Bug#989767: libesmtp: Not built on buildd: arch arm64 binaries: needs a source only upload
Source: libesmtp Version: 1.1.0-1 Severity: serious Justification: Not built on buildd: arch arm64 binaries X-Debbugs-Cc: car...@debian.org Hi The last upload did not build all binary packages on the buildds an need a new source-only upload, cf. https://lists.debian.org/debian-devel-announce/2019/07/msg2.html Regards, Salvatore
Bug#982723: marked as done (ruby-rails-html-sanitizer: FTBFS: ERROR: Test "ruby2.7" failed.)
Your message dated Sat, 12 Jun 2021 04:18:28 + with message-id and subject line Bug#982723: fixed in ruby-rails-html-sanitizer 1.3.0-2 has caused the Debian Bug report #982723, regarding ruby-rails-html-sanitizer: FTBFS: ERROR: Test "ruby2.7" failed. to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 982723: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982723 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: ruby-rails-html-sanitizer Version: 1.3.0-1 Severity: serious Justification: FTBFS on amd64 Tags: bullseye sid ftbfs Usertags: ftbfs-20210213 ftbfs-bullseye Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > /usr/bin/ruby2.7 /usr/bin/gem2deb-test-runner > > ┌──┐ > │ Run tests for ruby2.7 from debian/ruby-tests.rake > │ > └──┘ > > RUBYLIB=/<>/debian/ruby-rails-html-sanitizer/usr/lib/ruby/vendor_ruby:. > > GEM_PATH=/<>/debian/ruby-rails-html-sanitizer/usr/share/rubygems-integration/all:/var/lib/gems/2.7.0:/usr/local/lib/ruby/gems/2.7.0:/usr/lib/ruby/gems/2.7.0:/usr/lib/x86_64-linux-gnu/ruby/gems/2.7.0:/usr/share/rubygems-integration/2.7.0:/usr/share/rubygems-integration/all:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.7.0 > ruby2.7 -S rake -f debian/ruby-tests.rake > /usr/bin/ruby2.7 -w > /usr/share/rubygems-integration/all/gems/rake-13.0.3/lib/rake/rake_test_loader.rb > "test/sanitizer_test.rb" "test/scrubbers_test.rb" -v > Run options: -v --seed 24852 > > # Running: > > TargetScrubberTest#test_targeting_tags_and_attributes_removes_only_them = > 0.00 s = . > TargetScrubberTest#test_targeting_tags_removes_only_them = 0.00 s = . > TargetScrubberTest#test_targeting_attributes_removes_only_them = 0.00 s = . > TargetScrubberTest#test_targeting_tags_removes_only_them_nested = 0.00 s = . > SanitizersTest#test_should_not_fall_for_xss_image_hack_ = 0.00 s = . > SanitizersTest#test_should_allow_output_tag = 0.00 s = . > SanitizersTest#test_should_allow_svg_tag = 0.00 s = . > SanitizersTest#test_should_not_fall_for_xss_image_hack_ SRC=javascript:alert(String.fromCharCode(88,83,83))> = 0.00 s = . > SanitizersTest#test_should_sanitize_div_style_expression = 0.00 s = . > SanitizersTest#test_should_allow_mn_tag = 0.00 s = . > SanitizersTest#test_should_raise_argument_error_if_tags_is_not_enumerable = > 0.00 s = . > SanitizersTest#test_sanitize_plaintext = 0.00 s = . > SanitizersTest#test_should_not_fall_for_xss_image_hack_ SRC=javascript:alert('XSS')> > = 0.00 s = . > SanitizersTest#test_should_allow_animateMotion_tag = 0.00 s = . > SanitizersTest#test_should_allow_main_tag = 0.00 s = . > SanitizersTest#test_should_not_accept_non_loofah_inheriting_scrubber = 0.00 s > = . > SanitizersTest#test_should_allow_none_tag = 0.00 s = . > SanitizersTest#test_should_allow_filter_tag = 0.00 s = . > SanitizersTest#test_should_sanitize_across_newlines = 0.00 s = . > SanitizersTest#test_should_allow_bdi_tag = 0.00 s = . > SanitizersTest#test_should_allow_missing-glyph_tag = 0.00 s = . > SanitizersTest#test_should_allow_span_tag = 0.00 s = . > SanitizersTest#test_should_allow_ins_tag = 0.00 s = . > SanitizersTest#test_strip_cdata = 0.00 s = . > SanitizersTest#test_should_handle_blank_text = 0.00 s = . > SanitizersTest#test_sanitize_javascript_href = 0.00 s = . > SanitizersTest#test_should_allow_mfenced_tag = 0.00 s = . > SanitizersTest#test_should_allow_stop_tag = 0.00 s = . > SanitizersTest#test_escape_tags_with_many_open_quotes = 0.00 s = . > SanitizersTest#test_should_allow_button_tag = 0.00 s = . > SanitizersTest#test_should_allow_polyline_tag = 0.00 s = . > SanitizersTest#test_should_allow_tr_tag = 0.00 s = . > SanitizersTest#test_setting_allowed_tags_affects_sanitization = 0.00 s = . > SanitizersTest#test_should_allow_mo_tag = 0.00 s = . > SanitizersTest#test_should_allow_h4_tag = 0.00 s = . > SanitizersTest#test_remove_xpaths_removes_an_xpath = 0.00 s = . > SanitizersTest#test_should_accept_loofah_scrubber_that_wraps_a_block = 0.00 s > = . > SanitizersTest#test_should_allow_font-face_tag = 0.00 s = . > SanitizersTest#test_should_allow_audio_tag = 0.00 s = . > SanitizersTest#test_should_allow_defs_tag = 0.00 s = . > SanitizersTest#test_sanitizer_sanitize_raises_not_implemented_error = 0.00 s > = . > SanitizersTest#test_should_allow_datalist_tag = 0.00 s = . > SanitizersTest#test_strip_links_with_line_feed_and_uppercase_tag = 0.00 s = .
Bug#982723: ruby-rails-html-sanitizer: FTBFS: ERROR: Test "ruby2.7" failed.
Hi, It seems that is caused with latest ruby-loofah and it was fixed in upstream git repo. https://github.com/rails/rails-html-sanitizer.git I'll check it later, and push it if it works. -- Regards, Hideki Yamane henrich @ debian.org/iijmio-mail.jp
Bug#982723: marked as pending in ruby-rails-html-sanitizer
Control: tag -1 pending Hello, Bug #982723 in ruby-rails-html-sanitizer reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/ruby-team/ruby-rails-html-sanitizer/-/commit/b4a7443224307692b056339415a2afcf954b338e Fix test failure (Closes: #982723) (this message was generated automatically) -- Greetings https://bugs.debian.org/982723
Processed: Bug#982723 marked as pending in ruby-rails-html-sanitizer
Processing control commands: > tag -1 pending Bug #982723 [src:ruby-rails-html-sanitizer] ruby-rails-html-sanitizer: FTBFS: ERROR: Test "ruby2.7" failed. Added tag(s) pending. -- 982723: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982723 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#989631: marked as done (nettle: CVE-2021-3580: Remote crash in RSA decryption via manipulated ciphertext)
Your message dated Fri, 11 Jun 2021 20:40:43 + with message-id and subject line Bug#989631: fixed in nettle 3.7.3-1 has caused the Debian Bug report #989631, regarding nettle: CVE-2021-3580: Remote crash in RSA decryption via manipulated ciphertext to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 989631: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989631 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: nettle Version: 3.7.2-3 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for nettle. CVE-2021-3580[0]: | Remote crash in RSA decryption via manipulated ciphertext If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-3580 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580 [1] https://bugzilla.redhat.com/show_bug.cgi?id=1967983 [2] https://git.lysator.liu.se/nettle/nettle/-/commit/0ad0b5df315665250dfdaa4a1e087f4799edaefe [3] https://git.lysator.liu.se/nettle/nettle/-/commit/485b5e2820a057e873b1ba812fdb39cae4adf98c [4] https://git.lysator.liu.se/nettle/nettle/-/commit/485b5e2820a057e873b1ba812fdb39cae4adf98c Regards, Salvatore --- End Message --- --- Begin Message --- Source: nettle Source-Version: 3.7.3-1 Done: Magnus Holmgren We believe that the bug you reported is fixed in the latest version of nettle, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 989...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Magnus Holmgren (supplier of updated nettle package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Jun 2021 08:51:41 +0200 Source: nettle Architecture: source Version: 3.7.3-1 Distribution: unstable Urgency: high Maintainer: Magnus Holmgren Changed-By: Magnus Holmgren Closes: 989631 Changes: nettle (3.7.3-1) unstable; urgency=high . * New upstream release fixing bugs that could make the RSA decryption functions crash on invalid inputs [CVE-2021-3580] (Closes: #989631). Checksums-Sha1: 41886fb5a2ec687e215aa0397ff064f19311037c 2033 nettle_3.7.3-1.dsc 9adfadd4ae4104c8aceb38bf16064d65d7edbcce 2383985 nettle_3.7.3.orig.tar.gz 47ad7611965cd3ccda6697c35df128b32e45f34c 21956 nettle_3.7.3-1.debian.tar.xz 39658a7810ee1cf96b7a4306cec017e5d7a91d86 6040 nettle_3.7.3-1_source.buildinfo Checksums-Sha256: 63a1a80f37b6484f479dfa1cbd30152feff3b1a5a2161fdab05b90edde212c1f 2033 nettle_3.7.3-1.dsc 661f5eb03f048a3b924c3a8ad2515d4068e40f67e774e8a26827658007e3bcf0 2383985 nettle_3.7.3.orig.tar.gz 97af0e306aec6f6c5d8e73a7a3ce2856c76bcff9cdcfa7640e932a5a3aee9f24 21956 nettle_3.7.3-1.debian.tar.xz 4262f61c44f321054ce4a532cc94343be00c8ec8edbe0996f5ee9856291bc8d1 6040 nettle_3.7.3-1_source.buildinfo Files: 9fda9b3af01ab009bccec0c5c5a2b2dc 2033 libs optional nettle_3.7.3-1.dsc a60273d0fab9c808646fcf5e9edc2e8f 2383985 libs optional nettle_3.7.3.orig.tar.gz feb89dfb0cafa2505256cdc4e9796a40 21956 libs optional nettle_3.7.3-1.debian.tar.xz 3aee251bf38fe9ef59d7d0c432884650 6040 libs optional nettle_3.7.3-1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEzSoHOzhhVBcKQILo1PIZv+yZhIkFAmDDwyQACgkQ1PIZv+yZ hIlJgA/8C1zSYzkMyoR7d809j9IfDrhiJmc471kwoM+zn0bmug5oez6pVqj1RsgW XKLV2nA4m6wyKynBWE1eA9PZ4mpxMqNe22E9AqjSlpQ5AwGruxP5tvHrmh8jo9RX f7m8MJA0QYh4A3imakXnbc/Xxj89Uny2r9mx/faX8HCZ91IcRC2DL+U3DOACXa5j 6MXhxdajoxNGXg7GZsXikcnOf5JGuZR/NUE9lR5wZDgLr1w82+tAZzzosvqmQ7Hk aJ2tevotDr+Icnm8VIwDsUwh9I4gMev2dutbGFveu3T+3bEX/xzMXCoTS1lzDoGj GL/c+nn41g+CgXrB++6tOxZt3GLGKJCK2HayhMHCQ+ikQ+bKkxrlUofJW6PbbUKs mTZ5Wf6q9YOw5nwvCEoObfBiqhS1OIt0BWv/3Wx7cRvR8DDviGm/PLN3qHW8EUAM xR0IfIsWYY+zKYk53mgNmha7cNpcPa8iPCN9fkCWH42d2l9BOikyI+7omhygQljd xT9V+xyTApJf5TJpTcgNRPrUptoHm1Ql7rmUxaxhm0RHdBl+yyEkc1VUEgjbNGhx QMzVIQNX87G21EWjVjhBpp2Bkk4s67rqDTHYIzE7aziiISGxxc5FE2sJR7XRYC+8 bJ7cujPcS4Z+VGZAxZq9m3lcPKsS14X23duTug3/o8nWKbTriXY= =YWC0 -END PGP SIGNATURE End Message ---
Bug#989749: kore: flaky amd64 autopkgtest: regularly times out after 2:47 h
Source: kore Version: 4.0.1-5 Severity: serious Tags: bulleye-ignore X-Debbugs-CC: debian...@lists.debian.org User: debian...@lists.debian.org Usertags: flaky timeout Dear maintainer(s), Your package has an autopkgtest, great. However, I looked into the history of your autopkgtest [1] and I noticed it fails regularly on amd64. I copied some of the output at the bottom of this report. It hits the autopkgtest time out after 2hours and 47 minutes. Successful runs pass in a couple of minutes. Weirdly enough, all the failures where the timeout happened is ci-worker13, which is our most powerful host, and as such we run 8 parallel debci instances there. The same host also sees successful runs. Do you have any idea what in the kore test could be hanging? Because the unstable-to-testing migration software now blocks on regressions in testing, flaky tests, i.e. tests that flip between passing and failing without changes to the list of installed packages, are causing people unrelated to your package to spend time on these tests. Don't hesitate to reach out if you need help and some more information from our infrastructure. Paul [Release team member hat on: as we are so late in the freeze, I don't want this bug to kick kore out of bulleye, although I still appreciate a fix or work around. Hence, the bulleye-ignore tag.] [1] https://ci.debian.net/packages/k/kore/testing/amd64/ https://ci.debian.net/data/autopkgtest/testing/amd64/k/kore/12824802/log.gz autopkgtest [22:19:09]: test myapp: [--- created myapp/src/myapp.c created myapp/conf/myapp.conf created myapp/conf/build.conf created myapp/.gitignore created dh2048.pem myapp created successfully! WARNING: DO NOT USE THE GENERATED DH PARAMETERS AND CERTIFICATES IN PRODUCTION active flavordev output type dso kore binary /usr/bin/kore kore features-DKORE_USE_PGSQL -DKORE_USE_TASKS -I/usr/include/postgresql autopkgtest [01:05:50]: ERROR: timed out on command "su -s /bin/bash debci -c set -e; export USER=`id -nu`; . /etc/profile >/dev/null 2>&1 || true; . ~/.profile >/dev/null 2>&1 || true; buildtree="/tmp/autopkgtest-lxc.4kfgq6b2/downtmp/build.2hy/src"; mkdir -p -m 1777 -- "/tmp/autopkgtest-lxc.4kfgq6b2/downtmp/myapp-artifacts"; export AUTOPKGTEST_ARTIFACTS="/tmp/autopkgtest-lxc.4kfgq6b2/downtmp/myapp-artifacts"; export ADT_ARTIFACTS="$AUTOPKGTEST_ARTIFACTS"; mkdir -p -m 755 "/tmp/autopkgtest-lxc.4kfgq6b2/downtmp/autopkgtest_tmp"; export AUTOPKGTEST_TMP="/tmp/autopkgtest-lxc.4kfgq6b2/downtmp/autopkgtest_tmp"; export ADTTMP="$AUTOPKGTEST_TMP"; export DEBIAN_FRONTEND=noninteractive; export LANG=C.UTF-8; export DEB_BUILD_OPTIONS=parallel=48; unset LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION LC_ALL;rm -f /tmp/autopkgtest_script_pid; set -C; echo $$ > /tmp/autopkgtest_script_pid; set +C; trap "rm -f /tmp/autopkgtest_script_pid" EXIT INT QUIT PIPE; cd "$buildtree"; chmod +x /tmp/autopkgtest-lxc.4kfgq6b2/downtmp/build.2hy/src/debian/tests/myapp; touch /tmp/autopkgtest-lxc.4kfgq6b2/downtmp/myapp-stdout /tmp/autopkgtest-lxc.4kfgq6b2/downtmp/myapp-stderr; /tmp/autopkgtest-lxc.4kfgq6b2/downtmp/build.2hy/src/debian/tests/myapp 2> >(tee -a /tmp/autopkgtest-lxc.4kfgq6b2/downtmp/myapp-stderr >&2) > >(tee -a /tmp/autopkgtest-lxc.4kfgq6b2/downtmp/myapp-stdout);" (kind: test) autopkgtest [01:05:51]: test myapp: ---] OpenPGP_signature Description: OpenPGP digital signature
Bug#989662: marked as done (connman: CVE-2021-33833: dnsproxy: Check the length of buffers before memcpy)
Your message dated Fri, 11 Jun 2021 19:19:01 + with message-id and subject line Bug#989662: fixed in connman 1.36-2.2 has caused the Debian Bug report #989662, regarding connman: CVE-2021-33833: dnsproxy: Check the length of buffers before memcpy to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 989662: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989662 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: connman Version: 1.36-2.1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: found -1 1.36-2.1~deb10u1 Hi, The following vulnerability was published for connman. Choosing RC severity to make sure the fix land in bullseye. CVE-2021-33833[0]: | dnsproxy: Check the length of buffers before memcpy If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-33833 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33833 [1] https://www.openwall.com/lists/oss-security/2021/06/09/1 [2] https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=eceb2e8d2341c041df55a5e2f047d9a8c491463c Regards, Salvatore --- End Message --- --- Begin Message --- Source: connman Source-Version: 1.36-2.2 Done: Salvatore Bonaccorso We believe that the bug you reported is fixed in the latest version of connman, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 989...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated connman package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 09 Jun 2021 20:48:07 +0200 Source: connman Architecture: source Version: 1.36-2.2 Distribution: unstable Urgency: high Maintainer: Alexander Sack Changed-By: Salvatore Bonaccorso Closes: 989662 Changes: connman (1.36-2.2) unstable; urgency=high . * Non-maintainer upload. * dnsproxy: Check the length of buffers before memcpy (CVE-2021-33833) (Closes: #989662) Checksums-Sha1: 3a6aa3340048c9f388670750aca8b18eb6fd8dfe 2345 connman_1.36-2.2.dsc ef48251415c61896e4524b64955d651882da16a7 16528 connman_1.36-2.2.debian.tar.xz 42a7c985642bca731c8eccdffc669a86bcc606a5 6548 connman_1.36-2.2_source.buildinfo Checksums-Sha256: 0183a80247e4248094dc85f5431ae822c116b79c2ea17a7e6afaee01794db4cf 2345 connman_1.36-2.2.dsc e75ae7b9a8f75d582ce977929ecdc73390d8269ba3569e3e7202ffeffa03a187 16528 connman_1.36-2.2.debian.tar.xz d57b3d98c0ccdcc52200038123586e61fcb8b16389df4184a58f2a21f3074987 6548 connman_1.36-2.2_source.buildinfo Files: 6de7f5357bc9931c0be29154d09a6b94 2345 net optional connman_1.36-2.2.dsc 9ad190ecd1971ddc991328c0ed2bcbc0 16528 net optional connman_1.36-2.2.debian.tar.xz 54f2878dfa0b483fe1f23541e06a76fc 6548 net optional connman_1.36-2.2_source.buildinfo -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmDBDT5fFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EVpQQAIvnEC7hx1v5Ub5a8sYVQuSUCWYmzHyk 1unA2EMaKEBd9R7cchtvEnPlOd5fAnnNZo3BX3Nuon9YP0p097G1zTACoVniBz5h yC78mnpfUsCNrtg3S1WxapI4pNKrCYPSwWbkuy+YqiJ2G/Y5d67yUzj3j1vm39B2 xmIVZ84HYHPEtRKLLcsYzH6NnyMkq4vJgHDDldAVE4zMy6KNbHRuTq1XMzYr1M71 VUg4+BMKRpR30EbnGcjBTotvVc84hAtsy/b08zMX0bJG2CJ96A5IUsUZ4NPgtGFd zWV9ZGJ7whvYCY87i/31e48x8NW4y1huk9NAPBq0L2Y0zTLXzg1BdPxJYOne52OK 3fl6rUFzqo1R717fEP2Aaxs1T4uiKFf26Pn2ChxDcGB3X9mjR/hR1YPZ0LW3LoUH zOtAAzriwVDL9PIMy6gVfeA7Pq+oDKL+w5OOtVv8jvmCB5u//+2Encd7fML2d0J+ zoLGedBZquyOdot6cjRiiU6K2ptlf1D0Q88atnJiG/ZLumnyaTdp8XebytqKHjna 6Cc5GRg+K3TW0HVB5KR/sADbDQApzuLlcfjB4k7J+yHIWlea0m5Y1TdhLESp8JqB KLOqSykqLBaehS/BQp9huzzqDxuvOvlbYgQnEOMA3P1ANJn8JRvFAg6V5jVwVt/5 Y+7XRd6AZ040 =TWXV -END PGP SIGNATURE End Message ---
Processed (with 1 error): found 989631 in 3.4.1-1, found 985652 in 3.4.1-1
Processing commands for cont...@bugs.debian.org: > found 989631 3.4.1-1 Bug #989631 [src:nettle] nettle: CVE-2021-3580: Remote crash in RSA decryption via manipulated ciphertext Marked as found in versions nettle/3.4.1-1. > found 985652 3.4.1-1 Failed to add found on 985652: Not altering archived bugs; see unarchive. > thanks Stopping processing here. Please contact me if you need assistance. -- 989631: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989631 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#989636: marked as done (rust-rustyline_3.0.0-2+deb10u1_s390x.changes REJECTED)
Your message dated Fri, 11 Jun 2021 17:32:07 + with message-id and subject line Bug#989636: fixed in rust-rustyline 3.0.0-2+deb10u2 has caused the Debian Bug report #989636, regarding rust-rustyline_3.0.0-2+deb10u1_s390x.changes REJECTED to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 989636: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989636 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: rust-rustyline Version: 3.0.0-2+deb10u1 Severity: serious On 2021-06-09 02:54, Debian FTP Masters wrote: > > > librust-rustyline-dev_3.0.0-2+deb10u1_s390x.deb: has 1 file(s) with a > timestamp too far in the past: > usr/share/cargo/registry/rustyline-3.0.0/.cargo_vcs_info.json (Thu Jan 1 > 00:00:00 1970) > > > > === > > Please feel free to respond to this email if you don't understand why > your files were rejected, or if you upload new files which address our > concerns. > > > -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.net --- End Message --- --- Begin Message --- Source: rust-rustyline Source-Version: 3.0.0-2+deb10u2 Done: Peter Michael Green We believe that the bug you reported is fixed in the latest version of rust-rustyline, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 989...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Peter Michael Green (supplier of updated rust-rustyline package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 11 Jun 2021 14:49:59 + Source: rust-rustyline Architecture: source Version: 3.0.0-2+deb10u2 Distribution: buster Urgency: medium Maintainer: Debian Rust Maintainers Changed-By: Peter Michael Green Closes: 989636 Changes: rust-rustyline (3.0.0-2+deb10u2) buster; urgency=medium . * Team upload. * Reset timestamp on .cargo-vcs-info.json to avoid 1970 timestamp which triggers a ftpmaster autoreject. (Closes: 989636) Checksums-Sha1: 94e36a0c90050982615fc001ee360f0c7a488541 2909 rust-rustyline_3.0.0-2+deb10u2.dsc e44662f7a9951a9948c4f538834760c6659cb2df 3592 rust-rustyline_3.0.0-2+deb10u2.debian.tar.xz 3871f349662d0a9a33a479cc02b9b4acb08c882b 7571 rust-rustyline_3.0.0-2+deb10u2_source.buildinfo Checksums-Sha256: fc0b29e5780b0c1fa7fda8a0d5bfae447978ede0568266cc2128ad8d3b29e183 2909 rust-rustyline_3.0.0-2+deb10u2.dsc 2f3dfdadec1fe9362cd969c79473d44e77757832559ffadb2703bea15d27ddb5 3592 rust-rustyline_3.0.0-2+deb10u2.debian.tar.xz 27ac5081c98b9f581768c7384167fef409231161845f52ab814e3de97718ad9f 7571 rust-rustyline_3.0.0-2+deb10u2_source.buildinfo Files: d7eda7dba7d2e7793eaf93fe19bd241a 2909 rust optional rust-rustyline_3.0.0-2+deb10u2.dsc 3f2f821e151b2a8d5d9127a44c2cb9f0 3592 rust optional rust-rustyline_3.0.0-2+deb10u2.debian.tar.xz 1d8233b01a65f704cfea332cde5b5b8d 7571 rust optional rust-rustyline_3.0.0-2+deb10u2_source.buildinfo -BEGIN PGP SIGNATURE- iQJIBAEBCAAyFiEEU0DQATYMplbjSX63DEjqKnqP/XsFAmDDghMUHHBsdWd3YXNo QGRlYmlhbi5vcmcACgkQDEjqKnqP/XtJwA/8C4yrVjXNl1h7oYHcmVIZ4xa8OWoY YfwnqIm1OjPlkybNdPJ188S3eVZEQiSrelxP57N6jmZx2fNbbJHESCZXtp+dCpkK BmVqmzzTyQfExEZNNwwfsy1zimabjQX2HvLJo0czSKQ+Kw95ukQJ9QvKPVxKLYgO 01KVqopDqXMT5OchMuSF2JG/XAUM5ZYyXQVxGzFfFfQBg9zaIVVWJdjPm3wKFFYl dS5vjJ7/8WkLzVRvvCh08UCwQNAnSsvQgDAQnCb/y30SzjxK1o7E30a/IWyi5C4s Mc7E6ccynrm0MF1FDLZlWidRP8nGa/ov0yestUVbmoz/5XDMu2dgvG2J0dwnDwn1 ryuuCmBBTGZnYa63hHL8NWLSXbYBHuGWmmb98zTqzWUyhw9Qa6cKgmHFv/D4cleg foWJt+QymOr+PJiM5Y+fjci7Sy1PPFRbAs2BeDy4z1GcB/ko/W/KB7Bd3C2TpL+r YFYftvtzZEzzGE9VisAtBFdTrJmm7PLj1YYvRNYuCcz9Ewbfmfy94dY2YqnRt/PR LqXKa4g72hQE0TxHX3RR3MGdLolnjVpY39dGnhyzzoUNZXTFDofe0tbt/svyIF0f N3eI24Bn6KUOFZJeSOyxzW4sFYopZwpbDk0a08VIzYmHHG61mW5EeygYrWSSKfKH tEHI0fZN/CD0PNY= =9zGF -END PGP SIGNATURE End Message ---
Bug#987639: marked as done (smlsharp FTBFS with gcc 10)
Your message dated Fri, 11 Jun 2021 17:33:38 + with message-id and subject line Bug#987639: fixed in smlsharp 1.2.0-2.1 has caused the Debian Bug report #987639, regarding smlsharp FTBFS with gcc 10 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 987639: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987639 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: smlsharp Version: 1.2.0-2 Severity: serious Tags: ftbfs bullseye sid https://tests.reproducible-builds.org/debian/rb-pkg/bullseye/i386/smlsharp.html ... (cd precompiled/x86-linux \ && gcc -m32 -Wl,-z,relro -Wl,-z,now ../../src/runtime/smlsharp_entry.o \ `cat ../minismlsharp-files` \ ../../src/runtime/libsmlsharp.a \ -lpthread -ldl -lgmp -lm -o ../../minismlsharp) /usr/bin/ld: ../../src/runtime/libsmlsharp.a(heap_bitmap.o):./src/runtime/smlsharp.h:364: multiple definition of `SMLN8SMLSharp12MatchCompBugE'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:364: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(heap_bitmap.o):./src/runtime/smlsharp.h:363: multiple definition of `SMLN2OS6SysErrE'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:363: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(heap_bitmap.o):./src/runtime/smlsharp.h:362: multiple definition of `SML4Fail'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:362: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(heap_bitmap.o):./src/runtime/smlsharp.h:361: multiple definition of `SML6Domain'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:361: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(heap_bitmap.o):./src/runtime/smlsharp.h:360: multiple definition of `SML3Div'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:360: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(heap_bitmap.o):./src/runtime/smlsharp.h:359: multiple definition of `SML8Overflow'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:359: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(heap_bitmap.o):./src/runtime/smlsharp.h:358: multiple definition of `SML4Size'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:358: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(heap_bitmap.o):./src/runtime/smlsharp.h:357: multiple definition of `SML9Subscript'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:357: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(heap_bitmap.o):./src/runtime/smlsharp.h:356: multiple definition of `SML5Match'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:356: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(heap_bitmap.o):./src/runtime/smlsharp.h:355: multiple definition of `SML4Bind'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:355: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(heap_bitmap.o):./src/runtime/smlsharp.h:290: multiple definition of `sml_check_gc_flag'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:290: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(control.o):./src/runtime/smlsharp.h:290: multiple definition of `sml_check_gc_flag'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:290: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(control.o):./src/runtime/smlsharp.h:364: multiple definition of `SMLN8SMLSharp12MatchCompBugE'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:364: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(control.o):./src/runtime/smlsharp.h:363: multiple definition of `SMLN2OS6SysErrE'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:363: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(control.o):./src/runtime/smlsharp.h:362: multiple definition of `SML4Fail'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:362: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(control.o):./src/runtime/smlsharp.h:361: multiple definition of `SML6Domain'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:361: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(control.o):./src/runtime/smlsharp.h:360: multiple definition of `SML3Div'; ../../src/runtime/smlsharp_entry.o:././src/runtime/smlsharp.h:360: first defined here /usr/bin/ld: ../../src/runtime/libsmlsharp.a(control.o):./src/runtime/smlsharp.h:
Processed: unarchiving 932172
Processing commands for cont...@bugs.debian.org: > unarchive 932172 Bug #932172 {Done: Sylvestre Ledru } [dh-cargo] dh-cargo: please refresh json timestamps Unarchived Bug 932172 > thanks Stopping processing here. Please contact me if you need assistance. -- 932172: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932172 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#989736: openjdk-8: keep out of testing and stable
Source: openjdk-8 Version: 8u282-b08-2 Severity: serious Justification: should not migrate to testing or stable any more X-Debbugs-Cc: t...@mirbsd.de Keep this package in unstable (and possibly experimental) for now. It is to be used officially only for bootstrapping JVM-based languages like Kotlin, as well as to provide LTS packages for stretch and ELTS for jessie. Users may use this further at their own risk, with no support. I’m providing precompiled backports for all Debian releases from wheezy onwards and all *buntu LTS releases from precise (12.04) onwards in my personal APT repository; contact me, or see extrepo-data, for details.
Bug#988986: marked as done (ABI change in tinyxml2 8.1.0+dfsg-1)
Your message dated Fri, 11 Jun 2021 14:10:26 + with message-id and subject line Bug#988986: fixed in tinyxml2 8.1.0+dfsg-2 has caused the Debian Bug report #988986, regarding ABI change in tinyxml2 8.1.0+dfsg-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988986: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988986 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: cppcheck Version: 2.3-1 Severity: important Dear Maintainer, running cppcheck prints the following message: Symbol `_ZTVN8tinyxml210XMLPrinterE' has different size in shared object, consider re-linking Also reproducible with cppcheck version 2.4 from experimental. -- System Information: Debian Release: 11.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-7-amd64 (SMP w/4 CPU threads) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages cppcheck depends on: ii libc6 2.31-12 ii libgcc-s1 11.1.0-2 ii libpcre3 2:8.39-13 ii libstdc++611.1.0-2 ii libtinyxml2-8 8.1.0+dfsg-1 ii libz3-4 4.8.10-1 ii python3 3.9.2-3 ii python3-pygments 2.7.1+dfsg-2 cppcheck recommends no packages. Versions of packages cppcheck suggests: pn clang pn clang-tidy pn cppcheck-gui -- no debconf information --- End Message --- --- Begin Message --- Source: tinyxml2 Source-Version: 8.1.0+dfsg-2 Done: Chow Loong Jin We believe that the bug you reported is fixed in the latest version of tinyxml2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Chow Loong Jin (supplier of updated tinyxml2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 01 Jun 2021 16:01:13 +0800 Source: tinyxml2 Binary: libtinyxml2-8a libtinyxml2-8a-dbgsym libtinyxml2-dev Architecture: source amd64 Version: 8.1.0+dfsg-2 Distribution: experimental Urgency: medium Maintainer: Chow Loong Jin Changed-By: Chow Loong Jin Description: libtinyxml2-8a - C++ XML parsing library libtinyxml2-dev - TinyXML2 library - header and static library Closes: 988986 Changes: tinyxml2 (8.1.0+dfsg-2) experimental; urgency=medium . * [0c13ef0] Rename package for abi break (Closes: #988986) Checksums-Sha1: d90ba99e059fc134213d1b59d3995b3cac1a634f 2011 tinyxml2_8.1.0+dfsg-2.dsc 5f08635c1f8aa9b8fdb2662451ee94b094e17080 8220 tinyxml2_8.1.0+dfsg-2.debian.tar.xz 7c7fb2c3bd5e7ebced39ea8a6be7ba6f1f7da874 107520 libtinyxml2-8a-dbgsym_8.1.0+dfsg-2_amd64.deb 8b5af7c2e6e7fd46244e41d9d52269b7e647eb0e 31568 libtinyxml2-8a_8.1.0+dfsg-2_amd64.deb c8ffc7df66a15b5110b7fb28c3d3125a8d3d06bd 21060 libtinyxml2-dev_8.1.0+dfsg-2_amd64.deb de238bbe19fb338b6710c0febb9df912ac6dce27 7421 tinyxml2_8.1.0+dfsg-2_amd64.buildinfo Checksums-Sha256: 6b0657a2d1fc23a3685c88c37f474da2dd59d22f5219f9afd61f2270582e9921 2011 tinyxml2_8.1.0+dfsg-2.dsc 8151d2ed300ea0dd79fab6bb964896ce38be895d941e0570c70a64f9adb04962 8220 tinyxml2_8.1.0+dfsg-2.debian.tar.xz 9fa0dc2deb33ddd71e3da82c169b05a31931b61eaeedf5b816f239cbde00e2a7 107520 libtinyxml2-8a-dbgsym_8.1.0+dfsg-2_amd64.deb f439e29cdacf30a04fb58407cc089b0fe11f0a36997bb162e6b1465f9a0218b0 31568 libtinyxml2-8a_8.1.0+dfsg-2_amd64.deb 2f601f93537ac0954ef0ac5494a2c8daa6f8204e012b0d915379f3f3c43da0fe 21060 libtinyxml2-dev_8.1.0+dfsg-2_amd64.deb db79a2243b98933c97b62546cb6220adff65a37d2d0158763adba633b7d29b4a 7421 tinyxml2_8.1.0+dfsg-2_amd64.buildinfo Files: c76abad9d7c50f9bc82ab21cb4aadfce 2011 libs optional tinyxml2_8.1.0+dfsg-2.dsc 105445db1cb5ae0b48e85660b0a3f09c 8220 libs optional tinyxml2_8.1.0+dfsg-2.debian.tar.xz 29ac2a2c897cdc33664a2fcaa78b520b 107520 debug optional libtinyxml2-8a-dbgsym_8.1.0+dfsg-2_amd64.deb a44d69c18f01e1a7ac133a3f736852c7 31568 libs optional libtinyxml2-8a_8.1.0+dfsg-2_amd64.deb e7e402773a28d040ac64bae0cbe2e368 21060 libdevel optional libtinyxml2-dev_8.1.0+dfsg-2_amd6
Bug#989731: postgresql-13-pgsphere: drop Conflicts+Replaces: postgresql-pgsphere
Re: Andreas Beckmann > I think these Conflicts+Replaces can be safely dropped, since all files > in these packages are in versioned (/13/) paths and therefore cannot > cause file conflicts with the unversioned package in buster that ships > everything (but documentation) in versioned (/11/) paths. > But I may be overlooking something ... The problem is that apt.postgresql.org was shipping postgresql-pgsphere in the old format for PG 9.6..13, and is now shipping postgresql-NN-pgsphere in the new format also for PG 9.6..13. Though the new packages have been sitting there for some time now, so we could assume all existing users have already upgraded, and we can remove the C+R for the benefit of Debian. (Possibly keeping the C+R in the apt.pg.o packages.) Christoph
Bug#989733: webpack: Error: Cannot find module 'array-back'
Package: webpack Version: 5.6.0+~cs6.4.0-1~exp2 Severity: serious With webpack from experimental, webpack --help (node:251750) UnhandledPromiseRejectionWarning: Error: Cannot find module 'array-back' Require stack: - /usr/share/nodejs/webpack/node_modules/command-line-usage/index.js - /usr/share/nodejs/webpack-cli/lib/groups/runHelp.js - /usr/share/nodejs/webpack-cli/lib/utils/arg-parser.js - /usr/share/nodejs/webpack-cli/lib/webpack-cli.js - /usr/share/nodejs/webpack-cli/lib/bootstrap.js - /usr/share/nodejs/webpack-cli/bin/cli.js - /usr/share/nodejs/webpack/bin/webpack.js at Function.Module._resolveFilename (internal/modules/cjs/loader.js:815:15) at Function.Module._load (internal/modules/cjs/loader.js:667:27) at Module.require (internal/modules/cjs/loader.js:887:19) at require (/usr/share/nodejs/webpack/node_modules/v8-compile-cache/v8-compile-cache.js:159:20) at commandLineUsage (/usr/share/nodejs/webpack/node_modules/command-line-usage/index.js:12:20) at printHelp (/usr/share/nodejs/webpack-cli/lib/groups/runHelp.js:71:12) at outputHelp (/usr/share/nodejs/webpack-cli/lib/groups/runHelp.js:111:20) at argParser (/usr/share/nodejs/webpack-cli/lib/utils/arg-parser.js:45:9) at runCLI (/usr/share/nodejs/webpack-cli/lib/bootstrap.js:11:24) at Object. (/usr/share/nodejs/webpack-cli/bin/cli.js:24:5) (node:251750) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1) (node:251750) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
Bug#989731: postgresql-13-pgsphere: drop Conflicts+Replaces: postgresql-pgsphere
Package: postgresql-13-pgsphere Version: 1.1.1+2020-10-20-1 Severity: serious Control: clone -1 -2 Control: reassign -2 postgresql-13-q3c 2.0.0-4 Control: retitle -1 postgresql-13-q3c: drop Conflicts+Replaces: postgresql-q3c In https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984555#44 Markus Demleitner wrote: > One thing that needs to be > ensured, though, is that on upgrades, the old pgsphere packages do > not get removed until the operator asks dpkg to explicitly. Perhaps > stating the obvious, here's what needs to happen when upgrading from, > say pg 11 to 13: > > (1) normal dist-upgrade pulls in (hopefully) postgres-13, keeps > postgres-11 running as normal (hence, pgsphere-11 must still be > there). > (2) operator runs pg_upgrade (for which both pg-13 and pg-11 must be > present with all necessary extensions) > (3) the last step of pg_upgrade is to make pg-13 the default db server, > and pg-11 isn't started any more > (4) the operator can now purge postgres-11 together with the > version 11 extensions. This is currently not possible, since postgresql-13-pgsphere has Conflicts+Replaces: postgresql-pgsphere (<< 1.1.1+2020) (and C+R: postgresql-q3c (<< 2.0.0-2) for postgresql-13-q3c). I do not know if other extension packages have the same bug. (gavodachs2-server seems to be one of the few packages actually needing some extensions (pgsphere and q3c) and thus exhibiting upgrade errors.) I think these Conflicts+Replaces can be safely dropped, since all files in these packages are in versioned (/13/) paths and therefore cannot cause file conflicts with the unversioned package in buster that ships everything (but documentation) in versioned (/11/) paths. But I may be overlooking something ... Andreas
Processed: postgresql-13-pgsphere: drop Conflicts+Replaces: postgresql-pgsphere
Processing control commands: > clone -1 -2 Bug #989731 [postgresql-13-pgsphere] postgresql-13-pgsphere: drop Conflicts+Replaces: postgresql-pgsphere Bug 989731 cloned as bug 989732 > reassign -2 postgresql-13-q3c 2.0.0-4 Bug #989732 [postgresql-13-pgsphere] postgresql-13-pgsphere: drop Conflicts+Replaces: postgresql-pgsphere Bug reassigned from package 'postgresql-13-pgsphere' to 'postgresql-13-q3c'. No longer marked as found in versions pgsphere/1.1.1+2020-10-20-1. Ignoring request to alter fixed versions of bug #989732 to the same values previously set Bug #989732 [postgresql-13-q3c] postgresql-13-pgsphere: drop Conflicts+Replaces: postgresql-pgsphere Marked as found in versions postgresql-q3c/2.0.0-4. > retitle -1 postgresql-13-q3c: drop Conflicts+Replaces: postgresql-q3c Bug #989731 [postgresql-13-pgsphere] postgresql-13-pgsphere: drop Conflicts+Replaces: postgresql-pgsphere Changed Bug title to 'postgresql-13-q3c: drop Conflicts+Replaces: postgresql-q3c' from 'postgresql-13-pgsphere: drop Conflicts+Replaces: postgresql-pgsphere'. -- 989731: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989731 989732: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989732 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#989665: marked as done (user-mode-linux FTBFS: link error)
Your message dated Fri, 11 Jun 2021 11:53:37 + with message-id and subject line Bug#989665: fixed in user-mode-linux 5.10um3 has caused the Debian Bug report #989665, regarding user-mode-linux FTBFS: link error to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 989665: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989665 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: user-mode-linux Version: 5.10um2 Severity: serious Tags: ftbfs https://buildd.debian.org/status/package.php?p=user-mode-linux&suite=sid ... LD .tmp_vmlinux.kallsyms1 /usr/bin/ld: anonymous version tag cannot be combined with other version tags /usr/bin/ld: init/main.o: warning: relocation in read-only section `.text' /usr/bin/ld: warning: creating DT_TEXTREL in a PIE collect2: error: ld returned 1 exit status make[1]: *** [Makefile:1167: vmlinux] Error 1 --- End Message --- --- Begin Message --- Source: user-mode-linux Source-Version: 5.10um3 Done: Ritesh Raj Sarraf We believe that the bug you reported is fixed in the latest version of user-mode-linux, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 989...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ritesh Raj Sarraf (supplier of updated user-mode-linux package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 11 Jun 2021 11:43:23 +0530 Source: user-mode-linux Architecture: source Version: 5.10um3 Distribution: unstable Urgency: medium Maintainer: User Mode Linux Maintainers Changed-By: Ritesh Raj Sarraf Closes: 989665 Changes: user-mode-linux (5.10um3) unstable; urgency=medium . * [95d05ef] Drop patch um_mark_all_kernel_symbols_as_local.patch (Closes: #989665) * [bf8d469] Update UML Linux configs Checksums-Sha1: ac675c8b76065fc68d5e141c9d75f881f7a934b2 1879 user-mode-linux_5.10um3.dsc ce91fce1db808e69eff6b7b9970d81d794d819b7 37596 user-mode-linux_5.10um3.tar.xz da49f2fb1c7ddfe270fd3ec157678e164555 5973 user-mode-linux_5.10um3_source.buildinfo Checksums-Sha256: 6cebb9fd6530a17c790876d1ee50bea7602eaaf6f492b2a99f1cef7c89604f33 1879 user-mode-linux_5.10um3.dsc cf678aac9c89d5b77a8935ce3d17caed8af5bdd18485c1b47f5a5ee56f236bfa 37596 user-mode-linux_5.10um3.tar.xz da970d3540981c5eb2bc81fc19d90e00d238809c9c64586c28836bd91ea00191 5973 user-mode-linux_5.10um3_source.buildinfo Files: a4bacd7491670e4b227ece221341f20f 1879 kernel optional user-mode-linux_5.10um3.dsc 81b456baec344317a0497daa1c780f13 37596 kernel optional user-mode-linux_5.10um3.tar.xz d8145fc2c809142610b6384262b3239d 5973 kernel optional user-mode-linux_5.10um3_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEQCVDstmIVAB/Yn02pjpYo/LhdWkFAmDDR+gACgkQpjpYo/Lh dWmfjw/8Cw70EsEAIY9wb8uB58B5ZYwknSntf9PeZn1bILvNpd76213PgHogBaXN Evky38/Z9Z4LmxgWBMMqSaYwlW3m9Rc0EviPRe9tDnegwv/d8rbUqmDmhM2lbDo9 f1zMe2USYEGkPjOYR1kVBaTX3kUH+blD6epzVrRvBaU+pw3oDiYrcn+QLELqTQrl vMnFxtcf1GxsmTgRDpUCmQ9Mp6/K0I3x0e6jPNfxLRBk/KUqKnaykCrDNxOm9hvD XdaHxXdj6A4usERZUWVxhZYz1nkvCwL4vMxjKdVF+NzTMPXoEt59g0QStyeNzP5v 1s73DasCb5fZq3MainhstkNNEcB7Fml8Tyemx0md3tvcz1hBMdO4xLIwEw6pReUM HyVJrRi/zCXcDgugQC1I8kod/uKWQrWYLNb/YpDtXnDZzrhsE38zf/InAcValLGG WeWDflGqoTYcMjkXd30Co8NCes0kvw+CfeQGqSlyebOebKGkbghKER3IotZd6pIs uiLiXF8sZKvObSynJTDWeO1+OJQnsnG4Zkpd51X5aZxxqfEpbEGXLm2CbqEyA6Sf ndhj71zucZRmNkFv9uq9Um8iEvbvDhWB8ygy+s2U6IXc1gvhB1henzZuTLKf6m7Y NXRbo3SmzOQItkS/vcF2py0eUqjGWo5D9LxfZT1nPg+qwSAuznM= =BXd/ -END PGP SIGNATURE End Message ---
Bug#988739: marked as done (libsidplayfp6: missing Breaks+Replaces: libsidplayfp5)
Your message dated Fri, 11 Jun 2021 11:00:12 + with message-id and subject line Bug#988739: fixed in libsidplayfp 2.2.0-1 has caused the Debian Bug report #988739, regarding libsidplayfp6: missing Breaks+Replaces: libsidplayfp5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988739: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988739 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libsidplayfp6 Version: 2.1.2-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'sid' to 'experimental'. It installed fine in 'sid', then the upgrade to 'experimental' fails because it tries to overwrite other packages files without declaring a Breaks+Replaces relation. See policy 7.6 at https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces Since libsidplayfp5 is supposed to go away, the B+R can be unversioned. >From the attached log (scroll to the bottom...): Preparing to unpack .../libsidplayfp6_2.1.2-1_amd64.deb ... Unpacking libsidplayfp6:amd64 (2.1.2-1) ... dpkg: error processing archive /var/cache/apt/archives/libsidplayfp6_2.1.2-1_amd64.deb (--unpack): trying to overwrite '/usr/lib/x86_64-linux-gnu/libstilview.so.0.0.4', which is also in package libsidplayfp5:amd64 2.0.5-2 Errors were encountered while processing: /var/cache/apt/archives/libsidplayfp6_2.1.2-1_amd64.deb That's the price you pay for shipping multiple shared libraries with unsynchronized SOVERSION in the same package. cheers, Andreas libsidplayfp5=2.0.5-2_libsidplayfp6=2.1.2-1.log.gz Description: application/gzip --- End Message --- --- Begin Message --- Source: libsidplayfp Source-Version: 2.2.0-1 Done: Laszlo Boszormenyi (GCS) We believe that the bug you reported is fixed in the latest version of libsidplayfp, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Laszlo Boszormenyi (GCS) (supplier of updated libsidplayfp package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 29 May 2021 18:25:59 +0200 Source: libsidplayfp Binary: libsidplayfp-dev libsidplayfp-doc libsidplayfp6 libsidplayfp6-dbgsym libstilview-dev libstilview0 libstilview0-dbgsym Architecture: source amd64 all Version: 2.2.0-1 Distribution: experimental Urgency: medium Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Laszlo Boszormenyi (GCS) Description: libsidplayfp-dev - library to play Commodore 64 music based on libsidplay2 (developm libsidplayfp-doc - library to play Commodore 64 music based on libsidplay2 (documen libsidplayfp6 - Library to play Commodore 64 music based on libsidplay2 libstilview-dev - Library to display STIL information on Commodore 64 music (develo libstilview0 - Library to display STIL information on Commodore 64 music Closes: 988739 Changes: libsidplayfp (2.2.0-1) experimental; urgency=medium . * Split out STILView library (closes: #988739). * Update debhelper level to 13 . * Update Standards-Version to 4.5.1 . Checksums-Sha1: 8a09c6fa16b48c054ae46626889d7313a506572d 2082 libsidplayfp_2.2.0-1.dsc a79df5a24b1c72b0924b743be42cf7fda8fed97b 794840 libsidplayfp_2.2.0.orig.tar.gz dd4dd906ec831b6bdd764fe60a6465a865493f15 4228 libsidplayfp_2.2.0-1.debian.tar.xz 1234c41617bf4871ed22c6755c26dfd6161e80b1 164360 libsidplayfp-dev_2.2.0-1_amd64.deb 30d91b0121f82bb57297525344b664be6ddfe923 390948 libsidplayfp-doc_2.2.0-1_all.deb 9f9349ccb77bd40a76df57f23a1843ef80b8ee7f 1313780 libsidplayfp6-dbgsym_2.2.0-1_amd64.deb 60d3fec5a53df664a1ceac6eb1f0cb3d90fa2e26 109028 libsidplayfp6_2.2.0-1_amd64.deb f410c4154d257b5daf695d2127ac34cec4580cfe 8258 libsidplayfp_2.2.0-1_amd64.buildinfo b57cb4d389d388e97a107b01536d2262abdafa66 28576 libstilview-dev_2.2.0-1_amd64.deb 6cd52d8b6c2444cb28a9a14ab16d1b7fbe65f39a 179152 libstilview0-dbgsym_2.2.0-1_amd64.deb 33f47a7c4d0faebc3c2d1088c4e919d56955a958 24688 libstilview0_2.2.0-1_amd64.deb Checksums-Sha256: ee3e38fa9a7a48c165a29d48fd90880232f4065c9
Bug#988739: marked as done (libsidplayfp6: missing Breaks+Replaces: libsidplayfp5)
Your message dated Fri, 11 Jun 2021 11:00:11 + with message-id and subject line Bug#988739: fixed in libsidplayfp 2.1.2-2 has caused the Debian Bug report #988739, regarding libsidplayfp6: missing Breaks+Replaces: libsidplayfp5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988739: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988739 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libsidplayfp6 Version: 2.1.2-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'sid' to 'experimental'. It installed fine in 'sid', then the upgrade to 'experimental' fails because it tries to overwrite other packages files without declaring a Breaks+Replaces relation. See policy 7.6 at https://www.debian.org/doc/debian-policy/ch-relationships.html#overwriting-files-and-replacing-packages-replaces Since libsidplayfp5 is supposed to go away, the B+R can be unversioned. >From the attached log (scroll to the bottom...): Preparing to unpack .../libsidplayfp6_2.1.2-1_amd64.deb ... Unpacking libsidplayfp6:amd64 (2.1.2-1) ... dpkg: error processing archive /var/cache/apt/archives/libsidplayfp6_2.1.2-1_amd64.deb (--unpack): trying to overwrite '/usr/lib/x86_64-linux-gnu/libstilview.so.0.0.4', which is also in package libsidplayfp5:amd64 2.0.5-2 Errors were encountered while processing: /var/cache/apt/archives/libsidplayfp6_2.1.2-1_amd64.deb That's the price you pay for shipping multiple shared libraries with unsynchronized SOVERSION in the same package. cheers, Andreas libsidplayfp5=2.0.5-2_libsidplayfp6=2.1.2-1.log.gz Description: application/gzip --- End Message --- --- Begin Message --- Source: libsidplayfp Source-Version: 2.1.2-2 Done: Laszlo Boszormenyi (GCS) We believe that the bug you reported is fixed in the latest version of libsidplayfp, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Laszlo Boszormenyi (GCS) (supplier of updated libsidplayfp package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 May 2021 11:01:15 +0200 Source: libsidplayfp Binary: libsidplayfp-dev libsidplayfp-doc libsidplayfp6 libsidplayfp6-dbgsym libstilview-dev libstilview0 libstilview0-dbgsym Architecture: source amd64 all Version: 2.1.2-2 Distribution: experimental Urgency: medium Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Laszlo Boszormenyi (GCS) Description: libsidplayfp-dev - library to play Commodore 64 music based on libsidplay2 (developm libsidplayfp-doc - library to play Commodore 64 music based on libsidplay2 (documen libsidplayfp6 - Library to play Commodore 64 music based on libsidplay2 libstilview-dev - Library to display STIL information on Commodore 64 music (develo libstilview0 - Library to display STIL information on Commodore 64 music Closes: 988739 Changes: libsidplayfp (2.1.2-2) experimental; urgency=medium . * Split out STILView library (closes: #988739). * Update debhelper level to 13 . * Update Standards-Version to 4.5.1 . Checksums-Sha1: 2f5343477d0a25f690135dde9f8403b15214ee0a 2082 libsidplayfp_2.1.2-2.dsc 1978c70ad853ea364350b3ca9ae9e2b9d34f4a47 4220 libsidplayfp_2.1.2-2.debian.tar.xz 69bb01cbc0d51b78d2c582d973e8ff684037da63 162684 libsidplayfp-dev_2.1.2-2_amd64.deb dcb74c27f3080c579b077fd418197c35cf79587b 386368 libsidplayfp-doc_2.1.2-2_all.deb 02784d56103317e1f6f23c58997150a864c34593 1306340 libsidplayfp6-dbgsym_2.1.2-2_amd64.deb d6456e893ea904ce62c825cb52865e8ba6cb403a 108280 libsidplayfp6_2.1.2-2_amd64.deb d4fa7f2b8af649e96b872305c818c9653d866e70 8258 libsidplayfp_2.1.2-2_amd64.buildinfo fcf576cd364b1d306fb67b013806bfe2ed0192d0 28608 libstilview-dev_2.1.2-2_amd64.deb 8cfbb4d797c1055febc248098bfdb3e476b70c27 179148 libstilview0-dbgsym_2.1.2-2_amd64.deb b8051939e863027020460e3936de3940355f325b 24692 libstilview0_2.1.2-2_amd64.deb Checksums-Sha256: f461b1856137bb51b49310e85bf9d8cabf87d4ede3a2137e3756491dd99e055d 2082 libsidplayfp_2.1.2-2.dsc 9c575c051045a59107dbbcf2
Bug#989255: set severity to serious
Hello, I've set the severity of serious because this bug is making qbittorrent-nox unusable (you cannot enter Web UI and therefore you have no way to control the program). I'm also worried that this bug might slip into the release. Regards
Processed: your mail
Processing commands for cont...@bugs.debian.org: > severity 989255 serious Bug #989255 [qbittorrent-nox] qbittorrent-nox web UI fails after qt5 upgrade Severity set to 'serious' from 'important' > End of message, stopping processing here. Please contact me if you need assistance. -- 989255: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989255 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#892275: any comments?
Ping -- the package was scheduled to be autoremoved today. > > > > IMVHO, you should remove the redshift systemd file and let redshift > > > > start via de xdg autostart mechanism. The geoclue agent should then be > > > > started before redshift as I think it start the process using the > > > > alphabetical order. > > Maybe someone can come up with a patch that works on both, systemd and > > non-systemd systems? If thats even relevant in the first place... > As there's no non-systemd specific code in redshift at all, yet it works > fine for me, why would that systemd support be needed either? Looking deeper, it works on my boxen because XFCE autosaves the session, effectively making redshift autostart if it has ever been started by the user and not killed afterwards. I have no real knowledge how other window managers work this millenium. So... may someone educate me if there are cases when this .service file works (rather than always failing and sometimes having nasty effects)? If no, we can simply drop it for Bullseye, and have the package work for everyone the way it works for me -- which seems fine. Otherwise, the good way to go would be investigating how xdg autostart operates in different window managers. Nicoo: as the maintainer, if you have no time to fix this yourself, could you at least tell us what to do? Meow! -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋⠀ Certified airhead; got the CT scan to prove that! ⠈⠳⣄
Bug#989564: marked as done (isync: CVE-2021-3578)
Your message dated Fri, 11 Jun 2021 09:47:10 + with message-id and subject line Bug#989564: fixed in isync 1.3.0-2.2~deb10u1 has caused the Debian Bug report #989564, regarding isync: CVE-2021-3578 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 989564: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989564 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: isync Version: 1.3.0-2.1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: found -1 1.3.0-2 Hi, The following vulnerability was published for isync. CVE-2021-3578[0]: | possible remote code execution in isync/mbsync If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-3578 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3578 [1] https://www.openwall.com/lists/oss-security/2021/06/07/1 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: isync Source-Version: 1.3.0-2.2~deb10u1 Done: Salvatore Bonaccorso We believe that the bug you reported is fixed in the latest version of isync, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 989...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated isync package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 09 Jun 2021 21:21:48 +0200 Source: isync Architecture: source Version: 1.3.0-2.2~deb10u1 Distribution: buster Urgency: medium Maintainer: Nicolas Boullis Changed-By: Salvatore Bonaccorso Closes: 983351 989564 Changes: isync (1.3.0-2.2~deb10u1) buster; urgency=medium . * Non-maintainer upload. * Rebuild for buster . isync (1.3.0-2.2) unstable; urgency=medium . * Non-maintainer upload. * fix handling of unexpected APPENDUID response code (CVE-2021-3578) (Closes: #989564) . isync (1.3.0-2.1) unstable; urgency=medium . * Non-maintainer upload. . [ Ondřej Nový ] * d/watch: Use https protocol . [ Salvatore Bonaccorso ] * reject funny mailbox names from IMAP LIST/LSUB (CVE-2021-20247) (Closes: #983351) Checksums-Sha1: 1bea5cc21869cdf88d0015a98f8bebb5120805e0 2081 isync_1.3.0-2.2~deb10u1.dsc 07f6d7cfc39ed2678791f625de70cdeff3d3bfba 309459 isync_1.3.0.orig.tar.gz ecda4c1d0b16e16eb0a677b6bc5fdf4139eee1fb 9872 isync_1.3.0-2.2~deb10u1.debian.tar.xz Checksums-Sha256: 7ebb1b101d2e9769e923d725f3c1f3ec1034561a3280e5a3c3e8337dda566e79 2081 isync_1.3.0-2.2~deb10u1.dsc 8d5f583976e3119705bdba27fa4fc962e807ff5996f24f354957178ffa697c9c 309459 isync_1.3.0.orig.tar.gz b5f44a04c4b811e760b995d4a3b8f3b96d5ece5b5b6495593ee7b8887a09958c 9872 isync_1.3.0-2.2~deb10u1.debian.tar.xz Files: 53f1da0dac90b61967b56859dc12aa94 2081 mail optional isync_1.3.0-2.2~deb10u1.dsc f64e8723ebbb081bc15510586bfa1f8f 309459 mail optional isync_1.3.0.orig.tar.gz f5c96276531ebab6e278a1da29f5eead 9872 mail optional isync_1.3.0-2.2~deb10u1.debian.tar.xz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmDBFnZfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EneEP/RwbL846m91RAXSPvjHktbJLhfj4LNPA F4l+e7IyoydvcyErYXK+QC/A6wu/GX4VA+lYWonZKnxOc0DDSTdGdt4FKAVVLn90 uvk1K48a1ibaJRwGNdDFrA4QvGPhvS6ZdDj0gCHrSXL/DsjZ7zaemix/gqPpgRoL xTRAva+bW4YmQlyzt3TTZNKV96v0g83RAc+5XGiPCfiEpw+oAbtib5KVp4awTpbk K4eSZMqgnvC5tB9WmIo/o5Tg2XP2lgO3sc2ZMd2z4YXcBACA70pLDu/M67kaB5ab qu9vvCWMac35tRKnhz2yPweuDqAxjslV9ZLE0gdu/XASdr8cPYdIJuYA2Pdlg5B8 AlIGg3kCsVwsb3W/gA8MzENB6JJ9heXbUBCD0EbDLDkY4Kvnz/e+96OSomt834Mg N3fGMoueOgQfd4UQIiRB6eOd/ywxe9YUqHc+j2luLQJ6MoK5aAXsnM5nCSV/hFjS 4ZdwOpg6GNKTZfBOFf6QrU7KAMoW2czySeVegwG7YVji4091LsF3jQB61mQh/bNY ztJpereDEtH7ApmYfDBEnjM0J0T8cnDTgEwibtUAadZxa2jO4y7RZPHUGzzi9cpG 0Stu1yk+xMBcQPVU7xGRmdrCJuKNDuBO9JHS3ONMlxmFa4PDZ9J6/D7m5DHL0Sli UhqIbUuazEfS =igbz
Bug#989041: marked as done (eterm: CVE-2021-33477)
Your message dated Fri, 11 Jun 2021 09:47:07 + with message-id and subject line Bug#989041: fixed in eterm 0.9.6-5+deb10u1 has caused the Debian Bug report #989041, regarding eterm: CVE-2021-33477 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 989041: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989041 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: eterm Version: 0.9.6-6 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: found -1 0.9.6-5 Hi, The following vulnerability was published for eterm. Strictly speaking the severity to RC is overrated, but I think it is sensible to make sure that the fix lands in bullseye. For buster the issue is marked no-dsa and could be fixed via an upcoming point release. For reference see the rxvt-unicode fix (which disables the code). CVE-2021-33477[0]: | rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow | (potentially remote) code execution because of improper handling of | certain escape sequences (ESC G Q). A response is terminated by a | newline. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-33477 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33477 Regards, Salvatore --- End Message --- --- Begin Message --- Source: eterm Source-Version: 0.9.6-5+deb10u1 Done: Utkarsh Gupta We believe that the bug you reported is fixed in the latest version of eterm, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 989...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Utkarsh Gupta (supplier of updated eterm package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 11 Jun 2021 01:16:57 +0530 Source: eterm Architecture: source Version: 0.9.6-5+deb10u1 Distribution: buster Urgency: high Maintainer: Debian QA Group Changed-By: Utkarsh Gupta Closes: 989041 Changes: eterm (0.9.6-5+deb10u1) buster; urgency=high . * Non-maintainer upload by the LTS team. * Add patch from rxvt-unicode to fix CVE-2021-33477. (Closes: #989041) Checksums-Sha1: 6aad465d8a38431b94a96ab214509b9aa0ed6cb0 1920 eterm_0.9.6-5+deb10u1.dsc b4cb00f898ffd2de9bf7ae0ecde1cc3a5fee9f02 831756 eterm_0.9.6.orig.tar.gz 9540adf680b647c24fec1f0a458ed7cf35d66755 13084 eterm_0.9.6-5+deb10u1.debian.tar.xz 7f0cf5299d50b1cee5dcd3f67495181445a14a03 6020 eterm_0.9.6-5+deb10u1_source.buildinfo Checksums-Sha256: a6f9679f1af7029fc0ccac5103e6e160656c6baf69754482aa81caf585c0ac35 1920 eterm_0.9.6-5+deb10u1.dsc 72b907aa64f8bcf053f2ecbc8a2e243c6de353a94ecaf579ff2c4e3ae5d7e13c 831756 eterm_0.9.6.orig.tar.gz 7b59164f66acbdb22f6d23a89cb25210c70998bff7a707f16fb163a0b73cbdac 13084 eterm_0.9.6-5+deb10u1.debian.tar.xz fcf260b07291f70616b2f03d4560465ac63951dae6fb2e619e8472d5a1bb9f6c 6020 eterm_0.9.6-5+deb10u1_source.buildinfo Files: 6090d39921e1f370705d37f02a7284bd 1920 x11 optional eterm_0.9.6-5+deb10u1.dsc 90e424584c22d4050496874d14f78bb1 831756 x11 optional eterm_0.9.6.orig.tar.gz 6b376838f01474f7288c5c3fdfd7 13084 x11 optional eterm_0.9.6-5+deb10u1.debian.tar.xz b8fd1a2c2583ade89ff4ae59cb1b64cf 6020 x11 optional eterm_0.9.6-5+deb10u1_source.buildinfo -BEGIN PGP SIGNATURE- iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmDCbR4THHV0a2Fyc2hA ZGViaWFuLm9yZwAKCRCCPpZ2BsNLlt6lEACIZrNkSxO9czdftIJlahcfskcWFNS4 tuOJLo/ka5sKoVzBNUu+VtJZnLv6CI6DrbMTSpKDxkvECN5uv/2YC/crJfNj9dLC u4tkMUXqjOmW1BbcUg7JgpqyvybLUy3Mzuf8FbOep7JN1WLfVd20qBinX6FUc2pi xRGH+qcx+SwForPZsQf/dDkAWT1N5dryItJwP/Kk26eHGgv+TdK85ejPk5aZaUS8 /ZLN9dlCfuUUEmDjqLbG07R3UjDZQs0ajh20K1+Sg5OQvSdIzrhhEGIo1KlrRYzC pwp+5IXM4hYTMa5GURs6KfkwE69mOdp7YX/t0jEPrfQU8EJaj/0vMpAkYvYGfZDm ZN0pveDw44m2NzgH10yk7C7icitck0v9qwMOwWfuJLBAlygrz3jgWWokrYnPMUGj S60/spolIQeOj9H/xvdbnBHsm7viUWzjyebVi1XqZFa9ytS3qJm04rViPQ9rq55n a24O4U+QgwtjDnEs46wpRhmo4Ea8I7lydvHfw2rY44MwBJYTJi+vALRHqsjT7dKc nBzyF0R4Yk7CTLqiNtGHm6RxytLPio0H/425fPWnJOwTu2IllDbBu3UmzIXC2uRk MZ501RdIs8eRszjFXw6mw3MGSch9gU1hDekbfSW
Bug#988214: marked as done (CVE-2021-22885 CVE-2021-22902 CVE-2021-22904)
Your message dated Fri, 11 Jun 2021 09:47:17 + with message-id and subject line Bug#988214: fixed in rails 2:5.2.2.1+dfsg-1+deb10u3 has caused the Debian Bug report #988214, regarding CVE-2021-22885 CVE-2021-22902 CVE-2021-22904 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988214: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988214 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: rails Severity: grave Tags: security X-Debbugs-Cc: Debian Security Team CVE-2021-22904: https://github.com/rails/rails/commit/d861fa8ade353390c4419b53a6c6b41f3005b1f2 (v6.0.3.7) CVE-2021-22902: Fixed by: https://github.com/rails/rails/commit/446afbd15360a347c923ca775b21a286dcb5297a (v6.0.3.7) CVE-2021-22885: https://github.com/rails/rails/commit/f202249bdd701f908a57d733e633d366a982f8ce (v6.0.3.7) Cheers, Moritz --- End Message --- --- Begin Message --- Source: rails Source-Version: 2:5.2.2.1+dfsg-1+deb10u3 Done: Utkarsh Gupta We believe that the bug you reported is fixed in the latest version of rails, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 988...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Utkarsh Gupta (supplier of updated rails package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 06 Jun 2021 18:26:33 +0530 Source: rails Binary: rails ruby-actioncable ruby-actionmailer ruby-actionpack ruby-actionview ruby-activejob ruby-activemodel ruby-activerecord ruby-activestorage ruby-activesupport ruby-rails ruby-railties Architecture: source all Version: 2:5.2.2.1+dfsg-1+deb10u3 Distribution: buster-security Urgency: high Maintainer: Debian Ruby Extras Maintainers Changed-By: Utkarsh Gupta Description: rails - MVC ruby based framework geared for web application development ( ruby-actioncable - WebSocket framework for Rails (part of Rails) ruby-actionmailer - email composition, delivery, and receiving framework (part of Rai ruby-actionpack - web-flow and rendering framework putting the VC in MVC (part of R ruby-actionview - framework for handling view template lookup and rendering (part o ruby-activejob - job framework with pluggable queues ruby-activemodel - toolkit for building modeling frameworks (part of Rails) ruby-activerecord - object-relational mapper framework (part of Rails) ruby-activestorage - Local and cloud file storage framework (part of Rails) ruby-activesupport - Support and utility classes used by the Rails 4.1 framework ruby-rails - MVC ruby based framework geared for web application development ruby-railties - tools for creating, working with, and running Rails applications Closes: 988214 Changes: rails (2:5.2.2.1+dfsg-1+deb10u3) buster-security; urgency=high . * Add patch to prevent string polymorphic route arguments. (Fixes: CVE-2021-22885) (Closes: #988214) * Add patch to prevent slow regex when parsing host auth header. (Fixes: CVE-2021-22904) (Closes: #988214) * Add patch to fix possible DoS vector in PostgreSQL money type. (Fixes: CVE-2021-22880) Checksums-Sha1: 9d5047a25ac27487f7328de7334eac22c3036c17 4417 rails_5.2.2.1+dfsg-1+deb10u3.dsc 89e94af74ee9bc3229d4e6ef1af562ccd3313662 6143580 rails_5.2.2.1+dfsg.orig.tar.xz ec2e3944b7a6e7555bc85b866d47725d8a9b1586 96060 rails_5.2.2.1+dfsg-1+deb10u3.debian.tar.xz 47d53a2dbc10b0e8724d5bf5f0c6a3c923343204 14892 rails_5.2.2.1+dfsg-1+deb10u3_all.deb f368b03e1b08b73b7cc41f824e416ac380d4fda7 22124 rails_5.2.2.1+dfsg-1+deb10u3_amd64.buildinfo 7d79676eff035379fe2928a0b4ed5a3ef082f89e 42272 ruby-actioncable_5.2.2.1+dfsg-1+deb10u3_all.deb 67a33fbc951d16d2d325161c6eec19a70c549fc8 38004 ruby-actionmailer_5.2.2.1+dfsg-1+deb10u3_all.deb 0fce34b992f03630997281d5fa425d021d93d0fa 184320 ruby-actionpack_5.2.2.1+dfsg-1+deb10u3_all.deb 6c1b1e7251a969784f8593dfacc593523626db92 144196 ruby-actionview_5.2.2.1+dfsg-1+deb10u3_all.deb 00e96767499fb7af868952c4e8c4a6e8f4d606b1 34852 ruby-activejob_5.2.2.1+dfsg-1+deb10u3_all.deb 38901a079cac0ba508dfe99af81feff2f0fedd99 60596 ruby-activemodel_5.2.2.1+dfsg-1+deb10u3_all.deb ba158a22c8a44a6f42ad89aa65bf59f61613
Bug#987448: marked as done (webkit2gtk regression: liferea: CSS for the posts is broken)
Your message dated Fri, 11 Jun 2021 09:47:15 + with message-id and subject line Bug#987448: fixed in liferea 1.12.6-1+deb10u1 has caused the Debian Bug report #987448, regarding webkit2gtk regression: liferea: CSS for the posts is broken to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 987448: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987448 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libwebkit2gtk-4.0-37 Version: 2.32.0-2 Severity: serious Control: affects -1 liferea X-Debbugs-CC: life...@packages.debian.org The recent upgrade to webkit2gtk 2.32.0-2 broke the CSS that the liferea RSS reader uses to style the HTML it injects for post metadata. By default liferea looks like this before and after the upgrade: https://people.debian.org/~pabs/tmp/webkit2gtk-liferea-regression/before.png https://people.debian.org/~pabs/tmp/webkit2gtk-liferea-regression/after.png -- System Information: Debian Release: bullseye/sid APT prefers testing-debug APT policy: (900, 'testing-debug'), (900, 'testing'), (800, 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental'), (500, 'testing-security') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-6-amd64 (SMP w/8 CPU threads) Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libwebkit2gtk-4.0-37 depends on: ii bubblewrap 0.4.1-3 ii libatk1.0-0 2.36.0-2 ii libc6 2.31-11 ii libcairo2 1.16.0-5 ii libegl1 1.3.2-1 ii libenchant-2-2 2.2.15-1 ii libfontconfig1 2.13.1-4.2 ii libfreetype62.10.4+dfsg-1 ii libgcc-s1 10.2.1-6 ii libgcrypt20 1.8.7-3 ii libgdk-pixbuf-2.0-0 2.42.2+dfsg-1 ii libgl1 1.3.2-1 ii libglib2.0-02.66.8-1 ii libgstreamer-gl1.0-01.18.4-2 ii libgstreamer-plugins-base1.0-0 1.18.4-2 ii libgstreamer1.0-0 1.18.3-2 ii libgtk-3-0 3.24.24-3 ii libharfbuzz-icu02.7.4-1 ii libharfbuzz0b 2.7.4-1 ii libhyphen0 2.8.8-7 ii libicu6767.1-6 ii libjavascriptcoregtk-4.0-18 2.32.0-2 ii libjpeg62-turbo 1:2.0.6-4 ii libmanette-0.2-00.2.5-1 ii libnotify4 0.7.9-3 ii libopenjp2-72.4.0-3 ii libpango-1.0-0 1.46.2-3 ii libpng16-16 1.6.37-3 ii libseccomp2 2.5.1-1 ii libsecret-1-0 0.20.4-2 ii libsoup2.4-12.72.0-2 ii libsqlite3-03.34.1-3 ii libstdc++6 10.2.1-6 ii libsystemd0 247.3-3 ii libtasn1-6 4.16.0-2 ii libwayland-client0 1.18.0-2~exp1.1 ii libwayland-egl1 1.18.0-2~exp1.1 ii libwayland-server0 1.18.0-2~exp1.1 ii libwebp60.6.1-2+b1 ii libwebpdemux2 0.6.1-2+b1 ii libwoff11.0.2-1+b1 ii libwpe-1.0-11.6.0-1 ii libwpebackend-fdo-1.0-1 1.8.0-1 ii libx11-62:1.7.0-2 ii libxcomposite1 1:0.4.5-1 ii libxdamage1 1:1.1.5-2 ii libxml2 2.9.10+dfsg-6.3+b1 ii libxslt1.1 1.1.34-4 ii xdg-dbus-proxy 0.1.2-2 ii xdg-desktop-portal-gtk 1.8.0-1 ii zlib1g 1:1.2.11.dfsg-2 Versions of packages libwebkit2gtk-4.0-37 recommends: ii gstreamer1.0-alsa 1.18.4-2 ii gstreamer1.0-gl1.18.4-2 ii gstreamer1.0-libav 1.18.4-3 ii gstreamer1.0-plugins-good 1.18.4-2 ii gstreamer1.0-pulseaudio1.18.4-2 ii libgl1-mesa-dri21.0.2-1 libwebkit2gtk-4.0-37 suggests no packages. -- no debconf information -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part --- End Message --- --- Begin Message --- Source: liferea Source-Version: 1.12.6-1+deb10u1 Done: Paul Gevers We believe that the bug you reported is fixed in the latest version of liferea, which is due to be installed
Bug#962342: marked as done (libexplain-dev: missing dependency on libacl1-dev)
Your message dated Fri, 11 Jun 2021 09:03:26 + with message-id and subject line Bug#962342: fixed in libexplain 1.4.D001-11 has caused the Debian Bug report #962342, regarding libexplain-dev: missing dependency on libacl1-dev to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 962342: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962342 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: libexplain-dev Version: 1.4.D001-10 Severity: normal Dear Maintainer, the libexplain-dev package should possibly have a dependency on libacl1-dev, as its headers use the sys/acl.h header that is provided by it. More specifically, compiling a program with (not much more than) #include fails with In file included from /usr/include/libexplain/libexplain.h:38, from expl.c:12: /usr/include/libexplain/acl_from_text.h:33:10: fatal error: sys/acl.h: No such file or directory #include ^~~ By installing libacl1-dev, the error is resolved and the package can be used as expected. -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.17.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages libexplain-dev depends on: ii libexplain51 1.4.D001-10 ii lsof 4.91+dfsg-1 libexplain-dev recommends no packages. libexplain-dev suggests no packages. -- no debconf information --- End Message --- --- Begin Message --- Source: libexplain Source-Version: 1.4.D001-11 Done: Håvard Flaget Aasen We believe that the bug you reported is fixed in the latest version of libexplain, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 962...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Håvard Flaget Aasen (supplier of updated libexplain package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 09 Jun 2021 22:23:28 +0200 Source: libexplain Architecture: source Version: 1.4.D001-11 Distribution: unstable Urgency: medium Maintainer: Debian QA Group Changed-By: Håvard Flaget Aasen Closes: 962342 Changes: libexplain (1.4.D001-11) unstable; urgency=medium . * QA upload. * d/control: Add libacl1-dev as dependency Closes: #962342 Checksums-Sha1: 99b737b90972f1bfa81026326f58ca31fb9084c5 2188 libexplain_1.4.D001-11.dsc a6840c233f5b99423c4bbebcd45fb54ec9f76c33 46548 libexplain_1.4.D001-11.debian.tar.xz Checksums-Sha256: 4b9e15b642e4d94ce013964b231a36722668d228fbf5993fd143142869f7563d 2188 libexplain_1.4.D001-11.dsc 9a9876c94c01e15c29e4d0ee7cf4dcaaeb0b94da8a4a622cc63b4ed37c0e8008 46548 libexplain_1.4.D001-11.debian.tar.xz Files: ab383c1ef42292ab30afa8fd2f67f30f 2188 devel optional libexplain_1.4.D001-11.dsc 06a52fb6d4590bf54c3025ac9e2a00d2 46548 devel optional libexplain_1.4.D001-11.debian.tar.xz -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmDDIfIACgkQkWT6HRe9 XTYHLg/+ICD0dWnUstqjGxBbQo7UASZJASDPIn2Imgmtdv1gQ2oSlbbWHNyAvsHg IeUZdtHImZ6DJ2DDH1BejbuVsgL7HVaHRApZSJQTWaZmlWhDCYVne1RksePniekl 7ank4jlTt4f1msJoquVQkSf53QqH4OsJgW+cUH2YHt6kCUqbMG1mbKvOWLoW8Oco lUKJXX+uXFOOF4KBS6rJz8KJ6Ygt7p+cLuCwnU+0VPehkk0IFovJbEyZio0ynvFD bVNPpGZ5/cLLidbgbAFLLYaOM6SWxo0rnHARucYYXUMlBOSmqbEjkKwclsoksrFr Bda2yV7Vz2MNTDDscBBfs5c9HibUWWznHYXklokBjsINTGbosN8+RsVzNZUtjzwb 9op5BPyPv1c9H2RhADJ0hMt27w4KVLAh92BfZsf1y914qllLuMa3yETqxx0VqcsV wiF6KPXJZ+UblHu/R6ifFiRMGq6rinc4eN6bfe2IvA8MvuyJ+LUcG+9jTp3181f+ GBCbatO2n62d+DjB43UdZtvn7SxzxR2khArFViEpwygAd1Rh5vf60/+dM/syFzWt h2/utat7SW4/mvRiV7rYscv/QL2dGQ2Tv43XP8eEpR5TLNXCDtw08vayV+CGjGMQ KSd/RM3u5hcZNyKrAJDZXRHZIRrJbKLpwWaU3rtdbE8TiZbScnw= =+zYl -END PGP SIGNATURE End Message ---