Bug#859150: installation-guide: leaves many /tmp/tmp* files behind

[Holger Wansing]

Hi,

Am Fr. Mär. 31 00:24:41 2017 GMT+0200 schrieb Samuel Thibault:
> Hello Holger,
> 
> Cyril Brulebois, on ven. 31 mars 2017 00:09:34 +0200, wrote:
> > Maybe to ease hands-on debugging, dblatex is called with the -d flag,
> > which tells it to leave temporary files behind. This ends up filling
> > up dillon's /tmp (in addition to being rather bad style in the first
> > place…).
> 
> Is -d really useful now that we have seen the whole thing working?
> 
> Alternatively,
> 
> >  - or set TMPDIR to a subdirectory of $tempdir, which gets automatically
> >removed after a build.
> 
> would be fine to me, I'm just thinking that we perhaps just not need
> these files at all now.

There is probably a chance, that a new version of dblatex or
another tool breaks something some day.
So I would vote for the second variant.

Holger

-- 
Sent from my Jolla phone
http://www.jolla.com/

Processed: closing 859159

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> close 859159 2.12.0-1
Bug #859159 [pidgin] pidgin: CVE-2017-2640
Marked as fixed in versions pidgin/2.12.0-1.
Bug #859159 [pidgin] pidgin: CVE-2017-2640
Marked Bug as done
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
859159: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859159
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#859159: closing 859159

[Salvatore Bonaccorso]

close 859159 2.12.0-1
thanks

Bug#859159: pidgin: CVE-2017-2640

[Salvatore Bonaccorso]

Package: pidgin
Version: 2.10.11-1
X-Debbugs-CC: t...@security.debian.org 
secure-testing-t...@lists.alioth.debian.org
Severity: grave
Tags: security
Control: fixed -1 2.11.0-0+deb8u2

Hi,

the following vulnerability was published for pidgin.
Filling this with RC severity, since it's although fixed in sid and
in stable, and means a regression while updating to stretch.

CVE-2017-2640[0]:
Out-of-bounds write when stripping xml

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-2640
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2640

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Processed: pidgin: CVE-2017-2640

[Debian Bug Tracking System]

Processing control commands:

> fixed -1 2.11.0-0+deb8u2
Bug #859159 [pidgin] pidgin: CVE-2017-2640
Marked as fixed in versions pidgin/2.11.0-0+deb8u2.

-- 
859159: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859159
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#797613: marked as done (libosl: transition needed for g++-5 ABIs)

[Debian Bug Tracking System]

Your message dated Fri, 31 Mar 2017 01:03:54 +
with message-id 
and subject line Bug#797613: fixed in libosl 0.8.0-1.1
has caused the Debian Bug report #797613,
regarding libosl: transition needed for g++-5 ABIs
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
797613: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797613
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libosl
Version: 0.6.0-3.2
Severity: serious
Justification: breaks reverse-dependencies
Tags: patch

Background[1]: libstdc++6 introduces a new ABI to conform to the
C++11 standard, but keeps the old ABI to not break existing binaries.
Packages which are built with g++-5 from experimental (not the one
from testing/unstable) are using the new ABI.  Libraries built from
this source package export some of the new __cxx11 or B5cxx11 symbols,
dropping other symbols.  If these symbols are part of the API of
the library, then this rebuild with g++-5 will trigger a transition
for the library.

In the case of libosl, std::string appears in header files that
get installed, so it seems very likely that a transition is needed.
The transition consists of renaming the library package
containing libosl.so.1 from "libosl1" to "libosl1v5".
A patch is available in Ubuntu,
.

These follow-up transitions for libstdc++ are not going through exactly
the normal transition procedure, because many entangled transitions are
going on at the same time, and the usual ordered transition procedure
does not scale that far. When all the libraries on which libosl depends
have started their transitions if required, libosl should do the same,
closing this bug; the release team will deal with binNMUs as needed.

In the case of libosl, libcppunit-dev and Boost have already started
their transitions, so libosl seems to be ready to start too.

The package is likely to be NMU'd in the near future, with a patch very
similar to the one in Ubuntu. The release team have declared a 2 day NMU
delay[2] for packages involved in the libstdc++ transition, in order to
get unstable back to a usable state in a finite time.

S

[1] https://wiki.debian.org/GCC5#libstdc.2B-.2B-_ABI_transition
[2] https://lists.debian.org/debian-devel-announce/2015/08/msg0.html
--- End Message ---
--- Begin Message ---
Source: libosl
Source-Version: 0.8.0-1.1

We believe that the bug you reported is fixed in the latest version of
libosl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 797...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mattia Rizzolo  (supplier of updated libosl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 31 Mar 2017 02:28:56 +0200
Source: libosl
Binary: libosl1v5 libosl-dev libosl-doc
Architecture: source amd64 all
Version: 0.8.0-1.1
Distribution: unstable
Urgency: medium
Maintainer: Daigo Moriwaki 
Changed-By: Mattia Rizzolo 
Description:
 libosl-dev - library for Shogi playing programs
 libosl-doc - library for Shogi playing programs
 libosl1v5  - library for Shogi playing programs
Closes: 797613
Changes:
 libosl (0.8.0-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Import again previously unincorporated NMUs 0.6.0-3.{2,3,4}.
   * Complete (again) the library package rename after GCC5 ABI break.
 Closes: #797613 (again)
   * Use HTTPS in the Vcs-* fields.
Checksums-Sha1:
 e4d486e84c3361c4b7ee6443c05ae2e5b4e048b4 2075 libosl_0.8.0-1.1.dsc
 e7657037371b35da2a0f9f83e446405bea364f04 8088 libosl_0.8.0-1.1.debian.tar.xz
 e4d37998f8f4b4624989414963db74e5e628 1783734 libosl-dev_0.8.0-1.1_amd64.deb
 853c21e7e8509b661ea7a824dcfac7eb9dfe8582 2287752 libosl-doc_0.8.0-1.1_all.deb
 9a331574036412485ec175abf23c51cc7a56fb68 22281310 
libosl1v5-dbgsym_0.8.0-1.1_amd64.deb
 2f03e34ab3e5255fd93560ab2454304507e7550c 1314506 libosl1v5_0.8.0-1.1_amd64.deb
 3d5045d3ea8f354750391d2ddfffabaebcabcc97 12631 libosl_0.8.0-1.1_amd64.buildinfo
Checksums-Sha256:
 

Bug#797613: libosl: diff for NMU version 0.8.0-1.1

[Mattia Rizzolo]

Control: tag -1 patch
Control: tag -1 pending

Dear maintainer,

I've prepared an NMU for libosl (versioned as 0.8.0-1.1). The diff
is attached to this message.

I've directly uploaded it, it's going through NEW (and I intend to ask
for fast-tracking, so the only rdep gets rebuilt right away, given it's
currently sitting in DEFERRED).

Regards.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-
diffstat for libosl-0.8.0 libosl-0.8.0

 changelog |   26 ++
 control   |   12 +++-
 libosl1.install   |1 -
 libosl1v5.install |1 +
 4 files changed, 34 insertions(+), 6 deletions(-)

diff -Nru libosl-0.8.0/debian/changelog libosl-0.8.0/debian/changelog
--- libosl-0.8.0/debian/changelog	2017-01-01 15:13:21.0 +0100
+++ libosl-0.8.0/debian/changelog	2017-03-31 02:28:56.0 +0200
@@ -1,3 +1,13 @@
+libosl (0.8.0-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Import again previously unincorporated NMUs 0.6.0-3.{2,3,4}.
+  * Complete (again) the library package rename after GCC5 ABI break.
+Closes: #797613 (again)
+  * Use HTTPS in the Vcs-* fields.
+
+ -- Mattia Rizzolo   Fri, 31 Mar 2017 02:28:56 +0200
+
 libosl (0.8.0-1) unstable; urgency=medium
 
   * New upstream release (OSL r4566).
@@ -36,6 +46,22 @@
 
  -- Daigo Moriwaki   Mon, 05 Dec 2016 22:06:36 +0900
 
+libosl (0.6.0-3.4) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix FTBFS with gcc-6, multiple issues. More remain.
+
+ -- Dimitri John Ledkov   Wed, 17 Aug 2016 14:05:11 +0100
+
+libosl (0.6.0-3.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+
+  [ Steve Langasek ]
+  * Rename library packages for g++5 ABI transition. (Closes: #797613)
+
+ -- Sebastian Ramacher   Mon, 19 Oct 2015 23:43:57 +0200
+
 libosl (0.6.0-3.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru libosl-0.8.0/debian/control libosl-0.8.0/debian/control
--- libosl-0.8.0/debian/control	2017-01-01 15:13:21.0 +0100
+++ libosl-0.8.0/debian/control	2017-03-31 02:28:56.0 +0200
@@ -5,13 +5,15 @@
 Build-Depends: dpkg-dev (>= 1.16.1~), debhelper (>= 10.2.1), doxygen, quilt, cmake, libcppunit-dev, libboost-all-dev
 Standards-Version: 3.9.8
 Homepage: http://gps.tanaka.ecc.u-tokyo.ac.jp/gpsshogi/pukiwiki.php
-Vcs-Browser: http://git.debian.org/?p=collab-maint/libosl.git;a=summary
-Vcs-Git: git://git.debian.org/git/collab-maint/libosl.git
+Vcs-Git: https://anonscm.debian.org/git/collab-maint/libosl.git
+Vcs-Browser: https://anonscm.debian.org/git/collab-maint/libosl.git
 
-Package: libosl1
+Package: libosl1v5
 Architecture: i386 amd64
 Depends: ${shlibs:Depends}, ${misc:Depends}
 Suggests: libosl-doc
+Conflicts: libosl1
+Replaces: libosl1
 Description: library for Shogi playing programs
  OpenShogiLib (OSL) provides following features of Shogi playing programs,
  especially for Shogi programming study. Shogi is a Japanese two-player board
@@ -31,7 +33,7 @@
 Package: libosl-dev
 Section: libdevel
 Architecture: i386 amd64
-Depends: ${shlibs:Depends}, ${misc:Depends}, libosl1 (= ${binary:Version})
+Depends: ${shlibs:Depends}, ${misc:Depends}, libosl1v5 (= ${binary:Version})
 Description: library for Shogi playing programs
  OpenShogiLib (OSL) provides following features of Shogi playing programs,
  especially for Shogi programming study. Shogi is a Japanese two-player board
@@ -50,7 +52,7 @@
 Package: libosl-doc
 Section: doc
 Architecture: all
-Suggests: libosl1
+Suggests: libosl1v5
 Depends: libjs-jquery, ${misc:Depends}
 Description: library for Shogi playing programs
  OpenShogiLib (OSL) provides following features of Shogi playing programs,
diff -Nru libosl-0.8.0/debian/libosl1.install libosl-0.8.0/debian/libosl1.install
--- libosl-0.8.0/debian/libosl1.install	2017-01-01 15:13:21.0 +0100
+++ libosl-0.8.0/debian/libosl1.install	1970-01-01 01:00:00.0 +0100
@@ -1 +0,0 @@
-/usr/lib/*/libosl.so.*
diff -Nru libosl-0.8.0/debian/libosl1v5.install libosl-0.8.0/debian/libosl1v5.install
--- libosl-0.8.0/debian/libosl1v5.install	1970-01-01 01:00:00.0 +0100
+++ libosl-0.8.0/debian/libosl1v5.install	2017-03-31 02:28:56.0 +0200
@@ -0,0 +1 @@
+/usr/lib/*/libosl.so.*


signature.asc
Description: PGP signature

Processed: libosl: diff for NMU version 0.8.0-1.1

[Debian Bug Tracking System]

Processing control commands:

> tag -1 patch
Bug #797613 [src:libosl] libosl: transition needed for g++-5 ABIs
Ignoring request to alter tags of bug #797613 to the same tags previously set
> tag -1 pending
Bug #797613 [src:libosl] libosl: transition needed for g++-5 ABIs
Added tag(s) pending.

-- 
797613: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797613
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#840166: marked as done (libosl builds with -march=native)

[Debian Bug Tracking System]

Your message dated Fri, 31 Mar 2017 02:27:20 +0200
with message-id <20170331002717.vxn6h6rgkgmkv...@mapreri.org>
and subject line Re: Bug#840166: libosl builds with -march=native
has caused the Debian Bug report #840166,
regarding libosl builds with -march=native
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
840166: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840166
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libosl
Version: 0.6.0-3.3
Severity: grave

CMakeLists.txt sets -march=native

This means the code will only run on machines with a CPU
compatible with the one on the machine where the package
was built.

Building on a different buildd machine can also change
where the code can run - including breaking existing
setups in stable updates.

Please remove -march=native from CMakeLists.txt
--- End Message ---
--- Begin Message ---
Version: debian/0.7.0-1

On Sun, Oct 09, 2016 at 07:03:33AM +0300, Adrian Bunk wrote:
> Source: libosl
> Version: 0.6.0-3.3
> Severity: grave
> 
> CMakeLists.txt sets -march=native
[...]
> Please remove -march=native from CMakeLists.txt

The maintainer did it, and properly documented in changelog, but failed
at generating a proper .changes file including non-released entries
(using -v), so this bug did not get closed).

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-


signature.asc
Description: PGP signature
--- End Message ---

Bug#859101: [Pkg-samba-maint] Bug#859101: regression: net: security update makes `net ads join` freeze when run a second time

[Paul Wise]

On Thu, 2017-03-30 at 22:36 +0200, Mathieu Parent wrote:

> Can you try this patch:
> https://git.samba.org/?p=samba.git;a=commitdiff;h=38beef2ff63664d7d5805f1032bb9f69d0b965d7

Thanks! This patch fixes the issue, my $work would appreciate it if you
could fold this into the next update to Debian jessie.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Processed: gpsshogi: diff for NMU version 0.7.0-1.1

[Debian Bug Tracking System]

Processing control commands:

> tags 848345 + patch
Bug #848345 [gpsshogi] hard codes dependency on library package libosl1
Bug #795237 [gpsshogi] hard codes dependency on library package libosl1
Added tag(s) patch.
Added tag(s) patch.
> tags 848345 + pending
Bug #848345 [gpsshogi] hard codes dependency on library package libosl1
Bug #795237 [gpsshogi] hard codes dependency on library package libosl1
Added tag(s) pending.
Added tag(s) pending.

-- 
795237: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795237
848345: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848345
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#848345: gpsshogi: diff for NMU version 0.7.0-1.1

[Mattia Rizzolo]

Control: tags 848345 + patch
Control: tags 848345 + pending

Dear maintainer,

I've prepared an NMU for gpsshogi (versioned as 0.7.0-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Also, all of this is cause by you not incorporating the previous NMU.
And the git repository was quite a mess, with upstream/* and debian/*
tags not in the branch, pristine-tar not committed/pushed, and some
changes done in the tagged git commit not actually uploaded.
I tried to make some order out of it, and if I disrupted something of
yours I'm sorry, but then please try to be more ordered and pay some
more attention to your packages.

Regards.

