fonts/truetype/lyx/cmex10.ttf
-rw-r--r-- 1 root root 32036 Jul  2  2016
/usr/share/fonts/truetype/lyx/cmmi10.ttf
-rw-r--r-- 1 root root 26188 Jul  2  2016
/usr/share/fonts/truetype/lyx/cmr10.ttf
-rw-r--r-- 1 root root 28476 Jul  2  2016
/usr/share/fonts/truetype/lyx/cmsy10.ttf

see also 
https://github.com/matplotlib/matplotlib/issues/6976#issuecomment-270002766

i'll include that copyright notice as well

-- 
Sandro "morph" Tosi
My website: http://sandrotosi.me/
Me at Debian: http://wiki.debian.org/SandroTosi
G+: https://plus.google.com/u/0/+SandroTosi

Processed: le-dico-de-rene-cougnenc: diff for NMU version 1.3-2.3

[Debian Bug Tracking System]

Processing control commands:

> tags 852659 + pending
Bug #852659 [le-dico-de-rene-cougnenc] [le-dico-de-rene-cougnenc] segment fault
Added tag(s) pending.

-- 
852659: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852659
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854512: ftpcopy: diff for NMU version 0.6.7-3.1

[Sandro Tosi]

Control: tags 854512 + pending

Dear maintainer,

I've prepared an NMU for ftpcopy (versioned as 0.6.7-3.1) and
uploaded it to DELAYED/3. Please feel free to tell me if I
should delay it longer.

Sent on behalf of Reiner Herrmann 

Regards.
diff -u ftpcopy-0.6.7/debian/changelog ftpcopy-0.6.7/debian/changelog
--- ftpcopy-0.6.7/debian/changelog
+++ ftpcopy-0.6.7/debian/changelog
@@ -1,3 +1,11 @@
+ftpcopy (0.6.7-3.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTBFS by calling dpkg-shlibdeps only for binaries and not
+the ftpcp shell script (Closes: #854512).
+
+ -- Reiner Herrmann   Wed, 08 Feb 2017 18:57:50 +0100
+
 ftpcopy (0.6.7-3) unstable; urgency=medium
 
   * debian/diff/disable--html-option.diff: the --html option is no
diff -u ftpcopy-0.6.7/debian/rules ftpcopy-0.6.7/debian/rules
--- ftpcopy-0.6.7/debian/rules
+++ ftpcopy-0.6.7/debian/rules
@@ -69,7 +69,7 @@
 install-indep: deb-checkdir deb-checkuid build-indep-stamp
 
 binary-arch: deb-checkdir deb-checkuid install-arch ftpcopy.deb
-	test '$(DIET)' -ne 0 || dpkg-shlibdeps '$(DIR)'/usr/bin/*
+	test '$(DIET)' -ne 0 || dpkg-shlibdeps '$(DIR)'/usr/bin/ftpcopy '$(DIR)'/usr/bin/ftpls
 	dpkg-gencontrol -isp -pftpcopy -P'$(DIR)' 
 	dpkg -b '$(DIR)' ..
 

Bug#852659: le-dico-de-rene-cougnenc: diff for NMU version 1.3-2.3

[Sandro Tosi]

Control: tags 852659 + pending

Dear maintainer,

I've prepared an NMU for le-dico-de-rene-cougnenc (versioned as 1.3-2.3) and
uploaded it to DELAYED/3. Please feel free to tell me if I
should delay it longer.

Sent on behalf of Bernhard Übelacker 

Regards.
diff -u le-dico-de-rene-cougnenc-1.3/debian/changelog le-dico-de-rene-cougnenc-1.3/debian/changelog
--- le-dico-de-rene-cougnenc-1.3/debian/changelog
+++ le-dico-de-rene-cougnenc-1.3/debian/changelog
@@ -1,3 +1,11 @@
+le-dico-de-rene-cougnenc (1.3-2.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Build with debug info to make dbgsym package usable.
+  * Avoid segfault by undefined behaviour. (Closes: #852659)
+
+ -- Bernhard Übelacker   Wed, 08 Feb 2017 22:03:54 +0100
+
 le-dico-de-rene-cougnenc (1.3-2.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -u le-dico-de-rene-cougnenc-1.3/src/dico.c le-dico-de-rene-cougnenc-1.3/src/dico.c
--- le-dico-de-rene-cougnenc-1.3/src/dico.c
+++ le-dico-de-rene-cougnenc-1.3/src/dico.c
@@ -1040,7 +1040,8 @@
  
 while (*str)
 {
-   *str = EquivalTable[ *str++ ] ;
+   *str = EquivalTable[ *str ] ;
+   str++;
 }
 
  return p ;
only in patch2:
unchanged:
--- le-dico-de-rene-cougnenc-1.3.orig/src/Makefile
+++ le-dico-de-rene-cougnenc-1.3/src/Makefile
@@ -2,8 +2,8 @@
 prefix = /usr
 
 dico: dico.c killposte.c
-	gcc dico.c -o dico
-	gcc killposte.c -o killposte
+	gcc -g dico.c -o dico
+	gcc -g killposte.c -o killposte
 
 clean:
 	rm -fr *~ dico killposte *.1 manpage.links manpage.refs

Bug#851707: pinentry-gtk-2 frequently fails to grab the keyboard under awesome

[Daniel Kahn Gillmor]

On Mon 2017-02-06 04:49:44 -0500, Vincent Lefevre wrote:
> On 2017-02-02 19:29:19 +0100, Vincent Bernat wrote:
>> Index: pinentry-1.0.0/gtk+-2/pinentry-gtk-2.c
>> ===
>> --- pinentry-1.0.0.orig/gtk+-2/pinentry-gtk-2.c
>> +++ pinentry-1.0.0/gtk+-2/pinentry-gtk-2.c
> [...]
>> -  while (tries++ < max_tries && err == GDK_GRAB_NOT_VIEWABLE);
>> +  while (tries++ < max_tries && err == GDK_GRAB_NOT_VIEWABLE
>> + && (usleep(1000), TRUE));
> [...]
>>while (tries++ < max_tries && (err == GDK_GRAB_NOT_VIEWABLE
>> - || err == GDK_GRAB_ALREADY_GRABBED));
>> + || err == GDK_GRAB_ALREADY_GRABBED)
>> + && (usleep(1000), TRUE));
>
> I don't know how it has eventually been fixed, but FYI, usleep()
> is obsolete. The usleep(3) man page says:
>
>   CONFORMING TO
>   4.3BSD,  POSIX.1-2001.   POSIX.1-2001  declares this function
>   obsolete; use nanosleep(2) instead.  POSIX.1-2008 removes the
>   specification of usleep().

patches welcome to do the conversion if this matters to anyone. i'm not
going to lose any usleep over this deprecation right now, since i think
we'll have that function available for a long time in debian.

 --dkg


signature.asc
Description: PGP signature

Processed: ftpcopy: diff for NMU version 0.6.7-3.1

[Debian Bug Tracking System]

Processing control commands:

> tags 854512 + pending
Bug #854512 [src:ftpcopy] ftpcopy: FTBFS: dpkg-shlibdeps: error: cannot read 
«BUILDDIR»/debian/ftpcopy/usr/bin/ftpcp
Added tag(s) pending.

-- 
854512: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854512
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#852659: [le-dico-de-rene-cougnenc] segment fault

[Sandro Tosi]

Hello Bernhard,

On Wed, Feb 8, 2017 at 4:43 PM, Bernhard Übelacker
 wrote:
> Hello Sandro,
>
> Am 08.02.2017 um 01:24 schrieb Sandro Tosi:
>> Hey Bernhard,
>> would be interested in preparing a NMU package with your patches
>> included (feel free to reply to me in private if you need instructions
>> on how to do that)? alternatively i'd be happy to NMU this myself
>
> I tried to prepare a package and put it in [1].
> Is it right how the changes are applied and what the changelog contains?
> The package would then still need a sponsor.

i just uploaded your nmu in delayed/3 (so the maintainer has 3 days of
time before it actually reaches the archive); it all look good, i'm
only a bit  wary about the -dbgsym change, but we'll look how it works
out in the end. please remember to follow up with the release team
once it's accepted.

Thanks for your contribution to Debian!

-- 
Sandro "morph" Tosi
My website: http://sandrotosi.me/
Me at Debian: http://wiki.debian.org/SandroTosi
G+: https://plus.google.com/u/0/+SandroTosi

Bug#854487: [Pkg-puppet-devel] Bug#854487: Bug#854487: Bug#854487: Bug#854487: Binary-only package puppet was silently converted into a package shipping and running a service

[Russ Allbery]

Apollon Oikonomopoulos  writes:

> Additionally, all the setups I know of use cron for running the puppet
> agent, so these admins will want the service disabled anyway (of course
> this is argumentum ad populum, but it serves as an indication that this
> is not an unreasonable course of action).

Yeah, this is a good argument.  Works for me!  It's also good to use a
more robust mechanism for doing this so that we don't get accidental
problems in the future when the locking stuff changes again.

-- 
Russ Allbery (r...@debian.org)   

Processed: affects

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> affects 850229 src:dune-grid
Bug #850229 [openmpi-bin] openmpi-bin: default for oversubscription changed
Bug #850559 [openmpi-bin] openmpi-bin: default for oversubscription changed
Added indication that 850229 affects src:dune-grid
Added indication that 850559 affects src:dune-grid
> affects 850229 src:dune-pdelab
Bug #850229 [openmpi-bin] openmpi-bin: default for oversubscription changed
Bug #850559 [openmpi-bin] openmpi-bin: default for oversubscription changed
Added indication that 850229 affects src:dune-pdelab
Added indication that 850559 affects src:dune-pdelab
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
850229: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850229
850559: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850559
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: openmpi-bin: default for oversubscription changed

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 850559 serious
Bug #850559 [openmpi-bin] openmpi-bin: default for oversubscription changed
Bug #850229 [openmpi-bin] openmpi-bin: default for oversubscription changed
Severity set to 'serious' from 'important'
Severity set to 'serious' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
850229: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850229
850559: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850559
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854647: doc-linux-hr: Too outdated for being useful

[Adrian Bunk]

Package: doc-linux-hr
Version: 2416.1+nmu1
Severity: serious

I do not speak Croatian, but both from looking the contents
of the package and reading debian/copyright it is clear that
these are HOWTOs (several of them translations from English ones)
that date from 1995-2000.

Bug#853772: marked as done (1.8-1 crashes when attempting to download from www.svtplay.se)

[Gunnar Hjalmarsson]

Hi Olof,

I acted on this primarily to prevent the buggy 1.8-1 from ending up in 
Ubuntu 17.04. Thanks to Mattia it's now fixed in both 17.04 and unstable.


I have uploaded a more spot on fix to this PPA (debdiff attached):

https://launchpad.net/~gunnarhj/+archive/ubuntu/svtplay-dl

I assumed that this bug report can be reopened for the purpose.

HTH

--
Gunnar Hjalmarsson
https://launchpad.net/~gunnarhj
diff -ru svtplay-dl-1.8.orig/debian/changelog svtplay-dl-1.8/debian/changelog
--- svtplay-dl-1.8.orig/debian/changelog2016-11-15 20:25:32.0 
+0100
+++ svtplay-dl-1.8/debian/changelog 2017-02-08 22:33:06.445766021 +0100
@@ -1,3 +1,10 @@
+svtplay-dl (1.8-1.1~ppa) yakkety; urgency=medium
+
+  * debian/patches/debian-changes:
+Fix KeyError crash, issue #528. Closes: #853772
+
+ -- Gunnar Hjalmarsson   Wed, 08 Feb 2017 22:33:00 +0100
+
 svtplay-dl (1.8-1) unstable; urgency=medium
 
   * New upstream version 1.8
diff -ru svtplay-dl-1.8.orig/debian/patches/debian-changes 
svtplay-dl-1.8/debian/patches/debian-changes
--- svtplay-dl-1.8.orig/debian/patches/debian-changes   2016-11-15 
20:25:32.0 +0100
+++ svtplay-dl-1.8/debian/patches/debian-changes2017-02-08 
22:31:18.837408272 +0100
@@ -32,3 +32,118 @@
  
  svtplay-dl: $(PYFILES)
@# Verify that there's no .build already \
+
+Description: Fix KeyError crash
+Origin: https://github.com/spaam/svtplay-dl/commit/dac1b6
+Bug: https://bugs.debian.org/853772
+
+--- a/lib/svtplay_dl/service/svtplay.py2016-11-14 23:53:49.0 
+0100
 b/lib/svtplay_dl/service/svtplay.py2017-02-08 21:56:34.415324777 
+0100
+@@ -50,16 +50,22 @@
+ for i in janson["video"]["subtitles"]:
+ if i["format"] == "WebSRT":
+ yield subtitle(copy.copy(self.options), "wrst", i["url"])
++if "programVersionId" in janson["video"]:
++vid = janson["video"]["programVersionId"]
++else:
++vid = janson["video"]["id"]
++res = 
self.http.get("http://api.svt.se/videoplayer-api/video/{}".format(vid))
++janson = res.json()
+ 
+-if "videoReferences" in janson["video"]:
+-if len(janson["video"]["videoReferences"]) == 0:
++if "videoReferences" in janson:
++if len(janson["videoReferences"]) == 0:
+ yield ServiceError("Media doesn't have any associated videos 
(yet?)")
+ return
+ 
+-for i in janson["video"]["videoReferences"]:
++for i in janson["videoReferences"]:
+ parse = urlparse(i["url"])
+ query = parse_qs(parse.query)
+-if i["playerType"] == "hls" or i["playerType"] == "ios":
++if i["format"] == "hls":
+ streams = hlsparse(self.options, self.http.request("get", 
i["url"]), i["url"])
+ if streams:
+ for n in list(streams.keys()):
+@@ -71,7 +77,7 @@
+ if streams:
+ for n in list(streams.keys()):
+ yield streams[n]
+-if i["playerType"] == "playerType" or i["playerType"] == 
"flash":
++if i["format"] == "hds":
+ match = re.search(r"\/se\/secure\/", i["url"])
+ if not match:
+ streams = hdsparse(self.options, 
self.http.request("get", i["url"], params={"hdcore": "3.7.0"}), i["url"])
+@@ -85,7 +91,7 @@
+ if streams:
+ for n in list(streams.keys()):
+ yield streams[n]
+-if i["playerType"] == "dash264" or i["playerType"] == 
"dashhbbtv":
++if i["format"] == "dash264" or i["format"] == "dashhbbtv":
+ streams = dashparse(self.options, 
self.http.request("get", i["url"]), i["url"])
+ if streams:
+ for n in list(streams.keys()):
+@@ -119,7 +125,7 @@
+ 
+ def _genre(self, jansson):
+ videos = []
+-for i in jansson["clusterPage"]["content"]["clips"]:
++for i in jansson["clusterPage"]["clips"]:
+ videos.append(i["contentUrl"])
+ return videos
+ 
+@@ -147,16 +153,16 @@
+ if re.search("/genre", parse.path):
+ videos = self._genre(dataj)
+ else:
+-items = dataj["videoTitlePage"]["realatedVideosTabs"]
++items = dataj["videoTitlePage"]["relatedVideosTabs"]
+ for i in items:
+ if "sasong" in i["slug"]:
+ for n in i["videos"]:
+-if n["url"] not in videos:
+-videos.append(n["url"])
++if n["contentUrl"] not in videos:
++ 

Bug#854616: [pkg-gnupg-maint] Bug#854616: Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[Daniel Kahn Gillmor]

On Wed 2017-02-08 16:15:21 -0500, NIIBE Yutaka wrote:
> No, this is not a hack.  This is a configuration needed.
>
> It seems for me that Yubico has been recommended use of PC/SC service.
> Since no one has reported for use of internal CCID driver, there is no
> entry for Yubikey in /lib/udev/rules.d/60-scdaemon.rules on Debian.
>
> Now, since it is confirmed, we should add an entry.

Hi Gniibe--

Thanks for your work on sorting this out!  If there are patches that
should go into the scdaemon package for stretch, we should include,
hopefully soon!

If you want to roll a release of the gnupg2 package to update scdaemon,
that's fine with me.  Or if you'd rather push a series of patches to our
shared git repository on alioth for an extra pair of eyes, i'm happy to
review them when they're ready.

or, send patches upstream and post commit IDs here, or send a separate
patch go pkg-gnupg-maint, however you prefer :)

There are a few other udev rule updates that seem to be pending in
https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=scdaemon;dist=unstable
and i think a patch (or series of patches) to include them all would be
completely reasonable to aim for inclusion with stretch.

Thanks for the smartcard wrangling!

