Bug#890007: condor ftbfs on all architectures

[Matthias Klose]

Package: src:condor
Version: 8.6.8~dfsg.1-1
Severity: serious
Tags: sid buster

looks it doesn't build with the new gsoap.

cd "/<>/obj-x86_64-linux-gnu/src/condor_collector.V6" &&
/usr/bin/c++  -DBUILD_DATE="\"Feb 06 2018\"" -DCONDOR_VERSION=\"8.6.8\"
-DGLIBC226=GLIBC226 -DGLIBC=GLIBC -DHAVE_CONFIG_H
-DLINUX=\"LINUX_4.9.0-5-AMD64\" -DPLATFORM=\"X86_64-Debian_\"
-DPRE_RELEASE_STR="\" Debian-8.6.8~dfsg.1-1+b1\"" -DWITH_OPENSSL -DX86_64=X86_64
-I"/<>/obj-x86_64-linux-gnu/bld_external/classads-8.6.8/install/include"
-I/usr/include/globus -I/usr/lib64/globus/include -I/usr/lib/globus/include
-I/usr/local/globus/include/globus -I"/<>/src/condor_includes"
-I"/<>/obj-x86_64-linux-gnu/src/condor_includes"
-I"/<>/src/condor_utils"
-I"/<>/obj-x86_64-linux-gnu/src/condor_utils"
-I"/<>/src/condor_daemon_core.V6"
-I"/<>/src/condor_daemon_client" -I"/<>/src/ccb"
-I"/<>/src/condor_io" -I"/<>/src/h"
-I"/<>/obj-x86_64-linux-gnu/src/h"
-I"/<>/obj-x86_64-linux-gnu/src/classad"
-I"/<>/src/classad" -I"/<>/src/safefile"
-I"/<>/obj-x86_64-linux-gnu/src/safefile"
-I"/<>/obj-x86_64-linux-gnu/src/condor_collector.V6"  -g -O2
-fdebug-prefix-map=/<>=. -fstack-protector-strong -Wformat
-Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -std=c++11 -DWITH_IPV6
-fopenmp -g -O2 -fdebug-prefix-map=/<>=. -fstack-protector-strong
-Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -fopenmp
-Wall -W -Wextra -Wfloat-equal -Wendif-labels -Wpointer-arith -Wcast-qual
-Wcast-align -Wvolatile-register-var -Wno-error=unused-local-typedefs
-Wdeprecated-declarations -Wno-error=deprecated-declarations
-Wno-nonnull-compare -Wno-error=nonnull-compare -fstack-protector -rdynamic -g
 -fPIE -DPIE -w -o CMakeFiles/condor_collector.dir/soap_collectorStub.cpp.o -c
"/<>/src/condor_collector.V6/soap_collectorStub.cpp"
/<>/src/condor_collector.V6/soap_collectorStub.cpp:31:17: error:
'soap_collector' is not a namespace-name
 using namespace soap_collector;
 ^~
/<>/src/condor_collector.V6/soap_collectorStub.cpp:31:31: error:
expected namespace-name before ';' token
 using namespace soap_collector;
   ^
In file included from
/<>/src/condor_collector.V6/soap_collectorStub.cpp:32:0:
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp: In
function 'bool convert_ad_to_adStruct(soap*, compat_classad::ClassAd*,
condor__ClassAdStruct*, bool)':
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:49:14:
error: invalid use of incomplete type 'struct condor__ClassAdStruct'
 ad_struct->__size = 0;
  ^~
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:30:31:
note: forward declaration of 'struct condor__ClassAdStruct'
struct condor__ClassAdStruct *ad_struct,
   ^
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:49:16:
error: invalid use of incomplete type 'struct condor__ClassAdStruct'
 ad_struct->__size = 0;
^~
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:30:31:
note: forward declaration of 'struct condor__ClassAdStruct'
struct condor__ClassAdStruct *ad_struct,
   ^
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:50:14:
error: invalid use of incomplete type 'struct condor__ClassAdStruct'
 ad_struct->__ptr = NULL;
  ^~
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:30:31:
note: forward declaration of 'struct condor__ClassAdStruct'
struct condor__ClassAdStruct *ad_struct,
   ^
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:50:16:
error: invalid use of incomplete type 'struct condor__ClassAdStruct'
 ad_struct->__ptr = NULL;
^
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:30:31:
note: forward declaration of 'struct condor__ClassAdStruct'
struct condor__ClassAdStruct *ad_struct,
   ^
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:65:14:
error: invalid use of incomplete type 'struct condor__ClassAdStruct'
 ad_struct->__size = 0;
  ^~
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:30:31:
note: forward declaration of 'struct condor__ClassAdStruct'
struct condor__ClassAdStruct *ad_struct,
   ^
/<>/src/condor_collector.V6/../condor_utils/soap_helpers.cpp:65:16:
error: invalid use of incomplete type 'struct condor__ClassAdStruct'
 ad_struct->__size = 0;

Bug#866109: marked as done (tiff: CVE-2017-9935: Heap-based buffer overflow in t2p_write_pdf)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 23:49:08 +
with message-id 
and subject line Bug#866109: fixed in tiff 4.0.8-2+deb9u2
has caused the Debian Bug report #866109,
regarding tiff: CVE-2017-9935: Heap-based buffer overflow in t2p_write_pdf
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
866109: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866109
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: tiff
Version: 4.0.8-2
Severity: grave
Tags: upstream security
Forwarded: http://bugzilla.maptools.org/show_bug.cgi?id=2704

Hi,

the following vulnerability was published for tiff, using severity
grave for now since I'm not sure code execution can be ruled out.

CVE-2017-9935[0]:
| In LibTIFF 4.0.8, there is a heap-based buffer overflow in the
| t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could
| lead to different damages. For example, a crafted TIFF document can
| lead to an out-of-bounds read in TIFFCleanup, an invalid free in
| TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or
| a double free in t2p_free. Given these possibilities, it probably could
| cause arbitrary code execution.

In the upstream bugtracker the reporter has provided his reproducers
which can be used later on to verfiy a fix as well with the given
testcases.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9935
[1] http://bugzilla.maptools.org/show_bug.cgi?id=2704

Please adjust the affected versions in the BTS as needed, specifically
no checks have been done yet for older versions than 4.0.8-2.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: tiff
Source-Version: 4.0.8-2+deb9u2

We believe that the bug you reported is fixed in the latest version of
tiff, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 866...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS)  (supplier of updated tiff package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sat, 30 Dec 2017 20:13:06 +
Source: tiff
Binary: libtiff5 libtiffxx5 libtiff5-dev libtiff-tools libtiff-opengl 
libtiff-doc
Architecture: source all amd64
Version: 4.0.8-2+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) 
Changed-By: Laszlo Boszormenyi (GCS) 
Description:
 libtiff-doc - TIFF manipulation and conversion documentation
 libtiff-opengl - TIFF manipulation and conversion tools
 libtiff-tools - TIFF manipulation and conversion tools
 libtiff5   - Tag Image File Format (TIFF) library
 libtiff5-dev - Tag Image File Format library (TIFF), development files
 libtiffxx5 - Tag Image File Format (TIFF) library -- C++ interface
Closes: 866109 868513 872607 873879 873880 885985
Changes:
 tiff (4.0.8-2+deb9u2) stretch-security; urgency=high
 .
   * Fix CVE-2017-11335: heap based buffer write overflow in tiff2pdf
 (closes: #868513).
   * Fix CVE-2017-12944: OOM prevention in TIFFReadDirEntryArray()
 (closes: #872607).
   * Fix CVE-2017-13726: reachable assertion abort in TIFFWriteDirectorySec()
 (closes: #873880).
   * Fix CVE-2017-13727: reachable assertion abort in
 TIFFWriteDirectoryTagSubifd() (closes: #873879).
   * Fix CVE-2017-18013: NULL pointer dereference in TIFFPrintDirectory()
 (closes: #885985).
   * Fix CVE-2017-9935: heap-based buffer overflow in the t2p_write_pdf()
 function (closes: #866109).
Checksums-Sha1:
 7b8e353320028667b6d5320533d7ab6ed0974868 2185 tiff_4.0.8-2+deb9u2.dsc
 34dfd38e29ab6c66d21ca7e4a388088b6e0e4b40 26252 
tiff_4.0.8-2+deb9u2.debian.tar.xz
 9000bc577b99dcbdc8ef5dde806c2adeb78d744a 395746 
libtiff-doc_4.0.8-2+deb9u2_all.deb
 70f0e4fab28528f4ff8cd8e3bb7fa7a98c68b6ae 14182 
libtiff-opengl-dbgsym_4.0.8-2+deb9u2_amd64.deb
 92c052e7a85e13273f363cee870c6d9dcb21cc2b 100320 

Bug#883314: marked as done (wordpress: CVE-2017-17091 CVE-2017-17092 CVE-2017-17093 CVE-2017-17094)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 23:49:51 +
with message-id 
and subject line Bug#883314: fixed in wordpress 4.7.5+dfsg-2+deb9u2
has caused the Debian Bug report #883314,
regarding wordpress: CVE-2017-17091 CVE-2017-17092 CVE-2017-17093 CVE-2017-17094
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
883314: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883314
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: wordpress
Version: 4.1+dfsg-1
X-Debbugs-CC: t...@security.debian.org 
secure-testing-t...@lists.alioth.debian.org
Severity: grave
Tags: security upstream fixed-upstream

Hi,

the following vulnerabilities were published for wordpress.

CVE-2017-17091[0]:
| wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser
| key to a string that can be directly derived from the user ID, which
| allows remote attackers to bypass intended access restrictions by
| entering this string.

CVE-2017-17092[1]:
| wp-includes/functions.php in WordPress before 4.9.1 does not require
| the unfiltered_html capability for upload of .js files, which might
| allow remote attackers to conduct XSS attacks via a crafted file.

CVE-2017-17093[2]:
| wp-includes/general-template.php in WordPress before 4.9.1 does not
| properly restrict the lang attribute of an HTML element, which might
| allow attackers to conduct XSS attacks via the language setting of a
| site.

CVE-2017-17094[3]:
| wp-includes/feed.php in WordPress before 4.9.1 does not properly
| restrict enclosures in RSS and Atom fields, which might allow attackers
| to conduct XSS attacks via a crafted URL.

Published at [4]. The respective commits are all referenced in the
corresponding CVE page on the security-tracker and were used for the
CVE request.

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-17091
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17091
[1] https://security-tracker.debian.org/tracker/CVE-2017-17092
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17092
[2] https://security-tracker.debian.org/tracker/CVE-2017-17093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17093
[3] https://security-tracker.debian.org/tracker/CVE-2017-17094
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094
[4] 
https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: wordpress
Source-Version: 4.7.5+dfsg-2+deb9u2

We believe that the bug you reported is fixed in the latest version of
wordpress, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 883...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Craig Small  (supplier of updated wordpress package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 04 Jan 2018 18:19:44 +1100
Source: wordpress
Binary: wordpress wordpress-l10n wordpress-theme-twentysixteen 
wordpress-theme-twentyfifteen wordpress-theme-twentyseventeen
Architecture: source all
Version: 4.7.5+dfsg-2+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Craig Small 
Changed-By: Craig Small 
Description:
 wordpress  - weblog manager
 wordpress-l10n - weblog manager - language files
 wordpress-theme-twentyfifteen - weblog manager - twentytfifteen theme files
 wordpress-theme-twentyseventeen - weblog manager - twentyseventeen theme files
 wordpress-theme-twentysixteen - weblog manager - twentysixteen theme files
Closes: 880528 883314
Changes:
 wordpress (4.7.5+dfsg-2+deb9u2) stretch-security; urgency=high
 .
   * Backport security patches from 4.9.1 Closes: #883314
 - CVE-2017-17091
   Use a properly generated hash for the newbloguser key instead
   of a determinate substring.
   Changeset 42272
 - CVE-2017-17092
   Remove the ability to upload JavaScript files for users who
   do not 

Bug#887488: marked as done (openocd: CVE-2018-5704 cross protocol scripting attack)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 23:47:09 +
with message-id 
and subject line Bug#887488: fixed in openocd 0.9.0-1+deb8u1
has caused the Debian Bug report #887488,
regarding openocd: CVE-2018-5704 cross protocol scripting attack
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
887488: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887488
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: openocd
X-Debbugs-CC: t...@security.debian.org 
secure-testing-t...@lists.alioth.debian.org
Severity: grave
Tags: important

Hi,

the following vulnerability was published for openocd.

CVE-2018-5704[0]:
| Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use
| HTTP POST for sending data to 127.0.0.1 port , which allows remote
| attackers to conduct cross-protocol scripting attacks, and consequently
| execute arbitrary commands, via a crafted web site.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-5704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5704

Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---
Source: openocd
Source-Version: 0.9.0-1+deb8u1

We believe that the bug you reported is fixed in the latest version of
openocd, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 887...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonathan McDowell  (supplier of updated openocd package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 18 Jan 2018 14:05:10 +
Source: openocd
Binary: openocd
Architecture: source amd64
Version: 0.9.0-1+deb8u1
Distribution: stretch-security
Urgency: high
Maintainer: Uwe Hermann 
Changed-By: Jonathan McDowell 
Description:
 openocd- Open on-chip JTAG debug solution for ARM and MIPS systems
Closes: 887488
Changes:
 openocd (0.9.0-1+deb8u1) stretch-security; urgency=high
 .
   * Update debian/gbp.conf to deal with stretch
   * Pull "bindto" command from upstream
   * Bind to localhost by default
   * Prevent some forms of Cross Protocol Scripting attacks (CVE-2018-5704)
 (Closes: #887488)
Checksums-Sha1:
 6e102d7ec65e63b3532efc88f6c5a27f3005d743 2079 openocd_0.9.0-1+deb8u1.dsc
 f57cb48ae09baac7dc6e3961f134317fb1dec290 4970346 openocd_0.9.0.orig.tar.gz
 72a0629202620240f46f7a2da0003bf01c24a49b 16008 
openocd_0.9.0-1+deb8u1.debian.tar.xz
 c2b495c301df9bb73c65b33d9b3f2e1c08d6339a 2613754 
openocd-dbgsym_0.9.0-1+deb8u1_amd64.deb
 fa5cb2f27380d300b7bf3aa3779015363e19c30b 8973 
openocd_0.9.0-1+deb8u1_amd64.buildinfo
 8777f2982f08d8c8509dd3127709ff25014ca1ac 2269242 
openocd_0.9.0-1+deb8u1_amd64.deb
Checksums-Sha256:
 325cd472ae912193f6d6930d8d22259986766c478b49670d01654f60503c52f6 2079 
openocd_0.9.0-1+deb8u1.dsc
 840ed225216f49f5c07bda8b2cbb5c8384bb4d8724335dcccf26787fa0650513 4970346 
openocd_0.9.0.orig.tar.gz
 499217f240a4250c57152f7be53f3df714c48eea10b4c65c3b9d6104a14be580 16008 
openocd_0.9.0-1+deb8u1.debian.tar.xz
 4a8dc913181516f490ca72446bf2fd170e7379a35877d458ec2d29f8c3faee20 2613754 
openocd-dbgsym_0.9.0-1+deb8u1_amd64.deb
 29cf813309e7642cde5f2307617a86c0beb1557be54ff8ca6cff731764c79b6a 8973 
openocd_0.9.0-1+deb8u1_amd64.buildinfo
 102d6ffa807be4654648a0b6209ee51cc0c646b50d4f3c3bab739c7ae895252a 2269242 
openocd_0.9.0-1+deb8u1_amd64.deb
Files:
 676cddf173dd6f3f9343908d230493dd 2079 embedded extra openocd_0.9.0-1+deb8u1.dsc
 7973c2c0132b1bb9fb1d12b4534418f4 4970346 embedded extra 
openocd_0.9.0.orig.tar.gz
 b258cc4bc8915eee7e671e5e1a3fb58b 16008 embedded extra 
openocd_0.9.0-1+deb8u1.debian.tar.xz
 47515c006a0adca581b3000f53ac538b 2613754 debug extra 
openocd-dbgsym_0.9.0-1+deb8u1_amd64.deb
 dbf77caa0aeef22c79d8328ac30283b8 8973 embedded extra 
openocd_0.9.0-1+deb8u1_amd64.buildinfo
 1d1b1bec9dc0f391f8ca9a36471dfd06 2269242 embedded extra 
openocd_0.9.0-1+deb8u1_amd64.deb

-BEGIN PGP SIGNATURE-

Bug#888297: marked as done (p7zip: CVE-2017-17969: ZIP Shrink: Heap Buffer Overflow)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 23:47:13 +
with message-id 
and subject line Bug#888297: fixed in p7zip 16.02+dfsg-3+deb9u1
has caused the Debian Bug report #888297,
regarding p7zip: CVE-2017-17969: ZIP Shrink: Heap Buffer Overflow
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
888297: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888297
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: p7zip
Version: 16.02+dfsg-4
Severity: grave
Tags: upstream newcomer security
Justification: user security hole

Dear Maintainer,

p7zip, p7zip-full and the non-free component p7zip-rar are affected by two
vulnerabilities:
https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-
zip/?hn

In particular, the RAR3 and LZW algorithm implementations are susceptible to
memory corruption and may compromise a system through specially crafted
archives.

These issues have already been fixed upstream, and a new version of p7zip
(18.0) is available.

Please update all p7zip* packages to their latest versions as soon as possible.

Thank you.



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (900, 'stable'), (500, 'unstable-debug'), (500, 
'testing-debug'), (300, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_GB.UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) (ignored: LC_ALL set to 
en_GB.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages p7zip depends on:
ii  libc6   2.26-2
ii  libgcc1 1:7.2.0-19
ii  libstdc++6  7.2.0-19

p7zip recommends no packages.