-- 
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
more about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-
diffstat for gpsshogi-0.7.0 gpsshogi-0.7.0

 changelog|   23 +++
 control  |8 
 patches/0004-Specify-QT_SELECT-qt5.patch |   17 +
 patches/series   |1 +
 rules|2 +-
 5 files changed, 46 insertions(+), 5 deletions(-)

diff -Nru gpsshogi-0.7.0/debian/changelog gpsshogi-0.7.0/debian/changelog
--- gpsshogi-0.7.0/debian/changelog	2016-12-04 02:15:52.0 +0100
+++ gpsshogi-0.7.0/debian/changelog	2017-03-31 00:57:08.0 +0200
@@ -1,3 +1,13 @@
+gpsshogi (0.7.0-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Import back again un-incorporated NMU  0.6.0-3+nmu2.  Closes: 848345
+  * Use HTTPS in Vcs-* headers.
+  * Apply change in git reposiotry from Daigo Moriwaki: specify QT_SELECT=qt5
+and add a patch to build with qt5.
+
+ -- Mattia Rizzolo   Fri, 31 Mar 2017 00:57:08 +0200
+
 gpsshogi (0.7.0-1) unstable; urgency=medium
 
   * New upstream release (r3043).
@@ -12,6 +22,19 @@
 
  -- Daigo Moriwaki   Sun, 04 Dec 2016 10:15:52 +0900
 
+gpsshogi (0.6.0-3+nmu2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+
+  [ Steve Langasek ]
+  * Remove hard-coded dependency on libosl1. (Closes: #795237)
+
+  [ Bas Couwenberg ]
+  * Update build dependencies for GSL 2, change libgsl0-dev to libgsl-dev.
+(Closes: #807204)
+
+ -- Sebastian Ramacher   Sat, 02 Jan 2016 17:16:11 +0100
+
 gpsshogi (0.6.0-3+nmu1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru gpsshogi-0.7.0/debian/control gpsshogi-0.7.0/debian/control
--- gpsshogi-0.7.0/debian/control	2016-12-04 02:15:52.0 +0100
+++ gpsshogi-0.7.0/debian/control	2017-03-31 00:56:33.0 +0200
@@ -2,15 +2,15 @@
 Section: games
 Priority: optional
 Maintainer: Daigo Moriwaki 
-Build-Depends: debhelper (>= 9), cdbs, quilt, dpkg-dev (>= 1.16.1~), libosl-dev (>= 0.7.0-2), libboost-all-dev, libgoogle-perftools-dev, chrpath, help2man, qtbase5-dev, qt5-default, libpoco-dev, libreadline6-dev, libgsl0-dev
+Build-Depends: debhelper (>= 9), cdbs, quilt, dpkg-dev (>= 1.16.1~), libosl-dev (>= 0.8.0), libboost-all-dev, libgoogle-perftools-dev, chrpath, help2man, qtbase5-dev, qtchooser, qt5-qmake, qtbase5-dev-tools, libpoco-dev, libreadline6-dev, libgsl-dev
 Standards-Version: 3.9.8
 Homepage: http://gps.tanaka.ecc.u-tokyo.ac.jp/gpsshogi/pukiwiki.php
-Vcs-Browser: http://git.debian.org/?p=collab-maint/gpsshogi.git;a=summary
-Vcs-Git: git://git.debian.org/git/collab-maint/gpsshogi.git
+Vcs-Git: https://anonscm.debian.org/git/collab-maint/gpsshogi.git
+Vcs-Browser: https://anonscm.debian.org/git/collab-maint/gpsshogi.git
 
 Package: gpsshogi
 Architecture: i386 amd64
-Depends: ${shlibs:Depends}, ${misc:Depends}, libosl1 (>= 0.6.0), gpsshogi-data (= ${source:Version})
+Depends: ${shlibs:Depends}, ${misc:Depends}, gpsshogi-data (= ${source:Version})
 Description: Shogi playing program based on OpenShogiLib
  GPSShogi is a Shogi playing program based on OpenShogiLib and won the 19th
  World Computer Shogi Championship. This package contains several binaries to
diff -Nru gpsshogi-0.7.0/debian/patches/0004-Specify-QT_SELECT-qt5.patch gpsshogi-0.7.0/debian/patches/0004-Specify-QT_SELECT-qt5.patch
--- gpsshogi-0.7.0/debian/patches/0004-Specify-QT_SELECT-qt5.patch	1970-01-01 01:00:00.0 +0100
+++ gpsshogi-0.7.0/debian/patches/0004-Specify-QT_SELECT-qt5.patch	2017-03-31 00:53:39.0 +0200
@@ -0,0 +1,17 @@
+From: Daigo Moriwaki 
+Date: Mon, 2 Jan 2017 15:17:44 +0900
+Subject: Specify QT_SELECT=qt5
+
+---
+ makefile.local | 2 ++
+ 1 file changed, 2 insertions(+)
+ create mode 100644 makefile.local
+
+diff --git a/makefile.local b/makefile.local
+new file mode 100644
+index 000..3ebd281
+--- /dev/null
 b/makefile.local
+@@ -0,0 +1,2 @@
++QMAKEENV = 

Bug#859150: installation-guide: leaves many /tmp/tmp* files behind

[Cyril Brulebois]

Samuel Thibault  (2017-03-31):
> Hello Holger,
> 
> Cyril Brulebois, on ven. 31 mars 2017 00:09:34 +0200, wrote:
> > Maybe to ease hands-on debugging, dblatex is called with the -d flag,
> > which tells it to leave temporary files behind. This ends up filling
> > up dillon's /tmp (in addition to being rather bad style in the first
> > place…).
> 
> Is -d really useful now that we have seen the whole thing working?
> 
> Alternatively,
> 
> >  - or set TMPDIR to a subdirectory of $tempdir, which gets automatically
> >removed after a build.
> 
> would be fine to me, I'm just thinking that we perhaps just not need
> these files at all now.

I didn't check history (because svn, mainly; and because I'd already
lost track of what I was initially doing), but if that was merely a
debug aid, removing it looks good to me. :)

FWIW dillon currently has an svn checkout with the TMPDIR patch, so no
hurry right now; just needs to be fixed for the release. ;-)


KiBi.


signature.asc
Description: Digital signature

Processed: your mail

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # @maintainer : thank you for the mess all caused by not paying minimal
> # attention and not merging back a previous NMU.  And not caring about
> # your package enough to not notice it's not even installable...
> unarchive 807204
Bug #807204 {Done: Sebastian Ramacher } [src:gpsshogi] 
gpsshogi: Update build dependencies for GSL 2.x
Unarchived Bug 807204
> unarchive 795237
Bug #795237 {Done: Sebastian Ramacher } [gpsshogi] 
gpsshogi FTBFS: "undefined reference to `osl::OslConfig::openingBook" and others
Unarchived Bug 795237
> forcemerge 795237 848345
Bug #795237 {Done: Sebastian Ramacher } [gpsshogi] 
gpsshogi FTBFS: "undefined reference to `osl::OslConfig::openingBook" and others
Bug #795237 {Done: Sebastian Ramacher } [gpsshogi] 
gpsshogi FTBFS: "undefined reference to `osl::OslConfig::openingBook" and others
Marked as found in versions gpsshogi/0.7.0-1.
Bug #848345 [gpsshogi] [gpsshogi] 0.7.0 not installable due to dependency
Marked Bug as done
Marked as fixed in versions gpsshogi/0.6.0-3+nmu2.
Marked as found in versions gpsshogi/0.6.0-3+nmu1.
Added tag(s) sid.
Merged 795237 848345
> reopen 795237
Bug #795237 {Done: Sebastian Ramacher } [gpsshogi] 
gpsshogi FTBFS: "undefined reference to `osl::OslConfig::openingBook" and others
Bug #848345 {Done: Sebastian Ramacher } [gpsshogi] 
[gpsshogi] 0.7.0 not installable due to dependency
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions gpsshogi/0.6.0-3+nmu2.
No longer marked as fixed in versions gpsshogi/0.6.0-3+nmu2.
> fixed 795237 0.6.0-3+nmu2
Bug #795237 [gpsshogi] gpsshogi FTBFS: "undefined reference to 
`osl::OslConfig::openingBook" and others
Bug #848345 [gpsshogi] [gpsshogi] 0.7.0 not installable due to dependency
Marked as fixed in versions gpsshogi/0.6.0-3+nmu2.
Marked as fixed in versions gpsshogi/0.6.0-3+nmu2.
> found 795237 0.7.0
Bug #795237 [gpsshogi] gpsshogi FTBFS: "undefined reference to 
`osl::OslConfig::openingBook" and others
Bug #848345 [gpsshogi] [gpsshogi] 0.7.0 not installable due to dependency
There is no source info for the package 'gpsshogi' at version '0.7.0' with 
architecture ''
Unable to make a source version for version '0.7.0'
Marked as found in versions 0.7.0.
Marked as found in versions 0.7.0.
> found 811689 0.6.0-3+nmu1
Bug #811689 {Done: Daigo Moriwaki } [gpsshogi] FTBFS with GCC 
6: multiple errors
Marked as found in versions gpsshogi/0.6.0-3+nmu1.
> retitle 795237 hard codes dependency on library package libosl1
Bug #795237 [gpsshogi] gpsshogi FTBFS: "undefined reference to 
`osl::OslConfig::openingBook" and others
Bug #848345 [gpsshogi] [gpsshogi] 0.7.0 not installable due to dependency
Changed Bug title to 'hard codes dependency on library package libosl1' from 
'gpsshogi FTBFS: "undefined reference to `osl::OslConfig::openingBook" and 
others'.
Changed Bug title to 'hard codes dependency on library package libosl1' from 
'[gpsshogi] 0.7.0 not installable due to dependency'.
> --
Stopping processing here.

Please contact me if you need assistance.
-- 
795237: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795237
807204: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807204
811689: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811689
848345: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848345
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#856720: diaspora{, -installer}: fails to install: Errno::EEXIST: File exists @ dir_s_mkdir - /usr/share/diaspora/tmp

[Andreas Beckmann]

Followup-For: Bug #856720
Control: found -1 0.6.3.0+debian4

Hi,

and there we go again ...

[...]
  Precompiling assets...
  W, [2017-03-30T07:12:27.702004 #19736]  WARN -- : You are setting a key that 
conflicts with a built-in method OmniAuth::AuthHash::InfoHash#name defined at 
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/omniauth-1.3.1/lib/omniauth/auth_hash.rb:34.
 This can cause unexpected behavior when accessing the key via as a property. 
You can still access the key via the #[] method.
  Expected string default value for '--serializer'; got true (boolean)
  Rack::SSL is enabled
  rake aborted!
  Errno::EEXIST: File exists @ dir_s_mkdir - /usr/share/diaspora/tmp
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/cache/file_store.rb:25:in
 `[]='
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/caching.rb:34:in
 `cache_set'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/caching.rb:92:in
 `cache_set_hash'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/caching.rb:63:in
 `cache_asset'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/index.rb:93:in
 `build_asset'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/base.rb:287:in
 `find_asset'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/index.rb:61:in
 `find_asset'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/manifest.rb:211:in
 `block in find_asset'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/manifest.rb:257:in
 `benchmark'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/manifest.rb:210:in
 `find_asset'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/manifest.rb:119:in
 `block in compile'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/manifest.rb:118:in
 `each'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/sprockets/manifest.rb:118:in
 `compile'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-rails-2.3.3/lib/sprockets/rails/task.rb:70:in
 `block (3 levels) in define'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-2.12.4/lib/rake/sprocketstask.rb:146:in
 `with_logger'
  
/usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/sprockets-rails-2.3.3/lib/sprockets/rails/task.rb:69:in
 `block (2 levels) in define'
  /usr/share/diaspora/vendor/bundle/ruby/2.3.0/gems/rake-11.3.0/exe/rake:27:in 
`'
  Tasks: TOP => assets:precompile
  (See full trace by running task with --trace)
  dpkg: error processing package diaspora-installer (--configure):
   subprocess installed post-installation script returned error exit status 1
  Errors were encountered while processing:
   diaspora-installer


Andreas


diaspora-installer_0.6.3.0+debian4.log.gz
Description: application/gzip

Processed: Re: diaspora{, -installer}: fails to install: Errno::EEXIST: File exists @ dir_s_mkdir - /usr/share/diaspora/tmp

[Debian Bug Tracking System]

Processing control commands:

> found -1 0.6.3.0+debian4
Bug #856720 {Done: Pirate Praveen } [diaspora-installer] 
diaspora{, -installer}: fails to install: Errno::EEXIST: File exists @ 
dir_s_mkdir - /usr/share/diaspora/tmp
Marked as found in versions diaspora-installer/0.6.3.0+debian4 and reopened.

-- 
856720: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856720
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#858564: Test packages fixing samba regressions

[Mathieu Parent]

Hello all,

I've prepared samba packages fixing vfs_shadowcopy2 and "follow symlink = no".

Can you test and report? (I've tested simple cases with those two options only).

Those are, signed with my key, at: https://people.debian.org/~sathieu/samba/

Regards

-- 
Mathieu Parent

Bug#859150: installation-guide: leaves many /tmp/tmp* files behind

[Samuel Thibault]

Hello Holger,

Cyril Brulebois, on ven. 31 mars 2017 00:09:34 +0200, wrote:
> Maybe to ease hands-on debugging, dblatex is called with the -d flag,
> which tells it to leave temporary files behind. This ends up filling
> up dillon's /tmp (in addition to being rather bad style in the first
> place…).

Is -d really useful now that we have seen the whole thing working?

Alternatively,

>  - or set TMPDIR to a subdirectory of $tempdir, which gets automatically
>removed after a build.

would be fine to me, I'm just thinking that we perhaps just not need
these files at all now.

Samuel

Bug#858564: marked as pending

[Mathieu Parent]

tag 858564 pending
thanks

Hello,

Bug #858564 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

https://anonscm.debian.org/cgit/pkg-samba/samba.git/commit/?id=a88130d

---
commit a88130d25e6fddd56259044af3fb01057a39c652
Author: Mathieu Parent 
Date:   Thu Mar 30 22:15:47 2017 +0200

Release 2:4.2.14+dfsg-0+deb8u5

diff --git a/debian/changelog b/debian/changelog
index a7f1de5..57b2ce1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,29 @@
+samba (2:4.2.14+dfsg-0+deb8u5) jessie-security; urgency=high
+
+  * This is a security release in order to fix regressions from CVE-2017-2619
+  * Fix "follow symlink = no" (Closes: #858564)
+- s3: smbd: Fix incorrect logic exposed by fix for the security bug 12496
+  (CVE-2017-2619).
+- s3: smbd: Fix "follow symlink = no" regression part 2.
+- s3: smbd: Fix "follow symlink = no" regression part 2.
+  * Fix shadow_copy2 (Closes: #858648, #858590)
+- vfs_shadow_copy: handle non-existant files and wildcards
+- vfs_shadow_copy2: fix crash in 4.2.x backport
+- vfs_shadow_copy2: add a blackbox test suite
+- s3: libsmb: Correctly align create contexts in a create call.
+- s3: libsmb: Add return args to clistr_is_previous_version_path().
+- s3: libsmb: Add cli_smb2_shadow_copy_data() function that gets shadow 
copy
+  info over SMB2.
+- s3: libsmb: Plumb new SMB2 shadow copy call into cli_shadow_copy_data().
+- s3: libsmb: Add the capability to find a @GMT- path in an SMB2 create and
+  transform to a timewarp token.
+- s2-selftest: run shadow_copy2 test both in NT1 and SMB3 modes
+- selftest: add content to files created during shadow_copy2 test
+- selftest: check file readability in shadow_copy2 test
+- selftest: test listing directories inside snapshots
+
+ -- Mathieu Parent   Thu, 30 Mar 2017 22:15:40 +0200
+
 samba (2:4.2.14+dfsg-0+deb8u4) jessie-security; urgency=high
 
   * Non-maintainer upload by the Security Team.

Processed: Bug#858564 marked as pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 858564 pending
Bug #858564 [samba] Cannot access anything under a subdirectory if symlinks are 
disallowed
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
858564: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858564
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#859150: installation-guide: leaves many /tmp/tmp* files behind

[Cyril Brulebois]

Source: installation-guide
Severity: serious
Tags: patch
Justification: Fills up /tmp on dillon.debian.org

Hi,

Maybe to ease hands-on debugging, dblatex is called with the -d flag,
which tells it to leave temporary files behind. This ends up filling
up dillon's /tmp (in addition to being rather bad style in the first
place…).

Two possibilities:
 - remove the -d flag entirely (untested);
 - or set TMPDIR to a subdirectory of $tempdir, which gets automatically
   removed after a build.

The attached patch implements the second solution, but comments are
welcome.


KiBi.
Index: build/buildone.sh
===
--- build/buildone.sh	(revision 70645)
+++ build/buildone.sh	(working copy)
@@ -232,7 +232,8 @@
 
 echo "Info: creating .pdf file..."
 
