Bug#931896: grub-efi-amd64: symbol `grub_file_filters` not found

[dirdi]

Package: grub-pc
Followup-For: Bug #931896

I ran into this bug, too. The values of all set variables (prefix, root)
seemed to be sane and "ls $prefix/i386-pc" returned a list of *.mod files as
expected. However, when I tried to load the "normal" module, the error was
risen again:

> grub rescue> insmod normal
> error: symbol 'grub_file_filters' not found.

Hence, I do not think that this is caused by a misconfiguration of some path
variable. Downgrading to 2.02+dfsg1-20 resvoled the issue for me, too.

apt log snippet:
> Preparing to unpack .../19-grub-pc_2.04-1_amd64.deb ...
> Unpacking grub-pc (2.04-1) over (2.02+dfsg1-20) ...
> Preparing to unpack .../20-grub2-common_2.04-1_amd64.deb ...
> Unpacking grub2-common (2.04-1) over (2.02+dfsg1-20) ...
> Preparing to unpack .../21-grub-pc-bin_2.04-1_amd64.deb ...
> Unpacking grub-pc-bin (2.04-1) over (2.02+dfsg1-20) ...
> Preparing to unpack .../22-grub-common_2.04-1_amd64.deb ...
> Unpacking grub-common (2.04-1) over (2.02+dfsg1-20) ...
> ...
> Setting up grub-common (2.04-1) ...
> Installing new version of config file /etc/grub.d/00_header ...
> Installing new version of config file /etc/grub.d/10_linux ...
> Installing new version of config file /etc/grub.d/20_linux_xen ...
> ...
> Setting up grub2-common (2.04-1) ...
> Setting up grub-pc-bin (2.04-1) ...
> Setting up grub-pc (2.04-1) ...
> Installing for i386-pc platform.
> grub-install: warning: File system `ext2' doesn't support embedding.
> grub-install: warning: Embedding is not possible.  GRUB can only be
> installed in this setup by using blocklists.  However, blocklists are
> UNRELIABLE and their use is discouraged..
> Installation finished. No error reported.
> Generating grub configuration file ...
> Found background image: .background_cache.png
> Found linux image: /boot/vmlinuz-4.19.0-5-amd64
> Found initrd image: /boot/initrd.img-4.19.0-5-amd64
> Found linux image: /boot/vmlinuz-4.19.0-4-amd64
> Found initrd image: /boot/initrd.img-4.19.0-4-amd64
> done

Processed: fix severity

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> severity 932185 serious
Bug #932185 [auto-multiple-choice] auto-multiple-choice depends on cruft 
package.
Severity set to 'serious' from 'normal'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
932185: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932185
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#932643: marked as done (cryptsetup upgrade causes cryptsetup-initramfs autoremoval and boot failure)

[Debian Bug Tracking System]

Your message dated Mon, 22 Jul 2019 01:19:27 +
with message-id 
and subject line Bug#932643: fixed in cryptsetup 2:2.1.0-7
has caused the Debian Bug report #932643,
regarding cryptsetup upgrade causes cryptsetup-initramfs autoremoval and boot 
failure
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
932643: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932643
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: cryptsetup
Version: 2:2.1.0-6
Severity: critical
Justification: breaks the whole system

Dear Maintainer,

upgrading cryptsetup from 2:2.1.0-5 to 2:2.1.0-6 causes autoremoval of
cryptsetup-initramfs and consequent failure to boot from LUKS/LVM.

Workaround is to boot previous kernel (with unaffected initramfs) and repair
latest initramfs with:

apt-get install cryptsetup-initramfs

Kind regards,
Ben.



-- Package-specific info:

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages cryptsetup depends on:
ii  cryptsetup-bin 2:2.1.0-6
ii  debconf [debconf-2.0]  1.5.72
ii  dmsetup2:1.02.155-3
ii  libc6  2.28-10

cryptsetup recommends no packages.

Versions of packages cryptsetup suggests:
ii  dosfstools  4.1-2
pn  keyutils
ii  liblocale-gettext-perl  1.07-3+b4

-- debconf information excluded
--- End Message ---
--- Begin Message ---
Source: cryptsetup
Source-Version: 2:2.1.0-7

We believe that the bug you reported is fixed in the latest version of
cryptsetup, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 932...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Guilhem Moulin  (supplier of updated cryptsetup package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 21 Jul 2019 21:21:10 -0300
Source: cryptsetup
Architecture: source
Version: 2:2.1.0-7
Distribution: unstable
Urgency: low
Maintainer: Debian Cryptsetup Team 

Changed-By: Guilhem Moulin 
Closes: 932625 932643
Changes:
 cryptsetup (2:2.1.0-7) unstable; urgency=low
 .
   * debian/cryptsetup.NEWS: Mention the 'cryptsetup' and 'cryptsetup-run'
 package swap.
   * debian/control: Add 'cryptsetup-initramfs' to 'cryptsetup's Recommends:,
 so upgrading systems pull it automatically on upgrade.  (cryptsetup
 <2:2.1.0-6 was a dummy transitional package depending on cryptsetup-run
 and cryptsetup-initramfs.)  Closes: #932643.
   * debian/control: Add 'cryptsetup-run' to 'cryptsetup's Recommends.  This
 avoids it being removed by `apt upgrade --autoremove` from <2:2.1.0-6,
 thus avoids the old cryptsetup-run's prerm script showing a scary (but
 moot) warning.  After upgrading the prerm script is gone and the package
 can be removed without troubles, so we can get rid of it after Bullseye.
 (Closes: #932625.)
   * cryptsetup-initramfs: Add loud warning upon "prerm remove" if there are
 mapped crypt devices (like for cryptsetup.prerm).
Checksums-Sha1:
 dc6962ef9e5d0ec0b4fce0ef9364ef92edfdd57d 2819 cryptsetup_2.1.0-7.dsc
 38a6811ebfa560d05c15ee5893553e064e39b431 110272 
cryptsetup_2.1.0-7.debian.tar.xz
 4b3f1049066277ffa3b1a26647e52b0d4590e56a 9539 
cryptsetup_2.1.0-7_amd64.buildinfo
Checksums-Sha256:
 dfd7906fb341973e3cdda8c271c4de368b3ca15c11d1ebd43c1c37a862802f9a 2819 
cryptsetup_2.1.0-7.dsc
 e3b79457dc286cf4240f720947472c2721a82744a07ce3e6fec7e245b1401f9f 110272 
cryptsetup_2.1.0-7.debian.tar.xz
 c321d2d6a78dc02c9edef0e76dd590ebd557b201f2715ca2f2390f313cd94458 9539 
cryptsetup_2.1.0-7_amd64.buildinfo
Files:
 5e3ab99d946245d63e4d3269de688699 2819 admin optional cryptsetup_2.1.0-7.dsc
 5adc7bc7d91aa582f8f809c0775f4250 110272 admin optional 
cryptsetup_2.1.0-7.debian.tar.xz
 abe4c4567bb5b90a620a69cc425c1376 9539 admin optional 
cryptsetup_2.1.0-7_amd64.buildinfo

-BEGIN PGP SIGNATURE-

Bug#932643: [pkg-cryptsetup-devel] Bug#932643: cryptsetup upgrade causes cryptsetup-initramfs autoremoval and boot failure

[Guilhem Moulin]

On Mon, 22 Jul 2019 at 11:37:24 +1200, Ben Caradoc-Davies wrote:
> cryptsetup 2:2.1.0-6 has no dependency on cryptsetup-initramfs so the
> latter will be autoremoved if only cryptsetup was marked manual by the
> installer.

Ooops.  We don't want ‘cryptsetup’ to hard-depend on ‘cryptsetup-initramfs’,
as that would make the 2:2.0.3-1 package split moot.  I just uploaded
2:2.1.0-7 where ‘cryptsetup’ *Recommends* ‘cryptsetup-initramfs’, which
is enough to convince APT not to auto-remove the latter upon `apt
upgrade --autoremove`.

In addition, I added a NEWS entry (forgot to do it for 2:2.1.0-6…) and
the prerm script now triggers a loud warning upon package removal if
there are mapped crypt devices.

-- 
Guilhem.


signature.asc
Description: PGP signature

Bug#932643: cryptsetup upgrade causes cryptsetup-initramfs autoremoval and boot failure

[Ben Caradoc-Davies]

And I should mention the precise symptoms: at boot, there is no Plymouth 
passphrase entry and the console displays error messages about not being 
able to mount the volume group.


cryptsetup 2:2.1.0-5 had the following:
Depends: cryptsetup-initramfs (>= 2:2.0.3-1), cryptsetup-run (>= 2:2.0.3-1)

cryptsetup 2:2.1.0-6 has no dependency on cryptsetup-initramfs so the 
latter will be autoremoved if only cryptsetup was marked manual by the 
installer.


The affected sid system was installed with a testing installer in April 
2017. I do not know what the current installer marks as manual for 
LUKS/LVM installations but the affected system had only cryptsetup 
marked as manual and was relying on its Depends: cryptsetup-initramfs to 
boot.


Kind regards,

--
Ben Caradoc-Davies 
Director
Transient Software Limited 
New Zealand

Bug#932703: ifeffit (contrib) b-d's on pgplot5 (non-free) and ftbfs

[Matthias Klose]

Package: src:ifeffit
Version: 2:1.2.11d-10.2
Severity: serious
Tags: sid buster bullseye

ifeffit (contrib) b-d's on pgplot5 (non-free) and ftbfs.

This is also seen in the buster release.

Bug#932507: marked as done (python-crontab (build-)depends on cruft package.)

