Bug#1001348: marked as done (dask: autopkgtest failures on 32 bit with pandas 1.3: Buffer type mismatch)
Your message dated Sun, 27 Feb 2022 07:52:14 + with message-id <1c123171-ec21-b078-fdfc-4a627cc77...@debian.org> and subject line re: dask: autopkgtest failures on 32 bit with pandas 1.3: Buffer type mismatch has caused the Debian Bug report #1001348, regarding dask: autopkgtest failures on 32 bit with pandas 1.3: Buffer type mismatch to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1001348: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001348 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: python3-dask Version: 2021.09.1+dfsg-1 Severity: serious Tags: patch Control: forwarded -1 https://github.com/dask/dask/issues/8169 (actually found independently) With pandas 1.3 (currently in unstable, see #999415), the dask autopkgtest fails on armhf and i386 with /usr/lib/python3/dist-packages/dask/dataframe/backends.py:358: in group_split_pandas indexer, locations = pd._libs.algos.groupsort_indexer( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ > ??? E ValueError: Buffer dtype mismatch, expected 'const intp_t' but got 'long long' pandas/_libs/algos.pyx:194: ValueError Full log: https://ci.debian.net/data/autopkgtest/testing/armhf/d/dask/17399418/log.gz The above upstream bug says changing np.int64 to np.intp at https://sources.debian.org/src/dask/2021.09.1+dfsg-1/dask/dataframe/backends.py/#L359 is a fix (which they haven't used, it's incompatible with earlier pandas, but we don't need to care about that). --- End Message --- --- Begin Message --- Version: 2021.09.1+dfsg-2 This is fixed by the version currently in testing. https://ci.debian.net/data/autopkgtest/testing/i386/d/dask/19189395/log.gz Unfortunately, the version of dask in unstable, once again has an autopkgtest failure on 32-bit. I will file a separate bug report about that.--- End Message ---
Bug#1006535: sphinx-remove-toctrees - source-only upload required.
Package: sphinx-remove-toctrees Version: 0.0.3-1 Severity: serious The release team have decreed that only binaries build on the buildd network can migrate to testing, please make a source-only upload so your package can migrate.
Bug#1006042: marked as done (rich: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13)
Your message dated Sun, 27 Feb 2022 05:34:33 + with message-id and subject line Bug#1006042: fixed in rich 11.2.0-1 has caused the Debian Bug report #1006042, regarding rich: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1006042: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006042 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: rich Version: 10.16.2-1 Severity: serious Justification: FTBFS Tags: bookworm sid ftbfs Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > make[1]: Entering directory '/<>' > PYBUILD_SYSTEM=custom PYBUILD_TEST_ARGS="PYTHONPATH=/<> > {interpreter} -m pytest" dh_auto_test > I: pybuild base:237: PYTHONPATH=/<> python3.10 -m pytest > = test session starts > == > platform linux -- Python 3.10.2, pytest-6.2.5, py-1.10.0, pluggy-0.13.0 > rootdir: /<> > collected 583 items > > tests/test_align.py [ > 2%] > tests/test_ansi.py . [ > 2%] > tests/test_bar.py ...[ > 4%] > tests/test_block_bar.py [ > 4%] > tests/test_box.py .. [ > 5%] > tests/test_card.py . [ > 6%] > tests/test_cells.py .. [ > 6%] > tests/test_color.py .[ > 9%] > tests/test_color_triplet.py ... [ > 9%] > tests/test_columns.py . [ > 9%] > tests/test_columns_align.py .[ > 10%] > tests/test_console.py .. [ > 18%] > .. [ > 23%] > tests/test_constrain.py .[ > 23%] > tests/test_containers.py [ > 24%] > tests/test_control.py . [ > 24%] > tests/test_emoji.py .. [ > 25%] > tests/test_file_proxy.py .. [ > 26%] > tests/test_filesize.py ..[ > 26%] > tests/test_highlighter.py .. [ > 33%] > tests/test_inspect.py [ > 34%] > tests/test_json.py . [ > 34%] > tests/test_jupyter.py . [ > 34%] > tests/test_layout.py .. [ > 35%] > tests/test_live.py ..[ > 37%] > tests/test_live_render.py [ > 38%] > tests/test_log.py ...[ > 38%] > tests/test_logging.py [ > 39%] > tests/test_lrucache.py . [ > 39%] > tests/test_markdown.py ..[ > 39%] > tests/test_markdown_no_hyperlinks.py . [ > 40%] > tests/test_markup.py ... [ > 43%] > tests/test_measure.py [ > 44%] > tests/test_padding.py . [ > 44%] > tests/test_palette.py . [ > 45%] > tests/test_panel.py .[ > 46%] > tests/test_pick.py . [ > 46%] > tests/test_pretty.py .s... [ > 51%] > tests/test_progress.py . [ > 55%] > tests/test_prompt.py .. [ > 56%] > tests/test_protocol.py ..[ > 57%] > tests/test_ratio.py ..
Bug#1006042: marked as pending in rich
Control: tag -1 pending Hello, Bug #1006042 in rich reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/packages/rich/-/commit/c62e87c11d6474d1391440818413269e24f7c160 New upstream release; Closes: #1006042, #983326 (this message was generated automatically) -- Greetings https://bugs.debian.org/1006042
Processed: Bug#1006042 marked as pending in rich
Processing control commands: > tag -1 pending Bug #1006042 [src:rich] rich: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13 Added tag(s) pending. -- 1006042: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006042 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1005527: python-wsproto: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13
On Sun, 13 Feb 2022 08:45:58 +0100 Lucas Nussbaum wrote: > Source: python-wsproto ... > During a rebuild of all packages in sid, your package failed to build > on amd64. Upstream has fixed this in git, so I asked them to make a new release: https://github.com/python-hyper/wsproto/issues/171 https://github.com/python-hyper/wsproto/commit/76c130fe6309235bb40161ed0e9fc9721ec55ab1 https://github.com/python-hyper/wsproto/pull/170 https://github.com/python-hyper/wsproto/issues/169 -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Processed: bug 1005527 is forwarded to https://github.com/python-hyper/wsproto/commit/76c130fe6309235bb40161ed0e9fc9721ec55ab1 https://github.com/python-hyper/wsproto/pull/170 https://github.com/pytho
Processing commands for cont...@bugs.debian.org: > forwarded 1005527 > https://github.com/python-hyper/wsproto/commit/76c130fe6309235bb40161ed0e9fc9721ec55ab1 > https://github.com/python-hyper/wsproto/pull/170 > https://github.com/python-hyper/wsproto/issues/169 Bug #1005527 [src:python-wsproto] python-wsproto: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13 Changed Bug forwarded-to-address to 'https://github.com/python-hyper/wsproto/commit/76c130fe6309235bb40161ed0e9fc9721ec55ab1 https://github.com/python-hyper/wsproto/pull/170 https://github.com/python-hyper/wsproto/issues/169' from 'https://github.com/python-hyper/wsproto/issues/169'. > thanks Stopping processing here. Please contact me if you need assistance. -- 1005527: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005527 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1005547: marked as done (fastapi: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13)
Your message dated Sun, 27 Feb 2022 03:48:39 + with message-id and subject line Bug#1005547: fixed in fastapi 0.74.1-1 has caused the Debian Bug report #1005547, regarding fastapi: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1005547: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005547 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: fastapi Version: 0.73.0-1 Severity: serious Justification: FTBFS Tags: bookworm sid ftbfs User: lu...@debian.org Usertags: ftbfs-20220212 ftbfs-bookworm Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > /usr/lib/python3/dist-packages/starlette/testclient.py:313: in __enter__ > message = self.receive() > /usr/lib/python3/dist-packages/starlette/testclient.py:382: in receive > raise message > /usr/lib/python3/dist-packages/anyio/from_thread.py:187: in _call_func > retval = await retval > /usr/lib/python3/dist-packages/starlette/testclient.py:340: in _run > await self.app(scope, receive, send) > /<>/fastapi/applications.py:212: in __call__ > await super().__call__(scope, receive, send) > /usr/lib/python3/dist-packages/starlette/applications.py:119: in __call__ > await self.middleware_stack(scope, receive, send) > /usr/lib/python3/dist-packages/starlette/middleware/errors.py:146: in __call__ > await self.app(scope, receive, send) > /usr/lib/python3/dist-packages/starlette/exceptions.py:63: in __call__ > await self.app(scope, receive, send) > /usr/lib/python3/dist-packages/starlette/routing.py:659: in __call__ > await route.handle(scope, receive, send) > /usr/lib/python3/dist-packages/starlette/routing.py:318: in handle > await self.app(scope, receive, send) > /usr/lib/python3/dist-packages/starlette/routing.py:77: in app > await func(session) > /<>/fastapi/routing.py:263: in app > solved_result = await solve_dependencies( > /<>/fastapi/dependencies/utils.py:465: in solve_dependencies > response = response or Response( > /usr/lib/python3/dist-packages/starlette/responses.py:50: in __init__ > self.init_headers(headers) > _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ > _ > > self = , headers = None > > def init_headers(self, headers: typing.Mapping[str, str] = None) -> None: > if headers is None: > raw_headers: typing.List[typing.Tuple[bytes, bytes]] = [] > populate_content_length = True > populate_content_type = True > else: > raw_headers = [ > (k.lower().encode("latin-1"), v.encode("latin-1")) > for k, v in headers.items() > ] > keys = [h[0] for h in raw_headers] > populate_content_length = b"content-length" not in keys > populate_content_type = b"content-type" not in keys > > body = getattr(self, "body", None) > if ( > body is not None > and populate_content_length > > and not (self.status_code < 200 or self.status_code in (204, 304)) > ): > E TypeError: '<' not supported between instances of 'NoneType' and 'int' > > /usr/lib/python3/dist-packages/starlette/responses.py:77: TypeError > ___ test_app > ___ > > def test_app(): > > response = client.get("/v2") > > /<>/tests/test_tutorial/test_wsgi/test_tutorial001.py:15: > _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ > _ > /usr/lib/python3/dist-packages/requests/sessions.py:555: in get > return self.request('GET', url, **kwargs) > /usr/lib/python3/dist-packages/starlette/testclient.py:474: in request > return super().request( > /usr/lib/python3/dist-packages/requests/sessions.py:542: in request > resp = self.send(prep, **send_kwargs) > /usr/lib/python3/dist-packages/requests/sessions.py:655: in send > r = adapter.send(request, **kwargs) > /usr/lib/python3/dist-packages/starlette/testclient.py:268: in send > raise exc > /usr/lib/python3/dist-packages/starlette/testclient.py:265: in send > portal.call(self.app, scope, receive, send) > /usr/lib/python3/dist-packages/anyio/from_thread.py:240: in call > return cast(T_Retval, self.start_task_soon(func, *args).result()) > /usr/lib/python3.9/concurrent/futures/_base.py:446: in result > return self.__get_result() > /usr/lib/pytho
Bug#1005635: marked as done (sqlmodel: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13)
Your message dated Sun, 27 Feb 2022 03:48:39 + with message-id and subject line Bug#1005635: fixed in fastapi 0.74.1-1 has caused the Debian Bug report #1005635, regarding sqlmodel: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1005635: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005635 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: sqlmodel Version: 0.0.6-1 Severity: serious Justification: FTBFS Tags: bookworm sid ftbfs User: lu...@debian.org Usertags: ftbfs-20220212 ftbfs-bookworm Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > tests/test_tutorial/test_fastapi/test_update/test_tutorial001.py:248: > _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ > _ > /usr/lib/python3/dist-packages/requests/sessions.py:590: in post > return self.request('POST', url, data=data, json=json, **kwargs) > /usr/lib/python3/dist-packages/starlette/testclient.py:474: in request > return super().request( > /usr/lib/python3/dist-packages/requests/sessions.py:542: in request > resp = self.send(prep, **send_kwargs) > /usr/lib/python3/dist-packages/requests/sessions.py:655: in send > r = adapter.send(request, **kwargs) > /usr/lib/python3/dist-packages/starlette/testclient.py:268: in send > raise exc > /usr/lib/python3/dist-packages/starlette/testclient.py:265: in send > portal.call(self.app, scope, receive, send) > /usr/lib/python3/dist-packages/anyio/from_thread.py:240: in call > return cast(T_Retval, self.start_task_soon(func, *args).result()) > /usr/lib/python3.9/concurrent/futures/_base.py:446: in result > return self.__get_result() > /usr/lib/python3.9/concurrent/futures/_base.py:391: in __get_result > raise self._exception > /usr/lib/python3/dist-packages/anyio/from_thread.py:187: in _call_func > retval = await retval > /usr/lib/python3/dist-packages/fastapi/applications.py:212: in __call__ > await super().__call__(scope, receive, send) > /usr/lib/python3/dist-packages/starlette/applications.py:119: in __call__ > await self.middleware_stack(scope, receive, send) > /usr/lib/python3/dist-packages/starlette/middleware/errors.py:181: in __call__ > raise exc > /usr/lib/python3/dist-packages/starlette/middleware/errors.py:159: in __call__ > await self.app(scope, receive, _send) > /usr/lib/python3/dist-packages/starlette/exceptions.py:87: in __call__ > raise exc > /usr/lib/python3/dist-packages/starlette/exceptions.py:76: in __call__ > await self.app(scope, receive, sender) > /usr/lib/python3/dist-packages/starlette/routing.py:659: in __call__ > await route.handle(scope, receive, send) > /usr/lib/python3/dist-packages/starlette/routing.py:259: in handle > await self.app(scope, receive, send) > /usr/lib/python3/dist-packages/starlette/routing.py:61: in app > response = await func(request) > /usr/lib/python3/dist-packages/fastapi/routing.py:216: in app > solved_result = await solve_dependencies( > /usr/lib/python3/dist-packages/fastapi/dependencies/utils.py:465: in > solve_dependencies > response = response or Response( > /usr/lib/python3/dist-packages/starlette/responses.py:50: in __init__ > self.init_headers(headers) > _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ > _ > > self = , headers = None > > def init_headers(self, headers: typing.Mapping[str, str] = None) -> None: > if headers is None: > raw_headers: typing.List[typing.Tuple[bytes, bytes]] = [] > populate_content_length = True > populate_content_type = True > else: > raw_headers = [ > (k.lower().encode("latin-1"), v.encode("latin-1")) > for k, v in headers.items() > ] > keys = [h[0] for h in raw_headers] > populate_content_length = b"content-length" not in keys > populate_content_type = b"content-type" not in keys > > body = getattr(self, "body", None) > if ( > body is not None > and populate_content_length > > and not (self.status_code < 200 or self.status_code in (204, 304)) > ): > E TypeError: '<' not supported between instances of 'NoneType' and 'int' > > /usr/lib/python3/dist-packages/starlette/responses.py:77: TypeError > === warnings summary >
Processed: Bug#1005547 marked as pending in fastapi
Processing control commands: > tag -1 pending Bug #1005547 [src:fastapi] fastapi: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13 Added tag(s) pending. -- 1005547: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005547 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Bug#1005635 marked as pending in fastapi
Processing control commands: > tag -1 pending Bug #1005635 [src:sqlmodel] sqlmodel: FTBFS: dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.10 3.9" returned exit code 13 Added tag(s) pending. -- 1005635: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005635 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1005635: marked as pending in fastapi
Control: tag -1 pending Hello, Bug #1005635 in fastapi reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/packages/fastapi/-/commit/11334d3cdba538fc980bcdd488ef49e67cfcbd6a support starlette 0.18.0; Closes: #1005547, #1005635 (this message was generated automatically) -- Greetings https://bugs.debian.org/1005635
Bug#1005547: marked as pending in fastapi
Control: tag -1 pending Hello, Bug #1005547 in fastapi reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/packages/fastapi/-/commit/11334d3cdba538fc980bcdd488ef49e67cfcbd6a support starlette 0.18.0; Closes: #1005547, #1005635 (this message was generated automatically) -- Greetings https://bugs.debian.org/1005547
Bug#1005393: marked as done (tvnamer: Fails with traceback)
Your message dated Sun, 27 Feb 2022 02:48:45 + with message-id and subject line Bug#1005393: fixed in tvdb-api 3.1-2 has caused the Debian Bug report #1005393, regarding tvnamer: Fails with traceback to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1005393: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005393 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: tvnamer Version: 3.0.4-1 Severity: grave Justification: renders package unusable X-Debbugs-Cc: mar...@mdosch.de Dear maintainer, every call of tvnamer leads to a traceback which makes it unusable. Even help can't be shown: tvnamer --help Traceback (most recent call last): File "/usr/bin/tvnamer", line 5, in import tvnamer.main File "/usr/share/tvnamer/main.py", line 18, in import tvdb_api File "/usr/lib/python3/dist-packages/tvdb_api.py", line 34, in from requests_cache.backends.base import _to_bytes, _DEFAULT_HEADERS ImportError: cannot import name '_to_bytes' from 'requests_cache.backends.base' (/usr/lib/python3/dist-packages/requests_cache/backends/base.py) -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (900, 'testing'), (600, 'unstable'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'experimental'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.16.0-1-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tvnamer depends on: ii python33.9.8-1 ii python3-pkg-resources 59.6.0-1.2 ii python3-tvdb-api 3.1-1 tvnamer recommends no packages. tvnamer suggests no packages. -- debconf-show failed --- End Message --- --- Begin Message --- Source: tvdb-api Source-Version: 3.1-2 Done: Sandro Tosi We believe that the bug you reported is fixed in the latest version of tvdb-api, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1005...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sandro Tosi (supplier of updated tvdb-api package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 26 Feb 2022 21:22:16 -0500 Source: tvdb-api Architecture: source Version: 3.1-2 Distribution: unstable Urgency: medium Maintainer: Sandro Tosi Changed-By: Sandro Tosi Closes: 1005393 Changes: tvdb-api (3.1-2) unstable; urgency=medium . * debian/patches/PR97.patch - fix working with newer requests-cache versions; Closes: #1005393 Checksums-Sha1: 9fd7524711cbbd40907be3f5db6d89a72bee45fe 1950 tvdb-api_3.1-2.dsc f8b056805bd6782a012ecac335bf549f7f659c22 3760 tvdb-api_3.1-2.debian.tar.xz e74c8c7adae08d2767babb4dadb77dfc32850ef4 6504 tvdb-api_3.1-2_source.buildinfo Checksums-Sha256: 6c06981b5c0d80d2db23b20b5beff2c122b55561b29893669843bba8f1e42131 1950 tvdb-api_3.1-2.dsc 00d7f3f926e9c987c271772940dd042324bd4c256ab6965766efd97f089132b4 3760 tvdb-api_3.1-2.debian.tar.xz 7fe08d7298a434ac311b0f3dc2e6499dcad42ab9d404bf7f2ffb09d4ea7ad935 6504 tvdb-api_3.1-2_source.buildinfo Files: 7a1b825616e3ab6052e23d1280e18932 1950 python optional tvdb-api_3.1-2.dsc f7ac8fea74a7aebb4205c3a64a127b77 3760 python optional tvdb-api_3.1-2.debian.tar.xz 10c85137c6cbeeb95707024ba6388c2d 6504 python optional tvdb-api_3.1-2_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEufrTGSrz5KUwnZ05h588mTgBqU8FAmIa4GoACgkQh588mTgB qU8dSQ//TheBM9Vv942v6ImVUW1PHuuORoBlSsNCLudHGcNQSRZjDwolf1DW0MST LVkRvNYRRa7Qg8V4he8jGbiogNFDreCCZwXk0TWjt5DBiS1fKwFHBG1dyZnmBaoi e595RN3cGs2tPLA0MXyxcVdH1jtHarR5TDBkaGd1Vj6oU4NEzz5bhYwQUgT4lyUf XFWVPnxLxd/3oZVZNvngEeNQg7KSSrk8WvT2m21cYqf5xZ/OdNoWtB27HRe2QaGE C3NPsX//si3k8jPCdojKFBiQBYZiH5NJLDib+FrzLExJ7tsQYsCKWW4DTzJaYVN3 QJc30pBCZ3Eu4yT94kLKaRtc8w2AU9wOKAI4aUIW6df5tbWYRlptUzXm+9jyCvC5 vyMnrruJ97aH6mFJ0yY/mf+4pENa06uV5zMnyWjufAsDBfwS99hVuR4LddnGnvqI PhCGaMF/5FdlWTgTGFQGDWFhnzZFW2eVSxRK14bifFFcuwZaQvtL+GF3YyYchsI3 S9vziYkOXRkSBiFVsIuKPAsZiMhPSoYKUmlLr1QLEubXxFHTCz71jG8+
Bug#1006534: pagekite: Fails to accept client connections
Package: pagekite Version: 1.5.2.200603-2 Severity: grave Tags: patch Justification: renders package unusable As described in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004295, incoming pagekite connections don't work on Debian 11. If you run your own frontend on that version of Debian (or on Ubuntu focal for that matter), nothing works. I've attached the reverse of the patch from that bug which is all that's needed to fix pagekite in unstable. Francois -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.16.0-2-amd64 (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CA.utf8, LC_CTYPE=fr_CA.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages pagekite depends on: ii ca-certificates20211016 ii daemon 0.8-1 ii init-system-helpers1.62 ii python33.9.8-1 ii python3-openssl21.0.0-1 ii python3-six1.16.0-3 ii python3-socksipychain 2.1.2-1 pagekite recommends no packages. pagekite suggests no packages. -- Configuration Files: /etc/pagekite.d/10_account.rc [Errno 13] Permission non accordée: '/etc/pagekite.d/10_account.rc' /etc/pagekite.d/90_debian_certs.rc [Errno 13] Permission non accordée: '/etc/pagekite.d/90_debian_certs.rc' -- no debconf information commit 695ae5c46610393b8b4e950466c643d9c58cbce1 Author: Francois Marier Date: Sat Feb 26 18:41:37 2022 -0800 Fix incoming connections (patch from #1004295). diff --git a/debian/changelog b/debian/changelog index e8f50ba..4cef3ef 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,7 @@ pagekite (1.5.2.200603-2.1) unstable; urgency=medium * Non-maintainer upload. * Log messages in /var/log/pagekite/pagekite.log (closes: #910028). + * Fix incoming connections (patch from #1004295). -- Francois Marier Sat, 26 Feb 2022 18:38:24 -0800 diff --git a/pagekite/proto/conns.py b/pagekite/proto/conns.py index 3da9272..2c9fc04 100755 --- a/pagekite/proto/conns.py +++ b/pagekite/proto/conns.py @@ -1975,8 +1975,8 @@ class FastPingHelper(threading.Thread): data = None try: if data: - if '\nHost: ping.pagekite' in data: -client.send(self.rejection) + if b'\nHost: ping.pagekite' in data: +client.send(self.rejection.encode("utf-8")) client.close() self.fast_pinged.append(obfuIp(addr[0])) else: diff --git a/pagekite/proto/selectables.py b/pagekite/proto/selectables.py index 56705f5..ed1967c 100755 --- a/pagekite/proto/selectables.py +++ b/pagekite/proto/selectables.py @@ -344,7 +344,7 @@ class Selectable(object): def EatPeeked(self, eat_bytes=None, keep_peeking=False): if not self.peeking: return if eat_bytes is None: eat_bytes = self.peeked -discard = '' +discard = b'' while len(discard) < eat_bytes: try: bytecount = eat_bytes - len(discard)
Bug#1005393: marked as pending in tvdb-api
Control: tag -1 pending Hello, Bug #1005393 in tvdb-api reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/python-team/packages/tvdb-api/-/commit/341832bd65dedfd405aea6cd41fe1de0a9ff226a fix working with newer requests-cache versions; Closes: #1005393 (this message was generated automatically) -- Greetings https://bugs.debian.org/1005393
Processed: Bug#1005393 marked as pending in tvdb-api
Processing control commands: > tag -1 pending Bug #1005393 [tvdb-api] tvnamer: Fails with traceback Added tag(s) pending. -- 1005393: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005393 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#1005858: gh,gitsome: File conflict, both ship /usr/bin/gh
Processing control commands: > forwarded -1 https://github.com/donnemartin/gitsome/issues/177 Bug #1005858 [gh,gitsome] gh,gitsome: File conflict, both ship /usr/bin/gh Ignoring request to change the forwarded-to-address of bug#1005858 to the same value -- 1005858: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005858 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1005858: gh,gitsome: File conflict, both ship /usr/bin/gh
Control: forwarded -1 https://github.com/donnemartin/gitsome/issues/177 On Sat, 26 Feb 2022 23:43:14 +0800 SZ Lin (林上智) wrote: > The "gitsome" has used "gh" since 2017, and thus would you mind renaming > the "gh" in your package to avoid the conflict issue? Since gh is the official GitHub client, probably it should retain "gh" and gitsome should move to "git some" or similar, as I have suggested in the above upstream issue. The only commentor there agreed with me. -- bye, pabs https://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Bug#1005393: tvnamer: Fails with traceback
control: reassign -1 tvdb-api > File "/usr/share/tvnamer/main.py", line 18, in > import tvdb_api > File "/usr/lib/python3/dist-packages/tvdb_api.py", line 34, in > from requests_cache.backends.base import _to_bytes, _DEFAULT_HEADERS > ImportError: cannot import name '_to_bytes' from > 'requests_cache.backends.base' > (/usr/lib/python3/dist-packages/requests_cache/backends/base.py) the traceback originates in tvdb-api, reassinging -- Sandro "morph" Tosi My website: http://sandrotosi.me/ Me at Debian: http://wiki.debian.org/SandroTosi Twitter: https://twitter.com/sandrotosi
Processed: Re: Bug#1005393: tvnamer: Fails with traceback
Processing control commands: > reassign -1 tvdb-api Bug #1005393 [tvnamer] tvnamer: Fails with traceback Bug reassigned from package 'tvnamer' to 'tvdb-api'. No longer marked as found in versions tvnamer/3.0.4-1. Ignoring request to alter fixed versions of bug #1005393 to the same values previously set -- 1005393: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005393 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: bug 1005858 is forwarded to https://github.com/donnemartin/gitsome/issues/177
Processing commands for cont...@bugs.debian.org: > forwarded 1005858 https://github.com/donnemartin/gitsome/issues/177 Bug #1005858 [gh,gitsome] gh,gitsome: File conflict, both ship /usr/bin/gh Set Bug forwarded-to-address to 'https://github.com/donnemartin/gitsome/issues/177'. > thanks Stopping processing here. Please contact me if you need assistance. -- 1005858: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005858 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1002872: Reply to: libgl1-mesa-dri: crashes on pre-SSE2 CPUs due to movsd
Hi, I've been prepared an NMU and will be having it uploaded to DELAYED/4. Patch below. Alyssa --- diff -u mesa-21.3.5/debian/changelog mesa-21.3.5/debian/changelog --- mesa-21.3.5/debian/changelog +++ mesa-21.3.5/debian/changelog @@ -1,3 +1,12 @@ +mesa (21.3.5-1.1) unstable; urgency=medium + + * Non-maintainer upload. + + [ Timo Aaltonen ] + * rules: Disable sse2 on i386. (Closes: #1002872) + + -- Alyssa Rosenzweig Sat, 26 Feb 2022 17:15:46 -0500 + mesa (21.3.5-1) unstable; urgency=medium * New upstream release. diff -u mesa-21.3.5/debian/rules mesa-21.3.5/debian/rules --- mesa-21.3.5/debian/rules +++ mesa-21.3.5/debian/rules @@ -43,6 +43,7 @@ confflags_DRI3 = -Ddri3=disabled confflags_OSMESA = -Dosmesa=true +confflags_SSE2 = -Dsse2=true # hurd doesn't do direct rendering ifeq ($(DEB_HOST_ARCH_OS), hurd) @@ -135,6 +136,9 @@ endif endif +ifeq ($(DEB_HOST_ARCH), i386) + confflags_SSE2 = -Dsse2=false +endif empty:= space := $(empty) $(empty) @@ -168,6 +172,7 @@ $(confflags_GALLIUM) \ $(confflags_GLES) \ $(confflags_OSMESA) \ + $(confflags_SSE2) \ $(confflags_VALGRIND) \ $(confflags_VULKAN)
Bug#995580: marked as done (wine build-depends on unicode-data (< 14) but testing/unstable has 14.0.0-1)
Your message dated Sat, 26 Feb 2022 22:59:37 + with message-id and subject line Bug#995580: fixed in wine 6.0.2~repack-1 has caused the Debian Bug report #995580, regarding wine build-depends on unicode-data (< 14) but testing/unstable has 14.0.0-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 995580: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995580 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: wine Version: 5.0.3-3 Severity: serious Justification: rc policy - "packages must be buildable within the same release" Tags: bookworm, sid wine build-depends on unicode-data (< 14) but testing/unstable has 14.0.0-1, therefore your packages build-dependencies are unsatisfiable in testing and unstable. --- End Message --- --- Begin Message --- Source: wine Source-Version: 6.0.2~repack-1 Done: Michael Gilbert We believe that the bug you reported is fixed in the latest version of wine, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 995...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Gilbert (supplier of updated wine package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 26 Feb 2022 18:43:01 + Source: wine Architecture: source Version: 6.0.2~repack-1 Distribution: unstable Urgency: medium Maintainer: Debian Wine Party Changed-By: Michael Gilbert Closes: 984402 991822 995305 995580 1006016 Changes: wine (6.0.2~repack-1) unstable; urgency=medium . * New upstream release 6.0.2, released Oct 26, 2021 (closes: #995305). - Compilation fixes: freetype, gcc 11 (closes: #984402). - Various bug fixes. * Support building with openldap 2.5 (closes: #1006016). * Support building with unicode-data 14 (closes: #995580). * Avoid deleting files outside of package source directory (closes: #991822). Checksums-Sha1: 45fe03ddbb24d3ffe839acbc8a687413255c5899 4521 wine_6.0.2~repack-1.dsc 5918ef2ee6ce8962847acfb7b5240a468c541941 21375404 wine_6.0.2~repack.orig.tar.xz b2f3be6908f926de53ac07bbf4717dff4bd44229 5717056 wine_6.0.2~repack-1.debian.tar.xz 192ba782a5d0bfde6872b73a25a4d2587db09c0f 19021 wine_6.0.2~repack-1_source.buildinfo Checksums-Sha256: 2146bb9fff1b8a1c3c7845de46ba3b2467b16a0df0a20599abb1fb101c29adcc 4521 wine_6.0.2~repack-1.dsc 82096c2337b20915350c3007c449ee5f3ff6042b34a1fc7e3a9f652334e94323 21375404 wine_6.0.2~repack.orig.tar.xz 1cb483f2b0490bbd9590cb21d037294d5c0c2cdf6ee282028188a365b41faf1e 5717056 wine_6.0.2~repack-1.debian.tar.xz 59a73526c9d317ef42b97a290d866a5243239ffccac8b8407a2145c77a8fd705 19021 wine_6.0.2~repack-1_source.buildinfo Files: d2deff1e7c974e9c04a9d1879ddbae75 4521 otherosfs optional wine_6.0.2~repack-1.dsc 94d555b4fb303f7d1f1b65423b4a7845 21375404 otherosfs optional wine_6.0.2~repack.orig.tar.xz 0f60c94eae025500d0c309ab5ac1f2e6 5717056 otherosfs optional wine_6.0.2~repack-1.debian.tar.xz e6a483e27a5dabed39336fa0de1d7b5f 19021 otherosfs optional wine_6.0.2~repack-1_source.buildinfo -BEGIN PGP SIGNATURE- iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAmIapZ4ACgkQmD40ZYkU ayjvTx//WcVi5abWsW9mmS+S0MagVY7wT3ArWf9aQyNIBDFZx7ugw6aEIgy7edxR J+dZS5iZFn9tV3u7SZvfJvp3StJ+W0PftD3y2Mh9DGB5zz4/p9CAn77SUXAfZbNo dGUSmmNADBpXtoSczPD8ioJ8JFeTZzOUSuGP8TK68ZkqqoVvJFKA3hOOIeOlM6dw skFr6NAPW9R5vMSpgI/k8lA2fNGNCr866WuZQp8wyMlPFg9SwI15BWZAl2vdmLlz +2Ca0UfQPtj9pHeX1qgJShX7QrZ5+jCXrcD0bzIgmNFisJazZeaONo+y4FUx2r0D APAA1RBfKk8EgbWWybFz2uMNTsJzIOf1HvxMHsKflG+onygrftlx3yLepYwh/zvj G4af4ERJe+EO3Je0cINWCNJnEp7EbGhnZoHSHBmqbIQJpPazXbHNTHenaJkpZOIK ikju3zeKmwmqOM8TWdRA4exlWeROkPBVSMeqcj+05d+R991rCwYQmbzgb1XmOnZZ FM6vfQxlOpG252cyxN1E+7AEmkZ6dkf/vcntWUHMw12H1Vd+E1SkmZn7eAW5ecWa JS8ipr6in5BV97yfvqDF5fmbClxeje6K6oEEYzSGfWvcEGVxYqWFR47vfHnEa0RQ Hv8qoecs6O9dOPnvVw95bb9pFDaCpGOTkz+RIpt0rrkVO6PpOx5JPBnk6QRmYuI/ LFIaJLXjJFilP86Nq72gP4PXu7Nkb5z/DKQanDekDVP+mjbK39dl5fZPKEJkKNiM JAyU6FAn7FMMlcENQ7d8Si4TLHD4Z+MGd8Nvo+nAKvfrExxwet03n7oe7uiGQOsL 7tyUJnSwX3USAiXAOFN9KC3pOxMjCFkdSCACSEEtWH2v/97gogZBxMAwKz+NqW9i NitjOJi8xEjMiNW606M6pM4IWcuEFih5XuibJEkwyMLy4hzVOWAri8fO8rmIsggc 3hTlfVWYjDUjdMleBKGihZNbuqhywB8QD44xGUu5wEGeZLP1n9DSwPj7A/3V6lpM IYJG2B
Bug#991822: marked as done (src:wine: dh_auto_clean deletes unrelated files outside of package source)
Your message dated Sat, 26 Feb 2022 22:59:37 + with message-id and subject line Bug#991822: fixed in wine 6.0.2~repack-1 has caused the Debian Bug report #991822, regarding src:wine: dh_auto_clean deletes unrelated files outside of package source to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991822: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991822 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:wine Severity: critical Version: 5.0.3-3 Hi, The following snippet in debian/rules wiped out every package source next to wine and the wine source dir itself, too, because my $HOME is stored in git: ... override_dh_auto_clean: git clean -Xdf || true ... It is not safe to assume that the package source is always a git directory. Cheers, Balint --- End Message --- --- Begin Message --- Source: wine Source-Version: 6.0.2~repack-1 Done: Michael Gilbert We believe that the bug you reported is fixed in the latest version of wine, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 991...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Michael Gilbert (supplier of updated wine package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 26 Feb 2022 18:43:01 + Source: wine Architecture: source Version: 6.0.2~repack-1 Distribution: unstable Urgency: medium Maintainer: Debian Wine Party Changed-By: Michael Gilbert Closes: 984402 991822 995305 995580 1006016 Changes: wine (6.0.2~repack-1) unstable; urgency=medium . * New upstream release 6.0.2, released Oct 26, 2021 (closes: #995305). - Compilation fixes: freetype, gcc 11 (closes: #984402). - Various bug fixes. * Support building with openldap 2.5 (closes: #1006016). * Support building with unicode-data 14 (closes: #995580). * Avoid deleting files outside of package source directory (closes: #991822). Checksums-Sha1: 45fe03ddbb24d3ffe839acbc8a687413255c5899 4521 wine_6.0.2~repack-1.dsc 5918ef2ee6ce8962847acfb7b5240a468c541941 21375404 wine_6.0.2~repack.orig.tar.xz b2f3be6908f926de53ac07bbf4717dff4bd44229 5717056 wine_6.0.2~repack-1.debian.tar.xz 192ba782a5d0bfde6872b73a25a4d2587db09c0f 19021 wine_6.0.2~repack-1_source.buildinfo Checksums-Sha256: 2146bb9fff1b8a1c3c7845de46ba3b2467b16a0df0a20599abb1fb101c29adcc 4521 wine_6.0.2~repack-1.dsc 82096c2337b20915350c3007c449ee5f3ff6042b34a1fc7e3a9f652334e94323 21375404 wine_6.0.2~repack.orig.tar.xz 1cb483f2b0490bbd9590cb21d037294d5c0c2cdf6ee282028188a365b41faf1e 5717056 wine_6.0.2~repack-1.debian.tar.xz 59a73526c9d317ef42b97a290d866a5243239ffccac8b8407a2145c77a8fd705 19021 wine_6.0.2~repack-1_source.buildinfo Files: d2deff1e7c974e9c04a9d1879ddbae75 4521 otherosfs optional wine_6.0.2~repack-1.dsc 94d555b4fb303f7d1f1b65423b4a7845 21375404 otherosfs optional wine_6.0.2~repack.orig.tar.xz 0f60c94eae025500d0c309ab5ac1f2e6 5717056 otherosfs optional wine_6.0.2~repack-1.debian.tar.xz e6a483e27a5dabed39336fa0de1d7b5f 19021 otherosfs optional wine_6.0.2~repack-1_source.buildinfo -BEGIN PGP SIGNATURE- iQQzBAEBCgAdFiEEIwTlZiOEpzUxIyp4mD40ZYkUaygFAmIapZ4ACgkQmD40ZYkU ayjvTx//WcVi5abWsW9mmS+S0MagVY7wT3ArWf9aQyNIBDFZx7ugw6aEIgy7edxR J+dZS5iZFn9tV3u7SZvfJvp3StJ+W0PftD3y2Mh9DGB5zz4/p9CAn77SUXAfZbNo dGUSmmNADBpXtoSczPD8ioJ8JFeTZzOUSuGP8TK68ZkqqoVvJFKA3hOOIeOlM6dw skFr6NAPW9R5vMSpgI/k8lA2fNGNCr866WuZQp8wyMlPFg9SwI15BWZAl2vdmLlz +2Ca0UfQPtj9pHeX1qgJShX7QrZ5+jCXrcD0bzIgmNFisJazZeaONo+y4FUx2r0D APAA1RBfKk8EgbWWybFz2uMNTsJzIOf1HvxMHsKflG+onygrftlx3yLepYwh/zvj G4af4ERJe+EO3Je0cINWCNJnEp7EbGhnZoHSHBmqbIQJpPazXbHNTHenaJkpZOIK ikju3zeKmwmqOM8TWdRA4exlWeROkPBVSMeqcj+05d+R991rCwYQmbzgb1XmOnZZ FM6vfQxlOpG252cyxN1E+7AEmkZ6dkf/vcntWUHMw12H1Vd+E1SkmZn7eAW5ecWa JS8ipr6in5BV97yfvqDF5fmbClxeje6K6oEEYzSGfWvcEGVxYqWFR47vfHnEa0RQ Hv8qoecs6O9dOPnvVw95bb9pFDaCpGOTkz+RIpt0rrkVO6PpOx5JPBnk6QRmYuI/ LFIaJLXjJFilP86Nq72gP4PXu7Nkb5z/DKQanDekDVP+mjbK39dl5fZPKEJkKNiM JAyU6FAn7FMMlcENQ7d8Si4TLHD4Z+MGd8Nvo+nAKvfrExxwet03n7oe7uiGQOsL 7tyUJnSwX3USAiXAOFN9KC3pOxMjCFkdSCACSEEtWH2v/97gogZBxMAwKz+NqW9i NitjOJi8xEjMiNW606M6pM4IWcuEFih5XuibJEkwyMLy4hzVOWAri8fO8rmIsggc 3hTlfVWYjDUjdMleB
Bug#984402: marked as done (wine: ftbfs with GCC-11)
Your message dated Sat, 26 Feb 2022 22:59:37 + with message-id and subject line Bug#984402: fixed in wine 6.0.2~repack-1 has caused the Debian Bug report #984402, regarding wine: ftbfs with GCC-11 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 984402: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984402 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:wine Version: 5.0.3-3 Severity: normal Tags: sid bookworm User: debian-...@lists.debian.org Usertags: ftbfs-gcc-11 [This bug is not targeted to the upcoming bullseye release] Please keep this issue open in the bug tracker for the package it was filed for. If a fix in another package is required, please file a bug for the other package (or clone), and add a block in this package. Please keep the issue open until the package can be built in a follow-up test rebuild. The package fails to build in a test rebuild on at least amd64 with gcc-11/g++-11, but succeeds to build with gcc-10/g++-10. The severity of this report will be raised before the bookworm release, so nothing has to be done for the bullseye release. The full build log can be found at: http://people.debian.org/~doko/logs/20210228/filtered/gcc11/wine_5.0.3-3_unstable_gcc11.log The last lines of the build log are at the end of this report. To build with GCC 11, either set CC=gcc-11 CXX=g++-11 explicitly, or install the gcc, g++, gfortran, ... packages from experimental. apt-get -t=experimental install g++ Common build failures are new warnings resulting in build failures with -Werror turned on, or new/dropped symbols in Debian symbols files. For other C/C++ related build failures see the porting guide at http://gcc.gnu.org/gcc-11/porting_to.html GCC 11 defaults to the GNU++17 standard. If your package installs header files in /usr/include, please don't work around C++17 issues by choosing a lower C++ standard for the package build, but fix these issues to build with the C++17 standard. [...] cc1: all warnings being treated as errors make[2]: *** [Makefile:233: shader.o] Error 1 make[2]: Leaving directory '/<>/dlls/d3dx9_26' make[1]: *** [Makefile:7861: dlls/d3dx9_26] Error 2 make[1]: *** Waiting for unfinished jobs gcc -m64 -c -o render.o ../d3dx9_36/render.c -I. -I../d3dx9_36 -I../../include -I../../include/msvcrt -D__WINESRC__ -DD3DX_SDK_VERSION=24 -D_REENTRANT -fPIC -fno-builtin -fshort-wchar -mabi=ms -Wall -pipe -fcf-protection=none -fno-stack-protector -fno-strict-aliasing -Wdeclaration-after-statement -Wempty-body -Wignored-qualifiers -Wno-packed-not-aligned -Wshift-overflow=2 -Wstrict-prototypes -Wtype-limits -Wunused-but-set-parameter -Wvla -Wwrite-strings -Wpointer-arith -Wlogical-op -gdwarf-2 -gstrict-dwarf -Werror -Wdate-time -g -O2 -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -fcommon -Wno-shift-overflow -Wno-unused-function -Wno-deprecated-declarations In function ‘unit_vec2’, inlined from ‘attempt_line_merge’ at ../d3dx9_36/mesh.c:5545:5: ../d3dx9_36/mesh.c:5514:12: error: ‘lastdir’ may be used uninitialized [-Werror=maybe-uninitialized] 5514 | return D3DXVec2Normalize(D3DXVec2Subtract(dir, pt2, pt1), dir); |^~~ In file included from ../../include/d3dx9.h:31, from ../d3dx9_36/d3dx9_private.h:31, from ../d3dx9_36/mesh.c:31: ../d3dx9_36/mesh.c: In function ‘attempt_line_merge’: ../../include/d3dx9math.h:352:21: note: by argument 2 of type ‘const D3DXVECTOR2 *’ to ‘D3DXVec2Normalize’ declared here 352 | D3DXVECTOR2* WINAPI D3DXVec2Normalize(D3DXVECTOR2 *pout, const D3DXVECTOR2 *pv); | ^ ../d3dx9_36/mesh.c:5530:25: note: ‘lastdir’ declared here 5530 | D3DXVECTOR2 curdir, lastdir; | ^~~ gcc -m64 -c -o shader.o ../d3dx9_36/shader.c -I. -I../d3dx9_36 -I../../include -I../../include/msvcrt -D__WINESRC__ -DD3DX_SDK_VERSION=24 -D_REENTRANT -fPIC -fno-builtin -fshort-wchar -mabi=ms -Wall -pipe -fcf-protection=none -fno-stack-protector -fno-strict-aliasing -Wdeclaration-after-statement -Wempty-body -Wignored-qualifiers -Wno-packed-not-aligned -Wshift-overflow=2 -Wstrict-prototypes -Wtype-limits -Wunused-but-set-parameter -Wvla -Wwrite-strings -Wpointer-arith -Wlogical-op -gdwarf-2 -gstrict-dwarf -Werror -Wdate-time -g -O2 -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -fcommon -Wno-shift-overflow -Wno-unused-function -Wno-deprecated-declarations In function
Bug#1005463: marked as done (python3-rdflib: incompatible with pyparser v3)
Your message dated Sat, 26 Feb 2022 21:31:43 + with message-id and subject line Bug#1005463: fixed in rdflib 6.1.1-1 has caused the Debian Bug report #1005463, regarding python3-rdflib: incompatible with pyparser v3 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1005463: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005463 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: ontospy Version: 1.9.9.4~dfsg-1 Severity: serious Justification: FTBFS Tags: bookworm sid ftbfs User: lu...@debian.org Usertags: ftbfs-20220212 ftbfs-bookworm Hi, During a rebuild of all packages in sid, your package failed to build on amd64. Relevant part (hopefully): > make[1]: Entering directory '/<>' > python3 -m ontospy.tests.test_load_local > --- > Ontospy v1.9.9.4 > --- > > = > > > TEST 1: Loading all ontologies in => /<>/ontospy/tests/rdf/ > > For each model detailed entities descriptions are printed out. > > > = > > * > Test: loading file... > pizza.ttl > * > Reading: >/ontospy/tests/rdf/pizza.ttl> > .. trying rdf serialization: > . success! > -- > Loaded 2332 triples. > -- > RDF sources loaded successfully: 1 of 1. > . '/<>/ontospy/tests/rdf/pizza.ttl' > -- > Scanning entities... > -- > E > == > ERROR: test1_load_locally (__main__.TestLoadOntologies) > Check if the ontologies in /RDF folder load ok > -- > Traceback (most recent call last): > File "/<>/ontospy/tests/test_load_local.py", line 47, in > test1_load_locally > o = Ontospy(TEST_RDF_FOLDER + f, verbose=True) > File "/<>/ontospy/core/ontospy.py", line 133, in __init__ > self.build_all( > File "/<>/ontospy/core/ontospy.py", line 226, in build_all > self.build_ontologies() > File "/<>/ontospy/core/ontospy.py", line 278, in > build_ontologies > qres = self.sparqlHelper.getOntology() > File "/<>/ontospy/core/sparql_helper.py", line 50, in > getOntology > qres = self.rdflib_graph.query("""SELECT DISTINCT ?x > File "/usr/lib/python3/dist-packages/rdflib/graph.py", line 1127, in query > result = plugin.get(result, query.Result) > File "/usr/lib/python3/dist-packages/rdflib/plugin.py", line 107, in get > return p.getClass() > File "/usr/lib/python3/dist-packages/rdflib/plugin.py", line 69, in getClass > module = __import__(self.module_path, globals(), locals(), [""]) > File "/usr/lib/python3/dist-packages/rdflib/plugins/sparql/__init__.py", > line 33, in > from . import parser > File "/usr/lib/python3/dist-packages/rdflib/plugins/sparql/parser.py", line > 184, in > Param('prefix', PN_PREFIX)) + Suppress(':').leaveWhitespace() > File "/usr/lib/python3/dist-packages/rdflib/plugins/sparql/parserutils.py", > line 114, in __init__ > self.name = name > AttributeError: can't set attribute > > -- > Ran 1 test in 3.198s > > FAILED (errors=1) > make[1]: *** [debian/rules:16: override_dh_auto_test] Error 1 The full build log is available from: http://qa-logs.debian.net/2022/02/12/ontospy_1.9.9.4~dfsg-1_unstable.log A list of current common problems and possible solutions is available at http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute! If you reassign this bug to another package, please marking it as 'affects'-ing this package. See https://www.debian.org/Bugs/server-control#affects If you fail to reproduce this, please provide a build log and diff it with mine so that we can identify if something relevant changed in the meantime. --- End Message --- --- Begin Message --- Source: rdflib Source-Version: 6.1.1-1 Done: Andreas Tille We believe that the bug you reported is fixed in the latest version of rdflib, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1005...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Tille (supplier of updated rdflib package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by
Bug#1005840: claws-mail-themes: includes non-free content (CC-by-nc-sa-v3.0)
On Tue, 15 Feb 2022 22:12:54 +0100 "Francesco Poli (wintermute)" wrote: > Package: claws-mail-themes > Version: 20140629+dfsg2-1 > Severity: serious > Justification: Policy 2.2.1 > > Hello and thanks for maintaining claws-mail. > > I noticed that one of the themes shipped in package 'claws-mail-themes' > is non-free and should not be included in a package in Debian main: > > Files: UltimateClawsMail0.5.1/* > Copyright: >Daniel LaGesse > License: CC-BY-NC-SA-3.0 > Comment: >http://creativecommons.org/licenses/by-nc-sa/3.0/ > > This is non-free, since it's non-commercial. > Please persuade its upstream copyright holder to re-license it > under DFSG-free terms (such as the GNU GPL) or drop the theme > from the package. Curiously enough, upstream site¹ says it's licensed under GPL: > The author of the Ultimate Gnome theme has graciously allowed me to > publish Ultimate Claws Mail under the GPL rather than Creative Commons. > UCM is now licensed under the GPL v3. But the themeinfo metadata included in the tarball still says CC... not sure if the above is enough to update the license on Debian's copyright and themeinfo or not though. What do you think? regards, ¹ https://code.google.com/archive/p/ultimate-claws-mail/ -- Ricardo Mones http://people.debian.org/~mones «This fortune intentionally says nothing.» pgpbb2e2sL33g.pgp Description: Firma digital OpenPGP
Bug#1005696: marked as done (cgal: -latomic not added on mipsel)
Your message dated Sat, 26 Feb 2022 19:50:26 + with message-id and subject line Bug#1005696: fixed in cgal 5.4-2 has caused the Debian Bug report #1005696, regarding cgal: -latomic not added on mipsel to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1005696: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005696 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: cgal Version: 5.4-1 Severity: serious Tags: ftbfs upstream Justification: makes the package in question unusable or mostly so Control: affects -1 src:sfcgal Dear Maintainer, sfcgal (1.4.1-2) FTBFS on mipsel due to an issue in cgal (5.4-1): /usr/include/CGAL/Lazy_exact_nt.h:602: undefined reference to `__atomic_load_8' /usr/bin/ld: CMakeFiles/unit-test-SFCGAL.dir/SFCGAL/algorithm/DifferenceTest.cpp.o:/usr/include/c++/11/atomic:285: more undefined references to `__atomic_load_8' follow https://buildd.debian.org/status/fetch.php?pkg=sfcgal&arch=mipsel&ver=1.4.1-2&stamp=1644759463&raw=0 -latomic should be added to the CGAL CMake configuration resolve this. Kind Regards, Bas --- End Message --- --- Begin Message --- Source: cgal Source-Version: 5.4-2 Done: Joachim Reichel We believe that the bug you reported is fixed in the latest version of cgal, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1005...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Joachim Reichel (supplier of updated cgal package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 03 Feb 2022 08:45:19 +0100 Source: cgal Architecture: source Version: 5.4-2 Distribution: unstable Urgency: medium Maintainer: Joachim Reichel Changed-By: Joachim Reichel Closes: 1005696 Changes: cgal (5.4-2) unstable; urgency=medium . * Add patch fix-build-on-mipsel (Closes: #1005696). * debian/tests/control: Remove flaky restriction. * debian/test/run.sh: Avoid test failures due to compiler warnings. Checksums-Sha1: 9840534413bdf93e7a760f542f0e24462790d0c2 2331 cgal_5.4-2.dsc b4d7ee0e91a6e6b36d1c3773493a2460b1b17de6 18636 cgal_5.4-2.debian.tar.xz 2e53add66c354924a0fd69b5667450440b5ed07c 13569 cgal_5.4-2_amd64.buildinfo Checksums-Sha256: 2fe9564c52e945af81745176df182e18a1dacc95f37a5e0e16f82971acbc2ca5 2331 cgal_5.4-2.dsc 16076ec0454373dcc3e54112bed6b90830c3e9b3563f3649137fdbb1595fb745 18636 cgal_5.4-2.debian.tar.xz 5a94c7ee5171055b5efdb81aeefac8015b62cdfab626d6e7982bab8618c20c2c 13569 cgal_5.4-2_amd64.buildinfo Files: 8db4f1031f80608f6620cdbc588ef406 2331 libs optional cgal_5.4-2.dsc f212d9363729888e18df9591c646010b 18636 libs optional cgal_5.4-2.debian.tar.xz 87f95636aedd21f8120d6f9b1be6203a 13569 libs optional cgal_5.4-2_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEErX6NzLwwsr4xjsEVuPr/HEOIZ3EFAmIagRoACgkQuPr/HEOI Z3FkPRAAoaTG+oXZ8hCnD7yK0O63u2ob/Jr4qOyCbp2IX8h3qjfR+WBL+vmYZ15J 8OK9iQ2rqh4lxrMrEbtk7LcyJdzY5qtpne5OZnuTczoT4cvIJyY3mBx28sL3YpZ+ WxLodHLQkla3R8DKfdK2WDB2cobMW62qB+e5v3zLwkhWKmpEdQjt4YBekcMOpRgf OIm67LVxgsYxym1g2jPkEt4/4Tvpo9aAgmm/w6x3/K8FtCGjrjTk47taNthRORZy iTtef/t/hhXK8WOfQ03fhrv4BJwUS64ZVG66JGXNN9Nq5kUznL260m8SeK+T3qKa JZ/tNhaAlYxmP7TKuU6keUMOuJ+vGSJLYn515mvJrKdDIOMwWcY222c/ZLUM89Ue u111v9LPgwJhewqP6nsrb4xBR28ueUltyC36PfusTRcOJmW57oBGorOYE/6VNVm1 VvDu/TFCfnjr2WP54IbHd3k445mu5geFo4EFBA7btRUREMA+unYlYUaCY/si5XCn yfx8NIAa7+TlVpCZJ95cK9Lv9rwxUy5j3yji99jd3hRPivkdxsNiq50mGOlp1gJB +JYT15JEF6+C9ljPuL3pb660PvTHwlRxdsCfQe2Ct03OPdA9+JXlH43eSm4j+KHC q+Nx00VvGfMtGcqXoRCK9dug+3lsrunOY6QDaK4yW4wf9mDmAuM= =ZdTL -END PGP SIGNATURE End Message ---
Bug#1005895: marked as done (expat: CVE-2022-25236)
Your message dated Sat, 26 Feb 2022 19:47:34 + with message-id and subject line Bug#1005895: fixed in expat 2.2.6-2+deb10u3 has caused the Debian Bug report #1005895, regarding expat: CVE-2022-25236 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1005895: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005895 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: expat Version: 2.4.4-1 Severity: important Tags: security upstream Forwarded: https://github.com/libexpat/libexpat/pull/561 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for expat. CVE-2022-25236[0]: | xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to | insert namespace-separator characters into namespace URIs. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-25236 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236 [1] https://github.com/libexpat/libexpat/pull/561 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: expat Source-Version: 2.2.6-2+deb10u3 Done: Salvatore Bonaccorso We believe that the bug you reported is fixed in the latest version of expat, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1005...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated expat package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 20 Feb 2022 17:19:40 +0100 Source: expat Architecture: source Version: 2.2.6-2+deb10u3 Distribution: buster-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Salvatore Bonaccorso Closes: 1005894 1005895 Changes: expat (2.2.6-2+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent stack exhaustion in build_model (CVE-2022-25313) * Prevent integer overflow in storeRawNames (CVE-2022-25315) * Prevent integer overflow in copyString (CVE-2022-25314) * lib: Fix (harmless) use of uninitialized memory * lib: Protect against malicious namespace declarations (CVE-2022-25236) (Closes: #1005895) * tests: Cover CVE-2022-25236 * lib: Drop unused macro UTF8_GET_NAMING * lib: Add missing validation of encoding (CVE-2022-25235) (Closes: #1005894) * tests: Cover missing validation of encoding (CVE-2022-25235) * Fix build_model regression. * tests: Protect against nested element declaration model regressions Package-Type: udeb Checksums-Sha1: 2d2f037225288140c25fadf648ee5c029279e072 2136 expat_2.2.6-2+deb10u3.dsc 3f2ca2ee5db7b68a647122320424edb7278dc087 25028 expat_2.2.6-2+deb10u3.debian.tar.xz Checksums-Sha256: 2b58ea166b515d88311e65047aaa81b701a3a4581fbb56e5dd76933a86883a93 2136 expat_2.2.6-2+deb10u3.dsc 99ccca69578e5bfff55b0fd5d21bf24ca2eda1a9e2f5a10610bc27409ca3f1b0 25028 expat_2.2.6-2+deb10u3.debian.tar.xz Files: 4f5240df4513afd5a160db2289a2e932 2136 text optional expat_2.2.6-2+deb10u3.dsc 9880ac9da76b4cf265135e1d5d24853a 25028 text optional expat_2.2.6-2+deb10u3.debian.tar.xz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmISaoxfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EqTsP/1UfvYc3yblKf43pzqesYtq+R6Ut33CH dxzJVLZhmkhMdnXnzNPMk3llEzKcNkINS+wT7C7qzIeLuz9HvIESSosJiC9E1MJQ PAmydb5TJgH2T/Eai+dSYtUxcrfWJFAVrC0R5WB4jBX8KocbwQbCyWm3olehdDp2 9ae2nsTj2Q6Bo8b0QQk4w9I3GlAwgTTqYYvfEEs3158Kip2x243TR108+gJkVHTD 7FPFXfy/BWJQe6Lb4XytBUNwByzsTMIXJZzFHJbgqCQ4NktgvwGZ8NPMdtbXm9AL M2Qh30TL8mRpRP7iXMvMa+UoPusMJnzmdOSJQ3TSCfSKBacZPQPHztILB5fzAVQO kDsz1r54t7+e9zCZ1CO4+BL/LJ5YhTJ5qQdWomKq4YVeYMi8++EqZRM7m3YlWdKq R42Kun1xGuyixppY7SMr77U4JUk+l1PCdPxSDd8YDQDFTQOnqOi82mY/hX613WpV pR7fKUiv5PSGBzpjJZ6IzOVXUhF57ZwSGeDE4SzVVANZ9a9MfRQN1SMepMfiEqjj OctMHUfrC1o1nwk9uBPA4YNspi4rB7mDt9BHaJnSs1HNLnJ8
Bug#1005894: marked as done (expat: CVE-2022-25235)
Your message dated Sat, 26 Feb 2022 19:47:34 + with message-id and subject line Bug#1005894: fixed in expat 2.2.6-2+deb10u3 has caused the Debian Bug report #1005894, regarding expat: CVE-2022-25235 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1005894: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005894 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: expat Version: 2.4.4-1 Severity: important Tags: security upstream Forwarded: https://github.com/libexpat/libexpat/pull/562 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for expat. CVE-2022-25235[0]: | xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain | validation of encoding, such as checks for whether a UTF-8 character | is valid in a certain context. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-25235 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235 [1] https://github.com/libexpat/libexpat/pull/562 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: expat Source-Version: 2.2.6-2+deb10u3 Done: Salvatore Bonaccorso We believe that the bug you reported is fixed in the latest version of expat, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1005...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated expat package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 20 Feb 2022 17:19:40 +0100 Source: expat Architecture: source Version: 2.2.6-2+deb10u3 Distribution: buster-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Salvatore Bonaccorso Closes: 1005894 1005895 Changes: expat (2.2.6-2+deb10u3) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent stack exhaustion in build_model (CVE-2022-25313) * Prevent integer overflow in storeRawNames (CVE-2022-25315) * Prevent integer overflow in copyString (CVE-2022-25314) * lib: Fix (harmless) use of uninitialized memory * lib: Protect against malicious namespace declarations (CVE-2022-25236) (Closes: #1005895) * tests: Cover CVE-2022-25236 * lib: Drop unused macro UTF8_GET_NAMING * lib: Add missing validation of encoding (CVE-2022-25235) (Closes: #1005894) * tests: Cover missing validation of encoding (CVE-2022-25235) * Fix build_model regression. * tests: Protect against nested element declaration model regressions Package-Type: udeb Checksums-Sha1: 2d2f037225288140c25fadf648ee5c029279e072 2136 expat_2.2.6-2+deb10u3.dsc 3f2ca2ee5db7b68a647122320424edb7278dc087 25028 expat_2.2.6-2+deb10u3.debian.tar.xz Checksums-Sha256: 2b58ea166b515d88311e65047aaa81b701a3a4581fbb56e5dd76933a86883a93 2136 expat_2.2.6-2+deb10u3.dsc 99ccca69578e5bfff55b0fd5d21bf24ca2eda1a9e2f5a10610bc27409ca3f1b0 25028 expat_2.2.6-2+deb10u3.debian.tar.xz Files: 4f5240df4513afd5a160db2289a2e932 2136 text optional expat_2.2.6-2+deb10u3.dsc 9880ac9da76b4cf265135e1d5d24853a 25028 text optional expat_2.2.6-2+deb10u3.debian.tar.xz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmISaoxfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EqTsP/1UfvYc3yblKf43pzqesYtq+R6Ut33CH dxzJVLZhmkhMdnXnzNPMk3llEzKcNkINS+wT7C7qzIeLuz9HvIESSosJiC9E1MJQ PAmydb5TJgH2T/Eai+dSYtUxcrfWJFAVrC0R5WB4jBX8KocbwQbCyWm3olehdDp2 9ae2nsTj2Q6Bo8b0QQk4w9I3GlAwgTTqYYvfEEs3158Kip2x243TR108+gJkVHTD 7FPFXfy/BWJQe6Lb4XytBUNwByzsTMIXJZzFHJbgqCQ4NktgvwGZ8NPMdtbXm9AL M2Qh30TL8mRpRP7iXMvMa+UoPusMJnzmdOSJQ3TSCfSKBacZPQPHztILB5fzAVQO kDsz1r54t7+e9zCZ1CO4+BL/LJ5YhTJ5qQdWomKq4YVeYMi8++EqZRM7m3YlWdKq R42Kun1xGuyixppY7SMr77U4JUk+l1PCdPxSDd8YDQDFTQOnqOi82mY/hX613WpV pR7fKUiv5PSGBzpjJZ6IzOVXUhF57ZwSGeDE4SzVVANZ9a9MfRQN1SMepMfiEqjj OctMHUfr
Bug#1006119: marked as done (uwsgi: FTBFS with ruby3.0 as default)
Your message dated Sat, 26 Feb 2022 19:04:55 + with message-id and subject line Bug#1006119: fixed in uwsgi 2.0.20-2.1 has caused the Debian Bug report #1006119, regarding uwsgi: FTBFS with ruby3.0 as default to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1006119: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006119 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: uwsgi Version: 2.0.20-2 Severity: serious Tags: ftbfs Justification: FTBFS Control: block -1 by 1004915 Dear maintainer, I tried to binNMU your package for the ongoing ruby3.0 as default ruby transition. It failed: https://buildd.debian.org/status/package.php?p=uwsgi Paul *** uWSGI building and linking plugin plugins/python *** x86_64-linux-gnu-gcc -pthread -fPIC -shared -o ./python39_plugin.so -I. -O2 -I. -Wall -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -g -O2 -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -DUWSGI_HAS_IFADDRS -DUWSGI_ZLIB -DUWSGI_LOCK_USE_MUTEX -DUWSGI_EVENT_USE_EPOLL -DUWSGI_EVENT_TIMER_USE_TIMERFD -DUWSGI_EVENT_FILEMONITOR_USE_INOTIFY -DUWSGI_PCRE -DUWSGI_ROUTING -DUWSGI_CAP -DUWSGI_UUID -DUWSGI_VERSION="\"2.0.20-debian\"" -DUWSGI_VERSION_BASE="2" -DUWSGI_VERSION_MAJOR="0" -DUWSGI_VERSION_MINOR="20" -DUWSGI_VERSION_REVISION="0" -DUWSGI_VERSION_CUSTOM="\"debian\"" -DUWSGI_YAML -DUWSGI_LIBYAML -I/usr/include/yajl -DUWSGI_JSON -DUWSGI_JSON_YAJL -DUWSGI_SSL -I/usr/include/libxml2 -DUWSGI_XML -DUWSGI_XML_LIBXML2 -DUWSGI_PLUGIN_DIR="\".\"" -I/usr/include/python3.9 -I/usr/include/python3.9 -Dpython_plugin=python39_plugin plugins/python/python_plugin.c plugins/python/pyutils.c plugins/python/pyloader.c plugins/python/wsgi_handlers.c plugins/python/wsgi_headers.c plugins/python/wsgi_subhandler.c plugins/python/web3_subhandler.c plugins/python/pump_subhandler.c plugins/python/gil.c plugins/python/uwsgi_pymodule.c plugins/python/profiler.c plugins/python/symimporter.c plugins/python/tracebacker.c plugins/python/raw.c -Wl,-z,relro -L/usr/lib/x86_64-linux-gnu -lcrypt -lpthread -ldl -lutil -lm -lm -lpython3.9 build time: 7 seconds *** python39 plugin built and available in ./python39_plugin.so *** touch debian/stamp-uwsgi-plugin-python3 \ \ \ \ CFLAGS="-g -O2 -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security" CPPFLAGS="-Wdate-time -D_FORTIFY_SOURCE=2" LDFLAGS="-Wl,-z,relro" python3 uwsgiconfig.py -v --plugin plugins/rack_ruby27 debian/buildconf/uwsgi-plugin.ini rack_ruby27 using profile: debian/buildconf/uwsgi-plugin.ini detected include path: ['/usr/lib/gcc/x86_64-linux-gnu/11/include', '/usr/local/include', '/usr/include/x86_64-linux-gnu', '/usr/include'] *** uWSGI building and linking plugin plugins/rack_ruby27 *** Error: unable to find directory 'plugins/rack_ruby27' make: *** [debian/rules:425: debian/stamp-uwsgi-plugin-rack-ruby2.7] Error 1 --- End Message --- --- Begin Message --- Source: uwsgi Source-Version: 2.0.20-2.1 Done: Antonio Terceiro We believe that the bug you reported is fixed in the latest version of uwsgi, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1006...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Antonio Terceiro (supplier of updated uwsgi package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 26 Feb 2022 12:42:07 -0300 Source: uwsgi Binary: libapache2-mod-ruwsgi libapache2-mod-ruwsgi-dbg libapache2-mod-uwsgi libapache2-mod-uwsgi-dbg python3-uwsgidecorators uwsgi uwsgi-app-integration-plugins uwsgi-core uwsgi-dbg uwsgi-dev uwsgi-emperor uwsgi-extra uwsgi-infrastructure-plugins uwsgi-plugin-alarm-curl uwsgi-plugin-alarm-xmpp uwsgi-plugin-asyncio-python3 uwsgi-plugin-curl-cron uwsgi-plugin-emperor-pg uwsgi-plugin-fiber uwsgi-plugin-gccgo uwsgi-plugin-geoip uwsgi-plugin-gevent-python3 uwsgi-plugin-glusterfs uwsgi-plugin-graylog2 uwsgi-plugin-greenlet-python3 uwsgi-plugin-jvm-openjdk-11 uwsgi-plugin-jwsgi-openjdk-11 uwsgi-plugin-ldap uwsgi-plugin-lua5.1 uwsgi-plugin-lua5.2 uwsgi-plugin-mono uwsgi-plugin-psgi uw
Bug#1005895: marked as done (expat: CVE-2022-25236)
Your message dated Sat, 26 Feb 2022 18:47:18 + with message-id and subject line Bug#1005895: fixed in expat 2.2.10-2+deb11u2 has caused the Debian Bug report #1005895, regarding expat: CVE-2022-25236 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1005895: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005895 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: expat Version: 2.4.4-1 Severity: important Tags: security upstream Forwarded: https://github.com/libexpat/libexpat/pull/561 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for expat. CVE-2022-25236[0]: | xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to | insert namespace-separator characters into namespace URIs. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-25236 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236 [1] https://github.com/libexpat/libexpat/pull/561 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: expat Source-Version: 2.2.10-2+deb11u2 Done: Salvatore Bonaccorso We believe that the bug you reported is fixed in the latest version of expat, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1005...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated expat package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 20 Feb 2022 17:08:18 +0100 Source: expat Architecture: source Version: 2.2.10-2+deb11u2 Distribution: bullseye-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Salvatore Bonaccorso Closes: 1005894 1005895 Changes: expat (2.2.10-2+deb11u2) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent stack exhaustion in build_model (CVE-2022-25313) * Prevent integer overflow in storeRawNames (CVE-2022-25315) * Prevent integer overflow in copyString (CVE-2022-25314) * lib: Fix (harmless) use of uninitialized memory * lib: Protect against malicious namespace declarations (CVE-2022-25236) (Closes: #1005895) * tests: Cover CVE-2022-25236 * lib: Drop unused macro UTF8_GET_NAMING * lib: Add missing validation of encoding (CVE-2022-25235) (Closes: #1005894) * lib: Add comments to BT_LEAD* cases where encoding has already been validated * tests: Cover missing validation of encoding (CVE-2022-25235) * Fix build_model regression. * tests: Protect against nested element declaration model regressions Package-Type: udeb Checksums-Sha1: 65b091ad484ca78f0d974ea87812286fb815ebbe 2175 expat_2.2.10-2+deb11u2.dsc 4fe82dd3d1963aeddc0368890cd22fec8a62030c 25192 expat_2.2.10-2+deb11u2.debian.tar.xz Checksums-Sha256: 6baf9313138838ef15bcc454e73c041c8cd0aef70e1f4e074c88f6caabc23fd3 2175 expat_2.2.10-2+deb11u2.dsc 76a3b5cd539b299fac69502009dec3acbb3a4020732df548ddbde4344d8fa27e 25192 expat_2.2.10-2+deb11u2.debian.tar.xz Files: 12361cd6e83af439a8a6d307993fe802 2175 text optional expat_2.2.10-2+deb11u2.dsc eda469432dd5c3d92fa1f761b39d69df 25192 text optional expat_2.2.10-2+deb11u2.debian.tar.xz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmISaGdfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89E/VkP/1c9KBW4loHGtkza9o5IV97sWhg28fNt UuABjSUfXI4JbR2SyEg68VJ0Jczzr15UwOA3OUVNg9B0hNRg6aRuvb2hjeqVg8fj CAjKQDFHS0Ww+evd1Zw7rPtzP9oa1K2lxJT7U7x6zeqDfC3eF1sPMiDWhVTBQZSu /683dM7CvZP48c6p8D2Na0eyIpFO9AKRou9KqhOamNI0//UYH3zktxtS9RhV2G6L 9u/rgRRR2C1GKpxyIaXuyURyGMR5C/RoOZ9Yrz56AFLulnwQbfGeszFn6lv23+MK MkzelMI5bwr9KdArRMYhfcql5vD0SFWRYIokXwI2m+NIR+mK35Pcahz+AXOYTYLi TLuI903JyFVH4g+/ioOMsxSweIRoGJSHbxADc4UK8i1mm7l+BkFHNW6zBqXrcD7X aM02rsDYSZ+fx4daEziH/Gl8yRu3W1De5+3QwtI1lLmtQaw5P39wwsU3W618SLMX JK9WmBwnBU8
Bug#1005894: marked as done (expat: CVE-2022-25235)
Your message dated Sat, 26 Feb 2022 18:47:18 + with message-id and subject line Bug#1005894: fixed in expat 2.2.10-2+deb11u2 has caused the Debian Bug report #1005894, regarding expat: CVE-2022-25235 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1005894: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005894 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: expat Version: 2.4.4-1 Severity: important Tags: security upstream Forwarded: https://github.com/libexpat/libexpat/pull/562 X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for expat. CVE-2022-25235[0]: | xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain | validation of encoding, such as checks for whether a UTF-8 character | is valid in a certain context. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-25235 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235 [1] https://github.com/libexpat/libexpat/pull/562 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: expat Source-Version: 2.2.10-2+deb11u2 Done: Salvatore Bonaccorso We believe that the bug you reported is fixed in the latest version of expat, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1005...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso (supplier of updated expat package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 20 Feb 2022 17:08:18 +0100 Source: expat Architecture: source Version: 2.2.10-2+deb11u2 Distribution: bullseye-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) Changed-By: Salvatore Bonaccorso Closes: 1005894 1005895 Changes: expat (2.2.10-2+deb11u2) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent stack exhaustion in build_model (CVE-2022-25313) * Prevent integer overflow in storeRawNames (CVE-2022-25315) * Prevent integer overflow in copyString (CVE-2022-25314) * lib: Fix (harmless) use of uninitialized memory * lib: Protect against malicious namespace declarations (CVE-2022-25236) (Closes: #1005895) * tests: Cover CVE-2022-25236 * lib: Drop unused macro UTF8_GET_NAMING * lib: Add missing validation of encoding (CVE-2022-25235) (Closes: #1005894) * lib: Add comments to BT_LEAD* cases where encoding has already been validated * tests: Cover missing validation of encoding (CVE-2022-25235) * Fix build_model regression. * tests: Protect against nested element declaration model regressions Package-Type: udeb Checksums-Sha1: 65b091ad484ca78f0d974ea87812286fb815ebbe 2175 expat_2.2.10-2+deb11u2.dsc 4fe82dd3d1963aeddc0368890cd22fec8a62030c 25192 expat_2.2.10-2+deb11u2.debian.tar.xz Checksums-Sha256: 6baf9313138838ef15bcc454e73c041c8cd0aef70e1f4e074c88f6caabc23fd3 2175 expat_2.2.10-2+deb11u2.dsc 76a3b5cd539b299fac69502009dec3acbb3a4020732df548ddbde4344d8fa27e 25192 expat_2.2.10-2+deb11u2.debian.tar.xz Files: 12361cd6e83af439a8a6d307993fe802 2175 text optional expat_2.2.10-2+deb11u2.dsc eda469432dd5c3d92fa1f761b39d69df 25192 text optional expat_2.2.10-2+deb11u2.debian.tar.xz -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmISaGdfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89E/VkP/1c9KBW4loHGtkza9o5IV97sWhg28fNt UuABjSUfXI4JbR2SyEg68VJ0Jczzr15UwOA3OUVNg9B0hNRg6aRuvb2hjeqVg8fj CAjKQDFHS0Ww+evd1Zw7rPtzP9oa1K2lxJT7U7x6zeqDfC3eF1sPMiDWhVTBQZSu /683dM7CvZP48c6p8D2Na0eyIpFO9AKRou9KqhOamNI0//UYH3zktxtS9RhV2G6L 9u/rgRRR2C1GKpxyIaXuyURyGMR5C/RoOZ9Yrz56AFLulnwQbfGeszFn6lv23+MK MkzelMI5bwr9KdArRMYhfcql5vD0SFWRYIokXwI2m+NIR+mK35Pcahz+AXOYTYLi TLuI903JyFVH4g+/ioOMsxSweIRoGJSHbxADc4UK8i1mm7l+BkFHNW6zBqXrcD7X aM02rsDYSZ+fx4daEziH/Gl8yRu3W1De5+3Q
Bug#1006374: marked as done (graphicsmagick breaks ruby-mini-magick autopkgtest: Failure/Error: expect(subject["EXIF:Flash"]).to eq "0")
Your message dated Sat, 26 Feb 2022 17:48:42 + with message-id and subject line Bug#1006374: fixed in graphicsmagick 1.4+really1.3.37+hg16670-1 has caused the Debian Bug report #1006374, regarding graphicsmagick breaks ruby-mini-magick autopkgtest: Failure/Error: expect(subject["EXIF:Flash"]).to eq "0" to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1006374: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006374 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: graphicsmagick, ruby-mini-magick Control: found -1 graphicsmagick/1.4+really1.3.37+hg16662-1 Control: found -1 ruby-mini-magick/4.11.0-1 Severity: serious Tags: sid bookworm X-Debbugs-CC: debian...@lists.debian.org User: debian...@lists.debian.org Usertags: breaks needs-update Dear maintainer(s), With a recent upload of graphicsmagick the autopkgtest of ruby-mini-magick fails in testing when that autopkgtest is run with the binary packages of graphicsmagick from unstable. It passes when run with only packages from testing. In tabular form: passfail graphicsmagick from testing1.4+really1.3.37+hg16662-1 ruby-mini-magick from testing4.11.0-1 all others from testingfrom testing I copied some of the output at the bottom of this report. Currently this regression is blocking the migration of graphicsmagick to testing [1]. Due to the nature of this issue, I filed this bug report against both packages. Can you please investigate the situation and reassign the bug to the right package? More information about this bug and the reason for filing it can be found on https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation Paul [1] https://qa.debian.org/excuses.php?package=graphicsmagick https://ci.debian.net/data/autopkgtest/testing/amd64/r/ruby-mini-magick/19529839/log.gz Failures: 1) With GraphicsMagick MiniMagick::Image#[] reads exif Failure/Error: expect(subject["EXIF:Flash"]).to eq "0" expected: "0" got: "" (compared using ==) # ./spec/lib/mini_magick/image_spec.rb:365:in `block (5 levels) in ' 2) With GraphicsMagick MiniMagick::Image#exif returns a hash of EXIF data Failure/Error: expect(subject.exif["DateTimeOriginal"]).to be_a(String) expected nil to be a kind of String # ./spec/lib/mini_magick/image_spec.rb:404:in `block (5 levels) in ' 3) With GraphicsMagick MiniMagick::Image#exif decodes the ExifVersion Failure/Error: expect(subject.exif["ExifVersion"]).to eq("0220") expected: "0220" got: nil (compared using ==) # ./spec/lib/mini_magick/image_spec.rb:409:in `block (5 levels) in ' Finished in 7.05 seconds (files took 0.41511 seconds to load) 284 examples, 3 failures, 5 pending Failed examples: rspec ./spec/lib/mini_magick/image_spec.rb[2:1:11:3] # With GraphicsMagick MiniMagick::Image#[] reads exif rspec ./spec/lib/mini_magick/image_spec.rb[2:1:16:1] # With GraphicsMagick MiniMagick::Image#exif returns a hash of EXIF data rspec ./spec/lib/mini_magick/image_spec.rb[2:1:16:2] # With GraphicsMagick MiniMagick::Image#exif decodes the ExifVersion /usr/bin/ruby2.7 -I/usr/share/rubygems-integration/all/gems/rspec-support-3.10.3/lib:/usr/share/rubygems-integration/all/gems/rspec-core-3.10.1/lib /usr/share/rubygems-integration/all/gems/rspec-core-3.10.1/exe/rspec --pattern ./spec/\*\*/\*_spec.rb --format documentation failed mv ./.gem2deb.lib lib autopkgtest [10:17:01]: test gem2deb-test-runner OpenPGP_signature Description: OpenPGP digital signature --- End Message --- --- Begin Message --- Source: graphicsmagick Source-Version: 1.4+really1.3.37+hg16670-1 Done: Laszlo Boszormenyi (GCS) We believe that the bug you reported is fixed in the latest version of graphicsmagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1006...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Laszlo Boszormenyi (GCS) (supplier of updated graphicsmagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 26 Feb 2022 17:
Bug#907691: petri-foo: License incompatibility: links with OpenSSL
On 2018-08-31 15:03:38 [+0300], Yavor Doganov wrote: > Package: petri-foo > Version: 0.1.87-4 > Severity: serious > > This package is licensed under GPLv2 only but links with the OpenSSL > library which makes it impossible for distribution as the licenses are > incompatible. See > > https://www.gnu.org/licenses/license-list.html#OpenSSL > https://people.gnome.org/~markmc/openssl-and-the-gpl.html > > You either have to ask the copyright holders to release it under GPL + > OpenSSL exception or modify it to link with another cryptographic > library such as GnuTLS. OpenSSL is considered as a system library so there should no license restriction, see #924937. OpenSSL 3 in experimantal is licensed under the Apache-2 license. Sebastian
Bug#1006374: graphicsmagick breaks ruby-mini-magick autopkgtest: Failure/Error: expect(subject["EXIF:Flash"]).to eq "0"
On Sat, Feb 26, 2022 at 4:56 PM Bob Friesenhahn wrote: > I believe that the problem is that mini-magick is retrieving EXIF > attributes in 'ping' mode but the changeset which caused the problem > only returns the attributes if the image data was read. The solution > was just to move some code. Indeed, that was it. Packaged and going to upload the package soon. > The purpose of 'ping' mode is to avoid expensive operations while > retrieving basic properties. In this particular case, the harm would > already have been done even in 'ping' mode so returning the profiles > does not incur any additional cost. Thanks for the explanation and for the fix itself. Regards, Laszlo/GCS
Bug#1006119: uwsgi: FTBFS with ruby3.0 as default
On Sun, Feb 20, 2022 at 03:26:42PM -0300, Antonio Terceiro wrote: > Control: tag -1 + patch > > On Sat, 19 Feb 2022 14:19:46 +0100 Paul Gevers wrote: > > Source: uwsgi > > Version: 2.0.20-2 > > Severity: serious > > Tags: ftbfs > > Justification: FTBFS > > Control: block -1 by 1004915 > > > > Dear maintainer, > > > > I tried to binNMU your package for the ongoing ruby3.0 as default ruby > > transition. It failed: > > https://buildd.debian.org/status/package.php?p=uwsgi > > > > Paul > > The attached patch converts the rack plugin to ruby3.0. Please let me > know if I should just upload it (requires going through NEW due to the > new bianry package). Sorry, the patch I attached originall is obviously bogus, I typed "echo" instead of "debdiff" when creating applied it. I'm attaching the correct patch now (which I just uploaded, since this is blocking the ruby3.0 transition). diff -Nru uwsgi-2.0.20/debian/changelog uwsgi-2.0.20/debian/changelog --- uwsgi-2.0.20/debian/changelog 2021-10-20 11:15:28.0 -0300 +++ uwsgi-2.0.20/debian/changelog 2022-02-26 12:42:07.0 -0300 @@ -1,3 +1,11 @@ +uwsgi (2.0.20-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Replace uwsgi-plugin-rack-ruby2.7 with uwsgi-plugin-rack-ruby3.0 +(Closes: #1006119) + + -- Antonio Terceiro Sat, 26 Feb 2022 12:42:07 -0300 + uwsgi (2.0.20-2) unstable; urgency=medium * link againt libyajl diff -Nru uwsgi-2.0.20/debian/control uwsgi-2.0.20/debian/control --- uwsgi-2.0.20/debian/control 2021-10-20 11:05:25.0 -0300 +++ uwsgi-2.0.20/debian/control 2022-02-26 12:40:26.0 -0300 @@ -736,7 +736,7 @@ This package provides Python 3 WSGI plugin for uWSGI (linked with Python 3 runtime). -Package: uwsgi-plugin-rack-ruby2.7 +Package: uwsgi-plugin-rack-ruby3.0 Architecture: any Depends: uwsgi-core (= ${binary:Version}), signature.asc Description: PGP signature
Bug#1006374: graphicsmagick breaks ruby-mini-magick autopkgtest: Failure/Error: expect(subject["EXIF:Flash"]).to eq "0"
On Fri, 25 Feb 2022, László Böszörményi wrote: This should be it. Is your GM the latest version from Mercurial? Image: /home/bfriesen/src/minimagick.git/spec/fixtures/exif.jpg Exif Version: 0220 Date Time Original: 2016:11:12 09:17:56 Flash: 0 Package ruby-mini-magick check tree values: EXIF:Flash, DateTimeOriginal and ExifVersion. With GM 1.3.37 it succeeds and gets real values in order 0, a string and 0220 just like in your dump. But with the mentioned GM commit the results are in order "", nil and nil. Maybe the GM output or its variable types changed somehow and now ruby-mini-magick can't parse that? Needs more investigation. I think tomorrow in the evening (CET) I will arrive back home and will try to support you with more details. I believe that the problem is that mini-magick is retrieving EXIF attributes in 'ping' mode but the changeset which caused the problem only returns the attributes if the image data was read. The solution was just to move some code. GraphicsMagick changset 16670:90e1c92a709c addresses this issue, and the fixes are in the 1.4.020220226 signed snapshot. That same snapshot also addresses build problems with development libxml2 which seems to have removed FTP protocol support. FYI, the change to the way JPEG embedded profiles are read is due to a denial of service concern. JPEG stores embedded profiles in several/many chunks. The denial of service concern is that a reasonably sized JPEG file can be constituted mostly of embedded profile chunks with very little compressed image data in each chunk. In this case the reader can take a very long time to "read" image image due to handling embedded profile chunks as the JPEG file is parsed. The new approach improves the efficiency if there are many tiny chunks. The purpose of 'ping' mode is to avoid expensive operations while retrieving basic properties. In this particular case, the harm would already have been done even in 'ping' mode so returning the profiles does not incur any additional cost. Bob -- Bob Friesenhahn bfrie...@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer,http://www.GraphicsMagick.org/ Public Key, http://www.simplesystems.org/users/bfriesen/public-key.txt
Bug#1006286: marked as done (hivex: wrongly detects ruby versions during build)
Your message dated Sat, 26 Feb 2022 15:49:34 + with message-id and subject line Bug#1006286: fixed in hivex 1.3.21-1.1 has caused the Debian Bug report #1006286, regarding hivex: wrongly detects ruby versions during build to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1006286: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006286 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: hivex Version: 1.3.21-1 Severity: serious Tags: patch Justification: FTBFS Control: block 1004915 by -1 Dear maintainer, >From https://salsa.debian.org/libvirt-team/hivex/-/merge_requests/1 ''' It fixes a FTBFS against ruby3.0 (ongoing transition). This is the same patch proposed here to libguestfs: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998636 ''' This isn't totally true as it doesn't FTBFS (yet), but if fails to pick up a dependency on ruby3.0, which is now the default ruby, causing the transition to delay. Paul --- End Message --- --- Begin Message --- Source: hivex Source-Version: 1.3.21-1.1 Done: Antonio Terceiro We believe that the bug you reported is fixed in the latest version of hivex, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1006...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Antonio Terceiro (supplier of updated hivex package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 26 Feb 2022 12:32:10 -0300 Source: hivex Architecture: source Version: 1.3.21-1.1 Distribution: unstable Urgency: medium Maintainer: Debian Libvirt Maintainers Changed-By: Antonio Terceiro Closes: 1006286 Changes: hivex (1.3.21-1.1) unstable; urgency=medium . * Non-maintainer upload. . [Lucas Kanashiro] * d/rules: correctly detect supported ruby versions with with dh_ruby (Closes: #1006286) Checksums-Sha1: 1153fb661ccb73956777d91771f2e61b0305306a 2494 hivex_1.3.21-1.1.dsc c799e1c612f59ff4c3c05c99958be7b9843ad95c 7120 hivex_1.3.21-1.1.debian.tar.xz b3b4728810c8925c715a5d6c5c0e541dacf9b07e 13965 hivex_1.3.21-1.1_source.buildinfo Checksums-Sha256: a31a0c0fcdcf0f409b67a0484e1032141432929fdeafa2cc305fd7951402d468 2494 hivex_1.3.21-1.1.dsc 4f4750c65cc33036ab42499aa67a12ac49c2cfd0f10167bc4eedea3cd84e0801 7120 hivex_1.3.21-1.1.debian.tar.xz b28ea0049f785e3f91c8d7c16c080cac943f46b3ba8cf2e19c8a53ba03bbada3 13965 hivex_1.3.21-1.1_source.buildinfo Files: 701d07159663b01096c2b962cb22b4d7 2494 libs optional hivex_1.3.21-1.1.dsc 1d021243e4aa02a249c7245d3a35357a 7120 libs optional hivex_1.3.21-1.1.debian.tar.xz 96c358db7d611ee51be09866abf1d592 13965 libs optional hivex_1.3.21-1.1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEst7mYDbECCn80PEM/A2xu81GC94FAmIaSZQACgkQ/A2xu81G C96ksBAAli1hNHIFcDRiBvvWoBtcolO63rTAyt3lbKJoj10yr4h2AhYBPzbKPSua QxWJt5uVQaQvxQCoMBn0mqVAoC3yPNGLYWpfdTDld3pgwxzuZHrWml8V4imvxcIw DkhTYFwAjOgYNI3Kv5TLOKbT2breVmO15qfBnR2dnoplQwNnqlrNNMl0sf8JRoEw OW0Gt83donXTgZ4cyEnRJuVJKCbnWZCYAceY1I9Nxbo150mblH1UtlE2iE21oEiY bqJQgq3kGzzVzQ1vGWuHhsS7VvS/SqZ4jgAn/8l6oSrlbFa08p7dWHnCK5F4kWGi u8YrlZyXZRM7WqALk1j2qOe090q3UIz13RpOgWFU4wcaiFK2uDeFnyXX1fdA6eQj dufFgyIdPIVWrY8Ix5xE3R7dtLFF2dhBuGmjif9AnyTkn5o7JSYnUwMooQFRRXIQ XjYXwAoUQmi7zIribcOa9s1QT6IJJbpWbfpzU7j1vO7p25AZCjw1S73ZktfuysV8 xTFMkSHtQUyL/CNfkyT8nCMtSXLf0rEK/sVpWzUWkYemHBbsq0vajmDsbxbB5vPb yJscuwOdOImJsyfQ2g7uDmjjzJkh0Z/e1UUlQpXx6GoZ8lRKTAJq4xMvn/DPbgwP A7+ODdKNBT83FXhtrVloO7JJGEzB0Vb0gnGd45mSrHOA7yn3YvQ= =2cJ1 -END PGP SIGNATURE End Message ---
Bug#1001217: marked as done (FTBFS against Ruby 3.0)
Your message dated Sat, 26 Feb 2022 15:49:10 + with message-id and subject line Bug#1001217: fixed in dislocker 0.7.3-2.1 has caused the Debian Bug report #1001217, regarding FTBFS against Ruby 3.0 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1001217: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001217 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: dislocker Version: 0.7.3-2 Severity: important Tags: patch bookworm sid User: debian-r...@lists.debian.org Usertags: ruby3.0 Dear maintainer, The current version of dislocker does not support Ruby 3.0, please apply the upstream patch below: https://github.com/Aorimn/dislocker/commit/77fcdd8e00e6934d4e503aaf9743d563f249129d It will fix the current FTBFS against ruby3.0. TIA! -- Lucas Kanashiro --- End Message --- --- Begin Message --- Source: dislocker Source-Version: 0.7.3-2.1 Done: Antonio Terceiro We believe that the bug you reported is fixed in the latest version of dislocker, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1001...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Antonio Terceiro (supplier of updated dislocker package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 26 Feb 2022 12:29:12 -0300 Source: dislocker Architecture: source Version: 0.7.3-2.1 Distribution: unstable Urgency: medium Maintainer: Debian Security Tools Changed-By: Antonio Terceiro Closes: 1001217 Changes: dislocker (0.7.3-2.1) unstable; urgency=medium . * Non-maintainer upload. * Apply upstream patch to fix build against ruby3.0 (Closes: #1001217) Checksums-Sha1: d9b1ed1521864d68c2744c9159d87e5c2dff9360 2169 dislocker_0.7.3-2.1.dsc 4902b4b0576755ef4816c8e3f6ae2807876880bb 10392 dislocker_0.7.3-2.1.debian.tar.xz 94ee5534be352adce258a1e564c0bbd99137e398 7846 dislocker_0.7.3-2.1_source.buildinfo Checksums-Sha256: 4cc9a10aa0827f860be0b3a6960caea0d29ac21e95c35748d383df002d5be191 2169 dislocker_0.7.3-2.1.dsc 42e6ce102f097e40c580e3fb00ce180f28fd0585f0e9313d64145ac729dd1dc1 10392 dislocker_0.7.3-2.1.debian.tar.xz 34bc204f33f8a88173a895d105e1c409786b4bd17696fe8220853b49791fea17 7846 dislocker_0.7.3-2.1_source.buildinfo Files: ccf053084cf78e129a91ee2521205f48 2169 utils optional dislocker_0.7.3-2.1.dsc 741244383cdd33313b0cab0cc80709ae 10392 utils optional dislocker_0.7.3-2.1.debian.tar.xz 10f429a0c02a55a9642192cf88f00b11 7846 utils optional dislocker_0.7.3-2.1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEst7mYDbECCn80PEM/A2xu81GC94FAmIaR8wACgkQ/A2xu81G C95X0hAA6cyEy6KTpgaFyBekSpt12XZyiq1uljRMtnGEeBEeHv6NsHXgXHCao0FY ug5k+Kmu5fFMsHELckSKATBxLdxcipDlV56+p5e1Tfkmp4AjWB9dsuPQaV2qxcr/ 61eEChLoEeBxsW5HkFF6mqNAtMdeyoR6QbZbU0Sd7CRm/CsHRUiFtbu/KjphENfG c2HRzxYlAs7SByqzGZsvvIEqWMxNzeSGX/q8JT+u48Z0wqqghmeP60s3t1hwtxqJ TQtCj0axGDS4A2UoW9LpJhx6Kje81l8eDqRZJDhtgo+cUOUjnMWqRgoQVI4cTFFW YVfedzVehOOypXPNqD+hAcAaPT+auZPcQebWNAcu7ez8ceUZ+ODDxy4QBoas/Eco Q8i1hnU38NycgVB33EKyEguWsFq5BSKokJDeZH0rk8h32xUy1JIKoy8ofSsXSxvS B5wXUVW1SmBOpT3gRb0js8FPts5rTbLyVSj2/G+yyr5E1ABq+63PqLCDtwVi5vfc Cx9KmTJ6a7sWg+VVPP0iGDVds1Gj5lrnHKBfOvDx4Rh9MWu8jDEwftmOuQ6v/ZwX o5jI/hvl/cLi48quEyHYhcl+5gUZmLzfhVrBs988rC89PXzt3Ts9c3xd4wPejD35 2qRSWQ+C+GePeiObX0NlfgNYkesJ3WnpRfhWSb4UHaE7Gqtu1Og= =nDzJ -END PGP SIGNATURE End Message ---
Bug#1005858: gh,gitsome: File conflict, both ship /usr/bin/gh
Hi, gh package maintainer Axel Beckert 於 2022年2月16日 週三 下午2:15寫道: > Package: gh,gitsome > Severity: serious > Control: found -1 gitsome/0.8.0+ds-6 > Control: found -1 gh/2.4.0+dfsg1-1 > > Hi, > > installing gh fails for me as follows: > > Unpacking gh (2.4.0+dfsg1-1) ... > dpkg: error processing archive > /tmp/apt-dpkg-install-DkqFj5/24-gh_2.4.0+dfsg1-1_amd64.deb (--unpack): > trying to overwrite '/usr/bin/gh', which is also in package gitsome > 0.8.0+ds-6 > According to the Debian policy [1], "the two different packages must not install programs with different functionality but with the same filenames. ... If this case happens, one of the programs must be renamed." [1] https://www.debian.org/doc/debian-policy/ch-files.html#s-binaries The "gitsome" has used "gh" since 2017, and thus would you mind renaming the "gh" in your package to avoid the conflict issue? I would appreciate it if you could consider my request, and feel free to let me know if you have another proposal. Regards, SZ > > -- System Information: > Debian Release: bookworm/sid > APT prefers unstable > APT policy: (990, 'unstable'), (600, 'testing'), (500, > 'unstable-debug'), (500, 'buildd-unstable'), (110, 'experimental'), (1, > 'experimental-debug'), (1, 'buildd-experimental') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 5.16.0-1-amd64 (SMP w/4 CPU threads; PREEMPT) > Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE > Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set > Shell: /bin/sh linked to /bin/dash > Init: sysvinit (via /sbin/init) > LSM: AppArmor: enabled >
Bug#1006500: Missing bnx2x firmware 7.13.21.0 renders NIC unusable with Linux 5.16
Package: firmware-bnx2x Version: 20210818-1 Severity: grave On Linux 5.16, the bnx2x module requests firmware 7.13.21.0: # modinfo bnx2x filename: /lib/modules/5.16.0-2-amd64/kernel/drivers/net/ethernet/broadcom/bnx2x/bnx2x.ko firmware: bnx2x/bnx2x-e2-7.13.21.0.fw firmware: bnx2x/bnx2x-e1h-7.13.21.0.fw firmware: bnx2x/bnx2x-e1-7.13.21.0.fw This firmware is not present in the firmware-bnx2x package. Now, my understanding is that the bnx2x module can fall back to an earlier version (7.13.15.0) as needed, but in practice that might not actually help, because update-initramfs only looks for the firmware version from the module information and doesn't include any other version: # update-initramfs -u W: Possible missing firmware /lib/firmware/bnx2x/bnx2x-e2-7.13.21.0.fw for module bnx2x W: Possible missing firmware /lib/firmware/bnx2x/bnx2x-e1h-7.13.21.0.fw for module bnx2x W: Possible missing firmware /lib/firmware/bnx2x/bnx2x-e1-7.13.21.0.fw for module bnx2x Since no firmware is included in the initramfs, the bnx2x module unsurprisingly fails to initialize on boot: kernel: bnx2x :02:00.1: firmware: failed to load bnx2x/bnx2x-e2-7.13.21.0.fw (-2) kernel: bnx2x :02:00.1: Direct firmware load for bnx2x/bnx2x-e2-7.13.21.0.fw failed with error -2 kernel: bnx2x :02:00.1: firmware: failed to load bnx2x/bnx2x-e2-7.13.15.0.fw (-2) kernel: bnx2x :02:00.1: Direct firmware load for bnx2x/bnx2x-e2-7.13.15.0.fw failed with error -2 Adding insult to injury, it doesn't look like it's possible to recover from this state - as far as I could tell, once bnx2x fails to initialize, it's game over until the next reboot, even if the module is unloaded and reloaded, and even if the PCI device is removed and rescanned. This basically means that, when booting current Debian Unstable with Linux 5.16, bnx2x NICs become *permanently unusable*, potentially locking users and admins out of the system. My suggested short-term fix would be to update the firmware-bnx2x package to include the 7.13.21.0 firmware version. There's also a discussion to be had with regard to update-initramfs, which should perhaps try harder to find potentially compatible firmware versions - indeed, if update-initramfs had included 7.13.15.0, I believe this issue would have been avoided. For those affected, here's the workaround I used: 1. Manually download the 7.13.21.0 firmware files from https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/bnx2x 2. Put the files in /lib/firmware/bnx2x 3. Run update-initramfs -u 4. Reboot
Processed: tagging 1005684
Processing commands for cont...@bugs.debian.org: > tags 1005684 + pending Bug #1005684 [src:kate] kate: FTBFS: dh_missing: warning: usr/share/kservices5/plasma-applet-org.kde.plasma.katesessions.desktop exists in debian/tmp but is not installed to anywhere Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1005684: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005684 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1004935: marked as done (connman: CVE-2022-23096 CVE-2022-23097 CVE-2022-23098)
Your message dated Sat, 26 Feb 2022 10:34:08 + with message-id and subject line Bug#1004935: fixed in connman 1.36-2.4 has caused the Debian Bug report #1004935, regarding connman: CVE-2022-23096 CVE-2022-23097 CVE-2022-23098 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1004935: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004935 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: connman Version: 1.36-2.3 Severity: grave Tags: security upstream Forwarded: https://lore.kernel.org/connman/20220125090026.5108-1-w...@monom.org/ X-Debbugs-Cc: car...@debian.org, Debian Security Team Control: found -1 1.36-2.2 Control: found -1 1.36-2.1~deb10u1 Control: found -1 1.36-2.1~deb10u2 Hi, The following vulnerabilities were published for connman. CVE-2022-23096[0]: | An issue was discovered in the DNS proxy in Connman through 1.40. The | TCP server reply implementation lacks a check for the presence of | sufficient Header Data, leading to an out-of-bounds read. CVE-2022-23097[1]: | An issue was discovered in the DNS proxy in Connman through 1.40. | forward_dns_reply mishandles a strnlen call, leading to an out-of- | bounds read. CVE-2022-23098[2]: | An issue was discovered in the DNS proxy in Connman through 1.40. The | TCP server reply implementation has an infinite loop if no data is | received. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-23096 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23096 [1] https://security-tracker.debian.org/tracker/CVE-2022-23097 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23097 [2] https://security-tracker.debian.org/tracker/CVE-2022-23098 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23098 Regards, Salvatore --- End Message --- --- Begin Message --- Source: connman Source-Version: 1.36-2.4 Done: Ross Vandegrift We believe that the bug you reported is fixed in the latest version of connman, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1004...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ross Vandegrift (supplier of updated connman package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 25 Feb 2022 21:06:06 -0800 Source: connman Architecture: source Version: 1.36-2.4 Distribution: unstable Urgency: medium Maintainer: Alexander Sack Changed-By: Ross Vandegrift Closes: 1004935 Changes: connman (1.36-2.4) unstable; urgency=medium . * d/patches: (Closes: #1004935) + 0008-dnsproxy-Validate-input-data-before-using-them.patch: fixes CVE-2022-23096, CVE-2022-23097 + 0009-dnsproxy-Avoid-100-busy-loop-in-TCP-server-case.patch: fixes CVE-2022-23098 * Bump debhelper version from deprecated 11 to 12 Checksums-Sha1: 71e22d3105e4f02afba7f1cd4fcec9911c53b6ac 2045 connman_1.36-2.4.dsc a95de88049c1653d5a9d16a1a66e96c84f468b9f 18000 connman_1.36-2.4.debian.tar.xz 606803286056189eaf06b8b1f4366dd3f2d53b2e 8043 connman_1.36-2.4_source.buildinfo Checksums-Sha256: e986baa37a0fc2f45230e57aceb490d82bc6404facfe7a6ea37586bcff78a6c0 2045 connman_1.36-2.4.dsc 65e35cc6e998ff8dfa83b528b52c447c8b4b815a01a77605fc266aeb959f3065 18000 connman_1.36-2.4.debian.tar.xz 43a38c0d97a92806d1d242a67b5db155d1f498daaab90266d50edceb7705d91d 8043 connman_1.36-2.4_source.buildinfo Files: 127bb3519573610fe62440217e43ffae 2045 net optional connman_1.36-2.4.dsc 3d026eff0891a04215d023724581035a 18000 net optional connman_1.36-2.4.debian.tar.xz 113fcf830577b931c6743f9fb32121a1 8043 net optional connman_1.36-2.4_source.buildinfo -BEGIN PGP SIGNATURE- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmIaABsQHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFJDsC/9Y6sdZkmb9ojMz4/x3BjnFrMgQy99yxw7R R1CbYwSzSOOy2rfh4A5rknikyHxtBdt/EHG2ZcSGpR2LCa2xx3trcz9M8UbyfcvI /WgRSwS14DW7mCFKpr0+oqAtA+s0S1Pz8dCRTNOChyO+acrokY9dUKBW2LLoLOEI 1RIe+jXt4zs1ijEh4ogFoTfr+/776l5XV12/TpLZfqm9pDi+lyGn3M72aEoY5Pz9 1IwjdDiw3DHs4luXf+uTuIPYH0gB0lqsW/dRRLBm8WOtDa9fn
Bug#1004935: connman: CVE-2022-23096 CVE-2022-23097 CVE-2022-23098
As no package maintainer stepped up to fix this, I am NMUing the package with the enclosed changes.diff -Nru connman-1.36/debian/changelog connman-1.36/debian/changelog --- connman-1.36/debian/changelog 2021-10-09 22:49:52.0 +0200 +++ connman-1.36/debian/changelog 2022-02-26 06:06:06.0 +0100 @@ -1,3 +1,14 @@ +connman (1.36-2.4) unstable; urgency=medium + + * d/patches: (Closes: #1004935) ++ 0008-dnsproxy-Validate-input-data-before-using-them.patch: fixes + CVE-2022-23096, CVE-2022-23097 ++ 0009-dnsproxy-Avoid-100-busy-loop-in-TCP-server-case.patch: fixes + CVE-2022-23098 + * Bump debhelper version from deprecated 11 to 12 + + -- Ross Vandegrift Fri, 25 Feb 2022 21:06:06 -0800 + connman (1.36-2.3) unstable; urgency=medium * Non-maintainer upload. diff -Nru connman-1.36/debian/compat connman-1.36/debian/compat --- connman-1.36/debian/compat 2021-10-09 22:49:52.0 +0200 +++ connman-1.36/debian/compat 1970-01-01 01:00:00.0 +0100 @@ -1 +0,0 @@ -11 diff -Nru connman-1.36/debian/control connman-1.36/debian/control --- connman-1.36/debian/control 2021-10-09 22:49:52.0 +0200 +++ connman-1.36/debian/control 2022-02-26 06:06:06.0 +0100 @@ -3,7 +3,7 @@ Uploaders: Alf Gaida Section: net Priority: optional -Build-Depends: debhelper (>= 11~), +Build-Depends: debhelper-compat (= 12), libudev-dev, libglib2.0-dev, libdbus-1-dev, diff -Nru connman-1.36/debian/patches/0008-dnsproxy-Validate-input-data-before-using-them.patch connman-1.36/debian/patches/0008-dnsproxy-Validate-input-data-before-using-them.patch --- connman-1.36/debian/patches/0008-dnsproxy-Validate-input-data-before-using-them.patch 1970-01-01 01:00:00.0 +0100 +++ connman-1.36/debian/patches/0008-dnsproxy-Validate-input-data-before-using-them.patch 2022-02-26 06:06:06.0 +0100 @@ -0,0 +1,111 @@ +From: Daniel Wagner +Date: Tue, 25 Jan 2022 10:00:24 +0100 +Subject: dnsproxy: Validate input data before using them + +dnsproxy is not validating various input data. Add a bunch of checks. + +Fixes: CVE-2022-23097 +Fixes: CVE-2022-23096 +--- + src/dnsproxy.c | 32 ++-- + 1 file changed, 26 insertions(+), 6 deletions(-) + +diff --git a/src/dnsproxy.c b/src/dnsproxy.c +index e297f1f..852fa44 100644 +--- a/src/dnsproxy.c b/src/dnsproxy.c +@@ -1951,6 +1951,12 @@ static int forward_dns_reply(unsigned char *reply, int reply_len, int protocol, + + if (offset < 0) + return offset; ++ if (reply_len < 0) ++ return -EINVAL; ++ if (reply_len < offset + 1) ++ return -EINVAL; ++ if ((size_t)reply_len < sizeof(struct domain_hdr)) ++ return -EINVAL; + + hdr = (void *)(reply + offset); + dns_id = reply[offset] | reply[offset + 1] << 8; +@@ -1986,23 +1992,31 @@ static int forward_dns_reply(unsigned char *reply, int reply_len, int protocol, +*/ + if (req->append_domain && ntohs(hdr->qdcount) == 1) { + uint16_t domain_len = 0; +- uint16_t header_len; ++ uint16_t header_len, payload_len; + uint16_t dns_type, dns_class; + uint8_t host_len, dns_type_pos; + char uncompressed[NS_MAXDNAME], *uptr; + char *ptr, *eom = (char *)reply + reply_len; ++ char *domain; + + /* +* ptr points to the first char of the hostname. +* ->hostname.domain.net +*/ + header_len = offset + sizeof(struct domain_hdr); ++ if (reply_len < header_len) ++ return -EINVAL; ++ payload_len = reply_len - header_len; ++ + ptr = (char *)reply + header_len; + + host_len = *ptr; ++ domain = ptr + 1 + host_len; ++ if (domain > eom) ++ return -EINVAL; ++ + if (host_len > 0) +- domain_len = strnlen(ptr + 1 + host_len, +- reply_len - header_len); ++ domain_len = strnlen(domain, eom - domain); + + /* +* If the query type is anything other than A or , +@@ -2011,6 +2025,8 @@ static int forward_dns_reply(unsigned char *reply, int reply_len, int protocol, +*/ + dns_type_pos = host_len + 1 + domain_len + 1; + ++ if (ptr + (dns_type_pos + 3) > eom) ++ return -EINVAL; + dns_type = ptr[dns_type_pos] << 8 | + p
Bug#1006368: marked as done (upowerd: cannot open '/dev/input/event3': Success)
Your message dated Sat, 26 Feb 2022 10:05:40 + with message-id and subject line Bug#1006368: fixed in upower 0.99.16-2 has caused the Debian Bug report #1006368, regarding upowerd: cannot open '/dev/input/event3': Success to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1006368: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006368 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: upower Version: 0.99.16-1 Since the update to version 0.99.16-1 upowerd issues the following log with priority warning: cannot open '/dev/input/event3': Success In verbose mode the output is: Feb 24 12:21:02 dlaptop systemd[1]: Starting Daemon for power management... Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02Acquired inhibitor lock (7, delay) Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02Starting upowerd version 0.99.16 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02daemon now coldplug Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02registering subsystem : power_supply Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02taking a guess for power supply scope Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02added native-path: AC0 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02object path = /org/freedesktop/UPower/devices/line_power_AC0 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02added AC0 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02emitting added: /org/freedesktop/UPower/devices/line_power_AC0 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02on_battery = no Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02warning_level = none Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02taking a guess for power supply scope Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02Setup poll for 'BAT0' every 120 seconds Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02using min design voltage Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02Setup poll for 'BAT0' every 120 seconds Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02Setup poll for 'BAT0' every 120 seconds Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02Setup poll for 'BAT0' every 120 seconds Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02Setup poll for 'BAT0' every 120 seconds Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02using min design voltage Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02Setup poll for 'BAT0' every 120 seconds Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02Setup poll for 'BAT0' every 120 seconds Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02Setup poll for 'BAT0' every 120 seconds Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02added native-path: BAT0 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02using id: ASUS_Battery-56 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02loading 199 items of data from /var/lib/upower/history-rate-ASUS_Battery-56.dat Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02loading 120 items of data from /var/lib/upower/history-charge-ASUS_Battery-56.dat Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02loading 54 items of data from /var/lib/upower/history-time-full-ASUS_Battery-56.dat Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02loading 156 items of data from /var/lib/upower/history-time-empty-ASUS_Battery-56.dat Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02saving in 600 seconds Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02object path = /org/freedesktop/UPower/devices/battery_BAT0 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02added BAT0 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02emitting added: /org/freedesktop/UPower/devices/battery_BAT0 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02on_battery = yes Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02registering subsystem : usb Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02failed to coldplug /sys/devices/pci:00/:00:1d.0/usb1 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02failed to coldplug /sys/devices/pci:00/:00:1d.0/usb1 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02failed to coldplug /sys/devices/pci:00/:00:1d.0/usb1/1-0:1.0 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02failed to coldplug /sys/devices/pci:00/:00:1d.0/usb1/1-0:1.0 Feb 24 12:21:02 dlaptop upowerd[4395]: TI:12:21:02failed to coldplug /sys/dev
Bug#1005438: pygame: FTBFS: dh_auto_test: error: pybuild --test -i python{version} -p "3.10 3.9" --system=custom --test-args "/usr/bin/xvfb-run {interpreter} -m pygame.tests.__main__ --exclude opengl"
Dnia Tue, Feb 22, 2022 at 08:57:25AM +0100, Andreas Tille napisał(a): > I had a look into this issue since a Debian Med package received a > testing removal warning. I can confirm the build fails with > >Segmentation fault > > in the build time test suite. Just out of curiosity I ran the tests during build under GDB (simply inserting "gdb --args" right before the "{interpreter}" in the overrite_dh_auto_test rule in debian/rules). It seems like the segfault is in the freetype library, when loading a font, rather than in pygame (though I guess the root cause could be pygame passing garbage to freetype? - I have zero knowledge about the API). Cc-ing Hugh in case he can provide some hints about what might be going on here. This does not change the fact that it would be great to move to pygame2 :-) loading pygame.tests.freetype_test loading pygame.tests.ftfont_test Thread 1 "python3.10" received signal SIGSEGV, Segmentation fault. 0x7fde9aeb34e3 in FT_Done_Face (face=0x7fde96aa04d8) at ./src/base/ftobjs.c:2836 2836./src/base/ftobjs.c: No such file or directory. (gdb) bt full #0 0x7fde9aeb34e3 in FT_Done_Face (face=0x7fde96aa04d8) at ./src/base/ftobjs.c:2836 error = 35 driver = memory = node = #1 0x7fde9af11479 in ftc_face_node_done (ftcnode=0x1fce450, ftcmanager=) at ./src/cache/ftcmanag.c:272 node = 0x1fce450 manager = #2 0x7fde9af11872 in FTC_MruList_New (list=0x1ec9928, key=0x7fde970bb200, anode=anode@entry=0x7ffce3eb1bc0) at ./src/cache/ftcmru.c:281 error = 1 node = 0x1fce450 memory = 0x1e70c40 #3 0x7fde9af12bbf in FTC_Manager_LookupFace (manager=, face_id=face_id@entry=0x7fde970bb200, aface=aface@entry=0x7ffce3eb1be0) at ./src/cache/ftcmanag.c:324 _pfirst = _compare = 0x7fde9af102d0 _first = _node = error = 0 mrunode = 0x7fde9ca14638 #4 0x7fde982a5228 in _PGFT_GetFont (ft=ft@entry=0x20bc470, fontobj=fontobj@entry=0x7fde970bb1f0) at src_c/freetype/ft_wrap.c:321 error = font = 0x0 #5 0x7fde982a550c in init (ft=ft@entry=0x20bc470, fontobj=fontobj@entry=0x7fde970bb1f0) at src_c/freetype/ft_wrap.c:386 font = #6 0x7fde982a58be in _PGFT_TryLoadFont_Filename (ft=ft@entry=0x20bc470, fontobj=fontobj@entry=0x7fde970bb1f0, filename=, font_index=) at src_c/freetype/ft_wrap.c:442 filename_alloc = file_len = #7 0x7fde9829d3d0 in _ftfont_init (self=0x7fde970bb1f0, args=, kwds=) at src_c/_freetype.c:823 kwlist = {0x7fde982a7bb3 "file", 0x7fde982a7cca "size", 0x7fde982a75cc "font_index", 0x7fde982a777c "resolution", 0x7fde982a75d7 "ucs4", 0x0} file = 0x7fde96f44d30 original_file = 0x7fde96f2a240 font_index = 0 face_size = {x = 1280, y = 0} ucs4 = 0 resolution = 0 size = 0 height = 0 width = 0 x_ppem = 0 y_ppem = 0 rval = -1 source = ft = 0x20bc470 #8 0x00599823 in () #9 0x00531efb in _PyObject_MakeTpCall () #10 0x0052c946 in _PyEval_EvalFrameDefault () #11 0x0053105a in _PyObject_FastCallDictTstate () #12 0x005446ab in () #13 0x00532228 in () #14 0x00549149 in PyObject_Call () #15 0x00528a93 in _PyEval_EvalFrameDefault () #16 0x0053b7ff in _PyFunction_Vectorcall () #17 0x00526ca7 in _PyEval_EvalFrameDefault () #18 0x0053b7ff in _PyFunction_Vectorcall () --Type for more, q to quit, c to continue without paging--c #19 0x00526ca7 in _PyEval_EvalFrameDefault () #20 0x0054884c in () #21 0x00526aba in _PyEval_EvalFrameDefault () #22 0x0053b7ff in _PyFunction_Vectorcall () #23 0x00526ca7 in _PyEval_EvalFrameDefault () #24 0x0053b7ff in _PyFunction_Vectorcall () #25 0x0054893a in () #26 0x00528a93 in _PyEval_EvalFrameDefault () #27 0x0053105a in _PyObject_FastCallDictTstate () #28 0x005459b9 in _PyObject_Call_Prepend () #29 0x005c2c33 in () #30 0x00531efb in _PyObject_MakeTpCall () #31 0x0052b9ee in _PyEval_EvalFrameDefault () #32 0x0053b7ff in _PyFunction_Vectorcall () #33 0x0054893a in () #34 0x00528a93 in _PyEval_EvalFrameDefault () #35 0x0053105a in _PyObject_FastCallDictTstate () #36 0x005459b9 in _PyObject_Call_Prepend () #37 0x005c2c33 in () #38 0x00531efb in _PyObject_MakeTpCall () #39 0x0052b9ee in _PyEval_EvalFrameDefault () #40 0x0053b7ff in _PyFunction_Vectorcall () #41 0x0054893a in () #42 0x00528a93 in _PyEval_EvalFrameDefault () #43 0x0053105a in _PyObject_FastCallDictTstate () #44 0x005459b9 in _PyObject_Call_Prepend () #45 0x005c2c33 in () #46 0x00531efb in _PyObject_MakeTpCall () #47 0x0052b9ee in _PyEval_EvalFrameDefault () #48
Bug#1006485: fscrypt: CVE-2022-25326 CVE-2022-25327 CVE-2022-25328
Source: fscrypt Version: 0.3.1-1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerabilities were published for fscrypt. CVE-2022-25326[0]: | fscrypt through v0.3.2 creates a world-writable directory by default | when setting up a filesystem, allowing unprivileged users to exhaust | filesystem space. We recommend upgrading to fscrypt 0.3.3 or above and | adjusting the permissions on existing fscrypt metadata directories | where applicable. CVE-2022-25327[1]: | The PAM module for fscrypt doesn't adequately validate fscrypt | metadata files, allowing users to create malicious metadata files that | prevent other users from logging in. A local user can cause a denial | of service by creating a fscrypt metadata file that prevents other | users from logging into the system. We recommend upgrading to version | 0.3.3 or above CVE-2022-25328[2]: | The bash_completion script for fscrypt allows injection of commands | via crafted mountpoint paths, allowing privilege escalation under a | specific set of circumstances. A local user who has control over | mountpoint paths could potentially escalate their privileges if they | create a malicious mountpoint path and if the system administrator | happens to be using the fscrypt bash completion script to complete | mountpoint paths. We recommend upgrading to version 0.3.3 or above The issues do not warrant a DSA, but depending on feasibility it would be good th ave the fixes available as well in bullseye and buster through a point release. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-25326 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25326 [1] https://security-tracker.debian.org/tracker/CVE-2022-25327 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25327 [2] https://security-tracker.debian.org/tracker/CVE-2022-25328 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25328 [3] https://www.openwall.com/lists/oss-security/2022/02/24/1 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
Processed: bug 1006333 is forwarded to https://lab.louiz.org/louiz/biboumi/-/issues/3465
Processing commands for cont...@bugs.debian.org: > forwarded 1006333 https://lab.louiz.org/louiz/biboumi/-/issues/3465 Bug #1006333 [biboumi] biboumi: fail to start after libexpat1 update Set Bug forwarded-to-address to 'https://lab.louiz.org/louiz/biboumi/-/issues/3465'. > thanks Stopping processing here. Please contact me if you need assistance. -- 1006333: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006333 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: bug #1005618 forwarded to upstream fix
Processing commands for cont...@bugs.debian.org: > forwarded 1005618 https://github.com/vagnum08/cpupower-gui/commit/97f8ac02 Bug #1005618 [src:cpupower-gui] cpupower-gui: FTBFS: ../data/meson.build:12:0: ERROR: Function does not take positional arguments. Set Bug forwarded-to-address to 'https://github.com/vagnum08/cpupower-gui/commit/97f8ac02'. > -- Stopping processing here. Please contact me if you need assistance. -- 1005618: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005618 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems