Bug#986790: marked as done (CVE-2021-1405 CVE-2021-1404 CVE-2021-1252)

2021-04-21 Thread Debian Bug Tracking System 
Your message dated Wed, 21 Apr 2021 21:47:08 +
with message-id 
and subject line Bug#986622: fixed in clamav 0.103.2+dfsg-0+deb10u1
has caused the Debian Bug report #986622,
regarding CVE-2021-1405 CVE-2021-1404 CVE-2021-1252
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
986622: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: clamav
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team 

Please see 
https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html

Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: clamav
Source-Version: 0.103.2+dfsg-0+deb10u1
Done: Sebastian Andrzej Siewior 

We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 986...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sebastian Andrzej Siewior  (supplier of updated clamav 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 14 Apr 2021 08:38:52 +0200
Source: clamav
Architecture: source
Version: 0.103.2+dfsg-0+deb10u1
Distribution: buster
Urgency: medium
Maintainer: ClamAV Team 
Changed-By: Sebastian Andrzej Siewior 
Closes: 960843 963853 972974 973619 986622
Changes:
 clamav (0.103.2+dfsg-0+deb10u1) buster; urgency=medium
 .
   [ Sebastian Andrzej Siewior ]
   * Import 0.103.2
 - CVE-2021-1252 (Fix for Excel XLM parser infinite loop.)
 - CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.)
 - CVE-2021-1405 (Fix for mail parser NULL-dereference crash.)
 - Fix testsuite in an IPv6 only environment (Closes: #963853).
 - Update symbol file.
 - Drop CURL_CA_BUNDLE related patch, changes applied upstream.
(Closes: #986622).
   * Rename NEWS.Debian to NEWS.
   * Update lintian overrides.
   * Update apparmor profile for freshclam. Thanks to Michael Borgelt.
 (Closes: #972974)
   * Update apparmor profile for clamd. Thanks to Stefano Callegari.
 (Closes: #973619).
   * Remove deprecated option SafeBrowsing from debconf templates.
 .
   [ Helmut Grohne ]
   * Honour DEB_BUILD_OPTIONS=nocheck again. (Closes: #960843)
Checksums-Sha1:
 97ae77d5b851bf714bf531e0b59380aee558f31a 2818 clamav_0.103.2+dfsg-0+deb10u1.dsc
 461ec3a7b45851e31a1cd9a4458473f9b4dc2677 5123788 
clamav_0.103.2+dfsg.orig.tar.xz
 b97c89e34d2d19ce3481405573b824bc236ac476 219196 
clamav_0.103.2+dfsg-0+deb10u1.debian.tar.xz
Checksums-Sha256:
 89b3710e3557779a1e44f3c4e0b025485a2f1c646827c7897c6a2828a048948f 2818 
clamav_0.103.2+dfsg-0+deb10u1.dsc
 1f5d08342552f4b011521f44dd25e732dc79531ed2b54db385f8520496026371 5123788 
clamav_0.103.2+dfsg.orig.tar.xz
 f0b3a38c9e9d4982268803d3d0a2f9e988f5272ebe1e90791eada811300efa9a 219196 
clamav_0.103.2+dfsg-0+deb10u1.debian.tar.xz
Files:
 e6662a7da2fc99a18844cbbcaf153181 2818 utils optional 
clamav_0.103.2+dfsg-0+deb10u1.dsc
 246d43d86d170e5aad57d512f4b0f6f8 5123788 utils optional 
clamav_0.103.2+dfsg.orig.tar.xz
 bd423c06620b81afa231cec0736066bd 219196 utils optional 
clamav_0.103.2+dfsg-0+deb10u1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAmCAevoACgkQBWQfF1cS
+lshWQv9HRE7RtIyIy8Jg59jbpB/NbwP3rGVxyZei3ZOqBb6oMz0ZDYnOKl7kG7I
OkrVYhrS0AvNQx7cFKeo45iIzDcw0ziFio3EPApaJsR2WSp3RkLIPEsYzhN9x1bT
qaEdZEHEQS/394s3gEne8X7XhRKBm5ZcZqF+YXcXpRFCwhfcnb1jEQszx0V3jyQH
mwacjW/knXz91GMlUG1laGrkzE+LbMM2DNPhWclxSKzWV5yEG02WQfVvynhJ4x12
U6x7tMFETVnUEi5o8XEmPzv5JcO72tYgvfbSSc1kCH/1rX99z7SNVjRA4fSRdZaz
kz24YU2E2qHX+UaeWX3jOJwviGkWS75W4prJwmZ+ljDOsa14/kWeWfKCTNDBywbk
pXZDJQUYh0T+F/7xPrCZNDtcqHEU7dMj9iHWCjjnUsfKDbtZCBJ7TUDjlftpFArV
3dgB6lfO3QkNTSU3w41+3FXxdOOkfaIDBzVV2fgS0Xi09DSaxwsYNLcvc1BepwHa
OlAvX9KG
=yZXw
-END PGP SIGNATURE End Message ---

Bug#986622: marked as done (ClamAV 0.103.2 security patch release)

2021-04-21 Thread Debian Bug Tracking System 
Your message dated Wed, 21 Apr 2021 21:47:08 +
with message-id 
and subject line Bug#986622: fixed in clamav 0.103.2+dfsg-0+deb10u1
has caused the Debian Bug report #986622,
regarding ClamAV 0.103.2 security patch release
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
986622: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: clamav
Version: 0.103.0+dfsg-3.1

ClamAV 0.103.2 is a security patch release with the following fixes:

CVE-2021-1252 : 
Fix for Excel XLM parser infinite loop. Affects 0.103.0 and 0.103.1 only.

CVE-2021-1404 : 
Fix for PDF parser buffer over-read; possible crash. Affects 0.103.0 and 
0.103.1 only.

CVE-2021-1405 : 
Fix for mail parser NULL-dereference crash. Affects 0.103.1 and prior.

CVE-2021-1386 :
Fix for UnRAR DLL load privilege escalation. Affects 0.103.1 and prior on 
Windows only.
--- End Message ---
--- Begin Message ---
Source: clamav
Source-Version: 0.103.2+dfsg-0+deb10u1
Done: Sebastian Andrzej Siewior 

We believe that the bug you reported is fixed in the latest version of
clamav, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 986...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sebastian Andrzej Siewior  (supplier of updated clamav 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Wed, 14 Apr 2021 08:38:52 +0200
Source: clamav
Architecture: source
Version: 0.103.2+dfsg-0+deb10u1
Distribution: buster
Urgency: medium
Maintainer: ClamAV Team 
Changed-By: Sebastian Andrzej Siewior 
Closes: 960843 963853 972974 973619 986622
Changes:
 clamav (0.103.2+dfsg-0+deb10u1) buster; urgency=medium
 .
   [ Sebastian Andrzej Siewior ]
   * Import 0.103.2
 - CVE-2021-1252 (Fix for Excel XLM parser infinite loop.)
 - CVE-2021-1404 (Fix for PDF parser buffer over-read; possible crash.)
 - CVE-2021-1405 (Fix for mail parser NULL-dereference crash.)
 - Fix testsuite in an IPv6 only environment (Closes: #963853).
 - Update symbol file.
 - Drop CURL_CA_BUNDLE related patch, changes applied upstream.
(Closes: #986622).
   * Rename NEWS.Debian to NEWS.
   * Update lintian overrides.
   * Update apparmor profile for freshclam. Thanks to Michael Borgelt.
 (Closes: #972974)
   * Update apparmor profile for clamd. Thanks to Stefano Callegari.
 (Closes: #973619).
   * Remove deprecated option SafeBrowsing from debconf templates.
 .
   [ Helmut Grohne ]
   * Honour DEB_BUILD_OPTIONS=nocheck again. (Closes: #960843)
Checksums-Sha1:
 97ae77d5b851bf714bf531e0b59380aee558f31a 2818 clamav_0.103.2+dfsg-0+deb10u1.dsc
 461ec3a7b45851e31a1cd9a4458473f9b4dc2677 5123788 
clamav_0.103.2+dfsg.orig.tar.xz
 b97c89e34d2d19ce3481405573b824bc236ac476 219196 
clamav_0.103.2+dfsg-0+deb10u1.debian.tar.xz
Checksums-Sha256:
 89b3710e3557779a1e44f3c4e0b025485a2f1c646827c7897c6a2828a048948f 2818 
clamav_0.103.2+dfsg-0+deb10u1.dsc
 1f5d08342552f4b011521f44dd25e732dc79531ed2b54db385f8520496026371 5123788 
clamav_0.103.2+dfsg.orig.tar.xz
 f0b3a38c9e9d4982268803d3d0a2f9e988f5272ebe1e90791eada811300efa9a 219196 
clamav_0.103.2+dfsg-0+deb10u1.debian.tar.xz
Files:
 e6662a7da2fc99a18844cbbcaf153181 2818 utils optional 
clamav_0.103.2+dfsg-0+deb10u1.dsc
 246d43d86d170e5aad57d512f4b0f6f8 5123788 utils optional 
clamav_0.103.2+dfsg.orig.tar.xz
 bd423c06620b81afa231cec0736066bd 219196 utils optional 
clamav_0.103.2+dfsg-0+deb10u1.debian.tar.xz

-BEGIN PGP SIGNATURE-

iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAmCAevoACgkQBWQfF1cS
+lshWQv9HRE7RtIyIy8Jg59jbpB/NbwP3rGVxyZei3ZOqBb6oMz0ZDYnOKl7kG7I
OkrVYhrS0AvNQx7cFKeo45iIzDcw0ziFio3EPApaJsR2WSp3RkLIPEsYzhN9x1bT
qaEdZEHEQS/394s3gEne8X7XhRKBm5ZcZqF+YXcXpRFCwhfcnb1jEQszx0V3jyQH
mwacjW/knXz91GMlUG1laGrkzE+LbMM2DNPhWclxSKzWV5yEG02WQfVvynhJ4x12
U6x7tMFETVnUEi5o8XEmPzv5JcO72tYgvfbSSc1kCH/1rX99z7SNVjRA4fSRdZaz

Bug#987207: podman not running out-of-the-box as root

2021-04-21 Thread Reinhard Tartler 
Control: tag -1 pending
Control: severity -1 important
Control: retitle -1 Missing dependency on "iptables"

On Wed, Apr 21, 2021 at 6:07 AM Laurent Bigonville  wrote:

> So the problem here is, again, linked to the fact that I'm using a test
> SELinux policy that doesn't contain all the needed contexts, so yeah it's a
> mix of configuration issue and the fact that podman is not ignoring these
> errors if SELinux is in permissive. I'll ping upstream again.
>
Thanks, let's track this in #984879

> So the remaining problem here is iptables command not being installed (and
> the seccomp.json file missing to a lower extend)
>
Agreed.

