Bug#790636: closed by Mike Gabriel <sunwea...@debian.org> (Bug#790636: fixed in freerdp 1.1.0~git20140921.1.440916e+dfsg1-5)

2017-05-17 Thread Mike Gabriel 
Hi Adrian,

On Wednesday, May 17, 2017, Adrian Bunk wrote:
> On Wed, Aug 19, 2015 at 09:54:21PM +, Debian Bug Tracking System wrote:
> >...
> >  freerdp (1.1.0~git20140921.1.440916e+dfsg1-5) unstable; urgency=medium
> >  .
> >* debian/patches:
> >  + Improve 1003_multi-arch-include-path.patch. Also make include dir in
> >freerdp.pc (pkgconfig) multi-arch compliant. (Closes: #790636).
> >...
> 
> Hi Mike,
> 
> thanks a lot for fixing this bug for stretch.
> 
> It is still present in jessie, could you also fix it there?
> Alternatively, I can fix it for jessie if you don't object.
> 
> Thanks
> Adrian

Please do the jessie fix. Thanks! Much appreciated.

Mike

-- 
Sent from my Fairphone (running Sailfish OS)...

Processed: gulp build fail for node-at.js: TypeError: Invalid Version: undefined at new SemVer (/usr/lib/nodejs/semver/semver.js:279:11)

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> block 862880 by -1
Bug #862880 [wnpp] ITP: node-at.js -- library to autocomplete mentions, smileys 
etc
862880 was blocked by: 862886
862880 was blocking: 829046 862881
Added blocking bug(s) of 862880: 862888

-- 
862880: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862880
862888: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862888
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862888: gulp build fail for node-at.js: TypeError: Invalid Version: undefined at new SemVer (/usr/lib/nodejs/semver/semver.js:279:11)

2017-05-17 Thread Pirate Praveen 
package: node-semver
severity: grave
justification: makes it unuseable
version: 5.3.0-1
Control: block 862880 by -1

I get this error when trying to build node-at.js
(https://anonscm.debian.org/git/pkg-javascript/node-at.js.git) using
gulp 3.9.1-3

$ gulp
[10:13:56] Local gulp not found in
~/forge/debian/git/pkg-javascript/node-at.js
[10:13:56] Try running: npm install gulp
[10:13:56] Using globally installed gulp
/usr/lib/nodejs/semver/semver.js:279
throw new TypeError('Invalid Version: ' + version);
^

TypeError: Invalid Version: undefined
at new SemVer (/usr/lib/nodejs/semver/semver.js:279:11)
at SemVer.compare (/usr/lib/nodejs/semver/semver.js:342:13)
at compare (/usr/lib/nodejs/semver/semver.js:566:31)
at Function.gt (/usr/lib/nodejs/semver/semver.js:595:10)
at Liftoff.handleArguments (/usr/lib/nodejs/gulp/bin/gulp.js:99:14)
at Liftoff. (/usr/lib/nodejs/liftoff/index.js:198:16)
at module.exports (/usr/lib/nodejs/flagged-respawn/index.js:17:3)
at Liftoff. (/usr/lib/nodejs/liftoff/index.js:190:9)
at /usr/lib/nodejs/liftoff/index.js:164:9
at /usr/lib/nodejs/v8flags/index.js:108:14



signature.asc
Description: OpenPGP digital signature

Bug#862741: marked as done (python3-iptables: rule.create_match() raises MemoryError)

2017-05-17 Thread Debian Bug Tracking System 
Your message dated Thu, 18 May 2017 04:48:35 +
with message-id 
and subject line Bug#862741: fixed in python-iptables 0.11.0-4
has caused the Debian Bug report #862741,
regarding python3-iptables: rule.create_match() raises MemoryError
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862741: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862741
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: python3-iptables
Version: 0.11.0-3
Severity: grave
Justification: renders package unusable

The following sample code raises MemoryError on all my Debian systems:

Python 3.5.3 (default, Jan 19 2017, 14:11:04)
[GCC 6.3.0 20170118] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import iptc
>>> iptc.Rule().create_match('udp')
Traceback (most recent call last):
  File "", line 1, in 
  File "/usr/lib/python3/dist-packages/iptc/ip4tc.py", line 959, in create_match
match = Match(self, name=name, revision=revision)
  File "/usr/lib/python3/dist-packages/iptc/ip4tc.py", line 558, in __init__
self.reset()
  File "/usr/lib/python3/dist-packages/iptc/ip4tc.py", line 635, in reset
udata_buf = (ct.c_ubyte * udata_size)()
MemoryError

Using any other method to create a match (iptc.Match(rule, 'tcp')) or
any other match type ('tcp', 'owner', etc) and other kernels (4.9.0
from testing, old 4.6.0 from testing) gives the same results. This bug
makes it impossible to construct any iptable rule as matches are the
core of it - and this pretty much defeats the purpose of the package.

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (1000, 'testing'), (50, 'unstable'), (20, 'stable'), (1,
'experimental')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-2-grsec-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8) (ignored:
LC_ALL set to C.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python3-iptables depends on:
ii  iptables 1.6.0+snapshot20161117-6
ii  libc62.24-10
ii  python3  3.5.3-1
pn  python3:any  

python3-iptables recommends no packages.

Versions of packages python3-iptables suggests:
pn  python-iptables-doc  

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: python-iptables
Source-Version: 0.11.0-4

We believe that the bug you reported is fixed in the latest version of
python-iptables, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 862...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
IOhannes m zmölnig (Debian/GNU)  (supplier of updated 
python-iptables package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 18 May 2017 00:24:18 +0200
Source: python-iptables
Binary: python-iptables python3-iptables python-iptables-doc
Architecture: source
Version: 0.11.0-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Modules Team 

Changed-By: IOhannes m zmölnig (Debian/GNU) 
Description:
 python-iptables - Python bindings for iptables (Python 2 interface)
 python-iptables-doc - documentation for the python-iptables library
 python3-iptables - Python bindings for iptables (Python 3 interface)
Closes: 862741
Changes:
 python-iptables (0.11.0-4) unstable; urgency=medium
 .
   * Backported xtables_match_v12 (Closes: #862741)
Checksums-Sha1:
 1b0143800e99caa9cf020fa92f156859d19d3ec8 2117 python-iptables_0.11.0-4.dsc
 3ba5a52655c8727ca7e5a36d64c8c0b462e70c2a 5184 
python-iptables_0.11.0-4.debian.tar.xz
 5dedbf266e9256a732f0db42c4048a29067bddbc 8564 
python-iptables_0.11.0-4_amd64.buildinfo
Checksums-Sha256:
 a0312a72a4b39ef95ec2b22e88b61df34d1807027be228c762cd4efc4dbd6f88 2117 
python-iptables_0.11.0-4.dsc
 2f9bb81634f2603cc25bec101120d47033429bba51df8923be3af502941d7a92 5184 
python-iptables_0.11.0-4.debian.tar.xz
 f592dc7968943702d2fcce130579aa6cbdb02c547c696801e1b494ec9e0d 8564 
python-iptables_0.11.0-4_amd64.buildinfo
Files:
 4d81880fa32ac96523047d8806c70b39 2117

Bug#860979: marked as done (dpkg-dev: dpkg-shlibdeps regression due to the /usr-merge changes)

2017-05-17 Thread Debian Bug Tracking System 
Your message dated Thu, 18 May 2017 03:18:40 +
with message-id 
and subject line Bug#860979: fixed in dpkg 1.18.24
has caused the Debian Bug report #860979,
regarding dpkg-dev: dpkg-shlibdeps regression due to the /usr-merge changes
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
860979: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860979
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: dpkg-dev
Version: 1.18.17
Severity: serious
Tags: patch

Hi!

Commit a927295c93fb7a17742441aa863aaffcf4a351b5 introduced a severe
regression related to ignoring the order of the found shared library
pathnames, very carefully curated over time in the find_library()
function. Which I already mentioned as my biggest gut-feeling concern
at the time (for which I should have known better and push back instead
of succumbing to the unpleasant pressure at the time…).

This was reported on IRC by Helmut Grohne as being detected on one of
the marvelous rebootstrap runs. An easy reproducer is to install on a
clean amd64 system libc6-amd64:i386, and build anything that depends
on libc6. The binary generated might contain a wrong and unsatisifiable
dependency, because it might emit libc6-amd64 (w/o the arch-qualifier,
which does not exist on amd64) instead of just libc6.

I've prepared the most minimal patch I could come up with up to now,
attached, which fixes that specific problem. But I've not given it
much further testing yet. So I'm a bit hesitant to push this into
1.18.24, because it has the potential to break havoc. :( Of course
there's always the other option of reverting the /usr-merge change
altogether…

Thanks,
Guillem
From aa1ad5755490cb90a309f2d3daf6539d0b4762cb Mon Sep 17 00:00:00 2001
From: Guillem Jover 
Date: Sun, 23 Apr 2017 04:51:58 +0200
Subject: [PATCH] dpkg-shlibdeps: Preserve the order when scanning
 symbols/shlibs files

Regression introduced in commit a927295c93fb7a17742441aa863aaffcf4a351b5.

The code was getting all the possible shared library pathnames for the
wanted SONAME, but was not preserving the order carefully constructed
in find_library(), so we were overwriting symbols/shlibs information
when parsing multiple entries, and selecting the symbols/shlibs files
randomly based on the perl hash order.

This causes regressions when multiple packages provides the same
SONAME on different directories. An example would be libc6:amd64
and libc6-amd64:i386.

Closes: #
Reported-by: Helmut Grohne 
---
 scripts/dpkg-shlibdeps.pl | 74 ---
 1 file changed, 51 insertions(+), 23 deletions(-)

diff --git a/scripts/dpkg-shlibdeps.pl b/scripts/dpkg-shlibdeps.pl
index 0978f33b9..b314202f1 100755
--- a/scripts/dpkg-shlibdeps.pl
+++ b/scripts/dpkg-shlibdeps.pl
@@ -191,6 +191,7 @@ foreach my $file (keys %exec) {
 # Load symbols files for all needed libraries (identified by SONAME)
 my %libfiles;
 my %altlibfiles;
+my %soname_libs;
 my %soname_notfound;
 my %alt_soname;
 foreach my $soname (@sonames) {
@@ -209,6 +210,11 @@ foreach my $file (keys %exec) {
 	}
 	next;
 	}
+
+	# Track shared libraries for a given SONAME.
+	push @{$soname_libs{$soname}}, @libs;
+
+	# Track shared libraries for package mapping.
 	foreach my $lib (@libs) {
 	$libfiles{$lib} = $soname;
 	my $reallib = realpath($lib);
@@ -222,9 +228,11 @@ foreach my $file (keys %exec) {
 my $symfile = Dpkg::Shlibs::SymbolFile->new();
 my $dumplibs_wo_symfile = Dpkg::Shlibs::Objdump->new();
 my @soname_wo_symfile;
-foreach my $lib (keys %libfiles) {
-	my $soname = $libfiles{$lib};
+SONAME: foreach my $soname (@sonames) {
+  # Select the first good entry from the ordered list that we got from
+  # find_library(), and skip to the next SONAME.
 
+  foreach my $lib (@{$soname_libs{$soname}}) {
 	if (none { $_ ne '' } @{$file2pkg->{$lib}}) {
 	# The path of the library as calculated is not the
 	# official path of a packaged file, try to fallback on
@@ -244,6 +252,7 @@ foreach my $file (keys %exec) {
 	}
 
 	# Load symbols/shlibs files from packages providing libraries
+	my $missing_wanted_shlibs_info = 0;
 	foreach my $pkg (@{$file2pkg->{$lib}}) {
 	my $symfile_path;
 my $haslocaldep = 0;
@@ -273,6 +282,9 @@ foreach my $file (keys %exec) {
 		my $minver = $symfile->get_smallest_version($soname) || '';
 		update_dependency_version($dep, $minver);
 		debug(2, " Minimal version of ($dep) initialized with ($minver)");
+
+		#

Bug#853801: useless with this bug

2017-05-17 Thread Adam Borowski 
On Wed, May 17, 2017 at 11:11:49PM +0200, Stephen Kitt wrote:
> On Wed, 17 May 2017 23:03:19 +0200, Adam Borowski  wrote:
> > Uhm, then how possibly could it work without crashing?  Unless you already
> > have a config made with an earlier version, and don't change it.
> > 
> > Like the submitter, it reliably crashes for me every time I left-click to
> > bring the setup.
> 
> I don’t doubt you’re seeing crashes, I was just reacting to the claim that I
> didn’t even run the program. (I didn’t specifically verify #752125 though,
> that was committed a long time ago by Jordan.)

Hmm, is there something special with your setup?  I've just tried the
following:
* amd64 as in archive
* amd64 rebuilt with clang++
* i386 (although in a chroot with amd64 X)
* ssh -X to armhf (again, amd64 X)

The only way I found for left click to not crash is to not have any
joysticks connected, which brings an error message -- obviously avoiding
the code in question.


Meow!
-- 
Don't be racist.  White, amber or black, all beers should be judged based
solely on their merits.  Heck, even if occasionally a cider applies for a
beer's job, why not?
On the other hand, corpo lager is not a race.

Bug#715085: closed by Ana Beatriz Guerrero Lopez <a...@debian.org> (Bug#715085: fixed in ibutils 1.5.7-5)

2017-05-17 Thread Ana Guerrero Lopez 
On Wed, May 17, 2017 at 10:54:22PM +0300, Adrian Bunk wrote:
> On Sun, Mar 12, 2017 at 09:21:06PM +, Debian Bug Tracking System wrote:
> >...
> >  ibutils (1.5.7-5) unstable; urgency=medium
> >  .
> >* Fix Depends lines:
> >  - libibdm-dev: add depends on libibdm1 (= ${binary:Version}) (Closes: 
> > #715085)
> >...
> 
> Hi Ana,
> 
> thanks a lot for fixing this bug for stretch.
> 
> It is still present in jessie, could you also fix it there?
> Alternatively, I can fix it for jessie if you don't object.

Please, go ahead with the fix.

Thanks
Ana

Processed: Bug is not present with the jessie OCaml

2017-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 860405 stretch sid
Bug #860405 {Done: Stéphane Glondu } 
[libocamlbricks-ocaml-dev] marionnet: segfaults after installation, not usable
Added tag(s) stretch and sid.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
860405: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860405
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#853801: useless with this bug

2017-05-17 Thread Stephen Kitt 
On Wed, 17 May 2017 23:03:19 +0200, Adam Borowski  wrote:
> On Wed, May 17, 2017 at 10:53:50PM +0200, Stephen Kitt wrote:
> > On Mon, 15 May 2017 06:22:59 +0200, Adam Borowski 
> > wrote:  
> > > The patch doesn't apply, need to revert that clang "fix" first.  Looks
> > > like someone only build-tested that, without even trying to run the
> > > program...  
> > 
> > That would be me, and I have qjoypad running as I write this.  
> 
> Uhm, then how possibly could it work without crashing?  Unless you already
> have a config made with an earlier version, and don't change it.
> 
> Like the submitter, it reliably crashes for me every time I left-click to
> bring the setup.

I don’t doubt you’re seeing crashes, I was just reacting to the claim that I
didn’t even run the program. (I didn’t specifically verify #752125 though,
that was committed a long time ago by Jordan.)

Regards,

Stephen


pgpOGoZPBKVQh.pgp
Description: OpenPGP digital signature

Bug#853801: useless with this bug

2017-05-17 Thread Adam Borowski 
On Wed, May 17, 2017 at 10:53:50PM +0200, Stephen Kitt wrote:
> On Mon, 15 May 2017 06:22:59 +0200, Adam Borowski  wrote:
> > The patch doesn't apply, need to revert that clang "fix" first.  Looks like
> > someone only build-tested that, without even trying to run the program...
> 
> That would be me, and I have qjoypad running as I write this.

Uhm, then how possibly could it work without crashing?  Unless you already
have a config made with an earlier version, and don't change it.

Like the submitter, it reliably crashes for me every time I left-click to
bring the setup.


-- 
Don't be racist.  White, amber or black, all beers should be judged based
solely on their merits.  Heck, even if occasionally a cider applies for a
beer's job, why not?
On the other hand, corpo lager is not a race.

Bug#861112: xsane: always crashes on start

2017-05-17 Thread Andreas Henriksson 
On Sun, May 07, 2017 at 11:24:13PM +0300, Aaro Koskinen wrote:
> $ SANE_DEBUG_NET=3 scanimage -L
[...]
> scanimage: thread-watch.c:171: avahi_threaded_poll_lock: Assertion `p' failed.
> Aborted
> 
> It's disabling Avahi support (I don't have such daemon) but still later
> calling avahi_threaded_poll_lock() with NULL avahi_thread.
[...]

Yes, definitely seems so. Could you please test the attached patch
which hopefully takes care of your issue?

Regards,
Andreas Henriksson
From: Andreas Henriksson 
Subject: Avoid assertion failure when net_avahi_init failed

The avahi_threaded_poll_{un,}lock functions does not accept a NULL argument.
The avahi_thread variable might be NULL when the net_avahi_init() function
failed. We thus need to make sure we don't pass a NULL avahi_thread
to any of these functions.

Bug-Debian: https://bugs.debian.org/861112

diff -uriNp sane-backends-1.0.26~git20151121/backend/net.c sane-backends-1.0.26~git20151121.nullcheck/backend/net.c
--- sane-backends-1.0.26~git20151121/backend/net.c	2015-11-13 03:10:49.0 +0100
+++ sane-backends-1.0.26~git20151121.nullcheck/backend/net.c	2017-05-17 22:49:01.922390615 +0200
@@ -1045,12 +1045,12 @@ sane_init (SANE_Int * version_code, SANE
 	  continue;
 	}
 #ifdef WITH_AVAHI
-	  avahi_threaded_poll_lock (avahi_thread);
+	  if (avahi_thread) avahi_threaded_poll_lock (avahi_thread);
 #endif /* WITH_AVAHI */
 	  DBG (2, "sane_init: trying to add %s\n", device_name);
 	  add_device (device_name, 0);
 #ifdef WITH_AVAHI
-	  avahi_threaded_poll_unlock (avahi_thread);
+	  if (avahi_thread) avahi_threaded_poll_unlock (avahi_thread);
 #endif /* WITH_AVAHI */
 	}
 
@@ -1096,12 +1096,12 @@ sane_init (SANE_Int * version_code, SANE
 		  continue;
 #endif /* ENABLE_IPV6 */
 #ifdef WITH_AVAHI
-	  avahi_threaded_poll_lock (avahi_thread);
+	  if (avahi_thread) avahi_threaded_poll_lock (avahi_thread);
 #endif /* WITH_AVAHI */
 	  DBG (2, "sane_init: trying to add %s\n", host);
 	  add_device (host, 0);
 #ifdef WITH_AVAHI
-	  avahi_threaded_poll_unlock (avahi_thread);
+	  if (avahi_thread) avahi_threaded_poll_unlock (avahi_thread);
 #endif /* WITH_AVAHI */
 	}
 	  free (copy);
@@ -1519,11 +1519,11 @@ sane_open (SANE_String_Const full_name,
 	   "sane_open: device %s not found, trying to register it anyway\n",
 	   nd_name);
 #ifdef WITH_AVAHI
-  avahi_threaded_poll_lock (avahi_thread);
+  if (avahi_thread) avahi_threaded_poll_lock (avahi_thread);
 #endif /* WITH_AVAHI */
   status = add_device (nd_name, );
 #ifdef WITH_AVAHI
-  avahi_threaded_poll_unlock (avahi_thread);
+  if (avahi_thread) avahi_threaded_poll_unlock (avahi_thread);
 #endif /* WITH_AVAHI */
   if (status != SANE_STATUS_GOOD)
 	{

Bug#853801: useless with this bug

2017-05-17 Thread Stephen Kitt 
On Mon, 15 May 2017 06:22:59 +0200, Adam Borowski  wrote:
> The patch doesn't apply, need to revert that clang "fix" first.  Looks like
> someone only build-tested that, without even trying to run the program...

That would be me, and I have qjoypad running as I write this.

Regards,

Stephen


pgpCneNkuXNTX.pgp
Description: OpenPGP digital signature

Bug#809759: closed by Frederic Peters <fpet...@debian.org> (Bug#809759: fixed in lasso 2.5.0-3)

2017-05-17 Thread Adrian Bunk 
On Mon, Jan 11, 2016 at 09:45:15AM +, Debian Bug Tracking System wrote:
>...
>  lasso (2.5.0-3) unstable; urgency=medium
>  .
>* d/p/0001-perl-remove-quotes-from-PERL-V-ccflags-output.patch: new patch,
>  make sure to remove quotes given by "perl -V::ccflags:" as they 
> ultimately
>  cause the 32bit builds to fail. (closes: #809759)
>  * Thanks to Niko Tyni for the detailed diagnostic.
>...

Hi Frederic,

thanks a lot for fixing this bug for stretch.

It is still present in jessie, could you also fix it there?
Alternatively, I can fix it for jessie if you don't object.

Thanks
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#862861: libjs-jquery needs Breaks: libjs-chosen (<< 0.9.15-1~)

2017-05-17 Thread Adrian Bunk 
Package: libjs-jquery
Version: 1.11.3+dfsg-1
Severity: serious

See #797166 for details
(and the Breaks is also missing in the backport to jessie).

Processed: Not a problem with the jessie jquery package

2017-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 797166 stretch sid
Bug #797166 {Done: Ilias Tsitsimpis } [libjs-chosen] 
Breaks with jQuery 1.11.3: $.browser is undefined
Added tag(s) sid and stretch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
797166: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797166
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#715085: closed by Ana Beatriz Guerrero Lopez <a...@debian.org> (Bug#715085: fixed in ibutils 1.5.7-5)

2017-05-17 Thread Adrian Bunk 
On Sun, Mar 12, 2017 at 09:21:06PM +, Debian Bug Tracking System wrote:
>...
>  ibutils (1.5.7-5) unstable; urgency=medium
>  .
>* Fix Depends lines:
>  - libibdm-dev: add depends on libibdm1 (= ${binary:Version}) (Closes: 
> #715085)
>...

Hi Ana,

thanks a lot for fixing this bug for stretch.

It is still present in jessie, could you also fix it there?
Alternatively, I can fix it for jessie if you don't object.

Thanks
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#790636: closed by Mike Gabriel <sunwea...@debian.org> (Bug#790636: fixed in freerdp 1.1.0~git20140921.1.440916e+dfsg1-5)

2017-05-17 Thread Adrian Bunk 
On Wed, Aug 19, 2015 at 09:54:21PM +, Debian Bug Tracking System wrote:
>...
>  freerdp (1.1.0~git20140921.1.440916e+dfsg1-5) unstable; urgency=medium
>  .
>* debian/patches:
>  + Improve 1003_multi-arch-include-path.patch. Also make include dir in
>freerdp.pc (pkgconfig) multi-arch compliant. (Closes: #790636).
>...

Hi Mike,

thanks a lot for fixing this bug for stretch.

It is still present in jessie, could you also fix it there?
Alternatively, I can fix it for jessie if you don't object.

Thanks
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Processed: Re: Bug#862611: deluge-webui: directory traversal attack vulnerability

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> retitle -1 deluge: CVE-2017-9031: directory traversal attack vulnerability
Bug #862611 {Done: Andrew Starr-Bochicchio } [deluge-webui] 
deluge-webui: directory traversal attack vulnerability
Changed Bug title to 'deluge: CVE-2017-9031: directory traversal attack 
vulnerability' from 'deluge-webui: directory traversal attack vulnerability'.

-- 
862611: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862611
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862611: deluge-webui: directory traversal attack vulnerability

2017-05-17 Thread Salvatore Bonaccorso 
Control: retitle -1 deluge: CVE-2017-9031: directory traversal attack 
vulnerability

CVE-2017-9031 got assigned for this issue.

Regards,
Salvatore

Bug#856533: marked as done (freeipa-server: is_running() takes at most 2 arguments (3 given))

2017-05-17 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 18:33:39 +
with message-id 
and subject line Bug#856533: fixed in freeipa 4.4.4-1
has caused the Debian Bug report #856533,
regarding freeipa-server: is_running() takes at most 2 arguments (3 given)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
856533: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856533
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: freeipa-server
Version: 4.4.3-3
Severity: grave
Justification: renders package unusable

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
Created brand new VM from debian-8.7.1-amd64-netinst.iso > installed 
only base system > updated sources.list to use Sid archive plus experimental > 
used aptitude to update/upgrade > reboot > used aptitude to install 
freeipa-server including dependancies > ran ipa-server-install
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
Durring install config I approved configuring BIND > Directory Manager 
password and IPA admin password were both set to 12345678 to avoid "special 
characters" issue > other settings left as default
   * What was the outcome of this action?
Config NTP daemon [error] TypeError: is_running() takes at most 2 
arguments (3 given)
install terminates and sends me to the /var/log/ipaserver-install.log 
for more information
   * What outcome did you expect instead?

Personal note:
While I have been a Debian user for more than a decade I have never 
submitted a bug report.  If I'm not providing enough info or the right info 
please help me be more efficient for you.

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages freeipa-server depends on:
ii  389-ds-base  1.3.5.15-2
ii  acl  2.2.52-3+b1
ii  apache2  2.4.25-3
ii  certmonger   0.78.6-4
ii  custodia 0.1.0-6
ii  fonts-font-awesome   4.7.0~dfsg-2
ii  freeipa-admintools   4.4.3-3
ii  freeipa-client   4.4.3-3
ii  freeipa-common   4.4.3-3
ii  init-system-helpers  1.47
ii  krb5-admin-server1.15-1
ii  krb5-kdc 1.15-1
ii  krb5-kdc-ldap1.15-1
ii  krb5-otp 1.15-1
ii  krb5-pkinit  1.15-1
ii  ldap-utils   2.4.44+dfsg-3
ii  libapache2-mod-auth-gssapi   1.4.1-1+b1
ii  libapache2-mod-nss   1.0.14-1
ii  libapache2-mod-wsgi  4.5.11-1
ii  libc62.24-9
ii  libcomerr2   1.43.4-2
ii  libjs-dojo-core  1.11.0+dfsg-1
ii  libjs-jquery 3.1.1-2
ii  libk5crypto3 1.15-1
ii  libkrad0 1.15-1
ii  libkrb5-31.15-1
ii  libldap-2.4-22.4.44+dfsg-3
ii  libnspr4 2:4.13.1-1
ii  libnss3  2:3.29.1-1
ii  libnss3-tools2:3.29.1-1
ii  libsasl2-modules-gssapi-mit  2.1.27~101-g0780600+dfsg-2
ii  libssl1.11.1.0e-1
ii  libsss-nss-idmap01.15.0-3
ii  libtalloc2   2.1.8-1
ii  libtevent0   0.9.31-1
ii  libunistring00.9.6+really0.9.3-0.1
ii  libuuid1 2.29.1-1
ii  libverto10.2.4-2.1
ii  memcached1.4.33-1
ii  ntp  1:4.2.8p9+dfsg-2.1
ii  oddjob   0.34.3-4
ii  p11-kit  0.23.4-1
ii  pki-ca   10.3.5-6
ii  pki-kra  10.3.5-6
ii  python-dateutil  2.5.3-2
ii  python-gssapi1.2.0-1
ii  python-ipaserver 4.4.3-3
ii  python-ldap  2.4.28-0.1
ii  python-systemd   233-1
pn  python:any   
ii  samba-libs   2:4.5.4+dfsg-1
ii  slapi-nis0.56.1-1
ii  softhsm2 2.2.0-3
ii  systemd-sysv 232-18

Versions of packages freeipa-server recommends:
ii  freeipa-server-dns  4.4.3-3

Processed: cloning 862842, reassign -1 to debhelper, severity of -1 is normal, tagging -1 ...

2017-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> clone 862842 -1
Bug #862842 [src:linux] FTBFS invoking debian/rules binary-arch manually
Bug 862842 cloned as bug 862844
> reassign -1 debhelper
Bug #862844 [src:linux] FTBFS invoking debian/rules binary-arch manually
Bug reassigned from package 'src:linux' to 'debhelper'.
No longer marked as found in versions linux/4.9.25-1.
Ignoring request to alter fixed versions of bug #862844 to the same values 
previously set
> severity -1 normal
Bug #862844 [debhelper] FTBFS invoking debian/rules binary-arch manually
Severity set to 'normal' from 'serious'
> tags -1 - stretch-ignore jessie-ignore
Bug #862844 [debhelper] FTBFS invoking debian/rules binary-arch manually
Removed tag(s) stretch-ignore and jessie-ignore.
> retitle -1 debhelper: Please detect empty DEB_* vars
Bug #862844 [debhelper] FTBFS invoking debian/rules binary-arch manually
Changed Bug title to 'debhelper: Please detect empty DEB_* vars' from 'FTBFS 
invoking debian/rules binary-arch manually'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
862842: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862842
862844: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862844
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862842: FTBFS invoking debian/rules binary-arch manually

2017-05-17 Thread James Clarke 
Source: linux
Version: 4.9.25-1
Severity: serious
Tags: jessie-ignore stretch-ignore

[{jessie,stretch}-ignore pre-approval from jcristau]

Hi,
Invoking debian/rules manually without the help of dpkg-buildpackage
causes src:linux to FTBFS:

> dh_strip: -strip --strip-debug --remove-section=.comment 
> --remove-section=.note --enable-deterministic-archives 
> debian/libusbip-dev/usr/lib/libusbip.a failed to to execute: No such file or 
> directory

Note the extra - prefix to the commands. How this comes about:

 1. debian/rules.real exports DEB_HOST_ARCH DEB_HOST_GNU_TYPE
DEB_BUILD_ARCH but does not ensure they are defined, so they are
inserted into the environment as empty strings.

 2. Debian::Debhelper::Dh_Lib checks if DEB_HOST_GNU_TYPE != BUILD, but
its dpkg_architecture_value uses value in the environment if
defined, even if empty, so it thinks DEB_HOST_GNU_TYPE is "", but
DEB_BUILD_GNU_TYPE is "x86_64-linux-gnu" (for example), and
therefore thinks it's cross-compiling. It then prepends
"DEB_HOST_GNU_TYPE-" to "strip", which expands to just "-".

Now, debian/rules.real is also checking DEB_{BUILD,HOST}_ARCH itself
(and potentially using DEB_HOST_GNU_TYPE), without ensuring they are
defined, although this is unlikely to cause a problem in reality, since
when cross-compiling you will probably ensure these are all set anyway,
not just the ones that aren't the default. However, it's probably good
practice not to rely on that.

So, to fix this, please either move the "include debian/rules.defs" in
debian/rules.real to before any use of the DEB_* variables (which
includes /usr/share/dpkg/default.mk [which itself includes
architecture.mk], though I don't know if rules.defs has to be that late
in the file for other reasons) or add the appropriate DEB_FOO := ...
definitions to the group at the top of debian/rules.real

Regards,
James

Bug#862837: xrdp: Package install failure - dpkg: error processing package xrdp (--configure)

2017-05-17 Thread Aaron Morand 
 ws06-yyz systemd[1]: Unit xrdp.service entered failed state.


# journalctl -xn
-- Logs begin at Wed 2017-05-17 09:04:58 EDT, end at Wed 2017-05-17 11:45:15 
EDT. --
May 17 11:45:15 ws06-yyz xrdp-sesman[17593]: (17593)(139768431830784)[DEBUG] 
libscp initialized
May 17 11:45:15 ws06-yyz xrdp-sesman[17594]: (17594)(139768431830784)[INFO ] 
starting xrdp-sesman with pid 17594
May 17 11:45:15 ws06-yyz systemd[1]: Started xrdp session manager.
-- Subject: Unit xrdp-sesman.service has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit xrdp-sesman.service has finished starting up.
-- 
-- The start-up result is done.
May 17 11:45:15 ws06-yyz systemd[1]: Starting xrdp daemon...
-- Subject: Unit xrdp.service has begun with start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit xrdp.service has begun starting up.
May 17 11:45:15 ws06-yyz systemd[1]: xrdp.service: control process exited, 
code=exited status=1
May 17 11:45:15 ws06-yyz systemd[1]: Failed to start xrdp daemon.
-- Subject: Unit xrdp.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit xrdp.service has failed.
-- 
-- The result is failed.
May 17 11:45:15 ws06-yyz systemd[1]: Unit xrdp.service entered failed state.
May 17 11:45:15 ws06-yyz systemd[1]: Stopping xrdp session manager...
-- Subject: Unit xrdp-sesman.service has begun shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit xrdp-sesman.service has begun shutting down.
May 17 11:45:15 ws06-yyz xrdp-sesman[17594]: (17594)(139768431830784)[INFO ] 
shutting down sesman 1
May 17 11:45:15 ws06-yyz xrdp-sesman[17594]: (17594)(139768431830784)[INFO ] 
listening to port 3350 on 127.0.0.1


xrdp.log is never written to and xrdp-sesman.log doesn't contain anything very 
informative.

# ls -lh /var/log/xrdp*
-rw-r- 1 xrdp adm   0 May 17 11:45 /var/log/xrdp.log
-rw-r- 1 root adm 602 May 17 11:45 /var/log/xrdp-sesman.log

# cat /var/log/xrdp-sesman.log 
[20170517-11:35:35] [CORE ] starting sesman with pid 9957
[20170517-11:35:35] [INFO ] listening...
[20170517-11:36:03] [INFO ] shutting down sesman 1
[20170517-11:40:50] [DEBUG] libscp initialized
[20170517-11:40:50] [INFO ] starting xrdp-sesman with pid 14484
[20170517-11:40:50] [INFO ] shutting down sesman 1
[20170517-11:40:50] [INFO ] listening to port 3350 on 127.0.0.1
[20170517-11:45:15] [DEBUG] libscp initialized
[20170517-11:45:15] [INFO ] starting xrdp-sesman with pid 17594
[20170517-11:45:15] [INFO ] shutting down sesman 1
[20170517-11:45:15] [INFO ] listening to port 3350 on 127.0.0.1


syslog doesn't shed any light on the issue for me either.

# grep xrdp /var/log/syslog | tail -20
May 17 11:40:50 ws06-yyz xrdp-sesman[14484]: (14484)(140173754193664)[INFO ] 
listening to port 3350 on 127.0.0.1
May 17 11:42:21 ws06-yyz systemd[1]: xrdp-sesman.service stop-sigterm timed 
out. Killing.
May 17 11:42:21 ws06-yyz systemd[1]: xrdp-sesman.service: main process exited, 
code=killed, status=9/KILL
May 17 11:42:21 ws06-yyz systemd[1]: Stopped xrdp session manager.
May 17 11:42:21 ws06-yyz systemd[1]: Unit xrdp-sesman.service entered failed 
state.
May 17 11:45:15 ws06-yyz systemd[1]: Starting xrdp session manager...
May 17 11:45:15 ws06-yyz xrdp-sesman[17593]: (17593)(139768431830784)[DEBUG] 
libscp initialized
May 17 11:45:15 ws06-yyz xrdp-sesman[17594]: (17594)(139768431830784)[INFO ] 
starting xrdp-sesman with pid 17594
May 17 11:45:15 ws06-yyz systemd[1]: Started xrdp session manager.
May 17 11:45:15 ws06-yyz systemd[1]: Starting xrdp daemon...
May 17 11:45:15 ws06-yyz systemd[1]: xrdp.service: control process exited, 
code=exited status=1
May 17 11:45:15 ws06-yyz systemd[1]: Failed to start xrdp daemon.
May 17 11:45:15 ws06-yyz systemd[1]: Unit xrdp.service entered failed state.
May 17 11:45:15 ws06-yyz systemd[1]: Stopping xrdp session manager...
May 17 11:45:15 ws06-yyz xrdp-sesman[17594]: (17594)(139768431830784)[INFO ] 
shutting down sesman 1
May 17 11:45:15 ws06-yyz xrdp-sesman[17594]: (17594)(139768431830784)[INFO ] 
listening to port 3350 on 127.0.0.1
May 17 11:46:45 ws06-yyz systemd[1]: xrdp-sesman.service stop-sigterm timed 
out. Killing.
May 17 11:46:45 ws06-yyz systemd[1]: xrdp-sesman.service: main process exited, 
code=killed, status=9/KILL
May 17 11:46:45 ws06-yyz systemd[1]: Stopped xrdp session manager.
May 17 11:46:45 ws06-yyz systemd[1]: Unit xrdp-sesman.service entered failed 
state.


I have been using xrdp 0.6.1-2 for a while and it works fine, except for mouse 
wheel events, which is what prompted my attempt to upgrade.

I tried purging my existing xrdp install to ensure it wasn't an issue with my 
config, but the result was the same.

I'm not sure what else to try.  Any insights would be great.

Thanks,

Aaron


-- System Information:
Debian Release: 8.8
  APT pr

Processed: The rnahybrid/armel binary has been removed

2017-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 861281 important
Bug #861281 [rnahybrid] rnahybrid: FTBFS on armel
Severity set to 'important' from 'serious'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
861281: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861281
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862156: Bug #862156

2017-05-17 Thread Przemysław Świderski 
On Thu, 11 May 2017 10:24:59 +0200 =?UTF-8?Q?Rapha=c3=abl_Halimi?= <
raphael.hal...@gmail.com> wrote:
> Control: retitle -1 WebKit can't display Google's new login page
>
> Hi,
>
> To the bug reporter : once WebKit 2.14.7 lands in Stretch, could you
> please check if the problem is fixed, so that the package maintainers
> can close this bug ?
>

Yes,  I confirm that the problem is fixed.

Bug#861564: marked as done (libpodofo: CVE-2017-6847)

2017-05-17 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 15:05:38 +
with message-id 
and subject line Bug#861564: fixed in libpodofo 0.9.4-6
has caused the Debian Bug report #861564,
regarding libpodofo: CVE-2017-6847
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
861564: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861564
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libpodofo
Severity: grave
Tags: security

New podofo issues (no CVEs yet):

http://www.openwall.com/lists/oss-security/2017/03/02/10
http://www.openwall.com/lists/oss-security/2017/03/02/9
http://www.openwall.com/lists/oss-security/2017/03/02/8
http://www.openwall.com/lists/oss-security/2017/03/02/7
http://www.openwall.com/lists/oss-security/2017/03/02/6
http://www.openwall.com/lists/oss-security/2017/03/02/5
http://www.openwall.com/lists/oss-security/2017/03/02/4
http://www.openwall.com/lists/oss-security/2017/03/02/3
http://www.openwall.com/lists/oss-security/2017/03/02/2

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: libpodofo
Source-Version: 0.9.4-6

We believe that the bug you reported is fixed in the latest version of
libpodofo, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 861...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mattia Rizzolo  (supplier of updated libpodofo package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 17 May 2017 14:54:40 +0200
Source: libpodofo
Binary: libpodofo-dev libpodofo-utils libpodofo0.9.4
Architecture: source
Version: 0.9.4-6
Distribution: unstable
Urgency: high
Maintainer: Mattia Rizzolo 
Changed-By: Mattia Rizzolo 
Description:
 libpodofo-dev - PoDoFo development files
 libpodofo-utils - PoDoFo utilities
 libpodofo0.9.4 - PoDoFo - library to work with the PDF file format
Closes: 854603 859329 859330 861557 861559 861560 861564 861565
Changes:
 libpodofo (0.9.4-6) unstable; urgency=high
 .
   * Add upstream patches for security issues:
 + CVE-2017-5855 Closes: #854603
 + CVE-2017-6840 Closes: #861557
 + CVE-2017-6842 Closes: #861559
 + CVE-2017-6843 Closes: #861560
 + CVE-2017-6847 Closes: #861564
 + CVE-2017-6848 Closes: #861565
 + CVE-2017-7378 Closes: #859330
 + CVE-2017-7380 CVE-2017-7381 CVE-2017-7382 CVE-2017-7383 Closes: #859329
Checksums-Sha1:
 a0141f73e16d353888dfb632826662ec66cc548c 2119 libpodofo_0.9.4-6.dsc
 93562112a91591e5c6b9c948a9aa066bad8c4f1a 14512 libpodofo_0.9.4-6.debian.tar.xz
 f1cd3ed5a17a27a0104ef4c119260df641d8301d 8322 libpodofo_0.9.4-6_amd64.buildinfo
Checksums-Sha256:
 1d96e62e5dc05c3da75b27c119f38059632a4b38b449a09f261609c658ac6501 2119 
libpodofo_0.9.4-6.dsc
 2d93ad73a0a76fb8c81bf8d8e4e28295521b2201de75bf43921c56fdde184ada 14512 
libpodofo_0.9.4-6.debian.tar.xz
 378cbccde338b4d202fb9d0e3ffd4db6d236d8afbc3afd555a710096baa8be8c 8322 
libpodofo_0.9.4-6_amd64.buildinfo
Files:
 616f6d73552c644f07f9aac81c68d586 2119 libdevel extra libpodofo_0.9.4-6.dsc
 69ed783b68d73ee280d264db44b0be2b 14512 libdevel extra 
libpodofo_0.9.4-6.debian.tar.xz
 3b44532d73422eca5c039607ce5be072 8322 libdevel extra 
libpodofo_0.9.4-6_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAlkcSacACgkQCBa54Yx2
K60wIA//Srh+elVV8U5HZ+/WygzwNsd4fCZdpvsTxgesLM5HCl80M3adaSZsHyFJ
zBiD5n/Xkgtc/fr4nLU3X2k++rkyiBulIuB2+vT/qDwa1oYgyQDWTH/DTJ+Y363d
9Bb6gI4LqytsgYgvDU2ZEEq73DYeQa5P7bGB4Bt+XYOlfKjd+xLAuVU6srWNuXSA
/sBshQhWDzvC+WAgXF0AW6Qe+Nz2g0LS4mw2qO80eZ5Tu0vLofpMvC+w7PssdPlK
RfPAngL9uEy28s6DFKf/GcAfCkd2CYfVQTU2QGoGeQei/GyTXXFzrDBK9UOXeMlz
XZuYfhBqwj6AYo1W7freJBzrOw5haTrGkZKUipcWUD7qlJRP0Sa54IOV9cr/R+3D
PljaLbIZQXrIO/z8xtVs3Yu6mKHgWPciPwu/nvs8U9Z4h7XSfHCVOM+vYyjW7imG
gkYR2G/2VnBI0wbs6+gepafSzZ60q9GNMAsMin1dllpRGEOiPpln/5ZFYHksZwDF
rqbNsYLOov/bNbgHKpy4Erf/qtKoa6QLrojN0vNQFjLiioTc3E1C667CvKH/hwn0
qwdQR4KUrG55lVJEAf4B707xeibU0i6oad59jxO0rK9YKXBac1zHyBcobU3hluhv
lp+AK8MgSrzwYwteG28eAfPEzRAz7CeK0KW6mVTRo696l5k7S0U=
=8FKk
-END PGP SIGNATURE End Message ---

Bug#861557: marked as done (libpodofo: CVE-2017-6840)

2017-05-17 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 15:05:38 +
with message-id 
and subject line Bug#861557: fixed in libpodofo 0.9.4-6
has caused the Debian Bug report #861557,
regarding libpodofo: CVE-2017-6840
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
861557: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861557
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libpodofo
Severity: grave
Tags: security

New podofo issues (no CVEs yet):

http://www.openwall.com/lists/oss-security/2017/03/02/10
http://www.openwall.com/lists/oss-security/2017/03/02/9
http://www.openwall.com/lists/oss-security/2017/03/02/8
http://www.openwall.com/lists/oss-security/2017/03/02/7
http://www.openwall.com/lists/oss-security/2017/03/02/6
http://www.openwall.com/lists/oss-security/2017/03/02/5
http://www.openwall.com/lists/oss-security/2017/03/02/4
http://www.openwall.com/lists/oss-security/2017/03/02/3
http://www.openwall.com/lists/oss-security/2017/03/02/2

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: libpodofo
Source-Version: 0.9.4-6

We believe that the bug you reported is fixed in the latest version of
libpodofo, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 861...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mattia Rizzolo  (supplier of updated libpodofo package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 17 May 2017 14:54:40 +0200
Source: libpodofo
Binary: libpodofo-dev libpodofo-utils libpodofo0.9.4
Architecture: source
Version: 0.9.4-6
Distribution: unstable
Urgency: high
Maintainer: Mattia Rizzolo 
Changed-By: Mattia Rizzolo 
Description:
 libpodofo-dev - PoDoFo development files
 libpodofo-utils - PoDoFo utilities
 libpodofo0.9.4 - PoDoFo - library to work with the PDF file format
Closes: 854603 859329 859330 861557 861559 861560 861564 861565
Changes:
 libpodofo (0.9.4-6) unstable; urgency=high
 .
   * Add upstream patches for security issues:
 + CVE-2017-5855 Closes: #854603
 + CVE-2017-6840 Closes: #861557
 + CVE-2017-6842 Closes: #861559
 + CVE-2017-6843 Closes: #861560
 + CVE-2017-6847 Closes: #861564
 + CVE-2017-6848 Closes: #861565
 + CVE-2017-7378 Closes: #859330
 + CVE-2017-7380 CVE-2017-7381 CVE-2017-7382 CVE-2017-7383 Closes: #859329
Checksums-Sha1:
 a0141f73e16d353888dfb632826662ec66cc548c 2119 libpodofo_0.9.4-6.dsc
 93562112a91591e5c6b9c948a9aa066bad8c4f1a 14512 libpodofo_0.9.4-6.debian.tar.xz
 f1cd3ed5a17a27a0104ef4c119260df641d8301d 8322 libpodofo_0.9.4-6_amd64.buildinfo
Checksums-Sha256:
 1d96e62e5dc05c3da75b27c119f38059632a4b38b449a09f261609c658ac6501 2119 
libpodofo_0.9.4-6.dsc
 2d93ad73a0a76fb8c81bf8d8e4e28295521b2201de75bf43921c56fdde184ada 14512 
libpodofo_0.9.4-6.debian.tar.xz
 378cbccde338b4d202fb9d0e3ffd4db6d236d8afbc3afd555a710096baa8be8c 8322 
libpodofo_0.9.4-6_amd64.buildinfo
Files:
 616f6d73552c644f07f9aac81c68d586 2119 libdevel extra libpodofo_0.9.4-6.dsc
 69ed783b68d73ee280d264db44b0be2b 14512 libdevel extra 
libpodofo_0.9.4-6.debian.tar.xz
 3b44532d73422eca5c039607ce5be072 8322 libdevel extra 
libpodofo_0.9.4-6_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAlkcSacACgkQCBa54Yx2
K60wIA//Srh+elVV8U5HZ+/WygzwNsd4fCZdpvsTxgesLM5HCl80M3adaSZsHyFJ
zBiD5n/Xkgtc/fr4nLU3X2k++rkyiBulIuB2+vT/qDwa1oYgyQDWTH/DTJ+Y363d
9Bb6gI4LqytsgYgvDU2ZEEq73DYeQa5P7bGB4Bt+XYOlfKjd+xLAuVU6srWNuXSA
/sBshQhWDzvC+WAgXF0AW6Qe+Nz2g0LS4mw2qO80eZ5Tu0vLofpMvC+w7PssdPlK
RfPAngL9uEy28s6DFKf/GcAfCkd2CYfVQTU2QGoGeQei/GyTXXFzrDBK9UOXeMlz
XZuYfhBqwj6AYo1W7freJBzrOw5haTrGkZKUipcWUD7qlJRP0Sa54IOV9cr/R+3D
PljaLbIZQXrIO/z8xtVs3Yu6mKHgWPciPwu/nvs8U9Z4h7XSfHCVOM+vYyjW7imG
gkYR2G/2VnBI0wbs6+gepafSzZ60q9GNMAsMin1dllpRGEOiPpln/5ZFYHksZwDF
rqbNsYLOov/bNbgHKpy4Erf/qtKoa6QLrojN0vNQFjLiioTc3E1C667CvKH/hwn0
qwdQR4KUrG55lVJEAf4B707xeibU0i6oad59jxO0rK9YKXBac1zHyBcobU3hluhv
lp+AK8MgSrzwYwteG28eAfPEzRAz7CeK0KW6mVTRo696l5k7S0U=
=8FKk
-END PGP SIGNATURE End Message ---

Bug#861565: marked as done (libpodofo: CVE-2017-6848)

2017-05-17 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 15:05:38 +
with message-id 
and subject line Bug#861565: fixed in libpodofo 0.9.4-6
has caused the Debian Bug report #861565,
regarding libpodofo: CVE-2017-6848
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
861565: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861565
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libpodofo
Severity: grave
Tags: security

New podofo issues (no CVEs yet):

http://www.openwall.com/lists/oss-security/2017/03/02/10
http://www.openwall.com/lists/oss-security/2017/03/02/9
http://www.openwall.com/lists/oss-security/2017/03/02/8
http://www.openwall.com/lists/oss-security/2017/03/02/7
http://www.openwall.com/lists/oss-security/2017/03/02/6
http://www.openwall.com/lists/oss-security/2017/03/02/5
http://www.openwall.com/lists/oss-security/2017/03/02/4
http://www.openwall.com/lists/oss-security/2017/03/02/3
http://www.openwall.com/lists/oss-security/2017/03/02/2

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: libpodofo
Source-Version: 0.9.4-6

We believe that the bug you reported is fixed in the latest version of
libpodofo, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 861...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mattia Rizzolo  (supplier of updated libpodofo package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 17 May 2017 14:54:40 +0200
Source: libpodofo
Binary: libpodofo-dev libpodofo-utils libpodofo0.9.4
Architecture: source
Version: 0.9.4-6
Distribution: unstable
Urgency: high
Maintainer: Mattia Rizzolo 
Changed-By: Mattia Rizzolo 
Description:
 libpodofo-dev - PoDoFo development files
 libpodofo-utils - PoDoFo utilities
 libpodofo0.9.4 - PoDoFo - library to work with the PDF file format
Closes: 854603 859329 859330 861557 861559 861560 861564 861565
Changes:
 libpodofo (0.9.4-6) unstable; urgency=high
 .
   * Add upstream patches for security issues:
 + CVE-2017-5855 Closes: #854603
 + CVE-2017-6840 Closes: #861557
 + CVE-2017-6842 Closes: #861559
 + CVE-2017-6843 Closes: #861560
 + CVE-2017-6847 Closes: #861564
 + CVE-2017-6848 Closes: #861565
 + CVE-2017-7378 Closes: #859330
 + CVE-2017-7380 CVE-2017-7381 CVE-2017-7382 CVE-2017-7383 Closes: #859329
Checksums-Sha1:
 a0141f73e16d353888dfb632826662ec66cc548c 2119 libpodofo_0.9.4-6.dsc
 93562112a91591e5c6b9c948a9aa066bad8c4f1a 14512 libpodofo_0.9.4-6.debian.tar.xz
 f1cd3ed5a17a27a0104ef4c119260df641d8301d 8322 libpodofo_0.9.4-6_amd64.buildinfo
Checksums-Sha256:
 1d96e62e5dc05c3da75b27c119f38059632a4b38b449a09f261609c658ac6501 2119 
libpodofo_0.9.4-6.dsc
 2d93ad73a0a76fb8c81bf8d8e4e28295521b2201de75bf43921c56fdde184ada 14512 
libpodofo_0.9.4-6.debian.tar.xz
 378cbccde338b4d202fb9d0e3ffd4db6d236d8afbc3afd555a710096baa8be8c 8322 
libpodofo_0.9.4-6_amd64.buildinfo
Files:
 616f6d73552c644f07f9aac81c68d586 2119 libdevel extra libpodofo_0.9.4-6.dsc
 69ed783b68d73ee280d264db44b0be2b 14512 libdevel extra 
libpodofo_0.9.4-6.debian.tar.xz
 3b44532d73422eca5c039607ce5be072 8322 libdevel extra 
libpodofo_0.9.4-6_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAlkcSacACgkQCBa54Yx2
K60wIA//Srh+elVV8U5HZ+/WygzwNsd4fCZdpvsTxgesLM5HCl80M3adaSZsHyFJ
zBiD5n/Xkgtc/fr4nLU3X2k++rkyiBulIuB2+vT/qDwa1oYgyQDWTH/DTJ+Y363d
9Bb6gI4LqytsgYgvDU2ZEEq73DYeQa5P7bGB4Bt+XYOlfKjd+xLAuVU6srWNuXSA
/sBshQhWDzvC+WAgXF0AW6Qe+Nz2g0LS4mw2qO80eZ5Tu0vLofpMvC+w7PssdPlK
RfPAngL9uEy28s6DFKf/GcAfCkd2CYfVQTU2QGoGeQei/GyTXXFzrDBK9UOXeMlz
XZuYfhBqwj6AYo1W7freJBzrOw5haTrGkZKUipcWUD7qlJRP0Sa54IOV9cr/R+3D
PljaLbIZQXrIO/z8xtVs3Yu6mKHgWPciPwu/nvs8U9Z4h7XSfHCVOM+vYyjW7imG
gkYR2G/2VnBI0wbs6+gepafSzZ60q9GNMAsMin1dllpRGEOiPpln/5ZFYHksZwDF
rqbNsYLOov/bNbgHKpy4Erf/qtKoa6QLrojN0vNQFjLiioTc3E1C667CvKH/hwn0
qwdQR4KUrG55lVJEAf4B707xeibU0i6oad59jxO0rK9YKXBac1zHyBcobU3hluhv
lp+AK8MgSrzwYwteG28eAfPEzRAz7CeK0KW6mVTRo696l5k7S0U=
=8FKk
-END PGP SIGNATURE End Message ---

Bug#861560: marked as done (libpodofo: CVE-2017-6843)

2017-05-17 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 15:05:38 +
with message-id 
and subject line Bug#861560: fixed in libpodofo 0.9.4-6
has caused the Debian Bug report #861560,
regarding libpodofo: CVE-2017-6843
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
861560: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861560
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libpodofo
Severity: grave
Tags: security

New podofo issues (no CVEs yet):

http://www.openwall.com/lists/oss-security/2017/03/02/10
http://www.openwall.com/lists/oss-security/2017/03/02/9
http://www.openwall.com/lists/oss-security/2017/03/02/8
http://www.openwall.com/lists/oss-security/2017/03/02/7
http://www.openwall.com/lists/oss-security/2017/03/02/6
http://www.openwall.com/lists/oss-security/2017/03/02/5
http://www.openwall.com/lists/oss-security/2017/03/02/4
http://www.openwall.com/lists/oss-security/2017/03/02/3
http://www.openwall.com/lists/oss-security/2017/03/02/2

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: libpodofo
Source-Version: 0.9.4-6

We believe that the bug you reported is fixed in the latest version of
libpodofo, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 861...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mattia Rizzolo  (supplier of updated libpodofo package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 17 May 2017 14:54:40 +0200
Source: libpodofo
Binary: libpodofo-dev libpodofo-utils libpodofo0.9.4
Architecture: source
Version: 0.9.4-6
Distribution: unstable
Urgency: high
Maintainer: Mattia Rizzolo 
Changed-By: Mattia Rizzolo 
Description:
 libpodofo-dev - PoDoFo development files
 libpodofo-utils - PoDoFo utilities
 libpodofo0.9.4 - PoDoFo - library to work with the PDF file format
Closes: 854603 859329 859330 861557 861559 861560 861564 861565
Changes:
 libpodofo (0.9.4-6) unstable; urgency=high
 .
   * Add upstream patches for security issues:
 + CVE-2017-5855 Closes: #854603
 + CVE-2017-6840 Closes: #861557
 + CVE-2017-6842 Closes: #861559
 + CVE-2017-6843 Closes: #861560
 + CVE-2017-6847 Closes: #861564
 + CVE-2017-6848 Closes: #861565
 + CVE-2017-7378 Closes: #859330
 + CVE-2017-7380 CVE-2017-7381 CVE-2017-7382 CVE-2017-7383 Closes: #859329
Checksums-Sha1:
 a0141f73e16d353888dfb632826662ec66cc548c 2119 libpodofo_0.9.4-6.dsc
 93562112a91591e5c6b9c948a9aa066bad8c4f1a 14512 libpodofo_0.9.4-6.debian.tar.xz
 f1cd3ed5a17a27a0104ef4c119260df641d8301d 8322 libpodofo_0.9.4-6_amd64.buildinfo
Checksums-Sha256:
 1d96e62e5dc05c3da75b27c119f38059632a4b38b449a09f261609c658ac6501 2119 
libpodofo_0.9.4-6.dsc
 2d93ad73a0a76fb8c81bf8d8e4e28295521b2201de75bf43921c56fdde184ada 14512 
libpodofo_0.9.4-6.debian.tar.xz
 378cbccde338b4d202fb9d0e3ffd4db6d236d8afbc3afd555a710096baa8be8c 8322 
libpodofo_0.9.4-6_amd64.buildinfo
Files:
 616f6d73552c644f07f9aac81c68d586 2119 libdevel extra libpodofo_0.9.4-6.dsc
 69ed783b68d73ee280d264db44b0be2b 14512 libdevel extra 
libpodofo_0.9.4-6.debian.tar.xz
 3b44532d73422eca5c039607ce5be072 8322 libdevel extra 
libpodofo_0.9.4-6_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAlkcSacACgkQCBa54Yx2
K60wIA//Srh+elVV8U5HZ+/WygzwNsd4fCZdpvsTxgesLM5HCl80M3adaSZsHyFJ
zBiD5n/Xkgtc/fr4nLU3X2k++rkyiBulIuB2+vT/qDwa1oYgyQDWTH/DTJ+Y363d
9Bb6gI4LqytsgYgvDU2ZEEq73DYeQa5P7bGB4Bt+XYOlfKjd+xLAuVU6srWNuXSA
/sBshQhWDzvC+WAgXF0AW6Qe+Nz2g0LS4mw2qO80eZ5Tu0vLofpMvC+w7PssdPlK
RfPAngL9uEy28s6DFKf/GcAfCkd2CYfVQTU2QGoGeQei/GyTXXFzrDBK9UOXeMlz
XZuYfhBqwj6AYo1W7freJBzrOw5haTrGkZKUipcWUD7qlJRP0Sa54IOV9cr/R+3D
PljaLbIZQXrIO/z8xtVs3Yu6mKHgWPciPwu/nvs8U9Z4h7XSfHCVOM+vYyjW7imG
gkYR2G/2VnBI0wbs6+gepafSzZ60q9GNMAsMin1dllpRGEOiPpln/5ZFYHksZwDF
rqbNsYLOov/bNbgHKpy4Erf/qtKoa6QLrojN0vNQFjLiioTc3E1C667CvKH/hwn0
qwdQR4KUrG55lVJEAf4B707xeibU0i6oad59jxO0rK9YKXBac1zHyBcobU3hluhv
lp+AK8MgSrzwYwteG28eAfPEzRAz7CeK0KW6mVTRo696l5k7S0U=
=8FKk
-END PGP SIGNATURE End Message ---

Bug#861559: marked as done (libpodofo: CVE-2017-6842)

2017-05-17 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 15:05:38 +
with message-id 
and subject line Bug#861559: fixed in libpodofo 0.9.4-6
has caused the Debian Bug report #861559,
regarding libpodofo: CVE-2017-6842
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
861559: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861559
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libpodofo
Severity: grave
Tags: security

New podofo issues (no CVEs yet):

http://www.openwall.com/lists/oss-security/2017/03/02/10
http://www.openwall.com/lists/oss-security/2017/03/02/9
http://www.openwall.com/lists/oss-security/2017/03/02/8
http://www.openwall.com/lists/oss-security/2017/03/02/7
http://www.openwall.com/lists/oss-security/2017/03/02/6
http://www.openwall.com/lists/oss-security/2017/03/02/5
http://www.openwall.com/lists/oss-security/2017/03/02/4
http://www.openwall.com/lists/oss-security/2017/03/02/3
http://www.openwall.com/lists/oss-security/2017/03/02/2

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: libpodofo
Source-Version: 0.9.4-6

We believe that the bug you reported is fixed in the latest version of
libpodofo, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 861...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mattia Rizzolo  (supplier of updated libpodofo package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 17 May 2017 14:54:40 +0200
Source: libpodofo
Binary: libpodofo-dev libpodofo-utils libpodofo0.9.4
Architecture: source
Version: 0.9.4-6
Distribution: unstable
Urgency: high
Maintainer: Mattia Rizzolo 
Changed-By: Mattia Rizzolo 
Description:
 libpodofo-dev - PoDoFo development files
 libpodofo-utils - PoDoFo utilities
 libpodofo0.9.4 - PoDoFo - library to work with the PDF file format
Closes: 854603 859329 859330 861557 861559 861560 861564 861565
Changes:
 libpodofo (0.9.4-6) unstable; urgency=high
 .
   * Add upstream patches for security issues:
 + CVE-2017-5855 Closes: #854603
 + CVE-2017-6840 Closes: #861557
 + CVE-2017-6842 Closes: #861559
 + CVE-2017-6843 Closes: #861560
 + CVE-2017-6847 Closes: #861564
 + CVE-2017-6848 Closes: #861565
 + CVE-2017-7378 Closes: #859330
 + CVE-2017-7380 CVE-2017-7381 CVE-2017-7382 CVE-2017-7383 Closes: #859329
Checksums-Sha1:
 a0141f73e16d353888dfb632826662ec66cc548c 2119 libpodofo_0.9.4-6.dsc
 93562112a91591e5c6b9c948a9aa066bad8c4f1a 14512 libpodofo_0.9.4-6.debian.tar.xz
 f1cd3ed5a17a27a0104ef4c119260df641d8301d 8322 libpodofo_0.9.4-6_amd64.buildinfo
Checksums-Sha256:
 1d96e62e5dc05c3da75b27c119f38059632a4b38b449a09f261609c658ac6501 2119 
libpodofo_0.9.4-6.dsc
 2d93ad73a0a76fb8c81bf8d8e4e28295521b2201de75bf43921c56fdde184ada 14512 
libpodofo_0.9.4-6.debian.tar.xz
 378cbccde338b4d202fb9d0e3ffd4db6d236d8afbc3afd555a710096baa8be8c 8322 
libpodofo_0.9.4-6_amd64.buildinfo
Files:
 616f6d73552c644f07f9aac81c68d586 2119 libdevel extra libpodofo_0.9.4-6.dsc
 69ed783b68d73ee280d264db44b0be2b 14512 libdevel extra 
libpodofo_0.9.4-6.debian.tar.xz
 3b44532d73422eca5c039607ce5be072 8322 libdevel extra 
libpodofo_0.9.4-6_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEi3hoeGwz5cZMTQpICBa54Yx2K60FAlkcSacACgkQCBa54Yx2
K60wIA//Srh+elVV8U5HZ+/WygzwNsd4fCZdpvsTxgesLM5HCl80M3adaSZsHyFJ
zBiD5n/Xkgtc/fr4nLU3X2k++rkyiBulIuB2+vT/qDwa1oYgyQDWTH/DTJ+Y363d
9Bb6gI4LqytsgYgvDU2ZEEq73DYeQa5P7bGB4Bt+XYOlfKjd+xLAuVU6srWNuXSA
/sBshQhWDzvC+WAgXF0AW6Qe+Nz2g0LS4mw2qO80eZ5Tu0vLofpMvC+w7PssdPlK
RfPAngL9uEy28s6DFKf/GcAfCkd2CYfVQTU2QGoGeQei/GyTXXFzrDBK9UOXeMlz
XZuYfhBqwj6AYo1W7freJBzrOw5haTrGkZKUipcWUD7qlJRP0Sa54IOV9cr/R+3D
PljaLbIZQXrIO/z8xtVs3Yu6mKHgWPciPwu/nvs8U9Z4h7XSfHCVOM+vYyjW7imG
gkYR2G/2VnBI0wbs6+gepafSzZ60q9GNMAsMin1dllpRGEOiPpln/5ZFYHksZwDF
rqbNsYLOov/bNbgHKpy4Erf/qtKoa6QLrojN0vNQFjLiioTc3E1C667CvKH/hwn0
qwdQR4KUrG55lVJEAf4B707xeibU0i6oad59jxO0rK9YKXBac1zHyBcobU3hluhv
lp+AK8MgSrzwYwteG28eAfPEzRAz7CeK0KW6mVTRo696l5k7S0U=
=8FKk
-END PGP SIGNATURE End Message ---

Bug#862816: wordpress: Six security bugs in wordpress 4.7.4 and earlier

2017-05-17 Thread Rodrigo Campos 
On Wed, May 17, 2017 at 09:54:55PM +1000, Craig Small wrote:
> Source: wordpress
> Version: 4.7.4+dfsg-1
> Severity: grave
> Tags: upstream security
> Justification: user security hole
> 
> Wordpress 4.7.4 and earlier has 6 security holes that are fixed in
> 4.7.5[1]
> 
>  * 2.7.0 - 4.7.4
>Insufficient redirect validation in the HTTP class.
>  * 2.5.0 - 4.7.4
>Improper handling of post meta data values in the XML-RPC API.
>  * 3.4.0 - 4.7.4
>Lack of capability checks for post meta data in the XML-RPC API.
>  * 2.5.0 - 4.7.4
>A Cross Site Request Forgery (CRSF) vulnerability was discovered in the
>filesystem credentials dialog.
>  * 3.3 - 4.7.4
>A cross-site scripting (XSS) vulnerability was discovered when
>attempting to upload very large files.
>  * 3.4.0 - 4.6.4
>A cross-site scripting (XSS) vulnerability was discovered related to the
>Customizer.
> 
> Looking at the versions, all distributions are vulnerable to all bugs,
> yay me!

Craig, will this version make it to testing? If that is the case, I'll prepare
the jessie backport today.



Thanks a lot,
Rodrigo

Processed: Version tracking for all affected releases

2017-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> found 862816 3.6.1+dfsg-1
Bug #862816 {Done: Craig Small } [src:wordpress] wordpress: 
Six security bugs in wordpress 4.7.4 and earlier
Marked as found in versions wordpress/3.6.1+dfsg-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
862816: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862816
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862816: marked as done (wordpress: Six security bugs in wordpress 4.7.4 and earlier)

2017-05-17 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 13:04:10 +
with message-id 
and subject line Bug#862816: fixed in wordpress 4.7.5+dfsg-1
has caused the Debian Bug report #862816,
regarding wordpress: Six security bugs in wordpress 4.7.4 and earlier
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862816: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862816
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: wordpress
Version: 4.7.4+dfsg-1
Severity: grave
Tags: upstream security
Justification: user security hole

Wordpress 4.7.4 and earlier has 6 security holes that are fixed in
4.7.5[1]

 * 2.7.0 - 4.7.4
   Insufficient redirect validation in the HTTP class.
 * 2.5.0 - 4.7.4
   Improper handling of post meta data values in the XML-RPC API.
 * 3.4.0 - 4.7.4
   Lack of capability checks for post meta data in the XML-RPC API.
 * 2.5.0 - 4.7.4
   A Cross Site Request Forgery (CRSF) vulnerability was discovered in the
   filesystem credentials dialog.
 * 3.3 - 4.7.4
   A cross-site scripting (XSS) vulnerability was discovered when
   attempting to upload very large files.
 * 3.4.0 - 4.6.4
   A cross-site scripting (XSS) vulnerability was discovered related to the
   Customizer.

Looking at the versions, all distributions are vulnerable to all bugs,
yay me!

I'll request the CVEs and update when I get them.

1: https://wordpress.org/news/2017/05/wordpress-4-7-5/


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: wordpress
Source-Version: 4.7.5+dfsg-1

We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 862...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Craig Small  (supplier of updated wordpress package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 17 May 2017 22:28:18 +1000
Source: wordpress
Binary: wordpress wordpress-l10n wordpress-theme-twentysixteen 
wordpress-theme-twentyfifteen wordpress-theme-twentyseventeen
Architecture: source all
Version: 4.7.5+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Craig Small 
Changed-By: Craig Small 
Description:
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
 wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files
 wordpress-theme-twentyseventeen - weblog manager - twentyseventeen theme files
 wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files
Closes: 862816
Changes:
 wordpress (4.7.5+dfsg-1) unstable; urgency=high
 .
   * New upstream release fixes 6 security issues Closes: #862816
 CVEs to be added once issued
 - CVE-2017-XXX
   Insufficient redirect validation in the HTTP class.
 - CVE-2017-XXX
   Improper handling of post meta data values in the XML-RPC API.
 - CVE-2017-XXX
   Lack of capability checks for post meta data in the XML-RPC API.
 - CVE-2017-XXX
   A Cross Site Request Forgery (CRSF) vulnerability was discovered
   in the filesystem credentials dialog.
 - CVE-2017-XXX
   A cross-site scripting (XSS) vulnerability was discovered when
   attempting to upload very large files.
 - CVE-2017-XXX
   A cross-site scripting (XSS) vulnerability was discovered related
   to the Customizer.
Checksums-Sha1:
 43813bb1a7c89df5077e262e77f11e27a51d2663 2539 wordpress_4.7.5+dfsg-1.dsc
 edf2c207b6c6c173d8958c0d9191e1e0d532e042 6240440 
wordpress_4.7.5+dfsg.orig.tar.xz
 764f75cdd54d93519680f85a407eea41d70993ce 6777608 
wordpress_4.7.5+dfsg-1.debian.tar.xz
 98a70f81755b076a260a2003a38cb3147a15e3b7 4381400 
wordpress-l10n_4.7.5+dfsg-1_all.deb
 ae89a16efb8c65e3fd990aa6129e3fcd4a6ce313 74

Processed: Bug#861560 in libpodofo marked as pending

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> tag 861560 pending
Bug #861560 [src:libpodofo] libpodofo: CVE-2017-6843
Added tag(s) pending.

-- 
861560: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861560
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#861560: in libpodofo marked as pending

2017-05-17 Thread Mattia Rizzolo 
Control: tag 861560 pending

Hello,

Bug #861560 in libpodofo reported by you has been fixed in the Git repository. 
You can
see the commit message below, and you can check the diff of the fix at:

https://anonscm.debian.org/git/collab-maint/libpodofo.git/commit/?id=8de6fd9

(this message was generated automatically based on the git commit message)
---
commit 8de6fd95f16d35ee48ed72c7b67a64541f44e5a8
Author: Mattia Rizzolo 
Date:   Wed May 17 14:30:39 2017 +0200

Add upstream patch for CVE-2017-6840 and CVE-2017-6842 and CVE-2017-6843

Closes: #861557
Closes: #861559
Closes: #861560
Signed-off-by: Mattia Rizzolo

Bug#861564: in libpodofo marked as pending

2017-05-17 Thread Mattia Rizzolo 
Control: tag 861564 pending

Hello,

Bug #861564 in libpodofo reported by you has been fixed in the Git repository. 
You can
see the commit message below, and you can check the diff of the fix at:

https://anonscm.debian.org/git/collab-maint/libpodofo.git/commit/?id=8c2a55f

(this message was generated automatically based on the git commit message)
---
commit 8c2a55fba83169795faa0c6cc7c033055d3d5af3
Author: Mattia Rizzolo 
Date:   Wed May 17 14:36:55 2017 +0200

Add upstream patch for CVE-2017-6847 and CVE-2017-6848

Closes: #861564
Closes: #861565
Signed-off-by: Mattia Rizzolo

Bug#792934: libebook-tools-perl: install_driver(SQLite) failed: Can't locate DBD/SQLite.pm in @INC [NMU pending]

2017-05-17 Thread Axel Beckert 
Hi Adrian,

Adrian Bunk wrote:
> > +libebook-tools-perl (0.5.4-1.2) unstable; urgency=medium
> > +
> > +  * Non-maintainer upload.
> > +  * Add missing dependency on libdbd-sqlite3-perl. (Closes: #792934)
> 
> This fix is not part of the debdiff, and the pacakge in stretch does not 
> have the dependency.

Will have a look, thanks.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#861559: in libpodofo marked as pending

2017-05-17 Thread Mattia Rizzolo 
Control: tag 861559 pending

Hello,

Bug #861559 in libpodofo reported by you has been fixed in the Git repository. 
You can
see the commit message below, and you can check the diff of the fix at:

https://anonscm.debian.org/git/collab-maint/libpodofo.git/commit/?id=8de6fd9

(this message was generated automatically based on the git commit message)
---
commit 8de6fd95f16d35ee48ed72c7b67a64541f44e5a8
Author: Mattia Rizzolo 
Date:   Wed May 17 14:30:39 2017 +0200

Add upstream patch for CVE-2017-6840 and CVE-2017-6842 and CVE-2017-6843

Closes: #861557
Closes: #861559
Closes: #861560
Signed-off-by: Mattia Rizzolo

Bug#861557: in libpodofo marked as pending

2017-05-17 Thread Mattia Rizzolo 
Control: tag 861557 pending

Hello,

Bug #861557 in libpodofo reported by you has been fixed in the Git repository. 
You can
see the commit message below, and you can check the diff of the fix at:

https://anonscm.debian.org/git/collab-maint/libpodofo.git/commit/?id=8de6fd9

(this message was generated automatically based on the git commit message)
---
commit 8de6fd95f16d35ee48ed72c7b67a64541f44e5a8
Author: Mattia Rizzolo 
Date:   Wed May 17 14:30:39 2017 +0200

Add upstream patch for CVE-2017-6840 and CVE-2017-6842 and CVE-2017-6843

Closes: #861557
Closes: #861559
Closes: #861560
Signed-off-by: Mattia Rizzolo

Processed: Bug#861557 in libpodofo marked as pending

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> tag 861557 pending
Bug #861557 [src:libpodofo] libpodofo: CVE-2017-6840
Added tag(s) pending.

-- 
861557: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861557
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#861565: in libpodofo marked as pending

2017-05-17 Thread Mattia Rizzolo 
Control: tag 861565 pending

Hello,

Bug #861565 in libpodofo reported by you has been fixed in the Git repository. 
You can
see the commit message below, and you can check the diff of the fix at:

https://anonscm.debian.org/git/collab-maint/libpodofo.git/commit/?id=8c2a55f

(this message was generated automatically based on the git commit message)
---
commit 8c2a55fba83169795faa0c6cc7c033055d3d5af3
Author: Mattia Rizzolo 
Date:   Wed May 17 14:36:55 2017 +0200

Add upstream patch for CVE-2017-6847 and CVE-2017-6848

Closes: #861564
Closes: #861565
Signed-off-by: Mattia Rizzolo

Processed: Bug#861565 in libpodofo marked as pending

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> tag 861565 pending
Bug #861565 [src:libpodofo] libpodofo: CVE-2017-6848
Added tag(s) pending.

-- 
861565: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861565
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Bug#861564 in libpodofo marked as pending

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> tag 861564 pending
Bug #861564 [src:libpodofo] libpodofo: CVE-2017-6847
Added tag(s) pending.

-- 
861564: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861564
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Bug#861559 in libpodofo marked as pending

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> tag 861559 pending
Bug #861559 [src:libpodofo] libpodofo: CVE-2017-6842
Added tag(s) pending.

-- 
861559: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861559
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862741: python3-iptables: rule.create_match() raises MemoryError

2017-05-17 Thread Chris Lamb 
Hi,

> python3-iptables: rule.create_match() raises MemoryError

I can reproduce this:

$ sudo apt-get install python3-iptables
[…]
Setting up python3-iptables (0.11.0-3) ...
[…]

$ python3 
Python 3.5.3 (default, Jan 19 2017, 14:11:04) 
[GCC 6.3.0 20170118] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import iptc
>>> iptc.Rule().create_match('udp')
Traceback (most recent call last):
  File "", line 1, in 
  File "/usr/lib/python3/dist-packages/iptc/ip4tc.py", line 959, in create_match
match = Match(self, name=name, revision=revision)
  File "/usr/lib/python3/dist-packages/iptc/ip4tc.py", line 558, in __init__
self.reset()
  File "/usr/lib/python3/dist-packages/iptc/ip4tc.py", line 635, in reset
udata_buf = (ct.c_ubyte * udata_size)()
MemoryError
>>> 

$ uname -a
Linux keyboardcat.chris-lamb.co.uk 4.9.0-2-amd64 #1 SMP Debian 4.9.13-1 
(2017-02-27) x86_64 GNU/Linux



Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#862806: shadow: diff for NMU version 1:4.4-4.1

2017-05-17 Thread Salvatore Bonaccorso 
Control: tags 862806 + pending

Dear shadow maintainer,

I've prepared an NMU for shadow (versioned as 1:4.4-4.1) and uploaded
it to DELAYED/5. Please feel free to tell me if I should delay it
longer or if I should reschedule. I'm fine with either. The RC
severity would be disputable, but since we introduced the issue due to
a previous security fix, we should get this into stretch as well IMHO.

Prepared as well the corresponding regression fix for jessie.

Regards,
Salvatore
diff -Nru shadow-4.4/debian/changelog shadow-4.4/debian/changelog
--- shadow-4.4/debian/changelog	2017-02-24 01:50:13.0 +0100
+++ shadow-4.4/debian/changelog	2017-05-17 13:59:59.0 +0200
@@ -1,3 +1,12 @@
+shadow (1:4.4-4.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Reset pid_child only if waitpid was successful.
+This is a regression fix for CVE-2017-2616. If su receives a signal like
+SIGTERM, it is not propagated to the child. (Closes: #862806)
+
+ -- Salvatore Bonaccorso   Wed, 17 May 2017 13:59:59 +0200
+
 shadow (1:4.4-4) unstable; urgency=high
 
   * su: properly clear child PID (CVE-2017-2616) (Closes: #855943)
diff -Nru shadow-4.4/debian/patches/301-Reset-pid_child-only-if-waitpid-was-successful.patch shadow-4.4/debian/patches/301-Reset-pid_child-only-if-waitpid-was-successful.patch
--- shadow-4.4/debian/patches/301-Reset-pid_child-only-if-waitpid-was-successful.patch	1970-01-01 01:00:00.0 +0100
+++ shadow-4.4/debian/patches/301-Reset-pid_child-only-if-waitpid-was-successful.patch	2017-05-17 13:59:59.0 +0200
@@ -0,0 +1,29 @@
+From 7d82f203eeec881c584b2fa06539b39e82985d97 Mon Sep 17 00:00:00 2001
+From: Tobias Stoeckmann 
+Date: Sun, 14 May 2017 17:58:10 +0200
+Subject: [PATCH] Reset pid_child only if waitpid was successful.
+
+Do not reset the pid_child to 0 if the child process is still
+running. This else-condition can be reached with pid being -1,
+therefore explicitly test this condition.
+
+This is a regression fix for CVE-2017-2616. If su receives a
+signal like SIGTERM, it is not propagated to the child.
+
+Reported-by: Radu Duta 
+Signed-off-by: Tobias Stoeckmann 
+---
+ src/su.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/su.c
 b/src/su.c
+@@ -363,7 +363,7 @@ static void prepare_pam_close_session (v
+ /* wake child when resumed */
+ kill (pid, SIGCONT);
+ stop = false;
+-			} else {
++			} else if (   (pid_t)-1 != pid) {
+ pid_child = 0;
+ 			}
+ 		} while (!stop);
diff -Nru shadow-4.4/debian/patches/series shadow-4.4/debian/patches/series
--- shadow-4.4/debian/patches/series	2017-02-24 01:50:13.0 +0100
+++ shadow-4.4/debian/patches/series	2017-05-17 13:59:59.0 +0200
@@ -6,6 +6,8 @@
 0006-French-manpage-translation.patch
 0007-Fix-some-spelling-issues-in-the-Norwegian-translatio.patch
 0008-su-properly-clear-child-PID.patch
+301-Reset-pid_child-only-if-waitpid-was-successful.patch
+
 # These patches are only for the testsuite:
 #900_testsuite_groupmems
 #901_testsuite_gcov

Processed: shadow: diff for NMU version 1:4.4-4.1

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> tags 862806 + pending
Bug #862806 [login] /bin/su: Regression from CVE-2017-2616 fix: killing su does 
not kill subprocess
Added tag(s) pending.

-- 
862806: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862806
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862816: wordpress: Six security bugs in wordpress 4.7.4 and earlier

2017-05-17 Thread Craig Small 
Source: wordpress
Version: 4.7.4+dfsg-1
Severity: grave
Tags: upstream security
Justification: user security hole

Wordpress 4.7.4 and earlier has 6 security holes that are fixed in
4.7.5[1]

 * 2.7.0 - 4.7.4
   Insufficient redirect validation in the HTTP class.
 * 2.5.0 - 4.7.4
   Improper handling of post meta data values in the XML-RPC API.
 * 3.4.0 - 4.7.4
   Lack of capability checks for post meta data in the XML-RPC API.
 * 2.5.0 - 4.7.4
   A Cross Site Request Forgery (CRSF) vulnerability was discovered in the
   filesystem credentials dialog.
 * 3.3 - 4.7.4
   A cross-site scripting (XSS) vulnerability was discovered when
   attempting to upload very large files.
 * 3.4.0 - 4.6.4
   A cross-site scripting (XSS) vulnerability was discovered related to the
   Customizer.

Looking at the versions, all distributions are vulnerable to all bugs,
yay me!

I'll request the CVEs and update when I get them.

1: https://wordpress.org/news/2017/05/wordpress-4-7-5/


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#792934: libebook-tools-perl: install_driver(SQLite) failed: Can't locate DBD/SQLite.pm in @INC [NMU pending]

2017-05-17 Thread Adrian Bunk 
Control: reopen -1
Control: notfixed -1 0.5.4-1.2

On Sat, May 28, 2016 at 03:36:35PM +0200, Axel Beckert wrote:
>...
> Full source debdiff following:
> 
> diff -u libebook-tools-perl-0.5.4/debian/changelog 
> libebook-tools-perl-0.5.4/debian/changelog
> --- libebook-tools-perl-0.5.4/debian/changelog
> +++ libebook-tools-perl-0.5.4/debian/changelog
> @@ -1,3 +1,14 @@
> +libebook-tools-perl (0.5.4-1.2) unstable; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * Add missing dependency on libdbd-sqlite3-perl. (Closes: #792934)

This fix is not part of the debdiff, and the pacakge in stretch does not 
have the dependency.

> +  * debian/dirs: Drop empty /usr/sbin directory.
> +  * Add t/*.backup to debian/clean to avoid clutter in debian diff if
> +build twice in a row.
> ++ Raise debhelper compatibility from 6 to 7 for that.
> +
> + -- Axel Beckert   Sat, 28 May 2016 15:06:48 +0200
> +
>  libebook-tools-perl (0.5.4-1.1) unstable; urgency=medium
>  
>* Non-maintainer upload.
> diff -u libebook-tools-perl-0.5.4/debian/compat 
> libebook-tools-perl-0.5.4/debian/compat
> --- libebook-tools-perl-0.5.4/debian/compat
> +++ libebook-tools-perl-0.5.4/debian/compat
> @@ -1 +1 @@
> -6
> +7
> diff -u libebook-tools-perl-0.5.4/debian/dirs 
> libebook-tools-perl-0.5.4/debian/dirs
> --- libebook-tools-perl-0.5.4/debian/dirs
> +++ libebook-tools-perl-0.5.4/debian/dirs
> @@ -2 +1,0 @@
> -usr/sbin
> only in patch2:
> unchanged:
> --- libebook-tools-perl-0.5.4.orig/debian/clean
> +++ libebook-tools-perl-0.5.4/debian/clean
> @@ -0,0 +1 @@
> +t/*.backup
> 
>   Regards, Axel
> -- 
>  ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
> : :' :  |  Debian Developer, ftp.ch.debian.org Admin
> `. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
>   `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Processed: Re: Bug#792934: libebook-tools-perl: install_driver(SQLite) failed: Can't locate DBD/SQLite.pm in @INC [NMU pending]

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> reopen -1
Bug #792934 {Done: Axel Beckert } [libebook-tools-perl] 
libebook-tools-perl: install_driver(SQLite) failed: Can't locate DBD/SQLite.pm 
in @INC
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions libebook-tools-perl/0.5.4-1.2.
> notfixed -1 0.5.4-1.2
Bug #792934 [libebook-tools-perl] libebook-tools-perl: install_driver(SQLite) 
failed: Can't locate DBD/SQLite.pm in @INC
Ignoring request to alter fixed versions of bug #792934 to the same values 
previously set

-- 
792934: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792934
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: BTS seems confuxed by different source/binary versions, use tags

2017-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 791888 stretch sid
Bug #791888 {Done: Bastian Blank } [libdevmapper1.02.1] 
libdevmapper1.02.1 - ABI change in dm_tree_node_add_cache_target
Added tag(s) sid and stretch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
791888: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=791888
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Retry the notfound

2017-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> notfound 791888 2:1.02.90-2.2
Bug #791888 {Done: Bastian Blank } [libdevmapper1.02.1] 
libdevmapper1.02.1 - ABI change in dm_tree_node_add_cache_target
Ignoring request to alter found versions of bug #791888 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
791888: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=791888
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#853801: proposed NMU

2017-05-17 Thread Adam Borowski 
Control: tags -1 +pending

Hi!
While this bug has been RC for only two days, and it was me who bumped it,
thus too much haste towards a NMU is inappropriate, we're very late in the
freeze.  Thus, I'm uploading a revert+Frédéric's patch to DELAYED/5.

Navigating through the editor via the pad and using Start for Enter just to
make sure it actually works. :)

Debdiff attached.

Best way to ACK would be "dcut reschedule", best NAK "dcut cancel" or an
immediate upload, but if anything is amiss, please holler.


Meow!
-- 
Don't be racist.  White, amber or black, all beers should be judged based
solely on their merits.  Heck, even if occasionally a cider applies for a
beer's job, why not?
On the other hand, corpo lager is not a race.
diff -Nru qjoypad-4.1.0/debian/changelog qjoypad-4.1.0/debian/changelog
--- qjoypad-4.1.0/debian/changelog  2016-10-18 08:50:02.0 +0200
+++ qjoypad-4.1.0/debian/changelog  2017-05-15 22:16:08.0 +0200
@@ -1,3 +1,10 @@
+qjoypad (4.1.0-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Use proper RAII to fix crash (Closes: #853801), thanks Frédéric Brière.
+
+ -- Adam Borowski   Mon, 15 May 2017 22:16:08 +0200
+
 qjoypad (4.1.0-2) unstable; urgency=medium
 
   * Team upload.
diff -Nru qjoypad-4.1.0/debian/patches/fix_ftbfs_clang.patch 
qjoypad-4.1.0/debian/patches/fix_ftbfs_clang.patch
--- qjoypad-4.1.0/debian/patches/fix_ftbfs_clang.patch  2016-10-12 
08:56:25.0 +0200
+++ qjoypad-4.1.0/debian/patches/fix_ftbfs_clang.patch  1970-01-01 
01:00:00.0 +0100
@@ -1,22 +0,0 @@
-# From: Alexander Ovchinnikov 
-# Subject: Fix compile issues using clang
 a/src/layout_edit.cpp
-+++ b/src/layout_edit.cpp
-@@ -39,7 +39,7 @@
- //this is only necesary since joystick devices need not always be
- //contiguous
- int padcount = available.count();
--QString names[padcount];
-+QString *names = static_cast(alloca(sizeof(QString) * 
padcount));
- int i = 0;
- do
- {
-@@ -119,7 +119,7 @@
- int indexOfFlashRadio = LMain->indexOf(JoyButtons);
- FlashRadioArray *newJoyButtons;
- int padcount = available.count();
--QString names[padcount];
-+QString *names = static_cast(alloca(sizeof(QString) * 
padcount));
- int i = 0;
- do
- {
diff -Nru qjoypad-4.1.0/debian/patches/properly-fix-752125.patch 
qjoypad-4.1.0/debian/patches/properly-fix-752125.patch
--- qjoypad-4.1.0/debian/patches/properly-fix-752125.patch  1970-01-01 
01:00:00.0 +0100
+++ qjoypad-4.1.0/debian/patches/properly-fix-752125.patch  2017-05-15 
21:25:47.0 +0200
@@ -0,0 +1,58 @@
+From 96c9052c9d2033320019947035dcd3869b076f3f Mon Sep 17 00:00:00 2001
+From: Frédéric Brière 
+Date: Fri, 17 Mar 2017 15:32:15 -0400
+Subject: [PATCH] Properly fix #752125  (closes #853801)
+
+---
+ src/layout_edit.cpp | 9 +
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/src/layout_edit.cpp b/src/layout_edit.cpp
+index 8365104..5703ee3 100644
+--- a/src/layout_edit.cpp
 b/src/layout_edit.cpp
+@@ -1,4 +1,5 @@
+ #include "layout_edit.h"
++#include 
+ 
+ //build the dialog
+ LayoutEdit::LayoutEdit( LayoutManager* l ): QWidget(NULL) {
+@@ -39,7 +40,7 @@ LayoutEdit::LayoutEdit( LayoutManager* l ): QWidget(NULL) {
+ //this is only necesary since joystick devices need not always be
+ //contiguous
+ int padcount = available.count();
+-QString names[padcount];
++std::vector names(padcount);
+ int i = 0;
+ do
+ {
+@@ -54,7 +55,7 @@ LayoutEdit::LayoutEdit( LayoutManager* l ): QWidget(NULL) {
+ } while (0);
+ 
+ //flash radio array
+-JoyButtons = new FlashRadioArray(padcount, names, true, this );
++JoyButtons = new FlashRadioArray(padcount, [0], true, this );
+ LMain->addWidget( JoyButtons );
+ 
+ //we have a WidgetStack to represent the multiple joypads
+@@ -119,7 +120,7 @@ void LayoutEdit::updateJoypadWidgets() {
+ int indexOfFlashRadio = LMain->indexOf(JoyButtons);
+ FlashRadioArray *newJoyButtons;
+ int padcount = available.count();
+-QString names[padcount];
++std::vector names(padcount);
+ int i = 0;
+ do
+ {
+@@ -132,7 +133,7 @@ void LayoutEdit::updateJoypadWidgets() {
+ }
+ } while (0);
+ 
+-newJoyButtons = new FlashRadioArray(padcount, names, true, this );
++newJoyButtons = new FlashRadioArray(padcount, [0], true, this );
+ LMain->insertWidget(indexOfFlashRadio, newJoyButtons);
+ LMain->removeWidget(JoyButtons);
+ FlashRadioArray* oldJoyButtons = JoyButtons;
+-- 
+2.11.0
+
diff -Nru qjoypad-4.1.0/debian/patches/series 
qjoypad-4.1.0/debian/patches/series
--- qjoypad-4.1.0/debian/patches/series 2016-10-12 08:56:25.0 +0200
+++ qjoypad-4.1.0/debian/patches/series 2017-05-15 21:19:05.0 +0200
@@ -1,2 +1,2 @@
-fix_ftbfs_clang.patch
 build_prefix.patch
+properly-fix-752125.patch

Processed: proposed NMU

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 +pending
Bug #853801 [qjoypad] qjoypad: segfaults on left click
Added tag(s) pending.

-- 
853801: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853801
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Correct the found version

2017-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> notfound 791888 2:1.02.90-2.2
Bug #791888 {Done: Bastian Blank } [libdevmapper1.02.1] 
libdevmapper1.02.1 - ABI change in dm_tree_node_add_cache_target
Ignoring request to alter found versions of bug #791888 to the same values 
previously set
> found 791888 2:1.02.99-1
Bug #791888 {Done: Bastian Blank } [libdevmapper1.02.1] 
libdevmapper1.02.1 - ABI change in dm_tree_node_add_cache_target
Marked as found in versions lvm2/2.02.122-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
791888: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=791888
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 862806 in 1:4.2-3+deb8u2

2017-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> found 862806 1:4.2-3+deb8u2
Bug #862806 [login] /bin/su: Regression from CVE-2017-2616 fix: killing su does 
not kill subprocess
Marked as found in versions shadow/1:4.2-3+deb8u2.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
862806: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862806
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862780: marked as done (haproxy: Please build with -DUSE_GETADDRINFO for functional IPv6 hostname lookups)

2017-05-17 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 10:48:40 +
with message-id 
and subject line Bug#862780: fixed in haproxy 1.7.5-2
has caused the Debian Bug report #862780,
regarding haproxy: Please build with -DUSE_GETADDRINFO for functional IPv6 
hostname lookups
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
862780: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862780
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: haproxy
Version: 1.7.5-1~bpo8+1.1
Severity: normal
Tags: patch ipv6

Dear Maintainer,

Without this configuration option, haproxy cannot resolve hostnames that have 
only IPv6 () records. To quote the project's README:

Recent systems can resolve IPv6 host names using getaddrinfo(). This primitive
is not present in all libcs and does not work in all of them either. Support in
glibc was broken before 2.3. Some embedded libs may not properly work either,
thus, support is disabled by default, meaning that some host names which only
resolve as IPv6 addresses will not resolve and configs might emit an error
during parsing. If you know that your OS libc has reliable support for
getaddrinfo(), you can add USE_GETADDRINFO=1 on the make command line to enable
it. This is the recommended option for most Linux distro packagers since it's
working fine on all recent mainstream distros. It is automatically enabled on
Solaris 8 and above, as it's known to work.


-- System Information:
Debian Release: 8.8
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- a/debian/rules	2017-04-11 16:07:51.0 +0200
+++ b/debian/rules	2017-05-16 22:48:29.820047917 +0200
@@ -12,6 +12,7 @@
 	 USE_OPENSSL=1 \
 	 USE_ZLIB=1 \
 	 USE_LUA=1 \
+	 USE_GETADDRINFO=1 \
 	 LUA_INC=/usr/include/lua5.3
 
 OS_TYPE = $(shell dpkg-architecture -qDEB_HOST_ARCH_OS)
--- a/debian/rules	2017-04-11 16:07:51.0 +0200
+++ b/debian/rules	2017-05-16 22:48:29.820047917 +0200
@@ -12,6 +12,7 @@
 	 USE_OPENSSL=1 \
 	 USE_ZLIB=1 \
 	 USE_LUA=1 \
+	 USE_GETADDRINFO=1 \
 	 LUA_INC=/usr/include/lua5.3
 
 OS_TYPE = $(shell dpkg-architecture -qDEB_HOST_ARCH_OS)
--- End Message ---
--- Begin Message ---
Source: haproxy
Source-Version: 1.7.5-2

We believe that the bug you reported is fixed in the latest version of
haproxy, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 862...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Apollon Oikonomopoulos  (supplier of updated haproxy 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 17 May 2017 13:01:45 +0300
Source: haproxy
Binary: haproxy haproxy-doc vim-haproxy
Architecture: source
Version: 1.7.5-2
Distribution: unstable
Urgency: medium
Maintainer: Debian HAProxy Maintainers 

Changed-By: Apollon Oikonomopoulos 
Description:
 haproxy- fast and reliable load balancing reverse proxy
 haproxy-doc - fast and reliable load balancing reverse proxy (HTML documentatio
 vim-haproxy - syntax highlighting for HAProxy configuration files
Closes: 862780
Changes:
 haproxy (1.7.5-2) unstable; urgency=medium
 .
   * Enable getaddrinfo() support, allowing resolution of hostnames to IPv6
 addresses (Closes: #862780). Thanks to Anton Eliasson
 !
Checksums-Sha1:
 b01ce5c4cf17153e4f8a9ff03167d813a3994e7f 2329 haproxy_1.7.5-2.dsc
 81df24b062cf09096dd2a2cd9efa58e431eb 62544 haproxy_1.7.5-2.debian.tar.xz
 71744633f07b2d8fa5608de87f8435b7aded3798 6960 haproxy_1.7.5-2_source.buildinfo
Checksums-Sha256:
 63d9a6ff7b120f40d732a373b55c28b0d7068494f8f741a5b61a418474f9873b 2329 
haproxy_1.7.5-2.dsc
 62342cf9014b3b259295a248f7071af3405e49ea55f8da8e27211ca408ad805f 62544 
haproxy_1.7.5-2.debian.tar.xz
 304978813b99b9e8a4ca785e1d0b084c45943ebd2365bc4921f2c14765c2f883 6960

Bug#862806: /bin/su: Regression from CVE-2017-2616 fix: killing su does not kill subprocess

2017-05-17 Thread Salvatore Bonaccorso 
Package: login
Version: 1:4.4-4
Severity: serious
File: /bin/su
Tags: patch upstream security
Justification: regression
Forwarded: https://github.com/shadow-maint/shadow/pull/72

Hi

Filling this as severity serious (and thus RC) since a repvious
targetted fix for CVE-2017-2616 causes the regression.

Details:

https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1690820

Upstream pull-request:

https://github.com/shadow-maint/shadow/pull/72

Upstream fix:

https://github.com/shadow-maint/shadow/pull/72/commits/7d82f203eeec881c584b2fa06539b39e82985d97

Regards,
Salvatore

Processed: Re: Bug#862769: libbloom FTBFS on amd64: error: expected error 0.100000 but observed 0.200000

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> forwarded -1 https://github.com/jvirkki/libbloom/issues/7
Bug #862769 [src:libbloom] libbloom FTBFS on amd64: error: expected error 
0.10 but observed 0.20
Set Bug forwarded-to-address to 'https://github.com/jvirkki/libbloom/issues/7'.
> severity -1 important
Bug #862769 [src:libbloom] libbloom FTBFS on amd64: error: expected error 
0.10 but observed 0.20
Severity set to 'important' from 'serious'

-- 
862769: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862769
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862769: libbloom FTBFS on amd64: error: expected error 0.100000 but observed 0.200000

2017-05-17 Thread Roger Shimizu 
control: forwarded -1 https://github.com/jvirkki/libbloom/issues/7
control: severity -1 important

On Tue, 16 May 2017 22:34:42 +0300
Adrian Bunk  wrote:

> Source: libbloom
> Version: 1.4-6
> Severity: serious
> 
> https://buildd.debian.org/status/fetch.php?pkg=libbloom=amd64=1.4-6=1494930635=0
> 
> ...
> /«PKGBUILDDIR»/build/test-libbloom
> - Running basic tests -
> - basic -
> bloom at 0x7ffc4a988c30 not initialized!
> bloom at 0x7ffc4a988c30 not initialized!
> bloom at 0x7ffc4a988c30
>  ->entries = 102
>  ->error = 0.10
>  ->bits = 488
>  ->bits per elem = 4.792529
>  ->bytes = 61
>  ->hash functions = 4
> - add_random(10, 0.10, 10, 0, 1, 32, 1) -
> bloom at 0x7ffc4a988b20
>  ->entries = 10
>  ->error = 0.10
>  ->bits = 47
>  ->bits per elem = 4.792529
>  ->bytes = 6
>  ->hash functions = 4
> entries: 10, error: 0.10, count: 10, coll: 2, error: 0.20, bytes: 6
> error: expected error 0.10 but observed 0.20
> Makefile:124: recipe for target 'test' failed
> make[2]: *** [test] Error 1

Thanks for the report!

Considering that:
 - The build actually suceeded, but failed at unit test.
 - the unit test fails at low rate. Recent releases only changed Makefile
   and intended to fix FTBFS issue on kFreeBSD and Hurd. It doesn't affect
   amd64. Previous amd64 was built OK, and all other ARCHs are all built
   OK on latest release.
 - If restart the amd64, it should build OK. Actually I ever built on DoM:
 
http://debomatic-amd64.debian.net/distribution#unstable/libbloom/1.4-6/buildlog

So lower the severity.

I already raised this unit test issues upstream.
Hope upstream can give a clue on this.

Cheers,
--
Roger Shimizu, GMT +9 Tokyo
PGP/GPG: 4096R/6C6ACD6417B3ACB1


pgpE2O0wk1lUd.pgp
Description: PGP signature

Processed: Re: Bug#862780: haproxy: Please build with -DUSE_GETADDRINFO for functional IPv6 hostname lookups

2017-05-17 Thread Debian Bug Tracking System 
Processing control commands:

> severity -1 serious
Bug #862780 [src:haproxy] haproxy: Please build with -DUSE_GETADDRINFO for 
functional IPv6 hostname lookups
Severity set to 'serious' from 'normal'
> tags -1 pending
Bug #862780 [src:haproxy] haproxy: Please build with -DUSE_GETADDRINFO for 
functional IPv6 hostname lookups
Added tag(s) pending.

-- 
862780: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862780
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Not a problem with the version of perl in jessie

2017-05-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 839218 stretch sid
Bug #839218 {Done: gregor herrmann } [nama] nama: FTBFS 
because of perl's lack of stack reference counting
Added tag(s) stretch and sid.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
839218: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839218
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#861612: marked as done (pixbros: level designs appear to be non-free)

2017-05-17 Thread Debian Bug Tracking System 
Your message dated Wed, 17 May 2017 07:18:47 +
with message-id 
and subject line Bug#861612: fixed in pixbros 0.6.3+dfsg-0.1
has caused the Debian Bug report #861612,
regarding pixbros: level designs appear to be non-free
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
861612: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861612
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: pixbros
Severity: serious
Justification: Policy 2.3

Hi all,

Pix Bros describes itself "as inspired" by Bubble Bobble, Snow Bros and
Tumblepop.

In the source package, there are screenshots of what I believe are Snow Bros'
levels 21-50 in the "recursos/floors" folder.

The levels for the game itself are in the "niveles" folder.  Comparing them
side-by-side, nivel21.png to floor21.png through to nivel50.png to floor50.png,
it seems these level designs are direct copies.

Wikipedia's entry for Snow Bros links to this source, please compare the
screenshots to PixBros' nivel1.png, nivel2.png and nivel3.png:
http://www.arcade-museum.com/game_detail.php?game_id=9601

Oh well at least this will resolve the Fenix-is-not-64-bit bugs.

Steve
--- End Message ---
--- Begin Message ---
Source: pixbros
Source-Version: 0.6.3+dfsg-0.1

We believe that the bug you reported is fixed in the latest version of
pixbros, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 861...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Adrian Bunk  (supplier of updated pixbros package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 16 May 2017 21:14:57 +0300
Source: pixbros
Binary: pixbros
Architecture: source
Version: 0.6.3+dfsg-0.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Games Team 
Changed-By: Adrian Bunk 
Description:
 pixbros- 2D game inspired in Bubble Bobble, Snow Bros and Tumble Pop
Closes: 534058 859049 861612
Changes:
 pixbros (0.6.3+dfsg-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Repackaged to remove generated files and copyright violations
 from the upstream sources. (Closes: #861612)
   * Switch package from binary-all to being built on the architectures
 where fenix is available. (Closes: #534058, #859049)
Checksums-Sha1:
 f9e7843507d029a02d665497cf26212226fce163 2159 pixbros_0.6.3+dfsg-0.1.dsc
 c253740cb04addfab21b3d3ee925dbad3a235dd3 61295529 
pixbros_0.6.3+dfsg.orig.tar.gz
 66479f8740369c8b76d14d4d1667040aa8d25b69 7912 pixbros_0.6.3+dfsg-0.1.diff.gz
Checksums-Sha256:
 df4442f1970ef55d430a8e64c94291391dbfcbcfc5247d0d3da64ad2c93a467b 2159 
pixbros_0.6.3+dfsg-0.1.dsc
 7fee439d73c63a40a7bff51dabfe8bc24eb7b3d33d168d0dfb0f0d4abccfc1e3 61295529 
pixbros_0.6.3+dfsg.orig.tar.gz
 9e588ab59b081e4f421b28bfdc7887b04b354489c134832a5f7ef0c43a959a3c 7912 
pixbros_0.6.3+dfsg-0.1.diff.gz
Files:
 a7f79affecf3aba7548d81e69af3b13d 2159 games optional pixbros_0.6.3+dfsg-0.1.dsc
 965f63601b157e5b70983c98e4a1ea42 61295529 games optional 
pixbros_0.6.3+dfsg.orig.tar.gz
 a242667f824ab8ff491b7472581d450f 7912 games optional 
pixbros_0.6.3+dfsg-0.1.diff.gz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAlkb9EoACgkQiNJCh6LY
mLEquhAApE19rQq8vi/dQ+8BMDwA26TYsPxaueD3ZPUf+4ITnnLqXsC8kZF4nfEW
Dfoh9O9LOV2l6RVtP4Se7Yjj2MZS43Eb+j0L2K8B7VupECdgr+wgGWGMXfwkMz7g
AfiIKWyA4ytskKki6HCnm22aYGgUe+TilCsjs0FFcwRDu4YeP0cgNG3IbhdIjIMG
e0mm13iQmgPw+PkhPf4geFaw5XROStS0yH8Az2Nqt8kuBVF7iDtIMdNxAD+ehUNu
VDPyeaKbna4qsnqnSmDR3r6WDmOBsCAiv2xVWl9ifH9BTJj34rdUEX7Pm62Nr8L+
iCHRU8IOdxDaMOHAqZtwppVkvJsWUlX9DuQVg03h1WvKqFsBNo3KzI9auh2+xMqS
iMEpThO6u7d6GSEczxPKCiZ4Z3EmZU5T86XioG8XL9cOkWkLh1ajv8fNNvabMkyC
7DV/OLwKeioyhtCfh42KHMB0QPGD8XuPnfsX/piS+D/sRL50oC+c1Y2BNfHG13tc
aN3TaZGeZJ3yF8zVApcBDPXdJguwFL922qUcThbJdnxD336TE4ZZdL2VPp9O5fV+
39aELGIltn0+KF00Cfyp3ZOJMZ7CpB8LzEJwSfVA5yRMCSVyaSP8PibXgRoqwQl2
vWB6U3/6gZwZPi/33PYJq/qMIoZXLrwVbFgoqif9EMYBlpJbWjs=
=0/8M
-END PGP SIGNATURE End Message ---