[Debian Bug Tracking System]

Your message dated Mon, 22 Jul 2019 00:21:49 +
with message-id 
and subject line Bug#932507: fixed in python-crontab 1.9.3-3
has caused the Debian Bug report #932507,
regarding python-crontab (build-)depends on cruft package.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
932507: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932507
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

package: python-crontab
severity: serious
version: 1.9.3-2
tags: bullseye,sid

python-crontab (build-)depends on the python-croniter binary package which is 
no longer built by the python-croniter source package.

It's probablly time to drop python 2 support from your package.
--- End Message ---
--- Begin Message ---
Source: python-crontab
Source-Version: 1.9.3-3

We believe that the bug you reported is fixed in the latest version of
python-crontab, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 932...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Goirand  (supplier of updated python-crontab package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Mon, 22 Jul 2019 01:34:59 +0200
Source: python-crontab
Architecture: source
Version: 1.9.3-3
Distribution: unstable
Urgency: medium
Maintainer: Jordan Metzmeier 
Changed-By: Thomas Goirand 
Closes: 932507
Changes:
 python-crontab (1.9.3-3) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Removed Python 2 support (Closes: #932507).
   * Update (build-)dependency versions after the Buster release.
Checksums-Sha1:
 aaf77181b32f29550bbebfa39aa5fae3594f01a4 2096 python-crontab_1.9.3-3.dsc
 95067cfbdb950d9eda457d8cc8045cefa256c67f 2956 
python-crontab_1.9.3-3.debian.tar.xz
 6d0cf77388125710985d89faee20547338d3e653 6365 
python-crontab_1.9.3-3_amd64.buildinfo
Checksums-Sha256:
 3bda468657964957571d737cc66c15c4cec95df02c1ba9c8be205a0f35d6455d 2096 
python-crontab_1.9.3-3.dsc
 a441f14c457e81df8e2fe42e9d63f615a965f20770137bfc72cd39dee4be 2956 
python-crontab_1.9.3-3.debian.tar.xz
 3db995790c7a6f9badb3cce062fcc43ff96843983183e89b7af317f97c930ea4 6365 
python-crontab_1.9.3-3_amd64.buildinfo
Files:
 6b102e23491e113dd99d5294e4e239fe 2096 python optional 
python-crontab_1.9.3-3.dsc
 62608bfa50348604e7b43458635a66e9 2956 python optional 
python-crontab_1.9.3-3.debian.tar.xz
 d165e9620d547e7ecfb8bf5a6d7912a5 6365 python optional 
python-crontab_1.9.3-3_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAl009+8ACgkQ1BatFaxr
Q/71Dg/+MxKLe73cCkRrRQIgoju+tEWZGkpOHIB/KBOJpRlGLDTzy4HWm6or5dV/
Kc5tkDURPli+8f5LBuLqwBPCgJeXKPkBq3D/Qs2TUsvWRsczqDdpa3SdKLGcD5Rx
lzE8S7TVhynRigXwuvPIvMFP9fc32Ap39s2QNKGQ+JnC/5IyVgfjsKrkFz1vwdGv
reSYC5gTPBAZvarYloRzVnOyPqWu6HOS2TAFMOkMAnN/zFelljL9n1UVcsVzBd1W
iQTSECu7LrJWRXSf4kudRKD9jV/1QQAU78zZm1oTvQwzgThuWRLF+1XW8xtrjgU5
3szNSZF7UBz5+FgL9rN63FjTTAfahtVuTVysq69axl9fpa2/Hyvg6tGK65CIrk3y
gccJlNYtxCN+T8YdpzTERuImeGvoOi0YHzxUbS10n1c0+hE1x4NpRmJQgjd615zT
yE9lVKJXIj2NX7bObhE73GebWZ2ur+n3P57nSyON11VXniG4/aokcNmN0O9Yg+9C
/VVgLIHXNsFSnRQMDuVaWLkdRvMoo+F1HKQ1Rb4Mp6DXjBg/ZnUWF2VGerXi478H
pXULQmV+2IVmv5xNq/WlsJF47+vqYBk42GIqmE0d/K6lDffoGAo94Dbh6rRunP82
uUa34XumxAxW1VEoK8XytWtYJ9xNS9lT3tAnT8qCrAIOSTE7qjA=
=4lY4
-END PGP SIGNATURE End Message ---

Bug#928893: marked as done (gnome-disk-utility: disk content permanently lost when changing LUKS password)

[Debian Bug Tracking System]

Your message dated Mon, 22 Jul 2019 00:17:08 +
with message-id 
and subject line Bug#928893: fixed in libblockdev 2.20-7+deb10u1
has caused the Debian Bug report #928893,
regarding gnome-disk-utility: disk content permanently lost when changing LUKS 
password
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
928893: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928893
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gnome-disk-utility
Version: 3.30.2-3
Severity: important

Dear Maintainer,

   * What led up to the situation?

Install system using normal full disk encryption LUKS+Ext4.
After install open gnome-disk-utility and change
encryption password. It gives some error dialog and
now you are royally screwed. It deleted the only
LUKS keyslot. Cannot add new keyslots because of that.
All data will be lost after reboot.

Here is output of luksdump:

udo cryptsetup luksDump /dev/sda5
LUKS header information
Version:2
Epoch:  4
Metadata area:  16384 [bytes]
Keyslots area:  1678 [bytes]
UUID:   3c16ad4c-294c-4547-bf3e-bb8864ba5ea3
Label:  (no label)
Subsystem:  (no subsystem)
Flags:  (no flags)

Data segments:
  0: crypt
offset: 16777216 [bytes]
length: (whole device)
cipher: aes-xts-plain64
sector: 512 [bytes]

Keyslots:
Tokens:
Digests:
  0: pbkdf2
Hash:   sha256
Iterations: 59904
Salt:   XX XX XX XX XX 
Digest: XX XX XX XX XX ...



I changed salt and digest. No Keyslots are present!!!

I tried this 2 times in a row with new install,
exactly same result.



-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.0.8-xanmod5 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8), 
LANGUAGE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnome-disk-utility depends on:
ii  dconf-gsettings-backend [gsettings-backend]  0.30.1-2
ii  libatk1.0-0  2.30.0-2
ii  libc62.28-10
ii  libcairo21.16.0-4
ii  libcanberra-gtk3-0   0.30-7
ii  libdvdread4  6.0.1-1
ii  libgdk-pixbuf2.0-0   2.38.1+dfsg-1
ii  libglib2.0-0 2.58.3-1
ii  libgtk-3-0   3.24.5-1
ii  liblzma5 5.2.4-1
ii  libnotify4   0.7.7-4
ii  libpango-1.0-0   1.42.4-6
ii  libpangocairo-1.0-0  1.42.4-6
ii  libpwquality11.4.0-3
ii  libsecret-1-00.18.7-1
ii  libsystemd0  241-3
ii  libudisks2-0 2.8.1-4
ii  udisks2  2.8.1-4

gnome-disk-utility recommends no packages.

gnome-disk-utility suggests no packages.

-- no debconf information
--- End Message ---
--- Begin Message ---
Source: libblockdev
Source-Version: 2.20-7+deb10u1

We believe that the bug you reported is fixed in the latest version of
libblockdev, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 928...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Biebl  (supplier of updated libblockdev package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sat, 20 Jul 2019 23:18:18 +0200
Source: libblockdev
Architecture: source
Version: 2.20-7+deb10u1
Distribution: buster
Urgency: medium
Maintainer: Utopia Maintenance Team 

Changed-By: Michael Biebl 
Closes: 928893
Changes:
 libblockdev (2.20-7+deb10u1) buster; urgency=medium
 .
   [ intrigeri ]
   * Use existing cryptsetup API for changing keyslot passphrase.
 Cherry-pick upstream fix to use 

Bug#932632: marked as done (d-shlibs needs an update for libreadline8, causing other packages ftbfs)

[Debian Bug Tracking System]

Your message dated Sun, 21 Jul 2019 23:34:41 +
with message-id 
and subject line Bug#932632: fixed in d-shlibs 0.85
has caused the Debian Bug report #932632,
regarding d-shlibs needs an update for libreadline8, causing other packages 
ftbfs
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
932632: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932632
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: d-shlibs
Version: 0.84
Severity: serious
Tags: sid bullseye

as seen with the receent fontforge binNMUs, d-shlibs needs an update for 
readline8.

dh_installgsettings -plibfontforge2
d-shlibmove --commit \
--devunversioned \
--exclude-la \
--extralib debian/tmp/x/usr/lib/libgioftp.so \
--extralib debian/tmp/x/usr/lib/libgunicode.so \
--extralib debian/tmp/x/usr/lib/libgutils.so \
--movedev "debian/tmp/x/usr/include/*" usr/include/ \
--movedev "debian/tmp/x/usr/lib/pkgconfig/*.pc" usr/lib/pkgconfig \
--override s/libfontforge2-dev/libfontforge-dev/ \
debian/tmp/x/usr/lib/libfontforge.so
Library package automatic movement utility
 --> libcairo2-dev package exists.
 --> libfontconfig1-dev package exists.
 --> libfontforge-dev package from same source package.
 --> libfreetype6-dev package exists.
 --> libgif-dev package exists.
 --> libglib2.0-dev package exists.
 --> libice-dev package exists.
 --> libjpeg-dev package exists.
 --> libltdl7-dev is provided by a package.
 --> libpango1.0-dev package exists.
 --> libpng-dev package exists.
 --> libpython-dev package exists.
devlibs error: There is no package matching [libreadline8-dev] and noone
provides it, please report bug to d-shlibs maintainer
 --> libsm-dev package exists.
 --> libspiro-dev package exists.
 --> libtiff5-dev package exists.
 --> libuninameslist-dev package exists.
 --> libx11-dev package exists.
 --> libxft-dev package exists.
 --> libxml2-dev package exists.
 --> zlib1g-dev package exists.
make: *** [debian/rules:63: debian/stamp-local-shlibs-libfontforge] Error 1
dpkg-buildpackage: error: fakeroot debian/rules binary-arch subprocess returned
exit status 2
--- End Message ---
--- Begin Message ---
Source: d-shlibs
Source-Version: 0.85

We believe that the bug you reported is fixed in the latest version of
d-shlibs, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 932...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonas Smedegaard  (supplier of updated d-shlibs package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 21 Jul 2019 20:27:13 -0300
Source: d-shlibs
Binary: d-shlibs
Architecture: source all
Version: 0.85
Distribution: unstable
Urgency: medium
Maintainer: Jonas Smedegaard 
Changed-By: Jonas Smedegaard 
Description:
 d-shlibs   - Debian shared library package building helper scripts
Closes: 932632
Changes:
 d-shlibs (0.85) unstable; urgency=medium
 .
   * Add xlibmesa-gl quirk.
   * Relax readline quirk to cover API 8. Closes:
 Bug#932632. Thanks to Matthias Klose.
   * Declare compliance with Debian Policy 4.4.0.
Checksums-Sha1:
 330ffc87f7d5865d9770399d7114c5629c7576ce 1629 d-shlibs_0.85.dsc
 df1dbf2d006078863b4e997a3f5468fc3997d53b 24436 d-shlibs_0.85.tar.xz
 7ddfc4f2001c5deb155e7ae83b9d18f7244522a4 17312 d-shlibs_0.85_all.deb
 7b144c15de2d041e7fc207a83aa498b13dfdbbbf 5353 d-shlibs_0.85_amd64.buildinfo
Checksums-Sha256:
 402e20e91e04e8b7b39dfbe3e43746c086f0445141d394e45b18b8e035d8ab8b 1629 
d-shlibs_0.85.dsc
 3c549cd8fc2b69584a526c4615a94b48c955c04385f9819bd974f84f6ff99c67 24436 
d-shlibs_0.85.tar.xz
 7b5aeb97e5427902de53f935a23f85692855d48df2e48ff8fe6406e146507d78 17312 
d-shlibs_0.85_all.deb
 e80e3cc8c0b4ed165f569d5fd74dc46a22dc8a4550e910ba686099671312749d 5353 
d-shlibs_0.85_amd64.buildinfo
Files:
 7f3c512c75cf25bccfec4f2a7405de31 1629 utils optional d-shlibs_0.85.dsc
 89b929188c27cb3ec81c3b496130965b 24436 utils optional d-shlibs_0.85.tar.xz
 68a59488ecba8fa96dfa6dbc44f5bbe2 17312 utils optional d-shlibs_0.85_all.deb
 a31d8297bb8a36b5af132bab2d264af9 5353 utils optional 
d-shlibs_0.85_amd64.buildinfo

-BEGIN PGP 

Bug#932582: anbox: ignores mouse input

[Shengjing Zhu]

Control: severity -1 important

On Sun, Jul 21, 2019 at 5:09 AM Phil Morrell  wrote:
>
> Package: anbox
> Version: 0.0~git20190124-1
> Severity: grave
> Justification: renders package unusable
>
> I am able to launch the android apps from the desktop menu, but cannot
> interact other than moving the window around and fullscreening.
>
> I thought this was reported upstream as [#780], but the fix was merged
> in [bbf05d8f3] on 2019-01-06 and so included in the debian version.
>
> [#780]: https://github.com/anbox/anbox/issues/780
> [bbf05d8f3]: 
> https://github.com/anbox/anbox/commit/bbf05d8f3267ef5fb102525c372183aaa83df830

Please remember anbox is still in alpha stage. This problem may be
related to hardware/driver/desktop, so I don't how can I help you.
Maybe you can try snap version, then if it works, we can figure it out
what's wrong in the debian version.
P.S. the snap version has a software emulation mode, which is not
available in debian version, but it would help if you hardware is
doing something weird.


--
Shengjing Zhu

Processed: Re: Bug#932582: anbox: ignores mouse input

[Debian Bug Tracking System]

Processing control commands:

> severity -1 important
Bug #932582 [anbox] anbox: ignores mouse input
Severity set to 'important' from 'grave'

-- 
932582: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932582
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#931140: lsat: probably obsolete

[Moritz Mühlenhoff]

On Wed, Jun 26, 2019 at 11:31:03PM +0200, Ivo De Decker wrote:
> package: lsat
> severity: serious
> 
> Hi,
> 
> lsat claims to be a 'security auditor tool':
> 
> "The Linux Security Auditing Tool (LSAT) is a post install security auditor
> for Linux/Unix. It checks many system configurations and local network
> settings on the system for common security/config errors and for packages that
> are not needed."
> 
> However, the last maintainer upload was in 2009, so I guess this package
> probably cannot give any useful security information.

I just filed a removal bug.

Cheers,
Moritz

Bug#904557: marked as done (checkgmail: Please remove dependency on libgtk2-trayicon-perl)

[Debian Bug Tracking System]

Your message dated Sun, 21 Jul 2019 21:07:34 +
with message-id 
and subject line Bug#932233: Removed package(s) from unstable
has caused the Debian Bug report #904557,
regarding checkgmail: Please remove dependency on libgtk2-trayicon-perl
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
904557: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904557
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: checkgmail
Severity: important
Version: 1.13+svn43-4
X-Debbugs-Cc: hialomu...@gmail.com, mo...@debian.org

checkgmail is the reverse-dependency of libgtk2-trayicon-perl, which
I'd rather not ship in Buster (I've just filed a RC bug to this end:
#904556).

It looks like CheckGmail has been dead upstream since a while and the
package is orphaned in Debian. popcon is very low (11 votes).
According to other bug reports, the program does not even work without
being modified.

Is anyone interested to port CheckGmail to current technologies
or investigating whether one of the forks mentioned on #772456
have been ported already?
If not, besides not shipping it in Buster, I would suggest we simply
remove the package from the archive.
--- End Message ---
--- Begin Message ---
Version: 1.13+svn43-4+rm

Dear submitter,

as the package checkgmail has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/932233

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#912871: marked as done (Depends on libgtk2-perl, that won't be part of Bullseye)

[Debian Bug Tracking System]

Your message dated Sun, 21 Jul 2019 21:07:34 +
with message-id 
and subject line Bug#932233: Removed package(s) from unstable
has caused the Debian Bug report #912871,
regarding Depends on libgtk2-perl, that won't be part of Bullseye
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
912871: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912871
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: checkgmail
Severity: normal
User: debian-p...@lists.debian.org
Usertags: gtk2-removal

Hi!

This package depends on libgtk2-perl, that I intend to remove
from testing soon after the Buster release, and then from sid at
some later point during the Bullseye development cycle:

   https://bugs.debian.org/912860

Please get in touch with the upstream project and suggest they
port this application to libgtk3-perl. I've personally ported
a couple Perl GTK+ apps from 2.x to 3.x and it's rather
straightforward. Upstream for the GTK+ 3 and GObject
Introspection Perl bindings is responsive and happy to add
missing bits to the bindings.

Alternatively, as suggested on #904557 a few months ago,
I think this package should be removed from the archive.

Cheers!
-- 
intrigeri
--- End Message ---
--- Begin Message ---
Version: 1.13+svn43-4+rm

Dear submitter,

as the package checkgmail has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/932233

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#885675: marked as done (xacobeo: Depends on unmaintained gtksourceview2)

[Debian Bug Tracking System]

Your message dated Sun, 21 Jul 2019 21:07:00 +
with message-id 
and subject line Bug#932221: Removed package(s) from unstable
has caused the Debian Bug report #885675,
regarding xacobeo: Depends on unmaintained gtksourceview2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
885675: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885675
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: xacobeo
Version: 0.15.13
Severity: important
User: pkg-gnome-maintain...@lists.alioth.debian.org
Usertags: oldlibs gtksourceview2
Tags: sid buster

As announced [1], we do not intend to release Debian 10 "Buster" with
the old libgnome (and related) libraries. These libraries have been
deprecated and unmaintained for several years.

Your package depends on gtksourceview2 (via libgtk2-sourceview2-perl).
gtksourceview2 has not had a new release since 2010.

Please port your package to GTK3 and gtksourceview3 and related
maintained libraries. Otherwise, please consider requesting that your
package be removed from Debian to help us complete this goal.

[1] https://lists.debian.org/debian-devel/2017/10/msg00299.html

On behalf of the Debian GNOME team,
Jeremy Bicha
--- End Message ---
--- Begin Message ---
Version: 0.15-3+rm

Dear submitter,

as the package xacobeo has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/932221

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmas...@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---

Bug#932351: marked as done (gnubg: Crashes on launch)

[Debian Bug Tracking System]

Your message dated Sun, 21 Jul 2019 21:00:53 +
with message-id 
and subject line Bug#932351: fixed in gnubg 1.06.002-2
has caused the Debian Bug report #932351,
regarding gnubg: Crashes on launch
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
932351: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932351
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: gnubg
Version: 1.06.002-1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

gnubg crashes on launch on debian buster with the following message:
 *** buffer overflow detected ***: gnubg terminated

I got the same result on two different machines, over Wayland and X11.



-- System Information:
Debian Release: 10.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8), 
LANGUAGE=es_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnubg depends on:
ii  debconf [debconf-2.0]   1.5.71
ii  gnubg-data  1.06.002-1
ii  libc6   2.28-10
ii  libcairo2   1.16.0-4
ii  libcanberra-gtk00.30-7
ii  libcanberra00.30-7
ii  libcurl47.64.0-4
ii  libfreetype62.9.1-3
ii  libgdk-pixbuf2.0-0  2.38.1+dfsg-1
ii  libgl1  1.1.0-1
ii  libglib2.0-02.58.3-2
ii  libglu1-mesa [libglu1]  9.0.0-2.1+b3
ii  libgmp102:6.1.2+dfsg-4
ii  libgtk2.0-0 2.24.32-3
ii  libgtkglext11.2.0-9
ii  libpango-1.0-0  1.42.4-6
ii  libpangocairo-1.0-0 1.42.4-6
ii  libpng16-16 1.6.36-6
ii  libpython2.72.7.16-2
ii  libreadline77.0-5
ii  libsqlite3-03.27.2-3

gnubg recommends no packages.

Versions of packages gnubg suggests:
ii  sensible-utils  0.0.12

-- debconf information:
  gnubg/build-bearoffs: true
--- End Message ---
--- Begin Message ---
Source: gnubg
Source-Version: 1.06.002-2

We believe that the bug you reported is fixed in the latest version of
gnubg, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 932...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Russ Allbery  (supplier of updated gnubg package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Sun, 21 Jul 2019 12:15:00 -0700
Source: gnubg
Architecture: source
Version: 1.06.002-2
Distribution: unstable
Urgency: medium
Maintainer: Russ Allbery 
Changed-By: Russ Allbery 
Closes: 932351
Changes:
 gnubg (1.06.002-2) unstable; urgency=medium
 .
   * Increase the size of static buffers used to build messages during
 program start so that the Spanish translation doesn't overflow a
 buffer.  (Closes: #932351)
   * Change upstream homepage to the gnu.org page, since www.gnubg.org has
 been taken down at least temporarily.
   * Update to debhelper compatibility level V11.
 - Depend on debhelper-compat instead of using debian/compat.
   * Update standards version to 4.4.0 (no changes required).
Checksums-Sha1:
 02e427dbc5831fe669432865f109406df9bda638 1988 gnubg_1.06.002-2.dsc
 3b0af20d40f6249bac7ce59fef7f0256fa3120da 25080 gnubg_1.06.002-2.debian.tar.xz
Checksums-Sha256:
 0f40403a2f13bcd1c43e879f3f22cdaf077734161c45c8ef48a789c3de3614ae 1988 
gnubg_1.06.002-2.dsc
 3630de33dbb73ad01549f3ed11a3762ee04a669fa4924e61b3908bd266a3ab2b 25080 
gnubg_1.06.002-2.debian.tar.xz
Files:
 5a3a13f370d1a6168a9d7c238a1c90a0 1988 games optional gnubg_1.06.002-2.dsc
 a18e7cff654400f36c6f6cba70b961e0 25080 games optional 
gnubg_1.06.002-2.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEE1zk0tJZ0z1zNmsJ4fYAxXFc23nUFAl00vAwACgkQfYAxXFc2
3nW7Pwf+PdwgLFK3rIcN9QMTBWqVDt2gdCx+msSnOotOht+Z2HY0JmUoZsPglaiP
U0aewZJ5jMRKX8C0iO8U246TOx4TQobhjqhawE8PURzcdKHKU1k7SledmtuFG5Uy
F+Cc3iy29o5JWGt6d2jFY3kORsVenXsSfiEqcoPHowNkQ2r4T/ja8m7wuO4N/RVP
51x41s5raoBrThBNMSR2wNmGI82oE6y95G66cfgA9TqSr0joZ4fZ6jn+gdFHVylf
mzFbtYjmTsSM9mSlge0dReIyczUHu0LnfCyTR/i9AjFszz5CmxHp13aX2CKfsyOK

Bug#928893: gnome-disk-utility: disk content permamently lost when changing LUKS password

[Guilhem Moulin]

On Sun, 21 Jul 2019 at 22:40:38 +0200, Michael Biebl wrote:
> I already uploaded 2.20-7+deb10u1 with this changelog, so it's not
> really possible anymore to undo this other then making a 2.20-7+deb10u2
> upload, which seems like overkill to me.
> I don't think the changelog is that misleading that we need another
> upload fixing it.

Ack, agreed

-- 
Guilhem.


signature.asc
Description: PGP signature

Bug#928893: gnome-disk-utility: disk content permamently lost when changing LUKS password

[Michael Biebl]

Hi

Am 21.07.19 um 21:58 schrieb Guilhem Moulin:

> Now that libblockdev uses crypt_keyslot_change_by_passphrase() there is
> AFAICT nothing more to be done on the libblockdev or udisks2 side with
> respect to that bug.  But maybe the Changelog entry for libblockdev
> 2.20-7+deb10u1 should be changed to remove the references to MEMLOCK.
> As I wrote in https://gitlab.com/cryptsetup/cryptsetup/issues/466 I
> believe the problem with LUKSv2 is elsewhere (crypt_get_volume_key_size()
> fails because there is no bound keyslot object to retrieve the key size
> from).  Maybe changing it to
> 
>   * Use existing cryptsetup API for changing keyslot passphrase.
> Cherry-pick upstream fix to use existing cryptsetup API for atomically
> changing a keyslot passphrase, instead of deleting the old keyslot
> before adding the new one. This avoids data loss when attempting to
> change the passphrase of a LUKS2 device via udisks2, e.g. from GNOME
> Disks.
> Deleting a keyslot and then adding one is risky: if anything goes wrong
> before the new keyslot is successfully added, no usable keyslot is left
> and the device cannot be unlocked anymore.  There's little chances this
> causes actual problems with LUKS1, but as of 2.1.0 libcrypsetup
> fails to add a new keyslot to a LUKS2 header without any
> pre-existing keyslot.
> (Closes: #928893)
> 
> Or maybe remoing the last sentence alltogether, ending with “[…] cannot
> be unlocked anymore.”

I already uploaded 2.20-7+deb10u1 with this changelog, so it's not
really possible anymore to undo this other then making a 2.20-7+deb10u2
upload, which seems like overkill to me.
I don't think the changelog is that misleading that we need another
upload fixing it.

Regards,
Michael

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#928893: gnome-disk-utility: disk content permamently lost when changing LUKS password

[Guilhem Moulin]

Hi,

On Sun, 21 Jul 2019 at 13:36:06 +0200, Michael Biebl wrote:
> Agreed. I've just uploaded a libblockdev with that cherry-pick to buster
> and this change was acked by the SRMs, so should be in 10.1.

Awesome! :-)

> Regarding the LUKS2/udisks2/LimitMEMLOCK issue, would you prefer to
> track this as a udisks2 issue or cryptsetup issue?  Is there already a
> bug report for this or should we clone/reassign this one?

I filed https://gitlab.com/cryptsetup/cryptsetup/issues/465 “Argon2i/d
benchmark doesn't honor `getrlimit(RLIMIT_MEMLOCK,)`”, but on second
thought I don' think udisks2 is affected.  As I wrote in Message #59,

| Apologies for incorrectly pointing to getrlimits(2) earlier: I'm
| personally not familiar with udisks/libblockdev myself and hadn't
| realized `getrlimit(RLIMIT_MEMLOCK,)` was bypassed since the Argon2d/i
| benchmark process is privileged.

Now that libblockdev uses crypt_keyslot_change_by_passphrase() there is
AFAICT nothing more to be done on the libblockdev or udisks2 side with
respect to that bug.  But maybe the Changelog entry for libblockdev
2.20-7+deb10u1 should be changed to remove the references to MEMLOCK.
As I wrote in https://gitlab.com/cryptsetup/cryptsetup/issues/466 I
believe the problem with LUKSv2 is elsewhere (crypt_get_volume_key_size()
fails because there is no bound keyslot object to retrieve the key size
from).  Maybe changing it to

  * Use existing cryptsetup API for changing keyslot passphrase.
Cherry-pick upstream fix to use existing cryptsetup API for atomically
changing a keyslot passphrase, instead of deleting the old keyslot
before adding the new one. This avoids data loss when attempting to
change the passphrase of a LUKS2 device via udisks2, e.g. from GNOME
Disks.
Deleting a keyslot and then adding one is risky: if anything goes wrong
before the new keyslot is successfully added, no usable keyslot is left
and the device cannot be unlocked anymore.  There's little chances this
causes actual problems with LUKS1, but as of 2.1.0 libcrypsetup
fails to add a new keyslot to a LUKS2 header without any
pre-existing keyslot.
(Closes: #928893)

Or maybe remoing the last sentence alltogether, ending with “[…] cannot
be unlocked anymore.”

Cheers,
-- 
Guilhem.


signature.asc
Description: PGP signature

Bug#932659: [Pkg-javascript-devel] Bug#932659: node: modules are not getting detected in a fresh sid chroot environment

[Jérémy Lal]

Le dim. 21 juil. 2019 à 20:48,  a écrit :

> Package: nodejs
> Version: 10.15.2~dfsg-2
> Severity: grave
>
> After creating a fresh chroot 'sid' environment
> and installing nodejs and npm
> `npm install` is throwing the below error:
> internal/modules/cjs/loader.js:583
> throw err;
> ^
>
> Error: Cannot find module 'semver'
> at Function.Module._resolveFilename
> (internal/modules/cjs/loader.js:581:15)
> at Function.Module._load (internal/modules/cjs/loader.js:507:25)
> at Module.require (internal/modules/cjs/loader.js:637:17)
> at require (internal/modules/cjs/helpers.js:22:18)
> at Object. (/usr/share/npm/lib/utils/unsupported.js:2:14)
> at Module._compile (internal/modules/cjs/loader.js:689:30)
> at Object.Module._extensions..js
> (internal/modules/cjs/loader.js:700:10)
> at Module.load (internal/modules/cjs/loader.js:599:32)
> at tryModuleLoad (internal/modules/cjs/loader.js:538:12)
> at Function.Module._load (internal/modules/cjs/loader.js:530:3)
> 
> even installed modules are not working while trying to run the below
> cmd.
> $ ls /usr/share/nodejs/
> mixin-deep  normalize-path  y18n
> $ node -e "require('y18n');"
> internal/modules/cjs/loader.js:583
> throw err;
> ^
>
> Error: Cannot find module 'y18n'
> at Function.Module._resolveFilename
> (internal/modules/cjs/loader.js:581:15)
> at Function.Module._load (internal/modules/cjs/loader.js:507:25)
> at Module.require (internal/modules/cjs/loader.js:637:17)
> at require (internal/modules/cjs/helpers.js:22:18)
> at [eval]:1:1
> at Script.runInThisContext (vm.js:96:20)
> at Object.runInThisContext (vm.js:303:38)
> at Object. ([eval]-wrapper:6:22)
> at Module._compile (internal/modules/cjs/loader.js:689:30)
> at evalScript (internal/bootstrap/node.js:587:27)
>

I cannot say what's wrong from the information you gave.
Here with same node version
$ node -p "require.resolve('y18n')"
/usr/share/nodejs/y18n/index.js

can you check that last file path exists ?

Then can you compare with your output of:
node -p process.execPath
/usr/bin/node

node -p "require.resolve.paths('y18n')"
[ '/home/dev/node_modules',
  '/home/node_modules',
  '/node_modules',
  '/home/dev/.node_modules',
  '/home/dev/.node_libraries',
  '/usr/lib/x86_64-linux-gnu/nodejs',
  '/usr/share/nodejs',
  '/usr/lib/nodejs' ]

Also maybe of interest
node -p process.env.NODE_PATH

Thanks,
Jérémy

Bug#932678: glib2.0: tests timeout on i386 and mips

[Michael Gilbert]

package: src:glib2.0
severity: serious
version: 2.60.5-1

The latest glib2.0 upload fails to build on i386 and mips [0].

On i386, the gmenumodel test timed out.  On mips, the gvariant test timed out.

Best wishes,
Mike

[0] https://buildd.debian.org/status/package.php?p=glib2.0

Bug#932659: node: modules are not getting detected in a fresh sid chroot environment

[sgk]

Package: nodejs
Version: 10.15.2~dfsg-2
Severity: grave

After creating a fresh chroot 'sid' environment 
and installing nodejs and npm 
`npm install` is throwing the below error:
internal/modules/cjs/loader.js:583
throw err;
^

Error: Cannot find module 'semver'
at Function.Module._resolveFilename
(internal/modules/cjs/loader.js:581:15)
at Function.Module._load (internal/modules/cjs/loader.js:507:25)
at Module.require (internal/modules/cjs/loader.js:637:17)
at require (internal/modules/cjs/helpers.js:22:18)
at Object. (/usr/share/npm/lib/utils/unsupported.js:2:14)
at Module._compile (internal/modules/cjs/loader.js:689:30)
at Object.Module._extensions..js
(internal/modules/cjs/loader.js:700:10)
at Module.load (internal/modules/cjs/loader.js:599:32)
at tryModuleLoad (internal/modules/cjs/loader.js:538:12)
at Function.Module._load (internal/modules/cjs/loader.js:530:3)

even installed modules are not working while trying to run the below
cmd.
$ ls /usr/share/nodejs/
mixin-deep  normalize-path  y18n
$ node -e "require('y18n');"
internal/modules/cjs/loader.js:583
throw err;
^

Error: Cannot find module 'y18n'
at Function.Module._resolveFilename
(internal/modules/cjs/loader.js:581:15)
at Function.Module._load (internal/modules/cjs/loader.js:507:25)
at Module.require (internal/modules/cjs/loader.js:637:17)
at require (internal/modules/cjs/helpers.js:22:18)
at [eval]:1:1
at Script.runInThisContext (vm.js:96:20)
at Object.runInThisContext (vm.js:303:38)
at Object. ([eval]-wrapper:6:22)
at Module._compile (internal/modules/cjs/loader.js:689:30)
at evalScript (internal/bootstrap/node.js:587:27)

Bug#932351: gnubg: Crashes on launch

[Russ Allbery]

Manuel Laínz  writes:

> I get this:
> #10 0x7f2d89fcd07f in ___vsprintf_chk (s=0x7ffd889939e0 "Juego de
> fichas para movimientos posteriores en simulaciones de lanzamientos (para
> el jugador 0) usará ruido pseudo-aleatorio.\216pb\265z\340U", flags=1,
> slen=128, format=0x7f2d866afc46  0x7f2d866afc46>, args=args@entry=0x7ffd88993870) at vsprintf_chk.c:83
> #11 0x7f2d89fccfaa in ___sprintf_chk (s=,
> flags=, slen=, format=) at
> sprintf_chk.c:31

Thanks, that's exactly what I needed.  I should have thought to test with
locales.  The problem is that gnubg is allocating a static buffer to hold
one of its output messages, and the Spanish translation is long enough
that it's overflowing the buffer.

If you change your locale when running gnubg, that will fix the problem
(LC_ALL=C.UTF-8 gnubg), at the cost of losing the translations.

I'll fix this for unstable and will see about getting a targeted fix into
stable as well, although it won't go out, at best, until the next point
release.

-- 
Russ Allbery (r...@debian.org)   

Bug#932650: swift-bench: (build-)depends on cruft package.

[peter green]

Package: swift-bench
Severity: serious
Tags: bullseye, sid

swift-bench (build-)depends on the python-swiftclient binary package which is 
no longer built by the python-swiftclient source package.

You probably need to migrate to python3

Bug#932632: Acknowledgement (d-shlibs needs an update for libreadline8, causing other packages ftbfs)

[Matthias Klose]

Control: tags -1 + patch

patch at
https://patches.ubuntu.com/d/d-shlibs/d-shlibs_0.84ubuntu2.patch

Bug#932649: swauth: (build-)depends on cruft package.

[peter green]

Package: swauth
Severity: serious
Tags: bullseye, sid

swauth (build-)depends on the python-swiftclient binary package which is no 
longer built by the python-swiftclient source package.

You probably need to migrate to python3

Processed: Re: Bug#932632: Acknowledgement (d-shlibs needs an update for libreadline8, causing other packages ftbfs)

[Debian Bug Tracking System]

Processing control commands:

> tags -1 + patch
Bug #932632 [d-shlibs] d-shlibs needs an update for libreadline8, causing other 
packages ftbfs
Added tag(s) patch.

-- 
932632: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932632
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#932401: marked as done (patch: CVE-2019-13636)

[Debian Bug Tracking System]

Your message dated Sun, 21 Jul 2019 14:39:46 +
with message-id 
and subject line Bug#932401: fixed in patch 2.7.6-5
has caused the Debian Bug report #932401,
regarding patch: CVE-2019-13636
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
932401: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932401
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: patch
Version: 2.7.6-3
Severity: important
Tags: security upstream
Control: found -1 2.7.6-4

Hi,

The following vulnerability was published for patch.

CVE-2019-13636[0]:
| In GNU patch through 2.7.6, the following of symlinks is mishandled in
| certain cases other than input files. This affects inp.c and util.c.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-13636
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13636
[1] 
https://git.savannah.gnu.org/cgit/patch.git/commit/?id=dce4683cbbe107a95f1f0d45fabc304acfb5d71a

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: patch
Source-Version: 2.7.6-5

We believe that the bug you reported is fixed in the latest version of
patch, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 932...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS)  (supplier of updated patch package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Sun, 21 Jul 2019 12:20:38 +
Source: patch
Architecture: source
Version: 2.7.6-5
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) 
Changed-By: Laszlo Boszormenyi (GCS) 
Closes: 932401
Changes:
 patch (2.7.6-5) unstable; urgency=high
 .
   * Fix CVE-2019-13636: mishandled following of symlinks (closes: #932401).
   * Fix CVE-2019-13638: shell command injection.
Checksums-Sha1:
 fb3e8123a6e811719de8f22cdb960e1bd5383a7a 1699 patch_2.7.6-5.dsc
 8817614c12fd7bd41dff18f3f6b16d14b7053c1f 13348 patch_2.7.6-5.debian.tar.xz
Checksums-Sha256:
 87b0b1814b84d8170359efb25f9c67e8e6c4e6dc38abc417328292165a8a447b 1699 
patch_2.7.6-5.dsc
 df316da8d48c848bebbfe4970a274ac5514eade0f0e8373f53a67899d459a80a 13348 
patch_2.7.6-5.debian.tar.xz
Files:
 73d7cc848f3b8f27b5e7ea7a56c96398 1699 vcs optional patch_2.7.6-5.dsc
 6089cc5c78b5c4db143ebabe63143aaf 13348 vcs optional patch_2.7.6-5.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAl00cEwACgkQ3OMQ54ZM
yL+LGw//ZO7ZnjCKcDKDOL8VTUTVyO+lfZ68rgjcF+0bnNtsAAkv4ZfICSOWkgUo
H7gSgaklZMP4j+J/SdG/vJ79Jkr3P1+z9lMomcE+XsuMhF4AUHWilSIXMZ8KVsde
wy6lRXcMqL8SrRFsHQZtcDr0RvzX6j3aOucgTv+2CbDYNLVsrxtCWerVeMZL8EOq
EuCluDvepVva/WjiNOBYX3GApKfjGtADxxCO3aSnnRQ/pi1KrGKdio9XG9xtPopY
4iKJ8WswRBinPyTMUKtgOFByPviGDjvL29LKzDY2LvDXOmsWl/HTi9gZXllybzUl
o2xNG8Tx0/CgdOcIJRowM5zZlnxSxVwk2uWVltAeor3zpj9yeR23nnCBC1/eXo1F
GL9QGwmNIlDj+xaDOPjFCmPzMCwRgvSEOyAjLwfkM4uRizBlsoy5euoC8F+4FZDy
l+o2wKiLRbQdyYoiajHHUymlBbpe/MTSrl2W0eHnBWKvtMxbHIEgbGNuRegPF1sB
OZHKsAACW2YKQicpAF1mcaCmXznk7VExIr1tLfP2Fnv88yQFkOEaNDN8ZIM5ALkG
C4ywDEeTKDN+GUbX9GLpOGfZBmj9fnoWi0AsgBCwpSuq2V2GBJdV8AaGlExJvrul
vKuSTiOSvUI8xxD9zpoqx+E1XsfgvH6M1X4/XQLLKEBxFwZseFw=
=NKWC
-END PGP SIGNATURE End Message ---

Bug#932643: cryptsetup upgrade causes cryptsetup-initramfs autoremoval and boot failure

[Ben Caradoc-Davies]

Package: cryptsetup
Version: 2:2.1.0-6
Severity: critical
Justification: breaks the whole system

Dear Maintainer,

upgrading cryptsetup from 2:2.1.0-5 to 2:2.1.0-6 causes autoremoval of
cryptsetup-initramfs and consequent failure to boot from LUKS/LVM.

Workaround is to boot previous kernel (with unaffected initramfs) and repair
latest initramfs with:

apt-get install cryptsetup-initramfs

Kind regards,
Ben.



-- Package-specific info:

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages cryptsetup depends on:
ii  cryptsetup-bin 2:2.1.0-6
ii  debconf [debconf-2.0]  1.5.72
ii  dmsetup2:1.02.155-3
ii  libc6  2.28-10

cryptsetup recommends no packages.

Versions of packages cryptsetup suggests:
ii  dosfstools  4.1-2
pn  keyutils
ii  liblocale-gettext-perl  1.07-3+b4

-- debconf information excluded

Bug#930356: CVE-2019-12760

[Marco Villegas]

Just to mention that one of the authors of parso actually closed the
related issue[1] pointing to the commit mentioned by Nicholas, 19de3eb.

In the same comment, a new issue about replacing pickle[2] was created
to avoid the problem altogether, and the author suggest it will not
happen soon.

This probably means that we want to go with the approach suggested by
Piotr to disable cache if we want to avoid the removal.

1: https://github.com/davidhalter/parso/issues/75
2: https://github.com/davidhalter/parso/issues/79

Best,

-Marco

Bug#932638: sdb ftbfs in unstable

[Matthias Klose]

Package: src:sdb
Version: 1.2-2
Severity: serious
Tags: sid bullseye patch

sdb ftbfs in unstable with readline8, patch available at
https://patches.ubuntu.com/s/sdb/sdb_1.2-1.1ubuntu2.patch

Not sure if the follow-up patch is needed for the Debian package.

Processed: Re: Processed: Re: pdfproctools: fails to install (conflict with origami-pdf)

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # arggg
> reassign 914333 origami-pdf,pdfproctools
Bug #914333 [src:origami-pdf,src:pdfproctools] origami-pdf & pdfproctools both 
ship /usr/bin/pdfmetadata
Warning: Unknown package 'src:pdfproctools'
Bug reassigned from package 'src:origami-pdf,src:pdfproctools' to 
'origami-pdf,pdfproctools'.
Ignoring request to alter found versions of bug #914333 to the same values 
previously set
Ignoring request to alter fixed versions of bug #914333 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
914333: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914333
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#932351: gnubg: Crashes on launch

[Manuel Laínz]

I get this:
#0  0x7f2d89efc7bb in __GI_raise (sig=sig@entry=6)
at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x7f2d89ee7535 in __GI_abort () at abort.c:79
#2  0x7f2d89f3e508 in __libc_message
(action=, fmt=fmt@entry=0x7f2d8a04907b "*** %s ***: %s
terminated\n") at ../sysdeps/posix/libc_fatal.c:181
#3  0x7f2d89fcf80d in __GI___fortify_fail_abort
(need_backtrace=need_backtrace@entry=true, msg=msg@entry=0x7f2d8a048ff8
"buffer overflow detected") at fortify_fail.c:28
#4  0x7f2d89fcf841 in __GI___fortify_fail
(msg=msg@entry=0x7f2d8a048ff8 "buffer overflow detected")
at fortify_fail.c:44
#5  0x7f2d89fcd940 in __GI___chk_fail () at chk_fail.c:28
#6  0x7f2d89fccfd9 in _IO_str_chk_overflow
(fp=, c=) at vsprintf_chk.c:31
#7  0x7f2d89f42851 in __GI__IO_default_xsputn
(n=, data=, f=)
at libioP.h:839
#8  0x7f2d89f42851 in __GI__IO_default_xsputn
(f=0x7ffd88993730, data=, n=32) at genops.c:370
#9  0x7f2d89f15112 in _IO_vfprintf_internal
(s=s@entry=0x7ffd88993730, format=format@entry=0x7f2d866afc46 , ap=ap@entry=0x7ffd88993870)
--Type  for more, q to quit, c to continue without paging--c
at ../libio/libioP.h:839
#10 0x7f2d89fcd07f in ___vsprintf_chk (s=0x7ffd889939e0 "Juego de
fichas para movimientos posteriores en simulaciones de lanzamientos (para
el jugador 0) usará ruido pseudo-aleatorio.\216pb\265z\340U", flags=1,
slen=128, format=0x7f2d866afc46 , args=args@entry=0x7ffd88993870) at vsprintf_chk.c:83
#11 0x7f2d89fccfaa in ___sprintf_chk (s=,
flags=, slen=, format=) at
sprintf_chk.c:31
#12 0x55e07a24d3bb in CommandSetEvalDeterministic ()
#13 0x55e07a20336a in HandleCommand ()
#14 0x55e07a20336a in HandleCommand ()
#15 0x55e07a24fef7 in CommandSetRolloutLatePlayer ()
#16 0x55e07a20336a in HandleCommand ()
#17 0x55e07a20336a in HandleCommand ()
#18 0x55e07a25143f in CommandSetEvalParamRollout ()
#19 0x55e07a20336a in HandleCommand ()
#20 0x55e07a20336a in HandleCommand ()
#21 0x55e07a2034a9 in HandleCommand ()
#22 0x55e07a2034a9 in HandleCommand ()
#23 0x55e07a203560 in  ()
#24 0x55e07a203654 in CommandLoadCommands ()
#25 0x55e07a1d7c4f in main ()

El jue., 18 jul. 2019 a las 18:45, Russ Allbery () escribió:

> Control: tags -1 unreproducible moreinfo
>
> mlainz  writes:
>
> > Package: gnubg
> > Version: 1.06.002-1
> > Severity: grave
> > Justification: renders package unusable
>
> > gnubg crashes on launch on debian buster with the following message:
> >  *** buffer overflow detected ***: gnubg terminated
>
> > I got the same result on two different machines, over Wayland and X11.
>
> I can't reproduce this.
>
> Can you enable core dumps (ulimit -c unlimited) and then run gdb on the
> corresponding core dump (gdb /usr/games/gnubg core) and then run backtrace
> and show the backtrace for this?
>
> --
> Russ Allbery (r...@debian.org)   
>

Bug#932637: perl6-readline ftbfs in unstable

[Matthias Klose]

Package: src:perl6-readline
Version: 0.1.4-3
Severity: serious
Tags: sid bullseye patch

perl6-readline ftbfs in unstable with readline 8. Hard-coding the soname is not
a good way, but here is a patch hardcoding the new version:

https://patches.ubuntu.com/p/perl6-readline/perl6-readline_0.1.4-3ubuntu1.patch

Bug#932635: iverilog ftbfs in unstable

[Matthias Klose]

Package: src:iverilog
Version: 10.2-1.1
Severity: serious
Tags: sid bullseye

[...]
gcc -Wl,-z,relro main.o substit.o cflexor.o cfparse.o -o iverilog
../version.exe `head -1 ./iverilog.man.in`'\n' > iverilog.man
tail -n +2 ./iverilog.man.in >> iverilog.man
make[2]: Leaving directory '/<>/driver'
make[1]: Leaving directory '/<>'
   dh_auto_test -a
make -j1 check VERBOSE=1
make[1]: Entering directory '/<>'
mv parse.cc.h parse.h 2>/dev/null || mv parse.hh parse.h
mv: cannot stat 'parse.hh': No such file or directory
make[1]: *** [Makefile:259: parse.h] Error 1
make[1]: Leaving directory '/<>'
dh_auto_test: make -j1 check VERBOSE=1 returned exit code 2
make: *** [debian/rules:4: build-arch] Error 255
dpkg-buildpackage: error: debian/rules build-arch subprocess returned exit 
status 2

Processed: autopkgtest failures are now RC; raising severity for *existing* bugs

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # The release team has announced that autopkgtest failure is now RC
> # https://lists.debian.org/debian-devel-announce/2019/07/msg2.html
> severity 914336 serious
Bug #914336 [src:netperfmeter] netperfmeter: bogus debian/tests/control file
Severity set to 'serious' from 'normal'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
914336: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914336
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#932632: d-shlibs needs an update for libreadline8, causing other packages ftbfs

[Matthias Klose]

Package: d-shlibs
Version: 0.84
Severity: serious
Tags: sid bullseye

as seen with the receent fontforge binNMUs, d-shlibs needs an update for 
readline8.

dh_installgsettings -plibfontforge2
d-shlibmove --commit \
--devunversioned \
--exclude-la \
--extralib debian/tmp/x/usr/lib/libgioftp.so \
--extralib debian/tmp/x/usr/lib/libgunicode.so \
--extralib debian/tmp/x/usr/lib/libgutils.so \
--movedev "debian/tmp/x/usr/include/*" usr/include/ \
--movedev "debian/tmp/x/usr/lib/pkgconfig/*.pc" usr/lib/pkgconfig \
--override s/libfontforge2-dev/libfontforge-dev/ \
debian/tmp/x/usr/lib/libfontforge.so
Library package automatic movement utility
 --> libcairo2-dev package exists.
 --> libfontconfig1-dev package exists.
 --> libfontforge-dev package from same source package.
 --> libfreetype6-dev package exists.
 --> libgif-dev package exists.
 --> libglib2.0-dev package exists.
 --> libice-dev package exists.
 --> libjpeg-dev package exists.
 --> libltdl7-dev is provided by a package.
 --> libpango1.0-dev package exists.
 --> libpng-dev package exists.
 --> libpython-dev package exists.
devlibs error: There is no package matching [libreadline8-dev] and noone
provides it, please report bug to d-shlibs maintainer
 --> libsm-dev package exists.
 --> libspiro-dev package exists.
 --> libtiff5-dev package exists.
 --> libuninameslist-dev package exists.
 --> libx11-dev package exists.
 --> libxft-dev package exists.
 --> libxml2-dev package exists.
 --> zlib1g-dev package exists.
make: *** [debian/rules:63: debian/stamp-local-shlibs-libfontforge] Error 1
dpkg-buildpackage: error: fakeroot debian/rules binary-arch subprocess returned
exit status 2

Processed: Re: pdfproctools: fails to install (conflict with origami-pdf)

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 914333 src:origami-pdf,src:pdfproctools
Bug #914333 [pdfproctools] origami-pdf & pdfproctools both ship 
/usr/bin/pdfmetadata
Bug reassigned from package 'pdfproctools' to 
'src:origami-pdf,src:pdfproctools'.
Warning: Unknown package 'src:pdfproctools'
Warning: Unknown package 'src:pdfproctools'
No longer marked as found in versions netperfmeter/1.8.0-1.
Warning: Unknown package 'src:pdfproctools'
Warning: Unknown package 'src:pdfproctools'
Ignoring request to alter fixed versions of bug #914333 to the same values 
previously set
Warning: Unknown package 'src:pdfproctools'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
914333: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914333
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#932631: argus-client ftbfs in unstable

[Matthias Klose]

Package: src:argus-client
Version: 1:3.0.8.2-3
Severity: serious
Tags: sid bullseye

https://buildd.debian.org/status/package.php?p=argus-clients

   debian/rules override_dh_systemd_enable
make[1]: Entering directory '/<>'
# Do not enable the file by default on purpose.
# The user should enable it only after making sure the configuration is
# appropriate for his/her computer.
make[1]: Leaving directory '/<>'
   debian/rules override_dh_installinit
make[1]: Entering directory '/<>'
dh_installinit --noscripts --name=rasplit
dh_installinit: --name=rasplit option specified, but init script not found
make[1]: *** [debian/rules:19: override_dh_installinit] Error 255
make[1]: Leaving directory '/<>'
make: *** [debian/rules:9: binary-arch] Error 2

Bug#914333: pdfproctools: fails to install (conflict with origami-pdf)

[Paul Gevers]

retitle 914333 origami-pdf & pdfproctools both ship /usr/bin/pdfmetadata
reassign -1 src:origami-pdf,src:pdfproctools
thanks

On Thu, 22 Nov 2018 09:37:31 +0100 Jacek Politowski  wrote:
> pdfproctools fails to install due to conflicting "/usr/bin/pdfmetadata" file
> which exists also in "origami-pdf" package.

So, this bug is in two source packages. I'm quoting paragraph 10.1 of
the Debian policy here (hence CC to d-devel):
"""
Two different packages must not install programs with different
functionality but with the same filenames. (The case of two programs
having the same functionality but different implementations is handled
via “alternatives” or the “Conflicts” mechanism. See Maintainer Scripts
and Conflicting binary packages - Conflicts respectively.) If this case
happens, one of the programs must be renamed. The maintainers should
report this to the debian-devel mailing list and try to find a consensus
about which program will have to be renamed. If a consensus cannot be
reached, both programs must be renamed.
"""

Paul



signature.asc
Description: OpenPGP digital signature

Processed (with 1 error): Re: pdfproctools: fails to install (conflict with origami-pdf)

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> retitle 914333 origami-pdf & pdfproctools both ship /usr/bin/pdfmetadata
Bug #914333 [pdfproctools] pdfproctools: fails to install (conflict with 
origami-pdf)
Changed Bug title to 'origami-pdf & pdfproctools both ship 
/usr/bin/pdfmetadata' from 'pdfproctools: fails to install (conflict with 
origami-pdf)'.
> reassign -1 src:origami-pdf,src:pdfproctools
Failed to clear fixed versions and reopen on -1: The 'bug' parameter ("-1") to 
Debbugs::Control::set_package did not pass regex check
.

> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
914333: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914333
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: profanity: FTBFS on 32-bit arches: error: cast to pointer from integer of different size

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> notfound 928149 0.6.0+git20190503.4a165b8-2
Bug #928149 [src:profanity] profanity: FTBFS on 32-bit arches: error: cast to 
pointer from integer of different size
Ignoring request to alter found versions of bug #928149 to the same values 
previously set
> notfound 928149 0.6.0+git20190718.1bb0556-1
Bug #928149 [src:profanity] profanity: FTBFS on 32-bit arches: error: cast to 
pointer from integer of different size
Ignoring request to alter found versions of bug #928149 to the same values 
previously set
> notfound 928149 0.6.0+git20190718.1bb0556-2
Bug #928149 [src:profanity] profanity: FTBFS on 32-bit arches: error: cast to 
pointer from integer of different size
Ignoring request to alter found versions of bug #928149 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
928149: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928149
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#928149: marked as done (profanity: FTBFS on 32-bit arches: error: cast to pointer from integer of different size)

[Debian Bug Tracking System]

Your message dated Sun, 21 Jul 2019 13:58:27 +0200
with message-id <20190721115827.GA15662@fama>
and subject line profanity: FTBFS on 32-bit arches: error: cast to pointer from 
integer of different size
has caused the Debian Bug report #928149,
regarding profanity: FTBFS on 32-bit arches: error: cast to pointer from 
integer of different size
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
928149: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928149
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: profanity
Version: 0.6.0+git20190424.9dd441a-1
Severity: serious
Tags: ftbfs
Justification: fails to build from source (but built successfully in the past)

Hi,

profanity/experimental FTBFS on 32-bit architectures:

https://buildd.debian.org/status/package.php?p=profanity=experimental

tests/unittests/config/stub_accounts.c: In function 'accounts_get_list':
tests/unittests/config/stub_accounts.c:39:12: error: cast to pointer from 
integer of different size [-Werror=int-to-pointer-cast]
 return (gchar **)mock();
^
tests/unittests/config/stub_accounts.c: In function 'accounts_get_account':
tests/unittests/config/stub_accounts.c:45:12: error: cast to pointer from 
integer of different size [-Werror=int-to-pointer-cast]
 return (ProfAccount*)mock();
^
tests/unittests/ui/stub_ui.c: In function 'win_create_console':
tests/unittests/ui/stub_ui.c:486:12: error: cast to pointer from integer of 
different size [-Werror=int-to-pointer-cast]
 return (ProfWin*)mock();
^
tests/unittests/ui/stub_ui.c: In function 'win_create_chat':
tests/unittests/ui/stub_ui.c:494:12: error: cast to pointer from integer of 
different size [-Werror=int-to-pointer-cast]
 return (ProfWin*)mock();
^
tests/unittests/xmpp/stub_xmpp.c: In function 'connection_get_fulljid':
tests/unittests/xmpp/stub_xmpp.c:34:12: error: cast to pointer from integer of 
different size [-Werror=int-to-pointer-cast]
 return (char *)mock();
^
tests/unittests/xmpp/stub_xmpp.c: In function 'connection_get_presence_msg':
tests/unittests/xmpp/stub_xmpp.c:68:12: error: cast to pointer from integer of 
different size [-Werror=int-to-pointer-cast]
 return (char*)mock();
^
tests/unittests/xmpp/stub_xmpp.c: In function 'session_get_account_name':
tests/unittests/xmpp/stub_xmpp.c:73:12: error: cast to pointer from integer of 
different size [-Werror=int-to-pointer-cast]
 return (char*)mock();
^
tests/unittests/xmpp/stub_xmpp.c: In function 'bookmark_get_list':
tests/unittests/xmpp/stub_xmpp.c:257:12: error: cast to pointer from integer of 
different size [-Werror=int-to-pointer-cast]
 return (GList *)mock();
^

Andreas
--- End Message ---
--- Begin Message ---
notfound 928149 0.6.0+git20190503.4a165b8-2
notfound 928149 0.6.0+git20190718.1bb0556-1
notfound 928149 0.6.0+git20190718.1bb0556-2
thanks--- End Message ---

Bug#932603: missing dependency on libnet1

[Sven Joachim]

On 2019-07-21 09:21 +0200, Sven Joachim wrote:

> Am 21.07.2019 um 08:56 schrieb Felix Zielcke:
>
>> Package: tcptraceroute
>> Version: 1.5beta7+debian-4.1
>> Severity: serious
>>
>> I hadn't libnet1 installed due to nothing depending on it and tcptraceroute 
>> failed now with:
>>
>> # tcptraceroute www.debian.org
>> tcptraceroute: error while loading shared libraries: libnet.so.1:
>> cannot open shared object file: No such file or directory
>>
>> And indeed the tcptraceroute_1.5beta7+debian-4.1_amd64.deb doestn't
>> have any Depends: line in DEBIAN/control.
>
> This is a consequence of debhelper bug #932240, the package needs to be
> rebuilt with a fixed debhelper.

I have requested a binNMU in #932616.

Cheers,
   Sven

Bug#928893: gnome-disk-utility: disk content permamently lost when changing LUKS password

[Michael Biebl]

Hi Guilhem, hi intrigeri,

first of all, thanks for debugging this issue and this excellent bug report!

On Sat, 20 Jul 2019 17:24:21 -0300 Guilhem Moulin 
wrote:

> However as far as libblockdev is concerned, FWIW I fully support
> intrigeri's cherry-pick of upstream's 34ed7be.  Adding a key slot
> *after* having removed it can have very nasty consequences (entire
> device lost), and that not just for LUKSv2.

Agreed. I've just uploaded a libblockdev with that cherry-pick to buster
and this change was acked by the SRMs, so should be in 10.1.

Regarding the LUKS2/udisks2/LimitMEMLOCK issue, would you prefer to
track this as a udisks2 issue or cryptsetup issue?
Is there already a bug report for this or should we clone/reassign this one?

Regards,
Michael

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#931566: Don't complain about suite changes (Acquire::AllowReleaseInfoChange::Suite should be "true")

[David Kalnischkies]

On Fri, Jul 12, 2019 at 04:52:36PM +0200, Julian Andres Klode wrote:
> On Tue, Jul 09, 2019 at 03:31:07PM +0200, David Kalnischkies wrote:
> > On Mon, Jul 08, 2019 at 12:19:36PM +0200, Julian Andres Klode wrote:
> > Anyway, that apt is enforcing the metadata isn't changing is a security
> > feature in that if you don't check an attacker can reply to a request to
> > foo-security with foo – perfectly signed and everything so apt has no
> > chance to detect this and the user believes everything is fine – even
> > seeing files downloaded from -security – while the user never receives
> > data for -security. foo has no Valid-Until header so the attacker can
> > keep that up for basically ever. Compared to that serving old versions
> > of -security itself is guarded by Valid-Until. Not serving any data has
> > basically the same result, but the errors involved might eventually
> > raise some alarm bells. So that is a good strategy to keep you from ever
> > installing security upgrades.
> 
> This should not happen silently, as there'll be a warning that the
> name of the distro in the sources.list entry matches neither Codename
> nor Suite.

Codename and Suite match for Debian and -security:
http://deb.debian.org/debian/dists/buster/Release
http://security.debian.org/debian-security/dists/buster/updates/Release

They differ in Label (, Version) and Components only. As such I can
easily hand you the Release file for Debian if you ask for security.

Components has its own verify, but as both styles ("updates/main" and
"main") exist in realworld scenarios we can't be that strict about it.

Version is a fun one to verify as that would imply enforcing a specific
version scheme.

Yes, they have different keys, but while the option exists nobody really
configures signed-by per sources.list entry (or Release or …) for
various reasons. !33 wants to help with that, but will/does depend on
the metadata to match keys entries to sources.list entries.


bullseye has that "fixed" as Suite & Codename will vary for both
archives, but there weren't only positive replies about that and I am
not that arrogant to call all other repositories "broken" just because
they don't exactly copy the choices Debian made – and even if they would
they would be a candidate for the flipping.


I guess Julian was thinking of the Docker example I had in a later
message which is caught by having the wrong suite compared to the
sources.list; but that example I included mainly to show that Debians
interpretation of what Suite and Codename are might not be applicable to
other repositories – for Docker, it makes perfect sense to say that
"buster" is the suite they release stuff for. It is at least quite
obviously not the codename for their product.


> We also can't do a rollback attack from current testing to an older
> testing either, as the Date is not allowed to roll backwards.

Assuming I don't catch you on your first update I just have to pick
a stable release (update) after the last security update you have
to switch you over to never receiving security updates again (perhaps
staling -security in the bounds of Valid-Until until stable has caught
up with the next point release).

(Me being a MITM or an evil [https-]mirror operator of course)


> I'm not convinced we are adding any actual security here - we should
> just upgrade the warning for name mismatch between sources.list and
> Release file to an error for that.

So, to be clear, you think about reverting the entire thing for all
fields – which is considerably more than what this bugreport is asking
for.

It is a valid option of course, but personally I would like to hear
reasons to allowing Origin/Label to change – so far I have only seen
complains about (mostly) Suite and (some) Codename [and for the record,
I also got some positive replies for both, so regardless the default,
I would at the very least like to retain the option] – as that
jeopardises stuff like !33 as well.


> > A) For a user with "debian stable" in sources.list the change of the
> > Codename from buster to bullseye is a giant leap which should not
> > be done carelessly or even automatically in the background.
> 
> That's true, but leaving the user stranded without updates is not
> helpful either.

I would personally consider no-upgrades a better scenario than
not-for-me-upgrades, but then I wouldn't classify a failing automatic
process as "stranding" given that human intervention is needed in both
scenarios.


> > B) For a user with "debian buster" in sources.list the change of the
> > Suite from e.g. stable to oldstable is an important event as well; not
> > right at this moment as there is a grace period, but security support is
> > about to end and plans should be set in motion on how to deal with that.
> 
> It's not an important enough change to starve them from further security
> updates until they acknowledge it.

I said as much, perhaps a bit clearer a few lines below that, and I think
we have consent on that – 

Processed: bug 928885 is forwarded to https://github.com/sol1/rdiff-backup/issues/36

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> forwarded 928885 https://github.com/sol1/rdiff-backup/issues/36
Bug #928885 [src:rdiff-backup] FTBFS with librsync 2
Set Bug forwarded-to-address to 
'https://github.com/sol1/rdiff-backup/issues/36'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
928885: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928885
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: autopkgtest failures are now RC; raising severity for *existing* bugs

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> # The release team has announced that autopkgtest failure is now RC
> # https://lists.debian.org/debian-devel-announce/2019/07/msg2.html
> severity 919924 serious
Bug #919924 [src:mercurial] mercurial: autopkgtest depends on monotone which is 
not in testing
Severity set to 'serious' from 'normal'
> severity 925913 serious
Bug #925913 [src:uhubctl] uhubctl: autopkgtest always fails
Severity set to 'serious' from 'normal'
> # not a problem in sid
> tags 927762 buster bullseye
Bug #927762 [src:flask-mongoengine] flask-mongoengine: autopkgtest depends on 
mongodb which is not in buster
Added tag(s) buster and bullseye.
> severity 927762 serious
Bug #927762 [src:flask-mongoengine] flask-mongoengine: autopkgtest depends on 
mongodb which is not in buster
Severity set to 'serious' from 'important'
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
919924: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919924
925913: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925913
927762: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927762
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#920545: [Request for comments about Python3 migration] PbSuite

[Andreas Tille]

Hi folks,

it is time to decide about some packages which are upstream Python2 and
will probably not supported any more so we would become upstream for the
Python3 migration.  We probably need to confess that we do not have the
capacity to do so.  My first candidate for this decision is pbsuite.  I
stumbled upon this due to bug #920545 which is serious for
python-intervaltree-bio since autopkgtest regressions are now RC.

Its only purpose was that it is a precondition for pbsuite.  I had a
look at the actively used installations of pbsuite in pobcon[1]  At no
time we had more than 10 actively used installations of users who are
contributing via popcon.  That was in 2017 (at that time upstream had
provided the last SVN commits on Sourceforge) and we are now down to
maximum 2 active usage cases.

For me that boils down to "never massively used with tendency to not
used at all any more".  Our only Uploader Afif has droped himself from
this position to declare that he does not want to continue maintenance.
Is there any volunteer who intends to spent time into a Python3
migration and is aware that by doing so this might involve active
maintenance?

I personally would prefer to focus my time on more actively used code.

Kind regards

  Andreas.

[1] 
https://qa.debian.org/popcon-graph.php?packages=pbsuite+python-pbsuite-utils+pbjelly+pbhoney+python-pbbanana_vote=on_legend=on_ticks=on_date=_date=_date=_fmt=%25Y-%25m=1

-- 
http://fam-tille.de

Bug#932603: missing dependency on libnet1

[Sven Joachim]

Am 21.07.2019 um 08:56 schrieb Felix Zielcke:

> Package: tcptraceroute
> Version: 1.5beta7+debian-4.1
> Severity: serious
>
> I hadn't libnet1 installed due to nothing depending on it and tcptraceroute 
> failed now with:
>
> # tcptraceroute www.debian.org
> tcptraceroute: error while loading shared libraries: libnet.so.1: cannot open 
> shared object file: No such file or directory
>
> And indeed the tcptraceroute_1.5beta7+debian-4.1_amd64.deb doestn't
> have any Depends: line in DEBIAN/control.

This is a consequence of debhelper bug #932240, the package needs to be
rebuilt with a fixed debhelper.

Cheers,
   Sven

Bug#901148: Bug still present

[Alec Rose]

Hi,

This affects me too after I upgraded to Buster.
The Superuser link Antoine Amarilli is giving suggests that timidity is
started at system level, while pulseaudio is started at the user level.
Maybe you could change that behaviour?

Best

Bug#932603: missing dependency on libnet1

[Felix Zielcke]

Package: tcptraceroute
Version: 1.5beta7+debian-4.1
Severity: serious

I hadn't libnet1 installed due to nothing depending on it and tcptraceroute 
failed now with:

# tcptraceroute www.debian.org
tcptraceroute: error while loading shared libraries: libnet.so.1: cannot open 
shared object file: No such file or directory

And indeed the tcptraceroute_1.5beta7+debian-4.1_amd64.deb doestn't have any 
Depends: line in DEBIAN/control.
Even though packages.debian.org says the sid version would depend on libnet1.


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- no debconf information