-( dblatex -d -V -T db2latex -b xetex -p ./stylesheets/dblatex.xsl \
+mkdir -p $tempdir/dblatex
+(TMPDIR=$tempdir/dblatex dblatex -d -V -T db2latex -b xetex -p ./stylesheets/dblatex.xsl \
 -o $tempdir/install.${language}.pdf \
 $tempdir/install.${language}.profiled.xml --param=lingua=${language} )
 RET=$?; [ $RET -ne 0 ] && return $RET

Processed: Re: Bug#859143: kup: please update to v0.3.6 due changes on k.o

[Debian Bug Tracking System]

Processing control commands:

> severity -1 serious
Bug #859143 [kup] kup: please update to v0.3.6 due changes on k.o
Severity set to 'serious' from 'wishlist'

-- 
859143: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859143
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: clone a few bugs ossl 1.1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> user pkg-openssl-de...@lists.alioth.debian.org
Setting user to pkg-openssl-de...@lists.alioth.debian.org (was 
sebast...@breakpoint.cc).
> # linux-ftpd-ssl
> unarchive 828424
Bug #828424 {Done: Mats Erik Andersson } 
[src:linux-ftpd-ssl] linux-ftpd-ssl: FTBFS with openssl 1.1.0
Unarchived Bug 828424
> clone 828424 -5
Bug #828424 {Done: Mats Erik Andersson } 
[src:linux-ftpd-ssl] linux-ftpd-ssl: FTBFS with openssl 1.1.0
Bug 828424 cloned as bug 859145
827061 was blocked by: 828454 828596 828445 828453 828356 828581 828281 828311 
828499 828573 828235 828305 828303 850882 844904 828246 828531 828343 828393 
844907 828535 844920 854468 828615 828462 828404 828549 828267 828083 828298 
828415 828229 828482 828292 828240 854257 828320 846908 844347 828576 828301 
828440 828466 828585 828528 828412 828485 836419 828427 828405 844931 844945 
828428 844870 828558 828259 828358 837960 828347 828603 828521 828586 828319 
828279 828139 828304 828605 828600 828296 828437 828257 828380 844800 828233 
828527 828275 828340 828258 828577 828338 828574 828324 844213 828386 828563 
844311 828523 828533 835804 828479 844845 828362 828465 828580 844947 828355 
829465 828331 828373 850880 828252 828492 828127 845106 828265 828524 844926 
828476 845016 828272 828463 828314 828526 828552 828519 828543 828469 828567 
822380 828361 844906 828263 828494 828541 828438 828554 828348 835549 828470 
828509 828540 828352 828346 844254 828335 843988 828288 828532 828261 828583 
828507 828571 828262 828289 844301 855007 844706 828339 828357 828336 828082 
828294 828464 844949 828401 828285 828537 828260 844664 844909 844663 828232 
828318 828306 828444 828598 828439 828544 828400 828480 828508 828418 828333 
828594 844838 828234 828410 828584 828414 828313 828270 828411 835798 828239 
828375 828390 828547 828517 835799 828424 835789 828511 828403 835790 828458 
828286 844948 828230 828351 828550 828309 844366 828597 828315 828565 828536 
844503 828363 828388 845729 828241 828399 828587 828372 828496 828376 828555 
828608 828435 828607 828231 828602 828349 835785 828618 828510 828484 828244 
828595 828255 828397 828556 828468 828569 828548 828409 828575 828611 828457 
828264 828433 828609 828321 845030 828268 828613 835797 835800 828422 828420 
828430 828278 828432 828491 844928 828337 828369 828282 828277 828620 850883 
828256 828592 828503 828330 828378 828396 828456 828542 846113 828354 844234 
828515 828398 808669 828455 828406 828368 828248 828525 828545 828326 828601 
828387 828364 828291 844975 828302 828501 844833 828307 828290 828250 844018 
828614 828505 828271 828394 828322 828487 828514 828276 828610 844345 828474 
844836 828228 843871 828516 828473 828371 828495 828566 828284 828269 828561 
828619 828539 828350 828389 835585 844815 828518 835793 828379 828308 828434 
828553 844877 844936 828546 828442 828274 828416 828366 828559 828579 828402 
828568 828443 828472 828341 828431 828334 828238 828551 828370 828538 828582 
828506 828489 828381 844916 828599 828295 828588 843682 828448 828616 828617 
828342 835811 828534 844534 828500 841635 828606 828392 828407 828360 809271 
828564 828452 828297 828385 828530 828293 828384 828325 828345 828459 827068 
828421 828423 828328 828251 828323 828461 828589 814600 828317 828419 828562 
835786 828310 828287 828490 828512 828377 828243 828253 828467 835796 828429 
828502 828460 828359 843852 828591 828365 854253 828283 857199 828488 829452 
828254 828391 828497 828395 828417 828612 828249 828578 828570 828493 828426 
828478 828604 854470 828446 835794 828382 828383 844271 828529 850881 828344 
828590 828436 828374 828593 828504 828367 843532 828447 844951 828300 828280 
828316 828242 828450 846769 828237
827061 was not blocking any bugs.
Added blocking bug(s) of 827061: 859145
> archive 828424
Bug #828424 {Done: Mats Erik Andersson } 
[src:linux-ftpd-ssl] linux-ftpd-ssl: FTBFS with openssl 1.1.0
archived 828424 to archive/24 (from 828424)
> reopen -5
Bug #859145 {Done: Mats Erik Andersson } 
[src:linux-ftpd-ssl] linux-ftpd-ssl: FTBFS with openssl 1.1.0
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions linux-ftpd-ssl/0.17.36+0.3-1.
> retitle -5 linux-ftpd-ssl: Please migrate to openssl1.1 in buster
Bug #859145 [src:linux-ftpd-ssl] linux-ftpd-ssl: FTBFS with openssl 1.1.0
Changed Bug title to 'linux-ftpd-ssl: Please migrate to openssl1.1 in buster' 
from 'linux-ftpd-ssl: FTBFS with openssl 1.1.0'.
> unblock 827061 with -5
Bug #827061 [release.debian.org] transition: openssl
827061 was blocked by: 828427 828507 828575 828574 828285 828362 828127 828364 
844928 828363 828229 835798 828460 841635 828264 844311 828614 828235 844366 
828541 835796 828379 844838 828304 828604 828452 

Processed: libzorpll, properly clone the bug

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reopen 859055
Bug #859055 {Done: SZALAY Attila } [src:libzorpll] libzorpll 
must (build)depend on libssl1.0-dev
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions libzorpll/6.0.8.0-4.
> retitle 859055 libzorpll: Please migrate to openssl1.1 in buster
Bug #859055 [src:libzorpll] libzorpll must (build)depend on libssl1.0-dev
Changed Bug title to 'libzorpll: Please migrate to openssl1.1 in buster' from 
'libzorpll must (build)depend on libssl1.0-dev'.
> unblock 827061 with 859055
Bug #827061 [release.debian.org] transition: openssl
827061 was blocked by: 828364 828440 828617 828284 828306 828356 850880 828344 
828601 828374 845729 828531 828485 829452 828590 828549 828578 828246 828401 
828340 828319 828328 828580 828277 828554 828474 828495 828516 828316 828494 
828609 828541 828458 828620 828581 828276 828434 846908 843871 844926 828286 
828314 828536 828427 828283 828310 828390 828588 828373 828378 828604 828608 
828433 828260 835811 828497 828232 828584 828473 844931 828287 828585 844906 
828490 828311 828600 844907 828371 828363 828285 828235 828426 814600 828321 
828415 828589 835794 828464 844909 828262 828465 828320 844815 828410 828242 
844664 828392 828380 844366 844949 828591 828457 828381 828409 828294 828430 
828257 828480 828418 854253 828384 828437 844254 828508 828317 828268 828259 
828517 827068 828367 828526 828382 828269 828275 828359 828487 828521 835785 
828515 828528 854257 828336 828450 828254 828379 828400 828399 828561 828543 
843852 828438 828288 828345 828598 835800 828264 828302 828447 844271 828452 
828308 828407 828082 828376 850882 828570 828233 828454 808669 828468 828362 
828290 828479 828462 828377 828256 844920 828411 828301 828281 828229 828596 
844234 828610 828391 828423 828505 828615 828383 828506 828265 828348 828295 
828574 844301 828267 828318 828419 828453 828243 828330 828370 828270 828573 
843988 828338 844833 850881 828523 828435 828482 828614 828402 841635 828455 
828417 828350 828510 828405 828428 829465 828603 828279 828313 828544 828230 
828297 828083 828611 828575 835549 828296 828244 822380 828524 828258 828421 
828412 828504 828249 828239 828547 828385 828545 844663 844534 828535 828307 
844311 828472 828501 846113 828250 835796 828599 844706 828341 844838 828416 
837960 828563 828389 828507 857199 835585 835793 828568 828394 828502 828342 
828556 828527 828493 828280 828553 828271 828305 828325 828324 828292 828551 
828397 828361 828564 854468 828289 828241 843682 828240 844904 828491 828291 
828509 828576 828548 828583 828424 828443 828375 828251 828331 828366 828558 
828234 828478 828339 828606 828349 828231 828274 828351 844951 828594 828459 
828555 828511 828403 835790 828393 844800 828519 844836 828352 828613 828503 
828552 828619 828335 828579 828597 828587 828562 828577 828537 828127 828533 
828396 828463 828304 844928 828582 828298 828436 828354 828569 859055 828456 
828492 828540 828432 835798 828368 828395 828293 828237 845016 828565 844975 
828550 828448 828500 828315 828488 828467 828369 828139 828444 828525 828607 
828469 828347 828355 828261 828334 828431 828253 828429 828398 828343 855007 
828420 828546 828414 844845 844948 850883 828514 828238 845030 835789 828602 
844947 854470 828534 844916 843532 828518 828255 828512 828538 828466 828323 
828333 828530 828228 845106 828484 828476 828567 835786 828252 844870 828406 
828322 844936 828605 828439 828386 844018 828365 828445 828442 828559 828326 
835797 828592 828529 828248 828489 828612 828372 828446 844503 828461 828539 
809271 828496 828460 828404 844213 828470 828388 828387 846769 828357 828571 
828346 835799 844877 844945 828360 828532 828300 828593 828499 828309 828618 
828566 828337 828263 844345 835804 828616 828358 828282 828586 828278 828272 
828542 844347 828595 836419 828422 828303
827061 was not blocking any bugs.
Removed blocking bug(s) of 827061: 859055
> severity 859055 important
Bug #859055 [src:libzorpll] libzorpll: Please migrate to openssl1.1 in buster
Severity set to 'important' from 'serious'
> tags 859055 = sid buster
Bug #859055 [src:libzorpll] libzorpll: Please migrate to openssl1.1 in buster
Added tag(s) buster and sid; removed tag(s) patch.
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
827061: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827061
859055: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859055
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#855929: marked as done (mclibs: FTBFS: LOCB/LOCF: address 0x7f68e28cd740 exceeds the 32 bit address space or is not in the data segments)

[Debian Bug Tracking System]

Your message dated Thu, 30 Mar 2017 20:48:47 +
with message-id 
and subject line Bug#855929: fixed in mclibs 20061220+dfsg3-3.1
has caused the Debian Bug report #855929,
regarding mclibs: FTBFS: LOCB/LOCF: address 0x7f68e28cd740 exceeds the 32 bit 
address space or is not in the data segments
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
855929: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855929
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mclibs
Version: 20061220+dfsg3-3
Severity: serious
Tags: stretch sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170221 qa-ftbfs
Justification: FTBFS in stretch on amd64

Hi,

During a rebuild of all packages in stretch (in a stretch chroot, not a
sid chroot), your package failed to build on amd64.

Relevant part (hopefully):
> -L/<>/mclibs-20061220+dfsg3/lib -Wl,-static -leurodec -lpacklib 
> -lkernlib -Wl,-dy -lm -lnsl -lcrypt -ldl -lgfortran
> gfortran -g -o eudtest -O3 -D_FORTIFY_SOURCE=2 -fno-range-check 
> -fno-automatic -fno-second-underscore -fstack-protector 
> --param=ssp-buffer-size=4 -fno-automatic -Wl,-z,relro   
> -L/<>/mclibs-20061220+dfsg3/src/lib  main.o steerd.o steerf.o 
> testd.o testf.o   `cernlib eurodec packlib`  \
>  || rm -f eudtest
> rm -f eurodec.dat
> ln -s /<>/mclibs-20061220+dfsg3/build/mclibs/eurodec/eurodec.dat 
> eurodec.dat
> cp 
> /<>/mclibs-20061220+dfsg3/src/mclibs/eurodec/eudtest/eutitle.data 
> eutitle.dat
> Testing eurodec
>   ... using eudtest
> 
> LOCB/LOCF: address 0x7f68e28cd740 exceeds the 32 bit address space
> or is not in the data segments
> This may result in program crash or incorrect results
> Therefore we will stop here
> 
> Test result = 231
> Makefile:482: recipe for target 'test' failed

The full build log is available from:
   http://aws-logs.debian.net/2017/02/21/mclibs_20061220+dfsg3-3_testing.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: mclibs
Source-Version: 20061220+dfsg3-3.1

We believe that the bug you reported is fixed in the latest version of
mclibs, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 855...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Gilles Filippini  (supplier of updated mclibs package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 05 Mar 2017 22:14:26 +0100
Source: mclibs
Binary: cernlib-montecarlo libcojets2-dev libcojets2-gfortran libeurodec1-dev 
libeurodec1-gfortran libherwig59-2-dev libherwig59-2-gfortran 
libisajet758-3-dev libisajet758-3-gfortran libpdflib804-2-dev 
libpdflib804-2-gfortran libphotos202-1-gfortran libphotos202-dev 
libphtools2-dev libphtools2-gfortran montecarlo-base montecarlo-data
Architecture: source
Version: 20061220+dfsg3-3.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Gilles Filippini 
Description:
 cernlib-montecarlo - CERNLIB Monte Carlo libraries
 libcojets2-dev - [Physics] COJETS p-p and pbar-p interaction Monte Carlo
 libcojets2-gfortran - [Physics] COJETS p-p and pbar-p interaction Monte Carlo 
library
 libeurodec1-dev - [Physics] Monte Carlo library for quark / heavy lepton decays
 libeurodec1-gfortran - [Physics] Monte Carlo library for quark and heavy 
lepton decays
 libherwig59-2-dev - [Physics] Monte Carlo event generator for hadrons 
(development)
 libherwig59-2-gfortran - [Physics] Monte Carlo event generator simulating 
hadronic events
 libisajet758-3-dev - [Physics] Monte Carlo generator for proton/electron 
reactions
 libisajet758-3-gfortran - 

Bug#859101: [Pkg-samba-maint] Bug#859101: regression: net: security update makes `net ads join` freeze when run a second time

[Mathieu Parent]

Hi,

2017-03-30 13:12 GMT+02:00 Paul Wise :
> Control: fixed -1 2:4.5.6+dfsg-1
>
> On Thu, 2017-03-30 at 18:30 +0800, Paul Wise wrote:
>
>> I've confirmed that the freeze does not happen on samba 4.1 using
>> snapshot.d.o. The issue still occurs with 2:4.2.14+dfsg-0+deb8u4.
>
> I've confirmed this issue does not happen with stretch 2:4.5.6+dfsg-1

Can you try this patch:
https://git.samba.org/?p=samba.git;a=commitdiff;h=38beef2ff63664d7d5805f1032bb9f69d0b965d7

(first released in 4.3.0)

Regards

-- 
Mathieu Parent

Bug#856626: Pending fixes for bugs in the lucene-solr package

[pkg-java-maintainers]

tag 856626 + pending
thanks

Some bugs in the lucene-solr package are closed in revision
02a1b0e68a97c67864d7747e045233c2b33a1560 in branch 'master' by Markus
Koschany

The full diff can be seen at
https://anonscm.debian.org/cgit/pkg-java/lucene-solr.git/commit/?id=02a1b0e

Commit message:

Remove obsolete Resources className directive as it does not work with 
Tomcat8.

Closes: #856626
Thanks: Matthias Liertzer for the report.

Processed: Pending fixes for bugs in the lucene-solr package

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 856626 + pending
Bug #856626 {Done: Markus Koschany } [solr-tomcat] 
solr-tomcat: fails to start
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
856626: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856626
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#858872: marked as done (eject: CVE-2017-6964: dmcrypt-get-device does not check the return values of setuid() or setgid())

[Debian Bug Tracking System]

Your message dated Thu, 30 Mar 2017 19:47:08 +
with message-id 
and subject line Bug#858872: fixed in eject 2.1.5+deb1+cvs20081104-13.1+deb8u1
has caused the Debian Bug report #858872,
regarding eject: CVE-2017-6964: dmcrypt-get-device does not check the return 
values of setuid() or setgid()
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
858872: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858872
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: eject
Version: 2.1.5+deb1+cvs20081104-13
Severity: grave
Tags: patch security

Hi,

the following vulnerability was published for eject.

