Processed: found 987811 in 2:4.9.5+dfsg-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 987811 2:4.9.5+dfsg-1
Bug #987811 [src:samba] samba: CVE-2021-20254
Marked as found in versions samba/2:4.9.5+dfsg-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
987811: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987811
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: samba: CVE-2021-20254

[Debian Bug Tracking System]

Processing control commands:

> found -1 2:4.9.5+dfsg-5
Bug #987811 [src:samba] samba: CVE-2021-20254
Marked as found in versions samba/2:4.9.5+dfsg-5.

-- 
987811: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987811
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#987811: samba: CVE-2021-20254

[Salvatore Bonaccorso]

Source: samba
Version: 2:4.13.5+dfsg-1
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://bugzilla.samba.org/show_bug.cgi?id=14571
X-Debbugs-Cc: car...@debian.org, Debian Security Team 
Control: found -1 2:4.9.5+dfsg-5

Hi,

The following vulnerability was published for samba.

I think would be best if we can have this fixed in bullseye, though
note we marked it for now no-dsa for buster itself.

CVE-2021-20254[0]:
| Negative idmap cache entries can cause incorrect group entries in
| the Samba file server process token

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-20254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20254
[1] https://bugzilla.samba.org/show_bug.cgi?id=14571
[2] https://www.samba.org/samba/security/CVE-2021-20254.html
[3] 
https://git.samba.org/?p=samba.git;a=commitdiff;h=75ad84167f5d2379557ec078d17c9a1c244402fc

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#987570: openjdk-11-jre-headless: libawt_xawt.so still listed as part of this package instead of openjdk-11-jre

[GuyXY]

On Mon, 26 Apr 2021 11:33:41 +0200 Matthias Klose  wrote:
> Control: clone -1 -2
> Control: reassign -2 src:davmail
>
> On 4/25/21 10:23 PM, GuyXY wrote:
> > Package: openjdk-11-jre-headless
> > Severity: important
> >
> > After installing the latest security updates, davmail stopped working.
> > I looked into it and found out, that it required the file 
'/usr/lib/jvm/java-11-openjdk-amd64/lib/libawt_xawt.so' which was now 
missing even tho it's supposed to be installed as part of the 
openjdk-11-jre-headless package, which is installed as one of davmail's 
dependencies.

> >
> > I asked for help in the #debian IRC channel, and we came to the 
conclusion that the file has been moved to the openjdk-11-jre package.
> > The package content list do not reflect those changes yet. Please 
adjust the list of the package contents for openjdk-11-jre-headless and 
openjdk-11-jre in Buster to avoid further confusion.

> >
> > PS: It may also be a good idea to change the dependency from 
davmail from openjdk-11-jre-headless to openjdk-11-jre as well or add it 
as a recommended or at least suggested package.

>
> Right, I'm curious which component needs libawt_xawt.so. The package 
already
> lists libswt-gtk2-4-jni, libswt-cairo-gtk-4-jni, libopenjfx-java as 
suggestions,
> so maybe these should be upgraded to recommendations as well? Or is 
it possible

> to split out the UI components into a separate package?

Well, if you are forced to use 2FA with Office365 (like I am), davmail 
will open a window that asks you for the verification sms, otp code or 
similar.
I do not have libswt-gtk2-4-jni or libswt-cairo-gtk-4-jni installed, so 
those are not required for that. Therefore I do not think that those 
should be promoted to "recommended".
When I try to remove libopenjfx-java however, it tells me that it's 
going to remove the packages davmail and libopenjfx-jni as well, so I 
guess libopenjfx-java already is a hard requirement somewhere in 
davmail's dependency tree.
Granted, if you use 2FA and need to have an X-Server running on your 
server because of that, it's not exactly headless anymore... I still 
think making openjdk-11-jre a recommended or at least a suggested 
dependency would be a good idea because of it.
Not sure how much effort it would be to split davmail like that or if it 
would be a good idea.

Processed: reassign 987798 to src:linux

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> reassign 987798 src:linux
Bug #987798 [general] general: TG3 fails without repair when applying high load 
to NIC
Bug reassigned from package 'general' to 'src:linux'.
Ignoring request to alter found versions of bug #987798 to the same values 
previously set
Ignoring request to alter fixed versions of bug #987798 to the same values 
previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
987798: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987798
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#987798: general: TG3 fails without repair when applying high load to NIC

[Bruno Negovec]

Package: general
Severity: critical
Justification: breaks the whole system

Dear Maintainer,


When I'm applying high load to NIC (eg. transfering large files over Samba), 
NIC goes down and can't be brought up. Tried all solutions that I've found on 
the internet and the problem still persists.
Not even rmmod tg3 and modprobe tg3 works, can't bring the NIC to life. 
Sytem reboot helps. Tried installing "firmware-linux-nonfree" since it contains 
some tg3 drivers but didn't help.
NIC is Broadcom limited NetXtreme BCM5715, in HP Proliant g5p, known as HP 
NC326i Integrated Dual Port gigabit.
Both ports acting the same. Havin iLo2 turned on or off doesn't affect it.

syslog when it happens looks like this:
Apr 29 09:39:19 zagi-server kernel: [133757.591042] [ cut here 
]
Apr 29 09:39:19 zagi-server kernel: [133757.591053] NETDEV WATCHDOG: enp3s4f0 
(tg3): transmit queue 0 timed out
Apr 29 09:39:19 zagi-server kernel: [133757.591080] WARNING: CPU: 1 PID: 0 at 
net/sched/sch_generic.c:466 dev_watchdog+0x20d/0x220
Apr 29 09:39:19 zagi-server kernel: [133757.591082] Modules linked in: fuse 
appletalk psnap llc ax25 ipmi_ssif kvm hpilo irqbypass sg iTCO_wdt serio_raw 
ipmi_si iTCO_vendor_support hpwdt pcspkr i3200_edac ipmi_devintf evdev 
ipmi_msghandler squashfs zstd_decompress xxhash loop coretemp ip_tables 
x_tables autofs4 ext4 crc16 mbcache jbd2 crc32c_generic fscrypto ecb 
crypto_simd cryptd glue_helper aes_x86_64 dm_mod sr_mod cdrom sd_mod 
hid_generic usbhid hid radeon i2c_algo_bit ttm ata_generic drm_kms_helper 
psmouse tg3 libphy drm ata_piix ehci_pci uhci_hcd libata ehci_hcd usbcore 
lpc_ich mfd_core hpsa scsi_transport_sas scsi_mod usb_common thermal button
Apr 29 09:39:19 zagi-server kernel: [133757.591125] CPU: 1 PID: 0 Comm: 
swapper/1 Not tainted 4.19.0-16-amd64 #1 Debian 4.19.181-1
Apr 29 09:39:19 zagi-server kernel: [133757.591127] Hardware name: HP ProLiant 
ML310 G5p , BIOS W08 07/12/2009
Apr 29 09:39:19 zagi-server kernel: [133757.591130] RIP: 
0010:dev_watchdog+0x20d/0x220
Apr 29 09:39:19 zagi-server kernel: [133757.591132] Code: 00 49 63 4e e0 eb 92 
4c 89 e7 c6 05 8f 09 b0 00 01 e8 97 bd fc ff 89 d9 4c 89 e6 48 c7 c7 a0 01 ae 
ad 48 89 c2 e8 5c 89 10 00 <0f> 0b eb c0 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 
40 00 66 66 66
Apr 29 09:39:19 zagi-server kernel: [133757.591134] RSP: 0018:8d90e1843e90 
EFLAGS: 00010286
Apr 29 09:39:19 zagi-server kernel: [133757.591136] RAX:  RBX: 
 RCX: 
Apr 29 09:39:19 zagi-server kernel: [133757.591138] RDX: 00040400 RSI: 
00f6 RDI: 0300
Apr 29 09:39:19 zagi-server kernel: [133757.591139] RBP: 8d90d607045c R08: 
0315 R09: 0004
Apr 29 09:39:19 zagi-server kernel: [133757.591141] R10:  R11: 
0001 R12: 8d90d607
Apr 29 09:39:19 zagi-server kernel: [133757.591142] R13: 0001 R14: 
8d90d6070480 R15: 0005
Apr 29 09:39:19 zagi-server kernel: [133757.591145] FS:  () 
GS:8d90e184() knlGS:
Apr 29 09:39:19 zagi-server kernel: [133757.591146] CS:  0010 DS:  ES:  
CR0: 80050033
Apr 29 09:39:19 zagi-server kernel: [133757.591148] CR2: 7ffb29c70170 CR3: 
000197c2c000 CR4: 06e0
Apr 29 09:39:19 zagi-server kernel: [133757.591150] Call Trace:
Apr 29 09:39:19 zagi-server kernel: [133757.591153]  
Apr 29 09:39:19 zagi-server kernel: [133757.591158]  ? 
pfifo_fast_enqueue+0x110/0x110
Apr 29 09:39:19 zagi-server kernel: [133757.591162]  call_timer_fn+0x2b/0x130
Apr 29 09:39:19 zagi-server kernel: [133757.591165]  
run_timer_softirq+0x1c7/0x3e0
Apr 29 09:39:19 zagi-server kernel: [133757.591168]  ? 
tick_sched_timer+0x37/0x70
Apr 29 09:39:19 zagi-server kernel: [133757.591173]  ? 
recalibrate_cpu_khz+0x10/0x10
Apr 29 09:39:19 zagi-server kernel: [133757.591175]  ? ktime_get+0x3a/0xa0
Apr 29 09:39:19 zagi-server kernel: [133757.591179]  __do_softirq+0xde/0x2d8
Apr 29 09:39:19 zagi-server kernel: [133757.591183]  irq_exit+0xba/0xc0
Apr 29 09:39:19 zagi-server kernel: [133757.591185]  
smp_apic_timer_interrupt+0x74/0x140
Apr 29 09:39:19 zagi-server kernel: [133757.591189]  
apic_timer_interrupt+0xf/0x20
Apr 29 09:39:19 zagi-server kernel: [133757.591191]  
Apr 29 09:39:19 zagi-server kernel: [133757.591193] RIP: 
0010:mwait_idle+0x82/0x1d0
Apr 29 09:39:19 zagi-server kernel: [133757.591196] Code: 40 5c 01 00 48 89 d1 
0f 01 c8 48 8b 00 a8 08 0f 85 44 01 00 00 e9 07 00 00 00 0f 00 2d e9 e8 4c 00 
31 c0 48 89 c1 fb 0f 01 c9 <65> 8b 2d 67 a5 cd 52 66 66 66 66 90 65 48 8b 04 25 
40 5c 01 00 f0
Apr 29 09:39:19 zagi-server kernel: [133757.591197] RSP: 0018:abab00cc3eb0 
EFLAGS: 0246 ORIG_RAX: ff13
Apr 29 09:39:19 zagi-server kernel: [133757.591199] RAX:  RBX: 
0001 RCX: 
Apr 29 09:39:19 zagi-server kernel: [133757.591201] RDX:  RSI: 