-- 
regards,
Reinhard

Processed: Re: Bug#987207: podman not running out-of-the-box as root

2021-04-21 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 pending
Bug #987207 [podman] podman not running out-of-the-box as root
Added tag(s) pending.
> severity -1 important
Bug #987207 [podman] podman not running out-of-the-box as root
Severity set to 'important' from 'serious'
> retitle -1 Missing dependency on "iptables"
Bug #987207 [podman] podman not running out-of-the-box as root
Changed Bug title to 'Missing dependency on "iptables"' from 'podman not 
running out-of-the-box as root'.

-- 
987207: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987207
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#987331: ruby-mysql2: flaky autopkgtest

2021-04-21 Thread Sebastian Ramacher 
Source: ruby-mysql2
Version: 0.5.3-2
Severity: serious
X-Debbugs-Cc: sramac...@debian.org

Many of the autopkgtest runs on amd64 fail with:
| Failures:
|
|   1) Mysql2::Result streaming should raise an exception if streaming ended 
due to a timeout
|  Failure/Error:
|expect do
|  res.each_with_index do |_, i|
|# Exhaust the first result packet then trigger a timeout
|sleep 4 if i > 0 && i % 1000 == 0
|  end
|end.to raise_error(Mysql2::Error, /Lost connection/)
|
|expected Mysql2::Error with message matching /Lost connection/ but 
nothing was raised
|  # ./spec/mysql2/result_spec.rb:164:in `block (3 levels) in '
|
| Finished in 42.81 seconds (files took 0.2193 seconds to load)
| 321 examples, 1 failure, 5 pending

See also 
https://ci.debian.net/data/autopkgtest/testing/amd64/r/ruby-mysql2/11803835/log.gz

Cheers
-- 
Sebastian Ramacher


signature.asc
Description: PGP signature

Processed: reassign to closing package such that bts/udd/britney understand

2021-04-21 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> reassign 941624 src:tasksel 3.64
Bug #941624 {Done: Holger Wansing } [gnome-shell] 
Recommending ibus breaks fcitx
Bug reassigned from package 'gnome-shell' to 'src:tasksel'.
No longer marked as found in versions gnome-shell/3.34.0-2.
No longer marked as fixed in versions tasksel/3.66.
Bug #941624 {Done: Holger Wansing } [src:tasksel] 
Recommending ibus breaks fcitx
Marked as found in versions tasksel/3.64.
> fixed 941624 3.66
Bug #941624 {Done: Holger Wansing } [src:tasksel] 
Recommending ibus breaks fcitx
Marked as fixed in versions tasksel/3.66.
> affects 941624 gnome-shell
Bug #941624 {Done: Holger Wansing } [src:tasksel] 
Recommending ibus breaks fcitx
Added indication that 941624 affects gnome-shell
> retitle 941624 gnome-shell recommending ibus breaks fcitx
Bug #941624 {Done: Holger Wansing } [src:tasksel] 
Recommending ibus breaks fcitx
Changed Bug title to 'gnome-shell recommending ibus breaks fcitx' from 
'Recommending ibus breaks fcitx'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
941624: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941624
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986622: [Pkg-clamav-devel] Bug#986622: Bug#986622: fixes

2021-04-21 Thread Sebastian Andrzej Siewior 
On 2021-04-21 08:17:53 [+0100], Athanasius wrote:
> So long as any Debian update of the packages both addresses the
> outstanding CVEs *and* quiets this logging I'll be happy.

Be aware that I am following the process to get an update into Buster.

Sebastian

Bug#987260: marked as done (lyskom-elisp-client: fails to install with xemacs21)

2021-04-21 Thread Debian Bug Tracking System 
Your message dated Wed, 21 Apr 2021 19:33:23 +
with message-id 
and subject line Bug#987260: fixed in lyskom-elisp-client 
0.48+git.20200923.ec349ff4-3
has caused the Debian Bug report #987260,
regarding lyskom-elisp-client: fails to install with xemacs21
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
987260: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987260
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: lyskom-elisp-client
Version: 0.48+git.20200923.ec349ff4-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package failed to install if
xemacs21 is already installed.

>From the attached log (scroll to the bottom...):

  Preparing to unpack 
.../lyskom-elisp-client_0.48+git.20200923.ec349ff4-1_all.deb ...
  Unpacking lyskom-elisp-client (0.48+git.20200923.ec349ff4-1) ...
  Setting up lyskom-elisp-client (0.48+git.20200923.ec349ff4-1) ...
  Install lyskom-elisp-client for emacs
  install/lyskom-elisp-client: Handling install of emacsen flavor emacs
  Install lyskom-elisp-client for xemacs21
  install/lyskom-elisp-client: Handling install of emacsen flavor xemacs21
  install/lyskom-elisp-client: byte-compiling for xemacs21
  Please wait...
  Compiling /usr/share/xemacs21/site-lisp/lyskom-elisp-client.el...
  Ignoring `eval:' in file's local variables
  While compiling lyskom-help-format-keymap in file 
/usr/share/xemacs21/site-lisp/lyskom-elisp-client.el:
** variable this-command-keys bound but not referenced
  While compiling toplevel forms:
!! Invalid read syntax (("#"))
  >>Error occurred processing lyskom-elisp-client.el: 
  Invalid read syntax: "#"
  
  
  Done
  ERROR: install script from lyskom-elisp-client package failed
  dpkg: error processing package lyskom-elisp-client (--configure):
   installed lyskom-elisp-client package post-installation script subprocess 
returned error exit status 1
  Errors were encountered while processing:
   lyskom-elisp-client


cheers,

Andreas


lyskom-elisp-client=0.48+git.20200923.ec349ff4-1_xemacs21.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Source: lyskom-elisp-client
Source-Version: 0.48+git.20200923.ec349ff4-3
Done: Joel Rosdahl 

We believe that the bug you reported is fixed in the latest version of
lyskom-elisp-client, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 987...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Joel Rosdahl  (supplier of updated lyskom-elisp-client package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 21 Apr 2021 20:56:42 +0200
Source: lyskom-elisp-client
Architecture: source
Version: 0.48+git.20200923.ec349ff4-3
Distribution: unstable
Urgency: medium
Maintainer: Joel Rosdahl 
Changed-By: Joel Rosdahl 
Closes: 987260
Changes:
 lyskom-elisp-client (0.48+git.20200923.ec349ff4-3) unstable; urgency=medium
 .
   * Only support emacs flavor since xemacs21 fails (closes: #987260)
Checksums-Sha1:
 ee0c22b3018d5583788896ad72d5bb2088708171 1907 
lyskom-elisp-client_0.48+git.20200923.ec349ff4-3.dsc
 6bbf20353b8f19b2a6dc18b7795082e4d4e88d6e 11024 
lyskom-elisp-client_0.48+git.20200923.ec349ff4-3.debian.tar.xz
 eedc021ffa66e8a69be02171a779fcd53f249b72 8913 
lyskom-elisp-client_0.48+git.20200923.ec349ff4-3_amd64.buildinfo
Checksums-Sha256:
 748bb374a8f05ad7ede20311ad6197273829cbd1bbea6bce29d39fd08ee24e4f 1907 
lyskom-elisp-client_0.48+git.20200923.ec349ff4-3.dsc
 9db2066c2bbedb2adc69acd114a6a978e6a3f915f1ec987a81e35311fe53cfa5 11024 
lyskom-elisp-client_0.48+git.20200923.ec349ff4-3.debian.tar.xz
 11bd8af9acd64f12af15e6fa561835ad08e76bf323cd195e48de6b6bb6c4bbef 8913 
lyskom-elisp-client_0.48+git.20200923.ec349ff4-3_amd64.buildinfo
Files:
 4e5d93ec6e0e78839c5224bb9a2ae3cd 1907 net optional 
lyskom-elisp-client_0.48+git.20200923.ec349ff4-3.dsc
 232dfa8c2c25a72e6e24162ade7c6c40 11024 net optional 
lyskom-elisp-client_0.48+git.20200923.ec349ff4-3.debian.tar.xz
 a0d8b6f896932e17c10fa747380c36ff 8913 net optional 
lyskom-elisp-client_0.48+git.20200923.ec349ff4-3_amd64.buildinfo

-BEGIN PGP

Bug#987303: marked as done (neutron-common: fails to install: cp: cannot stat '/usr/share/neutron-common/plugins/ml2/ml2_conf.ini': No such file or directory)

2021-04-21 Thread Debian Bug Tracking System 
Your message dated Wed, 21 Apr 2021 21:17:51 +0200
with message-id <99b8ac09-0f26-79b8-a9db-3f4e12c89...@debian.org>
and subject line Re: Bug#987303: neutron-common: fails to install: cp: cannot 
stat '/usr/share/neutron-common/plugins/ml2/ml2_conf.ini': No such file or 
directory
has caused the Debian Bug report #987303,
regarding neutron-common: fails to install: cp: cannot stat 
'/usr/share/neutron-common/plugins/ml2/ml2_conf.ini': No such file or directory
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
987303: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987303
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: neutron-common
Version: 2:17.1.1-3
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package failed to install. As
per definition of the release team this makes the package too buggy for
a release, thus the severity.

>From the attached log (scroll to the bottom...):

  Setting up neutron-common (2:17.1.1-3) ...
  cp: cannot stat '/usr/share/neutron-common/plugins/ml2/ml2_conf.ini': No such 
file or directory
  dpkg: error processing package neutron-common (--configure):
   installed neutron-common package post-installation script subprocess 
returned error exit status 1
  Processing triggers for ca-certificates (20210119) ...
  Updating certificates in /etc/ssl/certs...
  0 added, 0 removed; done.
  Running hooks in /etc/ca-certificates/update.d...
  done.
  Errors were encountered while processing:
   neutron-common


cheers,

Andreas


neutron-common_2:17.1.1-3.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---

Version: 2:17.1.1-4

On 21/04/2021 18.23, Thomas Goirand wrote:

This was fixed in 2:17.1.1-4 that I just uploaded, before I saw your bug
report. I'm not sure how to fix the BTS metadata then... :/


Done with this mail ;-)

Andreas--- End Message ---

Processed: retitle 987149 to xscreensaver: CVE-2021-31523: allows starting external programs with cap_net_raw

2021-04-21 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> retitle 987149 xscreensaver: CVE-2021-31523: allows starting external 
> programs with cap_net_raw
Bug #987149 [src:xscreensaver] xscreensaver: allows starting external programs 
with cap_net_raw
Changed Bug title to 'xscreensaver: CVE-2021-31523: allows starting external 
programs with cap_net_raw' from 'xscreensaver: allows starting external 
programs with cap_net_raw'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
987149: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987149
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#987325: mysql-8.0: Security fixes from the April 2021 CPU

2021-04-21 Thread Salvatore Bonaccorso 
Source: mysql-8.0
Version: 8.0.23-3
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi

See
https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixMSQL
for a list of CVEs affecting src:mysql-8.0.

Regards,
Salvatore

Processed: Re: unusable with current git

2021-04-21 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> reopen 986565
Bug #986565 {Done: Laszlo Boszormenyi (GCS) } [git-flow] 
unusable with current git
Bug reopened
Ignoring request to alter fixed versions of bug #986565 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
986565: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986565
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986565: unusable with current git

2021-04-21 Thread Lisandro Damián Nicanor Pérez Meyer 
reopen 986565
thanks

Hi! Indeed it's not working again, so reopening the bug.

On Wed, 21 Apr 2021 10:12:03 + Damyan Ivanov  wrote:
> Package: git-flow
> Version: 1.12.3-2
> Followup-For: Bug #986565
>
> Control: reopen -1 1.12.3-2
>
> Sigh. Now git reverted to using /usr/lib again, and git-flow is broken.
>
> Reverting the changes in 1.12.3-2 would fix it.
>
> Reading https://bugs.debian.org/985416 (the bug report in git about changing
> the path), I am left with the impression that the proper fix is to ship
> /usr/bin/git-flow. Perhaps the other scripts need to be in /usr/bin too.
>
>
> HTH,
> Damyan
>
>
> -- System Information:
> Debian Release: 11.0
>   APT prefers unstable-debug
>   APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), 
> (500, 'stable'), (500, 'oldstable'), (1, 'experimental')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 5.10.0-6-amd64 (SMP w/2 CPU threads)
> Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
> Locale: LANG=bg_BG.UTF-8, LC_CTYPE=bg_BG.UTF-8 (charmap=UTF-8), LANGUAGE not 
> set
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages git-flow depends on:
> ii  git [git-core]  1:2.31.1-1
> ii  git-core1:2.15.0~rc0-1
>
> git-flow recommends no packages.
>
> git-flow suggests no packages.
>
> -- no debconf information
>
>

Bug#987323: gpac: CVE-2021-29279 CVE-2021-30014 CVE-2021-30015 CVE-2021-30019 CVE-2021-30020 CVE-2021-30022 CVE-2021-30199

2021-04-21 Thread Salvatore Bonaccorso 
Source: gpac
Version: 1.0.1+dfsg1-3
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerabilities were published for gpac, filling a
seprate bug for this set of new CVEs araised yesterday.

CVE-2021-29279[0]:
| There is a integer overflow in function
| filter_core/filter_props.c:gf_props_assign_value in GPAC 1.0.1. In
| which, the arg const GF_PropertyValue *value,maybe
| value-value.data.size is a negative number. In result, memcpy in
| gf_props_assign_value failed.


CVE-2021-30014[1]:
| There is a integer overflow in media_tools/av_parsers.c in the
| hevc_parse_slice_segment function in GPAC 1.0.1 which results in a
| crash.


CVE-2021-30015[2]:
| There is a Null Pointer Dereference in function
| filter_core/filter_pck.c:gf_filter_pck_new_alloc_internal in GPAC
| 1.0.1. The pid comes from function av1dmx_parse_flush_sample, the
| ctx.opid maybe NULL. The result is a crash in
| gf_filter_pck_new_alloc_internal.


CVE-2021-30019[3]:
| In the adts_dmx_process function in filters/reframe_adts.c in GPAC
| 1.0.1, a crafted file may cause ctx-hdr.frame_size to be smaller
| than ctx-hdr.hdr_size, resulting in size to be a negative number
| and a heap overflow in the memcpy.


CVE-2021-30020[4]:
| In the function gf_hevc_read_pps_bs_internal function in
| media_tools/av_parsers.c in GPAC 1.0.1 there is a loop, which with
| crafted file, pps-num_tile_columns may be larger than
| sizeof(pps-column_width), which results in a heap overflow in the
| loop.


CVE-2021-30022[5]:
| There is a integer overflow in media_tools/av_parsers.c in the
| gf_avc_read_pps_bs_internal in GPAC 1.0.1. pps_id may be a negative
| number, so it will not return. However, avc-pps only has 255 unit,
| so there is an overflow, which results a crash.


CVE-2021-30199[6]:
| In filters/reframe_latm.c in GPAC 1.0.1 there is a Null Pointer
| Dereference, when gf_filter_pck_get_data is called. The first arg pck
| may be null with a crafted mp4 file,which results in a crash.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-29279
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29279
[1] https://security-tracker.debian.org/tracker/CVE-2021-30014
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30014
[2] https://security-tracker.debian.org/tracker/CVE-2021-30015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30015
[3] https://security-tracker.debian.org/tracker/CVE-2021-30019
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30019
[4] https://security-tracker.debian.org/tracker/CVE-2021-30020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30020
[5] https://security-tracker.debian.org/tracker/CVE-2021-30022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30022
[6] https://security-tracker.debian.org/tracker/CVE-2021-30199
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30199

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#987303: neutron-common: fails to install: cp: cannot stat '/usr/share/neutron-common/plugins/ml2/ml2_conf.ini': No such file or directory

2021-04-21 Thread Thomas Goirand 
On 4/21/21 11:28 AM, Andreas Beckmann wrote:
> Package: neutron-common
> Version: 2:17.1.1-3
> Severity: serious
> User: debian...@lists.debian.org
> Usertags: piuparts
> 
> Hi,
> 
> during a test with piuparts I noticed your package failed to install. As
> per definition of the release team this makes the package too buggy for
> a release, thus the severity.
> 
>>From the attached log (scroll to the bottom...):
> 
>   Setting up neutron-common (2:17.1.1-3) ...
>   cp: cannot stat '/usr/share/neutron-common/plugins/ml2/ml2_conf.ini': No 
> such file or directory
>   dpkg: error processing package neutron-common (--configure):
>installed neutron-common package post-installation script subprocess 
> returned error exit status 1
>   Processing triggers for ca-certificates (20210119) ...
>   Updating certificates in /etc/ssl/certs...
>   0 added, 0 removed; done.
>   Running hooks in /etc/ca-certificates/update.d...
>   done.
>   Errors were encountered while processing:
>neutron-common
> 
> 
> cheers,
> 
> Andreas
> 

Hi,

Thanks for your bug report.

This was fixed in 2:17.1.1-4 that I just uploaded, before I saw your bug
report. I'm not sure how to fix the BTS metadata then... :/

Cheers,

Thomas Goirand (zigo)

Processed: syncmaildir: diff for NMU version 1.3.0-1.1

2021-04-21 Thread Debian Bug Tracking System 
Processing control commands:

> tags 975227 + patch
Bug #975227 [src:syncmaildir] syncmaildir: FTBFS: running 
client-server/02-move-mail: .grep: log.s2c: binary file matches
Added tag(s) patch.
> tags 975227 + pending
Bug #975227 [src:syncmaildir] syncmaildir: FTBFS: running 
client-server/02-move-mail: .grep: log.s2c: binary file matches
Added tag(s) pending.

-- 
975227: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975227
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#975227: syncmaildir: diff for NMU version 1.3.0-1.1

2021-04-21 Thread David Bremner 
Control: tags 975227 + patch
Control: tags 975227 + pending

Dear maintainer,

I've prepared an NMU for syncmaildir (versioned as 1.3.0-1.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards.

David
diff -Nru syncmaildir-1.3.0/debian/changelog syncmaildir-1.3.0/debian/changelog
--- syncmaildir-1.3.0/debian/changelog	2018-03-17 13:13:46.0 -0300
+++ syncmaildir-1.3.0/debian/changelog	2021-04-21 11:05:47.0 -0300
@@ -1,3 +1,13 @@
+syncmaildir (1.3.0-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Convert some 'grep foo bar | wc -l' to 'grep -c foo bar' in test
+suite.  Bug fix: "FTBFS: running client-server/02-move-mail: .grep:
+log.s2c: binary file matches", thanks to Lucas Nussbaum (Closes:
+#975227).
+
+ -- David Bremner   Wed, 21 Apr 2021 11:05:47 -0300
+
 syncmaildir (1.3.0-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru syncmaildir-1.3.0/debian/patches/replace-use-of-grep--wc-with-grep--c-for.patch syncmaildir-1.3.0/debian/patches/replace-use-of-grep--wc-with-grep--c-for.patch
--- syncmaildir-1.3.0/debian/patches/replace-use-of-grep--wc-with-grep--c-for.patch	1969-12-31 20:00:00.0 -0400
+++ syncmaildir-1.3.0/debian/patches/replace-use-of-grep--wc-with-grep--c-for.patch	2021-04-21 11:05:47.0 -0300
@@ -0,0 +1,186 @@
+From: David Bremner 
+Date: Wed, 21 Apr 2021 08:16:11 -0300
+X-Dgit-Generated: 1.3.0-1.1 6d7213c4f0646e9a896aa3acc16c886914bdd01d
+Subject: Replace use of "grep | wc" with grep -c for binary files.
+
+The latter actually reports a number of matches on stdout, making the
+tests pass.
+
+---
+
+--- syncmaildir-1.3.0.orig/tests.d/client-server/02-move-mail
 syncmaildir-1.3.0/tests.d/client-server/02-move-mail
+@@ -9,7 +9,7 @@ msync 2
+ 
+ test_eq Mail target/Mail 
+ 
+-X=`grep '^MOVE ' log.s2c | wc -l`
++X=`grep -c '^MOVE ' log.s2c`
+ assert $X 1 "missing MOVE in s2c"
+ 
+ X=`grep '^COMMIT$' log.c2s | wc -l`
+--- syncmaildir-1.3.0.orig/tests.d/client-server/03-copy-mail
 syncmaildir-1.3.0/tests.d/client-server/03-copy-mail
+@@ -9,7 +9,7 @@ msync 2
+ 
+ test_eq Mail target/Mail 
+ 
+-X=`grep '^COPY ' log.s2c | wc -l`
++X=`grep -c '^COPY ' log.s2c`
+ assert $X 1 "missing COPY in s2c"
+ 
+ X=`grep '^GET ' log.c2s | wc -l`
+--- syncmaildir-1.3.0.orig/tests.d/client-server/04-replace-header
 syncmaildir-1.3.0/tests.d/client-server/04-replace-header
+@@ -9,7 +9,7 @@ msync 2
+ 
+ test_eq Mail target/Mail 
+ 
+-X=`grep '^REPLACEHEADER ' log.s2c | wc -l`
++X=`grep -c '^REPLACEHEADER ' log.s2c`
+ assert $X 1 "missing REPLACEHEADER in s2c"
+ 
+ X=`grep '^GETHEADER ' log.c2s | wc -l`
+--- syncmaildir-1.3.0.orig/tests.d/client-server/05-replace-header-fail
 syncmaildir-1.3.0/tests.d/client-server/05-replace-header-fail
+@@ -11,7 +11,7 @@ msync 2
+ 
+ test_eq target/Mail.old target/Mail 
+ 
+-X=`grep '^REPLACEHEADER ' log.s2c | wc -l`
++X=`grep -c '^REPLACEHEADER ' log.s2c`
+ assert $X 1 "missing REPLACEHEADER in s2c"
+ 
+ X=`grep '^GETHEADER ' log.c2s | wc -l`
+--- syncmaildir-1.3.0.orig/tests.d/client-server/06-replace-header-already-ok
 syncmaildir-1.3.0/tests.d/client-server/06-replace-header-already-ok
+@@ -10,7 +10,7 @@ test_eq Mail target/Mail
+ msync 2
+ 
+ test_eq Mail target/Mail 
+-X=`grep '^REPLACEHEADER ' log.s2c | wc -l`
++X=`grep -c '^REPLACEHEADER ' log.s2c`
+ assert $X 1 "missing REPLACEHEADER in s2c"
+ 
+ X=`grep '^GETHEADER ' log.c2s | wc -l`
+--- syncmaildir-1.3.0.orig/tests.d/client-server/08-copy-mail-already-ok
 syncmaildir-1.3.0/tests.d/client-server/08-copy-mail-already-ok
+@@ -10,7 +10,7 @@ msync 2
+ 
+ test_eq Mail target/Mail 
+ 
+-X=`grep '^COPY ' log.s2c | wc -l`
++X=`grep -c '^COPY ' log.s2c`
+ assert $X 1 "missing COPY in s2c"
+ 
+ X=`grep '^GET ' log.c2s | wc -l`
+--- syncmaildir-1.3.0.orig/tests.d/client-server/10-delete-already-done
 syncmaildir-1.3.0/tests.d/client-server/10-delete-already-done
+@@ -10,7 +10,7 @@ msync 2
+ 
+ test_eq Mail target/Mail 
+ 
+-X=`grep '^DELETE ' log.s2c | wc -l`
++X=`grep -c '^DELETE ' log.s2c`
+ assert $X 1 "missing DELETE in s2c"
+ 
+ X=`grep '^COMMIT$' log.c2s | wc -l`
+--- syncmaildir-1.3.0.orig/tests.d/client-server/12-skip-add-already-there
 syncmaildir-1.3.0/tests.d/client-server/12-skip-add-already-there
+@@ -10,7 +10,7 @@ msync 2
+ 
+ test_eq Mail target/Mail 
+ 
+-X=`grep '^ADD ' log.s2c | wc -l`
++X=`grep -c '^ADD ' log.s2c`
+ assert $X 1 "missing ADD in s2c"
+ 
+ X=`grep '^GET ' log.c2s | wc -l`
+--- syncmaildir-1.3.0.orig/tests.d/client-server/14-skip-copy-already-there-copy-only
 syncmaildir-1.3.0/tests.d/client-server/14-skip-copy-already-there-copy-only
+@@ -14,7 +14,7 @@ rm Mail/cur/$C
+ 
+ test_eq Mail target/Mail 
+ 
+-X=`grep '^COPY ' log.s2c | wc -l`
++X=`grep -c '^COPY ' log.s2c`
+ assert $X 1 "missing COPY in s2c"
+ 
+ X=`grep '^GET ' log.c2s | wc -l`
+--- syncmaildir-1.3.0.orig/tests.d/client-server/18-copybody

Bug#975227: [PATCH] Replace use of "grep | wc" with grep -c for binary files.

2021-04-21 Thread Antoine Beaupré 
LGTM.

On 2021-04-21 08:20:36, David Bremner wrote:
> The latter actually reports a number of matches on stdout, making the
> tests pass.
> ---
>  tests.d/client-server/02-move-mail | 2 +-
>  tests.d/client-server/03-copy-mail | 2 +-
>  tests.d/client-server/04-replace-header| 2 +-
>  tests.d/client-server/05-replace-header-fail   | 2 +-
>  tests.d/client-server/06-replace-header-already-ok | 2 +-
>  tests.d/client-server/08-copy-mail-already-ok  | 2 +-
>  tests.d/client-server/10-delete-already-done   | 2 +-
>  tests.d/client-server/12-skip-add-already-there| 2 +-
>  tests.d/client-server/14-skip-copy-already-there-copy-only | 2 +-
>  tests.d/client-server/18-copybody  | 2 +-
>  tests.d/client-server/19-copybody-already-ok   | 2 +-
>  tests.d/client-server/22-replace   | 2 +-
>  tests.d/client-server/23-replace-aready-ok | 2 +-
>  tests.d/client-server/34-move-fail2| 2 +-
>  tests.d/client-server/35-delete| 2 +-
>  tests.d/client-server/36-move-fail3| 2 +-
>  16 files changed, 16 insertions(+), 16 deletions(-)
>
> diff --git a/tests.d/client-server/02-move-mail 
> b/tests.d/client-server/02-move-mail
> index e3dbd90..7828b69 100644
> --- a/tests.d/client-server/02-move-mail
> +++ b/tests.d/client-server/02-move-mail
> @@ -9,7 +9,7 @@ msync 2
>  
>  test_eq Mail target/Mail 
>  
> -X=`grep '^MOVE ' log.s2c | wc -l`
> +X=`grep -c '^MOVE ' log.s2c`
>  assert $X 1 "missing MOVE in s2c"
>  
>  X=`grep '^COMMIT$' log.c2s | wc -l`
> diff --git a/tests.d/client-server/03-copy-mail 
> b/tests.d/client-server/03-copy-mail
> index 0037531..ec185a2 100644
> --- a/tests.d/client-server/03-copy-mail
> +++ b/tests.d/client-server/03-copy-mail
> @@ -9,7 +9,7 @@ msync 2
>  
>  test_eq Mail target/Mail 
>  
> -X=`grep '^COPY ' log.s2c | wc -l`
> +X=`grep -c '^COPY ' log.s2c`
>  assert $X 1 "missing COPY in s2c"
>  
>  X=`grep '^GET ' log.c2s | wc -l`
> diff --git a/tests.d/client-server/04-replace-header 
> b/tests.d/client-server/04-replace-header
> index 8af6cbb..1ffcaf1 100644
> --- a/tests.d/client-server/04-replace-header
> +++ b/tests.d/client-server/04-replace-header
> @@ -9,7 +9,7 @@ msync 2
>  
>  test_eq Mail target/Mail 
>  
> -X=`grep '^REPLACEHEADER ' log.s2c | wc -l`
> +X=`grep -c '^REPLACEHEADER ' log.s2c`
>  assert $X 1 "missing REPLACEHEADER in s2c"
>  
>  X=`grep '^GETHEADER ' log.c2s | wc -l`
> diff --git a/tests.d/client-server/05-replace-header-fail 
> b/tests.d/client-server/05-replace-header-fail
> index 8743c24..9599251 100644
> --- a/tests.d/client-server/05-replace-header-fail
> +++ b/tests.d/client-server/05-replace-header-fail
> @@ -11,7 +11,7 @@ msync 2
>  
>  test_eq target/Mail.old target/Mail 
>  
> -X=`grep '^REPLACEHEADER ' log.s2c | wc -l`
> +X=`grep -c '^REPLACEHEADER ' log.s2c`
>  assert $X 1 "missing REPLACEHEADER in s2c"
>  
>  X=`grep '^GETHEADER ' log.c2s | wc -l`
> diff --git a/tests.d/client-server/06-replace-header-already-ok 
> b/tests.d/client-server/06-replace-header-already-ok
> index 1d29c14..c2c0b2f 100644
> --- a/tests.d/client-server/06-replace-header-already-ok
> +++ b/tests.d/client-server/06-replace-header-already-ok
> @@ -10,7 +10,7 @@ test_eq Mail target/Mail
>  msync 2
>  
>  test_eq Mail target/Mail 
> -X=`grep '^REPLACEHEADER ' log.s2c | wc -l`
> +X=`grep -c '^REPLACEHEADER ' log.s2c`
>  assert $X 1 "missing REPLACEHEADER in s2c"
>  
>  X=`grep '^GETHEADER ' log.c2s | wc -l`
> diff --git a/tests.d/client-server/08-copy-mail-already-ok 
> b/tests.d/client-server/08-copy-mail-already-ok
> index 781a109..0e481e5 100644
> --- a/tests.d/client-server/08-copy-mail-already-ok
> +++ b/tests.d/client-server/08-copy-mail-already-ok
> @@ -10,7 +10,7 @@ msync 2
>  
>  test_eq Mail target/Mail 
>  
> -X=`grep '^COPY ' log.s2c | wc -l`
> +X=`grep -c '^COPY ' log.s2c`
>  assert $X 1 "missing COPY in s2c"
>  
>  X=`grep '^GET ' log.c2s | wc -l`
> diff --git a/tests.d/client-server/10-delete-already-done 
> b/tests.d/client-server/10-delete-already-done
> index 926394d..c15603b 100644
> --- a/tests.d/client-server/10-delete-already-done
> +++ b/tests.d/client-server/10-delete-already-done
> @@ -10,7 +10,7 @@ msync 2
>  
>  test_eq Mail target/Mail 
>  
> -X=`grep '^DELETE ' log.s2c | wc -l`
> +X=`grep -c '^DELETE ' log.s2c`
>  assert $X 1 "missing DELETE in s2c"
>  
>  X=`grep '^COMMIT$' log.c2s | wc -l`
> diff --git a/tests.d/client-server/12-skip-add-already-there 
> b/tests.d/client-server/12-skip-add-already-there
> index 0a53a80..38ed3ff 100644
> --- a/tests.d/client-server/12-skip-add-already-there
> +++ b/tests.d/client-server/12-skip-add-already-there
> @@ -10,7 +10,7 @@ msync 2
>  
>  test_eq Mail target/Mail 
>  
> -X=`grep '^ADD ' log.s2c | wc -l`
> +X=`grep -c '^ADD ' log.s2c`
>  assert $X 1

Processed: dahdi-dkms: insufficient dkms dependency

2021-04-21 Thread Debian Bug Tracking System 
Processing control commands:

> found -1 2.11.1.0.20170917~dfsg-7
Bug #987309 [dahdi-dkms] dahdi-dkms: insufficient dkms dependency
There is no source info for the package 'dahdi-dkms' at version 
'2.11.1.0.20170917~dfsg-7' with architecture ''
Unable to make a source version for version '2.11.1.0.20170917~dfsg-7'
Marked as found in versions 2.11.1.0.20170917~dfsg-7.

-- 
987309: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987309
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#987309: dahdi-dkms: insufficient dkms dependency

2021-04-21 Thread Andreas Beckmann 
Package: dahdi-dkms
Version: 2.11.1.0.20170917~dfsg-7.3
Severity: serious
Tags: patch
User: debian...@lists.debian.org
Usertags: piuparts
Control: found -1 2.11.1.0.20170917~dfsg-7

Hi,

during a test with piuparts I noticed your package fails to upgrade from
'buster'.
It installed fine in 'buster', then the upgrade to 'bullseye' fails.

>From the attached log (scroll to the bottom...):

[...]
  Setting up dahdi-dkms (1:2.11.1.0.20170917~dfsg-7.3~deb11anbe1) ...
  Loading new dahdi-2.11.1.0.20170917~dfsg-7.3~deb11anbe1 DKMS files...
  It is likely that 4.19.0-9-amd64 belongs to a chroot's host
  Building for 4.19.0-16-amd64
  Building initial module for 4.19.0-16-amd64
  Error! Bad return status for module build on kernel: 4.19.0-16-amd64 (x86_64)
  Consult 
/var/lib/dkms/dahdi/2.11.1.0.20170917~dfsg-7.3~deb11anbe1/build/make.log for 
more information.
  dpkg: error processing package dahdi-dkms (--configure):
   installed dahdi-dkms package post-installation script subprocess returned 
error exit status 10
  dpkg: dependency problems prevent configuration of dahdi-linux:
   dahdi-linux depends on dahdi-dkms | dahdi-source; however:
Package dahdi-dkms is not configured yet.
Package dahdi-source is not installed.
  
  dpkg: error processing package dahdi-linux (--configure):
   dependency problems - leaving unconfigured
  Processing triggers for libc-bin (2.28-10) ...
  Processing triggers for mime-support (3.62) ...
  Errors were encountered while processing:
   dahdi-dkms
   dahdi-linux

In this upgrade path dahdi-dkms was upgraded before dkms.
This is probably related to the compiler used to build the module.
This can be fixed by bumping the dkms dependency s.t. a dkms version
is used that exports the compiler used to build the kernel (and
depended upon by the kernel headers) as CC.

The version is set s.t. it does not block of the current version in sid.
I'll NMU this fix after the current sid version has migrated to testing.


cheers,

Andreas
diff -Nru dahdi-linux-2.11.1.0.20170917~dfsg/debian/changelog 
dahdi-linux-2.11.1.0.20170917~dfsg/debian/changelog
--- dahdi-linux-2.11.1.0.20170917~dfsg/debian/changelog 2021-04-04 
22:42:52.0 +0200
+++ dahdi-linux-2.11.1.0.20170917~dfsg/debian/changelog 2021-04-21 
10:54:41.0 +0200
@@ -1,3 +1,12 @@
+dahdi-linux (1:2.11.1.0.20170917~dfsg-7.4) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * dahdi-dkms: Bump dkms dependency to (>= 2.8.4-3~) to reliably use the
+kernel's compiler to compile the module.  (Closes: #-1)
+  * dahdi-dkms: Drop wget dependency. Downloading firmware is disabled.
+
+ -- Andreas Beckmann   Wed, 21 Apr 2021 10:54:41 +0200
+
 dahdi-linux (1:2.11.1.0.20170917~dfsg-7.3) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru dahdi-linux-2.11.1.0.20170917~dfsg/debian/control 
dahdi-linux-2.11.1.0.20170917~dfsg/debian/control
--- dahdi-linux-2.11.1.0.20170917~dfsg/debian/control   2021-04-02 
22:51:16.0 +0200
+++ dahdi-linux-2.11.1.0.20170917~dfsg/debian/control   2021-04-21 
10:54:41.0 +0200
@@ -18,7 +18,7 @@
 Multi-Arch: foreign
 Depends: ${misc:Depends}, procps, fxload, dahdi-dkms | dahdi-source
 Description: DAHDI telephony interface - Linux userspace parts
- DAHDI (formly Zaptel) is an interface for telephony devices used by e.g.
+ DAHDI (formerly Zaptel) is an interface for telephony devices used by e.g.
  the Asterisk PBX software. The dahdi-* packages provide the kernel
  DAHDI kernel modules and their required setup environment.
  .
@@ -32,7 +32,7 @@
 Depends: ${misc:Depends}, debhelper (>> 4.0), module-assistant (>= 0.8.1), 
bzip2
 Recommends: dahdi-linux
 Description: DAHDI telephony interface - source code for kernel driver
- DAHDI (formly Zaptel) is an interface for telephony devices used by e.g.
+ DAHDI (formerly Zaptel) is an interface for telephony devices used by e.g.
  the Asterisk PBX software. The dahdi-* packages provide the kernel
  DAHDI kernel modules and their required setup environment, as well as
  basic headers for building DAHDI modules and utilities.
@@ -42,10 +42,10 @@
 Package: dahdi-dkms
 Section: kernel
 Architecture: all
-Depends: ${misc:Depends}, dkms, make, libc6-dev, dpkg-dev, gcc, wget, gawk
+Depends: ${misc:Depends}, dkms, make, libc6-dev, dpkg-dev, gcc, gawk, dkms (>= 
2.8.4-3~)
 Recommends: dahdi-linux
 Description: DAHDI telephony interface (dkms kernel driver)
- DAHDI (formly Zaptel) is an interface for telephony devices used by e.g.
+ DAHDI (formerly Zaptel) is an interface for telephony devices used by e.g.
  the Asterisk PBX software. The dahdi-* packages provide the kernel
  DAHDI kernel modules and their required setup environment.
  .

Bug#979075: redshift: diff for NMU version 1.12-4.1

2021-04-21 Thread Adrian Bunk 
Control: tags 979075 + patch
Control: tags 979075 + pending

Dear maintainer,

I've prepared an NMU for redshift (versioned as 1.12-4.1) and uploaded 
it to DELAYED/2. Please feel free to tell me if I should cancel it.

cu
Adrian
diff -Nru redshift-1.12/debian/changelog redshift-1.12/debian/changelog
--- redshift-1.12/debian/changelog	2020-12-12 18:43:43.0 +0200
+++ redshift-1.12/debian/changelog	2021-04-21 14:34:47.0 +0300
@@ -1,3 +1,11 @@
+redshift (1.12-4.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add an empty override_dh_installsystemduser to debian/rules
+to fix double instances caused by dh compat bump. (Closes: #979075)
+
+ -- Adrian Bunk   Wed, 21 Apr 2021 14:34:47 +0300
+
 redshift (1.12-4) unstable; urgency=medium
 
   * Fix AppArmor profile under Wayland (Closes: #977210)
diff -Nru redshift-1.12/debian/rules redshift-1.12/debian/rules
--- redshift-1.12/debian/rules	2020-12-12 18:43:43.0 +0200
+++ redshift-1.12/debian/rules	2021-04-21 14:34:44.0 +0300
@@ -23,3 +23,5 @@
 
 override_dh_installchangelogs:
 	dh_installchangelogs NEWS
+
+override_dh_installsystemduser:

Processed: redshift: diff for NMU version 1.12-4.1

2021-04-21 Thread Debian Bug Tracking System 
Processing control commands:

> tags 979075 + patch
Bug #979075 [redshift-gtk] redshift-gtk silently adds to systemd causing double 
instance to run in user session
Added tag(s) patch.
> tags 979075 + pending
Bug #979075 [redshift-gtk] redshift-gtk silently adds to systemd causing double 
instance to run in user session
Added tag(s) pending.

-- 
979075: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979075
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#986622: [Pkg-clamav-devel] Bug#986622: fixes

2021-04-21 Thread Athanasius 
  There's also the point that the current buster version is logging:

Apr 18 07:25:31 river freshclam[25421]: Sun Apr 18 07:25:31 2021 -> ^Your 
ClamAV installation is OUTDATED!
Apr 18 07:25:31 river freshclam[25421]: Sun Apr 18 07:25:31 2021 -> ^Local 
version: 0.102.4 Recommended version: 0.103.2
Apr 18 07:25:31 river freshclam[25421]: Sun Apr 18 07:25:31 2021 -> DON'T 
PANIC! Read https://www.clamav.net/documents/upgrading-clamav

once an hour.

So long as any Debian update of the packages both addresses the
outstanding CVEs *and* quiets this logging I'll be happy.
-- 
- Athanasius = Athanasius(at)miggy.org / https://miggy.org/
  GPG/PGP Key: https://miggy.org/gpg-key
   "And it's me who is my enemy. Me who beats me up.
Me who makes the monsters. Me who strips my confidence." Paula Cole - ME

Bug#975227: [PATCH] Replace use of "grep | wc" with grep -c for binary files.

2021-04-21 Thread David Bremner 
The latter actually reports a number of matches on stdout, making the
tests pass.
---
 tests.d/client-server/02-move-mail | 2 +-
 tests.d/client-server/03-copy-mail | 2 +-
 tests.d/client-server/04-replace-header| 2 +-
 tests.d/client-server/05-replace-header-fail   | 2 +-
 tests.d/client-server/06-replace-header-already-ok | 2 +-
 tests.d/client-server/08-copy-mail-already-ok  | 2 +-
 tests.d/client-server/10-delete-already-done   | 2 +-
 tests.d/client-server/12-skip-add-already-there| 2 +-
 tests.d/client-server/14-skip-copy-already-there-copy-only | 2 +-
 tests.d/client-server/18-copybody  | 2 +-
 tests.d/client-server/19-copybody-already-ok   | 2 +-
 tests.d/client-server/22-replace   | 2 +-
 tests.d/client-server/23-replace-aready-ok | 2 +-
 tests.d/client-server/34-move-fail2| 2 +-
 tests.d/client-server/35-delete| 2 +-
 tests.d/client-server/36-move-fail3| 2 +-
 16 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/tests.d/client-server/02-move-mail 
b/tests.d/client-server/02-move-mail
index e3dbd90..7828b69 100644
--- a/tests.d/client-server/02-move-mail
+++ b/tests.d/client-server/02-move-mail
@@ -9,7 +9,7 @@ msync 2
 
 test_eq Mail target/Mail 
 
-X=`grep '^MOVE ' log.s2c | wc -l`
+X=`grep -c '^MOVE ' log.s2c`
 assert $X 1 "missing MOVE in s2c"
 
 X=`grep '^COMMIT$' log.c2s | wc -l`
diff --git a/tests.d/client-server/03-copy-mail 
b/tests.d/client-server/03-copy-mail
index 0037531..ec185a2 100644
--- a/tests.d/client-server/03-copy-mail
+++ b/tests.d/client-server/03-copy-mail
@@ -9,7 +9,7 @@ msync 2
 
 test_eq Mail target/Mail 
 
-X=`grep '^COPY ' log.s2c | wc -l`
+X=`grep -c '^COPY ' log.s2c`
 assert $X 1 "missing COPY in s2c"
 
 X=`grep '^GET ' log.c2s | wc -l`
diff --git a/tests.d/client-server/04-replace-header 
b/tests.d/client-server/04-replace-header
index 8af6cbb..1ffcaf1 100644
--- a/tests.d/client-server/04-replace-header
+++ b/tests.d/client-server/04-replace-header
@@ -9,7 +9,7 @@ msync 2
 
 test_eq Mail target/Mail 
 
-X=`grep '^REPLACEHEADER ' log.s2c | wc -l`
+X=`grep -c '^REPLACEHEADER ' log.s2c`
 assert $X 1 "missing REPLACEHEADER in s2c"
 
 X=`grep '^GETHEADER ' log.c2s | wc -l`
diff --git a/tests.d/client-server/05-replace-header-fail 
b/tests.d/client-server/05-replace-header-fail
index 8743c24..9599251 100644
--- a/tests.d/client-server/05-replace-header-fail
+++ b/tests.d/client-server/05-replace-header-fail
@@ -11,7 +11,7 @@ msync 2
 
 test_eq target/Mail.old target/Mail 
 
-X=`grep '^REPLACEHEADER ' log.s2c | wc -l`
+X=`grep -c '^REPLACEHEADER ' log.s2c`
 assert $X 1 "missing REPLACEHEADER in s2c"
 
 X=`grep '^GETHEADER ' log.c2s | wc -l`
diff --git a/tests.d/client-server/06-replace-header-already-ok 
b/tests.d/client-server/06-replace-header-already-ok
index 1d29c14..c2c0b2f 100644
--- a/tests.d/client-server/06-replace-header-already-ok
+++ b/tests.d/client-server/06-replace-header-already-ok
@@ -10,7 +10,7 @@ test_eq Mail target/Mail
 msync 2
 
 test_eq Mail target/Mail 
-X=`grep '^REPLACEHEADER ' log.s2c | wc -l`
+X=`grep -c '^REPLACEHEADER ' log.s2c`
 assert $X 1 "missing REPLACEHEADER in s2c"
 
 X=`grep '^GETHEADER ' log.c2s | wc -l`
diff --git a/tests.d/client-server/08-copy-mail-already-ok 
b/tests.d/client-server/08-copy-mail-already-ok
index 781a109..0e481e5 100644
--- a/tests.d/client-server/08-copy-mail-already-ok
+++ b/tests.d/client-server/08-copy-mail-already-ok
@@ -10,7 +10,7 @@ msync 2
 
 test_eq Mail target/Mail 
 
-X=`grep '^COPY ' log.s2c | wc -l`
+X=`grep -c '^COPY ' log.s2c`
 assert $X 1 "missing COPY in s2c"
 
 X=`grep '^GET ' log.c2s | wc -l`
diff --git a/tests.d/client-server/10-delete-already-done 
b/tests.d/client-server/10-delete-already-done
index 926394d..c15603b 100644
--- a/tests.d/client-server/10-delete-already-done
+++ b/tests.d/client-server/10-delete-already-done
@@ -10,7 +10,7 @@ msync 2
 
 test_eq Mail target/Mail 
 
-X=`grep '^DELETE ' log.s2c | wc -l`
+X=`grep -c '^DELETE ' log.s2c`
 assert $X 1 "missing DELETE in s2c"
 
 X=`grep '^COMMIT$' log.c2s | wc -l`
diff --git a/tests.d/client-server/12-skip-add-already-there 
b/tests.d/client-server/12-skip-add-already-there
index 0a53a80..38ed3ff 100644
--- a/tests.d/client-server/12-skip-add-already-there
+++ b/tests.d/client-server/12-skip-add-already-there
@@ -10,7 +10,7 @@ msync 2
 
 test_eq Mail target/Mail 
 
-X=`grep '^ADD ' log.s2c | wc -l`
+X=`grep -c '^ADD ' log.s2c`
 assert $X 1 "missing ADD in s2c"
 
 X=`grep '^GET ' log.c2s | wc -l`
diff --git a/tests.d/client-server/14-skip-copy-already-there-copy-only 
b/tests.d/client-server/14-skip-copy-already-there-copy-only
index b5da177..08734a8 100644
--- a/tests.d/client-server/14-skip-copy-already-there-copy-only
+++

Processed: Re: Bug#987199 closed by Debian FTP Masters (reply to Georges Khaznadar ) (Bug#987199: fixed in kwartz-client 1.9-1)

2021-04-21 Thread Debian Bug Tracking System 
Processing control commands:

> found -1 1.9-1
Bug #987199 {Done: Georges Khaznadar } [kwartz-client] 
kwartz-client: purging removes /etc/nslcd.conf created by nslcd
Marked as found in versions kwartz-client/1.9-1; no longer marked as fixed in 
versions kwartz-client/1.9-1 and reopened.

-- 
987199: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987199
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#987199: closed by Debian FTP Masters (reply to Georges Khaznadar ) (Bug#987199: fixed in kwartz-client 1.9-1)

2021-04-21 Thread Andreas Beckmann 

Control: found -1 1.9-1

Hi Georges,
the fix introduced a regression:

6m13.7s DEBUG: Starting command: ['chroot', 
'/srv/piuparts/tmp/tmpxQHTqw', 'dpkg', '--purge', 'kwartz-client']

6m13.9s DUMP:
  (Reading database ... 4791 files and directories currently installed.)
  Purging configuration files for kwartz-client (1.9-1) ...
  cp: cannot stat '/etc/nslcd.conf.before-kwartz': No such file or 
directory

  dpkg: error processing package kwartz-client (--purge):
   installed kwartz-client package post-removal script subprocess 
returned error exit status 1

  Errors were encountered while processing:
   kwartz-client


Andreas

Bug#986565: unusable with current git

2021-04-21 Thread Damyan Ivanov 
Package: git-flow
Version: 1.12.3-2
Followup-For: Bug #986565

Control: reopen -1 1.12.3-2

Sigh. Now git reverted to using /usr/lib again, and git-flow is broken.

Reverting the changes in 1.12.3-2 would fix it.

Reading https://bugs.debian.org/985416 (the bug report in git about changing 
the path), I am left with the impression that the proper fix is to ship 
/usr/bin/git-flow. Perhaps the other scripts need to be in /usr/bin too.


HTH,
Damyan


-- System Information:
Debian Release: 11.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), 
(500, 'stable'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-6-amd64 (SMP w/2 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=bg_BG.UTF-8, LC_CTYPE=bg_BG.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages git-flow depends on:
ii  git [git-core]  1:2.31.1-1
ii  git-core1:2.15.0~rc0-1

git-flow recommends no packages.

git-flow suggests no packages.

-- no debconf information

Bug#987207: podman not running out-of-the-box as root

2021-04-21 Thread Laurent Bigonville 

Hello,

So the problem here is, again, linked to the fact that I'm using a test 
SELinux policy that doesn't contain all the needed contexts, so yeah 
it's a mix of configuration issue and the fact that podman is not 
ignoring these errors if SELinux is in permissive. I'll ping upstream again.


So the remaining problem here is iptables command not being installed 
(and the seccomp.json file missing to a lower extend)


Le 21/04/21 à 10:21, Laurent Bigonville a écrit :


Hello,

I just did a minimal test VM and... it indeed works...

I'll investigate why on my machine it's not working.

But, on the test VM, podman still fails because "iptables" is not 
installed, only "nft" is intalled by default now. So there is still a 
problem here.


Le 21/04/21 à 05:02, Reinhard Tartler a écrit :

Control: tag -1 moreinfo

Hi Laurent,

I've downloaded the Bullseye Alpha 3 debian installer and installed 
using kvm to have a super clean new system. Unfortunately, I was 
unable to reproduce the issue that you described below. (I did find 
some issues with rootless podman outside of a gnome-session, but 
that's a different story).


The symptoms sound a lot like described in this upstream bug: 
https://github.com/containers/podman/issues/5721 



Can you please compare your notes with that upstream bug? Can you 
confirm that the 'overlay' kernel module is loaded? (in my test, it 
was loaded automatically). If you still think this is an issue in the 
Debian package, please let me know. I may require your assistance 
with reproducing this issue.


-rt

On Mon, Apr 19, 2021 at 11:54 AM Laurent Bigonville > wrote:


Package: podman
Version: 3.0.1+dfsg1-1
Severity: serious

Hello,

After installing podman, I cannot run it as root out of the box as it
fails with:

ERRO[] [graphdriver] prior storage driver overlay failed:
kernel does not support overlay fs: 'overlay' is not supported
over extfs at "/var/lib/containers/storage/overlay": backing file
system is unsupported for this graph driver
Error: kernel does not support overlay fs: 'overlay' is not
supported over extfs at "/var/lib/containers/storage/overlay":
backing file system is unsupported for this graph driver

Looking at fedora it seems that they have a containers-common package
that ships a default storage.conf file:


https://src.fedoraproject.org/rpms/containers-common/blob/rawhide/f/storage.conf



I see that the debian package is shipping a file in
/usr/share/containers/storage.conf (in the containers-storage
package),
but that file is apparently not read (strace only shows that the
file in
/etc/containers is read) and anyway unlike in fedora:

1) the driver is not set to overlay
2) the file is installed only if the containers-storage package is
installed, which is not done by default.
3) that file is not read anyway, strace only shows that
/etc/containers/storage.conf is read and not
/usr/share/containers/storage.conf, so the file is apparently useless

Shouldn't debian do the same thing than fedora so everything
works OOTB?

As a side note, I can see they are shipping also other files as well,
like the seccomp.json file, using strace, it seems that podman
tries to
read them:

[pid 14835] newfstatat(AT_FDCWD, "/etc/containers/seccomp.json",
0xcee6b8, 0) = -1 ENOENT (Aucun fichier ou dossier de ce type)
[pid 14835] newfstatat(AT_FDCWD,
"/usr/share/containers/seccomp.json", 0xcee788, 0) = -1
ENOENT (Aucun fichier ou dossier de ce type)

Shouldn't that file be shipped by default too?

Kind regards,
Laurent Bigonville

-- System Information:
Debian Release: 11.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1,
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-6-amd64 (SMP w/8 CPU threads)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8),
LANGUAGE=fr_BE:fr
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Permissive - Policy name: refpolicy

Versions of packages podman depends on:
ii  conmon                           2.0.25+ds1-1
ii  containernetworking-plugins      0.9.0-1+b3
ii  golang-github-containers-common  0.35.4+ds1-1
ii  init-system-helpers              1.60
ii  libc6                            2.31-11
ii  libdevmapper1.02.1               2:1.02.175-2.1
ii  libgpgme11                       1.14.0-1+b2
ii  libseccomp2                      2.5.1-1
ii  runc                             1.0.0~rc93+ds1-3

Versions of packages podman recommends:
ii  buildah  1.20.0+ds1-1
ii 

Bug#987303: neutron-common: fails to install: cp: cannot stat '/usr/share/neutron-common/plugins/ml2/ml2_conf.ini': No such file or directory

2021-04-21 Thread Andreas Beckmann 
Package: neutron-common
Version: 2:17.1.1-3
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package failed to install. As
per definition of the release team this makes the package too buggy for
a release, thus the severity.

>From the attached log (scroll to the bottom...):

  Setting up neutron-common (2:17.1.1-3) ...
  cp: cannot stat '/usr/share/neutron-common/plugins/ml2/ml2_conf.ini': No such 
file or directory
  dpkg: error processing package neutron-common (--configure):
   installed neutron-common package post-installation script subprocess 
returned error exit status 1
  Processing triggers for ca-certificates (20210119) ...
  Updating certificates in /etc/ssl/certs...
  0 added, 0 removed; done.
  Running hooks in /etc/ca-certificates/update.d...
  done.
  Errors were encountered while processing:
   neutron-common


cheers,

Andreas


neutron-common_2:17.1.1-3.log.gz
Description: application/gzip

Bug#987302: wims-lti: fails to install: ModuleNotFoundError: No module named 'httplib2'

2021-04-21 Thread Andreas Beckmann 
Package: wims-lti
Version: 0.4.4.1-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts

Hi,

during a test with piuparts I noticed your package failed to install. As
per definition of the release team this makes the package too buggy for
a release, thus the severity.

>From the attached log (scroll to the bottom...):

  Setting up wims-lti (0.4.4.1-1) ...
  Warning: The home dir /var/lib/wims-lti you specified already exists.
  Adding system user `lti' (UID 150) ...
  Adding new user `lti' (UID 150) with group `nogroup' ...
  The home directory `/var/lib/wims-lti' already exists.  Not copying from 
`/etc/skel'.
  adduser: Warning: The home directory `/var/lib/wims-lti' does not belong to 
the user you are currently creating.
  Adding group `lti' (GID 150) ...
  Done.
  /var/lib/wims-lti/lti_app/apps.py:22: Warning: Settings 'DEBUG' has not been 
redefined in wimsLTI/config.py, see 
https://docs.djangoproject.com/fr/2.2/ref/settings/#debug
warnings.warn(
  /var/lib/wims-lti/lti_app/apps.py:29: Warning: Settings 'SECRET_KEY' has not 
been redefined in wimsLTI/config.py, see 
https://docs.djangoproject.com/fr/2.2/ref/settings/#secret-key
warnings.warn(
  /var/lib/wims-lti/lti_app/apps.py:36: Warning: Settings 'SERVER_EMAIL' has 
not been redefined in wimsLTI/config.py, see 
https://docs.djangoproject.com/fr/2.2/ref/settings/#server-email
warnings.warn(
  /var/lib/wims-lti/lti_app/apps.py:43: Warning: Settings 'EMAIL_HOST' has not 
been redefined in wimsLTI/config.py, see 
https://docs.djangoproject.com/fr/2.2/ref/settings/#email-host
warnings.warn(
  /var/lib/wims-lti/lti_app/apps.py:50: Warning: Settings 'ADMINS' has not been 
redefined in wimsLTI/config.py, see 
https://docs.djangoproject.com/fr/2.2/ref/settings/#admins
warnings.warn(
  [2021/04/19 22:03:43] 
[/usr/lib/python3/dist-packages/apscheduler/schedulers/base.py][base.py:add_job:445]
 INFO -- Adding job tentatively -- it will be properly scheduled when the 
scheduler starts
  [2021/04/19 22:03:43] 
[/usr/lib/python3/dist-packages/apscheduler/schedulers/base.py][base.py:add_job:445]
 INFO -- Adding job tentatively -- it will be properly scheduled when the 
scheduler starts
  [2021/04/19 22:03:43] 
[/usr/lib/python3/dist-packages/apscheduler/schedulers/base.py][base.py:add_job:445]
 INFO -- Adding job tentatively -- it will be properly scheduled when the 
scheduler starts
  [2021/04/19 22:03:43] 
[/usr/lib/python3/dist-packages/apscheduler/schedulers/base.py][base.py:_real_add_job:886]
 INFO -- Added job "send_back_all_sheets_grades" to job store "default"
  [2021/04/19 22:03:43] 
[/usr/lib/python3/dist-packages/apscheduler/schedulers/base.py][base.py:_real_add_job:886]
 INFO -- Added job "send_back_all_exams_grades" to job store "default"
  [2021/04/19 22:03:43] 
[/usr/lib/python3/dist-packages/apscheduler/schedulers/base.py][base.py:_real_add_job:886]
 INFO -- Added job "check_classes_exists" to job store "default"
  [2021/04/19 22:03:43] 
[/usr/lib/python3/dist-packages/apscheduler/schedulers/base.py][base.py:start:171]
 INFO -- Scheduler started
  
  117 static files copied to '/var/lib/wims-lti/static'.
  /var/lib/wims-lti/lti_app/apps.py:22: Warning: Settings 'DEBUG' has not been 
redefined in wimsLTI/config.py, see 
https://docs.djangoproject.com/fr/2.2/ref/settings/#debug
warnings.warn(
  /var/lib/wims-lti/lti_app/apps.py:29: Warning: Settings 'SECRET_KEY' has not 
been redefined in wimsLTI/config.py, see 
https://docs.djangoproject.com/fr/2.2/ref/settings/#secret-key
warnings.warn(
  /var/lib/wims-lti/lti_app/apps.py:36: Warning: Settings 'SERVER_EMAIL' has 
not been redefined in wimsLTI/config.py, see 
https://docs.djangoproject.com/fr/2.2/ref/settings/#server-email
warnings.warn(
  /var/lib/wims-lti/lti_app/apps.py:43: Warning: Settings 'EMAIL_HOST' has not 
been redefined in wimsLTI/config.py, see 
https://docs.djangoproject.com/fr/2.2/ref/settings/#email-host
warnings.warn(
  /var/lib/wims-lti/lti_app/apps.py:50: Warning: Settings 'ADMINS' has not been 
redefined in wimsLTI/config.py, see 
https://docs.djangoproject.com/fr/2.2/ref/settings/#admins
warnings.warn(
  [2021/04/19 22:03:44] 
[/usr/lib/python3/dist-packages/apscheduler/schedulers/base.py][base.py:add_job:445]
 INFO -- Adding job tentatively -- it will be properly scheduled when the 
scheduler starts
  [2021/04/19 22:03:44] 
[/usr/lib/python3/dist-packages/apscheduler/schedulers/base.py][base.py:add_job:445]
 INFO -- Adding job tentatively -- it will be properly scheduled when the 
scheduler starts
  [2021/04/19 22:03:44] 
[/usr/lib/python3/dist-packages/apscheduler/schedulers/base.py][base.py:add_job:445]
 INFO -- Adding job tentatively -- it will be properly scheduled when the 
scheduler starts
  [2021/04/19 22:03:44] 
[/usr/lib/python3/dist-packages/apscheduler/schedulers/base.py][base.py:_real_add_job:886]
 INFO -- Added job "send_back_all_sheets_grades" to job store "default"
  [2021/04/19 22:03:44]

Bug#900821: workaround confirmed

2021-04-21 Thread deepee 
Damn, I was wrong!

It is still reproducible - sorry for the confusion.

Bug#900821: workaround confirmed

2021-04-21 Thread deepee 
On Sun, 18 Apr 2021 17:37:33 +0200 Salvatore Bonaccorso  
wrote:> On Mon, Dec 14, 2020 at 08:38:02PM +, Florian Kain wrote:
> > Hi all,
> >
> > we were experiencing this bug in a debian 10.4 docker container (FROM 
> > php:apache)
> > it only happens with plain http not with https.
> >
> > I can confirm that workaround from  Stefan Fritsch 
> > by turning EnableMMAP off is working for us!
>
> is this issue still reproducible with recent kernels?
>
> Regards,
> Salvatore

Hi,

it isn't reproducible anymore, at least over here running Debian-Testing:
5.10.0-6-amd64 #1 SMP Debian 5.10.28-1 (2021-04-09) x86_64 GNU/Linux

Test procedure:
We've disabled the previously mentioned workaround (removed/commented 
EnableMMAP Off) and restarted apache2.

Result:
Previously affected files (mounted via cifs and served by apache2) do not get 
coruppted any more.

Regards,
Dora

Bug#987207: podman not running out-of-the-box as root

2021-04-21 Thread Laurent Bigonville 

Hello,

I just did a minimal test VM and... it indeed works...

I'll investigate why on my machine it's not working.

But, on the test VM, podman still fails because "iptables" is not 
installed, only "nft" is intalled by default now. So there is still a 
problem here.


Le 21/04/21 à 05:02, Reinhard Tartler a écrit :

Control: tag -1 moreinfo

Hi Laurent,

I've downloaded the Bullseye Alpha 3 debian installer and installed 
using kvm to have a super clean new system. Unfortunately, I was 
unable to reproduce the issue that you described below. (I did find 
some issues with rootless podman outside of a gnome-session, but 
that's a different story).


The symptoms sound a lot like described in this upstream bug: 
https://github.com/containers/podman/issues/5721 



Can you please compare your notes with that upstream bug? Can you 
confirm that the 'overlay' kernel module is loaded? (in my test, it 
was loaded automatically). If you still think this is an issue in the 
Debian package, please let me know. I may require your assistance with 
reproducing this issue.


-rt

On Mon, Apr 19, 2021 at 11:54 AM Laurent Bigonville > wrote:


Package: podman
Version: 3.0.1+dfsg1-1
Severity: serious

Hello,

After installing podman, I cannot run it as root out of the box as it
fails with:

ERRO[] [graphdriver] prior storage driver overlay failed:
kernel does not support overlay fs: 'overlay' is not supported
over extfs at "/var/lib/containers/storage/overlay": backing file
system is unsupported for this graph driver
Error: kernel does not support overlay fs: 'overlay' is not
supported over extfs at "/var/lib/containers/storage/overlay":
backing file system is unsupported for this graph driver

Looking at fedora it seems that they have a containers-common package
that ships a default storage.conf file:


https://src.fedoraproject.org/rpms/containers-common/blob/rawhide/f/storage.conf



I see that the debian package is shipping a file in
/usr/share/containers/storage.conf (in the containers-storage
package),
but that file is apparently not read (strace only shows that the
file in
/etc/containers is read) and anyway unlike in fedora:

1) the driver is not set to overlay
2) the file is installed only if the containers-storage package is
installed, which is not done by default.
3) that file is not read anyway, strace only shows that
/etc/containers/storage.conf is read and not
/usr/share/containers/storage.conf, so the file is apparently useless

Shouldn't debian do the same thing than fedora so everything works
OOTB?

As a side note, I can see they are shipping also other files as well,
like the seccomp.json file, using strace, it seems that podman
tries to
read them:

[pid 14835] newfstatat(AT_FDCWD, "/etc/containers/seccomp.json",
0xcee6b8, 0) = -1 ENOENT (Aucun fichier ou dossier de ce type)
[pid 14835] newfstatat(AT_FDCWD,
"/usr/share/containers/seccomp.json", 0xcee788, 0) = -1 ENOENT
(Aucun fichier ou dossier de ce type)

Shouldn't that file be shipped by default too?

Kind regards,
Laurent Bigonville

-- System Information:
Debian Release: 11.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1,
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-6-amd64 (SMP w/8 CPU threads)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8),
LANGUAGE=fr_BE:fr
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Permissive - Policy name: refpolicy

Versions of packages podman depends on:
ii  conmon                           2.0.25+ds1-1
ii  containernetworking-plugins      0.9.0-1+b3
ii  golang-github-containers-common  0.35.4+ds1-1
ii  init-system-helpers            

  1.60
ii  libc6                

            2.31-11
ii  libdevmapper1.02.1            

   2:1.02.175-2.1
ii  libgpgme11              

         1.14.0-1+b2
ii  libseccomp2              

        2.5.1-1
ii  runc                

             1.0.0~rc93+ds1-3


Versions of packages podman recommends:
ii  buildah  1.20.0+ds1-1
ii  fuse-overlayfs 1.4.0-1
ii  golang-github-containernetworking-plugin-dnsname 1.1.1+ds1-4+b4
ii  slirp4netns  1.0.1-2
ii  tini 0.19.0-1
ii  uidmap 1:4.8.1-1

Versions of packages podman suggests:
ii  containers-storage  1.24.8+dfsg1-1+b1
ii  docker-compose      1.25.0-1

-- no debconf information



--
regards,
    Reinhard