   --dkg


signature.asc
Description: PGP signature

Processed: tagging 854640

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 854640 + pending
Bug #854640 [src:firefox-esr] firefox-esr: FTBFS on arm{el,hf}: 
mozpack.errors.ErrorMessage: Error: Error while running startup cache 
precompilation
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
854640: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854640
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854575: marked as done (tcsh: postrm called with unknown argument `upgrade')

[Debian Bug Tracking System]

Your message dated Wed, 08 Feb 2017 22:19:52 +
with message-id 
and subject line Bug#854575: fixed in tcsh 6.20.00-6
has caused the Debian Bug report #854575,
regarding tcsh: postrm called with unknown argument `upgrade'
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
854575: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854575
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: tcsh
Version: 6.20.00-5
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package failed to reinstall. As
per definition of the release team this makes the package too buggy for
a release, thus the severity.

>From the attached log (scroll to the bottom...):

0m29.8s DEBUG: Starting command: ['chroot', '/tmp/piupartss/tmpM7qNLJ', 
'apt-get', '-y', 'install', '--reinstall', 'tcsh=6.20.00-5']
0m30.9s DUMP: 
  Reading package lists...
  Building dependency tree...
  Reading state information...
  debconf: delaying package configuration, since apt-utils is not installed
  0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 0 not upgraded.
  Need to get 0 B/470 kB of archives.
  After this operation, 0 B of additional disk space will be used.
  (Reading database ... 
(Reading database ... 4745 files and directories currently installed.)
  Preparing to unpack .../tcsh_6.20.00-5_amd64.deb ...
  Unpacking tcsh (6.20.00-5) over (6.20.00-5) ...
  postrm called with unknown argument `upgrade'
  dpkg: warning: subprocess old post-removal script returned error exit status 1
  dpkg: trying script from the new package instead ...
  /usr/sbin/remove-shell
  dpkg: ... it looks like that went OK
  Setting up tcsh (6.20.00-5) ...
  update-alternatives: error: alternative path /bin/tcsh doesn't exist
  dpkg: error processing package tcsh (--configure):
   subprocess installed post-installation script returned error exit status 2
  Errors were encountered while processing:
   tcsh
  E: Sub-process /usr/bin/dpkg returned an error code (1)
0m30.9s ERROR: Command failed (status=100): ['chroot', 
'/tmp/piupartss/tmpM7qNLJ', 'apt-get', '-y', 'install', '--reinstall', 
'tcsh=6.20.00-5']


cheers,

Andreas


tcsh_6.20.00-5.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: tcsh
Source-Version: 6.20.00-6

We believe that the bug you reported is fixed in the latest version of
tcsh, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 854...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Lange  (supplier of updated tcsh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 08 Feb 2017 21:53:19 +
Source: tcsh
Binary: tcsh
Architecture: source amd64
Version: 6.20.00-6
Distribution: unstable
Urgency: high
Maintainer: Thomas Lange 
Changed-By: Thomas Lange 
Description:
 tcsh   - TENEX C Shell, an enhanced version of Berkeley csh
Closes: 854575
Changes:
 tcsh (6.20.00-6) unstable; urgency=high
 .
   * postrm: move code for upgrade case, Closes: #854575
Checksums-Sha1:
 0b258480ba6e1c8768b081dee3884dbb9628a32a 1844 tcsh_6.20.00-6.dsc
 dc14ec33587f25f571106ae3037de55d6e935dbd 23081 tcsh_6.20.00-6.diff.gz
 a5c6a2a3fd9bc52e3235ec52ea34bfef90ce35f3 538640 tcsh-dbgsym_6.20.00-6_amd64.deb
 92a62ccb171c4df52062c5b5ef936b0834057670 4956 tcsh_6.20.00-6_amd64.buildinfo
 97b43e39f9c8721bf22c0cb8b0074b56d4ee3d6a 470054 tcsh_6.20.00-6_amd64.deb
Checksums-Sha256:
 be4decfbd588efc60aeba17b38938865aed679511de4e01f9c74fd07b216fae9 1844 
tcsh_6.20.00-6.dsc
 77a5a9bbfde2f97ae28a6ac64f75c4b3e79437a601aba7bf24ff8875b59fee7b 23081 
tcsh_6.20.00-6.diff.gz
 00cb7c9639166afac43f264e88e8bc8fad6138b36b1e0e35766adf3f61989f26 538640 
tcsh-dbgsym_6.20.00-6_amd64.deb
 7cf78d67523f3b2c6e6049790741a693cf3b1c4ac1a7ac69c1dc65f7e461d399 4956 
tcsh_6.20.00-6_amd64.buildinfo
 52d599ebc286ae165bd8ba1c97a4c787d560fcb18797fb384f3fda818caa86c9 470054 
tcsh_6.20.00-6_amd64.deb
Files:
 abdae36b2e62338772ae82a162b838e7 1844 shells optional tcsh_6.20.00-6.dsc
 

Bug#854640: firefox-esr: FTBFS on arm{el,hf}: mozpack.errors.ErrorMessage: Error: Error while running startup cache precompilation

[Emilio Pozuelo Monfort]

Source: firefox-esr
Version: 45.7.0esr-2
Severity: serious

Hi,

As you expected, firefox-esr failed to build on armel/armhf with GCC 6:

Executing /«PKGBUILDDIR»/build-browser/dist/bin/xpcshell -g 
/«PKGBUILDDIR»/build-browser/dist/bin/ -a 
/«PKGBUILDDIR»/build-browser/dist/bin/ -f 
/«PKGBUILDDIR»/toolkit/mozapps/installer/precompile_cache.js -e 
precompile_startupcache("resource://gre/");
Traceback (most recent call last):
  File "/«PKGBUILDDIR»/toolkit/mozapps/installer/packager.py", line 406, in 

main()
  File "/«PKGBUILDDIR»/toolkit/mozapps/installer/packager.py", line 400, in main
args.source, gre_path, base)
  File "/«PKGBUILDDIR»/toolkit/mozapps/installer/packager.py", line 161, in 
precompile_cache
errors.fatal('Error while running startup cache precompilation')
  File "/«PKGBUILDDIR»/python/mozbuild/mozpack/errors.py", line 103, in fatal
self._handle(self.FATAL, msg)
  File "/«PKGBUILDDIR»/python/mozbuild/mozpack/errors.py", line 98, in _handle
raise ErrorMessage(msg)
mozpack.errors.ErrorMessage: Error: Error while running startup cache 
precompilation
/«PKGBUILDDIR»/toolkit/mozapps/installer/packager.mk:41: recipe for target 
'stage-package' failed

I wonder if building without some optimization flags would help. I tried
to build with noopt on harris but the build failed earlier:

Executing: g++ -Wdate-time -Wall -Wempty-body -Woverloaded-virtual 
-Wsign-compare -Wwrite-strings -Wno-invalid-offsetof -fstack-protector-strong 
-Wformat -Werror=format-security -D__ARM_PCS 
-fno-schedule-insns2 -fno-lifetime-dse -fno-delete-null-pointer-checks 
-fno-exceptions -fno-strict-aliasing -fno-rtti -ffunction-sections 
-fdata-sections -fno-exceptions -fno-math-errno -std
=gnu++0x -pthread -pipe -DNDEBUG -DTRIMMED -g -o buffered_stun_socket_unittest 
/home/pochu/pochu-sid-firefox-esr/firefox-esr-45.7.0esr/build-browser/media/mtransport/test/tmpv98CrM.list
 -lpt
hread -Wl,--as-needed -Wl,--reduce-memory-overheads -Wl,--no-keep-memory 
-Wl,--stats -Wl,-z,noexecstack -Wl,-z,text -Wl,--build-id 
-Wl,-rpath-link,/home/pochu/pochu-sid-firefox-esr/firefox-e
sr-45.7.0esr/build-browser/dist/bin -Wl,-rpath-link,/usr/lib 
../../../intl/icu/target/lib/libicui18n.a 
../../../intl/icu/target/lib/libicuuc.a 
../../../intl/icu/target/lib/libicudata.a -pie 
-ldl -L/usr/lib/arm-linux-gnueabi -lplds4 -lplc4 -lnspr4 -lpthread -ldl -lssl3 
-lsmime3 -lnss3 -lnssutil3 -lcrmf -lrt
/home/pochu/pochu-sid-firefox-esr/firefox-esr-45.7.0esr/build-browser/media/mtransport/test/tmpv98CrM.list:
INPUT("buffered_stun_socket_unittest.o")
INPUT("../../webrtc/trunk/testing/gtest_gtest/Unified_cpp_trunk_testing0.o")
[...]
INPUT("../../../netwerk/sctp/src/user_recv_thread.o")
INPUT("../../../netwerk/sctp/src/user_socket.o")

../standalone/test_nr_socket.o: In function `__throw_bad_alloc':
/home/pochu/pochu-sid-firefox-esr/firefox-esr-45.7.0esr/build-browser/media/mtransport/standalone/../../../dist/include/mozilla/throw_gcc.h:37:
 undefined reference to `mozalloc_abort'
/home/pochu/pochu-sid-firefox-esr/firefox-esr-45.7.0esr/build-browser/media/mtransport/standalone/../../../dist/include/mozilla/throw_gcc.h:37:
 undefined reference to `mozalloc_abort'
/home/pochu/pochu-sid-firefox-esr/firefox-esr-45.7.0esr/build-browser/media/mtransport/standalone/../../../dist/include/mozilla/throw_gcc.h:37:
 undefined reference to `mozalloc_abort'
collect2: error: ld returned 1 exit status

Cheers,
Emilio

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (800, 'unstable'), (700, 'experimental'), (650, 'testing'), (500, 
'unstable-debug'), (500, 'testing-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#852659: [le-dico-de-rene-cougnenc] segment fault

[Bernhard Übelacker]

Hello Sandro,

Am 08.02.2017 um 01:24 schrieb Sandro Tosi:
> Hey Bernhard,
> would be interested in preparing a NMU package with your patches
> included (feel free to reply to me in private if you need instructions
> on how to do that)? alternatively i'd be happy to NMU this myself

I tried to prepare a package and put it in [1].
Is it right how the changes are applied and what the changelog contains?
The package would then still need a sponsor.

Kind regards,
Bernhard

[1] https://mentors.debian.net/package/le-dico-de-rene-cougnenc

Bug#854616: [pkg-gnupg-maint] Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[NIIBE Yutaka]

Antoine Beaupré  writes:
> This reminds me - it sure looks like pcscd was crashing back
> there. Should I revert back to using pcscd to try and reproduce the
> problem and file a pcscd bug about this?

Yes.  I think that this is a different problem, and it's pcscd issue.
-- 

Bug#854616: [pkg-gnupg-maint] Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[Antoine Beaupré]

On 2017-02-09 06:15:21, NIIBE Yutaka wrote:
> Antoine Beaupré  writes:
>>> If this works, the udev line should be included into scdaemon package in
>>> future, so that each user doesn't need to configure.
>>
>> I confirm the udev hack works.
>
> No, this is not a hack.  This is a configuration needed.

This reminds me - it sure looks like pcscd was crashing back
there. Should I revert back to using pcscd to try and reproduce the
problem and file a pcscd bug about this?

A.

-- 
La guerre, c'est le massacre d'hommes qui ne se connaissent pas,
au profit d'hommes qui se connaissent mais ne se massacreront pas.
- Paul Valéry

Bug#854616: [pkg-gnupg-maint] Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[Antoine Beaupré]

On 2017-02-09 06:15:21, NIIBE Yutaka wrote:
> Thanks a lot for your confirmation.
>
> Antoine Beaupré  writes:
>>> If this works, the udev line should be included into scdaemon package in
>>> future, so that each user doesn't need to configure.
>>
>> I confirm the udev hack works.
>
> No, this is not a hack.  This is a configuration needed.

Sorry for my imprecise vocabulary. This is all very obscure to me, so
everything looks like a hack. :)

> It seems for me that Yubico has been recommended use of PC/SC service.

I don't know about this, but that's how I made it work the first time. I
took this document as a source for how to make it work:

https://blog.night-shade.org.uk/2015/04/ssh-support-in-gpg-agent-on-ubunt/

... which suggests installing pcscd.

> Since no one has reported for use of internal CCID driver, there is no
> entry for Yubikey in /lib/udev/rules.d/60-scdaemon.rules on Debian.
>
> Now, since it is confirmed, we should add an entry.

Thanks for the clarification!

A.

-- 
La propriété est un piège: ce que nous croyons posséder nous possède.
- Alphonse Karr

Bug#845729: marked as done (libtspi-dev must not force OpenSSL 1.1 on packages that are not ready)

[Debian Bug Tracking System]

Your message dated Wed, 8 Feb 2017 23:31:25 +0200
with message-id <20170208213125.kuqluqlef3wcay64@localhost>
and subject line Re: Bug#845729: libtspi-dev must not force OpenSSL 1.1 on 
packages that are not ready
has caused the Debian Bug report #845729,
regarding libtspi-dev must not force OpenSSL 1.1 on packages that are not ready
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
845729: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845729
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libtspi-dev
Version: 0.3.14+fixed1-1
Severity: serious
Control: block 827061 by -1

libtspi-dev must not force OpenSSL 1.1 on packages that
are not ready for 1.1

At least opencryptoki (#828465) and tpm-tools (#828577)
are not even compiling with OpenSSL 1.1

Options to solve this issue:
- fix all r-(b)deps to compile and work with OpenSSL 1.1, or
- use OpenSSL 1.0.2 in stretch
--- End Message ---
--- Begin Message ---
On Wed, Feb 08, 2017 at 08:24:39AM +0100, Sebastian Andrzej Siewior wrote:
> On 2017-01-17 19:34:59 [+0200], Adrian Bunk wrote:
> > Unfortunately tpm-tools is not fine, and even fixing the other trivial 
> > build error #811576 depends on this.
> 
> but now it is. Can this be closed?

Yes, closing.

> Sebastian

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed--- End Message ---

Processed: severity of 839789 is grave

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 839789 grave
Bug #839789 [loganalyzer] loganalyzer: update for syntax removals in PHP7.0
Severity set to 'grave' from 'important'
> # on stretch, without this patch all loganalyzer yields is an empty page 
> making the package useless, thus now adjusting the severity
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
839789: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839789
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854616: [pkg-gnupg-maint] Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[NIIBE Yutaka]

Thanks a lot for your confirmation.

Antoine Beaupré  writes:
>> If this works, the udev line should be included into scdaemon package in
>> future, so that each user doesn't need to configure.
>
> I confirm the udev hack works.

No, this is not a hack.  This is a configuration needed.

It seems for me that Yubico has been recommended use of PC/SC service.
Since no one has reported for use of internal CCID driver, there is no
entry for Yubikey in /lib/udev/rules.d/60-scdaemon.rules on Debian.

Now, since it is confirmed, we should add an entry.
-- 

Processed: severity of 851060 is grave

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # built but broken on a release architecture
> severity 851060 grave
Bug #851060 [libnids1.21] libnids1.21: can't assemble TCP streams on armhf
Severity set to 'grave' from 'normal'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
851060: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851060
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: [pkg-gnupg-maint] Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[Debian Bug Tracking System]

Processing control commands:

> tags 854616 -moreinfo +patch
Bug #854616 [scdaemon] scdaemon cannot access yubikey using ccid driver without 
pcscd
Removed tag(s) moreinfo.
Bug #854616 [scdaemon] scdaemon cannot access yubikey using ccid driver without 
pcscd
Added tag(s) patch.

-- 
854616: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854616
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854616: [pkg-gnupg-maint] Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[Antoine Beaupré]

On 2017-02-08 15:17:20, Daniel Kahn Gillmor wrote:
> Can you confirm that:
>
>  * disable-ccid is *not* set in scdaemon.conf

confirmed.

>  * pcscd is purged

confirmed.