Versions of packages p7zip suggests:
ii  p7zip-full  16.02+dfsg-4

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: p7zip
Source-Version: 16.02+dfsg-3+deb9u1

We believe that the bug you reported is fixed in the latest version of
p7zip, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 888...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso  (supplier of updated p7zip package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 02 Feb 2018 11:11:41 +0100
Source: p7zip
Binary: p7zip p7zip-full
Architecture: source
Version: 16.02+dfsg-3+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Robert Luberda 
Changed-By: Salvatore Bonaccorso 
Closes: 888297
Description: 
 p7zip  - 7zr file archiver with high compression ratio
 p7zip-full - 7z and 7za file archivers with high compression ratio
Changes:
 p7zip (16.02+dfsg-3+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp
 (CVE-2017-17969)
 Thanks to Antoine Beaupré (Closes: #888297)
Checksums-Sha1: 
 d9be5730246a2a126a5a629b52329bbd03cea6f3 2110 p7zip_16.02+dfsg-3+deb9u1.dsc
 0894bd217b25e90edd42bc47ea0edf8c6a324005 3611764 p7zip_16.02+dfsg.orig.tar.xz
 8b0da7503dffe82e6f50cfaf1a4f1021d1fc2cf2 21008 
p7zip_16.02+dfsg-3+deb9u1.debian.tar.xz
Checksums-Sha256: 
 d895c5fc94d46dd9390e925d0d687010fadc198e01624f5d620a7fcca5187e11 2110 
p7zip_16.02+dfsg-3+deb9u1.dsc
 50adee7a4259e3492d8b68dfd12bda0ed27e615193a16f10af296f23dc831b14 3611764 
p7zip_16.02+dfsg.orig.tar.xz
 4d0f8fe6ccef505212a77611457257b378982224f097b4c5caefe09687186d16 21008 
p7zip_16.02+dfsg-3+deb9u1.debian.tar.xz
Files: 
 87c3d4d312607500e5fc987b789cf75d 2110 utils optional 
p7zip_16.02+dfsg-3+deb9u1.dsc
 95a6a79c62a84fee541f99f763b81c31 3611764 utils optional 
p7zip_16.02+dfsg.orig.tar.xz
 e6b42a74a1f22ff42197e7ccd9893d05 21008 utils optional 
p7zip_16.02+dfsg-3+deb9u1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlp026xfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2

Bug#889119: marked as done (php-console-table FTBFS with PHP 7.2)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 23:05:47 +
with message-id 
and subject line Bug#889119: fixed in php-console-table 1.3.1-0.1
has caused the Debian Bug report #889119,
regarding php-console-table FTBFS with PHP 7.2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889119: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889119
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: php-console-table
Version: 1.3.0-2
Severity: serious
Tags: buster sid

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/php-console-table.html

...
   debian/rules override_dh_auto_test
make[1]: Entering directory '/build/1st/php-console-table-1.3.0'
pear run-tests Console_Table-*/tests
Running 15 tests
FAIL [ 1/15] Header and data as associative 
arrays.[Console_Table-1.3.0/tests/assoziative_arrays.phpt]
PASS [ 2/15] Border: default ASCII 
mode[Console_Table-1.3.0/tests/border-ascii.phpt]
PASS [ 3/15] Border: new custom 
mode[Console_Table-1.3.0/tests/border-custom.phpt]
PASS [ 4/15] Border: new custom mode, alternative 
style[Console_Table-1.3.0/tests/border-custom2.phpt]
PASS [ 5/15] Border: disable it[Console_Table-1.3.0/tests/border-disable.phpt]
PASS [ 6/15] Border: custom border 
character[Console_Table-1.3.0/tests/border-dot.phpt]
PASS [ 7/15] Border: empty 
character[Console_Table-1.3.0/tests/border-empty.phpt]
PASS [ 8/15] Bug #20181: setAlign() on non-zero 
column[Console_Table-1.3.0/tests/bug20181.phpt]
SKIP Data with ANSI color codes[Console_Table-1.3.0/tests/colors.phpt](reason: 
Console_Color2 not installed)

Warning: count(): Parameter must be an array or an object that implements 
Countable in PEAR/RunTest.php on line 346
PHP Warning:  count(): Parameter must be an array or an object that implements 
Countable in /usr/share/php/PEAR/RunTest.php on line 346
FAIL [10/15] Callback filters[Console_Table-1.3.0/tests/filters.phpt]
FAIL [11/15] Multibyte strings[Console_Table-1.3.0/tests/multibyte.phpt]
FAIL [12/15] Multiline table cells[Console_Table-1.3.0/tests/multiline.phpt]
FAIL [13/15] Table without header[Console_Table-1.3.0/tests/no_header.phpt]
PASS [14/15] Table without data[Console_Table-1.3.0/tests/no_rows.phpt]
FAIL [15/15] Horizontal rules[Console_Table-1.3.0/tests/rules.phpt]
wrote log to "/build/1st/php-console-table-1.3.0/run-tests.log"
TOTAL TIME: 00:10
8 PASSED TESTS
1 SKIPPED TESTS
6 FAILED TESTS:
/build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/assoziative_arrays.phpt
/build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/filters.phpt
/build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/multibyte.phpt
/build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/multiline.phpt
/build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/no_header.phpt
/build/1st/php-console-table-1.3.0/Console_Table-1.3.0/tests/rules.phpt
Some tests failed
debian/rules:7: recipe for target 'override_dh_auto_test' failed
make[1]: *** [override_dh_auto_test] Error 1
--- End Message ---
--- Begin Message ---
Source: php-console-table
Source-Version: 1.3.1-0.1

We believe that the bug you reported is fixed in the latest version of
php-console-table, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 889...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dimitri John Ledkov  (supplier of updated php-console-table 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 09 Feb 2018 22:47:18 +
Source: php-console-table
Binary: php-console-table
Architecture: source
Version: 1.3.1-0.1
Distribution: unstable
Urgency: medium
Maintainer: Debian PHP PEAR Maintainers 
Changed-By: Dimitri John Ledkov 
Description:
 php-console-table -
Closes: 889119
Changes:
 php-console-table (1.3.1-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload
   * New upstream point release
   * Fixes FTBFS with php7.2 Closes: #889119
Checksums-Sha1:
 c4d2d4d5e7868790728970680c8c12e9e50d67c7 1828 php-console-table_1.3.1-0.1.dsc
 746969753219ba583dd7e60c3aca9b8fe5d6ca79 11492 

Bug#889144: marked as done (stricter PIDfile handling breaks several daemons)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:52:12 +
with message-id 
and subject line Bug#889144: fixed in systemd 237-2
has caused the Debian Bug report #889144,
regarding stricter PIDfile handling breaks several daemons
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889144: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889144
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: systemd
Version: 237-1
Severity: important
Tags: upstream

Hi!

The upstream commit db256aab13d8a89d583ecd2bacf0aca87c66effc "core: be 
stricter when handling PID files and MAINPID sd_notify() messages"
breaks several daemons in Debian.

Known issues exist for

  - munin-node https://bugs.debian.org/889073
  - ulogd2
  - dnsmasq https://lists.debian.org/debian-user/2018/01/msg01331.html

and possibly others.

Symptom is a timeout during service start, constant service restarts (if
configured) and log messages like:

Feb  2 14:22:49 HOST systemd[1]: ulogd2.service: Permission denied while 
opening PID file or unsafe symlink chain: /run/ulog/ulogd.pid
Feb  2 14:23:54 HOST systemd[1]: munin-node.service: Permission denied while 
opening PID file or unsafe symlink chain: /run/munin/munin-node.pid

Problem lies, as far as I understand the change, in the permissions of
the directory in which the PIDfile is created by the daemon. In all
cases it does not belong root:root but the respective service user:

HOST:/run# ls -ld ulog munin
drwxr-xr-x 2 munin root 100 Feb  2 14:50 munin
drwxr-xr-x 2 ulog  ulog  40 Feb  2 14:24 ulog

My quick'n'dirty workaround for munin was to change the PIDfile path to
just "/run" in both the systemd unit and the configuration file and for
ulogd2 I converted the unit from Type=forking to Type=simple, omitting
the PIDfile completely.

But this can only be a workaround in my opinion, because the upstream
change changes an assumption on how and where PIDfiles can work without
any prior notice. This needs to be changed to a non-fatal warning and
not an error, IMHO.

Grüße,
Sven.

-- Package-specific info:

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 
'unstable'), (500, 'testing'), (200, 'experimental'), (1, 'experimental-debug')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), 
LANGUAGE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages systemd depends on:
ii  adduser  3.116
ii  libacl1  2.2.52-3+b1
ii  libapparmor1 2.12-2
ii  libaudit11:2.8.2-1
ii  libblkid12.30.2-0.3
ii  libc62.26-6
ii  libcap2  1:2.25-1.2
ii  libcryptsetup12  2:2.0.0-1
ii  libgcrypt20  1.8.1-4
ii  libgpg-error01.27-5
ii  libidn11 1.33-2.1
ii  libip4tc01.6.1-2+b1
ii  libkmod2 25-1
ii  liblz4-1 0.0~r131-2+b1
ii  liblzma5 5.2.2-1.3
ii  libmount12.30.2-0.3
ii  libpam0g 1.1.8-3.6
ii  libseccomp2  2.3.1-2.1
ii  libselinux1  2.7-2
ii  libsystemd0  237-1
ii  mount2.30.2-0.3
ii  procps   2:3.3.12-3
ii  util-linux   2.30.2-0.3

Versions of packages systemd recommends:
ii  dbus1.12.2-1
ii  libpam-systemd  237-1

Versions of packages systemd suggests:
ii  policykit-10.105-18
pn  systemd-container  

Versions of packages systemd is related to:
pn  dracut   
ii  initramfs-tools  0.130
ii  udev 237-1

-- Configuration Files:
/etc/systemd/journald.conf changed [not included]
/etc/systemd/logind.conf changed [not included]
/etc/systemd/system.conf changed [not included]

-- debconf-show failed
--- End Message ---
--- Begin Message ---
Source: systemd
Source-Version: 237-2

We believe that the bug you reported is fixed in the latest version of
systemd, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 889...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Biebl  (supplier of updated systemd package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please 

Processed: Bug #889144 in systemd marked as pending

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #889144 [systemd] stricter PIDfile handling breaks several daemons
Added tag(s) pending.

-- 
889144: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889144
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#885340: marked as done (CVE-2017-17504)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:40 +
with message-id 
and subject line Bug#885340: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #885340,
regarding CVE-2017-17504
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
885340: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885340
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: imagemagick
Severity: important
Tags: security

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17504:
https://github.com/ImageMagick/ImageMagick/issues/872

ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/ce3a586a43a7d13442587eb7f28d129557b6a135
ImageMagick-7: 
https://github.com/ImageMagick/ImageMagick/commit/59c49559e302e06bfba46cb6feb4e39adbe675b6
ImageMagick-7: 
https://github.com/ImageMagick/ImageMagick/commit/fb89192c4ca1600741af79dd22166a7d91e76924

 
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 885...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - 
architecture header files
 libmagickcore-6-headers - low-level image manipulation library - header files
 libmagickcore-6.q16-5 - low-level image manipulation library -- quantum depth 
Q16
 libmagickcore-6.q16-5-extra - low-level image manipulation library - extra 
codecs (Q16)
 libmagickcore-6.q16-dev - low-level image manipulation library - development 
files (Q16)
 libmagickcore-6.q16hdri-5 - low-level image manipulation library -- 

Bug#889144: Bug #889144 in systemd marked as pending

[biebl]

Control: tag -1 pending

Hello,

Bug #889144 in systemd reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below, and you can check the diff of the fix at:

https://salsa.debian.org/systemd-team/systemd/commit/d8753ea48c3ed470140c7b9b6c0aa1b1073135b3


service: relax PID file symlink chain checks a bit

Let's read the PID file after all if there's a potentially unsafe
symlink chain in place. But if we do, then refuse taking the PID if its
outside of the cgroup.

Closes: #889144



(this message was generated automatically)
-- 
Greetings

Bug#885339: marked as done (CVE-2017-17499)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:40 +
with message-id 
and subject line Bug#885339: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #885339,
regarding CVE-2017-17499
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
885339: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885339
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: imagemagick
Version: 8:6.9.7.4+dfsg-16
Severity: important
Tags: security

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17499:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3=33078=5fbb164c3830293138917f9b14264ed1

ImageMagick-7: 
https://github.com/ImageMagick/ImageMagick/commit/8c35502217c1879cb8257c617007282eee3fe1cc
ImageMagick-6: 
https://github.com/ImageMagick/ImageMagick/commit/dd96d671e4d5ae22c6894c302e8996c13f24c45a

--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 885...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - 
architecture header files
 libmagickcore-6-headers - low-level image manipulation library - header files
 libmagickcore-6.q16-5 - low-level image manipulation library -- quantum depth 
Q16
 libmagickcore-6.q16-5-extra - low-level image manipulation library - extra 
codecs (Q16)
 libmagickcore-6.q16-dev - low-level image manipulation library - development 
files (Q16)
 libmagickcore-6.q16hdri-5 - low-level image manipulation library -- quantum 
depth Q16HDRI
 

Bug#890001: marked as done (libspring-java: CVE-2018-1199 Security bypass with static resources)

[Debian Bug Tracking System]

Your message dated Fri, 9 Feb 2018 23:39:35 +0100
with message-id <424323a7-fd41-b43b-2171-992bdacad...@debian.org>
and subject line Re: Bug#890001: libspring-java: CVE-2018-1199 Security bypass 
with static resources
has caused the Debian Bug report #890001,
regarding libspring-java: CVE-2018-1199 Security bypass with static resources
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
890001: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890001
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libspring-java
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

the following vulnerability was published for libspring-java.

I intend to fix this in sid/buster by uploading 4.3.14.

CVE-2018-1199[0]:
Security bypass with static resources

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-1199
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1199

Please adjust the affected versions in the BTS as needed.



signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Version: 4.3.14-1



signature.asc
Description: OpenPGP digital signature
--- End Message ---

Bug#885125: marked as done (imagemagick: CVE-2017-17879: heap-buffer-overflow in ReadOneMNGImage)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:40 +
with message-id 
and subject line Bug#885125: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #885125,
regarding imagemagick: CVE-2017-17879: heap-buffer-overflow in ReadOneMNGImage
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
885125: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885125
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: imagemagick
Version: 8:6.9.7.4+dfsg-1
Severity: important
Tags: patch security upstream
Forwarded: https://github.com/ImageMagick/ImageMagick/issues/906

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-17879[0]:
| In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a heap-based
| buffer over-read in ReadOneMNGImage in coders/png.c, related to length
| calculation and caused by an off-by-one error.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-17879
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17879
[1] https://github.com/ImageMagick/ImageMagick/issues/906

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 885...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - 
architecture 

Bug#881392: marked as done (imagemagick: CVE-2017-16546)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:40 +
with message-id 
and subject line Bug#881392: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #881392,
regarding imagemagick: CVE-2017-16546
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
881392: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881392
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: imagemagick
Version: 8:6.9.7.4+dfsg-11
Severity: important
Tags: patch security upstream
Forwarded: https://github.com/ImageMagick/ImageMagick/issues/851

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-16546[0]:
| The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does
| not properly validate the colormap index in a WPG palette, which allows
| remote attackers to cause a denial of service (use of uninitialized
| data or invalid memory allocation) or possibly have unspecified other
| impact via a malformed WPG file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-16546
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16546
[1] https://github.com/ImageMagick/ImageMagick/issues/851
[2] 
https://github.com/ImageMagick/ImageMagick/commit/e04cf3e9524f50ca336253513d977224e083b816

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 881...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - 

Bug#878562: marked as done (imagemagick: CVE-2017-14989)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:40 +
with message-id 
and subject line Bug#878562: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #878562,
regarding imagemagick: CVE-2017-14989
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
878562: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878562
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: imagemagick
Version: 8:6.8.9.9-1
Severity: important
Tags: patch security upstream
Forwarded: https://github.com/ImageMagick/ImageMagick/issues/781

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-14989[0]:
| A use-after-free in RenderFreetype in MagickCore/annotate.c in
| ImageMagick 7.0.7-4 Q16 allows attackers to crash the application via a
| crafted font file, because the FT_Done_Glyph function (from FreeType 2)
| is called at an incorrect place in the ImageMagick code.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-14989
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14989
[1] https://github.com/ImageMagick/ImageMagick/issues/781

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 878...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - 
architecture header files
 

Bug#878507: marked as done (imagemagick: CVE-2017-13769)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:39 +
with message-id 
and subject line Bug#878507: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #878507,
regarding imagemagick: CVE-2017-13769
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
878507: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878507
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: imagemagick
Version: 8:6.9.7.4+dfsg-11
Severity: important
Tags: patch security upstream
Forwarded: https://github.com/ImageMagick/ImageMagick/issues/705

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-13769[0]:
| The WriteTHUMBNAILImage function in coders/thumbnail.c in ImageMagick
| through 7.0.6-10 allows an attacker to cause a denial of service
| (buffer over-read) by sending a crafted JPEG file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-13769
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13769
[1] https://github.com/ImageMagick/ImageMagick/issues/705

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 878...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - 
architecture header files
 libmagickcore-6-headers - 

Bug#878508: marked as done (imagemagick: CVE-2017-13758)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:39 +
with message-id 
and subject line Bug#878508: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #878508,
regarding imagemagick: CVE-2017-13758
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
878508: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878508
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: imagemagick
Version: 8:6.9.7.4+dfsg-11
Severity: important
Tags: patch security upstream
Forwarded: 
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3=32583

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-13758[0]:
| In ImageMagick 7.0.6-10, there is a heap-based buffer overflow in the
| TracePoint() function in MagickCore/draw.c.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-13758
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13758
[1] https://www.imagemagick.org/discourse-server/viewtopic.php?f=3=32583

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 878...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - 
architecture header files
 libmagickcore-6-headers - low-level image manipulation library - 

Bug#876097: marked as done (imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:39 +
with message-id 
and subject line Bug#876097: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #876097,
regarding imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
876097: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876097
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: imagemagick
Version: 8:6.9.7.4+dfsg-11
Severity: important
Tags: upstream security patch
Forwarded: https://github.com/ImageMagick/ImageMagick/issues/733

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-14224[0]:
| A heap-based buffer overflow in WritePCXImage in coders/pcx.c in
| ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of
| service or code execution via a crafted file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-14224
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14224
[1] https://github.com/ImageMagick/ImageMagick/issues/733

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 876...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - 
architecture header 

Bug#878527: marked as done (imagemagick: CVE-2017-14607)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:39 +
with message-id 
and subject line Bug#878527: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #878527,
regarding imagemagick: CVE-2017-14607
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
878527: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878527
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: imagemagick
Version: 8:6.9.7.4+dfsg-11
Severity: important
Tags: patch security upstream
Forwarded: https://github.com/ImageMagick/ImageMagick/issues/765

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-14607[0]:
| In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related to
| ReadTIFFImage has been reported in coders/tiff.c. An attacker could
| possibly exploit this flaw to disclose potentially sensitive memory or
| cause an application crash.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-14607
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14607
[1] https://github.com/ImageMagick/ImageMagick/issues/765

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 878...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - 

Bug#878578: marked as done (imagemagick: CVE-2017-15277)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:40 +
with message-id 
and subject line Bug#878578: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #878578,
regarding imagemagick: CVE-2017-15277
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
878578: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878578
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: imagemagick
Version: 8:6.9.7.4+dfsg-11
Severity: important
Tags: patch security upstream
Forwarded: https://github.com/ImageMagick/ImageMagick/issues/592

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-15277[0]:
| ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick
| 1.3.26 leaves the palette uninitialized when processing a GIF file that
| has neither a global nor local palette. If the affected product is used
| as a library loaded into a process that operates on interesting data,
| this data sometimes can be leaked via the uninitialized palette.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-15277
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15277
[1] https://github.com/ImageMagick/ImageMagick/issues/592

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 878...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented 

Bug#876488: marked as done (imagemagick: CVE-2017-14682: Heap buffer overflow in GetNextToken())

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:39 +
with message-id 
and subject line Bug#876488: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #876488,
regarding imagemagick: CVE-2017-14682: Heap buffer overflow in GetNextToken()
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
876488: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876488
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: imagemagick
Version: 8:6.9.7.4+dfsg-11
Severity: grave
Tags: upstream security patch
Forwarded: 
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3=32726

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-14682[0]:
| GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows remote
| attackers to cause a denial of service (heap-based buffer overflow and
| application crash) or possibly have unspecified other impact via a
| crafted SVG document, a different vulnerability than CVE-2017-10928.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-14682
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14682
[1] https://www.imagemagick.org/discourse-server/viewtopic.php?f=3=32726
[2] 
https://github.com/ImageMagick/ImageMagick/commit/3bee958ee63eb6ec62834d0c7b28b4b6835e6a00

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 876...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ 

Bug#872373: marked as done (CVE-2017-12877)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:38 +
with message-id 
and subject line Bug#872373: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #872373,
regarding CVE-2017-12877
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
872373: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872373
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: imagemagick
Version: 8:6.9.7.4+dfsg-16
Severity: grave
Tags: security

This was assigned CVE-2017-12877:
https://github.com/ImageMagick/ImageMagick/issues/662
https://github.com/ImageMagick/ImageMagick/commit/98dda239ec398dd56453460849b4c9057fc424e5

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 872...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - 
architecture header files
 libmagickcore-6-headers - low-level image manipulation library - header files
 libmagickcore-6.q16-5 - low-level image manipulation library -- quantum depth 
Q16
 libmagickcore-6.q16-5-extra - low-level image manipulation library - extra 
codecs (Q16)
 libmagickcore-6.q16-dev - low-level image manipulation library - development 
files (Q16)
 libmagickcore-6.q16hdri-5 - low-level image manipulation library -- quantum 
depth Q16HDRI
 libmagickcore-6.q16hdri-5-extra - low-level image manipulation library - extra 
codecs (Q16HDRI)
 libmagickcore-6.q16hdri-dev - low-level image manipulation library - 
development files 

Bug#873099: marked as done (imagemagick: CVE-2017-13134)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:38 +
with message-id 
and subject line Bug#873099: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #873099,
regarding imagemagick: CVE-2017-13134
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
873099: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873099
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: imagemagick
Version: 8:6.9.7.4+dfsg-11
Severity: important
Tags: security patch upstream
Forwarded: https://github.com/ImageMagick/ImageMagick/issues/670

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-13134[0]:
| In ImageMagick 7.0.6-6, a heap-based buffer over-read was found in the
| function SFWScan in coders/sfw.c, which allows attackers to cause a
| denial of service via a crafted file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-13134
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13134

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 873...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - 
architecture header files
 libmagickcore-6-headers - low-level image manipulation library - header files
 

Bug#873134: marked as done (imagemagick: CVE-2017-12983)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:35:39 +
with message-id 
and subject line Bug#873134: fixed in imagemagick 8:6.9.9.34+dfsg-1
has caused the Debian Bug report #873134,
regarding imagemagick: CVE-2017-12983
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
873134: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873134
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: imagemagick
Version: 8:6.9.7.4+dfsg-11
Severity: important
Tags: security patch upstream
Forwarded: https://github.com/ImageMagick/ImageMagick/issues/682

Hi,

the following vulnerability was published for imagemagick.

CVE-2017-12983[0]:
| Heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c
| in ImageMagick 7.0.6-8 allows remote attackers to cause a denial of
| service (application crash) or possibly have unspecified other impact
| via a crafted file.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-12983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12983
[1] https://github.com/ImageMagick/ImageMagick/issues/682

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.9.34+dfsg-1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 873...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès  (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:05 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers 
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl 
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 
libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 
libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev 
libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 
libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev 
libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 
libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common 
imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev 
imagemagick
Architecture: source
Version: 8:6.9.9.34+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team 

Changed-By: Bastien Roucariès 
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6-common - image manipulation programs -- infrastructure
 imagemagick-6-doc - document files of ImageMagick
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
 imagemagick-common - image manipulation programs -- infrastructure dummy 
package
 imagemagick-doc - document files of ImageMagick -- dummy package
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines 
-- Q16 versio
 libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics 
routines -- Q16HDRI ve
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header 
files
 libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
 libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
 libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files 
(Q16HDRI)
 libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
 libmagickcore-6-arch-config - low-level image manipulation library - 

Bug#889995: marked as done (steam: Fails to install: depends on removed package libtxc-dxtn0:i386)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:06:26 +
with message-id 
and subject line Bug#889987: fixed in steam 1.0.0.54-4
has caused the Debian Bug report #889987,
regarding steam: Fails to install: depends on removed package libtxc-dxtn0:i386
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: steam
Version: 1.0.0.54-3
Severity: important

Dear Maintainer,

Steam fails to install, as follows:
The following packages have unmet dependencies:
 steam:i386 : Depends: libtxc-dxtn0:i386 but it is not installable
E: Unable to correct problems, you have held broken packages.

libtxc-dxtn0 appears to be obsolete (and is no longer in unstable), as 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888430


Thanks,
Joe



-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/12 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)

Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages steam depends on:
ii  debconf [debconf-2.0]1.5.65
ii  libc62.26-6
ii  libgl1-mesa-dri  17.3.3-1
ii  libgl1-mesa-glx  17.3.3-1
ii  libgpg-error01.27-6
ii  libstdc++6   8-20180207-2
ii  libtxc-dxtn-s2tc [libtxc-dxtn0]  1.0+git20151227-2
ii  libudev1 237-1
ii  libx11-6 2:1.6.4-3
ii  libxinerama1 2:1.1.3-1+b3
ii  xz-utils 5.2.2-1.3

Versions of packages steam recommends:
ii  fonts-liberation   1:1.07.4-5
ii  konsole [x-terminal-emulator]  4:17.08.3-1
ii  libxss11:1.2.2-1+b2
ii  xterm [x-terminal-emulator]331-1
ii  zenity 3.26.0-2

Versions of packages steam suggests:
pn  steam-devices  

-- debconf information excluded


signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: steam
Source-Version: 1.0.0.54-4

We believe that the bug you reported is fixed in the latest version of
steam, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 889...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Simon McVittie  (supplier of updated steam package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 09 Feb 2018 21:42:49 +
Source: steam
Binary: steam steam-devices
Architecture: source
Version: 1.0.0.54-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Games Team 
Changed-By: Simon McVittie 
Description:
 steam  - Valve's Steam digital software delivery system
 steam-devices - Device support for Steam-related hardware
Closes: 889987
Changes:
 steam (1.0.0.54-4) unstable; urgency=medium
 .
   * Team upload
   * Depend on libgl1-mesa-dri (>= 17.3) | libtxc-dxtn0 now that S3TC
 support is no longer patent-encumbered and has been enabled in Mesa
 (Closes: #889987)
 - The alternative dependency can be removed if backports to older
   suites are no longer interesting.
Checksums-Sha1:
 107d95816ab97d7996c3b7a630a76e2bf5742ab2 1888 steam_1.0.0.54-4.dsc
 d281d7c523d07a58906bace025c536911a3709c6 9972 steam_1.0.0.54-4.debian.tar.xz
 570b20a00175eb492c62703123172eb359bcaeef 5570 steam_1.0.0.54-4_source.buildinfo
Checksums-Sha256:
 328bed3b3acd89920aca26da212fbeb4c0be3a4341f6bd675fea56cfcaf8c129 1888 
steam_1.0.0.54-4.dsc
 cbe463ebb67e8ef4cc98bf3a41b7e3d012e7d461ed34eb517b044b7d1d5b7502 9972 
steam_1.0.0.54-4.debian.tar.xz
 dbbefb205c4cd24f33cc68cf9ea1477ea0700d51ca6d22a2dfff42533d2a7d19 5570 
steam_1.0.0.54-4_source.buildinfo
Files:
 510db40b1a16cb26e1f2e2b618033b98 1888 non-free/games optional 
steam_1.0.0.54-4.dsc
 

Bug#889987: marked as done (steam: depends on non-existent libtxc-dxtn0)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 22:06:26 +
with message-id 
and subject line Bug#889987: fixed in steam 1.0.0.54-4
has caused the Debian Bug report #889987,
regarding steam: depends on non-existent libtxc-dxtn0
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: steam
Version: 1.0.0.54-3
Severity: grave

Hi,

on a fresh buster, sid install I get on

$ sudo apt-get install steam
Paketlisten werden gelesen... Fertig
Abhängigkeitsbaum wird aufgebaut.
Statusinformationen werden eingelesen Fertig
Einige Pakete konnten nicht installiert werden. Das kann bedeuten, dass
Sie eine unmögliche Situation angefordert haben oder, wenn Sie die
Unstable-Distribution verwenden, dass einige erforderliche Pakete noch
nicht erstellt wurden oder Incoming noch nicht verlassen haben.
Die folgenden Informationen helfen Ihnen vielleicht, die Situation zu lösen:

Die folgenden Pakete haben unerfüllte Abhängigkeiten:
 steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert
werden
  Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht
installiert werden
  Hängt ab von: libx11-6:i386 soll aber nicht installiert werden
  Hängt ab von: libudev1:i386 soll aber nicht installiert werden
  Hängt ab von: libxinerama1:i386 soll aber nicht installiert
werden
  Hängt ab von: libtxc-dxtn0:i386
  Hängt ab von: libgl1-mesa-dri:i386 soll aber nicht installiert
werden
  Hängt ab von: libgl1-mesa-glx:i386 soll aber nicht installiert
werden
  Hängt ab von: libgpg-error0:i386 soll aber nicht installiert
werden
  Empfiehlt: libxss1:i386 soll aber nicht installiert werden
E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene defekte
Pakete.


Please ask me if you have a question.


CU
Jörg



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/6 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: steam
Source-Version: 1.0.0.54-4

We believe that the bug you reported is fixed in the latest version of
steam, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 889...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Simon McVittie  (supplier of updated steam package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 09 Feb 2018 21:42:49 +
Source: steam
Binary: steam steam-devices
Architecture: source
Version: 1.0.0.54-4
Distribution: unstable
Urgency: medium
Maintainer: Debian Games Team 
Changed-By: Simon McVittie 
Description:
 steam  - Valve's Steam digital software delivery system
 steam-devices - Device support for Steam-related hardware
Closes: 889987
Changes:
 steam (1.0.0.54-4) unstable; urgency=medium
 .
   * Team upload
   * Depend on libgl1-mesa-dri (>= 17.3) | libtxc-dxtn0 now that S3TC
 support is no longer patent-encumbered and has been enabled in Mesa
 (Closes: #889987)
 - The alternative dependency can be removed if backports to older
   suites are no longer interesting.
Checksums-Sha1:
 107d95816ab97d7996c3b7a630a76e2bf5742ab2 1888 steam_1.0.0.54-4.dsc
 d281d7c523d07a58906bace025c536911a3709c6 9972 steam_1.0.0.54-4.debian.tar.xz
 570b20a00175eb492c62703123172eb359bcaeef 5570 steam_1.0.0.54-4_source.buildinfo
Checksums-Sha256:
 328bed3b3acd89920aca26da212fbeb4c0be3a4341f6bd675fea56cfcaf8c129 1888 
steam_1.0.0.54-4.dsc
 cbe463ebb67e8ef4cc98bf3a41b7e3d012e7d461ed34eb517b044b7d1d5b7502 9972 
steam_1.0.0.54-4.debian.tar.xz
 

Processed: Re: Please drop Build-Depends on deprecated libck-connector-dev

[Debian Bug Tracking System]

Processing control commands:

> severity -1 serious
Bug #865043 [src:lxdm] Please drop Build-Depends on deprecated 
libck-connector-dev
Severity set to 'serious' from 'normal'

-- 
865043: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865043
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#889987: steam: depends on non-existent libtxc-dxtn0

[Alexandre Detiste]

Hi,

This package was a workaround againt S3TC pattent.

This pattent has now expired and functionality has been merged into Mesa.

Greetings,

https://www.phoronix.com/scan.php?page=news_item=S3TC-Lands-In-Mesa


2018-02-09 20:59 GMT+01:00 James Cowgill :
>
> Control: retitle -1 steam: depends on non-existent libtxc-dxtn0
>
> Hi,
>
> On 09/02/18 19:44, Stephen Kitt wrote:
> > Hi Jörg,
> >
> > On Fri, 09 Feb 2018 19:39:39 +0100, Jörg Frings-Fürst 
> > wrote:
> >> on a fresh buster, sid install I get on
> >>
> >> $ sudo apt-get install steam
> > [...]
> >> Die folgenden Pakete haben unerfüllte Abhängigkeiten:
> >>  steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht 
> >> installiert
> >> werden
> >>   Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht
> >> installiert werden
> >>   Hängt ab von: libx11-6:i386 soll aber nicht installiert 
> >> werden
> >>   Hängt ab von: libudev1:i386 soll aber nicht installiert 
> >> werden
> >>   Hängt ab von: libxinerama1:i386 soll aber nicht installiert
> >> werden
> >>   Hängt ab von: libtxc-dxtn0:i386
>
> The only package which provided this library was removed at the end of
> January:
> https://tracker.debian.org/pkg/s2tc
> https://tracker.debian.org/news/928386
>
> I guess only main was checked so noone realized steam (in non-free)
> still depended on it :/
>
> Thanks,
> James
>

Processed: found 890001 in 4.3.13-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 890001 4.3.13-1
Bug #890001 [libspring-java] libspring-java: CVE-2018-1199 Security bypass with 
static resources
There is no source info for the package 'libspring-java' at version '4.3.13-1' 
with architecture ''
Unable to make a source version for version '4.3.13-1'
Marked as found in versions 4.3.13-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
890001: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890001
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: retitle 890000 to exim4: CVE-2018-6789: Buffer overflow in an utility function

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> retitle 89 exim4: CVE-2018-6789: Buffer overflow in an utility function
Bug #89 [src:exim4] exim4: CVE-2018-6789
Changed Bug title to 'exim4: CVE-2018-6789: Buffer overflow in an utility 
function' from 'exim4: CVE-2018-6789'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
89: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=89
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#890001: libspring-java: CVE-2018-1199 Security bypass with static resources

[Markus Koschany]

Package: libspring-java
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security

Hi,

the following vulnerability was published for libspring-java.

I intend to fix this in sid/buster by uploading 4.3.14.

CVE-2018-1199[0]:
Security bypass with static resources

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-1199
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1199

Please adjust the affected versions in the BTS as needed.



signature.asc
Description: OpenPGP digital signature

Bug#890000: exim4: CVE-2018-6789

[Salvatore Bonaccorso]

Source: exim4
Version: 4.90-1
Severity: grave
Tags: security upstream

Hi,

the following vulnerability was published for exim4 (actually not
really the details, filling the bug for having a tracking bug in the
BTS).

CVE-2018-6789[0]:
| An issue was discovered in the SMTP listener in Exim 4.90 and earlier.
| By sending a handcrafted message, a buffer overflow may happen in a
| specific function. This can be used to execute code remotely.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-6789
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789
[1] https://exim.org/static/doc/security/CVE-2018-6789.txt

Please adjust the affected versions in the BTS as needed, when issue
goes public with details and possibly adjust severity.

Regards,
Salvatore

Processed: reopen 889987

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reopen 889987
Bug #889987 {Done: Joe Dight } [steam] steam: depends on 
non-existent libtxc-dxtn0
Bug #889995 {Done: Joe Dight } [steam] steam: Fails to 
install: depends on removed package libtxc-dxtn0:i386
Bug reopened
Ignoring request to alter fixed versions of bug #889987 to the same values 
previously set
Ignoring request to alter fixed versions of bug #889995 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987
889995: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889995
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#889996: resiprocate-turn-server: broken init script stop action

[Julien Cristau]

Package: resiprocate-turn-server
Version: 1:1.11.0~beta1-3
Severity: serious
User: debian-ad...@lists.debian.org
Usertags: needed-by-DSA-Team
X-Debbugs-Cc: debian-ad...@lists.debian.org

Hi,

your init script "stop" action is broken.

  stop)
log_daemon_msg "Stopping $DESC ($NAME)" $BIN
if start-stop-daemon --stop --quiet --oknodo --user $USER --pidfile 
$PIDFILE --exec $DAEMON ;
then
log_end_msg 0
else
log_end_msg 1
fi
;;

It is missing the --retry option which means it doesn't wait until the
process is actually dead before exiting.  This shows up in the "restart"
action with:

  restart)
$0 stop && sleep 2 && $0 start
;;

That "sleep" is evidence that "stop" is broken.

And because systemd never calls the init script with "restart" but uses
"stop" followed by "start" (which is supposed to be the same thing), the
old "sleep" workaround for broken "stop" no longer works.  Please add
the appropriate "--retry" option to "stop" and remove that "sleep".

Cheers,
Julien

Bug#889987: marked as done (steam: depends on non-existent libtxc-dxtn0)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 20:31:49 +
with message-id <6752f660bd27098562f264af30836...@joedight.net>
and subject line realized bug is a duplicate
has caused the Debian Bug report #889995,
regarding steam: depends on non-existent libtxc-dxtn0
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889995: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889995
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: steam
Version: 1.0.0.54-3
Severity: grave

Hi,

on a fresh buster, sid install I get on

$ sudo apt-get install steam
Paketlisten werden gelesen... Fertig
Abhängigkeitsbaum wird aufgebaut.
Statusinformationen werden eingelesen Fertig
Einige Pakete konnten nicht installiert werden. Das kann bedeuten, dass
Sie eine unmögliche Situation angefordert haben oder, wenn Sie die
Unstable-Distribution verwenden, dass einige erforderliche Pakete noch
nicht erstellt wurden oder Incoming noch nicht verlassen haben.
Die folgenden Informationen helfen Ihnen vielleicht, die Situation zu lösen:

Die folgenden Pakete haben unerfüllte Abhängigkeiten:
 steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert
werden
  Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht
installiert werden
  Hängt ab von: libx11-6:i386 soll aber nicht installiert werden
  Hängt ab von: libudev1:i386 soll aber nicht installiert werden
  Hängt ab von: libxinerama1:i386 soll aber nicht installiert
werden
  Hängt ab von: libtxc-dxtn0:i386
  Hängt ab von: libgl1-mesa-dri:i386 soll aber nicht installiert
werden
  Hängt ab von: libgl1-mesa-glx:i386 soll aber nicht installiert
werden
  Hängt ab von: libgpg-error0:i386 soll aber nicht installiert
werden
  Empfiehlt: libxss1:i386 soll aber nicht installiert werden
E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene defekte
Pakete.


Please ask me if you have a question.


CU
Jörg



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/6 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Just realized that this is a duplicate of #889987, I didn't check for 
bugs on the src package. Sorry.


signature.asc
Description: OpenPGP digital signature
--- End Message ---

Bug#889995: marked as done (steam: Fails to install: depends on removed package libtxc-dxtn0:i386)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 20:31:49 +
with message-id <6752f660bd27098562f264af30836...@joedight.net>
and subject line realized bug is a duplicate
has caused the Debian Bug report #889995,
regarding steam: Fails to install: depends on removed package libtxc-dxtn0:i386
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889995: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889995
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: steam
Version: 1.0.0.54-3
Severity: important

Dear Maintainer,

Steam fails to install, as follows:
The following packages have unmet dependencies:
 steam:i386 : Depends: libtxc-dxtn0:i386 but it is not installable
E: Unable to correct problems, you have held broken packages.

libtxc-dxtn0 appears to be obsolete (and is no longer in unstable), as 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888430


Thanks,
Joe



-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/12 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)

Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages steam depends on:
ii  debconf [debconf-2.0]1.5.65
ii  libc62.26-6
ii  libgl1-mesa-dri  17.3.3-1
ii  libgl1-mesa-glx  17.3.3-1
ii  libgpg-error01.27-6
ii  libstdc++6   8-20180207-2
ii  libtxc-dxtn-s2tc [libtxc-dxtn0]  1.0+git20151227-2
ii  libudev1 237-1
ii  libx11-6 2:1.6.4-3
ii  libxinerama1 2:1.1.3-1+b3
ii  xz-utils 5.2.2-1.3

Versions of packages steam recommends:
ii  fonts-liberation   1:1.07.4-5
ii  konsole [x-terminal-emulator]  4:17.08.3-1
ii  libxss11:1.2.2-1+b2
ii  xterm [x-terminal-emulator]331-1
ii  zenity 3.26.0-2

Versions of packages steam suggests:
pn  steam-devices  

-- debconf information excluded


signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Just realized that this is a duplicate of #889987, I didn't check for 
bugs on the src package. Sorry.


signature.asc
Description: OpenPGP digital signature
--- End Message ---

Processed: merge 889987 and 889995 attempt 2

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 889987 steam 1.0.0.54-3
Bug #889987 [src:steam] steam: depends on non-existent libtxc-dxtn0
Bug reassigned from package 'src:steam' to 'steam'.
No longer marked as found in versions steam/1.0.0.54-3.
Ignoring request to alter fixed versions of bug #889987 to the same values 
previously set
Bug #889987 [steam] steam: depends on non-existent libtxc-dxtn0
Marked as found in versions steam/1.0.0.54-3.
> forcemerge 889987 889995
Bug #889987 [steam] steam: depends on non-existent libtxc-dxtn0
Bug #889995 [steam] steam: Fails to install: depends on removed package 
libtxc-dxtn0:i386
Severity set to 'grave' from 'important'
Merged 889987 889995
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987
889995: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889995
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed (with 1 error): merge 889987 and 889995

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forcemerge 889987 889995
Bug #889987 [src:steam] steam: depends on non-existent libtxc-dxtn0
Unable to merge bugs because:
package of #889995 is 'steam' not 'src:steam'
Failed to forcibly merge 889987: Did not alter merged bugs.

> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987
889995: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889995
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#886944: python3-regex: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

[Nicholas D Steeves]

Hi Sandro,

On Thu, Feb 08, 2018 at 10:47:08PM -0500, Sandro Tosi wrote:
> Hello Nicholas,
> 
> On Tue, Feb 6, 2018 at 10:15 PM, Nicholas D Steeves  
> wrote:
> >
> > Hi Sandro,
> >
> > Would you like a patch for current_version-new_revision or for
> > new_upstream_version-1?  I assumed the latter, and send two patches
> > also assuming that you'd squash them.  Of course I'd be happy to
> > squash them myself and rewrite the messages.  Whatever you prefer :-)
> 
> i would prefer a single patch for current_version-new_revision (small
> upload to fix the issue) - i'll then prepare a new upstream release
> soon after.
> 
> Thanks,
> -- 
> Sandro "morph" Tosi
> My website: http://sandrotosi.me/
> Me at Debian: http://wiki.debian.org/SandroTosi
> G+: https://plus.google.com/u/0/+SandroTosi

Patch is attached.  It would be nice for the -dbg packages to be
symlinks to their respective packages, which would be safe because the
-dbg packages depend on the non-dbg ones...but I couldn't figure out
an easy way to handle both stretch2buster and
buster_intermediary_version2buster_release, other than switching to
dbgsym.

Cheers,
Nicholas
From 50b123c8912bb10d3f5906676d9951a7db36e5c4 Mon Sep 17 00:00:00 2001
From: Nicholas D Steeves 
Date: Tue, 6 Feb 2018 15:43:34 -0500
Subject: [PATCH] Correct errors in maintscripts. (Closes: #886944)

---
 debian/python-regex-dbg.maintscript  | 2 +-
 debian/python3-regex-dbg.maintscript | 2 +-
 debian/python3-regex.maintscript | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/debian/python-regex-dbg.maintscript b/debian/python-regex-dbg.maintscript
index 06d5276..98054e4 100644
--- a/debian/python-regex-dbg.maintscript
+++ b/debian/python-regex-dbg.maintscript
@@ -1 +1 @@
-symlink_to_dir /usr/share/doc/python-regex-dbg python-regex-dbg 0.1.20171212-1
+symlink_to_dir /usr/share/doc/python-regex-dbg python-regex 0.1.20171212-2~
diff --git a/debian/python3-regex-dbg.maintscript b/debian/python3-regex-dbg.maintscript
index cb7b44f..3316dc3 100644
--- a/debian/python3-regex-dbg.maintscript
+++ b/debian/python3-regex-dbg.maintscript
@@ -1 +1 @@
-symlink_to_dir /usr/share/doc/python3-regex-dbg python3-regex-dbg 0.1.20171212-1
+symlink_to_dir /usr/share/doc/python3-regex-dbg python-regex 0.1.20171212-2~
diff --git a/debian/python3-regex.maintscript b/debian/python3-regex.maintscript
index 899180d..e99ccd2 100644
--- a/debian/python3-regex.maintscript
+++ b/debian/python3-regex.maintscript
@@ -1 +1 @@
-symlink_to_dir /usr/share/doc/python3-regex python3-regex 0.1.20171212-1
+symlink_to_dir /usr/share/doc/python3-regex python-regex 0.1.20171212-2~
-- 
2.11.0



signature.asc
Description: PGP signature

Processed: Re: Bug#889987: steam: depends on non-existent libtxc-dxtn0

[Debian Bug Tracking System]

Processing control commands:

> retitle -1 steam: depends on non-existent libtxc-dxtn0
Bug #889987 [src:steam] Steam can't install. Depends on libc6:i386, 
libstdc++6:i386, and more
Changed Bug title to 'steam: depends on non-existent libtxc-dxtn0' from 'Steam 
can't install. Depends on libc6:i386, libstdc++6:i386, and more'.

-- 
889987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889987
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#889987: Steam can't install. Depends on libc6:i386, libstdc++6:i386, and more

[Adrian Bunk]

On Fri, Feb 09, 2018 at 07:39:39PM +0100, Jörg Frings-Fürst wrote:
> Source: steam
> Version: 1.0.0.54-3
> Severity: grave
> 
> Hi,
> 
> on a fresh buster, sid install I get on
> 
> $ sudo apt-get install steam
>...
> Die folgenden Pakete haben unerfüllte Abhängigkeiten:
>  steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert
> werden
>   Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht
> installiert werden
>   Hängt ab von: libx11-6:i386 soll aber nicht installiert werden
>   Hängt ab von: libudev1:i386 soll aber nicht installiert werden
>   Hängt ab von: libxinerama1:i386 soll aber nicht installiert
> werden
>   Hängt ab von: libtxc-dxtn0:i386
>   Hängt ab von: libgl1-mesa-dri:i386 soll aber nicht installiert
> werden
>   Hängt ab von: libgl1-mesa-glx:i386 soll aber nicht installiert
> werden
>   Hängt ab von: libgpg-error0:i386 soll aber nicht installiert
> werden
>   Empfiehlt: libxss1:i386 soll aber nicht installiert werden
> E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene defekte
> Pakete.
> 
> 
> Please ask me if you have a question.

apt is not really good at reporting the actual root cause,
please add the packages it cannot install until either
installation succeeds or the real error is found.

>...
> -- System Information:
> Debian Release: buster/sid
>   APT prefers testing
>   APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental')
>...

Do you have any packages from sid installed?

If yes, does
  sudo apt-get -t unstable install steam
work?

> CU
> Jörg

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#889987: steam: depends on non-existent libtxc-dxtn0

[James Cowgill]

Control: retitle -1 steam: depends on non-existent libtxc-dxtn0

Hi,

On 09/02/18 19:44, Stephen Kitt wrote:
> Hi Jörg,
> 
> On Fri, 09 Feb 2018 19:39:39 +0100, Jörg Frings-Fürst 
> wrote:
>> on a fresh buster, sid install I get on
>>
>> $ sudo apt-get install steam
> [...]
>> Die folgenden Pakete haben unerfüllte Abhängigkeiten:
>>  steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert
>> werden
>>   Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht
>> installiert werden
>>   Hängt ab von: libx11-6:i386 soll aber nicht installiert werden
>>   Hängt ab von: libudev1:i386 soll aber nicht installiert werden
>>   Hängt ab von: libxinerama1:i386 soll aber nicht installiert
>> werden
>>   Hängt ab von: libtxc-dxtn0:i386

The only package which provided this library was removed at the end of
January:
https://tracker.debian.org/pkg/s2tc
https://tracker.debian.org/news/928386

I guess only main was checked so noone realized steam (in non-free)
still depended on it :/

Thanks,
James



signature.asc
Description: OpenPGP digital signature

Bug#889987: Steam can't install. Depends on libc6:i386, libstdc++6:i386, and more

[Stephen Kitt]

Hi Jörg,

On Fri, 09 Feb 2018 19:39:39 +0100, Jörg Frings-Fürst 
wrote:
> on a fresh buster, sid install I get on
> 
> $ sudo apt-get install steam
[...]
> Die folgenden Pakete haben unerfüllte Abhängigkeiten:
>  steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert
> werden
>   Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht
> installiert werden
>   Hängt ab von: libx11-6:i386 soll aber nicht installiert werden
>   Hängt ab von: libudev1:i386 soll aber nicht installiert werden
>   Hängt ab von: libxinerama1:i386 soll aber nicht installiert
> werden
>   Hängt ab von: libtxc-dxtn0:i386
>   Hängt ab von: libgl1-mesa-dri:i386 soll aber nicht installiert
> werden
>   Hängt ab von: libgl1-mesa-glx:i386 soll aber nicht installiert
> werden
>   Hängt ab von: libgpg-error0:i386 soll aber nicht installiert
> werden
>   Empfiehlt: libxss1:i386 soll aber nicht installiert werden
> E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene
> defekte Pakete.
> 
> 
> Please ask me if you have a question.

Silly question perhaps, but have you added the i386 architecture?

Also, for future bug reports, please run apt with LANG=C...

Regards,

Stephen


pgpXPUjuSOuJr.pgp
Description: OpenPGP digital signature

Bug#889751: marked as done (scdaemon: BAD PIN since 2.2.4-2 upgrade)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 19:20:13 +
with message-id 
and subject line Bug#889751: fixed in gnupg2 2.2.4-3
has caused the Debian Bug report #889751,
regarding scdaemon: BAD PIN since 2.2.4-2 upgrade
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889751: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889751
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: scdaemon
Version: 2.2.4-2
Severity: normal

Hi,

since the recent 2.2.4-2 upgrade, when trying to use my smartcard (auth
key for SSH for example), I get:

févr. 06 20:37:35 scapa gpg-agent[1793]: scdaemon[26257]: verify CHV2 failed: 
Bad PIN
févr. 06 20:37:35 scapa gpg-agent[1793]: scdaemon[26257]: app_auth failed: Bad 
PIN
févr. 06 20:37:35 scapa gpg-agent[1793]: smartcard signing failed: Bad PIN

even though I'm sure it's the right PIN.

At that point I'm a little reluctant in doing another try because it's
the last one before I need to get my admin PIN.

Regards,

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (450, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), 
LANGUAGE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages scdaemon depends on:
ii  gpg-agent  2.2.4-2
ii  libassuan0 2.5.1-2
ii  libc6  2.26-6
ii  libgcrypt201.8.1-4
ii  libgpg-error0  1.27-6
ii  libksba8   1.3.5-2
ii  libnpth0   1.5-3
ii  libusb-1.0-0   2:1.0.21-2

scdaemon recommends no packages.

scdaemon suggests no packages.

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: gnupg2
Source-Version: 2.2.4-3

We believe that the bug you reported is fixed in the latest version of
gnupg2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 889...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daniel Kahn Gillmor  (supplier of updated gnupg2 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 09 Feb 2018 13:51:35 -0500
Source: gnupg2
Binary: gpgconf gnupg-agent gpg-agent gpg-wks-server gpg-wks-client scdaemon 
gpgsm gpg gnupg gnupg2 gpgv gpgv2 dirmngr gpgv-udeb gpgv-static gpgv-win32 
gnupg-l10n gnupg-utils
Architecture: source
Version: 2.2.4-3
Distribution: unstable
Urgency: medium
Maintainer: Debian GnuPG Maintainers 
Changed-By: Daniel Kahn Gillmor 
Description:
 dirmngr- GNU privacy guard - network certificate management service
 gnupg  - GNU privacy guard - a free PGP replacement
 gnupg-agent - GNU privacy guard - cryptographic agent (dummy transitional packa
 gnupg-l10n - GNU privacy guard - localization files
 gnupg-utils - GNU privacy guard - utility programs
 gnupg2 - GNU privacy guard - a free PGP replacement (dummy transitional pa
 gpg- GNU Privacy Guard -- minimalist public key operations
 gpg-agent  - GNU privacy guard - cryptographic agent
 gpg-wks-client - GNU privacy guard - Web Key Service client
 gpg-wks-server - GNU privacy guard - Web Key Service server
 gpgconf- GNU privacy guard - core configuration utilities
 gpgsm  - GNU privacy guard - S/MIME version
 gpgv   - GNU privacy guard - signature verification tool
 gpgv-static - minimal signature verification tool (static build)
 gpgv-udeb  - minimal signature verification tool (udeb)
 gpgv-win32 - GNU privacy guard - signature verification tool (win32 build)
 gpgv2  - GNU privacy guard - signature verification tool (dummy transition
 scdaemon   - GNU privacy guard - smart card support
Closes: 889751 889921
Changes:
 gnupg2 (2.2.4-3) unstable; urgency=medium
 .
   * version build-deps on mingw library toolchain  (Closes: #889921)
   * drop misbehaving upstream scd patch (Closes: #889751)
Checksums-Sha1:
 6235c7636ff8e6c5244b1726a640871e2bde199d 2885 gnupg2_2.2.4-3.dsc
 

Bug#889987: Steam can't install. Depends on libc6:i386, libstdc++6:i386, and more

[Jörg Frings-Fürst]

Source: steam
Version: 1.0.0.54-3
Severity: grave

Hi,

on a fresh buster, sid install I get on

$ sudo apt-get install steam
Paketlisten werden gelesen... Fertig
Abhängigkeitsbaum wird aufgebaut.
Statusinformationen werden eingelesen Fertig
Einige Pakete konnten nicht installiert werden. Das kann bedeuten, dass
Sie eine unmögliche Situation angefordert haben oder, wenn Sie die
Unstable-Distribution verwenden, dass einige erforderliche Pakete noch
nicht erstellt wurden oder Incoming noch nicht verlassen haben.
Die folgenden Informationen helfen Ihnen vielleicht, die Situation zu lösen:

Die folgenden Pakete haben unerfüllte Abhängigkeiten:
 steam:i386 : Hängt ab von: libc6:i386 (>= 2.15) soll aber nicht installiert
werden
  Hängt ab von: libstdc++6:i386 (>= 4.3) soll aber nicht
installiert werden
  Hängt ab von: libx11-6:i386 soll aber nicht installiert werden
  Hängt ab von: libudev1:i386 soll aber nicht installiert werden
  Hängt ab von: libxinerama1:i386 soll aber nicht installiert
werden
  Hängt ab von: libtxc-dxtn0:i386
  Hängt ab von: libgl1-mesa-dri:i386 soll aber nicht installiert
werden
  Hängt ab von: libgl1-mesa-glx:i386 soll aber nicht installiert
werden
  Hängt ab von: libgpg-error0:i386 soll aber nicht installiert
werden
  Empfiehlt: libxss1:i386 soll aber nicht installiert werden
E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene defekte
Pakete.


Please ask me if you have a question.


CU
Jörg



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing'), (300, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/6 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#889829: ghc: error while loading shared libraries: libHShaskeline-0.7.3.0-ghc8.0.2.so

[Holger Levsen]

On Fri, Feb 09, 2018 at 11:43:56AM +, James Clarke wrote:
> What version of glibc do you have? Have you got any interesting (to ld.so)
> environment variables exported or configuration files changed?

root@appvm:/home/user# ghc
/usr/lib/ghc/bin/ghc: error while loading shared libraries: 
libHShaskeline-0.7.3.0-ghc8.0.2.so: cannot open shared object file: No such 
file or directory
root@appvm:/home/user# export
declare -x HOME="/root"
declare -x LOGNAME="root"
declare -x OLDPWD
declare -x PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
declare -x PWD="/home/user"
declare -x SCHROOT_ALIAS_NAME="sid"
declare -x SCHROOT_CHROOT_NAME="sid"
declare -x SCHROOT_COMMAND="-bash"
declare -x SCHROOT_GID="0"
declare -x SCHROOT_GROUP="root"
declare -x SCHROOT_SESSION_ID="sid"
declare -x SCHROOT_UID="0"
declare -x SCHROOT_USER="root"
declare -x SHELL="/bin/bash"
declare -x SHLVL="1"
declare -x TERM="xterm-256color"
declare -x USER="root"
root@appvm:/home/user# dpkg -l |grep libc-
ii  klibc-utils2.0.4-11  
amd64small utilities built with klibc for early boot
ii  libc-bin   2.26-6
amd64GNU C Library: Binaries
ii  libc-dev-bin   2.26-6
amd64GNU C Library: Development binaries
ii  libc-l10n  2.26-6
all  GNU C Library: localization files
ii  linux-libc-dev:amd64   4.14.13-1 
amd64Linux support headers for userspace development

all packages are updated to latest in sid for amd64 (and the fact that I see
this in Qubes seems to be irrelevant as Petter saw this on a plain Debian system
as well).


-- 
cheers,
Holger


signature.asc
Description: PGP signature

Bug#882328: [Pkg-gauche-devel] Bug#882328: gauche-c-wrapper FTBFS with glibc 2.25

[Jens Thiele]

another idea would be to allow to skip macros via some keyword :skip-macro
example patch:

--- gauche-c-wrapper-0.6.1/lib/c-wrapper/c-parser.scm   2009-08-08 
16:44:52.0 +0200
+++ gauche-c-wrapper-0.6.1.new/lib/c-wrapper/c-parser.scm   2018-02-09 
16:56:03.390344967 +0100
@@ -1099,7 +1099,7 @@
 ;;:show-define? #f))
 ;;(start-macro-reset!)))
 
-(define (parse-macro include-dirs headers options)
+(define (parse-macro include-dirs headers options skip-macro)
   (unwind-protect
(guard (e (( e)
   (let ((errmsg (make-error-message (condition-ref e 'message
@@ -1115,7 +1115,10 @@
 (raise e
  (call-with-gcc-io include-dirs headers options
(lambda (in out)
- (let ((macro-list (queue->list (macro-queue
+ (let ((macro-list (filter
+   (lambda(m)
+ (not (skip-macro (car m
+   (queue->list (macro-queue)
(for-each (lambda (macro-def)
(display (car macro-def) out)
(newline out))
@@ -1152,11 +1155,11 @@
  (else
   (errorf "~s can't be used for :import argument." import-cond)
 
-(define (c-parse include-dirs headers options import-arg export? sandbox hides)
+(define (c-parse include-dirs headers options import-arg export? sandbox hides 
skip-macro)
   (with-parse-context
(lambda ()
  (parse-source include-dirs headers options)
- (parse-macro include-dirs headers options)
+ (parse-macro include-dirs headers options skip-macro)
 
  (let ((export-syms
 (if import-arg
--- gauche-c-wrapper-0.6.1/lib/c-wrapper.scm2009-08-08 16:44:52.0 
+0200
+++ gauche-c-wrapper-0.6.1.new/lib/c-wrapper.scm2018-02-09 
16:45:26.045654080 +0100
@@ -91,7 +91,8 @@
(module #t)
(export? #f)
(output #f)
-   (hide-symbols '()))
+   (hide-symbols '())
+  (skip-macro (lambda(m) #f)))
 (when (eq? module #t)
   (set! export? #t))
 (parameterize ((sandbox-module (make-sandbox curmod module)))
@@ -117,7 +118,8 @@
(lambda (expr)
  (push! output-list expr))
(sandbox-module))
-   hide-symbols)
+   hide-symbols
+  skip-macro)
   (if output
   (call-with-output-file output
 (lambda (out)
@@ -154,7 +156,8 @@
(module #t)
(export? #f)
(output #f)
-   (hide-symbols '()))
+   (hide-symbols '())
+  (skip-macro (lambda(m) #f)))
 (cond
  ((compiled-lib-exist? compiled-lib)
   `(begin
@@ -171,7 +174,7 @@
  " ")))
 `(begin
(c-ld ,ld-option)
-   (c-include ,headers :option ,cpp-option :import ,import-arg :output 
,output :module ,module :export? ,export? :hide-symbols ,hide-symbols)))
+   (c-include ,headers :option ,cpp-option :import ,import-arg :output 
,output :module ,module :export? ,export? :hide-symbols ,hide-symbols 
:skip-macro ,skip-macro)))
 
 (define-syntax define-enum
   (syntax-rules ()
--- gauche-c-wrapper-0.6.1/testsuite/cwrappertest.scm   2009-08-08 
16:44:51.0 +0200
+++ gauche-c-wrapper-0.6.1.new/testsuite/cwrappertest.scm   2018-02-09 
16:49:49.349893969 +0100
@@ -10,7 +10,7 @@
 (test-module 'c-wrapper)
 
 (c-load-library "./ffitest")
-(c-include "./ffitest.h")
+(c-include "./ffitest.h" :skip-macro (lambda(m) (#/^__glibc_macro_warning/ m)))
 
 (define-syntax test-cfunc
   (syntax-rules ()

Bug#888880: Hyvää päivää,

[Corporate Lenders]

Hyvää päivää,

     Olen Thomas Walter, joka on rahoitusalan edustaja tunnetusta
lainanantajasta, joka tunnetaan nimellä Corporate Lenders. Onko sinulla
huono luotto tai tarvitset rahaa maksamaan laskuja? korko on 3%.

  Täytä alla oleva lomake, jos olet kiinnostunut lainasta.

  Koko nimi:
  sukupuoli:
  Tarvittava summa:
  Kesto:

  Voit ottaa meihin yhteyttä sähköpostitse: i...@corporatelendersonline.com

  Terveiset,
  Herra Thomas Walter

--
Esta mensagem foi verificada pelo sistema de antivírus e
acredita-se estar livre de perigo.

Bug#889934: Bug #889934 in salt marked as pending

[onovy]

Control: tag -1 pending

Hello,

Bug #889934 in salt reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below, and you can check the diff of the fix at:

https://salsa.debian.org/salt-team/salt/commit/ce54ee3739fd52f2240783d6122c5317dc2771a4


Breaks Python 3 not compatible salt-formulas (Closes: #889934)



(this message was generated automatically)
-- 
Greetings

Processed: Bug #889934 in salt marked as pending

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #889934 [salt-common] salt-common needs Breaks on package versions without 
Python 3 support
Added tag(s) pending.

-- 
889934: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889934
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#889805: marked as done (manpages-tr and man-db: error when trying to install together)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 15:11:46 +
with message-id 
and subject line Bug#889805: fixed in man-db 2.8.1-1
has caused the Debian Bug report #889805,
regarding manpages-tr and man-db: error when trying to install together
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889805: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889805
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: man-db,manpages-tr
Version: man-db/2.8.0-2
Version: manpages-tr/1.0.5.1-2
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite

Date: 2018-02-07
Architecture: amd64
Distribution: sid

Hi,

automatic installation tests of packages that share a file and at the
same time do not conflict by their package dependency relationships has
detected the following problem:


E: Sub-process false returned an error code (1)
E: Prior errors apply to /var/cache/apt/archives/libgdbm5_1.14.1-2_amd64.deb
E: Prior errors apply to /var/cache/apt/archives/man-db_2.8.0-2_amd64.deb
E: Prior errors apply to /var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb
debconf: apt-extracttemplates failed: No such file or directory
Selecting previously unselected package libgdbm5:amd64.
(Reading database ... 10980 files and directories currently installed.)
Preparing to unpack .../libgdbm5_1.14.1-2_amd64.deb ...
Unpacking libgdbm5:amd64 (1.14.1-2) ...
Preparing to unpack .../man-db_2.8.0-2_amd64.deb ...
Unpacking man-db (2.8.0-2) over (2.7.6.1-4) ...
Selecting previously unselected package manpages-tr.
Preparing to unpack .../manpages-tr_1.0.5.1-2_all.deb ...
Unpacking manpages-tr (1.0.5.1-2) ...
dpkg: error processing archive 
/var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb (--unpack):
 trying to overwrite '/usr/share/man/tr/man1/apropos.1.gz', which is also in 
package man-db 2.8.0-2
dpkg-deb: error: paste subprocess was killed by signal (Broken pipe)
Processing triggers for libc-bin (2.26-6) ...
Errors were encountered while processing:
 /var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)


This is a serious bug as it makes installation fail, and violates
sections 7.6.1 and 10.1 of the policy. An optimal solution would
consist in only one of the packages installing that file, and renaming
or removing the file in the other package. Depending on the
circumstances you might also consider Replace relations or file
diversions. If the conflicting situation cannot be resolved then, as a
last resort, the two packages have to declare a mutual
Conflict. Please take into account that Replaces, Conflicts and
diversions should only be used when packages provide different
implementations for the same functionality.

Here is a list of files that are known to be shared by both packages
(according to the Contents file for sid/amd64, which may be
slightly out of sync):

  /usr/share/man/tr/man1/apropos.1.gz
  /usr/share/man/tr/man1/man.1.gz
  /usr/share/man/tr/man1/manpath.1.gz

This bug has been filed against both packages. If you, the maintainers of
the two packages in question, have agreed on which of the packages will
resolve the problem please reassign the bug to that package. You may then
also register in the BTS that the other package is affected by the bug.

-Ralf.

PS: for more information about the detection of file overwrite errors
of this kind see http://qa.debian.org/dose/file-overwrites.html.
--- End Message ---
--- Begin Message ---
Source: man-db
Source-Version: 2.8.1-1

We believe that the bug you reported is fixed in the latest version of
man-db, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 889...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson  (supplier of updated man-db package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 09 Feb 2018 13:32:41 +
Source: man-db
Binary: man-db
Architecture: source
Version: 2.8.1-1
Distribution: unstable
Urgency: medium
Maintainer: Colin Watson 
Changed-By: Colin Watson 
Description:
 man-db   

Bug#853527: lmms: ftbfs with GCC-7

[Javier Serrano Polo]

El dv 09 de 02 de 2018 a les 17:22 +0300, Dmitry Eremin-Solenikov va
escriure:
> Any progress on uploading
> 1.1.3-8 or packaging 1.1.90?

Pending upload.


smime.p7s
Description: S/MIME cryptographic signature

Bug#888912: sagemath test failures with mpfr 4.0.0 and several architectures

[Peter Green]

Not a surprise as long as some dependencies are built against libmpfr4.

It looks like all dependencies are now rebuilt against libmpfr6 but sagemath is 
still failing.

https://buildd.debian.org/status/fetch.php?pkg=sagemath=amd64=8.1-2%2Bb2=1517950645=0

Bug#853527: lmms: ftbfs with GCC-7

[Dmitry Eremin-Solenikov]

Package: src:lmms
Followup-For: Bug #853527

LMMS is out of testing for quite a long time. Any progress on uploading
1.1.3-8 or packaging 1.1.90?

-- 
With best wishes
Dmitry

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Bug#889961: courier-authdaemon: Upgrade failures in 0.68.0-4 package

[J Mo]

I was working on this yesterday. First noticed it about a week ago. Here 
are the upstream bugs:


https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889144

https://github.com/systemd/systemd/issues/8085



And the money quotes:

"looking at the bigger picture here: This change in systemd, while with 
security in mind, changes the way PIDfiles have been handled for the 
last ... forever."


"and who will be blamed (again)? systemd of course, "breaking all the 
things again".


And rightfully so. This is systemd breaking shit again for fun.



On 02/09/2018 02:33 AM, Amos Jeffries wrote:

It seems that the systemd/systemctl is removing the
/run/courier/authdaemon/pid file underneath courier.

Removing the line "PIDFile=/run/courier/authdaemon/pid" from the
installed .service file resolves this problem and upgrade works fine.

Amos

Bug#889805: marked as done (manpages-tr and man-db: error when trying to install together)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 13:35:24 +
with message-id 
and subject line Bug#889805: fixed in manpages-tr 1.0.5.1-3
has caused the Debian Bug report #889805,
regarding manpages-tr and man-db: error when trying to install together
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889805: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889805
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: man-db,manpages-tr
Version: man-db/2.8.0-2
Version: manpages-tr/1.0.5.1-2
Severity: serious
User: trei...@debian.org
Usertags: edos-file-overwrite

Date: 2018-02-07
Architecture: amd64
Distribution: sid

Hi,

automatic installation tests of packages that share a file and at the
same time do not conflict by their package dependency relationships has
detected the following problem:


E: Sub-process false returned an error code (1)
E: Prior errors apply to /var/cache/apt/archives/libgdbm5_1.14.1-2_amd64.deb
E: Prior errors apply to /var/cache/apt/archives/man-db_2.8.0-2_amd64.deb
E: Prior errors apply to /var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb
debconf: apt-extracttemplates failed: No such file or directory
Selecting previously unselected package libgdbm5:amd64.
(Reading database ... 10980 files and directories currently installed.)
Preparing to unpack .../libgdbm5_1.14.1-2_amd64.deb ...
Unpacking libgdbm5:amd64 (1.14.1-2) ...
Preparing to unpack .../man-db_2.8.0-2_amd64.deb ...
Unpacking man-db (2.8.0-2) over (2.7.6.1-4) ...
Selecting previously unselected package manpages-tr.
Preparing to unpack .../manpages-tr_1.0.5.1-2_all.deb ...
Unpacking manpages-tr (1.0.5.1-2) ...
dpkg: error processing archive 
/var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb (--unpack):
 trying to overwrite '/usr/share/man/tr/man1/apropos.1.gz', which is also in 
package man-db 2.8.0-2
dpkg-deb: error: paste subprocess was killed by signal (Broken pipe)
Processing triggers for libc-bin (2.26-6) ...
Errors were encountered while processing:
 /var/cache/apt/archives/manpages-tr_1.0.5.1-2_all.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)


This is a serious bug as it makes installation fail, and violates
sections 7.6.1 and 10.1 of the policy. An optimal solution would
consist in only one of the packages installing that file, and renaming
or removing the file in the other package. Depending on the
circumstances you might also consider Replace relations or file
diversions. If the conflicting situation cannot be resolved then, as a
last resort, the two packages have to declare a mutual
Conflict. Please take into account that Replaces, Conflicts and
diversions should only be used when packages provide different
implementations for the same functionality.

Here is a list of files that are known to be shared by both packages
(according to the Contents file for sid/amd64, which may be
slightly out of sync):

  /usr/share/man/tr/man1/apropos.1.gz
  /usr/share/man/tr/man1/man.1.gz
  /usr/share/man/tr/man1/manpath.1.gz

This bug has been filed against both packages. If you, the maintainers of
the two packages in question, have agreed on which of the packages will
resolve the problem please reassign the bug to that package. You may then
also register in the BTS that the other package is affected by the bug.

-Ralf.

PS: for more information about the detection of file overwrite errors
of this kind see http://qa.debian.org/dose/file-overwrites.html.
--- End Message ---
--- Begin Message ---
Source: manpages-tr
Source-Version: 1.0.5.1-3

We believe that the bug you reported is fixed in the latest version of
manpages-tr, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 889...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Murat Demirten  (supplier of updated manpages-tr package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 08 Feb 2018 13:38:20 +0300
Source: manpages-tr
Binary: manpages-tr
Architecture: source
Version: 1.0.5.1-3
Distribution: unstable
Urgency: high
Maintainer: Murat Demirten 
Changed-By: Murat Demirten 

Processed: Bug #889805 in man-db marked as pending

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #889805 [man-db,manpages-tr] manpages-tr and man-db: error when trying to 
install together
Ignoring request to alter tags of bug #889805 to the same tags previously set

-- 
889805: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889805
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#889805: Bug #889805 in man-db marked as pending

[cjwatson]

Control: tag -1 pending

Hello,

Bug #889805 in man-db reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below, and you can check the diff of the fix at:

https://salsa.debian.org/debian/man-db/commit/adf2c42fcec2bdb09234abc70ce84fc66db16b76


Breaks/Replaces manpages-tr (<< 1.0.5.1-3) (closes: #889805).



(this message was generated automatically)
-- 
Greetings

Bug#889953: marked as done (libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 13:22:07 +
with message-id 
and subject line Bug#889953: fixed in libbpp-phyl 2.3.2-2
has caused the Debian Bug report #889953,
regarding libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: 
error: invalid covariant return type
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889953: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889953
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libbpp-phyl
Version: 2.3.2-1
Severity: serious

https://buildd.debian.org/status/package.php?p=libbpp-phyl=sid

...
In file included from 
/<>/src/Bpp/Phyl/Io/BppOSubstitutionModelFormat.cpp:113:0:
/<>/src/Bpp/Phyl/Io/../Model/RegisterRatesSubstitutionModel.h:154:36:
 error: invalid covariant return type for 'virtual std::vector bpp::RegisterRatesSubstitutionModel::getModelStates(int) const'
 std::vector getModelStates(int i) const
^~
In file included from 
/<>/src/Bpp/Phyl/Io/../Model/Codon/../AbstractBiblioSubstitutionModel.h:44:0,
 from /<>/src/Bpp/Phyl/Io/../Model/Codon/MG94.h:43,
 from 
/<>/src/Bpp/Phyl/Io/BppOSubstitutionModelFormat.cpp:50:
/<>/src/Bpp/Phyl/Io/../Model/Codon/../AbstractWrappedModel.h:77:25:
 error:   overriding 'virtual std::vector 
bpp::AbstractWrappedModel::getModelStates(int) const'
 std::vector getModelStates(int code) const { return 
getModel().getModelStates(code); }
 ^~
--- End Message ---
--- Begin Message ---
Source: libbpp-phyl
Source-Version: 2.3.2-2

We believe that the bug you reported is fixed in the latest version of
libbpp-phyl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 889...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julien Dutheil  (supplier of updated libbpp-phyl 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 09 Feb 2018 09:10:11 +0200
Source: libbpp-phyl
Binary: libbpp-phyl-dev libbpp-phyl11
Architecture: source
Version: 2.3.2-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team 

Changed-By: Julien Dutheil 
Description:
 libbpp-phyl-dev - Bio++ Phylogenetic library development files
 libbpp-phyl11 - Bio++ Phylogenetic library
Closes: 889953
Changes:
 libbpp-phyl (2.3.2-2) unstable; urgency=medium
 .
   * Fixed covariant return type on 32bits arch.
 Closes: #889953
Checksums-Sha1:
 6ff4cdbbbc5dace6f6c15656f9176377e8eb7f6a 2167 libbpp-phyl_2.3.2-2.dsc
 9f5c9c913e0c3f736097a95864b1f68f9050e1bd 5252 libbpp-phyl_2.3.2-2.debian.tar.xz
 00b4834bad47749f89daba36e0666c66bd156d4a 13599 
libbpp-phyl_2.3.2-2_source.buildinfo
Checksums-Sha256:
 a81a1aad9664b0c0b7d3969896dfc8ff1784949ff6a7d1d81d62152f6497c045 2167 
libbpp-phyl_2.3.2-2.dsc
 2769190cb2448fee27c34fc94ff9086285e9abbb95868d6ac0fedde39b83c17f 5252 
libbpp-phyl_2.3.2-2.debian.tar.xz
 83c1e64bf86433029cb39c2bb294102c542d93c5e306b3ce257819e9d7d61a2a 13599 
libbpp-phyl_2.3.2-2_source.buildinfo
Files:
 56d30d25945cbe704a838357a554832e 2167 science optional libbpp-phyl_2.3.2-2.dsc
 d2c80136fa038c6b09aad738d5f83845 5252 science optional 
libbpp-phyl_2.3.2-2.debian.tar.xz
 f66accb130199a26514dff9dc0d38830 13599 science optional 
libbpp-phyl_2.3.2-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJCBAEBCAAsFiEE8fAHMgoDVUHwpmPKV4oElNHGRtEFAlp9mCoOHHRpbGxlYUBy
a2kuZGUACgkQV4oElNHGRtGCshAAgUjDgWIg+wWzLvjyamPZn92V+tBcJShI8hTQ
QLjRdt0x2ur6Aetp3LC1GMzsouWRPAcvXguy3PiOf0tTCsnU1IMZSd/9Wzeif4ML
rPv79m9z6bmKq7m2b4T4ISJIoTf4DGpDpOhVZYTE0ZyB/XwyWfGIP5pSk1nC2agX
GMISEayqgGw/3uELuC/gHYKEw8/ANuCo2MxdnIo8UqlSYeVzY+oitjCkQwFCYa86
IFJtE1SawZe9hM/X1Uvldt5kH2peL2timM5+9W0H9WvckBRwyrJmpIrk2ENsmzTB
rtEXcdH3Kqom4cTqp/pWw1c++o2mxj92AI/qPWYWJfhcAljy2HDAk0YXU1bEO7my
pVPSs0aP5YXKsjLuEckDiNee3qYpVuNr84vFg/8HDHyKN9ReqG/3ilBtSW6a0GUw
YV8SG0P1qbAUEtjK1dH5Lhb+Y38Sae5RgbhfVaTE7dI9ecKSI3DVpQnWrEYH8uhy
/7qohy/V0PZiYPQAOP28zLiZGTRapKsR/P2mIBS/S7ub4+YhjhBS+qs1TkzfIIjG

Processed: add bug dep for h323plus

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> block 858857 by 859558
Bug #858857 [h323plus] h323plus: Please migrate to openssl1.1 in Buster
858857 was not blocked by any bugs.
858857 was blocking: 871056
Added blocking bug(s) of 858857: 859558
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
858857: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858857
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#889953: libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type

[Andreas Tille]

Hi Julien,

On Fri, Feb 09, 2018 at 09:34:58AM +0100, Julien Yann Dutheil wrote:
> I have committed a patch. But there are other errors like:

Thanks for the quick response.  For future pushes can you please make
sure two things:

   1. Add DEP3 headers to the patch - at least Author, Last-Updated and
  Description, if applicable Bug-Debian.
   2. Close fixed bugs in changelog

I've pushed my changes in case you have no idea what I mean.

Kind regards

   Andreas.

-- 
http://fam-tille.de

Bug#889829: ghc: error while loading shared libraries: libHShaskeline-0.7.3.0-ghc8.0.2.so

[James Clarke]

On 8 Feb 2018, at 19:46, Holger Levsen  wrote:
> 
> On Thu, Feb 08, 2018 at 03:04:22PM +0100, Petter Reinholdtsen wrote:
>> [Clint Adams]
>>> objdump -p /usr/lib/ghc/bin/ghc-pkg | grep RUNPATH
> 
> $ objdump -p /usr/lib/ghc/bin/ghc-pkg | grep RUNPATH
>   RUNPATH
>   
> $ORIGIN/../terminfo-0.4.0.2:$ORIGIN/../ghc-boot-8.0.2:$ORIGIN/../ghc-boot-th-8.0.2:$ORIGIN/../Cabal-1.24.2.0:$ORIGIN/../process-1.4.3.0:$ORIGIN/../pretty-1.1.3.3:$ORIGIN/../directory-1.3.0.0:$ORIGIN/../unix-2.7.2.1:$ORIGIN/../time-1.6.0.1:$ORIGIN/../filepath-1.4.1.1:$ORIGIN/../binary-0.8.3.0:$ORIGIN/../containers-0.5.7.1:$ORIGIN/../bytestring-0.10.8.1:$ORIGIN/../deepseq-1.4.2.0:$ORIGIN/../array-0.5.1.1:$ORIGIN/../base-4.9.1.0:$ORIGIN/../integer-gmp-1.0.0.1:$ORIGIN/../ghc-prim-0.5.0.0:$ORIGIN/../rts
> 
> is what I get. Do you need any more info? I still see this...

Well that's correct; you can see $ORIGIN/../terminfo-0.4.0.2 in there which is
where it should be getting libHSterminfo-0.4.0.2-ghc8.0.2.so, but for some
reason your ld.so is not looking at RUNPATH; once it fails to find it on the
system search path it's supposed to then print something like:

 15470:  search 
path=/usr/lib/ghc/bin/../terminfo-0.4.0.2:/usr/lib/ghc/bin/../ghc-boot-8.0.2:/usr/lib/ghc/bin/../ghc-boot-th-8.0.2:/usr/lib/ghc/bin/../Cabal-1.24.2.0:/usr/lib/ghc/bin/../process-1.4.3.0:/usr/lib/ghc/bin/../pretty-1.1.3.3:/usr/lib/ghc/bin/../directory-1.3.0.0:/usr/lib/ghc/bin/../unix-2.7.2.1:/usr/lib/ghc/bin/../time-1.6.0.1:/usr/lib/ghc/bin/../filepath-1.4.1.1:/usr/lib/ghc/bin/../binary-0.8.3.0:/usr/lib/ghc/bin/../containers-0.5.7.1:/usr/lib/ghc/bin/../bytestring-0.10.8.1:/usr/lib/ghc/bin/../deepseq-1.4.2.0:/usr/lib/ghc/bin/../array-0.5.1.1:/usr/lib/ghc/bin/../base-4.9.1.0:/usr/lib/ghc/bin/../integer-gmp-1.0.0.1:/usr/lib/ghc/bin/../ghc-prim-0.5.0.0:/usr/lib/ghc/bin/../rts/tls/x86_64/x86_64:/usr/lib/ghc/bin/../rts/tls/x86_64:/usr/lib/ghc/bin/../rts/tls/x86_64:/usr/lib/ghc/bin/../rts/tls:/usr/lib/ghc/bin/../rts/x86_64/x86_64:/usr/lib/ghc/bin/../rts/x86_64:/usr/lib/ghc/bin/../rts/x86_64:/usr/lib/ghc/bin/../rts
 (RUNPATH from file /usr/lib/ghc/bin/ghc-pkg)

What version of glibc do you have? Have you got any interesting (to ld.so)
environment variables exported or configuration files changed?

Regards,
James

Bug#889962: node-mapnik FTBFS with mapnik-vector-tile 1.6.0+dfsg-1

[Sebastiaan Couwenberg]

Control: tags -1 upstream
Control: forwarded -1 https://github.com/mapnik/node-mapnik/issues/843

Upsteam is working on 3.6.3 which will support mapnik-vector-tile 1.6.0.

Since node-mapnik is not in testing anyway breaking it with mvt is not
an issue for the time being.

Kind Regards,

Bas

Processed: Re: Bug#889962: node-mapnik FTBFS with mapnik-vector-tile 1.6.0+dfsg-1

[Debian Bug Tracking System]

Processing control commands:

> tags -1 upstream
Bug #889962 [src:node-mapnik] node-mapnik FTBFS with mapnik-vector-tile 
1.6.0+dfsg-1
Added tag(s) upstream.
> forwarded -1 https://github.com/mapnik/node-mapnik/issues/843
Bug #889962 [src:node-mapnik] node-mapnik FTBFS with mapnik-vector-tile 
1.6.0+dfsg-1
Set Bug forwarded-to-address to 
'https://github.com/mapnik/node-mapnik/issues/843'.

-- 
889962: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889962
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#888754: marked as done (pike7.8: build fix for new gdbm (>=1.13))

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 11:21:07 +
with message-id 
and subject line Bug#888754: fixed in pike7.8 7.8.866-8.1
has caused the Debian Bug report #888754,
regarding pike7.8: build fix for new gdbm (>=1.13)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
888754: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888754
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: pike7.8
Version: 7.8.866-8
Tags: patch
Severity: important

Hello, please apply the following cherry-pick from pike8.0 to fix the build 
with the upcoming gdbm 1.13 and 1.14
(please verify I did cherry-pick it correctly too)

This bug will become RC once the Release Team acks the transition

--- pike7.8-7.8.866.orig/src/modules/Gdbm/gdbmmod.c
+++ pike7.8-7.8.866/src/modules/Gdbm/gdbmmod.c
@@ -20,6 +20,9 @@

 #if defined(HAVE_GDBM_H) && defined(HAVE_LIBGDBM)

+/* This symbol conflicts with the Gdbm 1.13 header files. */
+#undef fatal
+
 #include 

 #ifdef _REENTRANT


thanks

Gianfranco




signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: pike7.8
Source-Version: 7.8.866-8.1

We believe that the bug you reported is fixed in the latest version of
pike7.8, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 888...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Gianfranco Costamagna  (supplier of updated pike7.8 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 07 Feb 2018 11:37:38 +0100
Source: pike7.8
Binary: pike7.8-core pike7.8 pike7.8-dev pike7.8-manual pike7.8-reference 
pike7.8-doc pike7.8-full pike7.8-mysql pike7.8-pg pike7.8-odbc pike7.8-svg 
pike7.8-image pike7.8-sdl pike7.8-gdbm pike7.8-gtk pike7.8-gl pike7.8-sane 
pike7.8-pcre pike7.8-bzip2 pike7.8-fuse pike7.8-sqlite pike7.8-dnssd 
pike7.8-kerberos
Architecture: source
Version: 7.8.866-8.1
Distribution: unstable
Urgency: medium
Maintainer: Magnus Holmgren 
Changed-By: Gianfranco Costamagna 
Description:
 pike7.8- Recommended metapackage for Pike 7.8
 pike7.8-bzip2 - Bzip2 module for Pike
 pike7.8-core - Powerful interpreted programming language
 pike7.8-dev - Development files for Pike 7.8
 pike7.8-dnssd - DNS Service Discovery (DNS-SD) for Pike
 pike7.8-doc - Pike 7.8 documentation metapackage
 pike7.8-full - Metapackage for Pike 7.8
 pike7.8-fuse - Filesystem in USErspace support for Pike
 pike7.8-gdbm - Gdbm module for Pike
 pike7.8-gl - Mesa modules for Pike
 pike7.8-gtk - GTK+ 2.0 module for Pike
 pike7.8-image - Image modules for Pike
 pike7.8-kerberos - Kerberos and GSSAPI modules for Pike
 pike7.8-manual - Pike 7.8 manual
 pike7.8-mysql - MySQL modules for Pike
 pike7.8-odbc - ODBC modules for Pike
 pike7.8-pcre - PCRE module for Pike
 pike7.8-pg - PostgreSQL modules for Pike
 pike7.8-reference - Pike 7.8 reference
 pike7.8-sane - SANE module for Pike
 pike7.8-sdl - SDL module for Pike
 pike7.8-sqlite - SQLite module for Pike
 pike7.8-svg - SVG format support for Pike
Closes: 888754
Changes:
 pike7.8 (7.8.866-8.1) unstable; urgency=medium
 .
   * Non-maintainer upload
   * Fix build failure, by cherry-picking a fix from pike8.0 (Closes: #888754)
Checksums-Sha1:
 6e07161d1dcdda9ff48c9f94c5dfc64d20330a94 3788 pike7.8_7.8.866-8.1.dsc
 4408995ac723dc1119e00556300c82d816d3acd4 38784 
pike7.8_7.8.866-8.1.debian.tar.xz
 3aff546708c4b495b976ef415230a19ad3e24a19 14113 
pike7.8_7.8.866-8.1_source.buildinfo
Checksums-Sha256:
 5528bea6ebf872b6d41e6920dfd4277bf1c24bd0f2fd71ac501bc76a9d0093c7 3788 
pike7.8_7.8.866-8.1.dsc
 cfbf94b155f8b6f90bf8bf74eb5c736ea4c83b730bc2a74cbdea8c342e463638 38784 
pike7.8_7.8.866-8.1.debian.tar.xz
 7f266537b51f248d6ae2923c28fc6713872375e3589229eb7fdc820347e4538c 14113 
pike7.8_7.8.866-8.1_source.buildinfo
Files:
 e0133f9cd3fbccb2e0c1ce0fe8f7645e 3788 interpreters optional 
pike7.8_7.8.866-8.1.dsc
 a75d312b430ba9bb0321c9c075464ef5 38784 interpreters optional 
pike7.8_7.8.866-8.1.debian.tar.xz
 4e4d097cf98c5b75980773df988b6ab4 14113 interpreters optional 

Bug#889903: python-gnupg needs an explict b-d on 2to3

[Elena ``of Valhalla'']

On 2018-02-08 at 16:31:05 +0100, Matthias Klose wrote:
> python-gnupg needs an explict b-d on 2to3. The binary is now provided in a
> separate package.

will do it asap, thanks

> Please could you also run the testsuite with verbosity=2 ?

I can't think any reason why not, so I will probably also do this in the
same upload

-- 
Elena ``of Valhalla''

Bug#883757: marked as done (ignition-transport: Includes "test/gtest/cmake/internal_utils.cmake" listed in Files-Excluded header)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 11:01:51 +
with message-id 
and subject line Bug#883757: fixed in ignition-transport 4.0.0+dfsg-1
has caused the Debian Bug report #883757,
regarding ignition-transport: Includes "test/gtest/cmake/internal_utils.cmake" 
listed in Files-Excluded header
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
883757: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883757
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ignition-transport
Version: 1.3.0-5
Severity: serious
User: la...@debian.org
Usertags: files-excluded

Dear Maintainer,

ignition-transport lists "test/gtest" in the Files-Excluded field in
debian/copyright but the source tree contains
test/gtest/cmake/internal_utils.cmake.

This is probably a DFSG violation, or at the upstream tarball was not
repacked as intended. Alternatively, the field is simply out of date.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
--- End Message ---
--- Begin Message ---
Source: ignition-transport
Source-Version: 4.0.0+dfsg-1

We believe that the bug you reported is fixed in the latest version of
ignition-transport, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 883...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jose Luis Rivero  (supplier of updated 
ignition-transport package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 05 Feb 2018 14:04:13 +
Source: ignition-transport
Binary: libignition-transport4 libignition-transport-dev 
libignition-transport4-dev
Architecture: source all amd64
Version: 4.0.0+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Science Maintainers 

Changed-By: Jose Luis Rivero 
Description:
 libignition-transport-dev - transitional package
 libignition-transport4 - Ignition Robotics Transport Library - Shared library
 libignition-transport4-dev - Ignition Robotics transport Library - Development 
files
Closes: 883757 888017
Changes:
 ignition-transport (4.0.0+dfsg-1) unstable; urgency=medium
 .
   [ Jose Luis Rivero ]
   * New upstream version 4.0.0+dfsg
 (Closes: #883757)
 (Closes: #888017)
 .
   [ Anton Gladky ]
   * Switch to compat-level 11
   * Set Standards-Version: 4.1.3
   * Update VCS-fields (move to salsa)
Checksums-Sha1:
 89786b7038de29a3e75184bc9f7bcc4cce8aeb95 2549 
ignition-transport_4.0.0+dfsg-1.dsc
 de598e7b48d0379a7d3efbcd0f93174acde85497 194328 
ignition-transport_4.0.0+dfsg.orig.tar.xz
 8219c1fa55ff47b99b9efdd92e6d43c484387a19 4576 
ignition-transport_4.0.0+dfsg-1.debian.tar.xz
 0e26773114ca725c24766a3c0bfb3b624dc891e5 9121 
ignition-transport_4.0.0+dfsg-1_amd64.buildinfo
 3b187ab2fdf3b9c91e624aabbff47ef9222c662b 5056 
libignition-transport-dev_4.0.0+dfsg-1_all.deb
 9bbee59560779ec7d6ec6c33608edbb16d27de86 1865092 
libignition-transport4-dbgsym_4.0.0+dfsg-1_amd64.deb
 d6673c1bf813dbeaebf6a62bee36091f911b7857 42404 
libignition-transport4-dev_4.0.0+dfsg-1_amd64.deb
 9b426a4aec83e70acf4622ef8f387267955aeb6c 133624 
libignition-transport4_4.0.0+dfsg-1_amd64.deb
Checksums-Sha256:
 de1dbfc99c2de11b549b3a02d2fe34743f1db893b3b82e1a7fb346c2f850 2549 
ignition-transport_4.0.0+dfsg-1.dsc
 18c3104694614f80f99ff295309d771d2f0ef61718f2647f760e23965d62ef6c 194328 
ignition-transport_4.0.0+dfsg.orig.tar.xz
 005e2212ef1f59e5dd926351d4a0f587d7517fdee4e953c60619774877f2a174 4576 
ignition-transport_4.0.0+dfsg-1.debian.tar.xz
 47892d93f804b4d91d23a093a479d8cc0fd6dc7881ac565509ec82df2d8d73cc 9121 
ignition-transport_4.0.0+dfsg-1_amd64.buildinfo
 10873be0d741c313733a4e4c103993f19e76b3da08323173e88de37b1609ab03 5056 
libignition-transport-dev_4.0.0+dfsg-1_all.deb
 49f140d75a0c5f62b3800c97bf8c8c4cf43e7adbfcad3207826500c826ce35f4 1865092 
libignition-transport4-dbgsym_4.0.0+dfsg-1_amd64.deb
 e7dfd6408eb4a6455bb3d4382d7a4c9d7eaa5070396e2e36226183814cc3acf2 42404 
libignition-transport4-dev_4.0.0+dfsg-1_amd64.deb
 

Bug#888729: marked as done (partitionmanager FTBFS with libkpmcore-dev 3.3.0-2)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 10:46:09 +
with message-id 
and subject line Bug#888729: fixed in partitionmanager 3.3.1-1
has caused the Debian Bug report #888729,
regarding partitionmanager FTBFS with libkpmcore-dev 3.3.0-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
888729: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888729
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: partitionmanager
Version: 3.2.1-3
Severity: serious

https://buildd.debian.org/status/package.php?p=partitionmanager=sid

...
/<>/src/config/advancedpagewidget.cpp: In member function 'QString 
AdvancedPageWidget::backend() const':
/<>/src/config/advancedpagewidget.cpp:37:11: error: 'KService' 
does not name a type; did you mean 'Device'?
 const KService::List services = CoreBackendManager::self()->list();
   ^~~~
   Device
/<>/src/config/advancedpagewidget.cpp:38:26: error: 'services' was 
not declared in this scope
 for (const auto  : services)
  ^~~~
/<>/src/config/advancedpagewidget.cpp:38:26: note: suggested 
alternative: 'Device'
 for (const auto  : services)
  ^~~~
  Device
/<>/src/config/advancedpagewidget.cpp: In member function 'void 
AdvancedPageWidget::setBackend(const QString&)':
/<>/src/config/advancedpagewidget.cpp:47:11: error: 'KService' 
does not name a type; did you mean 'Device'?
 const KService::List services = CoreBackendManager::self()->list();
   ^~~~
   Device
/<>/src/config/advancedpagewidget.cpp:48:26: error: 'services' was 
not declared in this scope
 for (const auto  : services)
  ^~~~
/<>/src/config/advancedpagewidget.cpp:48:26: note: suggested 
alternative: 'Device'
 for (const auto  : services)
  ^~~~
  Device
/<>/src/config/advancedpagewidget.cpp: In member function 'void 
AdvancedPageWidget::setupDialog()':
/<>/src/config/advancedpagewidget.cpp:55:11: error: 'KService' 
does not name a type; did you mean 'Device'?
 const KService::List services = CoreBackendManager::self()->list();
   ^~~~
   Device
/<>/src/config/advancedpagewidget.cpp:56:26: error: 'services' was 
not declared in this scope
 for (const auto  : services)
  ^~~~
/<>/src/config/advancedpagewidget.cpp:56:26: note: suggested 
alternative: 'Device'
 for (const auto  : services)
  ^~~~
  Device
src/CMakeFiles/partitionmanager.dir/build.make:181: recipe for target 
'src/CMakeFiles/partitionmanager.dir/config/advancedpagewidget.cpp.o' failed
make[3]: *** 
[src/CMakeFiles/partitionmanager.dir/config/advancedpagewidget.cpp.o] Error 1
--- End Message ---
--- Begin Message ---
Source: partitionmanager
Source-Version: 3.3.1-1

We believe that the bug you reported is fixed in the latest version of
partitionmanager, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 888...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonathan Carter  (supplier of updated partitionmanager package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 09 Feb 2018 09:47:40 +0200
Source: partitionmanager
Binary: partitionmanager
Architecture: source amd64
Version: 3.3.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian KDE Extras Team 
Changed-By: Jonathan Carter 
Description:
 partitionmanager - file, disk and partition management for KDE
Closes: 888729
Changes:
 partitionmanager (3.3.1-1) unstable; urgency=medium
 .
   * Upload to unstable (Closes: #888729)
Checksums-Sha1:
 e2d36a2ea68386e6330b65492d1a81edfea57fe5 2557 partitionmanager_3.3.1-1.dsc
 4db11841b6c4d7a15807d8bb2f4f2b6aa456007b 4796 
partitionmanager_3.3.1-1.debian.tar.xz
 0875ee00714e828cdf3ffa51b2da46094bb2d9f6 5541820 
partitionmanager-dbgsym_3.3.1-1_amd64.deb
 5c30d430d1a5cbe91ea868d319948bd84bb9848b 20279 

Bug#881885: marked as done (tuxpaint: FTBFS with high degree of parallelism)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 10:47:48 +
with message-id 
and subject line Bug#881885: fixed in tuxpaint 1:0.9.22-9~exp4
has caused the Debian Bug report #881885,
regarding tuxpaint: FTBFS with high degree of parallelism
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
881885: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881885
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: tuxpaint
Version: 1:0.9.22-7
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

tuxpaint FTBFS during a highly parallel build. With -j16 it always
failed, with -j8 it failed sometimes. Probably anything using 2 or more
threads could fail.

msgfmt -o trans/wa.mo src/po/wa.po
...Preparing translation files...
msgfmt -o trans/el.mo src/po/el.po
msgfmt: error while opening "trans/el.mo" for writing: No such file or directory
Makefile:414: recipe for target 'trans/el.mo' failed
make[1]: *** [trans/el.mo] Error 1


Looks like a race condition between creating a directory and putting
a file into it.


Andreas
--- End Message ---
--- Begin Message ---
Source: tuxpaint
Source-Version: 1:0.9.22-9~exp4

We believe that the bug you reported is fixed in the latest version of
tuxpaint, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 881...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonathan Carter  (supplier of updated tuxpaint package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 09 Feb 2018 12:03:40 +0200
Source: tuxpaint
Binary: tuxpaint tuxpaint-plugins-default tuxpaint-dev tuxpaint-data
Architecture: source all amd64
Version: 1:0.9.22-9~exp4
Distribution: experimental
Urgency: medium
Maintainer: Jonathan Carter 
Changed-By: Jonathan Carter 
Description:
 tuxpaint   - Paint program for young children
 tuxpaint-data - Data files for Tux Paint, a paint program for children
 tuxpaint-dev - Development files for Tux Paint
 tuxpaint-plugins-default - Magic tool plugins for Tux Paint
Closes: 881885
Changes:
 tuxpaint (1:0.9.22-9~exp4) experimental; urgency=medium
 .
   * Add patch to create directory when translations are compiled
 (Closes: #881885)
Checksums-Sha1:
 0e9ac975e3bad3d9936d4ccd8422c4f9b1c624ec 2155 tuxpaint_0.9.22-9~exp4.dsc
 f8f09a0c6ea709b058f9c5132086b6e7b3025fd0 11472 
tuxpaint_0.9.22-9~exp4.debian.tar.xz
 b172d3f0405cb353d628200f1fb6e64c1afbd2a0 6937552 
tuxpaint-data_0.9.22-9~exp4_all.deb
 6533647d165a788782ea2817f5bf2850fb6a8a07 11000 
tuxpaint-dbgsym_0.9.22-9~exp4_amd64.deb
 1b72df8ffae5cf014f8d03d66a521c7746df3fc2 102252 
tuxpaint-dev_0.9.22-9~exp4_all.deb
 1f62245f587b2f8076fafb92bf118083ae1b4be4 1584716 
tuxpaint-plugins-default-dbgsym_0.9.22-9~exp4_amd64.deb
 26a27896fc36d732fc172a181331661bd16e16e8 869480 
tuxpaint-plugins-default_0.9.22-9~exp4_amd64.deb
 ca25fd0f5c66c93f7037d9fd0c07fdf35eb2 14116 
tuxpaint_0.9.22-9~exp4_amd64.buildinfo
 c929f34ff2f9bd0377fa13e48ed4cb5619dffc84 216308 
tuxpaint_0.9.22-9~exp4_amd64.deb
Checksums-Sha256:
 03ed38996d8d91fda01f55269a5e6330ca6b6d322f54c941748c8ed1ee1ebd57 2155 
tuxpaint_0.9.22-9~exp4.dsc
 ae02018eef394d43bb77332085b6b7973b21b6348cf66e12d4a1ee795be7eac5 11472 
tuxpaint_0.9.22-9~exp4.debian.tar.xz
 d28593752972bbeadb5a90890a1022f4e87bfa67914d537310e3aedf5206128e 6937552 
tuxpaint-data_0.9.22-9~exp4_all.deb
 d57652723d9e926211ed642172da1852799e863e4f5ec05d22e29bc49f916765 11000 
tuxpaint-dbgsym_0.9.22-9~exp4_amd64.deb
 91c72ad7b787a125dd26c3d44943ab218678e41a3748eb723f8133ab091a7bda 102252 
tuxpaint-dev_0.9.22-9~exp4_all.deb
 09711eee82e23e131f09691a61cbab3fddbaf0094deb3670a2bd7e23afa97ecf 1584716 
tuxpaint-plugins-default-dbgsym_0.9.22-9~exp4_amd64.deb
 07fe39176e3a649238fbb17a024a4f2e03f71ac351602a43a5b6ac109c1ad908 869480 
tuxpaint-plugins-default_0.9.22-9~exp4_amd64.deb
 efd98ed5323c39982f802052dcc2d9a95ccbb205cf65bf10c597bdaaeb17f32d 14116 
tuxpaint_0.9.22-9~exp4_amd64.buildinfo
 9fd8b5ff35fa0e9050c0571cbce3a52715dc689a0aeb372bd3bb067bfef0985f 216308 
tuxpaint_0.9.22-9~exp4_amd64.deb
Files:
 

Bug#889961: courier-authdaemon: Upgrade failures in 0.68.0-4 package

[Amos Jeffries]

It seems that the systemd/systemctl is removing the
/run/courier/authdaemon/pid file underneath courier.

Removing the line "PIDFile=/run/courier/authdaemon/pid" from the
installed .service file resolves this problem and upgrade works fine.

Amos

Bug#889688: marked as done (gweled crashes when rsvg reports an error)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 10:39:45 +
with message-id 
and subject line Bug#889688: fixed in gweled 0.9.1-5
has caused the Debian Bug report #889688,
regarding gweled crashes when rsvg reports an error
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
889688: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889688
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gweled
Version: 0.9.1-4
Severity: grave

--- Please enter the report below this line. ---
Can no longer use the program. Error from CLI:

~$ gweled 
*WARNING* **: Locale not supported by C library. 
*WARNING* **: GError set over the top of a previous GError or uninitializ



--- System information. ---
Architecture: 
Kernel:   Linux 4.14.0-2-amd64

Debian Release: buster/sid
  500 yakkety ppa.launchpad.net 
  500 unstableftp.us.debian.org 
  500 testing ftp.us.debian.org 
  500 sid linux.dropbox.com 
  500 lucid   ppa.launchpad.net 
  100 jessie-backports ftp.us.debian.org 
1 experimentalftp.us.debian.org 

--- Package information. ---
Depends   (Version) | Installed
===-+-
libatk1.0-0 (>= 1.12.4) | 
libc6 (>= 2.15) | 
libcairo2(>= 1.2.4) | 
libfontconfig1(>= 2.11) | 
libfreetype6 (>= 2.2.1) | 
libgdk-pixbuf2.0-0  (>= 2.22.0) | 
libglib2.0-0(>= 2.37.3) | 
libgtk2.0-0 (>= 2.20.0) | 
libmikmod3   (>= 3.3.3) | 
libpango-1.0-0  (>= 1.14.0) | 
libpangocairo-1.0-0 (>= 1.14.0) | 
libpangoft2-1.0-0   (>= 1.14.0) | 
librsvg2-2  (>= 2.14.4) | 


Package's Recommends field is empty.

Package's Suggests field is empty.




--- End Message ---
--- Begin Message ---
Source: gweled
Source-Version: 0.9.1-5

We believe that the bug you reported is fixed in the latest version of
gweled, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 889...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stephen Kitt  (supplier of updated gweled package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Fri, 09 Feb 2018 09:43:43 +0100
Source: gweled
Binary: gweled
Architecture: source
Version: 0.9.1-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Games Team 
Changed-By: Stephen Kitt 
Description:
 gweled - "Diamond Mine"-style puzzle game
Closes: 889688
Changes:
 gweled (0.9.1-5) unstable; urgency=medium
 .
   * Cope with librsvg’s new behaviour by always using URIs instead of
 paths. (Closes: #889688.)
   * Add a missing function declaration.
   * Document old patches.
   * Switch to debhelper compatibility 11, and adjust patches so the
 package can build multiple times in a row.
   * Ship /usr/games/gweled with the desired ownership and permissions,
 instead of using dpkg-statoverride.
   * Standards-Version 4.1.3, no further change required.
Checksums-Sha1:
 08990f99e414a0c36bf7fbfce51fbbd88bebe44c 1928 gweled_0.9.1-5.dsc
 a322c9b679dc9a004ec96a84a700af50a88d0ada 10636 gweled_0.9.1-5.debian.tar.xz
 684642730163b03669bc756c02bc64e19dc67be3 12306 gweled_0.9.1-5_source.buildinfo
Checksums-Sha256:
 2034385fa2f440b8188e0bb10756439a6ea0d858a94a719fb5027d3ca44369c2 1928 
gweled_0.9.1-5.dsc
 af136cf2fb178fc969ceb3f429a8c7b7704f0f1414936beb58fb6a2e34a59306 10636 
gweled_0.9.1-5.debian.tar.xz
 6f0a1c7ac814805bab809a6e4e422b3f9dcc001b33c15e80b50a21352cf19725 12306 
gweled_0.9.1-5_source.buildinfo
Files:
 c7031aa0ab4f7bbc81db348594bbccae 1928 games optional gweled_0.9.1-5.dsc
 34727fec84e74989939a5e5fb5cd4c54 10636 games optional 
gweled_0.9.1-5.debian.tar.xz
 466a3afd8f3473033c50fbaa9a2beaf8 12306 games optional 
gweled_0.9.1-5_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEnPVX/hPLkMoq7x0ggNMC9Yhtg5wFAlp9X0wACgkQgNMC9Yht
g5zZFg/+K0l5pOJDAW6DMME4EOt2uZErO354++/s395byXhST2ux2AeP/tdJnTN6
SIcGJccFbYFdpbwrkmYltCluEjZPYZ+nvl+kuww79NcUsD2sLMuwNLWsRagYEK3d

Bug#888752: marked as done (ifmail: please switch to new gdbm, or prepare to use the compat package)

[Debian Bug Tracking System]

Your message dated Fri, 09 Feb 2018 10:39:53 +
with message-id 
and subject line Bug#888752: fixed in ifmail 2.14tx8.10-23.1
has caused the Debian Bug report #888752,
regarding ifmail: please switch to new gdbm, or prepare to use the compat 
package
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
888752: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888752
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: ifmail
Version: 2.14tx8.10-23
Tags: patch
Severity: important

Hello, please update the package to use new gdbm API, or prepare to use the 
libgdbm-compat-dev additional dependency (currently available only in 
experimental).

This bug will become serious once release team acks the transition.

thanks

G.



signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: ifmail
Source-Version: 2.14tx8.10-23.1

We believe that the bug you reported is fixed in the latest version of
ifmail, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 888...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Gianfranco Costamagna  (supplier of updated ifmail 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 07 Feb 2018 10:34:20 +0100
Source: ifmail
Binary: ifmail ifgate ifcico
Architecture: source
Version: 2.14tx8.10-23.1
Distribution: unstable
Urgency: medium
Maintainer: Marco d'Itri 
Changed-By: Gianfranco Costamagna 
Description:
 ifcico - Fidonet Technology transport package
 ifgate - Internet to Fidonet gateway
 ifmail - Internet to Fidonet gateway
Closes: 888752
Changes:
 ifmail (2.14tx8.10-23.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Use the compat level gdbm package, to fix build with new gdbm
 (This needs porting to new gdbm api, because the compat package will
  eventually disappear) (Closes: #888752)
Checksums-Sha1:
 712c43d20144df1490cb72f06be915b257dd6c51 1926 ifmail_2.14tx8.10-23.1.dsc
 988bd91bfe45735a937dfd7d63a94b01b30417d4 40012 
ifmail_2.14tx8.10-23.1.debian.tar.xz
 dd13a115e96c9ecbda10f5aa1ee873b719a09561 6494 
ifmail_2.14tx8.10-23.1_source.buildinfo
Checksums-Sha256:
 556aa8f5bebc5ece377c146147d426f4dc13afdfadc2a7460bfc1fa758cf2c48 1926 
ifmail_2.14tx8.10-23.1.dsc
 ffdbd79cb7338ca9445affa3d785693fb5a26918242d155e2758d597c411e688 40012 
ifmail_2.14tx8.10-23.1.debian.tar.xz
 7e266d694f04b52fad764954e9e524c738587051aa9c5a1de973fb5d5fb887d3 6494 
ifmail_2.14tx8.10-23.1_source.buildinfo
Files:
 ce02bb8e685262b3713c0a688de35678 1926 comm extra ifmail_2.14tx8.10-23.1.dsc
 4ab02f580a0ee65514426b29cd77089d 40012 comm extra 
ifmail_2.14tx8.10-23.1.debian.tar.xz
 73e4d590a86b0831ee9734063f9f52e0 6494 comm extra 
ifmail_2.14tx8.10-23.1_source.buildinfo

-BEGIN PGP SIGNATURE-

iQIcBAEBCAAGBQJaeshaAAoJEPNPCXROn13ZpyMQAI5jcr5J+CbLfeCAMSnCH+bb
bdvz63wVOsmWIKLGA9QwAr1hOsE8DamYepRsnDYpp2CH+SXnZW0HL92xfpnScNz8
T3P3R/86kFqo+hT73kJo8zBznl+Q8J3+CrBECcNmdpVWTdLlLhDBExYNthmzXefe
L9uZIBJWLh8nDlf8ngbXA7NJuUpz6/BImHxc6khm/U/ZxEvgFeOmh7YP2eZBU7Cs
pb5fNRh8ufjC+UqJmHCDg4vUEfwCj3u5j/cBnkd/9vGWvstgP/HIeSQfYadfmciw
DQbBWI7992FZhqXXYjuXHKnJAXkTHNn83Y0MiQzZMo8duRXSstb4u5rIat5BIBDV
FznoXV5zQ+4w7aByPZgEXhXVeFIoHGU+N92JxoiP3lU3cWr/c6Wl08INMlKIqH44
eZfeCbP+eIR60cA3wXEioHHC5alhs691sL6TjRFOnZxViBCoMYmPg2blpp3QVNey
TrA7XD5XtgzbmiNPSZoihrfyRfNvrjrSWbYiPCTkaKw6P1/IH6PtCb9kEQf1E665
giMEFCbWuygwfVP+rCPicIYcgoTF2+qvUxCD5GOEpXoPry4hTpwu5gw4WwHus33K
Yq1FNDWG2XZ96DEHe2EsQxULhIauzwiD3cmBi+mtTrHCS/NqOd126TarpQC7vr46
tIdWSJcWDdHLg35RanTv
=NLRj
-END PGP SIGNATURE End Message ---

Bug#889962: node-mapnik FTBFS with mapnik-vector-tile 1.6.0+dfsg-1

[Adrian Bunk]

Source: node-mapnik
Version: 3.6.2+dfsg-3
Severity: serious

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/node-mapnik.html

...
../src/mapnik_vector_tile.cpp: In static member function 'static 
v8::Local VectorTile::_compositeSync(Nan::NAN_METHOD_ARGS_TYPE)':
../src/mapnik_vector_tile.cpp:626:27: warning: comparison is always false due 
to limited range of data type [-Wtype-limits]
 if (fill_type < 0 || fill_type >= 
mapnik::vector_tile_impl::polygon_fill_type_max)
 ~~^~~
../src/mapnik_vector_tile.cpp: In static member function 'static 
Nan::NAN_METHOD_RETURN_TYPE VectorTile::composite(Nan::NAN_METHOD_ARGS_TYPE)':
../src/mapnik_vector_tile.cpp:1000:27: warning: comparison is always false due 
to limited range of data type [-Wtype-limits]
 if (fill_type < 0 || fill_type >= 
mapnik::vector_tile_impl::polygon_fill_type_max)
 ~~^~~
../src/mapnik_vector_tile.cpp: In static member function 'static 
Nan::NAN_METHOD_RETURN_TYPE VectorTile::addGeoJSON(Nan::NAN_METHOD_ARGS_TYPE)':
../src/mapnik_vector_tile.cpp:3261:27: warning: comparison is always false due 
to limited range of data type [-Wtype-limits]
 if (fill_type < 0 || fill_type >= 
mapnik::vector_tile_impl::polygon_fill_type_max)
 ~~^~~
../src/mapnik_vector_tile.cpp: In static member function 'static void 
VectorTile::EIO_RenderTile(uv_work_t*)':
../src/mapnik_vector_tile.cpp:5147:35: error: 'spherical_mercator' is not a 
member of 'mapnik::vector_tile_impl'
 mapnik::vector_tile_impl::spherical_mercator 
merc(closure->d->tile_size());
   ^~
../src/mapnik_vector_tile.cpp:5151:13: error: 'merc' was not declared in this 
scope
 merc.xyz(closure->x,closure->y,closure->z,minx,miny,maxx,maxy);
 ^~~~
../src/mapnik_vector_tile.cpp:5151:13: note: suggested alternative: 'getc'
 merc.xyz(closure->x,closure->y,closure->z,minx,miny,maxx,maxy);
 ^~~~
 getc
../src/mapnik_vector_tile.cpp:5155:13: error: 'merc' was not declared in this 
scope
 merc.xyz(closure->d->get_tile()->x(),
 ^~~~
../src/mapnik_vector_tile.cpp:5155:13: note: suggested alternative: 'getc'
 merc.xyz(closure->d->get_tile()->x(),
 ^~~~
 getc
mapnik.target.mk:220: recipe for target 
'Release/obj.target/mapnik/src/mapnik_vector_tile.o' failed
make[2]: *** [Release/obj.target/mapnik/src/mapnik_vector_tile.o] Error 1

Bug#889961: courier-authdaemon: Upgrade failures in 0.68.0-4 package

[Amos Jeffries]

Package: courier-authdaemon
Version: 0.68.0-4+b1
Severity: critical
stop

The Courier authdaemon package is failing to configure during install.
Similar issue happened on the -3 package but I managed to get that to
install with manually stopping all courier processes before upgrading.
That workaround no longer has any effect.


aptitude upgrade
The following partially installed packages will be configured:
  courier-authdaemon courier-imap courier-pop
No packages will be installed, upgraded, or removed.
0 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B of archives. After unpacking 0 B will be used.
Setting up courier-pop (0.78.0-2+b1) ...
A dependency job for courier-pop.service failed. See 'journalctl -xe'
for details.
...


Setting up courier-imap (4.18.1+0.78.0-2+b1) ...
A dependency job for courier-imap.service failed. See 'journalctl -xe'
for details.
invoke-rc.d: initscript courier-imap, action "start" failed.
* courier-imap.service - Courier IMAP Daemon
   Loaded: loaded (/lib/systemd/system/courier-imap.service; enabled;
vendor preset: enabled)
   Active: inactive (dead) since Fri 2018-02-02 20:12:20 NZDT; 1 weeks 0
days ago
 Main PID: 705 (code=exited, status=0/SUCCESS)

Feb 09 21:44:44 rio systemd[1]: Dependency failed for Courier IMAP Daemon.
Feb 09 21:44:44 rio systemd[1]: courier-imap.service: Job
courier-imap.service/start failed with result 'dependency'.
Feb 09 21:45:03 rio systemd[1]: Dependency failed for Courier IMAP Daemon.
Feb 09 21:45:03 rio systemd[1]: courier-imap.service: Job
courier-imap.service/start failed with result 'dependency'.
Feb 09 21:45:09 rio systemd[1]: Dependency failed for Courier IMAP Daemon.
Feb 09 21:45:09 rio systemd[1]: courier-imap.service: Job
courier-imap.service/start failed with result 'dependency'.
Feb 09 21:45:39 rio systemd[1]: Dependency failed for Courier IMAP Daemon.
Feb 09 21:45:39 rio systemd[1]: courier-imap.service: Job
courier-imap.service/start failed with result 'dependency'.
Warning: Journal has been rotated since unit was started. Log output is
incomplete or unavailable.
dpkg: error processing package courier-imap (--configure):
 installed courier-imap package post-installation script subprocess
returned error exit status 1
Setting up courier-authdaemon (0.68.0-4+b1) ...
Job for courier-authdaemon.service failed because the service did not
take the steps required by its unit configuration.
See "systemctl status courier-authdaemon.service" and "journalctl -xe"
for details.
invoke-rc.d: initscript courier-authdaemon, action "start" failed.
* courier-authdaemon.service - Courier Authentification Daemon
   Loaded: loaded (/lib/systemd/system/courier-authdaemon.service;
disabled; vendor preset: enabled)
   Active: failed (Result: protocol) since Fri 2018-02-09 21:45:39 NZDT;
8ms ago
  Process: 4623 ExecStart=/usr/sbin/authdaemond start (code=exited,
status=0/SUCCESS)
 Main PID: 667 (code=exited, status=0/SUCCESS)

Feb 09 21:45:39 rio systemd[1]: Starting Courier Authentification Daemon...
Feb 09 21:45:39 rio systemd[1]: courier-authdaemon.service: Can't open
PID file /run/courier/authdaemon/pid (yet?) after start: No such file or
directory
Feb 09 21:45:39 rio systemd[1]: courier-authdaemon.service: Failed with
result 'protocol'.
Feb 09 21:45:39 rio systemd[1]: Failed to start Courier Authentification
Daemon.
dpkg: error processing package courier-authdaemon (--configure):
 installed courier-authdaemon package post-installation script
subprocess returned error exit status 1
Errors were encountered while processing:
 courier-pop
 courier-imap
 courier-authdaemon
E: Sub-process /usr/bin/dpkg returned an error code (1)

Setting up courier-pop (0.78.0-2+b1) ...
A dependency job for courier-pop.service failed. See 'journalctl -xe'
for details.
...

Setting up courier-authdaemon (0.68.0-4+b1) ...
Job for courier-authdaemon.service failed because the service did not
take the steps required by its unit configuration.
See "systemctl status courier-authdaemon.service" and "journalctl -xe"
for details.
invoke-rc.d: initscript courier-authdaemon, action "start" failed.
* courier-authdaemon.service - Courier Authentification Daemon
   Loaded: loaded (/lib/systemd/system/courier-authdaemon.service;
disabled; vendor preset: enabled)
   Active: failed (Result: protocol) since Fri 2018-02-09 21:45:41 NZDT;
7ms ago
  Process: 4821 ExecStart=/usr/sbin/authdaemond start (code=exited,
status=0/SUCCESS)
 Main PID: 667 (code=exited, status=0/SUCCESS)

Feb 09 21:45:41 rio systemd[1]: Starting Courier Authentification Daemon...
Feb 09 21:45:41 rio systemd[1]: courier-authdaemon.service: Can't open
PID file /run/courier/authdaemon/pid (yet?) after start: No such file or
directory
Feb 09 21:45:41 rio systemd[1]: courier-authdaemon.service: Failed with
result 'protocol'.
Feb 09 21:45:41 rio systemd[1]: Failed to start Courier Authentification
Daemon.
dpkg: error processing package courier-authdaemon (--configure):
 installed 

Bug#889751: [pkg-gnupg-maint] Bug#889751: scdaemon: BAD PIN since 2.2.4-2 upgrade

[Yves-Alexis Perez]

On Fri, 2018-02-09 at 10:10 +0100, Yves-Alexis Perez wrote:
> On Thu, 2018-02-08 at 19:47 -0500, Daniel Kahn Gillmor wrote:
> I'm adding Arnaud to the loop because he's the main developer, and I can
> actually see that the last commit (https://github.com/ANSSI-FR/SmartPGP/comm
> it
> /78d769b671e429b6e3e7b2454b869a66f269741f) seems very relevant.
> 
> So maybe the bug actually lies here rather than in scdaemon.
> > 
> > can you try rebuilding with that patch removed and testing that?  If
> > you'd prefer i upload something to experimental for you to try without
> > having to rebuild, let me know and i'll do that.
> 
> Yes, I can try a rebuild and report back, but I'll first investigate
> SmartPGP.
> 
After a quick chat with Arnaud, it seems that even though there might be fixes
to be done at the applet level, the GnuPG patch doesn't seem ready for prime
time and reverting it might be a good idea. See that thread on gnupg-devel:

https://lists.gnupg.org/pipermail/gnupg-devel/2018-February/033424.html

I did a rebuild with the patch disabled and I can confirm it fixes the issue
for me.

Regards,
-- 
Yves-Alexis

signature.asc
Description: This is a digitally signed message part

Bug#889859: [Debichem-devel] Bug#889859: chemps2: FTBFS on mipsel: test5 segfaults

[Sebastian Wouters]

Hi Michael,


> Yeah, unfortunately, mipsel is not the most stable architecture. I am
> not sure what we should do here, we can either agressively retry to
> build on mipsel until all tests pass or alternatively ignore test
> failures. I don't think it would be easy to just ignore them on mipsel,
> so that'd mean we might not catch issues going forward on other arches.
>
> We do ignore testsuite failures for several other packages, but I think
> it is way better to fail on testsuite failures and to diagnose them. In
> this case, there's probably just not much to diagnose.
>
> The final alternative would be to remove the previous mipsel binaries so
> the missing build here will not impact chemps2's testing migration.
>
>
If it's not too much trouble, I would suggest to retry the build until it
passes?

Seb

Bug#889859: [Debichem-devel] Bug#889859: chemps2: FTBFS on mipsel: test5 segfaults

[Michael Banck]

Hi,

On Fri, Feb 09, 2018 at 09:26:25AM +0100, Sebastian Wouters wrote:
> First one:
> 
> Test project /<>/obj-mipsel-linux-gnu
> Start 3: test3
> 1/3 Test #3: test3    Passed8.10 sec
> Start 5: test5
> 2/3 Test #5: test5 ***Exception: SegFault  9.37
> sec
> Start 8: test8
> 3/3 Test #8: test8 ***Exception: SegFault  6.62
> sec
> 
> 33% tests passed, 2 tests failed out of 3
> 
> Total Test time (real) =  24.11 sec
> 
> The following tests FAILED:
>   5 - test5 (SEGFAULT)
>   8 - test8 (SEGFAULT)
> 
> 
> 
> Second one:
> 
> Test project /<>/obj-mipsel-linux-gnu
> Start 3: test3
> 1/3 Test #3: test3    Passed8.38 sec
> Start 5: test5
> 2/3 Test #5: test5    Passed   19.40 sec
> Start 8: test8
> 3/3 Test #8: test8 ***Exception: SegFault  6.53
> sec
> 
> 67% tests passed, 1 tests failed out of 3
> 
> Total Test time (real) =  34.35 sec
> 
> The following tests FAILED:
>   8 - test8 (SEGFAULT)
> 
> 
> 
> Third one:
> 
> Test project /<>/obj-mipsel-linux-gnu
> Start 3: test3
> 1/3 Test #3: test3    Passed   19.01 sec
> Start 5: test5
> 2/3 Test #5: test5 ***Exception: SegFault  1.75
> sec
> Start 8: test8
> 3/3 Test #8: test8    Passed   14.19 sec
> 
> 67% tests passed, 1 tests failed out of 3
> 
> Total Test time (real) =  34.99 sec
> 
> The following tests FAILED:
>   5 - test5 (SEGFAULT)
> 
> 
> It seems that passing or seg fault seems to occur randomly.

Yeah, unfortunately, mipsel is not the most stable architecture. I am
not sure what we should do here, we can either agressively retry to
build on mipsel until all tests pass or alternatively ignore test
failures. I don't think it would be easy to just ignore them on mipsel,
so that'd mean we might not catch issues going forward on other arches.

We do ignore testsuite failures for several other packages, but I think
it is way better to fail on testsuite failures and to diagnose them. In
this case, there's probably just not much to diagnose.

The final alternative would be to remove the previous mipsel binaries so
the missing build here will not impact chemps2's testing migration.


Michael

Bug#889953: libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type

[Adrian Bunk]

On Fri, Feb 09, 2018 at 09:34:58AM +0100, Julien Yann Dutheil wrote:
> Hi,
> 
> I have committed a patch.

Thanks.

> But there are other errors like:
>...
> /usr/include/c++/7/bits/stl_iterator.h:1241:5: note: parameter passing for
> argument of type 'std::move_iterator' changed in GCC 7.1
>  __miter_base(move_iterator<_Iterator> __it)
>  ^~~~
> 
> which I am unsure how to handle...

This is not an error, this is a warning.

libbpp-phyl in unstable already has a different so-name than libbpp-phyl
in stable, so any potential stretch -> buster upgrade issues are already
covered.

> Julien.

cu
Adrian

-- 

   "Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
   "Only a promise," Lao Er said.
   Pearl S. Buck - Dragon Seed

Bug#889751: [pkg-gnupg-maint] Bug#889751: scdaemon: BAD PIN since 2.2.4-2 upgrade

[Yves-Alexis Perez]

On Thu, 2018-02-08 at 19:47 -0500, Daniel Kahn Gillmor wrote:
> Control: severity 889751 serious
> 
> Hi Corsac--
> 
> On Wed 2018-02-07 11:28:42 +0100, Yves-Alexis Perez wrote:
> > On Tue, 2018-02-06 at 20:42 +0100, Yves-Alexis Perez wrote:
> > 
> > > since the recent 2.2.4-2 upgrade, when trying to use my smartcard (auth
> > > key for SSH for example), I get:
> > > 
> > > févr. 06 20:37:35 scapa gpg-agent[1793]: scdaemon[26257]: verify CHV2
> > > failed: Bad PIN
> > > févr. 06 20:37:35 scapa gpg-agent[1793]: scdaemon[26257]: app_auth
> > > failed: Bad PIN
> > > févr. 06 20:37:35 scapa gpg-agent[1793]: smartcard signing failed: Bad
> > > PIN
> > > 
> > > even though I'm sure it's the right PIN.
> 
> ugh, i'm sorry to hear this.
> 
> > > At that point I'm a little reluctant in doing another try because it's
> > > the last one before I need to get my admin PIN.
> > 
> > Downgrading scdaemon, gpg-agent and gpgconf to 2.2.4-1 fixes the problem.
> > If
> > you need more information, please ask.
> 
> I think the main likely culprit is 
> debian/patches/scd-Support-KDF-Data-Object-of-OpenPGPcard-V3.3.patch,
> which was cherry-picked from upstream.
> 
> Can you give more detail about what specific smartcard you have?

It's the setup described on https://www.corsac.net/?rub=blog=1588 so a
JavaCard running the SmartPGP applet from https://github.com/ANSSI-FR/smartPGP

I'm adding Arnaud to the loop because he's the main developer, and I can
actually see that the last commit (https://github.com/ANSSI-FR/SmartPGP/commit
/78d769b671e429b6e3e7b2454b869a66f269741f) seems very relevant.

So maybe the bug actually lies here rather than in scdaemon.
> 
> can you try rebuilding with that patch removed and testing that?  If
> you'd prefer i upload something to experimental for you to try without
> having to rebuild, let me know and i'll do that.

Yes, I can try a rebuild and report back, but I'll first investigate SmartPGP.

Regards,
-- 
Yves-Alexis

signature.asc
Description: This is a digitally signed message part

Bug#889892: mpv: fix for CVE-2018-6360 breaks youtube playlists

[James Cowgill]

Hi,

Make sure you CC the bug number when you reply, so that other people can
see your comments.

On 08/02/18 14:26, Marc Becker wrote:
> Hello James,
> 
> newer upstream LUA code supports direct urls for playlists, v0.23 code does 
> not.
> To my knowledge our (base) code forces calls 'youtube-dl' again for each 
> playlist
> entry by adding a 'ytdl://'-prefix.
> So FOR THIS VERSION it should not be necessary to check a url when CREATING a
> playlist entry. It is certain to get to filter entries (again) due to their 
> prefix.
> 
> So in short, keep the original:
>> playlist = playlist .. "ytdl://" .. site .. "\n"
> and only filter urls that are returned directly (line 270 ff.) or added to 
> EDL playlists.
> 
> While I am aware this is against "fail early" practices it is closest
> in control flow logic to the original code and there might be cases/sites
> where the 'ytdl://' prefix is needed due to the older LUA logic.

[replied to lower down]

> Additionally:
> If somebody manages to slip in a multiline value for 'site' it's over anyway…
> Up-to-date upstream code does not really handle this either.
> Let's hope the downloader validates its input.

That probably warrants some investigation...

> Glad if I could help and please scream at me if I'm on the wrong track here.

You have been helpful - noone realized there was a regression until you
reported it :)

> Hi James,
> 
> needed too long to compose last message, and missed your
> mail(s), sorry 
> 
> The only problem would arise if there is some internal logic
> that decides to return links to some other protocol type but
> must, for some strange reason, again be handled by 'youtube-dl'.

My fix has already been uploaded now do it would be a bit of a pain to
change it :/  However, I think it is still correct. It effectively
incorporates this upstream commit, so if what I have done is wrong,
upstream has also made a mistake:
https://github.com/mpv-player/mpv/commit/1623430b200c7bf67ec19bcab13ccbe9a494d2c7

Thanks,
James



signature.asc
Description: OpenPGP digital signature

Bug#882141: closed by Scott Kitterman <sc...@kitterman.com> (Bug#882141: fixed in postfix 3.2.4-1)

[Bastian Blank]

On Fri, Feb 09, 2018 at 01:50:29AM -0500, Scott Kitterman wrote:
> Because I don't get that error when I try to replicate the condition.

So postconf does not fail for you if inet_interfaces lists an ip the
system does not currently have?

> Feb 09 01:28:58 relay02 postmulti[3783]: fatal: parameter inet_interfaces: no 
> local interface found for 1.2.3.4

According to this, postmulti errors out.  And as postconf uses the same
code, I don't see how it would succeed.

> Not sure how to replicate the error you're having.

The problem is a failing postconf/postmulti if the ip does not exists.
And while the generator is called, apart from 127.0.0.1 and ::1, _none_
exist.

Bastian

-- 
Hailing frequencies open, Captain.

Bug#889953: libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type

[Julien Yann Dutheil]

Hi,

I have committed a patch. But there are other errors like:

In file included from /usr/include/c++/7/bits/stl_algobase.h:67:0,
 from /usr/include/c++/7/bits/char_traits.h:39,
 from /usr/include/c++/7/string:40,
 from /usr/include/Bpp/Numeric/VectorExceptions.h:46,
 from /usr/include/Bpp/Numeric/VectorTools.h:43,
 from
/usr/include/Bpp/Numeric/Prob/DiscreteDistribution.h:43,
 from
/usr/include/Bpp/Io/IoDiscreteDistributionFactory.h:43,
 from
/usr/include/Bpp/Io/BppODiscreteDistributionFormat.h:43,
 from
/<>/src/Bpp/Phyl/Io/BppORateDistributionFormat.h:43,
 from
/<>/src/Bpp/Phyl/Io/BppORateDistributionFormat.cpp:40:
/usr/include/c++/7/bits/stl_iterator.h: In function 'decltype
(std::__miter_base(__it.base()))
std::__miter_base(std::move_iterator<_IteratorL>) [with _Iterator =
double*]':
/usr/include/c++/7/bits/stl_iterator.h:1241:5: note: parameter passing for
argument of type 'std::move_iterator' changed in GCC 7.1
 __miter_base(move_iterator<_Iterator> __it)
 ^~~~

which I am unsure how to handle...

Julien.

On Fri, Feb 9, 2018 at 8:41 AM, Adrian Bunk  wrote:

> Source: libbpp-phyl
> Version: 2.3.2-1
> Severity: serious
>
> https://buildd.debian.org/status/package.php?p=libbpp-phyl=sid
>
> ...
> In file included from /<>/src/Bpp/Phyl/Io/
> BppOSubstitutionModelFormat.cpp:113:0:
> /<>/src/Bpp/Phyl/Io/../Model/RegisterRatesSubstitutionModel.h:154:36:
> error: invalid covariant return type for 'virtual std::vector int> bpp::RegisterRatesSubstitutionModel::getModelStates(int) const'
>  std::vector getModelStates(int i) const
> ^~
> In file included from /<>/src/Bpp/Phyl/Io/../Model/Codon/../
> AbstractBiblioSubstitutionModel.h:44:0,
>  from /<>/src/Bpp/Phyl/
> Io/../Model/Codon/MG94.h:43,
>  from /<>/src/Bpp/Phyl/Io/
> BppOSubstitutionModelFormat.cpp:50:
> /<>/src/Bpp/Phyl/Io/../Model/Codon/../AbstractWrappedModel.h:77:25:
> error:   overriding 'virtual std::vector
> bpp::AbstractWrappedModel::getModelStates(int) const'
>  std::vector getModelStates(int code) const { return
> getModel().getModelStates(code); }
>  ^~
>
>


-- 
Julien Y. Dutheil, Ph-D
0 (+49) 4522 763 298

§ Max Planck Institute for Evolutionary Biology
Molecular Systems Evolution
Department of Evolutionary Genetics
Plön -- GERMANY

§ Institute of Evolutionary Sciences - Montpellier
University of Montpellier 2 -- FRANCE

Bug#889859: chemps2: FTBFS on mipsel: test5 segfaults

[Sebastian Wouters]

Dear Aaron,

Of the three build logs [1]:

First one:

Test project /<>/obj-mipsel-linux-gnu
Start 3: test3
1/3 Test #3: test3    Passed8.10 sec
Start 5: test5
2/3 Test #5: test5 ***Exception: SegFault  9.37
sec
Start 8: test8
3/3 Test #8: test8 ***Exception: SegFault  6.62
sec

33% tests passed, 2 tests failed out of 3

Total Test time (real) =  24.11 sec

The following tests FAILED:
  5 - test5 (SEGFAULT)
  8 - test8 (SEGFAULT)



Second one:

Test project /<>/obj-mipsel-linux-gnu
Start 3: test3
1/3 Test #3: test3    Passed8.38 sec
Start 5: test5
2/3 Test #5: test5    Passed   19.40 sec
Start 8: test8
3/3 Test #8: test8 ***Exception: SegFault  6.53
sec

67% tests passed, 1 tests failed out of 3

Total Test time (real) =  34.35 sec

The following tests FAILED:
  8 - test8 (SEGFAULT)



Third one:

Test project /<>/obj-mipsel-linux-gnu
Start 3: test3
1/3 Test #3: test3    Passed   19.01 sec
Start 5: test5
2/3 Test #5: test5 ***Exception: SegFault  1.75
sec
Start 8: test8
3/3 Test #8: test8    Passed   14.19 sec

67% tests passed, 1 tests failed out of 3

Total Test time (real) =  34.99 sec

The following tests FAILED:
  5 - test5 (SEGFAULT)


It seems that passing or seg fault seems to occur randomly.

Best wishes,
Sebastian

[1]
https://buildd.debian.org/status/logs.php?pkg=chemps2=1.8.5-1=mipsel

Bug#889953: libbpp-phyl FTBFS on 32bit: RegisterRatesSubstitutionModel.h:154:36: error: invalid covariant return type

[Adrian Bunk]

Source: libbpp-phyl
Version: 2.3.2-1
Severity: serious

https://buildd.debian.org/status/package.php?p=libbpp-phyl=sid

...
In file included from 
/<>/src/Bpp/Phyl/Io/BppOSubstitutionModelFormat.cpp:113:0:
/<>/src/Bpp/Phyl/Io/../Model/RegisterRatesSubstitutionModel.h:154:36:
 error: invalid covariant return type for 'virtual std::vector bpp::RegisterRatesSubstitutionModel::getModelStates(int) const'
 std::vector getModelStates(int i) const
^~
In file included from 
/<>/src/Bpp/Phyl/Io/../Model/Codon/../AbstractBiblioSubstitutionModel.h:44:0,
 from /<>/src/Bpp/Phyl/Io/../Model/Codon/MG94.h:43,
 from 
/<>/src/Bpp/Phyl/Io/BppOSubstitutionModelFormat.cpp:50:
/<>/src/Bpp/Phyl/Io/../Model/Codon/../AbstractWrappedModel.h:77:25:
 error:   overriding 'virtual std::vector 
bpp::AbstractWrappedModel::getModelStates(int) const'
 std::vector getModelStates(int code) const { return 
getModel().getModelStates(code); }
 ^~

Bug#889859: chemps2: FTBFS on mipsel: test5 segfaults

[Sebastian Wouters]

Dear Aaron,

To be honest, I haven't got the fogiest.

On other architectures, it works fine. And test5 hasn't been individually
changed since v1.8 was released (24 Aug 2016):

https://github.com/SebWouters/CheMPS2/commits/master/tests/test5.cpp.in
https://github.com/SebWouters/CheMPS2/releases

Could it be that it was an individual accidental seg fault, which doesn't
re-occur upon running another time?

Best wishes,
Sebastian