Bug#882393: Subject: installation-reports: Buster installer hangs in vgchange

[Tom Dial]

Subject: installation-reports: Buster installer hangs in vgchange
Package: installation-reports
Justification: renders package unusable
Tags: d-i
Severity: grave

Dear Maintainer,

-- Package-specific info:

Boot method: CD ISO image
Image version:
https://cdimage.debian.org/cdimage/weekly-builds/amd64/iso-cd/debian-testing-amd64-netinst.iso
d/l 20NOV2017 02:00 UTC
Date: 

Machine: Qemu-KVM 2 CPU, 4G on HP 8570w (Debian 9.2); storage on microSD
pass-through
Partitions: 



Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it


Initial boot:   [O]
Detect network card:[O]
Configure network:  [O]
Detect CD:  [O]
Load installer modules: [O]
Clock/timezone setup:   [O]
User/password setup:[O]
Detect hard drives: [O]
Partition hard drives:  [E]
Install base system:[ ]
Install tasks:  [ ]
Install boot loader:[ ]
Overall install:[ ]

Comments/Problems:
Partition table on the target virtual machine:
# fdisk -l /dev/mmcblk0
Disk /dev/mmcblk0: 59.5 GiB, 63864569856 bytes, 124735488 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x68a8979e

Device Boot Start   End   Sectors  Size Id Type
/dev/mmcblk0p1 * 2048  4095  20481M 83 Linux
/dev/mmcblk0p2   4096   4198399   41943042G 82 Linux swap /
Solaris
/dev/mmcblk0p34198400 124735487 120537088 57.5G  5 Extended
/dev/mmcblk0p54200448  54532095  50331648   24G 8e Linux LVM
/dev/mmcblk0p6   54534144 121643007  67108864   32G 8e Linux LVM
/dev/mmcblk0p7  121645056 124735487   3090432  1.5G 83 Linux



Partitions 5 and 6 are LVM PVs with LVs root, swap_1, tmp, var, and
home, all except swap_1
formatted with xfs file systems. Partition 5 contains an operational
Debian 9.2 system
installed from an ISO image w/o problems. The intent was to install the
testing (buster)
system on partition 6.

The "Starting up the partitioner" progress bar stops at 40%. Examination
from a root prompt using vgdisplay
shows the 5 LVs on partition 6 "available" and the 5 LVs on partition 5
"NOT available." Killing the
"vgchange -ay" operation in progress and attempting to activate the VG
on partition 6 manually gives a
similar result: the vgchange -ay specifying the volume group name hangs,
but vgdisplay shows the LVs as
"available." Entries for the volume group are not present in /dev.
Entries /dev/dm-0, etc, for LVs
that have been activated are actually available, mountable, and writable.

Installing Debian 9.2 from the netinstall ISO image completed
successfully on the target volume group,
and upgrading that install to buster succeeded. This appeared to upgrade
LVM related drivers and programs
to the same versions as those on the buster netinstall ISO image.

--

Please make sure that the hardware-summary log file, and any other
installation logs that you think would be useful are attached to this
report. Please compress large files using gzip.

Once you have filled out this report, mail it to sub...@bugs.debian.org.

==
Installer lsb-release:
==
DISTRIB_ID=Debian
DISTRIB_DESCRIPTION="Debian GNU/Linux installer"
DISTRIB_RELEASE="8 (jessie) - installer build 20140316"
X_INSTALLATION_MEDIUM=cdrom

==
Installer hardware-summary:
==
uname -a: Linux dyson 3.13-1-amd64 #1 SMP Debian 3.13.5-1 (2014-03-04)
x86_64 GNU/Linux
lspci -knn: 00:00.0 Host bridge [0600]: Intel Corporation 3rd Gen Core
processor DRAM Controller [8086:0154] (rev 09)
lspci -knn: Subsystem: Hewlett-Packard Company Device [103c:176b]
lspci -knn: 00:01.0 PCI bridge [0604]: Intel Corporation Xeon E3-1200
v2/3rd Gen Core processor PCI Express Root Port [8086:0151] (rev 09)
lspci -knn: Kernel driver in use: pcieport
lspci -knn: 00:14.0 USB controller [0c03]: Intel Corporation 7
Series/C210 Series Chipset Family USB xHCI Host Controller [8086:1e31]
(rev 04)
lspci -knn: Subsystem: Hewlett-Packard Company Device [103c:176b]
lspci -knn: Kernel driver in use: xhci_hcd
lspci -knn: 00:16.0 Communication controller [0780]: Intel Corporation 7
Series/C210 Series Chipset Family MEI Controller #1 [8086:1e3a] (rev 04)
lspci -knn: Subsystem: Hewlett-Packard Company Device [103c:176b]
lspci -knn: 00:19.0 Ethernet controller [0200]: Intel Corporation
82579LM Gigabit Network Connection [8086:1502] (rev 04)
lspci -knn: Subsystem: Hewlett-Packard Company Device [103c:176b]
lspci -knn: Kernel driver in use: e1000e
lspci -knn: 00:1a.0 USB controller [0c03]: Intel Corporation 7
Series/C210 Series Chipset Family USB Enhanced Host Controller #2
[8086:1e2d] (rev 04)
lspci -knn: Subsystem: Hewlett-Packard Company Device [103c:176b]
lspci -knn: 

Processed: Re: Bug#882369: linux-image-4.9.0-4-amd64: Non-free RTL8192 firmware possibly packaged in main

[Debian Bug Tracking System]

Processing control commands:

> retitle -1 rtl8192cu: Misleading firmware log messages
Bug #882369 [src:linux] linux-image-4.9.0-4-amd64: Non-free RTL8192 firmware 
possibly packaged in main
Changed Bug title to 'rtl8192cu: Misleading firmware log messages' from 
'linux-image-4.9.0-4-amd64: Non-free RTL8192 firmware possibly packaged in 
main'.
> severity -1 normal
Bug #882369 [src:linux] rtl8192cu: Misleading firmware log messages
Severity set to 'normal' from 'serious'

-- 
882369: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882369
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#882369: linux-image-4.9.0-4-amd64: Non-free RTL8192 firmware possibly packaged in main

[Ben Hutchings]

Control: retitle -1 rtl8192cu: Misleading firmware log messages
Control: severity -1 normal

On Tue, 2017-11-21 at 12:55 -0800, Alyssa Rosenzweig wrote:
> Package: src:linux
> Version: 4.9.51-1
> Severity: serious
> Justification: Policy 2.1.2
> 
> Is rtl8192cu supposed to work under Debian Stretch without the non-free
> repositories enabled?
> 
> https://en.wikipedia.org/wiki/Comparison_of_open-source_wireless_drivers seems
> pretty clear that this device should require nonfree firmware loaded. Thus, it
> appears there may be an isuse with kernel deblobbing, seeing as the adaptor is
> functioning normally under a supposedly fully free system.
> 
> I am worried there may be non-DFSG compliant firmware packaged in main.
[...]

There isn't, at least not in this instance.  The log messages are a
little misleading.

Ben.

-- 
Ben Hutchings
Beware of programmers who carry screwdrivers. - Leonard Brandwein



signature.asc
Description: This is a digitally signed message part

Bug#882387: totally kaput on i386

[積丹尼 Dan Jacobson]

Package: libwebkit2gtk-4.0-37
Version: 2.19.2-1
Severity: grave

Cannot browse anything on i386.
The browser just loops, eating CPU.

Downgrading
-ii  libjavascriptcoregtk-4.0-18  2.19.2-1
+ii  libjavascriptcoregtk-4.0-18  2.19.1-1

-ii  libwebkit2gtk-4.0-37 2.19.2-1
+ii  libwebkit2gtk-4.0-37 2.19.1-1

-ii  libwebkit2gtk-4.0-37-gtk2  2.19.2-1
+ii  libwebkit2gtk-4.0-37-gtk2  2.19.1-1
fixes it. Tried even browsing local .txt files using epiphany and
webkit2gtk-4.0/MiniBrowser .

Bug#882272: marked as done (libc6:amd64: upgrade of libc6:amd64 + libc6:i386 + libc6-i686 breaks system)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 23:39:24 +
with message-id 
and subject line Bug#882272: fixed in glibc 2.25-2
has caused the Debian Bug report #882272,
regarding libc6:amd64: upgrade of libc6:amd64 + libc6:i386 + libc6-i686 breaks 
system
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
882272: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882272
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libc6
Version: 2.24-11+deb9u1
Severity: critical
Justification: breaks the whole system


Upgrade of glibc packages from jessie to stretch versions failed
resulting in most programs (presumably all non-static 32-bit ones) to
segfault on start. I believe the following happend:
1. libc6:i386 and libc6:amd64 2.24-11+deb9u1 were unpacked,
/etc/ld.so.nohwcap was created by preinst scripts.
2. postinst of libc6:amd64 started running and removed
/etc/ld.so.nohwcap (as $hwcappkgs is empty for amd64).
3. As libc6-i686 2.19-18+deb8u10 was still installed most applications
started segfaulting (including most essential ones).

Unfortunately, I did not have any root shell open, and while
export LD_HWCAP_MASK=0
workaround worked on many applications, it had no effect on setuid
programs (like su and sudo). I had to resolve the problem by rebooting
system with break=init argument and running
touch /root/etc/ld.so.nohwcap
from initramfs shell (and later calling
dpkg --purge libc6-i686
before finishing upgrade of libc6:amd64).

This probably should be fixed by replacing

case ${DPKG_MAINTSCRIPT_ARCH} in
alpha)
hwcappkgs="libc6-alphaev67"
;;
i386)
hwcappkgs="libc6-i686 libc6-xen"
;;
kfreebsd-i386)
hwcappkgs="libc0.1-i686"
;;
esac

with something like

hwcappkgs="libc6-alphaev67 libc6-i686 libc6-xen libc0.1-i686"

or

hwcappkgs="libc6.1-alphaev67:alpha libc6-i686:i386 libc6-xen:i386 
libc0.1-i686:kfreebsd-i386"

in debian/script.in/nohwcap.sh.


sghpc% sudo apt upgrade
Чтение списков пакетов… Готово
Построение дерева зависимостей   
Чтение информации о состоянии… Готово
Расчёт обновлений…Следующие пакеты устанавливались автоматически и больше не 
требуются:
  aumix aumix-common bzip2-doc gdb-doc libc6-i686 
linux-image-3.16.0-4-amd64:amd64 linux-image-4.9.0-3-amd64-dbg:amd64
  python-networkx python-pygraphviz python-skimage python-skimage-lib
Для их удаления используйте «apt-get autoremove».
Готово
НОВЫЕ пакеты, которые будут установлены:
  libc-l10n
Пакеты, которые будут оставлены в неизменном виде:
  geeqie geeqie-common geeqie-dbg
Пакеты, которые будут обновлены:
  glibc-doc libc-bin libc-dev-bin libc6 libc6:amd64 libc6-dbg libc6-dbg:amd64 
libc6-dev libc6-i686 locales locales-all
  multiarch-support
обновлено 12, установлено 1 новых пакетов, для удаления отмечено 0 пакетов, и 3 
пакетов не обновлено.
Необходимо скачать 0 B/44,6 MB архивов.
После данной операции, объём занятого дискового пространства уменьшится на 9 
642 kB.
Хотите продолжить? [Д/н] 
Чтение журнала изменений... Выполнено 
apt-listchanges: Хотите продолжить? [Y/n] 
apt-listchanges: Отправка почты root: apt-listchanges: журнал изменений sghpc
apt-listchanges: Отправка почты root: apt-listchanges: новости о sghpc
Предварительная настройка пакетов ...
(Чтение базы данных … на данный момент установлено 803482 файла и каталога.)
Подготовка к распаковке …/locales_2.24-11+deb9u1_all.deb …
Распаковывается locales (2.24-11+deb9u1) на замену (2.19-18+deb8u10) …
Выбор ранее не выбранного пакета libc-l10n.
Подготовка к распаковке …/libc-l10n_2.24-11+deb9u1_all.deb …
Распаковывается libc-l10n (2.24-11+deb9u1) …
Подготовка к распаковке …/locales-all_2.24-11+deb9u1_i386.deb …
Распаковывается locales-all (2.24-11+deb9u1) на замену (2.19-18+deb8u10) …
Подготовка к распаковке …/libc6_2.24-11+deb9u1_i386.deb …
Деконфигурируется libc6:amd64 (2.19-18+deb8u10) …
Checking for services that may need to be restarted...
Checking init 
scripts...##.]
 
Распаковывается libc6:i386 (2.24-11+deb9u1) на замену (2.19-18+deb8u10) …
Подготовка к распаковке …/libc6_2.24-11+deb9u1_amd64.deb 
….] 
Checking for services that may need to be 
restarted]
 
Checking init scripts...
Распаковывается libc6:amd64 (2.24-11+deb9u1) на замену (2.19-18+deb8u10) …
Настраивается 

Bug#882323: marked as done (clamav-freshclam: fails to upgrade)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 23:34:30 +
with message-id 
and subject line Bug#882323: fixed in clamav 0.99.3~beta1+dfsg-4
has caused the Debian Bug report #882323,
regarding clamav-freshclam: fails to upgrade
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
882323: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882323
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: clamav-freshclam
Version: 0.99.3~beta1+dfsg-3
Severity: grave
Justification: renders package unusable

Hi.

With the lastest version the package fails to upgrade:
Setting up clamav-freshclam (0.99.3~beta1+dfsg-3) ...
To check for updates more often than hourly, please run freshclam as a daemon.
Replacing config file /etc/cron.d/clamav-freshclam with new version
Starting database update: 
ClamAV update process started at Tue Nov 21 14:20:13 2017
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.99.3-beta1 Recommended version: 0.99.2
DON'T PANIC! Read http://www.clamav.net/documents/upgrading-clamav
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: 
sigmgr)
daily.cld is up to date (version: 24060, sigs: 1785895, f-level: 63, builder: 
neo)
bytecode.cld is up to date (version: 318, sigs: 75, f-level: 63, builder: 
raynman)
dpkg: error processing package clamav-freshclam (--configure):
 installed clamav-freshclam package post-installation script subprocess 
returned error exit status 1
dpkg: dependency problems prevent configuration of clamav:
 clamav depends on clamav-freshclam (>= 0.99.3~beta1+dfsg) | clamav-data; 
however:
  Package clamav-freshclam is not configured yet.
  Package clamav-data is not installed.
  Package clamav-freshclam which provides clamav-data is not configured yet.

dpkg: error processing package clamav (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 clamav-freshclam
 clamav


Cheers,
Chris.



-- Package-specific info:
--- configuration ---
#Automatically Generated by clamav-base postinst
#To reconfigure clamd run #dpkg-reconfigure clamav-base
#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket true
LocalSocketGroup clamav
LocalSocketMode 666
# TemporaryDirectory is not set to its default /tmp here to make overriding
# the default with environment variables TMPDIR/TMP/TEMP possible
User clamav
AllowSupplementaryGroups true
ScanMail true
ScanArchive true
ArchiveBlockEncrypted false
MaxDirectoryRecursion 15
FollowDirectorySymlinks false
FollowFileSymlinks false
ReadTimeout 180
MaxThreads 12
MaxConnectionQueueLength 15
LogSyslog false
LogRotate true
LogFacility LOG_LOCAL6
LogClean false
LogVerbose false
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/lib/clamav
SelfCheck 3600
Foreground false
Debug false
ScanPE true
MaxEmbeddedPE 10M
ScanOLE2 true
ScanHTML true
MaxHTMLNormalize 10M
MaxHTMLNoTags 2M
MaxScriptNormalize 5M
MaxZipTypeRcg 1M
ScanSWF true
DetectBrokenExecutables false
ExitOnOOM false
LeaveTemporaryFiles false
AlgorithmicDetection true
ScanELF true
IdleTimeout 30
PhishingSignatures true
PhishingScanURLs true
PhishingAlwaysBlockSSLMismatch false
PhishingAlwaysBlockCloak false
DetectPUA false
ScanPartialMessages false
HeuristicScanPrecedence false
StructuredDataDetection false
CommandReadTimeout 5
SendBufTimeout 200
MaxQueue 100
ExtendedDetectionInfo true
OLE2BlockMacros false
ScanOnAccess false
AllowAllMatchScan true
ForceToDisk false
DisableCertCheck false
StreamMaxLength 10M
LogFile /var/log/clamav/clamav.log
LogTime true
LogFileUnlock false
LogFileMaxSize 0
Bytecode false
OfficialDatabaseOnly false
CrossFilesystems true
# Automatically created by the clamav-freshclam postinst
# Comments will get lost when you reconfigure the clamav-freshclam package

DatabaseOwner clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogVerbose false
LogSyslog false
LogFacility LOG_LOCAL6
LogFileMaxSize 0
LogRotate true
LogTime true
Foreground false
Debug false
MaxAttempts 5
DatabaseDirectory /var/lib/clamav
DNSDatabaseInfo current.cvd.clamav.net
ConnectTimeout 30
ReceiveTimeout 30
TestDatabases yes
ScriptedUpdates yes
CompressLocalDatabase no
SafeBrowsing false
Bytecode true
DatabaseMirror db.local.clamav.net
DatabaseMirror database.clamav.net

--- data dir ---
total 240520
-rw-r--r-- 1 clamav clamav766976 Nov  7 20:18 bytecode.cld
drwxr-xr-x 1 clamav clamav 0 Jun 27  2010 
clamav-19b464beab60829e7016d00d5df2fd5b
drwxr-xr-x 1 clamav clamav   282 Jun 24  2008 

Bug#882323: [Pkg-clamav-devel] Bug#882323: clamav-freshclam: fails to upgrade

[Sebastian Andrzej Siewior]

On 2017-11-21 14:21:32 [+0100], Christoph Anton Mitterer wrote:
> Hi.
Hi,

> With the lastest version the package fails to upgrade:
sorry for that. Not sure why I didn't catch this during testing. Fix is
comming… This is mostly a note to myself that I need to ping the systemd
people and figure out if this is a update-rc.d bug or not.

Sebastian

Bug#882272: marked as pending

[Aurelien Jarno]

tag 882272 pending
thanks

Hello,

Bug #882272 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

https://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?id=802190a

---
commit 802190a104e14e5c79755720dcb42ad2025d4ecf
Author: Aurelien Jarno 
Date:   Wed Nov 22 00:13:48 2017 +0100

debian/script.in/nohwcap.sh: always check for all optimized packages as 
multiarch allows one to install foreign architectures.  Closes: #882272.

diff --git a/debian/changelog b/debian/changelog
index 1b70c9d..bfa64ad 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -13,6 +13,9 @@ glibc (2.25-2) UNRELEASED; urgency=medium
   * debian/patches/git-updates.diff: update from upstream stable branch:
 - Don't use IFUNC resolver for longjmp or system in libpthread.
   Closes: #882336.
+  * debian/script.in/nohwcap.sh: always check for all optimized packages
+as multiarch allows one to install foreign architectures.  Closes:
+#882272.
 
   [ YunQiang Su ]
   * Add symbol files for mipsn32 and mips64.

Bug#882272: marked as pending

[Aurelien Jarno]

tag 882272 pending
thanks

Hello,

Bug #882272 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:

https://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?id=89f27be

---
commit 89f27bec7719f53c7f161d7a72e2d793569b64d4
Author: Aurelien Jarno 
Date:   Tue Nov 21 22:22:50 2017 +0100

debian/script.in/nohwcap.sh: always check for all optimized packages as 
multiarch allows one to install foreign architectures.  Closes: #882272.

diff --git a/debian/changelog b/debian/changelog
index 239aacd..cb182fb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -24,6 +24,9 @@ glibc (2.24-11+deb9u2) UNRELEASED; urgency=medium
 - Fix invalid cast in group merging affecting ppc64 and s390x.
 - Define collation for Malayalam chillu characters.
 - Correct collation of U+0D36 and U+0D37 Malayalam characters.
+  * debian/script.in/nohwcap.sh: always check for all optimized packages
+as multiarch allows one to install foreign architectures.  Closes:
+#882272.
 
   [ Santiago Vila ]
   * debian/debhelper.in/libc-bin.postinst: do not update /etc/nsswitch.conf

Processed: Bug#882272 marked as pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 882272 pending
Bug #882272 [libc6] libc6:amd64: upgrade of libc6:amd64 + libc6:i386 + 
libc6-i686 breaks system
Ignoring request to alter tags of bug #882272 to the same tags previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
882272: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882272
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Bug#882272 marked as pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 882272 pending
Bug #882272 [libc6] libc6:amd64: upgrade of libc6:amd64 + libc6:i386 + 
libc6-i686 breaks system
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
882272: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882272
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#882314: marked as pending

[Ondřej Nový]

tag 882314 pending
thanks

Hello,

Bug #882314 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:


https://anonscm.debian.org/cgit/openstack/services/swauth.git/commit/?id=9ec605f

---
commit 9ec605f11b6a5cce2abe23caf915b9a4b0d8e06c
Author: Ondřej Nový 
Date:   Tue Nov 21 12:21:49 2017 +0100

Hash token before storing it in Swift (CVE-2017-16613, Closes: #882314)

diff --git a/debian/changelog b/debian/changelog
index c6ee0e0..22080df 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,6 @@
-swauth (1.2.0-4) UNRELEASED; urgency=medium
+swauth (1.2.0-4) UNRELEASED; urgency=high
 
+  [ Daniel Baumann ]
   * Updating vcs fields.
   * Updating copyright format url.
   * Updating maintainer field.
@@ -8,6 +9,10 @@ swauth (1.2.0-4) UNRELEASED; urgency=medium
 developers dotfiles.
   * Updating standards version to 4.1.0.
 
+  [ Ondřej Nový ]
+  * Hash token before storing it in Swift
+(CVE-2017-16613, Closes: #882314)
+
  -- Daniel Baumann   Fri, 04 Aug 2017 
22:26:33 +0200
 
 swauth (1.2.0-3) unstable; urgency=medium

Processed: Bug#882314 marked as pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 882314 pending
Bug #882314 {Done: Ondřej Nový } [src:swauth] swauth: Swift 
object/proxy server writing swauth Auth Token to log file (CVE-2017-16613)
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
882314: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882314
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#863568: marked as done (cfengine3: Please migrate to openssl1.1 in Buster)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 22:34:09 +
with message-id 
and subject line Bug#863568: fixed in cfengine3 3.10.2-2
has caused the Debian Bug report #863568,
regarding cfengine3: Please migrate to openssl1.1 in Buster
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863568: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863568
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: cfengine3
Version: 3.9.1-4.2
Severity: important
Tags: sid buster
User: pkg-openssl-de...@lists.alioth.debian.org
Usertags: openssl-1.1-trans

Please migrate to libssl-dev in the Buster cycle.

Sebastian
--- End Message ---
--- Begin Message ---
Source: cfengine3
Source-Version: 3.10.2-2

We believe that the bug you reported is fixed in the latest version of
cfengine3, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 863...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Antonio Radici  (supplier of updated cfengine3 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 21 Nov 2017 22:05:33 +
Source: cfengine3
Binary: cfengine3 cfengine3-dbg libpromises3
Architecture: source
Version: 3.10.2-2
Distribution: unstable
Urgency: medium
Maintainer: Antonio Radici 
Changed-By: Antonio Radici 
Description:
 cfengine3  - tool for configuring and maintaining network machines
 cfengine3-dbg - debugging symbols for cfengine3
 libpromises3 - libpromises library for cfengine3 binaries
Closes: 863568
Changes:
 cfengine3 (3.10.2-2) unstable; urgency=medium
 .
   * debian/control: removed any dependency fron libssl-* which is not
 libssl-dev (Closes: 863568)
Checksums-Sha1:
 91284238ba6888b28c5f5e184ee2370db94fe5a7 2460 cfengine3_3.10.2-2.dsc
 db83a38877b705f809d2f6d0157ca0b41f3e643b 27388 cfengine3_3.10.2-2.debian.tar.xz
 92827c08f10f164f45321721883626fcebf0509f 7948 
cfengine3_3.10.2-2_amd64.buildinfo
Checksums-Sha256:
 17c36bbfac8340d6b5545c7f672d123c4ff6beb8d7fa54db46540301cbf6635e 2460 
cfengine3_3.10.2-2.dsc
 da81eed49dce0ca6fc24c377e4ad0154b5731950134967c2a0dc1dd1fc7b863d 27388 
cfengine3_3.10.2-2.debian.tar.xz
 579a2f8c0457b46bd5eb63b723a8dd531121276dba7d6e24a39cb2219f120227 7948 
cfengine3_3.10.2-2_amd64.buildinfo
Files:
 aff1ea0b18298b8e868c39109d03820a 2460 admin optional cfengine3_3.10.2-2.dsc
 2f9e3ad4c35add3bf1aaa6cc675ee0c1 27388 admin optional 
cfengine3_3.10.2-2.debian.tar.xz
 901fefff6202927a286ffeaea59547f9 7948 admin optional 
cfengine3_3.10.2-2_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQJHBAEBCAAxFiEEQObYrBkA1SRrfOa1NcjIiHLLHu0FAloUpvYTHGFudG9uaW9A
ZGViaWFuLm9yZwAKCRA1yMiIcsse7TwFD/0Y4A/ik1BAWqP8C37yh4XihIegO7LA
QKZ1vQXpmwqOec58N9IoszWk7c0EcKddNiw7jq8mxjd9Cd8k1AQ9gcmNATVgdlaE
5CMriS1cmVxB1RNKE2J43f7znPufb13SNr+Q3NUzEO4+F7p0ofxSoP2YoaZQvaV1
8bkLnJFDIZmyVtrxFWbxchJ7Xb9Fnh0bsZPeCjfIYTUnyKiM1wMS+tAzdojBQB+O
9mAFfhthX3xV0MM3ueURLQEhBI6piOWIsG2VtrpOtYiSDyb2BfGg2x1mNTuJo5ux
X4XcgrtN/NQA1gMmlIrOKbrIr/EEo+m3Ib6dVNEFyMnn2LWmD8X0R39k1hicRx3/
BiT2SuDwUmieAj3djr+3aKAxK+h/1Q5zLez8O7k9ogBM16pRH23CDxU8VCk64CS+
REp/FYhdPS0xNARQaIWHmJ3DltGCFaN/ZJNIGLGAyJv1Q78G8qMCKszipxqHpUQu
lIIITlOYCpSIfzJa1+wwXW1132DRGahe6sRT3V/T1TTzrgFYl6W2utygtmoLmKoL
8RM0TspT99uHFT+eYosX+7Jkro9m7vupXDIcHbHZGOBT0ypPqa+HzLyR6FFfuDdY
PH5tKmPVJznE7tKUZbJaCsRfPENlUWMPxMaePfBl39/g8CWuHjkxskNczjeyUMU3
PE3kN5292S5cZg==
=z7SU
-END PGP SIGNATURE End Message ---

Bug#882377: pupnp-1.8: version 1.8.3 breaks the ABI

[James Cowgill]

Source: pupnp-1.8
Version: 1:1.8.3-1
Severity: serious
Control: forwarded -1 https://github.com/mrjimenez/pupnp/issues/57

There is a known ABI break in 1.8.3 with the UpnpAddVirtualDir API (see
above github issue). This should be resolved before 1.8.3 is uploaded to
unstable.

James



signature.asc
Description: OpenPGP digital signature

Processed: pupnp-1.8: version 1.8.3 breaks the ABI

[Debian Bug Tracking System]

Processing control commands:

> forwarded -1 https://github.com/mrjimenez/pupnp/issues/57
Bug #882377 [src:pupnp-1.8] pupnp-1.8: version 1.8.3 breaks the ABI
Set Bug forwarded-to-address to 'https://github.com/mrjimenez/pupnp/issues/57'.

-- 
882377: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882377
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: affects 881898

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> affects 881898 src:apr-util src:asterisk src:dovecot src:exim4 src:gammu 
> src:gdal src:gnunet src:gnustep-sqlclient src:grass src:jabberd2 src:kamailio 
> src:kdb src:kopanocore src:mailutils src:mysql-connector-c++ src:pike7.8 
> src:pmacct src:poco src:qtbase-opensource-src src:sope src:vtk6 src:zabbix
Bug #881898 [src:mariadb-10.1] mariadb-10.1: Uploads rejected by dak, blocking 
testing migration of mariadb-10.1 and its reverse dependencies
Added indication that 881898 affects src:apr-util, src:asterisk, src:dovecot, 
src:exim4, src:gammu, src:gnunet, src:gnustep-sqlclient, src:grass, 
src:jabberd2, src:kamailio, src:kdb, src:kopanocore, src:mailutils, 
src:mysql-connector-c++, src:pike7.8, src:pmacct, src:poco, src:sope, src:vtk6, 
and src:zabbix
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
881898: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881898
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#858386: marked as done (autobahn-cpp: Please migrate to openssl1.1 in Buster)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 21:33:51 +
with message-id 
and subject line Bug#858386: fixed in autobahn-cpp 17.5.1+git7cc5d37-1
has caused the Debian Bug report #858386,
regarding autobahn-cpp: Please migrate to openssl1.1 in Buster
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
858386: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858386
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: autobahn-cpp
Version: 0.2.1-2
Severity: important
Tags: sid buster
User: pkg-openssl-de...@lists.alioth.debian.org
Usertag: openssl-1.1-trans

Please migrate to libssl-dev in the Buster cycle.

Sebastian
--- End Message ---
--- Begin Message ---
Source: autobahn-cpp
Source-Version: 17.5.1+git7cc5d37-1

We believe that the bug you reported is fixed in the latest version of
autobahn-cpp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 858...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Konstantinos Margaritis  (supplier of updated autobahn-cpp 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 21 Nov 2017 15:32:36 +0200
Source: autobahn-cpp
Binary: autobahn-cpp-dev autobahn-cpp-doc
Architecture: source all
Version: 17.5.1+git7cc5d37-1
Distribution: unstable
Urgency: medium
Maintainer: Konstantinos Margaritis 
Changed-By: Konstantinos Margaritis 
Description:
 autobahn-cpp-dev - WAMP in C++ for Boost/Asio - development headers
 autobahn-cpp-doc - WAMP in C++ for Boost/Asio - examples
Closes: 855284 858386
Changes:
 autobahn-cpp (17.5.1+git7cc5d37-1) unstable; urgency=medium
 .
   * New upstream version
   * Move to OpenSSL 1.1 (Closes: #858386)
   * Improve description (Closes: #855284)
Checksums-Sha1:
 ce57444b98a3f4af09374c5216e3c073431ad203 2201 
autobahn-cpp_17.5.1+git7cc5d37-1.dsc
 46491323d21095b0f97331459aca49eb2bc7953a 63344 
autobahn-cpp_17.5.1+git7cc5d37.orig.tar.xz
 1f2be76d25934ca6d9ad7af7f78da9691035824e 2960 
autobahn-cpp_17.5.1+git7cc5d37-1.debian.tar.xz
 5e1cdade7630cf2f0e4f1864e3ff9be7a7c9619f 30452 
autobahn-cpp-dev_17.5.1+git7cc5d37-1_all.deb
 d71711f132a4e7ce26183e0df48aee74062fbeb4 40708 
autobahn-cpp-doc_17.5.1+git7cc5d37-1_all.deb
 88d87f7c86c3f53a7ec7ebe5f49257625cfd31cc 8279 
autobahn-cpp_17.5.1+git7cc5d37-1_amd64.buildinfo
Checksums-Sha256:
 825684dfec8f188b4772294236cac1b2b720273d65ac13d7a8299e22ad39af52 2201 
autobahn-cpp_17.5.1+git7cc5d37-1.dsc
 6336aa68e869e32b1c2e923b0fb73a90c52bca829e4c87a6ee0fd758300b462c 63344 
autobahn-cpp_17.5.1+git7cc5d37.orig.tar.xz
 3c9de121d01076e6e1198df0ba0c391ec9fc8ba425193aa7d41b9b78918ebeba 2960 
autobahn-cpp_17.5.1+git7cc5d37-1.debian.tar.xz
 9fde81708a1202b6f96cee894b26610396fe05bd938c2bca1f80e114f4ea 30452 
autobahn-cpp-dev_17.5.1+git7cc5d37-1_all.deb
 5a4678ae5dafb981879ac53fb778bb49c72428d303110e61da10bd25743dd57d 40708 
autobahn-cpp-doc_17.5.1+git7cc5d37-1_all.deb
 25079bd53506353f1a20d324ad5ee4988d6a43fec3f2d9138847a4f7a52b6fc8 8279 
autobahn-cpp_17.5.1+git7cc5d37-1_amd64.buildinfo
Files:
 a1f6992deac4f5d99196dc643f705e48 2201 libs optional 
autobahn-cpp_17.5.1+git7cc5d37-1.dsc
 79bc9a9467e10fdf43ea69a9268945d9 63344 libs optional 
autobahn-cpp_17.5.1+git7cc5d37.orig.tar.xz
 ba23bc0281ef8b5727e785ae778060ac 2960 libs optional 
autobahn-cpp_17.5.1+git7cc5d37-1.debian.tar.xz
 01a063e3648ad8221205efb862cba9d5 30452 libdevel optional 
autobahn-cpp-dev_17.5.1+git7cc5d37-1_all.deb
 e6c9ff8e6dd82d468de628dd24e4875b 40708 doc optional 
autobahn-cpp-doc_17.5.1+git7cc5d37-1_all.deb
 1327d8abb9d75e494c67e1c70966ad8c 8279 libs optional 
autobahn-cpp_17.5.1+git7cc5d37-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEP8Nzkf7N08tVAXEhZgYCf2Q3EkwFAloUlkQACgkQZgYCf2Q3
EkzuYQ//Y+IDfJ32wzmA9YyXjR/TkON+VzbypkBlsdad/94CaNZzD6y/Lr3QBZ7G
ggIH8GLGxvehUyyhGeBAlrUxx1iQhFWj1LT5wZE1ua9/9e6Adm1XsqpmS82cU0Xk
2ipKKkuUJJtL9WJ7qCiF+svuKpgfC7t2762bgKU2XfkLNA5Mdy8yiBNu74TGUhPU
r1AVFCgxiwYL/V0sJn3Cp23DjREyflYN2lDXuW1T0nVR0KxDlnz8G8NcbkjOyGGA
fJPq1Qhz5aIFWgO18rvpghdmE2KJ8SD72zxomwrZCzTaOd1zfvl60oJZUCeO54L2

Bug#882372: ohcount: Command injection through file names

[Jonathan Neuschäfer]

Package: ohcount
Version: 3.0.0-8.3
Severity: grave
Tags: upstream security
Justification: user security hole

When ohcount tries to determine the type of a file with a specially
crafted name, it can execute arbitrary shell commands through improper
quoting. Details below.

## PoC

> $ echo hi > "test'\$(touch proof)'"
> $ ls
> test'$(touch proof)'
> $ ohcount .
> Examining 2 file(s)
> 
>   Ohloh Line Count Summary
> 
> Language  Files   CodeComment  Comment %  Blank  Total
>   -  -  -  -  -  -
>   -  -  -  -  -  -
> Total 0  0  0   0.0%  0  0
> $ ls
> proof  test'$(touch proof)'


## How does it work?

I haven't read the source, so I can't point at the vulnerable line, but here's
a snippet of strace output (trimmed and indented for readability):

Processes:
26767: ohcount .
  26773: sh -c "file -b './test'$(touch proof)''"
26776: touch proof
26782: file -b ./test
  26791: sh -c "file -b '.'"
26797 file -b .


26767 execve("/usr/bin/ohcount", ["ohcount", "."], [/* 52 vars */]) = 0
26767 write(1, "Examining 2 file(s)\n", 20) = 20
26767 open("./test'$(touch proof)'", O_RDONLY) = 3
26767 fstat(3, {st_mode=S_IFREG|0640, st_size=3, ...}) = 0
26767 read(3, "hi\n", 3)= 3
26767 access("./test'$(touch proof)'", F_OK) = 0
26767 pipe2([3, 4], O_CLOEXEC)  = 0
26767 clone(child_stack=NULL, 
flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, 
child_tidptr=0x7f31736e69d0) = 26773
  26773 execve("/bin/sh", ["sh", "-c", "file -b './test'$(touch proof)''"], [/* 
52 vars */]) = 0
  26773 clone(child_stack=NULL, 
flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, 
child_tidptr=0x7f601329d9d0) = 26776
26776 stat("/usr/bin/touch", {st_mode=S_IFREG|0755, st_size=93160, ...}) = 0
26776 execve("/usr/bin/touch", ["touch", "proof"], [/* 52 vars */]) = 0
26776 open("proof", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 0666) = 3
26776 exit_group(0) = ?
26776 +++ exited with 0 +++
  26773 <... wait4 resumed> [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], 0, NULL) = 
26776
  26773 stat("/usr/bin/file", {st_mode=S_IFREG|0755, st_size=22792, ...}) = 0
  26773 clone(child_stack=NULL, 
flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, 
child_tidptr=0x7f601329d9d0) = 26782
  26773 wait4(-1,  
26782 execve("/usr/bin/file", ["file", "-b", "./test"], [/* 52 vars */]) = 0
26782 lstat("./test", 0x7ffc9809f660)   = -1 ENOENT (No such file or 
directory)
26782 stat("./test", 0x7ffc9809f660)= -1 ENOENT (No such file or 
directory)
26782 open("./test", O_RDONLY)  = -1 ENOENT (No such file or 
directory)
26782 write(1, "cannot open `./test' (No such fi"..., 49 ) = 49
26782 exit_group(0) = ?
26782 +++ exited with 0 +++
  26773 exit_group(0) = ?
  26773 +++ exited with 0 +++
26767 open(".", O_RDONLY)   = 3
26767 fstat(3, {st_mode=S_IFDIR|0751, st_size=4096, ...}) = 0
26767 fstat(3, {st_mode=S_IFDIR|0751, st_size=4096, ...}) = 0
26767 lseek(3, 0, SEEK_END) = 9223372036854775807
26767 lseek(3, 0, SEEK_SET) = 0
26767 read(3, 0x56315aaed880, 18446744073709547520) = -1 EFAULT (Bad address)
26767 close(3)  = 0
26767 access(".", F_OK) = 0
26767 pipe2([3, 4], O_CLOEXEC)  = 0
26767 clone(child_stack=NULL, 
flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, 
child_tidptr=0x7f31736e69d0) = 26791
  26791 execve("/bin/sh", ["sh", "-c", "file -b '.'"], [/* 52 vars */]) = 0
  26791 stat("/usr/bin/file", {st_mode=S_IFREG|0755, st_size=22792, ...}) = 0
  26791 clone(child_stack=NULL, 
flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, 
child_tidptr=0x7fb58ec689d0) = 26797
26797 execve("/usr/bin/file", ["file", "-b", "."], [/* 52 vars */]) = 0
26797 lstat(".", {st_mode=S_IFDIR|0751, st_size=4096, ...}) = 0
26797 write(1, "directory\n", 10 
26797 exit_group(0) = ?
26797 +++ exited with 0 +++
  26791 exit_group(0) = ?
  26791 +++ exited with 0 +++
26767 write(1, "\n  Ohloh"..., 79) = 79
26767 write(1, "Language  Files   Co"..., 158) = 158
26767 write(1, "  -  ---"..., 79) = 79
26767 write(1, "Total 0 "..., 79) = 79
26767 exit_group(0) = ?
26767 +++ exited with 0 +++


## Disclosure, etc.

This is, AFAIK, a previously undisclosed vulnerability.

Salvatore Bonaccorso volunteered to request a CVE identifier for this
vulnerability.


-- System Information:
Debian Release: 9.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, mips, armhf, armel

Bug#880996: marked as done (ring: FTBFS on mips64el)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 22:09:35 +0100
with message-id <20171121210935.GA10033@jupiter>
and subject line Re: Bug#880996: ring: FTBFS on mips64el
has caused the Debian Bug report #880996,
regarding ring: FTBFS on mips64el
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
880996: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880996
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ring
Version: 20170912.1.912f772~dfsg1-2
Severity: serious
Tags: sid buster
Control: block 880355 by -1

ring FTBFS on mips64el during the libva transition:
| ../doltlibtool  --tag=CXX   --mode=link g++-6 -I../src 
-DDBUS_API_SUBJECT_TO_CHANGE -I/usr/include/dbus-c++-1 -I/usr/include/dbus-1.0 
-I/usr/lib/mips64el-linux-gnuabi64/dbus-1.0/include -I../src/dring 
-DTOP_BUILDDIR=\"$(cd ".."; pwd)\" -g -O2 -fdebug-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security 
-DMSGPACK_DEFAULT_API_VERSION=1 -DPJ_AUTOCONF=1  
-I/<>/daemon/contrib/mips64el-linux-gnuabi64/include  -Wl,-z,relro 
-Wl,-z,now -Wl,-Bsymbolic -ldl 
-L/<>/daemon/contrib/mips64el-linux-gnuabi64/lib -lcryptopp -o 
dring dring-main.o dbus/libclient_dbus.la -ldbus-c++-1 -ldbus-1 
../src/libring.la -lnatpmp -lboost_random -lboost_system -lgsm -lrestbed 
| libtool: link: g++-6 -I../src -DDBUS_API_SUBJECT_TO_CHANGE 
-I/usr/include/dbus-c++-1 -I/usr/include/dbus-1.0 
-I/usr/lib/mips64el-linux-gnuabi64/dbus-1.0/include -I../src/dring 
"-DTOP_BUILDDIR=\"/<>/daemon\"" -g -O2 
"-fdebug-prefix-map=/<>=." -fstack-protector-strong -Wformat 
-Werror=format-security -DMSGPACK_DEFAULT_API_VERSION=1 -DPJ_AUTOCONF=1 
"-I/<>/daemon/contrib/mips64el-linux-gnuabi64/include" -Wl,-z 
-Wl,relro -Wl,-z -Wl,now -Wl,-Bsymbolic -o dring dring-main.o  
-L/<>/daemon/contrib/mips64el-linux-gnuabi64/lib 
dbus/.libs/libclient_dbus.a -ldbus-c++-1 -ldbus-1 ../src/.libs/libring.a 
-lpjsua2-mips64el-unknown-linux-gnuabi64 
-lpjsua-mips64el-unknown-linux-gnuabi64 
-lpjsip-ua-mips64el-unknown-linux-gnuabi64 
-lpjsip-simple-mips64el-unknown-linux-gnuabi64 
-lpjsip-mips64el-unknown-linux-gnuabi64 
-lpjmedia-codec-mips64el-unknown-linux-gnuabi64 
-lpjmedia-videodev-mips64el-unknown-linux-gnuabi64 
-lpjmedia-audiodev-mips64el-unknown-linux-gnuabi64 
-lpjmedia-mips64el-unknown-linux-gnuabi64 
-lpjnath-mips64el-unknown-linux-gnuabi64 
-lpjlib-util-mips64el-unknown-linux-gnuabi64 
-lsrtp-mips64el-unknown-linux-gnuabi64 -lpj-mips64el-unknown-linux-gnuabi64 
-lopus -luuid -lpthread -lasound -lpulse -lsamplerate -lsndfile -lyaml-cpp 
-ljsoncpp -lupnp -lthreadutil -lixml -lopendht -lnettle -lgnutls -largon2 -lrt 
-lz -lpcre -lspeexdsp -L/usr/lib -ldl -lcryptopp -lavcodec -lavformat 
-lavdevice -lswscale -lavutil -ludev -lX11 -lvdpau -lva-drm -lva-x11 -lva 
-lnatpmp -lboost_random -lboost_system -lgsm -lrestbed -pthread
| ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
`ring::RingAccount::useIdentity(std::pair const&)':
| ./daemon/src/ringdht/ringaccount.cpp:845: undefined reference to 
`dht::Value::msgpack_unpack(msgpack::v1::object)'
| ./daemon/src/ringdht/ringaccount.cpp:845: undefined reference to 
`dht::Value::msgpack_unpack(msgpack::v1::object)'
| ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
`msgpack::v1::type::detail::convert_integer_sign::convert(msgpack::v1::object const&)':
| /usr/include/msgpack/v1/adaptor/int.hpp:46: undefined reference to 
`dht::unpackBlob(msgpack::v1::object&)'
| ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
`dht::IceCandidates::msgpack_unpack(msgpack::v1::object)':
| /usr/include/opendht/default_types.h:190: undefined reference to 
`dht::unpackBlob(msgpack::v1::object&)'
| ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
`msgpack::v1::type::detail::convert_integer_sign::convert(msgpack::v1::object const&)':
| /usr/include/msgpack/v1/adaptor/int.hpp:46: undefined reference to 
`dht::unpackBlob(msgpack::v1::object&)'
| ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
`dht::IceCandidates::msgpack_unpack(msgpack::v1::object)':
| /usr/include/opendht/default_types.h:190: undefined reference to 
`dht::unpackBlob(msgpack::v1::object&)'
| ../src/.libs/libring.a(libringacc_la-ringaccount.o): In function 
`msgpack::v1::type::detail::convert_integer_sign::convert(msgpack::v1::object const&)':
| /usr/include/msgpack/v1/adaptor/int.hpp:46: undefined reference to 
`dht::unpackBlob(msgpack::v1::object&)'
| 
../src/.libs/libring.a(libringacc_la-ringaccount.o):/usr/include/opendht/default_types.h:190:
 more undefined 

Bug#881291: marked as done (libdbd-sqlite3-perl FTBFS with libsqlite3-dev 3.21.0-1)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 21:06:55 +
with message-id 
and subject line Bug#881291: fixed in libdbd-sqlite3-perl 1.55~04-1
has caused the Debian Bug report #881291,
regarding libdbd-sqlite3-perl FTBFS with libsqlite3-dev 3.21.0-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
881291: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881291
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libdbd-sqlite3-perl
Version: 1.54-2
Severity: serious

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/libdbd-sqlite3-perl.html

...
Test Summary Report
---
t/virtual_table/rt_99748.t  (Wstat: 512 Tests: 24 
Failed: 1)
  Failed test:  24
  Non-zero exit status: 2
  Parse errors: Bad plan.  You planned 52 tests but ran 24.
Files=105, Tests=3555, 22 wallclock secs ( 0.81 usr  0.26 sys + 12.46 cusr  
1.88 csys = 15.41 CPU)
Result: FAIL
Failed 1/105 test programs. 1/3555 subtests failed.
Makefile:1078: recipe for target 'test_dynamic' failed
make[1]: *** [test_dynamic] Error 2
--- End Message ---
--- Begin Message ---
Source: libdbd-sqlite3-perl
Source-Version: 1.55~04-1

We believe that the bug you reported is fixed in the latest version of
libdbd-sqlite3-perl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 881...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Damyan Ivanov  (supplier of updated libdbd-sqlite3-perl 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 21 Nov 2017 20:05:06 +
Source: libdbd-sqlite3-perl
Binary: libdbd-sqlite3-perl
Architecture: source
Version: 1.55~04-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Perl Group 
Changed-By: Damyan Ivanov 
Closes: 881291
Description: 
 libdbd-sqlite3-perl - Perl DBI driver with a self-contained RDBMS
Changes:
 libdbd-sqlite3-perl (1.55~04-1) unstable; urgency=medium
 .
   * Team upload
 .
   [ Alex Muntada ]
   * Remove inactive pkg-perl members from Uploaders.
 .
   [ Damyan Ivanov ]
   * declare conformance with Policy 4.1.1 (no changes needed)
   * override a lintian warning about a typo in a binary
   * temporary allow development releases in debian/watch
   * New upstream version 1.55~04
 Closes: #881291 -- FTBFS with sqlite 3.21.0
Checksums-Sha1: 
 81e2079c0eea832a6ff0e03fe74d7745d89b9745 2264 libdbd-sqlite3-perl_1.55~04-1.dsc
 b5917568b83e7aedfabd439c798ad86279387ced 2223687 
libdbd-sqlite3-perl_1.55~04.orig.tar.gz
 20bbd33e94a2e95bf1afd55a4d484e838f041de1 10824 
libdbd-sqlite3-perl_1.55~04-1.debian.tar.xz
Checksums-Sha256: 
 6a0f74827f6a1752b0a3351cdc28397d910de367155b0da9600090b33b4b293b 2264 
libdbd-sqlite3-perl_1.55~04-1.dsc
 c2f124254194a7f17abc9e4a70fb680844f01eb74d8eaddfe45a6b97f3b76450 2223687 
libdbd-sqlite3-perl_1.55~04.orig.tar.gz
 a688c7ce03478da2d636b40c66b97eed537028f35bf87a435f39d53b80c2037b 10824 
libdbd-sqlite3-perl_1.55~04-1.debian.tar.xz
Files: 
 c83ca90f53f0fffab24400c14e917451 2264 perl optional 
libdbd-sqlite3-perl_1.55~04-1.dsc
 21e61fefe41699c07085dab42e616c3a 2223687 perl optional 
libdbd-sqlite3-perl_1.55~04.orig.tar.gz
 45f22e298a00a678aa5e68b3fdd61265 10824 perl optional 
libdbd-sqlite3-perl_1.55~04-1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEErqDETssFbpNjDZ0z276dTZnSoAQFAloUh6UACgkQ276dTZnS
oAQi/w//Z1AGe4GnYVusDZKzQl18P3eaHpSArSrI8xseV4bQ8iKjVgk2On8P/q+F
WNwc44h9PDWxd+jqZsv33EpwEWFyOHyLqtYjF2H38SAduTRWxy81RjEBZb5roMqF
p26+0gwakwH/eErCEhEhucfp65xCYAdPB8Vc+sq3dqzOY5XWCpA3enZbxDh3urXP
vDhZs/Zj8s7P1TdfsdFU/embkGlwdwt/08GWVDZRvYB9+DIVwg79ksikKtmYef7e
qqe7m8raRESJdd/ro59v8ny2mBEjVCupTuHO/4RepiXuhpid5dG+xpop5/GHOQsk
hfSJT+vxgfTiYZuUIfMne57ieQXseW3v7JnGlas6/XkAUj0zyg8qdzqQ84WP1roS
3AqrgUcVHjjAfsp2QK1WU1So1NUAf7cjcDM9jdtuCXieQH7x1cOXMlAQlA3DqCFY
lXaflWgLuO9h6/lZjhBHPyNI3KQpsv/R1VToXaT6yn8rw0TVIzm9mBonv24Wgk/H
2RTg/hnU/4MJmQ/ygv1E74Et2VZ6VE0yL/f1l5bIYL6SIAxDSGj3HEyZII51WKXK
XJdizq19QSJnQFqnmy4IIlCJXi5h3y/di0kRq22XRRuil05/Hbsa9FHUU3TWL0cv
9L1l8ZwG1CmCrnbDO3tKLxL25V9+UhPk0xMGlu4JDXuNLe9SEyo=

Bug#882370: otrs2: CVE-2017-16664: OSA-2017-07: privilege escalation

[Salvatore Bonaccorso]

Source: otrs2
Version: 3.3.9-1
Severity: grave
Tags: patch security upstream fixed-upstream

Hi,

the following vulnerability was published for otrs2.

CVE-2017-16664[0]:
| Code injection exists in Kernel/System/Spelling.pm in Open Ticket
| Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before
| 3.3.20. In the agent interface, an authenticated remote attackeer can
| execute shell commands as the webserver user via URL manipulation.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-16664
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16664
[1] 
https://www.otrs.com/security-advisory-2017-07-security-update-otrs-framework/

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#882369: linux-image-4.9.0-4-amd64: Non-free RTL8192 firmware possibly packaged in main

[Alyssa Rosenzweig]

Package: src:linux
Version: 4.9.51-1
Severity: serious
Justification: Policy 2.1.2

Is rtl8192cu supposed to work under Debian Stretch without the non-free
repositories enabled?

https://en.wikipedia.org/wiki/Comparison_of_open-source_wireless_drivers seems
pretty clear that this device should require nonfree firmware loaded. Thus, it
appears there may be an isuse with kernel deblobbing, seeing as the adaptor is
functioning normally under a supposedly fully free system.

I am worried there may be non-DFSG compliant firmware packaged in main.

Relevant dmesg logs, beginning when the adaptor is plugged in and ending when
it begins to connect to the Internet.  "Loading alternative firmware" is 
suspect.

[   30.339299] usb 1-1: new high-speed USB device number 7 using xhci_hcd
[   30.481064] usb 1-1: New USB device found, idVendor=0bda, idProduct=8176
[   30.481068] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   30.481070] usb 1-1: Product: 802.11n WLAN Adapter
[   30.481072] usb 1-1: Manufacturer: Realtek
[   30.481073] usb 1-1: SerialNumber: 00e04c01
[   30.499280] rtl8192cu: Chip version 0x10
[   30.528286] rtl8192cu: Board Type 0
[   30.528361] rtl_usb: rx_max_size 15360, rx_urb_num 8, in_ep 1
[   30.528408] rtl8192cu: Loading firmware rtlwifi/rtl8192cufw_TMSC.bin
[   30.528610] usb 1-1: firmware: failed to load rtlwifi/rtl8192cufw_TMSC.bin 
(-2)
[   30.528615] usb 1-1: Direct firmware load for rtlwifi/rtl8192cufw_TMSC.bin 
failed with error -2
[   30.528625] usb 1-1: firmware: failed to load rtlwifi/rtl8192cufw.bin (-2)
[   30.528628] usb 1-1: Direct firmware load for rtlwifi/rtl8192cufw.bin failed 
with error -2
[   30.528629] rtlwifi: Loading alternative firmware rtlwifi/rtl8192cufw.bin
[   30.532319] ieee80211 phy1: Selected rate control algorithm 'rtl_rc'
[   30.532615] usbcore: registered new interface driver rtl8192cu
[   30.556581] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready

** USB devices:
Bus 001 Device 007: ID 0bda:8176 Realtek Semiconductor Corp. RTL8188CUS 802.11n 
WLAN Adapter

-- System Information:
Debian Release: 9.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages linux-image-4.9.0-4-amd64 depends on:
ii  initramfs-tools [linux-initramfs-tool]  0.130
ii  kmod23-2
ii  linux-base  4.5

Versions of packages linux-image-4.9.0-4-amd64 recommends:
ii  firmware-linux-free  3.4
ii  irqbalance   1.1.0-2.3

Versions of packages linux-image-4.9.0-4-amd64 suggests:
pn  debian-kernel-handbook  
ii  grub-efi-amd64  2.02~beta3-5
pn  linux-doc-4.9   

Versions of packages linux-image-4.9.0-4-amd64 is related to:
pn  firmware-amd-graphics 
pn  firmware-atheros  
pn  firmware-bnx2 
pn  firmware-bnx2x
pn  firmware-brcm80211
pn  firmware-cavium   
pn  firmware-intel-sound  
pn  firmware-intelwimax   
pn  firmware-ipw2x00  
pn  firmware-ivtv 
pn  firmware-iwlwifi  
pn  firmware-libertas 
pn  firmware-linux-nonfree
pn  firmware-misc-nonfree 
pn  firmware-myricom  
pn  firmware-netxen   
pn  firmware-qlogic   
pn  firmware-realtek  
pn  firmware-samsung  
pn  firmware-siano
pn  firmware-ti-connectivity  
pn  xen-hypervisor

Bug#878883: marked as done (stoken FTBFS with libtomcrypt 1.18)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 19:19:31 +
with message-id 
and subject line Bug#878883: fixed in stoken 0.92-1
has caused the Debian Bug report #878883,
regarding stoken FTBFS with libtomcrypt 1.18
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
878883: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878883
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: stoken
Version: 0.91-1
Severity: serious
Tags: buster sid

https://buildd.debian.org/status/package.php?p=stoken=sid

...
src/stc-tomcrypt.c: In function 'stc_rsa_sha1_sign_digest':
src/stc-tomcrypt.c:193:9: error: 'LTC_LTC_PKCS_1_V1_5' undeclared (first use in 
this function); did you mean 'LTC_PKCS_1_V1_5'?
 LTC_LTC_PKCS_1_V1_5, NULL, 0,
 ^~~
 LTC_PKCS_1_V1_5
src/stc-tomcrypt.c:193:9: note: each undeclared identifier is reported only 
once for each function it appears in
Makefile:951: recipe for target 'src/libstoken_la-stc-tomcrypt.lo' failed
make[2]: *** [src/libstoken_la-stc-tomcrypt.lo] Error 1
--- End Message ---
--- Begin Message ---
Source: stoken
Source-Version: 0.92-1

We believe that the bug you reported is fixed in the latest version of
stoken, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 878...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Kevin Cernekee  (supplier of updated stoken package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 12 Nov 2017 08:45:20 -0800
Source: stoken
Binary: stoken libstoken1 libstoken-dev
Architecture: source
Version: 0.92-1
Distribution: unstable
Urgency: medium
Maintainer: Kevin Cernekee 
Changed-By: Kevin Cernekee 
Description:
 libstoken-dev - Software Token for cryptographic authentication - development 
fil
 libstoken1 - Software Token for cryptographic authentication - shared library
 stoken - Software Token for cryptographic authentication
Closes: 878883
Changes:
 stoken (0.92-1) unstable; urgency=medium
 .
   * Imported Upstream version 0.92 (Closes: #878883)
   * Bump Standards-Version to 4.1.1, no changes needed
Checksums-Sha1:
 c952fbc14aa370991a921860bb468fd5f68010de 1929 stoken_0.92-1.dsc
 5ced46c702bd15b8149ca30172c73afb35b9787f 425835 stoken_0.92.orig.tar.gz
 131e1288cf323e5fa76b3224ca2f2d05e44f30d6 7020 stoken_0.92-1.debian.tar.xz
 d1109512ebee0696ee5dbac5f1d975b505fc994c 14863 stoken_0.92-1_source.buildinfo
Checksums-Sha256:
 8769b350f4cbfadbe2e4af258d1d546814a519360dbe15d32d9e89bb9d726d05 1929 
stoken_0.92-1.dsc
 aa2b481b058e4caf068f7e747a2dcf5772bcbf278a4f89bc9efcbf82bcc9ef5a 425835 
stoken_0.92.orig.tar.gz
 625e58271267f13cf7ba47a25130063eb71cf090786122e37dca42e4165404d8 7020 
stoken_0.92-1.debian.tar.xz
 bc3943c621bef6fe7799d48555a68a30ae415979ab8dba7c219a33970ec6e6d7 14863 
stoken_0.92-1_source.buildinfo
Files:
 003455e84d5291eb398316b7bf3e2563 1929 utils optional stoken_0.92-1.dsc
 2b6d30cf0dfd7311794a54376c958cbc 425835 utils optional stoken_0.92.orig.tar.gz
 d790a577f24111ab07cd783f0cf03095 7020 utils optional 
stoken_0.92-1.debian.tar.xz
 46e7ca4aea11e3b3fae36dd71f7b50fd 14863 utils optional 
stoken_0.92-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIcBAEBCAAGBQJaFHqbAAoJEPNPCXROn13ZcMoP/1QrR/m5UUmZggabELmkdGLF
bUV+tnEq8Kf6CeN15YbAJnQpFyXrFcs5Z3xpS/tTeFAQx5NlM2XDahQYPeQJoC+J
dt6fym/r881/K41OA9wtGnBf04omefKJ2HIZ7ZXE5Fyrr/2j1JW3d0oQvtCigAJO
dJLEDwpLEpM4jFFWePU8E1tToqE3i/SEAvnqcMhzeEC5byRh6MwaTf1tdxPopkIw
oTNH7W74OFGsa06E7xlH/pfnDHo/G/rHgh2Ded7uXpin1PbLdBOMQ9pYBLhUqVdQ
SrIVe77b0hnNDSKutSYWhuAGVvQsfCbCq6J/SzplSE8wzNLF8tBtCwMgPlaqD5iO
iwDF0X8aWmuyRL9KFtz9uOJL5zLO2fUUT8+lcn7N4+3NH2NIMnXKgPqOJgTqpQq2
j0Q+Qi+AXLZHfNwRl89bdch8RNT9jKgr8bmoR58MxL5T0xji8jPPFfoPRXw3gVGI
w8Ins1CVXHB5f+tQO1jaQMtiOEi5HcfcCyWaqJQlSGrO8SKIctroznlEeJCih1qZ
PYvx8KPn+K+zPzaj9vfUlAv1nnrrTSUpgNrEc1W+SthDGhnUTihyzYs18mrlKfTb
IoC/yk4qiO4pfpIyXzDiwDTYboSqO093PGT6cgPgLSSSKJTeV/djkQYIWvcG874V
bBqPz2MmatJdBZzQyLWl
=KNS4
-END PGP SIGNATURE End Message ---

Bug#878883: marked as pending

[Gianfranco Costamagna]

On Tue, 21 Nov 2017 10:44:25 -0800 Kevin Cernekee  wrote:
> On Tue, Nov 21, 2017 at 10:37 AM, Gianfranco Costamagna
>  wrote:
> > On Sun, 12 Nov 2017 16:59:50 + Kevin Cernekee  
> > wrote:
> >> tag 878883 pending
> >> thanks
> >
> > Hello,
> >
> > ping?
> 
> I think the new package needs to be uploaded.  Could you please review?
> 
> 

and uploaded :)

thanks!

G.



signature.asc
Description: OpenPGP digital signature

Bug#882357: funtools: does not trap errors from make

[Helmut Grohne]

Source: funtools
Version: 1.4.7-1
Severity: serious
Justification: policy 4.6
Tags: upstream
User: helm...@debian.org
Usertags: rebootstrap

The Debian policy mandates that build errors cause the build to abort.
This is not the case for funtools' Makefile.in. In line 236 it executes
mklib and an error from that tool is ignored. The build will continue
even if that command fails. It turns out that it can fail for cross
compilation and the fact that errors aren't trapped makes such failures
unnecessarily difficult to debug and violates policy section 4.6.

Helmut

Bug#882356: cacti: fails to install properly

[Paul Gevers]

Package: cacti
Version: 1.1.28+ds1-1
Severity: serious
Tags: upstream
Justification: fails to install

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

cacti 1.1.28+ds-1 fails to install without errors as can be seen in the
autopkgtest¹:
populating database via sql...  error encountered populating database:
mysql said: ERROR 1227 (42000) at line 6: Access denied; you need (at least one 
of) the SUPER privilege(s) for this operation

I believe the issue is that Version 1.1.28 of cacti upstream includes a commit²
that adds the following sql command to the generation script:
SET GLOBAL sql_mode = 'NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION';

Let's block migration until the solution has been found.

Paul

¹ 
https://ci.debian.net/data/autopkgtest/unstable/amd64/c/cacti/20171121_034951/log.gz
² https://github.com/Cacti/cacti/commit/bf6f5c3a71b7a31d0224136dd4d60ee79928bf1f

- -- System Information:
Debian Release: buster/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (200, 'testing'), (50, 
'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.13.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages cacti depends on:
ii  dbconfig-common   2.0.9
ii  dbconfig-mysql2.0.9
ii  debconf [debconf-2.0] 1.5.65
ii  fonts-dejavu-core 2.37-1
ii  fonts-dejavu-extra2.37-1
ii  fonts-font-awesome4.7.0~dfsg-3
ii  javascript-common 11
ii  libapache2-mod-php1:7.0+56
ii  libapache2-mod-php7.0 [libapache2-mod-ph  7.0.25-1
ii  libjs-c3  0.4.11+dfsg-2
ii  libjs-chartjs 1.0.2-1
ii  libjs-d3  3.5.17-2
ii  libjs-jquery  3.2.1-1
ii  libjs-jquery-colorpicker  1.2.13-2
ii  libjs-jquery-cookie   12-1
ii  libjs-jquery-hotkeys  0~20130707+git2d51e3a9+dfsg-2
ii  libjs-jquery-jstree   3.3.4+dfsg1-2
ii  libjs-jquery-metadata 12-1
ii  libjs-jquery-tablesorter  1:2.29.0+dfsg1-1
ii  libjs-jquery-timepicker   1.2-1
ii  libjs-jquery-ui   1.12.1+dfsg-5
ii  libjs-jquery-ui-theme-smoothness  1.12.1+dfsg-1
ii  libjs-jquery-ui-theme-south-street1.12.1+dfsg-1
ii  libjs-jquery-ui-theme-ui-darkness 1.12.1+dfsg-1
ii  libjs-jquery-ui-touch-punch   0.0~git20141218.2.4bc0091+dfsg1-1
ii  libphp-phpmailer  5.2.14+dfsg-2.3
ii  perl  5.26.1-2
ii  php-cli   1:7.0+56
ii  php-gd1:7.0+56
ii  php-json  1:7.0+56
ii  php-ldap  1:7.0+56
ii  php-mbstring  1:7.0+56
ii  php-mysql 1:7.0+56
ii  php-php-gettext   1.0.12-0.1
ii  php-phpseclib 2.0.7-1
ii  php-snmp  1:7.0+56
ii  php-twig  1.24.0-2
ii  php-xml   1:7.0+56
ii  php7.0-cli [php-cli]  7.0.25-1
ii  php7.0-gd [php-gd]7.0.25-1
ii  php7.0-json [php-json]7.0.25-1
ii  php7.0-ldap [php-ldap]7.0.25-1
ii  php7.0-mbstring [php-mbstring]7.0.25-1
ii  php7.0-mysql [php-mysqlnd]7.0.25-1
ii  php7.0-snmp [php-snmp]7.0.25-1
ii  php7.0-xml [php-xml]  7.0.25-1
ii  rrdtool   1.6.0-1+b4
ii  snmp  5.7.3+dfsg-1.7+b2
ii  ucf   3.0036

Versions of packages cacti recommends:
ii  apache2 [httpd] 2.4.29-1
ii  iputils-ping3:20161105-1
ii  logrotate   3.11.0-0.1
ii  mariadb-server-10.1 [virtual-mysql-server]  10.1.26-1
ii  php-gmp 1:7.0+56
ii  php7.0-gmp [php-gmp]7.0.25-1

Versions of packages cacti suggests:
pn  cacti-spine  
ii  moreutils0.60-1
ii  snmpd5.7.3+dfsg-1.7+b2

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEWLZtSHNr6TsFLeZynFyZ6wW9dQoFAloUeEkACgkQnFyZ6wW9
dQrRtwf7BV0qXzww7z0RqPvA7z4LGU/48gJyEqAIqAKmdqcemnARok5oUMjw28KV
0mN4hYNm3F/ebmnLm69pjJTulgXhDg+hqpbay2VTNwXWEbjW7Q7L9N0AaT26Z54P
kyStzrCEawDn4xROFkgp//mNAfT841jRkpqQBiugODWal748rzs22jNXQN/Ieu67
oGmASlNB1Z+IhLozAkGWHw2VbJnxSqKrcH7FbfWHs6+Sr71N7fj4OzVxhGS483mh

Bug#876931: psycopg2 FTBFS with Sphinx 1.6: Could not import extension dbapi_extension

[Corey Bryant]

Package: psycopg2
Version: 2.7.3-2
Followup-For: Bug #876931
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu bionic ubuntu-patch

Dear Maintainer,

In Ubuntu, the attached patch was applied to achieve the following:

  * d/p/0001-Make-dbapi_extension.py-compatible-with-Sphinx-1.6.patch:
Cherry-picked from upstream master branch after hitting build failure:
"Could not import extension dbapi_extension (exception: cannot import
 name 'make_admonition')."


Thanks for considering the patch.


-- System Information:
Debian Release: buster/sid
  APT prefers bionic
  APT policy: (500, 'bionic'), (500, 'artful-updates')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.13.0-16-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -u psycopg2-2.7.3/debian/patches/series 
psycopg2-2.7.3/debian/patches/series
--- psycopg2-2.7.3/debian/patches/series
+++ psycopg2-2.7.3/debian/patches/series
@@ -1,0 +2 @@
+0001-Make-dbapi_extension.py-compatible-with-Sphinx-1.6.patch
only in patch2:
unchanged:
--- 
psycopg2-2.7.3.orig/debian/patches/0001-Make-dbapi_extension.py-compatible-with-Sphinx-1.6.patch
+++ 
psycopg2-2.7.3/debian/patches/0001-Make-dbapi_extension.py-compatible-with-Sphinx-1.6.patch
@@ -0,0 +1,46 @@
+From 1ccb61fe18ddc1fbb498ee90f182c44066aefb36 Mon Sep 17 00:00:00 2001
+From: Dmitry Shachnev 
+Date: Thu, 12 Oct 2017 13:08:24 +0300
+Subject: [PATCH] Make dbapi_extension.py compatible with Sphinx 1.6
+
+In Sphinx commit 1a821b89e9952fc2, the deprecated make_admonition()
+function was removed. This commit updates the code to use the modern
+API instead.
+---
+ doc/src/tools/lib/dbapi_extension.py | 13 ++---
+ 1 file changed, 6 insertions(+), 7 deletions(-)
+
+diff --git a/doc/src/tools/lib/dbapi_extension.py 
b/doc/src/tools/lib/dbapi_extension.py
+index cb3fec4..7ab656f 100755
+--- a/doc/src/tools/lib/dbapi_extension.py
 b/doc/src/tools/lib/dbapi_extension.py
+@@ -12,7 +12,7 @@
+ from docutils import nodes
+ 
+ from sphinx.locale import _
+-from sphinx.util.compat import Directive, make_admonition
++from docutils.parsers.rst import Directive
+ 
+ class extension_node(nodes.Admonition, nodes.Element): pass
+ 
+@@ -29,12 +29,11 @@ class Extension(Directive):
+ option_spec = {}
+ 
+ def run(self):
+-nodes = make_admonition(extension_node,
+-self.name, [_('DB API extension')], self.options,
+-self.content, self.lineno, self.content_offset,
+-self.block_text, self.state, self.state_machine)
+-nodes[0]['classes'].append('dbapi-extension')
+-return nodes
++node = extension_node('\n'.join(self.content))
++node += nodes.title(_('DB API extension'), _('DB API extension'))
++self.state.nested_parse(self.content, self.content_offset, node)
++node['classes'].append('dbapi-extension')
++return [node]
+ 
+ 
+ def visit_extension_node(self, node):
+-- 
+2.14.1
+

Processed: Bug#882346 marked as pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 882346 pending
Bug #882346 [libc0.1-dev] libc0.1-dev: fails to upgrade, trying to overwrite 
/usr/include/x86_64-kfreebsd-gnu/sys/random.h
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
882346: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882346
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: severity of 882346 is important

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 882346 important
Bug #882346 [libc0.1-dev] libc0.1-dev: fails to upgrade, trying to overwrite 
/usr/include/x86_64-kfreebsd-gnu/sys/random.h
Severity set to 'important' from 'serious'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
882346: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882346
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#878883: marked as pending

[Kevin Cernekee]

On Tue, Nov 21, 2017 at 10:37 AM, Gianfranco Costamagna
 wrote:
> On Sun, 12 Nov 2017 16:59:50 + Kevin Cernekee  wrote:
>> tag 878883 pending
>> thanks
>
> Hello,
>
> ping?

I think the new package needs to be uploaded.  Could you please review?

Bug#882292: acpica-unix FTBFS on 32bit big endian: test failures

[Adrian Bunk]

Source: acpica-unix
Version: 20171110-1
Severity: serious

https://buildd.debian.org/status/package.php?p=acpica-unix=sid

...
Installing ACPICA tools
list of testcases: aslts
Make-install all the provided test cases
Make n32
Running make install from /<>/tests/aslts
Begin compiling test package: [src]
Begin compiling test package: [runtime]
Begin compiling test package: [collections]
Begin compiling test package: [bdemo]
Begin compiling test package: [ACPICA]
Begin compiling test package: [bdemo]
Test path: 
/<>/tests/aslts/src/runtime/collections/bdemo/ACPICA/bdemo
Type: nopt/32 Compile => Removing filesrm: cannot remove 'MAIN.asm': No 
such file or directory
rm: cannot remove 'MAIN.c': No such file or directory
rm: cannot remove 'MAIN.h': No such file or directory
rm: cannot remove 'MAIN.i': No such file or directory
rm: cannot remove 'MAIN.hex': No such file or directory
rm: cannot remove 'MAIN.lst': No such file or directory
rm: cannot remove 'MAIN.map': No such file or directory
rm: cannot remove 'MAIN.nsp': No such file or directory
rm: cannot remove 'MAIN.offset.h': No such file or directory
rm: cannot remove 'MAIN.src': No such file or directory
 => Done 
ls: cannot access 'bdemo.aml': No such file or directory
mv: cannot stat 'bdemo.aml': No such file or directory
Compiled test package: [bdemo]
Begin compiling test package: [bdemof]
Test path: 
/<>/tests/aslts/src/runtime/collections/bdemo/ACPICA/bdemof
Type: nopt/32 Compile => Removing filesrm: cannot remove 'MAIN.asm': No 
such file or directory
rm: cannot remove 'MAIN.c': No such file or directory
rm: cannot remove 'MAIN.h': No such file or directory
rm: cannot remove 'MAIN.i': No such file or directory
rm: cannot remove 'MAIN.hex': No such file or directory
rm: cannot remove 'MAIN.lst': No such file or directory
rm: cannot remove 'MAIN.map': No such file or directory
rm: cannot remove 'MAIN.nsp': No such file or directory
rm: cannot remove 'MAIN.offset.h': No such file or directory
rm: cannot remove 'MAIN.src': No such file or directory
 => Done 
ls: cannot access 'bdemof.aml': No such file or directory
mv: cannot stat 'bdemof.aml': No such file or directory
Compiled test package: [bdemof]
Compiled test package: [ACPICA]
Compiled test package: [bdemo]
Begin compiling test package: [complex]
Begin compiling test package: [misc]
Test path: /<>/tests/aslts/src/runtime/collections/complex/misc
Type: nopt/32 Compile => Removing filesrm: cannot remove 'MAIN.asm': No 
such file or directory
rm: cannot remove 'MAIN.c': No such file or directory
rm: cannot remove 'MAIN.h': No such file or directory
rm: cannot remove 'MAIN.i': No such file or directory
rm: cannot remove 'MAIN.hex': No such file or directory
rm: cannot remove 'MAIN.lst': No such file or directory
rm: cannot remove 'MAIN.map': No such file or directory
rm: cannot remove 'MAIN.nsp': No such file or directory
rm: cannot remove 'MAIN.offset.h': No such file or directory
rm: cannot remove 'MAIN.src': No such file or directory
 => Done 
ls: cannot access 'misc.aml': No such file or directory
mv: cannot stat 'misc.aml': No such file or directory
Compiled test package: [misc]
Begin compiling test package: [provoke]
Test path: /<>/tests/aslts/src/runtime/collections/complex/provoke
Type: nopt/32 Compile => Removing filesrm: cannot remove 'MAIN.asm': No 
such file or directory
rm: cannot remove 'MAIN.c': No such file or directory
rm: cannot remove 'MAIN.h': No such file or directory
rm: cannot remove 'MAIN.i': No such file or directory
rm: cannot remove 'MAIN.hex': No such file or directory
rm: cannot remove 'MAIN.lst': No such file or directory
rm: cannot remove 'MAIN.map': No such file or directory
rm: cannot remove 'MAIN.nsp': No such file or directory
rm: cannot remove 'MAIN.offset.h': No such file or directory
rm: cannot remove 'MAIN.src': No such file or directory
 => Done 
ls: cannot access 'provoke.aml': No such file or directory
mv: cannot stat 'provoke.aml': No such file or directory
Compiled test package: [provoke]
Begin compiling test package: [operand]
Begin compiling test package: [tests]
Begin compiling test package: [oarg]
Test path: 
/<>/tests/aslts/src/runtime/collections/complex/operand/tests/oarg
Type: nopt/32 Compile => Removing filesrm: cannot remove 'MAIN.asm': No 
such file or directory
rm: cannot remove 'MAIN.c': No such file or directory
rm: cannot remove 'MAIN.h': No such file or directory
rm: cannot remove 'MAIN.i': No such file or directory
rm: cannot remove 'MAIN.hex': No such file or directory
rm: cannot remove 'MAIN.lst': No such file or directory
rm: cannot remove 'MAIN.map': No such file or directory
rm: cannot remove 'MAIN.nsp': No such file or directory
rm: cannot remove 'MAIN.offset.h': No such file or directory
rm: cannot remove 'MAIN.src': No such file or directory
 => Done 
ls: cannot access 'oarg.aml': No such file or directory
mv: cannot stat 'oarg.aml': No such file or directory
Compiled test package: [oarg]
...
WARNING: some test 

Bug#882328: gauche-c-wrapper FTBFS with glibc 2.25

[Adrian Bunk]

Source: gauche-c-wrapper
Version: 0.6.1-8
Severity: serious
Tags: buster sid

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/gauche-c-wrapper.html

...
Testing c-wrapper ...
:444:13: error: invalid "#pragma GCC warning" directive
:817:13: warning: In the GNU C Library, "symbol" is defined
 by . For historical compatibility, it is
 currently defined by  as well, but we plan to
 remove this soon. To use "symbol", include 
 directly. If you did not intend to use a system-defined macro
 "symbol", you should undefine it after including .
:820:13: warning: In the GNU C Library, "major" is defined
 by . For historical compatibility, it is
 currently defined by  as well, but we plan to
 remove this soon. To use "major", include 
 directly. If you did not intend to use a system-defined macro
 "major", you should undefine it after including .
:821:13: warning: In the GNU C Library, "minor" is defined
 by . For historical compatibility, it is
 currently defined by  as well, but we plan to
 remove this soon. To use "minor", include 
 directly. If you did not intend to use a system-defined macro
 "minor", you should undefine it after including .
:822:13: warning: In the GNU C Library, "makedev" is defined
 by . For historical compatibility, it is
 currently defined by  as well, but we plan to
 remove this soon. To use "makedev", include 
 directly. If you did not intend to use a system-defined macro
 "makedev", you should undefine it after including .
././ffitest.h:828: GCC exitted abnormally (at token: *eoi*)
././ffitest.h:828: #f
././ffitest.h:828: process 44299 exitted abnormally with exit code 256 (at 
token: *eoi*)
*** ERROR: process 44299 exitted abnormally with exit code 256
While loading "./cwrappertest.scm" at line 13
Stack Trace:
___
  0  (with-error-handler (lambda (e) (let ((e e)) (%guard-rec e e  ...
expanded from (guard (e (( e) (let ((errmsg 
(make-error
at "../lib/c-wrapper/c-parser.scm":1104
  1  (parse-macro include-dirs headers options)
at "../lib/c-wrapper/c-parser.scm":1159
  2  (trunk)
at "../lib/c-wrapper/c-parser.scm":67
  3  (c-parse (if (list? include-dirs) include-dirs (list include- ...
at "../lib/c-wrapper.scm":105
Makefile:69: recipe for target 'check-c' failed
make[2]: *** [check-c] Error 70

Bug#881912: marked as done (keyutils: FTBFS on mips and mipsel: keyctl_describe: Function not implemented)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 13:04:17 +
with message-id 
and subject line Bug#881912: fixed in keyutils 1.5.9-9.2
has caused the Debian Bug report #881912,
regarding keyutils: FTBFS on mips and mipsel: keyctl_describe: Function not 
implemented
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
881912: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881912
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: keyutils
Version: 1.5.9-9.1
Severity: serious
Tags: sid buster patch pending

Hi,

keyutils currently FTBFS on mips and mipsel with the error:
>  Some tests require root privileges.
>  It is recommended that this be run as root.
> keyctl_describe: Function not implemented
> Running with session keyring RHTS/keyctl/7093
> keyctl_join_session_keyring: Function not implemented
> Makefile:42: recipe for target 'run' failed
> make[3]: *** [run] Error 1
> make[3]: Leaving directory '/<>/tests'
> Makefile:201: recipe for target 'test' failed
> make[2]: *** [test] Error 2
> make[2]: Leaving directory '/<>'
> dh_auto_test: make -j1 test 
> PATH=/<>:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
>  LD_LIBRARY_PATH=/<> SKIPROOT=yes SKIPINSTALLED=yes returned 
> exit code 2
> debian/rules:29: recipe for target 'override_dh_auto_test' failed
> make[1]: *** [override_dh_auto_test] Error 2
> make[1]: Leaving directory '/<>'
> debian/rules:16: recipe for target 'build-arch' failed
> make: *** [build-arch] Error 2
> dpkg-buildpackage: error: debian/rules build-arch gave error exit status 2

This happens due to a regression in linux 4.8 where the compat keyctl
syscall is not properly enabled (see #881830 for more details).

I attach an NMU to fix this by temporarily disabling the testsuite on
mips and mipsel, which I have uploaded to DELAYED/5. Please tell me if
you want me to cancel it. I'll try to open a bug to remind you to remove
the temporary fix after the kernel bug has been fixed on the buildds.

Thanks,
James
diff -Nru keyutils-1.5.9/debian/changelog keyutils-1.5.9/debian/changelog
--- keyutils-1.5.9/debian/changelog 2017-09-28 13:19:16.0 +0100
+++ keyutils-1.5.9/debian/changelog 2017-11-16 11:59:37.0 +
@@ -1,3 +1,11 @@
+keyutils (1.5.9-9.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Disable testsuite on mips and mipsel until kernel bug #881830 is fixed.
+(Closes: #XXX)
+
+ -- James Cowgill   Thu, 16 Nov 2017 11:59:37 +
+
 keyutils (1.5.9-9.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru keyutils-1.5.9/debian/rules keyutils-1.5.9/debian/rules
--- keyutils-1.5.9/debian/rules 2017-09-28 13:16:32.0 +0100
+++ keyutils-1.5.9/debian/rules 2017-11-16 11:59:37.0 +
@@ -8,6 +8,7 @@
 DEB_VERSION := $(shell dpkg-parsechangelog -S Version)
 DEB_BUILD_ARCH ?= $(shell dpkg-architecture -qDEB_BUILD_ARCH)
 DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
+DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH)
 DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
 DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
 
@@ -26,6 +27,7 @@
dh_auto_install -- LIBDIR=/lib/$(DEB_HOST_MULTIARCH) 
USRLIBDIR=/usr/lib/$(DEB_HOST_MULTIARCH)
 
 override_dh_auto_test:
+ifeq ($(filter $(DEB_HOST_ARCH), mips mipsel),)
# Use  the library and executable we just built;
# skip tests requiring root
dh_auto_test -- \
@@ -33,6 +35,14 @@
LD_LIBRARY_PATH=$(CURDIR) \
SKIPROOT=yes \
SKIPINSTALLED=yes
+else
+   # Disable the testsuite on mips and mipsel where the kernel might not
+   #  have the nessesary compat keyctl syscall available.
+   # This can be removed when either:
+   # - All the buildds use kernel >= 4.12
+   # - #881830 is fixed in stable
+   echo Testsuite disabled on $(DEB_HOST_ARCH)
+endif
 
 override_dh_install:
dh_install --fail-missing


signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: keyutils
Source-Version: 1.5.9-9.2

We believe that the bug you reported is fixed in the latest version of
keyutils, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 881...@bugs.debian.org,
and the maintainer will reopen 

Processed: limit source to keepassxc, tagging 882306

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> limit source keepassxc
Limiting to bugs with field 'source' containing at least one of 'keepassxc'
Limit currently set to 'source':'keepassxc'

> tags 882306 + pending
Bug #882306 [src:keepassxc] keepassxc FTBFS: Qt5LinguistTools*.cmake moved to 
qttools5-dev
Warning: Unknown package 'src:keepassxc'
Added tag(s) pending.
Warning: Unknown package 'src:keepassxc'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
882306: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882306
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: [Pkg-sysvinit-devel] Bug#877229: marked as pending

[Debian Bug Tracking System]

Processing control commands:

> reopen -1
Bug #877229 {Done: Axel Beckert } [src:insserv] insserv: FTBFS 
with GCC 7: error: 'extension' undeclared
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions wml/2.4.1ds1-2.
> notfixed -1 wml/2.4.1ds1-2
Bug #877229 [src:insserv] insserv: FTBFS with GCC 7: error: 'extension' 
undeclared
Ignoring request to alter fixed versions of bug #877229 to the same values 
previously set

-- 
877229: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877229
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#882306: keepassxc FTBFS: Qt5LinguistTools*.cmake moved to qttools5-dev

[Adrian Bunk]

Source: keepassxc
Version: 2.2.0-1
Severity: serious

https://buildd.debian.org/status/package.php?p=keepassxc=sid

...
CMake Error at CMakeLists.txt:211 (find_package):
  By not providing "FindQt5LinguistTools.cmake" in CMAKE_MODULE_PATH this
  project has asked CMake to find a package configuration file provided by
  "Qt5LinguistTools", but CMake did not find one.

  Could not find a package configuration file provided by "Qt5LinguistTools"
  (requested version 5.2) with any of the following names:

Qt5LinguistToolsConfig.cmake
qt5linguisttools-config.cmake

  Add the installation prefix of "Qt5LinguistTools" to CMAKE_PREFIX_PATH or
  set "Qt5LinguistTools_DIR" to a directory containing one of the above
  files.  If "Qt5LinguistTools" provides a separate development package or
  SDK, be sure it has been installed.



qttools-opensource-src (5.9.2-3) unstable; urgency=medium

  * Move Qt5LinguistTools*.cmake from qttools5-dev-tools to qttools5-dev.
...

Bug#853668: marked as done (squid3: ftbfs with GCC-7)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 10:00:16 +
with message-id 
and subject line Bug#853668: fixed in squid 4.0.21-1~exp5
has caused the Debian Bug report #853668,
regarding squid3: ftbfs with GCC-7
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
853668: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853668
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:squid3
Version: 3.5.23-1
Severity: normal
Tags: sid buster
User: debian-...@lists.debian.org
Usertags: ftbfs-gcc-7

Please keep this issue open in the bug tracker for the package it
was filed for.  If a fix in another package is required, please
file a bug for the other package (or clone), and add a block in this
package. Please keep the issue open until the package can be built in
a follow-up test rebuild.

The package fails to build in a test rebuild on at least amd64 with
gcc-7/g++-7, but succeeds to build with gcc-6/g++-6. The
severity of this report may be raised before the buster release.
There is no need to fix this issue in time for the stretch release.

The full build log can be found at:
http://people.debian.org/~doko/logs/gcc7-20170126/squid3_3.5.23-1_unstable_gcc7.log
The last lines of the build log are at the end of this report.

To build with GCC 7, either set CC=gcc-7 CXX=g++-7 explicitly,
or install the gcc, g++, gfortran, ... packages from experimental.

  apt-get -t=experimental install g++ 

Common build failures are new warnings resulting in build failures with
-Werror turned on, or new/dropped symbols in Debian symbols files.
For other C/C++ related build failures see the porting guide at
http://gcc.gnu.org/gcc-7/porting_to.html

[...]
libtool: link: ( cd ".libs" && rm -f "librfcnb.la" && ln -s "../librfcnb.la" 
"librfcnb.la" )
make[3]: Leaving directory '/<>/lib/rfcnb'
Making all in smblib
make[3]: Entering directory '/<>/lib/smblib'
/bin/bash ../../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H   
-I../.. -I../../include -I../../lib -I../../src -I../../include  -isystem 
/usr/include/mit-krb5  -I../../lib -I/usr/include/libxml2 -Wdate-time 
-D_FORTIFY_SOURCE=2 -Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes 
-Wmissing-declarations -Wcomments -Wshadow -Werror -pipe -D_REENTRANT -m64 -g 
-O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat 
-Werror=format-security -Wall -c -o md4.lo md4.c
libtool: compile:  gcc -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib 
-I../../src -I../../include -isystem /usr/include/mit-krb5 -I../../lib 
-I/usr/include/libxml2 -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wpointer-arith 
-Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments -Wshadow 
-Werror -pipe -D_REENTRANT -m64 -g -O2 -fdebug-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wall -c md4.c  -fPIC 
-DPIC -o .libs/md4.o
libtool: compile:  gcc -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib 
-I../../src -I../../include -isystem /usr/include/mit-krb5 -I../../lib 
-I/usr/include/libxml2 -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wpointer-arith 
-Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments -Wshadow 
-Werror -pipe -D_REENTRANT -m64 -g -O2 -fdebug-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wall -c md4.c -o 
md4.o >/dev/null 2>&1
/bin/bash ../../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H   
-I../.. -I../../include -I../../lib -I../../src -I../../include  -isystem 
/usr/include/mit-krb5  -I../../lib -I/usr/include/libxml2 -Wdate-time 
-D_FORTIFY_SOURCE=2 -Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes 
-Wmissing-declarations -Wcomments -Wshadow -Werror -pipe -D_REENTRANT -m64 -g 
-O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat 
-Werror=format-security -Wall -c -o smblib.lo smblib.c
libtool: compile:  gcc -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib 
-I../../src -I../../include -isystem /usr/include/mit-krb5 -I../../lib 
-I/usr/include/libxml2 -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wpointer-arith 
-Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments -Wshadow 
-Werror -pipe -D_REENTRANT -m64 -g -O2 -fdebug-prefix-map=/<>=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wall -c smblib.c  
-fPIC -DPIC -o .libs/smblib.o
libtool: compile:  gcc -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib 
-I../../src -I../../include -isystem /usr/include/mit-krb5 -I../../lib 
-I/usr/include/libxml2 -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wpointer-arith 
-Wwrite-strings 

Bug#882315: kwalify: FTBFS and Debci failure with ruby 2.3 2.3.5-1

[Adrian Bunk]

Source: kwalify
Version: 0.7.2-4
Severity: serious
Tags: buster sid

https://ci.debian.net/packages/k/kwalify/unstable/amd64/
https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/kwalify.html

...
┌──┐
│ Run tests for ruby2.3 from debian/ruby-test-files.yaml   │
└──┘

RUBYLIB=/build/1st/kwalify-0.7.2/debian/kwalify/usr/lib/ruby/vendor_ruby:. 
GEM_PATH=debian/kwalify/usr/share/rubygems-integration/all:/var/lib/gems/2.3.0:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.3.0:/usr/share/rubygems-integration/2.3.0:/usr/share/rubygems-integration/all
 ruby2.3 -ryaml -e YAML.load_file\(\"debian/ruby-test-files.yaml\"\).each\ \{\ 
\|f\|\ require\ f\ \}
/build/1st/kwalify-0.7.2/test/test-users-guide.rb:5: warning: already 
initialized constant UsersGuideTest::DATA_DIR
/build/1st/kwalify-0.7.2/.pc/test_paths_fix.patch/test/test-users-guide.rb:5: 
warning: previous definition of DATA_DIR was here
/build/1st/kwalify-0.7.2/test/test-users-guide.rb:6: warning: already 
initialized constant UsersGuideTest::CURR_DIR
/build/1st/kwalify-0.7.2/.pc/test_paths_fix.patch/test/test-users-guide.rb:6: 
warning: previous definition of CURR_DIR was here
Loaded suite [.]
Started
N
===
 was redefined 
[test_address_book_ruby(UsersGuideTest)]
/build/1st/kwalify-0.7.2/test/test-users-guide.rb:21:in `'
===
.N
===
 was redefined 
[test_example_address_book_ruby(UsersGuideTest)]
/build/1st/kwalify-0.7.2/test/test-users-guide.rb:26:in `'
===
F
===
Failure:
  @@ -1,6 +1,8 @@
   [#,
#,
  - #]
  + #]
   [#,
 @blood="A",
test_example_address_book_ruby(UsersGuideTest)
/build/1st/kwalify-0.7.2/lib/kwalify/util/assert-text-equal.rb:40:in 
`assert_text_equal'
/build/1st/kwalify-0.7.2/test/test-users-guide.rb:70:in `block in _test'
/build/1st/kwalify-0.7.2/test/test-users-guide.rb:63:in `each'
/build/1st/kwalify-0.7.2/test/test-users-guide.rb:63:in `_test'
/build/1st/kwalify-0.7.2/test/test-users-guide.rb:30:in 
`test_example_address_book_ruby'
 27: @command = 'ruby -I. example_address_book.rb'
 28: @result = File.read('example_address_book_ruby.result')
 29: @testopts = { 'delete_object_id' => true }
  => 30: _test()
 31:   end
 32: ### END
 33: 
===
N
===
 was redefined [test_databind1(DataBindingTest)]
(eval):1:in `block in load_yaml_testdata'
===
.N
===
 was redefined [test_databind2(DataBindingTest)]
(eval):1:in `block in load_yaml_testdata'
===
.N
===
 was redefined [test_databind3(DataBindingTest)]
(eval):1:in `block in load_yaml_testdata'
===
.N
===
 was redefined [test_databind4(DataBindingTest)]
(eval):1:in `block in load_yaml_testdata'
===
...
...
...
...
.O
===
failed to load: 
:
  
[test_require_build_1st_kwalify_0_7_2_pc_proper_string_split_patch_test_test_validator_rb(RequireFailedOmissions)]
/usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:55:in `require'
===
O
===
failed to load: 
: 
 
[test_require_build_1st_kwalify_0_7_2_pc_test_fix_tmpdir_patch_test_test_action_rb(RequireFailedOmissions)]

Processed: Re: mariadb-10.1: Uploads rejected by dak, blocking testing migration of mariadb-10.1 and its reverse dependencies

[Debian Bug Tracking System]

Processing control commands:

> reopen -1
Bug #881898 {Done: Ondřej Surý } [src:mariadb-10.1] 
mariadb-10.1: Uploads rejected by dak, blocking testing migration of 
mariadb-10.1 and its reverse dependencies
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions mariadb-10.1/10.1.29-1.
> notfixed -1 mariadb-10.1/10.1.29-1
Bug #881898 [src:mariadb-10.1] mariadb-10.1: Uploads rejected by dak, blocking 
testing migration of mariadb-10.1 and its reverse dependencies
Ignoring request to alter fixed versions of bug #881898 to the same values 
previously set
> affects -1 src:gdal src:slurm-llnl src:qtbase-opensource-src
Bug #881898 [src:mariadb-10.1] mariadb-10.1: Uploads rejected by dak, blocking 
testing migration of mariadb-10.1 and its reverse dependencies
Added indication that 881898 affects src:gdal, src:slurm-llnl, and 
src:qtbase-opensource-src

-- 
881898: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881898
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#858630: marked as done (golang-github-grpc-ecosystem-go-grpc-prometheus: FTBFS: grpc_server_started_total should be incremented for PingList)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 09:04:26 +
with message-id 
and subject line Bug#858630: fixed in 
golang-github-grpc-ecosystem-go-grpc-prometheus 1.1+git20170826.0dafe0d-1
has caused the Debian Bug report #858630,
regarding golang-github-grpc-ecosystem-go-grpc-prometheus: FTBFS: 
grpc_server_started_total should be incremented for PingList
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
858630: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858630
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: golang-github-grpc-ecosystem-go-grpc-prometheus
Version: 1.1+git20160910.0.6b7015e-1
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Dear Maintainer,

golang-github-grpc-ecosystem-go-grpc-prometheus fails to build from source in 
unstable/amd64:

  […]

   dpkg-buildpackage -rfakeroot -us -uc -b
  dpkg-buildpackage: info: source package 
golang-github-grpc-ecosystem-go-grpc-prometheus
  dpkg-buildpackage: info: source version 1.1+git20160910.0.6b7015e-1
  dpkg-buildpackage: info: source distribution unstable
  dpkg-buildpackage: info: source changed by Tim Potter 
   dpkg-source --before-build 
golang-github-grpc-ecosystem-go-grpc-prometheus-1.1+git20160910.0.6b7015e
  dpkg-buildpackage: info: host architecture amd64
   fakeroot debian/rules clean
  dh clean --buildsystem=golang --with=golang
 dh_testdir -O--buildsystem=golang
 dh_auto_clean -O--buildsystem=golang
 dh_autoreconf_clean -O--buildsystem=golang
 dh_clean -O--buildsystem=golang
   debian/rules build
  dh build --buildsystem=golang --with=golang
 dh_testdir -O--buildsystem=golang
 dh_update_autotools_config -O--buildsystem=golang
 dh_autoreconf -O--buildsystem=golang
 dh_auto_configure -O--buildsystem=golang
 debian/rules override_dh_auto_build
  make[1]: Entering directory '«BUILDDIR»'
  cd 
obj-x86_64-linux-gnu/src/github.com/grpc-ecosystem/go-grpc-prometheus/examples/testproto
 && \
GOPATH=obj-x86_64-linux-gnu make 
  make[2]: Entering directory 
'«BUILDDIR»/obj-x86_64-linux-gnu/src/github.com/grpc-ecosystem/go-grpc-prometheus/examples/testproto'
  PATH="obj-x86_64-linux-gnu/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11" 
protoc \
-I. \
-Iobj-x86_64-linux-gnu/src \
--go_out=plugins=grpc:. \
test.proto
  obj-x86_64-linux-gnu/src: warning: directory does not exist.
  make[2]: Leaving directory 
'«BUILDDIR»/obj-x86_64-linux-gnu/src/github.com/grpc-ecosystem/go-grpc-prometheus/examples/testproto'
  dh_auto_build
go install -v -p 9 github.com/grpc-ecosystem/go-grpc-prometheus 
github.com/grpc-ecosystem/go-grpc-prometheus/examples/testproto
  github.com/beorn7/perks/quantile
  github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg
  github.com/golang/protobuf/proto
  github.com/prometheus/common/model
  github.com/prometheus/procfs
  golang.org/x/net/context
  golang.org/x/net/http2/hpack
  golang.org/x/net/idna
  golang.org/x/net/internal/timeseries
  google.golang.org/grpc/codes
  google.golang.org/grpc/credentials
  google.golang.org/grpc/grpclog
  google.golang.org/grpc/internal
  google.golang.org/grpc/metadata
  google.golang.org/grpc/naming
  golang.org/x/net/lex/httplex
  golang.org/x/net/trace
  golang.org/x/net/http2
  google.golang.org/grpc/peer
  github.com/prometheus/client_model/go
  github.com/matttproud/golang_protobuf_extensions/pbutil
  github.com/prometheus/common/expfmt
  google.golang.org/grpc/transport
  github.com/prometheus/client_golang/prometheus
  google.golang.org/grpc
  github.com/grpc-ecosystem/go-grpc-prometheus
  github.com/grpc-ecosystem/go-grpc-prometheus/examples/testproto
  make[1]: Leaving directory '«BUILDDIR»'
 dh_auto_test -O--buildsystem=golang
go test -v -p 9 github.com/grpc-ecosystem/go-grpc-prometheus 
github.com/grpc-ecosystem/go-grpc-prometheus/examples/testproto
  === RUN   TestClientInterceptorSuite
  === RUN   TestStreamingIncrementsHandled
  --- PASS: TestStreamingIncrementsHandled (0.00s)
  === RUN   TestStreamingIncrementsHistograms
  --- PASS: TestStreamingIncrementsHistograms (0.00s)
  === RUN   TestStreamingIncrementsMessageCounts
  --- PASS: TestStreamingIncrementsMessageCounts (0.00s)
  === RUN   TestStreamingIncrementsStarted
  --- PASS: TestStreamingIncrementsStarted (0.00s)
  === RUN   TestUnaryIncrementsHandled
  --- PASS: TestUnaryIncrementsHandled (0.00s)
  === RUN   

Bug#882323: clamav-freshclam: fails to upgrade

[Christoph Anton Mitterer]

Package: clamav-freshclam
Version: 0.99.3~beta1+dfsg-3
Severity: grave
Justification: renders package unusable

Hi.

With the lastest version the package fails to upgrade:
Setting up clamav-freshclam (0.99.3~beta1+dfsg-3) ...
To check for updates more often than hourly, please run freshclam as a daemon.
Replacing config file /etc/cron.d/clamav-freshclam with new version
Starting database update: 
ClamAV update process started at Tue Nov 21 14:20:13 2017
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.99.3-beta1 Recommended version: 0.99.2
DON'T PANIC! Read http://www.clamav.net/documents/upgrading-clamav
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: 
sigmgr)
daily.cld is up to date (version: 24060, sigs: 1785895, f-level: 63, builder: 
neo)
bytecode.cld is up to date (version: 318, sigs: 75, f-level: 63, builder: 
raynman)
dpkg: error processing package clamav-freshclam (--configure):
 installed clamav-freshclam package post-installation script subprocess 
returned error exit status 1
dpkg: dependency problems prevent configuration of clamav:
 clamav depends on clamav-freshclam (>= 0.99.3~beta1+dfsg) | clamav-data; 
however:
  Package clamav-freshclam is not configured yet.
  Package clamav-data is not installed.
  Package clamav-freshclam which provides clamav-data is not configured yet.

dpkg: error processing package clamav (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 clamav-freshclam
 clamav


Cheers,
Chris.



-- Package-specific info:
--- configuration ---
#Automatically Generated by clamav-base postinst
#To reconfigure clamd run #dpkg-reconfigure clamav-base
#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket true
LocalSocketGroup clamav
LocalSocketMode 666
# TemporaryDirectory is not set to its default /tmp here to make overriding
# the default with environment variables TMPDIR/TMP/TEMP possible
User clamav
AllowSupplementaryGroups true
ScanMail true
ScanArchive true
ArchiveBlockEncrypted false
MaxDirectoryRecursion 15
FollowDirectorySymlinks false
FollowFileSymlinks false
ReadTimeout 180
MaxThreads 12
MaxConnectionQueueLength 15
LogSyslog false
LogRotate true
LogFacility LOG_LOCAL6
LogClean false
LogVerbose false
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/lib/clamav
SelfCheck 3600
Foreground false
Debug false
ScanPE true
MaxEmbeddedPE 10M
ScanOLE2 true
ScanHTML true
MaxHTMLNormalize 10M
MaxHTMLNoTags 2M
MaxScriptNormalize 5M
MaxZipTypeRcg 1M
ScanSWF true
DetectBrokenExecutables false
ExitOnOOM false
LeaveTemporaryFiles false
AlgorithmicDetection true
ScanELF true
IdleTimeout 30
PhishingSignatures true
PhishingScanURLs true
PhishingAlwaysBlockSSLMismatch false
PhishingAlwaysBlockCloak false
DetectPUA false
ScanPartialMessages false
HeuristicScanPrecedence false
StructuredDataDetection false
CommandReadTimeout 5
SendBufTimeout 200
MaxQueue 100
ExtendedDetectionInfo true
OLE2BlockMacros false
ScanOnAccess false
AllowAllMatchScan true
ForceToDisk false
DisableCertCheck false
StreamMaxLength 10M
LogFile /var/log/clamav/clamav.log
LogTime true
LogFileUnlock false
LogFileMaxSize 0
Bytecode false
OfficialDatabaseOnly false
CrossFilesystems true
# Automatically created by the clamav-freshclam postinst
# Comments will get lost when you reconfigure the clamav-freshclam package

DatabaseOwner clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogVerbose false
LogSyslog false
LogFacility LOG_LOCAL6
LogFileMaxSize 0
LogRotate true
LogTime true
Foreground false
Debug false
MaxAttempts 5
DatabaseDirectory /var/lib/clamav
DNSDatabaseInfo current.cvd.clamav.net
ConnectTimeout 30
ReceiveTimeout 30
TestDatabases yes
ScriptedUpdates yes
CompressLocalDatabase no
SafeBrowsing false
Bytecode true
DatabaseMirror db.local.clamav.net
DatabaseMirror database.clamav.net

--- data dir ---
total 240520
-rw-r--r-- 1 clamav clamav766976 Nov  7 20:18 bytecode.cld
drwxr-xr-x 1 clamav clamav 0 Jun 27  2010 
clamav-19b464beab60829e7016d00d5df2fd5b
drwxr-xr-x 1 clamav clamav   282 Jun 24  2008 
clamav-3979237c18d6de6e9940e464cd3ea5f0
drwxr-xr-x 1 clamav clamav   282 Jun 24  2008 
clamav-3a6a00893141d0216faf196a86706634
drwxr-xr-x 1 clamav clamav 0 May 17  2011 
clamav-3b2941f990ff4adb05f2f5de24b67623
drwxr-xr-x 1 clamav clamav86 Jun 15 06:43 
clamav-7c5363c8fe917b97e86960afc3683a5f.tmp
drwxr-xr-x 1 clamav clamav78 Feb 14  2013 
clamav-7ede314dee89e02d2ab583a04c7682d9
drwxr-xr-x 1 clamav clamav 0 Nov 12  2014 
clamav-8e80e59e33f957260fd737267103006c.tmp
drwxr-xr-x 1 clamav clamav 0 Aug 24 06:25 
clamav-a5a238c7a6b25924d94b0b3dd7e8e88e.tmp
-rw-r--r-- 1 clamav clamav 127622144 Nov 21 14:17 daily.cld
-rw-r--r-- 1 clamav clamav 117892267 Jul 18 03:07 main.cvd
-rw--- 1 clamav clamav  1612 Nov 21 14:20 mirrors.dat

-- System Information:
Debian Release: buster/sid
  APT prefers 

Bug#881710: marked as done (libpythonqt-qt5-common-dev,libpythonqt-qtall-qt5-common-dev: both ship /usr/include/PythonQt5/moc_predefs.h)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 06:50:31 +
with message-id 
and subject line Bug#881710: fixed in pythonqt 3.2-5~exp1
has caused the Debian Bug report #881710,
regarding libpythonqt-qt5-common-dev,libpythonqt-qtall-qt5-common-dev: both 
ship /usr/include/PythonQt5/moc_predefs.h
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
881710: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881710
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libpythonqt-qt5-common-dev,libpythonqt-qtall-qt5-common-dev
Version: 3.2-4
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package failed to install
because it tries to overwrite other packages files.

>From the attached log (scroll to the bottom...):

  Selecting previously unselected package 
libpythonqt-qtall-qt5-common-dev:amd64.
  Preparing to unpack .../libpythonqt-qtall-qt5-common-dev_3.2-4_amd64.deb ...
  Unpacking libpythonqt-qtall-qt5-common-dev:amd64 (3.2-4) ...
  dpkg: error processing archive 
/var/cache/apt/archives/libpythonqt-qtall-qt5-common-dev_3.2-4_amd64.deb 
(--unpack):
   trying to overwrite '/usr/include/PythonQt5/moc_predefs.h', which is also in 
package libpythonqt-qt5-common-dev:amd64 3.2-4
  Errors were encountered while processing:
   /var/cache/apt/archives/libpythonqt-qtall-qt5-common-dev_3.2-4_amd64.deb


cheers,

Andreas


libpythonqt-qt5-common-dev=3.2-4_libpythonqt-qtall-qt5-common-dev=3.2-4.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: pythonqt
Source-Version: 3.2-5~exp1

We believe that the bug you reported is fixed in the latest version of
pythonqt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 881...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonathan Carter  (supplier of updated pythonqt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 20 Nov 2017 10:21:26 +0200
Source: pythonqt
Binary: libpythonqt-qt5-python2-3 libpythonqt-qt5-common-dev 
libpythonqt-qt5-python2-dev libpythonqt-qtall-qt5-python2-3 
libpythonqt-qtall-qt5-common-dev libpythonqt-qtall-qt5-python2-dev 
libpythonqt-qt5-python3-3 libpythonqt-qt5-python3-dev 
libpythonqt-qtall-qt5-python3-3 libpythonqt-qtall-qt5-python3-dev
Architecture: source
Version: 3.2-5~exp1
Distribution: experimental
Urgency: medium
Maintainer: Debian Python Modules Team 

Changed-By: Jonathan Carter 
Description:
 libpythonqt-qt5-common-dev - Dynamic Python binding for the Qt framework - 
development
 libpythonqt-qt5-python2-3 - Dynamic Python binding for the Qt framework - 
runtime
 libpythonqt-qt5-python2-dev - Dynamic Python binding for the Qt framework - 
development
 libpythonqt-qt5-python3-3 - Dynamic Python binding for the Qt framework - 
runtime
 libpythonqt-qt5-python3-dev - Dynamic Python binding for the Qt framework - 
development
 libpythonqt-qtall-qt5-common-dev - Dynamic Python binding for the Qt framework 
- development
 libpythonqt-qtall-qt5-python2-3 - Dynamic Python binding for the Qt framework 
- runtime
 libpythonqt-qtall-qt5-python2-dev - Dynamic Python binding for the Qt 
framework - development
 libpythonqt-qtall-qt5-python3-3 - Dynamic Python binding for the Qt framework 
- runtime
 libpythonqt-qtall-qt5-python3-dev - Dynamic Python binding for the Qt 
framework - development
Closes: 881685 881710
Changes:
 pythonqt (3.2-5~exp1) experimental; urgency=medium
 .
   * Add Erik Lunde's patch to fix builds on ppc64
 (Closes: #881685)
   * Add Erik Lunde's patch to fix files shipped in multiple binaries
 (Closes: #881710)
Checksums-Sha1:
 0d80b15f8f5eed4a1b1793224fa963bd5fb3d379 3054 pythonqt_3.2-5~exp1.dsc
 34329734d6727b8e97fa42830e3bac1f7cf552ea 2397844 pythonqt_3.2.orig.tar.xz
 0ac8ec4887613abc28d2f23dc7831986eced262d 9356 pythonqt_3.2-5~exp1.debian.tar.xz
 94974c4a1487dc4d9435d386328a3b4486350686 13127 
pythonqt_3.2-5~exp1_source.buildinfo
Checksums-Sha256:
 

Bug#882306: marked as done (keepassxc FTBFS: Qt5LinguistTools*.cmake moved to qttools5-dev)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 10:49:19 +
with message-id 
and subject line Bug#882306: fixed in keepassxc 2.2.2-1
has caused the Debian Bug report #882306,
regarding keepassxc FTBFS: Qt5LinguistTools*.cmake moved to qttools5-dev
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
882306: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882306
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: keepassxc
Version: 2.2.0-1
Severity: serious

https://buildd.debian.org/status/package.php?p=keepassxc=sid

...
CMake Error at CMakeLists.txt:211 (find_package):
  By not providing "FindQt5LinguistTools.cmake" in CMAKE_MODULE_PATH this
  project has asked CMake to find a package configuration file provided by
  "Qt5LinguistTools", but CMake did not find one.

  Could not find a package configuration file provided by "Qt5LinguistTools"
  (requested version 5.2) with any of the following names:

Qt5LinguistToolsConfig.cmake
qt5linguisttools-config.cmake

  Add the installation prefix of "Qt5LinguistTools" to CMAKE_PREFIX_PATH or
  set "Qt5LinguistTools_DIR" to a directory containing one of the above
  files.  If "Qt5LinguistTools" provides a separate development package or
  SDK, be sure it has been installed.



qttools-opensource-src (5.9.2-3) unstable; urgency=medium

  * Move Qt5LinguistTools*.cmake from qttools5-dev-tools to qttools5-dev.
...
--- End Message ---
--- Begin Message ---
Source: keepassxc
Source-Version: 2.2.2-1

We believe that the bug you reported is fixed in the latest version of
keepassxc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 882...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julian Andres Klode  (supplier of updated keepassxc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 21 Nov 2017 11:12:12 +0100
Source: keepassxc
Binary: keepassxc
Architecture: source
Version: 2.2.2-1
Distribution: unstable
Urgency: medium
Maintainer: Julian Andres Klode 
Changed-By: Julian Andres Klode 
Description:
 keepassxc  - Cross Platform Password Manager
Closes: 882306
Changes:
 keepassxc (2.2.2-1) unstable; urgency=medium
 .
   * New upstream version 2.2.2
   * Add missing dependency on qttools5-dev (Closes: #882306)
   * Drop desktop_file_comment.patch and rebase others
   * Bump Standards-Version to 4.1.1
Checksums-Sha1:
 0a3b39b559967231194c32c0990556b38a212028 2326 keepassxc_2.2.2-1.dsc
 ae5f2ed2cc027b7c07c40fe81ca7a9b5570785ed 3252052 keepassxc_2.2.2.orig.tar.xz
 e7f05921b911e8a38194fd4df341630f1f1b1aca 488 keepassxc_2.2.2.orig.tar.xz.asc
 e47cf2727a03ad0418ff966af0f70c2c8c6c2388 86664 keepassxc_2.2.2-1.debian.tar.xz
 b533ea7ed01a75a625d4d5db07027186e6a8cb7a 12544 
keepassxc_2.2.2-1_source.buildinfo
Checksums-Sha256:
 828fa9a7549d1ccdd23c9afdfd7d3925d699758aa19ae20803b2a984f04c64b6 2326 
keepassxc_2.2.2-1.dsc
 2f55784f7e6d3a840575e1768a3e5ae03986c2f6a70029dd6b9f9bb0fa443473 3252052 
keepassxc_2.2.2.orig.tar.xz
 94f00cb6870c9eeaeb46d8469c3c6aa951130439cc361547a85089aa4fb0bc9c 488 
keepassxc_2.2.2.orig.tar.xz.asc
 4ae85c75bf81dda03dedbee1b68b3cd83985fb224148801b8b3262a6d38c1089 86664 
keepassxc_2.2.2-1.debian.tar.xz
 f0fb59ac6fd9b5cab0b96922823431c8b8e885b50603ded8daf8fe8ba4af33cc 12544 
keepassxc_2.2.2-1_source.buildinfo
Files:
 9b5967c56c80d365b10aceda0aa24a2c 2326 utils optional keepassxc_2.2.2-1.dsc
 fc960e9258bcd13a287976902d008d52 3252052 utils optional 
keepassxc_2.2.2.orig.tar.xz
 bee06af02bc21a5c6fd314ece8fd0592 488 utils optional 
keepassxc_2.2.2.orig.tar.xz.asc
 326b6958d5ad009dd43c891b99a9b019 86664 utils optional 
keepassxc_2.2.2-1.debian.tar.xz
 40e379d5237ba0e7d4d3dce8a6a15765 12544 utils optional 
keepassxc_2.2.2-1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJDBAEBCgAtFiEEzeVhi4gF/W4gLOnC1zw55WWAs4YFAloT/BIPHGpha0BkZWJp
YW4ub3JnAAoJENc8OeVlgLOGOUoP/inVgokya3AGG5zpRv/9LSn3ivYJBf6DMdV5
iQsflU4vjT2yY5W5YQkqpTJyzScb6BjHj9/fXQbU/wQ5fHpvviDDSwFYdaA+8Chn
ouZ+5chs1KRy+uKxPwBmgBoReZpsbrxBOArLiIL9GjV4XThu81weXwwW39Y221TH

Bug#882321: marked as done (rjava fails to build)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 07:09:52 -0600
with message-id <23060.9632.414507.234...@bud.eddelbuettel.com>
and subject line Re: Bug#882321: rjava fails to build
has caused the Debian Bug report #882321,
regarding rjava fails to build
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
882321: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882321
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:rjava
Version: 0.9-9-1
Severity: serious
Tags: sid buster

the package fails to build:

checking for sys/time.h... yes
checking for unistd.h... (cached) yes
checking for an ANSI C-conforming const... yes
checking whether time.h and sys/time.h may both be included... yes
configure: checking whether gcc -std=gnu99 supports static inline...
yes
checking whether setjmp.h is POSIX.1 compatible... yes
checking whether sigsetjmp is declared... yes
checking whether siglongjmp is declared... yes
checking Java support in R... present:
interpreter : '/usr/lib/jvm/default-java/jre/bin/java'
archiver: '/usr/lib/jvm/default-java/bin/jar'
compiler: '/usr/lib/jvm/default-java/bin/javac'
header prep.: '/usr/lib/jvm/default-java/bin/javah'
cpp flags   : '-I/usr/lib/jvm/default-java/include
-I/usr/lib/jvm/default-java/include/linux'
java libs   : '-L/usr/lib/jvm/default-java/jre/lib/amd64/server -ljvm'
checking whether Java run-time works... ./configure: line 3736:
/usr/lib/jvm/default-java/jre/bin/java: No such file or directory
no
configure: error: Java interpreter '/usr/lib/jvm/default-java/jre/bin/java' does
not work
ERROR: configuration failed for package ‘rJava’
* removing ‘/<>/debian/r-cran-rjava/usr/lib/R/site-library/rJava’
/usr/share/R/debian/r-cran.mk:101: recipe for target 'R_any_arch' failed
make: *** [R_any_arch] Error 1
dpkg-buildpackage: error: fakeroot debian/rules binary subprocess returned exit
status 2

Build finished at 20171112-0120

Finished
--- End Message ---
--- Begin Message ---

On 21 November 2017 at 13:58, Matthias Klose wrote:
| On 21.11.2017 13:52, Dirk Eddelbuettel wrote:
| > What version of r-base core was used here, and what arch was this?
| 
| ahh, 3.4.2-1. Looks like the build dependency wasn't updated.3.4.2-2 seems to
| work ...

Phew.  As should 3.4.2.20171120-1 which I uploaded yesterday.

So ... I am closing this, ok?

Dirk

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org--- End Message ---

Processed: fixed 881856 in 2.6.1-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> fixed 881856 2.6.1-1
Bug #881856 [src:opensaml2] opensaml2: CVE-2017-16853: Dynamic MetadataProvider 
fails to install security filters (CPPOST-105)
Marked as fixed in versions opensaml2/2.6.1-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
881856: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881856
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: fixed 881857 in 2.6.1+dfsg1-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> fixed 881857 2.6.1+dfsg1-1
Bug #881857 [shibboleth-sp2] shibboleth-sp2: CVE-2017-16852: Dynamic 
MetadataProvider fails to install security filters (SSCPP-763)
There is no source info for the package 'shibboleth-sp2' at version 
'2.6.1+dfsg1-1' with architecture ''
Unable to make a source version for version '2.6.1+dfsg1-1'
Marked as fixed in versions 2.6.1+dfsg1-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
881857: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881857
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#882308: http-parser 2.7 breaks ruby-em-http-request's tests

[Matthias Klose]

Package: src:http-parser
Version: 2.7.1-2
Severity: serious
Tags: sid buster
Affects: ruby-em-http-request

http-parser 2.7 breaks ruby-em-http-request's tests, breaking the package build
and the autopkg tests:

- -> /redirect/https_with_port
should keep default https port in redirect url that include it
127.0.0.1 - - [21/Nov/2017:10:04:16 UTC] "GET
/redirect/ignore_query_option?ignore=1 HTTP/1.1" 301 0
   - ->
/redirect/ignore_query_option?ignore=1
should ignore query option when redirecting127.0.0.1 - - [21/Nov/2017:10:04:16
UTC] "GET /redirect/url HTTP/1.1" 200 34

  - -> /redirect/url
  should work with keep-alive connections with cross-origin redirect
should work with keep-alive connections with same-origin redirect

  Failures:

1) EventMachine::HttpRequest should close connection on
invalid HTTP response Failure/Error: if !client.continue?

  NoMethodError:
  undefined method `continue?' for
nil:NilClass#
./lib/em-http/http_connection.rb:134:in `block in post_init'
# ./lib/em-http/http_connection.rb:152:in `<<'
  # ./lib/em-http/http_connection.rb:152:in `receive_data'
# ./lib/em-http/http_connection.rb:23:in `receive_data'
  # ./spec/client_spec.rb:865:in `block (2 levels) in '

 Finished in 9.61 seconds (files took 1.2 seconds to load)
   127 examples, 1 failure

   Failed examples:

   rspec ./spec/client_spec.rb:864 # EventMachine::HttpRequest
should close connection on invalid HTTP response

   127.0.0.1 - - [21/Nov/2017:10:04:06 UTC] "GET
/timeout HTTP/1.1" 200 0 127.0.0.1 - - [21/Nov/2017:10:04:09 UTC]
"GET /timeout HTTP/1.1" 200 0 - -> /timeout
[2017-11-21 10:04:16] INFO  going to
shutdown ...  - -> /timeout
[2017-11-21 10:04:16] INFO
WEBrick::HTTPServer#start done./usr/bin/ruby2.3
/usr/bin/rspec --pattern ./spec/\*\*/\*_spec.rb --format documentation failed

Bug#882298: trilinos: missing dependencies on libtrilinos-trilinosss-dev

[Adrian Bunk]

Source: trilinos
Version: 12.12.1-2
Severity: serious
Control: affects -1 src:deal.ii

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/deal.ii.html

...
-- Include /build/1st/deal.ii-8.4.2/cmake/configure/configure_2_trilinos.cmake
CMake Error at /usr/lib/x86_64-linux-gnu/cmake/Amesos/AmesosConfig.cmake:144 
(INCLUDE):
  INCLUDE could not find load file:

/usr/lib/x86_64-linux-gnu/cmake/Amesos/../TrilinosSS/TrilinosSSConfig.cmake
Call Stack (most recent call first):
  /usr/lib/x86_64-linux-gnu/cmake/Ifpack/IfpackConfig.cmake:143 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/ML/MLConfig.cmake:143 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Stratimikos/StratimikosConfig.cmake:144 
(INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Teko/TekoConfig.cmake:143 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/MueLu/MueLuConfig.cmake:143 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Stokhos/StokhosConfig.cmake:143 (INCLUDE)
  
/usr/lib/x86_64-linux-gnu/cmake/TrilinosCouplings/TrilinosCouplingsConfig.cmake:143
 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Trilinos/TrilinosConfig.cmake:146 (INCLUDE)
  cmake/macros/macro_find_package.cmake:27 (_FIND_PACKAGE)
  cmake/modules/FindTRILINOS.cmake:40 (FIND_PACKAGE)
  cmake/macros/macro_find_package.cmake:27 (_FIND_PACKAGE)
  cmake/configure/configure_2_trilinos.cmake:22 (FIND_PACKAGE)
  obj-x86_64-linux-gnu/CMakeFiles/CMakeTmp/macro_configure_feature.tmp:1 
(FEATURE_TRILINOS_FIND_EXTERNAL)
  cmake/macros/macro_configure_feature.cmake:76 (INCLUDE)
  cmake/macros/macro_configure_feature.cmake:240 (RUN_COMMAND)
  cmake/configure/configure_2_trilinos.cmake:220 (CONFIGURE_FEATURE)
  cmake/macros/macro_verbose_include.cmake:19 (INCLUDE)
  CMakeLists.txt:119 (VERBOSE_INCLUDE)

CMake Error at /usr/lib/x86_64-linux-gnu/cmake/Ifpack/IfpackConfig.cmake:146 
(INCLUDE):
  INCLUDE could not find load file:

/usr/lib/x86_64-linux-gnu/cmake/Ifpack/../TrilinosSS/TrilinosSSConfig.cmake
Call Stack (most recent call first):
  /usr/lib/x86_64-linux-gnu/cmake/ML/MLConfig.cmake:143 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Stratimikos/StratimikosConfig.cmake:144 
(INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Teko/TekoConfig.cmake:143 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/MueLu/MueLuConfig.cmake:143 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Stokhos/StokhosConfig.cmake:143 (INCLUDE)
  
/usr/lib/x86_64-linux-gnu/cmake/TrilinosCouplings/TrilinosCouplingsConfig.cmake:143
 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Trilinos/TrilinosConfig.cmake:146 (INCLUDE)
  cmake/macros/macro_find_package.cmake:27 (_FIND_PACKAGE)
  cmake/modules/FindTRILINOS.cmake:40 (FIND_PACKAGE)
  cmake/macros/macro_find_package.cmake:27 (_FIND_PACKAGE)
  cmake/configure/configure_2_trilinos.cmake:22 (FIND_PACKAGE)
  obj-x86_64-linux-gnu/CMakeFiles/CMakeTmp/macro_configure_feature.tmp:1 
(FEATURE_TRILINOS_FIND_EXTERNAL)
  cmake/macros/macro_configure_feature.cmake:76 (INCLUDE)
  cmake/macros/macro_configure_feature.cmake:240 (RUN_COMMAND)
  cmake/configure/configure_2_trilinos.cmake:220 (CONFIGURE_FEATURE)
  cmake/macros/macro_verbose_include.cmake:19 (INCLUDE)
  CMakeLists.txt:119 (VERBOSE_INCLUDE)


CMake Error at /usr/lib/x86_64-linux-gnu/cmake/ML/MLConfig.cmake:155 (INCLUDE):
  INCLUDE could not find load file:

/usr/lib/x86_64-linux-gnu/cmake/ML/../TrilinosSS/TrilinosSSConfig.cmake
Call Stack (most recent call first):
  /usr/lib/x86_64-linux-gnu/cmake/Stratimikos/StratimikosConfig.cmake:144 
(INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Teko/TekoConfig.cmake:143 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/MueLu/MueLuConfig.cmake:143 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Stokhos/StokhosConfig.cmake:143 (INCLUDE)
  
/usr/lib/x86_64-linux-gnu/cmake/TrilinosCouplings/TrilinosCouplingsConfig.cmake:143
 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Trilinos/TrilinosConfig.cmake:146 (INCLUDE)
  cmake/macros/macro_find_package.cmake:27 (_FIND_PACKAGE)
  cmake/modules/FindTRILINOS.cmake:40 (FIND_PACKAGE)
  cmake/macros/macro_find_package.cmake:27 (_FIND_PACKAGE)
  cmake/configure/configure_2_trilinos.cmake:22 (FIND_PACKAGE)
  obj-x86_64-linux-gnu/CMakeFiles/CMakeTmp/macro_configure_feature.tmp:1 
(FEATURE_TRILINOS_FIND_EXTERNAL)
  cmake/macros/macro_configure_feature.cmake:76 (INCLUDE)
  cmake/macros/macro_configure_feature.cmake:240 (RUN_COMMAND)
  cmake/configure/configure_2_trilinos.cmake:220 (CONFIGURE_FEATURE)
  cmake/macros/macro_verbose_include.cmake:19 (INCLUDE)
  CMakeLists.txt:119 (VERBOSE_INCLUDE)


CMake Error at 
/usr/lib/x86_64-linux-gnu/cmake/Stratimikos/StratimikosConfig.cmake:157 
(INCLUDE):
  INCLUDE could not find load file:


/usr/lib/x86_64-linux-gnu/cmake/Stratimikos/../TrilinosSS/TrilinosSSConfig.cmake
Call Stack (most recent call first):
  /usr/lib/x86_64-linux-gnu/cmake/Teko/TekoConfig.cmake:143 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/MueLu/MueLuConfig.cmake:143 (INCLUDE)
  /usr/lib/x86_64-linux-gnu/cmake/Stokhos/StokhosConfig.cmake:143 (INCLUDE)
  

Bug#882295: ploop FTBFS with glibc 2.25

[Adrian Bunk]

Source: ploop
Version: 1.15-3
Severity: serious

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/ploop.html

...
  CC   delta_sysfs.o
delta_sysfs.c: In function 'get_dev_num':
delta_sysfs.c:241:13: error: In the GNU C Library, "makedev" is defined
 by . For historical compatibility, it is
 currently defined by  as well, but we plan to
 remove this soon. To use "makedev", include 
 directly. If you did not intend to use a system-defined macro
 "makedev", you should undefine it after including . [-Werror]
  *dev_num = makedev(maj, min);
 ^~ 



   
cc1: all warnings being treated as errors
../Makefile.inc:48: recipe for target 'delta_sysfs.o' failed
make[2]: *** [delta_sysfs.o] Error 1

Processed: fixed upstream

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + fixed-upstream
Bug #851078 [src:git-crypt] git-crypt: Please migrate to openssl1.1 in buster
Added tag(s) fixed-upstream.

-- 
851078: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851078
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#878883: marked as pending

[Gianfranco Costamagna]

On Sun, 12 Nov 2017 16:59:50 + Kevin Cernekee  wrote:
> tag 878883 pending
> thanks
> 

Hello,

ping?

G.

> Hello,
> 
> Bug #878883 reported by you has been fixed in the Git repository. You can
> see the changelog below, and you can check the diff of the fix at:
> 
> https://anonscm.debian.org/cgit/collab-maint/stoken.git/commit/?id=e164aac
> 
> ---
> commit e164aac3c3f4cfffb1b81cf84b036975ae371415
> Author: Kevin Cernekee 
> Date:   Sun Nov 12 08:46:14 2017 -0800
> 
> New Debian release.
> 
> diff --git a/debian/changelog b/debian/changelog
> index 7ea8d4c..d1ca382 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -1,3 +1,10 @@
> +stoken (0.92-1) unstable; urgency=medium
> +
> +  * Imported Upstream version 0.92 (Closes: #878883)
> +  * Bump Standards-Version to 4.1.1, no changes needed
> +
> + -- Kevin Cernekee   Sun, 12 Nov 2017 08:45:20 -0800
> +
>  stoken (0.91-1) unstable; urgency=medium
>  
>* Imported Upstream version 0.91
> 
> 



signature.asc
Description: OpenPGP digital signature

Bug#882266: marked as pending

[Thomas Goirand]

tag 882266 pending
thanks

Hello,

Bug #882266 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:


https://anonscm.debian.org/cgit/openstack/services/horizon.git/commit/?id=3c00a92

---
commit 3c00a9237dc417318f81c4aae57d393d1c876782
Author: Thomas Goirand 
Date:   Tue Nov 21 16:36:55 2017 +

  * Add upstream patch to avoid internet access during unit test suite 
module
import (Closes: #882266).

diff --git a/debian/changelog b/debian/changelog
index 0ef1bc0..4b61a9c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,8 @@
-horizon (3:12.0.0-5) UNRELEASED; urgency=medium
+horizon (3:12.0.0-5) unstable; urgency=medium
 
   * Set http{s,}_proxy during tests.
+  * Add upstream patch to avoid internet access during unit test suite module
+import (Closes: #882266).
 
  -- Thomas Goirand   Tue, 21 Nov 2017 08:04:26 +
 

Processed: Bug#882266 marked as pending

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> tag 882266 pending
Bug #882266 [src:horizon] horizon accesses the internet during the build
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
882266: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882266
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#882346: libc0.1-dev: fails to upgrade, trying to overwrite /usr/include/x86_64-kfreebsd-gnu/sys/random.h

[Andreas Beckmann]

Package: libc0.1-dev
Version: 2.25-1
Severity: serious

While trying to upgrade a sid chroot on falla.d.o:

Preparing to unpack .../libc0.1-dev_2.25-1_kfreebsd-amd64.deb ...
Unpacking libc0.1-dev:kfreebsd-amd64 (2.25-1) over (2.24-17) ...
dpkg: error processing archive 
/var/cache/apt/archives/libc0.1-dev_2.25-1_kfreebsd-amd64.deb (--unpack):
 trying to overwrite '/usr/include/x86_64-kfreebsd-gnu/sys/random.h', which is 
also in package kfreebsd-kernel-headers 10.3~3
dpkg-deb: error: paste subprocess was killed by signal (Broken pipe)


Andreas

Bug#882264: marked as done (libtemplate-declare-perl FTBFS with libhtml-lint-perl 2.26+dfsg-1)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 18:04:09 +
with message-id 
and subject line Bug#882264: fixed in libtemplate-declare-perl 0.47-2
has caused the Debian Bug report #882264,
regarding libtemplate-declare-perl FTBFS with libhtml-lint-perl 2.26+dfsg-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
882264: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882264
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libtemplate-declare-perl
Version: 0.47-1
Severity: serious
Tags: buster sid

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/libtemplate-declare-perl.html

...
Test Summary Report
---
t/aliasing.t  (Wstat: 1280 Tests: 30 Failed: 5)
  Failed tests:  11, 16, 21, 26, 30
  Non-zero exit status: 5
t/arg-declaration-styles.t (Wstat: 2048 Tests: 39 Failed: 8)
  Failed tests:  3, 6, 9, 15, 21, 27, 33, 39
  Non-zero exit status: 8
t/attributes.t(Wstat: 1280 Tests: 10 Failed: 5)
  Failed tests:  2, 4, 6, 8, 10
  Non-zero exit status: 5
t/closures.t  (Wstat: 2048 Tests: 16 Failed: 8)
  Failed tests:  2, 4, 6, 8, 10, 12, 14, 16
  Non-zero exit status: 8
t/forms.t (Wstat: 256 Tests: 2 Failed: 1)
  Failed test:  2
  Non-zero exit status: 1
t/importing.t (Wstat: 512 Tests: 18 Failed: 2)
  Failed tests:  14, 18
  Non-zero exit status: 2
t/indexhtml.t (Wstat: 512 Tests: 4 Failed: 2)
  Failed tests:  2, 4
  Non-zero exit status: 2
t/mixing.t(Wstat: 1280 Tests: 30 Failed: 5)
  Failed tests:  11, 16, 21, 26, 30
  Non-zero exit status: 5
t/private.t   (Wstat: 1024 Tests: 14 Failed: 4)
  Failed tests:  3, 6, 9, 12
  Non-zero exit status: 4
t/self.t  (Wstat: 256 Tests: 3 Failed: 1)
  Failed test:  3
  Non-zero exit status: 1
t/siblings.t  (Wstat: 768 Tests: 7 Failed: 3)
  Failed tests:  2, 4, 7
  Non-zero exit status: 3
t/subclassing.t   (Wstat: 768 Tests: 11 Failed: 3)
  Failed tests:  3, 5, 11
  Non-zero exit status: 3
t/subtemplates.t  (Wstat: 1024 Tests: 9 Failed: 4)
  Failed tests:  2, 4, 6, 9
  Non-zero exit status: 4
t/trivial.t   (Wstat: 1024 Tests: 9 Failed: 4)
  Failed tests:  2, 4, 6, 9
  Non-zero exit status: 4
t/utf8.t  (Wstat: 1536 Tests: 12 Failed: 6)
  Failed tests:  2, 4, 6, 8, 10, 12
  Non-zero exit status: 6
t/xss.t   (Wstat: 1024 Tests: 8 Failed: 4)
  Failed tests:  2, 4, 6, 8
  Non-zero exit status: 4
Files=51, Tests=478, 12 wallclock secs ( 0.23 usr  0.15 sys +  6.65 cusr  0.71 
csys =  7.74 CPU)
Result: FAIL
Failed 16/51 test programs. 65/478 subtests failed.
Makefile:786: recipe for target 'test_dynamic' failed
make[1]: *** [test_dynamic] Error 4
--- End Message ---
--- Begin Message ---
Source: libtemplate-declare-perl
Source-Version: 0.47-2

We believe that the bug you reported is fixed in the latest version of
libtemplate-declare-perl, which is due to be installed in the Debian FTP 
archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 882...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
gregor herrmann  (supplier of updated 
libtemplate-declare-perl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 21 Nov 2017 18:50:27 +0100
Source: libtemplate-declare-perl
Binary: libtemplate-declare-perl
Architecture: source
Version: 0.47-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Perl Group 
Changed-By: gregor herrmann 
Closes: 882264
Description: 
 libtemplate-declare-perl - module for Perlish declarative templates
Changes:
 libtemplate-declare-perl (0.47-2) unstable; urgency=medium
 .
   [ Salvatore Bonaccorso ]
   * debian/control: Use HTTPS transport protocol for Vcs-Git URI
 .
   [ gregor herrmann ]
   * debian/copyright: change Copyright-Format 1.0 URL to HTTPS.
   * Remove Jonathan Yu from Uploaders. Thanks for your work!
   * Remove Nathan Handler from Uploaders. Thanks for your work!
   * Remove AGOSTINI Yves from Uploaders. Thanks for your work!
   * Add a patch 

Bug#882122: thunderbird: Thunderbird can't connect to X server, fails to start

[Jan Christoph Uhde]

Hi,

I just want to confirm this bug! You are not the only one hit by the issue. 
Launching
/usr/lib/thunderbird/thunderbird-bin works here as well! Thank you for 
investigating so
far!

Bug#882103: python-pkg-resources: crashing with "ImportError: No module named load_entry_point"

[intrigeri]

Hi,

Marc:
> I removed apparmor and problem goes away, and I installed apparmor
> again and the problem returns.

Good catch!

> Maybe obfsproxy needs it's own apparmor profile, or the python profile has a 
> problem?

obfsproxy includes its own AppArmor profile. I'm not sure how well
it's been maintained and tested on Debian testing/sid though.

I've tried running "/usr/bin/obfsproxy managed" and I see a bunch of
errors in the Journal:

  Nov 21 18:45:06 ensifera kernel: audit: type=1400 audit(1511286306.689:1870): 
apparmor="DENIED" operation="open" profile="/usr/bin/obfsproxy" 
name="/proc/6963/mounts" pid=6963 comm="obfsproxy" requested_mask="r" 
denied_mask="r" fsuid=1002 ouid=1002
  Nov 21 18:45:06 ensifera kernel: audit: type=1400 audit(1511286306.689:1871): 
apparmor="DENIED" operation="exec" profile="/usr/bin/obfsproxy" 
name="/usr/sbin/ldconfig" pid=6964 comm="obfsproxy" requested_mask="x" 
denied_mask="x" fsuid=1002 ouid=0
  Nov 21 18:45:06 ensifera kernel: audit: type=1400 audit(1511286306.697:1872): 
apparmor="DENIED" operation="mknod" profile="/usr/bin/obfsproxy" 
name="/tmp/d1SGQ2" pid=6963 comm="obfsproxy" requested_mask="c" denied_mask="c" 
fsuid=1002 ouid=1002
  Nov 21 18:45:06 ensifera kernel: audit: type=1400 audit(1511286306.697:1873): 
apparmor="DENIED" operation="mknod" profile="/usr/bin/obfsproxy" 
name="/var/tmp/fabY3f" pid=6963 comm="obfsproxy" requested_mask="c" 
denied_mask="c" fsuid=1002 ouid=1002
  Nov 21 18:45:06 ensifera kernel: audit: type=1400 audit(1511286306.697:1874): 
apparmor="DENIED" operation="mknod" profile="/usr/bin/obfsproxy" 
name="/etc/apparmor.d/F1_1fY" pid=6963 comm="obfsproxy" requested_mask="c" 
denied_mask="c" fsuid=1002 ouid=1002
  Nov 21 18:45:06 ensifera kernel: audit: type=1400 audit(1511286306.697:1875): 
apparmor="DENIED" operation="exec" profile="/usr/bin/obfsproxy" 
name="/usr/sbin/ldconfig" pid=6965 comm="obfsproxy" requested_mask="x" 
denied_mask="x" fsuid=1002 ouid=0
  Nov 21 18:45:06 ensifera kernel: audit: type=1400 audit(1511286306.697:1876): 
apparmor="DENIED" operation="mknod" profile="/usr/bin/obfsproxy" 
name="/tmp/TfcaiJ" pid=6963 comm="obfsproxy" requested_mask="c" denied_mask="c" 
fsuid=1002 ouid=1002
  Nov 21 18:45:06 ensifera kernel: audit: type=1400 audit(1511286306.701:1877): 
apparmor="DENIED" operation="mknod" profile="/usr/bin/obfsproxy" 
name="/var/tmp/isY7jU" pid=6963 comm="obfsproxy" requested_mask="c" 
denied_mask="c" fsuid=1002 ouid=1002
  Nov 21 18:45:06 ensifera kernel: audit: type=1400 audit(1511286306.701:1878): 
apparmor="DENIED" operation="mknod" profile="/usr/bin/obfsproxy" 
name="/etc/apparmor.d/u6OS0q" pid=6963 comm="obfsproxy" requested_mask="c" 
denied_mask="c" fsuid=1002 ouid=1002
  Nov 21 18:45:11 ensifera kernel: audit: type=1400 audit(1511286311.333:1879): 
apparmor="DENIED" operation="open" profile="/usr/bin/obfsproxy" 
name="/proc/6975/mounts" pid=6975 comm="obfsproxy" requested_mask="r" 
denied_mask="r" fsuid=1002 ouid=1002

I could not see the error Marc is reporting, because I don't know how
exactly I should run obfsproxy to trigger it. Marc, could you please
share the exact command line you're running?

Lunar, unless you disagree I'll do a team upload that disables this
profile by default. We can re-enable it if/once someone feels like
keeping it up-to-date and working. What do you think?

Cheers,
-- 
intrigeri

Bug#882266: marked as done (horizon accesses the internet during the build)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 17:19:07 +
with message-id 
and subject line Bug#882266: fixed in horizon 3:12.0.0-5
has caused the Debian Bug report #882266,
regarding horizon accesses the internet during the build
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
882266: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882266
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: horizon
Version: 3:12.0.0-4
Severity: serious

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/horizon.html

...
==
ERROR: Failure: ConnectionError 
(HTTPSConnectionPool(host='translate.openstack.org', port=443): Max retries 
exceeded with url: /rest/project/horizon/version/master/locales (Caused by 
NewConnectionError(': Failed to establish a new connection: [Errno -3] Temporary 
failure in name resolution',)))
--
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/nose/loader.py", line 418, in 
loadTestsFromName
addr.filename, addr.module)
  File "/usr/lib/python2.7/dist-packages/nose/importer.py", line 47, in 
importFromPath
return self.importFromDir(dir_path, fqname)
  File "/usr/lib/python2.7/dist-packages/nose/importer.py", line 94, in 
importFromDir
mod = load_module(part_fqname, fh, filename, desc)
  File "/build/1st/horizon-12.0.0/horizon/management/commands/pull_catalog.py", 
line 21, in 
ZANATA_LOCALES = requests.get("https://translate.openstack.org/rest/project;
  File "/usr/lib/python2.7/dist-packages/requests/api.py", line 72, in get
return request('get', url, params=params, **kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/api.py", line 58, in request
return session.request(method=method, url=url, **kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 502, in 
request
resp = self.send(prep, **send_kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 612, in 
send
r = adapter.send(request, **kwargs)
  File "/usr/lib/python2.7/dist-packages/requests/adapters.py", line 504, in 
send
raise ConnectionError(e, request=request)
ConnectionError: HTTPSConnectionPool(host='translate.openstack.org', port=443): 
Max retries exceeded with url: /rest/project/horizon/version/master/locales 
(Caused by NewConnectionError(': Failed to establish a new connection: [Errno -3] 
Temporary failure in name resolution',))

--
Ran 209 tests in 66.346s

FAILED (SKIP=7, errors=1)
...
--- End Message ---
--- Begin Message ---
Source: horizon
Source-Version: 3:12.0.0-5

We believe that the bug you reported is fixed in the latest version of
horizon, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 882...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Goirand  (supplier of updated horizon package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Tue, 21 Nov 2017 08:04:26 +
Source: horizon
Binary: horizon-doc openstack-dashboard openstack-dashboard-apache 
python-django-horizon
Architecture: source all
Version: 3:12.0.0-5
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenStack 
Changed-By: Thomas Goirand 
Description:
 horizon-doc - web application to control an OpenStack cloud - doc
 openstack-dashboard - web application to control an OpenStack cloud
 openstack-dashboard-apache - web application to control an OpenStack cloud - 
Apache support
 python-django-horizon - Django module providing web interaction with OpenStack
Closes: 882266
Changes:
 horizon (3:12.0.0-5) unstable; urgency=medium
 .
   * Set http{s,}_proxy during tests.
   * Add upstream patch to avoid internet access during unit test suite module
 import (Closes: #882266).
Checksums-Sha1:
 cc8be215f399e4106b55585ab42a427a875f8a1c 4781 horizon_12.0.0-5.dsc
 485ed18ed51cef54268a2ad36dc6d7a549816c71 

Bug#882349: sra-sdk FTBFS with glibc 2.25

[Adrian Bunk]

Source: sra-sdk
Version: 2.8.1-2+dfsg-2
Severity: serious
Tags: buster sid
Forwarded: https://github.com/ncbi/sra-tools/issues/67

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/sra-sdk.html

...
/build/1st/sra-sdk-2.8.1-2+dfsg/tools/bam-loader/bam.c:3998:17: error: 
conflicting types for 'canonicalize'
 static unsigned canonicalize(uint32_t cigar[], unsigned n)
 ^~~~
In file included from /usr/include/features.h:406:0,
 from /usr/include/x86_64-linux-gnu/bits/libc-header-start.h:33,
 from /usr/include/stdint.h:26,
 from /usr/lib/gcc/x86_64-linux-gnu/7/include/stdint.h:9,
 from /usr/include/ncbi-vdb/kfc/defs.h:34,
 from /usr/include/ncbi-vdb/klib/defs.h:31,
 from /build/1st/sra-sdk-2.8.1-2+dfsg/tools/bam-loader/bam.c:27:
/usr/include/x86_64-linux-gnu/bits/mathcalls.h:435:1: note: previous 
declaration of 'canonicalize' was here
 __MATHDECL_1 (int, canonicalize,, (_Mdouble_ *__cx, const _Mdouble_ *__x));
 ^
/build/1st/sra-sdk-2.8.1-2+dfsg/tools/bam-loader/bam.c:2990:17: warning: 
'SequenceLengthFromCIGAR' defined but not used [-Wunused-function]
 static unsigned SequenceLengthFromCIGAR(const BAM_Alignment *self)
 ^~~
/build/1st/sra-sdk-2.8.1-2+dfsg/build/Makefile.rules:31: recipe for target 
'bam.o' failed
make[5]: *** [bam.o] Error 1

Bug#882153: marked as done (Please (build-)depends against python-gobject-2 and python-gobject-2-dev instead of python-gobject and python-gobject-dev)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 18:32:12 +0100
with message-id <151128553243.28295.9508140866925289...@auryn.jones.dk>
and subject line Re: [Pkg-sugar-devel] Bug#882153: Please (build-)depends 
against python-gobject-2 and python-gobject-2-dev instead of python-gobject and 
python-gobject-dev
has caused the Debian Bug report #882153,
regarding Please (build-)depends against python-gobject-2 and 
python-gobject-2-dev instead of python-gobject and python-gobject-dev
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
882153: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882153
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: sugar-base
Version: 0.98.0-6
Severity: important

Hi,

Could you please switch the (build-)dependencies against python-gobject
and python-gobject-dev to python-gobject-2 and python-gobject-2-dev
instead.

python-gobject and python-gobject-dev are transitional packages and we
want to remove them from the archive.

Kind regards,

Laurent Bigonville

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.13.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Version: 0.98.0-7

Quoting Laurent Bigonville (2017-11-19 18:10:53)
> Could you please switch the (build-)dependencies against python-gobject
> and python-gobject-dev to python-gobject-2 and python-gobject-2-dev
> instead.
> 
> python-gobject and python-gobject-dev are transitional packages and we
> want to remove them from the archive.

Fixed since 0.98.0-7.

Thanks for reporting!

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private--- End Message ---

Bug#873417: pocl: Please update to llvm-toolchain 4.0 or, better, 5.0

[Andreas Tille]

Hi,

I realised that there is a new upstream version 0.14 which seems to
allow LLVM 4.0.  I gave it a try in Git in the new branch 0.14 but faced
build problems I was not able to solve.  However, since I was hoping
that the refreshed patches might help (please review!) I commited this
branch.

Hope this helps a bit

  Andreas.

-- 
http://fam-tille.de

Bug#877229: [Pkg-sysvinit-devel] Bug#877229: marked as pending

[Axel Beckert]

Control: reopen -1
Control: notfixed -1 wml/2.4.1ds1-2

Hi Andreas,

Andreas Henriksson wrote:
> Do you have the wrong bug number?

Seems so. Should have been #877227, not #877229. Probably both mails
were above each other in the mail box and I missed the right line when
copy the bug number from the subject. :-(

Should be fixed in #877229 with this mail.

Will fix it in the package in git for future uploads and close #877227
manually.

Sorry for the noise.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE


signature.asc
Description: Digital signature

Bug#881898: mariadb-10.1: Uploads rejected by dak, blocking testing migration of mariadb-10.1 and its reverse dependencies

[Sebastiaan Couwenberg]

Control: reopen -1
Control: notfixed -1 mariadb-10.1/10.1.29-1
Control: affects -1 src:gdal src:slurm-llnl src:qtbase-opensource-src

mariadb-10.1 (10.1.29-1) still gets uploads rejected by dak, several of
the builds are stuck in Uploaded state again.

Other builds just failed, causing mariadb-10.1 to keep blocking testing
migration of itself and its reverse dependencies.

Processed: trilinos: missing dependencies on libtrilinos-trilinosss-dev

[Debian Bug Tracking System]

Processing control commands:

> affects -1 src:deal.ii
Bug #882298 [src:trilinos] trilinos: missing dependencies on 
libtrilinos-trilinosss-dev
Added indication that 882298 affects src:deal.ii

-- 
882298: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882298
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#877227: marked as done (wml: FTBFS on i386: cp: target '/build/wml-2.4.1ds1/obj-i386-linux-gnu/wml_test/' is not a directory)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 06:47:17 +0100
with message-id <20171121054716.gd17...@sym.noone.org>
and subject line Fwd: wml_2.4.1ds1-2_amd64.changes ACCEPTED into experimental 
[origin: ftpmas...@ftp-master.debian.org]
has caused the Debian Bug report #877227,
regarding wml: FTBFS on i386: cp: target 
'/build/wml-2.4.1ds1/obj-i386-linux-gnu/wml_test/' is not a directory
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
877227: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877227
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: wml
Version: 2.4.1ds1-1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

wml/experimental FTBFS in a current sid/experimental pbuilder chroot:

[...]
[100%] Generating htmlstrip.pl
cd /build/wml-2.4.1ds1/obj-i686-linux-gnu/wml_backend/p8_htmlstrip && 
/usr/bin/perl /build/wml-2.4.1ds1/cmake/preprocess-path-perl.pl --input 
/build/wml-2.4.1ds1/wml_backend/p8_htmlstrip/htmlstrip.src --output 
/build/wml-2.4.1ds1/obj-i686-linux-gnu/wml_backend/p8_htmlstrip/htmlstrip.pl 
--subst WML_VERSION=2.4.1 --subst WML_CONFIG_ARGS= --subst 
perlprog=/usr/bin/perl --subst perlvers=/usr/bin/perl --subst 
built_system=Linux --subst built_user= --subst built_date= --subst prefix=/usr 
--subst bindir=/usr/bin --subst libdir=/usr/lib/wml --subst 
mandir=/usr/share/man --subst PATH_PERL=/usr/bin/perl --subst 
INSTALLPRIVLIB=/usr/lib/wml --subst INSTALLARCHLIB=/usr/lib/wml
cd /build/wml-2.4.1ds1/obj-i686-linux-gnu/wml_backend/p8_htmlstrip && chmod a+x 
/build/wml-2.4.1ds1/obj-i686-linux-gnu/wml_backend/p8_htmlstrip/htmlstrip.pl
make[3]: Leaving directory '/build/wml-2.4.1ds1/obj-i686-linux-gnu'
[100%] Built target htmlstrip_preproc
make[2]: Leaving directory '/build/wml-2.4.1ds1/obj-i686-linux-gnu'
/usr/bin/cmake -E cmake_progress_start 
/build/wml-2.4.1ds1/obj-i686-linux-gnu/CMakeFiles 0
make[1]: Leaving directory '/build/wml-2.4.1ds1/obj-i686-linux-gnu'
   debian/rules override_dh_auto_test
make[1]: Entering directory '/build/wml-2.4.1ds1'
cp -pvr wml_test/test.mak wml_test/TEST* wml_test/t 
/build/wml-2.4.1ds1/obj-i386-linux-gnu/wml_test/
cp: target '/build/wml-2.4.1ds1/obj-i386-linux-gnu/wml_test/' is not a directory
debian/rules:41: recipe for target 'override_dh_auto_test' failed
make[1]: *** [override_dh_auto_test] Error 1


Looks there is a mixture of DEB_*_MULTIARCH and DEB_*_GNU_TYPE being used
by the build process. These are not identical on i386.


Andreas


wml_2.4.1ds1-1.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Version: 2.4.1ds1-2

Hi,

unfortunately I've put the wrong bug number (#877229 instead of
#877227) for this bug report in the changelog entry of the just
uploaded wml 2.4.1ds1-2.

Changelog entry and ACCEPTED mail attached. Bug number fixed in git:
https://anonscm.debian.org/cgit/pkg-wml/wml.git/commit/?h=cmake=e2c8827eb6a3224349e3f476e7c103a53aef1f49

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE
--- Begin Message ---


pgpHIFyXX7i2d.pgp
Description: PGP message
--- End Message ---
--- End Message ---

Bug#877229: marked as done (insserv: FTBFS with GCC 7: error: 'extension' undeclared)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 05:19:27 +
with message-id 
and subject line Bug#877229: fixed in wml 2.4.1ds1-2
has caused the Debian Bug report #877229,
regarding insserv: FTBFS with GCC 7: error: 'extension' undeclared
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
877229: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877229
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: insserv
Version: 1.16.0-5
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi

insserv/experimental FTBFS in an up-to-date sid/experimental
environment, at least since GCC 7 was made the default:

   dh_auto_build
dh_auto_build: Compatibility levels before 9 are deprecated (level 8 in use)
make -j1
make[1]: Entering directory '/build/insserv-1.16.0'
gcc -W -Wall -g -O2 -fdebug-prefix-map=/build/insserv-1.16.0=. 
-fstack-protector-strong -Wformat -Werror=format-security -Wdate-time 
-D_FORTIFY_SOURCE=2-D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -DNOTSUSE -DINITDIR=
\"/etc/init.d\" -DINSCONF=\"/etc/insserv.conf\" -pipe -falign-loops=0 
-I/usr/include/dbus-1.0 -I/usr/lib/x86_64-linux-gnu/dbus-1.0/include -c 
insserv.c
insserv.c: In function '_logger':
insserv.c:1132:5: error: 'extension' undeclared (first use in this function)
 extension char buf[strlen(myname)+2+strlen(fmt)+1];
 ^
insserv.c:1132:5: note: each undeclared identifier is reported only once for 
each function it appears in
insserv.c:1132:15: error: expected ';' before 'char'
 extension char buf[strlen(myname)+2+strlen(fmt)+1];
   ^~~~
insserv.c: In function 'main':
insserv.c:2747:5: error: 'extension' undeclared (first use in this function)
 extension char * argr[argc];
 ^
insserv.c:2747:15: error: expected ';' before 'char'
 extension char * argr[argc];
   ^~~~
insserv.c:2775:2: error: 'argr' undeclared (first use in this function); did 
you mean 'argv'?
  argr[c] = (char*)0;
  ^~~~
  argv
insserv.c: In function 'rememberreq':
insserv.c:343:10: warning: this statement may fall through 
[-Wimplicit-fallthrough=]
  bit |=  REQ_SHLD;
insserv.c:344:2: note: here
  default:
  ^~~
insserv.c: In function 'reversereq':
insserv.c:421:10: warning: this statement may fall through 
[-Wimplicit-fallthrough=]
  bit |=  REQ_SHLD;
insserv.c:422:2: note: here
  default:
  ^~~
Makefile:96: recipe for target 'insserv.o' failed
make[1]: *** [insserv.o] Error 1
make[1]: Leaving directory '/build/insserv-1.16.0'
dh_auto_build: make -j1 returned exit code 2


Andreas


insserv_1.16.0-5.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: wml
Source-Version: 2.4.1ds1-2

We believe that the bug you reported is fixed in the latest version of
wml, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 877...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Axel Beckert  (supplier of updated wml package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 21 Nov 2017 05:51:08 +0100
Source: wml
Binary: wml
Architecture: source all
Version: 2.4.1ds1-2
Distribution: experimental
Urgency: low
Maintainer: Debian WML Packaging Team 

Changed-By: Axel Beckert 
Description:
 wml- off-line HTML generation toolkit
Closes: 877229
Changes:
 wml (2.4.1ds1-2) experimental; urgency=low
 .
   * Use DEB_TARGET_GNU_TYPE instead of DEB_TARGET_MULTIARCH. Thanks
 Andreas Beckmann! (Closes: #877229)
   * Declare compliance with Debian Policy 4.1.1.
 + Switch DEP5 format URL in debian/copyright to HTTPS.
   * Remove BerliOS from debian/watch. It's dead, Jim!
   * Switch Vcs-Git to HTTPS.
   * Replace Build-Dependency on "lynx-cur" with "lynx | lynx-cur".
   * Switch to debhelper compatibility level 10.
 + Update versioned debhelper build-dependency accordingly.
 + Drop "--with autotools-dev" from debian/rules.
 + Drop build-dependency on autotools-dev.
   * Switch URLs in packaging from HTTP to 

Bug#877203: marked as done (clang: broken symlink: /usr/bin/clang-tblgen -> ../lib/llvm-4.0/bin/clang-tblgen)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 11:04:40 +
with message-id 
and subject line Bug#877203: fixed in llvm-defaults 0.39
has caused the Debian Bug report #877203,
regarding clang: broken symlink: /usr/bin/clang-tblgen -> 
../lib/llvm-4.0/bin/clang-tblgen
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
877203: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877203
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: clang
Version: 1:4.0-37~exp3
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package ships (or creates)
a broken symlink.

>From the attached log (scroll to the bottom...):

1m35.8s ERROR: FAIL: Broken symlinks:
  /usr/bin/clang-tblgen -> ../lib/llvm-4.0/bin/clang-tblgen

But there is llvm-tblgen ...


cheers,

Andreas


clang_1:4.0-37~exp3.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: llvm-defaults
Source-Version: 0.39

We believe that the bug you reported is fixed in the latest version of
llvm-defaults, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 877...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sylvestre Ledru  (supplier of updated llvm-defaults 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 20 Nov 2017 10:24:25 +0100
Source: llvm-defaults
Binary: llvm llvm-runtime llvm-dev clang clang-tidy clang-format libclang1 
libclang-dev lldb lld
Architecture: source amd64
Version: 0.39
Distribution: unstable
Urgency: medium
Maintainer: LLVM Packaging Team 
Changed-By: Sylvestre Ledru 
Description:
 clang  - C, C++ and Objective-C compiler (LLVM based)
 clang-format - Tool to format C/C++/Obj-C code
 clang-tidy - clang-based C++ linter tool
 libclang-dev - clang library - Development package
 libclang1  - C, C++ and Objective-C compiler (LLVM based)
 lld- LLVM-based linker
 lldb   - Next generation, high-performance debugger
 llvm   - Low-Level Virtual Machine (LLVM)
 llvm-dev   - Low-Level Virtual Machine (LLVM), libraries and headers
 llvm-runtime - Low-Level Virtual Machine (LLVM), bytecode interpreter
Closes: 761375 877203
Changes:
 llvm-defaults (0.39) unstable; urgency=medium
 .
   * Remove clang-tblgen as it has been removed in 4.0.1~+rc2-1
 (Closes: #877203)
   * Update of the description of the clang C++ support (Closes: #761375)
Checksums-Sha1:
 455a5117973795babfe49f276c7802dcc847fd13 2124 llvm-defaults_0.39.dsc
 3a59b2190ba5c533e330028d25a6d5947fa92b4c 9260 llvm-defaults_0.39.tar.xz
 aca9e23f6479dabdce2dc76873eb4ca62986c0c5 6288 clang-format_4.0-39_amd64.deb
 587fcc14c4dcdbebe495d69d0061bc16f8b1bb47 6136 clang-tidy_4.0-39_amd64.deb
 93dac359e699c971284048ca9c1459154fddb346 6568 clang_4.0-39_amd64.deb
 8114a9de3101d09eea4566e1ec99382e1a1d93ab 5952 libclang-dev_4.0-39_amd64.deb
 e95df8fc04bd8cd241cffb5e5ea1cc1e6c83174b 6124 libclang1_4.0-39_amd64.deb
 f7c316c42ac8eb1e7c9d286903ecd7c803020abb 5960 lld_4.0-39_amd64.deb
 e79a205dea224cac6975b16d83b77cf2926aa6a2 6080 lldb_4.0-39_amd64.deb
 7e4316135fe95b552656a4bc4311a38187042a15 7913 
llvm-defaults_0.39_amd64.buildinfo
 c7561c1f0e1898930f9d884ef112eebd258d5678 6296 llvm-dev_4.0-39_amd64.deb
 2cbc2ba79d4b986d0518db1a657fbd76af050ed7 6032 llvm-runtime_4.0-39_amd64.deb
 f3507f389935acc5402867eb7d00f7e07f384f87 7880 llvm_4.0-39_amd64.deb
Checksums-Sha256:
 0ba2375d4cd3fcfaff071339e6d013f735dea4f6ab50cded767a5e9642ba94e6 2124 
llvm-defaults_0.39.dsc
 5120bc2341ac78e7a2c9c5367cf9e3b46b37681912424a80bdd1f95ae0035b4c 9260 
llvm-defaults_0.39.tar.xz
 58f07f14322a55b8f6003106c8248f9f2cb4baff505a5fcfe4c465b0f80d8b25 6288 
clang-format_4.0-39_amd64.deb
 7c9a23b54bb336c71a561b1c95cf3bee58254cf3a57131b927ef532807745ad5 6136 
clang-tidy_4.0-39_amd64.deb
 a54bcad144ca6c23ba2e3eabb40e93946a62453cece673f3f2fa52314e7cb71e 6568 
clang_4.0-39_amd64.deb
 7af0c4ccc13658ea00e88ea6838bb05dc05cc50f308ddd9c376e42e303893839 5952 
libclang-dev_4.0-39_amd64.deb
 

Bug#881368: fis-gtm: please switch build-dep from libconfig8-dev to libconfig-dev

[Shah, Amul]

Hi Andreas/Mattia,

From: Andreas Tille [mailto:ti...@debian.org] Sent: Monday, November 20, 2017 
10:52 PM

Hi Mattia,

On Fri, Nov 10, 2017 at 09:09:16PM +0100, Mattia Rizzolo wrote:
> Version: 6.3-002-3
> Severity: serious
>
> I'm about to upload a libconfig dropping this transitional package,
> please update fis-gtm.

Fis-gtm Build-Depends: libconfig-dev | libconfig8-dev.

In how far is it serious to drop the second alternative?

Kind regards

  Andreas.

[amul] GT.M works fine with the latest libconfig. There is no need to include 
the transitional package. I will make the necessary changes to the fis-gtm 
package control file.
[amul] Thanks, Amul
[amul] Please excuse what Outlook does to this email.
The information contained in this message is proprietary and/or confidential. 
If you are not the intended recipient, please: (i) delete the message and all 
copies; (ii) do not disclose, distribute or use the message in any manner; and 
(iii) notify the sender immediately. In addition, please be aware that any 
message addressed to our domain is subject to archiving and review by persons 
other than the intended recipient. Thank you.

Bug#851078: fixed upstream

[debian]

Control: tags -1 + fixed-upstream

https://github.com/AGWA/git-crypt/commit/553c1b03876e174b117bb5250593217418f425a4
seems to fix this issue.

Processed: Also affects jessie

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 882305 0.24
Bug #882305 [libfinance-yahooquote-perl] libfinance-yahooquote-perl: yahooquote 
(and smtm) stopped working.
Marked as found in versions finance-yahooquote/0.24.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
882305: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882305
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#882321: rjava fails to build

[Matthias Klose]

On 21.11.2017 14:09, Dirk Eddelbuettel wrote:
> 
> On 21 November 2017 at 13:58, Matthias Klose wrote:
> | On 21.11.2017 13:52, Dirk Eddelbuettel wrote:
> | > What version of r-base core was used here, and what arch was this?
> | 
> | ahh, 3.4.2-1. Looks like the build dependency wasn't updated.3.4.2-2 seems 
> to
> | work ...
> 
> Phew.  As should 3.4.2.20171120-1 which I uploaded yesterday.
> 
> So ... I am closing this, ok?

so you have the change in the build dependency, which ships some configuration
file now referencing openjdk-9, but every package using that changed
configuration has to explicitly change there build and runtime dependencies?

Bug#882321: marked as forwarded (rjava fails to build)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 06:52:58 -0600
with message-id <23060.8618.726099.41...@bud.eddelbuettel.com>
has caused the   report #882321,
regarding rjava fails to build
to be marked as having been forwarded to the upstream software
author(s) simon.urba...@r-project.org

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
882321: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882321
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

On 21 November 2017 at 13:41, Matthias Klose wrote:
| Package: src:rjava
| Version: 0.9-9-1
| Severity: serious
| Tags: sid buster
| 
| the package fails to build:
| 
| checking for sys/time.h... yes
| checking for unistd.h... (cached) yes
| checking for an ANSI C-conforming const... yes
| checking whether time.h and sys/time.h may both be included... yes
| configure: checking whether gcc -std=gnu99 supports static inline...
| yes
| checking whether setjmp.h is POSIX.1 compatible... yes
| checking whether sigsetjmp is declared... yes
| checking whether siglongjmp is declared... yes
| checking Java support in R... present:
| interpreter : '/usr/lib/jvm/default-java/jre/bin/java'
| archiver: '/usr/lib/jvm/default-java/bin/jar'
| compiler: '/usr/lib/jvm/default-java/bin/javac'
| header prep.: '/usr/lib/jvm/default-java/bin/javah'
| cpp flags   : '-I/usr/lib/jvm/default-java/include
| -I/usr/lib/jvm/default-java/include/linux'
| java libs   : '-L/usr/lib/jvm/default-java/jre/lib/amd64/server -ljvm'
| checking whether Java run-time works... ./configure: line 3736:
| /usr/lib/jvm/default-java/jre/bin/java: No such file or directory
| no
| configure: error: Java interpreter '/usr/lib/jvm/default-java/jre/bin/java' 
does
| not work
| ERROR: configuration failed for package ‘rJava’
| * removing ‘/<>/debian/r-cran-rjava/usr/lib/R/site-library/rJava’
| /usr/share/R/debian/r-cran.mk:101: recipe for target 'R_any_arch' failed
| make: *** [R_any_arch] Error 1
| dpkg-buildpackage: error: fakeroot debian/rules binary subprocess returned 
exit
| status 2
| 

| Build finished at 20171112-0120

Crap. We just fixed this by making sure jdk-9 is used.  And the (new, first
beta build of R 3.4.3) r-base I created yesterday had this in its log which
looks good:

  *** JAVA_HOME is not a valid path, ignoring
  Java interpreter : /usr/bin/java
  Java version : 9.0.1
  Java home path   : /usr/lib/jvm/java-9-openjdk-amd64
  Java compiler: /usr/bin/javac
  Java headers gen.: /usr/bin/javah
  Java archive tool: /usr/bin/jar
  
  trying to compile and link a JNI program 
  detected JNI cpp flags: -I$(JAVA_HOME)/include 
-I$(JAVA_HOME)/include/linux
  detected JNI linker flags : -L$(JAVA_HOME)/lib/server -ljvm
  make[3]: Entering directory '/tmp/Rjavareconf.MCDKwf'
  gcc -std=gnu99 -I/build/r-base-3.4.2.20171120/include -DNDEBUG
  -I/usr/lib/jvm/java-9-openjdk-amd64/include
  -I/usr/lib/jvm/java-9-openjdk-amd64/include/linux -fpic  -g -O2
  -fdebug-prefix-map=/build/r-base-  3.4.2.20171120=. -fstack-protector-strong 
-Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -g  -c 
conftest.c -o conftest.o
  gcc -std=gnu99 -shared -L/build/r-base-3.4.2.20171120/lib -Wl,-z,relro -o 
conftest.so conftest.o -L/usr/lib/jvm/java-9-openjdk-amd64/lib/server -ljvm 
-L/build/r-base-3.4.2.20171120/lib -lR
  make[3]: Leaving directory '/tmp/Rjavareconf.MCDKwf'
  
  
  JAVA_HOME: /usr/lib/jvm/java-9-openjdk-amd64
  Java library path: $(JAVA_HOME)/lib/server
  JNI cpp flags: -I$(JAVA_HOME)/include -I$(JAVA_HOME)/include/linux
  JNI linker flags : -L$(JAVA_HOME)/lib/server -ljvm
  Updating Java configuration in /build/r-base-3.4.2.20171120
  Done.

What version of r-base core was used here, and what arch was this?

Dirk
 
| Finished

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org--- End Message ---

Bug#882314: swauth: Swift object/proxy server writing swauth Auth Token to log file (CVE-2017-16613)

[Ondřej Nový]

Source: swauth
Version: 1.2.0-3
Severity: grave
Tags: security upstream
Justification: user security hole

Refs: https://bugs.launchpad.net/swift/+bug/1655781
CVE-2017-16613

Auth tokens logged by proxy and object server if the swauth[1] authentication 
middleware is used.

Swift object store and proxy server is saving tokens retrieved from middleware 
authentication mechanism (swauth) to log file

Steps to trigger the issue:

1. Enable `swauth` authentication middleware
2. Retieve token using:

```
swift -A http://127.0.0.1:8080/auth/v1.0 -U test:tester -K testing stat -v
```

Logs written when the above command is excecuted has the token as well:

```
Jan 11 22:51:22 ubuntu-xenial object-6030: 127.0.0.1 - - [11/Jan/2017:22:51:22 
+] "GET 
/sdb3/660/AUTH_.auth/.token_0/AUTH_tkc9ccde1d34c44c82ac1d260ddbd18df0" 200 194 
"GET 
http://127.0.0.1:8080/v1/AUTH_.auth/.token_0/AUTH_tkc9ccde1d34c44c82ac1d260ddbd18df0;
 "txfbebdc4d5b7f48b285132-005876b6ea" "proxy-server 31555" 0.0152 "-" 28646 0
Jan 11 22:51:22 ubuntu-xenial proxy-server: - - 11/Jan/2017/22/51/22 GET 
/v1/AUTH_.auth/.token_0/AUTH_tkc9ccde1d34c44c82ac1d260ddbd18df0 HTTP/1.0 200 - 
python-swiftclient-3.2.1.dev9%20Swauth - - 194 - 
txfbebdc4d5b7f48b285132-005876b6ea - 0.1124 SWTH - 1484175082.315428972 
1484175082.427867889 0
Jan 11 22:51:22 ubuntu-xenial object-6030: STDERR: 127.0.0.1 - - [11/Jan/2017 
22:51:22] "GET 
/sdb3/660/AUTH_.auth/.token_0/AUTH_tkc9ccde1d34c44c82ac1d260ddbd18df0 HTTP/1.1" 
200 579 0.028552 (txn: txfbebdc4d5b7f48b285132-005876b6ea)
```

3. After retrieving the token from the logfile, I was able to execute this 
command as below,

```
curl -i 
http://127.0.0.1:8080/v1/AUTH_d7f474ad-bfd1-47d4-a41c-8c727b3b5254?format=json 
-X GET -H "Accept-Encoding: gzip" -H "X-Auth-Token: 
AUTH_tkc9ccde1d34c44c82ac1d260ddbd18df0"
```

The output obtained:

```
HTTP/1.1 200 OK
Content-Length: 2
Accept-Ranges: bytes
X-Timestamp: 1484167500.58887
X-Account-Bytes-Used: 0
X-Account-Container-Count: 0
Content-Type: application/json; charset=utf-8
X-Account-Object-Count: 0
X-Trans-Id: txbd83d5254a404647bb086-005876ba2a
X-Openstack-Request-Id: txbd83d5254a404647bb086-005876ba2a
Date: Wed, 11 Jan 2017 23:05:14 GMT
```

As, swift has the ability to add any middleware for authentication, swauth is 
officially part of OpenStack project[1], the token should not be logged. I 
suspect this issue would be there for any authentication middleware and is a 
security issue.

[1]. https://github.com/openstack/swauth

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 
'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.13.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#882329: mariadb-10.1: FTBFS if jemalloc is disabled - undefined reference to symbol '__bss_start'

[James Cowgill]

Source: mariadb-10.1
Version: 10.1.29-1
Severity: serious
Tags: sid buster

Hi,

mariadb-10.1 FTBFS if jemalloc is disabled with the following error:
> /usr/bin/ld: ../../mysys/libmysys.a(stacktrace.c.o): undefined reference to 
> symbol '__bss_start'
> //usr/lib/mips64el-linux-gnuabi64/liblz4.so.1: error adding symbols: DSO 
> missing from command line
> collect2: error: ld returned 1 exit status

In practice, this breaks mips* where jemalloc is disabled because
jemalloc 3.6 has major issues on mips (which are fixed in 5.0, but
that's a separate issue). The bug can be reproduced on amd64 if jemalloc
is manually disabled in debian/rules.

I think this is a bug in ld which I have filed here:
https://sourceware.org/bugzilla/show_bug.cgi?id=22471

Thinking about ways you could workaround it:
* Disable the HAVE_BSS_START config test, or
* Manually link mariabackup against a library which exports __bss_start
(such as liblz4 as suggested), or
* Revert to using the system libpcre which provides a __bss_start symbol
(presumably blocked on #878107).

Using the gold linker might have also worked, but it seems that mariadb
complains if you try to use it.

Thanks to Adrian Bunk for some help debugging this problem.

Thanks,
James



signature.asc
Description: OpenPGP digital signature

Bug#882344: bpfcc FTBFS on !amd64/ppc64el/ppc64: test_usdt_args.cc:63:14: error: 'parser' was not declared in this scope

[Adrian Bunk]

Source: bpfcc
Version: 0.4.0-1
Severity: serious

https://buildd.debian.org/status/package.php?p=bpfcc=sid

...
In file included from /<>/tests/cc/test_usdt_args.cc:19:0:
/<>/tests/cc/test_usdt_args.cc: In function 'void 
C_A_T_C_HT_E_S_T55()':
/<>/tests/cc/test_usdt_args.cc:63:14: error: 'parser' was not 
declared in this scope
 REQUIRE(!parser.parse());
  ^
/<>/tests/cc/test_usdt_args.cc:63:14: note: suggested alternative: 
'pause'
/<>/tests/cc/test_usdt_args.cc:63:14: error: 'parser' was not 
declared in this scope
 REQUIRE(!parser.parse());
  ^
/<>/tests/cc/test_usdt_args.cc:63:14: note: suggested alternative: 
'pause'
/<>/tests/cc/test_usdt_args.cc:148:13: error: 'parser' was not 
declared in this scope
 REQUIRE(parser.done());
 ^
/<>/tests/cc/test_usdt_args.cc:148:13: note: suggested 
alternative: 'pause'
/<>/tests/cc/test_usdt_args.cc:148:13: error: 'parser' was not 
declared in this scope
 REQUIRE(parser.done());
 ^
/<>/tests/cc/test_usdt_args.cc:148:13: note: suggested 
alternative: 'pause'
make[3]: Leaving directory '/<>/obj-aarch64-linux-gnu'
[ 98%] Built target LLCStat
/<>/tests/cc/test_usdt_args.cc: At global scope:
/<>/tests/cc/test_usdt_args.cc:35:13: warning: 'void 
verify_register(USDT::ArgumentParser&, int, const string&, 
std::experimental::optional, 
std::experimental::optional, 
std::experimental::optional, 
std::experimental::optional)' defined but not used [-Wunused-function]
 static void verify_register(USDT::ArgumentParser , int arg_size,
 ^~~
/<>/tests/cc/test_usdt_args.cc:25:13: warning: 'void 
verify_register(USDT::ArgumentParser&, int, int)' defined but not used 
[-Wunused-function]
 static void verify_register(USDT::ArgumentParser , int arg_size,
 ^~~
tests/cc/CMakeFiles/test_libbcc.dir/build.make:185: recipe for target 
'tests/cc/CMakeFiles/test_libbcc.dir/test_usdt_args.cc.o' failed
make[3]: *** [tests/cc/CMakeFiles/test_libbcc.dir/test_usdt_args.cc.o] Error 1



The problem is:

#ifdef __powerpc64__
USDT::ArgumentParser_powerpc64 parser("4@-12(42)");
#elif defined(__x86_64__)
USDT::ArgumentParser_x64 parser("4@i%ra+1r");
#endif
USDT::Argument arg;
REQUIRE(!parser.parse());

Bug#882160: marked as done (bpfcc: Fails to build with llvm/clang 4.0)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 15:04:19 +
with message-id 
and subject line Bug#882160: fixed in bpfcc 0.4.0-1
has caused the Debian Bug report #882160,
regarding bpfcc: Fails to build with llvm/clang 4.0
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
882160: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882160
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: bpfcc
Severity: important

Dear Maintainer,


In preparation of the llvm migration #869752, bpfcc doesn't build with llvm 4.0.
dh_auto_configure: cd obj-x86_64-linux-gnu && cmake .. 
-DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_BUILD_TYPE=None 
-DCMAKE_INSTALL_SYSCONFDIR=/etc -DCMAKE_INSTALL_LOCALSTATEDIR=/var 
-DCMAKE_EXPORT_NO_PACKAGE_REGISTRY=ON 
-DCMAKE_FIND_PACKAGE_NO_PACKAGE_REGISTRY=ON -DREVISION_LAST=0.3.0 
-DREVISION=0.3.0 "-DLLVM_DEFINITIONS=-D_GNU_SOURCE -D__STDC_CONSTANT_MACROS 
-D__STDC_FORMAT_MACROS -D__STDC_LIMIT_MACROS" -DBCC_KERNEL_HAS_SOURCE_DIR=1 
returned exit code 1


a s/3.8/4.0/ in force-using-clang-3.8.diff is enough to fix the issue.

Thanks,
Sylvestre



-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (600, 'unstable'), (500, 'stable'), (300, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: bpfcc
Source-Version: 0.4.0-1

We believe that the bug you reported is fixed in the latest version of
bpfcc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 882...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ritesh Raj Sarraf  (supplier of updated bpfcc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 21 Nov 2017 19:16:03 +0530
Source: bpfcc
Binary: libbpfcc libbpfcc-dev python-bpfcc bpfcc-tools bpfcc-lua
Architecture: source amd64 all
Version: 0.4.0-1
Distribution: unstable
Urgency: medium
Maintainer: Ritesh Raj Sarraf 
Changed-By: Ritesh Raj Sarraf 
Description:
 bpfcc-lua  - Standalone tool to run BCC tracers written in Lua
 bpfcc-tools - tools for BPF Compiler Collection (BCC)
 libbpfcc   - shared library for BPF Compiler Collection (BCC)
 libbpfcc-dev - shared library for BPF Compiler Collection (BCC)
 python-bpfcc - Python wrappers for BPF Compiler Collection (BCC)
Closes: 882160
Changes:
 bpfcc (0.4.0-1) unstable; urgency=medium
 .
   [ Edward Betts ]
   * correct spelling mistake
 .
   [ Ritesh Raj Sarraf ]
   * Fix FTBFS with clang 4.0.
 Thanks to Sylvestre Ledru (Closes: 882160)
   * New upstream version 0.4.0
   * Disable User-level Statically Defined Tracing
   * Fix patches
   * Revert "Disable User-level Statically Defined Tracing"
   * Check manpage file's existence. For now, this will only honor
 regular manpages, and not symlinks
Checksums-Sha1:
 ae0539fc2ebd8ec7bde136f0b098588a15b4386d 2500 bpfcc_0.4.0-1.dsc
 68486b56759d5e18c3260972dd9cc90c83cda823 1752520 bpfcc_0.4.0.orig.tar.gz
 c5b51c0c2fefc90e7a1925f8ff5bf5015c7f4a5d 6524 bpfcc_0.4.0-1.debian.tar.xz
 e7e2badb585c55f5f2136725d60dd54a96b8e8be 9437252 
bpfcc-lua-dbgsym_0.4.0-1_amd64.deb
 dc7a6799b04277beffa84bc87f082fd77422355c 13360684 bpfcc-lua_0.4.0-1_amd64.deb
 cb655bf5ad8ad7c4f532729192de0fb07e115575 609208 bpfcc-tools_0.4.0-1_all.deb
 444a1c72a9e5ea50eacd3929267fbb03a4eee5d1 9786 bpfcc_0.4.0-1_amd64.buildinfo
 696f8f0f9f828bc487355df8f42fb9925df76efd 10332856 
libbpfcc-dbgsym_0.4.0-1_amd64.deb
 b7fd2e54a98f145d1c9ec9b7ddc27ca2f8d00f06 21800 libbpfcc-dev_0.4.0-1_all.deb
 eb39a960f274904683f1f5d3b0011dd43e6fafa5 13029380 libbpfcc_0.4.0-1_amd64.deb
 ad190a11c79230ef56c9c08eb8da44fb139e99a1 22756 python-bpfcc_0.4.0-1_all.deb
Checksums-Sha256:
 9e17613be555cc413c22ae7b56a9b827a129ccc42678a8b0bf131d258aaf2ce1 2500 
bpfcc_0.4.0-1.dsc
 f77dd07262e8365e48589bf0475e3248e4e77deae0f90e4fb77af26255bce87d 1752520 

Processed: reassign mediatomb bugs to gerbera

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 534504 src:gerbera
Bug #534504 [mediatomb] mediatomb: Daemon starts up too early in the boot 
process; interface not found
Bug reassigned from package 'mediatomb' to 'src:gerbera'.
No longer marked as found in versions 0.12.0~svn2018-3ubuntu2 and 
0.12~svn2018-3.
Ignoring request to alter fixed versions of bug #534504 to the same values 
previously set
> reassign 604960 src:gerbera mediatomb/0.12.1-4
Bug #604960 [mediatomb-common] mediatomb-common: Mediatomb does not want listen 
on particular interface or ip address
Bug #693301 [mediatomb-common] MediaTomb always bind to all interfaces 
regardless of configuration settings
Bug reassigned from package 'mediatomb-common' to 'src:gerbera'.
Bug reassigned from package 'mediatomb-common' to 'src:gerbera'.
No longer marked as found in versions mediatomb/0.12.1-4 and mediatomb/0.11.0-3.
No longer marked as found in versions mediatomb/0.12.1-4 and mediatomb/0.11.0-3.
Ignoring request to alter fixed versions of bug #604960 to the same values 
previously set
Ignoring request to alter fixed versions of bug #693301 to the same values 
previously set
Bug #604960 [src:gerbera] mediatomb-common: Mediatomb does not want listen on 
particular interface or ip address
Bug #693301 [src:gerbera] MediaTomb always bind to all interfaces regardless of 
configuration settings
Marked as found in versions mediatomb/0.12.1-4.
Marked as found in versions mediatomb/0.12.1-4.
> reassign 633803 src:gerbera mediatomb/0.12.1-2
Bug #633803 [mediatomb] mediatomb: does not close/reopen logfile on kill -HUP
Bug reassigned from package 'mediatomb' to 'src:gerbera'.
No longer marked as found in versions mediatomb/0.12.1-2.
Ignoring request to alter fixed versions of bug #633803 to the same values 
previously set
Bug #633803 [src:gerbera] mediatomb: does not close/reopen logfile on kill -HUP
Marked as found in versions mediatomb/0.12.1-2.
> reassign 675814 src:gerbera
Bug #675814 [mediatomb] mediatomb: Mediatomb web page reports: "Oops, your 
database seems to be corrupt. Please report this problem."
Bug reassigned from package 'mediatomb' to 'src:gerbera'.
No longer marked as found in versions mediatomb/0.12.0~svn2018-6.1.
Ignoring request to alter fixed versions of bug #675814 to the same values 
previously set
> reassign 690744 src:gerbera mediatomb/0.12.1-4
Bug #690744 [mediatomb] mediatomb: Daemon doesn't start on "service mediatomb 
start", but works on "service mediatomb restart".
Bug reassigned from package 'mediatomb' to 'src:gerbera'.
No longer marked as found in versions mediatomb/0.12.1-4.
Ignoring request to alter fixed versions of bug #690744 to the same values 
previously set
Bug #690744 [src:gerbera] mediatomb: Daemon doesn't start on "service mediatomb 
start", but works on "service mediatomb restart".
Marked as found in versions mediatomb/0.12.1-4.
> reassign 696550 src:gerbera
Bug #696550 [mediatomb] mediatomb: Add support for Last.FM scrobbling support
Bug reassigned from package 'mediatomb' to 'src:gerbera'.
No longer marked as found in versions mediatomb/0.12.0~svn2018-6.1.
Ignoring request to alter fixed versions of bug #696550 to the same values 
previously set
> reassign 696551 src:gerbera mediatomb/0.12.1-4
Bug #696551 [mediatomb] mediatomb: libmp4v2  : disabled
Bug reassigned from package 'mediatomb' to 'src:gerbera'.
No longer marked as found in versions mediatomb/0.12.1-4 and 
mediatomb/0.12.0~svn2018-6.1.
Ignoring request to alter fixed versions of bug #696551 to the same values 
previously set
Bug #696551 [src:gerbera] mediatomb: libmp4v2  : disabled
Marked as found in versions mediatomb/0.12.1-4.
> reassign 765071 src:gerbera mediatomb/0.12.1-5
Bug #765071 [mediatomb] mediatomb: No icons in web ui
Bug reassigned from package 'mediatomb' to 'src:gerbera'.
No longer marked as found in versions mediatomb/0.12.1-5.
Ignoring request to alter fixed versions of bug #765071 to the same values 
previously set
Bug #765071 [src:gerbera] mediatomb: No icons in web ui
Marked as found in versions mediatomb/0.12.1-5.
> reassign 767382 src:gerbera mediatomb/0.12.1-7
Bug #767382 [mediatomb-daemon] mediatomb-daemon: apt-get install 
mediatomb-daemon failed. (on Jessie, mediatomb 0.12.1-7)
Bug reassigned from package 'mediatomb-daemon' to 'src:gerbera'.
No longer marked as found in versions mediatomb/0.12.1-7.
Ignoring request to alter fixed versions of bug #767382 to the same values 
previously set
Bug #767382 [src:gerbera] mediatomb-daemon: apt-get install mediatomb-daemon 
failed. (on Jessie, mediatomb 0.12.1-7)
Marked as found in versions mediatomb/0.12.1-7.
> reassign 767478 src:gerbera mediatomb/0.12.1-5
Bug #767478 [mediatomb] mediatomb stops when a media forlder is added, with no 
error/warning in log
Bug reassigned from package 'mediatomb' to 'src:gerbera'.
No longer marked as found in versions mediatomb/0.12.1-5.
Ignoring request to alter fixed versions of bug #767478 to the same values 

Bug#882223: Processed: reassign 882223 to glibc-doc

[Aurelien Jarno]

control: reassign -1 glibc-doc-reference
control: severity -1 normal

On 2017-11-21 12:38, Bastien ROUCARIES wrote:
> On Mon, Nov 20, 2017 at 10:14 PM, Aurelien Jarno  wrote:
> > On 2017-11-20 20:51, Debian Bug Tracking System wrote:
> >> Processing commands for cont...@bugs.debian.org:
> >>
> >> > # match possible intention of reporter
> >> > reassign 882223 glibc-doc
> >> Bug #882223 [manpages-dev] Document security problems with system.3 and 
> >> popen.3 (argument injection)
> >> Bug reassigned from package 'manpages-dev' to 'glibc-doc'.
> >> No longer marked as found in versions manpages/4.13-3.
> >> Ignoring request to alter fixed versions of bug #882223 to the same values 
> >> previously set
> >> > thanks
> >> Stopping processing here.
> >
> > Can you please point us to what has to be fixed on the glibc-doc side?
> > The system.3 and popen.3 manpages are part of manpages-dev, not
> > glibc-doc.
> 
> Online copy here:
> https://www.gnu.org/software/libc/manual/html_node/Pipe-to-a-Subprocess.html#Pipe-to-a-Subprocess
> https://www.gnu.org/software/libc/manual/html_node/Running-a-Command.html#index-system
> 
> Does not mention security problems...
> 
> 
> https://www.gnu.org/software/libc/manual/html_node/Line-Input.html#index-gets
> for instance mention security problem

This manual is non-free, so it's clearly not glibc-doc, but
glibc-doc-reference. Please check the content of packages before
reporting bug, also please avoid abusing severity even if you are upset
by the issue. Patches are welcome.

-- 
Aurelien Jarno  GPG: 4096R/1DDD8C9B
aurel...@aurel32.net http://www.aurel32.net

Processed: Re: Processed: reassign 882223 to glibc-doc

[Debian Bug Tracking System]

Processing control commands:

> reassign -1 glibc-doc-reference
Bug #882223 [glibc-doc] Document security problems with system.3 and popen.3 
(argument injection)
Bug reassigned from package 'glibc-doc' to 'glibc-doc-reference'.
Ignoring request to alter found versions of bug #882223 to the same values 
previously set
Ignoring request to alter fixed versions of bug #882223 to the same values 
previously set
> severity -1 normal
Bug #882223 [glibc-doc-reference] Document security problems with system.3 and 
popen.3 (argument injection)
Severity set to 'normal' from 'grave'

-- 
882223: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882223
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#882321: rjava fails to build

[Dirk Eddelbuettel]

On 21 November 2017 at 14:37, Matthias Klose wrote:
| so you have the change in the build dependency, which ships some configuration
| file now referencing openjdk-9, but every package using that changed
| configuration has to explicitly change there build and runtime dependencies?

We can take this off the BTS (and into German) but essentially:

 - Simon controls both the R Core and rJava side
 - There is an update mechanism (R CMD javareconf) to respond to changing Java
 - Sadly "we" cannot run it an rJava-client package build time (/usr r-o I 
think)
 - So "we" have to update the r-base-core package, and I did in 3.4.2-2
 - This to the best of my knowledge does not affect old builds but I could be 
wrong
 - Builds going forward use rJava with a matching r-base-core and all is well

and that is basically how it's been for 15 years.

Dirk

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org

Bug#845874: fixed in gerbera

[James Cowgill]

Source: gerbera
Source-Version: 1.0.0-1

This is fixed in gerbera 1.0.0. It is not fixed in mediatomb, but
mediatomb is due to be removed anyway.

Thanks,
James



signature.asc
Description: OpenPGP digital signature

Bug#841224: fixed in gerbera

[James Cowgill]

Source: gerbera
Source-Version: 1.0.0-1

This is now fixed in gerbera 1.0.0 which uses the system copy of libupnp
1.8. Mediatomb is not shipped in stable or oldstable, so the security
bugs don't appear there.

Thanks,
James




signature.asc
Description: OpenPGP digital signature

Bug#841224: marked as done (mediatomb: libupnp vulnerabilities CVE-2012-5958, CVE-2012-5959, CVE-2012-5960, CVE-2016-6255, CVE-2016-8863)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 15:55:54 +
with message-id 
and subject line Bug#841224: fixed in gerbera
has caused the Debian Bug report #841224,
regarding mediatomb: libupnp vulnerabilities CVE-2012-5958, CVE-2012-5959, 
CVE-2012-5960, CVE-2016-6255, CVE-2016-8863
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
841224: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841224
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: mediatomb
Version: 0.12.1-47
Severity: critical


This was discovered on Ubuntu and reported to them. Ubuntu replied that
the package is inherited from Debian "which means it isn't supported by
the Ubuntu Security Team." We notified secur...@debian.org who suggested
we open a ticket. If any of our PoCs are required, we will share via
email with Debian or any other Linux vendor impacted, but not make them
public in a tracker.

--

While testing a new NASL detection script, we found it was causing a
crash in MediaTomb. Specifically, there is a NULL pointer dereference at
in the function check_soap_body() in soap_device.c (line 470). We went
to see if this had been patched in libupnp and found that it had been
patched eight years ago
(https://sourceforge.net/p/pupnp/code/ci/2c094ee8ea01259967f82513296b031f718603fd/).


Given that MediaTomb is still being distributed by Ubuntu and more than
1,000 instances are visible via Shodan
(https://www.shodan.io/search?query=MediaTomb), we will make a
best-effort to quickly flag some of the vulnerabilities that we know
have been fixed in libupnp and still exist in MediaTomb. All of the
below have been tested on Ubuntu 16.04 x64 Desktop using mediatomb-dbg.
We believe them to be vulnerable in Debian 8.6 (jesse) as well.

CVE-2012-5958, CVE-2012-5959, CVE-2012-5960

Humorously? Fedora actually has this in their bug tracker for MediaTomb
along with the other 2012 stack overflows, all unfixed
(https://bugzilla.redhat.com/show_bug.cgi?id=906045), despite an
upstream patch being available
(https://sourceforge.net/p/pupnp/code/ci/2bb79879b77dd215a26c92d1348adf2ae406dfd8/).

We've written a PoC cleverly named "cve-2012-5958.py" that triggers the
issue, producing the following stack trace:

(gdb) bt
#0  0x74ec9418 in __GI_raise (sig=sig@entry=6) at
../sysdeps/unix/sysv/linux/raise.c:54
#1  0x74ecb01a in __GI_abort () at abort.c:89
#2  0x74f0b72a in __libc_message (do_abort=do_abort@entry=2,
fmt=fmt@entry=0x75022c7f "*** %s ***: %s terminated\n") at
../sysdeps/posix/libc_fatal.c:175
#3  0x74fac89c in __GI___fortify_fail (msg=,
msg@entry=0x75022c10 "buffer overflow detected") at fortify_fail.c:37
#4  0x74faa8a0 in __GI___chk_fail () at chk_fail.c:28
#5  0x74fa9d49 in __strncpy_chk (s1=,
s2=, n=, s1len=) at
strncpy_chk.c:26
#6  0x0052110a in strncpy (__len=421, __src=,
__dest=0x7fffdf7fd590 "4") at
/usr/include/x86_64-linux-gnu/bits/string3.h:126
#7  unique_service_name (cmd=cmd@entry=0x7fffd0001280
"ssdp:uuid:schemas:device:", 'a' ...,
Evt=Evt@entry=0x7fffdf7fd770) at ../upnp/src/ssdp/ssdp_server.c:532
#8  0x00521392 in ssdp_request_type (cmd=0x7fffd0001280
"ssdp:uuid:schemas:device:", 'a' ...,
Evt=Evt@entry=0x7fffdf7fd770) at ../upnp/src/ssdp/ssdp_server.c:634
#9  0x00524e0a in ssdp_handle_device_request
(hmsg=hmsg@entry=0x7fffd80008c0,
dest_addr=dest_addr@entry=0x7fffd8000a38) at
../upnp/src/ssdp/ssdp_device.c:157
#10 0x005209cd in ssdp_event_handler_thread
(the_data=0x7fffd80008c0) at ../upnp/src/ssdp/ssdp_server.c:797
#11 0x00523373 in WorkerThread (arg=0x798d00 )
at ../threadutil/src/ThreadPool.c:594
#12 0x770d76fa in start_thread (arg=0x7fffdf7fe700) at
pthread_create.c:333
#13 0x74f9ab5d in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:109

We’ve also written a PoC named "cve-2012-5959.py" (consistency is key)
that triggers the issue, producing the following stack trace:

(gdb) bt
#0  0x74ec9418 in __GI_raise (sig=sig@entry=6) at
../sysdeps/unix/sysv/linux/raise.c:54
#1  0x74ecb01a in __GI_abort () at abort.c:89
#2  0x74f0b72a in __libc_message (do_abort=do_abort@entry=2,
fmt=fmt@entry=0x75022c7f "*** %s ***: %s terminated\n") at
../sysdeps/posix/libc_fatal.c:175
#3  0x74fac89c in __GI___fortify_fail (msg=,
msg@entry=0x75022c10 "buffer overflow detected") at fortify_fail.c:37
#4  0x74faa8a0 in __GI___chk_fail () at chk_fail.c:28
#5  0x74fa9d49 in __strncpy_chk (s1=,
s2=, n=, s1len=) at

Bug#863785: marked as done (mediatomb: Please drop dependency against mozjs 1.8.5)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 15:53:50 +
with message-id 
and subject line Bug#863785: fixed in gerbera
has caused the Debian Bug report #863785,
regarding mediatomb: Please drop dependency against mozjs 1.8.5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
863785: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863785
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mediatomb
Version: 0.12.1-47-g7ab7616-1
Severity: normal
Tags: sid buster
User: pkg-gnome-maintain...@lists.alioth.debian.org
Usertags: oldlibs mozjs185

Dear maintainer,

Your package is depending against mozjs 1.8.5. This package is old
and currently orphaned.

Could you please remove this dependency or switch to a more recent
version of mozjs?

We should remove this version of mozjs from buster, I'm planning to
make this bug RC when the new development cycle is open.

Kind Regards,

Laurent Bigonville 
--- End Message ---
--- Begin Message ---
Source: gerbera
Source-Version: 1.0.0-1

This is fixed in gerbera 1.0.0. Gerbera now uses duktape as its
javascript engine instead of mozjs. It is not fixed in mediatomb, but
mediatomb is due to be removed anyway.

Thanks,
James



signature.asc
Description: OpenPGP digital signature
--- End Message ---

Bug#845874: marked as done (mediatomb: switch to build depend on the metapackage default-libmysqlclient-dev)

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 15:55:35 +
with message-id <2623a565-ff8e-540c-021c-55da011d6...@debian.org>
and subject line Bug#845874: fixed in gerbera
has caused the Debian Bug report #845874,
regarding mediatomb: switch to build depend on the metapackage 
default-libmysqlclient-dev
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
845874: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845874
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: mediatomb
Severity: important

Hi! 

This package build depends on libmysqlclient-dev. It should instead
build-depend on default-libmysqlclient-dev metapackage, and end up
having the run-time dependency of the libmysqlclient implementation
Debian has chosen to use, currently MariaDB instead of Oracle MySQL. 

Announcement of new default-mysql-* metapackages:
https://lists.debian.org/debian-devel-announce/2016/09/msg0.html 

Wiki: https://wiki.debian.org/Teams/MySQL/default-mysql-server 

MBF: https://lists.debian.org/debian-devel/2016/11/msg00832.html 

Please update the depencies accordingly. In most cases the required
change is: 

* BEFORE: Build-Depends: libmysqlclient-dev 

* AFTER: Build-Depends: default-libmysqlclient-dev 

Thanks, 

Otto 
--- End Message ---
--- Begin Message ---
Source: gerbera
Source-Version: 1.0.0-1

This is fixed in gerbera 1.0.0. It is not fixed in mediatomb, but
mediatomb is due to be removed anyway.

Thanks,
James



signature.asc
Description: OpenPGP digital signature
--- End Message ---

Processed: severity of 882269 is normal, tagging 882269

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 882269 normal
Bug #882269 [src:kde-l10n] kde-l10n-de: Ohter application cause conflict with 
version old than 4:17.08.3-1
Severity set to 'normal' from 'serious'
> tags 882269 - pending
Bug #882269 [src:kde-l10n] kde-l10n-de: Ohter application cause conflict with 
version old than 4:17.08.3-1
Removed tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
882269: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882269
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#882321: rjava fails to build

[Matthias Klose]

Package: src:rjava
Version: 0.9-9-1
Severity: serious
Tags: sid buster

the package fails to build:

checking for sys/time.h... yes
checking for unistd.h... (cached) yes
checking for an ANSI C-conforming const... yes
checking whether time.h and sys/time.h may both be included... yes
configure: checking whether gcc -std=gnu99 supports static inline...
yes
checking whether setjmp.h is POSIX.1 compatible... yes
checking whether sigsetjmp is declared... yes
checking whether siglongjmp is declared... yes
checking Java support in R... present:
interpreter : '/usr/lib/jvm/default-java/jre/bin/java'
archiver: '/usr/lib/jvm/default-java/bin/jar'
compiler: '/usr/lib/jvm/default-java/bin/javac'
header prep.: '/usr/lib/jvm/default-java/bin/javah'
cpp flags   : '-I/usr/lib/jvm/default-java/include
-I/usr/lib/jvm/default-java/include/linux'
java libs   : '-L/usr/lib/jvm/default-java/jre/lib/amd64/server -ljvm'
checking whether Java run-time works... ./configure: line 3736:
/usr/lib/jvm/default-java/jre/bin/java: No such file or directory
no
configure: error: Java interpreter '/usr/lib/jvm/default-java/jre/bin/java' does
not work
ERROR: configuration failed for package ‘rJava’
* removing ‘/<>/debian/r-cran-rjava/usr/lib/R/site-library/rJava’
/usr/share/R/debian/r-cran.mk:101: recipe for target 'R_any_arch' failed
make: *** [R_any_arch] Error 1
dpkg-buildpackage: error: fakeroot debian/rules binary subprocess returned exit
status 2

Build finished at 20171112-0120

Finished

Bug#874295: clementine: installs non-free plugin at runtime

[Ian Jackson]

Anthony DeRobertis writes ("Re: clementine: installs non-free plugin at 
runtime"):
> I think it'd be reasonable to make the confirmation dialog explicitly
> say that the plugin is not free software. But other than that, which
> does not warrant severity: serious, I think this bug should be closed as
> not a bug.

With Debian's current stance on recommending non-free software (ie, we
are, contrary to our principles, happy to do it even if the user has
decided they do not want non-free), I agree with you.


Personally I think it should be a bug if any package in main offers to
download and run non-free software, other than in some kind of
restricted environment[1], if the user does not have the Debian
non-free area enabled.

[1] The distinction I am making is between what might normally be
thought of as programs, and situations where a turing-complete
protocol is used to deliver and display something that the user
inevitably knows is controlled by someone else and which they have
explicitly asked for.  For example, the JS in web pages; documents
provided as PostScript files, or whatever.

This rule would distinguish the binary blob Spotify client (forbidden)
from the proprietary music files it downloads (permitted, if there
were a Free client that could do the download).

Ian.

-- 
Ian Jackson    These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.

Bug#882317: libhibernate-validator-java: Missing build dependency on libjsoup-java

[Adrian Bunk]

Source: libhibernate-validator-java
Version: 4.3.3-2
Severity: serious

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/libhibernate-validator-java.html

...
[WARNING] The POM for org.jsoup:jsoup:jar:debian is missing, no dependency 
information available
[WARNING] The artifact org.testng:testng:jar:6.x has been relocated to 
org.testng:testng:jar:debian
[INFO] 
[INFO] Reactor Summary:
[INFO] 
[INFO] Hibernate Validator Aggregator . SUCCESS [  0.008 s]
[INFO] Hibernate Validator Engine . FAILURE [  0.822 s]
[INFO] 
[INFO] BUILD FAILURE
[INFO] 
[INFO] Total time: 1.501 s
[INFO] Finished at: 2017-11-20T23:29:19-12:00
[INFO] Final Memory: 17M/724M
[INFO] 
[ERROR] Failed to execute goal on project hibernate-validator: Could not 
resolve dependencies for project 
org.hibernate:hibernate-validator:jar:4.3.3.Final: Cannot access central 
(https://repo.maven.apache.org/maven2) in offline mode and the artifact 
org.jsoup:jsoup:jar:debian has not been downloaded from it before. -> [Help 1]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e 
switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please 
read the following articles:
[ERROR] [Help 1] 
http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
[ERROR] 
[ERROR] After correcting the problems, you can resume the build with the command
[ERROR]   mvn  -rf :hibernate-validator
dh_auto_build: /usr/lib/jvm/default-java/bin/java -noverify -cp 
/usr/share/maven/boot/plexus-classworlds-2.x.jar:/usr/lib/jvm/default-java/lib/tools.jar
 -Dmaven.home=/usr/share/maven 
-Dmaven.multiModuleProjectDirectory=/build/1st/libhibernate-validator-java-4.3.3
 -Dclassworlds.conf=/etc/maven/m2-debian.conf 
-Dproperties.file.manual=/build/1st/libhibernate-validator-java-4.3.3/debian/maven.properties
 org.codehaus.plexus.classworlds.launcher.Launcher 
-s/etc/maven/settings-debian.xml 
-Ddebian.dir=/build/1st/libhibernate-validator-java-4.3.3/debian 
-Dmaven.repo.local=/build/1st/libhibernate-validator-java-4.3.3/debian/maven-repo
 --batch-mode package -DskipTests -Dnotimestamp=true -Dlocale=en_US returned 
exit code 1
debian/rules:6: recipe for target 'build' failed
make: *** [build] Error 2

Bug#882305: libfinance-yahooquote-perl: yahooquote (and smtm) stopped working.

[Ivan Rossi]

Package: libfinance-yahooquote-perl
Version: 0.25
Severity: grave
Justification: renders package unusable

Dear Maintainer,

yahooquote (and smtm) stopped working. It seems that yahoo does not allow 
queries anymore.

how to reproduce:

$ yahooquote GOOG AMZN
Use of uninitialized value in concatenation (.) or string at 
/usr/bin/yahooquote line 33.
Use of uninitialized value in concatenation (.) or string at 
/usr/bin/yahooquote line 33.
Yahoo! - 403 Forbidden  -- error 403It 
has come to our attention that this service is being used in violation of the 
Yahoo Terms of Service.  As suchthe service is being discontinued.  For 
all future markets and equities data research
 please refer to finance.yahoo.com.



-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libfinance-yahooquote-perl depends on:
ii  libhtml-parser-perl   3.72-3
ii  libwww-perl   6.15-1
ii  perl  5.24.1-3+deb9u2
ii  perl-modules-5.24 [perl-modules]  5.24.1-3+deb9u2

libfinance-yahooquote-perl recommends no packages.

libfinance-yahooquote-perl suggests no packages.

-- no debconf information

Bug#882314: marked as done (swauth: Swift object/proxy server writing swauth Auth Token to log file (CVE-2017-16613))

[Debian Bug Tracking System]

Your message dated Tue, 21 Nov 2017 11:52:53 +
with message-id 
and subject line Bug#882314: fixed in swauth 1.2.0-4
has caused the Debian Bug report #882314,
regarding swauth: Swift object/proxy server writing swauth Auth Token to log 
file (CVE-2017-16613)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
882314: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882314
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: swauth
Version: 1.2.0-3
Severity: grave
Tags: security upstream
Justification: user security hole

Refs: https://bugs.launchpad.net/swift/+bug/1655781
CVE-2017-16613

Auth tokens logged by proxy and object server if the swauth[1] authentication 
middleware is used.

Swift object store and proxy server is saving tokens retrieved from middleware 
authentication mechanism (swauth) to log file

Steps to trigger the issue:

1. Enable `swauth` authentication middleware
2. Retieve token using:

```
swift -A http://127.0.0.1:8080/auth/v1.0 -U test:tester -K testing stat -v
```

Logs written when the above command is excecuted has the token as well:

```
Jan 11 22:51:22 ubuntu-xenial object-6030: 127.0.0.1 - - [11/Jan/2017:22:51:22 
+] "GET 
/sdb3/660/AUTH_.auth/.token_0/AUTH_tkc9ccde1d34c44c82ac1d260ddbd18df0" 200 194 
"GET 
http://127.0.0.1:8080/v1/AUTH_.auth/.token_0/AUTH_tkc9ccde1d34c44c82ac1d260ddbd18df0;
 "txfbebdc4d5b7f48b285132-005876b6ea" "proxy-server 31555" 0.0152 "-" 28646 0
Jan 11 22:51:22 ubuntu-xenial proxy-server: - - 11/Jan/2017/22/51/22 GET 
/v1/AUTH_.auth/.token_0/AUTH_tkc9ccde1d34c44c82ac1d260ddbd18df0 HTTP/1.0 200 - 
python-swiftclient-3.2.1.dev9%20Swauth - - 194 - 
txfbebdc4d5b7f48b285132-005876b6ea - 0.1124 SWTH - 1484175082.315428972 
1484175082.427867889 0
Jan 11 22:51:22 ubuntu-xenial object-6030: STDERR: 127.0.0.1 - - [11/Jan/2017 
22:51:22] "GET 
/sdb3/660/AUTH_.auth/.token_0/AUTH_tkc9ccde1d34c44c82ac1d260ddbd18df0 HTTP/1.1" 
200 579 0.028552 (txn: txfbebdc4d5b7f48b285132-005876b6ea)
```

3. After retrieving the token from the logfile, I was able to execute this 
command as below,

```
curl -i 
http://127.0.0.1:8080/v1/AUTH_d7f474ad-bfd1-47d4-a41c-8c727b3b5254?format=json 
-X GET -H "Accept-Encoding: gzip" -H "X-Auth-Token: 
AUTH_tkc9ccde1d34c44c82ac1d260ddbd18df0"
```

The output obtained:

```
HTTP/1.1 200 OK
Content-Length: 2
Accept-Ranges: bytes
X-Timestamp: 1484167500.58887
X-Account-Bytes-Used: 0
X-Account-Container-Count: 0
Content-Type: application/json; charset=utf-8
X-Account-Object-Count: 0
X-Trans-Id: txbd83d5254a404647bb086-005876ba2a
X-Openstack-Request-Id: txbd83d5254a404647bb086-005876ba2a
Date: Wed, 11 Jan 2017 23:05:14 GMT
```

As, swift has the ability to add any middleware for authentication, swauth is 
officially part of OpenStack project[1], the token should not be logged. I 
suspect this issue would be there for any authentication middleware and is a 
security issue.

[1]. https://github.com/openstack/swauth

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 
'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.13.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: swauth
Source-Version: 1.2.0-4

We believe that the bug you reported is fixed in the latest version of
swauth, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 882...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ondřej Nový  (supplier of updated swauth package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Tue, 21 Nov 2017 12:24:54 +0100
Source: swauth
Binary: swauth swauth-doc
Architecture: source
Version: 1.2.0-4
Distribution: unstable
Urgency: high
Maintainer: Debian OpenStack 
Changed-By: Ondřej Nový 
Description:
 swauth - 

Processed: bug 882314 is forwarded to https://bugs.launchpad.net/swift/+bug/1655781, found 882314 in 1.2.0-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forwarded 882314 https://bugs.launchpad.net/swift/+bug/1655781
Bug #882314 {Done: Ondřej Nový } [src:swauth] swauth: Swift 
object/proxy server writing swauth Auth Token to log file (CVE-2017-16613)
Set Bug forwarded-to-address to 'https://bugs.launchpad.net/swift/+bug/1655781'.
> found 882314 1.2.0-1
Bug #882314 {Done: Ondřej Nový } [src:swauth] swauth: Swift 
object/proxy server writing swauth Auth Token to log file (CVE-2017-16613)
Marked as found in versions swauth/1.2.0-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
882314: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882314
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Package still FTBFS

[Debian Bug Tracking System]

Processing control commands:

> reopen -1
Bug #858630 {Done: to...@debian.org (Dr. Tobias Quathamer)} 
[src:golang-github-grpc-ecosystem-go-grpc-prometheus] 
golang-github-grpc-ecosystem-go-grpc-prometheus: FTBFS: 
grpc_server_started_total should be incremented for PingList
'reopen' may be inappropriate when a bug has been closed with a version;
all fixed versions will be cleared, and you may need to re-add them.
Bug reopened
No longer marked as fixed in versions 
golang-github-grpc-ecosystem-go-grpc-prometheus/1.1+git20170826.0dafe0d-1.
> found -1 1.1+git20160910.0.6b7015e-1
Bug #858630 [src:golang-github-grpc-ecosystem-go-grpc-prometheus] 
golang-github-grpc-ecosystem-go-grpc-prometheus: FTBFS: 
grpc_server_started_total should be incremented for PingList
Ignoring request to alter found versions of bug #858630 to the same values 
previously set

-- 
858630: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858630
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#858630: Package still FTBFS

[Dr. Tobias Quathamer]

control: reopen -1
control: found -1 1.1+git20160910.0.6b7015e-1

Hi,

unfortunately, this bug is not yet fixed. While the package did build
fine in my chroot, it FTBFS in the arch:all buildd. Don't know why yet,
any help would be appreciated.

Regards,
Tobias




signature.asc
Description: OpenPGP digital signature

Bug#882305: libfinance-yahooquote-perl: yahooquote (and smtm) stopped working.

[Dirk Eddelbuettel]

On 21 November 2017 at 10:49, Ivan Rossi wrote:
| Package: libfinance-yahooquote-perl
| Version: 0.25
| Severity: grave
| Justification: renders package unusable
| 
| Dear Maintainer,
| 
| yahooquote (and smtm) stopped working. It seems that yahoo does not allow 
queries anymore.

That is the backend. Yahoo! stopped supporting this.

See several online discussions.

I think the only answer is to withdraw libfinance-yahooquote-perl from CRAN.

Dirk
 
| how to reproduce:
| 
| $ yahooquote GOOG AMZN
| Use of uninitialized value in concatenation (.) or string at 
/usr/bin/yahooquote line 33.
| Use of uninitialized value in concatenation (.) or string at 
/usr/bin/yahooquote line 33.
| Yahoo! - 403 Forbidden  -- error 
403It has come to our attention that this service is being 
used in violation of the Yahoo Terms of Service.  As suchthe service is 
being discontinued.  For all future markets and equities data research
|  please refer to finance.yahoo.com.
| 
| 
| 
| -- System Information:
| Debian Release: 9.1
|   APT prefers stable
|   APT policy: (500, 'stable')
| Architecture: amd64 (x86_64)
| Foreign Architectures: i386
| 
| Kernel: Linux 4.9.0-4-amd64 (SMP w/4 CPU cores)
| Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.utf8 (charmap=UTF-8)
| Shell: /bin/sh linked to /bin/dash
| Init: systemd (via /run/systemd/system)
| 
| Versions of packages libfinance-yahooquote-perl depends on:
| ii  libhtml-parser-perl   3.72-3
| ii  libwww-perl   6.15-1
| ii  perl  5.24.1-3+deb9u2
| ii  perl-modules-5.24 [perl-modules]  5.24.1-3+deb9u2
| 
| libfinance-yahooquote-perl recommends no packages.
| 
| libfinance-yahooquote-perl suggests no packages.
| 
| -- no debconf information

-- 
http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org