>  * the same problem is present on 2.1.18-4 ?

confirmed.

pardon my french:

root@curie:/home/anarcat# apt install scdaemon/unstable gnupg-agent/unstable 
gpgsm/unstable
Lecture des listes de paquets... Fait
Construction de l'arbre des dépendances   
Lecture des informations d'état... Fait
Version choisie « 2.1.18-4 » (Debian:unstable [amd64]) pour « scdaemon »
Version choisie « 2.1.18-4 » (Debian:unstable [amd64]) pour « gnupg-agent »
Version choisie « 2.1.18-4 » (Debian:unstable [amd64]) pour « gpgsm »
Version choisie « 2.1.18-4 » (Debian:unstable [amd64]) pour « dirmngr » à cause 
de « gpgsm »
Version choisie « 2.1.18-4 » (Debian:unstable [amd64]) pour « gnupg » à cause 
de « dirmngr »
Version choisie « 2.1.18-4 » (Debian:unstable [all]) pour « gnupg-l10n » à 
cause de « gnupg »
The following additional packages will be installed:
  dirmngr gnupg
Paquets suggérés :
  parcimonie xloadimage
Paquets recommandés :
  gnupg-l10n
Les paquets suivants seront mis à jour :
  dirmngr gnupg gnupg-agent gpgsm scdaemon
5 mis à jour, 0 nouvellement installés, 0 à enlever et 36 non mis à jour.
Il est nécessaire de prendre 3 252 ko dans les archives.
Après cette opération, 0 o d'espace disque supplémentaires seront utilisés.
Souhaitez-vous continuer ? [O/n] 
Réception de:2 http://debian.mirror.constant.com/debian sid/main amd64 gnupg 
amd64 2.1.18-4 [1 126 kB]
Réception de:3 http://mirrors.cat.pdx.edu/debian sid/main amd64 scdaemon amd64 
2.1.18-4 [476 kB]
Réception de:4 http://debian.mirror.constant.com/debian sid/main amd64 gpgsm 
amd64 2.1.18-4 [502 kB]
Réception de:1 http://mirrors.ocf.berkeley.edu/debian sid/main amd64 dirmngr 
amd64 2.1.18-4 [595 kB]  
Réception de:5 http://mirrors.ocf.berkeley.edu/debian sid/main amd64 
gnupg-agent amd64 2.1.18-4 [554 kB]  
3 252 ko réceptionnés en 2s (1 294 ko/s)
[master 95fac63] saving uncommitted changes in /etc prior to apt run
 Author: Antoine Beaupré 
 1 file changed, 1 insertion(+), 1 deletion(-)
Récupération des rapports de bogue… Fait
Analyse des informations Trouvé/Corrigé… Fait
Lecture des fichiers de modifications (« changelog »)... Terminé
(Lecture de la base de données... 291155 fichiers et répertoires déjà 
installés.)
Préparation du dépaquetage de .../dirmngr_2.1.18-4_amd64.deb ...
Dépaquetage de dirmngr (2.1.18-4) sur (2.1.18-3) ...
Préparation du dépaquetage de .../gnupg_2.1.18-4_amd64.deb ...
Dépaquetage de gnupg (2.1.18-4) sur (2.1.18-3) ...
Préparation du dépaquetage de .../scdaemon_2.1.18-4_amd64.deb ...
Dépaquetage de scdaemon (2.1.18-4) sur (2.1.18-3) ...
Préparation du dépaquetage de .../gpgsm_2.1.18-4_amd64.deb ...
Dépaquetage de gpgsm (2.1.18-4) sur (2.1.18-3) ...
Préparation du dépaquetage de .../gnupg-agent_2.1.18-4_amd64.deb ...
Dépaquetage de gnupg-agent (2.1.18-4) sur (2.1.18-3) ...
Traitement des actions différées (« triggers ») pour install-info 
(6.3.0.dfsg.1-1+b1) ...
Traitement des actions différées (« triggers ») pour man-db (2.7.6.1-2) ...
Paramétrage de gnupg-agent (2.1.18-4) ...
Paramétrage de dirmngr (2.1.18-4) ...
Paramétrage de gnupg (2.1.18-4) ...
Paramétrage de scdaemon (2.1.18-4) ...
Paramétrage de gpgsm (2.1.18-4) ...
Scanning processes...   


Scanning candidates...  


Scanning linux images...


Running kernel seems to be up-to-date.
Restarting services...
Services being skipped:
 systemctl restart NetworkManager.service
 /etc/needrestart/restart.d/dbus.service
 systemctl restart lightdm.service
 systemctl restart systemd-journald.service
 systemctl restart systemd-logind.service
 systemctl restart wpa_supplicant.service
No containers need to be restarted.
User sessions running outdated binaries:
 anarcat @ session #2: emacs[1497], firefox.real[2085], pulseaudio[1306], 
xmonad-x86_64-l[1215]
 anarcat @ user manager service: at-spi-bus-laun[1291], gpg-agent[28488], 
systemd[1199]
root@curie:/home/anarcat# apt purge pcscd
Lecture des listes de paquets... Fait
Construction de l'arbre des dépendances   
Lecture des informations d'état... Fait
Le paquet suivant a été installé automatiquement et n'est plus nécessaire :
  libccid
Veuillez utiliser « apt autoremove » pour le supprimer.
Les paquets suivants seront ENLEVÉS :
  pcscd*
0 mis à jour, 0 nouvellement installés, 1 à enlever et 36 non mis à jour.
Après cette opération, 205 ko d'espace disque seront libérés.

Bug#854616: [pkg-gnupg-maint] Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[Antoine Beaupré]

Control: tags 854616 -moreinfo +patch

On 2017-02-09 05:33:38, NIIBE Yutaka wrote:
> Hello,
>
> Thank you for reporting in detail.

[...]

> If this works, the udev line should be included into scdaemon package in
> future, so that each user doesn't need to configure.

I confirm the udev hack works.

Thanks!

A.

-- 
Il faut respecter le noir. Rien ne le prostitue. Il est agent de
l'esprit bien plus que la belle couleur de la palette ou du prisme.
- Odilon Redon

Processed: Re: Bug#854421: systemd: "systemctl --user cat dirmngr.socket" produced garbage beyond # /dev/null

[Debian Bug Tracking System]

Processing control commands:

> retitle 854421 [CVE-2017-5550] kernel dumps arbitrary memory when splice()ing 
> from /dev/null
Bug #854421 {Done: Ben Hutchings } [src:linux] kernel 
dumps arbitrary memory when splice()ing from /dev/null
Changed Bug title to '[CVE-2017-5550] kernel dumps arbitrary memory when 
splice()ing from /dev/null' from 'kernel dumps arbitrary memory when 
splice()ing from /dev/null'.

-- 
854421: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854421
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854421: systemd: "systemctl --user cat dirmngr.socket" produced garbage beyond # /dev/null

[Daniel Kahn Gillmor]

Control: retitle 854421 [CVE-2017-5550] kernel dumps arbitrary memory when 
splice()ing from /dev/null

On Tue 2017-02-07 20:21:31 -0500, Ben Hutchings wrote:
> Control: reassign -1 src:linux 4.9.2-2
> Control: close -1 4.9.6-3
> Control: severity -1 serious
> Control: tag -1 security
>
> On Tue, 2017-02-07 at 11:14 -0500, Daniel Kahn Gillmor wrote:
>> On Tue 2017-02-07 10:49:39 -0500, Daniel Kahn Gillmor wrote:
>> > git clone https://0xacab.org/dkg/debian-bug-854421
>> > cd debian-bug-854421
>> > make
>> 
>> interestingly, on at least one machine i try this on, getting it to
>> reproduce is very infrequent with plain "make", even with the 20 tries
>> on kernel version 4.9.2-2.
>
> It's much less likely to happen if there's only one CPU.
>
>> however, "make strace" seems to tickle the bug further, and makes it
>> much more likely to reproduce on 4.9.2-2, even though it's only one
>> try.
>> 
>> with kernel 4.9.6-3 i haven't been able to reproduce it with either
>> "make" or "make strace".
>
> This is CVE-2017-5550, fixed by:
> https://git.kernel.org/linus/b9dc6f65bc5e232d1c05fe34b5daadc7e8bbf1fb

Thanks for tracking that down, Ben.  I can confirm that it's an infoleak
of the worst kind, unfortunately -- i filled the RAM of a root-owned
userspace process with an arbitrary string, and then triggered the dump
From a non-privileged process and managed to get copies of the arbitrary
string :(

   --dkg


signature.asc
Description: PGP signature

Bug#854463: marked as pending

[Balint Reczey]

tag 854463 pending
thanks

Hello,

Bug #854463 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

http://anonscm.debian.org/git/pkg-multimedia/kodi.git/commit/?id=4bb8176

---
commit 4bb8176fbcf5b92a0348a83218e728f27869
Author: Balint Reczey 
Date:   Wed Feb 8 21:50:35 2017 +0100

Update changelog

diff --git a/debian/changelog b/debian/changelog
index 397ca66..f28bd11 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,7 @@
 kodi (2:17.0+dfsg1-2) UNRELEASED; urgency=medium
 
-  * 
+  * Apply patches to additional tarballs using quilt series file
+(Closes: #854463)
 
  -- Balint Reczey   Wed, 08 Feb 2017 13:33:33 +0100
 

Processed: Bug#854463 marked as pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 854463 pending
Bug #854463 [src:kodi] FTBFS without user input with a controlling TTY
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
854463: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854463
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#850743: marked as done (syslog-ng: tls cert check segfault)

[Debian Bug Tracking System]

Your message dated Wed, 08 Feb 2017 20:49:15 +
with message-id 
and subject line Bug#850743: fixed in syslog-ng 3.8.1-10
has caused the Debian Bug report #850743,
regarding syslog-ng: tls cert check segfault
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
850743: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850743
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: syslog-ng
Version: 3.8.1-9
Severity: normal
Tags: upstream

See https://github.com/balabit/syslog-ng/issues/1310

syslog-ng segfaults on TLS certificate verification. the bug is not present in 
3.7.3

#0  CRYPTO_get_ex_data (ad=0x1d0, idx=idx@entry=0) at crypto/ex_data.c:377
#1  0x75b4ef2c in SSL_get_ex_data (s=, idx=idx@entry=0) 
at ssl/ssl_lib.c:3527
#2  0x77b7cb54 in tls_session_verify_callback (ok=0, 
ctx=0x7fffec00aba0) at ../../lib/tlscontext.c:182
#3  0x7585d874 in verify_cb_cert (err=, depth=, x=, ctx=) at crypto/x509/x509_vfy.c:162
#4  build_chain (ctx=) at crypto/x509/x509_vfy.c:3209
#5  verify_chain (ctx=0x7fffec00aba0) at crypto/x509/x509_vfy.c:219
#6  0x7585dc10 in X509_verify_cert (ctx=ctx@entry=0x7fffec00aba0) at 
crypto/x509/x509_vfy.c:293
#7  0x75b460c8 in ssl_verify_cert_chain (s=s@entry=0x55792240, 
sk=sk@entry=0x7fffec005170) at ssl/ssl_cert.c:439
#8  0x75b586bb in tls_process_server_certificate (s=0x55792240, 
pkt=0x72ea58a0) at ssl/statem/statem_clnt.c:1226
#9  0x75b55f1f in read_state_machine (s=0x55792240) at 
ssl/statem/statem.c:589
#10 state_machine (s=0x55792240, server=0) at ssl/statem/statem.c:385
#11 0x75b3c2fa in ssl3_write_bytes (s=0x55792240, type=23, 
buf_=0x557bdf00, len=50) at ssl/record/rec_layer_s3.c:374
#12 0x75b4c889 in SSL_write (s=, buf=, 
num=) at ssl/ssl_lib.c:1605
#13 0x77b7d6ea in log_transport_tls_write_method (s=0x55790070, 
buf=, buflen=) at 
../../lib/transport/transport-tls.c:102
#14 0x77b88def in log_transport_write (count=50, buf=, 
self=) at ../../lib/transport/logtransport.h:45
#15 log_proto_text_client_flush (s=0x5578f780) at 
../../lib/logproto/logproto-text-client.c:54
#16 0x77b716a7 in log_proto_client_flush (s=) at 
../../lib/logproto/logproto-client.h:110
#17 log_writer_flush_finalize (self=0x557bdaa0) at 
../../lib/logwriter.c:1083
#18 log_writer_flush (self=0x557bdaa0, flush_mode=LW_FLUSH_NORMAL) at 
../../lib/logwriter.c:1212
#19 0x77b716fa in log_writer_work_perform (s=0x557bdaa0) at 
../../lib/logwriter.c:185
#20 0x77b732dd in _work (self=) at 
../../lib/mainloop-io-worker.c:52
#21 0x76579ea7 in ?? () from /usr/lib/x86_64-linux-gnu/libivykis.so.0
#22 0x765791a3 in ?? () from /usr/lib/x86_64-linux-gnu/libivykis.so.0
#23 0x7657bb54 in iv_main () from 
/usr/lib/x86_64-linux-gnu/libivykis.so.0
#24 0x76579cd3 in ?? () from /usr/lib/x86_64-linux-gnu/libivykis.so.0
#25 0x7657c687 in ?? () from /usr/lib/x86_64-linux-gnu/libivykis.so.0
#26 0x763600a4 in start_thread () from 
/lib/x86_64-linux-gnu/libpthread.so.0
#27 0x7609562d in clone () from /lib/x86_64-linux-gnu/libc.so.6


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF8, LC_CTYPE=en_US.UTF8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: sysvinit (via /sbin/init)
--- End Message ---
--- Begin Message ---
Source: syslog-ng
Source-Version: 3.8.1-10

We believe that the bug you reported is fixed in the latest version of
syslog-ng, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 850...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS)  (supplier of updated syslog-ng 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 05 Feb 2017 08:34:41 +
Source: syslog-ng
Binary: syslog-ng syslog-ng-dbg syslog-ng-dev syslog-ng-core 

Bug#854468: lprng: diff for NMU version 3.8.B-2.1

[Craig Small]

On Thu, 9 Feb 2017, 7:42 AM Sebastian Andrzej Siewior
 wrote:

>
> You are the maintainer (assuming you are also behind csm...@debian.org
> which matches your footer). If you want me to reschedule it to /0 (as
> in "upload now") I can do so. If you want to do the same upload
> yourself, feel free.
>

I'm the same. Yes reschedule it to /0. I think some people are depending on
it.

 - Craig

>
> > - Craig
>
> Sebastian
>
-- 
Craig Small (@smallsees)   http://dropbear.xyz/ csmall at : enc.com.au
Debian GNU/Linux   http://www.debian.org/   csmall at : debian.org
GPG fingerprint:5D2F B320 B825 D939 04D2  0519 3938 F96B DF50 FEA5

Bug#817744: zeroc-icee-java: Removal of debhelper compat 4

[Hans Joachim Desserud]

I came across this issue and noticed that there's a patch in another
bug report which updates compat level as well as other nice things.
Please see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668827
for details.

--
mvh / best regards
Hans Joachim Desserud
http://desserud.org

Bug#854468: lprng: diff for NMU version 3.8.B-2.1

[Sebastian Andrzej Siewior]

On 2017-02-08 20:33:03 [+], Craig Small wrote:
> No need to delay longer. I don't think it is possible to waive the delay
> but if I  could I would. Thanks for your NMU.

You are the maintainer (assuming you are also behind csm...@debian.org
which matches your footer). If you want me to reschedule it to /0 (as
in "upload now") I can do so. If you want to do the same upload
yourself, feel free.

> - Craig

Sebastian

Bug#854616: [pkg-gnupg-maint] Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[NIIBE Yutaka]

Hello,

Thank you for reporting in detail.

Antoine Beaupre  wrote:
> In Bug#854005, I have described a distinct issue I have experience
> with my Yubikey since the upgrade of the GnuPG suite from 2.1.17 to
> 2.1.18, and in the case of pcscd, from 1.8.19-1 to 1.8.20-1.
[...]
> anything i can do to improve debugging here? note that I don't *need*
> pcscd at all. i don't actually know what it is or what it's for. just
> want this yubikey to work reliably. :)

While I don't know about pcscd crash, I explain how to use card reader /
token with internal ccid driver of GnuPG.

You need a configuration file to allow USB access by user, when you use
internal ccid driver of GnuPG.

Please create a file /etc/udev/rules.d/yubikey-neo-otp-ccid.rules
with the content of:

 /etc/udev/rules.d/yubikey-neo-otp-ccid.rules
ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0111", MODE="664", GROUP="plugdev"


And please add yourself as a group member of "plugdev".

In my case, I have this line in /etc/group:

plugdev:x:46:gniibe

If this works, the udev line should be included into scdaemon package in
future, so that each user doesn't need to configure.
-- 

Processed: lprng: diff for NMU version 3.8.B-2.1

[Debian Bug Tracking System]

Processing control commands:

> tags 854468 + patch
Bug #854468 [src:lprng] lprng silently loses authentication support when 
compiled with OpenSSL 1.1
Ignoring request to alter tags of bug #854468 to the same tags previously set
> tags 854468 + pending
Bug #854468 [src:lprng] lprng silently loses authentication support when 
compiled with OpenSSL 1.1
Added tag(s) pending.

-- 
854468: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854468
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854468: lprng: diff for NMU version 3.8.B-2.1

[Sebastian Andrzej Siewior]

Control: tags 854468 + patch
Control: tags 854468 + pending

Dear maintainer,

I've prepared an NMU for lprng (versioned as 3.8.B-2.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.

Regards.
Sebastian
diff -Nru lprng-3.8.B/debian/changelog lprng-3.8.B/debian/changelog
--- lprng-3.8.B/debian/changelog	2012-06-11 10:07:15.0 +0200
+++ lprng-3.8.B/debian/changelog	2017-02-08 21:20:30.0 +0100
@@ -1,3 +1,11 @@
+lprng (3.8.B-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Don't lose authentication support when compiled with OpenSSL 1.1, patch by
+Reiner Herrmann  (Closes: #854468).
+
+ -- Sebastian Andrzej Siewior   Wed, 08 Feb 2017 21:20:30 +0100
+
 lprng (3.8.B-2) unstable; urgency=low
 
   * Compilies on hurd-i386 Closes: #671848
diff -Nru lprng-3.8.B/debian/patches/openssl_1.1.patch lprng-3.8.B/debian/patches/openssl_1.1.patch
--- lprng-3.8.B/debian/patches/openssl_1.1.patch	1970-01-01 01:00:00.0 +0100
+++ lprng-3.8.B/debian/patches/openssl_1.1.patch	2017-02-08 21:19:17.0 +0100
@@ -0,0 +1,27 @@
+--- a/configure.ac
 b/configure.ac
+@@ -1008,7 +1008,7 @@
+ 			SSL_LDADD="-L$dir $SSL_LDADD"
+ 		fi
+ 		LDFLAGS="$LDFLAGS $SSL_LDADD"
+-		AC_TRY_LINK_FUNC(SSL_load_error_strings,ac_linked_libssl="true",
++		AC_TRY_LINK_FUNC(OPENSSL_init_ssl,ac_linked_libssl="true",
+ 			ac_linked_libssl="false");
+ 		AC_TRY_LINK_FUNC(RC4_set_key,ac_linked_libcrypto="true",
+ 			ac_linked_libcrypto="false");
+--- a/configure
 b/configure
+@@ -10408,11 +10408,11 @@
+ #ifdef __cplusplus
+ extern "C"
+ #endif
+-char SSL_load_error_strings ();
++char OPENSSL_init_ssl ();
+ int
+ main ()
+ {
+-return SSL_load_error_strings ();
++return OPENSSL_init_ssl ();
+   ;
+   return 0;
+ }
diff -Nru lprng-3.8.B/debian/patches/series lprng-3.8.B/debian/patches/series
--- lprng-3.8.B/debian/patches/series	2012-06-11 08:49:05.0 +0200
+++ lprng-3.8.B/debian/patches/series	2017-02-08 21:19:17.0 +0100
@@ -1,3 +1,4 @@
 lpd_conf_manwarnings
 portable_maxpathlen
 string_literals
+openssl_1.1.patch

Processed: netsurf: diff for NMU version 3.6-3.1

[Debian Bug Tracking System]

Processing control commands:

> tags 846908 + patch
Bug #846908 [src:netsurf] netsurf: crashes on many websites
Bug #854257 [src:netsurf] netsurf must use OpenSSL 1.0.2 in stretch
Added tag(s) patch.
Added tag(s) patch.
> tags 846908 + pending
Bug #846908 [src:netsurf] netsurf: crashes on many websites
Bug #854257 [src:netsurf] netsurf must use OpenSSL 1.0.2 in stretch
Added tag(s) pending.
Added tag(s) pending.

-- 
846908: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846908
854257: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854257
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#846908: netsurf: diff for NMU version 3.6-3.1

[Sebastian Andrzej Siewior]

Control: tags 846908 + patch
Control: tags 846908 + pending

Dear maintainer,

I've prepared an NMU for netsurf (versioned as 3.6-3.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards.
diff -Nru netsurf-3.6/debian/changelog netsurf-3.6/debian/changelog
--- netsurf-3.6/debian/changelog	2016-11-27 15:54:31.0 +0100
+++ netsurf-3.6/debian/changelog	2017-02-08 21:10:34.0 +0100
@@ -1,3 +1,10 @@
+netsurf (3.6-3.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Depend on libssl1.0-dev for Stretch due to curl (Closes: #846908).
+
+ -- Sebastian Andrzej Siewior   Wed, 08 Feb 2017 21:10:34 +0100
+
 netsurf (3.6-3) unstable; urgency=medium
 
   * Apply upstream patch fixing nsgenbind on BE architectures
diff -Nru netsurf-3.6/debian/control netsurf-3.6/debian/control
--- netsurf-3.6/debian/control	2016-11-27 15:54:31.0 +0100
+++ netsurf-3.6/debian/control	2017-02-08 21:08:27.0 +0100
@@ -3,7 +3,7 @@
 Priority: extra
 Maintainer: Vincent Sanders 
 Uploaders: Daniel Silverstone 
-Build-Depends: debhelper (>= 9~), libcurl3-dev, libpng-dev, libgtk2.0-dev, flex, bison, libhtml-parser-perl, librsvg2-dev, libjpeg-dev, imagemagick, libfreetype6-dev, libvncserver-dev, libsdl1.2-dev, libxcb1-dev, libxcb-icccm4-dev, libxcb-image0-dev, libxcb-keysyms1-dev, libxcb-util0-dev, libssl-dev, gperf
+Build-Depends: debhelper (>= 9~), libcurl3-dev, libpng-dev, libgtk2.0-dev, flex, bison, libhtml-parser-perl, librsvg2-dev, libjpeg-dev, imagemagick, libfreetype6-dev, libvncserver-dev, libsdl1.2-dev, libxcb1-dev, libxcb-icccm4-dev, libxcb-image0-dev, libxcb-keysyms1-dev, libxcb-util0-dev, libssl1.0-dev | libssl-dev (<< 1.1), gperf
 Standards-Version: 3.9.8
 Homepage: http://www.netsurf-browser.org
 Vcs-Browser: http://source.netsurf-browser.org/packaging/debian.git/

Bug#854616: [pkg-gnupg-maint] Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[Daniel Kahn Gillmor]

Control: tags 854616 + moreinfo

Hi Anarcat--

thanks for all this documentation on #854616.  I'd like to try to
differentiate this report from #854005.

#854005 is about problems with smartcards more generally.

The new bug, #845616, should be focused specifically on the use case
where pcscd is *not* involved (not even installed on the system), and
disable-ccid is *not* set in scdaemon.conf.

On Wed 2017-02-08 12:35:36 -0500, Antoine Beaupre wrote:

> [1004]anarcat@curie:~$ LANG=C gpg --card-status
> gpg: selecting openpgp failed: No such device
> gpg: OpenPGP card not available: No such device
[…]
> the scdaemon debug logs show this:
>
> 2017-02-08 12:24:58 scdaemon[27971] listening on socket 
> '/run/user/1000/gnupg/S.scdaemon'
> 2017-02-08 12:24:58 scdaemon[27971] handler for fd -1 started
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 -> OK GNU Privacy Guard's 
> Smartcard server ready
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 <- GETINFO socket_name
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 -> D 
> /run/user/1000/gnupg/S.scdaemon
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 -> OK
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 <- OPTION event-signal=12
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 -> OK
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 <- GETINFO version
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 -> D 2.1.18
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 -> OK
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 <- SERIALNO openpgp
> 2017-02-08 12:24:58 scdaemon[27971] DBG: apdu_open_reader: BAI=11201
> 2017-02-08 12:24:58 scdaemon[27971] DBG: apdu_open_reader: new device=11201
> 2017-02-08 12:24:58 scdaemon[27971] ccid open error: skip
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 -> ERR 100696144 Aucun 
> périphérique de ce type 
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 <- RESTART
> 2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 -> OK

Can you confirm that:

 * disable-ccid is *not* set in scdaemon.conf
 * pcscd is purged
 * the same problem is present on 2.1.18-4 ?


Thanks,

--dkg


signature.asc
Description: PGP signature

Processed: Re: [pkg-gnupg-maint] Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[Debian Bug Tracking System]

Processing control commands:

> tags 854616 + moreinfo
Bug #854616 [scdaemon] scdaemon cannot access yubikey using ccid driver without 
pcscd
Added tag(s) moreinfo.

-- 
854616: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854616
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Looks pretty RC to me

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 771187 grave
Bug #771187 [primesense-nite-nonfree] primesense-nite-nonfree: Package broken 
because openni.org is gone
Severity set to 'grave' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
771187: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771187
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Merge duplicates

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 854596 src:fontmatrix
Bug #854596 [fontmatrix] fontmatrix: uninstallable -at least under stretch, 
fontmatrix : Dépend: libicu52 (>= 52~m1-1~) which is a virtual package and is 
not provided by any available package
Bug reassigned from package 'fontmatrix' to 'src:fontmatrix'.
No longer marked as found in versions fontmatrix/0.6.0+svn20110930-1.1.
Ignoring request to alter fixed versions of bug #854596 to the same values 
previously set
> forcemerge 799311 854596
Bug #799311 [src:fontmatrix] fontmatrix: FTBFS: error: invalid new-expression 
of abstract class type 'IcuFontImpl'
Bug #854596 [src:fontmatrix] fontmatrix: uninstallable -at least under stretch, 
fontmatrix : Dépend: libicu52 (>= 52~m1-1~) which is a virtual package and is 
not provided by any available package
Severity set to 'serious' from 'grave'
Marked as found in versions fontmatrix/0.6.0+svn20110930-1.1.
Added tag(s) sid.
Bug #799311 [src:fontmatrix] fontmatrix: FTBFS: error: invalid new-expression 
of abstract class type 'IcuFontImpl'
Added tag(s) upstream.
Merged 799311 854596
> affects 799311 fontmatrix
Bug #799311 [src:fontmatrix] fontmatrix: FTBFS: error: invalid new-expression 
of abstract class type 'IcuFontImpl'
Bug #854596 [src:fontmatrix] fontmatrix: uninstallable -at least under stretch, 
fontmatrix : Dépend: libicu52 (>= 52~m1-1~) which is a virtual package and is 
not provided by any available package
Added indication that 799311 affects fontmatrix
Added indication that 854596 affects fontmatrix
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
799311: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799311
854596: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854596
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854470: marked as done (weex silently loses FTPS support when compiled with OpenSSL 1.1)

[Debian Bug Tracking System]

Your message dated Wed, 08 Feb 2017 19:18:30 +
with message-id 
and subject line Bug#854470: fixed in weex 2.8.3
has caused the Debian Bug report #854470,
regarding weex silently loses FTPS support when compiled with OpenSSL 1.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
854470: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854470
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: weex
Version: 2.8.2
Severity: serious
Control: block 827061 by -1

https://buildd.debian.org/status/package.php?p=weex

...
checking for CRYPTO_new_ex_data in -lcrypto... yes
checking for SSL_library_init in -lssl... no
...
--- End Message ---
--- Begin Message ---
Source: weex
Source-Version: 2.8.3

We believe that the bug you reported is fixed in the latest version of
weex, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 854...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ludovic Drolez  (supplier of updated weex package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Format: 1.8
Date: Wed, 08 Feb 2017 15:01:12 +0100
Source: weex
Binary: weex
Architecture: source amd64
Version: 2.8.3
Distribution: unstable
Urgency: medium
Maintainer: Ludovic Drolez 
Changed-By: Ludovic Drolez 
Description:
 weex   - Non-interactive FTP and FTPS client for updating web pages
Closes: 854470
Changes:
 weex (2.8.3) unstable; urgency=medium
 .
   * Fixed a compile bug with silently disable SSL support
 Closes: #854470
Checksums-Sha1:
 725d35e45f86354055a7b2bf15a7325645ccbfe0 1050 weex_2.8.3.dsc
 77dfb3505b0cd12b2d098587d442034c78a05b2e 319900 weex_2.8.3.tar.gz
 a5392b99cecb55e04b049e7311f0ad8b5862cb7d 83070 weex-dbgsym_2.8.3_amd64.deb
 128a6b57d3acef39c66cb4e38e0e422c44b791e4 4742 weex_2.8.3_amd64.buildinfo
 b66d623f30aae018c9a02ce2459a2728de193605 86290 weex_2.8.3_amd64.deb
Checksums-Sha256:
 de6fb1ce4fd25d482e765b138d2084153ad2a4078b4631d14aa29a0f4bc1689b 1050 
weex_2.8.3.dsc
 72a586ab471ad9c82f7529ae17684e257539f219a75c198a12aa832870e11603 319900 
weex_2.8.3.tar.gz
 fd604a2b0ca30dc6f8bdbb6e90fe6e9e73f30b92d93002aa622578a9fd555496 83070 
weex-dbgsym_2.8.3_amd64.deb
 007e448599c5c4d0cadd5ac2893a947ebec4da6072c1b2644fddb366300b7ed9 4742 
weex_2.8.3_amd64.buildinfo
 df1fca95905e01d6af0c6851b903f5866f00df057fa83557c506f06ac1d6087c 86290 
weex_2.8.3_amd64.deb
Files:
 850b2dd85d6b25f7311c6df06530fc3b 1050 net optional weex_2.8.3.dsc
 f39058321854ebfe01594cc7431ddeec 319900 net optional weex_2.8.3.tar.gz
 26b36df536cf1b49bc650f54da0dc3fd 83070 debug extra weex-dbgsym_2.8.3_amd64.deb
 ec5e4250397703b768e839177ad48fee 4742 net optional weex_2.8.3_amd64.buildinfo
 7f21c91211b58e81559ef248467e5b08 86290 net optional weex_2.8.3_amd64.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEcBAEBAgAGBQJYm2nfAAoJEIt1KBJH+cF8LYMH/1BGifqfY+omyKWN6eaz6qV7
rOe9sSZE1nYFDfJCu+WrAmBhRw3eB8a1B5FLxWKDTctCTH+mSjW5jcxPBQmN/nBl
w+nhecDRkAHz69E9l1l86OAjIFgZNFxBEMnvr5SgQD6ZTqBmIHhIr3a9sJqH91D7
f76/p+bs3fNcYh7LPNzRoAlaXhoQNYuRkAVu3LoWBsZ8bh+YW/Qt+PHq3lnOAbYi
Op63eyGLtueHs5J1fs8wSlsbPG2Ov8hOZkZ7Bddjmj6zDQ9wt+0zQtzowUWBuPqt
kwQklWlsYE+2ralqlpdtdirvsC1swNSUd/y5KAS8mKb7BbLcuNUvGvmQmcQXcX0=
=DbxQ
-END PGP SIGNATURE End Message ---

Processed: Merge duplicates

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 846908 src:netsurf
Bug #846908 [netsurf] netsurf: crashes on many websites
Bug reassigned from package 'netsurf' to 'src:netsurf'.
No longer marked as found in versions netsurf/3.6-3.
Ignoring request to alter fixed versions of bug #846908 to the same values 
previously set
> forcemerge 854257 846908
Bug #854257 [src:netsurf] netsurf must use OpenSSL 1.0.2 in stretch
Bug #846908 [src:netsurf] netsurf: crashes on many websites
Severity set to 'serious' from 'grave'
827061 was blocked by: 828250 828379 828083 827068 828542 844018 828294 828330 
828588 828269 844664 828434 828574 828476 828532 828548 828459 828618 828323 
828321 828324 843532 828291 828278 828309 828340 828301 828338 828558 835796 
828363 828370 828571 828474 828378 828480 828612 828507 828396 841635 828416 
828491 828602 828356 828494 835585 828463 828552 828443 828282 828310 828298 
828439 828519 854470 828290 844345 828361 828349 828387 845030 828424 828246 
844945 828302 828620 828344 828331 828430 828248 828354 828272 828374 828595 
828228 828504 828285 828579 828601 828350 828562 828306 828365 828524 828372 
828594 828553 828464 828415 828431 828263 828352 828517 828453 828611 828270 
828232 828305 828317 828529 828311 828527 828397 828608 850881 844213 843682 
828568 828407 844909 828292 828355 828318 828512 828583 828465 828358 828613 
828244 828287 828510 835804 828591 844904 828495 828411 828515 828514 828442 
828593 828265 828347 828438 828320 808669 828427 828400 828231 828603 844833 
828448 828509 828082 828409 828300 828334 828528 835789 828501 828307 854253 
828538 837960 828559 828462 828293 828435 828489 828237 828607 828404 828484 
828364 844347 835811 828604 828362 828543 828581 828274 828526 828590 828447 
828230 836419 828242 828419 828382 828241 829465 828599 828619 828259 828569 
844949 828383 844928 828549 828466 828328 828570 828139 828414 828525 844800 
828502 843871 828490 828511 828586 828492 828452 828535 828257 828377 844870 
828550 828410 828503 828428 828468 828500 828275 828485 828609 828456 828546 
828313 828600 828315 828518 828497 844926 828566 828325 828422 828283 844503 
828573 835800 828343 814600 828467 828322 828359 846769 828412 854468 845016 
828547 828376 828229 828516 828606 828319 828426 828432 844254 828403 828405 
850882 828615 828380 835790 828539 828567 828369 828252 828260 828576 828381 
828360 828614 828384 828255 828262 828402 828251 828493 850880 828534 828585 
828444 828406 828233 828234 828473 828286 835794 828436 828127 835799 828580 
828544 844663 829452 828575 828496 828563 828304 828368 828472 844838 828578 
828277 828540 828589 828389 828254 828531 828433 846113 828582 828390 828450 
828289 828258 844936 828577 835786 844951 828276 828333 828551 844836 844845 
844916 844234 828268 828461 843988 828391 828508 828303 828446 844907 828616 
828454 835798 828235 828348 828482 828371 828505 828421 828469 828487 828239 
828271 828253 844975 844947 828598 850883 844948 828238 828336 844877 844906 
828420 844931 828281 828335 845106 828523 844366 828339 844815 828418 828295 
828366 845729 828375 828423 828530 828284 828564 828617 844920 828308 828445 
828351 828541 828337 828345 828429 828479 828342 828458 828457 828499 835549 
828279 809271 828297 828437 828243 844271 828521 828417 828398 828555 844706 
835785 828470 828587 828478 828537 822380 828506 828584 828545 828401 828314 
828460 828399 828395 844534 828533 828605 828256 828388 828357 828288 828610 
828249 828565 828326 828536 828346 828394 828554 828261 844311 828440 828488 
828385 828592 844301 828296 828264 828367 828267 835793 828455 828597 828341 
828280 828386 835797 828561 828596 828393 843852 828392 828316 828373 854257 
828240 828556
827061 was not blocking any bugs.
Added blocking bug(s) of 827061: 846908
Marked as found in versions netsurf/3.6-3.
Merged 846908 854257
> affects 846908 netsurf-fb netsurf-gtk
Bug #846908 [src:netsurf] netsurf: crashes on many websites
Bug #854257 [src:netsurf] netsurf must use OpenSSL 1.0.2 in stretch
Added indication that 846908 affects netsurf-fb and netsurf-gtk
Added indication that 854257 affects netsurf-fb and netsurf-gtk
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
827061: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827061
846908: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846908
854257: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854257
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#847277: lava-server: fails to upgrade from jessie to stretch

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> retitle 847277 django migrations in jessie require django from 
> jessie-backports to upgrade to stretch
Bug #847277 [lava-server] lava-server: fails to upgrade from jessie to stretch: 
InconsistentMigrationHistory: Migration lava_scheduler_app.0001_initial is 
applied before its dependency linaro_django_xmlrpc.0001_initial on database 
'default'
Changed Bug title to 'django migrations in jessie require django from 
jessie-backports to upgrade to stretch' from 'lava-server: fails to upgrade 
from jessie to stretch: InconsistentMigrationHistory: Migration 
lava_scheduler_app.0001_initial is applied before its dependency 
linaro_django_xmlrpc.0001_initial on database 'default''.
> severity 847277 normal
Bug #847277 [lava-server] django migrations in jessie require django from 
jessie-backports to upgrade to stretch
Severity set to 'normal' from 'serious'
> affects 847277 python-django
Bug #847277 [lava-server] django migrations in jessie require django from 
jessie-backports to upgrade to stretch
Added indication that 847277 affects python-django
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
847277: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847277
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#847277: lava-server: fails to upgrade from jessie to stretch

[Neil Williams]

retitle 847277 django migrations in jessie require django from jessie-backports 
to upgrade to stretch
severity 847277 normal
affects 847277 python-django
thanks

On Wed, 08 Feb 2017 14:48:21 +0100
Andreas Beckmann  wrote:

> Followup-For: Bug #847277
> Control: found -1 2016.12-1
> Control: tag -1 - unreproducible
> Control: severity -1 serious

The flow needs to go via jessie-backports, just like any django project
in jessie as the database migrations from jessie cannot be handled by
django1.10 without going via the LTS release, django1.8. The bug, if
any, is in django1.7 which does not (cannot) know how to handle
database migrations the way that django1.8 (and subsequent releases)
need to handle migrations. However, that change can't be backported to
jessie except by using the new flow from 1.8 which breaks all other
packages using django in jessie.

On a real instance, the postgres cluster would also need to be migrated.

If piuparts cannot handle such upgrades, that must be a bug in piuparts.

We test this regularly, albeit to the newer version in our staging repo
rather than the version in stretch. 

https://staging.validation.linaro.org/scheduler/job/162057/definition#defline59

# on jessie, with backports enabled:
DEBIAN_FRONTEND=noninteractive apt-get -y install lava-dispatcher lava-server

apt -q -y -t jessie-backports install python-django-kvstore python-django 
python-django-tables2 lava-server
# now proceed with the upgrade.
DEBIAN_FRONTEND=noninteractive apt -y upgrade
DEBIAN_FRONTEND=noninteractive apt -y dist-upgrade

(alternatively, admins can just install python-django
python-django-tables2 from jessie-backports and run `lava-server
managedb migrate` manually.)

There's nothing wrong AFAICT with requiring a step via jessie-backports.

There is also nothing LAVA can do about this, it's a django issue which
cannot be fixed in jessie as there are other packages in jessie which
are not compatible with django1.8 LTS (including the version of LAVA in
jessie).

https://staging.validation.linaro.org/scheduler/job/163429
https://staging.validation.linaro.org/scheduler/job/163429/definition#defline59

Users are already aware of this:
https://lists.linaro.org/pipermail/lava-announce/2016-June/10.html

> Control: retitle -1 lava-server: fails to upgrade from jessie to
> stretch: InconsistentMigrationHistory: Migration
> lava_scheduler_app.0001_initial is applied before its dependency
> linaro_django_xmlrpc.0001_initial on database 'default'
> 
> The problem is also reproducible on a plain jessie->stretch upgrade:

The problem would only apply on a jessie-> stretch upgrade without
upgrading django using jessie-backports.

> 
> https://piuparts.debian.org/jessie2stretch/fail/lava-server_2016.12-1.log
> 
> [...]
>   Setting up lava-server (2016.12-1) ...
>   Installing new version of config
> file /etc/apache2/sites-available/lava-server.conf ... Installing new
> version of config file /etc/init.d/lava-server ... Installing new
> version of config file /etc/lava-server/settings.conf ... lavaserver
>lavaserver
>devel
>devel
>   System check identified some issues:
>   
>   WARNINGS:
>   va_scheduler_app.Notification.job_status_trigger: (fields.W901)
> CommaSeparatedIntegerField has been deprecated. Support for it
> (except in historical migrations) will be removed in Django 2.0.
> HINT: Use
> CharField(validators=[validate_comma_separated_integer_ceback (most
> recent call last): File "/usr/bin/lava-server", line 78, in 
> main() File "/usr/bin/lava-server", line 74, in main
> execute_from_command_line(django_options) File
> "/usr/lib/python2.7/dist-packages/django/core/management/__init__.py",
> line 367, in execute_from_command_line utility.execute() File
> "/usr/lib/python2.7/dist-packages/django/core/management/__init__.py",
> line 359, in execute
> self.fetch_command(subcommand).run_from_argv(self.argv) File
> "/usr/lib/python2.7/dist-packages/django/core/management/base.py",
> line 294, in run_from_argv self.execute(*args, **cmd_options) File
> "/usr/lib/python2.7/dist-packages/django/core/management/base.py",
> line 345, in execute output = self.handle(*args, **options) File
> "/usr/lib/python2.7/dist-packages/django/core/management/commands/migrate.py",
> line 86, in handle
> executor.loader.check_consistent_history(connection) File
> "/usr/lib/python2.7/dist-packages/django/db/migrations/loader.py",
> line 292, in check_consistent_history connection.alias,
> django.db.migrations.exceptions.InconsistentMigrationHistory:
> Migration lava_scheduler_app.0001_initial is applied before its
> dependency linaro_django_xmlrpc.0001_initial on database 'default'.
> dpkg: error processing package lava-server (--configure): subprocess
> installed post-installation script returned error exit status 1
> Processing triggers for python-support (1.0.15) ... Processing
> triggers for libc-bin (2.24-8) ... Processing triggers for systemd
> (232-14) ... Processing triggers for 

Bug#854535: marked as done (uwsgi: dpkg-buildpackage fails due to open with O_TMPFILE)

[Debian Bug Tracking System]

Your message dated Wed, 08 Feb 2017 20:00:26 +0100
with message-id <148658042659.2725.1128195699561...@auryn.jones.dk>
and subject line Re: [pkg-uWSGI-devel] Bug#854535: uwsgi: dpkg-buildpackage 
fails due to open with O_TMPFILE
has caused the Debian Bug report #854535,
regarding uwsgi: dpkg-buildpackage fails due to open with O_TMPFILE
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
854535: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854535
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: uwsgi
Version: 2.0.7-1
Severity: serious
Tags: patch
Justification: fails to build from source (but built successfully in the past)

Dear Maintainer,

When I run dpkg-buildpackage for uwsgi, it fails with the following error.

 $ sudo apt-get source uwsgi
 $ cd uwsgi-2.0.7
 $ sudo dpkg-buildpackage -us -uc
...
...
...
"08 February 2017 13:16:43\"" -o core/sendfile.o core/sendfile.c
In file included from /usr/include/fcntl.h:289:0,
 from /usr/include/x86_64-linux-gnu/sys/file.h:24,
 from ./uwsgi.h:265,
 from core/utils.c:1:
In function ‘open’,
inlined from ‘uwsgi_tmpfd’ at core/utils.c:3501:5:
/usr/include/x86_64-linux-gnu/bits/fcntl2.h:50:4: error: call to 
‘__open_missing_mode’ declared with attribute error: open with O_CREAT or 
O_TMPFILE in second argument needs 3 arguments
__open_missing_mode ();
^

This error is caused by updated libc6.
The changelog in libc6(2.19-18+deb8u6) says as follows.

- Fix open and openat functions with O_TMPFILE.  Closes: #832521.

I found a fix to this issue in upstream.

https://github.com/unbit/uwsgi/commit/f6e5db93d8344d7f09ee5304394136d6f5cd7a38

Thank you and Best Regards,

-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages uwsgi depends on:
ii  initscripts  2.88dsf-59
ii  lsb-base 4.1+Debian13+nmu1
ii  uwsgi-core   2.0.7-1

uwsgi recommends no packages.

uwsgi suggests no packages.

-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 2.0.10-1

Quoting Masahiro Yamada (2017-02-08 06:05:50)
> When I run dpkg-buildpackage for uwsgi, it fails with the following error.
> 
>  $ sudo apt-get source uwsgi
>  $ cd uwsgi-2.0.7
>  $ sudo dpkg-buildpackage -us -uc
> ...
> ...
> ...
> "08 February 2017 13:16:43\"" -o core/sendfile.o core/sendfile.c
> In file included from /usr/include/fcntl.h:289:0,
>  from /usr/include/x86_64-linux-gnu/sys/file.h:24,
>  from ./uwsgi.h:265,
>  from core/utils.c:1:
> In function ‘open’,
> inlined from ‘uwsgi_tmpfd’ at core/utils.c:3501:5:
> /usr/include/x86_64-linux-gnu/bits/fcntl2.h:50:4: error: call to 
> ‘__open_missing_mode’ declared with attribute error: open with O_CREAT or 
> O_TMPFILE in second argument needs 3 arguments
> __open_missing_mode ();
> ^
> 
> This error is caused by updated libc6.
> The changelog in libc6(2.19-18+deb8u6) says as follows.
> 
> - Fix open and openat functions with O_TMPFILE.  Closes: #832521.
> 
> I found a fix to this issue in upstream.
> 
> https://github.com/unbit/uwsgi/commit/f6e5db93d8344d7f09ee5304394136d6f5cd7a38

Thanks a lot both for reporting this and locating upstream fix for it.

This was fixed in Debian with the release of 2.0.10-1.  Closing 
accordingly.

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private


signature.asc
Description: signature
--- End Message ---

Bug#853772: marked as done (1.8-1 crashes when attempting to download from www.svtplay.se)

[Olof Johansson]

On 17-02-07 20:22 +0100, Gunnar Hjalmarsson wrote:
> While it's true that the bug has been fixed in sid, it's not fixed in
> stretch, which it probably ought to be. I don't know how updates of stable
> releases are handled in Debian; hopefully you do, Olof.

Hi,

Thanks for the bug report; sorry for not noticing earlier. I
didn't upload the latest upstream release because of the freeze,
so that when a bug report was made, I would be able to backport
the specific fix and let it migrate to testing.

I don't think the release team would accept this to migrate
though, with a minor and a micro bump.

  14 files changed, 200 insertions(+), 126 deletions(-)

Here's the release policy:

  https://release.debian.org/stretch/freeze_policy.html

They accept "targeted fixes for release critical bugs (i.e., bugs
of severity critical, grave, and serious) in all packages;". They
later define a targeted fix as "one with only the minimum
necessary changes to resolve a bug".

> If you are unable to bring your fix through unstable, for
> example because there are unrelated changes already uploaded
> there, the release team can grant you permission to use the
> testing-proposed-updates mechanism.

> Prepare an upload targeting testing-proposed-updates but do not
> upload it, and then contact us through an unblock bug.

The specific fix, I think, would be dac1b66ce42a638255 [1] in
upstream's git repository. We could ask for an unblock through
this mechanism. Unfortunately, I will have a hard time finding
time for this until Sunday, but if you're able to take a look at
this, and prepare a patch based on 1.8 and report the bug, that
would be super helpful, and we can maybe save some time. :)

(Based on the guide in the freeze policy:)
* Prepare a source debdiff between the 1.8 version in testing and
  one with the backported fix
* Make sure that's enough to fix the problem
* Use reportbug to report an unblock bug against the
  release.debian.org meta-package. Attach the source diff. Include
  a detailed justification of the changes and references to bug
  numbers.
* Depending on the queue, there may be some delay before you
  receive further instructions.


Thanks anyway to Mattia Rizzolo for sponsoring the upload in my
absence! But please note that the -submitter email alias does not
go to the maintainer:

>From https://www.debian.org/Bugs/Developer:
> nnn-submit...@bugs.debian.org
> — these are also sent to the submitter and forwarded to
>   debian-bugs-dist, but not to the package maintainer;

-- 
Olof

1: https://github.com/spaam/svtplay-dl/commit/dac1b66ce42a638255

Bug#854487: [Pkg-puppet-devel] Bug#854487: Bug#854487: Bug#854487: Bug#854487: Binary-only package puppet was silently converted into a package shipping and running a service

[Apollon Oikonomopoulos]

On 10:01 Wed 08 Feb , Russ Allbery wrote:
> Apollon Oikonomopoulos  writes:
> 
> > Actually, it is much simpler than that: adding an `update-rc.d defaults
> > puppet && update-rc.d disable puppet` before the debhelper stanzas just
> > works and does the right thing.
> 
> > Given that in either case (service disabled, or agent locked) manual 
> > intervention is required (and desirable), I think it is best to just 
> > disable the service. I'll prepare an upload shortly.
> 
> I had completely forgotten about the logic to disable it by default.  My
> recollection is that this was the result of some discussion about
> disabling the init script and this ended up being better, but I forget the
> history.

I also vaguely recall there was a discussion about this. The changelog 
mentions:

  * Start puppet agent by default, to reflect systemd configuration
* …but disable puppet agent on initial install
* Add dep8 tests for initially disabled puppet agent

So it seems this was done during the systemd transition (also when the 
START= flag was removed from /etc/default/puppet).

> 
> I think restoring the disable logic may be all that's required.

Unfortunately the disable logic is hard to get right at this point: the 
agent lock location will vary depending on whether the local 
administrator has touched /etc/puppet/puppet.conf (which may already be 
present on first installation, especially on pre-seeded systems). I 
think disabling the service is arguably a better solution and it's 
trivial to get right.

Additionally, all the setups I know of use cron for running the puppet 
agent, so these admins will want the service disabled anyway (of course 
this is argumentum ad populum, but it serves as an indication that this 
is not an unreasonable course of action).

> 
> Thank you for looking at this!
> 

Thanks for the feedback!

Regards,
Apollon

Processed: bug 854611 is forwarded to https://bugzilla.gnome.org/show_bug.cgi?id=778355

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forwarded 854611 https://bugzilla.gnome.org/show_bug.cgi?id=778355
Bug #854611 [network-manager] [network-manager] Wireless network interface 
detected as ethernet
Set Bug forwarded-to-address to 
'https://bugzilla.gnome.org/show_bug.cgi?id=778355'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
854611: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854611
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854487: [Pkg-puppet-devel] Bug#854487: Bug#854487: Bug#854487: Bug#854487: Binary-only package puppet was silently converted into a package shipping and running a service

[Russ Allbery]

Apollon Oikonomopoulos  writes:

> Actually, it is much simpler than that: adding an `update-rc.d defaults
> puppet && update-rc.d disable puppet` before the debhelper stanzas just
> works and does the right thing.

> Given that in either case (service disabled, or agent locked) manual 
> intervention is required (and desirable), I think it is best to just 
> disable the service. I'll prepare an upload shortly.

I had completely forgotten about the logic to disable it by default.  My
recollection is that this was the result of some discussion about
disabling the init script and this ended up being better, but I forget the
history.

I think restoring the disable logic may be all that's required.

Thank you for looking at this!

-- 
Russ Allbery (r...@debian.org)   

Bug#854611: [Pkg-utopia-maintainers] Bug#854611: Bug#854611: [network-manager] Wireless network interface detected as ethernet

[David Mirza Ahmad]

Sure, bug #778355.

https://bugzilla.gnome.org/show_bug.cgi?id=778355


Michael Biebl:
> Am 08.02.2017 um 18:37 schrieb David Mirza Ahmad:
>>
>>
>> $ udevadm info --path=/sys/class/net/wlp2s0
>> P: /devices/pci:00/:00:1c.3/:02:00.0/net/wlp2s0
>> E: DEVPATH=/devices/pci:00/:00:1c.3/:02:00.0/net/wlp2s0
>> E: DEVTYPE=wlan
>> E: ID_BUS=pci
>> E: ID_MODEL_FROM_DATABASE=Wireless 7265 (Dual Band Wireless-AC 7265)
>> E: ID_MODEL_ID=0x095a
>> E: ID_NET_DRIVER=iwlwifi
>> E: ID_NET_LINK_FILE=/lib/systemd/network/99-default.link
>> E: ID_NET_NAME=wlp2s0
>> E: ID_NET_NAME_MAC=wlxSCRUBBED
>> E: ID_NET_NAME_PATH=wlp2s0
>> E: ID_OUI_FROM_DATABASE=Intel Corporate
>> E: ID_PATH=pci-:02:00.0
>> E: ID_PATH_TAG=pci-_02_00_0
>> E: ID_PCI_CLASS_FROM_DATABASE=Network controller
>> E: ID_PCI_SUBCLASS_FROM_DATABASE=Network controller
>> E: ID_VENDOR_FROM_DATABASE=Intel Corporation
>> E: ID_VENDOR_ID=0x8086
>> E: IFINDEX=2
>> E: INTERFACE=wlp2s0
>> E: SUBSYSTEM=net
>> E: SYSTEMD_ALIAS=/sys/subsystem/net/devices/wlp2s0
>> /sys/subsystem/net/devices/wlp2s0
>> E: TAGS=:systemd:
>> E: USEC_INITIALIZED=23368270
>>
> 
> Ok, that looks fine.
> 
> Would you mind filing this issue upstream at [1] and report back with
> the bug number?
> 
> Thanks,
> Michael
> 
> [1] https://bugzilla.gnome.org/enter_bug.cgi?product=NetworkManager
> 

-- 
David Mirza Ahmad
https://subgraph.com
78A1 CCFD 1C60 4BA7 5E1C C1F2 42D7 08C0 2520 8C7B

Bug#854611: [Pkg-utopia-maintainers] Bug#854611: Bug#854611: [network-manager] Wireless network interface detected as ethernet

[Michael Biebl]

Am 08.02.2017 um 18:37 schrieb David Mirza Ahmad:
> 
> 
> $ udevadm info --path=/sys/class/net/wlp2s0
> P: /devices/pci:00/:00:1c.3/:02:00.0/net/wlp2s0
> E: DEVPATH=/devices/pci:00/:00:1c.3/:02:00.0/net/wlp2s0
> E: DEVTYPE=wlan
> E: ID_BUS=pci
> E: ID_MODEL_FROM_DATABASE=Wireless 7265 (Dual Band Wireless-AC 7265)
> E: ID_MODEL_ID=0x095a
> E: ID_NET_DRIVER=iwlwifi
> E: ID_NET_LINK_FILE=/lib/systemd/network/99-default.link
> E: ID_NET_NAME=wlp2s0
> E: ID_NET_NAME_MAC=wlxSCRUBBED
> E: ID_NET_NAME_PATH=wlp2s0
> E: ID_OUI_FROM_DATABASE=Intel Corporate
> E: ID_PATH=pci-:02:00.0
> E: ID_PATH_TAG=pci-_02_00_0
> E: ID_PCI_CLASS_FROM_DATABASE=Network controller
> E: ID_PCI_SUBCLASS_FROM_DATABASE=Network controller
> E: ID_VENDOR_FROM_DATABASE=Intel Corporation
> E: ID_VENDOR_ID=0x8086
> E: IFINDEX=2
> E: INTERFACE=wlp2s0
> E: SUBSYSTEM=net
> E: SYSTEMD_ALIAS=/sys/subsystem/net/devices/wlp2s0
> /sys/subsystem/net/devices/wlp2s0
> E: TAGS=:systemd:
> E: USEC_INITIALIZED=23368270
> 

Ok, that looks fine.

Would you mind filing this issue upstream at [1] and report back with
the bug number?

Thanks,
Michael

[1] https://bugzilla.gnome.org/enter_bug.cgi?product=NetworkManager

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#854616: scdaemon cannot access yubikey using ccid driver without pcscd

[Antoine Beaupre]

Package: scdaemon
Version: 2.1.18-3
Severity: grave

In Bug#854005, I have described a distinct issue I have experience
with my Yubikey since the upgrade of the GnuPG suite from 2.1.17 to
2.1.18, and in the case of pcscd, from 1.8.19-1 to 1.8.20-1.

I am not sure what exactly is going on here. What I know is that I was
able to configure my Yubikey to work in Jessie with GnuPG using a
procedure I have documented here:

https://anarc.at/blog/2015-12-14-yubikey-howto/

After installing a new workstation with Debian stretch, things were
still working until the 2.1.18 release.

The symptom is this:

[996]anarcat@curie:~$ LANG=C gpg --card-status
gpg: selecting openpgp failed: No such device
gpg: OpenPGP card not available: No such device

At first, adding "disable-ccid" to scdaemon.conf fixes the issue. But
after a while, the behavior returns.

I have noticed that pcscd is gone when that happens. After advice
received in 854005, I have tried to uninstall pcscd to try and let
scdaemon handle the device. This also fails. Here's a trace of me
purging pcscd, restarting gpg-agent and trying to connect to the card.

[1001]anarcat@curie:~$ sudo apt purge pcscd
Lecture des listes de paquets... Fait
Construction de l'arbre des dépendances   
Lecture des informations d'état... Fait
Le paquet suivant a été installé automatiquement et n'est plus nécessaire :
  libccid
Veuillez utiliser « sudo apt autoremove » pour le supprimer.
Les paquets suivants seront ENLEVÉS :
  pcscd*
0 mis à jour, 0 nouvellement installés, 1 à enlever et 23 non mis à jour.
Après cette opération, 205 ko d'espace disque seront libérés.
Souhaitez-vous continuer ? [O/n] 
(Lecture de la base de données... 291154 fichiers et répertoires déjà 
installés.)
Suppression de pcscd (1.8.20-1) ...
Warning: Stopping pcscd.service, but it can still be activated by:
  pcscd.socket
Traitement des actions différées (« triggers ») pour man-db (2.7.6.1-2) ...
(Lecture de la base de données... 291142 fichiers et répertoires déjà 
installés.)
Purge des fichiers de configuration de pcscd (1.8.20-1) ...
Traitement des actions différées (« triggers ») pour systemd (232-15) ...
[master ab8bc2d] committing changes in /etc after apt run
 Author: Antoine Beaupré 
 10 files changed, 155 deletions(-)
 delete mode 100755 init.d/pcscd
 delete mode 12 rc0.d/K01pcscd
 delete mode 12 rc1.d/K01pcscd
 delete mode 12 rc2.d/S01pcscd
 delete mode 12 rc3.d/S01pcscd
 delete mode 12 rc4.d/S01pcscd
 delete mode 12 rc5.d/S01pcscd
 delete mode 12 rc6.d/K01pcscd
 delete mode 12 systemd/system/sockets.target.wants/pcscd.socket
[1002]anarcat@curie:~$ systemctl --user stop gpg-agent
Warning: Stopping gpg-agent.service, but it can still be activated by:
  gpg-agent.socket
  gpg-agent-ssh.socket
  gpg-agent-extra.socket
  gpg-agent-browser.socket
[1003]anarcat@curie:~$ ps axf | grep gpg
27310 pts/4S+ 0:00  \_ grep gpg
[1004]anarcat@curie:~$ LANG=C gpg --card-status
gpg: selecting openpgp failed: No such device
gpg: OpenPGP card not available: No such device

Here's the output proving gpg is stopped:

fév 08 12:22:09 curie systemd[1199]: Stopping GnuPG cryptographic agent and 
passphrase cache... 
fév 08 12:22:09 curie systemd[1199]: Stopped GnuPG cryptographic agent and 
passphrase cache. 
fév 08 12:22:09 curie gpg-agent[21736]: scdaemon[21738] SIGTERM received - 
shutting down ... 
fév 08 12:22:09 curie gpg-agent[21736]: SIGTERM received - shutting down ... 
fév 08 12:22:09 curie gpg-agent[21736]: gpg-agent (GnuPG) 2.1.18scdaemon[21738] 
scdaemon (GnuPG) 2.1.18 stopped 
fév 08 12:22:09 curie gpg-agent[21736]:  stopped

Here's the error when i try to access the card then:

fév 08 12:24:20 curie systemd[1199]: Started GnuPG cryptographic agent and 
passphrase cache. 
fév 08 12:24:20 curie gpg-agent[27960]: gpg-agent (GnuPG) 2.1.18 starting in 
supervised mode. 
fév 08 12:24:20 curie gpg-agent[27960]: using fd 3 for std socket 
(/run/user/1000/gnupg/S.gpg-agent) 
fév 08 12:24:20 curie gpg-agent[27960]: using fd 4 for ssh socket 
(/run/user/1000/gnupg/S.gpg-agent.ssh) 
fév 08 12:24:20 curie gpg-agent[27960]: using fd 5 for extra socket 
(/run/user/1000/gnupg/S.gpg-agent.extra) 
fév 08 12:24:20 curie gpg-agent[27960]: using fd 6 for browser socket 
(/run/user/1000/gnupg/S.gpg-agent.browser) 
fév 08 12:24:20 curie gpg-agent[27960]: listening on: std=3 extra=5 browser=6 
ssh=4 
fév 08 12:24:20 curie gpg-agent[27960]: scdaemon[27962] ccid open error: skip 

the scdaemon debug logs show this:

2017-02-08 12:24:58 scdaemon[27971] listening on socket 
'/run/user/1000/gnupg/S.scdaemon'
2017-02-08 12:24:58 scdaemon[27971] handler for fd -1 started
2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 -> OK GNU Privacy Guard's 
Smartcard server ready
2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 <- GETINFO socket_name
2017-02-08 12:24:58 scdaemon[27971] DBG: chan_5 -> D 
/run/user/1000/gnupg/S.scdaemon
2017-02-08 12:24:58 

Bug#854611: [Pkg-utopia-maintainers] Bug#854611: [network-manager] Wireless network interface detected as ethernet

[David Mirza Ahmad]

$ udevadm info --path=/sys/class/net/wlp2s0
P: /devices/pci:00/:00:1c.3/:02:00.0/net/wlp2s0
E: DEVPATH=/devices/pci:00/:00:1c.3/:02:00.0/net/wlp2s0
E: DEVTYPE=wlan
E: ID_BUS=pci
E: ID_MODEL_FROM_DATABASE=Wireless 7265 (Dual Band Wireless-AC 7265)
E: ID_MODEL_ID=0x095a
E: ID_NET_DRIVER=iwlwifi
E: ID_NET_LINK_FILE=/lib/systemd/network/99-default.link
E: ID_NET_NAME=wlp2s0
E: ID_NET_NAME_MAC=wlxSCRUBBED
E: ID_NET_NAME_PATH=wlp2s0
E: ID_OUI_FROM_DATABASE=Intel Corporate
E: ID_PATH=pci-:02:00.0
E: ID_PATH_TAG=pci-_02_00_0
E: ID_PCI_CLASS_FROM_DATABASE=Network controller
E: ID_PCI_SUBCLASS_FROM_DATABASE=Network controller
E: ID_VENDOR_FROM_DATABASE=Intel Corporation
E: ID_VENDOR_ID=0x8086
E: IFINDEX=2
E: INTERFACE=wlp2s0
E: SUBSYSTEM=net
E: SYSTEMD_ALIAS=/sys/subsystem/net/devices/wlp2s0
/sys/subsystem/net/devices/wlp2s0
E: TAGS=:systemd:
E: USEC_INITIALIZED=23368270



Michael Biebl:

> 
> Can you attach the output of
> 
> udevadm info --path=/sys/class/net/wlp2s0
> 

-- 
David Mirza Ahmad
https://subgraph.com
78A1 CCFD 1C60 4BA7 5E1C C1F2 42D7 08C0 2520 8C7B

Processed: retitle 854487 to puppet: puppet agent service enabled and running by default

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> retitle 854487 puppet: puppet agent service enabled and running by default
Bug #854487 [puppet] Binary-only package puppet was silently converted into a 
package shipping and running a service
Changed Bug title to 'puppet: puppet agent service enabled and running by 
default' from 'Binary-only package puppet was silently converted into a package 
shipping and running a service'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
854487: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854487
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854611: [Pkg-utopia-maintainers] Bug#854611: [network-manager] Wireless network interface detected as ethernet

[Michael Biebl]

Am 08.02.2017 um 18:12 schrieb David Mirza Ahmad:
> Package: network-manager
> Version: 1.6.0-1
> Severity: serious
> 
> --- Please enter the report below this line. ---
> 
> It seems that NM 1.6 has introduced a bug where wireless interfaces are
> detected as ethernet, and are not brought up by NM.
> 
> driver is iwlwifi, loads correctly:
> 
> [   23.137007] iwlwifi :02:00.0: Direct firmware load for
> iwlwifi-7265D-26.ucode failed with error -2
> [   23.137191] iwlwifi :02:00.0: Direct firmware load for
> iwlwifi-7265D-25.ucode failed with error -2
> [   23.137210] iwlwifi :02:00.0: Direct firmware load for
> iwlwifi-7265D-24.ucode failed with error -2
> [   23.137225] iwlwifi :02:00.0: Direct firmware load for
> iwlwifi-7265D-23.ucode failed with error -2
> [   23.143798] iwlwifi :02:00.0: loaded firmware version 22.361476.0
> op_mode iwlmvm
> [   23.193443] iwlwifi :02:00.0: Detected Intel(R) Dual Band
> Wireless AC 7265, REV=0x210
> [   23.194824] iwlwifi :02:00.0: L1 Enabled - LTR Enabled
> [   23.195271] iwlwifi :02:00.0: L1 Enabled - LTR Enabled
> [   23.353104] iwlwifi :02:00.0 wlp2s0: renamed from wlan0
> [   25.075065] iwlwifi :02:00.0: L1 Enabled - LTR Enabled
> [   25.075614] iwlwifi :02:00.0: L1 Enabled - LTR Enabled
> [   25.142405] iwlwifi :02:00.0: L1 Enabled - LTR Enabled
> [   25.143015] iwlwifi :02:00.0: L1 Enabled - LTR Enabled
> 
> but with the new Network Manager 1.6 update from stretch:
> 
> $ nmcli device show
> 
> [..]
> 
> GENERAL.DEVICE: wlp2s0


Can you attach the output of

udevadm info --path=/sys/class/net/wlp2s0

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#854611: [network-manager] Wireless network interface detected as ethernet

[David Mirza Ahmad]

Package: network-manager
Version: 1.6.0-1
Severity: serious

--- Please enter the report below this line. ---

It seems that NM 1.6 has introduced a bug where wireless interfaces are
detected as ethernet, and are not brought up by NM.

driver is iwlwifi, loads correctly:

[   23.137007] iwlwifi :02:00.0: Direct firmware load for
iwlwifi-7265D-26.ucode failed with error -2
[   23.137191] iwlwifi :02:00.0: Direct firmware load for
iwlwifi-7265D-25.ucode failed with error -2
[   23.137210] iwlwifi :02:00.0: Direct firmware load for
iwlwifi-7265D-24.ucode failed with error -2
[   23.137225] iwlwifi :02:00.0: Direct firmware load for
iwlwifi-7265D-23.ucode failed with error -2
[   23.143798] iwlwifi :02:00.0: loaded firmware version 22.361476.0
op_mode iwlmvm
[   23.193443] iwlwifi :02:00.0: Detected Intel(R) Dual Band
Wireless AC 7265, REV=0x210
[   23.194824] iwlwifi :02:00.0: L1 Enabled - LTR Enabled
[   23.195271] iwlwifi :02:00.0: L1 Enabled - LTR Enabled
[   23.353104] iwlwifi :02:00.0 wlp2s0: renamed from wlan0
[   25.075065] iwlwifi :02:00.0: L1 Enabled - LTR Enabled
[   25.075614] iwlwifi :02:00.0: L1 Enabled - LTR Enabled
[   25.142405] iwlwifi :02:00.0: L1 Enabled - LTR Enabled
[   25.143015] iwlwifi :02:00.0: L1 Enabled - LTR Enabled

but with the new Network Manager 1.6 update from stretch:

$ nmcli device show

[..]

GENERAL.DEVICE: wlp2s0
GENERAL.TYPE:   ethernet
GENERAL.HWADDR: SCRUBBED
GENERAL.MTU:1500
GENERAL.STATE:  20 (unavailable)
GENERAL.CONNECTION: --
GENERAL.CON-PATH:   --
WIRED-PROPERTIES.CARRIER:   off

[..]

$ nmcli device
DEVICE   TYPE  STATECONNECTION
..
wlp2s0   ethernet  unavailable  --
..

I set NM to trace level logging, and here's what I think might be useful
information from syslog:

Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.3183]
ethtool[2]: ETHTOOL_GDRVINFO, wlp2s0: success
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.3185]
platform-linux: event-notification: NEWLINK, seq 1: 2: wlp2s0
 mtu 1500 arp 1 ethernet? not-init addr
XX:XX:XX:XX:XX:XX rx:0,0 tx:0,0
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.3185]
ethtool[2]: ETHTOOL_GDRVINFO, wlp2s0: success
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.3185]
platform: signal: link   added: 2: wlp2s0 
mtu 1500 arp 1 ethernet? not-init addr XX:XX:XX:XX:XX:XX driver iwlwifi
rx:0,0 tx:0,0

[..]

Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.3220]
platform-linux: udev-add[wlp2s0,2]: device added
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.3222]
platform: signal: link changed: 2: wlp2s0 
mtu 1500 arp 1 ethernet? init addr XX:XX:XX:XX:XX:XX driver iwlwifi
rx:0,0 tx:0,0

[..]

Feb  8 16:27:42 subgraph NetworkManager[2801]:   [1486571262.3370]
devices added (path:
/sys/devices/pci:00/:00:1c.3/:02:00.0/net/wlp2s0, iface: wlp2s0)
Feb  8 16:27:42 subgraph NetworkManager[2801]:   [1486571262.3370]
device added (path:
/sys/devices/pci:00/:00:1c.3/:02:00.0/net/wlp2s0, iface:
wlp2s0): no ifupdown configuration found.

Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7066]
config: device-state: read #2 (/var/run/NetworkManager/devices/2); managed=1
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7068]
ethtool[2]: ETHTOOL_GLINK, wlp2s0: success
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7069]
device[0x3271978af0] (wlp2s0): constructed (NMDeviceEthernet)
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7070]
device[0x3271978af0] (wlp2s0): start setup of NMDeviceEthernet, kernel
ifindex 2
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7072]
ethtool[2]: ETHTOOL_GDRVINFO, wlp2s0: success
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7072]
ethtool[2]: ETHTOOL_GLINK, wlp2s0: success
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7072]
device[0x3271978af0] (wlp2s0): hw-addr: hardware address now
XX:XX:XX:XX:XX:XX
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7073]
device[0x3271978af0] (wlp2s0): hw-addr: update initial MAC address
XX:XX:XX:XX:XX:XX
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7073]
ethtool[2]: ETHTOOL_GPERMADDR, wlp2s0: success
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7073]
device[0x3271978af0] (wlp2s0): hw-addr: read permanent MAC address
'34:02:86:84:33:B6'
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7073]
device[0x3271978af0] (wlp2s0): carrier is OFF
Feb  8 16:27:42 subgraph NetworkManager[2801]:  [1486571262.7075]
device[0x3271978af0] (wlp2s0): unmanaged: flags set to
[platform-init,!loopback=0x10/0x18/unmanaged/unrealized, set-managed

Bug#854610: libsofthsm2 is not installable because of wrong libssl dependency

[Dominik Reusser]

Package: libsofthsm2
Version: 2.1.0-3~bpo8+1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

I'm trying to install libsofthsm on debian jessie, using the
jessie-backports repository. The amd64 package depends on libssl1.0.2,
which does not exist. I think this should be libssl1.0.0, which does
exist in an appropriate version (>=1.0.2d). As is, the package can only
be installed after building from source.

In addition, before being able to use the package, I had to manually
create /var/lib/softhsm/tokens. This should probably be created during
the installation process.

Kind regards
Dominik Reusser


-- System Information:
Debian Release: 8.7
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#854609: swi-prolog: FTBFS on mips

[Lev Lamberov]

Package: swi-prolog
Version: 7.2.3+dfsg-5.1
Severity: serious
Justification: FTBFS

Hi,

something broke swi-prolog in Debian (see #852892), but it revealed
another problem. Java tests fail on mips with segmentation
fault. Unfortunately, 7.2 branch of swi-prolog is almost at its end of
life stage and it is not supported by upstream in an appropriate
manner. Currently, upstream works heavily on releasing 7.4 branch
(7.4-rc1 was released two weeks ago), which as upstream puts it will be
supported by security fixes for a long time and in an appropriate
manner.

I've tried to play with build flags, but (unfortunately!) my attempts
to fix the bug were unsuccessful.

So, there are simply two options:

  1. Do not build swi-prolog-java on mips (as it already done on armel
  and armhf), and let swi-prolog enter stretch.

  2. Do not let 7.2.3 version of swi-prolog enter stretch.

As for me I vote for the second option, because I don't think that it
is a good idea to let dead (= without upstream support and without
enough competent contributors in Debian, who is interested to keep it
alive) branch of some piece of software enter stable release and stay
there for 2 or more years. It simply will _not_ have any good support,
which I'd consider as a bad thing.

My suggestion, as partly stated above, is to have that RC bug open to
not let swi-prolog enter stretch. But after stretch release 7.4
(moreover 7.4 should have OpenSSL 1.1 support, which is absent in 7.2)
branch of swi-prolog will be ready and I'll upload it to backports.

But if there are anyone who _really_ need swi-prolog in stretch, I'm
open to your suggestions and can manage with the first option. (In
this case, please, do not expect good level of support of swi-prolog
in stretch.)

Cheers,
Lev Lamberov


-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages swi-prolog depends on:
ii  swi-prolog-nox  7.2.3+dfsg-5.1
ii  swi-prolog-x7.2.3+dfsg-5.1

swi-prolog recommends no packages.

Versions of packages swi-prolog suggests:
pn  prolog-el  

-- no debconf information

Processed: libpodo security bug handling

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # none of these CVEs deserves to be RC
> severity 854118 important
Bug #854118 [libpodofo] Multiple issues in libpodofo
Severity set to 'important' from 'serious'
> tag 854118 upstream
Bug #854118 [libpodofo] Multiple issues in libpodofo
Added tag(s) upstream.
> # please don't ever *ever* bundle different bugs in a single report
> clone 854118 -1 -2 -3 -4 -5 -6 -7
Bug #854118 [libpodofo] Multiple issues in libpodofo
Bug 854118 cloned as bugs 854599-854605
> retitle -1 libpodofo: CVE-2015-8981 - Heap overflow in the function 
> ReadXRefSubsection
Bug #854599 [libpodofo] Multiple issues in libpodofo
Changed Bug title to 'libpodofo: CVE-2015-8981 - Heap overflow in the function 
ReadXRefSubsection' from 'Multiple issues in libpodofo'.
> retitle -2 libpodofo: CVE-2017-5852 - Infinite loop in 
> PoDoFo::PdfPage::GetInheritedKeyFromObject
Bug #854600 [libpodofo] Multiple issues in libpodofo
Changed Bug title to 'libpodofo: CVE-2017-5852 - Infinite loop in 
PoDoFo::PdfPage::GetInheritedKeyFromObject' from 'Multiple issues in libpodofo'.
> retitle -3 libpodofo: CVE-2017-5853 - Signed integer overflow in PdfParser.cpp
Bug #854601 [libpodofo] Multiple issues in libpodofo
Changed Bug title to 'libpodofo: CVE-2017-5853 - Signed integer overflow in 
PdfParser.cpp' from 'Multiple issues in libpodofo'.
> retitle -4 libpodofo: CVE-2017-5854 - NULL pointer dereference in 
> PdfOutputStream.cpp
Bug #854602 [libpodofo] Multiple issues in libpodofo
Changed Bug title to 'libpodofo: CVE-2017-5854 - NULL pointer dereference in 
PdfOutputStream.cpp' from 'Multiple issues in libpodofo'.
> retitle -5 libpodofo: CVE-2017-5855 - NULL pointer dereference in 
> PoDoFo::PdfParser::ReadXRefSubsection
Bug #854603 [libpodofo] Multiple issues in libpodofo
Changed Bug title to 'libpodofo: CVE-2017-5855 - NULL pointer dereference in 
PoDoFo::PdfParser::ReadXRefSubsection' from 'Multiple issues in libpodofo'.
> retitle -6 libpodofo: CVE-2017-5886 - heap-based buffer overflow in 
> PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp)
Bug #854604 [libpodofo] Multiple issues in libpodofo
Changed Bug title to 'libpodofo: CVE-2017-5886 - heap-based buffer overflow in 
PoDoFo::PdfTokenizer::GetNextToken (PdfTokenizer.cpp)' from 'Multiple issues in 
libpodofo'.
> retitle -7 libpodofo: [no CVE yet] - NULL pointer dereference in 
> PdfInfo::GuessFormat (pdfinfo.cpp)
Bug #854605 [libpodofo] Multiple issues in libpodofo
Changed Bug title to 'libpodofo: [no CVE yet] - NULL pointer dereference in 
PdfInfo::GuessFormat (pdfinfo.cpp)' from 'Multiple issues in libpodofo'.
> # and close the original - just for the sake of being able to call these
> # -1/-2/-3/-4/-5/-6/-7 over bug number...
> close 854118
Bug #854118 [libpodofo] Multiple issues in libpodofo
Marked Bug as done
> # CVE-2015-8981 - Heap overflow in the function ReadXRefSubsection
> forwarded -1 https://sourceforge.net/p/podofo/mailman/message/34205419/
Bug #854599 [libpodofo] libpodofo: CVE-2015-8981 - Heap overflow in the 
function ReadXRefSubsection
Changed Bug forwarded-to-address to 
'https://sourceforge.net/p/podofo/mailman/message/34205419/' from 
'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/20170204121312.lq26ge6osbiuwnjo%40mapreri.org/#msg35646469'.
> summary -1 upstream fix: https://sourceforge.net/p/podofo/code/1672
Summary recorded from message bug 854599 message 
> tag -1 fixed-upstream
Bug #854599 [libpodofo] libpodofo: CVE-2015-8981 - Heap overflow in the 
function ReadXRefSubsection
Added tag(s) fixed-upstream.
> close -1 0.9.4-1
Bug #854599 [libpodofo] libpodofo: CVE-2015-8981 - Heap overflow in the 
function ReadXRefSubsection
There is no source info for the package 'libpodofo' at version '0.9.4-1' with 
architecture ''
Unable to make a source version for version '0.9.4-1'
Marked as fixed in versions 0.9.4-1.
Bug #854599 [libpodofo] libpodofo: CVE-2015-8981 - Heap overflow in the 
function ReadXRefSubsection
Marked Bug as done
> # CVE-2017-5852 - Infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject
> forwarded -2 
> https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
Bug #854600 [libpodofo] libpodofo: CVE-2017-5852 - Infinite loop in 
PoDoFo::PdfPage::GetInheritedKeyFromObject
Changed Bug forwarded-to-address to 
'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936'
 from 
'https://sourceforge.net/p/podofo/mailman/podofo-users/thread/20170204121312.lq26ge6osbiuwnjo%40mapreri.org/#msg35646469'.
> outlook -2 
> https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp/
Outlook recorded from message bug 854600 message 
> # CVE-2017-5853 - Signed integer overflow in PdfParser.cpp
> forwarded -3 
> https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936
Bug #854601 [libpodofo] libpodofo: 

Bug#854548: xrdp fails to start at boot

[RLFrost]

I have this bug on two systems running stretch as well.  The problem for 
me is a missing directory /run/xrdp.  When I create that directory 
xrdp-sesman can be started functions properly. On reboot, the directory 
is deleted and the service doesn't work again until the directory is 
created and the service restarted.  Hope this helps.


RLFrost

Bug#854596: fontmatrix: uninstallable -at least under stretch, fontmatrix : Dépend: libicu52 (>= 52~m1-1~) which is a virtual package and is not provided by any available package

[gregory . bahde]

Package: fontmatrix 
Version: 0.6.0+svn20110930-1.1+b1 
Severity: grave 
Tags: upstream 
Justification: renders package unusable 

Dear Maintainer, 

*** Reporter, please consider answering these questions, where appropriate *** 

* What led up to the situation? 
trying to install the soft 
* What exactly did you do (or not do) that was effective (or 
ineffective)? 
installed it from source -github, following the regular procedure- 
* What was the outcome of this action? 
successful but not using the package 
* What outcome did you expect instead? 
install from a package rightaway i suppose ;) 

*** End of the template - remove these template lines *** 



-- System Information: 
Debian Release: 9.0 
APT prefers testing 
APT policy: (101, 'testing'), (10, 'experimental'), (10, 'unstable') 
Architecture: amd64 (x86_64) 
Foreign Architectures: i386 

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores) 
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) 
Shell: /bin/sh linked to /bin/dash 
Init: systemd (via /run/systemd/system) 

Bug#854487: [Pkg-puppet-devel] Bug#854487: Bug#854487: Bug#854487: Bug#854487: Binary-only package puppet was silently converted into a package shipping and running a service

[Apollon Oikonomopoulos]

Control: tags -1 pending

On 16:48 Wed 08 Feb , Apollon Oikonomopoulos wrote:
> On 15:07 Wed 08 Feb , Apollon Oikonomopoulos wrote:
> > On 19:10 Tue 07 Feb , Russ Allbery wrote:
> > > For systemd, I think the fix may be as easy as using --no-enable 
> > > in a
> > > dh_systemd_enable override.  I'm not sure how this used to be done for
> > > dh_installinit.
> 
> For dh_installinit things are unfortunately not that straightforward.  
> The only way I can see for this to work, is to call dh_installinit 
> --no-scripts to prevent dh_ii from modifying the maintainer scripts and 
> then manually add most of the boilerplate code without that single 
> `update-rc.d puppet defaults' call. I find this ugly enough to not 
> prefer it over the `puppet agent --disable' approach.

Actually, it is much simpler than that: adding an `update-rc.d defaults 
puppet && update-rc.d disable puppet` before the debhelper stanzas just 
works and does the right thing.

Given that in either case (service disabled, or agent locked) manual 
intervention is required (and desirable), I think it is best to just 
disable the service. I'll prepare an upload shortly.

Processed: Re: [Pkg-puppet-devel] Bug#854487: Bug#854487: Bug#854487: Bug#854487: Binary-only package puppet was silently converted into a package shipping and running a service

[Debian Bug Tracking System]

Processing control commands:

> tags -1 pending
Bug #854487 [puppet] Binary-only package puppet was silently converted into a 
package shipping and running a service
Added tag(s) pending.

-- 
854487: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854487
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Flash-plugin not getting updated

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 851819 security
Bug #851819 [flashplugin-nonfree] ERROR: wget failed to download 
http://people.debian.org/~bartm/...
Added tag(s) security.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
851819: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851819
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#851819: Flash-plugin not getting updated

[Andreas Ferber]

tag 851819 security
thanks

Hi,

I'm tagging this bug as security, since this poses a serious security
issue for people having this package installed.

Nearly A MONTH after Adobe released a critical security update, users
STILL will not get any update for their flash plugin.

This has happened multiple times in the recent past, please either
find a way to keep this up-to-date in a timely fashion, or remove this
package completely (from stable as well!). 

Regards,
Andreas Ferber

Bug#834910: marked as pending

[Daniel Stender]

On 08.02.2017 16:15, Ole Streicher wrote:
> tag 834910 pending
> thanks
> 
> Hello,
> 
> Bug #834910 reported by you has been fixed in the Git repository. You can
> see the changelog below, and you can check the diff of the fix at:
> 
> http://git.debian.org/?p=collab-maint/lasagne.git;a=commitdiff;h=d663c1d
> 
> ---
> commit d663c1de9fd04ecfdf2c287a690e97e104902c6a
> Author: Ole Streicher 
> Date:   Wed Feb 8 16:14:41 2017 +0100
> 
> Use inspect.signature instead of inspect.getargspec if possible
> 
> Closes: #834910
> 
> diff --git a/debian/changelog b/debian/changelog
> index 4031946..e22634e 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -1,3 +1,10 @@
> +lasagne (0.1+git20160728.8b66737-2) UNRELEASED; urgency=medium
> +
> +  * Use inspect.signature instead of inspect.getargspec if possible
> +(Closes: #834910)
> +
> + -- Ole Streicher   Wed, 08 Feb 2017 16:10:28 +0100
> +
>  lasagne (0.1+git20160728.8b66737-1) unstable; urgency=medium
>  
>* Initial release (Closes: #818641).

Thank you very much. I'll upload this ASAP.

DS

-- 
4096R/DF5182C8
Debian Developer (sten...@debian.org)
http://www.danielstender.com/

Bug#854596: fontmatrix: uninstallable -at least under stretch, fontmatrix : Dépend: libicu52 (>= 52~m1-1~) which is a virtual package and is not provided by any available package

[gregory bahde]

Package: fontmatrix
Version: 0.6.0+svn20110930-1.1+b1
Severity: grave
Tags: upstream
Justification: renders package unusable

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (101, 'testing'), (10, 'experimental'), (10, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#851667: #851667 "fix" breaks openjdk 8 on Jessie

[Sam Hokin]

Thanks!!! This fix worked for me on the Google Cloud Debian spin, which uses 
jessie-backports.

On Sun, 5 Feb 2017 00:57:35 -0500 Darrin Swanson  
wrote:

I was able to fix this issue with the information from the following link:

http://unix.stackexchange.com/questions/342403/openjdk-8-jre-headless-depends-ca-certificates-java-but-it-is-not-going-to-be

I was able to use the following command from that page to reinstall
openjdk-8-jre-headless and ca-certificates-java

apt install -t jessie-backports  openjdk-8-jre-headless ca-certificates-java

I then used

apt-get install openjdk-8-jre

to finish off the installation since that package was unaffected by the
ca-certificates-java package.

Processed: tagging 854576

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 854576 + confirmed
Bug #854576 [libreoffice-dev] libreoffice-dev: fails to upgrade 
libreoffice-dev-doc from jessie with --install-recommends enabled
Added tag(s) confirmed.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
854576: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854576
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 854576

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 854576 + help
Bug #854576 [libreoffice-dev] libreoffice-dev: fails to upgrade 
libreoffice-dev-doc from jessie with --install-recommends enabled
Ignoring request to alter tags of bug #854576 to the same tags previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
854576: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854576
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#854587: icedove: incorrect start-version in {icedove,thunderbird}.maintscript

[Debian Bug Tracking System]

Processing control commands:

> tags -1 pending
Bug #854587 [icedove] icedove: incorrect start-version in 
{icedove,thunderbird}.maintscript
Added tag(s) pending.

-- 
854587: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854587
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#854587: icedove: incorrect start-version in {icedove,thunderbird}.maintscript

[Carsten Schoenert]

Control: tags -1 pending

Hello Andreas,

On Wed, Feb 08, 2017 at 02:15:46PM +0100, Andreas Beckmann wrote:
 
> the .maintscript files list a start-version of 1:45.6.0-1~, but sid has
> already a newer untransitioned version: 1:45.6.0-2

Good catch! Thanks.

> PS: do you plan to rename the source package to thunderbird, too?

Yes, this is planned. But probaly after the Stretch release. Otherwise
we may conflict with apt-listchanges and the wanted pop-up for the
change of the icedove package.

Regards
Carsten

Bug#854576: libreoffice-dev: fails to upgrade libreoffice-dev-doc from jessie with --install-recommends enabled

[Rene Engelhard]

Hi,

On Wed, Feb 08, 2017 at 04:16:54PM +0100, Rene Engelhard wrote:
> The last time this mess came up was #804317 which changed the path. And you
> as the reporter didn't react to the report...
> 
> Policy 12.3 says that the docs in /usr/share/doc/libreoffice-dev is preffered:
> 
> "Additional documentation included in the package should be installed under 
> /usr/share/doc/package. If the documentation is packaged separately, as 
> package-doc for example, it may be installed under either that path or into 
> the documentation directory for the separate documentation package 
> (/usr/share/doc/package-doc in this example). However, installing the 
> documentation into the documentation directory of the main package is 
> preferred since it is independent of the packaging method and will be easier 
> for users to find."
> 
> Hints how to get out of this (without moving the path, besides the policy
> above, doing it now with all the symlinks IMHO is too intrusive in the freeze)

Especially as the other path is exactly what was changed after in 1:5.1.1~rc3-1
for #804317 to the current one..

In case it helps, apt-get install --reinstall libreoffice-dev-doc followed by a 
apt-get install --reinstall liibreoffice-dev for safety fixes it.

Maybe I need to update the Conflicts: libreoffice-dev-doc (<= 1:5.0.3~rc1-2)
of the -dev package to Conflicts: libreoffice-dev-doc (<< 1:5.1.1~rc3-1) but
even then, 4.3.3 is definitely lower than this.
 
Regards,
 
Rene

Bug#834910: lasagne: two tests failing on Python 3.5

[Ole Streicher]

Control: tags -1 patch

Ahh, (partly) my fault: I checked only the result, not the full log.

I've committed a patch to the git repo. Daniel, will you upload or shall I?

Best

Ole

Bug#854576: libreoffice-dev: fails to upgrade libreoffice-dev-doc from jessie with --install-recommends enabled

[Rene Engelhard]

Hi,

On Wed, Feb 08, 2017 at 01:11:33PM +0100, Andreas Beckmann wrote:
> during a test with piuparts I noticed your package fails to upgrade from
> 'jessie'.
> It installed fine in 'jessie', then the upgrade to 'stretch' fails.
> 
> Reproducible on both amd64 and i386, needs --install-recommends to show up.
>
> >From the attached log (scroll to the bottom...):
>
> [...]
>   Setting up libreoffice-common (1:5.2.5-1) ...
>   Installing new version of config file /etc/libreoffice/sofficerc ...
>   Removing obsolete conffile /etc/bash_completion.d/libreoffice.sh ...
>   Setting up libreoffice-style-galaxy (1:5.2.5-1) ...
>   Setting up libreoffice-core (1:5.2.5-1) ...
>   Setting up libreoffice-dev-common (1:5.2.5-1) ...
>   Setting up libreoffice-dev (1:5.2.5-1) ...
>   mv: cannot stat '/usr/share/doc/libreoffice-dev/sdk/examples': No such file 
> or directory
[...]

How would it be that you actually mentioned that you need -dev-doc in the body
(except just in the end of $SUBJECT and the log which was AFAICS actually
a test for libreoffice-dev-doc, not libreoffice)

# debootstrap jessie jessie http://192.168.1.2
# mount -t proc proc jessie/proc
# chroot jessie
# apt install libreoffice-dev
# sed -i s/jessie/stretch/ /etc/apt/sources.list
# apt update
# apt --install-recommends dist-upgrade

[...]
Setting up libreoffice-common (1:5.2.5-1) ...
Installing new version of config file /etc/libreoffice/sofficerc ...
Removing obsolete conffile /etc/bash_completion.d/libreoffice.sh ...
Setting up libreoffice-style-galaxy (1:5.2.5-1) ...
Setting up libreoffice-core (1:5.2.5-1) ...
Setting up libreoffice-dev-common (1:5.2.5-1) ...
Setting up libreoffice-dev (1:5.2.5-1) ...
Setting up python3 (3.5.3-1) ...
[...]

-> works

to get -dev-doc into the game I did a second run

# debootstrap jessie jessie2 http://192.168.1.2
# mount -t proc proc jessie2/proc
# chroot jessie2
# apt install libreoffice-dev libreoffice-dev-doc
# sed -i s/jessie/stretch/ /etc/apt/sources.list
# apt update
# apt --install-recommends dist-upgrade

That indeed gives what was in the log.

--- snip --
# Automatically added by dh_installdeb
dpkg-maintscript-helper dir_to_symlink /usr/share/doc/libreoffice-dev 
/usr/share/doc/libreoffice-core 1:5.0.3~rc1-2 $DPKG_MAINTSCRIPT_PACKAGE -- "$@"
# End automatically added section
--- snip ---

THAT is the postinst...

The last time this mess came up was #804317 which changed the path. And you
as the reporter didn't react to the report...

Policy 12.3 says that the docs in /usr/share/doc/libreoffice-dev is preffered:

"Additional documentation included in the package should be installed under 
/usr/share/doc/package. If the documentation is packaged separately, as 
package-doc for example, it may be installed under either that path or into the 
documentation directory for the separate documentation package 
(/usr/share/doc/package-doc in this example). However, installing the 
documentation into the documentation directory of the main package is preferred 
since it is independent of the packaging method and will be easier for users to 
find."

Hints how to get out of this (without moving the path, besides the policy
above, doing it now with all the symlinks IMHO is too intrusive in the freeze)

Regards,

Rene

P.S.:
That said, I don't believe it will hit many people:
https://qa.debian.org/popcon-graph.php?packages=libreoffice-dev%2Clibreoffice-dev-doc_installed=on_legend=on_ticks=on_date=_date=_date=_fmt=%25Y-%25m=1.
https://qa.debian.org/popcon-graph.php?packages=libreoffice-core_installed=on_legend=on_ticks=on_date=_date=_date=_fmt=%25Y-%25m=1

popcon < 100 (for dev-docs) vs. > 90 installs of LO :)

Processed: Re: lasagne: two tests failing on Python 3.5

[Debian Bug Tracking System]

Processing control commands:

> tags -1 patch
Bug #834910 [src:lasagne] lasagne: two tests failing on Python 3.5
Added tag(s) patch.

-- 
834910: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834910
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: lasagne: two tests failing on Python 3.5

[Debian Bug Tracking System]

Processing control commands:

> tags -1 patch
Bug #834910 [src:lasagne] lasagne: two tests failing on Python 3.5
Ignoring request to alter tags of bug #834910 to the same tags previously set

-- 
834910: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834910
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tagging 854576

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tags 854576 + help
Bug #854576 [libreoffice-dev] libreoffice-dev: fails to upgrade 
libreoffice-dev-doc from jessie with --install-recommends enabled
Added tag(s) help.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
854576: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854576
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#852363: python-pisa: xhtml2pdf throws exception (html5lib.inputstream)

[Hugo Lefeuvre]

Hi Sandro, Martin,

Sorry for not replying sooner, I am just drowning in work currently.

I have looked at the pisa package and tried to patch it the way I
mentionned earlier, but it turned out to not be sufficient, so I have
made some more modifications. You can find a first (somewhat dirty)
draft of patch in attachment.

With this patch, xhtml2pdf seemed to work correctly on several test
pages (e.g. this one[0]).

I'll try to improve/test this patch further. I'd not upload it in its
current state.

Could anybody have a look at it ?

Getting rid of pisa for buster would be a good idea indeed.

Thanks !

Cheers,
 Hugo

[0] http://noir.liw.fi/

-- 
 Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
--- a/sx/pisa3/pisa_parser.py	2017-02-08 15:38:26.127678118 +0100
+++ b/sx/pisa3/pisa_parser.py	2017-02-08 15:38:49.755588784 +0100
@@ -26,7 +26,8 @@
 import os.path
 
 import html5lib
-from html5lib import treebuilders, serializer, treewalkers, inputstream
+from html5lib import treebuilders, treewalkers
+from html5lib import _inputstream as inputstream
 from xml.dom import Node
 import xml.dom.minidom
 
@@ -611,9 +612,7 @@
  if inputstream.codecName(encoding) is None:
  log.error("%r is not a valid encoding", encoding)
 
-document = parser.parse(
-src,
-encoding=encoding)
+document = parser.parse(src)
 
 if xml_output:
 xml_output.write(document.toprettyxml(encoding="utf8"))
--- a/sx/pisa3/pisa_context.py	2017-02-08 15:38:26.127678118 +0100
+++ b/sx/pisa3/pisa_context.py	2017-02-08 15:38:26.123678133 +0100
@@ -40,8 +40,6 @@
 
 from sx.w3c import css, cssDOMElementInterface
 
-from html5lib.sanitizer import *
-
 import logging
 log = logging.getLogger("ho.pisa")
 


signature.asc
Description: PGP signature

Processed: Bug#834910 marked as pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 834910 pending
Bug #834910 [src:lasagne] lasagne: two tests failing on Python 3.5
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
834910: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834910
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#834910: marked as pending

[Ole Streicher]

tag 834910 pending
thanks

Hello,

Bug #834910 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

http://git.debian.org/?p=collab-maint/lasagne.git;a=commitdiff;h=d663c1d

---
commit d663c1de9fd04ecfdf2c287a690e97e104902c6a
Author: Ole Streicher 
Date:   Wed Feb 8 16:14:41 2017 +0100

Use inspect.signature instead of inspect.getargspec if possible

Closes: #834910

diff --git a/debian/changelog b/debian/changelog
index 4031946..e22634e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+lasagne (0.1+git20160728.8b66737-2) UNRELEASED; urgency=medium
+
+  * Use inspect.signature instead of inspect.getargspec if possible
+(Closes: #834910)
+
+ -- Ole Streicher   Wed, 08 Feb 2017 16:10:28 +0100
+
 lasagne (0.1+git20160728.8b66737-1) unstable; urgency=medium
 
   * Initial release (Closes: #818641).

Bug#834910: lasagne: two tests failing on Python 3.5

[Stuart Prescott]

> > i was able to reproduce it just now in a clean pbuilder chroot, build
> > log attached
> > 
> > this is still an RC bug affecting stretch

>From what I can see here, these are test failures and not a FTBFS. Is this 
actually an RC bug? 

  https://www.debian.org/Bugs/Developer#severities

  serious:
  is a severe violation of Debian policy (roughly, it violates a "must" or
  "required" directive), or, in the package maintainer's or release manager's
  opinion, makes the package unsuitable for release.

This isn't a violation of policy as the package does not FTBFS. Is the test 
failure an indication to the maintainer that it is unsuitable for release 
because it's generally busted for everyone, or is it still useful for many 
even with a couple of test failures?

(Not debating that this is a bug and fixing it would be better; just checking 
that we're not kidding ourselves with severities)

cheers
Stuart

-- 
Stuart Prescotthttp://www.nanonanonano.net/   stu...@nanonanonano.net
Debian Developer   http://www.debian.org/ stu...@debian.org
GPG fingerprint90E2 D2C1 AD14 6A1B 7EBB 891D BBC1 7EBB 1396 F2F7

Bug#854487: [Pkg-puppet-devel] Bug#854487: Bug#854487: Bug#854487: Binary-only package puppet was silently converted into a package shipping and running a service

[Apollon Oikonomopoulos]

On 15:07 Wed 08 Feb , Apollon Oikonomopoulos wrote:
> On 19:10 Tue 07 Feb , Russ Allbery wrote:
> > Alexander Kurtz  writes:
> > 
> > > However, now somebody decided, that it's a good idea to drop the
> > > puppet-agent package and move the service file back to the puppet
> > > package [1]. This is bad, very, very bad. Here's why:

(In defense of moving things back to puppet from puppet-agent, apart 
 from #826730 and #827867, it was also breaking the upgrade path for 
 people from jessie, since puppet-agent would not be installed 
 automatically for those who had puppet installed.)

> > 
> > I don't think this is the problem.  I think the problem is that the
> > service is enabled by default.
> > 
> > There's no harm in having everything in one package provided that the
> > service defaults to *disabled*, not enabled.  My recollection is that this
> > is even what the puppet-agent package did, although maybe I'm
> > misremembering.
> 
> Sort of, actually in 3.x the service was enabled, but the agent was 
> disabled in postinst using puppet agent --disable. Nowadays I think it 
> makes more sense to simply not enable the service by default.
> 
> > But it looks like the default installation logic may have
> > been lost with the merge into a single puppet package.
> 
> For the record, this is exactly what happened.

Digging a bit further into the issue, the `puppet agent --disable' logic 
is still there, but it does not currently work for the following 
reasons:

 - In an attempt to be as safe as possible, we create the lock file 
   manually (i.e. not via `puppet agent --disable') in *preinst*, with a 
   hardcoded path to the lockfile 
   (/var/lib/puppet/state/agent_disabled.lock). However:

 - puppet agent's default vardir was changed during the migration to 4.x 
   from /var/lib/puppet to /var/cache/puppet and the agent lockfile path 
   was not updated. Even if it was updated, it still depends on the 
   actual values of vardir and/or agent_disabled_lockfile present in the 
   [main] and [agent] sections of /etc/puppet/puppet.conf.

Now, I fixed that by a) adjusting the path in preinst, b) adding an 
explicit `puppet agent --disable' call in postinst before the debhelper 
stanzas, which will always do the right thing no matter what the config 
value for agent_disabled_lockfile is. I also updated the DEP-8 tests to 
actually check that the lock *puppet agent knows about* is present on 
installation. This should give the same behavior as puppet 3.7.

> 
> > 
> > For systemd, I think the fix may be as easy as using --no-enable in a
> > dh_systemd_enable override.  I'm not sure how this used to be done for
> > dh_installinit.

For dh_installinit things are unfortunately not that straightforward.  
The only way I can see for this to work, is to call dh_installinit 
--no-scripts to prevent dh_ii from modifying the maintainer scripts and 
then manually add most of the boilerplate code without that single 
`update-rc.d puppet defaults' call. I find this ugly enough to not 
prefer it over the `puppet agent --disable' approach.

Processed: found 843315 in 113.00.00-3

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 843315 113.00.00-3
Bug #843315 [janest-core-kernel] FTBFS: libsexplib-camlp4-dev is no longer 
available
There is no source info for the package 'janest-core-kernel' at version 
'113.00.00-3' with architecture ''
Unable to make a source version for version '113.00.00-3'
Marked as found in versions 113.00.00-3.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
843315: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843315
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems