Processed: found 988732 in 6.2.0-1
Processing commands for cont...@bugs.debian.org: > found 988732 6.2.0-1 Bug #988732 {Done: Paul Gevers } [libphp-phpmailer] CVE-2020-36326 Marked as found in versions libphp-phpmailer/6.2.0-1. > thanks Stopping processing here. Please contact me if you need assistance. -- 988732: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988732 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#986590: dbus-test-runner: flaky ppc64el autopkgtest: FAIL test-libdbustest-mock-test (exit status: 1)
Hi Paul, On Di 18 Mai 2021 20:49:55 CEST, Paul Gevers wrote: Hi Mike, On 18-05-2021 07:38, Mike Gabriel wrote: Would it be a viable solution for now to not run autopkgtests on ppcel64? I really don't have a clue why this issue comes up only on ppcel64. If you think this failure is not representative for the package behavior on ppc64el, it is. Actually, I considered to propose it in my previous e-mail. However, I do wonder what this means for users of dbus-test-runner on ppc64el. Paul dbus-test-runner is used across various DEB packages during unit tests. We would see build failures everywhere in DEBs that do some sort or other of DBus testing, which we don't. So... Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgp3ogPNQEvrI.pgp Description: Digitale PGP-Signatur
Bug#855846: repo: requires software outside of the distribution to function
Package: repo Followup-For: Bug #855846 -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Seems Replicant project might be on to something that might help get this package back in main: https://redmine.replicant.us/issues/2213 - Jonas - -- System Information: Debian Release: 11.0 APT prefers buildd-unstable APT policy: (500, 'buildd-unstable'), (500, 'unstable'), (1, 'buildd-experimental'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-6-amd64 (SMP w/2 CPU threads) Locale: LANG=da_DK.UTF-8, LC_CTYPE=da_DK.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages repo depends on: ii git 1:2.31.1-1 ii gnupg 2.2.27-2 ii python3 3.9.2-3 pn python3-kerberos repo recommends no packages. repo suggests no packages. -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAmCkN4sACgkQLHwxRsGg ASFxQQ//eCHJEABapuo1Y4Mwdzy7Dobr4pJNKw49S0bnC7EwnY4dMM1VSPqLLNkJ s62kHzfXHIT/2CfsJNhKm7lfpZ5xxMg+lVbZ4CvmwB/+h5rzuILyKz7iKlL2mQ7G P3PECAzzhMaH901tP8ibWscKkpnIxknVOzt2o3BYhzvR5FKf5YeEOuFlpLZNLOgM XElUYvLCfmIXyRjGL/R+O6T7noT9boEiCJvIbc/DsG0/smTYInGwJCzi/5Kisi9V uiglPPE6FooMngOxV5UWLuijszai3MXschrg6YMqCGQchEN4dKEW45tFQssS4gok tSFr9Bv2YbEUHFzRCcVHVMN25OAmStWfMOglaX4csQ+s3vpx+UNQAUFdzhuF/I9e Fkkhr5PLrJxBw/WGWHn1X842bFp4XtaYOH+tsfUYVMbfH/9G4oNCvexG0E2V/yX2 JvUXWB7kC/5N91ECC6CJD2+qT9yJ9DkTO+P6w/lF+2mwrEwGutyeXgHlrtn0Gk+s 4PbA3JxTcWHCvdIzI4HnWiVX/ekn3ODhtYOtEsMw7YrBWPT4tCEWobJL3Y7h2c2p d1zytu50Ueb6Syos8Cp9DVeg+Xhbuq8HR1LaUZMQABF1kPuKcLsTcwsq0HHXUZnu vK2nnfl8NH+qFLC3rchv5q4Kpg5VbYGkNTz7bVIKcczNoK+Nv+U= =uzmD -END PGP SIGNATURE-
Processed: Bug#988735 marked as pending in pglogical
Processing control commands: > tag -1 pending Bug #988735 [src:pglogical] pglogical: CVE-2021-3515 Added tag(s) pending. -- 988735: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988735 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#988735: marked as pending in pglogical
Control: tag -1 pending Hello, Bug #988735 in pglogical reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/postgresql/pglogical/-/commit/272366dead4c57a364b3c8e9348e8e73c1cb72cd * debian/patches/cve-2021-3515.patch: New patch (taken from upstream commit 95c0e89), fixes shell injection by pglogical users with CREATEDB access (CVE-2021-3515, Closes: #988735). (this message was generated automatically) -- Greetings https://bugs.debian.org/988735
Bug#988745: vtk-dicom: autodep8-python3 autopkgtest failure
Source: vtk-dicom Version: 0.8.12-1+b2 Severity: serious Tags: patch Greetings, While looking up the unrelated bug #988643, I noticed that the package triggered an autodep8 python3 autopkgtest failure: autopkgtest [21:45:13]: test autodep8-python3: set -e ; for py in $(py3versions -d 2>/dev/null) ; do cd "$AUTOPKGTEST_TMP" ; echo "Testing with $py:" ; $py -c "import vtk_dicom; print(vtk_dicom)" ; done autopkgtest [21:45:13]: test autodep8-python3: [--- Testing with python3.9: Traceback (most recent call last): File "", line 1, in ModuleNotFoundError: No module named 'vtk_dicom' autopkgtest [21:45:13]: test autodep8-python3: ---] This crash is due to a mismatch between the module name derived from the package name, and the actual Python module name, which is vtkDICOMPython: >>> import vtk_dicom Traceback (most recent call last): File "", line 1, in ModuleNotFoundError: No module named 'vtk_dicom' >>> import vtkDICOMPython >>> print(vtkDICOMPython) The fix would be to override the import name, with a file debian/tests/autopkgtest-pkg-python.conf containing the following statement, hence the "patch" tag: import_name = vtkDICOMPython Albeit superficial, the autopkgtest failure would prevent migration to testing, hence the severity. Have a nice day, :) -- Étienne Mollier Fingerprint: 8f91 b227 c7d6 f2b1 948c 8236 793c f67e 8f0d 11da Sent from /dev/pts/1, please excuse my verbosity. signature.asc Description: PGP signature
Bug#988732: marked as done (CVE-2020-36326)
Your message dated Tue, 18 May 2021 21:18:34 + with message-id and subject line Bug#988732: fixed in libphp-phpmailer 6.2.0-2 has caused the Debian Bug report #988732, regarding CVE-2020-36326 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988732: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988732 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libphp-phpmailer Severity: grave Tags: security X-Debbugs-Cc: Debian Security Team Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36326 Patches: https://github.com/PHPMailer/PHPMailer/commit/26f2848d3bbb57add5f34a467a1e3b2f9ce5cd2a (v6.4.1) https://github.com/PHPMailer/PHPMailer/commit/7f267fb4aadfcf62e3ddc50494c469c6b9c4405a (v6.4.1) Cheers, Moritz --- End Message --- --- Begin Message --- Source: libphp-phpmailer Source-Version: 6.2.0-2 Done: Paul Gevers We believe that the bug you reported is fixed in the latest version of libphp-phpmailer, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Paul Gevers (supplier of updated libphp-phpmailer package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 18 May 2021 21:29:05 +0200 Source: libphp-phpmailer Architecture: source Version: 6.2.0-2 Distribution: unstable Urgency: medium Maintainer: Debian PHP PEAR Maintainers Changed-By: Paul Gevers Closes: 988732 Changes: libphp-phpmailer (6.2.0-2) unstable; urgency=medium . * Add upstream patches to fix CVE-2020-36326 (Closes: #988732) Checksums-Sha1: f2d75be096ab105cc292df5f33aabd6e6ab00198 1809 libphp-phpmailer_6.2.0-2.dsc cfc4fa72c64f457b1ebb37162fcfd6ec3d6329b3 5172 libphp-phpmailer_6.2.0-2.debian.tar.xz Checksums-Sha256: 2f27dc7daaf7b4d62f62e1635aafe913549e66f7f7f4ea201e28dfcd3c9b746b 1809 libphp-phpmailer_6.2.0-2.dsc 2f1712976aed9530ca4960e681bdae0029bda108ffd41df981b0357214342bfa 5172 libphp-phpmailer_6.2.0-2.debian.tar.xz Files: 03d0b567bba8672a3fc9048199225a33 1809 php optional libphp-phpmailer_6.2.0-2.dsc 9949e9d8a1bf32cafdfd85b43639d75b 5172 php optional libphp-phpmailer_6.2.0-2.debian.tar.xz -BEGIN PGP SIGNATURE- iQEzBAEBCAAdFiEEWLZtSHNr6TsFLeZynFyZ6wW9dQoFAmCkKoUACgkQnFyZ6wW9 dQr50gf8C5sieL8wzewc+1+Qrzy1PvK5aCT2Qh4Ry+J/s0gVpErozauUTxw+dG0e ViMJJwxiZHpxJuhipvAeYztJCRaSXpoKol+Fykd2vrSEwYItxdp3If+X87T5P86m IpPjYuhS9Fy0YdAJdXIL1D2Asvwn47Y/zGWJmAOwn7HwkjfpiPJtFcENDEKSCCvh 3gHWvvd2236JxS8Uul2bJknj6dO/AnWUDe/9Z8WIIxAF43w5cF8jaV39AksJidQL Op0C58Q47W/9EmdFRUSCVRXx6PormIK3TyEEq1UTvhxLmo3PE00Zocczq/dm0V3x x64RipFBt3pbsk7WfBgLap69NeMd5g== =Wu2u -END PGP SIGNATURE End Message ---
Bug#988739: libsidplayfp6: missing Breaks+Replaces: libsidplayfp5
On 2021-05-18 22:14:32 +0200, Andreas Beckmann wrote: > Package: libsidplayfp6 > Version: 2.1.2-1 > Severity: serious > User: debian...@lists.debian.org > Usertags: piuparts > > Hi, > > during a test with piuparts I noticed your package fails to upgrade from > 'sid' to 'experimental'. > It installed fine in 'sid', then the upgrade to 'experimental' fails > because it tries to overwrite other packages files without declaring a > Breaks+Replaces relation. > > See policy 7.6 at > https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces > > Since libsidplayfp5 is supposed to go away, the B+R can be unversioned. > > >From the attached log (scroll to the bottom...): > > Preparing to unpack .../libsidplayfp6_2.1.2-1_amd64.deb ... > Unpacking libsidplayfp6:amd64 (2.1.2-1) ... > dpkg: error processing archive > /var/cache/apt/archives/libsidplayfp6_2.1.2-1_amd64.deb (--unpack): >trying to overwrite '/usr/lib/x86_64-linux-gnu/libstilview.so.0.0.4', > which is also in package libsidplayfp5:amd64 2.0.5-2 > Errors were encountered while processing: >/var/cache/apt/archives/libsidplayfp6_2.1.2-1_amd64.deb > > > That's the price you pay for shipping multiple shared libraries > with unsynchronized SOVERSION in the same package. Please use this opportunity and split those libraries into separate packages. The Breaks+Replaces will be needed as well, but for the next transition the situation will be easier. Cheers -- Sebastian Ramacher signature.asc Description: PGP signature
Bug#922981: tagging 922981 (ca-certificates-java: /etc/ca-certificates/update.d/jks-keystore doesn't update /etc/ssl/certs/java/cacerts)
On 18/05/2021 21.38, Paul Gevers wrote: On 08-04-2021 19:33, Julien Cristau wrote: I've started to look at it, I'm afraid building up context on this stuff to understand what it's doing is going to take a while... Just a friendly ping. Did you get anywhere with this yet? Just an additional data point: I've run (in my local piuparts instance) all buster->bullseye piuparts dist-upgrade tests on amd64 that involved ca-certificates(-java) as a dependency or recommendation to ca-certificates(-java) packages with my proposed patches applied and have not encountered any upgrade problems. Andreas
Bug#988739: libsidplayfp6: missing Breaks+Replaces: libsidplayfp5
Package: libsidplayfp6 Version: 2.1.2-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'sid' to 'experimental'. It installed fine in 'sid', then the upgrade to 'experimental' fails because it tries to overwrite other packages files without declaring a Breaks+Replaces relation. See policy 7.6 at https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces Since libsidplayfp5 is supposed to go away, the B+R can be unversioned. >From the attached log (scroll to the bottom...): Preparing to unpack .../libsidplayfp6_2.1.2-1_amd64.deb ... Unpacking libsidplayfp6:amd64 (2.1.2-1) ... dpkg: error processing archive /var/cache/apt/archives/libsidplayfp6_2.1.2-1_amd64.deb (--unpack): trying to overwrite '/usr/lib/x86_64-linux-gnu/libstilview.so.0.0.4', which is also in package libsidplayfp5:amd64 2.0.5-2 Errors were encountered while processing: /var/cache/apt/archives/libsidplayfp6_2.1.2-1_amd64.deb That's the price you pay for shipping multiple shared libraries with unsynchronized SOVERSION in the same package. cheers, Andreas libsidplayfp5=2.0.5-2_libsidplayfp6=2.1.2-1.log.gz Description: application/gzip
Bug#988632: audacity: The main drawing area (sound wave) do not refresh
Control: tags -1 moreinfo unreproducible X-Debbugs-CC: d.fil...@web.de, poming...@gmail.com It works perfectly here (under Xorg with KDE). Even running: LANG=zh_TW.UTF8 LC_CTYPE=zh_TW.UTF8 LC_ALL=zh_TW.UTF8 \ LANGUAGE=zh_TW:zh audacity does not produce the behaviour you describe. If you use wayland you can try setting the environment variable GDK_BACKEND to "x11", for example by running: GDK_BACKEND=x11 audacity Let us know if that fixes it, and if it doesn't you have to give more information regarding your display server and desktop environment. Regards, Dennis.
Processed: audacity: The main drawing area (sound wave) do not refresh
Processing control commands: > tags -1 moreinfo unreproducible Bug #988632 [audacity] audacity: The main drawing area (sound wave) do not refresh Added tag(s) moreinfo and unreproducible. -- 988632: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988632 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: severity of 972146 is grave
Processing commands for cont...@bugs.debian.org: > severity 972146 grave Bug #972146 [mono-runtime-common] /usr/share/applications/mono-runtime-common.desktop: should not handle MIME type by executing arbitrary code Severity set to 'grave' from 'important' > thanks Stopping processing here. Please contact me if you need assistance. -- 972146: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972146 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#988737: libx11: CVE-2021-31535: Missing request length checks
Processing control commands: > severity -1 grave Bug #988737 [src:libx11] libx11: CVE-2021-31535: Missing request length checks Severity set to 'grave' from 'important' -- 988737: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988737 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#922981: tagging 922981 (ca-certificates-java: /etc/ca-certificates/update.d/jks-keystore doesn't update /etc/ssl/certs/java/cacerts)
Hi Julien, On 08-04-2021 19:33, Julien Cristau wrote: > I've started to look at it, I'm afraid building up context on this > stuff to understand what it's doing is going to take a while... Just a friendly ping. Did you get anywhere with this yet? Paul > Cheers, > Julien > > On Tue, Apr 06, 2021 at 10:31:51PM +0200, Ivo De Decker wrote: >> Hi Julien, >> >> Do you have any comment on the merge request Andreas submitted to >> ca-certificates, to allow breaking to dependency cycle in >> ca-certificates-java (see mail quoted below, from #922981)? >> >> Thanks, >> >> Ivo >> >> On Fri, Mar 19, 2021 at 03:04:35AM +0100, Andreas Beckmann wrote: >>> On Thu, 11 Mar 2021 09:11:37 +0100 Paul Gevers wrote: Is it possible that we get this uploaded soon? If you have the fix ready, it would be good to have it sooner rather than later as we're in the freeze, so it gets a bit of exposure. >>> >>> I'd like to get some maintainer feedback on >>> >>> https://salsa.debian.org/java-team/ca-certificates-java/-/merge_requests/5 >>> >>> https://salsa.debian.org/debian/ca-certificates/-/merge_requests/6 >>> >>> I have now run some tests in my piuparts instance by injecting these >>> packages into buster->bullseye upgrades and have not observed any upgrade >>> issues related to ca-certificates-java. >>> >>> >>> Andreas >>> >> > OpenPGP_signature Description: OpenPGP digital signature
Bug#986527: sagemath: FTBFS: /<>/sage/src/bin/sage: line 549: exec: cython: not found
* Julien Puydt [2021-05-18 17:47]: Upstream manages to ship version with no error because they ship hundreds of deps to an exact version for which they fitted the testsuite to pass. We ship those deps as separate packages, because they're actually not sagemath-specific [look at the list, it's pretty telling : https://people.debian.org/~thansen/debian-sage-status.html ], so we might not have the exact same version, and that's enough to trigger artificial failures. I don't think we'll ever hit zero. At least not while their testsuite framework is so... so like it is. If we keep it with an allowed error rate, we detect the package is *really* broken before shipping ; if we don't, we detect it is broken after shipping, because it hurts the users and they complain. I totally understand your point but please keep in mind that we need to be able to rebuild packages in Debian as well. If we rebuild a package and it FTBFS, we can't publish security updates, for example. Also if the tests depend on so many external dependencies, changing one of them could render sagemath FTBFS due to hitting the test limit. Would you then simply bump the limit? Sagemath is definitely not bug-free, the Debian package for it isn't bug-free either, but it is working and useful to users, and this (bringing useful software to users) is what Debian is about. Totally agreed here, I would like to see sagemath in stable as well. If I look at the title of this bug, I think "Oh, just patch src/bin/sage so it calls cython3 and not cython" (see my message #20), but if you look at the exchange, then it's not clear at all what the problem actually is. The buildd logs ( https://buildd.debian.org/status/package.php?p=sagemath=bullseye ), John Cross (message #10), myself (message #25) and the triggered RB rebuild (message #30) all conclude the package doesn't FTBFS. I would like to fix the problem, but at that point, I have no clue what it really is about... I think there are a number of problems: - Tests not being executed due to the open file limit ("Killing test" in the log). If you want to use the tests as an indicator if the build works, you should make sure the all tests are executed, otherwise 200 tolerated failures is arbitrary. - I found a number of segfaults in the tests, like: sage -t --long --random-seed=0 src/sage/interfaces/singular.py # Killed due to segmentation fault - Looking at the amd64 log of the buildd: Error: 202 tests failed, up to 200 failures are tolerated Yes: 202 tests failed, up to 400 failures are tolerated for rerun Success: 192 tests failed, up to 200 failures are tolerated does that mean we ran the test twice and it passed the second time cause there where 10 failures less? Can we be sure that this always succeeds? 192 is really close to 200. - I still see cython: not found in the logs, so there are definitely tests broken due to that. Maybe it makes sense to define tests which are allowed to break and other which should succeed? I am honestly not sure what the best way forward would be but I think just downgrading the bug priority is not helping. On the other hand given the current freeze policy and what will be the policy in stable, what would be your actions if sagemath FTBFS there? Would you say at some point it is unfit for a stable release or would you retry the build and ignore the errors? Maybe it would make sense to ignore the tests results for the version in stable? Cheers Jochen signature.asc Description: PGP signature
Bug#988738: eyeD3: depends on unpackaged Python package “grako”
Package: eyed3 Version: 0.8.10-1.1 Severity: serious Justification: fails to work X-Debbugs-Cc: t...@mirbsd.de $ eyeD3 -P display -p %a% *.mp3 eyed3.plugins:WARNING: Plugin '('lastfm.py', '/usr/lib/python3/dist-packages/eyed3/plugins')' requires packages that are not installed: cannot import name 'COVER_EXTRA_LARGE' from 'pylast' (/usr/lib/python3/dist-packages/pylast/__init__.py) Unknown module 'grako' Please install grako! E.g. $ pip install grako -- System Information: Debian Release: 11.0 APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-4-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_WARN Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/lksh Init: sysvinit (via /sbin/init) Versions of packages eyed3 depends on: ii python33.9.2-3 ii python3-eyed3 0.8.10-1.1 ii python3-pkg-resources 52.0.0-3 eyed3 recommends no packages. eyed3 suggests no packages. -- no debconf information
Processed: Re: Bug#988727: CVE-2021-3514 CVE-2021-3480
Processing control commands: > clone -1 -2 Bug #988727 [389-ds-base] CVE-2021-3514 CVE-2021-3480 Bug 988727 cloned as bug 988736 > retitle -1 389-ds-base: CVE-2021-3514 Bug #988727 [389-ds-base] CVE-2021-3514 CVE-2021-3480 Changed Bug title to '389-ds-base: CVE-2021-3514' from 'CVE-2021-3514 CVE-2021-3480'. > reassign -2 src:slapi-nis 0.56.5-1 Bug #988736 [389-ds-base] CVE-2021-3514 CVE-2021-3480 Bug reassigned from package '389-ds-base' to 'src:slapi-nis'. Ignoring request to alter found versions of bug #988736 to the same values previously set Ignoring request to alter fixed versions of bug #988736 to the same values previously set Bug #988736 [src:slapi-nis] CVE-2021-3514 CVE-2021-3480 Marked as found in versions slapi-nis/0.56.5-1. > retitle -2 slapi-nis: CVE-2021-3480 Bug #988736 [src:slapi-nis] CVE-2021-3514 CVE-2021-3480 Changed Bug title to 'slapi-nis: CVE-2021-3480' from 'CVE-2021-3514 CVE-2021-3480'. -- 988727: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988727 988736: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988736 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#988727: CVE-2021-3514 CVE-2021-3480
Control: clone -1 -2 Control: retitle -1 389-ds-base: CVE-2021-3514 Control: reassign -2 src:slapi-nis 0.56.5-1 Control: retitle -2 slapi-nis: CVE-2021-3480 Hi, On Tue, May 18, 2021 at 08:30:52PM +0200, Moritz Muehlenhoff wrote: > Package: 389-ds-base > Severity: grave > Tags: security > X-Debbugs-Cc: Debian Security Team > > CVE-2021-3514: > https://github.com/389ds/389-ds-base/issues/4711 > > CVE-2021-3480: > https://bugzilla.redhat.com/show_bug.cgi?id=1944640 > https://pagure.io/slapi-nis/c/c7417ea2d534712e559b56ed45baa91c5d3d44db?branch=master I believe CVE-2021-3480 is actually in src:slapi-nis according to the above information. Cloning this bug to tack it in slapi-nis for CVE-2021-3480. Regards, Salvatore
Bug#988735: pglogical: CVE-2021-3515
Source: pglogical Version: 2.3.3-2 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for pglogical, please lower the severity if you strongly disagree. CVE-2021-3515[0]: | Shell injection by pglogical users with CREATEDB access No description was found (try on a search engine) If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-3515 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3515 [1] https://bugzilla.redhat.com/show_bug.cgi?id=1954112 [2] https://bugzilla.suse.com/show_bug.cgi?id=1186121 [3] https://github.com/2ndQuadrant/pglogical/commit/95c0e8981485e09efab6821cf55a4e27b086efe5 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
Processed: severity of 988240 is grave
Processing commands for cont...@bugs.debian.org: > severity 988240 grave Bug #988240 [src:openexr] openexr: CVE-2021-23169 Severity set to 'grave' from 'important' > thanks Stopping processing here. Please contact me if you need assistance. -- 988240: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988240 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: severity of 985574 is grave
Processing commands for cont...@bugs.debian.org: > severity 985574 grave Bug #985574 {Done: Moritz Mühlenhoff } [src:pygments] pygments: CVE-2021-27291 Severity set to 'grave' from 'important' > thanks Stopping processing here. Please contact me if you need assistance. -- 985574: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985574 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#986590: dbus-test-runner: flaky ppc64el autopkgtest: FAIL test-libdbustest-mock-test (exit status: 1)
Hi Mike, On 18-05-2021 07:38, Mike Gabriel wrote: > Would it be a viable solution for now to not run autopkgtests on > ppcel64? I really don't have a clue why this issue comes up only on > ppcel64. If you think this failure is not representative for the package behavior on ppc64el, it is. Actually, I considered to propose it in my previous e-mail. However, I do wonder what this means for users of dbus-test-runner on ppc64el. Paul OpenPGP_signature Description: OpenPGP digital signature
Bug#988732: CVE-2020-36326
Package: libphp-phpmailer Severity: grave Tags: security X-Debbugs-Cc: Debian Security Team Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36326 Patches: https://github.com/PHPMailer/PHPMailer/commit/26f2848d3bbb57add5f34a467a1e3b2f9ce5cd2a (v6.4.1) https://github.com/PHPMailer/PHPMailer/commit/7f267fb4aadfcf62e3ddc50494c469c6b9c4405a (v6.4.1) Cheers, Moritz
Bug#988729: CVE-2021-21299
Source: rust-hyper Severity: grave Tags: security X-Debbugs-Cc: Debian Security Team CVE-2021-21299: https://github.com/hyperium/hyper/security/advisories/GHSA-6hfq-h8hq-87mf https://rustsec.org/advisories/RUSTSEC-2021-0020.html Cheers, Moritz
Bug#988722: postgresql-common: Upgrading cluster with postgis does not migrate tables using postgis
On Tue, May 18, 2021 at 06:47:38PM +0200, Christoph Berg wrote: > Can you share the apt command and output that led to this removal? One more observation: Bullseye's gdal-data 3.2.1+dfsg-1 defines a Breaks: libgdal20 (< 2.5.0~), but the libgdal20 in Buster is 2.4.0, and postgresql-11-postgis-2.5 depends on that. libgdal28 depends on gdal-data (>=3.2.1+dfsg-1). To me it looks like there's no way to keep postgresql-11-postgis-2.5 around if anything that depends on libgdal28 (postgis, libopencv-imgcodecs4.5, ...) gets installed. Regards, Dennis.
Bug#988727: CVE-2021-3514 CVE-2021-3480
Package: 389-ds-base Severity: grave Tags: security X-Debbugs-Cc: Debian Security Team CVE-2021-3514: https://github.com/389ds/389-ds-base/issues/4711 CVE-2021-3480: https://bugzilla.redhat.com/show_bug.cgi?id=1944640 https://pagure.io/slapi-nis/c/c7417ea2d534712e559b56ed45baa91c5d3d44db?branch=master Cheers, Moritz
Bug#986803: [Pkg-rust-maintainers] Bug#986803: CVE-2021-28875 CVE-2021-28876 CVE-2021-28877 CVE-2021-28878 CVE-2021-28879 CVE-2020-36317 CVE-2020-36318
Sorry for the late reply, got backlogged in my inbox. Am Mon, Apr 12, 2021 at 11:18:16AM +0100 schrieb Ximin Luo: > It looks like these CVEs affect all versions up to 1.52 (which is not yet > released). > > Do you have links to patches fixing these bugs that can be backported to > 1.48? We've had 1.48 for a while due to the migration freeze, and I've been > informed that some rust packages in Debian break with newer versions of rustc > and will need themselves to be updated - so I'd rather not force that during > the freeze, I'd rather backport security fixes to 1.48. Not sure if there are backports for 1.48, if these aren't easily backportable, let's bullseye-ignore them for now. The next rustc update for the subsequent Mozilla ESR will catch up with those anyway. Cheers, Moritz
Processed: Re: Bug#988722: postgresql-common: Upgrading cluster with postgis does not migrate tables using postgis
Processing control commands: > reassign -1 hdf5 1.10.5+repack-1~exp6 Bug #988722 [postgresql-common] postgresql-common: Upgrading cluster with postgis does not migrate tables using postgis Bug reassigned from package 'postgresql-common' to 'hdf5'. No longer marked as found in versions postgresql-common/225. Ignoring request to alter fixed versions of bug #988722 to the same values previously set Bug #988722 [hdf5] postgresql-common: Upgrading cluster with postgis does not migrate tables using postgis There is no source info for the package 'hdf5' at version '1.10.5+repack-1~exp6' with architecture '' Unable to make a source version for version '1.10.5+repack-1~exp6' Marked as found in versions 1.10.5+repack-1~exp6. -- 988722: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988722 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#988722: postgresql-common: Upgrading cluster with postgis does not migrate tables using postgis
Control: reassign -1 hdf5 1.10.5+repack-1~exp6 On Tue, May 18, 2021 at 07:48:08PM +0200, Dennis Filder wrote: > X-Debbugs-CC: d.fil...@web.de > > On Tue, May 18, 2021 at 06:47:38PM +0200, Christoph Berg wrote: > > > Can you share the apt command and output that led to this removal? > > I attached the output from "apt full-upgrade" until the "Do you want > to continue?" > > Having gimp-gmic (recommended by gimp-plugin-registry) installed may > have been a contributing factor due to these dependency chains: > > * gimp-gmic -> libgmic1 -> libopencv-videoio4.5 -> libopencv-imgcodecs4.5 -> > libgdal28 > * postgis -> libgdal28 > * postgresql-13-postgis-3 -> libgdal28 > > I remember that I uninstalled gimp-gmic to make it easier to get > something workable again before I could continue with the cluster > migration. > So: - postgresql-11-postgis-2.5 depends on libgdal20 - libgdal20 depends on libnetcdf13 - libnetcdf13 depends on libhdf5-103 - the upgrade pulls in libgdal28 - libgdal28 depends on libhdf5-103-1 - libhdf5-103-1 Breaks/Replaces libhdf5-103 - sadness ensues That Breaks/Replaces is not OK, hdf5 should have bumped SONAMEs if the ABI broke, to preserve co-installability. Cheers, Julien
Processed: galera-4 #988089
Processing commands for cont...@bugs.debian.org: > severity 988089 grave Bug #988089 [mariadb-server] mariadb-server: MariaDB uninstalled on dist-upgrade Debian 10 -> 11 Severity set to 'grave' from 'normal' > reassign 988089 galera-4 Bug #988089 [mariadb-server] mariadb-server: MariaDB uninstalled on dist-upgrade Debian 10 -> 11 Bug reassigned from package 'mariadb-server' to 'galera-4'. No longer marked as found in versions mariadb-10.5/1:10.5.9-1. Ignoring request to alter fixed versions of bug #988089 to the same values previously set > affects 988089 mariadb-10.5 Bug #988089 [galera-4] mariadb-server: MariaDB uninstalled on dist-upgrade Debian 10 -> 11 Added indication that 988089 affects mariadb-10.5 > End of message, stopping processing here. Please contact me if you need assistance. -- 988089: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988089 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#988722: postgresql-common: Upgrading cluster with postgis does not migrate tables using postgis
X-Debbugs-CC: d.fil...@web.de On Tue, May 18, 2021 at 06:47:38PM +0200, Christoph Berg wrote: > Can you share the apt command and output that led to this removal? I attached the output from "apt full-upgrade" until the "Do you want to continue?" Having gimp-gmic (recommended by gimp-plugin-registry) installed may have been a contributing factor due to these dependency chains: * gimp-gmic -> libgmic1 -> libopencv-videoio4.5 -> libopencv-imgcodecs4.5 -> libgdal28 * postgis -> libgdal28 * postgresql-13-postgis-3 -> libgdal28 I remember that I uninstalled gimp-gmic to make it easier to get something workable again before I could continue with the cluster migration. Regards, Dennis postgis_removal.txt.gz Description: application/gzip
Processed: forcibly merging 988036 965075
Processing commands for cont...@bugs.debian.org: > forcemerge 988036 965075 Bug #988036 [postfixadmin] Multiple errors that make the package unusable Bug #965075 {Done: Christoph Martin } [postfixadmin] postfixadmin: wrong alias in postfixadmin conf-available for apache2 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions postfixadmin/3.3.7-1. Bug #965075 [postfixadmin] postfixadmin: wrong alias in postfixadmin conf-available for apache2 Marked as fixed in versions postfixadmin/3.3.7-1. Merged 965075 988036 > thanks Stopping processing here. Please contact me if you need assistance. -- 965075: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965075 988036: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988036 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: tagging 988722
Processing commands for cont...@bugs.debian.org: > tags 988722 - bullseye Bug #988722 [postgresql-common] postgresql-common: Upgrading cluster with postgis does not migrate tables using postgis Removed tag(s) bullseye. > thanks Stopping processing here. Please contact me if you need assistance. -- 988722: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988722 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#988722: postgresql-common: Upgrading cluster with postgis does not migrate tables using postgis
Re: Dennis Filder > During an upgrade from Buster to Bullseye I also had to upgrade a > cluster from postgresql 11 to 13. The cluster had the postgis > extension enabled (postgis 2.5.1) and one table with columns of types > from postgis. My typescript tells me that during "apt full-upgrade" > postgresql-11-postgis-2.5 was removed. Can you share the apt command and output that led to this removal? Christoph
Processed: unarchiving 855846
Processing commands for cont...@bugs.debian.org: > unarchive 855846 Bug #855846 {Done: Hans-Christoph Steiner } [repo] repo: requires software outside of the distribution to function Unarchived Bug 855846 > thanks Stopping processing here. Please contact me if you need assistance. -- 855846: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855846 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#988722: postgresql-common: Upgrading cluster with postgis does not migrate tables using postgis
Package: postgresql-common Architecture: amd64 Version: 225 Severity: serious Justification: Potential data loss (lower at your discretion) Tags: bullseye X-Debbugs-CC: d.fil...@web.de During an upgrade from Buster to Bullseye I also had to upgrade a cluster from postgresql 11 to 13. The cluster had the postgis extension enabled (postgis 2.5.1) and one table with columns of types from postgis. My typescript tells me that during "apt full-upgrade" postgresql-11-postgis-2.5 was removed. After "apt full-upgrade" was done I installed postgresql-13-postgis-3-scripts thinking that it would be necessary for migrating any postgis metadata tables. Then I tried to migrate the cluster by running "pg_upgradecluster 11 main", but the migration failed (the error message roughly was "$lib/postgis-2.5 not found" or sth. like that; I didn't log that part). I reactivated the Buster repos in /etc/apt/sources.list and downgraded some packages back so that I could install postgresql-11-postgis-2.5-scripts again. I did not install postgresql-11-postgis-2.5, though (which, as far as I can tell, would have been impossible anyway due to conflicting dependencies, which was presumably also the reason for why it was automatically removed). Resolving the dependency rat's nest was not easy. Here's the state after: # aptitude versions '?or(~npostgis, ~npostgres) ~i' \ |sed 's@i[ ][ ]@i M @;s@ \([0-9]\+\)$@ locally \1@' \ |paste - - -|column -t Package libreoffice-sdbc-postgresql:i A 1:7.0.4-3testing 500 Package postgis:i M 3.1.1+dfsg-1 testing 500 Package postgis-gui:i M 2.5.1+dfsg-1 locally 100 Package postgresql: i M 13+225 testing 500 Package postgresql-11: i M 11.12-0+deb10u1 locally 100 Package postgresql-11-postgis-2.5-scripts: i M 2.5.1+dfsg-1 locally 100 Package postgresql-11-python3-multicorn:i M 1.3.4-4 locally 100 Package postgresql-13: i A 13.2-1 testing 500 Package postgresql-13-postgis-3:i M 3.1.1+dfsg-1 testing 500 Package postgresql-13-postgis-3-scripts:i A 3.1.1+dfsg-1 testing 500 Package postgresql-client-11: i M 11.12-0+deb10u1 locally 100 Package postgresql-client-13: i A 13.2-1 testing 500 Package postgresql-client-common: i A 225 testing 500 Package postgresql-common: i A 225 testing 500 Package postgresql-contrib: i M 13+225 testing 500 Package postgresql-doc: i M 13+225 testing 500 Package postgresql-doc-11: i M 11.12-0+deb10u1 locally 100 Package postgresql-doc-13: i A 13.2-1 testing 500 Packages listed as "locally" are Buster packages. After that I reran "pg_upgradecluster 11 main" and this time the upgrade worked (but with error messages, which I foolishly did not log). However, after temporarily reenabling the old 11 cluster to check if anything was missing I noticed that the table with postgis columns was not copied over, and the postgis extension does not show up in the upgraded cluster either when running: psql -c '\dx' (it does in the 11 cluster). I'm filing this bug also to learn how this was supposed to work. Does the automatic removal of postgresql-11-postgis-2.5 not effectively render the cluster unmigratable? I'm filing it against postgresql-common as it contains the pg_upgradecluster command. As for a resolution: I think apt-listchanges should at least warn people who have extensions installed to dump clusters before continuing the upgrade and restore them manually. Regards, Dennis.
Bug#988712: marked as done (python3-masakari: triggers lintian autoreject tag 'FSSTND-dir-in-usr')
Your message dated Tue, 18 May 2021 15:48:27 + with message-id and subject line Bug#988712: fixed in masakari 10.0.0-2 has caused the Debian Bug report #988712, regarding python3-masakari: triggers lintian autoreject tag 'FSSTND-dir-in-usr' to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988712: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988712 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: python3-masakari Version: 10.0.0-1 Severity: serious Hi, your package triggers a non-overridable lintian autoreject tag, i.e. if the package would be reuploaded today without changes, it would be automatically rejected by ftp-master. https://lintian.debian.org/tags/FSSTND-dir-in-usr https://lintian.debian.org/sources/masakari?version=10.0.0-1 E FSSTND-dir-in-usr usr/etc/ Andreas --- End Message --- --- Begin Message --- Source: masakari Source-Version: 10.0.0-2 Done: Thomas Goirand We believe that the bug you reported is fixed in the latest version of masakari, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thomas Goirand (supplier of updated masakari package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 17 Mar 2021 13:43:16 +0100 Source: masakari Architecture: source Version: 10.0.0-2 Distribution: unstable Urgency: medium Maintainer: Debian OpenStack Changed-By: Thomas Goirand Closes: 988712 Changes: masakari (10.0.0-2) unstable; urgency=medium . * Tune masakari-api-uwsgi.ini for performance. * Remove $(CURDIR)/debian/tmp/usr/etc (Closes: #988712). Checksums-Sha1: 3be951b38a92408dfd1ae6faff0a67663a9f686f 3206 masakari_10.0.0-2.dsc 22b2cd683e9f5b4ae6178aab42a9f31190ee3575 5760 masakari_10.0.0-2.debian.tar.xz c933612ac779a8f9f8f722112ca43255149dd83c 15998 masakari_10.0.0-2_amd64.buildinfo Checksums-Sha256: b569c8d9f7a0a36139b4fcb71b720ffa26b6609d4a12d3f7750612be54c450da 3206 masakari_10.0.0-2.dsc 1354ebe3cec439cc332d905c20f6c43ed2022494d5fff907166900018fac9034 5760 masakari_10.0.0-2.debian.tar.xz 3b767eff7a2ae7dee0afc892516b30b8b72238a11cf35858be1b030a30f36307 15998 masakari_10.0.0-2_amd64.buildinfo Files: 494c19a3410f28066944a40ea49756f9 3206 net optional masakari_10.0.0-2.dsc 8adf8704ed1e52e16cb02ba0528a45b2 5760 net optional masakari_10.0.0-2.debian.tar.xz a22dc094c2f4275628666fe1d4baf8f6 15998 net optional masakari_10.0.0-2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmCj3LYACgkQ1BatFaxr Q/6tHw//SnPmyDmVdlCP7QZ/iN2i5HvPmsbz1tE4d9xqIjpmE/+F3IMMhs2z7vO/ 9SewGvwp/Bl/IhlRAe+zeAFDx5mlFHynBd2U1YcTDGY4zfmR9aFewQVAMzbB+dr6 RmrrH1L04alAe3SaYiKB09gkzze82sBKw43g2OB5V3h2xUaE6Y2CutpY2BK1pLcW E4rGBfs2agJORHSrUQBsiX0cupzCBqSxZccRBwz0c/80aKL6sPTOnw3PJweK2i62 6d2JbKMBzdTVbPOKuEoYpbRzJT+SpmBDWlg1Mn7YC2JJrIC3S5ClOIZYj06UKZ2J ltfqnZpU5s4IczIV15CPRukipOpE8Hpk6Y303GCp2rK2+fCO5MmZbTH/PX9FqERj 4G7YNburjfCTpEUS64fk4eZmC4rgjSowsWujCzG4SqIEY+rDYh9X0ul9k9CI4vyl 7eooHexDgNZPhvLa4SHBr1GRcXCeaAmwkoEK5ONkhEKfpa9hwrFTbqKMAY4koOp0 UIyySrwV5uvDk12TKoQoXx5eKOv8l+jvNib6vIA52kbMVs1oTRxR4EMHrvwt65IC x4ObDCNaLf9vPWpjylqJePLoQtvOmxm0LLKykAG2TCpPbIvnj9vAwKd+Uv7VCE6F ERS4FweFB0Lf422jooAuTfs4Bm9wNVYNi5O8BtnAJZTCXX8Yi+c= =OK3T -END PGP SIGNATURE End Message ---
Bug#986527: sagemath: FTBFS: /<>/sage/src/bin/sage: line 549: exec: cython: not found
Hi, Le mardi 18 mai 2021 à 15:31 +0200, Jochen Sprickerhof a écrit : > > * Julien Puydt [2021-05-18 07:56]: > > 1) Upstream itself uses the testsuite in the sense of "shouldn't > > have > > too many failing tests", and it still allows to detect when a build > > is > > utterly broken, so we shouldn't disable it. > > Debian doesn't necessarily need to do the same as upstream here. Upstream manages to ship version with no error because they ship hundreds of deps to an exact version for which they fitted the testsuite to pass. We ship those deps as separate packages, because they're actually not sagemath-specific [look at the list, it's pretty telling : https://people.debian.org/~thansen/debian-sage-status.html ], so we might not have the exact same version, and that's enough to trigger artificial failures. I don't think we'll ever hit zero. At least not while their testsuite framework is so... so like it is. If we keep it with an allowed error rate, we detect the package is *really* broken before shipping ; if we don't, we detect it is broken after shipping, because it hurts the users and they complain. Sagemath is definitely not bug-free, the Debian package for it isn't bug-free either, but it is working and useful to users, and this (bringing useful software to users) is what Debian is about. If I look at the title of this bug, I think "Oh, just patch src/bin/sage so it calls cython3 and not cython" (see my message #20), but if you look at the exchange, then it's not clear at all what the problem actually is. The buildd logs ( https://buildd.debian.org/status/package.php?p=sagemath=bullseye ), John Cross (message #10), myself (message #25) and the triggered RB rebuild (message #30) all conclude the package doesn't FTBFS. I would like to fix the problem, but at that point, I have no clue what it really is about... JP
Bug#988712: marked as done (python3-masakari: triggers lintian autoreject tag 'FSSTND-dir-in-usr')
Your message dated Tue, 18 May 2021 15:33:30 + with message-id and subject line Bug#988712: fixed in masakari 11.0.0-2 has caused the Debian Bug report #988712, regarding python3-masakari: triggers lintian autoreject tag 'FSSTND-dir-in-usr' to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988712: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988712 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: python3-masakari Version: 10.0.0-1 Severity: serious Hi, your package triggers a non-overridable lintian autoreject tag, i.e. if the package would be reuploaded today without changes, it would be automatically rejected by ftp-master. https://lintian.debian.org/tags/FSSTND-dir-in-usr https://lintian.debian.org/sources/masakari?version=10.0.0-1 E FSSTND-dir-in-usr usr/etc/ Andreas --- End Message --- --- Begin Message --- Source: masakari Source-Version: 11.0.0-2 Done: Thomas Goirand We believe that the bug you reported is fixed in the latest version of masakari, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thomas Goirand (supplier of updated masakari package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Tue, 18 May 2021 17:04:24 +0200 Source: masakari Binary: masakari-api masakari-common masakari-doc masakari-engine python3-masakari Architecture: source all Version: 11.0.0-2 Distribution: experimental Urgency: medium Maintainer: Debian OpenStack Changed-By: Thomas Goirand Description: masakari-api - OpenStack Virtual Machine High Availability (VMHA) - API Server masakari-common - OpenStack Virtual Machine High Availability (VMHA) - common files masakari-doc - OpenStack Virtual Machine High Availability (VMHA) - doc masakari-engine - OpenStack Virtual Machine High Availability (VMHA) - API Server python3-masakari - OpenStack Virtual Machine High Availability (VMHA) - Python files Closes: 988712 Changes: masakari (11.0.0-2) experimental; urgency=medium . * Remove $(CURDIR)/debian/tmp/usr/etc (Closes: #988712). Checksums-Sha1: 8b7edec37d6563895b7e107469ae6d4227e40039 3158 masakari_11.0.0-2.dsc c7d460e4b734bd99c6ce73cc3e550cdebbd9c696 5844 masakari_11.0.0-2.debian.tar.xz 3e321ba2a3219e98be58746b2256eeff12348575 22896 masakari-api_11.0.0-2_all.deb 9db9c541209f75e80c3bd1b4f822a67d853054ef 25900 masakari-common_11.0.0-2_all.deb ee9c11cf8a26b44ed2b4de705c93ffcd0115df65 1052356 masakari-doc_11.0.0-2_all.deb 57908e0694ab8049a689c18a7c9be15204c78cce 5656 masakari-engine_11.0.0-2_all.deb 40fd6a83cb0ab4d90d867c39c1d2e882f62af1c1 16098 masakari_11.0.0-2_amd64.buildinfo 45995a06f748606e6d72e3dd7123806effbf2fe3 167140 python3-masakari_11.0.0-2_all.deb Checksums-Sha256: 5a7489cde6cc6fa96ed85f91e8d726180ea3778b336ec298e6a606731c423c38 3158 masakari_11.0.0-2.dsc 6e01c1b2bfdd7c43ba0bacbf9795a8a3a4010a0b7dc512d3a3c116991b951ea9 5844 masakari_11.0.0-2.debian.tar.xz 523b4cd68fa545f19bf600c320005d6efc2fe138cf2f892f88a8e7dad9e1f133 22896 masakari-api_11.0.0-2_all.deb da064da55b1d2cd4cb892206a52e33cdd080988c3d4f48070e30eb69773570e1 25900 masakari-common_11.0.0-2_all.deb 9c4014d67214ec101f216d257f0f0299d012ee512353299fd6beaf46e68072c5 1052356 masakari-doc_11.0.0-2_all.deb 4b59ac4b71e82a8a1396ecb0bd27148a8a6d5befebbe467635f385e3be962194 5656 masakari-engine_11.0.0-2_all.deb 996f15e4c38764defac115a93e9f9214cc8e9b813a32100896940ab4faf434a6 16098 masakari_11.0.0-2_amd64.buildinfo 240477d7ecd53a02b1a6227db6b10ddc194f3aa7870c4f3ee50e0ad0f79f161a 167140 python3-masakari_11.0.0-2_all.deb Files: 5c10fa3fffa5931b4173110517fe3001 3158 net optional masakari_11.0.0-2.dsc c2a25f1e1a2cdb9652c4420b82f7cf68 5844 net optional masakari_11.0.0-2.debian.tar.xz 8da53767f153874a9f948db87e4f418a 22896 net optional masakari-api_11.0.0-2_all.deb f9c111866cdc68031973c9de6a4c2f5c 25900 net optional masakari-common_11.0.0-2_all.deb 327341c0cf513527260da5ef2a8a1ae3 1052356 doc optional masakari-doc_11.0.0-2_all.deb 362ae07e9691029e47837ae55aad59ac 5656 net optional masakari-engine_11.0.0-2_all.deb
Bug#984956: Pmix issues with openmpi-4.1.0
Dear Maintainer, I tested mpirun from openmpi-bin 4.1.0-9 and I no longer have the problem. Thank you, -- | Nicolas Perrin Grid'5000 Administrator | | nicolas.per...@inria.fr INRIA / RESIST | On Sun, 16 May 2021 07:25:51 +0100 Alastair McKinstry < mckins...@debian.org> wrote: > Hi Lucas > > Yikes. > > No, I wanted to wait and check if there were any issues before issuing > an unblock request. > > Alastair >
Bug#988718: Security fixes from the April 2021 Patch Update
Source: mysql-8.0 Version: 8.0.23 Severity: grave Tags: security upstream fixed-upstream The Oracle Critical Patch Update for April 2021 lists CVEs affecting MySQL 8.0 that are fixed in 8.0.25 CVE list: CVE-2020-1971 CVE-2021-2144 CVE-2021-2146 CVE-2021-2160 CVE-2021-2162 CVE-2021-2164 CVE-2021-2166 CVE-2021-2169 CVE-2021-2170 CVE-2021-2171 CVE-2021-2172 CVE-2021-2174 CVE-2021-2178 CVE-2021-2179 CVE-2021-2180 CVE-2021-2193 CVE-2021-2194 CVE-2021-2196 CVE-2021-2201 CVE-2021-2202 CVE-2021-2203 CVE-2021-2208 CVE-2021-2212 CVE-2021-2213 CVE-2021-2215 CVE-2021-2217 CVE-2021-2226 CVE-2021-2230 CVE-2021-2232 CVE-2021-2278 CVE-2021-2293 CVE-2021-2298 CVE-2021-2299 CVE-2021-2300 CVE-2021-2301 CVE-2021-2304 CVE-2021-2305 CVE-2021-2307 CVE-2021-2308 CVE-2021-3449 CVE-2021-23841 CVE-2020-28196 Ref: https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixMSQL Regards, Lars Tangvald
Bug#988717: lxml: triggers lintian autoreject tag 'license-problem-md5sum-non-free-file'
Package: lxml Version: 4.6.3-1 Severity: serious Hi, your package triggers a non-overridable lintian autoreject tag, i.e. if the package would be reuploaded today without changes, it would be automatically rejected by ftp-master. https://lintian.debian.org/tags/license-problem-md5sum-non-free-file https://lintian.debian.org/sources/lxml E license-problem-md5sum-non-free-file doc/html/flattr-badge-large.png usual name is badge-93x20.png. Could not be modified (variant from https://github.com/balupton/flattr-buttons.git) See also http://developers.flattr.net/api/policy/. Andreas
Bug#988716: platformio 4.3.4 cannot download required frameworks
Package: platformio Version: 4.3.4-1 Severity: grave Dear Maintainer, Upstream changed paths for the framework manifest files in recent releases and did not maintain backward compatibility links resulting in 4.3.4 no longer being able to install the frameworks. For example this happens when I try to build the arduino-blink hello world program: $ platformio run -e d1_mini Processing d1_mini (platform: espressif8266; framework: arduino; board: d1_mini) PlatformManager: Installing espressif8266 Error: Detected unknown package 'espressif8266' But not even native build is possible: $ platformio platform install native PlatformManager: Installing native Error: Detected unknown package 'native' There does not seem to be a way to get better error messages, but using strace I can say it receives a 404 response for the following query: "GET /platforms/manifest.json". The problem is fixed by updating to latest upstream release [I tested 5.1.1], which has already been requested in #976665. This means the package is basically unusable for new installations Since it did not exist in buster, it is always a new installation in bullseye. Considering we are in late freeze phase I suggest to drop the package from Debian testing (and upload a new upstream release to sid). -- Sebastian
Bug#988715: atmel-firmware: triggers lintian autoreject tag 'file-in-etc-not-marked-as-conffile'
Package: atmel-firmware Version: 1.3-4 Severity: serious Hi, your package triggers a non-overridable lintian autoreject tag, i.e. if the package would be reuploaded today without changes, it would be automatically rejected by ftp-master. https://lintian.debian.org/tags/file-in-etc-not-marked-as-conffile https://lintian.debian.org/sources/atmel-firmware E file-in-etc-not-marked-as-conffile etc/pcmcia/atmel.conf Andreas
Bug#988713: pipemeter: triggers lintian autoreject tag 'FSSTND-dir-in-usr'
Package: pipemeter Version: 1.1.5-1 Severity: serious Hi, your package triggers a non-overridable lintian autoreject tag, i.e. if the package would be reuploaded today without changes, it would be automatically rejected by ftp-master. https://lintian.debian.org/tags/FSSTND-dir-in-usr https://lintian.debian.org/sources/pipemeter E FSSTND-dir-in-usr usr/man/ Andreas
Bug#988712: python3-masakari: triggers lintian autoreject tag 'FSSTND-dir-in-usr'
Package: python3-masakari Version: 10.0.0-1 Severity: serious Hi, your package triggers a non-overridable lintian autoreject tag, i.e. if the package would be reuploaded today without changes, it would be automatically rejected by ftp-master. https://lintian.debian.org/tags/FSSTND-dir-in-usr https://lintian.debian.org/sources/masakari?version=10.0.0-1 E FSSTND-dir-in-usr usr/etc/ Andreas
Bug#988710: multitail: triggers lintian autoreject tag 'FSSTND-dir-in-usr'
Package: multitail Version: 6.5.0-2 Severity: serious Hi, multitail triggers the lintian autoreject tag 'FSSTND-dir-in-usr', i.e. if the package would be reuploaded today without changes, it would be automatically rejected by ftp-master. https://lintian.debian.org/tags/FSSTND-dir-in-usr E usr/etc/ Andreas
Processed:
Processing control commands: > tag -1 pending Bug #987332 {Done: Dave Hibberd } [aprx] aprx automatically starts up with really bad default config Added tag(s) pending. -- 987332: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987332 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#987332:
Control: tag -1 pending Hi, This is with release team for unblock review DH -- Hibby MM0RFN
Bug#988707: qthid-fcd-controller: triggers lintian autoreject tag 'bogus-mail-host'
Source: qthid-fcd-controller Version: 4.1-5 Severity: serious Hi, src:qthid-fcd-controller triggers the lintian autoreject tag 'bogus-mail-host', i.e. if the package would be reuploaded today without changes, it would be automatically rejected by ftp-master. https://lintian.debian.org/tags/bogus-mail-host E Uploaders anar...@koumbit.og Andreas
Bug#986527: sagemath: FTBFS: /<>/sage/src/bin/sage: line 549: exec: cython: not found
Hi Julien, * Julien Puydt [2021-05-18 07:56]: 1) Upstream itself uses the testsuite in the sense of "shouldn't have too many failing tests", and it still allows to detect when a build is utterly broken, so we shouldn't disable it. Debian doesn't necessarily need to do the same as upstream here. 2) It's not an FTBFS, since the sources actually build to a set of packages. I did a diff of the logs from EC2 and RB and found this only on RB: Killing test src/sage/misc/cython.py (14 in total) That's this line: https://sources.debian.org/src/sagemath/9.2-2/sage/src/sage/doctest/forker.py/#L1999 So if we add a except: before the finally: we get: EXCEPTION: [Errno 24] Too many open files so running the build with a higher file limit: ulimit -n 10240 will produce: Error: 1940 tests failed, up to 200 failures are tolerated Cheers Jochen signature.asc Description: PGP signature
Processed: Re: Bug#987536: imv FTBFS without internet access
Processing control commands: > tags -1 + patch Bug #987536 [src:imv] imv FTBFS without internet access Added tag(s) patch. -- 987536: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987536 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#987536: imv FTBFS without internet access
Control: tags -1 + patch On 2021/04/25 12:22 PM, Adrian Bunk wrote: > The Ubuntu patch seems to contain a fix/workaround. As Adrian stated, the ubuntu patch fixes the issue. Please find attached the patch to apply (Credit to Logan Rosen ) I intend to NMU in a couple of days if the bug is still open by then. Best, -- Baptiste Beauplat - lyknode diff -Nru imv-4.2.0/debian/control imv-4.2.0/debian/control --- imv-4.2.0/debian/control2021-01-31 13:01:39.0 +0100 +++ imv-4.2.0/debian/control2021-05-18 13:49:39.0 +0200 @@ -6,6 +6,7 @@ Build-Depends: asciidoc-base, debhelper-compat (= 13), + docbook-xsl, libcmocka-dev, libegl1-mesa-dev, libfreeimage-dev, signature.asc Description: PGP signature
Bug#982424: marked as done (python3-louvain: The package name should match the import module name "community")
Your message dated Tue, 18 May 2021 11:33:36 + with message-id and subject line Bug#982424: fixed in python-louvain 0.0+20181013git3fc1f575-2 has caused the Debian Bug report #982424, regarding python3-louvain: The package name should match the import module name "community" to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 982424: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982424 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: python3-louvain Version: 0.0+20181013git3fc1f575-1 Severity: serious Justification: Python packaging 3.3 Module Package Names Dear Maintainer, According to Section 3.3 of the Python Policy package binary names should match their import names: https://www.debian.org/doc/packaging-manuals/python- policy/module_packages.html#package_names "For the purposes of package naming, the name that is used for a module is the name that can be used with import, which is not necessarily the same as the name used in setuptools PKG-INFO and .egg-info files and directories. For example, the module described in pyxdg-*.egg-info is used via import xdg, so its package name is python3-xdg and not python3-pyxdg." Also the autodep8 tests fail because the package name doesn't match the import name. "Testing with $py:" ; $py -c "import louvain; print(louvain)" ; done autopkgtest [13:29:03]: test autodep8-python3: [--- Testing with python3.9: Traceback (most recent call last): File "", line 1, in ModuleNotFoundError: No module named 'louvain' -- System Information: Debian Release: bullseye/sid APT prefers testing-debug APT policy: (500, 'testing-debug'), (500, 'stable-debug'), (500, 'testing'), (500, 'stable'), (110, 'unstable'), (100, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-2-amd64 (SMP w/4 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages python3-louvain depends on: ii python3 3.9.1-1 ii python3-networkx 2.5+ds-2 python3-louvain recommends no packages. python3-louvain suggests no packages. --- End Message --- --- Begin Message --- Source: python-louvain Source-Version: 0.0+20181013git3fc1f575-2 Done: Steffen Moeller We believe that the bug you reported is fixed in the latest version of python-louvain, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 982...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Steffen Moeller (supplier of updated python-louvain package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 18 May 2021 16:33:43 +0530 Source: python-louvain Architecture: source Version: 0.0+20181013git3fc1f575-2 Distribution: unstable Urgency: medium Maintainer: Steffen Moeller Changed-By: Steffen Moeller Closes: 913377 982424 Changes: python-louvain (0.0+20181013git3fc1f575-2) unstable; urgency=medium . [ Ondřej Nový ] * d/control: Fix wrong Vcs-*. * Use debhelper-compat instead of debian/compat. * d/control: Update Vcs-* fields with new Debian Python Team Salsa layout. . [ Steffen Moeller ] * Bumped policy to 4.5.1 * Removed d/watch (upstream does not issue tags) * Added missing build dependency (Closes: #913377) * Decided against renaming binary to python3-community to match the imported module since upstream is confused about it, too. Instead, the package is now also providing that package name (Closes: #982424) . [ Nilesh Patra ] * Use right import name * Add d/salsa-ci.yml * Move the egg to suitable location as well * Bump debhelper-compat version to 13 * Add "Rules-Requires-Root: no" * Add upstream/metadata * d/control: change section to python * d/rules: Rename /usr/bin/commmunity to /usr/bin/louvain-community to prevent generic names Checksums-Sha1: e47054ec4e047cd4ec85b7b4add74ab54d553f97 2191 python-louvain_0.0+20181013git3fc1f575-2.dsc 5f35ecb3b90e183e03f69e01ba5baaa3f0ce1174 3100
Bug#913377: marked as done (python-louvain: FTBFS (No module named 'networkx'))
Your message dated Tue, 18 May 2021 11:33:36 + with message-id and subject line Bug#913377: fixed in python-louvain 0.0+20181013git3fc1f575-2 has caused the Debian Bug report #913377, regarding python-louvain: FTBFS (No module named 'networkx') to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 913377: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913377 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:python-louvain Version: 0.0+20181013git3fc1f575-1 Severity: serious Tags: ftbfs Dear maintainer: I tried to build this package but it failed: [...] debian/rules build-indep dh build-indep --with python3 --buildsystem=pybuild dh_update_autotools_config -i -O--buildsystem=pybuild dh_autoreconf -i -O--buildsystem=pybuild dh_auto_configure -i -O--buildsystem=pybuild pybuild --configure --test-nose -i python{version} -p "3.7 3.6" I: pybuild base:217: python3.7 setup.py config running config I: pybuild base:217: python3.6 setup.py config running config dh_auto_build -i -O--buildsystem=pybuild pybuild --build --test-nose -i python{version} -p "3.7 3.6" I: pybuild base:217: /usr/bin/python3.7 setup.py build running build [... snipped ...] creating /<>/python-louvain-0.0+20181013git3fc1f575/.pybuild/cpython3_3.6_python-louvain/build/community copying community/__init__.py -> /<>/python-louvain-0.0+20181013git3fc1f575/.pybuild/cpython3_3.6_python-louvain/build/community copying community/community_status.py -> /<>/python-louvain-0.0+20181013git3fc1f575/.pybuild/cpython3_3.6_python-louvain/build/community copying community/community_louvain.py -> /<>/python-louvain-0.0+20181013git3fc1f575/.pybuild/cpython3_3.6_python-louvain/build/community running build_scripts creating build/scripts-3.6 copying and adjusting bin/community -> build/scripts-3.6 changing mode of build/scripts-3.6/community from 664 to 775 dh_auto_test -i -O--buildsystem=pybuild pybuild --test --test-nose -i python{version} -p "3.7 3.6" I: pybuild base:217: cd /<>/python-louvain-0.0+20181013git3fc1f575/.pybuild/cpython3_3.7_python-louvain/build; python3.7 -m nose -v Failure: ModuleNotFoundError (No module named 'networkx') ... ERROR == ERROR: Failure: ModuleNotFoundError (No module named 'networkx') -- Traceback (most recent call last): File "/usr/lib/python3/dist-packages/nose/failure.py", line 39, in runTest raise self.exc_val.with_traceback(self.tb) File "/usr/lib/python3/dist-packages/nose/loader.py", line 417, in loadTestsFromName addr.filename, addr.module) File "/usr/lib/python3/dist-packages/nose/importer.py", line 47, in importFromPath return self.importFromDir(dir_path, fqname) File "/usr/lib/python3/dist-packages/nose/importer.py", line 94, in importFromDir mod = load_module(part_fqname, fh, filename, desc) File "/usr/lib/python3.7/imp.py", line 244, in load_module return load_package(name, filename) File "/usr/lib/python3.7/imp.py", line 216, in load_package return _load(spec) File "", line 696, in _load File "", line 677, in _load_unlocked File "", line 728, in exec_module File "", line 219, in _call_with_frames_removed File "/<>/python-louvain-0.0+20181013git3fc1f575/.pybuild/cpython3_3.7_python-louvain/build/community/__init__.py", line 9, in from .community_louvain import ( File "/<>/python-louvain-0.0+20181013git3fc1f575/.pybuild/cpython3_3.7_python-louvain/build/community/community_louvain.py", line 10, in import networkx as nx ModuleNotFoundError: No module named 'networkx' -- Ran 1 test in 0.004s FAILED (errors=1) E: pybuild pybuild:338: test: plugin distutils failed with: exit code=1: cd /<>/python-louvain-0.0+20181013git3fc1f575/.pybuild/cpython3_3.7_python-louvain/build; python3.7 -m nose -v dh_auto_test: pybuild --test --test-nose -i python{version} -p "3.7 3.6" returned exit code 13 make: *** [debian/rules:7: build-indep] Error 25 dpkg-buildpackage: error: debian/rules build-indep subprocess returned exit status 2 The build was made with "dpkg-buildpackage -A" in a clean chroot using sbuild. Seems like a missing build-dependency. Thanks. --- End Message --- --- Begin Message --- Source: python-louvain
Bug#986590: dbus-test-runner: flaky ppc64el autopkgtest: FAIL test-libdbustest-mock-test (exit status: 1)
Hi Paul, On Mo 17 Mai 2021 20:56:52 CEST, Paul Gevers wrote: Control: reopen -1 Hi Mike, On 17-05-2021 12:57, Mike Gabriel wrote: Can you do your autopkgtest magic with upcoming dbus-test-runner 16.10.0~bzr100+repack1-5~exp2 once more? Sure thing. Sadly, if fails 6/20: https://ci.debian.net/user/elb...@debian.org/jobs?package=dbus-test-runner Paul Sigh... Would it be a viable solution for now to not run autopkgtests on ppcel64? I really don't have a clue why this issue comes up only on ppcel64. I have Cc: Adrian Bunk as he had some good ideas in the past on such issues. Adrian, do you mind taking a look? Any hint how to track this issue down? Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpAvMulZJKhZ.pgp Description: Digitale PGP-Signatur
Bug#975490: u-boot-sunxi: Booting the system got stuck after "Starting kernel ..."
This is from the cloned bug but belongs here. Am 18.05.21 um 08:31 schrieb Heinrich Schuchardt: The original problem report showed the following situation was hit: common/malloc_simple.c:29: log_err("alloc space exhausted\n"); You cannot expect normal system behavior when reaching this situation. The available space for simple malloc is defined by: CONFIG_SPL_SYS_MALLOC_F_LEN=0x2000 CONFIG_SYS_MALLOC_F_LEN=0x2000 I assume that the problem arises in main U-Boot not in SPL. Please, increase CONFIG_SYS_MALLOC_F_LEN and check if this error message goes away. Best regards Heinrich
Bug#988217: bootefi causes boot failure with boot.scr
Am 18.05.21 um 03:27 schrieb Vagrant Cascadian: On 2021-05-07, Vagrant Cascadian wrote: On 2021-04-16, Bastian Germann wrote: I figured out my problem is caused by https://github.com/u-boot/u-boot/commit/f3866909e35074ea6f50226d40487a180de1132f. The boot_efi_bootmgr will run and read a bad dtb, which makes a boot.scr boot fail. This would definitely be good to fix in bullseye, but this is quite late in the release cycle. Heinrich, I was wondering if you had thoughts to share on the above linked patch? How safe is it to apply to 2021.01 (e.g. the version that will ship in bullseye), and have there been further developments upstream relevent to this issue that might be good to be aware of? Just to be sure: That commit is causing the bug (already in 2021.01). The patch that worked for me is https://github.com/u-boot/u-boot/commit/82d01f04facef1276cede067efd02d2a731ffe83. It is not related to dtb. That was a guess. It is related to PSCI secure-mode.
Bug#636459: Breaks unrelated software
Hi oh, and no, the fix for #881725 does not actually help, thanks to this bug. It keeps the systemd-private-* dir around, but everything inside is gone. Joerg
Processed: tagging 988632
Processing commands for cont...@bugs.debian.org: > # not meant to be used in this way > tags 988632 - newcomer Bug #988632 [audacity] audacity: The main drawing area (sound wave) do not refresh Removed tag(s) newcomer. > thanks Stopping processing here. Please contact me if you need assistance. -- 988632: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988632 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Breaks unrelated software
Processing commands for cont...@bugs.debian.org: > severity 636459 grave Bug #636459 [tmpreaper] tmpreaper: protect on directory fails. Invalid process order. Severity set to 'grave' from 'normal' > thanks Stopping processing here. Please contact me if you need assistance. -- 636459: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=636459 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#988550: marked as done (r-cran-ggvis: broken symlink: /usr/lib/R/site-library/ggvis/www/lib/lodash/lodash.min.js -> ../../../../../../../share/javascript/lodash.min.js)
Your message dated Tue, 18 May 2021 07:33:36 + with message-id and subject line Bug#988550: fixed in r-cran-ggvis 0.4.7+dfsg-2 has caused the Debian Bug report #988550, regarding r-cran-ggvis: broken symlink: /usr/lib/R/site-library/ggvis/www/lib/lodash/lodash.min.js -> ../../../../../../../share/javascript/lodash.min.js to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988550: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988550 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: r-cran-ggvis Version: 0.4.7+dfsg-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package ships (or creates) a broken symlink. >From the attached log (scroll to the bottom...): 3m18.0s ERROR: FAIL: Broken symlinks: /usr/lib/R/site-library/ggvis/www/lib/lodash/lodash.min.js -> ../../../../../../../share/javascript/lodash.min.js (r-cran-ggvis) The target file is now at /usr/share/javascript/lodash/lodash.min.js cheers, Andreas r-cran-ggvis_0.4.7+dfsg-1.log.gz Description: application/gzip --- End Message --- --- Begin Message --- Source: r-cran-ggvis Source-Version: 0.4.7+dfsg-2 Done: Andreas Tille We believe that the bug you reported is fixed in the latest version of r-cran-ggvis, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Tille (supplier of updated r-cran-ggvis package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 18 May 2021 09:08:48 +0200 Source: r-cran-ggvis Architecture: source Version: 0.4.7+dfsg-2 Distribution: unstable Urgency: medium Maintainer: Debian R Packages Maintainers Changed-By: Andreas Tille Closes: 988550 Changes: r-cran-ggvis (0.4.7+dfsg-2) unstable; urgency=medium . * Fix symlink target (thanks for the hint to Andreas Beckman) Closes: #988550 Checksums-Sha1: e64c757c768fccf8985a1f6b44fa1a55f6404d62 2244 r-cran-ggvis_0.4.7+dfsg-2.dsc be20fa9dfe483450420134370871dfed27d9ada5 3964 r-cran-ggvis_0.4.7+dfsg-2.debian.tar.xz e5a09a7b6503cc0cd99657309451c31d9b9e3094 12015 r-cran-ggvis_0.4.7+dfsg-2_amd64.buildinfo Checksums-Sha256: fb01d3e2d5ec78a8ee68b903d9429726c055664081b1f7f93a162b9bd0c3f8ad 2244 r-cran-ggvis_0.4.7+dfsg-2.dsc 8a606ea00f80a3063c94238ba7a28318c5604282ba8d239989419e96a8668b7d 3964 r-cran-ggvis_0.4.7+dfsg-2.debian.tar.xz 27ff4eff8398b17748d42190bd3a4254a77fe17b2f904cde6c310c01e0369fe5 12015 r-cran-ggvis_0.4.7+dfsg-2_amd64.buildinfo Files: 2c33061c236c37a01c6b19db50bb3249 2244 gnu-r optional r-cran-ggvis_0.4.7+dfsg-2.dsc f35f7f23a2d83c18420ee8afbc4d0f76 3964 gnu-r optional r-cran-ggvis_0.4.7+dfsg-2.debian.tar.xz 63499cfe9408acfef9276ff26864a562 12015 gnu-r optional r-cran-ggvis_0.4.7+dfsg-2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEE8fAHMgoDVUHwpmPKV4oElNHGRtEFAmCjapgRHHRpbGxlQGRl Ymlhbi5vcmcACgkQV4oElNHGRtGN8g//QrujE+RTxg+fQrP/YvVvPe/P2irD00aD gbsxEb+qvAqM4Ph4iKJcLG/A0kaztiWVjw6dMv4Q6VDAo6ZkV9k2acEDd+bVBb6D 85fnTEmT19i3s0drLz72naEANhEl8Iap3EKwCBKJ67dC0AhKQmNrWZ+KwJ41X3U1 9vZi8Bm9q9OutBm+I4ffZvUHrM5+eEzH2LVTHcgBJGyaskxxHYCXW6iSYg/1gekd u5FkCR65dR63sLQYmaZr6ysklMN2B3+PN2vQDKwIUvnEjb9VGqZrm7t1Aam3oQRz 44ab9AguWlLG32OounDkLue5/iO7Th22KRBk1cd73siPDiFeC5WCsoo+VyvWjuCX 17u7IuuvnDWfZV6mMEdJ+oh3Kj95Y7HLap2SPVEQ9s9QWMMl321Kxp8ZGZGKwJC3 xaJZGv2e5K/s0Y4pJ8HevMf5KZMW9b/4cEAEn78TVTsWg3x6AqaXI79QSFo0CZwM P/7sPpdgIsG0Q7ZIEI+K1XwjAMf+1ui4K7sQbnlQt2uyR6CT0I+lORiIEMr6CHfI 1FnoLVqogiCYBvxkHLx/fsmA8qCAUwJ+vBx3VyTV9y/1n9PTyhjD4PCdAOwr6xv2 IvkTIi/AC8ALMPPHlbl5LpovF4oolH1kxYAKDh9XkQzm2sEZJPuvBUd9lEZ1yVWg REN7/zQ/sQo= =AfGB -END PGP SIGNATURE End Message ---
Bug#988290: marked as pending in hamlib
Re: To 988290-submit...@bugs.debian.org > Control: tag -1 pending Still pending. Christoph
Bug#988217: bootefi causes boot failure with boot.scr
The original problem report showed the following situation was hit: common/malloc_simple.c:29: log_err("alloc space exhausted\n"); You cannot expect normal system behavior when reaching this situation. The available space for simple malloc is defined by: CONFIG_SPL_SYS_MALLOC_F_LEN=0x2000 CONFIG_SYS_MALLOC_F_LEN=0x2000 I assume that the problem arises in main U-Boot not in SPL. Please, increase CONFIG_SYS_MALLOC_F_LEN and check if this error message goes away. Best regards Heinrich
Bug#986527: sagemath: FTBFS: /<>/sage/src/bin/sage: line 549: exec: cython: not found
Hi, Le lundi 17 mai 2021 à 15:20 +0200, Jochen Sprickerhof a écrit : > Hi Julien, > > * Julien Puydt [2021-05-17 09:01]: > > I tried to create a testing sbuild and compile sagemath 9.2-2 with > > it, > > and it worked so unless I made a mistake in my setup, something > > made > > that bug go away... > > > > Can someone independently give it a try? > > I triggered reproducible-builds again: > > https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/sagemath.html > > Success: 40 tests failed, up to 200 failures are tolerated > Success: 5 tests failed, up to 200 failures are tolerated > > so not much changed comparing to two weeks ago and my conclusion > still > holds: > > * Jochen Sprickerhof [2021-05-04 13:22]: > > Success: 41 tests failed, up to 200 failures are tolerated > > Success: 5 tests failed, up to 200 failures are tolerated > > > > The 200 is set in debian/rules: > > > > https://salsa.debian.org/science-team/sagemath/-/commit/6088e9f2abc7ae99a8d07760ceee6fb6aac7bb54 > > > > and sounds a little arbitrary. Sadly the state upstream seems not > > to > > be much better: > > > > https://github.com/sagemath/sage/tree/9.2 > > > > 13 failing, 17 cancelled, and 70 successful checks > > > > (I did not look into them.) > > > > So I think the question is rather if the test suite gives an > > appropriate view on the quality of the software. If it does, I > > assume > > it is not appropriate for a Debian stable release. Contrary if we > > assume the test suite being broken, we could disable it completely > > rather then producing random FTBFS. Well : 1) Upstream itself uses the testsuite in the sense of "shouldn't have too many failing tests", and it still allows to detect when a build is utterly broken, so we shouldn't disable it. 2) It's not an FTBFS, since the sources actually build to a set of packages. This points to lowering this bug severity and let sagemath go in stable. Or at least not preventing it just for this reason. JP