CVE-2017-6964[0]:
| dmcrypt-get-device, as shipped in the eject package of Debian and
| Ubuntu, does not check the return value of the (1) setuid or (2) setgid
| function, which might cause dmcrypt-get-device to execute code, which
| was intended to run as an unprivileged user, as root. This affects
| eject through 2.1.5+deb1+cvs20081104-13.1 on Debian, eject before
| 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1 on Ubuntu 16.10, eject
| before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1 on Ubuntu 16.04 LTS,
| eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1 on Ubuntu 14.04
| LTS, and eject before 2.1.5+deb1+cvs20081104-9ubuntu0.1 on Ubuntu 12.04
| LTS.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-6964
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6964

I prepared an update for sid, which I will attack as debdiff here as
soon I have the bug number.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: eject
Source-Version: 2.1.5+deb1+cvs20081104-13.1+deb8u1

We believe that the bug you reported is fixed in the latest version of
eject, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 858...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated eject package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 28 Mar 2017 06:58:03 +0200
Source: eject
Binary: eject eject-udeb
Architecture: source
Version: 2.1.5+deb1+cvs20081104-13.1+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Frank Lichtenheld 
Changed-By: Salvatore Bonaccorso 
Closes: 858872
Description: 
 eject  - ejects CDs and operates CD-Changers under Linux
 eject-udeb - ejects CDs from d-i menu (udeb)
Changes:
 eject (2.1.5+deb1+cvs20081104-13.1+deb8u1) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2017-6964: Check the return values when dropping privileges
 (Closes: #858872)
Package-Type: udeb
Checksums-Sha1: 
 721f5bec97aaa0047ac59d4ea58756ac79598208 2264 
eject_2.1.5+deb1+cvs20081104-13.1+deb8u1.dsc
 02d4ee28eca087d4dada24d31cb3db97de7438f0 120658 
eject_2.1.5+deb1+cvs20081104.orig.tar.gz
 d18466ffcfd954cbe883e89f1b449c5d3355de78 140573 
eject_2.1.5+deb1+cvs20081104-13.1+deb8u1.diff.gz
Checksums-Sha256: 
 de29507139b05a0d705b7d7432eb231ca29470726b62925db9cdb1091df5e231 2264 
eject_2.1.5+deb1+cvs20081104-13.1+deb8u1.dsc
 f5c457b92d7bfc20924ebdc8515661222b40e036eae6e2fada4220d47884e9c1 120658 
eject_2.1.5+deb1+cvs20081104.orig.tar.gz
 0085e7a025b27bf4e6585fd297bd245941dbd67c2c30899e3f19833e4d61ad55 140573 
eject_2.1.5+deb1+cvs20081104-13.1+deb8u1.diff.gz
Files: 
 4a30de258f017cf5ceac9d9e9fb48a54 2264 utils optional 
eject_2.1.5+deb1+cvs20081104-13.1+deb8u1.dsc
 20c77cab9012d3961243e39b3af87562 120658 utils optional 
eject_2.1.5+deb1+cvs20081104.orig.tar.gz
 11dfa1d2ebfb16d9d7554964e734f706 140573 utils optional 
eject_2.1.5+deb1+cvs20081104-13.1+deb8u1.diff.gz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAljZ7xVfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EzBIP/3JEWC/j6prRgku5ciAjZTWtkVrpRVU4

Bug#856626: marked as done (solr-tomcat: fails to start)

[Debian Bug Tracking System]

Your message dated Thu, 30 Mar 2017 19:03:59 +
with message-id 
and subject line Bug#856626: fixed in lucene-solr 3.6.2+dfsg-10
has caused the Debian Bug report #856626,
regarding solr-tomcat: fails to start
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
856626: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856626
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: solr-tomcat
Version: 3.6.2+dfsg-9
Severity: grave
Justification: renders package unusable

solr doesn't start with the following error message(s) in the log

03-Mar-2017 00:04:42.268 SEVERE [localhost-startStop-1]
org.apache.tomcat.util.digester.Digester.startElement Begin event threw 
exception
 java.lang.ClassNotFoundException:
 org.apache.naming.resources.FileDirContext
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at 
org.apache.tomcat.util.digester.ObjectCreateRule.begin(ObjectCreateRule.java:116)
at org.apache.tomcat.util.digester.Digester.startElement(Digester.java:1190)
at 
com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.startElement(AbstractSAXParser.java:509)
at 
com.sun.org.apache.xerces.internal.parsers.AbstractXMLDocumentParser.emptyElement(AbstractXMLDocumentParser.java:182)
at 
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(XMLDocumentFragmentScannerImpl.java:1339)
at 
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2784)
at 
com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:602)
at 
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:505)
at 
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:841)
at 
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:770)
at 
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
at 
com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1213)
at 
com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:643)
at org.apache.tomcat.util.digester.Digester.parse(Digester.java:1458)
at 
org.apache.catalina.startup.ContextConfig.processContextConfig(ContextConfig.java:537)
at 
org.apache.catalina.startup.ContextConfig.contextConfig(ContextConfig.java:494)
at org.apache.catalina.startup.ContextConfig.init(ContextConfig.java:738)
at 
org.apache.catalina.startup.ContextConfig.lifecycleEvent(ContextConfig.java:310)
at 
org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:94)
at 
org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:395)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:108)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:140)
at 
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:752)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:728)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734)
at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:596)
at 
org.apache.catalina.startup.HostConfig$DeployDescriptor.run(HostConfig.java:1805)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)

Best regards


-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages solr-tomcat depends on:
ii  solr-common  3.6.2+dfsg-9
ii  tomcat8  8.5.11-1

solr-tomcat recommends no packages.

solr-tomcat suggests no packages.

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: lucene-solr
Source-Version: 3.6.2+dfsg-10

We believe that the bug you reported is fixed in the latest version of
lucene-solr, which is due to be installed in the Debian 

Processed: reassign bug 858553 to fp-utils: Package lazarus-doc-1.6 is empty and does not ship documentation files

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 858553 fp-utils-3.0.0
Bug #858553 [lazarus-doc-1.6] [lazarus-doc-1.6] Package lazarus-doc-1.6 is 
empty and does not ship documentation files
Bug reassigned from package 'lazarus-doc-1.6' to 'fp-utils-3.0.0'.
No longer marked as found in versions lazarus/1.6.2+dfsg-1.
Ignoring request to alter fixed versions of bug #858553 to the same values 
previously set
> retitle 858553 fpdoc fails to convert lazarus documentation but no error
Bug #858553 [fp-utils-3.0.0] [lazarus-doc-1.6] Package lazarus-doc-1.6 is empty 
and does not ship documentation files
Changed Bug title to 'fpdoc fails to convert lazarus documentation but no 
error' from '[lazarus-doc-1.6] Package lazarus-doc-1.6 is empty and does not 
ship documentation files'.
> affects 858553 lazarus-doc-1.6
Bug #858553 [fp-utils-3.0.0] fpdoc fails to convert lazarus documentation but 
no error
Added indication that 858553 affects lazarus-doc-1.6
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
858553: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858553
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#856117: marked as done (tnef: CVE-2017-6307 CVE-2017-6308 CVE-2017-6309 CVE-2017-6310)

[Debian Bug Tracking System]

Your message dated Thu, 30 Mar 2017 18:23:42 +
with message-id 
and subject line Bug#856117: fixed in tnef 1.4.12-1.1
has caused the Debian Bug report #856117,
regarding tnef: CVE-2017-6307 CVE-2017-6308 CVE-2017-6309 CVE-2017-6310
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
856117: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856117
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: tnef
Version: 1.4.9-1
Severity: grave
Tags: security upstream fixed-upstream

Hi,

the following vulnerabilities were published for tnef.

CVE-2017-6307[0]:
| An issue was discovered in tnef before 1.4.13. Two OOB Writes have been
| identified in src/mapi_attr.c:mapi_attr_read(). These might lead to
| invalid read and write operations, controlled by an attacker.

CVE-2017-6308[1]:
| An issue was discovered in tnef before 1.4.13. Several Integer
| Overflows, which can lead to Heap Overflows, have been identified in
| the functions that wrap memory allocation.

CVE-2017-6309[2]:
| An issue was discovered in tnef before 1.4.13. Two type confusions have
| been identified in the parse_file() function. These might lead to
| invalid read and write operations, controlled by an attacker.

CVE-2017-6310[3]:
| An issue was discovered in tnef before 1.4.13. Four type confusions
| have been identified in the file_add_mapi_attrs() function. These might
| lead to invalid read and write operations, controlled by an attacker.

All of those fixed in 1.4.13.

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-6307
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6307
[1] https://security-tracker.debian.org/tracker/CVE-2017-6308
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6308
[2] https://security-tracker.debian.org/tracker/CVE-2017-6309
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6309
[3] https://security-tracker.debian.org/tracker/CVE-2017-6310
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6310

Regards,
Salvatore


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: tnef
Source-Version: 1.4.12-1.1

We believe that the bug you reported is fixed in the latest version of
tnef, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 856...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thorsten Alteholz  (supplier of updated tnef package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 29 Mar 2017 19:03:02 +0200
Source: tnef
Binary: tnef
Architecture: source amd64
Version: 1.4.12-1.1
Distribution: sid
Urgency: medium
Maintainer: Kevin Coyner 
Changed-By: Thorsten Alteholz 
Description:
 tnef   - Tool to unpack MIME application/ms-tnef attachments
Closes: 856117 857342
Changes:
 tnef (1.4.12-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload by the Wheezy LTS Team. (Closes: #856117)
   * while fixing the CVEs, upstream introduced a regression
 fix-regression-1.patch and fix-regression-2.patch take care of
 that (Closes: #857342)
   * CVE-2017-6307
 An issue was discovered in tnef before 1.4.13. Two OOB Writes have
 been identified in src/mapi_attr.c:mapi_attr_read(). These might
 lead to invalid read and write operations, controlled by an attacker.
   * CVE-2017-6308
 An issue was discovered in tnef before 1.4.13. Several Integer
 Overflows, which can lead to Heap Overflows, have been identified
 in the functions that wrap memory allocation.
   * CVE-2017-6309
 An issue was discovered in tnef before 1.4.13. Two type confusions

Bug#834686: ruby-httpclient: diff for NMU version 2.7.1-1.1

[Paul Gevers]

Hi Antonio,

On 03/30/17 14:40, Antonio Terceiro wrote:
> Are you also going to request the unblock, or do you want me to do it?

I'll do that now (after checking it isn't there yet).

Paul



signature.asc
Description: OpenPGP digital signature

Bug#859128: libthrift-perl: installs Thrift.pm outside of perl's @INC paths

[Paul Wise]

Package: libthrift-perl
Version: 0.9.3-2
Severity: serious
Justification: broken

libthrift-perl installs Thrift.pm into /usr/lib/perl5/ but perl's @INC
paths do not include that directory, so the module cannot be imported
by default. This means the package is broken by default.

pabs@chianamo ~ $ dpkg -L libthrift-perl | grep Thrift.pm
/usr/lib/perl5/Thrift.pm

pabs@chianamo ~ $ perl -e 'use Thrift;'
Can't locate Thrift.pm in @INC (you may need to install the Thrift module) 
(@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.24.1 
/usr/local/share/perl/5.24.1 /usr/lib/x86_64-linux-gnu/perl5/5.24 
/usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.24 /usr/share/perl/5.24 
/usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at -e line 1.
BEGIN failed--compilation aborted at -e line 1.

-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (900, 'testing-debug'), (900, 'testing'), (860, 
'testing-proposed-updates'), (800, 'unstable-debug'), (800, 'unstable'), (790, 
'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690, 
'buildd-experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Processed: Re: Bug#859111: ariba: FTBFS: FAIL: Test run_bowtie2 unsorted

[Debian Bug Tracking System]

Processing control commands:

> found -1 2.6.1+ds-1
Bug #859111 [src:ariba] ariba: FTBFS: FAIL: Test run_bowtie2 unsorted
Marked as found in versions ariba/2.6.1+ds-1.
> retitle -1 ariba FTBFS with bowtie2 2.3.1-1
Bug #859111 [src:ariba] ariba: FTBFS: FAIL: Test run_bowtie2 unsorted
Changed Bug title to 'ariba FTBFS with bowtie2 2.3.1-1' from 'ariba: FTBFS: 
FAIL: Test run_bowtie2 unsorted'.
> tags -1 sid
Bug #859111 [src:ariba] ariba FTBFS with bowtie2 2.3.1-1
Added tag(s) sid.

-- 
859111: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859111
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#859111: ariba: FTBFS: FAIL: Test run_bowtie2 unsorted

[Adrian Bunk]

Control: found -1 2.6.1+ds-1
Control: retitle -1 ariba FTBFS with bowtie2 2.3.1-1
Control: tags -1 sid

On Thu, Mar 30, 2017 at 01:46:26PM +0100, Chris Lamb wrote:
> Source: ariba
> Version: 2.7.1+ds-1
>...
>   ==
>   FAIL: Test run_bowtie2 unsorted
>   --
>...

This is actually not related to the ariba version but to the bowtie2 version,
ariba 2.6.1+ds-1 in stretch builds with the stretch bowtie2 2.3.0-2 but 
FTBFS with the sid bowtie2 2.3.1-1

The Debian Med team should know better which of the packages need fixing.

I am tagging this bug "sid" since bowtie2 2.3.1-1 is anyway not supposed 
to ever enter stretch, so there seems to be nothing that needs fixing 
for stretch.

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#858920: marked as done (neurodebian-desktop: Trigger cycle via interest(-await) on /usr/share/icons/gnome while depending (in)directly on gnome-icon-theme - please use interest-noawait)

[Debian Bug Tracking System]

Your message dated Thu, 30 Mar 2017 15:05:25 +
with message-id 
and subject line Bug#858920: fixed in neurodebian 0.37.6
has caused the Debian Bug report #858920,
regarding neurodebian-desktop: Trigger cycle via interest(-await) on 
/usr/share/icons/gnome while depending (in)directly on gnome-icon-theme - 
please use interest-noawait
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
858920: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858920
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: neurodebian-desktop
Version: 0.37.5
Severity: serious


The neurodebian-desktop package declares an "interest(-await)" trigger
on /usr/share/icons/gnome.  At the same time, it depends on
gnome-icon-theme, which provides files in /usr/share/icons/gnome,
triggering said interest trigger.

From: 
https://jenkins.debian.net/job/dpkg_sid_find_trigger_cycles/339/consoleFull

"""
The cycle is created because when gnome-icon-theme is put into the
triggers-awaited state (because it triggers neurodebian-desktop), then
it cannot satisfy dependencies until it leaves that state. But:

 - for gnome-icon-theme to leave the triggers-awaited state, the
   trigger has to be resolved by neurodebian-desktop, which cannot
   happen unless neurodebian-desktop gets configured

 - to configure neurodebian-desktop, its dependency on
   gnome-icon-theme has to be resolved which cannot happen unless
   gnome-icon-theme leaves the triggers-awaited state

This creates the cycle if the packages are installed in a certain order.
"""


If at all possible, please migrate to an "interest-noawait" trigger.
This permits dpkg to defer the trigger to whenever it is convenient in
the install/upgrade process and is often a much better choice.

AFAICT, neurodebian-desktop does not appear to be a package where
deferring the trigger would cause major issues (since it is "only"
updating a cache).

Thanks,
~Niels
--- End Message ---
--- Begin Message ---
Source: neurodebian
Source-Version: 0.37.6

We believe that the bug you reported is fixed in the latest version of
neurodebian, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 858...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Yaroslav Halchenko  (supplier of updated neurodebian 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 28 Mar 2017 13:53:19 -0400
Source: neurodebian
Binary: neurodebian neurodebian-dev neurodebian-desktop 
neurodebian-archive-keyring neurodebian-popularity-contest
Architecture: source all
Version: 0.37.6
Distribution: unstable
Urgency: medium
Maintainer: NeuroDebian Team 
Changed-By: Yaroslav Halchenko 
Description:
 neurodebian - neuroscience-oriented distribution - repository configuration
 neurodebian-archive-keyring - neuroscience-oriented distribution - GnuPG 
archive keys
 neurodebian-desktop - neuroscience-oriented distribution - desktop integration
 neurodebian-dev - neuroscience-oriented distribution - development tools
 neurodebian-popularity-contest - neuroscience-oriented distribution - popcon 
integration
Closes: 858920
Changes:
 neurodebian (0.37.6) unstable; urgency=medium
 .
   * Switch to use interest-noawait for neurodebian-desktop.trigger
 to avoid a circular deadlock (Closes: #858920)
Checksums-Sha1:
 6fb59475f8787ca92333064f3514b24602922346 2072 neurodebian_0.37.6.dsc
 6b9ee2daadccc2ba8a8026156b9d4c198973670e 8316008 neurodebian_0.37.6.tar.xz
 f59516fc8396dc3eaa0acdccd32516df207fcd93 10292 
neurodebian-archive-keyring_0.37.6_all.deb
 238745cbb2f8112f187c2b787520e042a39fd283 116262 
neurodebian-desktop_0.37.6_all.deb
 8ed110116e018f9484964b5747bc3f3468702bb6 32702 neurodebian-dev_0.37.6_all.deb
 e42828a6b8addaae7ac8a31dae89954b1651012d 12306 
neurodebian-popularity-contest_0.37.6_all.deb
 f5fd1df3a64749daac838502ddae75e6d9ff789a 34466 neurodebian_0.37.6_all.deb
 a627ce83a35ef2f1739aadb0a68f23db2a160576 9571 
neurodebian_0.37.6_amd64.buildinfo
Checksums-Sha256:
 7739d5b3ed8f5239942c56701ec206744c66e9bcab83416d0e8bdac72ee95b69 

Bug#859107: Another variant

[Ole Streicher]

Since the BrowserLauncher is just a fallback, we can just remove it.
This is done in the attached patch.

Cheers

Ole
diff -Nru jmodeltest-2.1.10+dfsg/debian/changelog jmodeltest-2.1.10+dfsg/debian/changelog
--- jmodeltest-2.1.10+dfsg/debian/changelog	2016-08-17 15:43:53.0 +0200
+++ jmodeltest-2.1.10+dfsg/debian/changelog	2017-03-30 16:33:57.0 +0200
@@ -1,3 +1,10 @@
+jmodeltest (2.1.10+dfsg-3.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Remove BrowserLauncher dependency. Closes: #859107
+
+ -- Ole Streicher   Thu, 30 Mar 2017 16:33:57 +0200
+
 jmodeltest (2.1.10+dfsg-3) unstable; urgency=medium
 
   * Add missing command line arguments to wrapper
diff -Nru jmodeltest-2.1.10+dfsg/debian/patches/remove_BrowserLauncher_reference.patch jmodeltest-2.1.10+dfsg/debian/patches/remove_BrowserLauncher_reference.patch
--- jmodeltest-2.1.10+dfsg/debian/patches/remove_BrowserLauncher_reference.patch	1970-01-01 01:00:00.0 +0100
+++ jmodeltest-2.1.10+dfsg/debian/patches/remove_BrowserLauncher_reference.patch	2017-03-30 16:33:57.0 +0200
@@ -0,0 +1,53 @@
+Author: Ole Streicher 
+Description: Remove BrowserLauncher references.
+
+They were just a fallback if java.awt.Desktop.getDesktop() is not available.
+
+--- a/src/main/java/es/uvigo/darwin/jmodeltest/gui/FrameMain.java
 b/src/main/java/es/uvigo/darwin/jmodeltest/gui/FrameMain.java
+@@ -56,7 +56,6 @@
+ import javax.swing.text.DefaultCaret;
+ 
+ import pal.tree.Tree;
+-import edu.stanford.ejalbert.BrowserLauncher;
+ import es.uvigo.darwin.jmodeltest.ModelTest;
+ import es.uvigo.darwin.jmodeltest.ModelTestConfiguration;
+ import es.uvigo.darwin.jmodeltest.ModelTestService;
+@@ -1096,9 +1095,6 @@
+ Desktop desktop = Desktop.getDesktop();
+ URI wikiURI = new URI(ModelTest.WIKI);
+ desktop.browse(wikiURI);
+-			} else {
+-BrowserLauncher launcher = new BrowserLauncher();
+-launcher.openURLinBrowser(ModelTest.WIKI);
+ 			}
+ 		} catch (Exception f) {
+ 			JOptionPane.showMessageDialog(new JFrame(), f.getMessage(),
+@@ -1113,9 +1109,6 @@
+ Desktop desktop = Desktop.getDesktop();
+ URI groupURI = new URI(ModelTest.DISCUSSION_GROUP);
+ desktop.browse(groupURI);
+-			} else {
+-BrowserLauncher launcher = new BrowserLauncher();
+-launcher.openURLinBrowser(ModelTest.DISCUSSION_GROUP);
+ 			}
+ 		} catch (Exception f) {
+ 			JOptionPane.showMessageDialog(new JFrame(), f.getMessage(),
+@@ -1129,9 +1122,6 @@
+ Desktop desktop = Desktop.getDesktop();
+ URI jModelTestURI = new URI(ModelTest.URL);
+ desktop.browse(jModelTestURI);
+-			} else {
+-BrowserLauncher launcher = new BrowserLauncher();
+-launcher.openURLinBrowser(ModelTest.URL);
+ 			}
+ 		} catch (Exception f) {
+ 			JOptionPane.showMessageDialog(new JFrame(), f.getMessage(),
+@@ -1145,7 +1135,6 @@
+ 			credits += "Alignment conversion with ALTER by Daniel Glez-Pena et al.\n";
+ 			credits += "Phylogenetic trees management with PAL: Phylogenetic Analysis Library by A. Drummond and K. Strimmer\n";
+ 			credits += "Table utilities by Philip Milne\n";
+-			credits += "BrowserLauncher by Eric Albert and Jeff Chapman\n";
+ 
+ 			JOptionPane.showMessageDialog(new JFrame(), credits,
+ 	"jModelTest - CREDITS", JOptionPane.INFORMATION_MESSAGE,
diff -Nru jmodeltest-2.1.10+dfsg/debian/patches/series jmodeltest-2.1.10+dfsg/debian/patches/series
--- jmodeltest-2.1.10+dfsg/debian/patches/series	2016-08-17 15:43:53.0 +0200
+++ jmodeltest-2.1.10+dfsg/debian/patches/series	2017-03-30 16:33:57.0 +0200
@@ -2,3 +2,4 @@
 do_not_chmod_anything_in_usr_bin.patch
 adapt_config.patch
 replace_natbib_bst_by_plainnat.patch
+remove_BrowserLauncher_reference.patch

Bug#850216: [debian-mysql] Bug#850216: Bug#850216: mysql-server-5.6: Listens on * by default after installation (related to use of alternatives)

[Robie Basak]

Hi Otto,

On Fri, Mar 10, 2017 at 05:09:42PM +0200, Otto Kekäläinen wrote:
> I wonder if this really is how update-alternatives should be used and
> is really adding conflicts between all packages that use it the smart
> way to utilize the flexibility the update-alternatives scheme should
> provide.

My original logic was as follows:

Some clients may use libmysqlclient from MySQL, and some from MariaDB.
The "mysql" CLI is just another client for this purpose. Clients are
configured from /etc/mysql/my.cnf, and so ideally both MySQL and MariaDB
client libraries can work concurrently. My understanding was that some
minimal client configuration is relevant to install by default, but this
default could be shared by both MySQL and MariaDB. So this can be
shipped by mysql-common, and be active when only clients (no servers)
are in use.

We already expect that the MySQL and MariaDB server daemons cannot both
be active concurrently on the same system - if nothing else but for
grabbing the default port. This can of course be expressed with a simple
Conflicts, or with a more complicated virtual package Provides/Conflicts
(but that's not the question being discussed here).

MySQL and MariaDB diverge in their configuration needs far more when
using their server daemons, but they still expect to share this
configuration with clients in /etc/mysql/my.cnf.

Therefore, we end up in a situation where:

1) When only clients are installed, /etc/mysql/my.cnf can be shared
between clients of both variants, which works well as we do want to be
able to support this.

2) When a daemon is installed, /etc/mysql/my.cnf must specialise to the
variant that is used.

So, it made sense to me that /etc/mysql/my.cnf should be a symlink,
managed by mysql-common for the common client case, but overridable by a
variant-specific daemon package when a daemon is installed.

If the above statements are still true, then I think using
update-alternatives is still the best way to manage this, because it
provides the convenient mechanism for a daemon to be able to override
the default client configuration provided by mysql-common.

I'm not sure that all of this is still true though, as things between
the forks diverge, particularly in MariaDB. I was surprised to learn
that MariaDB clients need their own customised configurations, for
example, and can no longer use a shared configuration shipped by
the mysql-common package. Perhaps then they should be using
/etc/mysql/mariadb.cnf or something instead, though. Could you perhaps
elaborate on the need for this so we can review whether the
update-alternatives mechanism will still work for us?

If on the other hand there are no further complications, I think the
only thing we need to do is make sure that multiple specialised
/etc/mysql/my.cnf paths are not attempted to be provided at once, and
the problem is solved. The natural way to do this is with Conflicts,
regardless of whether we use update-alternatives or some other
mechanism. Even if we were to drop the use of update-alternatives, I
think we would still need the Conflicts that I'm suggesting. I think
this demonstrates that Conflicts as I've proposed is the correct answer
in this case.

Robie


signature.asc
Description: PGP signature

Bug#859005: Bug#859001: Let's remove BrowserLauncher from Stretch

[Emmanuel Bourg]

Le 30/03/2017 à 14:21, Ole Streicher a écrit :

> IMO that makes the BrowserLauncher package *really* obsolete here.

I agree, BrowserLauncher was interesting before Java 6, but the Desktop
API is good enough for most usages now.

Emmanuel Bourg

Bug#859111: ariba: FTBFS: FAIL: Test run_bowtie2 unsorted

[Chris Lamb]

Source: ariba
Version: 2.7.1+ds-1
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Dear Maintainer,

ariba fails to build from source in unstable/amd64:

  […]

  ==
  FAIL: Test run_bowtie2 unsorted
  --
  Traceback (most recent call last):
File "«BUILDDIR»/ariba/tests/mapping_test.py", line 61, in test_run_bowtie2
  self.assertListEqual(expected, got)
  AssertionError: Lists differ: [('1', 99, 'ref', 0, [(4, 5), (0, 20)], 
'AGCCCTC[857 chars]AT')] != [('1', 153, 'ref', 30, [(0, 25)], 
'AGGATACAGATCT[794 chars]AT')]
  
  First differing element 0:
  ('1', 99, 'ref', 0, [(4, 5), (0, 20)], 'AGCCCTCCACAGGATGGTGGTATAC')
  ('1', 153, 'ref', 30, [(0, 25)], 'AGGATACAGATCTTGTGGGAAAGGT')
  
  - [('1', 99, 'ref', 0, [(4, 5), (0, 20)], 'AGCCCTCCACAGGATGGTGGTATAC'),
  -  ('1', 147, 'ref', 30, [(0, 25)], 'AGGATACAGATCTTGTGGGAAAGGT'),
  ? ^   ^^
  
  + [('1', 153, 'ref', 30, [(0, 25)], 'AGGATACAGATCTTGTGGGAAAGGT'),
  ? ^   ^^
  
  +  ('1', 69, None, 30, [], 'AGCCCTCCACAGGATGGTGGTATAC'),
  -  ('2', 99, 'ref', 124, [(0, 25)], 'TAATGTTCTTAGGGCTTACCATAGA'),
  ?^^
  
  +  ('2', 73, 'ref', 124, [(0, 25)], 'TAATGTTCTTAGGGCTTACCATAGA'),
  ?^^
  
  -  ('2', 147, 'ref', 170, [(0, 20), (4, 5)], 'TCCACCTTAGCTAAGCGCAGACTCG'),
  +  ('2', 133, None, 124, [], 'CGAGTCTGCGCTTAGCTAAGGTGGA'),
 ('3', 73, 'ref', 86, [(0, 25)], 'TCGGGTCTGTACAAGGACGGATGGT'),
 ('3', 133, None, 86, [], 'CGTACTGACTGACTGACGTACTGCA'),
 ('4', 99, 'ref', 55, [(0, 25)], 'CCGCCGGGAAGTCCTTCTGTCGTGC'),
 ('4', 147, 'ref', 136, [(0, 25)], 'GGCTTACCATAGAGGTACACT'),
  -  ('5', 99, 'ref', 0, [(4, 2), (0, 23)], 'CCTCCACAGGATGGTGGTATACCTG'),
  ?^^  ^^ --  ^   ---
  
  +  ('5', 77, None, -1, [], 'CCTCCACAGGATGGTGGTATACCTG'),
  ?^^  ^^^   ^^
  
  -  ('5', 147, 'ref', 166, [(0, 24), (4, 1)], 'TTCATCCACCTTAGCTAAGCGCAGA'),
  +  ('5', 141, None, -1, [], 'TCTGCGCTTAGCTAAGGTGGATGAA'),
 ('6', 77, None, -1, [], 'CAGTTGCATGACGTCATGCAGTCAT'),
 ('6', 141, None, -1, [], 'AATGAGTATGATGAGTAATGGTATG'),
 ('7', 99, 'ref', 56, [(4, 1), (0, 23), (4, 1)], 
'ACGCCGGGAAGTCCTTCTGTCGTGT'),
 ('7', 147, 'ref', 136, [(0, 24), (4, 1)], 'GGCTTACCATAGAGGTACACTAAAT')]
  
  ==
  FAIL: Test run_bowtie2 sorted
  --
  Traceback (most recent call last):
File "«BUILDDIR»/ariba/tests/mapping_test.py", line 102, in 
test_run_bowtie2_and_sort
  self.assertListEqual(expected, got)
  AssertionError: Lists differ: [('1', 99, 'ref', 0, [(4, 5), (0, 20)], 
'AGCCCTC[857 chars]TG')] != [('1', 69, None, 30, [], 
'AGCCCTCCACAGGATGGTGGTA[794 chars]TG')]
  
  First differing element 0:
  ('1', 99, 'ref', 0, [(4, 5), (0, 20)], 'AGCCCTCCACAGGATGGTGGTATAC')
  ('1', 69, None, 30, [], 'AGCCCTCCACAGGATGGTGGTATAC')
  
  Diff is 1432 characters long. Set self.maxDiff to None to see it.
  
  --
  Ran 317 tests in 59.987s
  
  FAILED (failures=2)
  debian/rules:23: recipe for target 'override_dh_auto_test' failed
  make[1]: *** [override_dh_auto_test] Error 1
  make[1]: Leaving directory '«BUILDDIR»'
  debian/rules:10: recipe for target 'build' failed
  make: *** [build] Error 2
  dpkg-buildpackage: error: debian/rules build gave error exit status 2

  […]

The full build log is attached.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-


ariba.2.7.1+ds-1.unstable.amd64.log.txt.gz
Description: Binary data

Bug#834686: ruby-httpclient: diff for NMU version 2.7.1-1.1

[Antonio Terceiro]

On Wed, Mar 29, 2017 at 10:08:11PM +0200, Paul Gevers wrote:
> Control: tags 834686 + patch
> 
> Dear maintainer,
> 
> I've prepared an NMU for ruby-httpclient (versioned as 2.7.1-1.1). The
> diff is below (sorry for in-line, nmudiff failed to work properly for me).
> 
> Due to the nature of the bug and the current freeze, I'll upload after
> sending this e-mail.

Thanks! I have imported your .dsc on top of the git repository.

Are you also going to request the unblock, or do you want me to do it?


signature.asc
Description: PGP signature

Bug#859001: Let's remove BrowserLauncher from Stretch

[Ole Streicher]

Am 30.03.2017 um 14:14 schrieb Emmanuel Bourg:
> Le 30/03/2017 à 13:47, Ole Streicher a écrit :
> 
>> Since there is only one dependency (jmodeltest), I recommend to remove
>> the package from Stretch and to patch out the dependency with a minimal
>> implementation of browserlauncher that uses xdg-open (see attachment).
> 
> What about using the JDK API for launching the browser instead (the
> browse(URI) method in the java.awt.Desktop class [1]) ?
> 
> Emmanuel Bourg
> 
> [1]
> http://docs.oracle.com/javase/7/docs/api/java/awt/Desktop.html#browse(java.net.URI)

That is even better. I didn't know that, thanks for the hint. IMO that
makes the BrowserLauncher package *really* obsolete here.

For #859107, I will prepare another patch.

Cheers

Ole

Bug#859001: Let's remove BrowserLauncher from Stretch

[Emmanuel Bourg]

Le 30/03/2017 à 13:47, Ole Streicher a écrit :

> Since there is only one dependency (jmodeltest), I recommend to remove
> the package from Stretch and to patch out the dependency with a minimal
> implementation of browserlauncher that uses xdg-open (see attachment).

What about using the JDK API for launching the browser instead (the
browse(URI) method in the java.awt.Desktop class [1]) ?

Emmanuel Bourg

[1]
http://docs.oracle.com/javase/7/docs/api/java/awt/Desktop.html#browse(java.net.URI)

Processed: libbrowserlauncher-java dependency is going to be removed from Stretch

[Debian Bug Tracking System]

Processing control commands:

> tags -1 patch
Bug #859107 [jmodeltest] libbrowserlauncher-java dependency is going to be 
removed from Stretch
Added tag(s) patch.

-- 
859107: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859107
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#859107: libbrowserlauncher-java dependency is going to be removed from Stretch

[Ole Streicher]

Package: jmodeltest
Version: 2.1.10+dfsg-3
Severity: serious
Control: tags -1 patch

As pointed out in

https://bugs.debian.org/859001
https://bugs.debian.org/859004
https://bugs.debian.org/859005

I recommend to remove libbrowserlauncher from Stretch because it is not
working at all.

To prevent jmodeltest from being removed, here is a patch that replaces
the package by a freedesktop.org compatible miniversion.

Cheers

Ole
diff -Nru jmodeltest-2.1.10+dfsg/debian/changelog jmodeltest-2.1.10+dfsg/debian/changelog
--- jmodeltest-2.1.10+dfsg/debian/changelog	2016-08-17 15:43:53.0 +0200
+++ jmodeltest-2.1.10+dfsg/debian/changelog	2017-03-30 14:03:42.0 +0200
@@ -1,3 +1,10 @@
+jmodeltest (2.1.10+dfsg-3.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Use custom BrowserLauncher. Fixes: #-1
+
+ -- Ole Streicher   Thu, 30 Mar 2017 14:03:42 +0200
+
 jmodeltest (2.1.10+dfsg-3) unstable; urgency=medium
 
   * Add missing command line arguments to wrapper
diff -Nru jmodeltest-2.1.10+dfsg/debian/control jmodeltest-2.1.10+dfsg/debian/control
--- jmodeltest-2.1.10+dfsg/debian/control	2016-08-17 15:43:53.0 +0200
+++ jmodeltest-2.1.10+dfsg/debian/control	2017-03-30 13:53:46.0 +0200
@@ -13,7 +13,6 @@
libjfreechart-java,
libmpj-java,
libpal-java,
-   libbrowserlauncher-java,
prottest,
texlive-latex-base,
texlive-fonts-recommended,
diff -Nru jmodeltest-2.1.10+dfsg/debian/copyright jmodeltest-2.1.10+dfsg/debian/copyright
--- jmodeltest-2.1.10+dfsg/debian/copyright	2016-08-17 15:43:53.0 +0200
+++ jmodeltest-2.1.10+dfsg/debian/copyright	2017-03-30 14:03:26.0 +0200
@@ -26,7 +26,8 @@
 License: GPL-3+
 
 Files: debian/*
-Copyright: 2015 Andreas Tille 
+Copyright: 2015 Andreas Tille ,
+ 2017 Ole Streicher 
 License: GPL-2+
 
 License: GPL-2+
diff -Nru jmodeltest-2.1.10+dfsg/debian/patches/series jmodeltest-2.1.10+dfsg/debian/patches/series
--- jmodeltest-2.1.10+dfsg/debian/patches/series	2016-08-17 15:43:53.0 +0200
+++ jmodeltest-2.1.10+dfsg/debian/patches/series	2017-03-30 13:56:17.0 +0200
@@ -2,3 +2,4 @@
 do_not_chmod_anything_in_usr_bin.patch
 adapt_config.patch
 replace_natbib_bst_by_plainnat.patch
+use_custom_BrowserLauncher.patch
diff -Nru jmodeltest-2.1.10+dfsg/debian/patches/use_custom_BrowserLauncher.patch jmodeltest-2.1.10+dfsg/debian/patches/use_custom_BrowserLauncher.patch
--- jmodeltest-2.1.10+dfsg/debian/patches/use_custom_BrowserLauncher.patch	1970-01-01 01:00:00.0 +0100
+++ jmodeltest-2.1.10+dfsg/debian/patches/use_custom_BrowserLauncher.patch	2017-03-30 14:02:06.0 +0200
@@ -0,0 +1,23 @@
+Author: Ole Streicher 
+Last-Update: Thu, 30 Mar 2017 13:58:11 +0200
+Description: Use custom BrowserLauncher
+
+--- /dev/null
 b/src/main/java/edu/stanfort/ejalbert/BrowserLauncher.java
+@@ -0,0 +1,16 @@
++package edu.stanford.ejalbert;
++import java.io.IOException;
++
++/*
++ * Simple replacement for the BrowserLauncher, which is compatible to the
++ * Free Desktop Consortium. Written by Ole Streicher 
++ * License here: GPL-2+, to match with the other Debian files
++ */
++public class BrowserLauncher {
++public void openURLinBrowser(String url)  {
++	try {
++	Runtime.getRuntime().exec(new String[] { "xdg-open", url } );
++	} catch (IOException e) {
++	}
++}
++}

Bug#859091: marked as done (mapdamage: Missing dependencies prevent proper functionality)

[Debian Bug Tracking System]

Your message dated Thu, 30 Mar 2017 11:48:49 +
with message-id 
and subject line Bug#859091: fixed in mapdamage 2.0.6+dfsg-2
has caused the Debian Bug report #859091,
regarding mapdamage: Missing dependencies prevent proper functionality
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
859091: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859091
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: mapdamage
Severity: grave
Tags: patch
Justification: renders package unusable

Hi,

when Nadiya Sitdykova tried to create an autopkgtest it turned out
that several dependencies were missing.  The missing dependencies
to run documented mapdamage tests successfully are:

python-pysam,
r-cran-inline,
r-cran-ggplot2,
r-cran-gam,
r-cran-rcpp,
r-cran-rcppgsl,
libopenblas-dev | libblas-dev   | libatlas-base-dev | libblas.so,
libopenblas-dev | liblapack-dev | libatlas-base-dev | liblapack.so

A working patch is commited to packaging Git.

Kind regards

  Andreas.


-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: mapdamage
Source-Version: 2.0.6+dfsg-2

We believe that the bug you reported is fixed in the latest version of
mapdamage, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 859...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nadiya Sitdykova  (supplier of updated mapdamage package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 23 Mar 2017 21:34:41 -0700
Source: mapdamage
Binary: mapdamage
Architecture: source all
Version: 2.0.6+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team 

Changed-By: Nadiya Sitdykova 
Description:
 mapdamage  - tracking and quantifying damage patterns in ancient DNA sequences
Closes: 848326 859090 859091
Changes:
 mapdamage (2.0.6+dfsg-2) unstable; urgency=medium
 .
   * Team upload
 .
   [ Andreas Tille ]
   * Spelling
 .
   [ Nadiya Sitdykova ]
   * Add simple tests for examples
   * Move pysam dependency from tests/control to control as it's needed
 not only for test, but for package
   * Add test checking stdin redirect
   * Add simple test to demonstrate the problems with installing
 r-cran-rcppgsl package
   * Edit path to seqtk in composition.py
 Closes: #859090
   * Fix typo in tests/control
   * Add patch to fix quantile call to remove NA and NaNs
   * Add dependency providing liblapack.so and libblas.so
 Closes: #859091
   * Add file with reference containing all types of nucleotides
   * Add information how to check R libraries and what to do in case of errors
 to README.test
   * Provide tests for examples from documentation
 Closes: #848326
   * Fixed typo in README.test
Checksums-Sha1:
 2f2d102bc888e5123243e27350074cd2c823467a 2090 mapdamage_2.0.6+dfsg-2.dsc
 a77076da7aa059f69c41fdb7c898f4c1eedcb239 6928 
mapdamage_2.0.6+dfsg-2.debian.tar.xz
 373003c4959296c5c84b60cb09661187b3f54325 38800 mapdamage_2.0.6+dfsg-2_all.deb
 b9633ab8a3dbdd144d71597b02ebff511b71fe66 6027 
mapdamage_2.0.6+dfsg-2_amd64.buildinfo
Checksums-Sha256:
 154f033951fd2dd83e89b49cbc4f3aa7852ea4df1ec412c1a1d103039d1cd597 2090 
mapdamage_2.0.6+dfsg-2.dsc
 4fe17e581cc172d8feff429be2caed6a29db9ee777f03011dddbc1366c672cb8 6928 
mapdamage_2.0.6+dfsg-2.debian.tar.xz
 006f25238ce436c5c0b595bdb03cca26464f6beeb6c4c847ec78a358c5c38e9b 38800 
mapdamage_2.0.6+dfsg-2_all.deb
 4a934164110d0ae8f3fa7a43b51ca982bb3da369b3e5c042358c61770c84f458 6027 
mapdamage_2.0.6+dfsg-2_amd64.buildinfo
Files:
 62f591c0487e038c18cbb5c35ffe34f5 2090 science optional 
mapdamage_2.0.6+dfsg-2.dsc
 b7af5a220b8f7549c14e4ff4c21c91bd 6928 

Bug#859090: marked as done (mapdamage has incomplete patch to not always find seqtk)

[Debian Bug Tracking System]

Your message dated Thu, 30 Mar 2017 11:48:49 +
with message-id 
and subject line Bug#859090: fixed in mapdamage 2.0.6+dfsg-2
has caused the Debian Bug report #859090,
regarding mapdamage has incomplete patch to not always find seqtk
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
859090: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859090
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: mapdamage
Severity: grave
Tags: patch
Justification: renders package unusable

Hi,

when Nadiya Sitdykova tried to create an autopkgtest for mapdamage it
turned out that the patch to find Debian packaged seqtk is incomplete.

A working patch can be found in packaging Git and will be uploaded soon.

Kind regards

 Andreas.

-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: mapdamage
Source-Version: 2.0.6+dfsg-2

We believe that the bug you reported is fixed in the latest version of
mapdamage, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 859...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nadiya Sitdykova  (supplier of updated mapdamage package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 23 Mar 2017 21:34:41 -0700
Source: mapdamage
Binary: mapdamage
Architecture: source all
Version: 2.0.6+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team 

Changed-By: Nadiya Sitdykova 
Description:
 mapdamage  - tracking and quantifying damage patterns in ancient DNA sequences
Closes: 848326 859090 859091
Changes:
 mapdamage (2.0.6+dfsg-2) unstable; urgency=medium
 .
   * Team upload
 .
   [ Andreas Tille ]
   * Spelling
 .
   [ Nadiya Sitdykova ]
   * Add simple tests for examples
   * Move pysam dependency from tests/control to control as it's needed
 not only for test, but for package
   * Add test checking stdin redirect
   * Add simple test to demonstrate the problems with installing
 r-cran-rcppgsl package
   * Edit path to seqtk in composition.py
 Closes: #859090
   * Fix typo in tests/control
   * Add patch to fix quantile call to remove NA and NaNs
   * Add dependency providing liblapack.so and libblas.so
 Closes: #859091
   * Add file with reference containing all types of nucleotides
   * Add information how to check R libraries and what to do in case of errors
 to README.test
   * Provide tests for examples from documentation
 Closes: #848326
   * Fixed typo in README.test
Checksums-Sha1:
 2f2d102bc888e5123243e27350074cd2c823467a 2090 mapdamage_2.0.6+dfsg-2.dsc
 a77076da7aa059f69c41fdb7c898f4c1eedcb239 6928 
mapdamage_2.0.6+dfsg-2.debian.tar.xz
 373003c4959296c5c84b60cb09661187b3f54325 38800 mapdamage_2.0.6+dfsg-2_all.deb
 b9633ab8a3dbdd144d71597b02ebff511b71fe66 6027 
mapdamage_2.0.6+dfsg-2_amd64.buildinfo
Checksums-Sha256:
 154f033951fd2dd83e89b49cbc4f3aa7852ea4df1ec412c1a1d103039d1cd597 2090 
mapdamage_2.0.6+dfsg-2.dsc
 4fe17e581cc172d8feff429be2caed6a29db9ee777f03011dddbc1366c672cb8 6928 
mapdamage_2.0.6+dfsg-2.debian.tar.xz
 006f25238ce436c5c0b595bdb03cca26464f6beeb6c4c847ec78a358c5c38e9b 38800 
mapdamage_2.0.6+dfsg-2_all.deb
 4a934164110d0ae8f3fa7a43b51ca982bb3da369b3e5c042358c61770c84f458 6027 
mapdamage_2.0.6+dfsg-2_amd64.buildinfo
Files:
 62f591c0487e038c18cbb5c35ffe34f5 2090 science optional 
mapdamage_2.0.6+dfsg-2.dsc
 b7af5a220b8f7549c14e4ff4c21c91bd 6928 science optional 
mapdamage_2.0.6+dfsg-2.debian.tar.xz
 aff21d92226b52602d776d344588dc7e 38800 science optional 
mapdamage_2.0.6+dfsg-2_all.deb
 f901d23ec7c23b93aad78d869e0f270d 6027 science optional 
mapdamage_2.0.6+dfsg-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

Bug#859001: Let's remove BrowserLauncher from Stretch

[Ole Streicher]

Tags: affects -1 jmodeltest

I submitted fixes for all three bugs to the git repository. However,
even after applying them libbrowserlauncher does not work:

$ java -classpath /usr/share/java/BrowserLauncher2.jar \
 edu.stanford.ejalbert.BrowserLauncher https://www.debian.org

should display a web page in the default browser, but does nothing.

The package is also unfortunate since it establishes a secondary browser
selection and is not conform to the freedesktop.org specification
("xdg-open").

Since there is only one dependency (jmodeltest), I recommend to remove
the package from Stretch and to patch out the dependency with a minimal
implementation of browserlauncher that uses xdg-open (see attachment).

Best regards

Ole
package edu.stanford.ejalbert;

import java.io.IOException;

/*
 * Simple replacement for the BrowserLauncher, which is compatible to the
 * Free Desktop Consortium.
 */
public class BrowserLauncher {
public void openURLinBrowser(String url)  {
	try {
	Runtime.getRuntime().exec(new String[] { "xdg-open", url } );
	} catch (IOException e) {
	}
}
public void setNewWindowPolicy(boolean b) {
}
}

Bug#858252: marked as done (unix domain socket forwarding broken for root user)

[Debian Bug Tracking System]

Your message dated Thu, 30 Mar 2017 11:34:34 +
with message-id 
and subject line Bug#858252: fixed in openssh 1:7.4p1-10
has caused the Debian Bug report #858252,
regarding unix domain socket forwarding broken for root user
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
858252: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858252
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: openssh-server
Version: 1:7.4p1-1
Severity: critical
Tags: patch upstream

Commit b737e4d7433577403a31cff6614f6a1b0b5e22f4 disabled unix domain
socket forwarding when privsep is disabled. Unfortunately, privsep is
always "disabled" for the root user, so this completely broke unix
socket forwarding for the root user (instead of forwarding, an error
message "administratively prohibited" is printed).

Upstream (openssh-portable) already has a fix for this in commit
51045869fa084cdd016fdd721ea760417c0a3bf3 (see below).

Please cherry-pick accordingly - thanks in advance.

(Note: severity set to critical as this breaks unrelated software which
uses SSH's socket forwarding feature, but of course feel free to
downgrade to >= serious as you see fit..)


>From 51045869fa084cdd016fdd721ea760417c0a3bf3 Mon Sep 17 00:00:00 2001
From: "d...@openbsd.org" 
Date: Wed, 4 Jan 2017 05:37:40 +
Subject: [PATCH] upstream commit

unbreak Unix domain socket forwarding for root; ok
markus@

Upstream-ID: 6649c76eb7a3fa15409373295ca71badf56920a2
---
 serverloop.c | 21 +
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/serverloop.c b/serverloop.c
index c4e4699..bdb944f 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.189 2016/12/14 00:36:34 djm Exp $ */
+/* $OpenBSD: serverloop.c,v 1.190 2017/01/04 05:37:40 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
  * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
@@ -468,6 +468,10 @@ server_request_direct_streamlocal(void)
  Channel *c = NULL;
  char *target, *originator;
  u_short originator_port;
+ struct passwd *pw = the_authctxt->pw;
+
+ if (pw == NULL || !the_authctxt->valid)
+   fatal("server_input_global_request: no/invalid user");
 
  target = packet_get_string(NULL);
  originator = packet_get_string(NULL);
@@ -480,7 +484,7 @@ server_request_direct_streamlocal(void)
  /* XXX fine grained permissions */
  if ((options.allow_streamlocal_forwarding & FORWARD_LOCAL) != 0 &&
  !no_port_forwarding_flag && !options.disable_forwarding &&
- use_privsep) {
+ (pw->pw_uid == 0 || use_privsep)) {
c = channel_connect_to_path(target,
"direct-streamlo...@openssh.com", "direct-streamlocal");
  } else {
@@ -702,6 +706,10 @@ server_input_global_request(int type, u_int32_t seq, void 
*ctxt)
  int want_reply;
  int r, success = 0, allocated_listen_port = 0;
  struct sshbuf *resp = NULL;
+ struct passwd *pw = the_authctxt->pw;
+
+ if (pw == NULL || !the_authctxt->valid)
+   fatal("server_input_global_request: no/invalid user");
 
  rtype = packet_get_string(NULL);
  want_reply = packet_get_char();
@@ -709,12 +717,8 @@ server_input_global_request(int type, u_int32_t seq, void 
*ctxt)
 
  /* -R style forwarding */
  if (strcmp(rtype, "tcpip-forward") == 0) {
-   struct passwd *pw;
struct Forward fwd;
 
-   pw = the_authctxt->pw;
-   if (pw == NULL || !the_authctxt->valid)
- fatal("server_input_global_request: no/invalid user");
memset(, 0, sizeof(fwd));
fwd.listen_host = packet_get_string(NULL);
fwd.listen_port = (u_short)packet_get_int();
@@ -762,9 +766,10 @@ server_input_global_request(int type, u_int32_t seq, void 
*ctxt)
/* check permissions */
if ((options.allow_streamlocal_forwarding & FORWARD_REMOTE) == 0
|| no_port_forwarding_flag || options.disable_forwarding ||
-   !use_privsep) {
+   (pw->pw_uid != 0 && !use_privsep)) {
  success = 0;
- packet_send_debug("Server has disabled port forwarding.");
+ packet_send_debug("Server has disabled "
+ "streamlocal forwarding.");
} else {
  /* Start listening on the socket */
  success = channel_setup_remote_fwd_listener(
--- End Message ---
--- Begin Message ---
Source: openssh
Source-Version: 1:7.4p1-10

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have 

Processed: Re: regression: net: security update makes `net ads join` freeze when run a second time

[Debian Bug Tracking System]

Processing control commands:

> fixed -1 2:4.5.6+dfsg-1
Bug #859101 [samba-common-bin] regression: net: security update makes `net ads 
join` freeze when run a second time
Marked as fixed in versions samba/2:4.5.6+dfsg-1.

-- 
859101: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859101
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#859101: regression: net: security update makes `net ads join` freeze when run a second time

[Paul Wise]

Control: fixed -1 2:4.5.6+dfsg-1

On Thu, 2017-03-30 at 18:30 +0800, Paul Wise wrote:

> I've confirmed that the freeze does not happen on samba 4.1 using
> snapshot.d.o. The issue still occurs with 2:4.2.14+dfsg-0+deb8u4.

I've confirmed this issue does not happen with stretch 2:4.5.6+dfsg-1

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Bug#859101: regression: net: security update makes `net ads join` freeze when run a second time

[Paul Wise]

Package: samba-common-bin
Version: 2:4.2.10+dfsg-0+deb8u1
Severity: serious
File: /usr/bin/net
Control: found -1 2:4.2.14+dfsg-0+deb8u4
X-Debbugs-CC: secur...@debian.org

The jessie security upgrade from samba 2:4.1.17+dfsg-2+deb8u2 to
2:4.2.10+dfsg-0+deb8u1 causes the `net ads join` command to freeze when
run on a system that has already been joined to the domain.

I've confirmed that the freeze does not happen on samba 4.1 using
snapshot.d.o. The issue still occurs with 2:4.2.14+dfsg-0+deb8u4.

When I increase the debug level to 15, it appears that it freezes while
trying to remove old keytab entries.

The command doesn't use much CPU so it appears to be a deadlock.

$ sudo apt install samba-common-bin smbclient
$ grep -A13 \\[global /etc/samba/smb.conf 
[global]

## Browsing/Identification ###

# Change this to the workgroup/NT-domain name your Samba server will part of
   workgroup = TEST
   realm = TEST.LOCAL
   dedicated keytab file = /etc/krb5.keytab
   kerberos method = secrets and keytab
   preferred master = no
   domain master = No
   password server = *
   security = ADS
   ldap timeout = 300
$ sudo net ads join -d15 -UAdministrator
...
Enter Administrator's password:
...
$ sudo net ads join -d15 -UAdministrator
...
Enter Administrator's password:
...
../source3/libads/kerberos_keytab.c:65: Will try to delete old keytab entries
../source3/libads/kerberos_keytab.c:139: Found old entry for principal: 
host/test46.test.local@TEST.LOCAL (kvno 6) - trying to remove it.
^C
$ sudo smbclient -Utester -L //testsbs01
Enter Indexer's password: 
Domain=[TEST] OS=[Windows Server 2003 3790 Service Pack 2] Server=[Windows 
Server 2003 5.2]
$ cat /etc/apt/sources.d/snapshot.list
deb http://snapshot.debian.org/archive/debian/20160103T163148Z/ jessie main
deb http://snapshot.debian.org/archive/debian-security/20160413T203215Z/ 
jessie/updates main
deb http://snapshot.debian.org/archive/debian/20160314T035958Z/ jessie main
deb http://snapshot.debian.org/archive/debian-security/20160312T072202Z/ 
jessie/updates main

-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages samba-common-bin depends on:
ii  libbsd00.7.0-2
ii  libc6  2.19-18+deb8u7
ii  libldap-2.4-2  2.4.40+dfsg-1+deb8u2
ii  libncurses55.9+20140913-1+b1
ii  libpopt0   1.16-10
ii  libreadline6   6.3-8+b3
ii  libtalloc2 2.1.2-0+deb8u1
ii  libtdb11.3.6-0+deb8u1
ii  libtevent0 0.9.28-0+deb8u1
ii  libtinfo5  5.9+20140913-1+b1
ii  libwbclient0   2:4.2.14+dfsg-0+deb8u4
ii  python 2.7.9-1
ii  python-samba   2:4.2.14+dfsg-0+deb8u4
pn  python2.7:any  
ii  samba-common   2:4.2.14+dfsg-0+deb8u4
ii  samba-libs 2:4.2.14+dfsg-0+deb8u4

samba-common-bin recommends no packages.

Versions of packages samba-common-bin suggests:
pn  heimdal-clients  

-- no debconf information

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Processed: regression: net: security update makes `net ads join` freeze when run a second time

[Debian Bug Tracking System]

Processing control commands:

> found -1 2:4.2.14+dfsg-0+deb8u4
Bug #859101 [samba-common-bin] regression: net: security update makes `net ads 
join` freeze when run a second time
Marked as found in versions samba/2:4.2.14+dfsg-0+deb8u4.

-- 
859101: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859101
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#858133: python-tz: FTBFS with tzdata/2017a-1

[Graham Inggs]

The tests have been fixed upstream, and a new version released (see 
#859096).


Attached is an updated patch against 2016.7-0.2 taken from upstream.
Description: Fix tests for 2017a tz abbreviation changes
Bug: https://bugs.launchpad.net/pytz/+bug/1677177
Bug-Debian: https://bugs.debian.org/858133
Origin: upstream, https://git.launchpad.net/pytz/commit/?id=c00dbe290bd1aa896b01db94f2e93449cf3bfd07
Author: Stuart Bishop 
Last-Update: 2017-03-30
--- a/pytz/tests/test_tzinfo.py
+++ b/pytz/tests/test_tzinfo.py
@@ -501,7 +501,7 @@
 'dst': timedelta(0),
 }
 after = {
-'tzname': 'NCT',
+'tzname': '+11',  # pre-2017a, NCT
 'utcoffset': timedelta(hours=11),
 'dst': timedelta(0),
 }
@@ -512,12 +512,12 @@
 tzinfo = pytz.timezone('Pacific/Noumea')
 transition_time = datetime(1997, 3, 1, 15, 00, 00, tzinfo=UTC)
 before = {
-'tzname': 'NCST',
+'tzname': '+12',  # pre-2017a, NCST
 'utcoffset': timedelta(hours=12),
 'dst': timedelta(hours=1),
 }
 after = {
-'tzname': 'NCT',
+'tzname': '+11',  # pre-2017a, NCT
 'utcoffset': timedelta(hours=11),
 'dst': timedelta(0),
 }
@@ -541,7 +541,7 @@
 'dst': timedelta(0),
 }
 after = {
-'tzname': 'TAHT',
+'tzname': '-10',  # pre-2017a, TAHT
 'utcoffset': timedelta(hours=-10),
 'dst': timedelta(0),
 }
@@ -554,12 +554,12 @@
 tzinfo = pytz.timezone('Pacific/Apia')
 transition_time = datetime(2011, 12, 30, 10, 0, 0, tzinfo=UTC)
 before = {
-'tzname': 'SDT',
+'tzname': '-10',  # pre-2017a, SDT
 'utcoffset': timedelta(hours=-10),
 'dst': timedelta(hours=1),
 }
 after = {
-'tzname': 'WSDT',
+'tzname': '+14',  # pre-2017a, WSDT
 'utcoffset': timedelta(hours=14),
 'dst': timedelta(hours=1),
 }
@@ -611,7 +611,8 @@
 self.assertEqual(loc_time.strftime('%Z%z'), 'NST+0120')
 
 loc_time = loc_tz.localize(datetime(1940, 5, 10, 0, 0, 0))
-self.assertEqual(loc_time.strftime('%Z%z'), 'NET+0020')
+# pre-2017a, abbreviation was NCT
+self.assertEqual(loc_time.strftime('%Z%z'), '+0020+0020')
 
 loc_time = loc_tz.localize(datetime(1940, 5, 20, 0, 0, 0))
 self.assertEqual(loc_time.strftime('%Z%z'), 'CEST+0200')

Bug#858502: marked as done (libmama-dev: missing Depends: libwombatcommoncpp0, libmamaavis0, libmamacpp0)

[Debian Bug Tracking System]

Your message dated Thu, 30 Mar 2017 09:34:33 +
with message-id 
and subject line Bug#858502: fixed in openmama 2.2.2.1-11.1
has caused the Debian Bug report #858502,
regarding libmama-dev: missing Depends: libwombatcommoncpp0, libmamaavis0, 
libmamacpp0
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
858502: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858502
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libmama-dev
Version: 2.2.2.1-11
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package ships (or creates)
a broken symlink.

>From the attached log (scroll to the bottom...):

0m27.2s ERROR: FAIL: Broken symlinks:
  /usr/lib/x86_64-linux-gnu/libwombatcommoncpp.so -> libwombatcommoncpp.so.0.0.0
  /usr/lib/x86_64-linux-gnu/libmamaavismsgimpl.so -> libmamaavismsgimpl.so.0.0.0
  /usr/lib/x86_64-linux-gnu/libmamaavisimpl.so -> libmamaavisimpl.so.0.0.0
  /usr/lib/x86_64-linux-gnu/libmamacpp.so -> libmamacpp.so.0.0.0

All missing Depends should be versioned (= ${binary:Version})


cheers,

Andreas


libmama-dev_2.2.2.1-11.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: openmama
Source-Version: 2.2.2.1-11.1

We believe that the bug you reported is fixed in the latest version of
openmama, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 858...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anton Gladky  (supplier of updated openmama package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 25 Mar 2017 09:45:17 +0100
Source: openmama
Binary: libwombatcommon0 libwombatcommoncpp0 libmama0 libmamajni-java 
libmamacpp0 libmama-dev libmamaavis0 libmamda0 libmamda-java libmamda-dev 
libmamdabook0 libmamda-book-java libmamdanews0 libmamdaoptions0 
libmamda-options-java libmama-doc libmamda-doc
Architecture: source
Version: 2.2.2.1-11.1
Distribution: unstable
Urgency: medium
Maintainer: Daniel Pocock 
Changed-By: Anton Gladky 
Description:
 libmama-dev - message oriented middleware - development files
 libmama-doc - message oriented middleware - API documentation (MAMA)
 libmama0   - message oriented middleware - shared libraries
 libmamaavis0 - message oriented middleware - avis transport
 libmamacpp0 - message oriented middleware - shared libraries (C++)
 libmamajni-java - message oriented middleware - Java libraries
 libmamda-book-java - message oriented middleware - Java libraries (MAMDA order 
book)
 libmamda-dev - message oriented middleware - development files
 libmamda-doc - message oriented middleware - API documentation (MAMA)
 libmamda-java - message oriented middleware - Java libraries (MAMDA)
 libmamda-options-java - message oriented middleware - Java libraries (MAMDA 
options)
 libmamda0  - message oriented middleware - shared libraries
 libmamdabook0 - message oriented middleware - shared libraries
 libmamdanews0 - message oriented middleware - shared libraries
 libmamdaoptions0 - message oriented middleware - shared libraries
 libwombatcommon0 - message oriented middleware - Wombat utility libraries
 libwombatcommoncpp0 - message oriented middleware - Wombat utility libraries 
(C++)
Closes: 858502
Changes:
 openmama (2.2.2.1-11.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Add libwombatcommoncpp0, libmamaavis0 and libmamacpp0 as a dependency of
 libmama-dev (Closes: #858502)
Checksums-Sha1:
 431ca07d0ad87b0153b36fe1dfe04cd3955febac 2913 openmama_2.2.2.1-11.1.dsc
 f6851d34f76076d0e27a96a6b41a8daea8a2e702 8532 
openmama_2.2.2.1-11.1.debian.tar.xz
 0797c6ed43e17eb59e15c83106f1888b120a8c01 11898 
openmama_2.2.2.1-11.1_source.buildinfo
Checksums-Sha256:
 c04d818980082723b1ceeb4d2c46e45362e7a5b7055c606a098d45189f07c7f3 2913 
openmama_2.2.2.1-11.1.dsc
 b7a9ae801ee21c1d59e22be0344bf4bd0d02e669512ba1ac748b6c51df0bc8bc 8532 
openmama_2.2.2.1-11.1.debian.tar.xz
 eaf40aa18e8293e38dea9e31326ccc04177d1e69c286e671108510c0f896a119 11898 

Processed: Bug#845786: gammaray FTBFS on arm64, armel, mips* and s390x: QFatal in quickinspectortest

[Debian Bug Tracking System]

Processing control commands:

> retitle -1 gammaray FTBFS on arm64, armel, mips* and s390x: QFatal in 
> quickinspectortest
Bug #845786 [src:gammaray] gammaray FTBFS on armhf: QFatal in quickinspectortest
Changed Bug title to 'gammaray FTBFS on arm64, armel, mips* and s390x: QFatal 
in quickinspectortest' from 'gammaray FTBFS on armhf: QFatal in 
quickinspectortest'.

-- 
845786: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845786
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#845786: gammaray FTBFS on arm64, armel, mips* and s390x: QFatal in quickinspectortest

[James Cowgill]

Control: retitle -1 gammaray FTBFS on arm64, armel, mips* and s390x: QFatal in 
quickinspectortest

Hi,

gammaray 2.7.0 has now failed for the above reason on arm64, armel,
mips*, s390x and various ports architectures. Example from mips64el:

> Detaching from program: /«PKGBUILDDIR»/obj-qt5/bin/quickinspectortest, 
> process 20045
> = End of stack trace ==
> QFatal in quickinspectortest (/«PKGBUILDDIR»/obj-qt5/bin/quickinspectortest)
> START BACKTRACE:
> 1 
> /«PKGBUILDDIR»/obj-qt5/lib/libgammaray_core-qt5_7-mips.so.2.7.0(+0xf05ec) 
> [0xffe9f6c5ec]
> 2 
> /«PKGBUILDDIR»/obj-qt5/lib/libgammaray_core-qt5_7-mips.so.2.7.0(+0xb8ae0) 
> [0xffe9f34ae0]
> 3 /usr/lib/mips64el-linux-gnuabi64/libQt5Core.so.5(+0x918fc) 
> [0xffe8edd8fc]
> 4 
> /usr/lib/mips64el-linux-gnuabi64/libQt5Core.so.5(QMessageLogger::fatal(char 
> const*, ...) const+0x70) [0xffe8edf7f8]
> 5 /usr/lib/mips64el-linux-gnuabi64/libQt5Test.so.5(+0xab2c) [0xffe9e02b2c]
> 6 linux-vdso.so.1(+0x800) [0xffea090800]
> 7 /usr/lib/mips64el-linux-gnuabi64/dri/swrast_dri.so(+0x2282b6) 
> [0xffdee642b6]
> END BACKTRACE
> QFATAL : QuickInspectorTest::testCustomRenderModes() Received signal 11
>  Function time: 9375ms Total time: 16122ms
> FAIL!  : QuickInspectorTest::testCustomRenderModes() Received a fatal error.
>Loc: [Unknown file(0)]
> Totals: 6 passed, 1 failed, 0 skipped, 0 blacklisted, 33373ms
> * Finished testing of QuickInspectorTest *

https://buildd.debian.org/status/package.php?p=gammaray

Thanks,
James



signature.asc
Description: OpenPGP digital signature

Bug#859091: mapdamage: Missing dependencies prevent proper functionality

[Andreas Tille]

Package: mapdamage
Severity: grave
Tags: patch
Justification: renders package unusable

Hi,

when Nadiya Sitdykova tried to create an autopkgtest it turned out
that several dependencies were missing.  The missing dependencies
to run documented mapdamage tests successfully are:

python-pysam,
r-cran-inline,
r-cran-ggplot2,
r-cran-gam,
r-cran-rcpp,
r-cran-rcppgsl,
libopenblas-dev | libblas-dev   | libatlas-base-dev | libblas.so,
libopenblas-dev | liblapack-dev | libatlas-base-dev | liblapack.so

A working patch is commited to packaging Git.

Kind regards

  Andreas.


-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#859090: mapdamage has incomplete patch to not always find seqtk

[Andreas Tille]

Package: mapdamage
Severity: grave
Tags: patch
Justification: renders package unusable

Hi,

when Nadiya Sitdykova tried to create an autopkgtest for mapdamage it
turned out that the patch to find Debian packaged seqtk is incomplete.

A working patch can be found in packaging Git and will be uploaded soon.

Kind regards

 Andreas.

-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#858951: marked as done (php7.0-sassphp: fails to install: php7.0-sassphp.postinst: phpenmod: not found)

[Debian Bug Tracking System]

Your message dated Thu, 30 Mar 2017 07:49:03 +
with message-id 
and subject line Bug#858951: fixed in sassphp 0.5.10-2
has caused the Debian Bug report #858951,
regarding php7.0-sassphp: fails to install: php7.0-sassphp.postinst: phpenmod: 
not found
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
858951: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858951
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: php7.0-sassphp
Version: 0.5.10-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package failed to install. As
per definition of the release team this makes the package too buggy for
a release, thus the severity.

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package php7.0-sassphp.
  (Reading database ... 
(Reading database ... 4418 files and directories currently installed.)
  Preparing to unpack .../php7.0-sassphp_0.5.10-1_amd64.deb ...
  Unpacking php7.0-sassphp (0.5.10-1) ...
  Setting up php7.0-sassphp (0.5.10-1) ...
  /var/lib/dpkg/info/php7.0-sassphp.postinst: 18: 
/var/lib/dpkg/info/php7.0-sassphp.postinst: phpenmod: not found
  dpkg: error processing package php7.0-sassphp (--configure):
   subprocess installed post-installation script returned error exit status 127
  Errors were encountered while processing:
   php7.0-sassphp


cheers,

Andreas


php7.0-sassphp_0.5.10-1.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: sassphp
Source-Version: 0.5.10-2

We believe that the bug you reported is fixed in the latest version of
sassphp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 858...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Rhonda D'Vine  (supplier of updated sassphp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 30 Mar 2017 09:10:13 +0200
Source: sassphp
Binary: php7.0-sassphp
Architecture: source amd64
Version: 0.5.10-2
Distribution: unstable
Urgency: medium
Maintainer: Rhonda D'Vine 
Changed-By: Rhonda D'Vine 
Description:
 php7.0-sassphp - PHP bindings to libsass - fast, native Sass parsing in PHP
Closes: 858951
Changes:
 sassphp (0.5.10-2) unstable; urgency=medium
 .
   * Document Vcs-* URLs.
   * Add ${php:Depends} to Depends (closes: #858951)
Checksums-Sha1:
 815aa84497cd19723d40dc544550be336cc72975 1842 sassphp_0.5.10-2.dsc
 5a2d234fde3b6af7df2c821acedf40bbb8c148c7 2612 sassphp_0.5.10-2.debian.tar.xz
 531b2eee00680e2bd7aeb96752aa83bfff97a21d 28838 
php7.0-sassphp-dbgsym_0.5.10-2_amd64.deb
 778bc75f63d55c90c828277a54ac9e6d0762cf83 11476 
php7.0-sassphp_0.5.10-2_amd64.deb
 3fe80fa5efb3b63d59ddef8be7cf2ea493f505fa 5406 sassphp_0.5.10-2_amd64.buildinfo
Checksums-Sha256:
 d4fa598786921037f89e8f623272bb5653ff10662c46010bb87f276051b90783 1842 
sassphp_0.5.10-2.dsc
 4dd95bb20baa085b856469208052a8611289aa8d4fd3bb92cdfafd8e657aa27e 2612 
sassphp_0.5.10-2.debian.tar.xz
 8f6e0a6891852bf3edf4e5f55140abf2f5f227a0ba06c09fc9cf2aeddf48cc2f 28838 
php7.0-sassphp-dbgsym_0.5.10-2_amd64.deb
 f600b48ff74496dd89979a9574fb97091e5c2df0e55149d29aa6773bddda3676 11476 
php7.0-sassphp_0.5.10-2_amd64.deb
 29b846c8ad9a6d7c58f97a10b12e791620d1436a0fe82698d42ae260f113a598 5406 
sassphp_0.5.10-2_amd64.buildinfo
Files:
 c91153cb2909c49b8b604f722c3f389b 1842 web optional sassphp_0.5.10-2.dsc
 54e31eb608d4f371b92e9952c9100148 2612 web optional 
sassphp_0.5.10-2.debian.tar.xz
 7e4e294a839814aa7d1c16858b7a6787 28838 debug extra 
php7.0-sassphp-dbgsym_0.5.10-2_amd64.deb
 8d777b1ad19e0528c19fe8c33f01d5dd 11476 web optional 
php7.0-sassphp_0.5.10-2_amd64.deb
 e619cf76d6330c0886d115b2576fbf7d 5406 web optional 
sassphp_0.5.10-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCAAGBQJY3LKdAAoJEN7oBD7hfrswpVcP/A8isUL67Zb0B7gnOkdlmmL8
e1qXEz7E27KrWO+7QFsIdcKeHqycweAFL/dGn1BDL0yAKGVqp/w7aJsNtp7D9V8H
0ji7ctLv1a22k8sLyujm9N2zHl7+h9Ik9DxrrMFLJw+jn+prWDnGERr0PrtpVo0o
Te18fduvFXZ/DRKLig8ybvqj0cisspRBgo5OzrmeukOhM8fuyy+XgEGsQUO1ptLA

Bug#855922: [pkg-go] Bug#855922: containerd: 0.2.3 ds1-1 breaks docker 1.11 - unable to start containerd

[Michael Stapelberg]

With runc 1.0.0~rc2+git20161109.131.5137186-2, things indeed work again.
Thanks!

On Thu, Mar 30, 2017 at 5:26 AM, Potter, Tim  wrote:

> On 30 Mar 2017, at 3:54 AM, Michael Stapelberg 
> wrote:
> >
> > Hi Tim,
> >
> > "Potter, Tim"  writes:
> >> Hi Ricardo.  Thanks for the bug report.  I messed up by uploading some
> of the Docker 1.13
> >> dependencies to unstable instead of experimental - my apologies.
> >>
> >> I've done a new upload with a Breaks line to avoid this bug occurring
> until I finish testing
> >> 1.13 and uploading to unstable.
> >
> > I’m still running into this issue (or a very similar one?) with:
> >
> > docker.io 1.13.0~ds1-2
> > runc 0.1.1+dfsg1-2+b1
> > containerd 0.2.3~git20161117.78.03e5862~ds1-2
> > golang-libnetwork 0.8.0~dev.2+git20161130.568.fd27f22-4
> >
> > I installed these packages from Debian unstable, but AFAICT, no newer
> > version is available in experimental.
> >
> > The symptom is:
> > $ docker run -t -i debian:sid /bin/bash
> > docker: Error response from daemon: containerd: container not started.
> >
> > In the journal, I can’t see any errors from containerd itself.
> >
> > Should docker be working in Debian at the moment? If not, is there a
> > workaround?
>
> Hi Michael.  I did an upload yesterday to unstable and things should be
> working again.
> Sorry about the mess in experimental vs unstable.  I was trying to keep
> both the old
> and new version working but failed miserably.
>
> Please let me know if you find any more brokenness.
>
>
> Tim.
>



-- 
Best regards,
Michael

Bug#859081: android-platform-frameworks-base: FTBFS: Util.cpp:445:63: error: too few arguments to function 'void utf16_to_utf8

[Chris Lamb]

Source: android-platform-frameworks-base
Version: 1:7.0.0+r1-3
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Dear Maintainer,

android-platform-frameworks-base fails to build from source in unstable/amd64:

  […]

 dh_auto_configure
 debian/rules override_dh_auto_build-arch
  make[1]: Entering directory '«BUILDDIR»'
  make -f debian/libandroidfw.mk
  make[2]: Entering directory '«BUILDDIR»'
  mkdir --parents debian/out
  g++ libs/androidfw/Asset.cpp libs/androidfw/AssetDir.cpp 
libs/androidfw/AssetManager.cpp libs/androidfw/LocaleData.cpp 
libs/androidfw/misc.cpp libs/androidfw/ObbFile.cpp 
libs/androidfw/ResourceTypes.cpp libs/androidfw/StreamingZipInflater.cpp 
libs/androidfw/TypeWrappers.cpp libs/androidfw/ZipFileRO.cpp 
libs/androidfw/ZipUtils.cpp -o debian/out/libandroidfw.so.0 -g -O2 
-fdebug-prefix-map=«BUILDDIR»=. -fstack-protector-strong -Wformat 
-Werror=format-security -DSTATIC_ANDROIDFW_FOR_TOOLS -Wdate-time 
-D_FORTIFY_SOURCE=2 -DNDEBUG -I/usr/include/android -Iinclude -Wl,-z,relro 
-fPIC -shared -Wl,-soname,libandroidfw.so.0 
-Wl,-rpath=/usr/lib/x86_64-linux-gnu/android -lz 
-L/usr/lib/x86_64-linux-gnu/android -lziparchive -lutils -lcutils -llog
  In file included from /usr/include/android/cutils/log.h:1:0,
   from /usr/include/android/utils/Log.h:31,
   from include/androidfw/ByteBucketArray.h:20,
   from libs/androidfw/ResourceTypes.cpp:32:
  libs/androidfw/ResourceTypes.cpp: In member function 'ssize_t 
android::ResTable::Theme::getAttribute(uint32_t, android::Res_value*, 
uint32_t*) const':
  /usr/include/android/log/log.h:618:39: warning: format '%zd' expects argument 
of type 'signed size_t', but argument 4 has type 'uint32_t {aka unsigned int}' 
[-Wformat=]
   __android_log_print(prio, tag, fmt)
 ^
  /usr/include/android/log/log.h:461:5: note: in expansion of macro 
'android_printLog'
   android_printLog(priority, tag, __VA_ARGS__)
   ^~~~
  /usr/include/android/log/log.h:453:5: note: in expansion of macro 'LOG_PRI'
   LOG_PRI(ANDROID_##priority, tag, __VA_ARGS__)
   ^~~
  /usr/include/android/log/log.h:128:27: note: in expansion of macro 'ALOG'
   #define ALOGI(...) ((void)ALOG(LOG_INFO, LOG_TAG, __VA_ARGS__))
 ^~~~
  libs/androidfw/ResourceTypes.cpp:3542:21: note: in expansion of macro 'ALOGI'
   ALOGI("Desired type index is %zd in avail %zu", t, 
Res_MAXTYPE + 1);
   ^
  ln -s libandroidfw.so.0 debian/out/libandroidfw.so
  make[2]: Leaving directory '«BUILDDIR»'
  make -f debian/libaapt.mk
  make[2]: Entering directory '«BUILDDIR»'
  mkdir --parents debian/out
  g++ tools/aapt/AaptAssets.cpp tools/aapt/AaptConfig.cpp 
tools/aapt/AaptUtil.cpp tools/aapt/AaptXml.cpp tools/aapt/ApkBuilder.cpp 
tools/aapt/Command.cpp tools/aapt/CrunchCache.cpp tools/aapt/FileFinder.cpp 
tools/aapt/Images.cpp tools/aapt/Package.cpp tools/aapt/pseudolocalize.cpp 
tools/aapt/Resource.cpp tools/aapt/ResourceFilter.cpp 
tools/aapt/ResourceIdCache.cpp tools/aapt/ResourceTable.cpp 
tools/aapt/SourcePos.cpp tools/aapt/StringPool.cpp tools/aapt/WorkQueue.cpp 
tools/aapt/XMLNode.cpp tools/aapt/ZipEntry.cpp tools/aapt/ZipFile.cpp -o 
debian/out/libaapt.so.0 -g -O2 -fdebug-prefix-map=«BUILDDIR»=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
-D_FORTIFY_SOURCE=2 -DNDEBUG -I/usr/include/android 
-DSTATIC_ANDROIDFW_FOR_TOOLS -DAAPT_VERSION=\"24.0.0\" -Iinclude -Wl,-z,relro 
-fPIC -shared -Wl,-soname,libaapt.so.0 
-Wl,-rpath=debian/out:/usr/lib/x86_64-linux-gnu/android -lpng -lexpat -lz 
-Ldebian/out -landroidfw -L/usr/lib/x86_64-linux-gnu/android -llog -lutils
  ln -s libaapt.so.0 debian/out/libaapt.so
  make[2]: Leaving directory '«BUILDDIR»'
  make -f debian/aapt.mk
  make[2]: Entering directory '«BUILDDIR»'
  mkdir --parents debian/out
  g++ tools/aapt/Main.cpp -o debian/out/aapt -g -O2 
-fdebug-prefix-map=«BUILDDIR»=. -fstack-protector-strong -Wformat 
-Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -DNDEBUG 
-I/usr/include/android -DSTATIC_ANDROIDFW_FOR_TOOLS -DAAPT_VERSION=\"24.0.0\" 
-Iinclude -Wl,-z,relro -fPIC 
-Wl,-rpath=debian/out:/usr/lib/x86_64-linux-gnu/android 
-Wl,-rpath-link=debian/out -Ldebian/out -laapt 
-L/usr/lib/x86_64-linux-gnu/android -lutils
  make[2]: Leaving directory '«BUILDDIR»'
  make -f debian/aapt2.mk
  make[2]: Entering directory '«BUILDDIR»'
  mkdir --parents debian/out/proto/frameworks/base/tools/aapt2
  protoc --cpp_out=debian/out/proto/frameworks/base/tools/aapt2 \
 --proto_path=tools/aapt2 tools/aapt2/Format.proto
  g++ tools/aapt2/compile/IdAssigner.cpp tools/aapt2/compile/Png.cpp 
tools/aapt2/compile/PseudolocaleGenerator.cpp 
tools/aapt2/compile/Pseudolocalizer.cpp 

Bug#859080: spyder-memory-profiler: FTBFS: AttributeError: 'NoneType' object has no attribute 'toUtf8'

[Chris Lamb]

Source: spyder-memory-profiler
Version: 0.1.0-1
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Dear Maintainer,

spyder-memory-profiler fails to build from source in unstable/amd64:

  […]

  = test session starts 
==
  platform linux -- Python 3.5.3, pytest-3.0.6, py-1.4.32, pluggy-0.4.0
  PyQt5 5.7 -- Qt runtime 5.7.1 -- Qt compiled 5.7.1
  rootdir: «BUILDDIR», inifile: 
  plugins: xvfb-1.0.0, qt-2.1.0
  collected 0 items / 1 errors
  
   ERRORS 

   ERROR collecting 
.pybuild/pythonX.Y_3.5/build/spyder_memory_profiler/widgets/tests/test_memoryprofiler.py
 
  /usr/lib/python3/dist-packages/py/_path/local.py:662: in pyimport
  __import__(modname)
  spyder_memory_profiler/__init__.py:12: in 
  from .memoryprofiler import MemoryProfiler
  spyder_memory_profiler/memoryprofiler.py:14: in 
  from spyder.utils.qthelpers import qapplication
  /usr/lib/python3/dist-packages/spyder/utils/qthelpers.py:26: in 
  from spyder.config.gui import get_shortcut
  /usr/lib/python3/dist-packages/spyder/config/gui.py:26: in 
  from spyder.config.main import CONF
  /usr/lib/python3/dist-packages/spyder/config/main.py:22: in 
  from spyder.config.user import UserConfig
  /usr/lib/python3/dist-packages/spyder/config/user.py:26: in 
  from spyder.utils.programs import check_version
  /usr/lib/python3/dist-packages/spyder/utils/programs.py:33: in 
  username = encoding.to_unicode_from_fs(os.environ.get('USER'))
  /usr/lib/python3/dist-packages/spyder/utils/encoding.py:65: in 
to_unicode_from_fs
  string = to_text_string(string.toUtf8(), 'utf-8')
  E   AttributeError: 'NoneType' object has no attribute 'toUtf8'
  !!! Interrupted: 1 errors during collection 

  === 1 error in 0.32 seconds 

  E: pybuild pybuild:283: test: plugin distutils failed with: exit code=2: cd 
«BUILDDIR»/.pybuild/pythonX.Y_3.5/build; python3.5 -m pytest 
  dh_auto_test: pybuild --test --test-pytest -i python{version} -p 3.5 returned 
exit code 13
  debian/rules:12: recipe for target 'build' failed
  make: *** [build] Error 25
  dpkg-buildpackage: error: debian/rules build gave error exit status 2

  […]

The full build log is attached.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-


spyder-memory-profiler.0.1.0-1.unstable.amd64.log.txt.gz
Description: Binary data