Processed: found 987741 in 1:9.11.5.P4+dfsg-5.1+deb10u3, found 987742 in 1:9.11.5.P4+dfsg-5.1+deb10u3 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 987741 1:9.11.5.P4+dfsg-5.1+deb10u3
Bug #987741 {Done: Ondřej Surý } [src:bind9] bind9: 
CVE-2021-25214
Marked as found in versions bind9/1:9.11.5.P4+dfsg-5.1+deb10u3.
> found 987742 1:9.11.5.P4+dfsg-5.1+deb10u3
Bug #987742 {Done: Ondřej Surý } [src:bind9] bind9: 
CVE-2021-25215
Marked as found in versions bind9/1:9.11.5.P4+dfsg-5.1+deb10u3.
> found 987743 1:9.11.5.P4+dfsg-5.1+deb10u3
Bug #987743 {Done: Ondřej Surý } [src:bind9] bind9: 
CVE-2021-25216
Marked as found in versions bind9/1:9.11.5.P4+dfsg-5.1+deb10u3.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
987741: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987741
987742: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987742
987743: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987743
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: found 987741 in 1:9.11.5.P4+dfsg-5.1, found 987742 in 1:9.11.5.P4+dfsg-5.1 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 987741 1:9.11.5.P4+dfsg-5.1
Bug #987741 {Done: Ondřej Surý } [src:bind9] bind9: 
CVE-2021-25214
Marked as found in versions bind9/1:9.11.5.P4+dfsg-5.1.
> found 987742 1:9.11.5.P4+dfsg-5.1
Bug #987742 {Done: Ondřej Surý } [src:bind9] bind9: 
CVE-2021-25215
Marked as found in versions bind9/1:9.11.5.P4+dfsg-5.1.
> found 987743 1:9.11.5.P4+dfsg-5.1
Bug #987743 {Done: Ondřej Surý } [src:bind9] bind9: 
CVE-2021-25216
Marked as found in versions bind9/1:9.11.5.P4+dfsg-5.1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
987741: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987741
987742: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987742
987743: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987743
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#976704: marked as done (perl needs Breaks on more perl-modules-* packages)

[Debian Bug Tracking System]

Your message dated Thu, 29 Apr 2021 19:33:46 +
with message-id 
and subject line Bug#976704: fixed in perl 5.32.1-4
has caused the Debian Bug report #976704,
regarding perl needs Breaks on more perl-modules-* packages
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
976704: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976704
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: po4a
Version: 0.61-1
Severity: important

Trying to build po4a upstream itself (with po4 installed by Debian)
fails with:

helge@samd:/tmp/po4a-doc$ LC_ALL=C ./Build
Created META.yml and META.json
Discard blib/man/ca/man1/po4a-display-man.xml (6 of 24 strings; only 25% 
translated; need 80%).
Discard blib/man/ca/man1/po4a-display-pod.xml (6 of 23 strings; only 26.08% 
translated; need 80%).
Unknown format type: pod.
po4a::chooser: Module loading error: Can't locate Pod/Parser.pm in @INC (you 
may need to install the Pod::Parser module) (@INC contains: lib /etc/perl 
/usr/local/lib/x86_64-linux-gnu/perl/5.32.0 /usr/local/share/perl/5.32.0
   /usr/lib/x86_64-linux-gnu/perl5/5.32 /usr/share/perl5 
/usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.32 
/usr/share/perl/5.32 /usr/local/lib/site_perl) at lib/Locale/Po4a/Pod.pm line 
14.
   BEGIN failed--compilation aborted at lib/Locale/Po4a/Pod.pm line 
14.
   Compilation failed in require at (eval 39) line 1.
   BEGIN failed--compilation aborted at (eval 39) line 1.

List of valid formats:
  - asciidoc: AsciiDoc format.
  - dia: uncompressed Dia diagrams.
  - docbook: DocBook XML.
  - guide: Gentoo Linux's XML documentation format.
  - ini: INI format.
  - kernelhelp: Help messages of each kernel compilation option.
  - latex: LaTeX format.
  - man: Good old manual page format.
  - pod: Perl Online Documentation format.
  - rubydoc: Ruby Documentation (RD) format.
  - sgml: either DebianDoc or DocBook DTD.
  - texinfo: The info page format.
  - tex: generic TeX documents (see also latex).
  - text: simple text document.
  - wml: WML documents.
  - xhtml: XHTML documents.
  - xml: generic XML documents (see also docbook).
  - yaml: YAML documents.
Died at Po4aBuilder.pm line 184.


After installing libpod-parser-perl, the build suceedes.

Please note that the information below, that po4a depends on
libpod-parser-perl is incorrect:
root@samd:~# LC_ALL=C apt-get remove libpod-parser-perl
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be REMOVED:
  libpod-parser-perl
0 upgraded, 0 newly installed, 1 to remove and 2 not upgraded.
After this operation, 260 kB disk space will be freed.
Do you want to continue? [Y/n]


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to de_DE.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages po4a depends on:
ii  gettext 0.19.8.1-10
ii  libpod-parser-perl  1.63-2
ii  libsgmls-perl   1.03ii-36
ii  libyaml-tiny-perl   1.73-1
ii  opensp  1.5.2-13+b1
ii  perl5.32.0-5
ii  perl-modules-5.22 [libpod-parser-perl]  5.22.2-5

Versions of packages po4a recommends:
ii  liblocale-gettext-perl 1.07-4+b1
ii  libterm-readkey-perl   2.38-1+b2
ii  libtext-wrapi18n-perl  0.06-9
ii  libunicode-linebreak-perl  0.0.20190101-1+b3

po4a suggests no packages.

-- no debconf information

-- 
  Dr. Helge Kreutzmann deb...@helgefjell.de
   Dipl.-Phys.   http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
   Help keep free software "libre": http://www.ffii.de/


signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: perl
Source-Version: 5.32.1-4
Done: Niko Tyni 

We believe that the bug you reported is fixed in the latest version of
perl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 976...@bugs.debian.org,
and the maintainer will reopen the 

Processed: retitle 987742 to bind9: CVE-2021-25215

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> retitle 987742 bind9: CVE-2021-25215
Bug #987742 {Done: Ondřej Surý } [src:bind9] bind9: 
CVE-2021-25215
Ignoring request to change the title of bug#987742 to the same title
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
987742: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987742
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#987587: libpango1.0-udeb: hangs the installer in various situations

[Samuel Thibault]

Cyril Brulebois, le jeu. 29 avril 2021 18:54:56 +0200, a ecrit:
> Versions 1.44, 1.44.2, and 1.44.3 all fail in a similar way:
> 
> ../pango/pangofc-font.c: In function ‘get_face_metrics’:
> ../pango/pangofc-font.c:371:44: error: ‘HB_OT_METRICS_UNDERLINE_SIZE’ 
> undeclared (first use in this function); did you mean 
> ‘HB_OT_METRICS_TAG_UNDERLINE_SIZE’?

It seems it was just a renaming at some hb point, pango later got

commit d835004502c801a8a16cc436a38900e548ecde52
Author: Ebrahim Byagowi 
Date:   Sat Aug 10 14:05:40 2019 +0430

Use latest version of metrics naming in pangofc-font

diff --git a/pango/pangofc-font.c b/pango/pangofc-font.c
index 98e77288..21644b57 100644
--- a/pango/pangofc-font.c
+++ b/pango/pangofc-font.c
@@ -365,16 +365,16 @@ get_face_metrics (PangoFcFont  *fcfont,
 #if HB_VERSION_ATLEAST(2,5,4)
   hb_position_t position;

-  if (hb_ot_metrics_get_position (hb_font, HB_OT_METRICS_UNDERLINE_SIZE, 
))
+  if (hb_ot_metrics_get_position (hb_font, HB_OT_METRICS_TAG_UNDERLINE_SIZE, 
))
 metrics->underline_thickness = position;

-  if (hb_ot_metrics_get_position (hb_font, HB_OT_METRICS_UNDERLINE_OFFSET, 
))
+  if (hb_ot_metrics_get_position (hb_font, HB_OT_METRICS_TAG_UNDERLINE_OFFSET, 
))
 metrics->underline_position = position;
 
-  if (hb_ot_metrics_get_position (hb_font, HB_OT_METRICS_STRIKEOUT_SIZE, 
))
+  if (hb_ot_metrics_get_position (hb_font, HB_OT_METRICS_TAG_STRIKEOUT_SIZE, 
))
 metrics->strikethrough_thickness = position;
 
-  if (hb_ot_metrics_get_position (hb_font, HB_OT_METRICS_STRIKEOUT_OFFSET, 
))
+  if (hb_ot_metrics_get_position (hb_font, HB_OT_METRICS_TAG_STRIKEOUT_OFFSET, 
))
 metrics->strikethrough_position = position;
 #endif
 }

which probably can thus be used as it is.

Samuel

Bug#987587: libpango1.0-udeb: hangs the installer in various situations

[Chris Hofstaedtler]

* Cyril Brulebois  [210429 18:03]:
> Cyril Brulebois  (2021-04-29):
> > This time around, testing 1.43.0 with debian/ carried over from
> > debian/1.42.4-8, adjusted for docs (some files are missing) and symbols
> > (one new symbol), the problem cannot be triggered in an obvious manner.
> > 
> > Moving to 1.44* tags now.
> 
> Alright, I think I'm hitting my limits here.
> 
> Versions 1.44, 1.44.2, and 1.44.3 all fail in a similar way:
 ../pango/pangofc-font.c:371:44: error: ‘HB_OT_METRICS_UNDERLINE_SIZE’ 
undeclared (first use in this function); did you mean 
‘HB_OT_METRICS_TAG_UNDERLINE_SIZE’?
[..]

Just passing by, but I can build 1.44.0 with Debians 1.44.6 debian/
directory, when adding this patch from upstream:
https://gitlab.gnome.org/GNOME/pango/-/commit/d835004502c801a8a16cc436a38900e548ecde52.patch

HTH,
Chris

Processed: [bts-link] source package src:mercurial

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> #
> # bts-link upstream status pull for source package src:mercurial
> # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html
> # https://bts-link-team.pages.debian.net/bts-link/
> #
> user debian-bts-l...@lists.debian.org
Setting user to debian-bts-l...@lists.debian.org (was 
debian-bts-l...@lists.debian.org).
> # remote status report for #986514 (http://bugs.debian.org/986514)
> # Bug title: mercurial: FTBFS: dh_auto_test: error: make -j4 check 
> PYTHON=python3.9 "TESTFLAGS=--verbose --timeout 1440 --jobs 4 --blacklist 
> /<>/debian/mercurial.test_blacklist" returned exit code 2
> #  * https://bz.mercurial-scm.org/show_bug.cgi?id=6504
> #  * remote status changed: TESTING -> RESOLVED
> #  * remote resolution changed: (?) -> FIXED
> #  * closed upstream
> tags 986514 + fixed-upstream
Bug #986514 [src:mercurial] mercurial: FTBFS: dh_auto_test: error: make -j4 
check PYTHON=python3.9 "TESTFLAGS=--verbose --timeout 1440 --jobs 4 --blacklist 
/<>/debian/mercurial.test_blacklist" returned exit code 2
Added tag(s) fixed-upstream.
> usertags 986514 - status-TESTING
Usertags were: status-TESTING.
There are now no usertags set.
> usertags 986514 + status-RESOLVED resolution-FIXED
There were no usertags set.
Usertags are now: resolution-FIXED status-RESOLVED.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
986514: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986514
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#987763: MimeMagic::Error: This gem should never be required

[Dragos Jarca]

I solved locally with this steps:

1. apt install ruby-rails/experimental

ruby-rails:all/experimental 2:6.0.3.6+dfsg-1

2. apply this modifications: 
https://gitlab.com/gitlab-org/gitlab/-/commit/2f8244c8425a5472d4bc7500c9cc590ac47d4150


After that gitlab upgrade works just fine.

Minimally tested ui and commits.

On 29.04.2021 14:45, Pirate Praveen wrote:


On 2021, ഏപ്രിൽ 29 12:36:57 PM IST, Dragos Jarca 
 wrote:

Package: gitlab
Version: 13.10.4+ds1-1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

When upgrading to gitlab 13.10.4 I have this error:

gitlab_production database is not empty, skipping gitlab setup
fatal: not a git repository (or any of the parent directories): .git
fatal: not a git repository (or any of the parent directories): .git
rake aborted!
MimeMagic::Error: This gem should never be required

I think this will be fixed with rails 6.0.3.6 update, though I have not see 
this error in my test instances or in production instance at 
git.fosscommunity.in


/usr/share/gitlab/vendor/shims/mimemagic/lib/mimemagic.rb:5:in 
`'
/usr/share/gitlab/vendor/shims/mimemagic/lib/mimemagic.rb:3:in `'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `require'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `block in require'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:291:in
 `load_dependency'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `require'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `require'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `block in require'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:291:in
 `load_dependency'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `require'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:66:in
 `require'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:66:in
 `block (2 levels) in require'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:61:in
 `each'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:61:in
 `block in require'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:50:in
 `each'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:50:in
 `require'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler.rb:173:in 
`require'
/usr/share/gitlab/config/application.rb:15:in `'
/usr/share/gitlab/Rakefile:7:in `require'
/usr/share/gitlab/Rakefile:7:in `'
/usr/share/rubygems-integration/all/gems/rake-13.0.3/exe/rake:27:in `'
(See full trace by running task with --trace)
dpkg: error processing package gitlab (--configure):
installed gitlab package post-installation script subprocess returned error 
exit status 1
Errors were encountered while processing:
gitlab
E: Sub-process /usr/bin/dpkg returned an error code (1)


I cannot finish upgrade.
Please help me solve this situation.

Dragos

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'unstable'), (700, 'experimental'), (500, 
'testing-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-6-amd64 (SMP w/8 CPU threads)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to 
C.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gitlab depends on:
ii  asciidoctor 2.0.12-2
ii  bc  1.07.1-2+b2
ii  bundler 2.2.5-2
ii  bzip2   1.0.8-4
ii  dbconfig-pgsql  2.0.19
ii  debconf [debconf-2.0]   1.5.75
ii  fonts-font-awesome [node-font-awesome]  5.0.10+really4.7.0~dfsg-4
ii  gitlab-common   13.10.3+dfsg-1
ii  gitlab-workhorse13.10.4+ds1-1
ii  katex [node-katex]  0.10.2+dfsg-8
ii  libjs-bootstrap4 [node-bootstrap]   4.5.2+dfsg1-6
ii  libjs-codemirror [node-codemirror]  5.59.2+~cs0.23.109-1
ii  libjs-pdf [node-pdfjs-dist] 2.6.347+dfsg-3
ii  libjs-popper.js [node-popper.js]1.16.1+ds-3
ii  libruby2.7 [ruby-rexml] 2.7.3-2
ii  lsb-base11.1.0
ii  nginx   1.18.0-6
ii  nginx-extras [nginx]1.18.0-6+b1
ii  node-autosize   

Bug#987587: libpango1.0-udeb: hangs the installer in various situations

[Cyril Brulebois]

Cyril Brulebois  (2021-04-29):
> This time around, testing 1.43.0 with debian/ carried over from
> debian/1.42.4-8, adjusted for docs (some files are missing) and symbols
> (one new symbol), the problem cannot be triggered in an obvious manner.
> 
> Moving to 1.44* tags now.

Alright, I think I'm hitting my limits here.

Versions 1.44, 1.44.2, and 1.44.3 all fail in a similar way:

[39/144] cc -Ipango/libpangoft2-1.0.so.0.4400.0.p -Ipango -I../pango -I. 
-I.. -I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include 
-I/usr/include/fribidi -I/usr/include/harfbuzz -I/usr/include/freetype2 
-I/usr/include/libpng16 -I/usr/include/uuid -I/usr/include/cairo 
-I/usr/include/pixman-1 -fdiagnostics-color=always -pipe -D_FILE_OFFSET_BITS=64 
-Wall -Winvalid-pch -std=gnu99 -D_POSIX_C_SOURCE=200809L 
-D_POSIX_THREAD_SAFE_FUNCTIONS -D_GNU_SOURCE -g -O2 
-ffile-prefix-map=/home/kibi/hack/pango1.0.git=. -fstack-protector-strong 
-Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC 
-Wimplicit-function-declaration -Wstrict-prototypes -Wmissing-prototypes 
-Wnested-externs -Wold-style-definition -Wno-int-conversion 
-Wno-discarded-qualifiers -fno-strict-aliasing -Wpointer-arith 
-Wmissing-declarations -Wformat=2 -Wformat-nonliteral -Wformat-security 
-Wunused -Wcast-align -Wmissing-noreturn -Wmissing-format-attribute 
-Wmissing-include-dirs -Wlogical-op -Wno-uninitialized -Wno-shadow 
-Werror=implicit -Werror=nonnull -Werror=init-self -Werror=main 
-Werror=missing-braces -Werror=sequence-point -Werror=return-type 
-Werror=trigraphs -Werror=array-bounds -Werror=write-strings -Werror=address 
-Werror=int-to-pointer-cast -Werror=pointer-to-int-cast -Werror=empty-body 
-Werror=write-strings -Wundef -Werror=redundant-decls -fvisibility=hidden 
'-DG_LOG_DOMAIN="Pango"' -DG_LOG_USE_STRUCTURED=1 -DPANGO_COMPILATION 
'-DSYSCONFDIR="/etc"' '-DLIBDIR="/usr/lib/x86_64-linux-gnu"' 
-DPANGO_DISABLE_DEPRECATION_WARNINGS -MD -MQ 
pango/libpangoft2-1.0.so.0.4400.0.p/pangofc-font.c.o -MF 
pango/libpangoft2-1.0.so.0.4400.0.p/pangofc-font.c.o.d -o 
pango/libpangoft2-1.0.so.0.4400.0.p/pangofc-font.c.o -c ../pango/pangofc-font.c
FAILED: pango/libpangoft2-1.0.so.0.4400.0.p/pangofc-font.c.o 
cc -Ipango/libpangoft2-1.0.so.0.4400.0.p -Ipango -I../pango -I. -I.. 
-I/usr/include/glib-2.0 -I/usr/lib/x86_64-linux-gnu/glib-2.0/include 
-I/usr/include/fribidi -I/usr/include/harfbuzz -I/usr/include/freetype2 
-I/usr/include/libpng16 -I/usr/include/uuid -I/usr/include/cairo 
-I/usr/include/pixman-1 -fdiagnostics-color=always -pipe -D_FILE_OFFSET_BITS=64 
-Wall -Winvalid-pch -std=gnu99 -D_POSIX_C_SOURCE=200809L 
-D_POSIX_THREAD_SAFE_FUNCTIONS -D_GNU_SOURCE -g -O2 
-ffile-prefix-map=/home/kibi/hack/pango1.0.git=. -fstack-protector-strong 
-Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC 
-Wimplicit-function-declaration -Wstrict-prototypes -Wmissing-prototypes 
-Wnested-externs -Wold-style-definition -Wno-int-conversion 
-Wno-discarded-qualifiers -fno-strict-aliasing -Wpointer-arith 
-Wmissing-declarations -Wformat=2 -Wformat-nonliteral -Wformat-security 
-Wunused -Wcast-align -Wmissing-noreturn -Wmissing-format-attribute 
-Wmissing-include-dirs -Wlogical-op -Wno-uninitialized -Wno-shadow 
-Werror=implicit -Werror=nonnull -Werror=init-self -Werror=main 
-Werror=missing-braces -Werror=sequence-point -Werror=return-type 
-Werror=trigraphs -Werror=array-bounds -Werror=write-strings -Werror=address 
-Werror=int-to-pointer-cast -Werror=pointer-to-int-cast -Werror=empty-body 
-Werror=write-strings -Wundef -Werror=redundant-decls -fvisibility=hidden 
'-DG_LOG_DOMAIN="Pango"' -DG_LOG_USE_STRUCTURED=1 -DPANGO_COMPILATION 
'-DSYSCONFDIR="/etc"' '-DLIBDIR="/usr/lib/x86_64-linux-gnu"' 
-DPANGO_DISABLE_DEPRECATION_WARNINGS -MD -MQ 
pango/libpangoft2-1.0.so.0.4400.0.p/pangofc-font.c.o -MF 
pango/libpangoft2-1.0.so.0.4400.0.p/pangofc-font.c.o.d -o 
pango/libpangoft2-1.0.so.0.4400.0.p/pangofc-font.c.o -c ../pango/pangofc-font.c
../pango/pangofc-font.c: In function ‘get_face_metrics’:
../pango/pangofc-font.c:371:44: error: ‘HB_OT_METRICS_UNDERLINE_SIZE’ 
undeclared (first use in this function); did you mean 
‘HB_OT_METRICS_TAG_UNDERLINE_SIZE’?
  371 |   if (hb_ot_metrics_get_position (hb_font, 
HB_OT_METRICS_UNDERLINE_SIZE, ))
  |
^~~~
  |
HB_OT_METRICS_TAG_UNDERLINE_SIZE
../pango/pangofc-font.c:371:44: note: each undeclared identifier is 
reported only once for each function it appears in
../pango/pangofc-font.c:374:44: error: ‘HB_OT_METRICS_UNDERLINE_OFFSET’ 
undeclared (first use in this function); did you mean 
‘HB_OT_METRICS_TAG_UNDERLINE_OFFSET’?
  374 |   if (hb_ot_metrics_get_position (hb_font, 
HB_OT_METRICS_UNDERLINE_OFFSET, ))
  |
^~
  |  

Bug#987587: libpango1.0-udeb: hangs the installer in various situations

[Cyril Brulebois]

Cyril Brulebois  (2021-04-26):
>  - I'm *not yet* certain this also triggers direct failures for Netinst
>images for several languages, tracked at:
>  https://bugs.debian.org/987449
…
>I'll try to confirm this in the next few days.

It's been confirmed, so I've added a “block” between both reports.

I've also confirmed an earlier version, uploaded to experimental
(1.44.6-1) also triggers the issue, hence the recent “found”.

I'm now down to investigating upstream releases that weren't packaged
into Debian. For that, I'm using #987449 with Sinhala (since that's
almost instantaneous, as opposed to #987377 which needs going through
various menus).

This time around, testing 1.43.0 with debian/ carried over from
debian/1.42.4-8, adjusted for docs (some files are missing) and symbols
(one new symbol), the problem cannot be triggered in an obvious manner.

Moving to 1.44* tags now.


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature

Bug#987728: wims-modules: depends on unavailable tinymce

[Georges Khaznadar]

Hi Andreas,

thank you for the bug report!

I had a look at tinymce , and ...
Andreas Beckmann a écrit :
>[...] wims-modules : Depends: tinymce but it is not installable
> 
> tinymce has been removed recently: https://bugs.debian.org/977149

That is sad: the popcon score of tinymce was 1500 when it was removed
(it has decreased slowly from 3000 in the past)

The upstream developers of wims have embedded a version 5.4.2 of
tinymce, which is more than the last version maintained in Debian: 
3.4.8 which was introduced nine years ago; however, symlinking files
of the package wims-modules to the older javascript module did work.

Now, if I want to keep on maintaining the package wims, which is
important for education as a contents server, there are two possible
ways:

1 - revive a debian package for tinymce: I had a look at upstream
developments, they are very active. Unfortunately, tinymce is
becoming bolder and bolder. Compiling it requires yarn, and implies
downloading more than a thousand node modules. I strongly doubt to
find every of those depedencies already packaged inside Debian.
2 - replace Javascript-enhanced editor areas in Wims which depend on
tinymce by some alternative code, hopefully providing some 
*really tiny* editor, not the bloatware that tinymce is becoming.

I believe that only the second option is sustainable, probably by using
ckeditor whose debian package is up to date with upstream's ckeditor4.

Best regards,   Georges.





signature.asc
Description: PGP signature

Processed: found 987587 in 1.44.6-1

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> found 987587 1.44.6-1
Bug #987587 [libpango1.0-udeb] libpango1.0-udeb: hangs the installer in various 
situations
Marked as found in versions pango1.0/1.44.6-1.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
987587: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987587
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#979609: swt4-gtk segfaults on ppc64el

[Frédéric Bonnard]

Hi there,

I tried to bisect between 4.17.0 and 4.18.0 (4.19.0
didn't work either) and found the first offending commit
64ceb09e3297259b58a78b5d6486b1724070a4c9 that makes tracecompass fail
and playing with -DNO_gtk_1check_1button_1set_1inconsistent makes it
work. Soon after f2006cbb02568177a6bfaf074f4e787b3dafdc75 : same kind of
changes and same kind of trick seemed to help.
All those implying GTK port changes and JNI. Also I saw tons of cc
warnings of implicit casts in os.c which is generated by JNIGenerator ..

All in all, I tried with latest git tree as it has other GTK/JNI
improvements and as of v4944r22, it built cleanly and worked well with
tracecompass, syndie and steganosuite.

Maybe not the best answer, but I think it can help going forward.

F.


On Mon, 22 Feb 2021 11:15:29 +0200, Adrian Bunk  wrote:
> On Tue, Jan 12, 2021 at 07:06:36PM +, Sudip Mukherjee wrote:
> > I had been testing little more and I can see the same problem with
> > other packages (syndie and stegosuite) which are using
> > libswt-cairo-gtk-4-jni.
> > So, all the three packages using libswt-cairo-gtk-4-jni triggers the
> > segfault in ppc64el.
> 
> Adding debian-powerpc so that a porter can check.
> 
> > Regards
> > Sudip
> 
> cu
> Adrian
> 


signature.asc
Description: PGP signature

Bug#986818: marked as done (arctica-greeter-guest-session: Guest sessions fail to start)

[Debian Bug Tracking System]

Your message dated Thu, 29 Apr 2021 13:48:49 +
with message-id 
and subject line Bug#986818: fixed in arctica-greeter 0.99.1.5-2
has caused the Debian Bug report #986818,
regarding arctica-greeter-guest-session: Guest sessions fail to start
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
986818: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986818
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---

Package: arctica-greeter-guest-session
Severity: grave
Version: 0.99.1.5-1

Arctica Greeter supports LightDM's feature of running guest sessions.

However, since Debian switch to libexec directory, arctica-greeter references a wrong path to  
LightDM's lightdm-guest-session executable (which still gets installed  
to /usr/lib//lightdm/.


This should be fixed for arctica-greeter in Debian 11. (Patch is on its way).

Mike
--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de



pgpRkf5esJKzt.pgp
Description: Digitale PGP-Signatur
--- End Message ---
--- Begin Message ---
Source: arctica-greeter
Source-Version: 0.99.1.5-2
Done: Mike Gabriel 

We believe that the bug you reported is fixed in the latest version of
arctica-greeter, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 986...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mike Gabriel  (supplier of updated arctica-greeter 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Thu, 29 Apr 2021 15:31:41 +0200
Source: arctica-greeter
Architecture: source
Version: 0.99.1.5-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Remote Maintainers 
Changed-By: Mike Gabriel 
Closes: 986818
Changes:
 arctica-greeter (0.99.1.5-2) unstable; urgency=medium
 .
   * debian/patches:
 + Add 0001_guest-session-Make-path-to-lightdm-guest-session-exe.patch.
   Allow providing a fixed path to the lightdm-guest-session executable
   at build time. (Relates to #986818).
   * debian/9*-arctica-greeter-*.conf:
 + Adjust to new LightDM section names. The [SeatDefaults] section is
   deprecated with Debian 11's LightDM version.
   * debian/rules:
 + Enforce a specifc path for the lightdm-guest-session helper executable
   (shipped in lightdm bin:pkg). (Closes: #986818).
Checksums-Sha1:
 fb2f0444080154b4779c582084d8855e31b21d7f 3312 arctica-greeter_0.99.1.5-2.dsc
 a9c361874557f34f5c310022f2b42f91c483778e 90284 
arctica-greeter_0.99.1.5-2.debian.tar.xz
 a94e0b189392b567cb27e8b48bbd7238d8000e77 17900 
arctica-greeter_0.99.1.5-2_source.buildinfo
Checksums-Sha256:
 cba966b17a1a0afe1aca26be321fee7d9bd236df2d7b792a94b2ec5e72f0266f 3312 
arctica-greeter_0.99.1.5-2.dsc
 02bdd9fd8776a22c75bd3236466ddda119a8d86cb7cc467bf5a5ea674086f680 90284 
arctica-greeter_0.99.1.5-2.debian.tar.xz
 f268e6a414f0da561a691e4e5a118ae0d0ff1878eea8b2ac2ffc210d33c68f4c 17900 
arctica-greeter_0.99.1.5-2_source.buildinfo
Files:
 2b8da9eef6d662ee6464deb7ae2cfa4d 3312 x11 optional 
arctica-greeter_0.99.1.5-2.dsc
 cd279a371c9ef10f1d296ae94b4df9dd 90284 x11 optional 
arctica-greeter_0.99.1.5-2.debian.tar.xz
 59577a693cef87ef3172097ee2bea270 17900 x11 optional 
arctica-greeter_0.99.1.5-2_source.buildinfo

-BEGIN PGP SIGNATURE-

iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAmCKthYVHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxu/AP/RmL4Fpy0beEiQKCZKVlMiS4tTjC
tYFXkrmCpxrlKKWaPizgXCdjyY3KvzBAVZ+IyNi1Zcuth7oTSUVbEXvHkktoD15v
ptXyOw1MZn9NMtky0NX8WSFXZg8B7UcHL6LSAG1lxoGleQAr0wM2p9JKROR/rduK
GgnOjf9I/6f+K83veqLHn1ZHHkeCp2ucPWP9TLnFKfGgrK/lA7UcA/6n51aKMOL0
ISRritRCrxgwpoku4OtbKh6Hx4Wjce/nry8W3dndsqgtOz9tCXiJyBIRdNGO0MnS
JfPxuvfBLe1jRNjdIUkiqvCBkLqxIcmh5a9Cwmsn6dTEGQFwbXjDP50pq1SgJ3gI
/Pw3FimXIcdOyOLjkbeBzSpXC7S+gX96J+Ig7hdIktqEUxbWKUkz2uztuV9SDjlr
stD7U8GjjdNFmvOQ++dewJC3ovGVVxKuyqyghoQGCVwrEcbCxEUq/zqDsW/alSxG
jI1ZxXjbJrTClx4rQiaCSv8SSB53DlMkQ3YgYPATUqZ6LHMV6gSCZvm0QnrblQQ+

Bug#986818: marked as pending in arctica-greeter

[Mike Gabriel]

Control: tag -1 pending

Hello,

Bug #986818 in arctica-greeter reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/debian-remote-team/arctica-greeter/-/commit/cf23969e5bd09c3fd499ef6608d9215465f90d85


debian/rules: Enforce a specifc path for the lightdm-guest-session helper 
executable (shipped in lightdm bin:pkg). (Closes: #986818).


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/986818

Processed: Bug#986818 marked as pending in arctica-greeter

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #986818 [arctica-greeter-guest-session] arctica-greeter-guest-session: 
Guest sessions fail to start
Added tag(s) pending.

-- 
986818: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986818
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#969206: Info received (redmine: Could not find gem 'rails (~> 5.2.2)' in any of the gem sources listed in your Gemfile)

[Debian Bug Tracking System]

Processing control commands:

> affects -1 redmine-plugin-custom-css
Bug #969206 [redmine] redmine: Could not find gem 'rails (~> 5.2.2)' in any of 
the gem sources listed in your Gemfile
Added indication that 969206 affects redmine-plugin-custom-css

-- 
969206: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969206
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#969206: Info received (redmine: Could not find gem 'rails (~> 5.2.2)' in any of the gem sources listed in your Gemfile)

[duck]

Control: affects -1 redmine-plugin-custom-css

Quack,

I finished packaging 4.2.1 a few days ago and I can confirms this 
totally does not work. Upstream had piled on many patches and now 
targeting Rails 6.1. Unfortunately this is not over and 5.0 has many 
tasks assigned which are not done.


\_o<

--
Marc Dequènes

Bug#987778: texlive-latex-extra: fails to declare dependency on libspreadsheet-parseexcel-perl

[Hilmar Preuße]

Control: severity -1 important

Am 29.04.2021 um 12:27 teilte Bjørn Mork mit:

> Package: texlive-latex-extra
> Version: 2020.20210202-3
> Severity: serious
> Justification: Policy 3.5


libspreadsheet-parseexcel-perl is required to run the exceltex
binary, but is not declared as a dependency.

  bjorn@miraculix:~$ exceltex
  Can't locate Spreadsheet/ParseExcel.pm in @INC (you may need to install the 
Spreadsheet::ParseExcel module) (@INC contains: /etc/perl 
/usr/local/lib/x86_64-linux-gnu/perl/5.32.1 /usr/local/share/perl/5.32.1 
/usr/lib/x86_64-linux-gnu/perl5/5.32 /usr/share/perl5 
/usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.32 
/usr/share/perl/5.32 /usr/local/lib/site_perl) at /usr/bin/exceltex line 738.
  BEGIN failed--compilation aborted at /usr/bin/exceltex line 738.

Don't exaggerate! There are a few scripts / binaries in the TeX 
packages, which need special perl / python modules. A single non-working 
binary doesn't make the whole package broken.


I lower severity, we'll fix it after bullseye.

Hilmar
--
sigfault




OpenPGP_signature
Description: OpenPGP digital signature

Processed: Re: Bug#987778: texlive-latex-extra: fails to declare dependency on libspreadsheet-parseexcel-perl

[Debian Bug Tracking System]

Processing control commands:

> severity -1 important
Bug #987778 [texlive-latex-extra] texlive-latex-extra: fails to declare 
dependency on libspreadsheet-parseexcel-perl
Severity set to 'important' from 'serious'

-- 
987778: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987778
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#987763: MimeMagic::Error: This gem should never be required

[Pirate Praveen]

On 2021, ഏപ്രിൽ 29 12:36:57 PM IST, Dragos Jarca 
 wrote:
>Package: gitlab
>Version: 13.10.4+ds1-1
>Severity: grave
>Justification: renders package unusable
>
>Dear Maintainer,
>
>When upgrading to gitlab 13.10.4 I have this error:
>
>gitlab_production database is not empty, skipping gitlab setup
>fatal: not a git repository (or any of the parent directories): .git
>fatal: not a git repository (or any of the parent directories): .git
>rake aborted!
>MimeMagic::Error: This gem should never be required

I think this will be fixed with rails 6.0.3.6 update, though I have not see 
this error in my test instances or in production instance at 
git.fosscommunity.in

>/usr/share/gitlab/vendor/shims/mimemagic/lib/mimemagic.rb:5:in 
>`'
>/usr/share/gitlab/vendor/shims/mimemagic/lib/mimemagic.rb:3:in `(required)>'
>/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
> `require'
>/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
> `block in require'
>/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:291:in
> `load_dependency'
>/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
> `require'
>/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
> `require'
>/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
> `block in require'
>/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:291:in
> `load_dependency'
>/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
> `require'
>/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:66:in
> `require'
>/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:66:in
> `block (2 levels) in require'
>/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:61:in
> `each'
>/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:61:in
> `block in require'
>/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:50:in
> `each'
>/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:50:in
> `require'
>/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler.rb:173:in 
>`require'
>/usr/share/gitlab/config/application.rb:15:in `'
>/usr/share/gitlab/Rakefile:7:in `require'
>/usr/share/gitlab/Rakefile:7:in `'
>/usr/share/rubygems-integration/all/gems/rake-13.0.3/exe/rake:27:in `(required)>'
>(See full trace by running task with --trace)
>dpkg: error processing package gitlab (--configure):
> installed gitlab package post-installation script subprocess returned error 
> exit status 1
>Errors were encountered while processing:
> gitlab
>E: Sub-process /usr/bin/dpkg returned an error code (1)
>
>
>I cannot finish upgrade.
>Please help me solve this situation.
>
>Dragos
>
>*** End of the template - remove these template lines ***
>
>
>-- System Information:
>Debian Release: bullseye/sid
>  APT prefers testing
>  APT policy: (900, 'testing'), (800, 'unstable'), (700, 'experimental'), 
> (500, 'testing-security'), (500, 'stable')
>Architecture: amd64 (x86_64)
>
>Kernel: Linux 5.10.0-6-amd64 (SMP w/8 CPU threads)
>Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to 
>C.UTF-8), LANGUAGE not set
>Shell: /bin/sh linked to /bin/dash
>Init: systemd (via /run/systemd/system)
>LSM: AppArmor: enabled
>
>Versions of packages gitlab depends on:
>ii  asciidoctor 2.0.12-2
>ii  bc  1.07.1-2+b2
>ii  bundler 2.2.5-2
>ii  bzip2   1.0.8-4
>ii  dbconfig-pgsql  2.0.19
>ii  debconf [debconf-2.0]   1.5.75
>ii  fonts-font-awesome [node-font-awesome]  5.0.10+really4.7.0~dfsg-4
>ii  gitlab-common   13.10.3+dfsg-1
>ii  gitlab-workhorse13.10.4+ds1-1
>ii  katex [node-katex]  0.10.2+dfsg-8
>ii  libjs-bootstrap4 [node-bootstrap]   4.5.2+dfsg1-6
>ii  libjs-codemirror [node-codemirror]  5.59.2+~cs0.23.109-1
>ii  libjs-pdf [node-pdfjs-dist] 2.6.347+dfsg-3
>ii  libjs-popper.js [node-popper.js]1.16.1+ds-3
>ii  libruby2.7 [ruby-rexml] 2.7.3-2
>ii  lsb-base11.1.0
>ii  nginx   1.18.0-6
>ii  nginx-extras [nginx]1.18.0-6+b1
>ii  node-autosize   4.0.2~dfsg1-5
>ii  node-axios  0.21.1+dfsg-1
>ii  node-babel-loader   8.2.2-5
>ii  node-babel-plugin-lodash3.3.4+~cs2.0.1-3
>ii  node-babel7 

Bug#987763: MimeMagic::Error: This gem should never be required

[Dragos Jarca]

Package: gitlab
Version: 13.10.4+ds1-1
Severity: grave
Justification: renders package unusable

Dear Maintainer,

When upgrading to gitlab 13.10.4 I have this error:

gitlab_production database is not empty, skipping gitlab setup
fatal: not a git repository (or any of the parent directories): .git
fatal: not a git repository (or any of the parent directories): .git
rake aborted!
MimeMagic::Error: This gem should never be required
/usr/share/gitlab/vendor/shims/mimemagic/lib/mimemagic.rb:5:in 
`'
/usr/share/gitlab/vendor/shims/mimemagic/lib/mimemagic.rb:3:in `'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `require'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `block in require'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:291:in
 `load_dependency'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `require'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `require'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `block in require'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:291:in
 `load_dependency'
/usr/share/rubygems-integration/all/gems/activesupport-6.0.3.5/lib/active_support/dependencies.rb:324:in
 `require'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:66:in
 `require'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:66:in
 `block (2 levels) in require'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:61:in
 `each'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:61:in
 `block in require'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:50:in
 `each'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler/runtime.rb:50:in
 `require'
/usr/share/rubygems-integration/all/gems/bundler-2.2.5/lib/bundler.rb:173:in 
`require'
/usr/share/gitlab/config/application.rb:15:in `'
/usr/share/gitlab/Rakefile:7:in `require'
/usr/share/gitlab/Rakefile:7:in `'
/usr/share/rubygems-integration/all/gems/rake-13.0.3/exe/rake:27:in `'
(See full trace by running task with --trace)
dpkg: error processing package gitlab (--configure):
 installed gitlab package post-installation script subprocess returned error 
exit status 1
Errors were encountered while processing:
 gitlab
E: Sub-process /usr/bin/dpkg returned an error code (1)


I cannot finish upgrade.
Please help me solve this situation.

Dragos

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'unstable'), (700, 'experimental'), (500, 
'testing-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-6-amd64 (SMP w/8 CPU threads)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to 
C.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gitlab depends on:
ii  asciidoctor 2.0.12-2
ii  bc  1.07.1-2+b2
ii  bundler 2.2.5-2
ii  bzip2   1.0.8-4
ii  dbconfig-pgsql  2.0.19
ii  debconf [debconf-2.0]   1.5.75
ii  fonts-font-awesome [node-font-awesome]  5.0.10+really4.7.0~dfsg-4
ii  gitlab-common   13.10.3+dfsg-1
ii  gitlab-workhorse13.10.4+ds1-1
ii  katex [node-katex]  0.10.2+dfsg-8
ii  libjs-bootstrap4 [node-bootstrap]   4.5.2+dfsg1-6
ii  libjs-codemirror [node-codemirror]  5.59.2+~cs0.23.109-1
ii  libjs-pdf [node-pdfjs-dist] 2.6.347+dfsg-3
ii  libjs-popper.js [node-popper.js]1.16.1+ds-3
ii  libruby2.7 [ruby-rexml] 2.7.3-2
ii  lsb-base11.1.0
ii  nginx   1.18.0-6
ii  nginx-extras [nginx]1.18.0-6+b1
ii  node-autosize   4.0.2~dfsg1-5
ii  node-axios  0.21.1+dfsg-1
ii  node-babel-loader   8.2.2-5
ii  node-babel-plugin-lodash3.3.4+~cs2.0.1-3
ii  node-babel7 7.12.12+~cs150.141.84-6
ii  node-brace-expansion2.0.0-1
ii  node-cache-loader   4.1.0+~cs2.0.0-1
ii  node-chart.js   2.9.4+dfsg+~cs2.10.1-3
ii  node-clipboard  2.0.6+ds+~cs7.6.4-1
ii  node-compression-webpack-plugin 6.1.1-1
ii  node-copy-webpack-plugin

Bug#987778: texlive-latex-extra: fails to declare dependency on libspreadsheet-parseexcel-perl

[Bjørn Mork]

Package: texlive-latex-extra
Version: 2020.20210202-3
Severity: serious
Justification: Policy 3.5

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512


libspreadsheet-parseexcel-perl is required to run the exceltex
binary, but is not declared as a dependency. 

 bjorn@miraculix:~$ exceltex 
 Can't locate Spreadsheet/ParseExcel.pm in @INC (you may need to install the 
Spreadsheet::ParseExcel module) (@INC contains: /etc/perl 
/usr/local/lib/x86_64-linux-gnu/perl/5.32.1 /usr/local/share/perl/5.32.1 
/usr/lib/x86_64-linux-gnu/perl5/5.32 /usr/share/perl5 
/usr/lib/x86_64-linux-gnu/perl-base /usr/lib/x86_64-linux-gnu/perl/5.32 
/usr/share/perl/5.32 /usr/local/lib/site_perl) at /usr/bin/exceltex line 738.
 BEGIN failed--compilation aborted at /usr/bin/exceltex line 738.


- -- Package-specific info:
IMPORTANT INFORMATION: We will only consider bug reports concerning
the packaging of TeX Live as relevant. If you have problems with
combination of packages in a LaTeX document, please consult your
local TeX User Group, the comp.text.tex user group, the author of
the original .sty file, or any other help resource. 

In particular, bugs that are related to up-upstream, i.e., neither
Debian nor TeX Live (upstream), but the original package authors,
will be closed immediately.

   *** The Debian TeX Team is *not* a LaTeX Help Desk ***

If you report an error when running one of the TeX-related binaries 
(latex, pdftex, metafont,...), or if the bug is related to bad or wrong
output, please include a MINIMAL example input file that produces the
error in your report.

Please run your example with
(pdf)latex -recorder ...
(or any other program that supports -recorder) and send us the generated
file with the extension .fls, it lists all the files loaded during
the run and can easily explain problems induced by outdated files in
your home directory.

Don't forget to also include minimal examples of other files that are 
needed, e.g. bibtex databases. Often it also helps
to include the logfile. Please, never send included pictures!

If your example file isn't short or produces more than one page of
output (except when multiple pages are needed to show the problem),
you can probably minimize it further. Instructions on how to do that
can be found at

http://www.minimalbeispiel.de/mini-en.html (english)

or 

http://www.minimalbeispiel.de/mini.html (german)

##
minimal input file


##
other files

##
 List of ls-R files

lrwxrwxrwx 1 root root 31 Feb 17 21:30 /usr/share/texlive/texmf-dist/ls-R -> 
/var/lib/texmf/ls-R-TEXLIVEDIST
##
 Config files
- -rw-r--r-- 1 root root 475 Feb 23 16:50 /etc/texmf/web2c/texmf.cnf
lrwxrwxrwx 1 root root 33 Feb 17 21:30 /usr/share/texmf/web2c/fmtutil.cnf -> 
/var/lib/texmf/fmtutil.cnf-DEBIAN
lrwxrwxrwx 1 root root 32 Feb 17 21:30 /usr/share/texmf/web2c/updmap.cfg -> 
/var/lib/texmf/updmap.cfg-DEBIAN
- -rw-r--r-- 1 root root 2763 Apr  5 10:45 
/var/lib/texmf/tex/generic/config/language.dat
##
 Files in /etc/texmf/web2c/
total 8
- -rw-r--r-- 1 root root 283 Feb 22  2016 mktex.cnf
- -rw-r--r-- 1 root root 475 Feb 23 16:50 texmf.cnf
##
 md5sums of texmf.d
ca40c66f144b4bafc3e59a2dd32ecb9c  /etc/texmf/texmf.d/00debian.cnf

- -- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (990, 'testing'), (700, 'stable'), (600, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, arm64

Kernel: Linux 5.10.0-6-amd64 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_USER
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages texlive-latex-extra depends on:
ii  libcommons-logging-java1.2-2
ii  libpdfbox-java 1:1.8.16-2
ii  preview-latex-style12.2-1
ii  python33.9.2-3
ii  tex-common 6.16
ii  texlive-base   2020.20210202-3
ii  texlive-binaries   2020.20200327.54578-7
ii  texlive-latex-recommended  2020.20210202-3
ii  texlive-pictures   2020.20210202-3

Versions of packages texlive-latex-extra recommends:
ii  texlive-fonts-recommended  2020.20210202-3
ii  texlive-plain-generic  2020.20210202-3

Versions of packages texlive-latex-extra suggests:
pn  icc-profiles
ii  libfile-which-perl  1.23-1
ii  libspreadsheet-parseexcel-perl  0.6500-1.1
ii  python3-pygments2.7.1+dfsg-2
pn  texlive-latex-extra-doc 

Versions of packages tex-common depends on:
ii  dpkg  1.20.9
ii  ucf   3.0043

Versions of packages tex-common suggests:
ii  debhelper  13.3.4

Versions of packages texlive-latex-extra is related to:
ii  tex-common6.16
ii  texlive-binaries  2020.20200327.54578-7

- -- no debconf information

Bug#987654: marked as done (python3-django-hyperkitty: Loads Google Fonts (fonts.gstatic.com), causing privacy breach)

[Debian Bug Tracking System]

Your message dated Thu, 29 Apr 2021 10:18:43 +
with message-id 
and subject line Bug#987654: fixed in hyperkitty 1.3.4-3
has caused the Debian Bug report #987654,
regarding python3-django-hyperkitty: Loads Google Fonts (fonts.gstatic.com), 
causing privacy breach
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
987654: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987654
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: python3-django-hyperkitty
Version: 1.3.4-2
Severity: important

Hyperkitty's CSS attempts to loads fonts from Google Fonts, causing a privacy 
breach:

@font-face {
  font-family: 'Droid Sans';
  font-style: normal;
  font-weight: 400;
  src: local('Droid Sans'), local('DroidSans'),
   
url(https://fonts.gstatic.com/s/droidsans/v6/s-BiyweUPV0v-yRb-cjciC3USBnSvpkopQaUR-2r7iU.ttf)
 format('truetype'),
   
url(/mailman3/static/hyperkitty/libs/fonts/droid/DroidSans.ttf?9a88e405c18d) 
format('truetype');
}

These fonts are already bundled in the package, so trying to load them from 
Google
causes a privacy breach for no good reason.

This has already been fixed upstream: 
,
I hope we can include this fix for bullseye.

Let me know if I can help with fixing (NMU, etc.), I've already prepared a 
fixed package
for our Mailman3 install at Wikimedia.

-- Kunal

-- System Information:
Debian Release: 10.9
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.4.98-1.fc25.qubes.x86_64 (SMP w/2 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python3-django-hyperkitty depends on:
pn  fonts-glewlwyd   
pn  libjs-bootstrap  
ii  python3  3.7.3-1
ii  python3-dateutil 2.7.3-3
pn  python3-django   
pn  python3-django-compressor
pn  python3-django-extensions
pn  python3-django-gravatar2 
pn  python3-django-haystack  
pn  python3-django-mailman3  
pn  python3-django-q 
pn  python3-djangorestframework  
ii  python3-lockfile 1:0.12.2-2
pn  python3-mailmanclient
pn  python3-networkx 
pn  python3-robot-detection  
ii  python3-tz   2019.1-1

Versions of packages python3-django-hyperkitty recommends:
pn  mailman3-web  

python3-django-hyperkitty suggests no packages.
--- End Message ---
--- Begin Message ---
Source: hyperkitty
Source-Version: 1.3.4-3
Done: Jonas Meurer 

We believe that the bug you reported is fixed in the latest version of
hyperkitty, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 987...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jonas Meurer  (supplier of updated hyperkitty package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 29 Apr 2021 11:55:45 +0200
Source: hyperkitty
Architecture: source
Version: 1.3.4-3
Distribution: unstable
Urgency: high
Maintainer: Debian Mailman Team 
Changed-By: Jonas Meurer 
Closes: 987654
Changes:
 hyperkitty (1.3.4-3) unstable; urgency=high
 .
   * d/p/0004_remove_link_to_google_fonts.patch: Don't load remote Google
 fonts. Thanks to Kunal Mehta for bugreport and testing. (Closes: #987654)
Checksums-Sha1:
 abf47b3f101a3859ff2d6683176f9d3ce1caacb8 2843 hyperkitty_1.3.4-3.dsc
 44309cefb7ce4093ddc566dec20d1d15a77f1b15 134208 
hyperkitty_1.3.4-3.debian.tar.xz
 13fcbf7d5d39b4ffa9c96b5de02232f7c6039947 9296 
hyperkitty_1.3.4-3_amd64.buildinfo
Checksums-Sha256:
 71d59f09e4aca11c9d3bc909ae6a2be3166874081ad30ada37c02e0738d5f71c 2843 
hyperkitty_1.3.4-3.dsc
 4f270dc27083d3280f590dd97f60ab14d8a43fc225bee6e7448cc40442c1f27a 134208 
hyperkitty_1.3.4-3.debian.tar.xz
 35ff3f47c3843be22fc40f0b54e642ca7f92cfc6cd3c8f8ccc2b7e39997d92c6 9296 
hyperkitty_1.3.4-3_amd64.buildinfo
Files:
 8fe0f57734228c00a0f1d44725052089 2843 python optional hyperkitty_1.3.4-3.dsc
 

Bug#987654: [Pkg-mailman-hackers] Bug#987654: Adjusting severity

[Jonas Meurer]

Hey Kunal,

Kunal Mehta wrote:

severity 987654 serious
thanks

Upping priority to serious as this is technically a violation of policy 


that all software in main should be self-contained to main, and I 
believe there is a general acceptance in Debian that such privacy 
breaches are not acceptable (see also #726998).


I can also confirm that I finished testing the upstream patch and it 
worked as expected after running "sudo mailman-web collectstatic --clear 
&& sudo mailman-web compress".


thanks a lot for your bugreport and the testing! I just prepared and 
uploaded hyperkitty 1.3.4-3 which applies the upstream fix.


It should hit unstable within the next hours and I hope to get into 
Bullseye soon.


> I've already prepared a fixed package for our Mailman3 install at
> Wikimedia.

I'm happy to learn that the Debian mailman3 packages are of usage for 
Wikimedia :)



Kind regards,
 jonas




OpenPGP_signature
Description: OpenPGP digital signature

Bug#987684: marked as done (php-horde-crypt: flaky autopkgtest: Could not obtain public key from the keyserver)

[Debian Bug Tracking System]

Your message dated Thu, 29 Apr 2021 09:48:36 +
with message-id 
and subject line Bug#987684: fixed in php-horde-crypt 2.7.12-6
has caused the Debian Bug report #987684,
regarding php-horde-crypt: flaky autopkgtest: Could not obtain public key from 
the keyserver
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
987684: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987684
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: php-horde-crypt
Version: 2.7.12-5
Severity: serious
Tags: sid bullseye
X-Debbugs-CC: debian...@lists.debian.org
User: debian...@lists.debian.org
Usertags: flaky

Dear maintainer(s),

Your package has an autopkgtest, great. However, I looked into
the history of your autopkgtest [1] and I noticed it fails regularly
lately.

Because the unstable-to-testing migration software now blocks on
regressions in testing, flaky tests, i.e. tests that flip between
passing and failing without changes to the list of installed packages,
are causing people unrelated to your package to spend time on these
tests.

By the way, if your test needs internet access, please mark that in the
restrictions with `needs-internet`.

Paul

[1] https://ci.debian.net/packages/p/php-horde-crypt/testing/amd64/

https://ci.debian.net/data/autopkgtest/testing/amd64/p/php-horde-crypt/11893421/log.gz

autopkgtest [14:12:26]: test phpunit: [---
PHPUnit 9.5.2 by Sebastian Bergmann and contributors.

Runtime:   PHP 7.4.15
Configuration:
/tmp/autopkgtest-lxc.pfr0ho3m/downtmp/build.LRx/src/Horde_Crypt-2.7.12/test/Horde/Crypt/phpunit.xml

Warning:   Test case class not matching filename is deprecated
   in
/tmp/autopkgtest-lxc.pfr0ho3m/downtmp/build.LRx/src/Horde_Crypt-2.7.12/test/Horde/Crypt/Pgp/BinaryTest.php
   Class name was 'Horde_Crypt_Pgp_BinaryTest', expected
'BinaryTest'
Warning:   Test case class not matching filename is deprecated
   in
/tmp/autopkgtest-lxc.pfr0ho3m/downtmp/build.LRx/src/Horde_Crypt-2.7.12/test/Horde/Crypt/PgpKeyserverTest.php
   Class name was 'Horde_Crypt_PgpKeyserverTest', expected
'PgpKeyserverTest'
Warning:   Test case class not matching filename is deprecated
   in
/tmp/autopkgtest-lxc.pfr0ho3m/downtmp/build.LRx/src/Horde_Crypt-2.7.12/test/Horde/Crypt/PgpParseTest.php
   Class name was 'Horde_Crypt_PgpParseTest', expected
'PgpParseTest'
Warning:   Test case class not matching filename is deprecated
   in
/tmp/autopkgtest-lxc.pfr0ho3m/downtmp/build.LRx/src/Horde_Crypt-2.7.12/test/Horde/Crypt/SmimeTest.php
   Class name was 'Horde_Crypt_SmimeTest', expected 'SmimeTest'

...SSE26 /
26 (100%)

Time: 00:30.896, Memory: 6.00 MB

There was 1 error:

1) Horde_Crypt_PgpKeyserverTest::testBrokenKeyserver
Horde_Crypt_Exception: Could not obtain public key from the keyserver.

/tmp/autopkgtest-lxc.pfr0ho3m/downtmp/build.LRx/src/Horde_Crypt-2.7.12/lib/Horde/Crypt/Pgp/Keyserver.php:110
/tmp/autopkgtest-lxc.pfr0ho3m/downtmp/build.LRx/src/Horde_Crypt-2.7.12/lib/Horde/Crypt/Pgp/Keyserver.php:230
/tmp/autopkgtest-lxc.pfr0ho3m/downtmp/build.LRx/src/Horde_Crypt-2.7.12/test/Horde/Crypt/PgpKeyserverTest.php:80

--

There were 2 skipped tests:

1) Horde_Crypt_PgpKeyserverTest::testKeyserverRetrieve
Problem with
http://pool.sks-keyservers.net:11371/pks/lookup?op=get=0x4DE5B969: 
fopen(http://pool.sks-keyservers.net:11371/pks/lookup?op=get=0x4DE5B969):
failed to open stream: HTTP request failed!

/tmp/autopkgtest-lxc.pfr0ho3m/downtmp/build.LRx/src/Horde_Crypt-2.7.12/test/Horde/Crypt/PgpKeyserverTest.php:46

2) Horde_Crypt_PgpKeyserverTest::testKeyserverRetrieveByEmail
Problem with
http://pool.sks-keyservers.net:11371/pks/lookup?op=index=mr=jan%40horde.org:
fopen(http://pool.sks-keyservers.net:11371/pks/lookup?op=index=mr=jan%40horde.org):
failed to open stream: HTTP request failed!

/tmp/autopkgtest-lxc.pfr0ho3m/downtmp/build.LRx/src/Horde_Crypt-2.7.12/test/Horde/Crypt/PgpKeyserverTest.php:62

ERRORS!
Tests: 26, Assertions: 62, Errors: 1, Skipped: 2.
autopkgtest [14:12:58]: test phpunit: ---]



OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
Source: php-horde-crypt
Source-Version: 2.7.12-6
Done: Mike Gabriel 

We believe that the bug you reported is fixed in the latest version of
php-horde-crypt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Bug#987742: marked as done (bind9: CVE-2021-25215)

[Debian Bug Tracking System]

Your message dated Thu, 29 Apr 2021 09:33:29 +
with message-id 
and subject line Bug#987742: fixed in bind9 1:9.16.15-1
has caused the Debian Bug report #987742,
regarding bind9: CVE-2021-25215
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
987742: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987742
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: bind9
Version: 1:9.16.13-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for bind9.

CVE-2021-25215[0]:
| An assertion check can fail while answering queries for DNAME records
| that require the DNAME to be processed to resolve itself

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-25215
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215
[1] https://kb.isc.org/docs/cve-2021-25215

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: bind9
Source-Version: 1:9.16.15-1
Done: Ondřej Surý 

We believe that the bug you reported is fixed in the latest version of
bind9, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 987...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ondřej Surý  (supplier of updated bind9 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 29 Apr 2021 09:11:32 +0200
Source: bind9
Architecture: source
Version: 1:9.16.15-1
Distribution: unstable
Urgency: high
Maintainer: Debian DNS Team 
Changed-By: Ondřej Surý 
Closes: 987741 987742 987743
Changes:
 bind9 (1:9.16.15-1) unstable; urgency=high
 .
   * New upstream version 9.16.15 (Closes: #987741, #987742, #987743)
+ CVE-2021-25214: A malformed incoming IXFR transfer could trigger an
  assertion failure in ``named``, causing it to quit abnormally.
+ CVE-2021-25215: ``named`` crashed when a DNAME record placed in the
  ANSWER section during DNAME chasing turned out to be the final
  answer to a client query.
+ CVE-2021-25216: When a server's configuration set the
 ``tkey-gssapi-keytab`` or ``tkey-gssapi-credential`` option, a
 specially crafted GSS-TSIG query could cause a buffer overflow in
 the ISC implementation of SPNEGO (a protocol enabling negotiation of
 the security mechanism used for GSSAPI authentication).
   * Add patches to implement I-D draft-hardaker-dnsop-nsec3-guidance
Checksums-Sha1:
 5f9d70519d693dbbf48c18ec7fa8da726810e10c 3236 bind9_9.16.15-1.dsc
 5d68bbd1ff452708d45f2d4ef832faa3a1690fc7 5025688 bind9_9.16.15.orig.tar.xz
 4926e0c0f0f2b667cf021a1f857f97b6280c8d1c 833 bind9_9.16.15.orig.tar.xz.asc
 7c07b37263e067be9b08305982ef76f8bc67a94b 89700 bind9_9.16.15-1.debian.tar.xz
 631b63a5be9a133fe2b35e3a2bc57a2dde7ff04f 15062 bind9_9.16.15-1_amd64.buildinfo
Checksums-Sha256:
 758b08d2917f3610bdc0b481fa81540bd29b1052de8721cbb99ab379ba3d7036 3236 
bind9_9.16.15-1.dsc
 98b6f432d878a7bf8f57eb7b3c28be27278cf6b9989154bfe6c81104b38e7839 5025688 
bind9_9.16.15.orig.tar.xz
 55628031d8c5697707e1f8ad3d8033f72ffb987cdc392d578ec4bc89c968822e 833 
bind9_9.16.15.orig.tar.xz.asc
 8af2c74d4a1a6ea8e3d8cc88b14248d9b447711da9dda3ce6eaee0edd485d87b 89700 
bind9_9.16.15-1.debian.tar.xz
 3f92cec2331f52a55d923d3e1202b8c60f3028b59b396e29f34696dbcdcb79a0 15062 
bind9_9.16.15-1_amd64.buildinfo
Files:
 43334d6c45321a1dc5f355a446979657 3236 net optional bind9_9.16.15-1.dsc
 6c6e5bb21763161bc68665b8729b3630 5025688 net optional bind9_9.16.15.orig.tar.xz
 a2e6a9234cd8726fd389e82dea656fec 833 net optional bind9_9.16.15.orig.tar.xz.asc
 61004a2ae5bb8a04e7137c188a5ccb5f 89700 net optional 
bind9_9.16.15-1.debian.tar.xz
 6e225c8f2db806eb1ad895165d44 15062 net optional 
bind9_9.16.15-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmCKeENfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz

Bug#987741: marked as done (bind9: CVE-2021-25214)

[Debian Bug Tracking System]

Your message dated Thu, 29 Apr 2021 09:33:29 +
with message-id 
and subject line Bug#987741: fixed in bind9 1:9.16.15-1
has caused the Debian Bug report #987741,
regarding bind9: CVE-2021-25214
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
987741: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987741
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: bind9
Version: 1:9.16.13-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for bind9.

CVE-2021-25214[0]:
| A broken inbound incremental zone update (IXFR) can cause named to
| terminate unexpectedly

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-25214
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214
[1] https://kb.isc.org/docs/cve-2021-25214

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: bind9
Source-Version: 1:9.16.15-1
Done: Ondřej Surý 

We believe that the bug you reported is fixed in the latest version of
bind9, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 987...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ondřej Surý  (supplier of updated bind9 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 29 Apr 2021 09:11:32 +0200
Source: bind9
Architecture: source
Version: 1:9.16.15-1
Distribution: unstable
Urgency: high
Maintainer: Debian DNS Team 
Changed-By: Ondřej Surý 
Closes: 987741 987742 987743
Changes:
 bind9 (1:9.16.15-1) unstable; urgency=high
 .
   * New upstream version 9.16.15 (Closes: #987741, #987742, #987743)
+ CVE-2021-25214: A malformed incoming IXFR transfer could trigger an
  assertion failure in ``named``, causing it to quit abnormally.
+ CVE-2021-25215: ``named`` crashed when a DNAME record placed in the
  ANSWER section during DNAME chasing turned out to be the final
  answer to a client query.
+ CVE-2021-25216: When a server's configuration set the
 ``tkey-gssapi-keytab`` or ``tkey-gssapi-credential`` option, a
 specially crafted GSS-TSIG query could cause a buffer overflow in
 the ISC implementation of SPNEGO (a protocol enabling negotiation of
 the security mechanism used for GSSAPI authentication).
   * Add patches to implement I-D draft-hardaker-dnsop-nsec3-guidance
Checksums-Sha1:
 5f9d70519d693dbbf48c18ec7fa8da726810e10c 3236 bind9_9.16.15-1.dsc
 5d68bbd1ff452708d45f2d4ef832faa3a1690fc7 5025688 bind9_9.16.15.orig.tar.xz
 4926e0c0f0f2b667cf021a1f857f97b6280c8d1c 833 bind9_9.16.15.orig.tar.xz.asc
 7c07b37263e067be9b08305982ef76f8bc67a94b 89700 bind9_9.16.15-1.debian.tar.xz
 631b63a5be9a133fe2b35e3a2bc57a2dde7ff04f 15062 bind9_9.16.15-1_amd64.buildinfo
Checksums-Sha256:
 758b08d2917f3610bdc0b481fa81540bd29b1052de8721cbb99ab379ba3d7036 3236 
bind9_9.16.15-1.dsc
 98b6f432d878a7bf8f57eb7b3c28be27278cf6b9989154bfe6c81104b38e7839 5025688 
bind9_9.16.15.orig.tar.xz
 55628031d8c5697707e1f8ad3d8033f72ffb987cdc392d578ec4bc89c968822e 833 
bind9_9.16.15.orig.tar.xz.asc
 8af2c74d4a1a6ea8e3d8cc88b14248d9b447711da9dda3ce6eaee0edd485d87b 89700 
bind9_9.16.15-1.debian.tar.xz
 3f92cec2331f52a55d923d3e1202b8c60f3028b59b396e29f34696dbcdcb79a0 15062 
bind9_9.16.15-1_amd64.buildinfo
Files:
 43334d6c45321a1dc5f355a446979657 3236 net optional bind9_9.16.15-1.dsc
 6c6e5bb21763161bc68665b8729b3630 5025688 net optional bind9_9.16.15.orig.tar.xz
 a2e6a9234cd8726fd389e82dea656fec 833 net optional bind9_9.16.15.orig.tar.xz.asc
 61004a2ae5bb8a04e7137c188a5ccb5f 89700 net optional 
bind9_9.16.15-1.debian.tar.xz
 6e225c8f2db806eb1ad895165d44 15062 net optional 
bind9_9.16.15-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmCKeENfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz

Bug#987743: marked as done (bind9: CVE-2021-25216)

[Debian Bug Tracking System]

Your message dated Thu, 29 Apr 2021 09:33:29 +
with message-id 
and subject line Bug#987743: fixed in bind9 1:9.16.15-1
has caused the Debian Bug report #987743,
regarding bind9: CVE-2021-25216
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
987743: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987743
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: bind9
Version: 1:9.16.13-1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: car...@debian.org, Debian Security Team 

Hi,

The following vulnerability was published for bind9.

CVE-2021-25216[0]:
| A second vulnerability in BIND's GSSAPI security policy negotiation
| can be targeted by a buffer overflow attack

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2021-25216
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216
[1] https://kb.isc.org/docs/cve-2021-25216

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: bind9
Source-Version: 1:9.16.15-1
Done: Ondřej Surý 

We believe that the bug you reported is fixed in the latest version of
bind9, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 987...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ondřej Surý  (supplier of updated bind9 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Thu, 29 Apr 2021 09:11:32 +0200
Source: bind9
Architecture: source
Version: 1:9.16.15-1
Distribution: unstable
Urgency: high
Maintainer: Debian DNS Team 
Changed-By: Ondřej Surý 
Closes: 987741 987742 987743
Changes:
 bind9 (1:9.16.15-1) unstable; urgency=high
 .
   * New upstream version 9.16.15 (Closes: #987741, #987742, #987743)
+ CVE-2021-25214: A malformed incoming IXFR transfer could trigger an
  assertion failure in ``named``, causing it to quit abnormally.
+ CVE-2021-25215: ``named`` crashed when a DNAME record placed in the
  ANSWER section during DNAME chasing turned out to be the final
  answer to a client query.
+ CVE-2021-25216: When a server's configuration set the
 ``tkey-gssapi-keytab`` or ``tkey-gssapi-credential`` option, a
 specially crafted GSS-TSIG query could cause a buffer overflow in
 the ISC implementation of SPNEGO (a protocol enabling negotiation of
 the security mechanism used for GSSAPI authentication).
   * Add patches to implement I-D draft-hardaker-dnsop-nsec3-guidance
Checksums-Sha1:
 5f9d70519d693dbbf48c18ec7fa8da726810e10c 3236 bind9_9.16.15-1.dsc
 5d68bbd1ff452708d45f2d4ef832faa3a1690fc7 5025688 bind9_9.16.15.orig.tar.xz
 4926e0c0f0f2b667cf021a1f857f97b6280c8d1c 833 bind9_9.16.15.orig.tar.xz.asc
 7c07b37263e067be9b08305982ef76f8bc67a94b 89700 bind9_9.16.15-1.debian.tar.xz
 631b63a5be9a133fe2b35e3a2bc57a2dde7ff04f 15062 bind9_9.16.15-1_amd64.buildinfo
Checksums-Sha256:
 758b08d2917f3610bdc0b481fa81540bd29b1052de8721cbb99ab379ba3d7036 3236 
bind9_9.16.15-1.dsc
 98b6f432d878a7bf8f57eb7b3c28be27278cf6b9989154bfe6c81104b38e7839 5025688 
bind9_9.16.15.orig.tar.xz
 55628031d8c5697707e1f8ad3d8033f72ffb987cdc392d578ec4bc89c968822e 833 
bind9_9.16.15.orig.tar.xz.asc
 8af2c74d4a1a6ea8e3d8cc88b14248d9b447711da9dda3ce6eaee0edd485d87b 89700 
bind9_9.16.15-1.debian.tar.xz
 3f92cec2331f52a55d923d3e1202b8c60f3028b59b396e29f34696dbcdcb79a0 15062 
bind9_9.16.15-1_amd64.buildinfo
Files:
 43334d6c45321a1dc5f355a446979657 3236 net optional bind9_9.16.15-1.dsc
 6c6e5bb21763161bc68665b8729b3630 5025688 net optional bind9_9.16.15.orig.tar.xz
 a2e6a9234cd8726fd389e82dea656fec 833 net optional bind9_9.16.15.orig.tar.xz.asc
 61004a2ae5bb8a04e7137c188a5ccb5f 89700 net optional 
bind9_9.16.15-1.debian.tar.xz
 6e225c8f2db806eb1ad895165d44 15062 net optional 
bind9_9.16.15-1_amd64.buildinfo

-BEGIN PGP SIGNATURE-

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmCKeENfFIAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz

Processed: Bug#987684 marked as pending in php-horde-crypt

[Debian Bug Tracking System]

Processing control commands:

> tag -1 pending
Bug #987684 [src:php-horde-crypt] php-horde-crypt: flaky autopkgtest: Could not 
obtain public key from the keyserver
Added tag(s) pending.

-- 
987684: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987684
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#987684: marked as pending in php-horde-crypt

[Mike Gabriel]

Control: tag -1 pending

Hello,

Bug #987684 in php-horde-crypt reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/horde-team/php-horde-crypt/-/commit/f0e0d45e0018e51b6377def2861bd1034c7e2b0e


debian/patches: Avoid Debian CI failures due to flakiness of public GPG 
keyservers. (Closes: #987684).


(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/987684

Bug#987772: ognibuild: autopkgtest regression: debcommit() got an unexpected keyword argument 'reporter'

[Paul Gevers]

Source: ognibuild
Version: 0.0.4-1
X-Debbugs-CC: debian...@lists.debian.org
Severity: serious
User: debian...@lists.debian.org
Usertags: regression

Dear maintainer(s),

With a recent upload of ognibuild the autopkgtest of ognibuild fails in
testing when that autopkgtest is run with the binary packages of
ognibuild from unstable. It passes when run with only packages from
testing. In tabular form:

   passfail
ognibuild  from testing0.0.4-1
versioned deps [0] from testingfrom unstable
all others from testingfrom testing

I copied some of the output at the bottom of this report. As it passes
in unstable, I think you're missing a *versioned* (test) dependency.

Can you please investigate the situation and fix it?

More information about this bug and the reason for filing it can be found 
on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul
PS: given that only the initial release of ognibuild is in testing and
later versions are not eligible to migrate, does it make sense to ship
bullseye with ognibuild?

[0] You can see what packages were added from the second line of the log
file quoted below. The migration software adds source package from
unstable to the list if they are needed to install packages from
ognibuild/0.0.4-1. I.e. due to versioned dependencies or breaks/conflicts.

https://ci.debian.net/data/autopkgtest/testing/amd64/o/ognibuild/11992532/log.gz

==
ERROR: test_missing_vala_package
(ognibuild.tests.test_debian_fix_build.ResolveErrorTests)
ognibuild.tests.test_debian_fix_build.ResolveErrorTests.test_missing_vala_package
--
testtools.testresult.real._StringException: log: {{{
1.073  creating repository in
file:///tmp/testbzr-orqq_x04.tmp/ognibuild.tests.test_debian_fix_build.ResolveErrorTests.test_missing_vala_package/work/.bzr/.
1.074  creating branch  in
file:///tmp/testbzr-orqq_x04.tmp/ognibuild.tests.test_debian_fix_build.ResolveErrorTests.test_missing_vala_package/work/
1.079  trying to create missing lock
'/tmp/testbzr-orqq_x04.tmp/ognibuild.tests.test_debian_fix_build.ResolveErrorTests.test_missing_vala_package/work/.bzr/checkout/dirstate'
1.080  opening working tree
'/tmp/testbzr-orqq_x04.tmp/ognibuild.tests.test_debian_fix_build.ResolveErrorTests.test_missing_vala_package/work'
1.091  preparing to commit
INFO  Committing to:
/tmp/testbzr-orqq_x04.tmp/ognibuild.tests.test_debian_fix_build.ResolveErrorTests.test_missing_vala_package/work/
1.093  Selecting files for commit with filter None
INFO  added debian
INFO  added debian/changelog
INFO  added debian/control
INFO  Committed revision 1.
1.105  Committed revid
b'jran...@example.com-20210427021210-4bwl3e3h9pekb5jn' as revno 1.
}}}

Traceback (most recent call last):
  File
"/tmp/autopkgtest-lxc.2a7j78cf/downtmp/build.wQP/src/ognibuild/tests/test_debian_fix_build.py",
line 236, in test_missing_vala_package
self.assertTrue(self.resolve(MissingValaPackage("posix")))
  File
"/tmp/autopkgtest-lxc.2a7j78cf/downtmp/build.wQP/src/ognibuild/tests/test_debian_fix_build.py",
line 116, in resolve
return resolve_error(error, ("build",), fixers)
  File
"/tmp/autopkgtest-lxc.2a7j78cf/downtmp/build.wQP/src/ognibuild/fix_build.py",
line 126, in resolve_error
made_changes = fixer.fix(error, phase)
  File
"/tmp/autopkgtest-lxc.2a7j78cf/downtmp/build.wQP/src/ognibuild/debian/fix_build.py",
line 207, in fix
if add_dependency(self.context, phase, apt_req):
  File
"/tmp/autopkgtest-lxc.2a7j78cf/downtmp/build.wQP/src/ognibuild/debian/fix_build.py",
line 216, in add_dependency
return add_build_dependency(context, requirement)
  File
"/tmp/autopkgtest-lxc.2a7j78cf/downtmp/build.wQP/src/ognibuild/debian/fix_build.py",
line 247, in add_build_dependency
return context.commit("Add missing build dependency on %s." % desc)
  File
"/tmp/autopkgtest-lxc.2a7j78cf/downtmp/build.wQP/src/ognibuild/debian/fix_build.py",
line 162, in commit
debcommit(
TypeError: debcommit() got an unexpected keyword argument 'reporter'


--
Ran 16 tests in 0.679s

FAILED (errors=14)



OpenPGP_signature
Description: OpenPGP digital signature

Bug#987568: open-iscsi-udeb: uninstallable udeb: non-udeb dependencies

[Ritesh Raj Sarraf]

On Thu, 2021-04-29 at 08:28 +0200, Cyril Brulebois wrote:
> OK, it's slighty different from the haveged package I mentioned that
> you
> could have taken as an example… but I think it should serve our
> purpose
> in a suitable fashion, so feel free to go ahead, thanks!
> 

In the interest of the limited time, I didn't really manage to look at
it.

> Regarding this comment:
> 
>     # We do this to keep the udeb in the installer happy
> 
> it's more about your executables being able to find the shared
> objects
> they need, the installer is neither happy nor unhappy. :D
> 
> I would expect the following to be a little more descriptive, but of
> course you keep whatever you find best. :)
> 
>     # Ship shared libraries along with the executable in a single
> udeb

Thank you. I find your reworded comment proper and have applied the
same.

I will now work with the release team.

-- 
Ritesh Raj Sarraf | http://people.debian.org/~rrs
Debian - The Universal Operating System


signature.asc
Description: This is a digitally signed message part

Bug#987643: ne10 FTBFS with gcc 10

[Michael R. Crusoe]

I found a PR that someone else sent to upstream to fix this at
https://github.com/projectNe10/Ne10/pull/260 (I haven't tested it, though)

Bug#986701: fixed in mosquitto 2.0.10-1

[Gianfranco Costamagna]

Hello,

ping to delay autoremoval

G.

Bug#987568: open-iscsi-udeb: uninstallable udeb: non-udeb dependencies

[Cyril Brulebois]

Hi,

Ritesh Raj Sarraf  (2021-04-28):
> Please review the attached patch. I build tested locally and the
> results are below. If this looks good to you, then I'll prepare an
> upload and ask the release team for an unblock.

OK, it's slighty different from the haveged package I mentioned that you
could have taken as an example… but I think it should serve our purpose
in a suitable fashion, so feel free to go ahead, thanks!

Regarding this comment:

# We do this to keep the udeb in the installer happy

it's more about your executables being able to find the shared objects
they need, the installer is neither happy nor unhappy. :D

I would expect the following to be a little more descriptive, but of
course you keep whatever you find best. :)

# Ship shared libraries along with the executable in a single udeb


Cheers,
-- 
Cyril Brulebois (k...@debian.org)
D-I release manager -- Release team member -- Freelance Consultant


signature.asc
Description: PGP signature