Bug#870725: CVE-2017-11721: read buffer overflow in MSG_ReadBits

2017-08-11 Thread Simon McVittie 
On Fri, 11 Aug 2017 at 20:11:46 +0200, Moritz Mühlenhoff wrote:
> Thanks, please upload. Generally speaking contrib is not supported, but
> it would be silly to fix ioquake, but not iortcw along, so please go ahead.

Thanks, both uploaded to security-master targeting stretch-security.

> What about jessie, is that still usable against current game servers?

It would make sense to fix ioquake3 in jessie, but I am unlikely to
be able to complete this work any time soon - I probably won't find a
jessie user at DebConf, and soon after I get back I'll be moving house,
so my time and hardware are limited. I'll try to prepare packages so
that someone else can test them (via openarena).

For completeness: iortcw isn't in jessie, so not applicable.

S

Bug#853673: swish++: ftbfs with GCC-7

2017-08-11 Thread Tobias Frost 
Fixed with upload of  6.1.5-5, forgot to close the bug with the
changelog.

Processed: fixed 853673 in 6.1.5-5, closing 853673

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> fixed 853673 6.1.5-5
Bug #853673 [src:swish++] swish++: ftbfs with GCC-7
The source 'swish++' and version '6.1.5-5' do not appear to match any binary 
packages
Marked as fixed in versions swish++/6.1.5-5.
> close 853673
Bug #853673 [src:swish++] swish++: ftbfs with GCC-7
Marked Bug as done
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
853673: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853673
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871831: mono-tools: Depends on libwebkit1.1-cil which is deprecated

2017-08-11 Thread Jeremy Bicha 
Here's a slightly improved version of the patch.

Thanks,
Jeremy Bicha
From a4960e84a6ded969b2efde222f287d2fdb03e097 Mon Sep 17 00:00:00 2001
From: Jeremy Bicha 
Date: Sat, 12 Aug 2017 00:07:16 -0400
Subject: [PATCH] Don't Build-Depend on libwebkit-cil-dev

Closes: #871831
---
 debian/control | 2 +-
 debian/mono-tools-gui.install  | 8 
 debian/monodoc-browser.install | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/debian/control b/debian/control
index ad0830d..2ba1013 100644
--- a/debian/control
+++ b/debian/control
@@ -15,7 +15,7 @@ Build-Depends-Indep: cli-common-dev (>= 0.8~exp2~),
  libgnome2.0-cil-dev (>= 2.0),
  libnunit-cil-dev,
  libmono-cecil-cil-dev,
- libwebkit-cil-dev,
+# libwebkit-cil-dev,
  monodoc-base (>= 1.1.9),
  dh-xsp,
  libglib2.0-dev,
diff --git a/debian/mono-tools-gui.install b/debian/mono-tools-gui.install
index 46e51e5..f6bc48b 100644
--- a/debian/mono-tools-gui.install
+++ b/debian/mono-tools-gui.install
@@ -1,7 +1,7 @@
-debian/tmp/usr/bin/ilcontrast
-debian/tmp/usr/lib/ilcontrast/
-debian/tmp/usr/share/applications/ilcontrast.desktop
-debian/tmp/usr/share/pixmaps/ilcontrast.png
+#debian/tmp/usr/bin/ilcontrast
+#debian/tmp/usr/lib/ilcontrast/
+#debian/tmp/usr/share/applications/ilcontrast.desktop
+#debian/tmp/usr/share/pixmaps/ilcontrast.png
 debian/tmp/usr/bin/gui-compare
 debian/tmp/usr/lib/gui-compare/
 debian/tmp/usr/bin/mperfmon
diff --git a/debian/monodoc-browser.install b/debian/monodoc-browser.install
index 76ce562..5fbe635 100644
--- a/debian/monodoc-browser.install
+++ b/debian/monodoc-browser.install
@@ -1,6 +1,6 @@
 debian/tmp/usr/bin/monodoc
 debian/tmp/usr/lib/monodoc/browser.exe
-debian/tmp/usr/lib/monodoc/WebKitHtmlRender.dll
+#debian/tmp/usr/lib/monodoc/WebKitHtmlRender.dll
 debian/tmp/usr/share/pixmaps/monodoc.png
 debian/tmp/usr/share/applications/monodoc.desktop
 debian/update-monodoc /usr/bin
-- 
2.11.0

Bug#871831: mono-tools: Depends on libwebkit1.1-cil which is deprecated

2017-08-11 Thread Jeremy Bicha 
Control: reassign -1 source:mono-tools

Since I misfiled this, I'll repeat my original email.

Hi,

mono-tools-gui and monodoc-browser depends on libwebkit1.1-cil, which
is deprecated in favor of libwebkit2gtk-4.0-37 (provided in Debian by
webkit2gtk). These should be ported to the new webkitgtk version so we
can remove the old, unmaintained one.

Please try to do soon as we're going to try to remove the old webkitgtk soon.

I am filing this bug as "serious" since the old webkitgtk will not be
available in the next major stable release of Debian (codenamed
"buster").

I am attaching a patch to drop the dependency. This means that the
ilcontrast tool will not be available, but I think it may be better
than losing the whole package!

If you have any question don't hesitate to ask.

On behalf of the Debian WebKit Maintainers,
Jeremy Bicha
From 3af5cf8a93236e9355f0f3b61020778e11d396da Mon Sep 17 00:00:00 2001
From: Jeremy Bicha 
Date: Sat, 12 Aug 2017 00:07:16 -0400
Subject: [PATCH] Don't Build-Depend on libwebkit-cil-dev

Closes: #871831
---
 debian/control | 5 +++--
 debian/mono-tools-gui.install  | 8 
 debian/monodoc-browser.install | 2 +-
 3 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/debian/control b/debian/control
index ad0830d..99fbdbe 100644
--- a/debian/control
+++ b/debian/control
@@ -1,7 +1,8 @@
 Source: mono-tools
 Section: devel
 Priority: optional
-Maintainer: Debian Mono Group 
+Maintainer: Ubuntu Developers 
+XSBC-Original-Maintainer: Debian Mono Group 
 Uploaders: Mirco Bauer , Sebastian Dröge 
 Build-Depends: debhelper (>= 7.0.50~)
 Build-Depends-Indep: cli-common-dev (>= 0.8~exp2~),
@@ -15,7 +16,7 @@ Build-Depends-Indep: cli-common-dev (>= 0.8~exp2~),
  libgnome2.0-cil-dev (>= 2.0),
  libnunit-cil-dev,
  libmono-cecil-cil-dev,
- libwebkit-cil-dev,
+# libwebkit-cil-dev,
  monodoc-base (>= 1.1.9),
  dh-xsp,
  libglib2.0-dev,
diff --git a/debian/mono-tools-gui.install b/debian/mono-tools-gui.install
index 46e51e5..f6bc48b 100644
--- a/debian/mono-tools-gui.install
+++ b/debian/mono-tools-gui.install
@@ -1,7 +1,7 @@
-debian/tmp/usr/bin/ilcontrast
-debian/tmp/usr/lib/ilcontrast/
-debian/tmp/usr/share/applications/ilcontrast.desktop
-debian/tmp/usr/share/pixmaps/ilcontrast.png
+#debian/tmp/usr/bin/ilcontrast
+#debian/tmp/usr/lib/ilcontrast/
+#debian/tmp/usr/share/applications/ilcontrast.desktop
+#debian/tmp/usr/share/pixmaps/ilcontrast.png
 debian/tmp/usr/bin/gui-compare
 debian/tmp/usr/lib/gui-compare/
 debian/tmp/usr/bin/mperfmon
diff --git a/debian/monodoc-browser.install b/debian/monodoc-browser.install
index 76ce562..5fbe635 100644
--- a/debian/monodoc-browser.install
+++ b/debian/monodoc-browser.install
@@ -1,6 +1,6 @@
 debian/tmp/usr/bin/monodoc
 debian/tmp/usr/lib/monodoc/browser.exe
-debian/tmp/usr/lib/monodoc/WebKitHtmlRender.dll
+#debian/tmp/usr/lib/monodoc/WebKitHtmlRender.dll
 debian/tmp/usr/share/pixmaps/monodoc.png
 debian/tmp/usr/share/applications/monodoc.desktop
 debian/update-monodoc /usr/bin
-- 
2.11.0

Processed: mono-tools: Depends on libwebkit1.1-cil which is deprecated

2017-08-11 Thread Debian Bug Tracking System 
Processing control commands:

> reassign -1 source:mono-tools
Bug #871831 [src:blam] mono-tools: Depends on libwebkit1.1-cil which is 
deprecated
Bug reassigned from package 'src:blam' to 'src:mono-tools'.
Ignoring request to alter found versions of bug #871831 to the same values 
previously set
Ignoring request to alter fixed versions of bug #871831 to the same values 
previously set

-- 
871831: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871831
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871831: mono-tools: Depends on libwebkit1.1-cil which is deprecated

2017-08-11 Thread Jeremy Bicha 
Source: blam
Severity: serious
Tags: sid buster patch
User: pkg-webkit-maintain...@lists.alioth.debian.org
Usertags: oldlibs libwebkitgtk-1.0-0 webkit1

Hi,

mono-tools-gui and monodoc-browser depends on libwebkit1.1-cil, which
is deprecated in favor of libwebkit2gtk-4.0-37 (provided in Debian by
webkit2gtk). These should be ported to the new webkitgtk version so we
can remove the old, unmaintained one.

Please try to do soon as we're going to try to remove the old webkitgtk soon.

I am filing this bug as "serious" since the old webkitgtk will not be
available in the next major stable release of Debian (codenamed
"buster").

I am attaching a patch in my next email to drop the dependency. This
means that the ilcontrast tool will not be available, but I think it
may be better than losing the whole package!

If you have any question don't hesitate to ask.

On behalf of the Debian WebKit Maintainers,
Jeremy Bicha

Processed: fixed 863584 in 1:2.2.7+dfsg-2+deb8u3

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> fixed 863584 1:2.2.7+dfsg-2+deb8u3
Bug #863584 {Done: Dmitry Smirnov } [src:zabbix] zabbix: 
CVE-2017-2824 CVE-2017-2825
Ignoring request to alter fixed versions of bug #863584 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
863584: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863584
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#866649: Read-119 removes gir1.2-webkit-3.0 dependency

2017-08-11 Thread James Cameron 
Upstream release v119 has removed this dependency.

-- 
James Cameron
http://quozl.netrek.org/

Bug#871829: blam: depends on libwebkit1.1-cil which is deprecated

2017-08-11 Thread Jeremy Bicha 
Source: blam
Severity: serious
Tags: sid buster
User: pkg-webkit-maintain...@lists.alioth.debian.org
Usertags: oldlibs libwebkitgtk-1.0-0 webkit1

Hi,

blam depends on libwebkit1.1-cil, which is deprecated in
favor of libwebkit2gtk-4.0-37 (provided in Debian by webkit2gtk).
blam should be ported to the new webkitgtk version so we
can remove the old, unmaintained one.

Please try to do soon as we're going to try to remove the old webkitgtk soon.

I am filing this bug as "serious" since the old webkitgtk will not be
available in the next major stable release of Debian (codenamed
"buster").

If you have any question don't hesitate to ask.

On behalf of the Debian WebKit Maintainers,
Jeremy Bicha

Bug#871629: marked as done (thunderbird UI unusable with many widgets not drawn)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Sat, 12 Aug 2017 03:21:51 +
with message-id 
and subject line Bug#871629: fixed in icedove 1:52.2.1-5
has caused the Debian Bug report #871629,
regarding thunderbird UI unusable with many widgets not drawn
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
871629: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871629
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: thunderbird
Version: 1:52.2.1-4+b1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

the thunderbird UI is unusable with many widgets not drawn. See attached 
screenshot. Mouse hover causes some to be drawn.

Using XFCE with Clearlooks Phenix theme. Changing theme causes all widgets to 
be redrawn, but mouse activity causes them to disappear again.

Unusable. Downgrading.

Kind regards,
Ben.


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.11.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages thunderbird depends on:
ii  debianutils   4.8.2
ii  fontconfig2.12.3-0.2
ii  libatk1.0-0   2.24.0-1
ii  libc6 2.24-14
ii  libcairo-gobject2 1.14.10-1
ii  libcairo2 1.14.10-1
ii  libdbus-1-3   1.11.16+really1.10.22-1
ii  libdbus-glib-1-2  0.108-2
ii  libevent-2.1-62.1.8-stable-4
ii  libffi6   3.2.1-6
ii  libfontconfig12.12.3-0.2
ii  libfreetype6  2.8-0.2
ii  libgcc1   1:7.1.0-13
ii  libgdk-pixbuf2.0-02.36.5-2
ii  libglib2.0-0  2.53.4-3
ii  libgtk-3-03.22.17-1
ii  libhunspell-1.6-0 1.6.1-2
ii  libpango-1.0-01.40.6-1
ii  libpangocairo-1.0-0   1.40.6-1
ii  libpangoft2-1.0-0 1.40.6-1
ii  libpixman-1-0 0.34.0-1
ii  libstartup-notification0  0.12-4+b2
ii  libstdc++67.1.0-13
ii  libvpx4   1.6.1-3
ii  libx11-6  2:1.6.4-3
ii  libx11-xcb1   2:1.6.4-3
ii  libxcb-shm0   1.12-1
ii  libxcb1   1.12-1
ii  libxcomposite11:0.4.4-2
ii  libxdamage1   1:1.1.4-2+b3
ii  libxext6  2:1.3.3-1+b2
ii  libxfixes31:5.0.3-1
ii  libxrender1   1:0.9.10-1
ii  libxt61:1.1.5-1
ii  psmisc23.1-1
ii  x11-utils 7.7+3+b1
ii  zlib1g1:1.2.8.dfsg-5

Versions of packages thunderbird recommends:
ii  hunspell-en-gb [hunspell-dictionary]  1:5.2.5-1
ii  lightning 1:52.2.1-4+b1

Versions of packages thunderbird suggests:
pn  apparmor  
ii  fonts-lyx 2.2.3-1
ii  libgssapi-krb5-2  1.15.1-2

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: icedove
Source-Version: 1:52.2.1-5

We believe that the bug you reported is fixed in the latest version of
icedove, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 871...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Carsten Schoenert  (supplier of updated icedove 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 11 Aug 2017 22:02:47 -0400
Source: icedove
Binary: thunderbird icedove thunderbird-dev icedove-dev thunderbird-dbg 
icedove-dbg lightning iceowl-extension calendar-google-provider 
thunderbird-l10n-all thunderbird-l10n-ar thunderbird-l10n-ast 
thunderbird-l10n-be thunderbird-l10n-bg thunderbird-l10n-bn-bd 
thunderbird-l10n-br thunderbird-l10n-ca thunderbird-l10n-cs thunderbird-l10n-da 
thunderbird-l10n-de thunderbird-l10n-dsb thunderbird-l10n-el 
thunderbird-l10n-en-gb thunderbird-l10n-es-ar thunderbird-l10n-es-es 
thunderbird-l10n-et thunderbird-l10n-eu thunderbird-l10n-fi thunderbird-l10n-fr

Bug#790201: geany-plugins: diff for NMU version 1.31+dfsg-1.1

2017-08-11 Thread Jeremy Bicha 
Commenting to try to reset the autoremoval counter since the fix is
already pending.

Thanks,
Jeremy

Bug#871629: thunderbird UI unusable with many widgets not drawn

2017-08-11 Thread Carsten Schoenert 
Hello,

On Thu, Aug 10, 2017 at 04:21:10PM +1200, Ben Caradoc-Davies wrote:
> Package: thunderbird
> Version: 1:52.2.1-4+b1
> Severity: grave
> Justification: renders package unusable
> 
> Dear Maintainer,
> 
> the thunderbird UI is unusable with many widgets not drawn. See
> attached screenshot. Mouse hover causes some to be drawn.
> 
> Using XFCE with Clearlooks Phenix theme. Changing theme causes all
> widgets to be redrawn, but mouse activity causes them to disappear
> again.
> 
> Unusable. Downgrading.

as Adrian has pointed out the visible issue is some kind related to the
new default GCC-7 version in unstable that has introduced this
regression.
As far I could test I can reproduce this issue no mather if I use
Gnome Classic, 3, KDE5 with classical X-system or Wayland so it's
probably not related to the DE. Like Firefox we switches back to GCC-6
for now.

I'll upload a so prepared version soon.

@dkg
Thanks for the nice explanation how snapshot.d.o can be use with apt! We
will need to put this to the wiki somehow.

Regards
Carsten

Bug#871629: same here

2017-08-11 Thread Adilson dos Santos Dantas 
2017-08-11 14:32:27 -0400 Daniel Kahn Gillmor 

>I used the snapshots service to get the old version.
>
>I put the following line in /etc/apt/sources.list.d/snapshots.list :
>
>deb [signed-by=/usr/share/keyrings/debian-archive-keyring.gpg] >
http://snapshot.debian.org/archive/debian/20170806/ sid main
>
>then i did:
>
>apt update
>apt install thunderbird=1:52.2.1-4
>
>This will stop working smoothly once the (now old) signature on the
>snapshotted apt archive expires.
>
>Please remember to remove the snapshot archive from your list of sources
>when you're done!

And also remember to run this command:

apt-mark hold thunderbird

This prevents installing the bugged package again. When they fix it, just
run

apt-get install thunderbird

to upgrade it.

>
>Regards,
>
>--dkg

-- 
Adilson dos Santos Dantas
http://www.adilson.net.br
http://twitter.com/adilsond

Bug#871810: cvs: CVE-2017-12836: CVS and ssh command injection

2017-08-11 Thread Thorsten Glaser 
Sébastien Delafond dixit:

>Would you be able to produce debdiffs for jessie and stretch, so we can
>review them and give you the go-ahead to upload to security-master ?

OK, now that I’m waiting on the multi-hour testsuite results on sid.
(It’s mostly that, due to the extra checks, the testsuite needs changes,
not the code.)

I’m attaching one for stretch, and if it pleases you, I’ll do them in
the same vain for jessie and wheezy and upload them. (As I said, they
will all look identical, the code has not changed in quite a while…
the file in question did not change *at all*, and it’s not affected
by the other code changes since then.)

Since I do not upload to past releases often: do I just dput them,
or do I put them on a different upload server/queue?

Thanks,
//mirabilos
-- 
> emacs als auch vi zum Kotzen finde (joe rules) und pine für den einzig
> bedienbaren textmode-mailclient halte (und ich hab sie alle ausprobiert). ;)
Hallo, ich bin der Holger ("Hallo Holger!"), und ich bin ebenfalls
... pine-User, und das auch noch gewohnheitsmäßig ("Oooohhh").  [aus dasr]diff -u cvs-1.12.13+real/debian/changelog cvs-1.12.13+real/debian/changelog
--- cvs-1.12.13+real/debian/changelog
+++ cvs-1.12.13+real/debian/changelog
@@ -1,3 +1,9 @@
+cvs (2:1.12.13+real-22+deb9u1) stretch; urgency=high
+
+  * Fix CVE-2017-12836 (Closes: #871810)
+
+ -- Thorsten Glaser   Sat, 12 Aug 2017 03:15:49 +0200
+
 cvs (2:1.12.13+real-22) unstable; urgency=low
 
   * cvs init: Change default history logging configuration
diff -u cvs-1.12.13+real/src/rsh-client.c cvs-1.12.13+real/src/rsh-client.c
--- cvs-1.12.13+real/src/rsh-client.c
+++ cvs-1.12.13+real/src/rsh-client.c
@@ -53,8 +53,9 @@
 char *cvs_server = (root->cvs_server != NULL
? root->cvs_server : getenv ("CVS_SERVER"));
 int i = 0;
-/* This needs to fit "rsh", "-b", "-l", "USER", "-p", port, "host",
-   "cmd (w/ args)", and NULL.  We leave some room to grow. */
+/* This needs to fit "rsh", "-b", "-l", "USER", "-p", port,
+   "--", "host", "cvs", "-R", "server", and NULL.
+   We leave some room to grow. */
 char *rsh_argv[16];
 char argvport[16];
 
@@ -105,6 +106,9 @@
rsh_argv[i++] = argvport;
 }
 
+/* Only non-option arguments from here. (CVE-2017-12836) */
+rsh_argv[i++] = "--";
+
 rsh_argv[i++] = root->hostname;
 rsh_argv[i++] = cvs_server;
 if (readonlyfs)
@@ -189,6 +193,8 @@
*p++ = argvport;
}
 
+   *p++ = "--";
+
*p++ = root->hostname;
*p++ = command;
*p++ = NULL;

Bug#871263: libmspack: CVE-2017-6419

2017-08-11 Thread Stuart Caie 

On 11/08/17 19:07, Sebastian Andrzej Siewior wrote:

[0] https://security-tracker.debian.org/tracker/CVE-2017-6419
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6419
[1] 
https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1

Stuart, is this enough information or do you need more?
I'm interested in how the fix is to add a check to see if 
window_posn+this_run wraps the window, immediately below a comment that 
expressly states that won't happen, with the reasoning: this_run has 
already been clamped to ensure it does not wrap a frame, and frames 
don't wrap windows.


If this is incorrect reasoning, what part of the reasoning is wrong? Is 
this_run somehow not being clamped to <=FRAME_SIZE through some code 
path? If so, the fix is to clamp it. Is window size not a multiple of 
frame size? If so, something is very wrong.


I'd be interested in seeing an example file that gets to this condition.

Also, if ClamAV made a change five months ago, and they're confident 
it's a bug in libmspack why am I only finding out today?


Regards
Stuart

Bug#867020: auctex: fails to remove: auctex/remove: Removing parsed (La)TeX macros for emacs25...rm: cannot remove '/var/lib/auctex/emacs25': Directory not empty

2017-08-11 Thread Davide G. M. Salvetti 
tags 867020 + confirmed patch pending
thanks
>  AB == Andreas Beckmann [2017-7-3]

AB> Package: auctex
AB> Version: 11.90-1
AB> Severity: serious
AB> User: debian...@lists.debian.org
AB> Usertags: piuparts

AB> Hi,

AB> during a test with piuparts I noticed your package fails to remove.

>> From the attached log (scroll to the bottom...):

AB> Removing auctex (11.90-1) ...
AB> Remove auctex for emacs25
AB> auctex/remove: Removing parsed (La)TeX macros for emacs25...rm: cannot 
remove '/var/lib/auctex/emacs25': Directory not empty
AB> ERROR: remove script from auctex package failed
AB> dpkg: error processing package auctex (--remove):
AB> subprocess installed pre-removal script returned error exit status 1

AB> This was observed during a test of stretch, i386, --install-recommends.

Hi Andreas,

thanks for the report; I can confirm it.

I think I found the cause.  At installation time the auctex package
starts in background (per default) the script udpate-auctex-elisp, which
keeps running for some time after installation writing files in
/var/lib/auctex/${emacsen-flavor} as part of its job.  During piuparts
tests the package gets removed before update-auctex-elisp has got the
chance to finish, so that when the package emacsen remove script invoke
the "rm --recursive --force /var/lib/auctex/emacs25" command
update-auctex-elisp still writes files in that directory.  Thus it may
happen, as far as I can undestand, that rm fails due to the non
atomicity of its non empty directory removal operations, because
update-auctex-elisp may create a new file after rm thinks it has removed
all of the directory files and before rm tries and removes the
directory, resulting in rm trying to unlink a non empty directory.

If my analysis is correct, this bug is unlikely to manifest itself
during normal operations, since it can only happen if auctex gets
removed shortly after its installation.

The solution I'm evaluating is to kill running update-auctex-elisp
instances before invoking "rm --recursive --force
/var/lib/auctex/${emacsen-flavor}" in auctex emacsen remove script.
Since "update-auctex-elisp" should be a rather distinct and private
process name, I think I will do it with something along the lines of
"pkill -f update-auctex-elisp", as in the patch attached.

--
Thanks,
Davide
>From 0dd8709b456afa76f1d73d79da3e02a48fd6cc27 Mon Sep 17 00:00:00 2001
From: "Davide G. M. Salvetti" 
Date: Sat, 12 Aug 2017 00:46:05 +0200
Subject: [PATCH] Kill update-auctex-elisp instances at package remove time

* debian/auctex.emacsen-remove.eperl: When the package is being removed,
  take care of killing any running update-auctex-elisp instance before
  removing parsed macro caches in /var/lib/auctex/$FLAVOR.

* debian/control (auctex/Depends): Add procps, needed for pgrep and pkill
  used above.

Closes: #867020
---
 debian/auctex.emacsen-remove.eperl | 9 +
 debian/control | 2 +-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/debian/auctex.emacsen-remove.eperl b/debian/auctex.emacsen-remove.eperl
index 79bf23294..c4adebc3e 100644
--- a/debian/auctex.emacsen-remove.eperl
+++ b/debian/auctex.emacsen-remove.eperl
@@ -36,6 +36,15 @@ undo_install () {
 }
 
 undo_update_auctex_elisp () {
+<: # Take care of running update-auctex-elisp instances :>//
+while pgrep -f update-auctex-elisp >/dev/null; do
+	echo -n "${PROGNAME}:" \
+	 "Killing $(pgrep -fc update-auctex-elisp) running" \
+	 "update-auctex-elisp instance(s)..."
+	pkill -f update-auctex-elisp || true
+	sleep 1
+	echo 'done.'
+done
 echo -n "${PROGNAME}:" \
 	"Removing parsed (La)TeX macros for ${FLAVOR}..."
 rm --recursive --force /var/lib/auctex/${FLAVOR}
diff --git a/debian/control b/debian/control
index d2489bb4c..b052b11af 100644
--- a/debian/control
+++ b/debian/control
@@ -11,7 +11,7 @@ Vcs-Git: https://anonscm.debian.org/git/users/salve/auctex.git
 
 Package: auctex
 Architecture: all
-Depends: emacs25 | emacs24 | emacs-snapshot, emacsen-common (>= 2.0.8), preview-latex-style, ${misc:Depends}
+Depends: emacs25 | emacs24 | emacs-snapshot, emacsen-common (>= 2.0.8), preview-latex-style, procps, ${misc:Depends}
 Recommends: ghostscript, texlive-latex-recommended, xpdf | evince | evince-gtk | okular
 Suggests: catdvi, dvipng, lacheck
 Breaks: emacspeak (<= 17.0-1)
-- 
2.11.0

Processed: Re: Bug#867020: auctex: fails to remove: auctex/remove: Removing parsed (La)TeX macros for emacs25...rm: cannot remove '/var/lib/auctex/emacs25': Directory not empty

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 867020 + confirmed patch pending
Bug #867020 [auctex] auctex: fails to remove: auctex/remove: Removing parsed 
(La)TeX macros for emacs25...rm: cannot remove '/var/lib/auctex/emacs25': 
Directory not empty
Added tag(s) patch, confirmed, and pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
867020: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867020
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#866641: marked as done (guitarix: depends on libwebkitgtk-1.0-0 which is deprecated)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Sat, 12 Aug 2017 00:19:33 +
with message-id 
and subject line Bug#866641: fixed in guitarix 0.35.6-1
has caused the Debian Bug report #866641,
regarding guitarix: depends on libwebkitgtk-1.0-0 which is deprecated
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
866641: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866641
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: guitarix
Severity: serious
Tags: sid buster
User: pkg-webkit-maintain...@lists.alioth.debian.org
Usertags: oldlibs libwebkitgtk-1.0-0 webkit1

Hi,

guitarix depends on libwebkitgtk-1.0-0, which is deprecated in
favor of libwebkit2gtk-4.0-37 (provided in Debian by webkit2gtk).
guitarix should be ported to the new webkitgtk version so we can
remove the old, unmaintained one.

Please try to do soon as we're going to try to remove the old webkitgtk soon.

I am filing this bug as "serious" since the old webkitgtk will not be
available in the next major stable release of Debian (codenamed
"buster").

If you have any question don't hesitate to ask.

On behalf of the Debian WebKit Maintainers,
Jeremy Bicha
--- End Message ---
--- Begin Message ---
Source: guitarix
Source-Version: 0.35.6-1

We believe that the bug you reported is fixed in the latest version of
guitarix, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 866...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sebastian Ramacher  (supplier of updated guitarix package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 12 Aug 2017 01:43:19 +0200
Source: guitarix
Binary: guitarix guitarix-common guitarix-ladspa guitarix-lv2 guitarix-doc 
libgxw0 libgxw-dev libgxwmm0 libgxwmm-dev gxw-glade
Architecture: source
Version: 0.35.6-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Multimedia Maintainers 

Changed-By: Sebastian Ramacher 
Description:
 guitarix   - Rock guitar amplifier for Jack
 guitarix-common - Guitarix - Common files
 guitarix-doc - Guitarix - Development documentation
 guitarix-ladspa - Guitarix - ladspa plugins
 guitarix-lv2 - Guitarix - LV2 plugins
 gxw-glade  - Guitarix - GTK+ library Glade support
 libgxw-dev - Guitarix - GTK+ library (development files)
 libgxw0- Guitarix - GTK+ library
 libgxwmm-dev - Guitarix - GTK+ C++ widget library (development files)
 libgxwmm0  - Guitarix - GTK+ C++ widget library
Closes: 853437 866641
Changes:
 guitarix (0.35.6-1) unstable; urgency=medium
 .
   * Team upload.
   * Upload to unstable.
   * New upstream release.
 - Drop dependency on WebKit (Closes: #866641)
 - Fix build issues with GCC 7. (Closes: #853437)
   * debian/control:
 - Bump Priority to optional.
 - Bump Standards-Version.
Checksums-Sha1:
 fdf33c9190e0186c9eb13701b8ce7e51c4e0d9b2 2822 guitarix_0.35.6-1.dsc
 474179d8719163d85d327896368774b33f75d9c3 80169924 guitarix_0.35.6.orig.tar.xz
 02beed26013ab098ce4ab1ad3dfb0cabbae4537f 13076 guitarix_0.35.6-1.debian.tar.xz
Checksums-Sha256:
 848c930dc34b363649e95218dc8009c37749d8993b2c5cc4e455ecaa74017976 2822 
guitarix_0.35.6-1.dsc
 81589b6c1a59d0560472ff1054a7fe44fb64344428deacff387f1b09b775db39 80169924 
guitarix_0.35.6.orig.tar.xz
 4237c2cbeb47e25b779c85c122db11c32e0e710081bafbd5de2761e5375e8319 13076 
guitarix_0.35.6-1.debian.tar.xz
Files:
 a485b82976c685cf93c6139bf6add941 2822 sound optional guitarix_0.35.6-1.dsc
 d9856cd84d2e1de62adbbda9fada9570 80169924 sound optional 
guitarix_0.35.6.orig.tar.xz
 accd0d609f1295353bc1c5b2a5c57246 13076 sound optional 
guitarix_0.35.6-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEE94y6B4F7sUmhHTOQafL8UW6nGZMFAlmOQj0ACgkQafL8UW6n
GZPGuhAAw2bnCpuqZdFwA4wtLROqpWXotkc1to3qXbfyZR9oHc6DUNEB10YvSc7l
q5CQmaItYnqvzBsTvfNmTIZ2cNVgMDTvQmMo9WnGqf6d3zgltJMB/oA/lL2z1CT8
KB7NIwEn/8P+a//g2dDfYRA9BKfsoGGPi2YCwHV97X24xTo48NdIYnsY+cAc2WdP
imjVabu3RBhpIDjuHdc2/BHh3GntPlZDggq7RIehdLrMmcUttLHe8yBECa2yY7Qs
OKy22/8/MqP/RJ2xXqFXRQwIcKbs5Wp2BxTpKg4/G6GObk61DFQjt9YWMYjzR+Kz

Bug#853437: marked as done (guitarix: ftbfs with GCC-7)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Sat, 12 Aug 2017 00:19:33 +
with message-id 
and subject line Bug#853437: fixed in guitarix 0.35.6-1
has caused the Debian Bug report #853437,
regarding guitarix: ftbfs with GCC-7
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
853437: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853437
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:guitarix
Version: 0.35.2-1
Severity: normal
Tags: sid buster
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-7

Please keep this issue open in the bug tracker for the package it
was filed for.  If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.

The package fails to build in a test rebuild on at least amd64 with
gcc-7/g++-7, but succeeds to build with gcc-6/g++-6. The
severity of this report may be raised before the buster release.
There is no need to fix this issue in time for the stretch release.

The full build log can be found at:
http://people.debian.org/~doko/logs/gcc7-20170126/guitarix_0.35.2-1_unstable_gcc7.log
The last lines of the build log are at the end of this report.

To build with GCC 7, either set CC=gcc-7 CXX=g++-7 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.

  apt-get -t=experimental install g++ 

Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-7/porting_to.html

[...]
 from /usr/include/gtkmm-2.4/gtkmm.h:87,
 from ../src/LV2/gx_delay.lv2/gx_delay_gui.cpp:24:
/usr/include/glibmm-2.4/glibmm/variant.h:596:55: warning: dynamic exception 
specifications are deprecated in C++11; use 'noexcept' instead [-Wdeprecated]
static V_CastTo cast_dynamic(const VariantBase& v) throw(std::bad_cast);
   ^
/usr/include/glibmm-2.4/glibmm/variant.h:643:1: warning: dynamic exception 
specifications are deprecated in C++11; use 'noexcept' instead [-Wdeprecated]
 throw(std::bad_cast)
 ^
/usr/include/glibmm-2.4/glibmm/variant.h:899:1: warning: dynamic exception 
specifications are deprecated in C++11; use 'noexcept' instead [-Wdeprecated]
 throw(std::bad_cast);
 ^
/usr/include/glibmm-2.4/glibmm/variant.h:1082:1: warning: dynamic exception 
specifications are deprecated in C++11; use 'noexcept' instead [-Wdeprecated]
 throw(std::bad_cast);
 ^
/usr/include/glibmm-2.4/glibmm/variant.h:1139:1: warning: dynamic exception 
specifications are deprecated in C++11; use 'noexcept' instead [-Wdeprecated]
 throw(std::bad_cast);
 ^
In file included from 
/usr/include/glibmm-2.4/glibmm/containerhandle_shared.h:24:0,
 from /usr/include/glibmm-2.4/glibmm/arrayhandle.h:23,
 from /usr/include/glibmm-2.4/glibmm.h:93,
 from /usr/include/gtkmm-2.4/gtkmm.h:87,
 from ../src/LV2/gx_delay.lv2/widget.h:25,
 from ../src/LV2/gx_delay.lv2/widget.cpp:21:
/usr/include/glibmm-2.4/glibmm/variant.h:596:55: warning: dynamic exception 
specifications are deprecated in C++11; use 'noexcept' instead [-Wdeprecated]
static V_CastTo cast_dynamic(const VariantBase& v) throw(std::bad_cast);
   ^
/usr/include/glibmm-2.4/glibmm/variant.h:643:1: warning: dynamic exception 
specifications are deprecated in C++11; use 'noexcept' instead [-Wdeprecated]
 throw(std::bad_cast)
 ^
/usr/include/glibmm-2.4/glibmm/variant.h:899:1: warning: dynamic exception 
specifications are deprecated in C++11; use 'noexcept' instead [-Wdeprecated]
 throw(std::bad_cast);
 ^
/usr/include/glibmm-2.4/glibmm/variant.h:1082:1: warning: dynamic exception 
specifications are deprecated in C++11; use 'noexcept' instead [-Wdeprecated]
 throw(std::bad_cast);
 ^
/usr/include/glibmm-2.4/glibmm/variant.h:1139:1: warning: dynamic exception 
specifications are deprecated in C++11; use 'noexcept' instead [-Wdeprecated]
 throw(std::bad_cast);
 ^
Waf: Leaving directory `/<>/build'
Build failed:
 -> task failed (err #1): 
{task: cxx gxamp.cpp -> gxamp_8.o}
 -> task failed (err #1): 
{task: cxx gxamp_stereo.cpp -> gxamp_stereo_13.o}
debian/rules:22: recipe for target 'override_dh_auto_build-arch' failed
make[1]: ***

Processed: Bug#871814 marked as pending

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tag 871814 pending
Bug #871814 [src:csound-manual] csound-manual FTBFS: python: Command not found
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
871814: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871814
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871814: marked as pending

2017-08-11 Thread Felipe Sateler 
tag 871814 pending
thanks

Hello,

Bug #871814 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:


http://anonscm.debian.org/git/pkg-multimedia/csound-manual.git/commit/?id=42e656a

---
commit 42e656abae76c8b1ae881e57c58210b7faf3accf
Author: Felipe Sateler 
Date:   Fri Aug 11 19:58:27 2017 -0400

Release

diff --git a/debian/changelog b/debian/changelog
index 2efb7ba..8f15c17 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+csound-manual (1:6.09.0~dfsg-2) unstable; urgency=medium
+
+  * Add missing build-dependencies (Closes: #871814)
+
+ -- Felipe Sateler   Fri, 11 Aug 2017 19:58:07 -0400
+
 csound-manual (1:6.09.0~dfsg-1) unstable; urgency=medium
 
   * New upstream version 6.09.0~dfsg

Bug#853437: marked as pending

2017-08-11 Thread Sebastian Ramacher 
tag 853437 pending
thanks

Hello,

Bug #853437 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

http://anonscm.debian.org/git/pkg-multimedia/guitarix.git/commit/?id=91ca1d7

---
commit 91ca1d7075fe8f5e02f425d4a8f80da82583de4f
Author: Sebastian Ramacher 
Date:   Sat Aug 12 01:16:17 2017 +0200

New upstream release

diff --git a/debian/changelog b/debian/changelog
index 4a67671..5dec2d5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+guitarix (0.35.6-1) UNRELEASED; urgency=medium
+
+  * New upstream release.
+- Drop dependency on WebKit (Closes: #866641)
+- Fix build issues with GCC 7. (Closes: #853437)
+
+ -- Sebastian Ramacher   Sat, 12 Aug 2017 01:15:05 +0200
+
 guitarix (0.35.3-1) experimental; urgency=medium
 
   * New upstream version 0.35.3

Bug#866641: marked as pending

2017-08-11 Thread Sebastian Ramacher 
tag 866641 pending
thanks

Hello,

Bug #866641 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

http://anonscm.debian.org/git/pkg-multimedia/guitarix.git/commit/?id=91ca1d7

---
commit 91ca1d7075fe8f5e02f425d4a8f80da82583de4f
Author: Sebastian Ramacher 
Date:   Sat Aug 12 01:16:17 2017 +0200

New upstream release

diff --git a/debian/changelog b/debian/changelog
index 4a67671..5dec2d5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+guitarix (0.35.6-1) UNRELEASED; urgency=medium
+
+  * New upstream release.
+- Drop dependency on WebKit (Closes: #866641)
+- Fix build issues with GCC 7. (Closes: #853437)
+
+ -- Sebastian Ramacher   Sat, 12 Aug 2017 01:15:05 +0200
+
 guitarix (0.35.3-1) experimental; urgency=medium
 
   * New upstream version 0.35.3

Processed: Bug#866641 marked as pending

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tag 866641 pending
Bug #866641 [guitarix] guitarix: depends on libwebkitgtk-1.0-0 which is 
deprecated
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
866641: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866641
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Bug#853437 marked as pending

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tag 853437 pending
Bug #853437 [src:guitarix] guitarix: ftbfs with GCC-7
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
853437: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853437
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869670: Depends: linux-headers-4.11.0-2-common ... but it is not going to be installed

2017-08-11 Thread Kurthy Gyula 
Package: linux-headers-4.11.0-2-all
Followup-For: Bug #869670

Dear Maintainer,

I have tried to install nvidia drivers and run virtualbox, but for
building DKMS I needed linux-headers and I couldn't install them.

And when I try with my graphic card Gigabyte GTX 960 4GB to boot the
system, it stops at boot.

I couldn't get to work it.
When I somehow got the system to install the nvidia driver DKMS, it required me 
to remove
the packages from recovery, because I couldn't boot even withot my GPU.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages linux-headers-4.11.0-2-all depends on:
pn  linux-headers-4.11.0-2-all-amd64  

linux-headers-4.11.0-2-all recommends no packages.

linux-headers-4.11.0-2-all suggests no packages.

Bug#871810: cvs: CVE-2017-12836: CVS and ssh command injection

2017-08-11 Thread Thorsten Glaser 
Sébastien Delafond dixit:

>On Aug/11, Thorsten Glaser wrote:
>> For {,{,old}old}stable-security, this should suffice:
>> [...]
>
>Would you be able to produce debdiffs for jessie and stretch, so we can
>review them and give you the go-ahead to upload to security-master ?

Yes, although they’d look like the patch I showed plus changelog.

But let me take care of sid first please, I also implement hostname
checking to be on the safe side, since other VCSes do so, too.

bye,
//mirabilos
-- 
18:47⎜ well channels… you see, I see everything in the
same window anyway  18:48⎜ i know, you have some kind of
telnet with automatic pong 18:48⎜ haha, yes :D
18:49⎜ though that's more tinyirc – sirc is more comfy

Bug#869360: marked as done (slic3r: missing dependency on perlapi-*)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 22:21:13 +
with message-id 
and subject line Bug#869360: fixed in slic3r 1.2.9+dfsg-6.1
has caused the Debian Bug report #869360,
regarding slic3r: missing dependency on perlapi-*
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
869360: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869360
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: slic3r
Version: 1.2.9+dfsg-6
Severity: serious
Tags: buster sid
User: debian-p...@lists.debian.org
Usertags: perl-5.26-transition
X-Debbugs-Cc: p...@packages.debian.org

This package contains a binary ("XS") Perl module
 /usr/lib/slic3r/auto/Slic3r/XS/XS.so
but does not depend on perlapi-*. This is a violation
of the Debian Perl policy, quoting:

  4.4.2. Binary and Other Architecture Dependent Modules

  Binary modules must specify a dependency on either perl or
  perl-base with a minimum version of the perl package used to build the
  module. Additionally, all binary modules (regardless of their installation
  directory) and any other modules installed into $Config{vendorarch} must
  depend on the expansion of perlapi-$Config{debian_abi} using the Config
  module. If $Config{debian_abi} is empty or not set, $Config{version}
  must be used.

The perlapi-* dependency guarantees that the binary module is compatible
with the version of perl on the system.

I see the release team tools have spotted this package and scheduled
binNMUs for the ongoing Perl 5.26 transition, probably because
older versions with the perlapi-* dependency are still around on some
architectures.  Still, partial upgrades (upgrading perl without upgrading
slic3r or vice versa) will result in breakage.

The fix is probably something like

  override_dh_perl:
  dh_perl /usr/lib/slic3r

so that dh_perl knows about the private library directory.

Once this is fixed, please file a bug against perl so we can add a
Breaks entry for older versions. This makes sure partial upgrades from
stretch work.
-- 
Niko Tyni   nt...@debian.org
--- End Message ---
--- Begin Message ---
Source: slic3r
Source-Version: 1.2.9+dfsg-6.1

We believe that the bug you reported is fixed in the latest version of
slic3r, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 869...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
gregor herrmann  (supplier of updated slic3r package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 06 Aug 2017 13:27:56 -0400
Source: slic3r
Binary: slic3r
Architecture: source
Version: 1.2.9+dfsg-6.1
Distribution: unstable
Urgency: medium
Maintainer: Debian 3-D Printing Packages 
<3dprinter-gene...@lists.alioth.debian.org>
Changed-By: gregor herrmann 
Closes: 869360
Description: 
 slic3r - G-code generator for 3D printers
Changes:
 slic3r (1.2.9+dfsg-6.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Fix "missing dependency on perlapi-*":
 add override_dh_perl in debian/rules to make dh_perl search for perl
 modules in the private directory as well.
 (Closes: #869360)
Checksums-Sha1: 
 ca6c51ff30d327538af7b9452d292edd16562074 2609 slic3r_1.2.9+dfsg-6.1.dsc
 e12277fdcbc62f5fdf8def2c693633f60ce5f9d7 28364 
slic3r_1.2.9+dfsg-6.1.debian.tar.xz
Checksums-Sha256: 
 7a3f5b002deecb2153fe330058f92b7beaa9a2105c18603aa8b6c33fd3432142 2609 
slic3r_1.2.9+dfsg-6.1.dsc
 4bd9b2179740b46813c126504bc83779c301e301676b958a5cd703e35180abef 28364 
slic3r_1.2.9+dfsg-6.1.debian.tar.xz
Files: 
 ec35bb15883bea170056657c8509185f 2609 perl optional slic3r_1.2.9+dfsg-6.1.dsc
 9327541a24b0586a0205fb41fb500c4f 28364 perl optional 
slic3r_1.2.9+dfsg-6.1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKTBAEBCgB9FiEE0eExbpOnYKgQTYX6uzpoAYZJqgYFAlmHjixfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEQx
RTEzMTZFOTNBNzYwQTgxMDREODVGQUJCM0E2ODAxODY0OUFBMDYACgkQuzpoAYZJ
qgapiA//Xm6km+DmN4+ahyseMIWornA7nl7PQV7/It5SiYatq5U8qf4d3P79Sqqi
Q4rXfF006H2rOB3K5sLmXhdUDnL5NUhiNdAvztoSqmNfxeI9CaGc3K2ndh+WNjVp

Bug#871629: same here

2017-08-11 Thread Daniel Kahn Gillmor 
On Fri 2017-08-11 10:38:10 +0200, Adrian Ban wrote:

> Yesterday after upgrading my Laptop and a VM both on Debian Sid I've 
> notice exactly the same issues mentioned here.
> .
> In the begging I thought is my Laptop issue
>   but after checking the VM I've notice that is a Thunderbird/system issue .
>
> Which is the fastest way to fix this issue?

I used the snapshots service to get the old version.

I put the following line in /etc/apt/sources.list.d/snapshots.list :

deb [signed-by=/usr/share/keyrings/debian-archive-keyring.gpg] 
http://snapshot.debian.org/archive/debian/20170806/ sid main

then i did:

apt update
apt install thunderbird=1:52.2.1-4

This will stop working smoothly once the (now old) signature on the
snapshotted apt archive expires.

Please remember to remove the snapshot archive from your list of sources
when you're done!

Regards,

--dkg


signature.asc
Description: PGP signature

Bug#871810: cvs: CVE-2017-12836: CVS and ssh command injection

2017-08-11 Thread Sébastien Delafond 
On Aug/11, Thorsten Glaser wrote:
> For {,{,old}old}stable-security, this should suffice:
> [...]

Would you be able to produce debdiffs for jessie and stretch, so we can
review them and give you the go-ahead to upload to security-master ?

Cheers,

--Seb

Bug#871810: cvs: CVE-2017-12836: CVS and ssh command injection

2017-08-11 Thread Thorsten Glaser 
tags 871810 + patch pending
thanks

Salvatore Bonaccorso dixit:

>Severity: grave

Probably not as severe, the attack vector seems minimal.

>[0] https://security-tracker.debian.org/tracker/CVE-2017-12836
>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12836
>[1] http://www.openwall.com/lists/oss-security/2017/08/11/1

Thanks for the heads-up. I’ve got a working patch, but I’ll also
work some more on sanitising username (if possible) and port (not
really necessary but still) parsing and test the changes before
I’ll upload.

For {,{,old}old}stable-security, this should suffice:



Index: src/gnu/usr.bin/cvs/src/rsh-client.c
diff -up src/gnu/usr.bin/cvs/src/rsh-client.c:1.6 
src/gnu/usr.bin/cvs/src/rsh-client.c:1.7
--- src/gnu/usr.bin/cvs/src/rsh-client.c:1.6Sun Mar 26 15:54:10 2017
+++ src/gnu/usr.bin/cvs/src/rsh-client.cFri Aug 11 20:41:40 2017
@@ -55,8 +55,9 @@ start_rsh_server (cvsroot_t *root, struc
 char *cvs_server = (root->cvs_server != NULL
? root->cvs_server : getenv ("CVS_SERVER"));
 int i = 0;
-/* This needs to fit "rsh", "-b", "-l", "USER", "-p", port, "host",
-   "cmd (w/ args)", and NULL.  We leave some room to grow. */
+/* This needs to fit "rsh", "-b", "-l", "USER", "-p", port,
+   "--", "host", "cvs", "-R", "server", and NULL.
+   We leave some room to grow. */
 char *rsh_argv[16];
 char argvport[16];
 
@@ -107,6 +108,9 @@ start_rsh_server (cvsroot_t *root, struc
rsh_argv[i++] = argvport;
 }
 
+/* Only non-option arguments from here. (CVE-2017-12836) */
+rsh_argv[i++] = "--";
+
 rsh_argv[i++] = root->hostname;
 rsh_argv[i++] = cvs_server;
 if (readonlyfs)
@@ -191,6 +195,8 @@ start_rsh_server (cvsroot_t *root, struc
*p++ = argvport;
}
 
+   *p++ = "--";
+
*p++ = root->hostname;
*p++ = command;
*p++ = NULL;



Thanks,
//mirabilos
-- 
13:22⎜«neurodamage» mira, what's up man? I have a CVS question for you in #cvs
13:22⎜«neurodamage» since you're so good w. it │ «neurodamage:#cvs» i love you
13:28⎜«neurodamage:#cvs» you're a handy guy to have around for systems stuff ☺
16:06⎜ Thank god I found you =)   20:03│«bioe007:#cvs» mira2k: ty
17:14⎜ Thanks big help you are :-)mira|nwt: ty again
18:35⎜«alturiak:#cvs» mirabilos: aw, nice. thanks :o
18:36⎜«ThunderChicken:#cvs» mirabilos FTW!  23:03⎜«mithraic:#cvs» aaah. thanks
18:41⎜«alturiak:#cvs» phew. thanks a bunch, guys. you just made my weekend :-)
18:10⎜«sumit:#cvs» mirabilos: oh ok.. thanks for that
21:57⎜ yeah, I really appreciate help
18:50⎜«grndlvl:#cvs» thankyou18:50⎜«grndlvl:#cvs» worked perfectly
20:50⎜ i see. mirabilos, thnks for your support
00:36⎜«halirutan:#cvs» ok, the obvious way:-) thx
18:44⎜«arcfide:#cvs» mirabilos, I am running OpenBSD. 18:59⎜«arcfide:#cvs»
Hrm, yes, I see what you mean. 19:01⎜«arcfide:#cvs» Yeah, thanks for the help.
21:33⎜«CardinalFang:#cvs» Ugh.  Okay.  Sorry for the dumb question.  Thank you
21:34⎜ mirabilos: whoa that's sweet
21:52⎜«garrett__:#cvs» much appreciated  «garrett__:#cvs» thanks for your time
23:39⎜ this worked, thank you very much 16:26⎜ ok
thx, i'll try that 20:00⎜«stableable:#cvs» Thank you.20:50⎜«s833:#cvs»
mirabilos: thanks a lot.19:34⎜ Thanks for confirming :)
20:08⎜ ...works like a charm.. thanks mirabilos

Processed: Re: Bug#871810: cvs: CVE-2017-12836: CVS and ssh command injection

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 871810 + patch pending
Bug #871810 [src:cvs] cvs: CVE-2017-12836: CVS and ssh command injection
Added tag(s) pending and patch.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
871810: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#853556: marked as done (mongodb: ftbfs with GCC-7)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 21:12:58 +
with message-id 
and subject line Bug#853556: fixed in mongodb 1:3.2.11-3
has caused the Debian Bug report #853556,
regarding mongodb: ftbfs with GCC-7
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
853556: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853556
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:mongodb
Version: 1:3.2.11-2
Severity: normal
Tags: sid buster
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-7

Please keep this issue open in the bug tracker for the package it
was filed for.  If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.

The package fails to build in a test rebuild on at least amd64 with
gcc-7/g++-7, but succeeds to build with gcc-6/g++-6. The
severity of this report may be raised before the buster release.
There is no need to fix this issue in time for the stretch release.

The full build log can be found at:
http://people.debian.org/~doko/logs/gcc7-20170126/mongodb_3.2.11-2_unstable_gcc7.log
The last lines of the build log are at the end of this report.

To build with GCC 7, either set CC=gcc-7 CXX=g++-7 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.

  apt-get -t=experimental install g++ 

Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-7/porting_to.html

[...]
 class ScopeGuardImpl1 : public ScopeGuardImplBase {
   ^~~
src/mongo/util/scopeguard.h:154:7: error: mangled name for 
'mongo::ScopeGuardImpl1::ScopeGuardImpl1(const 
mongo::ScopeGuardImpl1&)' will change in C++17 
because the exception specification is part of a function type 
[-Werror=c++1z-compat]
src/mongo/util/scopeguard.h:177:53: note: synthesized method 
'mongo::ScopeGuardImpl1::ScopeGuardImpl1(const 
mongo::ScopeGuardImpl1&)' first required here 
 return ScopeGuardImpl1::MakeGuard(fun, p1);
 ^
src/mongo/util/scopeguard.h: In instantiation of 'mongo::ScopeGuardImpl1::~ScopeGuardImpl1() [with F = void (*)(void*) throw (); P1 = char*]':
src/mongo/util/net/message_port.cpp:192:57:   required from here
src/mongo/util/scopeguard.h:160:5: error: mangled name for 
'mongo::ScopeGuardImpl1::~ScopeGuardImpl1() [with F = void (*)(void*) 
throw (); P1 = char*]' will change in C++17 because the exception specification 
is part of a function type [-Werror=c++1z-compat]
 ~ScopeGuardImpl1() throw() {
 ^
src/mongo/util/scopeguard.h:160:5: error: mangled name for 
'mongo::ScopeGuardImpl1::~ScopeGuardImpl1() [with F = void (*)(void*) 
throw (); P1 = char*]' will change in C++17 because the exception specification 
is part of a function type [-Werror=c++1z-compat]
src/mongo/util/scopeguard.h: In instantiation of 'mongo::ScopeGuardImpl1::ScopeGuardImpl1(F, P1) [with F = void (*)(void*) throw (); P1 = char*]':
src/mongo/util/scopeguard.h:157:16:   required from 'static 
mongo::ScopeGuardImpl1 mongo::ScopeGuardImpl1::MakeGuard(F, P1) 
[with F = void (*)(void*) throw (); P1 = char*]'
src/mongo/util/scopeguard.h:177:45:   required from 'mongo::ScopeGuardImpl1 mongo::MakeGuard(F, P1) [with F = void (*)(void*) throw (); P1 = char*]'
src/mongo/util/net/message_port.cpp:192:57:   required from here
src/mongo/util/scopeguard.h:169:5: error: mangled name for 
'mongo::ScopeGuardImpl1::ScopeGuardImpl1(F, P1) [with F = void 
(*)(void*) throw (); P1 = char*]' will change in C++17 because the exception 
specification is part of a function type [-Werror=c++1z-compat]
 ScopeGuardImpl1(F fun, P1 p1) : fun_(fun), p1_(p1) {}
 ^~~
src/mongo/util/scopeguard.h:169:5: error: mangled name for 
'mongo::ScopeGuardImpl1::ScopeGuardImpl1(F, P1) [with F = void 
(*)(void*) throw (); P1 = char*]' will change in C++17 because the exception 
specification is part of a function type [-Werror=c++1z-compat]
src/mongo/util/scopeguard.h:164:10: error: mangled name for 'void 
mongo::ScopeGuardImpl1::Execute() [with F = void (*)(void*) throw (); P1 
= char*]' will change in C++17 because the exception specification is part of a 
function type [-Werror=c++1z-compat]
 void Execute() {

Bug#871820: openorienteering-mapper FTBFS: Test map_t Failed

2017-08-11 Thread Adrian Bunk 
Source: openorienteering-mapper
Version: 0.6.7-1
Severity: serious
Tags: buster sid

Some recent change in unstable makes openorienteering-mapper FTBFS:

https://tests.reproducible-builds.org/debian/history/openorienteering-mapper.html
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/openorienteering-mapper.html

...
7: Test command: /usr/bin/cmake "-P" "map_t-RUN.cmake"
7: Test timeout computed to be: 9.99988e+06
7: * Start testing of MapTest *
7: Config: Using QtTest library 5.7.1, Qt 5.7.1 (x86_64-little_endian-lp64 
shared (dynamic) release build; by GCC 6.3.0 20170628)
7: PASS   : MapTest::initTestCase()
7: PASS   : MapTest::printerConfigTest()
7: PASS   : MapTest::specialColorsTest()
7: FAIL!  : MapTest::importTest(complete map, overprinting) 
'map.loadFrom(first_path, nullptr, , false, false)' returned FALSE. ()
7:Loc: [openorienteering-mapper_0.6.7-1/test/map_t.cpp(113)]
7: FAIL!  : MapTest::importTest(overprinting, forest sample) 
'map.loadFrom(first_path, nullptr, , false, false)' returned FALSE. ()
7:Loc: [openorienteering-mapper_0.6.7-1/test/map_t.cpp(113)]
7: FAIL!  : MapTest::importTest(forest sample, complete map) 
'map.loadFrom(first_path, nullptr, , false, false)' returned FALSE. ()
7:Loc: [openorienteering-mapper_0.6.7-1/test/map_t.cpp(113)]
7: PASS   : MapTest::cleanupTestCase()
7: Totals: 4 passed, 3 failed, 0 skipped, 0 blacklisted, 25ms
7: * Finished testing of MapTest *
7: CMake Error at map_t-RUN.cmake:35 (message):
7:   Test map_t failed: 3
7: 
7: 
 7/14 Test  #7: map_t ***Failed0.08 sec
...
The following tests FAILED:
  7 - map_t (Failed)
Errors while running CTest
debian/rules:58: recipe for target 'override_dh_auto_test' failed
make[1]: *** [override_dh_auto_test] Error 8

Bug#853444: marked as done (ht: ftbfs with GCC-7)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 21:11:18 +
with message-id 
and subject line Bug#853444: fixed in ht 2.1.0+repack1-3
has caused the Debian Bug report #853444,
regarding ht: ftbfs with GCC-7
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
853444: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853444
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:ht
Version: 2.1.0+repack1-2
Severity: normal
Tags: sid buster
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-7

Please keep this issue open in the bug tracker for the package it
was filed for.  If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.

The package fails to build in a test rebuild on at least amd64 with
gcc-7/g++-7, but succeeds to build with gcc-6/g++-6. The
severity of this report may be raised before the buster release.
There is no need to fix this issue in time for the stretch release.

The full build log can be found at:
http://people.debian.org/~doko/logs/gcc7-20170126/ht_2.1.0+repack1-2_unstable_gcc7.log
The last lines of the build log are at the end of this report.

To build with GCC 7, either set CC=gcc-7 CXX=g++-7 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.

  apt-get -t=experimental install g++ 

Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-7/porting_to.html

[...]
In file included from /usr/include/c++/7/memory:80:0,
 from htanaly.cc:23:
/usr/include/c++/7/bits/unique_ptr.h:51:28: note: declared here
   template class auto_ptr;
^~~~
htle.cc: In member function 'void ht_le::do_fixups()':
htle.cc:249:176: warning: 'src_ofs' may be used uninitialized in this function 
[-Wmaybe-uninitialized]
   rfile->insert_reloc(obj_ofs + src_ofs, new ht_le_reloc_entry(obj_ofs + 
src_ofs, target_seg, LE_MAKE_ADDR(le_shared, target_seg, target_ofs), 
f.address_type, f.reloc_type));


^
htxbe.cc: In function 'bool xbe_section_name_to_section(xbe_section_headers*, 
const char*, int*)':
htxbe.cc:300:35: warning: cast to pointer from integer of different size 
[-Wint-to-pointer-cast]
   if (ht_strncmp(name, (char *)s->section_name_address, slen) == 0) {
   ^~~~
htpef.cc: In function 'ht_view* htpef_init(Bounds*, File*, ht_format_group*)':
htpef.cc:46:11: warning: variable 'arch' set but not used 
[-Wunused-but-set-variable]
  PEF_ARCH arch;
   ^~~~
htpefimp.cc: In function 'ht_view* htpefimports_init(Bounds*, File*, 
ht_format_group*)':
htpefimp.cc:139:1: warning: label 'pef_read_error' defined but not used 
[-Wunused-label]
 pef_read_error:
 ^~
htxex.cc: In member function 'void ht_xex::init(Bounds*, File*, 
format_viewer_if**, ht_format_group*, FileOfs)':
htxex.cc:145:19: warning: comparison between signed and unsigned integer 
expressions [-Wsign-compare]
   for (int i=0; i < xex_shared->file_header.pages; i++) {
 ~~^~~
htxex.cc:226:18: warning: comparison between signed and unsigned integer 
expressions [-Wsign-compare]
  for (int i=0; i < xex_shared->imports.lib_count; i++) {
~~^~~
htxex.cc: In member function 'virtual void ht_xex::done()':
htxex.cc:300:18: warning: comparison between signed and unsigned integer 
expressions [-Wsign-compare]
  for (int i=0; i < xex_shared->imports.lib_count; i++) {
~~^~~
htpeil.cc:65:23: warning: 'metadata_section' defined but not used 
[-Wunused-variable]
 static ht_mask_ptable metadata_section[] = {
   ^~~~
htanaly.cc: At global scope:
htanaly.cc:611:12: warning: 'int aviewer_func_addr(eval_scalar*, eval_str*)' 
defined but not used [-Wunused-function]
 static int aviewer_func_addr(eval_scalar *result, eval_str *str)
^
make[3]: Leaving directory '/<>/ht-2.1.0+repack1'
Makefile:731: recipe for target 'all-recursive' failed
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory

Bug#868765: marked as done (freeradius: New upstream version 3.0.15 fixing security critical bugs)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 21:04:18 +
with message-id 
and subject line Bug#868765: fixed in freeradius 2.2.5+dfsg-0.2+deb8u1
has caused the Debian Bug report #868765,
regarding freeradius: New upstream version 3.0.15 fixing security critical bugs
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
868765: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868765
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: freeradius
Version: 3.0.12+dfsg-5
Severity: grave
Tags: upstream security
Justification: user security hole

Dear Maintainer,

the freeradius team released version 3.0.15 fixing several important
security issues found by a fuzzing analysis.

See:
http://freeradius.org/press/index.html#3.0.15
http://freeradius.org/security/fuzzer-2017.html

The following issues were found for v3 of freeradius up to 3.0.14:
- CVE-2017-10978. No remote code execution is possible. A denial of
service is possible.
- CVE-2017-10984. Remote code execution is possible. A denial of 
service is possible.
- CVE-2017-10985. No remote code execution is possible. A denial of
service is possible.

The following affect only the DHCP part of freeradius, which is seldomly used:
- CVE-2017-10983. No remote code execution is possible. A denial of
service is possible.
- CVE-2017-10986. No remote code execution is possible. A denial of
service is possible.
- CVE-2017-10987. No remote code execution is possible. A denial of
service is possible.

Please update the package accordingly.

-- System Information:
Debian Release: 9.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages freeradius depends on:
ii  freeradius-common  3.0.12+dfsg-5
ii  freeradius-config  3.0.12+dfsg-5
ii  libc6  2.24-11+deb9u1
ii  libcap21:2.25-1
ii  libfreeradius3 3.0.12+dfsg-5
ii  libgdbm3   1.8.3-14
ii  libpam0g   1.1.8-3.6
ii  libpcre3   2:8.39-3
ii  libperl5.245.24.1-3
ii  libpython2.7   2.7.13-2
ii  libreadline7   7.0-3
ii  libsqlite3-0   3.16.2-5
ii  libssl1.1  1.1.0f-3
ii  libtalloc2 2.1.8-1
ii  libwbclient0   2:4.5.8+dfsg-2+deb9u1+b1
ii  lsb-base   9.20161125

Versions of packages freeradius recommends:
pn  freeradius-utils  

Versions of packages freeradius suggests:
pn  freeradius-krb5
pn  freeradius-ldap
pn  freeradius-mysql   
pn  freeradius-postgresql  
pn  snmp   

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: freeradius
Source-Version: 2.2.5+dfsg-0.2+deb8u1

We believe that the bug you reported is fixed in the latest version of
freeradius, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 868...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Stapelberg  (supplier of updated freeradius 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 10 Aug 2017 09:23:22 +0200
Source: freeradius
Binary: freeradius freeradius-common freeradius-utils libfreeradius2 
libfreeradius-dev freeradius-krb5 freeradius-ldap freeradius-postgresql 
freeradius-mysql freeradius-iodbc freeradius-dbg
Architecture: source amd64 all
Version: 2.2.5+dfsg-0.2+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Josip Rodin 
Changed-By: Michael Stapelberg 
Description:
 freeradius - high-performance and highly configurable RADIUS server
 freeradius-common - FreeRADIUS common files
 freeradius-dbg - debug symbols for the FreeRADIUS packages
 freeradius-iodbc - iODBC module for FreeRADIUS server
 freeradius-krb5 - kerberos module for FreeRADIUS server
 freeradius-ldap - LDAP module for FreeRADIUS server
 freeradius-mysql - MySQL module for FreeRADIUS server
 freeradius-postgresql - PostgreSQL module

Bug#868765: marked as done (freeradius: New upstream version 3.0.15 fixing security critical bugs)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 21:02:11 +
with message-id 
and subject line Bug#868765: fixed in freeradius 3.0.12+dfsg-5+deb9u1
has caused the Debian Bug report #868765,
regarding freeradius: New upstream version 3.0.15 fixing security critical bugs
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
868765: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868765
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: freeradius
Version: 3.0.12+dfsg-5
Severity: grave
Tags: upstream security
Justification: user security hole

Dear Maintainer,

the freeradius team released version 3.0.15 fixing several important
security issues found by a fuzzing analysis.

See:
http://freeradius.org/press/index.html#3.0.15
http://freeradius.org/security/fuzzer-2017.html

The following issues were found for v3 of freeradius up to 3.0.14:
- CVE-2017-10978. No remote code execution is possible. A denial of
service is possible.
- CVE-2017-10984. Remote code execution is possible. A denial of 
service is possible.
- CVE-2017-10985. No remote code execution is possible. A denial of
service is possible.

The following affect only the DHCP part of freeradius, which is seldomly used:
- CVE-2017-10983. No remote code execution is possible. A denial of
service is possible.
- CVE-2017-10986. No remote code execution is possible. A denial of
service is possible.
- CVE-2017-10987. No remote code execution is possible. A denial of
service is possible.

Please update the package accordingly.

-- System Information:
Debian Release: 9.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages freeradius depends on:
ii  freeradius-common  3.0.12+dfsg-5
ii  freeradius-config  3.0.12+dfsg-5
ii  libc6  2.24-11+deb9u1
ii  libcap21:2.25-1
ii  libfreeradius3 3.0.12+dfsg-5
ii  libgdbm3   1.8.3-14
ii  libpam0g   1.1.8-3.6
ii  libpcre3   2:8.39-3
ii  libperl5.245.24.1-3
ii  libpython2.7   2.7.13-2
ii  libreadline7   7.0-3
ii  libsqlite3-0   3.16.2-5
ii  libssl1.1  1.1.0f-3
ii  libtalloc2 2.1.8-1
ii  libwbclient0   2:4.5.8+dfsg-2+deb9u1+b1
ii  lsb-base   9.20161125

Versions of packages freeradius recommends:
pn  freeradius-utils  

Versions of packages freeradius suggests:
pn  freeradius-krb5
pn  freeradius-ldap
pn  freeradius-mysql   
pn  freeradius-postgresql  
pn  snmp   

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: freeradius
Source-Version: 3.0.12+dfsg-5+deb9u1

We believe that the bug you reported is fixed in the latest version of
freeradius, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 868...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Stapelberg  (supplier of updated freeradius 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 10 Aug 2017 09:05:06 +0200
Source: freeradius
Binary: freeradius freeradius-common freeradius-config freeradius-utils 
libfreeradius3 libfreeradius-dev freeradius-dhcp freeradius-krb5 
freeradius-ldap freeradius-rest freeradius-postgresql freeradius-mysql 
freeradius-iodbc freeradius-redis freeradius-memcached freeradius-yubikey
Architecture: source all amd64
Version: 3.0.12+dfsg-5+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian FreeRADIUS Packaging Team 

Changed-By: Michael Stapelberg 
Description:
 freeradius - high-performance and highly configurable RADIUS server
 freeradius-common - FreeRADIUS common files
 freeradius-config - FreeRADIUS default config files
 freeradius-dhcp - DHCP module for FreeRADIUS server
 freeradius-iodbc - iODBC module for FreeRADIUS server
 freeradius-krb5 -

Bug#853444: ht: diff for NMU version 2.1.0+repack1-2.1

2017-08-11 Thread Stephen Kitt 
Hi Anton,

On Fri, 11 Aug 2017 22:24:00 +0200, Anton Gladky  wrote:
> thanks a lot for the patch! I have just applied it and uploaded together
> with some other changes. Please cancel your upload.

Done (I think).

Regards,

Stephen


pgpzumke814rs.pgp
Description: OpenPGP digital signature

Bug#871818: debian-zh-faq FTBFS with perl 5.26

2017-08-11 Thread Adrian Bunk 
Source: debian-zh-faq
Version: 1.13
Severity: serious
Tags: buster sid

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/debian-zh-faq.html

...
# For LaTeX
./tocn.pl < debian-zh-faq.zh_CN.tex.tmp \
> debian-zh-faq.zh_CN.tex
./tocn.pl < debian-zh-faq.en.tex.tmp \
> debian-zh-faq.en.tex
autob5 < debian-zh-faq.zh_TW.tex.tmp | ./totw.pl | ./totw_zhe.pl \
> debian-zh-faq.zh_TW.tex
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/�A�ȵ{ <-- HERE ��/ at ./totw.pl line 39.
# For LaTeX2HTML
./tohtml.pl < debian-zh-faq.zh_CN.tex.tmp | ./tocn.pl \
> debian-zh-faq-zh_CN-html.tex
./tohtml.pl < debian-zh-faq.en.tex.tmp | ./tocn.pl \
> debian-zh-faq-en-html.tex
./tohtml.pl < debian-zh-faq.zh_TW.tex.tmp | autob5 | ./totw.pl \
| ./totw_zhe_html.pl > debian-zh-faq-zh_TW-html.tex
Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in 
m/�A�ȵ{ <-- HERE ��/ at ./totw.pl line 39.
...


The error where the build stops later is caused by the
debian-zh-faq.zh_TW.tex created here being empty.

Bug#853444: ht: diff for NMU version 2.1.0+repack1-2.1

2017-08-11 Thread Anton Gladky 
Hi Stephen,

thanks a lot for the patch! I have just applied it and uploaded together
with some other changes. Please cancel your upload.

Best regards

Anton


2017-08-10 22:57 GMT+02:00 Stephen Kitt :
> Control: tags 853444 + patch
> Control: tags 853444 + pending
>
> Dear maintainer,
>
> I've prepared an NMU for ht (versioned as 2.1.0+repack1-2.1) and
> uploaded it to DELAYED/2. Please feel free to tell me if I
> should delay it longer.
>
> Regards,
>
> Stephen

Bug#871815: asn1c FTBFS on ppc64el: FAIL: check-REAL

2017-08-11 Thread Adrian Bunk 
Source: asn1c
Version: 0.9.28+dfsg-1
Severity: serious

https://buildd.debian.org/status/fetch.php?pkg=asn1c=ppc64el=0.9.28%2Bdfsg-1=1502306601=0

...
check-REAL: check-REAL.c:58: check_str_representation: Assertion `!strcmp(s0, 
sample)' failed.
361: Checking 0->["0"] against ["0"] (canonical follows...)
361: Checking 0->["0"] against ["0"] (canonical)
365: Checking -0->["-0"] against ["-0"] (canonical follows...)
365: Checking -0->["-0"] against ["-0"] (canonical)
373: Checking -0->["-0"] against ["-0"] (canonical follows...)
373: Checking -0->["-0"] against ["-0"] (canonical)
374: Checking -0->["-0"] against ["-0"] (canonical follows...)
374: Checking -0->["-0"] against ["-0"] (canonical)
375: Checking -0->["-0"] against ["-0"] (canonical follows...)
375: Checking -0->["-0"] against ["-0"] (canonical)
376: Checking -0->["-0"] against ["-0"] (canonical follows...)
376: Checking -0->["-0"] against ["-0"] (canonical)
382: Checking inf->[""] against [""] (canonical 
follows...)
382: Checking inf->[""] against [""] (canonical)
383: Checking -inf->[""] against [""] 
(canonical follows...)
383: Checking -inf->[""] against [""] 
(canonical)
384: Checking nan->[""] against [""] (canonical 
follows...)
384: Checking nan->[""] against [""] (canonical)
389: Checking 0->["0"] against ["0"] (canonical follows...)
389: Checking 0->["0"] against ["0"] (canonical)
392: Checking 0->["0"] against ["0"] (canonical follows...)
392: Checking 0->["0"] against ["0"] (canonical)
395: Checking 0->["0"] against ["0"] (canonical follows...)
395: Checking 0->["0"] against ["0"] (canonical)
398: Checking 0->["0"] against ["0"] (canonical follows...)
398: Checking 0->["0"] against ["0"] (canonical)
401: Checking 0->["0"] against ["0"] (canonical follows...)
401: Checking 0->["0"] against ["0"] (canonical)
404: Checking -0->["-0"] against ["-0"] (canonical follows...)
404: Checking -0->["-0"] against ["-0"] (canonical)
407: Checking -0->["-0"] against ["-0"] (canonical follows...)
407: Checking -0->["-0"] against ["-0"] (canonical)
411: Checking 1->["1.0"] against ["1.0"] (canonical follows...)
411: Checking 1->["1.0E0"] against ["1.0E0"] (canonical)
414: Checking 1->["1.0"] against ["1.0"] (canonical follows...)
414: Checking 1->["1.0E0"] against ["1.0E0"] (canonical)
417: Checking 1->["1.0"] against ["1.0"] (canonical follows...)
417: Checking 1->["1.0E0"] against ["1.0E0"] (canonical)
420: Checking 1->["1.0"] against ["1.0"] (canonical follows...)
420: Checking 1->["1.0E0"] against ["1.0E0"] (canonical)
423: Checking 1->["1.0"] against ["1.0"] (canonical follows...)
423: Checking 1->["1.0E0"] against ["1.0E0"] (canonical)
426: Checking -1->["-1.0"] against ["-1.0"] (canonical follows...)
426: Checking -1->["-1.0E0"] against ["-1.0E0"] (canonical)
429: Checking -1->["-1.0"] against ["-1.0"] (canonical follows...)
429: Checking -1->["-1.0E0"] against ["-1.0E0"] (canonical)
440: Checking 0->["0"] against ["0"] (canonical follows...)
440: Checking 0->["0"] against ["0"] (canonical)
443: Checking 0->["0"] against ["0"] (canonical follows...)
443: Checking 0->["0"] against ["0"] (canonical)
446: Checking 0->["0"] against ["0"] (canonical follows...)
446: Checking 0->["0"] against ["0"] (canonical)
449: Checking 0->["0"] against ["0"] (canonical follows...)
449: Checking 0->["0"] against ["0"] (canonical)
452: Checking 0->["0"] against ["0"] (canonical follows...)
452: Checking 0->["0"] against ["0"] (canonical)
455: Checking -0->["-0"] against ["-0"] (canonical follows...)
455: Checking -0->["-0"] against ["-0"] (canonical)
458: Checking -0->["-0"] against ["-0"] (canonical follows...)
458: Checking -0->["-0"] against ["-0"] (canonical)
463: Checking 1->["1.0"] against ["1.0"] (canonical follows...)
463: Checking 1->["1.0E0"] against ["1.0E0"] (canonical)
466: Checking 1->["1.0"] against ["1.0"] (canonical follows...)
466: Checking 1->["1.0E0"] against ["1.0E0"] (canonical)
469: Checking 1->["1.0"] against ["1.0"] (canonical follows...)
469: Checking 1->["1.0E0"] against ["1.0E0"] (canonical)
472: Checking 1->["1.0"] against ["1.0"] (canonical follows...)
472: Checking 1->["1.0E0"] against ["1.0E0"] (canonical)
475: Checking 1->["1.0"] against ["1.0"] (canonical follows...)
475: Checking 1->["1.0E0"] against ["1.0E0"] (canonical)
478: Checking -1->["-1.0"] against ["-1.0"] (canonical follows...)
478: Checking -1->["-1.0E0"] against ["-1.0E0"] (canonical)
481: Checking -1->["-1.0"] against ["-1.0"] (canonical follows...)
481: Checking -1->["-1.0E0"] against ["-1.0E0"] (canonical)
486: Checking 0.5->["0.5"] against ["0.5"] (canonical follows...)
486: Checking 0.5->["5.0E-1"] against ["5.0E-1"] (canonical)
489: Checking 0.5->["0.5"] against ["0.5"] (canonical follows...)
489: Checking 0.5->["5.0E-1"] against ["5.0E-1"] (canonical)
492: Checking 0.5->["0.5"] against ["0.5"] (canonical follows...)
492: Checking 0.5->["5.0E-1"] against ["5.0E-1"] (canonical)
495: Checking 0.5->["0.5"] against ["0.5"] (canonical follows...)
495: Checking

Bug#871814: csound-manual FTBFS: python: Command not found

2017-08-11 Thread Adrian Bunk 
Source: csound-manual
Version: 1:6.09.0~dfsg-1
Severity: serious

https://buildd.debian.org/status/fetch.php?pkg=csound-manual=all=1%3A6.09.0~dfsg-1=1502411845=0

...
dh_auto_build
make -j4
make[2]: Entering directory '/<>'
[ -d "/usr/share/xml/docbook/stylesheet/nwalsh/" ] || (  \
 echo "The XSL_BASE_PATH variable must be set to the XSL stylesheets 
installation directory" ; \
 false )
sed -e 's|@xsl_base_path@|/usr/share/xml/docbook/stylesheet/nwalsh/|' 
xsl/customXHTMLchunk.xsl.in > xsl/customXHTMLchunk.xsl
mkdir -p examples-xml
python csd2docbook.py
make[2]: python: Command not found
Makefile:702: recipe for target 'examples-xml/stamp' failed
make[2]: *** [examples-xml/stamp] Error 12

Bug#871810: cvs: CVE-2017-12836: CVS and ssh command injection

2017-08-11 Thread Salvatore Bonaccorso 
Source: cvs
Version: 2:1.12.13+real-9
Severity: grave
Tags: upstream security
Justification: user security hole

Hi,

the following vulnerability was published for cvs.

CVE-2017-12836[0]:
CVS and ssh command injection

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-12836
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12836
[1] http://www.openwall.com/lists/oss-security/2017/08/11/1

Regards,
Salvatore

Bug#871629: Same thing, add me to this issue

2017-08-11 Thread Thomas McAtee Jr 
I'm having same issues with having to hover over everything with mouse.
Text also keeps disappearing on me when typing.Have to hover over what I
typed to see if it's there or not. What happened?? Going to try and
attach a screenshot.

-- 
Open Source is wonderful use it.
http://osalt.com/
http://whylinuxisbetter.net/
http://distrowatch.com/


Desktop:
Debian Stable Xfce/Open Box
Debian Testing Xfce/ Open Box

Laptop
Debian Mate

Bug#817670: marked as done (slmon: Removal of debhelper compat 4)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 18:40:34 +
with message-id 
and subject line Bug#871628: Removed package(s) from unstable
has caused the Debian Bug report #817670,
regarding slmon: Removal of debhelper compat 4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
817670: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817670
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: slmon
Severity: important
Usertags: compat-4-removal

Hi,

The package slmon uses debhelper with a compat level of 4,
which is deprecated and scheduled for removal.

 * Please bump the debhelper compat at your earliest convenience.
   on the 15th of June.
   - Compat 9 is recommended
   - Compat 5 is the bare minimum
   - If the package has been relying on dh_install being lenient about
 missing files, please see "MIGRATING TO COMPAT 5 OR LATER" in [1].

 * Compat level 4 will be removed on the first debhelper upload after
   the 15th of June.

Thanks,
~Niels

[1] https://lists.debian.org/debian-devel/2015/09/msg00257.html
--- End Message ---
--- Begin Message ---
Version: 0.5.13-2.3+rm

Dear submitter,

as the package slmon has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/871628

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#870725: CVE-2017-11721: read buffer overflow in MSG_ReadBits

2017-08-11 Thread Moritz Mühlenhoff 
On Thu, Aug 10, 2017 at 02:29:52PM -0400, Simon McVittie wrote:
> On Sat, 05 Aug 2017 at 12:24:19 +0100, Simon McVittie wrote:
> > Again, I don't have time to handle this for stable right now, so
> > security or games team members are very welcome to do so. I'll prepare
> > a stable update during Debconf if nobody gets there first, assuming I
> > can find a stable user willing to test a game from contrib.
> 
> I have prepared proposed stable-security updates and borrowed a
> stable machine to smoke-test them (thanks to Andy Simpkins). I forget
> whether you're interested in fixing contrib or not, so I'm doing iortcw
> as well as ioquake3 (openjk is experimental-only so is not relevant here).
> Let me know if I should redirect the iortcw update to the release team.

Thanks, please upload. Generally speaking contrib is not supported, but
it would be silly to fix ioquake, but not iortcw along, so please go ahead.

What about jessie, is that still usable against current game servers?

Cheers,
Moritz

Bug#861919: marked as done (fusioninventory-for-glpi: not installable in sid)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 18:35:37 +
with message-id 
and subject line Bug#870972: Removed package(s) from unstable
has caused the Debian Bug report #861919,
regarding fusioninventory-for-glpi: not installable in sid
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
861919: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861919
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: fusioninventory-for-glpi
Version: 2.4.0-1
Severity: serious
User: trei...@debian.org
Usertags: edos-uninstallable

Hello,

fusioninventory-for-glpi is not installable in sid since 2016-12-21, on
any architecture, since it depends on glpi (>= 0.78). However, glpi
only exists in stable and oldstable.

-Ralf.
--- End Message ---
--- Begin Message ---
Version: 2.4.0-1+rm

Dear submitter,

as the package fusioninventory-for-glpi has just been removed from the Debian 
archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/870972

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#710257: marked as done (Incompatible with gpli 0.83)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 18:35:37 +
with message-id 
and subject line Bug#870972: Removed package(s) from unstable
has caused the Debian Bug report #710257,
regarding Incompatible with gpli 0.83
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
710257: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710257
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: fusioninventory-for-glpi
Version: 2.4.0-1
Severity: grave

Hi!

Current version of fusioninventory-for-glpi only works with GLPI
0.80. The current version in Debian is 0.83. This package cannot
therefore be used with GLPI making it a bit useless.

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.8-trunk-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages fusioninventory-for-glpi depends on:
ii  glpi 0.83.31-2
ii  libjs-prototype  1.7.1-3

fusioninventory-for-glpi recommends no packages.

fusioninventory-for-glpi suggests no packages.

-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 2.4.0-1+rm

Dear submitter,

as the package fusioninventory-for-glpi has just been removed from the Debian 
archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/870972

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#648801: marked as done (lib, commandline client and gui in one package)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 18:36:16 +
with message-id 
and subject line Bug#870975: Removed package(s) from unstable
has caused the Debian Bug report #648801,
regarding lib, commandline client and gui in one package
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
648801: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=648801
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: cutechess
Version: 2014+0.4.2+0.0.1-1
Severity: serious

The lib, commandline client and gui should be separate packages.

There should be a -dev package. The lib should treat sonames and symbols 
correctly. 

See the excerpt of the README.Debian:

 README
Why including lib, commandline client and gui in one package

There are several reasons:
- The upstream sources are under heavy development and changes to the 
lib likely
- Upgrading is a pain, if no so-names are managed upstream
- No other software is using the lib

There will be a RC-bug filed against this package as long as this situation 
remains. This bug 
will prevent cutechess to go into testing.
### README

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages cutechess depends on:
ii  libc6   2.13-21  
ii  libgcc1 1:4.6.2-4
ii  libqt4-svg  4:4.7.3-8
ii  libqtcore4  4:4.7.3-8
ii  libqtgui4   4:4.7.3-8
ii  libstdc++6  4.6.2-4  

cutechess recommends no packages.

cutechess suggests no packages.

-- no debconf information


--- End Message ---
--- Begin Message ---
Version: 2014+0.4.2+0.0.1-1+rm

Dear submitter,

as the package cutechess has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/870975

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#817305: marked as done (qemu-launcher: Removal of dh_desktop)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 18:33:39 +
with message-id 
and subject line Bug#870927: Removed package(s) from unstable
has caused the Debian Bug report #817305,
regarding qemu-launcher: Removal of dh_desktop
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
817305: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817305
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: qemu-launcher
Severity: important
Tags: dh_desktop-removal

Hi,

The package qemu-launcher is still using dh_desktop according to lintian.
This command was obsoleted in 2009 and has since then done nothing but
print a warning.

 * Please remove all remaining calls to dh_desktop at your
   earliest convenience.

 * I will remove dh_undocumented from debhelper in the first upload
   after 1st of April.


If your package is *also* affected by any of the following debhelper
related deprecations, please consider fixing them at the same time:

 * debhelper compat 4 is deprecated and is expected to be removed
   on the 15th of June.
   - Compat 9 is recommended
   - Compat 5 is the bare minimum
   - If the package has been relying on dh_install being lenient about
 missing files, please see "MIGRATING TO COMPAT 5 OR LATER" in [1].

 * If your package does *not* have a debian/compat, please add one with
   the correct compat level.
   - The compat file will be required by 15th of April.

Thanks,
~Niels

[1] https://lists.debian.org/debian-devel/2015/09/msg00257.html
--- End Message ---
--- Begin Message ---
Version: 1.7.4-1+rm

Dear submitter,

as the package qemu-launcher has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/870927

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#811946: marked as done (pearpc: FTBFS with GCC 6: unable to find string literal operator)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 18:34:59 +
with message-id 
and subject line Bug#870959: Removed package(s) from unstable
has caused the Debian Bug report #811946,
regarding pearpc: FTBFS with GCC 6: unable to find string literal operator
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
811946: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811946
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: pearpc
Version: 0.5.dfsg-2.1
Severity: important
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-6 gcc-6-literal-operator

This package fails to build with GCC 6.  GCC 6 has not been released
yet, but it's expected that GCC 6 will become the default compiler for
stretch.

Note that only the first error is reported; there might be more.  You
can find a snapshot of GCC 6 in experimental.  To build with GCC 6,
you can set CC=gcc-6 CXX=g++-6 explicitly.

You may be able to find out more about this issue at
https://gcc.gnu.org/gcc-6/changes.html

> sbuild (Debian sbuild) 0.67.0 (26 Dec 2015) on dl580gen9-02.hlinux
...
> g++ -DHAVE_CONFIG_H -I. -I../../.. -I ../..-Wundef -Wall 
> -Woverloaded-virtual -fsigned-char -O3 -fomit-frame-pointer -g -fno-inline 
> -pthread -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -pipe -I/usr/include/SDL 
> -D_GNU_SOURCE=1 -D_REENTRANT -c -o ppc_alu.o ppc_alu.cc
> In file included from ppc_alu.cc:21:0:
> ppc_alu.cc: In function 'void ppc_opc_addox(PPC_CPU_State&)':
> ../../debug/tracers.h:75:40: error: unable to find string literal operator 
> 'operator""msg' with 'const char [19]', 'long unsigned int' arguments
>  #define PPC_ALU_ERR(msg...) {ht_printf("[CPU/ALU]  "msg);exit(1); }
> ^
> 
> ppc_alu.cc:158:2: note: in expansion of macro 'PPC_ALU_ERR'
>   PPC_ALU_ERR("addox unimplemented\n");
>   ^~~
> 
> ppc_alu.cc: In function 'void ppc_opc_addcox(PPC_CPU_State&)':
> ../../debug/tracers.h:75:40: error: unable to find string literal operator 
> 'operator""msg' with 'const char [19]', 'long unsigned int' arguments
>  #define PPC_ALU_ERR(msg...) {ht_printf("[CPU/ALU]  "msg);exit(1); }
> ^
> 
> ppc_alu.cc:216:2: note: in expansion of macro 'PPC_ALU_ERR'
>   PPC_ALU_ERR("addcox unimplemented\n");
>   ^~~
> 
> ppc_alu.cc: In function 'void ppc_opc_addeox(PPC_CPU_State&)':
> ../../debug/tracers.h:75:40: error: unable to find string literal operator 
> 'operator""msg' with 'const char [19]', 'long unsigned int' arguments
>  #define PPC_ALU_ERR(msg...) {ht_printf("[CPU/ALU]  "msg);exit(1); }
> ^
> 
> ppc_alu.cc:279:2: note: in expansion of macro 'PPC_ALU_ERR'
>   PPC_ALU_ERR("addeox unimplemented\n");
>   ^~~
> 
> ppc_alu.cc: In function 'void ppc_opc_addmeox(PPC_CPU_State&)':
> ../../debug/tracers.h:75:40: error: unable to find string literal operator 
> 'operator""msg' with 'const char [19]', 'long unsigned int' arguments
>  #define PPC_ALU_ERR(msg...) {ht_printf("[CPU/ALU]  "msg);exit(1); }
> ^
> 
> ppc_alu.cc:473:2: note: in expansion of macro 'PPC_ALU_ERR'
>   PPC_ALU_ERR("addmeox unimplemented\n");
>   ^~~
> 
> ppc_alu.cc: In function 'void ppc_opc_addzeox(PPC_CPU_State&)':
> ../../debug/tracers.h:75:40: error: unable to find string literal operator 
> 'operator""msg' with 'const char [19]', 'long unsigned int' arguments
>  #define PPC_ALU_ERR(msg...) {ht_printf("[CPU/ALU]  "msg);exit(1); }
> ^
> 
> ppc_alu.cc:528:2: note: in expansion of macro 'PPC_ALU_ERR'
>   PPC_ALU_ERR("addzeox unimplemented\n");
>   ^~~
> 
> ppc_alu.cc: In function 'void ppc_opc_divwx(PPC_CPU_State&)':
> ../../debug/tracers.h:52:40: error: unable to find string literal operator 
> 'operator""msg' with 'const char [21]', 'long unsigned int' arguments
>  #define PPC_ALU_WARN(msg...) ht_printf("[CPU/ALU]  "msg)
> ^
> 
> ppc_alu.cc:1229:3: note: in expansion of macro 'PPC_ALU_WARN'
>PPC_ALU_WARN("division by zero @%08x\n", aCPU.pc);
>^~~~
> 
> ppc_alu.cc: In function 'void ppc_opc_divwox(PPC_CPU_State&)':
> ../../debug/tracers.h:52:40: error: unable to find string literal operator 
> 'operator""msg' with 'const char [21]', 'long unsigned int' arguments
>  #define PPC_ALU_WARN(msg...) ht_printf("[CPU/ALU]  "msg)
> ^
> 
> ppc_alu.cc:1270:3: note: in expansion of macro 'PPC_ALU_WARN'
>PPC_ALU_WARN("division by

Bug#708956: marked as done ([jwhois] GFDL non free license)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 18:32:54 +
with message-id 
and subject line Bug#870925: Removed package(s) from unstable
has caused the Debian Bug report #708956,
regarding [jwhois] GFDL non free license
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
708956: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708956
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: jwhois
Severity: serious
user: debian...@lists.debian.org
usertags: gfdl-invariant

The folowing file (manually checked) are non free with invariant version.
doc/jwhois.texi
doc/jwhois.info

Could you please check if upstream is willing to relicense.

Bastien
--- End Message ---
--- Begin Message ---
Version: 4.0-2.1+rm

Dear submitter,

as the package jwhois has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/870925

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#750351: marked as done (pyformex: FTBFS: mkdir: cannot create directory '/«PKGBUILDDIR»/debian/pyformex/usr/share/pyshared/pyformex/doc': No such file or directory)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 18:34:16 +
with message-id 
and subject line Bug#870954: Removed package(s) from unstable
has caused the Debian Bug report #750351,
regarding pyformex: FTBFS: mkdir: cannot create directory 
'/«PKGBUILDDIR»/debian/pyformex/usr/share/pyshared/pyformex/doc': No such file 
or directory
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
750351: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750351
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: pyformex
Version: 0.8.6-4
Severity: serious
Tags: jessie sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20140601 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> make[1]: Entering directory '/«PKGBUILDDIR»'
> dh_python2
> # Replace embedded Javascript libraries with symlinks
> set -e; if [ -d "debian/pyformex" ]; then \
>   for FILENAME in jquery underscore; do \
>   find /«PKGBUILDDIR»/debian/pyformex -name $FILENAME.js -print \
> -exec ln -sf /usr/share/javascript/$FILENAME/$FILENAME.js {} 
> \; \
>   ; done; fi
> /«PKGBUILDDIR»/debian/pyformex/usr/share/doc/pyformex/html/_static/jquery.js
> /«PKGBUILDDIR»/debian/pyformex/usr/share/doc/pyformex/html/_static/underscore.js
> # Link documentation 
> set -e; if [ -d "debian/pyformex" ]; then \
>   mkdir /«PKGBUILDDIR»/debian/pyformex/usr/share/pyshared/pyformex/doc; \
>   ln -sf /usr/share/doc/pyformex/html 
> /«PKGBUILDDIR»/debian/pyformex/usr/share/pyshared/pyformex/doc/html; \
>   for py in python2.7; do \
>   mkdir 
> /«PKGBUILDDIR»/debian/pyformex/usr/lib/$py/dist-packages/pyformex/doc; \
>   ln -sf /usr/share/doc/pyformex/html 
> /«PKGBUILDDIR»/debian/pyformex/usr/lib/$py/dist-packages/pyformex/doc/html; \
>   done; fi
> mkdir: cannot create directory 
> '/«PKGBUILDDIR»/debian/pyformex/usr/share/pyshared/pyformex/doc': No such 
> file or directory
> make[1]: *** [override_dh_python2] Error 1

The full build log is available from:
   
http://aws-logs.debian.net/ftbfs-logs/2014/06/01/pyformex_0.8.6-4_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Version: 0.8.6-4+rm

Dear submitter,

as the package pyformex has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/870954

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#753669: marked as done (qemu-launcher: /usr/bin/qemu does not exist any more)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 18:33:39 +
with message-id 
and subject line Bug#870927: Removed package(s) from unstable
has caused the Debian Bug report #753669,
regarding qemu-launcher: /usr/bin/qemu does not exist any more
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
753669: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753669
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: qemu-launcher
Version: 1.8.0~pre0-1
Severity: grave
Justification: renders package unusable

These days, /usr/bin/qemu is not supplied by any Debian package
(according to "apt-file"). Since qemu-launcher does not run without
/usr/bin/qemu, it's not useable.

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (700, 'testing'), (650, 'stable'), (600, 'unstable'), (550, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14-rc7-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages qemu-launcher depends on:
ii  libgtk2-gladexml-perl   1.007-2
ii  liblocale-gettext-perl  1.05-8
ii  librsvg2-2  2.40.2-1
ii  perl5.18.2-4
ii  qemu2.0.0+dfsg-6+b1

qemu-launcher recommends no packages.

Versions of packages qemu-launcher suggests:
ii  qemu-kvm [kvm]  2.0.0+dfsg-6+b1

-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 1.7.4-1+rm

Dear submitter,

as the package qemu-launcher has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/870927

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#868917: marked as done (jruby-openssl: FTBFS: find: '/usr/share/maven-repo/org/codehaus/plexus/plexus-containers/*/*.jar': No such file or directory)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 19:31:30 +0100
with message-id <20170811183130.ga24...@alice.nomadium.lan>
and subject line Re: jruby-openssl: FTBFS: find: 
'/usr/share/maven-repo/org/codehaus/plexus/plexus-containers/*/*.jar': No such 
file or directory
has caused the Debian Bug report #868917,
regarding jruby-openssl: FTBFS: find: 
'/usr/share/maven-repo/org/codehaus/plexus/plexus-containers/*/*.jar': No such 
file or directory
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
868917: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868917
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: jruby-openssl
Version: 0.9.20-1
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170719 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
>  debian/rules build
> dh build --buildsystem=maven
>dh_testdir -O--buildsystem=maven
>dh_update_autotools_config -O--buildsystem=maven
>dh_autoreconf -O--buildsystem=maven
>dh_auto_configure -O--buildsystem=maven
> find: '/usr/share/maven-repo/org/codehaus/plexus/plexus-compiler/*/*.jar': No 
> such file or directory
> find: '/usr/share/maven-repo/org/codehaus/plexus/plexus-compilers/*/*.jar': 
> No such file or directory
> find: '/usr/share/maven-repo/org/codehaus/plexus/plexus-containers/*/*.jar': 
> No such file or directory
>   mh_patchpoms -pjruby-openssl --debian-build --keep-pom-version 
> --maven-repo=/<>/debian/maven-repo
>dh_auto_build -O--buildsystem=maven
>   /usr/lib/jvm/default-java/bin/java -noverify -cp 
> /usr/share/maven/boot/plexus-classworlds-2.x.jar:/usr/lib/jvm/default-java/lib/tools.jar
>  -Dmaven.home=/usr/share/maven 
> -Dmaven.multiModuleProjectDirectory=/<> 
> -Dclassworlds.conf=/etc/maven/m2-debian.conf 
> -Dproperties.file.manual=/<>/debian/maven.properties 
> org.codehaus.plexus.classworlds.launcher.Launcher 
> -s/etc/maven/settings-debian.xml -Ddebian.dir=/<>/debian 
> -Dmaven.repo.local=/<>/debian/maven-repo package -DskipTests 
> -Dnotimestamp=true -Dlocale=en_US
> [INFO] Scanning for projects...
> [WARNING] 
> [WARNING] Some problems were encountered while building the 
> effective model for rubygems:jruby-openssl:jar:0.9.20
> [WARNING] 'build.plugins.plugin.(groupId:artifactId)' must be 
> unique but found duplicate declaration of plugin 
> org.apache.maven.plugins:maven-clean-plugin @ line 307, column 12
> [WARNING] 'build.plugins.plugin.(groupId:artifactId)' must be 
> unique but found duplicate declaration of plugin 
> org.apache.maven.plugins:maven-dependency-plugin @ line 356, column 12
> [WARNING] 
> [WARNING] It is highly recommended to fix these problems because 
> they threaten the stability of your build.
> [WARNING] 
> [WARNING] For this reason, future Maven versions might no longer 
> support building such malformed projects.
> [WARNING] 
> [INFO] 
> [INFO] 
> 
> [INFO] Building JRuby OpenSSL 0.9.20
> [INFO] 
> 
> [INFO] 
> [INFO] --- maven-resources-plugin:3.0.0:resources 
> (default-resources) @ jruby-openssl ---
> [WARNING] Using platform encoding (ANSI_X3.4-1968 actually) to copy 
> filtered resources, i.e. build is platform dependent!
> [INFO] skip non existing resourceDirectory 
> /<>/src/main/resources
> [INFO] 
> [INFO] --- maven-compiler-plugin:3.6.1:compile 
> (default-compile) @ jruby-openssl ---
> [WARNING] The POM for 
> org.codehaus.plexus:plexus-compiler-api:jar:2.x is invalid, transitive 
> dependencies (if any) will not be available, enable debug logging for more 
> details
> [WARNING] The POM for 
> org.codehaus.plexus:plexus-compiler-javac:jar:2.x is invalid, transitive 
> dependencies (if any) will not be available, enable debug logging for more 
> details
> [INFO] Changes detected - recompiling the module!
> [INFO] Compiling 122 source files to /<>/pkg/classes
> [WARNING] bootstrap class path not set in conjunction with -source 
> 1.6
> [WARNING] 
> /<>/src/main/java/org/jruby/ext/openssl/X509Extension.java:[316,33]
>  '_' used as

Bug#871629: thunderbird UI unusable with many widgets not drawn

2017-08-11 Thread Benoît Rouits 
Package: thunderbird
Version: 1:52.2.1-4+b1
Followup-For: Bug #871629

Dear Maintainer,

I get the exact same issue in stock Debian's Gnome Desktop, Buster.

Thank you for your consideration,
 Benoît



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), 
LANGUAGE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages thunderbird depends on:
ii  debianutils   4.8.1.1
ii  fontconfig2.12.3-0.2
ii  libatk1.0-0   2.24.0-1
ii  libc6 2.24-12
ii  libcairo-gobject2 1.14.10-1
ii  libcairo2 1.14.10-1
ii  libdbus-1-3   1.11.16+really1.10.22-1
ii  libdbus-glib-1-2  0.108-2
ii  libevent-2.1-62.1.8-stable-4
ii  libffi6   3.2.1-6
ii  libfontconfig12.12.3-0.2
ii  libfreetype6  2.8-0.2
ii  libgcc1   1:7.1.0-10
ii  libgdk-pixbuf2.0-02.36.5-2
ii  libglib2.0-0  2.53.4-3
ii  libgtk-3-03.22.17-1
ii  libhunspell-1.6-0 1.6.1-2
ii  libpango-1.0-01.40.6-1
ii  libpangocairo-1.0-0   1.40.6-1
ii  libpangoft2-1.0-0 1.40.6-1
ii  libpixman-1-0 0.34.0-1
ii  libstartup-notification0  0.12-4+b2
ii  libstdc++67.1.0-10
ii  libvpx4   1.6.1-3
ii  libx11-6  2:1.6.4-3
ii  libx11-xcb1   2:1.6.4-3
ii  libxcb-shm0   1.12-1
ii  libxcb1   1.12-1
ii  libxcomposite11:0.4.4-2
ii  libxdamage1   1:1.1.4-2+b3
ii  libxext6  2:1.3.3-1+b2
ii  libxfixes31:5.0.3-1
ii  libxrender1   1:0.9.10-1
ii  libxt61:1.1.5-1
ii  psmisc23.1-1
ii  x11-utils 7.7+3+b1
ii  zlib1g1:1.2.8.dfsg-5

Versions of packages thunderbird recommends:
ii  hunspell-en-us [hunspell-dictionary] 20070829-7
ii  hunspell-fr-classical [hunspell-dictionary]  1:6.1-1
ii  lightning1:52.2.1-4+b1

Versions of packages thunderbird suggests:
pn  apparmor  
ii  fonts-lyx 2.2.3-1
ii  libgssapi-krb5-2  1.15.1-2

-- no debconf information

Bug#871263: libmspack: CVE-2017-6419

2017-08-11 Thread Sebastian Andrzej Siewior 
+ Stuart

On 2017-08-07 15:21:48 [+0200], Salvatore Bonaccorso wrote:
> Source: libmspack
> Version: 0.5-1
> Severity: grave
> Tags: security upstream
> 
> Hi,
> 
> the following vulnerability was published for libmspack.
> 
> CVE-2017-6419[0]:
> | mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows
> | remote attackers to cause a denial of service (heap-based buffer
> | overflow and application crash) or possibly have unspecified other
> | impact via a crafted CHM file.
> 
> It was fixed in ClamAV already at [1].
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2017-6419
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6419
> [1] 
> https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1

Stuart, is this enough information or do you need more?

> Regards,
> Salvatore

Sebastian

Bug#871715: marked as done (build-dependency libatlas-dev no longer available)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 17:34:38 +
with message-id 
and subject line Bug#871715: fixed in ncl 6.4.0-4
has caused the Debian Bug report #871715,
regarding build-dependency libatlas-dev no longer available
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
871715: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871715
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:ncl
Version: 6.4.0-3
Severity: serious

Dear Maintainer,

The package libatlas-dev is no longer built by src:atlas, and ncl
build-depends on it.

libatlas-dev used to ship headers related to ATLAS, while the development
libraries were shipped by libatlas-base-dev. Now everything is shipped by
libatlas-base-dev, and libatlas-dev has been dropped.

Two options are available to you:

- depend on libatlas-base-dev instead of libatlas-dev;

- or completely drop the build-dependency on ATLAS (and incidentally on
  OpenBLAS), which may not be really needed since your package already
  build-depends on liblapack-dev and seems to work with any BLAS/LAPACK
  implementation (see [1] for more details on BLAS/LAPACK in Debian).

Cheers,

[1] https://wiki.debian.org/DebianScience/LinearAlgebraLibraries

-- 
⢀⣴⠾⠻⢶⣦   Sébastien Villemot
⣾⠁⢠⠒⠀⣿⡁  Debian Developer
⢿⡄⠘⠷⠚⠋⠀  http://sebastien.villemot.name
⠈⠳⣄  http://www.debian.org


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: ncl
Source-Version: 6.4.0-4

We believe that the bug you reported is fixed in the latest version of
ncl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 871...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Alastair McKinstry  (supplier of updated ncl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 11 Aug 2017 11:44:18 +0100
Source: ncl
Binary: ncl-ncarg libncarg0 libncarg-dev libncarg-bin libncarg-data
Architecture: source amd64 all
Version: 6.4.0-4
Distribution: unstable
Urgency: medium
Maintainer: Alastair McKinstry 
Changed-By: Alastair McKinstry 
Description:
 libncarg-bin - NCAR command-language library - development tools
 libncarg-data - NCAR command-language library - Data
 libncarg-dev - Development files for the NCAR command language library
 libncarg0  - NCAR command-language library
 ncl-ncarg  - NCAR Command Language and NCAR graphics
Closes: 871715
Changes:
 ncl (6.4.0-4) unstable; urgency=medium
 .
   * Drop libatlas-dev build-depend. Closes: #871715
   * Standards-Version: 4.0.1
Checksums-Sha1:
 96b89dc5cd657f103ff2b2209917981bff4e71bb 2634 ncl_6.4.0-4.dsc
 7ea53845d117bd2c8f9a063b9eec68a575663e33 54360 ncl_6.4.0-4.debian.tar.xz
 5e6bb3da6497f339a8941100a7e0960250ff9d39 44504 
libncarg-bin-dbgsym_6.4.0-4_amd64.deb
 5036dc98fc99e2c8333e37fd847210918fb45708 71748 libncarg-bin_6.4.0-4_amd64.deb
 704c89d7e3b886e03b16af2c29bd2053e705b13b 26603678 libncarg-data_6.4.0-4_all.deb
 9a14fee5ef90030c91c256b1adc3ff502429e802 13203140 
libncarg-dev_6.4.0-4_amd64.deb
 16c7333ef643829b58cd628cfbe4a261e55f7cb7 9435848 
libncarg0-dbgsym_6.4.0-4_amd64.deb
 2c43e5922c783d59bf970370588894a4dc1cce3a 3917784 libncarg0_6.4.0-4_amd64.deb
 24534b8fc3514f6a5011eba88edbdf2b95a7a500 4940074 
ncl-ncarg-dbgsym_6.4.0-4_amd64.deb
 b2469888203a6d35b69e30fa77e45f8b65c1a953 1974698 ncl-ncarg_6.4.0-4_amd64.deb
 453b0512163d6f207ff46be86e4e9faddce45fbe 14487 ncl_6.4.0-4_amd64.buildinfo
Checksums-Sha256:
 d73a99f5083af79571f4dc920d51912d7a0c94bf5682c89f147e133407a1ae7d 2634 
ncl_6.4.0-4.dsc
 e96312eae665fab11490867720e346ff96148dd3f269953dab5318242c602bd4 54360 
ncl_6.4.0-4.debian.tar.xz
 930dfe398ab0ec33d506a357c39c00bf2629c9e3225e1d1bb66b63c4bf7d22bd 44504 
libncarg-bin-dbgsym_6.4.0-4_amd64.deb
 1a46132761f04ed4c6a449cf4984b5157178614e8f48d313bff8db523034104f 71748 
libncarg-bin_6.4.0-4_amd64.deb
 6bb3001d6ed16659e3f69649bd141f148bbe924ec505f9494be1f50086a768cd 26603678 
libncarg-data_6.4.0-4_all.deb
 b013330f7bdd955e1361472124928cfaa3fdff171c500775d3650ccc3fd67e9d 13203140 
libncarg-dev_6.4.0-4_amd64.deb

Bug#869055: marked as done (ruby-roadie: FTBFS: unsatisfiable build-dependency: ruby-nokogiri (< 1.7.0) but 1.8.0-1 is to be installed)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 17:04:10 +
with message-id 
and subject line Bug#869031: fixed in ruby-roadie 3.2.2-1
has caused the Debian Bug report #869031,
regarding ruby-roadie: FTBFS: unsatisfiable build-dependency: ruby-nokogiri (< 
1.7.0) but 1.8.0-1 is to be installed
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
869031: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869031
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ruby-roadie
Version: 3.1.1-1
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170720 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> +--+
> | Install package build dependencies  
>  |
> +--+
> 
> 
> Setup apt archive
> -
> 
> Merged Build-Depends: debhelper (>= 9~), gem2deb, rake, ruby-css-parser (>= 
> 1.3.4), ruby-nokogiri (<< 1.7.0), ruby-nokogiri (>= 1.5.0), ruby-rspec, 
> ruby-rspec-collection-matchers, ruby-webmock (>= 1.21)
> Filtered Build-Depends: debhelper (>= 9~), gem2deb, rake, ruby-css-parser (>= 
> 1.3.4), ruby-nokogiri (<< 1.7.0), ruby-nokogiri (>= 1.5.0), ruby-rspec, 
> ruby-rspec-collection-matchers, ruby-webmock (>= 1.21)
> dpkg-deb: building package 'sbuild-build-depends-ruby-roadie-dummy' in 
> '/<>/resolver-MWjkP8/apt_archive/sbuild-build-depends-ruby-roadie-dummy.deb'.
> dpkg-scanpackages: warning: Packages in archive but missing from override 
> file:
> dpkg-scanpackages: warning:   sbuild-build-depends-core-dummy 
> sbuild-build-depends-ruby-roadie-dummy
> dpkg-scanpackages: info: Wrote 2 entries to output Packages file.
> Ign:1 copy:/<>/resolver-MWjkP8/apt_archive ./ InRelease
> Get:2 copy:/<>/resolver-MWjkP8/apt_archive ./ Release [963 B]
> Ign:3 copy:/<>/resolver-MWjkP8/apt_archive ./ Release.gpg
> Get:4 copy:/<>/resolver-MWjkP8/apt_archive ./ Sources [569 B]
> Get:5 copy:/<>/resolver-MWjkP8/apt_archive ./ Packages [651 B]
> Fetched 2183 B in 0s (0 B/s)
> Reading package lists...
> Reading package lists...
> 
> Install ruby-roadie build dependencies (apt-based resolver)
> ---
> 
> Installing build dependencies
> Reading package lists...
> Building dependency tree...
> Reading state information...
> Some packages could not be installed. This may mean that you have
> requested an impossible situation or if you are using the unstable
> distribution that some required packages have not yet been created
> or been moved out of Incoming.
> The following information may help to resolve the situation:
> 
> The following packages have unmet dependencies:
>  sbuild-build-depends-ruby-roadie-dummy : Depends: ruby-nokogiri (< 1.7.0) 
> but 1.8.0-1 is to be installed
> E: Unable to correct problems, you have held broken packages.
> apt-get failed.

The full build log is available from:
   http://aws-logs.debian.net/2017/07/20/ruby-roadie_3.1.1-1_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: ruby-roadie
Source-Version: 3.2.2-1

We believe that the bug you reported is fixed in the latest version of
ruby-roadie, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 869...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Antonio Terceiro  (supplier of updated ruby-roadie package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 11 Aug 2017 12:35:37 -0400
Source: ruby-roadie
Binary: ruby-roadie
Architecture: source
Version:

Bug#871384: marked as done (redmine: FTBFS: build-dependency not installable: ruby-roadie-rails)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 17:04:10 +
with message-id 
and subject line Bug#869031: fixed in ruby-roadie 3.2.2-1
has caused the Debian Bug report #869031,
regarding redmine: FTBFS: build-dependency not installable: ruby-roadie-rails
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
869031: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869031
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: redmine
Version: 3.3.1-4
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170807 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> +--+
> | Install package build dependencies  
>  |
> +--+
> 
> 
> Setup apt archive
> -
> 
> Merged Build-Depends: dbconfig-common, debhelper (>= 9), ruby | 
> ruby-interpreter, ruby-actionpack-action-caching, ruby-actionpack-xml-parser, 
> ruby-bundler, ruby-coderay (>= 1.0.6), ruby-i18n (>= 0.6.9-1~), 
> ruby-jquery-rails (>= 4.0.5), ruby-mimemagic, ruby-mime-types (>= 1.25), 
> ruby-net-ldap (>= 0.3.1), ruby-openid, ruby-protected-attributes, ruby-rack 
> (>= 1.4.5~), ruby-rack-openid, ruby-rails (>= 2:4.2.5), ruby-rails-observers, 
> ruby-rbpdf, ruby-redcarpet, ruby-request-store, ruby-rmagick, 
> ruby-roadie-rails, po-debconf
> Filtered Build-Depends: dbconfig-common, debhelper (>= 9), ruby, 
> ruby-actionpack-action-caching, ruby-actionpack-xml-parser, ruby-bundler, 
> ruby-coderay (>= 1.0.6), ruby-i18n (>= 0.6.9-1~), ruby-jquery-rails (>= 
> 4.0.5), ruby-mimemagic, ruby-mime-types (>= 1.25), ruby-net-ldap (>= 0.3.1), 
> ruby-openid, ruby-protected-attributes, ruby-rack (>= 1.4.5~), 
> ruby-rack-openid, ruby-rails (>= 2:4.2.5), ruby-rails-observers, ruby-rbpdf, 
> ruby-redcarpet, ruby-request-store, ruby-rmagick, ruby-roadie-rails, 
> po-debconf
> dpkg-deb: building package 'sbuild-build-depends-redmine-dummy' in 
> '/<>/resolver-4VQuge/apt_archive/sbuild-build-depends-redmine-dummy.deb'.
> dpkg-scanpackages: warning: Packages in archive but missing from override 
> file:
> dpkg-scanpackages: warning:   sbuild-build-depends-core-dummy 
> sbuild-build-depends-redmine-dummy
> dpkg-scanpackages: info: Wrote 2 entries to output Packages file.
> Ign:1 copy:/<>/resolver-4VQuge/apt_archive ./ InRelease
> Get:2 copy:/<>/resolver-4VQuge/apt_archive ./ Release [963 B]
> Ign:3 copy:/<>/resolver-4VQuge/apt_archive ./ Release.gpg
> Get:4 copy:/<>/resolver-4VQuge/apt_archive ./ Sources [722 B]
> Get:5 copy:/<>/resolver-4VQuge/apt_archive ./ Packages [781 B]
> Fetched 2466 B in 0s (0 B/s)
> Reading package lists...
> Reading package lists...
> 
> Install redmine build dependencies (apt-based resolver)
> ---
> 
> Installing build dependencies
> Reading package lists...
> Building dependency tree...
> Reading state information...
> Some packages could not be installed. This may mean that you have
> requested an impossible situation or if you are using the unstable
> distribution that some required packages have not yet been created
> or been moved out of Incoming.
> The following information may help to resolve the situation:
> 
> The following packages have unmet dependencies:
>  sbuild-build-depends-redmine-dummy : Depends: ruby-roadie-rails but it is 
> not going to be installed
> E: Unable to correct problems, you have held broken packages.
> apt-get failed.

The full build log is available from:
   http://aws-logs.debian.net/2017/08/07/redmine_3.3.1-4_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: ruby-roadie
Source-Version: 3.2.2-1

We believe that the bug you reported is fixed in the latest version of
ruby-roadie, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address

Bug#871378: marked as done (ruby-roadie-rails: FTBFS: build-dependency not installable: ruby-roadie (>= 3.1))

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 17:04:10 +
with message-id 
and subject line Bug#869031: fixed in ruby-roadie 3.2.2-1
has caused the Debian Bug report #869031,
regarding ruby-roadie-rails: FTBFS: build-dependency not installable: 
ruby-roadie (>= 3.1)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
869031: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869031
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ruby-roadie-rails
Version: 1.1.0-1
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170807 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> +--+
> | Install package build dependencies  
>  |
> +--+
> 
> 
> Setup apt archive
> -
> 
> Merged Build-Depends: debhelper (>= 9~), gem2deb, rake, rails, ruby-railties 
> (<< 2:4.3), ruby-railties (>= 2:3.0), ruby-roadie (>= 3.1), ruby-rspec, 
> ruby-rspec-collection-matchers, ruby-sass-rails
> Filtered Build-Depends: debhelper (>= 9~), gem2deb, rake, rails, 
> ruby-railties (<< 2:4.3), ruby-railties (>= 2:3.0), ruby-roadie (>= 3.1), 
> ruby-rspec, ruby-rspec-collection-matchers, ruby-sass-rails
> dpkg-deb: building package 'sbuild-build-depends-ruby-roadie-rails-dummy' in 
> '/<>/resolver-MRv34j/apt_archive/sbuild-build-depends-ruby-roadie-rails-dummy.deb'.
> dpkg-scanpackages: warning: Packages in archive but missing from override 
> file:
> dpkg-scanpackages: warning:   sbuild-build-depends-core-dummy 
> sbuild-build-depends-ruby-roadie-rails-dummy
> dpkg-scanpackages: info: Wrote 2 entries to output Packages file.
> Ign:1 copy:/<>/resolver-MRv34j/apt_archive ./ InRelease
> Get:2 copy:/<>/resolver-MRv34j/apt_archive ./ Release [963 B]
> Ign:3 copy:/<>/resolver-MRv34j/apt_archive ./ Release.gpg
> Get:4 copy:/<>/resolver-MRv34j/apt_archive ./ Sources [569 B]
> Get:5 copy:/<>/resolver-MRv34j/apt_archive ./ Packages [652 B]
> Fetched 2184 B in 0s (0 B/s)
> Reading package lists...
> Reading package lists...
> 
> Install ruby-roadie-rails build dependencies (apt-based resolver)
> -
> 
> Installing build dependencies
> Reading package lists...
> Building dependency tree...
> Reading state information...
> Some packages could not be installed. This may mean that you have
> requested an impossible situation or if you are using the unstable
> distribution that some required packages have not yet been created
> or been moved out of Incoming.
> The following information may help to resolve the situation:
> 
> The following packages have unmet dependencies:
>  sbuild-build-depends-ruby-roadie-rails-dummy : Depends: ruby-roadie (>= 3.1) 
> but it is not going to be installed
> E: Unable to correct problems, you have held broken packages.
> apt-get failed.

The full build log is available from:
   http://aws-logs.debian.net/2017/08/07/ruby-roadie-rails_1.1.0-1_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: ruby-roadie
Source-Version: 3.2.2-1

We believe that the bug you reported is fixed in the latest version of
ruby-roadie, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 869...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Antonio Terceiro  (supplier of updated ruby-roadie package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 11 Aug 2017 12:35:37 -0400
Source: ruby-roadie
Binary: ruby-roadie
Architecture:

Bug#869031: marked as done (ruby-roadie: FTBFS: unsatisfiable build-dependency: ruby-nokogiri (< 1.7.0) but 1.8.0-1 is to be installed)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 17:04:10 +
with message-id 
and subject line Bug#869031: fixed in ruby-roadie 3.2.2-1
has caused the Debian Bug report #869031,
regarding ruby-roadie: FTBFS: unsatisfiable build-dependency: ruby-nokogiri (< 
1.7.0) but 1.8.0-1 is to be installed
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
869031: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869031
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: redmine
Version: 3.3.1-4
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170720 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> +--+
> | Install package build dependencies  
>  |
> +--+
> 
> 
> Setup apt archive
> -
> 
> Merged Build-Depends: dbconfig-common, debhelper (>= 9), ruby | 
> ruby-interpreter, ruby-actionpack-action-caching, ruby-actionpack-xml-parser, 
> ruby-bundler, ruby-coderay (>= 1.0.6), ruby-i18n (>= 0.6.9-1~), 
> ruby-jquery-rails (>= 4.0.5), ruby-mimemagic, ruby-mime-types (>= 1.25), 
> ruby-net-ldap (>= 0.3.1), ruby-openid, ruby-protected-attributes, ruby-rack 
> (>= 1.4.5~), ruby-rack-openid, ruby-rails (>= 2:4.2.5), ruby-rails-observers, 
> ruby-rbpdf, ruby-redcarpet, ruby-request-store, ruby-rmagick, 
> ruby-roadie-rails, po-debconf
> Filtered Build-Depends: dbconfig-common, debhelper (>= 9), ruby, 
> ruby-actionpack-action-caching, ruby-actionpack-xml-parser, ruby-bundler, 
> ruby-coderay (>= 1.0.6), ruby-i18n (>= 0.6.9-1~), ruby-jquery-rails (>= 
> 4.0.5), ruby-mimemagic, ruby-mime-types (>= 1.25), ruby-net-ldap (>= 0.3.1), 
> ruby-openid, ruby-protected-attributes, ruby-rack (>= 1.4.5~), 
> ruby-rack-openid, ruby-rails (>= 2:4.2.5), ruby-rails-observers, ruby-rbpdf, 
> ruby-redcarpet, ruby-request-store, ruby-rmagick, ruby-roadie-rails, 
> po-debconf
> dpkg-deb: building package 'sbuild-build-depends-redmine-dummy' in 
> '/<>/resolver-NtoQn3/apt_archive/sbuild-build-depends-redmine-dummy.deb'.
> dpkg-scanpackages: warning: Packages in archive but missing from override 
> file:
> dpkg-scanpackages: warning:   sbuild-build-depends-core-dummy 
> sbuild-build-depends-redmine-dummy
> dpkg-scanpackages: info: Wrote 2 entries to output Packages file.
> Ign:1 copy:/<>/resolver-NtoQn3/apt_archive ./ InRelease
> Get:2 copy:/<>/resolver-NtoQn3/apt_archive ./ Release [963 B]
> Ign:3 copy:/<>/resolver-NtoQn3/apt_archive ./ Release.gpg
> Get:4 copy:/<>/resolver-NtoQn3/apt_archive ./ Sources [722 B]
> Get:5 copy:/<>/resolver-NtoQn3/apt_archive ./ Packages [779 B]
> Fetched 2464 B in 0s (0 B/s)
> Reading package lists...
> Reading package lists...
> 
> Install redmine build dependencies (apt-based resolver)
> ---
> 
> Installing build dependencies
> Reading package lists...
> Building dependency tree...
> Reading state information...
> Some packages could not be installed. This may mean that you have
> requested an impossible situation or if you are using the unstable
> distribution that some required packages have not yet been created
> or been moved out of Incoming.
> The following information may help to resolve the situation:
> 
> The following packages have unmet dependencies:
>  sbuild-build-depends-redmine-dummy : Depends: ruby-roadie-rails but it is 
> not going to be installed
> E: Unable to correct problems, you have held broken packages.
> apt-get failed.

The full build log is available from:
   http://aws-logs.debian.net/2017/07/20/redmine_3.3.1-4_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: ruby-roadie
Source-Version: 3.2.2-1

We believe that the bug you reported is fixed in the latest version of
ruby-roadie, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you

Bug#869065: marked as done (ruby-roadie: FTBFS: unsatisfiable build-dependency: ruby-nokogiri (< 1.7.0) but 1.8.0-1 is to be installed)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 17:04:10 +
with message-id 
and subject line Bug#869031: fixed in ruby-roadie 3.2.2-1
has caused the Debian Bug report #869031,
regarding ruby-roadie: FTBFS: unsatisfiable build-dependency: ruby-nokogiri (< 
1.7.0) but 1.8.0-1 is to be installed
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
869031: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869031
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ruby-roadie-rails
Version: 1.1.0-1
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170720 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> +--+
> | Install package build dependencies  
>  |
> +--+
> 
> 
> Setup apt archive
> -
> 
> Merged Build-Depends: debhelper (>= 9~), gem2deb, rake, rails, ruby-railties 
> (<< 2:4.3), ruby-railties (>= 2:3.0), ruby-roadie (>= 3.1), ruby-rspec, 
> ruby-rspec-collection-matchers, ruby-sass-rails
> Filtered Build-Depends: debhelper (>= 9~), gem2deb, rake, rails, 
> ruby-railties (<< 2:4.3), ruby-railties (>= 2:3.0), ruby-roadie (>= 3.1), 
> ruby-rspec, ruby-rspec-collection-matchers, ruby-sass-rails
> dpkg-deb: building package 'sbuild-build-depends-ruby-roadie-rails-dummy' in 
> '/<>/resolver-oDe3ls/apt_archive/sbuild-build-depends-ruby-roadie-rails-dummy.deb'.
> dpkg-scanpackages: warning: Packages in archive but missing from override 
> file:
> dpkg-scanpackages: warning:   sbuild-build-depends-core-dummy 
> sbuild-build-depends-ruby-roadie-rails-dummy
> dpkg-scanpackages: info: Wrote 2 entries to output Packages file.
> Ign:1 copy:/<>/resolver-oDe3ls/apt_archive ./ InRelease
> Get:2 copy:/<>/resolver-oDe3ls/apt_archive ./ Release [963 B]
> Ign:3 copy:/<>/resolver-oDe3ls/apt_archive ./ Release.gpg
> Get:4 copy:/<>/resolver-oDe3ls/apt_archive ./ Sources [569 B]
> Get:5 copy:/<>/resolver-oDe3ls/apt_archive ./ Packages [650 B]
> Fetched 2182 B in 0s (0 B/s)
> Reading package lists...
> Reading package lists...
> 
> Install ruby-roadie-rails build dependencies (apt-based resolver)
> -
> 
> Installing build dependencies
> Reading package lists...
> Building dependency tree...
> Reading state information...
> Some packages could not be installed. This may mean that you have
> requested an impossible situation or if you are using the unstable
> distribution that some required packages have not yet been created
> or been moved out of Incoming.
> The following information may help to resolve the situation:
> 
> The following packages have unmet dependencies:
>  sbuild-build-depends-ruby-roadie-rails-dummy : Depends: ruby-roadie (>= 3.1) 
> but it is not going to be installed
> E: Unable to correct problems, you have held broken packages.
> apt-get failed.

The full build log is available from:
   http://aws-logs.debian.net/2017/07/20/ruby-roadie-rails_1.1.0-1_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: ruby-roadie
Source-Version: 3.2.2-1

We believe that the bug you reported is fixed in the latest version of
ruby-roadie, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 869...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Antonio Terceiro  (supplier of updated ruby-roadie package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 11 Aug 2017 12:35:37 -0400
Source: ruby-roadie
Binary:

Bug#869031: marked as pending

2017-08-11 Thread Antonio Terceiro 
tag 869031 pending
thanks

Hello,

Bug #869031 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:


https://anonscm.debian.org/cgit/pkg-ruby-extras/ruby-roadie.git/commit/?id=f1bca5e

---
commit f1bca5ef65382a6bd370a501e88a08256076ca7f
Author: Antonio Terceiro 
Date:   Fri Aug 11 11:53:01 2017 -0400

New upstream release + dh-make-ruby -w

diff --git a/debian/changelog b/debian/changelog
index 31da8d6..a3c6286 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,14 @@
+ruby-roadie (3.1.1-2) UNRELEASED; urgency=medium
+
+  * New upstream release
+- will build against a newer ruby-nokogiri (Closes: #869031)
+  * update packaging with `dh-make-ruby -w`
+- Bump debhelper compat to 10
+- Bump Standards-Version to 4.0.0 (no changes needed)
+
+
+ -- Antonio Terceiro   Fri, 11 Aug 2017 11:49:44 -0400
+
 ruby-roadie (3.1.1-1) unstable; urgency=medium
 
   * Initial release

Processed: Bug#869031 marked as pending

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tag 869031 pending
Bug #869031 [src:ruby-roadie] ruby-roadie: FTBFS: unsatisfiable 
build-dependency: ruby-nokogiri (< 1.7.0) but 1.8.0-1 is to be installed
Bug #869055 [src:ruby-roadie] ruby-roadie: FTBFS: unsatisfiable 
build-dependency: ruby-nokogiri (< 1.7.0) but 1.8.0-1 is to be installed
Bug #869065 [src:ruby-roadie] ruby-roadie: FTBFS: unsatisfiable 
build-dependency: ruby-nokogiri (< 1.7.0) but 1.8.0-1 is to be installed
Bug #871378 [src:ruby-roadie] ruby-roadie-rails: FTBFS: build-dependency not 
installable: ruby-roadie (>= 3.1)
Bug #871384 [src:ruby-roadie] redmine: FTBFS: build-dependency not installable: 
ruby-roadie-rails
Added tag(s) pending.
Added tag(s) pending.
Added tag(s) pending.
Added tag(s) pending.
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
869031: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869031
869055: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869055
869065: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869065
871378: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871378
871384: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871384
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871296: marked as done (libogre-1.9.0v5: requires rebuild against GCC 7 and symbols/shlibs bump)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 16:34:33 +
with message-id 
and subject line Bug#871296: fixed in ogre-1.9 1.9.0+dfsg1-9
has caused the Debian Bug report #871296,
regarding libogre-1.9.0v5: requires rebuild against GCC 7 and symbols/shlibs 
bump
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
871296: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871296
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libogre-1.9.0v5
Version: 1.9.0+dfsg1-8
Severity: serious
Tags: sid buster
User: debian-...@lists.debian.org
Usertags: gcc-7-op-mangling

Hi,

It appears that your package provides an external symbol that is
affected by the recent name mangling changes in GCC 7. See:
https://gcc.gnu.org/gcc-7/porting_to.html#conversion-op-mangling

In GCC 7, the name mangling for C++ conversion operators which return a
type using the abi_tag attribute (most commonly std::string) has
changed. When your library is compiled with GCC 7, it will now emit two
symbols for the conversion operator using the new and old naming.
Executables compiled with GCC 7 will always use the new symbol, while
old executables compiled using <= GCC 6 will use the old symbol. For new
executables to build without undefined references, your library will
need rebuilding with GCC 7.

To ensure that new executables will pull in the newer version of the
library built with GCC 7:
- Your library package should Build-Depend on g++ (>= 4:7).
- If your package provides a symbols file, ensure that the new
  conversion operator symbols have a version matching the version this
  bug is fixed in (including the Debian revision and tilde if
  necessary).

  Using apt as an example (debian/libapt-pkg5.0.symbols):
(c++)"URI::operator std::__cxx11::basic_string[abi:cxx11]()@APTPKG_5.0" 0.8.0
  + (c++)"URI::operator std::__cxx11::basic_string()@APTPKG_5.0" 1.5~beta2~

  Where "1.5~beta2" is the version this bug was fixed in.

- If your package does not provide a symbols file, add a dh_makeshlibs
  override so that tight enough dependencies are generated.

  Using libebml as an example (debian/rules):
  + override_dh_makeshlibs:
  + # For new symbols when compiled with GCC 7
  + dh_makeshlibs -V'libebml4v5 (>= 1.3.4-2~)'

  Where "1.3.4-2" is the version this bug was fixed in.

- If your package is about to be renamed due to an upstream SONAME bump,
  you do not need to add any special symbols handling.

If you would like to know the exact name of the new symbols, using
"abipkgdiff" from abigail-tools might be able to help.

Thanks,
James
--- End Message ---
--- Begin Message ---
Source: ogre-1.9
Source-Version: 1.9.0+dfsg1-9

We believe that the bug you reported is fixed in the latest version of
ogre-1.9, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 871...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Manuel A. Fernandez Montecelo  (supplier of updated ogre-1.9 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 11 Aug 2017 17:59:53 +0200
Source: ogre-1.9
Binary: libogre-1.9-dev libogre-1.9.0v5 ogre-1.9-doc ogre-1.9-tools 
blender-ogrexml-1.9
Architecture: source all amd64
Version: 1.9.0+dfsg1-9
Distribution: unstable
Urgency: medium
Maintainer: Debian Games Team 
Changed-By: Manuel A. Fernandez Montecelo 
Description:
 blender-ogrexml-1.9 - Blender Exporter for OGRE
 libogre-1.9-dev - 3D Object-Oriented Graphics Rendering Engine (development 
files)
 libogre-1.9.0v5 - 3D Object-Oriented Graphics Rendering Engine (libraries)
 ogre-1.9-doc - 3D Object-Oriented Graphics Rendering Engine (documentation)
 ogre-1.9-tools - 3D Object-Oriented Graphics Rendering Engine (tools)
Closes: 871296
Changes:
 ogre-1.9 (1.9.0+dfsg1-9) unstable; urgency=medium
 .
   * Bump shlibs version due to GCC v7 ABI change (Closes: #871296)
Checksums-Sha1:
 ab5d3c5d872206a24fdd54f19d3f179fd22dbe45 2700 ogre-1.9_1.9.0+dfsg1-9.dsc

Bug#870345: marked as done (globus-gram-job-manager FTBFS: test failures)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 16:20:37 +
with message-id 
and subject line Bug#870345: fixed in globus-gram-job-manager-scripts 6.9-3
has caused the Debian Bug report #870345,
regarding globus-gram-job-manager FTBFS: test failures
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
870345: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870345
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: globus-gram-job-manager
Version: 14.36-2
Severity: serious

Some recent change in unstable makes globus-gram-job-manager FTBFS:

https://tests.reproducible-builds.org/debian/history/globus-gram-job-manager.html
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/globus-gram-job-manager.html

...
===
   globus_gram_job_manager 14.36: test/client/test-suite.log
===

# TOTAL: 21
# PASS:  10
# SKIP:  0
# XFAIL: 0
# FAIL:  11
# XPASS: 0
# ERROR: 0

.. contents:: :depth: 2

FAIL: cancel-test
=

#   Starting personal gatekeeper
1..1
not ok - cancel-test
FAIL cancel-test (exit status: 25)

FAIL: refresh-credentials-test
==

#   Starting personal gatekeeper
1..1
not ok
FAIL refresh-credentials-test (exit status: 25)

FAIL: register-cancel-test
==

#   Starting personal gatekeeper
1..1
not ok 1 register-cancel-test
FAIL register-cancel-test (exit status: 25)

FAIL: register-refresh-credentials-test
===

#   Starting personal gatekeeper
1..1
not ok 1 register-refresh-credentials-test
FAIL register-refresh-credentials-test (exit status: 25)

FAIL: status-test
=

#   Starting personal gatekeeper
Made 5 calls to status in 0.163985 seconds
1..1
not ok 1 status-test
FAIL status-test (exit status: 25)

FAIL: two-phase-commit-test.pl
==

#   Starting personal gatekeeper
1..4
ok 1 - ./two-phase-commit-test "localhost:43287:/CN=test" no-commit 1
not ok 2 - ./two-phase-commit-test "localhost:43287:/CN=test" no-commit-end 10
#   Failed test './two-phase-commit-test "localhost:43287:/CN=test" 
no-commit-end 10'
#   at ./two-phase-commit-test.pl line 101.
ok 3 - ./two-phase-commit-test "localhost:43287:/CN=test" commit 10
ok 4 - ./two-phase-commit-test "localhost:43287:/CN=test" late-commit-end 10
# Looks like you failed 1 test of 4.
FAIL two-phase-commit-test.pl (exit status: 1)

FAIL: local-stdio-size-test
===

#   Starting personal gatekeeper
job contact: https://localhost:41371/16650366878192254056/1438345404066772617/
job manager returned 0 (Success) when I expected it to tell me the size was 
wrong1..1
not ok # local-stdio-size-test 
FAIL local-stdio-size-test (exit status: 255)

FAIL: restart-to-new-url-test
=

#   Starting personal gatekeeper
test_restart_to_new_url:384: Expected rc = 130, got 25 (the job manager 
detected an invalid script status)
1..1
not ok # test_restart_to_new_url
FAIL restart-to-new-url-test (exit status: 1)

FAIL: set-credentials-test
==

#   Starting personal gatekeeper
1..1
not ok 1 set-credentials-test
FAIL set-credentials-test (exit status: 25)

FAIL: stdio-size-test
=

#   Starting personal gatekeeper
job manager returned 161 (the job manager is still streaming output) when I 
expected it to still be streaming output
1..1
not ok 1 stdio-size-test
FAIL stdio-size-test (exit status: 161)

FAIL: stdio-update-test
===

#   Starting personal gatekeeper
test_stdio_update:393: Expected rc = 0, got 156 (the job contact string does 
not match any which the job manager is handling)
1..1
not ok  test_stdio_update
FAIL stdio-update-test (exit status: 1)


Testsuite summary for globus_gram_job_manager 14.36

# TOTAL: 21
# PASS:  10
# SKIP:  0
# XFAIL: 0
# FAIL:  11
# XPASS: 0
# ERROR: 0

See test/client/test-suite.log
Please report to https://github.com/globus/globus-toolkit/issues

Makefile:975: recipe for target 'test-suite.log' failed
make[5]: *** [test-suite.log] Error 1
make[5]: Leaving directory 
'/build/1st/globus-gram-job-manager-14.36/test/client'

Bug#870345: marked as done (globus-gram-job-manager FTBFS: test failures)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 16:20:28 +
with message-id 
and subject line Bug#870345: fixed in globus-common 17.1-3
has caused the Debian Bug report #870345,
regarding globus-gram-job-manager FTBFS: test failures
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
870345: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870345
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: globus-gram-job-manager
Version: 14.36-2
Severity: serious

Some recent change in unstable makes globus-gram-job-manager FTBFS:

https://tests.reproducible-builds.org/debian/history/globus-gram-job-manager.html
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/globus-gram-job-manager.html

...
===
   globus_gram_job_manager 14.36: test/client/test-suite.log
===

# TOTAL: 21
# PASS:  10
# SKIP:  0
# XFAIL: 0
# FAIL:  11
# XPASS: 0
# ERROR: 0

.. contents:: :depth: 2

FAIL: cancel-test
=

#   Starting personal gatekeeper
1..1
not ok - cancel-test
FAIL cancel-test (exit status: 25)

FAIL: refresh-credentials-test
==

#   Starting personal gatekeeper
1..1
not ok
FAIL refresh-credentials-test (exit status: 25)

FAIL: register-cancel-test
==

#   Starting personal gatekeeper
1..1
not ok 1 register-cancel-test
FAIL register-cancel-test (exit status: 25)

FAIL: register-refresh-credentials-test
===

#   Starting personal gatekeeper
1..1
not ok 1 register-refresh-credentials-test
FAIL register-refresh-credentials-test (exit status: 25)

FAIL: status-test
=

#   Starting personal gatekeeper
Made 5 calls to status in 0.163985 seconds
1..1
not ok 1 status-test
FAIL status-test (exit status: 25)

FAIL: two-phase-commit-test.pl
==

#   Starting personal gatekeeper
1..4
ok 1 - ./two-phase-commit-test "localhost:43287:/CN=test" no-commit 1
not ok 2 - ./two-phase-commit-test "localhost:43287:/CN=test" no-commit-end 10
#   Failed test './two-phase-commit-test "localhost:43287:/CN=test" 
no-commit-end 10'
#   at ./two-phase-commit-test.pl line 101.
ok 3 - ./two-phase-commit-test "localhost:43287:/CN=test" commit 10
ok 4 - ./two-phase-commit-test "localhost:43287:/CN=test" late-commit-end 10
# Looks like you failed 1 test of 4.
FAIL two-phase-commit-test.pl (exit status: 1)

FAIL: local-stdio-size-test
===

#   Starting personal gatekeeper
job contact: https://localhost:41371/16650366878192254056/1438345404066772617/
job manager returned 0 (Success) when I expected it to tell me the size was 
wrong1..1
not ok # local-stdio-size-test 
FAIL local-stdio-size-test (exit status: 255)

FAIL: restart-to-new-url-test
=

#   Starting personal gatekeeper
test_restart_to_new_url:384: Expected rc = 130, got 25 (the job manager 
detected an invalid script status)
1..1
not ok # test_restart_to_new_url
FAIL restart-to-new-url-test (exit status: 1)

FAIL: set-credentials-test
==

#   Starting personal gatekeeper
1..1
not ok 1 set-credentials-test
FAIL set-credentials-test (exit status: 25)

FAIL: stdio-size-test
=

#   Starting personal gatekeeper
job manager returned 161 (the job manager is still streaming output) when I 
expected it to still be streaming output
1..1
not ok 1 stdio-size-test
FAIL stdio-size-test (exit status: 161)

FAIL: stdio-update-test
===

#   Starting personal gatekeeper
test_stdio_update:393: Expected rc = 0, got 156 (the job contact string does 
not match any which the job manager is handling)
1..1
not ok  test_stdio_update
FAIL stdio-update-test (exit status: 1)


Testsuite summary for globus_gram_job_manager 14.36

# TOTAL: 21
# PASS:  10
# SKIP:  0
# XFAIL: 0
# FAIL:  11
# XPASS: 0
# ERROR: 0

See test/client/test-suite.log
Please report to https://github.com/globus/globus-toolkit/issues

Makefile:975: recipe for target 'test-suite.log' failed
make[5]: *** [test-suite.log] Error 1
make[5]: Leaving directory 
'/build/1st/globus-gram-job-manager-14.36/test/client'
Makefile:1081:

Bug#871794: sagemath: FTBFS with python3-dev >= 3.6

2017-08-11 Thread Steve Langasek 
Package: sagemath
Version: 7.6-3
Severity: serious
Tags: patch
Justification: imminent FTBFS
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu artful ubuntu-patch

Hi folks,

The sagemath package failed to build in Ubuntu for the gsl soname
transition, because the python3 3.5->3.6 transition has already been
completed here and debian/pruner has incorrectly hard-coded a check for
python-3.5.pc.

The python3-dev package provides a generic python3.pc, which should be used
here instead.

I've uploaded the attached patch to Ubuntu, which fixes the build failure. 
Unfortunately, since sagemath was removed from artful due to this build
failure, the new version of cysignals has migrated in the meantime which
means we are also affected by bug #870688.  Nevertheless, this patch will
also be needed in Debian, as the python3.6 transition has begun in unstable
and this will be a build failure in Debian imminently.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developerhttp://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
diff -Nru sagemath-7.6/debian/pruner/configure.ac 
sagemath-7.6/debian/pruner/configure.ac
--- sagemath-7.6/debian/pruner/configure.ac 2017-07-22 15:08:10.0 
-0700
+++ sagemath-7.6/debian/pruner/configure.ac 2017-08-10 23:42:09.0 
-0700
@@ -285,7 +285,7 @@
 PKG_CHECK_MODULES(python, python-2.7, [HAS_PYTHON='True'], 
[HAS_PYTHON='False'])
 AC_SUBST(HAS_PYTHON)
 
-PKG_CHECK_MODULES(python3, python-3.5, [HAS_PYTHON3='True'], 
[HAS_PYTHON3='False'])
+PKG_CHECK_MODULES(python3, python3, [HAS_PYTHON3='True'], 
[HAS_PYTHON3='False'])
 AC_SUBST(HAS_PYTHON3)
 
 AC_CHECK_PROG(HAS_R, R, "True", "False")

Bug#869670: Depends: linux-headers-4.11.0-2-common ... but it is not going to be installed

2017-08-11 Thread Ivan Vilata i Balaguer 
Package: linux-headers-4.11.0-2-common
Version: 4.11.11-1
Followup-For: Bug #869670

I had the same issue here with the same result of losing my kernel headers,
DKMS not working, thus being unable to build VirtualBox modules and use
VirtualBox at all.

I tries to look for a ``4.11.11-1+b1`` version for the ``-common`` and
``-common-rt`` packages (both lacking the latest consistent version), but
found nothing.

It looks like the only chance left for me is rebooting into a previous
kernel.`:(`

Cheers!

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.11.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=ca_ES.UTF-8, LC_CTYPE=ca_ES.UTF-8 (charmap=UTF-8), LANGUAGE=ca:es 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Processed: limit source to imagemagick, tagging 870480, tagging 864151, tagging 871300

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> limit source imagemagick
Limiting to bugs with field 'source' containing at least one of 'imagemagick'
Limit currently set to 'source':'imagemagick'

> tags 870480 + pending
Bug #870480 [src:imagemagick] CVE-2017-11751
Added tag(s) pending.
> tags 864151 + pending
Bug #864151 [src:imagemagick] imagemagick: Typo in debian/changelog for CVE 
identifier
Added tag(s) pending.
> tags 871300 + pending
Bug #871300 [libmagick++-6.q16-7] libmagick++-6.q16-7: requires rebuild against 
GCC 7 and symbols/shlibs bump
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
864151: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864151
870480: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870480
871300: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871300
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871787: [Pkg-zsh-devel] Bug#871787: zsh: error "defining function based on alias ..."

2017-08-11 Thread Axel Beckert 
Control: retitle -1 zsh: man completion broken since 5.4.1
Control: severity -1 normal
Control: tag -1 + moreinfo unreproducible

Hi Vincent,

Vincent Lefevre wrote:
> There's a major regression, which breaks my startup scripts:
> 
> zira% alias foo=bar
> zira% foo() { : }
> zsh: defining function based on alias `foo'
> zsh: parse error near `()'

I don't see what should be wrong here. Seems like a new safe-guard
avoiding redefining an alias as function without unaliasing it first.
Looks legit to me on a first glance.

Digging through the upstream commits, I found this commit which looks
like this new behaviour is totally on purpose:

  commit bb218704d27bcca9aa4426296dcd5c13d58b330a
  Author: Peter Stephenson 
  Date:   Tue Jan 10 19:14:26 2017 +

40306 with doc tweaks: Change behaviour expanding alias in ()
function definition.

Now an error unless the () is part of the same error as the name.
Add ALIAS_FUNC_DEF option to allow it again.

So you should either add this option or change the syntax of your
startup scripts. I hence consider this to be a non-bug. Retitling and
downgrading the bug report accordingly for the remainder of the bug
report:

> Well, I'm not sure whether there are other issues or this is a
> consequence of the above bug, but completions are alo broken.
> For instance, I can no longer complete on the "man" command.

Works fine for me on a first glance, both without arguments as well as
with the beginning of a command already typed.

Hence the tags moreinfo + unreproducible.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Processed: Re: [Pkg-zsh-devel] Bug#871787: zsh: error "defining function based on alias ..."

2017-08-11 Thread Debian Bug Tracking System 
Processing control commands:

> retitle -1 zsh: man completion broken since 5.4.1
Bug #871787 [zsh] zsh: error "defining function based on alias ..."
Changed Bug title to 'zsh: man completion broken since 5.4.1' from 'zsh: error 
"defining function based on alias ..."'.
> severity -1 normal
Bug #871787 [zsh] zsh: man completion broken since 5.4.1
Severity set to 'normal' from 'grave'
> tag -1 + moreinfo unreproducible
Bug #871787 [zsh] zsh: man completion broken since 5.4.1
Added tag(s) moreinfo and unreproducible.

-- 
871787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871787
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871629: Add me too here

2017-08-11 Thread Adilson dos Santos Dantas 
Same here on Debian Sid with KDE. The only solution, for now, is downgrade
Thunderbird to the previous version.

-- 
Adilson dos Santos Dantas
http://www.adilson.net.br
http://twitter.com/adilsond

Bug#871787: zsh: error "defining function based on alias ..."

2017-08-11 Thread Vincent Lefevre 
Package: zsh
Version: 5.4.1-1
Severity: grave
Justification: renders package unusable

There's a major regression, which breaks my startup scripts:

zira% alias foo=bar
zira% foo() { : }
zsh: defining function based on alias `foo'
zsh: parse error near `()'

Well, I'm not sure whether there are other issues or this is a
consequence of the above bug, but completions are alo broken.
For instance, I can no longer complete on the "man" command.

-- Package-specific info:

Packages which provide vendor completions:

Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name   Version  Architecture Description
+++-==---=
ii  curl   7.52.1-5 amd64command line tool for transferrin
ii  pulseaudio 10.0-2   amd64PulseAudio sound server
ii  systemd234-2amd64system and service manager
ii  udev   234-2amd64/dev/ and hotplug management daem
ii  vlc-bin2.2.6-3+b1   amd64binaries from VLC
ii  youtube-dl 2017.05.18.1 all  downloader of videos from YouTube

The following files were modified:

/etc/systemd/logind.conf
/etc/systemd/system.conf
/etc/systemd/journald.conf

dpkg-query: no path found matching pattern /usr/share/zsh/vendor-functions/


-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), 
(500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.11.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=POSIX 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages zsh depends on:
ii  dpkg1.18.24
ii  libc6   2.24-14
ii  libcap2 1:2.25-1
ii  libtinfo5   6.0+20170715-2
ii  zsh-common  5.4.1-1

Versions of packages zsh recommends:
ii  libc6 2.24-14
ii  libncursesw5  6.0+20170715-2
ii  libpcre3  2:8.39-4

Versions of packages zsh suggests:
ii  zsh-doc  5.4.1-1

-- no debconf information

Bug#871629: thunderbird UI unusable with many widgets not drawn

2017-08-11 Thread jim_p 
Package: thunderbird
Followup-For: Bug #871629

Count me in as well, using debian testing. I had to downgrade to 52.2.1-4 to
get it back to work.



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.11.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages thunderbird depends on:
ii  debianutils   4.8.1.1
ii  fontconfig2.12.3-0.2
ii  libatk1.0-0   2.24.0-1
ii  libc6 2.24-12
ii  libcairo-gobject2 1.14.10-1
ii  libcairo2 1.14.10-1
ii  libdbus-1-3   1.11.16+really1.10.22-1
ii  libdbus-glib-1-2  0.108-2
ii  libevent-2.0-52.0.21-stable-3
ii  libffi6   3.2.1-6
ii  libfontconfig12.12.3-0.2
ii  libfreetype6  2.8-0.2
ii  libgcc1   1:7.1.0-10
ii  libgdk-pixbuf2.0-02.36.5-2
ii  libglib2.0-0  2.53.4-3
ii  libgtk-3-03.22.17-1
ii  libhunspell-1.6-0 1.6.1-2
ii  libpango-1.0-01.40.6-1
ii  libpangocairo-1.0-0   1.40.6-1
ii  libpangoft2-1.0-0 1.40.6-1
ii  libpixman-1-0 0.34.0-1
ii  libstartup-notification0  0.12-4+b2
ii  libstdc++67.1.0-10
ii  libvpx4   1.6.1-3
ii  libx11-6  2:1.6.4-3
ii  libx11-xcb1   2:1.6.4-3
ii  libxcb-shm0   1.12-1
ii  libxcb1   1.12-1
ii  libxcomposite11:0.4.4-2
ii  libxdamage1   1:1.1.4-2+b3
ii  libxext6  2:1.3.3-1+b2
ii  libxfixes31:5.0.3-1
ii  libxrender1   1:0.9.10-1
ii  libxt61:1.1.5-1
ii  psmisc23.1-1
ii  x11-utils 7.7+3+b1
ii  zlib1g1:1.2.8.dfsg-5

Versions of packages thunderbird recommends:
pn  lightning 
pn  myspell-en-us | hunspell-dictionary | myspell-dictionary  

Versions of packages thunderbird suggests:
pn  apparmor  
pn  fonts-lyx 
ii  libgssapi-krb5-2  1.15.1-2

-- no debconf information

Bug#871775: mysql-workbench: Alter table crashes Workbench

2017-08-11 Thread PICCORO McKAY Lenz 
Package: mysql-workbench
Version: 6.2.3+dfsg-7
Severity: grave
Tags: upstream
Justification: causes data loss

choose a table, and the point another table but not choosen, alter it!
added or remove some columns and then crash arrival!

https://bugs.mysql.com/bug.php?id=65606
https://bugs.mysql.com/bug.php?id=76669
https://bugs.mysql.com/bug.php?id=70225

debian wheeze and debian jessie has a unusable package !

-- System Information:
Debian Release: 8.5
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-586
Locale: LANG=es_VE.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages mysql-workbench depends on:
ii  libatkmm-1.6-12.22.7-2.1
ii  libc6 2.19-18+deb8u6
ii  libcairo2 1.14.0-2.1+deb8u2
ii  libcairomm-1.0-1  1.10.0-1.1
ii  libctemplate2 2.2-4
ii  libgcc1   1:4.9.2-10
ii  libgdal1h 1.10.1+dfsg-8+b3
ii  libgdk-pixbuf2.0-02.31.1-2+deb8u5
ii  libgl1-mesa-glx [libgl1]  13.0.6-1~bpo8+1
ii  libglib2.0-0  2.42.1-1+b1
ii  libglibmm-2.4-1c2a2.42.0-1
ii  libgnome-keyring0 3.12.0-1+b1
ii  libgtk2.0-0   2.24.25-3+deb8u1
ii  libgtkmm-2.4-1c2a 1:2.24.4-1.1
ii  libmysqlclient18  5.5.52-0+deb8u1
ii  libmysqlcppconn7  1.1.3-6
ii  libodbc1  2.3.1-3
ii  libpango-1.0-01.36.8-3
ii  libpangocairo-1.0-0   1.36.8-3
ii  libpangomm-1.4-1  2.34.0-1.1
ii  libpcre3  2:8.35-3.3+deb8u4
ii  libpcrecpp0   2:8.35-3.3+deb8u4
ii  libpython2.7  2.7.9-2+deb8u1
ii  libsigc++-2.0-0c2a2.4.0-1
ii  libstdc++64.9.2-10
ii  libtinyxml2.6.2   2.6.2-2
ii  libuuid1  2.25.2-6
ii  libvsqlitepp3 0.3.13-3
ii  libx11-6  2:1.6.2-3
ii  libxml2   2.9.1+dfsg1-5+deb8u4
ii  libzip2   0.11.2-1.2
ii  mysql-workbench-data  6.2.3+dfsg-7
ii  python-mysql.connector1.2.3-2
ii  python-paramiko   1.15.1-1
ii  python-pexpect3.2-1
ii  python-pyodbc 3.0.6-2
ii  python-pysqlite2  2.6.3-3
ii  python2.7 2.7.9-2+deb8u1
pn  python:any

Versions of packages mysql-workbench recommends:
ii  mariadb-client-10.0 [virtual-mysql-client]  10.0.28-0+deb8u1
ii  mysql-utilities 1.3.5-2
ii  ttf-bitstream-vera  1.10-8

Versions of packages mysql-workbench suggests:
ii  gnome-keyring  3.14.0-1+b1

-- no debconf information



Lenz McKAY Gerardo (PICCORO)
http://qgqlochekone.blogspot.com

Processed: bug 871691 is forwarded to https://bugzilla.mozilla.org/show_bug.cgi?id=1389263

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> forwarded 871691 https://bugzilla.mozilla.org/show_bug.cgi?id=1389263
Bug #871691 [src:nss] nss FTBFS on big endian: cpputil/databuffer.h:96:14: 
error: 'curve' may be used uninitialized in this function
Set Bug forwarded-to-address to 
'https://bugzilla.mozilla.org/show_bug.cgi?id=1389263'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
871691: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871691
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#853380: marked as done (dx: ftbfs with GCC-7)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 11:49:28 +
with message-id 
and subject line Bug#853380: fixed in dx 1:4.4.4-10
has caused the Debian Bug report #853380,
regarding dx: ftbfs with GCC-7
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
853380: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853380
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:dx
Version: 1:4.4.4-9
Severity: normal
Tags: sid buster
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-7

Please keep this issue open in the bug tracker for the package it
was filed for.  If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.

The package fails to build in a test rebuild on at least amd64 with
gcc-7/g++-7, but succeeds to build with gcc-6/g++-6. The
severity of this report may be raised before the buster release.
There is no need to fix this issue in time for the stretch release.

The full build log can be found at:
http://people.debian.org/~doko/logs/gcc7-20170126/dx_4.4.4-9_unstable_gcc7.log
The last lines of the build log are at the end of this report.

To build with GCC 7, either set CC=gcc-7 CXX=g++-7 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.

  apt-get -t=experimental install g++ 

Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-7/porting_to.html

[...]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C:7107:1: warning: ISO C++ forbids converting a string constant to 
'String {aka char*}' [-Wwrite-strings]
EditorWindow.C: In member function 'boolean EditorWindow::javifyNetwork()':
EditorWindow.C:7170:17: warning: ISO C++ forbids converting a string constant 
to 'char*' [-Wwrite-strings]
  char* macros = "/java/server/dxmacros";
 ^~~
EditorWindow.C: In member function 'void EditorWindow::setUndoActivation()':
EditorWindow.C:7545:62: warning:

Bug#750946: Tests created

2017-08-11 Thread Kjetil Kjernsmo 
Hi all!

I ended up reformulating the code as a test script:
https://github.com/kjetilk/p5-html-html5-parser/blob/master/t/rt-96399.t
This is the way I thought it should be, but with Greg's patch, the test 
intended to check the UNICODE char still fails for me... It may well be 
that the test is wrong, please poke at it :-)

Cheers,

Kjetil

Bug#871710: marked as done (mercurial: CVE-2017-1000116: command injection on clients through malicious ssh URLs)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 10:19:32 +
with message-id 
and subject line Bug#871710: fixed in mercurial 4.3.1-1
has caused the Debian Bug report #871710,
regarding mercurial: CVE-2017-1000116: command injection on clients through 
malicious ssh URLs
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
871710: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871710
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mercurial
Version: 4.0-1
Severity: grave
Tags: upstream security

Hi,

the following vulnerability was published for mercurial.

CVE-2017-1000116[0]:
command injection on clients through malicious ssh URLs

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-1000116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000116

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: mercurial
Source-Version: 4.3.1-1

We believe that the bug you reported is fixed in the latest version of
mercurial, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 871...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Tristan Seligmann  (supplier of updated mercurial package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 11 Aug 2017 05:00:16 +0200
Source: mercurial
Binary: mercurial-common mercurial
Architecture: source
Version: 4.3.1-1
Distribution: unstable
Urgency: high
Maintainer: Python Applications Packaging Team 

Changed-By: Tristan Seligmann 
Description:
 mercurial  - easy-to-use, scalable distributed version control system
 mercurial-common - easy-to-use, scalable distributed version control system 
(common
Closes: 861243 868014 871709 871710
Changes:
 mercurial (4.3.1-1) unstable; urgency=high
 .
   * Urgency high because of important security fixes.
   * New upstream release (closes: #868014).
 - CVE-2017-1000115: Mercurial's symlink auditing was incomplete prior
   to 4.3, and could be abused to write to files outside the
   repository (closes: #871709).
 - CVE-2017-1000116: Mercurial was not sanitizing hostnames passed to
   ssh, allowing shell injection attacks by specifying a hostname
   starting with -oProxyCommand (closes: #871710).
 - CVE-2017-9462: previously fixed in 4.1.3 upstream (closes: #861243).
   * Blacklist test-https.t due to TLS 1.0/1.1 being disabled in OpenSSL in
 unstable.
   * Fix license definitions in debian/copyright.
   * Bump Standards-Version to 4.0.0 (no changes).
   * Run wrap-and-sort -t -s.
Checksums-Sha1:
 57dc975c17618107ecb3d528e3fd861ea444b13f 2225 mercurial_4.3.1-1.dsc
 06cde0a5d555d5c62bb7f791409fd91910c28553 5475042 mercurial_4.3.1.orig.tar.gz
 75081b06541acd75272849b335ace0b956bfdc3e 54052 mercurial_4.3.1-1.debian.tar.xz
 f4c8f729dd7902939cdb4bb9960193f7fac53ead 6564 
mercurial_4.3.1-1_source.buildinfo
Checksums-Sha256:
 5f8e9e8ba017f4a4fac3895dad636457c91b69ff4eab0193ad8b46736b351133 2225 
mercurial_4.3.1-1.dsc
 2b12f02e3a452adff4ec9cf007017bab0cadb3f37eaf12f4b25a662df73618a2 5475042 
mercurial_4.3.1.orig.tar.gz
 451bbaf7dca2d99c2c2eb18a4e275f06b7abf5f5784b08d3caf045d38d5b1832 54052 
mercurial_4.3.1-1.debian.tar.xz
 c4731ef459b2c8c5052e1ddd3340ed1a50a3f45b527f519be7a9cc10ea813faf 6564 
mercurial_4.3.1-1_source.buildinfo
Files:
 b597cc62d5e567d9f08dad59d0e0ab64 2225 vcs optional mercurial_4.3.1-1.dsc
 b9cbdcf0bd41a2b385b35b9fbfeb0eea 5475042 vcs optional 
mercurial_4.3.1.orig.tar.gz
 3d5ba7aa476ab96bbcb55cb4094786af 54052 vcs optional 
mercurial_4.3.1-1.debian.tar.xz
 e72925b9e61deb79b06af897182a98c6 6564 vcs optional 
mercurial_4.3.1-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQGpBAEBCgCTFiEEXAZWhXVRbQoz/6ejwImQ+x9jeJMFAlmNgVBfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDVD

Bug#871709: marked as done (mercurial: CVE-2017-1000115: path traversal via symlink)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 10:19:32 +
with message-id 
and subject line Bug#871709: fixed in mercurial 4.3.1-1
has caused the Debian Bug report #871709,
regarding mercurial: CVE-2017-1000115: path traversal via symlink
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
871709: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871709
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mercurial
Version: 4.0-1
Severity: grave
Tags: upstream security
Justification: user security hole

Hi,

the following vulnerability was published for mercurial.

CVE-2017-1000115[0]:
path traversal via symlink

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-1000115
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000115

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: mercurial
Source-Version: 4.3.1-1

We believe that the bug you reported is fixed in the latest version of
mercurial, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 871...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Tristan Seligmann  (supplier of updated mercurial package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 11 Aug 2017 05:00:16 +0200
Source: mercurial
Binary: mercurial-common mercurial
Architecture: source
Version: 4.3.1-1
Distribution: unstable
Urgency: high
Maintainer: Python Applications Packaging Team 

Changed-By: Tristan Seligmann 
Description:
 mercurial  - easy-to-use, scalable distributed version control system
 mercurial-common - easy-to-use, scalable distributed version control system 
(common
Closes: 861243 868014 871709 871710
Changes:
 mercurial (4.3.1-1) unstable; urgency=high
 .
   * Urgency high because of important security fixes.
   * New upstream release (closes: #868014).
 - CVE-2017-1000115: Mercurial's symlink auditing was incomplete prior
   to 4.3, and could be abused to write to files outside the
   repository (closes: #871709).
 - CVE-2017-1000116: Mercurial was not sanitizing hostnames passed to
   ssh, allowing shell injection attacks by specifying a hostname
   starting with -oProxyCommand (closes: #871710).
 - CVE-2017-9462: previously fixed in 4.1.3 upstream (closes: #861243).
   * Blacklist test-https.t due to TLS 1.0/1.1 being disabled in OpenSSL in
 unstable.
   * Fix license definitions in debian/copyright.
   * Bump Standards-Version to 4.0.0 (no changes).
   * Run wrap-and-sort -t -s.
Checksums-Sha1:
 57dc975c17618107ecb3d528e3fd861ea444b13f 2225 mercurial_4.3.1-1.dsc
 06cde0a5d555d5c62bb7f791409fd91910c28553 5475042 mercurial_4.3.1.orig.tar.gz
 75081b06541acd75272849b335ace0b956bfdc3e 54052 mercurial_4.3.1-1.debian.tar.xz
 f4c8f729dd7902939cdb4bb9960193f7fac53ead 6564 
mercurial_4.3.1-1_source.buildinfo
Checksums-Sha256:
 5f8e9e8ba017f4a4fac3895dad636457c91b69ff4eab0193ad8b46736b351133 2225 
mercurial_4.3.1-1.dsc
 2b12f02e3a452adff4ec9cf007017bab0cadb3f37eaf12f4b25a662df73618a2 5475042 
mercurial_4.3.1.orig.tar.gz
 451bbaf7dca2d99c2c2eb18a4e275f06b7abf5f5784b08d3caf045d38d5b1832 54052 
mercurial_4.3.1-1.debian.tar.xz
 c4731ef459b2c8c5052e1ddd3340ed1a50a3f45b527f519be7a9cc10ea813faf 6564 
mercurial_4.3.1-1_source.buildinfo
Files:
 b597cc62d5e567d9f08dad59d0e0ab64 2225 vcs optional mercurial_4.3.1-1.dsc
 b9cbdcf0bd41a2b385b35b9fbfeb0eea 5475042 vcs optional 
mercurial_4.3.1.orig.tar.gz
 3d5ba7aa476ab96bbcb55cb4094786af 54052 vcs optional 
mercurial_4.3.1-1.debian.tar.xz
 e72925b9e61deb79b06af897182a98c6 6564 vcs optional 
mercurial_4.3.1-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQGpBAEBCgCTFiEEXAZWhXVRbQoz/6ejwImQ+x9jeJMFAlmNgVBfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDVD

Bug#871770: python-bcrypt FTBFS: TypeError: putenv() argument 2 must be string without null bytes, not str

2017-08-11 Thread Adrian Bunk 
Source: python-bcrypt
Version: 3.1.3-1
Severity: serious

Some recent change in unstable makes python-bcrypt FTBFS:

https://tests.reproducible-builds.org/debian/history/python-bcrypt.html
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/python-bcrypt.html

...
 ERRORS 
_ ERROR at setup of test_kdf[4-password-�-\xc1+Vb5\xee\xe0L!%\x98\x97\nW\x9ag] _

self = {'CPPFLAGS': '-Wdate-time -D_FORTIFY_SOURCE=2', 'DEB_BUILD_MULTIARCH': 
'x86_64-linux-gnu', 'http_proxy': 'http://127.0...-O2 -fstack-protector-strong 
-Wformat -Werror=format-security', 'DEB_TARGET_ARCH': 'amd64', 
'PERL_USE_UNSAFE_INC': '1'}
key = 'PYTEST_CURRENT_TEST'
item = 
'tests/test_bcrypt.py::test_kdf[4-password-\x00-\\xc1+Vb5\\xee\\xe0L!%\\x98\\x97\\nW\\x9ag]
 (setup)'

def __setitem__(self, key, item):
>   putenv(key, item)
E   TypeError: putenv() argument 2 must be string without null bytes, not 
str

/usr/lib/python2.7/os.py:473: TypeError
 ERROR at teardown of 
test_kdf[4-password-�-\xc1+Vb5\xee\xe0L!%\x98\x97\nW\x9ag] 

self = {'CPPFLAGS': '-Wdate-time -D_FORTIFY_SOURCE=2', 'DEB_BUILD_MULTIARCH': 
'x86_64-linux-gnu', 'http_proxy': 'http://127.0...-O2 -fstack-protector-strong 
-Wformat -Werror=format-security', 'DEB_TARGET_ARCH': 'amd64', 
'PERL_USE_UNSAFE_INC': '1'}
key = 'PYTEST_CURRENT_TEST'
item = 
'tests/test_bcrypt.py::test_kdf[4-password-\x00-\\xc1+Vb5\\xee\\xe0L!%\\x98\\x97\\nW\\x9ag]
 (teardown)'

def __setitem__(self, key, item):
>   putenv(key, item)
E   TypeError: putenv() argument 2 must be string without null bytes, not 
str

/usr/lib/python2.7/os.py:473: TypeError
=== warnings summary ===
tests/test_bcrypt.py::test_kdf[4-password-salt-[\xbf\x0c\xc2\x93X\x7f\x1c65U\\\'ye\x98\xd4~W\x90q\xbfB~\x9d\x8f\xbe\x84*\xba4\xd9]
  
/build/1st/python-bcrypt-3.1.3/.pybuild/pythonX.Y_2.7/build/bcrypt/__init__.py:137:
 UserWarning: Warning: bcrypt.kdf() called with only 4 round(s). This few is 
not secure: the parameter is linear, like PBKDF2.
UserWarning)

-- Docs: http://doc.pytest.org/en/latest/warnings.html
 Interrupted: stopping after 2 failures 
=== 120 passed, 1 warnings, 2 error in 0.85 seconds 
E: pybuild pybuild:283: test: plugin custom failed with: exit code=2: python2.7 
-m pytest -v -x
dh_auto_test: pybuild --test --test-pytest -i python{version} -p 2.7 returned 
exit code 13
debian/rules:10: recipe for target 'override_dh_auto_test' failed
make[1]: *** [override_dh_auto_test] Error 25

Bug#871353: marked as done (scap-security-guide: FTBFS: unable to parse output/guide.xml)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 09:50:11 +
with message-id 
and subject line Bug#871353: fixed in scap-security-guide 0.1.31-5
has caused the Debian Bug report #871353,
regarding scap-security-guide: FTBFS: unable to parse output/guide.xml
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
871353: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871353
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: scap-security-guide
Version: 0.1.31-4
Severity: serious
Tags: buster sid
User: debian...@lists.debian.org
Usertags: qa-ftbfs-20170807 qa-ftbfs
Justification: FTBFS on amd64

Hi,

During a rebuild of all packages in sid, your package failed to build on
amd64.

Relevant part (hopefully):
> make[3]: Entering directory '/<>/Fedora'
> /bin/sh: 1: Syntax error: Bad fd number
> mkdir -p output/
> cp ../shared/xccdf/shared_guide.xml output/
> xsltproc --stringparam SHARED_RP "/<>/shared" -o 
> output/shorthand.xml input/guide.xslt output/guide.xml
> warning: failed to load external entity "output/guide.xml"
> unable to parse output/guide.xml
> ../shared/product-make.include:65: recipe for target 'output/shorthand.xml' 
> failed
> make[3]: *** [output/shorthand.xml] Error 6

The full build log is available from:
   
http://aws-logs.debian.net/2017/08/07/scap-security-guide_0.1.31-4_unstable.log

A list of current common problems and possible solutions is available at
http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!

About the archive rebuild: The rebuild was done on EC2 VM instances from
Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
failed build was retried once to eliminate random failures.
--- End Message ---
--- Begin Message ---
Source: scap-security-guide
Source-Version: 0.1.31-5

We believe that the bug you reported is fixed in the latest version of
scap-security-guide, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 871...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Philippe Thierry  (supplier of updated 
scap-security-guide package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 11 Aug 2017 11:18:08 +0200
Source: scap-security-guide
Binary: ssg-base ssg-debian ssg-debderived ssg-applications ssg-nondebian
Architecture: source
Version: 0.1.31-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools Packaging Team 

Changed-By: Philippe Thierry 
Description:
 ssg-applications - SCAP Guides and benchmarks targeting userspace applications
 ssg-base   - SCAP Security guide base content and documentation
 ssg-debderived - SCAP Guides and benchmarks targeting Debian-based OS
 ssg-debian - SCAP Guides and benchmarks targeting Debian 8
 ssg-nondebian - SCAP Guides and benchmarks targeting other GNU/Linux OS
Closes: 871353
Changes:
 scap-security-guide (0.1.31-5) unstable; urgency=medium
 .
   * Updated shared guide management (Closes: #871353).
   * Update standard version to 4.0.0
   * Update compat level to 10
Checksums-Sha1:
 f0db4a1dce96fd256de7ad5106a26871802a8d22 2404 scap-security-guide_0.1.31-5.dsc
 f5527385c4dc60b0d3c42c7f651bc57513a49d09 12120 
scap-security-guide_0.1.31-5.debian.tar.xz
Checksums-Sha256:
 6852343ef6bd5ad141784a202b5fbd9fa926b6a22aa811353df94516c19f03a9 2404 
scap-security-guide_0.1.31-5.dsc
 b20ae1ac8c2239be7204a44552f15ce7ac51a10a3934f965ec078e56a2b537ae 12120 
scap-security-guide_0.1.31-5.debian.tar.xz
Files:
 491a94f154825b01b27aaa822e11e2e4 2404 admin optional 
scap-security-guide_0.1.31-5.dsc
 6c814c4170b681dd6d644f6fe83e2b96 12120 admin optional 
scap-security-guide_0.1.31-5.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIcBAEBCAAGBQJZjXuZAAoJEPNPCXROn13ZiecQAIHCn4zDVwMCsbLL3vp3rmB0
xr5aFK8oER31UAlFAY8LyPCV+6ERunFlh3iu2y026jq7aPEV/e45DdjG+9oBPZwd
ZGFAtKmIqAOIEzDVh8Qt9Be3Siq86aYxkTZgjs3hIgWxaBkmam//IxD6napzNWYv
oCRsovMRAesWH8tkv0gYixhvoloaKr9lJtzYglxE/7rymXVIzvPJKhVNfXUcEOWu
ogurtmytHIu9SGrNfPvCKeM2b6Xk1A6hKfwYCndcwQR4YpM+ZCq5tVYjY1Wfkwu8

Bug#871353: scap-security-guide: FTBFS: unable to parse output/guide.xml

2017-08-11 Thread Gianfranco Costamagna 



>Can one of the DD of pkg-security check the update ? :-)


done, please be more verbose next time on changelog

G

Bug#871353: marked as pending

2017-08-11 Thread Philippe Thierry 
tag 871353 pending
thanks

Hello,

Bug #871353 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:


https://anonscm.debian.org/cgit/pkg-security/scap-security-guide.git/commit/?id=0e5fb73

---
commit 0e5fb73b1c39b31bf9d3d7d32ba4b82831eda4b6
Author: Philippe Thierry 
Date:   Fri Aug 11 11:22:16 2017 +0200

fixing #871353

diff --git a/debian/changelog b/debian/changelog
index ffb0d82..19fed6a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+scap-security-guide (0.1.31-5) unstable; urgency=medium
+
+  * Updated shared guide management (Closes: #871353).
+
+ -- Philippe Thierry   Fri, 11 Aug 2017 11:18:08 +0200
+
 scap-security-guide (0.1.31-4) unstable; urgency=medium
 
   * Switch maintainer to pkg-security team.

Processed: Bug#871353 marked as pending

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tag 871353 pending
Bug #871353 [src:scap-security-guide] scap-security-guide: FTBFS: unable to 
parse output/guide.xml
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
871353: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871353
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871629: same here

2017-08-11 Thread Stefan Pietsch 
On Fri, 11 Aug 2017 10:38:10 +0200 Adrian Ban  wrote:
> Hi,
> 
> Yesterday after upgrading my Laptop and a VM both on Debian Sid I've 
> notice exactly the same issues mentioned here.
> .
> In the begging I thought is my Laptop issue
>   but after checking the VM I've notice that is a Thunderbird/system issue .
> 
> Which is the fastest way to fix this issue?
> 
> Kind regards,
> Adrian


I'm using Debian sid and downgraded Thunderbird to 52.2.1-4.

Regards,
Stefan

Bug#868473: dh-acc: Incorrect usage of doit (Dh_Lib)

2017-08-11 Thread Gianfranco Costamagna 
Hello Niels,
>doit(..., '-report-path', "${path}_report.html");
>doit(..., '-report-path', "${path}_report.xml");
>
>But AFAICT your version is equally correct and we are just debating code
>style at the moment. :)



interesting, for some reasons with single quote, vim wasn't highlighting
the ${path} variable, while with double quoting it was.
Since I can't believe there is a language were single and double quoting have 
different
meanings (and it case they have, how can I be sure that double quoting is 
correct?),
I went for the concatenate-string-google way of doing things :)

I was wondering about a vim highlight bug, this is why I preferred to avoid 
playing with
quotes (it took three attempts for me to have something that was "working" :) )

thanks!

G.

Processed: Add to the affects

2017-08-11 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> affects 871246 src:kdepim-addons
Bug #871246 [libkf5akonadi-dev] libkf5akonadi-dev: std_exception.h includes 
/usr/include/c++/6/exception
Added indication that 871246 affects src:kdepim-addons
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
871246: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871246
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#871629: same here

2017-08-11 Thread Adrian Ban 

Hi,

Yesterday after upgrading my Laptop and a VM both on Debian Sid I've 
notice exactly the same issues mentioned here.

.
In the begging I thought is my Laptop issue
 but after checking the VM I've notice that is a Thunderbird/system issue .

Which is the fastest way to fix this issue?

Kind regards,
Adrian


--
This mail was scanned by BitDefender
For more information please visit http://www.bitdefender.com/

Bug#853437: guitarix: ftbfs with GCC-7

2017-08-11 Thread Hermann Meyer 

Hi


A new release (0.35.6) is out to fix this issue.

https://sourceforge.net/projects/guitarix/

regards

hermann

Bug#853537: binutils: /usr/bin/gcc-ar segfaults

2017-08-11 Thread Adrian Bunk 
Control: reassign -1 binutils
Control: retitle -1 binutils: /usr/bin/gcc-ar segfaults
Control: affects -1 src:mariadb-10.1

On Thu, Aug 10, 2017 at 05:04:59PM -0400, Matthias Klose wrote:
> On 10.08.2017 15:29, Ondřej Surý wrote:
> > Package: src:mariadb-10.1
> > Followup-For: Bug #853537
> > 
> > Hi Matthias,
> > 
> > the full build.log you sent contains:
> > 
> > make[4]: Leaving directory '/<>/builddir'
> > Error running link command: Segmentation fault
> > make[4]: Leaving directory '/<>/builddir'
> > storage/tokudb/PerconaFT/portability/CMakeFiles/tokuportability_static_conv.dir/build.make:328:
> >  recipe for target 
> > 'storage/tokudb/PerconaFT/portability/libtokuportability_static_conv.a' 
> > failed
> > make[4]: *** 
> > [storage/tokudb/PerconaFT/portability/libtokuportability_static_conv.a] 
> > Error 1
> > make[4]: Leaving directory '/<>/builddir'
> > CMakeFiles/Makefile2:6419: recipe for target 
> > 'storage/tokudb/PerconaFT/portability/CMakeFiles/tokuportability_static_conv.dir/all'
> >  failed
> > make[3]: *** 
> > [storage/tokudb/PerconaFT/portability/CMakeFiles/tokuportability_static_conv.dir/all]
> >  Error 2
> > make[3]: *** Waiting for unfinished jobs
> > make[4]: Leaving directory '/<>/builddir'
> > 
> > Notice the:
> > Error running link command: Segmentation fault
> > 
> > It was just buried in the logs because of parallel build.
> > 
> > I can reproduce this with mariadb-10.1_10.1.26 that I am trying to
> > build now and it's failing with the same error.
> > 
> > I am not sure this is strictly mariadb-10.1's code fault, but I am
> > willing to help to debug the issue, hence I am not reassigning it to
> > gcc-7 (and/or binutils).
> 
> we need a tarball with all the files needed for the link, including system
> libraries.  I can help with the latter, but would appreciate it if you can
> provide such a tarball.

No input files are required:

$ gcc-ar
Usage: /usr/bin/ar [emulation options] [-]{dmpqrstx}[abcDfilMNoPsSTuvV] 
[--plugin ] [member-name] [count] archive-file file...
...
$ /usr/bin/gcc-ar
Segmentation fault
$

> Matthias

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed